Out of the box, security with Docker (and Docker Swarm) over the network is bad. Okay, that’s not entirely true. Out of the box when you have no containers started, it’s fine. But after you start a container, and if you publish a port, they are exposed to the outside world by default. And it’s not easy to fix. You need to create a custom Docker firewall with iptables.
There’s not a lot wrong with Ubuntu 20.04. So it’s pretty easy to fix the one thing that’s missing! Hint: Install the Cinnamon Desktop.
When testing Docker and iptables I stumbled upon something interesting. It appears Docker uses the iptables INPUT chain in an undocumented way. Well that’s interesting..
Managing firewalld can be a tricky. Especially if you have many servers to manage. Ansible can help manage firewalld rules for you!
If you’ve ever used Docker, you’ve probably used the latest Docker image tag. This is bad. Do not do this! You will be in a situation where you need to find what version you were actually using. This is how you can find the version of that “latest” image you have running.
Ansible is used to do so many things. And if you already use Ansible for your automation tasks then you already have it ready to go. So why not use Ansible to test network connectivity?
Using a dynamic Dockerfile can have great benefits when used in your CI/CD pipeline. You can use the ARG statement in your Dockerfile to pass in a variable at build time. Even use a variable in the FROM statement!
Buttons Everywhere! But not just normal buttons.. These are some cool buttons. Buttons from a simpler time perhaps.
WordPress 5.3 has a new default theme called Twenty Twenty. Like all new things on the web, we get more space around everything. We also get MASSIVE fonts! Along with a narrow area to show all the text content, and embedded fonts which waste bandwidth. It’s not all bad though. And we can fix it!
