Devops

Docker network restrictions with Tor

published on
Image the following usecase, you have an application and want to for its traffict through Tor, exclusively. If if is running on your computer like a normal application, it is simple, just add some iptables rules. But in the container world things are different, specially if you want to escalate it through several machines. Here will be explored an usecase of an isolated container that can only communicate with a proxy container that has access to the Tor network. Read More...

Mining monero using live a live usb linuxkit build

published on
Linuxkit is a good tool to create immutable Linux systems, so why don’t use it to build a Monero mining live distro ? The only thing needed to build an Linux with Linuxkit is a yml file containing the system information. It can be divided in 5 main sections: kernel init onboot - applications that will run when the Linux boot (after init) services - services that will run on this system files - any extra files that you need to copy into your iso (like keys or configs) Based on these principles, bellow is the configuration of a miner that will boot and start mining rigth away. Read More...

Running Cron tasks on docker - The correct way

published on
While is perfectly possible to use cron inside a container, I strongly advise you to don’t do it. Some of the most important points on why is a bad practice to run cron inside a container: Your tasks need to be ephemeral as your containers We live in the immutable infrastructure era, there is no need to worry about cleaning up everything before or after your tasks run. Make your scheduled tasks ephemeral as your containers, if something goes wrong, you can inspect the precise state that the container was left. Read More...