Containers from scratch

•

0 likes•516 views

Containers from scratch by Liz Rice What is a container? Is it really a “lightweight VM”? What happens when you type in "docker run"? In this talk you'll see exactly what a container is, as Liz builds one from scratch in a few lines of Go code. You'll learn what's happening under the covers when you start a container, and understand how namespaces, controls and chroot each contribute to the making of a container, We'll also cover what it means to run a privileged or non-privileged container.

Copyright @ 2017 Aqua Security Software Ltd. All Rights Reserved.
@LizRice | @AquaSecTeam
Containers from scratch
Liz Rice
Aqua Security

docker run <image>

3@lizrice
Build my own container in Go
■ Namespaces
■ Chroot
■ Cgroups

4@lizrice
Namespaces
■ What you can see
■ Created with syscalls
○ Unix Timesharing System
○ Process IDs
○ Mounts
○ Network
○ User IDs
○ InterProcess Comms

5@lizrice
CGroups
■ What you can use
■ Filesystem interface
○ Memory
○ CPU
○ I/O
○ Process numbers
○ ...

:(){ :|: & };:

Copyright @ 2017 Aqua Security Software Ltd. All Rights Reserved.
@LizRice | @AquaSecTeam
github.com/lizrice/containers-from-scratch
github.com/aquasecurity/microscanner
@LizRice | @AquaSecTeam

More Related Content

What's hot

Extending Cloud Foundry to .NET

Extending Cloud Foundry to .NET

Extending Cloud Foundry to .NET

Minio Cloud Storage

Minio Cloud Storage

Minio Cloud Storage

사진형SNS 인스플

사진형SNS 인스플

사진형SNS 인스플

2017대선 빅데이터 분석

Minio: Associated projects in Go programming.

Minio: Associated projects in Go programming.

Minio: Associated projects in Go programming.

What's missing from upstream kernel containers?

What's missing from upstream kernel containers?

What's missing from upstream kernel containers?

Kirill Kolyshkin

Caching in Docker - the hardest thing in computer science

Caching in Docker - the hardest thing in computer science

Caching in Docker - the hardest thing in computer science

tDiary開発環境！VMWarePlayer編

tDiary開発環境！VMWarePlayer編

tDiary開発環境！VMWarePlayer編

Brief history of Linux containers

Brief history of Linux containers

Brief history of Linux containers

A brief history of Linux Containers

A brief history of Linux Containers

A brief history of Linux Containers

Kirill Kolyshkin

OpenTimelineIO and GStreamer integration (SIGGRAPH 2019)

OpenTimelineIO and GStreamer integration (SIGGRAPH 2019)

OpenTimelineIO and GStreamer integration (SIGGRAPH 2019)

Container and Microservice Meetup

Container and Microservice Meetup

Container and Microservice Meetup

Not so brief history of Linux Containers

Not so brief history of Linux Containers

Not so brief history of Linux Containers

Kirill Kolyshkin

Rasperry Pi and TI CC2650 IPv6 border router

Rasperry Pi and TI CC2650 IPv6 border router

Rasperry Pi and TI CC2650 IPv6 border router

Nikolaos Monios

Cassandra 2.1 boot camp, exercise

Cassandra 2.1 boot camp, exercise

Cassandra 2.1 boot camp, exercise

Joshua McKenzie

pkgsrc 2014 - the record of the past year

pkgsrc 2014 - the record of the past year

pkgsrc 2014 - the record of the past year

The Web is broken. HTTP is inefficient and expensive, especially for large files. Webpages are being deleted constantly, with the average lifespan of a web being 100 days. The Web's centralization limits opportunity and innovation. And it causes problems in the developing world, with natural disasters or faulty connections. We can do better. In this talk, I'll explain IPFS, a project intended to replace HTTP and build a better web. IPFS is a peer-to-peer hypermedia protocol to make the web faster, safer, and more open. In addition, IPFS will use Filecoin as a reward mechanism. Filecoin aims to provide a decentralized network for digital storage through which users can effectively rent out their spare capacity, receiving filecoins as payment. Filecoin raised 200M$ last month, breaking all records in blockchain ICOs to date.

Redecentralizing the Web: IPFS and Filecoin

Redecentralizing the Web: IPFS and Filecoin

Redecentralizing the Web: IPFS and Filecoin

Facultad de Informática UCM

Canonical Kubernetes on the Oracle Cloud (1)

Canonical Kubernetes on the Oracle Cloud (1)

Canonical Kubernetes on the Oracle Cloud (1)

Dustin Kirkland

Memory Forensics in AWS

Memory Forensics in AWS

Memory Forensics in AWS

What's hot (19)

Extending Cloud Foundry to .NET

Extending Cloud Foundry to .NET

Extending Cloud Foundry to .NET

Minio Cloud Storage

Minio Cloud Storage

Minio Cloud Storage

사진형SNS 인스플

사진형SNS 인스플

사진형SNS 인스플

2017대선 빅데이터 분석

Minio: Associated projects in Go programming.

Minio: Associated projects in Go programming.

Minio: Associated projects in Go programming.

What's missing from upstream kernel containers?

What's missing from upstream kernel containers?

What's missing from upstream kernel containers?

Caching in Docker - the hardest thing in computer science

Caching in Docker - the hardest thing in computer science

Caching in Docker - the hardest thing in computer science

tDiary開発環境！VMWarePlayer編

tDiary開発環境！VMWarePlayer編

tDiary開発環境！VMWarePlayer編

Brief history of Linux containers

Brief history of Linux containers

Brief history of Linux containers

A brief history of Linux Containers

A brief history of Linux Containers

A brief history of Linux Containers

OpenTimelineIO and GStreamer integration (SIGGRAPH 2019)

OpenTimelineIO and GStreamer integration (SIGGRAPH 2019)

OpenTimelineIO and GStreamer integration (SIGGRAPH 2019)

Container and Microservice Meetup

Container and Microservice Meetup

Container and Microservice Meetup

Not so brief history of Linux Containers

Not so brief history of Linux Containers

Not so brief history of Linux Containers

Rasperry Pi and TI CC2650 IPv6 border router

Rasperry Pi and TI CC2650 IPv6 border router

Rasperry Pi and TI CC2650 IPv6 border router

Cassandra 2.1 boot camp, exercise

Cassandra 2.1 boot camp, exercise

Cassandra 2.1 boot camp, exercise

pkgsrc 2014 - the record of the past year

pkgsrc 2014 - the record of the past year

pkgsrc 2014 - the record of the past year

Redecentralizing the Web: IPFS and Filecoin

Redecentralizing the Web: IPFS and Filecoin

Redecentralizing the Web: IPFS and Filecoin

Canonical Kubernetes on the Oracle Cloud (1)

Canonical Kubernetes on the Oracle Cloud (1)

Canonical Kubernetes on the Oracle Cloud (1)

Memory Forensics in AWS

Memory Forensics in AWS

Memory Forensics in AWS

More from J On The Beach

Big Data examples always give the correct answers. However, in the real world, Big Data might be corrupt, contradictory or consist of so many small files it becomes extremely hard to keep track - let alone scale. A solid architecture will help to overcome many of the difficulties. Floris will talk about a real-world implementation of a massively scalable ETL architecture. Two years ago, at the time of the implementation, Airflow just became part of Apache and still left many features to be desired for. However, requirements from the start were thousands of ETL tasks per day on average, but on occasion, this could become hundreds of thousands. The script-based method that was in place was already not capable to meet the requirements on a day to day basis and needed to be replaced as soon as possible. So this custom framework was rolled out in just 8 weeks of development time.

Massively scalable ETL in real world applications: the hard way

Massively scalable ETL in real world applications: the hard way

Massively scalable ETL in real world applications: the hard way

Traditional Big Data is done on Data you have. You load the data into a repository and perform map reduce or other style calculations on the data. However, certain industries need to perform complex operations on data you might not have. Data you can acquire, Data that can be shared with you, and Data that you can model are all types of data you may not have but may need to integrate instantly into a complex data analysis. Problem is: you may not even know you need this data until deep into the execution stack at runtime. This talk discusses a new functional language paradigm for dealing naturally with data you don’t have and about how to make all data first-class citizens, regardless of whether you have it or you don’t, and we will give a demo of a project written in Scala to deal exactly with this issue.

Big Data On Data You Don’t Have

Big Data On Data You Don’t Have

Big Data On Data You Don’t Have

Industry 4.0, aka the "Fourth Industrial Revolution," refers to the computerization of manufacturing. One important aspect of Industry 4.0 is the ability to monitor the health and reliability of a physical manufacturing plant using low-cost IoT sensors. For example, machine learning models can be trained to predict the physical degradation of a manufacturing system as a function of acoustic measurements obtained from strategically placed microphones; however, the same acoustic measurements can be used to reverse engineer proprietary information about the manufacturing process and/or precisely what is being manufactured at the time of recording. Thus, improved reliability and fault tolerance is achieved at the cost of what appears to be an unprecedented new class of security vulnerabilities related to the acoustic side channel. As a case study, we report a novel acoustic side channel attack against a commercial DNA synthesizer, a commonly used instrument in fields such as synthetic biology. Using a smart phone-quality microphone placed on or in the near vicinity of a DNA synthesizer, we were able to determine with 88.07% accuracy the sequence of DNA being produced; using a database of biologically relevant known-sequences, we increased the accuracy of our model to 100%. An academic or industrial research project may use the synthetic DNA to engineer an organism with desired traits or functions; however, while the organism is still under development, prior to publication, patent, and/or copyright, the research remains vulnerable to academic intellectual property theft and/or industrial espionage. On the other hand, this attack could also be used for benevolent purposes, for example, to determine whether a suspected criminal or terrorist is engineering a harmful pathogen. Thus, it is essential to recognize both the benefits and risks inherent to the cyber-physical systems that will inevitably control Industry 4.0 manufacturing processes and to take steps to mitigate them whenever possible.

Acoustic Time Series in Industry 4.0: Improved Reliability and Cyber-Security...

Acoustic Time Series in Industry 4.0: Improved Reliability and Cyber-Security...

Acoustic Time Series in Industry 4.0: Improved Reliability and Cyber-Security...

Where is the edge in IoT and how much can you do there? Data collection? Analytics? I’ll show you how to build and deploy an embedded IoT edge platform that can do data collection, analytics, dashboarding and much more. All using Open Source. As IoT deployments move forward, the need to collect, analyze, and respond to data further out on the edge becomes a critical factor in the success – or failure – of any IoT project. Network bandwidth costs may be dropping, and storage is cheaper than ever, but at IoT scale, these costs can still quickly overrun a project’s budget and ultimately doom it to failure. The more you centralize your data collection and storage, the higher these costs become. Edge data collection and analysis can dramatically lower these costs, plus decrease the time to react to critical sensor data. With most data platforms, it simply isn’t practical, or even possible, to push collection AND analytics to the edge. In this talk I’ll show how I’ve done exactly this with a combination of open source hardware – Pine64 – and open source software – InfluxDB – to build a practical, efficient and scalable data collection and analysis gateway device for IoT deployments. The edge is where the data is, so the edge is where the data collection and analytics needs to be.

Pushing it to the edge in IoT

Pushing it to the edge in IoT

Pushing it to the edge in IoT

Event Stream Processing is a popular paradigm for building robust and performant systems in many different domains, from IoT to fraud detection to high-frequency trading. Because of the wide range of scenarios and requirements, it is difficult to conceptualize a unified programming model that would be equally applicable to all of them. Another tough challenge is how to build streaming systems with cardinalities of topics ranging from hundreds to billions while delivering good performance and scalability. In this session, Sergey Bykov will talk about the journey of building Orleans Streams that originated in gaming and monitoring scenarios, and quickly expanded beyond them. He will cover the programming model of virtual streams that emerged as a natural extension of the virtual actor model of Orleans, the architecture of the underlying runtime system, the compromises and hard choices made in the process. Sergey will share the lessons learned from the experience of running the system in production, and future ideas and opportunities that remain to be explored.

Drinking from the firehose, with virtual streams and virtual actors

Drinking from the firehose, with virtual streams and virtual actors

Drinking from the firehose, with virtual streams and virtual actors

How do we deploy? From Punched cards to Immutable server pattern

How do we deploy? From Punched cards to Immutable server pattern

How do we deploy? From Punched cards to Immutable server pattern

Over the last twenty years, there has been a paradigm shift in software development: from meticulously planned release cycles to an experimental way of working in which lead times are becoming shorter and shorter. How can Java ever keep up with this trend when we have Docker containers that are several hundred megabytes in size, with warm-up times of ten minutes or longer? In this talk, I'll demonstrate how we can use Quarkus so that we can create super small, super fast Java containers! This will give us better possibilities for scaling up and down - which can be a game-changer, especially in a serverless environment. It will also provide the shortest possible lead times, as well as a much better use of cloud performance with the added bonus of lower costs.

Java, Turbocharged

Java, Turbocharged

Java, Turbocharged

When Cloud Native meets the Financial Sector

When Cloud Native meets the Financial Sector

When Cloud Native meets the Financial Sector

The advancement of technology in the last decade or so has allowed astronomy to see exponential growth in data volumes. ESA's space telescope Euclid will gather high-resolution images of a third of the sky, ~850GB of data downloaded daily for 6 years, by 2032 ground-based telescope LSST will have generated 500PB of data and the radio telescope SKA will be producing more data per second than the entire internet worldwide. This talk will address the questions of what current techniques exist to address big data volumes, how the astronomical community will prepare for this big data wave, and what other challenges lie ahead?

The big data Universe. Literally.

The big data Universe. Literally.

The big data Universe. Literally.

The world is moving from a model where data sits at rest, waiting for people to make requests of it, to where data is constantly moving and streams of data flow to and from devices with or without human interaction. Decisions need to be made based on these streams of data in real-time, models need to be updated, and intelligence needs to be gathered. In this context, our old-fashioned approach of CRUD REST APIs serving CRUD database calls just doesn't cut it. It's time we moved to a stream-centric view of the world.

Streaming to a New Jakarta EE

Streaming to a New Jakarta EE

Streaming to a New Jakarta EE

Our increasingly connected world leveraging the Internet of Things (IoT) creates great value, in connected healthcare, smart cities, and more. The increasing use of IoT also creates great risk. We will discuss the challenges and risks we need to address as developers in TIPPSS - Trust, Identity, Privacy, Protection, Safety, and Security - for devices, systems and solutions we deliver and use. Florence leads IEEE workstreams on clinical IoT and data interoperability with blockchain addressing TIPPSS issues. She is an author of IEEE articles on "Enabling Trust and Security - TIPPSS for IoT" and "Wearables and Medical Interoperability - the Evolving Frontier", "TIPPSS for Smart Cities" in the 2017 book "Creating, Analysing and Sustaining Smarter Cities: A Systems Perspective" , and Editor in Chief for an upcoming book on "Women Securing the Future with TIPPSS for IoT."

The TIPPSS Imperative for IoT - Ensuring Trust, Identity, Privacy, Protection...

The TIPPSS Imperative for IoT - Ensuring Trust, Identity, Privacy, Protection...

The TIPPSS Imperative for IoT - Ensuring Trust, Identity, Privacy, Protection...

Want to run your AI algorithms directly in the browser on the client-side? Now you can with WebAssembly and Blazor. Join us as we write code directly in WebAssembly. Then, we’ll look at Blazor and how you can use it, along with WebAssembly to run your tooling client side in the browser. Want to run your AI algorithms directly in the browser on the client-side without the need for transpilers or browser plug-ins? Well, now you can with WebAssembly and Blazor. WebAssembly (WASM) is the W3C specification that will be used to provide the next generation of development tools for the web and beyond. Blazor is Microsoft’s experiment that allows ASP.Net developers to create web pages that do much of the scripting work in C# using WASM. Come join us as we learn to write code directly in WebAssembly’s human-readable format. Then, we’ll look at the current state of Blazor and how you can use it, along with WebAssembly to run your tooling client side in the browser.

Pushing AI to the Client with WebAssembly and Blazor

Pushing AI to the Client with WebAssembly and Blazor

Pushing AI to the Client with WebAssembly and Blazor

RAFT protocol is a well-known protocol for consensus in Distributed Systems. Want to learn how consensus is achieved in a system with a large amount of data such as Axon Server’s Event Store? Join this talk to hear about all specifics regarding data replication in highly available Event Store! Axon is a free and open source Java framework for writing Java applications following DDD, event sourcing, and CQRS principles. While especially useful in a microservices context, Axon provides great value in building structured monoliths that can be broken down into microservices when needed. Axon Server is a messaging platform specifically built to support distributed Axon applications. One of its key benefits is storing events published by Axon applications. In not so rare cases, the number of these events is over millions, even billions. Availability of Axon Server plays a significant role in the product portfolio. To keep event replication reliable we chose RAFT protocol for consensus implementation of our clustering features. In short, consensus involves multiple servers agreeing on values. Once they reach a decision on a value, that decision is final. Typical consensus algorithms make progress when any majority of their servers is available; for example, a cluster of 5 servers can continue to operate even if 2 servers fail. If more servers fail, they stop making progress (but will never return an incorrect result). Join this talk to learn why we chose RAFT; what were our findings during the design, the implementation, and testing phase; and what does it mean to replicate an event store holding billions of events!

Axon Server went RAFTing

Axon Server went RAFTing

Axon Server went RAFTing

Thinking of moving to Microservices? Watch out! That quest is full of traps, social traps. If you are not able to handle it, you may be blocked by meetings, frustration, endless challenges that will make you miss the monolith. In this talk, I share my experience and mistakes, so you can avoid them. Creating or migrating to a Microservices architecture might easily become a big mess, not only due to technical challenges but mostly because of human factors: it’s a major change in the software culture of a company. In this talk, I’ll share my past experience as the technical lead of an ambitious Microservices-based product, I’ll go through the parts we struggled with, and give you some advice on how to deal with what I call the Six Pitfalls: The Common Patterns Phobia The Book Club Cult The Never-Decoupled Story The Buzz Words Syndrome The Agile Trap The Conway’s Law Hackers

The Six Pitfalls of building a Microservices Architecture (and how to avoid t...

The Six Pitfalls of building a Microservices Architecture (and how to avoid t...

The Six Pitfalls of building a Microservices Architecture (and how to avoid t...

Instead of randomly injecting faults ( i.e. Chaos Monkey), what if we could order our experiments to perform min number of experiments for maximum yield? We present a solution(& results) to the problem of experiment selection using Lineage Driven Fault Injection to reduce the search space of faults. Lineage Driven Fault Injection (LDFI) is a state of the art technique in chaos engineering experiment selection. LDFI since its inception has used an SAT solver under the hood which presents solutions to the decision problem (which faults to inject) in no particular order. As SRE’s we would like to perform experiments that reveal the bugs that the customers are most likely to hit first. In this talk, we present new improvements to LDFI that orders the experiment suggestions. In the first the half of the talk we will show LDFI is a technique that can be widely used within an enterprise. We present the motivation for ordering the chaos experiments along with some prioritization we utilized while conducting the experiments. We also highlight how ordering is a general purpose technique that we can use to encode the peculiarities of a heterogeneous microservices architecture. LDFI can work in an enterprise by harnessing the observability infrastructure to model the redundancy of the system. Next, we present experiments conducted within our organization using ordered LDFI and some preliminary results. We show examples of services where we discovered bugs, and how carefully controlling the order of experiments allowed LDFI to avoid running unnecessary experiments. We also present an example of an application where we declared the service shippable under crash stop model. We also present a comparison with Chaos Monkey and show how LDFI found the known bugs in a given application using orders of magnitude fewer experiments than a random fault injection tool like Chaos Monkey. Finally, we discuss how we plan to take LDFI forward. We discuss open problems and possible solutions for scalarizing probabilities of failure, latency injection, integration with service mesh technologies like envoy for fine-grained fault injection, fault injection for stateful systems. Key takeaways: 1) Understand how LDFI can be integrated in the enterprise by harnessing the observability infrastructure. 2) Limitations of LDFI w.r.t unordered solutions and why ordering matters for chaos engineering experiments. 3) Preliminary results of prioritized LDFI and a future direction for the community.

Madaari : Ordering For The Monkeys

Madaari : Ordering For The Monkeys

Madaari : Ordering For The Monkeys

Servers are doomed to fail

Servers are doomed to fail

Servers are doomed to fail

Distributed systems collaborate to achieve collective goals via a system of rules. Rules that affords good hygiene, fault tolerance, effective communication and trusted feedback. These rules form protocols which enable the system to achieve its goals. Distributed and concurrent systems can be considered a social group that collaborates to achieve collective goals. In order to collaborate a system of rules must be applied, that affords good hygiene, fault tolerance, and effective communication to coordinate, share knowledge, and provide feedback in a polite trusted manner. These rules form a number of protocols which enable the group to act as a system which is greater than the sum of the individual components. In this talk, we will explore the history of protocols and their application when building distributed systems.

Interaction Protocols: It's all about good manners

Interaction Protocols: It's all about good manners

Interaction Protocols: It's all about good manners

Do you want to check the efficiency of the new, state of the art, GraalVM JIT Compiler in comparison to the old but mostly used JIT C2? Let’s have a side by side comparison from a performance standpoint on the same source code. The talk reveals how traditional Just In Time Compiler (e.g. JIT C2) from HotSpot/OpenJDK internally manages runtime optimizations for hot methods in comparison to the new, state of the art, GraalVM JIT Compiler on the same source code, emphasizing all of the internals and strategies used by each Compiler to achieve better performance in most common situations (or code patterns). For each optimization, there is Java source code and corresponding generated assembly code in order to prove what really happens under the hood. Each test is covered by a dedicated benchmark (JMH), timings and conclusions. Main topics of the agenda: - Scalar replacement - Null Checks - Virtual calls - Lock coarsening - Lock elision - Virtual calls - Scalar replacement - Lambdas - Vectorization (few cases) The tools used during my research study are JITWatch, Java Measurement Harness, and perf. All test scenarios will be launched against the latest official Java release (e.g. version 11).

A race of two compilers: GraalVM JIT versus HotSpot JIT C2. Which one offers ...

A race of two compilers: GraalVM JIT versus HotSpot JIT C2. Which one offers ...

A race of two compilers: GraalVM JIT versus HotSpot JIT C2. Which one offers ...

Leadership is easy when you're a manager, or an expert in a field, or a conference speaker! In a Kanban organisation, though, we "encourage acts of leadership at every level". In this talk, we look at what it means to be a leader in the uncertain, changing and high-learning environment of software development. We learn about the importance of safety in encouraging others to lead and follow, and how to get that safety using both technical and human practices; the necessity of a clear, compelling vision and provision of information on how we're achieving it; and the need to be able to ask awkward and difficult questions... especially the ones without easy answers.

Leadership at every level

Leadership at every level

Leadership at every level

During this presentation, we will answer how much you’ll need to invest in a superhero costume to be as popular as Superman. We will generate a unique logo which will stand against the ever popular Batman and create new superhero teams. We shall achieve it using linear regression and neural networks. Machine learning is one of the hottest buzzwords in technology today as well as one of the most innovative fields in computer science – yet people use libraries as black boxes without basic knowledge of the field. In this session, we will strip them to bare math, so next time you use a machine learning library, you’ll have a deeper understanding of what lies underneath. During this session, we will first provide a short history of machine learning and an overview of two basic teaching techniques: supervised and unsupervised learning. We will start by defining what machine learning is and equip you with an intuition of how it works. We will then explain the gradient descent algorithm with the use of simple linear regression to give you an even deeper understanding of this learning method. Then we will project it to supervised neural networks training. Within unsupervised learning, you will become familiar with Hebb’s learning and learning with concurrency (winner takes all and winner takes most algorithms). We will use Octave for examples in this session; however, you can use your favourite technology to implement presented ideas. Our aim is to show the mathematical basics of neural networks for those who want to start using machine learning in their day-to-day work or use it already but find it difficult to understand the underlying processes. After viewing our presentation, you should find it easier to select parameters for your networks and feel more confident in your selection of network type, as well as be encouraged to dive into more complex and powerful deep learning methods.

Machine Learning: The Bare Math Behind Libraries

Machine Learning: The Bare Math Behind Libraries

Machine Learning: The Bare Math Behind Libraries

More from J On The Beach (20)

Massively scalable ETL in real world applications: the hard way

Massively scalable ETL in real world applications: the hard way

Massively scalable ETL in real world applications: the hard way

Big Data On Data You Don’t Have

Big Data On Data You Don’t Have

Big Data On Data You Don’t Have

Acoustic Time Series in Industry 4.0: Improved Reliability and Cyber-Security...

Acoustic Time Series in Industry 4.0: Improved Reliability and Cyber-Security...

Acoustic Time Series in Industry 4.0: Improved Reliability and Cyber-Security...

Pushing it to the edge in IoT

Pushing it to the edge in IoT

Pushing it to the edge in IoT

Drinking from the firehose, with virtual streams and virtual actors

Drinking from the firehose, with virtual streams and virtual actors

Drinking from the firehose, with virtual streams and virtual actors

How do we deploy? From Punched cards to Immutable server pattern

How do we deploy? From Punched cards to Immutable server pattern

How do we deploy? From Punched cards to Immutable server pattern

Java, Turbocharged

Java, Turbocharged

Java, Turbocharged

When Cloud Native meets the Financial Sector

When Cloud Native meets the Financial Sector

When Cloud Native meets the Financial Sector

The big data Universe. Literally.

The big data Universe. Literally.

The big data Universe. Literally.

Streaming to a New Jakarta EE

Streaming to a New Jakarta EE

Streaming to a New Jakarta EE

The TIPPSS Imperative for IoT - Ensuring Trust, Identity, Privacy, Protection...

The TIPPSS Imperative for IoT - Ensuring Trust, Identity, Privacy, Protection...

The TIPPSS Imperative for IoT - Ensuring Trust, Identity, Privacy, Protection...

Pushing AI to the Client with WebAssembly and Blazor

Pushing AI to the Client with WebAssembly and Blazor

Pushing AI to the Client with WebAssembly and Blazor

Axon Server went RAFTing

Axon Server went RAFTing

Axon Server went RAFTing

The Six Pitfalls of building a Microservices Architecture (and how to avoid t...

The Six Pitfalls of building a Microservices Architecture (and how to avoid t...

The Six Pitfalls of building a Microservices Architecture (and how to avoid t...

Madaari : Ordering For The Monkeys

Madaari : Ordering For The Monkeys

Madaari : Ordering For The Monkeys

Servers are doomed to fail

Servers are doomed to fail

Servers are doomed to fail

Interaction Protocols: It's all about good manners

Interaction Protocols: It's all about good manners

Interaction Protocols: It's all about good manners

A race of two compilers: GraalVM JIT versus HotSpot JIT C2. Which one offers ...

A race of two compilers: GraalVM JIT versus HotSpot JIT C2. Which one offers ...

A race of two compilers: GraalVM JIT versus HotSpot JIT C2. Which one offers ...

Leadership at every level

Leadership at every level

Leadership at every level

Machine Learning: The Bare Math Behind Libraries

Machine Learning: The Bare Math Behind Libraries

Machine Learning: The Bare Math Behind Libraries

Recently uploaded

The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.

Search and Society: Reimagining Information Access for Radical Futures

Search and Society: Reimagining Information Access for Radical Futures

Search and Society: Reimagining Information Access for Radical Futures

Ever caught yourself nodding along when someone mentions "delivering value" in Agile, but secretly wondering what the heck they actually mean? You're not alone! Join us for an eye-opening session where we'll strip away the buzzwords and dive into the heart of Agile—value delivery. But what is "value"? Is it a mythical unicorn in the world of software development, or is there more to this overused term? This isn't going to be a sit-and-get lecture. We're talking about a face-to-face, interactive meetup where YOU play a crucial role. Come along to: Define It: What does "value" really mean? We’ll build a definition that’s not just words, but a compass for your Agile journey. Contextualise It: Discover what value means specifically to you, your team, your company, and your industry. Because one size does not fit all. Deliver It: Share strategies and gather new ones for uncovering and delivering true value—no more shooting in the dark!

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

Already know how to write a basic SOQL query? Great! But what about an *aggregate* SOQL query? You know, the kind that uses aggregate functions like COUNT & MAX along with GROUP BY and HAVING clauses? No? Well, get ready to learn how to slice & dice your org’s data right inside your own dev console. From finding duplicate records to prototyping summary & matrix reports, learn the ins and outs of aggregate queries during this fast-paced but admin-friendly session on advanced SOQL concepts.

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

ODC, Data Fabric and Architecture User Group

ODC, Data Fabric and Architecture User Group

ODC, Data Fabric and Architecture User Group

CatarinaPereira64715

Intrigued by why some of the world's largest companies (Netflix, Google, Cisco, Twitter, Uber etc) are using gRPC? In this demo based talk we delve into the world of gRPC in .Net, what it does and why we should use it. We compare the interface with both Rest and graphQL. We will show you how to implement grpc server-side in .net and in the web. Finally, I will show you how the tooling helps you deliver powerful interfaces and interact with them quickly and simply.

Demystifying gRPC in .Net by John Staveley

Demystifying gRPC in .Net by John Staveley

Demystifying gRPC in .Net by John Staveley

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Welcome to UiPath Test Automation using UiPath Test Suite series part 2. In this session, we will cover API test automation along with a web automation demo. Topics covered: Test Automation introduction API Example of API automation Web automation demonstration Speaker Pathrudu Chintakayala, Associate Technical Architect @Yash and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

How world-class product teams are winning in the AI era by CEO and Founder, P...

How world-class product teams are winning in the AI era by CEO and Founder, P...

How world-class product teams are winning in the AI era by CEO and Founder, P...

You’ve heard good data matters in Machine Learning, but does it matter for Generative AI applications? Corporate data often differs significantly from the general Internet data used to train most foundation models. Join me for a demo on building an open source RAG (Retrieval Augmented Generation) stack using Milvus vector database for Retrieval, LangChain, Llama 3 with Ollama, Ragas RAG Eval, and optional Zilliz cloud, OpenAI.

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Agentic RAG What it is its types applications and implementation.pdf

Agentic RAG What it is its types applications and implementation.pdf

Agentic RAG What it is its types applications and implementation.pdf

ChristopherTHyatt

What's New in Teams Calling, Meetings and Devices April 2024

What's New in Teams Calling, Meetings and Devices April 2024

What's New in Teams Calling, Meetings and Devices April 2024

Stephanie Beckett

ScyllaDB has the potential to deliver impressive performance and scalability. The better you understand how it works, the more you can squeeze out of it. But before you squeeze, make sure you know what to monitor! Watch our experienced Postgres developer work through monitoring and performance strategies that help him understand what mistakes he’s made moving to NoSQL. And learn with him as our database performance expert offers friendly guidance on how to use monitoring and performance tuning to get his sample Rust application on the right track. This webinar focuses on using monitoring and performance tuning to discover and correct mistakes that commonly occur when developers move from SQL to NoSQL. For example: - Common issues getting up and running with the monitoring stack - Using the CQL optimizations dashboard - Common issues causing high latency in a node - Common issues causing replica imbalance - What a healthy system looks like in terms of memory - Key metrics to keep an eye on This isn’t “Death-by-Powerpoint.” We’ll walk through problems encountered while migrating a real application from Postgres to ScyllaDB – and try to fix them live as well.

Optimizing NoSQL Performance Through Observability

Optimizing NoSQL Performance Through Observability

Optimizing NoSQL Performance Through Observability

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Explore the core of Salesforce success in 'Salesforce Adoption – Metrics, Methods, and Motivation.' We will discuss essential metrics, effective methods to drive adoption, and the driving force behind user engagement and explore strategies for onboarding, training, and continuous support that empower users to navigate the platform seamlessly. By leveraging these tools, you can effectively measure adoption against your company’s goals and create an environment where users not only adopt Salesforce but actively contribute to its ongoing success.

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

I'm excited to share my latest predictions on how AI, robotics, and other technological advancements will reshape industries in the coming years. The slides explore the exponential growth of computational power, the future of AI and robotics, and their profound impact on various sectors. Why this matters: The success of new products and investments hinges on precise timing and foresight into emerging categories. This deck equips founders, VCs, and industry leaders with insights to align future products with upcoming tech developments. These insights enhance the ability to forecast industry trends, improve market timing, and predict competitor actions. Highlights: ▪ Exponential Growth in Compute: How $1000 will soon buy the computational power of a human brain ▪ Scaling of AI Models: The journey towards beyond human-scale models and intelligent edge computing ▪ Transformative Technologies: From advanced robotics and brain interfaces to automated healthcare and beyond ▪ Future of Work: How automation will redefine jobs and economic structures by 2040 With so many predictions presented here, some will inevitably be wrong or mistimed, especially with potential external disruptions. For instance, a conflict in Taiwan could severely impact global semiconductor production, affecting compute costs and related advancements. Nonetheless, these slides are intended to guide intuition on future technological trends.

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Peter Udo Diehl

Discover the essentials of performance testing in the IT sector with our concise guide. Learn about various testing types such as load, stress, endurance, spike, scalability, and volume testing. Understand key performance metrics like response time, throughput, CPU and memory utilization, and error rate. Explore top tools like Apache JMeter, LoadRunner, Gatling, Neoload, and BlazeMeter. Gain insights into best practices for defining objectives, creating realistic scenarios, automating tests, and optimizing performance to ensure user satisfaction, reliability, scalability, and cost efficiency. Ideal for developers, QA engineers, and IT professionals. Visit Expeed Software for more information. https://expeed.com/

In-Depth Performance Testing Guide for IT Professionals

In-Depth Performance Testing Guide for IT Professionals

In-Depth Performance Testing Guide for IT Professionals

Expeed Software

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Unlock the mysteries of successful Salesforce interviews in this insightful session hosted by Hugo Rosario (Salesforce Customer), a seasoned hiring manager that leads the Salesforce Department of multinational company with over 100 interviews under their belt. Step into the manager's chair and gain exclusive behind-the-scenes insights into what makes a Salesforce consultant stand out during the interview process. From deciphering the unspoken cues to mastering key strategies, we'll explore the intricacies of the interview process and provide practical tips for consultants looking to not only pass interviews but also thrive in their roles. Whether you're a seasoned professional or just starting your Salesforce journey, this session is your backstage pass to the secrets that hiring managers wish you knew.

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Recently uploaded (20)

Search and Society: Reimagining Information Access for Radical Futures

Search and Society: Reimagining Information Access for Radical Futures

Search and Society: Reimagining Information Access for Radical Futures

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

ODC, Data Fabric and Architecture User Group

ODC, Data Fabric and Architecture User Group

ODC, Data Fabric and Architecture User Group

Demystifying gRPC in .Net by John Staveley

Demystifying gRPC in .Net by John Staveley

Demystifying gRPC in .Net by John Staveley

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

How world-class product teams are winning in the AI era by CEO and Founder, P...

How world-class product teams are winning in the AI era by CEO and Founder, P...

How world-class product teams are winning in the AI era by CEO and Founder, P...

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Agentic RAG What it is its types applications and implementation.pdf

Agentic RAG What it is its types applications and implementation.pdf

Agentic RAG What it is its types applications and implementation.pdf

What's New in Teams Calling, Meetings and Devices April 2024

What's New in Teams Calling, Meetings and Devices April 2024

What's New in Teams Calling, Meetings and Devices April 2024

Optimizing NoSQL Performance Through Observability

Optimizing NoSQL Performance Through Observability

Optimizing NoSQL Performance Through Observability

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

In-Depth Performance Testing Guide for IT Professionals

In-Depth Performance Testing Guide for IT Professionals

In-Depth Performance Testing Guide for IT Professionals

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Containers from scratch

1. Copyright @ 2017 Aqua Security Software Ltd. All Rights Reserved. @LizRice | @AquaSecTeam Containers from scratch Liz Rice Aqua Security

2. docker run <image>

3. 3@lizrice Build my own container in Go ■ Namespaces ■ Chroot ■ Cgroups

4. 4@lizrice Namespaces ■ What you can see ■ Created with syscalls ○ Unix Timesharing System ○ Process IDs ○ Mounts ○ Network ○ User IDs ○ InterProcess Comms

5. 5@lizrice CGroups ■ What you can use ■ Filesystem interface ○ Memory ○ CPU ○ I/O ○ Process numbers ○ ...

6. :(){ :|: & };:

7. Copyright @ 2017 Aqua Security Software Ltd. All Rights Reserved. @LizRice | @AquaSecTeam github.com/lizrice/containers-from-scratch github.com/aquasecurity/microscanner @LizRice | @AquaSecTeam