Docker Zen: Achieving true minimalism with “distroless” images

Docker Zen: Achieving true minimalism with “distroless” images

Most Docker images build on full Linux distributions containing about a hundred MB of unnecessary complexity, adversely affecting the time and expense of data transfer, compliance scope, and security profile. This overhead may seem like a necessary evil, but by using multi-stage builds and Google’s “distroless” base images we can build runtime images that are the next best thing to FROM scratch. Small is beautiful There’s a certain elegance to minimal Docker images. A kind of Zen simplicity that goes…

Read More Read More

Running JVMs in Kubernetes

Running JVMs in Kubernetes

UPDATED 7 Dec 2017 to reflect the experimental cgroup compliance flag available in JDK 9 and later builds of JDK 8. Containers are all the rage, and there’s good reason for that: they’re lightweight, they’re portable, they offer a lot of environmental consistency. They can be tricky, though… many a developer has confused containers for virtual machines. While containers can look and feel every bit like a full VM, they absolutely, positively definitely, are not. In actuality, all of the…

Read More Read More

My very first post

My very first post

From time to time, I get to do something cool that I feel like sharing, or I figure something out that somebody might find useful. Hell, even getting this blog working with TLS in Kubernetes was a little mini-adventure. I figured, after saying again and again that I should write some of these things down, that I’d finally get around to doing exactly that. Maybe, just maybe, somebody might even find something I put out there to be helpful.