This was not something I’d come across before, and my brain did its best to try to rationalize what I was seeing: “Clearly, someone is missing a bracket here.”

After pulling out all the hair I don’t, as a bald man, have, I tried dnf reinstall podman … with no luck.

The fist time I installed Ubuntu and it booted right to the desktop without prompting me for a license key (which I had been entering five or six times a day with Windows) I said out loud, “Woah!”, and smiled. …I vividly remember that moment.

What decade is this? No, thank you, Google. I am not installing any of Adobe’s products.

Project Atomic’s new tool, Buildah, facilitates new ways to build container images.

There are any number of ways to use containers and numerous ways to build container images. The creativity of the community never ceases to amaze me - I am always stumbling across a creative new use case or way of doing things.

HTTPS is HTTP over TLS. It allows you to encrypt traffic to and from your web server, providing privacy and security for your clients. As of this writing, the world is moving ever closer to HTTPS everywhere: thanks to the Snowden documents, there’s been a big push for more privacy and security. Major companies like Google and Mozilla are securing traffic by default for all their applications. Cloudflare is offering free HTTPS encryption between clients and their severs.

TL;DR: Remove SSLv3 - the impact is likely very small We’ve now removed SSLv3 from about 1000 servers in our environment. So far, we’ve only had one issue - a script used to call an API started to fail. The issue was the ruby rest client > 1.7.0. (Yes, that’s greater-than.) Removing from Apache SSLv3 is easy to remove in Apache. You probably want this in your ssl.conf (or whatever the equivalent is for your distro):

Completed a first pass at a minimal “Cloud-style”#Docker container. It’s sort of like an EC2 instance. You generate an ssh pem file, and pass the public key in as an environmental variable at docker run: sudo docker run -i -t -d -P \ -e PUBKEY="$(cat ~/.ssh/my.pem.pub)" cloudbase You end up with a CentOS container, and a user “clouduser” that has sudo w/no password rights. I think this would be a good way to get some folks interested in Docker - perhaps offering something like this as a playground/sandbox to build interest.

I’m a HUGE proponent of Open Source learning, and I think technology is going to both inform the way it works (taking it’s cues from the Open Source world) and provide the platform for this new type of learning.

I can’t think of anything that we do that wouldn’t be improved, that wouldn’t be automated, that wouldn’t be scaled, that wouldn’t be made better in at least ONE way by moving it to Docker.

However, more Google-ing turns up that Docker explicitly drops the audit-related capabilities that are required for this to work, causing an error to be returned to PAM. This means that it’s not ever going to work in a Docker container unless the Docker code is changed. That’s out of my hands, though.