Share this page!

Ivan Velichko Profile picture
Twitter logo
Feb 18 3 tweets 1 min read
Great news, everyone! I've got the engine for my courses & labs platform done ❤️‍🔥

It's a full-blown distributed system with Firecracker on the very end and a Nuxt app on the front.

Here is what three months of nights and weekends look like (the design is not final, of course) 👇
On to the content now!

Think of it as my blog, LeetCode, and Katacoda combined. Or maybe even CodinGame at times (if you know what I'm talking about).

It's gonna be a totally different learning experience for everyone who wants to master containers, Kubernetes, and the like 🚀
patreon.com/posts/learn-by…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Ivan Velichko

Ivan Velichko Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @iximiuz

Ivan Velichko Profile picture
Dec 9, 2022
Want to master Docker and become a container expert
...but don't know how to even start? 🔽

Here is the learning order that helped me:

1. Containers: how Linux does them
2. Images: why they are needed
3. Managers: many containers, one host
4. Orchestrators: many hosts, one app
Following high-level Docker tutorials and how-tos kept me thinking containers are just lightweight virtual machines for quite a while.

Looking at you "docker run -it debian bash" 👀

In actuality, most containers are just regular (but isolated and restricted) Linux processes.
Typical Docker workflows can also trick you into thinking that images come before containers.

In actuality, you don't need an image to run a container - you just need a folder with the future container fs and a config file.

But images solve the storage and distribution problems
Read 9 tweets
Ivan Velichko Profile picture
Dec 2, 2022
How To Grasp Container Networking 🧵

A tricky topic... Container networking can feel like magic at times. But it's not!

Rather it's a bunch of more primitive "LEGO bricks" like net namespaces, veth pairs, and bridges combined into a handy (but complex) higher-level abstraction. Image
Through the networking lens, every container represents a tiny little server with its own IP address.

Containers on a single host are attached to the same bridge (aka virtual switch) and can talk to each other on L2 (Ethernet) and L3 (IP) layers.

More 👇 iximiuz.com/en/posts/compu…
While packet routing between containers on a single host is often trivial, forwarding traffic originated in containers to the outside world and vice versa is trickier.

Typically, it's solved with a bunch of iptables rules.

Your iptables skills are shaky? iximiuz.com/en/posts/layma…
Read 6 tweets
Ivan Velichko Profile picture
Nov 30, 2022
How To Publish a Port of a Running Container 🧵

Docker (rightfully) doesn't allow that. So, what are the options?

- Restart it, potentially from a committed state 🥱
- Modify container's configs and restart dockerd 🙈
- Call <container_ip>:<port>
- Write some iptables

...or 👇
Brush up your containers and networking skills and create an elegant solution!

- Containers in the same network can talk to each other using their IP addresses
- You can "connect" any two sockets using a user-space proxy like socat

Solution: create a helper forwarder sidecar!
By publishing a sidecar's port to the host and using a proxy process to forward data between this port and the target container, you're efficiently publishing the target's port (with an extra hop).

Works in many runtimes:
- Docker Engine & Desktop & Compose
- containerd, nerdctl
Read 4 tweets
Ivan Velichko Profile picture
Nov 29, 2022
What Happens When You Publish a Container's Port? 🧵

"Port publishing" seems to be a term coined by Docker.

But "port forwarding" aka "port mapping - as a form of socket redirection - was a well-known trick well before the invention of containers.

How are the two different? Image
First, a little bit of computer networking theory 🤓

There are two main ways to "redirect sockets":

- With a two-sided proxy forwarding payload data only
- With an L3 packet modification (dest address change)

Port forwarding can be implemented in user- and kernel space. Image
Back to Docker and containers 🤠

Typically, every container has its own IP address. In Docker Engine, this IP is even directly routable from the host. But it may be changing!

Hence, `docker run` offers the `--publish` flag to map a fixed host's address to a container's address. Image
Read 7 tweets
Ivan Velichko Profile picture
Nov 21, 2022
Why I wrote yet another container debugger 🧵

I work with containers a lot, and they often misbehave. My typical debugging needs include:

- Running an interactive shell in a container
- Using not-installed debugging tools
- Forwarding container ports to the host system
- etc. Image
I researched the available tools and non of them satisfied my needs fully.

My criteria:

- Portability: one tool for many runtimes (docker, containerd, k8s).
- Completeness: one tool for exec, net, and fs use cases.
- Unified UX: different runtimes but same command behavior.
So, I started my own container debugger project:

github.com/iximiuz/cdebug 🧙‍♂️

cdebug is designed to be a multi-platform marketplace for container debugging commands.

The following runtimes are/will be supported:

- Docker
- containerd
- Kubernetes
- Kubernetes CRI
- more? Image
Read 7 tweets
Ivan Velichko Profile picture
Nov 3, 2022
Computer Networking For Developers 🧵

Need to get into networking but all materials you find feel like they are written for bearded networking gurus?

I've got a bunch of "different" articles for you! Written by a developer for fellow developers 👇 Image
1. Computer Networking Introduction: Ethernet and IP

A heavily-illustrated comic-like article - a foundation for further learning. I wish I had something like it when I was studying the networking basics in college.

With a bunch of easy-to-follow labs!

iximiuz.com/en/posts/compu…
2. Bridge vs. Switch: What I Learned From a Data Center Tour

Wondering why a dev may need this kind of knowledge?

The answer again is - Containers and Kubernetes. If you want to understand how and why container networking works the way it is, read on!

iximiuz.com/en/posts/bridg…
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(