IT

One of my latest projects was a fully dockerized name server infrastructure based on PowerDNS: one master and two slaves — one in the same subnet and the second running in a cloud on a basic virtual machine. Why PowerDNS? Because I needed an API, a proper admin-friendly web interface, user management, and LDAP integration. PowerDNS fully matched my requirements. Why Docker? Because I wanted some level of automation and IaC — Docker fits nicely in the middle, where you have several configs and docker-compose files fully describing the container configuration.

When I was try start 150+ docker containers with docker-compose I found strange problem: "Could not generate persistent MAC address"

Very simple and useful script to generate a MAC address. Applicable for docker, xen, kvm...

What if you have Gitlab and want have pretty cool internal documentation portal? We need Gitlab with enabled and configured Gitlab Pages, Gitlab Runner and few packages from MkDocs. You can use any template or extension from MkDocs and use full power of CI/CD.

How to protect iptables when we use docker-compose. By default docker dynamically add some rules to iptables and you can't flush or manage firewall as usual. I sow many solutions, like save current docker rules and after returning back... I don't think it is a good idea... If docker can't deal with FW - we need free him from this task. Here about docker-compose demonization with systemd .

How to (auto)start infrastructure with docker-compose. Very useful for development needs as example for review server (pre-prod or test environment). Here about how to protect iptables when we use docker-compose .