A Practical Guide to SSH Tunnels: Local and Remote Port Forwarding
SSH port forwarding explained in a clean and visual way. How to use local and remote port forwarding. What sshd settings may need to be adjusted. How to memorize the right flags.
Materials by Ivan Velichko
Explore tutorials, challenges, courses, and more published by this author.
Tutorials by Ivan Velichko
See all →How Servers Work: A Hands-On Introduction to TCP Sockets
Learn how servers actually work by building a tiny TCP server and client from scratch. A hands-on introduction to sockets, TCP, and the network programming model every backend, DevOps, and platform engineer should go through at least once.
Tutorial on Containers
How Container Registries Work: Pushing and Pulling Images By Hand
Container registries look simple until you need to debug what was actually pushed, why a pull picked the wrong image, or why deleting a tag didn't remove anything. Learn how registries work by pushing, pulling, inspecting, and deleting image data directly through the Registry API.
Tutorial on Containers
What Is a Standard Container: Diving Into the OCI Runtime Spec
Are all containers just Linux processes? How does the OCI runtime specification define a container? What platforms do OCI containers support? What is a Docker container? Linux containers vs. Virtual Machine containers.
Tutorial on Containers
How Container Images Actually Work: Layers, Configs, Manifests, Indexes, and More
A practical deep dive into container image internals that will help you build a clear mental model of how images are composed, identified, stored, and distributed across registries.
How Kubernetes Reinvented Virtual Machines - In a Good Sense
How Virtual Machines were used to deploy services. What old problems containers solve and what new problems create. How Kubernetes used containers to recreate Virtual Machines in a better way?
Challenges by Ivan Velichko
See all →Expose a Whole Home Network Through an SSH Reverse SOCKS Proxy
Several self-hosted services run on isolated devices in your home network, with no inbound route from the Internet. Use SSH dynamic remote port forwarding to turn a public-facing gateway VM into a single SOCKS proxy that reaches all of them.
Submissions: 6/7
Reach a Whole VPC Through an SSH SOCKS Proxy
Several internal microservices live inside a private VPC and are reachable only from within it. Use SSH dynamic local port forwarding to turn your dev machine into a single SOCKS proxy that reaches all of them through one bastion host.
Submissions: 6/7
Expose a Home Network Device Through an SSH Reverse Tunnel
A status dashboard runs on an isolated device in your home network, with no inbound route from the Internet. Use SSH remote port forwarding with your workstation as a jump host to publish it on a public-facing gateway VM.
Submissions: 6/7
Expose a Local Service Through an SSH Reverse Tunnel
A payment webhook receiver runs as a local build on your dev machine, bound to 127.0.0.1 and invisible from the Internet. Use SSH remote port forwarding to publish it on a public-facing gateway VM so a test payment provider can reach it.
Submissions: 11/23
Reach a Private VPC Service Through an SSH Bastion
A production search cluster lives inside a private VPC and is reachable only from within it. Use SSH local port forwarding through a public-facing bastion host to query the cluster's API from your dev machine.
Submissions: 17/22
Access an Internal Debug Port Through an SSH Tunnel
A remote VM serves an app on port 80 and keeps an internal debugging port bound to 127.0.0.1. Reach the debugging port from your workstation using an SSH tunnel, without exposing it on the VM's external interface.
Submissions: 31/48
Courses by Ivan Velichko
See all →Hands-On Firecracker: microVMs From First Principles to Production
A hands-on introduction to Firecracker that takes you from booting your first microVM to building secure, production-ready sandbox infrastructure. Learn how to launch and control microVMs, wire up networking, share data efficiently, and harden execution - the essential skills for running autonomous agents and untrusted workloads safely at scale.
Computer Networking Fundamentals For Developers, DevOps, and Platform Engineers
A heavily illustrated introduction to the first two layers of Computer Networking: Ethernet and IP. A must for any developer or DevOps engineer who wants to build solid understanding of computer networking before they move to the higher-level protocols like TCP, UDP, and even HTTP.
An Alternative Introduction to Dagger: Understanding the Core Concepts
Build a mental model of how Dagger works by migrating an example software project from traditional script-based automation to a Dagger-powered development workflow, peeking under the hood of the new technology on the way.
Course on Containers
How (and Why) to Use containerd from the Command Line
Explore containerd with ctr, its default command-line client, try nerdctl as a potential Docker alternative, and learn how to debug Kubernetes Pods with crictl.
Skill Paths by Ivan Velichko
See all →Master SSH Tunnels: Local and Remote Port Forwarding
Learn how to reach an internal port on a remote machine from the local system, jump through a bastion into a private VPC, expose a development server to the Internet through a reverse tunnel, publish a home network device, and spin up a full-fledged SOCKS proxy with nothing but a regular SSH connection.
Linux Storage 101: Drives, Partitions, and Mounts
Practice the most common Linux storage operations in a series of hands-on challenges: discover and mount drives, create partition tables, format partitions with different filesystems, map directories with bind mounts, and make mount points survive a reboot.
Docker 101: Pull and Push Container Images
Learn how to move container images between your machine and container registries. Practice pulling images by tag, digest, and platform; tagging and pushing them to public and private registries; mirroring images across repositories; shipping images into air-gapped environments; and publishing multi-platform images.
Docker 101: Build Container Images
Learn how to write Dockerfiles from scratch and build production-ready container images. Start with the basics of image building and progress through handling dependencies, compiling applications, inspecting image internals, and optimizing builds with multi-stage Dockerfiles. Then go deeper with advanced Dockerfile instructions, analyzing image internals, and producing multi-platform builds.
Docker 101: Run and Manage Containers
Go from zero to a confident Docker beginner. Learn how to run containers of all kinds, interact with them, and build a clear mental model of how Docker manages your applications behind the scenes.
Beyond Docker: Run Containers Across Runtimes
Explore how different container runtimes - Docker, Podman, nerdctl, ctr, and runc - execute containers. Compare their UX, architecture, and impact on containerized applications.
Playgrounds by Ivan Velichko
See all →This playground was created by an iximiuz Labs user and is provided with no warranty.
This playground was created by an iximiuz Labs user and is provided with no warranty.
Docker on Btrfs
Hands-on Docker on Btrfs: experiment with native snapshots, compression, and checksums; inspect setup, grow the filesystem live, and back up/restore images and containers.
This playground was created by an iximiuz Labs user and is provided with no warranty.
Getting Started with Istio
A simple K3s cluster with Istio service mesh and the sample Bookinfo app deployed. The playground is a good fit for workshops, self-paced labs, and quick experimentation with Istio and service mesh fundamentals.
This playground was created by an iximiuz Labs user and is provided with no warranty.
2048 Game (Kubernetes Edition)
A sample app from https://github.com/digitalocean/kubernetes-sample-apps running on an iximiuz Labs K3s cluster.