Amazon Lightsail containers are all about simplicity.
Amazon Lightsail Containers – AWS Service That Favors Simplicity
Leave a reply
Tag Archives: Docker
Kaniko – Building Container Images In Kubernetes Without Docker
How do we build container images inside containers running in a Kubernetes cluster? Docker is a bad option since it cannot run inside containers. Using it requires communication to the Docker engine running in cluster nodes. Even if that security concern is not enough, Dockershim is deprecated in Kubernetes 1.20 and will be (or already is) removed from 1.22. That means that alternative container engines like ContainerD will take its place. In other words, using Docker is not even an option anymore.
Kaniko comes to the rescue. It is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster.
Using Docker To Deploy Applications To Azure Container Instances
This text was taken from the book and a Udemy course The DevOps Toolkit: Catalog, Patterns, And Blueprints
Help us choose the next subject for the course by filling in a survey at https://www.devopsparadox.com/survey
Azure Container Instances are a way to deploy containers in the Cloud. Based on that, you might think that ACI is not much different from other Containers as a Service solutions. But it is. It does not have horizontal scaling, nor any other features often associated with schedulers like Kubernetes. It is limited to the ability to run a single container in isolation. It is very similar to using Docker, except that it is in Azure, and that it saves us from worrying about the infrastructure needed to run containers.
So, if Azure Container Instances are very similar to Docker, why not use docker instead of az CLI? Fortunately, folks at Docker asked themselves the same question and released Docker Desktop that supports ACI. It is available since version 2.3.3+.
“The DevOps 2.3 Toolkit: Kubernetes” is available!
The DevOps 2.2 Toolkit: Kubernetes is available through Amazon.com (and other worldwide sites) as well as through LeanPub.com. Soon it will be available through other retailers as well.
The goal of this book is not to convince you to adopt Kubernetes but to provide a detailed overview of its features. I want you to become confident in your Kubernetes knowledge and only then choose whether to embrace it. That is, unless you already made up your mind and stumbled upon this book in search of Kubernetes guidance.
Continue reading
Kubernetes Resource Management Compared To Docker Swarm Equivalent
This article is part of the series that compare Kubernetes and Docker Swarm features.
- Kubernetes Pods, ReplicaSets, And Services Compared To Docker Swarm Stacks
- Kubernetes Deployments Compared To Docker Swarm Stacks
- Kubernetes Ingress Compared To Docker Swarm Equivalent
- Kubernetes ConfigMaps Compared To Docker Swarm Configs
- Kubernetes Secrets Compared To Docker Swarm Secrets
- Kubernetes Namespaces Compared To Docker Swarm Equivalent (If There Is Any)
- Kubernetes RBAC Compared To Docker Swarm RBAC
- Kubernetes Resource Management Compared To Docker Swarm Equivalent
Resource management can be divided into a few categories. We need to define how much memory and CPU we except a container will use and what are the limits. This information is crucial for a scheduler to make “intelligent” decisions when calculating where to place containers. In this aspect, there is no essential difference between Kubernetes and Docker Swarm. Both are using requested resources to decide where to deploy containers and limits when to evict them. Both of them are, more or less, the same in this aspect.
Continue reading
Kubernetes RBAC Compared To Docker Swarm RBAC
This article is part of the series that compare Kubernetes and Docker Swarm features.
- Kubernetes Pods, ReplicaSets, And Services Compared To Docker Swarm Stacks
- Kubernetes Deployments Compared To Docker Swarm Stacks
- Kubernetes Ingress Compared To Docker Swarm Equivalent
- Kubernetes ConfigMaps Compared To Docker Swarm Configs
- Kubernetes Secrets Compared To Docker Swarm Secrets
- Kubernetes Namespaces Compared To Docker Swarm Equivalent (If There Is Any)
- Kubernetes RBAC Compared To Docker Swarm RBAC
- Kubernetes Resource Management Compared To Docker Swarm Equivalent
Docker has RBAC. Just as Kubernetes, it is organized around subjects, roles, and resource collections. In many aspects, both provide a very similar set of features. Should we quickly declare it a tie?
There is one crucial difference between Kubernetes RBAC and the one provided by Docker. The latter is not free. You’d need to purchase Docker Enterprise Edition (EE) to secure your cluster beyond “only those with the certificate can access it.” If you do have Docker EE, you already made up your mind, and the discussion whether to use one or the other is over. Docker EE is great, and soon it will work not only with Swarm but also with Kubernetes. You bought it, and there’s not much reason to switch to something else. However, this comparison focuses on what open source core versions can offer. It ignores third party and enterprise additions.
Continue reading
Kubernetes Namespaces Compared To Docker Swarm Equivalent (If There Is Any)
This article is part of the series that compares Kubernetes and Docker Swarm features.
- Kubernetes Pods, ReplicaSets, And Services Compared To Docker Swarm Stacks
- Kubernetes Deployments Compared To Docker Swarm Stacks
- Kubernetes Ingress Compared To Docker Swarm Equivalent
- Kubernetes ConfigMaps Compared To Docker Swarm Configs
- Kubernetes Secrets Compared To Docker Swarm Secrets
- Kubernetes Namespaces Compared To Docker Swarm Equivalent (If There Is Any)
- Kubernetes RBAC Compared To Docker Swarm RBAC
- Kubernetes Resource Management Compared To Docker Swarm Equivalent
Docker Swarm does not have anything like Kubernetes Namespaces. We cannot split a Swarm cluster into sections. Therefore, we can finish this comparison by saying that Kubernetes is a clear winner regarding this feature since Docker Swarm doesn’t have Namespaces. But, that would not be entirely accurate.
Docker Swarm stacks are, in a way, similar to Kubernetes Namespaces. All the services in a stack are uniquely identified through a combination of a stack name and the names of services inside it. By default, all services within a stack can communicate with each other through the stack’s default network. Services can speak with those from other stacks only if they are explicitly attached to the same network. All in all, each Swarm stack is separated from other stacks. They are, in a way, similar to Kubernetes Namespaces.
Continue reading
Kubernetes Secrets Compared To Docker Swarm Secrets
This article is part of the series that compares Kubernetes and Docker Swarm features.
- Kubernetes Pods, ReplicaSets, And Services Compared To Docker Swarm Stacks
- Kubernetes Deployments Compared To Docker Swarm Stacks
- Kubernetes Ingress Compared To Docker Swarm Equivalent
- Kubernetes ConfigMaps Compared To Docker Swarm Configs
- Kubernetes Secrets Compared To Docker Swarm Secrets
- Kubernetes Namespaces Compared To Docker Swarm Equivalent (If There Is Any)
- Kubernetes RBAC Compared To Docker Swarm RBAC
- Kubernetes Resource Management Compared To Docker Swarm Equivalent
Secrets are very similar to Kubernetes ConfigMaps and Docker Swarm configs. Everything we said for configurations applies to Secrets, with a few additional features.
Both Kubernetes and Docker Swarm stores Secrets in tmpfs inside containers. From that aspect, they are equally secure. The significant difference is in the way Secrets are stored internally.
Continue reading
Kubernetes ConfigMaps Compared To Docker Swarm Configs
This article is part of the series that compares Kubernetes and Docker Swarm features.
- Kubernetes Pods, ReplicaSets, And Services Compared To Docker Swarm Stacks
- Kubernetes Deployments Compared To Docker Swarm Stacks
- Kubernetes Ingress Compared To Docker Swarm Equivalent
- Kubernetes ConfigMaps Compared To Docker Swarm Configs
- Kubernetes Secrets Compared To Docker Swarm Secrets
- Kubernetes Namespaces Compared To Docker Swarm Equivalent (If There Is Any)
- Kubernetes RBAC Compared To Docker Swarm RBAC
- Kubernetes Resource Management Compared To Docker Swarm Equivalent
The mechanisms behind Kubernetes ConfigMaps and Docker Swarm configs are almost the same. At least, from the functional perspective. Both allow us to store some literal texts in scheduler’s internal data store, and both enable us to add them to containers. The syntax is equally simple and straightforward in both cases. Still, there are a few differences.
Docker Swarm’s Config is immutable. We cannot enter into a container and remove it. We cannot update it. All we can do is read it. Kubernetes will allow us to manipulate injected configuration files, only to revert changes soon after. It is acting like a cleaning lady. You can create any mess you want, she’ll clean it up. Or, maybe, that would be a butler? Not sure… Anyways, Kubernetes ConfigMap mounts are eventually immutable. Such a thing is not a big deal. We just need to understand how it works and to learn never to touch configuration files. Or, even better, we should change the default mount’s permissions to be read-only.
Continue reading
Kubernetes Ingress Compared To Docker Swarm Equivalent
This article is part of the series that compares Kubernetes and Docker Swarm features.
- Kubernetes Pods, ReplicaSets, And Services Compared To Docker Swarm Stacks
- Kubernetes Deployments Compared To Docker Swarm Stacks
- Kubernetes Ingress Compared To Docker Swarm Equivalent
- Kubernetes ConfigMaps Compared To Docker Swarm Configs
- Kubernetes Secrets Compared To Docker Swarm Secrets
- Kubernetes Namespaces Compared To Docker Swarm Equivalent (If There Is Any)
- Kubernetes RBAC Compared To Docker Swarm RBAC
- Kubernetes Resource Management Compared To Docker Swarm Equivalent
Both Kubernetes and Docker Swarm have Ingress, and it might sound compelling to compare them and explore the differences. While that, on the first look, might seem like a right thing to do, there is a problem. Ingress works quite differently across the two.
Swarm Ingress networking is much more similar to Kubernetes Services. Both can, and should, be used to expose ports to clients both inside and outside a cluster. If we compare the two products, we’ll discover that Kubernetes Services are similar to a combination of Docker Swarm’s Overlay and Ingress networking. The Overlay is used to provide communication between applications inside a cluster, and Swarm’s Ingress is a flavor of Overlay network that publishes ports to the outside world. The truth is that Swarm does not have an equivalent to Kubernetes Ingress Controllers. That is, if we do not include Docker Enterprise Edition to the mix.
Continue reading
Technology Conversations 