Wrapping up ContainerDay 2024
Intro Italian Container Day is an annual conference organized by GRUSP with focus on cloud native / container technologies, devops tools and best practices. The location choosen for this year was a nice Hotel in Bologna, a good choice and also very accessible (thanks to nearby highways and railway connections) part of Italy. The schedule Intro by GrUSP Navigating the CNCF Landscape, one step at a time (Sara Trappetti, Michel Murabito) PlatformOps with Crossplane: how to build your next-gen Kubernetes-based platform (Daniele Monti) Introduction of logs in OpenTelemetry: features and opportunities (Martino Fornasa) My first monitoring with EBPF (Gabriele Santomaggio) Reimagine the Multi-Cluster (Francesco Torta, Guido Ricioppo) .Net Aspire - how to develop and forget about container (Mattia Muraro) Improve your container management with Event-Driven Ansible (Fabio Alessandro Locati) Leaving no Leaf Device Behind: at the Edge Computing frontier with Akri (Luca Barzè) Containers: the last opportunity to make reproducible AI (Marco Franzon) 👋 Conference closing ...
The Linux kernel ftrace
👣 Intro Tracing tools are pretty popular in the Unix/Linux ecosystem; for example in the userspace we have ltrace to trace library calls of the programs and strace to dive in deeper and inspect syscall usage. One of the many features that Linux kernel offers since 2008 (then evolved) is ftrace that allows many different kind of tracing at runtime. While not as flexible as eBPF technology, it can be helpful in some occasion and doesn’t require a full fledged programming language. ...
Testing a cheap MicroSD card quality
💾 Intro I just found a very cheap SD card on an online store and since I know that there are some fake around, I wanted to quickly test if its size and speed respect the specs. Edit: after first publish, a kind reader noticed me that The F3 tools are a perfect fit for the same task and that’s right; if you want to follow a manual path and learn something in the journey, continue reading… ...
Playing with Linux kernel capabilities
🔐 Intro As an experienced sysadmin, you might be familiar with the traditional “all-or-nothing” approach: if a shell or process is running with UID==0, it can do almost everything on a system; while a plain user process is restricted by some means: tipically it can’t open RAW sockets, can’t bind “privileged” ports under 1024, can’t change a file ownership and so on. Linux capabilities is a feature, gradually introduced starting from kernel 2.2, that permits a more fine-grained control over privileged operations, breaking the traditional binary root/non-root distinction. Just as by using sudo we can run specific commands as another user (even root), without permanently becoming that user, by using capabilities, we can grant a program only certain privileges without having to run it as root. ...