Ivan Velichko's Avatar

Ivan Velichko

@iximiuz.bsky.social

Software Engineer. Educator. Entrepreneur. Bootstrapping labs.iximiuz.com - a learning platform to help you master Linux, Containers, and Kubernetes πŸš€

1,215 Followers  |  196 Following  |  110 Posts  |  Joined: 25.07.2023  |  1.8857

Latest posts by iximiuz.bsky.social on Bluesky

Post image

Following up on my etcd playgrounds, here is a sneak peek of my latest work: a @containerd.dev‬ playground.

As usual, it will be available on @iximiuz.bsky.social labs soon.

24.06.2025 13:29 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
screenshot of a terminal running the labctl playground start command to create a new kubernetes cluster

screenshot of a terminal running the labctl playground start command to create a new kubernetes cluster

Starting some more looking into k8s things the way I usually do now, with a nice ephemeral k8s-omni playground from @iximiuz.bsky.social

30.05.2025 17:52 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
MΓ‘rk SΓ‘gi-KazΓ‘r (@sagikazarmark.com) 1/4 Secret management is a critical yet often overlooked aspect of DevOps. (Raise your hand if you've ever intentionally committed secrets to a Git repository.) This is why I've begun creating a series of educational content on the subject.

Following up on my previous post, here is another tutorial about operating @openbao-official.bsky.social and @hashicorp.com Vault on @iximiuz.bsky.social Labs.

Auto Unseal OpenBao/Vault with the Transit Secrets Engine: labs.iximiuz.com/tutorials/o...

bsky.app/profile/did...

19.05.2025 18:42 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

1/4 Secret management is a critical yet often overlooked aspect of DevOps. (Raise your hand if you've ever intentionally committed secrets to a Git repository.)

This is why I've begun creating a series of educational content on the subject.

17.05.2025 15:51 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

TIL that adding CAP_SYS_ADMIN to a k8s pod has different behaviour depending on the backing CRI. With Containerd it does nothing (you need to call it SYS_ADMIN) but on CRI-O it will add ok. Also TIL k8s doesn't validate the capabilities you add to pods!

21.04.2025 20:15 β€” πŸ‘ 24    πŸ” 2    πŸ’¬ 2    πŸ“Œ 0

Great research! Looking forward to a blog post!

22.04.2025 18:34 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Well done! It would be nice to see a custom cover image for this post. I'm a big fan of colorful diagrams, you know :)

08.04.2025 09:51 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Containers are processes | iximiuz Labs In this brief tutorial we'll explore the idea that Docker containers are just processes, from the perspective of the operating system. Based on this Securitylabs blog post https://securitylabs.datadog...

Experimenting with using @iximiuz.bsky.social labs for interactive blog content, so I re-worked one of my container security fundamentals blogs labs.iximiuz.com/tutorials/co... . Interested in any feedback on what people reckon to the format :)

08.04.2025 09:46 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 2    πŸ“Œ 0

This is the way! πŸš€

02.04.2025 10:26 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
A Visual Guide to SSH Tunnels: Local and Remote Port Forwarding SSH port forwarding explained in a clean and visual way. How to use local and remote port forwarding. What sshd settings may need to be adjusted. How to memorize the right flags.

A Visual Guide to SSH Tunnels: Local and Remote Port Forwarding - Article by Ivan Velichko @iximiuz.bsky.social #Network #SysAdmin

28.03.2025 20:10 β€” πŸ‘ 11    πŸ” 5    πŸ’¬ 1    πŸ“Œ 0

That’s great news! Looking forward to dive 2.0!

27.03.2025 10:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Page title

Great question! Not really. I'm looking for a good tool like that myself. Dive is aging, and its more or less maintained fork was also archived a couple of days ago github.com/joschi/dive. And ima.ge.cx/ghcr.io/eda-... fails for your image, too :)

26.03.2025 19:49 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Video thumbnail

labs.iximiuz.com a browser-based env's where anyone, from beginners to experienced engineers, can get hands-on experience with containers, K8S, DevOps tools, CI/CD pipelines, observability & loads more.

Listen to @iximiuz.bsky.social how it's all started, current adaption: youtu.be/kHjAW7f0EPo

23.03.2025 18:48 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

Please join me and thank @iximiuz.bsky.social for giving us a bunch of free premium accounts we can give away to our viewers on our twitch channel ! First two will be offered today !!
@iximiuz.bsky.social really rocks ! Please take a look at his amazing labs !

03.03.2025 14:06 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

Most of the issues with container images are not b/c of the app being containerized but a poorly written/structured docker file @iximiuz.bsky.social Kyle Quest will offer optimizations for improvements in size, security, & build speed, check out: gooddockerfiles.com

24.02.2025 15:57 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

@iximiuz.bsky.social's journey of transitioning from traditional textual and visual explanations in his blog posts to creating interactive, reproducible tutorials -> labs.iximiuz.com has attracted 18,000 registered users, with around 2,000 active users per month.

Full Ep -> youtu.be/kHjAW7f0EPo

19.02.2025 14:13 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

Kubernetes "native" sidecars are slated for GA in 1.33, so it's a good time to brush up on how (and why) to use them.

Solve this practical challenge by reworking a flawed pod, making it use a native sidecar:

> Kubernetes Pod With a Faulty Init Sequence

labs.iximiuz.com/challenges/k...

18.02.2025 11:55 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Trying my best :) It’s simply a matter of iterating on it long enough

13.02.2025 14:12 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Thank you for the shoutout, Martin!

13.02.2025 10:02 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

If you are into #docker and #containers you must check @iximiuz.bsky.social feed. His content is amazing.

13.02.2025 09:28 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image

Works for me πŸ™ˆ

09.02.2025 20:21 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
CKA Practice: Upgrade Multi-Node Kubernetes Cluster | Challenge This exercise tests your ability to safely upgrade a multi-node Kubernetes cluster from version 1.30 to 1.31 following the standard upgrade procedure.

Unpopular opinion: The main value of CKA, CKAD, and CKS is not in the certificate itself but in the preparation phase.

Having said that, allow me to present a new iximiuz Labs challenge by Adam Leskis πŸ‘

CKA Practice: Upgrade Multi-Node Kubernetes Cluster
labs.iximiuz.com/challenges/c...

09.02.2025 11:46 β€” πŸ‘ 9    πŸ” 4    πŸ’¬ 1    πŸ“Œ 0
Post image

It's very easy to start a Docker container:

docker run nginx β˜‘οΈ

But can you explain what actually happens when you run this command?

I prepared a Docker 101 challenge that helps you explore the internals of Linux containers - check it out: labs.iximiuz.com/challenges/s...

05.02.2025 13:11 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Limit CPU and Memory Usage of a Linux Process | Challenge Start a Linux process and limit its CPU and memory usage with cgroups.

How to Limit CPU and Memory Usage of a Linux Process πŸ”½

Of course, using cgroups! But there is a number of ways to do it:

- Manually editing the cgroupfs filesystem
- Using libcgroup's cgcreate and cgexec
- Using the mighty systemd-run

Practice here πŸ‘‰ labs.iximiuz.com/challenges/l...

03.02.2025 19:49 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

k'exp by @iximiuz.bsky.social is a visual Kubernetes explorer #madewithvuejs that lets you explore Kubernetes capabilities & helps you with application development ✨ - https://madewithvuejs.com/kexp

02.02.2025 12:28 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

How do you containerize a Python app the right way? πŸ€”

Building small and secure images for Python projects is surprisingly hard:

- Which base image to choose?
- How to manage dependencies?
- How to structure the Dockerfile?

Learn more (with solutions): labs.iximiuz.com/challenges/d...

01.02.2025 18:24 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

Container images to avoid in production - part II:

python:3

Yes, it's a Docker Official Image, and it's a good image to build your app, but:

- It has TWO pythons inside 🐍 x 2 = 🀯
- It brings 800MB+ of dev/build packages.

What to use instead in production πŸ‘‰ python:3-slim

27.01.2025 14:28 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

SSH Tunnels: An age-old trick that's still widely used

- Expose a local service to the Internet
- Map a remote service to a local port
- Query an AWS RDS database with a local GUI client
- Access a server in your private VPC from a dev machine

...and a lot more. Visual memo πŸ‘‡

24.01.2025 17:33 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
What's Inside Distroless Container Images: Taking a Closer Look | iximiuz Labs What are these distroless images, really? Why are they needed? What's the difference between a container image built from a distroless base and a container image built from scratch? Let's take a deepe...

Learn more about distroless container images in my latest post:

labs.iximiuz.com/tutorials/gc...

23.01.2025 17:52 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

What's Inside Distroless Container Images: Taking a Closer Look 🧐

Distroless images come in many flavors, and it might not be obvious which one (if any!) is the best fit for your application.

Here is my attempt to explain the difference and use cases on a single diagram:

23.01.2025 17:52 β€” πŸ‘ 6    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

@iximiuz is following 20 prominent accounts