Each year, I get the opportunity to write a brief piece about the top container articles of the year that were published on Enable Sysadmin. It is a great opportunity to review and reread the articles. I am happy to see that a couple of mine made the cut.
Top 10 container articles of 2021
I've summarized the 10 most popular articles about containers on Enable Sysadmin in 2021. First I'll review the articles that came out of our Podman team, and then I'll share contributions from other members of the container ecosystem.
Transfer container images
The first article I wrote—7 fun Linux containers/image transports features—discusses all the ways that Podman, Buildah, and Skopeo can transfer container images between different container storage. Rereading it reminds me of a few things I forgot in the many months since I wrote this.
Containers versus images
What is the difference between a Linux container and an image? One of the biggest problems in the container world is we reuse the same term over and over and cause confusion. When I wrote this one, my goal was to clear up the confusion that we all have when talking about containers versus container images. Hopefully, it hits the mark.
Manage container registries
Valentin Rothberg, an engineer on my team who works on all things in containers but concentrates on handling container images, wrote a great article on configuring your registries.conf
files. He gives a great reference for anyone, including me, who wants to set up advanced registry handling. Read How to manage Linux container registries to learn how to block registries, set up mirroring, deal with short names, use drop-in config files, and more.
Four container tools
Tom Sweeney, who is the product owner of Podman, Skopeo, Buildah, and friends, as well as an engineer on the container team, wrote about four handy new features in the container tools. Read Add these 4 tools to your Linux container toolbox, and I am sure you will discover something that you did not know when you began the article.
Debug volume issues
How to debug issues with volumes mounted on rootless containers is the final article from my team that made the cut. Matt Heon, the lead engineer on Podman, wrote this one. Matt's article is a timely piece about handling issues with volumes in rootless containers. Most users who have problems with rootless containers have issues with volumes. Problems may be based on SELinux, user namespace, supplemental groups, and more. This article is very handy to help you understand what is going on in rootless containers.
The Container Network Interface
In A brief overview of the Container Network Interface (CNI) in Kubernetes, Kedar Vijay Kulkarni writes about the CNI and its use with Kubernetes. A cool thing about this article is that it is also useful for Podman and Buildah, which also take advantage of CNI. You may never have to deal with CNI, but this article will come in handy if you do.
The user namespace
With Building a Linux container by hand using namespaces, Steve Ovens digs deep into Linux namespaces. Steve wrote a series of articles about building a Linux container by hand. This, the first article to make the top 10, is a great piece on the user namespace and how it works. He does a nice job of simplifying this complex concept.
Build a container with namespaces
Steve continues his overview of namespaces in Building a container by hand using namespaces: The mount namespace. In this article, he describes the mount namespace. The combination of the user namespace and mount namespace make rootless containers possible. These articles on namespaces make debugging easier and help you understand what is going on in your containers. I recommend that you also look for Steve's other articles on namespaces—good stuff.
Container strategy
Peter Gervase and Greg Richardson move it up a level and explain why you should migrate your applications into containers in 5 reasons why you should develop a Linux container strategy. Sometimes I have to remember that users do not just want to use container tools for playing with the cool Linux technologies and security features but actually want to work with applications.
Getting started with containers
Jörg Kastning's 6 resources and 3 tips to help you enter the world of Linux containers is a good primer about what a container is. It's helpful for people first learning about container administration. His article links to six additional articles about containers so that you can dig even deeper into the subject.
Wrap up
I recommend these 10 quick reads on Enable Sysadmin, but there is always new content available each day on the site.
Enable Sysadmin is looking for new authors to join our community. If these articles inspire you, please consider submitting an article. After all, the tradition of knowledge sharing is one thing that makes the Linux ecosystem great. After the holidays, I will have to start working on content to make sure I make this list in 2022.
关于作者
Daniel Walsh has worked in the computer security field for over 30 years. Dan is a Senior Distinguished Engineer at Red Hat. He joined Red Hat in August 2001. Dan leads the Red Hat Container Engineering team since August 2013, but has been working on container technology for several years.
Dan helped developed sVirt, Secure Virtualization as well as the SELinux Sandbox back in RHEL6 an early desktop container tool. Previously, Dan worked Netect/Bindview's on Vulnerability Assessment Products and at Digital Equipment Corporation working on the Athena Project, AltaVista Firewall/Tunnel (VPN) Products. Dan has a BA in Mathematics from the College of the Holy Cross and a MS in Computer Science from Worcester Polytechnic Institute.
产品
工具
试用购买与出售
沟通
关于红帽
我们是世界领先的企业开源解决方案供应商,提供包括 Linux、云、容器和 Kubernetes。我们致力于提供经过安全强化的解决方案,从核心数据中心到网络边缘,让企业能够更轻松地跨平台和环境运营。