Docker made containers mainstream, but it is no longer the only way to run them. Kubernetes dropped Docker as a runtime in version 1.24. Podman offers a daemonless, rootless alternative with Docker CLI compatibility. containerd and CRI-O power most production Kubernetes clusters. The container ecosystem has matured beyond a single tool, and understanding the options helps you make the right choice for your specific use case.
37 posts tagged with "Linux"
Linux administration and shell scripting
View All TagsThat mysterious "Permission denied" when everything looks correct — SELinux is probably why. Every SRE has had the moment: file permissions are 777, the process runs as root, yet it still can't read the file. The reflex is to run setenforce 0 and move on. This post teaches you why that's dangerous and how to actually work with Mandatory Access Control.
Kubernetes networking makes no sense until you understand these Linux primitives. Every pod-to-pod connection, every service load balancer, and every network policy maps directly to Linux networking concepts that have existed for decades. Master these fundamentals and container networking becomes transparent.
You're about to format a 10TB disk — which filesystem should you choose? The answer depends on your workload: how many files, how large, sequential vs random I/O, whether you need snapshots, and how much you value data integrity. Let's cut through the marketing and look at what actually matters.
The app works on staging but fails on production — here's the systematic way to find out why. Every seasoned SRE has a mental decision tree for production incidents. The tools are always the same: strace to see what a process is doing, lsof to see what files it has open, tcpdump to see what's on the wire, and ss to see socket state. Master these four and you can debug almost anything.
You run docker stop myapp and wait. After 10 seconds, Docker force-kills the container. Your application never received the shutdown signal, never flushed its write buffers, never closed database connections. Running docker top on a long-running container reveals dozens of zombie processes consuming PIDs. Both problems share the same root cause: your application is running as PID 1 in the container, and it was never designed for that responsibility.