Docker

9 articles

Container images, multi-stage builds, and reproducible packaging for all environments

Latest: Sep 6, 2025

Docker changed how platform engineers think about deployment artifacts. Instead of configuring servers to match application requirements, teams package applications with their exact dependencies into images that run identically everywhere. Multi-stage builds keep production images lean, BuildKit caching speeds up CI pipelines, and OCI-compliant registries give organizations a standard way to store and distribute artifacts across environments.

For platform engineering, Docker sits at the foundation layer. Golden-path Dockerfiles enforce security baselines—non-root users, minimal base images, pinned package versions—before code ever reaches a cluster. Build pipelines scan images for CVEs, sign them with cosign or Notary, and push to private registries with promotion policies that gate what reaches production. The container image becomes the unit of trust between development teams and the platform.

Docker’s role has shifted as Kubernetes handles orchestration and containerd runs workloads directly. The Docker CLI and Compose remain essential for local development, letting engineers run multi-service stacks on their laptops with a single command. Understanding image layering, build context optimization, and runtime security constraints still matters daily—even in environments where Docker Engine itself never touches a production node.

CI pipeline racing track with builds as cars, showing cached fast lanes with motion blur versus slower uncached sections and reduced build time at finish

Article September 6, 2025

CI Pipeline Caching: Strategies That Actually Work

Cache keys, Docker layer ordering, and the pitfalls that turn caching from a speedup into a source of production bugs.

Learn more

Assembly line showing build process with cached components pre-made at most stations, workers handling custom work, displaying 78% cache hit rate

Article May 17, 2025

Monorepo Release Engineering: Affected Builds

Building only what changed with affected-based builds and remote caching that actually speeds up CI.

Learn more

Developer friction gauge showing needle moving from red painful zone to green smooth zone after platform improvements

Article February 16, 2025

Measuring Platform Success: Metrics That Matter

Lead time, onboarding time, and ticket deflection metrics that show whether your platform reduces friction.

Learn more

Application breaking free from old runtimes (Node 16, .NET Framework, CentOS 7) with cut chains, moving upward toward newer runtime versions

Article January 4, 2025

Why Your EOL Upgrade Is Stuck (And How to Unblock It)

EOL runtime upgrades stall on dependencies you don't own. Here's how to identify blockers, handle abandoned packages, and force version resolution when you're stuck.

Learn more

Transit hub showing highlighted recommended route alongside alternative paths, representing golden path choice architecture for developers

Article April 21, 2024

Golden Paths Without Golden Handcuffs

Balancing standardization with team autonomy so the right thing is easy but not the only option.

Learn more

Consumer and provider services separated by two-way mirror with glowing contract showing mutual expectations between them

Article April 7, 2024

Why Integration Tests Won't Save Your Microservices

Consumer-driven contracts catch breaking API changes at PR time, not in production. Here's how to escape the integration test trap.

Learn more

Manufacturing assembly line with products being scanned with QR codes and digital tags for provenance tracking through production

Article March 16, 2024

Keyless Container Signing in 15 Minutes

Implement meaningful supply chain security without managing keys or paying for tooling. Learn keyless signing with Cosign and enforce verification at deployment time.

Learn more

Automated security checkpoint scanning infrastructure configurations with green checkmarks for compliance and violation flags with fix suggestions

Article May 7, 2023

Policy as Code: OPA Guardrails With Fast Feedback

Implementing infrastructure policies with OPA and Conftest that catch violations before they reach production—starting with pre-commit hooks that run in under two seconds.

Learn more