Vital DevOps: Improving Your Container DevOps Skills

By Bret Fisher

Commentary on tools and techniques I find interesting around Docker, Kubernetes, Cloud Native DevOps, and DevSecOps.

Commentary on tools and techniques I find interesting around Docker, Kubernetes, Cloud Native DevOps, and DevSecOps.

By subscribing, you agree with Revue’s Terms of Service and Privacy Policy and understand that Vital DevOps: Improving Your Container DevOps Skills will receive your email address.






What's New: Discord Chat, Docker 20.10, Big Udemy Sale

I've started my Discord server to create a community focused on DevOps and containers. I think Discord is the future of open community chat, and I find it much better for communities then Slack, with a lot of IRC-like moderation and bot features. Come join us…


🎉Join Me On Patreon! Important Changes to This Newsletter

Not everything I create will fit into a Udemy course, so Patreon will be the place for getting all that stuff, mostly free, but also some new member-only benefits and content.I've also been trying to answer two questions I get from students:How do you know wh…


Vote for my Patreon benefits + Cloud Kubernetes updates

Soon I'll be launching my Patreon page after months of work on making a membership worth paying for. It'll be where you can follow all my updates from everything I'm creating around containers and DevOps (way more then just this newsletter) and get exclusive …


HNY! My Best Videos and Resources

In 2019 we shipped two new courses and made a major update to our flagship, and we've got big plans for updates and new courses in 2020. Coupons in the links below for a new years sale!


Being More Productive With Kubernetes

GitOps is an operations model that has a single source of truth. This source is where your desired system state is expressed so that a differencing tool can recognize changes, test them, and deploy them. This workflow is especially useful in Kubernetes cluste…


Dependency Scanning for Common Vulnerabilities

Following down my list of Docker security concerns, dependency scans can be integrated at various parts of your development. A dependency scan is a run through of your code to see if your dependencies have any documented vulnerabilities. These scans are best …


Cool Stuff From KubeCon

KubeCon offered "Lightning Talks", which were quick lectures meant to get right to the point and provide the audience with helpful knowledge ranging from troubleshooting tips, to how to donate projects to the CNCF, and everything in-between. The first video s…


Ask Kelsey Hightower Your Questions Live Tomorrow

I'm excited to announce that on my YouTube Live tomorrow I'll have Kelsey Hightower from Google and Jérôme Petazzoni, a Kubernetes trainer. It's gonna be focused on the future of Kubernetes, so go here and click the remind me so you can join us and ask questi…


Kubernetes Mastery Launches for Black Friday!

🐳🎉🍾 Get the course now with my best Black-Friday coupon and a 30-day money-back guarantee!


Prevent Your Container Apps From Running As Root

When a container runs an instance of an image, unless otherwise specified, the application is running as root inside the container. I'm sure you've been told that your apps shouldn't run as root, and that's still true in containers. We should be changing this…


Docker Inc Splits! Join Us for Discussing the Future of Docker

See you there!BretWeekly YouTube Live: Coupons:


Measuring Configuration Security With Docker Bench

Today we are focused on Docker Bench. This scanning tool can be run as a Docker container so the test can be spun up and run very quickly. I cover this benchmark tool in my recent YouTube Live show where I listed my security best practices.


Docker Defaults Can Improve Security

By using the default out of the box settings with Docker, we gain access to a tight knit secure platform that provides many resources to keep your app safe. These resources include security tools enabled out of the box, like AppArmor, and seccomp which are to…


Lock down your Docker apps

It's kind of a flawed question, no system can be truly secure unless you unplug your machine and throw it in Davy Jones Locker on the bottom of the sea floor. The only thing we can do is take steps to hardening and safeguarding our environment to ensure we ar…


New Docker Feature: Change Your Context!

Keeping up with the latest updates in the 19.03 release, we covered a topic called “fast context switching”. A context is the configuration in which we interact with Docker, Swarm, or Kubernetes on a specific server. Context switching allows you to quickly ch…


DevOps and Docker Updates - Rootless Docker

With the 19.03 release of Docker came added functionality, security, and flexibility. As an operator, security is at the forefront of importance. It can positively or negatively affect your organizations safety, trustworthiness, and financial state. By runnin…


DevOps and Docker Updates - Kubernetes Teaser

CRD's are now a fully stable "GA" feature, and that means every complex app that you would want to run on Kubernetes will get it's own "kubified" or "kuberized" plugin (what's the right verb here), that gives you simple kubectl commands to deploy, upgrade, an…


Raft in Kubernetes and Swarm Pt. 3: Backup the Raft

Since Swarm has a built-in Raft database (called Raft logs), this is cut and dry, you just need to backup everything in /var/lib/docker/swarm on a Manager node.The negatives are that 1. That Manager's Docker Engine should be stopped during file backups, which…


Raft in Kubernetes and Swarm Pt. 2: Building for Fault Tolerance

Fault Tolerance takes many forms, because there are many fault domains (also called failure domains) to consider. When we're discussing server cluster design, particularly in the cloud, we're usually limiting the conversation to node fault tolerance (for your…


Raft in Kubernetes and Swarm Pt. 1: The Raft Algorithm

Kubernetes uses the etcd key-value store for its control plane (Master) database, and Docker Swarm Managers use a built-in data store that is similar to etcd. Both use the Raft Algorithm to communicate between these control plane nodes safely and make decisio…