Our great sponsors
-
sysbox
An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
We’ve been using Sysbox (https://github.com/nestybox/sysbox) for our Buildkite based CI/CD setup, allows docker-in-docker without privileged containers. Paired with careful IAM/STS design we’ve ended up with isolated job containers with their own IAM roles limited to least-privilege.
-
> They claim that "standard containers" cannot run a full OS. ... this works just fine with rootless podman and, more recently, rootless docker.
> Anyone who wants unprivileged system containers might want to look into rootless docker or podman rather than this.
Perhaps I'm missing something, but I have been running full OS userlands using "standard containers" in production for years, via LXD[1].
-
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
platform-compat
Roslyn analyzer that finds usages of APIs that will throw PlatformNotSupportedException on certain platforms.
Except afaict SecureString doesn't reliably do that and shouldn't be used. https://github.com/dotnet/platform-compat/blob/master/docs/D...
Related posts
- Log literally everything a PS1 script is doing?
- What is the basic that you should know about kubernetes to be considered in an SRE role?
- crun: A fast and lightweight fully featured OCI runtime and C library for running containers
- how to take multiple events and send a single email
- PiiString .NET type for personally identifiable information (PII)