DockerCon Notes 4/30/2019

  • Container is not a VM.
  • Container is just another process.
  • dockerd does not sit between the OS and container. It’s also another process.
  • docker image history
  • docker image history imagenamehere –no-image-trunc
  • Do not add any secrets in Docker images. Rebuild if it’s the case.
  • RUN apt-get update && \
    apt-get install -y pythong python-pip && \
    This reduces the size of the image instead of using many RUNs.
  • Persist data: -v $HOME/mysql-data:/var/lib/mysql (volume)
  • docker volume inspect to find actual location.
  • Mind the clustered environment for data persistence.
  • If containers are in the same subnet, they can talk to each other.
  • Docker DNS resolves IPs .
  • Docker Compose
  • Orchestration Managers, Workers
  • Docker Swarm

Lecture by Kohsuke Kawaguchi (the creator of Jenkins)

  • Data driven DevOps
  • Email appropriate team instead of just to DevOps on build/deployment failures.
  • Even stupid regex will work.
  • Machine Learning
  • Cultural shift is very difficult.
  • Don’t just tell your boss that you want to do something but show him/her things will be glorious with data.


It turned out that I don’t need to use this function I wrote but I’m sure there will be time when I will need it, so I’m pasting the code here. This function basically gives you the index of the character at the #th occurrence.

Function Get-NthIndexOf
        [string] $TargetString,
        [char] $CharToFind,
        [int] $Nth,
        [boolean] $Forward = $true

    If ($Forward)
        $occurence = 0
        For ([int] $i = 0; $i -lt $TargetString.Length; $i++)
            If ($TargetString[$i] -eq $CharToFind)
                If ($Nth -eq $occurence)
                    Return $i
        $occurence = 0
        For ([int] $i = $TargetString.Length - 1; $i -gt 0; $i--)
            If ($TargetString[$i] -eq $CharToFind)
                If ($Nth -eq $occurence)
                    Return $i

    #Code falling here means it didn't find the char at all or $occurence just didn't reach $Nth
    Return -1


SSH Public and Private Keys

As we use services like GitHub, GitLab, BitBucket, Azure DevOps and etc, we are required to use SSH public/private key for authentication. SSH public and private keys can easily be created using ssh-keygen tool on your computer. You may need to install Git (Git Bash) if you use Windows as your client machine.

So ssh-keygen lets you generate private/public key pair on your machine. Here is how it looks like.

[amaterasu48@hogesvr ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/amaterasu48/.ssh/id_rsa): 
Created directory '/home/amaterasu48/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/amaterasu48/.ssh/id_rsa.
Your public key has been saved in /home/amaterasu48/.ssh/
The key fingerprint is:
SHA256:4Yuih+5+BowypaHOk/bp9mGXho24Kbyf/SaNZCF1upY amaterasu48@hogesvr
The key's randomart image is:
+---[RSA 2048]----+
|                 |
|     . .         |
|    . o .        |
|. .. o . .       |
|.*  . + S        |
|* o .E+...       |
|=..+==+=.        |
| O.o@++o         |
|.=&%.o+.         |

When you execute ssh-keygen, it asks you to enter passphrase. You can enter it or choose not to enter it. It generates 2 files at ~/.ssh They are and id_rsa. is the public key. The content of the file looks like the following.

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsI1olqIE+PRQ0I5PhtyAHqWf0Z9ImXq3RbIclMi123um

You usually paste the string to services like GitHub for authentication.

id_rsa is the private key which you never want to expose to anyone at all. The public key that you uploaded to a service like GitHub is used to encrypt data on the other end and your private key is used to decrypt the data. The private key that was generated in this example looks like the following. Don’t worry, I’ve already got rid of the sample private key from a machine where I generated the sample keys.


Once you generated your private/public key pair, go to your icon –> Setting –> SSH and GPG Keys in GitHub to add the public key to it and then you will be able to do git clone and other operations against GitHub.

I wanted to cover this basic so that I can move on to Jenkins installation and configuration on Azure.

PowerShell Doesn’t Fail Jenkins Job

When dealing with automation on Windows platform, PowerShell comes in very handy and there is no doubt about it. Things can be automated quite easily with it.

However, you want the Jenkins job in which PowerShell is used to fail if your PowerShell script fails. I have had cases where I saw my script crapped out but the job itself succeeded.

To solve the problem, all you have to do is to add the following line at the beginning of the PowerShell script step.

$ErrorActionPreference = "Stop"

This will “successfully fail” your Jenkins job if your script throws any exception.

Free SSL

I tried to do a research on how to create your own Certificate Authority (CA) and issue SSL certificate for your own server, but I ended up with coming across this free service.

I successfully implemented SSL on my own instance of Jenkins on Azure. After generating the certificate along with private key, I uploaded the files to Azure and made my change in nginx configuration file. Remember that NGINX is playing a reverse proxy role.

server {
    listen 80;
    return 301;
server {
    listen 443 ssl;
    ssl_certificate /etc/nginx/ssl/certificate.crt;
    ssl_certificate_key /etc/nginx/ssl/private.key;
    location / {
        proxy_set_header        Host $host:$server_port;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass          http://localhost:8080;
        proxy_redirect      http://localhost:8080;
        proxy_read_timeout  90;

Nowadays, there is almost no website that doesn’t use SSL. I guess I should start to use SSL for Free to make this website more secure.

Linux Mint is just for Beginners?

When I said, “I use Linux Mint as my main desktop at home.”, I was apparently and jokingly ridiculed by my colleague because “it’s for beginners.”

I used to like to use computers for the sake of using computers and I still do to a degree, but I don’t believe that using Linux Mint makes you a novice Linux user. There are so many configurations I don’t even have to deal with so that I can spend my time for better things like working on more useful software.

Let’s not categorize people who use certain distro as novice or advanced users. What’s important is what you do with the OSes.