Install Helm on Mac Kubernetes
This article is the steps required to install and initialize Helm on a Mac running macOS Mojave or High Sierra
Docker
Docker uses Nginx to reverse the NodeJS server
We will use NGINX as a reverse proxy for the NodeJS server
Docker Command Memo
Some commonly used commands and functions of docker, docker-machine, and docker-compose
Docker Desktop is no longer free for business users
Starting August 31, 2021, Docker will begin to force corporate customers to sign up for a paid plan to use its popular desktop applications as part of the container company's major subscription pricing adjustments.
Kubernetes creates a private Docker registry
The private Docker Registry simplifies managing your application deployment in Kubernetes. Read my tutorial and set up your own private Docker Registry in minutes
Detailed Docker layer
What is a layer? Docker containers are the building blocks of applications. Each container is an image, and there is a read/write layer on top of a stack of read-only layers
Understand how uid and gid work in Docker containers
Understanding how user names, group names, user IDs (uid), and group IDs (gid) map between the processes running in the container and the host system is important for building a secure system. If no other options are provided, the process in the container will be executed as root
Docker limits container resource CPU usage
By default, the host CPU resources that the container can use are unlimited. Like the use of memory resources, if the CPU resources that can be used by the container are not limited, once the program in the container abnormally uses the CPU, it is likely to exhaust the CPU resources of the entire host, leading to greater disasters
Docker modify storage path
When Docker is installed by default, the /var/lib/docker/ directory will be used as the storage directory to store the pulled images and created containers, etc.
Use Clair to scan Docker images for vulnerabilities
Docker provides a docker hub that allows users to upload the created images for other users to download and quickly build the environment. But it also brings some security issues. The downloaded image is maliciously implanted into the backdoor, the image is tampered with during transmission, whether the environment built by the image contains loopholes, etc.
