OpenRC Script for 'podman kube play'

In June, I’ve written about my approach to starting and stopping Podman Pods using OpenRC scripts on Alpine Linux. However, that approach had two major drawbacks: First, the pods were started in the foreground, causing OpenRC to wait for all pod initialization tasks to complete. If an image needed to be pulled first, this could lead to longer delays, significantly increasing system startup times. Secondly, requesting the status of a previously started pod always stated “crashed”....

October 26, 2022 · 3 min · 483 words · Heiner

Connecting multiple networks to a Podman container

I’m running my containers with Podman in Rootless Mode on Alpine for about four months now. However, an annoying problem has haunted me ever since: When a container was connected to more than one network, outgoing connections were not working correctly. Consider a container connected to two bridge networks: $ podman run --rm -it \ --network net1 \ --network net2 \ alpine /bin/ash Inside the container, the two networks are connected correctly:...

October 16, 2022 · 2 min · 274 words · Heiner

Setting up Alpine Linux with Podman

Recently, I’ve written a blog post on how to set up Rootless Docker on Alpine Linux. Today I’m showing you how to set up Podman. Podman has a rootless architecture built in. It’s an alternative to Docker, providing an almost identical command line interface. Thus, if you’re used to Docker CLI, you won’t have any issues working with Podman. Podman was initially developed by RedHat and is available as an open source project....

June 25, 2022 · 4 min · 852 words · Heiner

Setting up Alpine Linux with Rootless Docker

As of Docker Engine v20.10, it’s possible to run the Docker daemon as a non-root user (Rooless mode). This is especially valuable in view of security aspects. Rootless mode mitigates potential vulnerabilities in the Docker daemon. However, at the time of writing, setting up Docker in rootless mode is not straightforward if you’re using Alpine Linux as your host system. This is why I summarized the steps to get Docket Rootless up and running on Alpine Linux....

June 19, 2022 · 3 min · 479 words · Heiner

Analyze Traefik access log using InfluxDB and Grafana

Traefik is a Cloud Native Edge Router, often deployed in Docker and Kubernetes environments. With little effort, you can use Telegraf to transport Traefik’s access logs to an InfluxDB, where it can be analyzed using Grafana. This setup contains the following elements: Traefik v2 runs as a Docker container on a Linux host. Traefik outputs access logs in JSON format to STDOUT. Telegraf fetched the Traefik container’s JSON output using the docker_log input plugin....

June 3, 2020 · 2 min · 373 words · Heiner

Build Multi-Arch images on Docker Hub (Part 2)

Im ersten Teil dieses Artikels habe ich Euch gezeigt, wie Ihr ein Multi-Arch-Docker-Projekt anlegt, das auf einer AMD64-Plattform auch für andere Zielarchitekturen wie bspw. ARM bauen kann. In diesem Teil zeige ich Euch, wie Ihr das Ganze im offiziellen Docker Hub zum Laufen bekommt. Zunächst solltet Ihr ein Projekt im Docker Hub anlegen und dieses mit Eurem Quellcode-Repository verknüpfen. In meinem Fall nutze ich GitHub als Sourcecode-Repository und nutze die Build-Infrastruktur von Docker Hub....

May 16, 2020 · 3 min · 443 words · Heiner

Build Multi-Arch images on Docker Hub (Part 1)

Multi-Arch Docker Images sind eine tolle Sache: Benutzer Eurer Images ziehen automatisch die für Ihre Architektur passende Version Eures Image – ob AMD64, ARM64 oder ARM32. Normalerweise muss man Docker Images auf der Architektur bauen, auf der sie später auch verwendet werden. Durch die Verwendung des Emulators QEMU ist es jedoch möglich, auf einer AMD64-Architektur für alle anderen Zielplattformen mitzubauen. Kombiniert mit der Auto-Build-Funktion des Docker Hub ist das eine prima Arbeitserleichterung....

May 15, 2020 · 3 min · 502 words · Heiner

How to let Jenkins build Docker images

If you’re using Jenkins as your Continuous Integration (CI) tool and Docker to build self-contained images of your application, you may ask yourself how to automatically build Docker images during Jenkins’ build job. Here’s how I did it – with Jenkins running in a Docker container itself. So far, I’ve used the official Jenkins Docker image (the one based on Alpine). I’ve tried some of the Docker plugins for Jenkins available out there....

June 11, 2017 · 2 min · 370 words · Heiner

Using Let’s Encrypt / EFF’s CertBot with NGINX in Docker

I’m using NGINX in a Docker Container as a front-end HTTP(s) Webserver, performing SSL termination and proxying incoming requests to various other Docker Containers and VMs. Now that I’ve switched my certificates to Let’s Encrypt, I wondered how to integrate EFF’s CertBot (which is recommended by Let’s Encrypt) with my setup. Here’s how I did it. First, I’ve added two new volumes to my web-front-end’s Docker Compose File: version: '2' services: webfrontend: container_name: webfrontend [....

February 11, 2017 · 2 min · 287 words · Heiner

Fix Docker not using /etc/hosts on MacOS

On my MacBook with Mac OS X 10.11 (El Capitan) and Docker 1.12.0, Docker did not read manually set DNS entries from the /etc/hosts file. When I executed “docker push” for example, this resulted in “no such hosts” errors: Put http://shuttle:5000/v1/repositories/webfrontend/: dial tcp: lookup shuttle on 192.168.65.1:53: no such host On Mac OS, Docker is running in a host container itself. Thus, you’ll have to add DNS entries to the container’s /etc/hosts file....

August 28, 2016 · 1 min · 163 words · Heiner