Containers

Automatic container updates with Podman quadlets

Podman’s quadlet system combined with systemd timers makes container updates easy and automatic.

Connect Caddy to Porkbun

Caddy offers a great web and proxy server experience with minimal configuration and automated TLS certificates. Learn how to connect Caddy to Porkbun to get TLS certificates by managing your DNS records for you automatically. 🐷

Glass jars of herbs on a shelf with labels of their contents

How I learned to stop worrying and love the CoreOS

Here’s a blog post to answer the question: Why do you write so much about CoreOS? 📦

Triangular road sign showing a turn to the right ahead

Quadlets might make me finally stop using docker-compose

Sure, docker-compose is great, but could we get similar functionality using just the tools that are built into CoreOS? Can we get automatic updates, too? Yes we can! 📦

Rocky cliff in front of a blue green ocean

Fixing a ghost database migration failure

I woke up one morning to find my Ghost blog unresponsive. It required an unexpected fix. 🔧

Lots of gold-colored beams in the ceiling of a building in Lisbon, Porgugal with a blue sky behind them

Deploy a containerized Ghost blog 👻

Ghost delivers a great self-hosted blogging platform that deploys well in containers. Let’s deploy it on CoreOS along with Caddy. ️📝

Super cute raccoon standing in front of green foliage

Launch a watchtower container via podman quadlets

Podman’s new quadlet feature lets you specify container launch configuration via simple systemd-like unit files. 📦

CoreOS as a pet

CoreOS provides a fast track to running containers with a light weight immutable OS underneath. This doesn’t mean that you can’t keep it around as a pet instance. 🐕

Wooden watchtower with mountains in the background

Automatic container updates with watchtower

Watchtower keeps an eye on your running containers and updates them when new containers appear upstream. 📦

Second try at self-hosting Mastodon

Although my first attempt at self-hosting Mastodon was a failure, I went back for a second attempt with docker-compose. 🧗‍♂️

docker-compose on Fedora CoreOS

My go-to method for managing containers easily is still docker-compose. It works really well on Fedora CoreOS. 📦

Adventures with the mastodon herd

Ongoing changes at Twitter led me to take a second look at mastodon, including running my own mastodon instance. 🐘

Mount NFS shares in kubernetes

Access files over NFS within kubernetes pods with a quick volume mount. 🗄

Run Xorg applications with podman

Package up graphical applications in containers and run them with podman. 🚢

Wildcard LetsEncrypt certificates with Traefik and Cloudflare

Re-use the same wildcard TLS certificate for multiple containers running behind traefik. 🚦

Rootless container management with docker-compose and podman

Run rootless Linux containers without any daemons using docker-compose and podman on Fedora! 📦

Get faster GitLab runners with a ramdisk

Many cloud providers give you lots of memory with each instance and you can speed up tests and builds by using a ramdisk.

buildah error: vfs driver does not support overlay.mountopt options

Buildah and podman work well with the vfs storage driver, but the default mount options can cause problems.

Build containers in GitLab CI with buildah

...

Use a secret as an environment variable in OpenShift deployments

Environment variables are easy to add to OpenShift deployments, but a more secure way to add these variables is by referencing a secret.

Research Paper: Securing Linux Containers

...

Improving LXC template security

...

Try out LXC with an Ansible playbook

...

Launch secure LXC containers on Fedora 20 using SELinux and sVirt

...

Docker, trusted builds, and Fedora 20

...