Devops And Docker Talk

Bret is joined by Kyle Galbraith and Jacob Gillespie, co-founders of Depot, to discuss their new solution to slow Docker builds. If you've never dug into some of the details of Dockers BuildKit, that's the engine behind your Docker build command, then this episode is for you. I'm fairly confident that everyone who uses Docker will eventually come upon the problems that Kyle and Jacob were trying to solve with Depot. Their focus is on speeding up your Docker builds by doing them remotely, in a transparent way. They avoid you needing to rethink your workflows and CI automations and provide a CLI tool that's a drop-in replacement for the Docker build command. In this episode, we walked through the problems they can solve today with what I would call a unified shared build cache for your whole team, including your CI and automation tools. The way they are going about speeding up the Docker builds is something I wished Docker had done for us all along. I think it's still early days for the Depot product, but if yo

New Live Course Registration for March 20th, 2023: GitHub Actions and Argo CD for K8sBret is joined by Natan Yellin, the co-founder of Robusta.dev to talk Kubernetes and Prometheus monitoring, alerting, and maybe some CPU limit ranting. Robusta tries to fill the gap left by Kubernetes' own AlertManager which has a very specific and not so helpful way of decribing events in your cluster. This makes it hard to diagnose the cause of the event and you're left with Google, StackOverflow and an awful lot of head-scratching. Robusta acts as a proxy between AlertManager and your notification platform of choice.In the show we talk about what Robusta is, how to deploy it in your clusters, and Natan also details some of the enhancements in their cloud offering that you can layer on top of that, which has a generous free tier.Streamed live on YouTube on January 5, 2023.Unedited live recording of this show on YouTube (Ep. #197). Includes demos.★Topics★Robusta WebsiteRobusta on GitHubKubeCon - Building a Runbook Automation

New Live Course Registration for March 20th, 2023: GitHub Actions and Argo CD for K8sBret is joined by two pros from the NGINX team, Robert Haynes and Brian Ehlert to break down the various use cases of NGINX on Kubernetes, and help you decide when and where you'll be using it.There's a lot going on around NGINX and I wanted to focus this conversation around NGINX on Kubernetes, and specifically the two ways you can run it for cluster ingress. We also get into some of the advanced scenarios of using NGINX, like caching and web application firewalls (WAF).Many of us are using NGINX somewhere in our clusters. I found it very interesting how Robert, Brian, and the team at F5 spend a lot of time showing customers how they can use it in many ways to avoid deploying additional products on their clusters. I'm a big fan of reducing complexity.Streamed live on YouTube on December 15, 2022.Unedited live recording of this show on YouTube (Ep. #195).★Topics★Intro to K8s networkingK8s + NGINXThe basic Kubernetes Ingress p

Bret is joined by Matt Williams of Infra to show off their open source project Infra, which provides easy, centralized RBAC and auth to Kubernetes and more. Infra is a new company taking on simplifying centralized infrastructure, user authentication and permissions. Their open source tool by the same name is quite easy to start with. In this episode, Matt does a great job of explaining the pain points of Kubernetes user management, certificate distribution and revocation, and more pain points that Infra is bringing simplicity to.Streamed live on YouTube on November 10, 2022. Includes demos.Unedited live recording of this show on YouTube (Ep #191).★Topics★Infra WebsiteInfra on GitHubAll Day DevOps free conferenceMatt Williams===========Matt on TwitterMatt's YouTube Channel★Join my Community★New live course on CI automation and gitops deploymentsBest coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansGrab some merch at Bret's Loot BoxHomepage bretfisher

Bret is joined by Anaïs Urlichs of Aqua Security to talk container and Kubernetes security tools like trivy, kube-bench, tracee, and kube-hunter. I've been using trivy for over four years to scan for known vulnerabilities in my own container images and my clients.We also look at tracee, a new tool that is part of a new generation of tools that use the Linux kernel eBPF feature to investigate what's happening in real time on your servers. Anaïs is great as an explainer of Kubernetes and all cloud native things, and she's the creator of the 100 days of Kubernetes tutorials on her YouTube channel where she breaks down various cloud native topics for beginners. Based on what I've learned in this show from Anaïs, I plan to change how I use trivy so that it's scanning more things and more often in my CI automation pipelines.Streamed live on YouTube on November 3, 2022.Unedited live recording of this show on YouTube (Ep #190)★Topics★Aqua Security ToolsAqua Security on YouTubeTrivyTrivy-Operatorkube-benchtraceekube-h

Bret is joined by two Chainguard co-founders, CEO Dan Lorenc and Head of Product, Kim Lewandowski, to break down the ins and outs of supply chain security and talk about Chainguard's approach to securing it. We dive into tools, including their new Wolfi Linux distro.We first talk about what that even is, because it's a buzzword right now, and not everyone's on the same page on what securing your supply chain even means in the world of software. Then we jump into base images for containers, and their project Wolfi. We talk a lot about Wolfi in this episode, because it has the potential to change how we build our containers.Streamed live on YouTube on October 13, 2022.Unedited live recording of this show on YouTube (Ep #188)★Topics★Chainguard WebsiteChainguard TwitterChainguard AcademyWolfiWolfi-based imagesSigstore★Dan Lorenc★Dan Lorenc on TwitterDan Lorenc on Linkedin★Kim Lewandowski★Kim Lewandowski on TwitterKim Lewandowski on Linkedin★Join my Community★New live course on CI automation and gitops deployments

Bret is joined by Nirmal Mehta of AWS and engineering consultant Laura Tacho, for the annual Best of DevOps. We've started this trend of going through the year's best (and worst) of DevOps every December, everyone brings their topics, we mix them all up and try to get through all of it. This year, we came pretty close. We cover many topics in this year's episode, things like desktop GUIs for containers, the return of real-life conferences, Docker reaching a significant milestone, AI, ML, data platforms and much, much more.Streamed live on YouTube on December 8, 2022. Includes demos.Unedited live recording of this show on YouTube (Ep #194)★Topics★Full doc of topics (more than we could cover)Year of Desktop GUI’s for Container Dev and Cloud Native MgmtDocker Extensions List Rancher DesktopPodman DesktopLens commercialOpenLensk9s websiteKui websiteDevOps Survey TrendsOpenTelemetry Articles- Transforming IT Departments - Properly Explained and Demoed - Getting StartedKarpenter websiteeBPF and Profiling- Pixie- Pa

Bret is joined by Michael Irwin, Sr. Manager for DevRel at Docker, to review and demo our top 2022 new features and announcements from Docker Inc. We run through the very long list in this episode and sadly, had to skip over the smaller, nuance features or subtle changes and focused on the bigger things - a major one being Docker extensions - as well as Docker Hub support for OCI artifacts, like the Helm charts, volume, WASM, Hardened Docker Desktop, tilt.dev and much more.Streamed live on YouTube on December 1,  2022. Includes demos.Unedited live recording of this show on YouTube (Ep #193)★Topics★Docker Blog, "Products" category (most of our topics came from here)Recapping the last year of Docker Desktop (YouTube, September 2022)What's new in Docker Desktop (YouTube, DockerCon 2022, May 2022)What's new in Docker build (YouTube, DockerCon 2022, May 2022)★Michael Irwin★Michael on TwitterMichael's Website★Join my Community★Best coupons for my Docker and Kubernetes coursesChat with us and fellow students on our

Bret is joined by Brian Christner, a Docker Captain and Chief, Online Gaming for Grand Casino Baden (jackpots.ch), who returns to the show to discuss his top recommended skills for improving your DevOps expertise.Both Bret and Brian have been consultants on and off throughout their careers and also in positions where they needed to hire other engineers - often other DevOps engineers. They share their perspectives on the different types of DevOps roles and the various jobs they need to fill.In this episode, we thought it would be helpful to bring our experience on DevOps jobs and look at the most essential and in-demand skills throughout the industry.Streamed live on YouTube on October 6, 2022.Unedited live recording of this show on YouTube (Ep #187)★Topics★DevOps Foundations CourseEngineering Management Training from Laura TachoAwesome Docker resourcesAwesome Everything Lists on GitHubKubernetes This Month with Nigel PoultonAWS Cloud TrainingContainer Automation Examples by BretDocker Observability by Brain★B

Bret is joined by Rosemary Wang from HashiCorp to show off Vault for Kubernetes, an an open source secrets provider.Rosemary is a return guest and does her usual fantastic job at explaining the complex topics around storing secrets, who needs Vault and why, running Vault on Kubernetes, the Vault storage backend and so much more.Streamed live on YouTube on September 29, 2022. Includes demos.Unedited live recording of this show on YouTube (Ep #186)★Topics★Vault websiteHashiCorp CloudRaft storage for Vault, how Raft worksExample repo: HashiCorp Vault for Development Teams★Rosemary Wang★Rosemary on TwitterRosemary on Linkedin★Join my Community★Best coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansHomepage bretfisher.com ★ Support this podcast on Patreon ★

Bret is joined by Lee Calcote and Nic Jackson, co-authors of the Service Mesh Patterns book, to discuss service mesh for Docker Desktop and Compose apps with the new Meshery extension for Docker desktop.They talk about what service mesh is and go into the new Measure extension for Docker Desktop, which is a CNCF sandbox project. One of its bigger features is to help you try out different service meshes and test them with only a few clicks. They also cover other features of their tools, such as the beta of MeshMap which helps you visualize your clusters and apply better practices to your service mesh.Streamed live on YouTube on September 22, 2022. Includes demos.Unedited live recording of this show on YouTube (Ep #185)★Topics★Learn Service MeshMeshery Docker Extension MeshMap Service Mesh Patterns Book★Nic Jackson, Principal Developer Advocate, HashiCorp★Nic on TwitterNic on LinkedinNic Jackson on YouTube Shipyard website★Lee Calcote, Founder and CEO, Layer5★Lee on TwitterLee on Linkedin★Join my Community★Best

Bret is joined by Liz Rice, Chief Open Source Officer at Isovalent, the makers of Cilium, to discuss Cilium and eBPF. Liz Rice is back to give us more insight into eBPF and the Cilium project. Isovalent is the company that created and manages the Cilium Project, which does an increasing number of things for Kubernetes, including networking, CNI support, security, advanced networking stuff, and observability, as well as other things like load balancing. Liz is one of my go-to experts on how low-level Linux internals work. She's been speaking about container internals since the early days of Docker.Streamed live on YouTube on September 8, 2022.Unedited live recording of this show on YouTube (Ep #183)★Topics★Cilium websiteIsovalent websiteeBPFNetwork Policy Editor★Liz Rice★Liz Rice on TwitterLiz Rice's websiteBooks on Containers, eBPF, Kubernetes and Go★Join my Community★ Best coupons for my Docker and Kubernetes coursesChat with us and fellow students on our Discord Server DevOps FansHomepage bretfisher.com

Going to KubeCon? Me too! We're planning a meetup on my Discord server #kubecon channel.The Loot Box is Live! Get your DevOps and tech-inspired t-shirts, mugs, and more.Bret is joined by Shauli Rozen, CEO and Co-Founder of ARMO, creators of Kubescape. Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer, and image vulnerability scanning.I'm a fan of tools like this and specifically of Kubescape, which I use and recommend to my clients. The scanner can scan your YAML manifests of your Kubernetes resources. It can scan your live Kubernetes clusters. And it can scan the YAML in your Git repos, as well as the images themselves that you're deploying to Kubernetes. As ARMO calls it, it's a single pane of glass into your Kubernetes security. Streamed live on YouTube on September 1, 2022. Includes demos.Unedited live recording of this show on YouTube (Ep #182)★Topics★Kubescape's GitHub K8s Security Dashboard ARMO website★Sh

Going to KubeCon? Me too! We're planning a meetup on my Discord server #kubecon channel.The Loot Box is Live! Get your DevOps and tech-inspired t-shirts, mugs, and more.Bret is joined by Martin Wimpress and Pieter van Noordennen from Slim.ai to discuss some ways to slim down your Docker images and reduce the attack surface of your containers in the process.Many companies and projects have tried to do similar things before - Slim Images, Alpine Images, Distro List, Build Packs, and even Docker tried a few years back, to create intelligence and guidance around migrating legacy apps into slim production quality images. Those efforts were scrapped in 2019. The dual mandate of generating Docker images - easy to understand and as minimal as possible, with the lowest CVE vulnerability count - was not achieved by any of those projects. Automation and intelligence like Slim.ai is the future of building container images and also the future of complex monoliths and legacy apps with a lot of dependencies.Streamed live on

Going to KubeCon? Me too! We're planning a meetup on my Discord server #kubecon channel.The Loot Box is Live! Get your DevOps and tech-inspired t-shirts, mugs, and more.Bret is joined by Dmitriy Kalinin and John Ryan, software engineers at VMWare, to show off the many Carvel project tools.Carvel provides a set of reliable, single-purpose, composable tools that aid in your application building, configuration, and deployment to Kubernetes. The Carvel project includes tools for templating, image building and tracking, secrets management, app deploying and more. The tool list includes ytt, kapp, kapp-controller, kbld, imgpkg, vendir, and kwt.Streamed live on YouTube on July 14, 2022.Unedited live recording of this show on YouTube (Ep #178)★Topics★Carvel websiteCarvel on Twitter★Dmitriy Kalinin★Dmitriy Kalinin on Twitter★John Ryan★John Ryan on Twitter★Join my Community★Best coupons for my Docker and Kubernetes coursesChat with us on our Discord Server Vital DevOpsHomepage bretfisher.com ★ Support this podca

Going to KubeCon? Me too! We're planning a meetup on my Discord server #kubecon channel.The Loot Box is Live! Get your DevOps and tech-inspired t-shirts, mugs, and more.Bret goes through his top recommendations for securing container images, Docker containers and Kubernetes pods.This is a tip-packed show where Bret lists much of what's documented in his courses, starting with the first steps you should take, and the bare security necessities that everyone should be doing. Then he covers more advanced security activities you should consider once the basics are covered.Streamed live on YouTube on July 7, 2022.Unedited live recording of this show on YouTube (Ep #177).★Topics★Bret's Container Security AMADocker Security DocsDocker Buys AtomistSlim.ai website: Auto-slimming imagesDocker Slim toolKubescape websiteKubernetes Security ContextSeccomp by defaultLint all files with super-linterDatree K8s file scanKubernetes BenchmarkMy GitHub Actions examples: Automate your builds, CVE scans, and moreVideo on building a

Going to KubeCon? Me too! We're planning a meetup on my Discord server #kubecon channel.The Loot Box is Live! Get your DevOps and tech-inspired t-shirts, mugs, and more.Bret is joined by Marc Campbell of Replicated to discuss the challenges of deploying your software on other people's Kubernetes.Following a discussion of the problems Replicated is solving, they go over all the great open source projects they are developing for deploying, managing, and troubleshooting Kubernetes.Streamed live on YouTube on June 23, 2022.Unedited live recording of this show on YouTube (Ep #175).★Topics★Replicated Replicated OSS Projects Kubernetes TroubleshooterSchema Hero Kubelist podcast, CNCF project leader interviewsEnterprise Ready assessment and podcastkURL - Customize your Kubernetes Installer KOTS - Manage COTS on K8s Find Outdated ImagesUnfork your custom Helm charts ★Marc Campbell★Marc Campbell on Twitter★Join my Community★Best coupons for my Docker and Kubernetes coursesChat with us on our Discord Server Vital DevOps

Bret is joined by Guillaume Tardif and Felipe Cruz of Docker Inc. for a deep dive into Docker extensions.Docker Extensions are a favorite new feature. Guillaume and Felipe are both engineers at Docker and they walk us through how extensions came about, how to install them, and how to submit them to the marketplace.By the time Docker released extensions at DockerCon in May 2022, there were already a dozen solid extensions, including a disk manager, log explorer, and other third-party tools like Portainer, Snyk, and Anchor. Docker extensions will be most helpful to people who use Docker Desktop.Streamed live on YouTube on June 16, 2022.Unedited live recording of this show on YouTube (Ep #174). Includes demos.★Topics★Docker Extensions homepageDocker Extensions announcement at DockerCon 2022Build your first Docker ExtensionSubmit your extension for the MarketplaceVackup, an example custom extensionExtension SDKOther Extension resources★Guillaume and Felipe★Guillaume Tardif on TwitterFelipe Cruz on Twitter★Join my

Bret is joined by Nirmal Mehta, a Principal Specialist Solution Architect at AWS, and a Docker Captain, to discuss Karpenter, an autoscaling solution launched by AWS in 2021. Karpenter simplifies Kubernetes infrastructure by automating node scaling up and down, giving you "the right nodes at the right time."Autoscaling, particularly for Kubernetes, can be quite a complex project when you first start. Bret and Nirmal discuss how Karpenter works, how it can help or complement your existing setup, and how autoscaling generally works.Streamed live on YouTube on June 9, 2022.Unedited live recording of this show on YouTube (Ep #173). Includes demos.★Topics★Starship Shell PromptBret's favorite shell setupKarpenterKarpenter release blogK8s Scheduling ConceptsOther types of autoscalers:Horizontal Pod AutoscalerVertical Pod AutoscalerCluster Autoscaler★Nirmal Mehta★Nirmal on TwitterNirmal on LinkedIn★Join my Community★Best coupons for my Docker and Kubernetes coursesChat with us on our Discord Server Vital DevOpsHomepa

Bret is joined by Laura Tacho, an engineering leadership coach, to discuss measuring your team's performance with DevOps metrics (DORA) and the new SPACE framework. Team Performance is one of Bret's favorite topics, and it should be everyone's concern.Laura and Bret discuss soft skills, how to implement DORA DevOps metrics, the new SPACE framework, as well as common pitfalls people make when attempting to implement those measurements. Streamed live on YouTube on June 2, 2022.Unedited live recording of this show on YouTube (Ep #172).★Topics★Laura's course on High-Performing Software TeamsDORA (DevOps Research and Assessment)DORA MetricsDORA DevOps Quick CheckSPACE frameworkGoodhart's lawDeveloper ExperienceDevOps HandbookAccelerate Book★Laura Tacho★Laura's homepage and NewsletterLaura on TwitterLaura on the GitHub blog★Join my Community★Best coupons for my Docker and Kubernetes coursesChat with us on our Discord Server Vital DevOpsHomepage bretfisher.com ★ Support this podcast on Patreon ★