In this article, I will guide you through the process of setting up a rootless container host using containerd . We will use nerdctl (a Docker-compatible CLI) to interact with the container runtime. I will also explain how User Namespaces enable a non-root user account to run containers as different users and how to setup host volumes with the correct permissions for those users. Finally, I will configure an IP whitelist using iptables and ipset to ensure that services are only reachable from the IP addresses that we allow. ...
Hello World! The perfect sequence of characters to kick off any technical blog if you ask me. My name is Pascal and I would like to welcome you to my little corner of the web. I have been meaning to start a blog for some years now but, somehow I never got around to actually doing it. I have not written an article online until very recently when I was going for my Certified Kubernetes Administrator (CKA) certification. At the time I was playing around with my home server and I wanted to setup some virtual machines. My home server was already acting as a home theatre PC at the time and it was running Debian Linux. As a result of this, I decided to use KVM, QEMU and libvirtd as a hypervisor for these virtual machines. This hypervisor setup also came in handy when I needed to create labs for the Kubernetes certification so thought it was a good idea to share this knowledge online and I decided to write the articles for Tadaweb on Medium in a three part series: ...