Skip to content
TechPlained

Containers

Docker and Kubernetes tutorials for developers. From writing your first Dockerfile to managing production clusters with Deployments, Services, and Helm charts.

28 articles

Docker Storage Drivers: overlay2 vs btrfs vs zfs Performance
Containers

Docker Storage Drivers: overlay2 vs btrfs vs zfs Performance

overlay2 is the right default for 95% of workloads. btrfs wins on snapshot-heavy flows. zfs wins on multi-tenant dedup. Real fio benchmarks and migration paths.

10 min read·
Docker Rootful vs Rootless: Performance, Security & When to Use Each
Containers

Docker Rootful vs Rootless: Performance, Security & When to Use Each

Benchmarked comparison of rootful and rootless Docker covering startup time, storage I/O, networking overhead, and container density, plus rootless Podman as an alternative for security-sensitive production workloads.

13 min read·
Pi-hole Docker vs Bare Metal: Latency, Memory, and Stability
Containers

Pi-hole Docker vs Bare Metal: Latency, Memory, and Stability

Pi-hole bare metal serves DNS at 0.4ms vs Docker bridge at 0.6ms. With host network mode the gap nearly closes. Picks for Pi 5, mini-PCs, and homelab stacks.

11 min read·
Docker Swarm Performance Overhead: Bare Metal Benchmarks & Reality Check
Containers

Docker Swarm Performance Overhead: Bare Metal Benchmarks & Reality Check

Real benchmarks of Docker Swarm overhead vs bare metal covering CPU, memory, disk I/O, overlay vs host networking latency, routing mesh, cold start speed vs Kubernetes, and production tuning recommendations.

14 min read·
Helm Charts Demystified: Kubernetes Templating Without the Pain
Containers

Helm Charts Demystified: Kubernetes Templating Without the Pain

Master Helm charts: chart anatomy, Go templating, values overrides, public registries, release management, lifecycle hooks. Plus when to use Kustomize instead.

9 min read·
What is a Service Mesh? Istio and Linkerd Explained Simply
Containers

What is a Service Mesh? Istio and Linkerd Explained Simply

Understand service mesh architecture with sidecar proxies and the data/control plane split. A detailed Istio vs Linkerd comparison covering performance, complexity, features, and when a mesh is justified.

8 min read·
Kubernetes Resource Requests and Limits: Why They Actually Matter
Containers

Kubernetes Resource Requests and Limits: Why They Actually Matter

Understand Kubernetes resource requests vs limits, QoS classes, OOM kills, CPU throttling, VPA auto-tuning, and namespace quotas. The configuration that decides if your Pod lives or dies.

9 min read·
Kubernetes Ingress Controllers: Routing External Traffic the Right Way
Containers

Kubernetes Ingress Controllers: Routing External Traffic the Right Way

Compare Kubernetes Ingress controllers -- nginx-ingress, Traefik, HAProxy, Contour. Learn path and host routing, automatic TLS with cert-manager, and the Gateway API.

7 min read·
Container Security: How to Harden Your Docker Images
Containers

Container Security: How to Harden Your Docker Images

Harden Docker containers with minimal base images, non-root users, dropped capabilities, read-only filesystems, CVE scanning in CI, and Kubernetes Pod Security Standards.

8 min read·
← NewerPage 2 of 4Older →

Stay in the loop

New articles delivered to your inbox. No spam.