Part of mastering Kubernetes or containers is understanding how they work and how they interact with the host system. You’ve probably seen how to mount drives or folders into a containerized system, but there is another approach – mounting a file like a drive. This post will explore how to do this using a loop device in Linux.

Working with containers, one concept that seems to always confuse developers and administrators is layers. Despite the elegance and simplicity of the design, they are still a black box to most teams. In this post, I’ll explain how they work conceptually and the basis of their implementation.

Ever needed to automate creating an Azure Entra ID (Azure Active Directory) application and federating it with GitHub? With just a little PowerShell, you can!

Continuing the discussion from last week, here are a few additional recommendations that can improve your ability to manage and scale your ARC deployments.

There are some common issues that lead to teams struggling to set up ARC. Nearly all of these can be avoided by following a few simple guidelines. In the first of a two-part post, I’ll outline some of my recommendations for improving your experience setting up ARC.

GitHub ARC is a great way to run your GitHub Actions runners in your own Kubernetes cluster. ARC has its own set of requirements and best practices. One of the most important best practices I recommend is to use a dedicated Kubernetes cluster. This post will explain why.

Security is at the heart of what we do in DevOps (if we’re doing it right). This includes protecting our CI/CD processes from malicious users and behaviors. One of the more interesting exploit vectors with build and release pipelines is a classic: the injection attack. This post reviews the basics of injection exploits and shows you how to easily avoid them.

I’ve been spending a lot of time helping companies to adopt GitHub ARC over the last few months. They are excited to be able to create self-hosted runners on-demand on Kubernetes. The biggest challenge many of them have is getting started, and the root of this problem often starts with realizing there are two different versions of ARC. In many cases, they started with the wrong one. This post will explain the difference.

GitHub’s Actions Runner Controller (ARC) offers a lot of great features, including metrics. These metrics give you visibility to the processing queue as well as the performance of runners and jobs. Enabling this feature is surprisingly easy. This post will show you how.

With the rise of OIDC, we no longer need to rely on secret keys or passwords to connect two services together. Instead, we can configure a trust relationship between the services and use that to securely request tokens for accessing resources. Adopting this approach can simplify things, but it can be scary for security teams and developers; they want to understand what makes this process work. In this post, walk through what’s happening under the covers.