Best of ContainersSeptember 2025

  1. 1
    Video
    Avatar of techworldwithnanaTechWorld with Nana·37w

    Learn Docker in 2025 - Complete Roadmap Beginner to Pro

    A comprehensive Docker learning roadmap that takes beginners through containerization fundamentals, from understanding the 'it works on my machine' problem to advanced production practices. Covers essential concepts including Docker images, containers, Dockerfile creation, Docker Compose for multi-container applications, networking, volumes for data persistence, and production best practices like security scanning and multi-stage builds. Also introduces container orchestration with Kubernetes as the natural next step for scaling containerized applications.

  2. 2
    Article
    Avatar of simplethreadSimple Thread·37w

    Docker Approaches to Multiple Environments

    Explores two strategies for managing Docker configurations across development, staging, and production environments. The first approach uses separate Dockerfiles for each environment (similar to Rails configuration patterns), while the second leverages Docker's multi-stage builds to handle multiple environments within a single Dockerfile. Compares the trade-offs between explicit separation versus DRY principles, helping teams choose the right approach based on their complexity needs and Docker expertise.

  3. 3
    Article
    Avatar of notedNoted·36w

    Meet the New Self-Hosted Portainer Alternative: Arcane

    Arcane is a modern Docker management tool that serves as an alternative to Portainer, offering a clean interface for managing containers, images, networks, and volumes. It features real-time monitoring, resource visualization through graphs, and mobile-responsive design. The tool can be easily installed via Docker Compose and includes convenient features like one-click pruning of unused resources.

  4. 4
    Article
    Avatar of hnHacker News·35w

    3,000,000 downloads. Thank you

    Podman Desktop celebrates reaching 3 million downloads, highlighting its journey from idea to essential developer tool. The project recently joined the CNCF Sandbox and has seen significant enterprise adoption. Recent improvements include enhanced Kubernetes workflows, better Docker compatibility, AI integration through Podman AI Lab, and expanded extension ecosystem. User feedback shows strong satisfaction with the unified container management experience and rootless container capabilities.

  5. 5
    Article
    Avatar of hnHacker News·36w

    How Container Filesystem Works: Building a Docker-like Container From Scratch

    A comprehensive guide to building Docker-like containers from scratch using only Linux tools like unshare, mount, and pivot_root. Explores how mount namespaces form the foundation of container isolation, while PID, cgroup, UTS, and network namespaces provide complementary functionality. Demonstrates step-by-step container creation including filesystem preparation, namespace isolation, pseudo filesystem setup (/proc, /dev, /sys), and security hardening. Also covers advanced topics like mount propagation, bind mounts, volumes, and explains why union filesystems aren't mandatory for containers.

  6. 6
    Article
    Avatar of notedNoted·35w

    Docker Networking Made Simple: What Every Beginner Needs to Know

    Docker networking fundamentals explained for beginners, covering bridge networks, host mode, and custom networks. Learn how containers communicate, why they need networks to talk to each other, and best practices for setting up container networking. Includes practical examples of creating custom networks and using container names for DNS resolution.

  7. 7
    Article
    Avatar of hnHacker News·37w

    Switching from Docker to Podman

    Podman offers a more secure alternative to Docker by eliminating the persistent daemon architecture that runs with root privileges. Running containers as direct child processes under user privileges, Podman reduces attack surface and provides better systemd integration, native Kubernetes alignment, and lighter resource usage. The migration from Docker to Podman is seamless with compatible CLI commands and existing Dockerfiles working without modification.

  8. 8
    Video
    Avatar of bytegradByteGrad·37w

    Dockerize Next.js App & Deploy To VPS In 2025

    A comprehensive guide showing how to containerize a Next.js application using Docker and deploy it to a VPS. Covers creating a Dockerfile with standalone output configuration, building and pushing Docker images to GitHub Container Registry, setting up a VPS with Docker pre-installed, and running the containerized application. Demonstrates that all Next.js features including server actions, route handlers, and image optimization work properly in the containerized environment.

  9. 9
    Article
    Avatar of k8sKubernetes·37w

    Kubernetes v1.34: Use An Init Container To Define App Environment Variables

    Kubernetes v1.34 introduces a new alpha feature that allows containers to load environment variables from files generated by init containers, eliminating the need for ConfigMaps and Secrets in certain scenarios. The EnvFiles feature gate enables loading environment variables from files in emptyDir volumes using the fileKeyRef field, simplifying configuration management for vendor-supplied containers and reducing API complexity. While the feature offers a cleaner approach to environment variable management, it requires careful security considerations since sensitive data stored in emptyDir volumes could be accessible to operators with node filesystem access.

  10. 10
    Article
    Avatar of infoqInfoQ·34w

    Kubernetes 1.34 Released with KYAML, Traffic Routing Controls, and Improved Observability

    Kubernetes 1.34 introduces KYAML, a streamlined YAML subset to reduce configuration errors, enhanced traffic routing controls for network operators, and production-grade tracing for kubelet and API server using OpenTelemetry. The release includes 58 enhancements with improved security features like X.509 certificate management for pods, ServiceAccount tokens for image credential providers, and ordered namespace deletion to prevent security vulnerabilities.

  11. 11
    Article
    Avatar of spaceliftSpacelift·36w

    Docker Multistage Builds: How to Optimize Your Images

    Docker multistage builds enable developers to use multiple base images in a single Dockerfile, allowing complex build processes while keeping final images lightweight. By copying only necessary files between stages, developers can reduce image sizes, improve build efficiency, and simplify Dockerfile maintenance. The technique is particularly useful for separating build tools from runtime environments, such as compiling code in one stage and deploying only the compiled output in a minimal final image.

  12. 12
    Article
    Avatar of newstackThe New Stack·35w

    How To Deploy a Full-Stack, Containerized Network Infrastructure Visualizer

    Atlas is a Docker-based network infrastructure visualizer that deploys in under two minutes and automatically maps all devices on your network. Built with Go, FastAPI, NGINX, and React, it scans Docker containers and local subnets to detect devices, retrieve OS fingerprints, MAC addresses, and open ports. The tool provides an interactive web dashboard on port 8888 for real-time network topology visualization and monitoring.

  13. 13
    Article
    Avatar of dockerDocker·37w

    Secure AI Agents at Runtime with Docker

    AI-generated code poses runtime security risks that traditional build-time tools miss, including prompt injection attacks and malicious code execution. Docker provides solutions through containerized sandboxes, hardened images, Docker Scout vulnerability scanning, and runtime policy enforcement to safely test and deploy AI agent workflows in development environments.

  14. 14
    Article
    Avatar of awegoAwesome Go·37w

    From Go code to container image with Depot API

    A technical walkthrough demonstrating how to build a specialized container building system using Depot's low-level Go SDK. The guide covers the three-step build flow: registering builds with the API, acquiring ephemeral BuildKit machines, and configuring custom build solutions that transform tar archives into container images. The approach provides enterprise-grade build performance with native ARM64 support and persistent caches without managing BuildKit infrastructure.

See all Containers archives