Cloud Native DevOps: Live Q&A (Ep 222)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

foreign [Music] [Music] [Music] thank you [Music] thank you thank you [Music] [Music] [Music] [Music] thank you foreign [Music] foreign [Music] hello are we live hello um my name is Brett this is Matt hello Matt hi my name is Matt this is Brett we're on the opposite sides of North America we were spanning the continent and yet acting like we're in the same room we actually have same colors on our background I think you have blue we are except I'm always yellow I always yeah I I like have to pull more yellow out and I'm still yellow maybe we should just go black and white Maybe and then and then no one will notice um that's next week um so we're here for you this is the Q a show once a month we do a Cloud native q a it's what I'm calling calling it I don't know what to call it I mean that simply calling it there we go perfect um I'm I'm traveling back in time we were just talking about time travel Matt is actually from 150 years ago when they did not have color camera uh and I am time traveling um with him in this wonderful technology um but anyway this show we're we're here to answer your questions and have conversations around anything Cloud native Cloud Docker devops kubernetes security supply chain what else what else can we talk about there was an actually we didn't really come up with a lot we were going to specifically like talk about this week but I do want to get through a few announcements um this show turns into a podcast not this show not this particular episode but our guess whatever we have guests on which is usually every other week so come back on Thursdays we do a show every other week with a guest they usually teach us stuff they're showing us a tool they're teaching us about a new product or a new feature in something and we put it into a podcast so you can see uh we just released episodes on podman it was on earlier this year Falco which is one of my favorite security tools for servers uh devpod which was a new product from The Loft Group which is something on my computer now because it's probably the easiest way I know of to create a Dev machine in the cloud or locally and bring up my you know it's either it does more than Docker compose it's like Docker compose on steroids where it actually Provisions the VM where compose just cares about containers so it will provision the VM provision the cloud ec2 instance digital ocean whatever wherever you're at it'll provision that VM it'll even set shut those VMS down when you're not using them to save you cost so they call it like the open source code spaces which is the GitHub um servers that you get essentially private server so that's pretty fun devops for Dev Dev pod for Dev containers that was an episode came out last month and that seems that seemed like it was last week but that was last month um we had a docker show so if you didn't know about the podcast the link is below I'm going to throw it in the chat put that in your podcast player hello everyone that's a cue venkatesh sorry if I mispronounced that uh Martin all the regulars are here so um we had the show what else we got to talk about next month if you didn't know I'm now doing live courses Matt sadly won't be there but I'm doing courses on Maven these are live only courses the next one is this July so that would be three weeks from now on the 10th we start this course which is a one two combo punch I feel like I need a punch sound I have lots of Sounds here that's not a punch sound um and this is a course that is cheaper than Consulting but way more expensive than udemy so this is something you need to be serious about you need to just you you this is designed to help you implement these tools right then and there not something you're gonna buy and then six months watch the videos and then get around to it like that's all that's what we all do with udemy right like I don't know have you bought udemy courses Matt you're uh I have okay uh what yeah I it always came free with I mean I I mostly used it when it was uh like a free benefit of working at data dogs oh yeah yeah of course yeah udemy business or UB as yes in insiders call it UB yeah yeah that's a pretty great program uh it is just because as an employee you get thousands of courses and you could choose from like 30 different Docker courses or something like that and and it was pretty open to like everything that udemy did so I was I had uh you know some kubernetes things but I also had like passing your whatever section 143 something for drone Pilots oh yeah oh right so then you yeah if you well I mean you know there's there's businesses that do drones we have a sort of a actually pretty popular drone company here called drone up that um is headquartered here in Virginia Beach but yeah I mean there might even be meditation ones in there under the business subscription or whatever certainly stuff like um on management soft skills there's a lot of soft skill stuff on there I'm like I I like you to be business more than pluralsight because the challenge on pluralsight and this is maybe coming from the publisher side because I have friends that publish on plural site and they you have to ask pluralsight hey do you want this topic and if they already have it they tend to decline you because they don't really want you know to be fair I guess to have a course on pluralsight is awesome because you won't have a lot of competition whereas my Docker Mastery course has I think there's two to three hundred courses on Docker now um and I would say there's all of the best ones I don't know how many that is or I know there's definitely two or three of my main competing courses that are all in the udemy business so the nice thing is is on udemy business or the udemy subscription plan because there's now there's the personal subscription plan you can get oh is there now yeah yeah and you get that same set as using me business I don't even I don't even know how much it's a month I don't know what it is 20 30 bucks a month but you get that same set and the cool thing is is if you get tired of listening to me you can go over there and you can um you can listen to someone else's udemy course and it's funny because we're talking about udemy courses but I'm showing Maven uh hmm so if you're curious all my courses are over here so these four are the udemy courses and the nice thing is is I don't think I don't think my swarm course really has a competitor I don't think my node Docker for node.js really has a competitor um but those are definitely not my most popular courses like Docker Mastery is by and far it's like eighty percent of sales or that course um and this year I added the live course so if any of you are interested in live courses like this Maven one I'd love some feedback so if we go back over here so this course so these are courses that are somewhere between 500 and 800 typically and you're spending all of the course with me in Zoom so you get you get videos to watch before we get into Zoom then we all get into Zoom together we do stuff together we actually Implement stuff together we have q and we have lots of q a back and forth and then you get homework and then you go away for a couple of days and then you come back and so we're really only together like an hour and a half every other day for a couple of weeks so for those of you in chat if you're curious about this style of learning um what do you want to learn what would you pay or what could your company pay because a lot of the people that the students that I have in these courses they're getting uh you know they're getting it reimbursed by their company and the idea here is that these are technologies that you're doing now like this is this is something that you need to do now this is important and I think that's the best way to learn like I don't know about you Matt but I don't learn very well when it's something I'm not going to use anytime soon I find that I'm just not that interested in the details yeah you know yeah like teach me car repair for a gasoline engine when I have a Tesla I'm not going to be highly motivated to figure how that that that thing I'm going to be curious but I've learned that Curiosity isn't enough um right you need like a level of a little bit of passion a little bit of intensity uh to learn I mean we all learn great in the moment where like the boss says do this thing and you don't know how to do it so we're all really good at that yes um Justin Time learning yeah that just in time learning uh gentle is what I keep a friend of mine we were trying to come up with the acronym jittyl just in time learning sure um so yeah that's what this is about this is the idea here is that we're going to do this once a quarter right now this is the only topic but we might add Other Ones based on feedback um and it's a jittyl it's designed to be a gentle in fact last time we had a whole team we had four maybe five people from the same team all come at the same time and then the goal was by the time we're done you're implementing this in your real projects you're not just like learning it in samples although we do a lot of sample demo stuff you actually you're actually doing it on your real code and then you get to come back to zoom with the rest of us and get feedback on how did it worked why did it not work your particular company problems with this so I love this style of learning in fact I haven't taken a maven course yet um but if you look at like they've got AI I keep watching the AI courses because um like and the crazy thing is these aren't people that just think oh yeah I can make a course on AI this is a little bit how it's different from udemy and pluralsight these aren't particularly on udemy you have professional instructors and they're just really they might be teaching a topic that they just learned recently and it might be a good course but there they are not the industry leading expert on that thing um this tends to be the people that made it like X Google a fellow at Harvard right like these are um you know AI Creator X Google senior PM Ted speaker so when you it's like these are the these are the upper cream of of the the learning ladder I'm trying to think about analogy are you saying you're the upper dream of the docker world or the sorry the the yes I am uh github's world yeah maybe not the GitHub actions but but uh because there's lots of people that use GitHub action so um but uh it's a funny funny that you ask that the reason that my course even exists is because after trying to help multiple companies big and small implement this stuff I did it I had a ton of learning from Real World implementations um you know teams teams with five people in teams with dozens and dozens of people uh all using these tools so we needed you know one of them they cared a lot about SSO and platform engineering and then on the other one they're like there's three of us and we just care about learning and then there was all these in between companies and so I learned really over the lockdown I learned these tools during the coveted lockdown and took a made a bunch of notes made a bunch of Open Source repos that everybody can get at github.com my name which I can't seem to spell but if you go through here I'll just throw this in chat everyone if you go in there you can see a bunch of examples that are feeding these courses so I have um like any course I have chances are the the demos and the examples and all that stuff's all open source and then in these courses um I have like the GitHub actions devops templates I have GitHub actions for Docker um there's a lot in here on GitHub actions anyway so that's my course that's what I've been doing you said that uh everybody you know gathers and they talk about you know how they try to implement whatever it is they talked about in the previous session and maybe they came up with some challenges and you talked about that any of those challenges that you're able to talk about here or oh sure are they all pretty confidential no nothing's confidential I'm just kidding uh um although I don't tend to sign ndas um I do try to respect the privacy of clients so I teach you tend to generalize it the um there's definitely a lot of learnings and that's so like if you look through some even like even some of the stuff on this page talks about that Argo CD for example has lots of ways to deploy it in fact it's one of those things where there's so many different designs for deploying it that's part of the barrier is you don't know the right or best way for you to deploy it so you could just write a one-line command install in your cluster for Argo CD but that might not be the best design for you you might need a multi-cluster design you might need a design where you put it in one cluster and it controls other clusters remotely you might need one Argo per cluster so that's one of the big things we talk about in the course is like how how you can help decide which way you want to install it install it and or deploy it and we have a bunch of sample repos in fact we ended up um we ended up even I ended up creating a mock company called mostly devops so this is like a fake organization that had that we use during the course to implement a lot so in the course you'll actually create up your own organization you'll import a bunch of repos to basically simulate code and devops yaml and kubernetes manifests and then you will Implement GitHub actions and a lot of this other stuff in your own organization and then I have this sort of the sample one that is the sort of the reference architecture and we have repos on Argo CD and then we have a bunch of yaml in there on different on the different parts of it and how it installs and different so yeah there's a lot to it and that's why we spend a whole week on Argo CD because I think the hardest part with Argo is architecting it not just your installation but also your your yaml for your apps and how you architect that all so that it's as automated as possible without you re having to redesign the whole architecture six months in because you realized it was kind of hokey or it it required too much maintenance I think one of the biggest mistakes with Argo is people implement it in a way that requires a lot of PRS to deploy code and so our goal is always like you have your code PR and then you maybe have one PR more and that's the only PR that's needed for deployment and then everything else should be automated um that way you get like a code review and then you have a deployment review if you want it and it might just be as easy we even have this thing in here where we even create the pr so the robots create it it's only up to your team to approve it for deployment and um in fact it's not in here I don't think no it's over um here so under here you can see this is robots creating a update to a particular app so this is this would be the app image and it's production is the name of the environment right so it's saying it's showing you which environment is about to get what a kind of update and that's all created it says it's created by me but it's actually created by um a GitHub action and you can see the change and it's really you know like a lot of times people when they're deploying code they're just really deploying a new image version and so it's really a one-line change it's changing the tag to a different tag and so we automate that in in the course so that you essentially your developers don't have a bunch of additional work and because I think it's one of the biggest complaints we've all had about this world of kubernetes and all that stuff is we the developers seem to be saddled with a lot more responsibility now in a lot of ways and that sucks right like we've already got so much work to do why are we having to do all this other stuff as well um right and who do we have on the show recently was it uh Brandon I think I'm trying to think of who we had um we were talking about this sort of problem with um develop devops didn't mean developers have to do Ops uh news flash devops does not mean give Ops to Dem at least in terms of the responsibility I think what it really is to me is about is about allowing the two to align themselves and collaborate way more so that they can they can work together more efficiently but I think a lot of people got the message wrong in it they've been saddled with like we could fire the Ops now we don't need them anyway no Conrad's back sorry sorry that uh leave you hang in there Conrad hello Lee I see there's somebody Victor from Nigeria uh fun fact my dad partially grew up in Lagos in Nigeria cool have you been there have you been back I have not no okay no but he often had stories of you know as a uh 10 year old just wandering out of their their house in in Lagos wandering downtown on his own uh just to go to the local candy store and uh you know by I think it's a very different world than Lagos today um back when he was there yeah in the 50s and I guess 50s and 60s yeah you could say that about a lot of countries a lot of places yeah yeah um we have a question actually uh our first question here how do I create an IDP as project to Showcase my SRE skills I don't know what IDP is I assume it's not identity provider fresh I'm sorry I'm gonna use rash as your name uh apologies for that what can you help Define that question a little bit better um I'm not sure what IDP is but to create a project as showcase my SRE skills uh oh internal developer platform okay well um anything so first off I wouldn't I wouldn't narrow it to just IDP right like really what this we're asking is like what what can I do in addition to a resume to prove that I know what I'm talking about right so that's a great question because on this show we talk a lot about if you don't have the experience you you definitely want certifications that helps make up for experience or University or both um and then we were just showing off my GitHub and I'm not exactly going for a job so I don't necessarily I'm not suggesting that mine is the optimum design for what you need but think of GitHub as your resume a lot of Team managers that are looking for internal developers operators SRE devops staff build Engineers all those types of roles they're gonna probably look at your GitHub they're certainly going to Google you so once you you know your resume gets you passed HR and hopefully that gets you to the hiring manager that will actually look at your stuff that person is going to go look at your GitHub probably they're going to Google you Google you look at your socials maybe if they're public um definitely look at your GitHub or gitlab I would argue that even if you're a fan of git lab you probably should have a public GitHub profile that you put effort into so that means you're when I say effort I mean your pitcher looks like this like you have a picture step one have a picture um show your smile show that you're likable that you're personable because you're if you're going to work in these teams you're going to have to collaborate with other people so if you're a nameless faceless person on the internet you're not you don't you're not giving them the best Vibe for I'm gonna be easy to work with and helpful in my team and one of the things we talk about here when we talk about getting jobs in Tech nowadays it's not so much how much you know it's and or how much your experience is because I have 30 years of experience but someone probably doesn't care about my first 20 years of experience because that doesn't none of that experience is what I do today so um I mean I learned TCP I don't know I don't know when Matt learned that but that was a long time ago that was in the 90s I learned it when you still needed to uh install tcpip Stacks onto Windows because it didn't come with it yeah it was like demon Whiteside or BMW or something that's like that's like uh um classic Geeks nerd question there is what version of Windows first allowed TCP it was three dollars because you have to get you had to get that for oh and then there was oh Spyglass was it or spy something um and the because the browser needed some sort of TCP stack so he had to find the TCP stack first um yeah yeah it wasn't it 3-1-1 was the one that you could actually install the TCP driver like three came out and if it had networking it was probably like net buoy or net bios only right then a lot of us we all had netware and then we had Unix and Unix spoke IP so we needed to add these other Stacks so we added that we had to add the netware stack or I I call it was it changed your login screen uh all that stuff as well I think that was a little bit more like 95 Windows nt4 days but um but yeah it's like 3-1-1 I remember because we were able to finally install a TCP IP as a stack so yeah you and I learned it a long time ago yeah that's a skill that we can relate that you probably should know that really well you should know no networking really well but if you look at your GitHub profile if you were to sort of send me your GitHub profile and I go look at it and if I don't see a bunch of repos on you showing off your skills like show me how you design your terraform show me how you know you know do you know ansible do you know shell scripting have you designed um an architecture for your IDP and put it into GitHub and importantly with solid read means that imagine you've got to train your co-workers and teach them all about the idpu design so so pick a tool whatever tools you want to put into this platform build them up write great reads maybe even put videos in there that'll show your speaking skills your your ability to communicate and those are all super important in Dev teams and devops teams SRE teams they all require constant collaboration and constant knowledge sharing so one of the things I will often tell new freshers or new people straight out of university is um it matters more how you communicate share your knowledge and how you learn than it does how much you currently know in terms of like I have experience on all the clouds I don't expect you to have experience on all the clouds or even two clouds having experience on one cloud is enough and I bet you if you've learned one you can probably learn the other ones pretty quick same with development languages if you've learned one and you can write pretty decently and and one and it can just be shell scripts even for devops and SRE stuff SRE maybe is a little bit closer in some ways and a lot of SRE roles to a developer because you're kind of expected to make systems tooling so you do need to know a language or two but um devops there's a lot of devops roles like build Engineers stuff like that that they maybe don't program full-time in fact right I've been working with devops teams for decades and even before we had the term devops and scripting was a lot of times people their only skill was scripting like they weren't really full-fledged programmers they came from the ops world or the sysadmin world or the help desk world and got into devops because they they knew how to fit systems together you know how do I connect the system to that system SSH shell scripts um how do I automate this thing with tools and yeah there's some programming maybe in there if you consider shell scripting programming um but they weren't like a high-end go programmer or like a python fluent developer and they had a devops job so I would say make your GitHub awesome yep I don't know what if you have any different opinions there Matt I I think I mean that and also making a record of all the things that you I mean for for work all the things that you've worked on some of the some of the projects that you've done for work are not public um and so definitely making a record of what what did you do on I mean that's been a problem for for me I I haven't done that making a record of like all those things that I worked on um because maybe the the actual the fact that it was uh you know some some product that doesn't exist that doesn't really matter it's okay here's I had to learn this thing and we yeah what did we do with it and like even for me I I also do a lot of videos work and but so many of the videos that I made uh 12 years ago 10 years ago eight years ago I mean they just don't exist on anywhere anymore because the company I worked for at the time which was uh uh called keptaris and then got acquired by open text um they no longer they no longer want this person representing their products that left the company a decade ago um and so having a record of you know what are the things that you did so that uh yeah so it also makes it easier when you have to build out that resume or CV that uh just make a record of what you did I just forget to do that yeah I think there's a certain level of passion too especially when you're new in your career you're probably already excited about this work and that's probably why you got into it so you're excited about technology you're excited about learning and the best way to show that you are excited and that you have the passion uh because any any job I would feel like I mean every job we all have a very steep learning curve and we all start and we're all we all get that new job we're super excited and we're there's a bunch of new tools we have to learn new processes we don't know and we've never and some things that are familiar but a lot of things that aren't and we all are ramping up very quickly I don't care how long you've been in your career at least for me that's the same every new team I work with it's like okay what oh you're using these tools oh you're using these kind of servers oh you're on this cloud like there's just a a bunch that I have to learn and um when you're brand new to your career that's a even steeper learning curve so how do you show that you can handle it like you can handle the learning you can handle all this new stuff your GitHub profile like that to me like anymore I would not back in the day you and I would say blog share your knowledge on a Blog share your knowledge on a Blog that's also important but you can share all that knowledge in GitHub you can make a Blog on GitHub you can put it in the readme's of your repos if I see someone that comes in for my team and I'm looking at their resume and I'm like yeah this is pretty good they got some certifications uh you know they've done some maybe they've done some things maybe they haven't maybe they're just maybe they've got 10 certifications and zero experience and then I'm going to search them in Google and then in that first page will definitely be the GitHub link assuming that it exists and I'm going to go to the GitHub profile and if I don't see if I don't see it really fully filled out and them trying as if it's their resume if I don't see that I probably will put them at the bottom of the pile they will certainly not compete with someone who has it all filled out and has a bunch of example I like I have this idea for a shell script that automates my things or I have built this terraform because I'm tired of recreating my kubernetes clusters from scratch and they they make all this stuff and you can tell they're solving their own problems right like they're they're interested in they maybe they just have a little lab on you know online or they have a Raspberry Pi in their closet and so they might have some repos on that and that to me means that they're learning they're sharing their their knowledge which is super important nowadays um honestly it's one of the biggest things I miss about being this content creator guy is I don't get every day to work with a team of people making a product or making a making an engineering product we make products but they're videos um and I miss that because you learn I didn't realize until I didn't work in a large team of Developers how much you learn from everyone else around you every day right and when you don't have all those people you have to re you have to do more on your own you have to read more on your own you have to read more books because I can't depend on that person you know Matt and I talk sci-fi and so I'm always learning about new books from Matt because he's way more red I believe in sci-fi than I am um I had certainly my favorite authors but no no not at all okay um well we certainly have different authors that we've read yeah and so yes I feel like I learn about authors and stories from you in a way that I could even share oh I've heard this guy's good or you know I heard this book was really good and I didn't even read them it was just you so that same knowledge happens and you and I hang out before the show we talk about what we learned this week what anything new you taught me about my favorite browser that I now use ARC like there's all these things that happen just because we're learning from each other and in a job that happens way more so I need to see that to me that's what your GitHub should should go is like that should show me that you want to share you you love helping others because I don't know about you Matt my very first job it was helping others like I was tech support yeah and that was where the addiction started it was the dopamine hit of fixing someone's Mouse or uh fixing copy paste in word for someone like that was the the exciting moment like when I figured it out and then I could walk away and that was 30 years ago so yeah it sounds like a long time ago um all right so for those of you in chat what other questions do you have that was a great question I'd say another like you you mentioned it briefly but another kind of meta skill that is super important regardless of what your career ends up being I mean anything it's just being able to tell a better story about what you did and you you mentioned that briefly but uh I mean telling being able to communicate and tell a story about what happened and make it interesting it's a is a skill that a lot some people are just born with I mean um yeah and I think that the idea of having to learn us learn how to tell stories is is silly but for most of us I think it kind of it's a skill you have to learn and uh um yeah telling a better story yeah in fact often in meetings so you have engineering meetings in the normal job that you are an engineer and often it's it's not necessarily the best idea that wins it's the person that has the opinion has and wants to talk about it wants to share about it and has done the work um because we're also busy we all can't know everything we all can't know every tool or every framework or every plugin and I would I was running an engineering team and it you know we'd have meetings and when we had a problem we'd bring it to the meeting someone would have an opinion that and if no one else really had an opinion we're like yeah you know what you're talking about sound like you you've thought about it and let's do that like you you had an opinion let's do it and to me like writing a Blog where you're talking about the technology you're using or writing making repos with the technologies that you prefer that's like yes like having an opinion um I actually interviewed I remember interviewing for a job where devops was kind of young and this is maybe like 2013 2014 and I was really into chat Bots I love the idea of chat Bots I was like I want Slack I want to do everything in Slack rather than the shell and I remember a team that I was Consulting I was about to consult with they were they were essentially interviewing me and they're like so you like chat Ops tell us all about it tell us what your favorite tools are tell us how you use it and I I couldn't shut up about it I mean they probably had to just cut me off and uh it it wasn't we didn't actually Implement a lot of chat Ops we did a couple of things but they were just really interested in how could I what did I know how could I share what was my process for coming up with the reason why this thing was real um I was to me it was like the beginning of the idea of how can we get more people even not in the dev even non-engineers how can we give them access to do things in automation that we didn't we didn't we didn't want to give them access to Jenkins we didn't have GitHub actions or any of these fancy things now we had Jenkins and how do we give them abilities to do things in Jenkins well we don't want to give them Jenkins that's kind of scary especially if they're like a project manager or they're a sales manager or something like that but they needed to get the stats on the staging system or they needed to find the the sales instance of the solution we were trying to sell they needed to find the one for their customer um or whatever or make sure that it's available or something like that and so we needed to give them commands in slack and so they all lived in slack when I give them chats chats there so I was pitching them all these ideas I'm not sure if that's the reason I got hired but they did pick me so I'm gonna I'm gonna argue that that was a that was maybe one of the good reasons yeah I like it great topic let's use back with one he's I have a good one if I were a swarm if I was a swarm engineer hmm a swarm Enthusiast where should I go for an awesome hangout on Discord this is a great topic because I had it already on screen I'm with you Martin um so hey we have a Discord server Matt and I were just in there yesterday hanging out uh in our high fibers Group which is a monthly hangout for devops professionals and you can find out more about that uh in Discord or on our website you can actually go down here on my website and go to membership basically you can but you become a YouTube member here and if you join the high fibers you could get to hang out in that monthly call but we have another one now which is run by this guy on SECU also um I believe that's your handle on Discord and up here okay so on the top left actually you can't see my cursor that's kind of lame oh there you go there you go now you can see it um so up here at the very top we have an events list so this is our Discord server you go right here devops dot fan um tons of people in here 14 000 and you can see a list of what's going on and what's coming up it's like a calendar for the chat system I love this because we're starting to create this little Community right now you can this is happening right now um it looks like us yeah okay this is us and then tomorrow I've got a free GitHub actions and get Ops q a so if you're interested in that you can sign up there in fact I can share this link if anyone is watching copy event link and you're interested go to this link for tomorrow actually that's a that's a link to the Discord event let me just click that and actually copy that one out how about that um so I'll send you that one but what unsecute is really asking about is this one right here on July 7th the Swarm fans of our swarm Channel are running a little swarm hangout so we're gonna do a thing in Discord we haven't done yet it's actually called a stage and so it's kind of like it's kind of like if you had to have a webinar review I hate the word webinar and webinars make me want to fall asleep boring um but we have this little thing uh feature in Discord rather called a stage and essentially means that a ton of people can join hundreds of people can join and they raise their hand and then we put them on stage so you'll have a couple of presenters that are running the show starting the conversation and then as people have questions or they want to have a quick talk or maybe they want to show screen any of that stuff they sort of raise hands we Elevate them out of the crowd into the stage and it's a little bit more civilized than just a giant Zoom call so um that's happening next month and the nice thing here is all for all of these you can say uh share or you can actually if you click on it um you can say you're interested I'm definitely interested in this one since I'm hosting it and you can say add to calendar so you can add these things to your calendar so you don't forget them and this is kind of turning into our little I don't know event management or Community Management System they've even got they've got a bunch of new features that we haven't even enabled um by the way thanks to all of you moderators we have a bunch of moderators in the Discord server now that are all sponsoring the server and we're now at the highest level of Discord we are level three so that means it means a lot of things it means we can have huge upload files and we get all these fancy features and we have high quality Audio and Video in all of the audio video channels and we've got other stuff coming like there's stuff that we're not even using yet so I've got to enable it and work with people on enabling it and uh we've got some graphic features and stuff that we're going to turn on more more um more of these little things like stickers we have custom stickers that are part of our upgraded level this is foxy she's our mascot and we're gonna have more of those hopefully so come hang out and Discord with us wow advertisement successful yeah thanks Mark Martin's Martin's running the um that's on secure there and um he's uh hosting the Swarm fans group it's crazy it's great in the Swarm fans because we we actually have one of the sworn developers who now works at Docker in there as well as lots of Docker swarm fans that are still using it or uh wanting to get back into it because maybe they've had a bad go of kubernetes and they want to try something else um weirdly we don't have a um I forgot the name of the third orchestrator Nomad we don't have a nomad Channel I'd love to also I'd love to be able to say we we host channels and we have groups of supporters for all three orchestrators all three open source orchestrators that are still in my mind used by a decent amount of people I know there's a couple other ones out there Matt showed me one earlier in the year created by the hello guys I did I thought you did yeah wasn't it yeah you came in with a topic one time about the the one created by the back the um boot camp not boot camp that team that I can't remember that guy's name it's not boot camp it's a boot camp yeah it's boot camp the boot camp owners they came up with their own orchestrator because they didn't need kubernetes and they made a new one they thought was simpler anyway um we talked about that earlier in the year I don't know anyone that's using it so I know people using swarm I know people using Nomad and other people using kubernetes so um and then there's a couple like there's one that was created by azure years ago there's obviously ECS on AWS but ECS doesn't really have an open source version you can run anywhere so I don't really count that as a real option for most people right um so I'd love to have a nomad in here but I don't know that we have any Nomad fans maybe maybe it's one of those uh create it and they will come kind of things yeah base camp not boot camp oh yeah yeah yeah I do FaceCam no I do remember it it was like it was ah it had like it was like a four-letter name another cool video about it and that's all I've seen I'm looking for it now titles for Ops service orchestrator I can't find it somebody's somebody in general mrsk mersk .dev employee apps from anywhere yeah I keep saying the hey guy but uh it's base camp base camp um yeah so their argument is uh same declarative model around imperative commands so they went they went down the comparative rabbit hole which okay most of us have left imperative but all these things have Cycles so I I wouldn't be surprised if there was a pushback um on we don't like imperative suddenly for a list of reasons now let's all do imperative again um and to be fair it's hard to have an opinion because I haven't actually tried it so yeah there's another uh another thing that actually happened recently that I didn't put on here that's actually happened yesterday um Adam Jacob of Chef Fame created system initiative I don't know if anyone heard that news um it's a tool it's a tool to help devops implementers like um he and Kelsey Hightower did a twit Twitter space announcing it um and it's in JavaScript typescript it's uh language typescript based infrastructure design and evidently has collaboration like it's a visual diagram thingy and you can do it with multiple people hence all the little different pointers in the screen and um I mean sure like let's see see if it gets traction and then I might try it uh I tend to not try things until they get traction so it's interesting to see if they'll if though I'm not sure if this is the idea of like it's a private beta so this makes me think okay this is a service not an open source um maybe there are open source components but this is an interesting term so we've been for a while now the industry has tried to be coming up within what's the next buzzword everyone's worn out devops I still think it has legs I still think all these other things are just iterations of devops um Revolution is a great idea from Emily um what's her name I forgot Emily's last name uh when she did a get get hub Universe keynote talk on the idea something called Revolution which would be the replacement or the all-encompassing and it's devops and agile and all modern Concepts all brought together into a framework um there are some people that are trying to argue that platform engineering is the replacement for devops which I completely disagree there are completely different things they are not related platform is you use devops to create a platform for your engineers like but I don't see how platform engineering can possibly replace devops um Freeman Emily Freeman there you go yep and we've shown her video uh I've I've talked about um I've shown her YouTube video yeah rethinking the sdlc and so she did multiple talks but if I do it on YouTube um [Music] there we go this is a fantastic video also really well done because high production value [Music] um but that put that in chat that's a great one for what if we what if unlike the currently the word devops has been so overused and so um inappropriately assigned to all sorts of things that don't really Define devops well um the devops word is kind of lost meaning so let's create something new that actually has a framework around it and it starts with the framework that we can Define so we can clearly understand is it Dev is it this or not whereas a lot of times devops it seems like it's everything like every Everything has the word devops in it it's lost all meaning um surprisingly the git Ops Community has tried to avoid that which is I think kind of Ops awesome um actually that's open get I think it's open get Ops so open get Ops is a Consortium of companies that are all trying to create the get Ops principles and I love this because you could really get confused about what gitups is especially as different vendors have taken a different tactic even disagreeing with each other so they're actually all bringing together and versioning these principles four principles that make up get Ops and you have to have all four or you are not get Ops and I love this it's fine to have an opinion it's a fine to disagree but when we're all talking at least we can agree on something and I love that we have these we never really in the early days of devops got sort of hard check box yes or no I have these things thus I am doing devops we never really got that it got it was very nebulous it was very process driven monitoring um agile my agile mindsets and all this kind of stuff that really was just not it didn't have teeth to it and I think the git Ops is doing a much better job of that so yeah I love this um idea that they mentioned of what was this down here under system initiative he says second wave devops which I have not heard of second wave devops so devops 2.0 maybe that was already taken maybe somebody's already tried that but but we have a lot of people trying to rehash devops and I think really what the problem is it's not that devops is old or outdated it's that we never really had a good definition so these new ones are really trying to Define it so that we know whether or not you know we all have these stories that I went into a team they said that they have a devops engineer but he wasn't doing devops or you know the devops team wasn't doing devops all the devops people were just managing Jenkins which doesn't mean they're necessarily they necessarily have a devops mindset so yeah you got it at the same time that uh Martin got it mursk yeah Brett's uh Brett Hinton saying uh you have many different Frameworks to try and Define devops and not having one seem to allow many to adjust to be whatever they wanted exactly um I think what we've learned is if is the minute that it the minute that we get a phrase in the community of humans a what ends up happening pretty quickly is if it's sticking if we all like keep talking about it like the get UPS one which is probably to me one of the most recent examples is that the companies immediately latch onto that and try to Define it based on what their tool does so if their tool doesn't do a thing well that's not a part of this because our tool does all of it and the problem is we end up with tooling companies defining a pro because if you think of all these things they're very much human process human and process and culture Concepts same thing is happening with platform engineering which is not like it's not a new thing we just made a new word that is the concept is a concept of several old words um self-service was one we were using in the 2000s for this very similar Concepts and um so a product company in particular but a series of product companies are trying to redefine that word and I feel like the the community has a lot no longer controls that word anymore because they there's now companies that are these making these products that are running the conferences so platform engineering conf and stuff like that and I think that just gets really dangerous because now it's one company defining the ecosystem term and so I get we get questions on this show is platform engineering replacing devops or should I learn platform engineering yeah and I don't the answer is always no um SRE I don't I mean I would be interesting to talk about the origin of SRE that really kind of came out of Google yeah the nice thing is at least Google yeah because there was a there was I mean the first time I remember hearing that term was right around the time that the book came out there I there was like a a book about SRE from a few Google developers or Google employees yeah and that's where it kind of like really got legs yeah so you could argue that it came out of Google but the nice thing is in that case Google wasn't necessarily trying to sell you a product that had this new term in it yeah they were like this is the way we do business and we're sharing our knowledge maybe you would like to do the same thing as well so I feel like the industry picked up on it ran with it we now have at least I mean at the like the SRE books that I think of I think of like the the Google's web-based SRE site um which is the one that I reference but even though I I guess it's still very much a Google thing when you think about those particular troves of knowledge it still doesn't feel it still feels like an industry thing it still doesn't feel like oh yeah this SRE company is selling me an SRE product to do SRE um yeah and that's the feeling I that's the feeling that I started to get with GitHub or sorry git Ops because we had a couple of companies that were competing and then others jumped in and said hey let's make this and an open get Ops thing let's create a site together let's try to create some consensus um that was great I don't feel like I'm not sure if we've really gotten there with platform engineering yet um because that's probably the latest term I feel like but second second it'd be interesting to see if like this Revolution I I hope Emily all the best I I wish that I love the revolution idea um I hope that that sticks or gets more popular with more people outside of her peer group and then um what is it second day devops or second I already forgot what it's called second wave devops second wave second wave they're gonna go around day two it's two you know what it's already too long I mean who's gonna call it second wave jobs like that's it's too long why not just second wave how about we just call it second wave the problem is does it have teeth can I tell whether or not someone is doing second wave devops let's I need a check off list I need a framework like Brett's saying in chat um Palms people process technology yeah I mean to me still to this day like a lot of the the gene books the um the GitHub the devops handbook and a lot of those uh follow-on books like to me those are the troves that are um that's what helped me Define what I knew devops was and wasn't right and it and at some point the technology companies all took hold of the word so now when I walk into a shop that needs their needs help often they're not really doing the people the process or the culture they're just doing the technology and it's like right are you really so I think I've learned that like we if these things are going to stick we need them to be a framework I like that I like that Brett established that framework word there that's that's what we're missing is a consistent framework that everyone agrees with in fact um not to beat My Own Drum too much but over on my site there is an article um here's the challenge can I find something on my website um this is not gonna find uh becoming yeah like how many how many posts I have on devops so I have this thing which I have not turned into its own post it's a part of this other one and this may not even be the right posts I don't think it is sadly no um do I link to the other ones Maybe This Is It [Music] um yes so I actually created uh your own little evaluation and what I found on the industry is for when it comes to devops if you try to go look at like devops survey or devops um evaluation or devops audit or you try to figure out are we doing all the right things right there are either every company that's trying to sell you a product in the devops space has a blog post that is the beginnings of this it's very little effort they put in they checked a box they wrote an article here's the things you need to do and it's very it's too simplistic right it's it doesn't have enough meat in it enough teeth and then there's the opposite if you go to like the devops Institute you go to some other big devops learning and training or some of these companies they have these really in-depth Frameworks that take you a some serious time to get through what I tried to do was balance the two and I'll put this in chat what is devops is the web page I have to remember that so it goes through three different parts culture process and tooling and the idea is you get one to five points per question there's four questions four or five questions per part and so you can use you can either give it zero points three points or five points that's all you can do so it's very narrow uh it's very focused and you the idea is you add them all up and then at the end you have a very simplistic number the higher the number it's a single number the higher the number the more likely that you are meeting all the original objectives of devops so it actually has a little scoring at the bottom it's it's one of those things where you hopefully can do this in an hour like if you know what your devops team is doing and their culture and all the tools and the process that you have implemented you can probably do all this in an hour and this is honestly based on a decade of devops Consulting like working with not just implementing devops in teams around the world but also working with companies as a subcontractor that they're a devops implementation company going to bigger companies and so I would often like I would augment others so I I tried to put all of this this took me like a week to write it was a I'm not a great writer so it's a very painful process but yeah if you had over 46 points in there then you are then your team is essentially devops Masters you're doing you are doing most if not all the things on this list um I tried to keep it so simple that you really didn't even necessarily you could maybe just do it as a three three images and a tweet and then people could fill it in um in fact I maybe need to tweet this out again because it's been a while it's been a couple years since I wrote this anyway um that's what we're all looking for I think when I talk to teams and they're trying to figure out we don't really know what to do we don't really have a checklist we just know we got this tool we got this tool we automated some things in a CI tool we're using yaml and we're using Argo like are we devops and that was a constant challenge with teams on trying to figure out um where to go next right um and and quite honestly I would a lot of times I would just ask one question it's like uh what sucks what like often like my first time with a team would be all right I don't know any of you I don't know any of your processes but just give me all the complaints what sucks about your systems what what do you hate about your processes um what is up you know what is a pain in your weekly work and we would always get 10 to 20 things and this nice huge list and it would it would be across the board it would be everything it would be the devs or constantly putting in tickets for new environments that we have to manually spin up all right that's a check off list that's that's a process and tooling thing um you know Ops doesn't understand that we need uh we you know we need them to help us do this thing more often or we we're constantly having to call them in the middle of the night for things or whatever that's maybe a culture thing I mean so we would just I would go by complaints like the and we would ask all the teams I wouldn't even just ask the developer team I'd ask like the dev team the devops team the devops team the the if we had um security people or Pro um uh project managers I would ask them to and we'd come we'd come we'd sort of combine this huge list of themes of what everybody thinks sucks because the reality is is devops is really just about optimization of people in process and if you just listen to them they usually know what's not what's not great um anyway all right people any more questions before we wrap this up we're here for you in chat uh I think while we're at it should we talk about what's who's coming up yeah let me bring so did I say we did this live every week people I think I said that we're live every week um we have guests different people on the show all the time and if I go over here to our show notes we're just gonna I'm just gonna bring this up on screen it's way easier than me talking about it um next week we've got the founder and CEO of solo IO to talk about istio mesh Envoy zero trust security celium um edits I believe how you pronounce her name I've met her once before but that was like 2017 I think uh dockercon she was on stage at dockercon doing a presentation and then we have the course q a of course every other week is a q a and every other week is a guest and then we have Josh Thurman from you fizzy talking about ephemeral environments and uh essentially like preview environments PR based environment creation and deletion that's what you fizzy does uh we're gonna have them on showing off their tool we have Dan Garfield from code fresh one of the more popular uh CIS out there as a platform and one of the cool things is their CD their automation for deployment is entirely Argo CD which is my favorite deployment tool and they they just took the whole company doubled down on Argo CD they're one of the main maintainers now of Argo CD as well um and they're all in so it's kind of fun to see a a CI company that's trying to create the CI CD platform of the future not just try to create their own way to deploy tools but just to take a major open source tool adopted into their platform use it in their platform and then not just try to make money on it but also give back a ton to the community they've created multiple open source Tools around Argo to help you with Argo um yeah so I'm finally going to get down on the show I met him years ago too and weirdly never had him on the show so we need to fix that also Ken Collins who's a local friend here in Virginia a friend of mine uh his AWS serverless hero we're going to talk about Lambda we're going to talk about containers and Lambda not you know all things containers Lambda mostly just Lambda but um he's also becoming a Docker fan traditionally from a community that didn't adopt Docker up front he's very much uh I learned I met him in the Ruby community so the Ruby people I would say had their own systems their own they had all these great tools out there Heroku and whatnot all of these things they didn't always need containers so I have a lot of Ruby friends that are still container holdouts today so we're gonna have kin on to talk about Lambda um and then every other week is q a and of course that q a can be anything Cloud native kubernetes docker all things all things devops all right um Blaziken I'm not sure if that's how I say that Blaziken how about kubernetes I'm new to devops well re-watch this show we just spent the last hour and 10 minutes talking about Docker kubernetes devops um and I would say go back I have hundreds of videos now on this channel yeah about gubernetes past week was great last week with uh Brendan was great uh yeah and so many others that's a great point I um I'm glad that someone here that remembers exactly what we did last week so if you go after the show's over go back in this channel to last week's show we had one of the co-founders of the kubernetes project on talking about the future containers the uh basically what's what's the next thing after kubernetes or what's the next layer of abstraction on top of kubernetes which is I thought one of the best talks that we did there was just talking about how in five or ten years might we all actually be consuming kubernetes and it might not be you talking to kubernetes at all it might be kubernetes is really in the background like we're starting to see a lot of ways in other platforms where they're running kubernetes but you have a different interface that's on top of it that's maybe maybe a little simpler for those of us that don't need to create our own cloud because that's kind of what kubernetes was meant for it was meant for operators to make it a private cloud and we don't all need that so we talk about it it's a great show I'm super proud that uh we got to have him on I was yeah a little nervous and uh excited he's just a normal guy he's just a normal guy um yeah just a normal guy just a VP of Microsoft um but he but it was great because he talks to he spent so much time talking to customers and I love that um having someone who can see into Enterprises into big companies that are using the cloud what their problems are um that's always fun to hear those stories yeah you've heard about Docker and kubernetes but you're pretty sure there's more to learn absolutely uh in fact you can if you're just joining this YouTube channel because you stumbled onto it not sure how you found us but go here to our Discord server where people hang out every day talking about Docker and kubernetes so a free Discord server right there devops dot fan um go do that um of course at the end of the show we always get a bunch of questions which is fine is there a way to test Docker files effectively I mean uh yeah there are Frameworks bats and similars but is there a tool or such to test a Docker file so I know to me there's two things there's linting and then there's just building so you there's plenty of linters out there I'm a big fan of super linter super linter includes hadooplint which is a Docker linter probably the most popular one out there that's not what I wanted I wanted to go to the GitHub um so there we go hadulint is I would say the best the best one out there there are multiple other ones out there this one is the only one I stick with because the other ones either just repeat the same thing this one does and don't do as much or they're outdated and they don't have a lot of the new functionality of Docker files so I run that on every Docker file every time I make a commit if I change the docker file the pr will automatically lint that file even if I linted it locally it will always lint it during GitHub actions automation um and that's a part of my course that starts next month so in case you weren't here at the beginning I have a live course um you can find all that links below links Below in the description to this course and we talk we spent a whole week learning GitHub actions for devops automation we do things like linting we do things like building of images automatically testing of images and kubernetes automatically and a whole lot more security scanning blah blah blah so if you're interested in all that stuff but I don't I mean other than just using a Docker build command like I don't know what else you would do with a Docker file other than lint it or try to build it and I mean and then there's the security reviews I mean looking at I mean you've you've talked about like uh the the licensing uh and and I mean there's all these these types of other things you could be looking at through your at your Docker files um you know what what are you really getting in that if you just put in uh from this base image what's really in that base image what are you getting with that um there's a whole lot of understanding you can do to uh uh and yeah there's not one tool yeah well if there is one tool it would be super linter um super lender yeah yeah so like uh if though if people haven't which is funny because it's not one tool it's a single tool that runs many tools uh super liner is something that I advocate a lot for um teams that are not mature in their linting if your team isn't linting every file type and every repo on every PR then you need Super linter because it will do that and it only you can set it up by default it only scans uh change files so your PRS won't scan by default every file in the repo just the ones you changed and it you can then put in standards configuration files so if you don't agree with theirs or if you need to opt out of rules or add new rules you do all that and that's something we learn I actually have a whole video of that on my GitHub or on my on this YouTube channel actually if you just search GitHub actions or super linter you will find those and that's what I would do I mean I would focus on the linting which also does part of what Matt's talking about with the with the license scanner um security scanners trivia those kind of things a lot of times are in these tools yep that's a great question thank you Moet oh yeah um bluskin says they found so YouTube recommendations thanks YouTube I'm glad you're here yeah uh so show back up every Thursday we do the same thing here we have guests sometimes we don't and that when we're not here we're all hanging out in the devops server right there so join that you can um the reason I'm here talking is because I have a bunch of courses on Docker and kubernetes and devops so if you go below you can find coupons on those courses um and welcome to the community glad to have you written in Haskell um what's written in Haskell oh the uh Hadoop lint maybe is written in Haskell yeah um let's say we want to enter integrate a testing framework that can lint unit test function tasks Etc and give us a secure base image that can use in better way and build upon in further um so those are all separate things and you wouldn't want all of that bundled into a single tool I don't think I think maybe what you're asking for is GitHub actions or something similar to that that is going to automate said testing um a lot of times unit tests are written in um the language a framework for your language that's very language specific then a secure base image would be a very a secure base image is a very opinionated thing and that is something I talk about a lot on this channel in these if you go back and you look up security if you look up devsecops in this Channel or secure supply chain you will find other videos uh if you're interested in Secure base images I would recommend going and looking at chain guard images these are available on GitHub or github's container registry or on Docker Hub but if you if you look they used to be we used to call them Wolfie images but wolfy is the basis for a lot of these images and chain guard is a company at the Forefront of trying to create small little images that have zero cves which is pretty a pretty incredible achievement and they're doing it for more and more common repositories and languages so they are going much farther than the defaults that Docker Hub are making so I would definitely Advocate chain guard was on this show last year you can go look look at chain guard in this Channel and you'll find a chain guard video from last year talking about Wolfie how Wolfie works and you can now use these images as your base images so for example if you're a python developer if you're using from python you can probably swap it out with very few changes if any to this so you would change out it would say from cgr.dev chain guard python colon version and it would be a a smaller probably smaller because it one of the ways they're able to achieve zero cves is they take out a lot of stuff that you don't need and then they they will sometimes even patch the vulnerabilities themselves and they include all the s-bomb and Providence information so that you can be sure that this image uh has a proper accounting of everything is in it and that you know how it was built and where it came from so I highly recommend them in fact they eventually if they continue to have success with this it'll probably land in my courses which you can find coupons for below because this is something that we've all been asking for from Docker but Docker didn't really want to get into that business and then there's another company called I'll show you the other side of this Slim dot AI who we have also had on this show um and they do the opposite they take the image that you made and they will remove stuff out of it to make it more secure and reduce the vulnerability count so they whereas chain guard requires you change your from image and that you use a new base and then you build on top of that new base and it has limits it has things that you can't necessarily do for example it doesn't have a shell by default like there's all these things in chain guard that can make it harder if you're not a senior develop a senior Docker person it might be challenging slim AI takes the approach of hey you don't really have to know anything about Docker you just point us at your images and then we will break it out break it down uh statically and not do a static analysis on it look at your code look at the dependencies figure out what you really need and remove the rest so it's a little bit of voodoo and I think we need both I think some teams want this approach some teams want the chain guard approach some teams are overwhelmed by chain guard like the chain guard images are too much complexity they don't even remember how their Docker file was made it was someone who left years ago they don't want to touch it they just want something that will look at their image remove vulnerable stuff or warn them and slim AI does that really well they are they have both an open source component as well as their SAS so you can essentially go on their website Point them at their your image it will rescan it and remake it with less vulnerabilities that's a great question we could have had all the show on that but sometimes you also have to think of was the concepts of risk mitigation risk risk assessment you know there might be a vulnerability that you know maybe you've you've do the test you see there's 15 vulnerabilities that your image is affected by um and maybe because of what you're doing depending on what you're doing and how you're doing it maybe those vulnerabilities don't actually get exposed because of the footprint of your of your container and and and maybe that vulnerability or multiple vulnerabilities that I might not be that big a deal because they're not affect they don't affect uh you know how people actually use your so I mean just because you see a vulnerability it's not the the sky's not falling but or maybe it is um but uh you have to really ideally you want to go to 4-0 but uh I mean I've definitely been in places where there are a couple and uh and they were after a lot of review it was determined okay that's okay we can live with that um and and move on yeah I think there's a real that's a real challenge even even with this tool even with slim AI it's like knowing if I have curl in my image and curl is always vulnerabilities in curl are like two peas in a pod uh because Carl has so much built-in there's a ton of advanced functionality and curl that most people don't even know about you know FTP and um all this other stuff in it that uh you know obscure protocols that it supports that no one ever uses and if your app doesn't ever actually run the curl binary then how vulnerable you know how risky is it really if your app never uses it if it's just sitting in the container and that's a and that's a real challenge slim AI is trying to solve that problem they're uh my understanding is they're going Language by language framework by framework and implementing the static analysis so that they can they can do that work for you and say hey there's this and you have three dependencies that you're not even using in your app why do you have them you know that kind of approach right um and when we had them on the show their approach was if it accidentally removed something that you didn't want it to remove you could essentially put that in an allow list or um I don't know maybe maybe we just call it a deny list because it it denies Slim from messing with that part of the file system so if you if you have a director and you're like these dependencies are really I know you don't think I need them but I really do need them and it will prevent it will prevent somebody from trying to take it out if it doesn't think it needs it so they're doing some hard work there that you know the magic is in in the automation it provides and um they also do pretty interesting reports they were they did a kubecon uh keynote talk they did a talk at sivo that you and I were at on on this the analysis they've done of a lot of the docker Hub images but they're they're not it's one of those things where they're doing really cool work but I don't recommend them to everyone because at the end of the day this is still this is not fixing it at the source this is sort of fixing it after the fact to me but I think it absolutely has a place in the ecosystem and I did a security talk this year where I actually said both of these tools are at the opposite ends of the spectrum or of the workflow and if we all are shifting left if we're trying to take our security and shift left we're probably going to end up at chain guard solution which is better base images but that a better bass image doesn't make your dependency installation any better so we we maybe still need something after that and that would be something like slim AI um yeah if you didn't know about some AI people they're the ones that made Docker Slim you just look up doc or slim they've changed it around a little bit but uh Docker slim is now Slim AI so uh for the years and years by this free open source tool called Docker slim now they've just rebranded it it's just called Slim and I believe that it's still open source yeah but it looks at your duck your Docker image and evaluates it for what you can remove essentially hopefully that helps curl is fun though did you know curl speaks SSH I'm convinced that curl speaks every protocol on a TCP Network on ipnetwork um and that's part of curl's Problem by the way if you're someone who needs to get a file I always recommend putting in um wget rather than curl because W kit is a w gate is a fraction of the size we are usually always pulling from an HTTP URL and wget does that great just as good if not better than curl and it does it at the fraction of the size and almost never has a vulnerability compared to curl so a lot of teams I will search for curl in their Docker files and if I see it in there I will advocate for them to swap out for a different tool there's probably even better Tools in wget now especially if you're in certain languages like go or whatever where you there's probably a library it might even be it's probably in the standard libraries and go that I don't remember but um I will switch teams a lot of times over to wget we also now uh this is a little bit of a side topic but one of the last things I'll mention is docker has I think it's a beta feature now um Docker add Docker file add there is now um a beta feature let's see if I can find it by doing it the last month there's a beta feature in Docker now that adds capability to the ad command to go get more things from more in more ways so that you don't you have less reasons now for wget or curl in your Docker file it ad always had the ability to go get files but it maybe didn't there was times where it may be needed guitar on your local container or whatever but Docker the build kit um build kit is adding God this is weird let me do cker desktop change log let me see if I can find it in the recent release notes riveting content right here while I'm reading the internet um maybe I just search for it a common action is that they added something uh it's in here some there but yeah um it was a very early it's an early feature so I'm just not seeing it Image store I thought it was in the point one maybe it was in the I thought it was in the 20. 4.20 that came out uh this last couple weeks somebody in chat certainly knows what I'm talking about [Music] um anyway so they're adding that functionality uh we should we would probably see that show up in Docker Bill Let's see if Building images I can never find it so Docker file Docker reference um so if we go down to add this is where um oh it's and I think it's a 1.5 Docker file so if you didn't know Docker file now has versions everyone um it's it's all silently in the background but dockerfile 1.5 is the latest and I thought I don't know I thought they kept a list of all the features in dockerfile versions release notes there we go here we go now we're getting somewhere add command now supports check some flag to validate the contents of the remote URL okay um add command now supports importing files directly from git urls now I'm talking okay so yeah so ads get new Love and so this was the one I was thinking of it was uh from git URL so you can pull directly from a GitHub repo into your specific files this would not be the same as a git clone I don't recommend doing git clones in Docker files um but the ad command itself is getting some more love so it's good there is and by the way if you didn't know this existed people uh Docker files are getting fancier all the time and we don't really know it because we don't have to necessarily specify the version as long as you're using dockerfile build kit if you're using Docker build net now uses build kit buildkit has all this built in but if you're using some other Builder or some other tool like build a or I mean there's some like go and Java have their own builder sometimes those may not have all these features because they're not following the docker file spec this is not necessarily oci spec so a lot of people get um we'll talk about how they want everything to be oci spec but the reality is the oci spec always lags behind the docker file spec I personally am a fan of duck Faust spec because Docker is the best at it they're they're the ones that are innovating um and if it makes it into a dockerfile release chances are it's going to stick around so it's not going to just be something that they throw away they do have labs they do have experimental features um I don't necessarily recommend if you if you are going to use those features they're usually very stable they just may not always exist or they may not actually be leave labs and come out of stable so I'm always a little bit I'm a little bit apprehensive at putting those into production stuff but I've never found really any of those to really be unstable or have a reason to not use them from a stability standpoint just a question of will it still work next month it um so anyway yeah like 1.4 a lot of people made news last year when 1.4 came out and we added the link option which is pretty fantastic the link option allows you to actually rebuild an entire Docker image by only sticking a layer in the middle and not rebuilding the whole thing it's actually really great for when you need to throw in binaries that you maybe you compile separately and you need to inject them into your Docker file at at build time but you don't need everything done after that because you're just changing a tool you add the dash dash link and that could save you minutes or more on your Docker builds by doing that so yeah things keep happening to Docker files I probably should up add more and more stuff to my courses on it but quite frankly it's it's a lot there's a lot here so a lot of us that learn Docker files we we all learned Docker like 1.0 we learned that the the features and functionality from 2013 and we never really understood that there was all these versions and features coming after that so um this could probably be a course somebody should do that somebody should make that if only we knew a guy that made courses all right people we've been here uh two an hour and a half so I think we're time is up I really appreciate it I gotta share a tool that's not really related but I just learned about it yesterday and I really want to spend a little bit more time playing with it um somebody reached out to me and said hey you should check this out because I I had made a video once before on my Channel about uh JQ and about do you know about JQ uh like Json query yeah so uh but what if you wanted to grab data from a website or uh some sort of API and then Munch that data uh directly rather than downloading as a as a Json file and so it's called Krell K uh c not not K not k-r-u-l-l that was a bad movie from whatever but that was not a bad movie I love that movie I love that play that that throwing star with the blades that clean up oh it's really good um but c-r-u-l um crawl and uh do I need to do I need to search something else or just crawl um crawl.com yeah crawl.com I I think they should change the logo to that what was it called the blade thing clay g-l-a-v-e oh yeah yeah wow yeah it was like a it was like a ninja throwing star but blades that popped out of it yeah but it was bedazzled awesome there's a bedazzled Ninja Turtles and it had knives that popped out uh and they could fly on its own it was like magic I'm just gonna have to Google it yes that yeah um that's amazing and that movie was awesome I actually rewatched a couple years ago and oh really I I feel like I mean obviously there's a lot of it that's cheesy and bad and uh but I love Cyclops I love the there's so much of it um it's it's honestly it's like that in Flash Gordon are the quintessential 80s sci-fi superhero movies like those two movies you could stand those up um in the 80s and you can look it doesn't go yup that defines a decade of sci-fi right there uh you have your you have your you have your um fantasy your sci-fi fantasy and your fan medieval fantasy and this one this one is the medieval fantasy uh Flash Gordon was um I I mean I think I wore out that that VHS tape I watched flashing so many times um that was amazing movie I I can't I that was so much part of my childhood um so anyway with a C I mean as you can scroll down here it's got a bunch of examples basically you're pulling from um from a website and then filtering It Down based on additional commands you give it and it looks really really slick so that's my a fun little very bad wow that's pretty slick yeah of course now that the apis are all getting locked down I don't know how much useful tools like this yeah somewhere somewhere predicting the end of the open web blame AI um [Music] I I'm not sure we're gonna go that far but um right Anton says does a link option support any kind of authentication I don't believe so yeah yeah because um the link option that doesn't doesn't necessarily mean it's getting it from the internet it means that when it's when it's going to change that layer later whatever you did in there it's going to do it out of band so it's not normally when we change a layer in a Docker file if there's anything that changes in that line that breaks the cache so you have to rebuild everything after that the dash dash link avoids that dilemma and will not rebuild the rest of it so you have to be careful because you could get yourself in trouble like you obviously don't want to link a package.json file because then it would never rebuild the packages after that but if you're putting in something files that are already that basically don't affect the rest of the docker file maybe you have like some static files that just need to be added to your website but you don't need to build them or do anything after that in the docker file you can add the dash dash link and it will when it rebuilds it'll just it actually doesn't even need this is what's crazy it doesn't even need access to the other layers it will literally make that layer and shoot it up to uh with a manifest file to Docker Hub or wherever without needing the rest of the layers so it won't even download the the from image or anything so it's pretty cool this is cool I'm gonna have to check this out thanks great tip here I'm going to put that in chat and with that I think we're going to call it a day um thanks everyone for being here we'll be here again live next week um with a guest and this comes out in a podcast you can get the links for the podcast below you can join the Discord server over there where we all hang out afterwards and you can get a newsletter my courses the blog all that stuff in the description below there's just all that stuff so pick your poison and we'll see you next week on YouTube live ciao everybody that's good bye [Music] [Music] foreign [Music]

Info

Channel: Bret Fisher Docker and DevOps

Views: 25,123

Rating: undefined out of 5

Keywords: docker, kubernetes, developer, bret fisher, cloud native, automation, containers, docker mastery, kubernetes mastery, devops

Id: i1tgqZB41SE

Channel Id: undefined

Length: 99min 54sec (5994 seconds)

Published: Fri Jun 23 2023