Local multi-node Kubernetes cluster – Minikube, MicroK8s and Kind

Is Docker desktop bad? In the previous post about docker desktop as a single-node Kubernetes cluster setup, I touched on the deprecation of docker-shim. Now that CRI beats OCI as the standard for container runtime, the docker runtime will no longer be supported by Kubernetes. Also deprecated is docker-shim, the temporary interface that had make … Read moreLocal multi-node Kubernetes cluster – Minikube, MicroK8s and Kind

Getting started with GitHub Actions

During the orthweb project, I had to compile a library on my own. In search for free computing resources I realized that GitHub action can meet all my needs. CI/CD pipeline As a development project grows, there are too many operational tasks demanding automation. In strict terms, CI pipeline is the build pipeline; and CD … Read moreGetting started with GitHub Actions

Secure web application deployment

In Nov 2020, I created OrthWeb project, a deployment of Orthanc’s server. Orthanc is a DICOM viewer and repo shipped in Docker container. In the deployment project, I use Terraform to provision infrastructure, including a managed PostgreSQL instance, an EC2 instance for docker runtime, and the init script to bring up the web service. I … Read moreSecure web application deployment

Deployment of a medical imaging web service

[Update] Some security improvement was introduced in may 2021. Here‘s detail. In this project we introduce a medical imaging web service based on Orthanc, an open-source project of DICOM server, and a pipeline to deploy such server automatically and consistently. This little project involves a number of technical deets in DevOps, to deliver a web … Read moreDeployment of a medical imaging web service

Docker storage

Microservices are all about stateless and ephemeral workloads, and containers are great microservices. This may suggest that that Docker is all about ephemeral storage. In fact, Docker supports both non-persistent and persistent storage, such as database, kafka, etc. Non-persistent storage is automatically created, alongside the container and is tied to the lifecycle of the container. … Read moreDocker storage

Docker components

The previous post about virtualization and containerization brought up some underlying technologies which Docker build containers on, including: namespaces – a Linux kernel mechanism to isolate resources. It allows a process to run within an isolated environment (mnt, pid, net, ipt, uts, user, cgroup) cgroups – a Linux kernel mechanism to limit resource usage of … Read moreDocker components