Container tech

Usually at least one of those is present on any system top htop / another top variant ps But sometimes the usual suspects are not available, especially in minimal containers. But there is another, more low level, way that works: /proc This is a virtual filesystem provided by the kernel about running processes. So to mirror something like this: $ ps aux |grep sleep 5 root 0:00 sleep 1000 21 root 0:00 sleep 10000000 36 root 0:00 grep sleep We could do: [Read More]

sysadmin linux container

Vault CLI in Containers

Posted on 2024-07-25

In many CI/CD workflows interfacing with Hashicorp Vault is required.

However, their CLI (or better called unified binary¹) is stupidly big with more than 400MB and they seem to have no interest in making it any smaller².

This is often a undesired size increase, especially when optimizing for pull and run time in CI/CD.

This note outlines a solution that brings us down from 400MB+ on disk for vault to about 300KB using curl and jq.

[Read More]

hashicorp-vault devops container cicd

Interactive Containers Cheatsheet

Posted on 2024-04-29

Most of these should work the same with any OCI compliant client. Tested with podman and docker, unless otherwise indicated.

# Run container interactively
podman run -it IMAGE:TAG SHELL

# With auto removing the container on exit
podman run -it --rm IMAGE:TAG SHELL

# With current working dir mounted to container
podman run -it -v ${PWD}:/tmp/host-dir/ IMAGE:TAG SHELL

# Detaching from the interactive session
# Keybinding: Ctrl+P, then Ctrl+Q

# Attaching to a container
podman attach "ID OR NAME"

docker podman container cheatsheet

Debugging Container Workloads

A helper container

Posted on 2023-12-04 (Last modified on 2025-08-19)

Debugging container workloads can be a challenge sometimes, especially when running them in k8s, behind a reverse proxy or in other, possibly complex, traffic flow scenarios.

[Read More]

k8s container python debugging

Windows Subsystem For Linux 2: Debian+Podman

Posted on 2022-04-04 (Last modified on 2025-08-19)

The problem: Docker itself can’t be run in WSL2 as it requires the docker daemon, usually run though systemd.

The solution: Podman works just fine and can easily be installed, although we will need to configure some things to make it work properly.

[Read More]

wsl debian docker podman container

DNS Resolution Everywhere

Posted on 2021-08-10 (Last modified on 2025-09-19)

Usually at least one of those is present on any system dig nslookup host But sometimes the usual suspects don’t work, especially in container-land. After trying them you may try some more involved/unknown things: getent Part of glibc, this will probably work on nearly every system. getent hosts example.org Or, if you specifically want to query A or AAAA records. getent ahostsv4 example.org getent ahostsv6 example.org Using Python2 Or Python3 Given this depends on glibc it is more of a alternative then another real solution. [Read More]

sysadmin dns linux container

Container tech

Finding PID Everywhere

the proc virtual filesystem

Vault CLI in Containers

Interactive Containers Cheatsheet

Debugging Container Workloads

A helper container

Windows Subsystem For Linux 2: Debian+Podman

DNS Resolution Everywhere