nicdex @nicdex

0 posts0 participants0 posts today

Replied in thread

**jmsfbs** @jaforbes@mastodon.social · Nov 2, 2024

Nov 2, 2024

This is so damn cool. Relatively secure docker in docker with very an isolated docker daemon context and low overhead. A great alternative to MicroVM's like #Firecracker.

https://www.docker.com/resources/docker-in-docker-containerized-ci-workflows-dockercon-2023/

I love the presentation style too. I followed along in my terminal and everything worked. So much more helpful for me than "go to this website to learn more".

DockerDocker-in-Docker: Containerized CI Workflows | DockerDocker-in-Docker (DinD) is a technique to run Docker containers inside another Docker container. DinD makes it easy to create an isolated environment for each application or service under test in a CI platform. Learn the basics of DinD, its benefits, and use cases in this presentation.

#dind #microvm

Replied in thread

**Mark Crocker** @mcrocker@indieweb.social · May 13, 2024

May 13, 2024

Mark Crocker @mcrocker@indieweb.social

@deliverance If #Kaniko is not your speed, You can still do better than #DinD by using #PinD or even #PinP

How to use Podman inside of a container
https://www.redhat.com/sysadmin/podman-inside-container

This way you don't need a daemon, and you can run rootless.

Enable Sysadmin · Jul 1, 2021How to use Podman inside of a containerHave you ever wondered about running Podman in a container: Podman in Podman, Podman in Docker, or even Podman in Kubernetes?

Replied in thread

**Dis** @dis · Jan 15, 2023

Jan 15, 2023

Dis @dis

@fyw321 @geerlingguy My 8 node cluster costs around 55W via POE. It is 3 pi4 8G control+worker nodes, and 5 pi4 4G worker-only nodes (1 is actually 8G.)

Storage is #iscsi on spinning rust on #TrueNAS, but you can do all this on local disks.

It handles a LOT:
- #Promstack, #FluxCD, #Calico, various scrapers
- #Adguard
- #Blocky (another adblocking #dns)
- #Jellyfin
- #Ombi, Prowlarr, *arr, Deluge
- Home automation helpers (#ser2sock instances, #zigbee/#zwave 2mqtt, but not HA itself)
- #Argo for builds (deprecated in favor of the x64 cloud lab. Building x64 docker containers on arm is BAD)
- Democratic CSI for iscsi/nfs
- #GoHarbor container registry & #dockerhub cache
- #Mealie recipe manager
- #Monica contact manager
- #SMTP relay to gmail
- #Ubiquiti console (bootstrapping becomes a chicken and egg problem though, if it goes down wrong)
- #Wireguard #VPN server
- #Whoogle
- #VisualStudioCode and a #dind sidecar
- SSL termination for most of the rest of the network

Continued thread

**The one with the headscarf** @braid@alpaka.social · Jan 2, 2023

Jan 2, 2023

The one with the headscarf @braid@alpaka.social

It's just that the test setup is cursed:

The tests run on #GitLab runners using the #Docker executor in privileged mode. This enables us to start a #KVM based #AVD for Android tests and to deploy all individual homeserver implementations using #DinD.

In order to get better debugging information, the headless virtual screen is recorded via #VNC in order to record all ongoing tests for later use.

Some people told us they don't like our tests.

Recent searches

Search options

Administered by:

Server stats:

#dind