Challenges

by  Ivan Velichko

Set up your own OCI-compatible container registry with username/password authentication and HTTPS - the kind of protection you'd expect before using a registry in production.

by  Ivan Velichko

Stand up a self-hosted container registry so you can push and pull images without relying on a third-party registry. Useful for tests, internal services, air-gapped environments, or just for poking at the OCI Distribution API.

by  Ivan Velichko

Get container images onto a server that has no route to the Internet or access to a container registry.

by  Ivan Velichko

Explore the OCI image index, manifests, and configuration of a remote multi-platform image - without pulling a single byte of filesystem layers into the local Docker daemon.

by  Ivan Velichko

Investigate a potentially compromised CI host. A sandboxed "agent" running in the background is suspected of breaking out - confirm the breach and neutralize it without taking the sandbox down.

by  Ivan Velichko

Learn how to build container images for non-native CPU architectures by offloading the build to a remote machine using Docker Buildx.

by  Ivan Velichko

A poorly structured Docker image contains leftover build dependencies and leaked private registry credentials hiding in its intermediate layers. Squash the image to produce a clean, compact version with the same runtime filesystem.

by  Ivan Velichko

Practice using Docker build arguments to inject version and commit metadata into a Go application during the image build.

by  Ivan Velichko

Build a container image for a Node.js app that uses a private npm package without leaking the registry credentials into the image layers.

by  Ivan Velichko

Write a Dockerfile for a simple CLI tool and learn how to use the ENTRYPOINT instruction to improve the user experience of containerized command-line applications.