-
posts
-
Understanding GitHub Artifact Attestations
GitHub recently introduced Artifact
Attestations,
a beta feature that enhances the security of Open Source software supply
chains. By linking artifacts to their source code repositories and GitHub
Actions, it ensures that artifacts are not built w...
-
Code Signing is not Enough
Code signing is often used as a method for ensuring that software artifacts
like binaries, drivers, and software packages haven’t been modified by a third
party before they are used. Many folks may be familiar with packages that were
gpg signed an...
-
Four Tips for Writing Better Go APIs
Go is a really powerful programming language that allows you to write concurrent code that is still easy to understand. But designing APIs can be hard, even for seasoned Go programmers. When designing APIs for libraries and applications in Go it’s...
-
Container Runtimes Part 4: Kubernetes Container Runtimes & CRI
This is the fourth and last part in a four part series on container runtimes.
It’s been a while since
part 1,
but in that post I gave an overview of container runtimes and discussed the
differences between low-level and high-level runtimes. In
par...
-
Container Runtimes Part 3: High-Level Runtimes
This is the third part in a four-part series on container runtimes. It’s been a while since part 1, but in that post I gave an overview of container runtimes and discussed the differences between low-level and high-level runtimes. In part 2 I went...
-
Container Runtimes Part 2: Anatomy of a Low-Level Container Runtime
This is the second in a four-part series on container runtimes. In part 1, I gave an overview of container runtimes and discussed the differences between low-level and high-level runtimes. In this post I will go into detail on low-level container ...
-
Container Runtimes Part 1: An Introduction to Container Runtimes
One of the terms you hear a lot when dealing with containers is “container runtime”. “Container runtime” can have different meanings to different people so it’s no wonder that it’s such a confusing and vaguely understood term, even within the cont...
-
The Almighty Pause Container
When checking out the nodes of your Kubernetes cluster, you may have noticed some containers called “pause” running when you do a docker ps on the node.
$ docker ps
CONTAINER ID IMAGE COMMAND ...
...
3...
-
Blue/Green Deployments on Kubernetes
For those that want to dive right in, I have put up a tutorial and some sample manifests on github. Check it out at https://github.com/IanLewis/kubernetes-bluegreen-deployment-tutorial
Kubernetes has a really awesome built-in feature called D...
-
What are Kubernetes Pods Anyway?
Recently I saw a tweet from the awesome Amy Codes (I really hope that’s her real name) about Kubernetes Pods:
You know why containers in a pod are always scheduled together? It's cuz they're nested containers.Mind. Blown.— Amy Codes...