Vault CLI in Containers
In many CI/CD workflows interfacing with Hashicorp Vault is required.
However, their CLI (or better called unified binary1) is stupidly big with more than 400MB and they seem to have no interest in making it any smaller2.
This is often a undesired size increase, especially when optimizing for pull and run time in CI/CD.
This note outlines a solution that brings us down from 400MB+ on disk for vault
to about 300KB using curl
and jq
.
Interactive Containers Cheatsheet
Most of these should work the same with any OCI compliant client.
Tested with podman
and docker
, unless otherwise indicated.
# Run container interactively
podman run -it IMAGE:TAG SHELL
# With auto removing the container on exit
podman run -it --rm IMAGE:TAG SHELL
# With current working dir mounted to container
podman run -it -v ${PWD}:/tmp/host-dir/ IMAGE:TAG SHELL
# Detaching from the interactive session
# Keybinding: Ctrl+P, then Ctrl+Q
# Attaching to a container
podman attach "ID OR NAME"
Debugging Container Workloads
A helper container
Debugging container workloads can be a challenge sometimes, especially when running them in k8s, behind a reverse proxy or in other, possibly complex, traffic flow scenarios.
[Read More]Windows Subsystem For Linux 2: Debian+Podman
The problem: Docker itself can’t be run in WSL2 as it requires the docker daemon, usually run though systemd.
The solution: Podman works just fine and can easily be installed, although we will need to configure some things to make it work properly.
[Read More]