Docker

You’ll probably know Pi-hole. It’s a popular “DNS sinkhole” – a DNS proxy server which blocks certain requests, such a as those for well-known ad serving domains. The effect is a much less ad-cluttered web experience in your home network. I’ve been using Pi-hole for several years as a Docker container on a Raspberry Pi. The Raspi is serving as a small home server on my home network. However, as much as I like Pi-hole, I felt it got loaded with new features over the years and performed slower over the time....

In June, I’ve written about my approach to starting and stopping Podman Pods using OpenRC scripts on Alpine Linux. However, that approach had two major drawbacks: First, the pods were started in the foreground, causing OpenRC to wait for all pod initialization tasks to complete. If an image needed to be pulled first, this could lead to longer delays, significantly increasing system startup times. Secondly, requesting the status of a previously started pod always stated “crashed”....

I’m running my containers with Podman in Rootless Mode on Alpine for about four months now. However, an annoying problem has haunted me ever since: When a container was connected to more than one network, outgoing connections were not working correctly. Consider a container connected to two bridge networks: $ podman run --rm -it \ --network net1 \ --network net2 \ alpine /bin/ash Inside the container, the two networks are connected correctly:...

Recently, I’ve written a blog post on how to set up Rootless Docker on Alpine Linux. Today I’m showing you how to set up Podman. Podman has a rootless architecture built in. It’s an alternative to Docker, providing an almost identical command line interface. Thus, if you’re used to Docker CLI, you won’t have any issues working with Podman. Podman was initially developed by RedHat and is available as an open source project....

As of Docker Engine v20.10, it’s possible to run the Docker daemon as a non-root user (Rooless mode). This is especially valuable in view of security aspects. Rootless mode mitigates potential vulnerabilities in the Docker daemon. However, at the time of writing, setting up Docker in rootless mode is not straightforward if you’re using Alpine Linux as your host system. This is why I summarized the steps to get Docket Rootless up and running on Alpine Linux....

Traefik is a Cloud Native Edge Router, often deployed in Docker and Kubernetes environments. With little effort, you can use Telegraf to transport Traefik’s access logs to an InfluxDB, where it can be analyzed using Grafana. This setup contains the following elements: Traefik v2 runs as a Docker container on a Linux host. Traefik outputs access logs in JSON format to STDOUT. Telegraf fetched the Traefik container’s JSON output using the docker_log input plugin....

Im ersten Teil dieses Artikels habe ich Euch gezeigt, wie Ihr ein Multi-Arch-Docker-Projekt anlegt, das auf einer AMD64-Plattform auch für andere Zielarchitekturen wie bspw. ARM bauen kann. In diesem Teil zeige ich Euch, wie Ihr das Ganze im offiziellen Docker Hub zum Laufen bekommt. Zunächst solltet Ihr ein Projekt im Docker Hub anlegen und dieses mit Eurem Quellcode-Repository verknüpfen. In meinem Fall nutze ich GitHub als Sourcecode-Repository und nutze die Build-Infrastruktur von Docker Hub....

Multi-Arch Docker Images sind eine tolle Sache: Benutzer Eurer Images ziehen automatisch die für Ihre Architektur passende Version Eures Image – ob AMD64, ARM64 oder ARM32. Normalerweise muss man Docker Images auf der Architektur bauen, auf der sie später auch verwendet werden. Durch die Verwendung des Emulators QEMU ist es jedoch möglich, auf einer AMD64-Architektur für alle anderen Zielplattformen mitzubauen. Kombiniert mit der Auto-Build-Funktion des Docker Hub ist das eine prima Arbeitserleichterung....

If you’re using Jenkins as your Continuous Integration (CI) tool and Docker to build self-contained images of your application, you may ask yourself how to automatically build Docker images during Jenkins’ build job. Here’s how I did it – with Jenkins running in a Docker container itself. So far, I’ve used the official Jenkins Docker image (the one based on Alpine). I’ve tried some of the Docker plugins for Jenkins available out there....

I’m using NGINX in a Docker Container as a front-end HTTP(s) Webserver, performing SSL termination and proxying incoming requests to various other Docker Containers and VMs. Now that I’ve switched my certificates to Let’s Encrypt, I wondered how to integrate EFF’s CertBot (which is recommended by Let’s Encrypt) with my setup. Here’s how I did it. First, I’ve added two new volumes to my web-front-end’s Docker Compose File: version: '2' services: webfrontend: container_name: webfrontend [....