DevOps and Docker Talk: Cloud Native Interviews and Tooling

Bret and Matt are joined by Chad Crowell of KubeSkills to walk through how you can contribute to Kubernetes open source.Chad started the kubeskills.com community and podcast to focus on learning Kubernetes by doing and in this episode, he's taking us through a detailed guide on how to get involved in the Kubernetes community.Although Kubernetes and other CNCF projects may seem big and complex with tons of activity, Chad helps us understand how the maturity of the projects and the community make it a much more pleasant onboarding experience for first-time contributors. We go through a wide range of resources and steps to help your first issue or pull request go smoothly.Live recording of this show from March 9, 2023 is on YouTube (Ep. #206).★Topics★Learning K8s by Open Source PDF slidesFirst Timers Only websiteK8s Contributor Community HomepageList of K8s SIGsK8s SlackOpen Sauced websiteK8s Contributors onboarding courseKube Cuddle podcast with Joe BedaLearning K8s Skills You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Cristi Cotovan - Editor Beth Fisher - Producer Matt Williams - Host Chad M. Crowell - Guest (00:00) - Intro (02:45) - Chad's Book (05:11) - Learning platforms (05:37) - Another way to learn (06:44) - SIGs (07:47) - Community or Contributor Experience SIG (10:06) - Volunteers (11:27) - For those who want to start contributing (13:50) - The different tags (14:48) - Good first issues (16:01) - Bret's first Docker fix (16:50) - Who determines the first issues? (18:37) - OpenSauced (19:16) - Finding the next steps after learning (19:59) - Dashboard to track contributions (20:42) - A very friendly community (22:30) - Who's paying for OpenSauced? (23:06) - How to build your rep on the internet (24:57) - Github Flow, Breaking it down (27:24) - Eddie Hub (28:10) - Assign yourself to the issue (28:50) - Compile Kubernetes (30:14) - Tracking the pull request lifecycle (31:44) - Changing the k8s reference issue (35:17) - Kubernetes Slack Channels (35:59) - SIG mailing lists (36:44) - Getting feedback before you do the work (38:18) - How do you give up and issue? (39:53) - Correlating issues with Slack (40:28) - Start with an issue first (41:24) - Random PRs don't go well (43:00) - Onboarding course (44:11) - Cheat sheet (44:26) - What Chad has learned from contributing (46:09) - Online resources (48:48) - Certifications and exams (50:46) - Matt's comment about a podcast (52:48) - Wrap up

Bret is joined by fellow Docker Captain Nuno do Carmo to talk about desktop container solutions and the best Docker setup for Windows 11. Nuno's a Docker Captain, Civo Ambassador, Microsoft MVP, and a big fan of Windows and Cloud Native. I've had him on the show before, because the more you use the Windows Subsystem for Linux and Docker Desktop, the more you'll want to use WSL.Nuno helps answer many questions such as where are the Linux files stored, managing the CPU and memory resources, backing up files in WSL, getting the host Windows Explorer into the Linux filesystem, getting back to the Windows file system from the Linux shell and more!Live recording of this show from February 23, 2023 on YouTube (Ep. #204). Includes demos.★Topics★Nuno's WSL blogBret's Docker Desktop alternatives listRancher Desktop websitePodman Desktop websiteYou can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Beth Fisher - Producer Cristi Cotovan - Editor Nuno do Carmo - Guest (00:00) - Intro (00:52) - Episode intro (02:27) - Main show (02:39) - Reflecting on the Docker birthday (03:25) - Bret's Maven Course (03:27) - Introducing Nuno (04:34) - All starts with WSL (05:13) - Mac vs Windows (05:33) - WSL1 and WSL2 (08:28) - Question Linux in VM vs WSL (12:51) - Filesystems and performance (14:34) - Setting yourself up for success with WSL (15:37) - WSL not installed by default with Windows (17:16) - Demo start (18:20) - Line endings issue in the past (18:56) - The tooling is WSL-aware (20:00) - VHDx (21:01) - Demo (24:22) - Bret re-explains it (27:01) - Question SSH into WSL (29:12) - Question How do you make a fresh WSL VM? (31:25) - Question What does mount show in Linux (32:37) - Question (33:28) - Taking snapshots with Raft WSL (34:08) - Question distros and VHDx files (35:45) - Deleting or losing your distros (37:17) - Question (39:45) - Ecosystem and options - the spreadsheet (42:11) - Demos (42:18) - Podman desktop (45:00) - Comment on Red Hat on Windows (46:13) - Rancher Desktop (53:19) - Demo (53:50) - Process isolation on Windows

Bret is joined by Project Calico's Tomas Hruby from Tigera to dig into Calico CNI features for Kubernetes and beyond. Calico can be used in a lot of places, including Linux, Windows, containers, bare metal, eBPF or iptables. Many of us learned about it as a CNI option for Kubernetes network and networking policy.Streamed live on YouTube on February 9, 2023.Unedited live recording of this show on YouTube (Ep. #202). Includes demos.★Topics★Project CalicoTigera WebsiteProject Calico on Tigera's WebsiteCreators & Guests Bret Fisher - Host Beth Fisher - Producer Cristi Cotovan - Editor Tomas Hruby - Guest You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com★Join my Community★New live course on CI automation and gitops deploymentsBest coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansGrab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - Intro (00:52) - About this episode (01:31) - Main show (01:36) - In today's episode (03:00) - How did Tomas get started with Calico? (03:28) - Projects are typically open source and SaaS (04:07) - Project Calico elevator pitch (05:26) - What can Calico do? (06:33) - The origins of Calico (07:13) - Docker got Kubernetes started (08:25) - Project Calico on Github (08:50) - Open source version is command-line driven (09:04) - Calico and the company behind it (09:28) - What makes Calico unique? (10:54) - EBPF (12:28) - EBPF and Calico (14:28) - Question (18:02) - Demo intro (18:33) - Question (19:18) - Question (20:25) - Question (21:15) - Vulnerabilities and threats (23:28) - Question (27:05) - Calico as service mesh (30:33) - What is Tomas excited about? (31:53) - EBPF real-time tooling

Bret is joined by Kyle Galbraith and Jacob Gillespie, co-founders of Depot, to discuss their new solution to slow Docker builds. If you've never dug into some of the details of Dockers BuildKit, that's the engine behind your Docker build command, then this episode is for you. I'm fairly confident that everyone who uses Docker will eventually come upon the problems that Kyle and Jacob were trying to solve with Depot. Their focus is on speeding up your Docker builds by doing them remotely, in a transparent way. They avoid you needing to rethink your workflows and CI automations and provide a CLI tool that's a drop-in replacement for the Docker build command. In this episode, we walked through the problems they can solve today with what I would call a unified shared build cache for your whole team, including your CI and automation tools. The way they are going about speeding up the Docker builds is something I wished Docker had done for us all along. I think it's still early days for the Depot product, but if you're suffering with long build image times it's already mature enough to be something I would consider as a replacement for the traditional Docker engine builds that we're all used to.Streamed live on YouTube on January 12, 2023.Unedited live recording of this show on YouTube (Ep. #198). Includes demos.★Topic Links★Depot websiteDepot on TwitterCreators & Guests Bret Fisher - Host Beth Fisher - Producer Cristi Cotovan - Editor Kyle Galbraith - Guest Jacob Gillespie - Guest You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com★Join my Community★New live course on CI automation and gitops deploymentsBest coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansGrab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - DDT MAIN (00:04) - Intro (00:53) - Bret's intro (02:24) - Main show (02:33) - Introducing the guests (02:53) - Today's topic (03:07) - Where did the idea for Depot come from? (04:26) - How it started (06:37) - Describing the problems (07:59) - The caching problem (09:49) - Docker caching default and in CI (12:45) - What is cache busting? (14:23) - Being deliberate about your CI environment (15:23) - What problems is Depot trying to solve? (17:27) - Replacing the Docker CLI with Depot (22:13) - Building for multi-platform (26:53) - Question (30:13) - Question (32:14) - Demo intro (32:45) - Modes of hosting (33:29) - Question (34:33) - What else does the UI offer? (38:21) - Getting started with Depot (39:28) - What's on the horizon? (40:30) - Outro

Natan Yellin, Co-founder of Robusta.dev, discusses enhancing Kubernetes alerts with Robusta, improving Prometheus messages, deploying Robusta in clusters, using push notifications, and dealing with CPU limits in Kubernetes. The podcast covers challenges in alert management, monitoring solutions with Prometheus, effective alert management, push notifications for alerting, and detailed explanations of CPU limits.

Bret is joined by two pros from the NGINX team, Robert Haynes and Brian Ehlert to break down the various use cases of NGINX on Kubernetes, and help you decide when and where you'll be using it.There's a lot going on around NGINX and I wanted to focus this conversation around NGINX on Kubernetes, and specifically the two ways you can run it for cluster ingress. We also get into some of the advanced scenarios of using NGINX, like caching and web application firewalls (WAF).Many of us are using NGINX somewhere in our clusters. I found it very interesting how Robert, Brian, and the team at F5 spend a lot of time showing customers how they can use it in many ways to avoid deploying additional products on their clusters. I'm a big fan of reducing complexity.Streamed live on YouTube on December 15, 2022.Unedited live recording of this show on YouTube (Ep. #195).★Topics★Intro to K8s networkingK8s + NGINXThe basic Kubernetes Ingress provider of NGINXThe official NGINX team Ingress CRD (more features)Gateway API for K8sMonitoring NGINXMonitoring NGINX with Prometheus★Brian Ehlert★Brian Ehlert on Twitter★Robert Haynes★Robert Haynes on Twitter★Join my Community★New live course on CI automation and gitops deploymentsBest coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansGrab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - DDT MAIN (00:04) - Intro (00:53) - Custom intro (02:41) - Main show (02:46) - Introductions (03:05) - Today's topic (03:40) - Question: Common NGINX use cases (05:21) - NGINX's web server capabilities (06:11) - Common NGINX on Kubernetes considerations (09:28) - API gateway vs ingress (14:12) - Ingress configurations and policies (16:35) - CRD with ingress project (19:52) - When people adopt Kubernetes (22:33) - Free vs Paid version (27:17) - Question (27:27) - Last-minute risky annotations (31:52) - Validating NGINX configs (34:44) - Avoiding NGINX config manipulation (39:46) - Questions (41:00) - Monitoring in NGINX (42:32) - Prometheus exporter (43:59) - Question about caching (49:39) - Question (51:21) - Wrapping up (54:05) - Outro You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Matt Williams, co-founder of Infra, shares insights on simplifying Kubernetes user management, certificate distribution, and revocation. Infra's open-source tool tackles pain points in user authentication and permissions. The podcast covers Infra's history, Datadog's evolution, challenges in managing SSH and certificates in Kubernetes, and a demo of Infra's Kubernetes authentication and RBAC tool.

Bret is joined by Anaïs Urlichs of Aqua Security to talk container and Kubernetes security tools like trivy, kube-bench, tracee, and kube-hunter. I've been using trivy for over four years to scan for known vulnerabilities in my own container images and my clients.We also look at tracee, a new tool that is part of a new generation of tools that use the Linux kernel eBPF feature to investigate what's happening in real time on your servers. Anaïs is great as an explainer of Kubernetes and all cloud native things, and she's the creator of the 100 days of Kubernetes tutorials on her YouTube channel where she breaks down various cloud native topics for beginners. Based on what I've learned in this show from Anaïs, I plan to change how I use trivy so that it's scanning more things and more often in my CI automation pipelines.Streamed live on YouTube on November 3, 2022.Unedited live recording of this show on YouTube (Ep #190)★Topics★Aqua Security ToolsAqua Security on YouTubeTrivyTrivy-Operatorkube-benchtraceekube-hunter★Anaïs Urlichs★Anaïs on TwitterAnaïs' Newsletter Anaïs on YouTube 100 Days of Kubernetes★Join my Community★New live course on CI automation and gitops deploymentsBest coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansGrab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - DDT MAIN (00:04) - Intro (00:53) - Custom intro (02:28) - Main show (02:32) - Introducing Anais (04:30) - Security Tools (04:56) - What is Aqua Security (06:12) - Not all security scanners are made equal (07:22) - What is Trivy? (08:01) - Misconfiguration scanning with Trivy (12:12) - Security vs Disruption (13:06) - Address vulnerabilities in the base image (14:11) - Question: Operator for Trivy (17:51) - Automating the tool (19:45) - Vulnerability fatigue (20:32) - Question: Go and No-go Criteria (24:13) - Tip Toe, Start Small (25:19) - Kube Bench (26:08) - Kube Hunter (28:09) - What is Tracee? (33:39) - What is the roadmap for implementing these tools? (39:57) - Outro You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Bret is joined by two Chainguard co-founders, CEO Dan Lorenc and Head of Product, Kim Lewandowski, to break down the ins and outs of supply chain security and talk about Chainguard's approach to securing it. We dive into tools, including their new Wolfi Linux distro.We first talk about what that even is, because it's a buzzword right now, and not everyone's on the same page on what securing your supply chain even means in the world of software. Then we jump into base images for containers, and their project Wolfi. We talk a lot about Wolfi in this episode, because it has the potential to change how we build our containers.Streamed live on YouTube on October 13, 2022.Unedited live recording of this show on YouTube (Ep #188)★Topics★Chainguard WebsiteChainguard TwitterChainguard AcademyWolfiWolfi-based imagesSigstore★Dan Lorenc★Dan Lorenc on TwitterDan Lorenc on Linkedin★Kim Lewandowski★Kim Lewandowski on TwitterKim Lewandowski on Linkedin★Join my Community★New live course on CI automation and gitops deploymentsBest coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansHomepage bretfisher.com (00:00) - DDT MAIN (00:04) - Intro (00:54) - Custom intro (02:51) - Main show (03:04) - Introductions (03:24) - How did Chainguard get started? (04:23) - What is a supply chain? (06:30) - First Security Things (08:55) - The article and the base image (12:02) - Wolfi elevator pitch (14:49) - How do packages get into Wolfi? (18:49) - How do Wolfi packages work (21:57) - Chainguard Enforce (26:43) - Question about in-toto (29:08) - Preventing unsigned images in production (30:44) - Blocking vulnerable dependencies with policies (31:39) - Scanning on servers (34:02) - Question (35:53) - Question (37:50) - Getting started with Wolfi (39:57) - Where are they on Github (demo?) (40:50) - Question about vex (43:13) - What else? (43:40) - Chainguard Academy (45:24) - Professional services (49:32) - Wrapping up (49:56) - Outro You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Bret is joined by Nirmal Mehta of AWS and engineering consultant Laura Tacho, for the annual Best of DevOps. We've started this trend of going through the year's best (and worst) of DevOps every December, everyone brings their topics, we mix them all up and try to get through all of it. This year, we came pretty close. We cover many topics in this year's episode, things like desktop GUIs for containers, the return of real-life conferences, Docker reaching a significant milestone, AI, ML, data platforms and much, much more.Streamed live on YouTube on December 8, 2022. Includes demos.Unedited live recording of this show on YouTube (Ep #194)★Topics★Full doc of topics (more than we could cover)Year of Desktop GUI’s for Container Dev and Cloud Native MgmtDocker Extensions List Rancher DesktopPodman DesktopLens commercialOpenLensk9s websiteKui websiteDevOps Survey TrendsOpenTelemetry Articles- Transforming IT Departments - Properly Explained and Demoed - Getting StartedKarpenter websiteeBPF and Profiling- Pixie- Parca★Laura Tacho★Laura's websiteLaura's CourseLaura on Twitter★Nirmal Mehta★Nirmal on LinkedinNirmal on MastodonNirmal on Twitter★Join my Community★New live course on CI automation and gitops deployments Best coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansHomepage bretfisher.com (00:00) - DDT MAIN (00:04) - Template intro (00:53) - Custom intro (04:25) - Main show (04:45) - Introducing the guests (05:20) - In today's episode (05:52) - The year of desktop GUIs (12:14) - In real life conferences (12:46) - Boom and Bust (13:30) - Will Jenkins go away? (14:39) - GitHub Actions (16:14) - Laura's Rubber-band Theory (19:09) - Revenue and Docker's comeback (21:02) - Other trends (21:11) - DORA report (22:21) - Increased security requirements (24:31) - Jumping on the security bandwagon (25:43) - Security by default (27:04) - Rapid fire Kubernetes happenings (28:06) - Bret's Maven Course (28:15) - Laura's teaching (29:04) - WASM+ Docker (29:38) - Slim.ai (30:29) - Open telemetry (35:37) - Carpenter (37:04) - Lack of staff (37:50) - AI (40:38) - Boosting productivity (44:38) - ML models developed and running in containers (46:14) - Wrapping up (46:40) - Outro You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com