DevOps and Docker Talk
Summary: Short question and answer clips from my weekly YouTube Live ask-me-anything show. Topics cover Docker and container tools like Kubernetes, Swarm, AWS, Cloud DevOps and the full software lifecycle supply chain. Full YouTube shows and more info available on website.
In Docker 18.09.1 and Docker Desktop 184.108.40.206 (stable) in January 2019, we now have a new option for running Windows Containers on Windows 10 in "process isolation mode" which removes the need to launch a full Windows Server Hyper-V VM. It's a great new way for running lightweight Windows Containers, but has its own limits and config requirements.
A viewer asks how they can prototype their software in Docker with a Raspberry Pi. I explain the various parts of the workflow including ARM 64 vs. x64 CPU architectures, the benefits of QEMU emulation in Docker Desktop, and how to get Docker images from your local machine to the Pi.
A viewer asks why their Elasticsearch server on their local development setup with Docker Compose would give them a yellow health status. I talk about the common causes for this in my own experience with shard replication.
A viewer asks about how their local docker container IP's, if behind NAT, can have issues with outside subnets at their company. I explain some of the ways even NAT won't solve IP routing for containers and how you can change your settings to different private subnets.
Someone asks about image pruning while a Swarm service is in the middle of deployment, and how they've experienced failed containers. I reply with the details of what's going on in specific steps of a Service creation and deployment, and how the prune command could interfere.
I answer questions about updating your app secrets and configs in Docker Swarm without downtime
I answer questions about designing Apache web servers for multiple Websites in containers
I answer a question about using sudo in containers and file permissions when using non-root users.
Alpine Linux container images are often regarded as the "best for production, security, and image size", but I debate this based on several trends and current limitations.