jmsfbs<p>This is so damn cool. Relatively secure docker in docker with very an isolated docker daemon context and low overhead. A great alternative to MicroVM's like <a href="https://mastodon.social/tags/Firecracker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Firecracker</span></a>.</p><p><a href="https://www.docker.com/resources/docker-in-docker-containerized-ci-workflows-dockercon-2023/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">docker.com/resources/docker-in</span><span class="invisible">-docker-containerized-ci-workflows-dockercon-2023/</span></a></p><p>I love the presentation style too. I followed along in my terminal and everything worked. So much more helpful for me than "go to this website to learn more".</p><p><a href="https://mastodon.social/tags/dind" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dind</span></a> <a href="https://mastodon.social/tags/microvm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>microvm</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome
Administered by:
Server stats:
4.9Kactive users
techhub.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.8
#dind
0 posts · 0 participants · 0 posts today
Mark Crocker<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@deliverance" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>deliverance</span></a></span> If <a href="https://indieweb.social/tags/Kaniko" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kaniko</span></a> is not your speed, You can still do better than <a href="https://indieweb.social/tags/DinD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DinD</span></a> by using <a href="https://indieweb.social/tags/PinD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PinD</span></a> or even <a href="https://indieweb.social/tags/PinP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PinP</span></a></p><p>How to use Podman inside of a container<br><a href="https://www.redhat.com/sysadmin/podman-inside-container" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhat.com/sysadmin/podman-ins</span><span class="invisible">ide-container</span></a></p><p>This way you don't need a daemon, and you can run rootless.</p>
Dis<p><span class="h-card" translate="no"><a href="https://nofan.xyz/@fyw321" class="u-url mention">@<span>fyw321</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@geerlingguy" class="u-url mention">@<span>geerlingguy</span></a></span> My 8 node cluster costs around 55W via POE. It is 3 pi4 8G control+worker nodes, and 5 pi4 4G worker-only nodes (1 is actually 8G.)</p><p>Storage is <a href="https://techhub.social/tags/iscsi" class="mention hashtag" rel="tag">#<span>iscsi</span></a> on spinning rust on <a href="https://techhub.social/tags/TrueNAS" class="mention hashtag" rel="tag">#<span>TrueNAS</span></a>, but you can do all this on local disks.</p><p>It handles a LOT:<br />- <a href="https://techhub.social/tags/Promstack" class="mention hashtag" rel="tag">#<span>Promstack</span></a>, <a href="https://techhub.social/tags/FluxCD" class="mention hashtag" rel="tag">#<span>FluxCD</span></a>, <a href="https://techhub.social/tags/Calico" class="mention hashtag" rel="tag">#<span>Calico</span></a>, various scrapers<br />- <a href="https://techhub.social/tags/Adguard" class="mention hashtag" rel="tag">#<span>Adguard</span></a><br />- <a href="https://techhub.social/tags/Blocky" class="mention hashtag" rel="tag">#<span>Blocky</span></a> (another adblocking <a href="https://techhub.social/tags/dns" class="mention hashtag" rel="tag">#<span>dns</span></a>)<br />- <a href="https://techhub.social/tags/Jellyfin" class="mention hashtag" rel="tag">#<span>Jellyfin</span></a><br />- <a href="https://techhub.social/tags/Ombi" class="mention hashtag" rel="tag">#<span>Ombi</span></a>, Prowlarr, *arr, Deluge<br />- Home automation helpers (<a href="https://techhub.social/tags/ser2sock" class="mention hashtag" rel="tag">#<span>ser2sock</span></a> instances, <a href="https://techhub.social/tags/zigbee" class="mention hashtag" rel="tag">#<span>zigbee</span></a>/#zwave 2mqtt, but not HA itself)<br />- <a href="https://techhub.social/tags/Argo" class="mention hashtag" rel="tag">#<span>Argo</span></a> for builds (deprecated in favor of the x64 cloud lab. Building x64 docker containers on arm is BAD)<br />- Democratic CSI for iscsi/nfs<br />- <a href="https://techhub.social/tags/GoHarbor" class="mention hashtag" rel="tag">#<span>GoHarbor</span></a> container registry & <a href="https://techhub.social/tags/dockerhub" class="mention hashtag" rel="tag">#<span>dockerhub</span></a> cache<br />- <a href="https://techhub.social/tags/Mealie" class="mention hashtag" rel="tag">#<span>Mealie</span></a> recipe manager<br />- <a href="https://techhub.social/tags/Monica" class="mention hashtag" rel="tag">#<span>Monica</span></a> contact manager<br />- <a href="https://techhub.social/tags/SMTP" class="mention hashtag" rel="tag">#<span>SMTP</span></a> relay to gmail<br />- <a href="https://techhub.social/tags/Ubiquiti" class="mention hashtag" rel="tag">#<span>Ubiquiti</span></a> console (bootstrapping becomes a chicken and egg problem though, if it goes down wrong)<br />- <a href="https://techhub.social/tags/Wireguard" class="mention hashtag" rel="tag">#<span>Wireguard</span></a> <a href="https://techhub.social/tags/VPN" class="mention hashtag" rel="tag">#<span>VPN</span></a> server<br />- <a href="https://techhub.social/tags/Whoogle" class="mention hashtag" rel="tag">#<span>Whoogle</span></a><br />- <a href="https://techhub.social/tags/VisualStudioCode" class="mention hashtag" rel="tag">#<span>VisualStudioCode</span></a> and a <a href="https://techhub.social/tags/dind" class="mention hashtag" rel="tag">#<span>dind</span></a> sidecar<br />- SSL termination for most of the rest of the network</p>
The one with the headscarf 🧕<p>It's just that the test setup is cursed:</p><p>The tests run on <a href="https://alpaka.social/tags/GitLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitLab</span></a> runners using the <a href="https://alpaka.social/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a> executor in privileged mode. This enables us to start a <a href="https://alpaka.social/tags/KVM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KVM</span></a> based <a href="https://alpaka.social/tags/AVD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AVD</span></a> for Android tests and to deploy all individual homeserver implementations using <a href="https://alpaka.social/tags/DinD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DinD</span></a>.</p><p>In order to get better debugging information, the headless virtual screen is recorded via <a href="https://alpaka.social/tags/VNC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VNC</span></a> in order to record all ongoing tests for later use.</p><p>Some people told us they don't like our tests.</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload