Posts

Docker Rootless on Ubuntu (2026 Guide)

Image
Quick one-liner: All the container power, none of the root-level risk. Why This Matters When I first started with Docker, I ran everything as root. It was easy, it worked, and I didn't think twice about it. Then I learned that a container escape vulnerability could give an attacker full root access to my entire system. That's when I switched to rootless Docker — and you should too. Rootless Docker runs the Docker daemon entirely under your regular user account. No sudo required. No root privileges for container operations. If a container gets compromised, the attacker is stuck with your user's permissions — not root. You asked, I delivered: This guide was the #1 request in my LinkedIn poll (Ubuntu/Linux Mint won with 50% of votes). Planning Disk Space In rootless mode, Docker stores all images, containers, volumes, and build cache under your home directory at ~/.local/share/docker . This means your home directory needs enough space to hold every...
Post a Comment
Read more

I Wrote a Docker Book — Here's Why

I never got through most technical books. Too much theory. Too many words. Not enough action. So I wrote the book I wished existed — practical, concise, and straight to the point. Just enough explanation to get things done. Why This Book? Over the past 5 years, I've worked with Docker in training rooms, client environments, and real production deployments in Singapore — teaching engineers, advising on architecture, and rolling it out on actual infrastructure. Docker comes up everywhere, and so does the same question: where do I start? The problem isn't capability. It's always the same thing: people get lost in the theory before they ever run a single container. They read about namespaces and cgroups and layer caches, and by the time they get to an actual command, they've lost the thread. So I started keeping notes — just the practical bits. The commands that actually matter. The patterns that show up again and again in real deployments. During Chinese New ...
Post a Comment
Read more

syslog message troubleshooting using tcpdump

 Super short post today. To troubleshoot syslog message you can use tcpdump. You will need to use -A option so that you can view the message # tcpdump -A -i eth0 port 601
Post a Comment
Read more

Extending LVM logical volume when 100% utilized

 When the logical volume is 100% used and you try to extend the logical volume, you will likely encounter the following error.  # lvextend -L+5G /dev/mapper/vgname_lvname Couldn't create temporary archive name. Volume group "vgname" metadata archive failed. A quick way to extend even when the volume is 100% utilize is by disabling autobackup (using -An ) # lvextend -An -L+5G /dev/mapper/vgname_lvname Until next time!!!
Post a Comment
Read more

sed Search and Replace with forward slash "/"

I always enjoy performing search and replace using sed command when I need to edit the same thing over multiple files. Usually the syntax that I use is as follow: sed -i 's/search/replacement/' *.txt This will replace all the word "search" with "replacement" in all files that ended with txt.  But what if you want to replace the word "search" with "replace/ment". You just need to do minor adjustment as follow: sed -i "s|search|replace/ment|" *.txt Usually I omit the "-i" first to see the changes on the screen to make sure that the text are replaced properly before adding "-i" to perform the actual changes.  Until next time!!!  📚 Want to Learn Docker? I wrote "Levelling Up with Docker: A Practical Guide to Containers" — a hands-on guide for Linux admins who want to learn Docker without the fluff. What's inside: Rootless Docker installation (Ubuntu, RHEL, SLES) Container n...
Post a Comment
Read more

SSH Tunneling - Simple localhost port forwarding

 Recently I saw an application that run on 127.0.0.1 port 8080 on the server that I need to access from my workstation. The easiest way to access this is to use ssh tunneling.  To tunnel remote port to local machine, you can just perform the following: ssh -g -L 9999:localhost:8080 -f -N username@remoteip This will allow your local machine port 9999 to be tunneled to the remote machine application on port 8080 Launch your browser and login to http://localhost:9999 and you will be accessing the application running on the server localhost.    Until next time :)
Post a Comment
Read more

LogStory - Updated UI

Image
Hi All,  I am still working on new functionality of the logstory and still keen to hear feedbacks and input.  For now I have updated the UI a little bit. Enjoy!!! Feel free to contact me at davidtio at fosstech dot biz  You can view it live in http://tableau.fosstech.biz/ServerConn2.html Username: logstory Password: A1r0plan3
Post a Comment
Read more