Debugging Live Apps in k8s
•Download as PPTX, PDF•
0 likes•99 views
Pods are the fundamental building block of Kubernetes applications. Since Pods are intended to be disposable and replaceable, you cannot add a container to a Pod once it has been created. Instead, you usually delete and replace Pods in a controlled fashion using deployments. Sometimes it's necessary to inspect the state of an existing Pod, however, for example to troubleshoot a hard-to-reproduce bug. In these cases you can run an ephemeral container in an existing Pod to inspect its state and run arbitrary commands. Ephemeral containers are useful for interactive troubleshooting when `kubectl exec` is insufficient because a container has crashed or a container image doesn't include debugging utilities. Faheem Memon, Principal Architect @ Amobee, will review the ephemeral containers feature (in beta since 1.23) and demonstrate potential practical implementations.
Report
Share
Report
Share
Recommended
Mihai Criveti - PyCon Ireland - Automate Everything
PyCon Ireland - Python DevOps flows with Ansible, Packer & Kubernetes - Mihai Criveti
https://www.youtube.com/watch?v=lO884XAdddQ
1 Packer: Image Build Automation
2 OpenSCAP: Automate Security Baselines
3 Ansible: Provisioning and Configuration Management
4 Molecule: Test your Ansible Playbooks on Docker, Vagrant or Cloud
5 Vagrant: Test images with vagrant
6 Package Python Applications with setuptools
7 Kubernetes: Container Orchestration at Scale
8 DevOps Culture and Practice
Making your app soar without a container manifest
This document discusses containerization and continuous integration/continuous delivery (CI/CD) tools. It introduces buildpacks as a way to containerize applications without needing a Dockerfile. Buildpacks inspect source code and create a plan to build and run the app by creating layers. Tekton is introduced as an open source project that aims to improve software delivery through standard CI/CD components based on Kubernetes. It contains reusable tasks, pipelines to assemble tasks, triggers for automating builds, and a catalog. A demo and Q&A session are included on the agenda.
Dockerfile for rust project
This document discusses optimizing a Dockerfile for building and running a complex Rust project. Initially, the Dockerfile took 10 minutes to build a 3.46GB image. The author made several improvements:
1) Optimized the size by building in two stages, reducing the image size to 73.9MB.
2) Moved the Rust toolchain to a Docker Hub image for reuse.
3) Built dependencies only once by caching them between builds, reducing incremental build time to 30 seconds.
4) Further improved build speed by removing cached files and rebuilding only changed components in the second build stage. This resulted in builds of around 10 minutes for initial builds and 30 seconds for subsequent changes.
OSDC 2016 - Inspecting Security of Docker formatted Container Images to find ...
The presented article will target inspection of security of (un)official Docker formatted container images approaching the resulting safety of the image from two PoVs:
examining image content for presence of known security flaws (vulnerability assessment),
and validation if the internal software and service(s) encapsulated within the image are configured according to commonly-accepted recommendations as defined in security baselines (security hardening).
Starting with reasoning why Docker images security matters, we will proceed to outline architectural concepts Docker images are based on. Subsequently compare these concepts with building blocks used by design of today's virtual machines, and point out areas (main differences) to take care of when container image security is primary concern. We will use the observations from this comparison to emphasize the need to inspect both content of container images themselves, but also the security configuration of the hosting computer in order to reach truly secure infrastructure. We will introduce the section of inspecting security of container images with providing overview of recent effort to implement image signing and verification. Afterwards we will demonstrate inspection of a concrete container image against currently known security flaws, and explain how this approach can be automated and generalized. Thereafter we will focus on examination if software and service(s) included in the container image meet commonly-known requirements for secure configuration. An illustration example how to detect e.g. an unauthorized executable in the container content will be provided. In the part dedicated to securing of the hosting computer we will show it is possible to fully automate this task too. We will conclude with sketching, where development in this area might be heading in the future (features that might be available to strengthen the security of container images even more).
Container Security: a toolchain for automatic image rebuilds
Containers and Kubernetes have revolutionized the way applications are deployed at scale. This new approach, along with the use of CI/CD for deployment automation, brings new challenges, in particular when it comes to security, as containers are static artifacts that require rebuilding and redeployment in order to perform updates.
This talk will demonstrate how to set up an automated CI/CD pipeline to deploy applications on Kubernetes using OpenShift and GitLab, so that updates of public base images trigger rebuilds and deployments of derivative containers. It will also show how static image analysis can be plugged into the pipeline to increase application security.
Docker and Puppet for Continuous Integration
Today developers want to change the code, build and deploy often, even several times per day.
New versions of software may need to be tested on different distributions, and with different configurations.
Achieving this with Virtual Machines it’s possible, but it’s very resource and time consuming. Docker provides an incredibly good solution for this, in particular if combined with Continuous Integration tools like Jenkins and Configuration Management tools like Puppet.
This presentation focuses on the opportunities to configure automatically Docker images, use Docker containers as disposable workers during your tests, and even running your Continuous Integration system inside Docker.
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
Kubernetes provides an automated platform to deployment, scaling and operations of applications across a cluster of hosts. Complementing Kubernetes with a series of build scripts in conjunction with Travis-CI, GitHub, Artifactory, and Google Cloud Platform, we can take code from a merged pull request to a deployed environment with no manual intervention on a highly scaleable and robust infrastructure.
Docker primer and tips
Docker is a tool that allows developers to package applications into containers to ensure consistency across environments. Some key benefits of Docker include lightweight containers, isolation, and portability. The Docker workflow involves building images, pulling pre-built images, pushing images to registries, and running containers from images. Docker uses a layered filesystem to efficiently build and run containers. Running multiple related containers together can be done using Docker Compose or Kubernetes for orchestration.
Recommended
Mihai Criveti - PyCon Ireland - Automate Everything
PyCon Ireland - Python DevOps flows with Ansible, Packer & Kubernetes - Mihai Criveti
https://www.youtube.com/watch?v=lO884XAdddQ
1 Packer: Image Build Automation
2 OpenSCAP: Automate Security Baselines
3 Ansible: Provisioning and Configuration Management
4 Molecule: Test your Ansible Playbooks on Docker, Vagrant or Cloud
5 Vagrant: Test images with vagrant
6 Package Python Applications with setuptools
7 Kubernetes: Container Orchestration at Scale
8 DevOps Culture and Practice
Making your app soar without a container manifest
This document discusses containerization and continuous integration/continuous delivery (CI/CD) tools. It introduces buildpacks as a way to containerize applications without needing a Dockerfile. Buildpacks inspect source code and create a plan to build and run the app by creating layers. Tekton is introduced as an open source project that aims to improve software delivery through standard CI/CD components based on Kubernetes. It contains reusable tasks, pipelines to assemble tasks, triggers for automating builds, and a catalog. A demo and Q&A session are included on the agenda.
Dockerfile for rust project
This document discusses optimizing a Dockerfile for building and running a complex Rust project. Initially, the Dockerfile took 10 minutes to build a 3.46GB image. The author made several improvements:
1) Optimized the size by building in two stages, reducing the image size to 73.9MB.
2) Moved the Rust toolchain to a Docker Hub image for reuse.
3) Built dependencies only once by caching them between builds, reducing incremental build time to 30 seconds.
4) Further improved build speed by removing cached files and rebuilding only changed components in the second build stage. This resulted in builds of around 10 minutes for initial builds and 30 seconds for subsequent changes.
OSDC 2016 - Inspecting Security of Docker formatted Container Images to find ...
The presented article will target inspection of security of (un)official Docker formatted container images approaching the resulting safety of the image from two PoVs:
examining image content for presence of known security flaws (vulnerability assessment),
and validation if the internal software and service(s) encapsulated within the image are configured according to commonly-accepted recommendations as defined in security baselines (security hardening).
Starting with reasoning why Docker images security matters, we will proceed to outline architectural concepts Docker images are based on. Subsequently compare these concepts with building blocks used by design of today's virtual machines, and point out areas (main differences) to take care of when container image security is primary concern. We will use the observations from this comparison to emphasize the need to inspect both content of container images themselves, but also the security configuration of the hosting computer in order to reach truly secure infrastructure. We will introduce the section of inspecting security of container images with providing overview of recent effort to implement image signing and verification. Afterwards we will demonstrate inspection of a concrete container image against currently known security flaws, and explain how this approach can be automated and generalized. Thereafter we will focus on examination if software and service(s) included in the container image meet commonly-known requirements for secure configuration. An illustration example how to detect e.g. an unauthorized executable in the container content will be provided. In the part dedicated to securing of the hosting computer we will show it is possible to fully automate this task too. We will conclude with sketching, where development in this area might be heading in the future (features that might be available to strengthen the security of container images even more).
Container Security: a toolchain for automatic image rebuilds
Containers and Kubernetes have revolutionized the way applications are deployed at scale. This new approach, along with the use of CI/CD for deployment automation, brings new challenges, in particular when it comes to security, as containers are static artifacts that require rebuilding and redeployment in order to perform updates.
This talk will demonstrate how to set up an automated CI/CD pipeline to deploy applications on Kubernetes using OpenShift and GitLab, so that updates of public base images trigger rebuilds and deployments of derivative containers. It will also show how static image analysis can be plugged into the pipeline to increase application security.
Docker and Puppet for Continuous Integration
Today developers want to change the code, build and deploy often, even several times per day.
New versions of software may need to be tested on different distributions, and with different configurations.
Achieving this with Virtual Machines it’s possible, but it’s very resource and time consuming. Docker provides an incredibly good solution for this, in particular if combined with Continuous Integration tools like Jenkins and Configuration Management tools like Puppet.
This presentation focuses on the opportunities to configure automatically Docker images, use Docker containers as disposable workers during your tests, and even running your Continuous Integration system inside Docker.
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
Kubernetes provides an automated platform to deployment, scaling and operations of applications across a cluster of hosts. Complementing Kubernetes with a series of build scripts in conjunction with Travis-CI, GitHub, Artifactory, and Google Cloud Platform, we can take code from a merged pull request to a deployed environment with no manual intervention on a highly scaleable and robust infrastructure.
Docker primer and tips
Docker is a tool that allows developers to package applications into containers to ensure consistency across environments. Some key benefits of Docker include lightweight containers, isolation, and portability. The Docker workflow involves building images, pulling pre-built images, pushing images to registries, and running containers from images. Docker uses a layered filesystem to efficiently build and run containers. Running multiple related containers together can be done using Docker Compose or Kubernetes for orchestration.
CI/CD Across Multiple Environments
Speakers: Vic Iglesias, Benjamin Good, Karl Isenberg
Venue: Google Cloud Next '19
Video: https://www.youtube.com/watch?v=rt287-94Pq4
Continuous Integration and Delivery allows companies to quickly iterate on and deploy their ideas to customers. In doing so, they should strive to have environments that closely match production. Using Kubernetes as the target platform across cloud providers and on-premises environments can help to mitigate some difficulties when ensuring environment parity but many other concerns can arise.
In this talk we will dive into the tools and methodologies available to ensure your code and deployment artifacts can smoothly transition among the various people, environments, and platforms that make up your CI/CD process.
Magento Docker Setup.pdf
Docker allows developers to package applications with all of their dependencies into standardized units called containers that can run on any infrastructure regardless of the underlying operating system. It provides isolation and security so that many containers can run simultaneously on a single host. The document discusses how to set up both new and existing Magento projects using Docker, including downloading necessary files, importing databases, and using important Docker commands.
Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline ...
The document discusses how containerized GitLab CI pipelines can help streamline infrastructure deployments. It recommends containerizing pipeline jobs so that each runs in a dedicated container with isolated dependencies. This avoids issues with dependency conflicts and allows scaling pipelines. The GitLab Runner Kubernetes executor can integrate pipelines with Kubernetes to create pods for each job based on a defined container image. Containerizing builds with Kaniko also avoids issues with Docker-in-Docker. Examples show containerized pipelines for building images, deploying to AKS, and provisioning infrastructure with Terraform.
Enabling Cloud Native Buildpacks for Windows Containers
SpringOne 2020
Daniella Corricelli: Product Manager, VMware;
Malini Valliath: Member of Technical Staff, VMware;
Micah Young: Software Engineer, VMware;
Andrew Meyer: Software Engineer, VMware
New Perl module Container::Buildah - SVPerl presentation
The Container::Buildah module is a wrapper around containers/buildah tool for multi-stage builds of OCI/Docker-compatible Linux containers
Kubernetes 101 for_penetration_testers_-_null_mumbai
This document provides an overview of Kubernetes and attacking Kubernetes clusters for penetration testers. It begins with introductions to containers, Kubernetes, and setting up a local Kubernetes cluster. It then covers a threat model for Kubernetes and describes an attacker's workflow against a cluster, including discovery, vulnerability testing, exploitation, and persistence. Specific attacks demonstrated include API server authorization testing, discovering exposed etcd and internal services, container escapes, and Helm Tiller privilege escalation. Resources for further learning are also provided.
Serverless containers … with source-to-image
There will be a future where container workloads and serverless platforms are BFF. An essential building block on this way is Source2Image. It provides the magic of source code being transformed automatically into an executable container image containing all required runtime components. Think of it as a black box continuous integration server for containerized applications. The talk will introduce, showcase, and compare leading Source2Image open source projects.
Serverless Container with Source2Image
Serverless Computing 2019, November 2019, London: Talk by Josef Adersberger (@adersberger, CTO QAware)
=== Please download slides if blurred! ===
Abstract:
There will be a future where container workloads and serverless platforms are BFF. An essential building block on this way is Source2Image. It provides the magic of source code being transformed automatically into an executable container image containing all required runtime components. Think of it as a black box continuous integration server for containerized applications. The talk will introduce, showcase, and compare leading Source2Image open source projects like Skaffold, OpenShift S2I, buildpacks.io, Draft, Knative Build, and Garden.
Heroku to Kubernetes & Gihub to Gitlab success story
A migration from github to gitlab, circle ci to gitlab-ci, heroku to kubernetes by using helm and vault (hashicorp)
[KubeCon EU 2020] containerd Deep Dive
- containerd overview
- Upcoming features in v1.4
- External plugins
https://kccnceu20.sched.com/event/ZexS/containerd-deep-dive-akihiro-suda-ntt-wei-fu-alibaba
Cicd pixelfederation
This document discusses CI/CD pipelines using Jenkins in Kubernetes for a game studio. It provides an overview of their infrastructure including Kubernetes clusters on AWS, self-managed services using Terraform and Ansible, and Jenkins running in Kubernetes. It describes their Jenkins configuration including pod templates, jobs, and a shared library. It also covers dynamic development environments, base Docker images, and the CI/CD pipeline for their Trainstation 2 game including features like blue-green deployments.
20120308 droid4me-paug presentation
This document provides an overview and summary of the Android BitmapDownloader framework. It discusses how the BitmapDownloader component efficiently downloads, caches, and binds bitmaps to widgets in an extensible way using customizable instructions. It works with two thread pools and caches bitmaps in memory and persistence. The key aspects are that it prevents duplicate downloads, cancels pending requests, respects memory limits, and is extensible via a custom instructions interface.
containerd and CRI
A look at how containerd and Kubernetes CRI could work together by Tim Hockin at the containerd summit
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
This lightning talk will show you how simple it is to apply CI to the creation of Docker images, ensuring that each time the source is changed, a new image is created, tagged, and published. I will then show how easy it is to then deploy containers from this image and run tests to verify the behaviour.
Environment management in a continuous delivery world (3)
This talk walks through using Kustomize, Skaffold, and Spinnaker to manage your Kubernetes applications across multiple environments.
DCEU 18: Building Your Development Pipeline
This document discusses building a development pipeline using containers. It outlines using containers for building images, automated testing, security scanning, and deploying to production. Containers make environments consistent and reproducible. The pipeline includes building images, testing, security scanning, and promoting images to production. Methods discussed include using multi-stage builds to optimize images, leveraging Buildkit for faster builds, and parallel testing across containers. Automated tools are available to implement rolling updates and rollbacks during deployments.
Running PostgreSQL in Kubernetes: from day 0 to day 2 with CloudNativePG - Do...
Link: https://youtu.be/cegd3Exg05w
https://go.dok.community/slack
https://dok.community/
Gabriele Bartolini - Vice President/CTO of Cloud Native and Kubernetes, EDB
ABSTRACT OF THE TALK
Imagine this: you have a virtual infrastructure based on Kubernetes, made up of virtual data centers, possibly spread across multiple Kubernetes clusters and regions. Your infrastructure could even be hosted on premises or on different cloud service providers. Infrastructure as Code is a requirement. You’ve been tasked to run Postgres databases, alongside your applications.
The good news is that you can leverage a fully open source stack with Kubernetes, PostgreSQL and the CloudNativePG operator, and deploy your Postgres database in the same way you deploy applications.
Join me in this webinar to discover the key role that you have to make this succeed, starting from day 0 through day 2 operations.
I’ll share some examples and best practices for running Postgres databases in Kubernetes, before peeking at the new features we are developing for the months to come.
DOCKER-PIAIC-SLIDES
This document provides information about Docker, containers, and some Docker commands. It defines Docker as container runtime and orchestration technology. It compares containers to virtual machines and describes how containers provide isolation and run on a single host OS. It then introduces containers and describes how they package applications and dependencies. It visualizes Docker's architecture including the Docker daemon, REST API, images, and CLI. It provides examples of Docker commands to install Docker, pull and run images, build images, use Docker Hub, and manage volumes.
Introduction to kubernetes
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery called Pods. ReplicaSets ensure that a specified number of pod replicas are running at any given time. Key components include Pods, Services for enabling network access to applications, and Deployments to update Pods and manage releases.
Docker Up and Running Introduction
Docker: Up and Running Introduction was a tech talk given at Code Youngstown on April 27, 2017 at the Drund office in Boardman, Ohio. The target audience is complete beginners to Docker and containers in general.
Microsoft - Power Platform_G.Aspiotis.pdf
Revolutionizing Application Development
with AI-powered low-code, presentation by George Aspiotis, Sr. Partner Development Manager, Microsoft
More Related Content
Similar to Debugging Live Apps in k8s
CI/CD Across Multiple Environments
Speakers: Vic Iglesias, Benjamin Good, Karl Isenberg
Venue: Google Cloud Next '19
Video: https://www.youtube.com/watch?v=rt287-94Pq4
Continuous Integration and Delivery allows companies to quickly iterate on and deploy their ideas to customers. In doing so, they should strive to have environments that closely match production. Using Kubernetes as the target platform across cloud providers and on-premises environments can help to mitigate some difficulties when ensuring environment parity but many other concerns can arise.
In this talk we will dive into the tools and methodologies available to ensure your code and deployment artifacts can smoothly transition among the various people, environments, and platforms that make up your CI/CD process.
Magento Docker Setup.pdf
Docker allows developers to package applications with all of their dependencies into standardized units called containers that can run on any infrastructure regardless of the underlying operating system. It provides isolation and security so that many containers can run simultaneously on a single host. The document discusses how to set up both new and existing Magento projects using Docker, including downloading necessary files, importing databases, and using important Docker commands.
Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline ...
The document discusses how containerized GitLab CI pipelines can help streamline infrastructure deployments. It recommends containerizing pipeline jobs so that each runs in a dedicated container with isolated dependencies. This avoids issues with dependency conflicts and allows scaling pipelines. The GitLab Runner Kubernetes executor can integrate pipelines with Kubernetes to create pods for each job based on a defined container image. Containerizing builds with Kaniko also avoids issues with Docker-in-Docker. Examples show containerized pipelines for building images, deploying to AKS, and provisioning infrastructure with Terraform.
Enabling Cloud Native Buildpacks for Windows Containers
SpringOne 2020
Daniella Corricelli: Product Manager, VMware;
Malini Valliath: Member of Technical Staff, VMware;
Micah Young: Software Engineer, VMware;
Andrew Meyer: Software Engineer, VMware
New Perl module Container::Buildah - SVPerl presentation
The Container::Buildah module is a wrapper around containers/buildah tool for multi-stage builds of OCI/Docker-compatible Linux containers
Kubernetes 101 for_penetration_testers_-_null_mumbai
This document provides an overview of Kubernetes and attacking Kubernetes clusters for penetration testers. It begins with introductions to containers, Kubernetes, and setting up a local Kubernetes cluster. It then covers a threat model for Kubernetes and describes an attacker's workflow against a cluster, including discovery, vulnerability testing, exploitation, and persistence. Specific attacks demonstrated include API server authorization testing, discovering exposed etcd and internal services, container escapes, and Helm Tiller privilege escalation. Resources for further learning are also provided.
Serverless containers … with source-to-image
There will be a future where container workloads and serverless platforms are BFF. An essential building block on this way is Source2Image. It provides the magic of source code being transformed automatically into an executable container image containing all required runtime components. Think of it as a black box continuous integration server for containerized applications. The talk will introduce, showcase, and compare leading Source2Image open source projects.
Serverless Container with Source2Image
Serverless Computing 2019, November 2019, London: Talk by Josef Adersberger (@adersberger, CTO QAware)
=== Please download slides if blurred! ===
Abstract:
There will be a future where container workloads and serverless platforms are BFF. An essential building block on this way is Source2Image. It provides the magic of source code being transformed automatically into an executable container image containing all required runtime components. Think of it as a black box continuous integration server for containerized applications. The talk will introduce, showcase, and compare leading Source2Image open source projects like Skaffold, OpenShift S2I, buildpacks.io, Draft, Knative Build, and Garden.
Heroku to Kubernetes & Gihub to Gitlab success story
A migration from github to gitlab, circle ci to gitlab-ci, heroku to kubernetes by using helm and vault (hashicorp)
[KubeCon EU 2020] containerd Deep Dive
- containerd overview
- Upcoming features in v1.4
- External plugins
https://kccnceu20.sched.com/event/ZexS/containerd-deep-dive-akihiro-suda-ntt-wei-fu-alibaba
Cicd pixelfederation
This document discusses CI/CD pipelines using Jenkins in Kubernetes for a game studio. It provides an overview of their infrastructure including Kubernetes clusters on AWS, self-managed services using Terraform and Ansible, and Jenkins running in Kubernetes. It describes their Jenkins configuration including pod templates, jobs, and a shared library. It also covers dynamic development environments, base Docker images, and the CI/CD pipeline for their Trainstation 2 game including features like blue-green deployments.
20120308 droid4me-paug presentation
This document provides an overview and summary of the Android BitmapDownloader framework. It discusses how the BitmapDownloader component efficiently downloads, caches, and binds bitmaps to widgets in an extensible way using customizable instructions. It works with two thread pools and caches bitmaps in memory and persistence. The key aspects are that it prevents duplicate downloads, cancels pending requests, respects memory limits, and is extensible via a custom instructions interface.
containerd and CRI
A look at how containerd and Kubernetes CRI could work together by Tim Hockin at the containerd summit
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
This lightning talk will show you how simple it is to apply CI to the creation of Docker images, ensuring that each time the source is changed, a new image is created, tagged, and published. I will then show how easy it is to then deploy containers from this image and run tests to verify the behaviour.
Environment management in a continuous delivery world (3)
This talk walks through using Kustomize, Skaffold, and Spinnaker to manage your Kubernetes applications across multiple environments.
DCEU 18: Building Your Development Pipeline
This document discusses building a development pipeline using containers. It outlines using containers for building images, automated testing, security scanning, and deploying to production. Containers make environments consistent and reproducible. The pipeline includes building images, testing, security scanning, and promoting images to production. Methods discussed include using multi-stage builds to optimize images, leveraging Buildkit for faster builds, and parallel testing across containers. Automated tools are available to implement rolling updates and rollbacks during deployments.
Running PostgreSQL in Kubernetes: from day 0 to day 2 with CloudNativePG - Do...
Link: https://youtu.be/cegd3Exg05w
https://go.dok.community/slack
https://dok.community/
Gabriele Bartolini - Vice President/CTO of Cloud Native and Kubernetes, EDB
ABSTRACT OF THE TALK
Imagine this: you have a virtual infrastructure based on Kubernetes, made up of virtual data centers, possibly spread across multiple Kubernetes clusters and regions. Your infrastructure could even be hosted on premises or on different cloud service providers. Infrastructure as Code is a requirement. You’ve been tasked to run Postgres databases, alongside your applications.
The good news is that you can leverage a fully open source stack with Kubernetes, PostgreSQL and the CloudNativePG operator, and deploy your Postgres database in the same way you deploy applications.
Join me in this webinar to discover the key role that you have to make this succeed, starting from day 0 through day 2 operations.
I’ll share some examples and best practices for running Postgres databases in Kubernetes, before peeking at the new features we are developing for the months to come.
DOCKER-PIAIC-SLIDES
This document provides information about Docker, containers, and some Docker commands. It defines Docker as container runtime and orchestration technology. It compares containers to virtual machines and describes how containers provide isolation and run on a single host OS. It then introduces containers and describes how they package applications and dependencies. It visualizes Docker's architecture including the Docker daemon, REST API, images, and CLI. It provides examples of Docker commands to install Docker, pull and run images, build images, use Docker Hub, and manage volumes.
Introduction to kubernetes
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery called Pods. ReplicaSets ensure that a specified number of pod replicas are running at any given time. Key components include Pods, Services for enabling network access to applications, and Deployments to update Pods and manage releases.
Docker Up and Running Introduction
Docker: Up and Running Introduction was a tech talk given at Code Youngstown on April 27, 2017 at the Drund office in Boardman, Ohio. The target audience is complete beginners to Docker and containers in general.
Similar to Debugging Live Apps in k8s (20)
Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline ...
Gitlab Commit: How Containerized GitLab CI Pipelines Can Help You Streamline ...
Enabling Cloud Native Buildpacks for Windows Containers
Enabling Cloud Native Buildpacks for Windows Containers
New Perl module Container::Buildah - SVPerl presentation
New Perl module Container::Buildah - SVPerl presentation
Kubernetes 101 for_penetration_testers_-_null_mumbai
Kubernetes 101 for_penetration_testers_-_null_mumbai
Heroku to Kubernetes & Gihub to Gitlab success story
Heroku to Kubernetes & Gihub to Gitlab success story
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)
Running PostgreSQL in Kubernetes: from day 0 to day 2 with CloudNativePG - Do...
Running PostgreSQL in Kubernetes: from day 0 to day 2 with CloudNativePG - Do...
Recently uploaded
Microsoft - Power Platform_G.Aspiotis.pdf
Revolutionizing Application Development
with AI-powered low-code, presentation by George Aspiotis, Sr. Partner Development Manager, Microsoft
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
How to Get CNIC Information System with Paksim Ga.pptx
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
20240605 QFM017 Machine Intelligence Reading List May 2024
Everything I found interesting about machines behaving intelligently during May 2024
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Presentation of the OECD Artificial Intelligence Review of Germany
Consult the full report at https://www.oecd.org/digital/oecd-artificial-intelligence-review-of-germany-609808d6-en.htm
Programming Foundation Models with DSPy - Meetup Slides
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
UiPath Test Automation using UiPath Test Suite series, part 5
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
HCL Notes and Domino License Cost Reduction in the World of DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
ここ3000字までしか入らないけどタイトルの方がたくさん文字入ると思います。
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Artificial Intelligence for XMLDevelopment
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Recently uploaded (20)
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Debugging Live Apps in k8s
- 1. Debugging Live Apps in k8s Faheem Memon
- 2. Current Troubleshooting Options ● Application logs ● Application metrics ● Pod description and status ● Pod events ● Pod shell aka exec ○ Requires debug tooling to be available in the containers ○ Sometimes requires higher tooling ○ Harder to control through governance
- 3. Ephemeral Containers ● Motivation ○ Minimal images lower operational burden and reduce attack vectors. ○ Immutable images improve correctness and reliability. ○ Smaller image size reduces resource usage and speeds deployments. ● Graduated to beta with v1.23 ○ alpha since v1.16) ● Adds new containers to running pods ● Follow ContainerSpec ○ Ephemeral containers may not have ports ○ Lack guarantees for resources or execution ○ Never restarted
- 4. Ephemeral Containers Play Nice ● Allow access to namespaces and the file systems of individual containers ● Fetch container images at run time rather than at the time of pod or image creation ● Respect admission controllers and audit logging ● Be discoverable via the API ● Support arbitrary runtimes via the CRI (possibly with reduced feature set) ● Require no administrative access to the node ● Have no inherent side effects to the running container image ● Define a v1.Container available for inspection by admission controllers
- 5. Kubectl debug # Create an interactive debugging session in pod mypod and immediately attach to it. kubectl debug mypod -it --image=busybox # Create a debug container named debugger using a custom automated debugging image. kubectl debug --image=myproj/debug-tools -c debugger mypod # Create a copy of mypod adding a debug container and attach to it kubectl debug mypod -it --image=busybox --copy-to=my-debugger # Create a copy of mypod changing the command of mycontainer kubectl debug mypod -it --copy-to=my-debugger --container=mycontainer -- sh # Create a copy of mypod changing all container images to busybox kubectl debug mypod --copy-to=my-debugger --set-image=*=busybox # Create a copy of mypod adding a debug container and changing container images kubectl debug mypod -it --copy-to=my-debugger --image=debian --set-image=app=app:debug,sidecar=sidecar:debug # Create an interactive debugging session on a node and immediately attach to it kubectl debug node/mynode -it --image=busybox
- 6. Potential Use Cases ● Live debugging for hard to find issues ○ Process start – init containers ○ Networking issues ○ File-system issues ○ Hard to replicate issues ● Run security and inventory scans ● Information gathering for tech support
- 7. Creating Ephemeral Containers ● Fetch a Pod object from the /pods resource. ● Modify spec.ephemeralContainers and write it back to the Pod's /ephemeralcontainers subresource, ● The apiserver discards all changes except those to spec.ephemeralContainers. ● The apiserver validates the update. ○ Pod validation fails if container spec contains fields disallowed for Ephemeral Containers or the same name as a container in the spec or EphemeralContainers. ○ Registered admission controllers receive an AdmissionReview request containing the entire Pod. ● The kubelet's pod watcher notices the update and triggers a syncPod(). ● syncPod() finishes a regular sync, publishing an updated PodStatus ● The client performs an attach to the debug container's console.
- 8. Live Demo
- 9. References ● Proposal - https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/277- ephemeral-containers/README.md ● Debugging Runnign Pods - https://kubernetes.io/docs/tasks/debug/debug- application/debug-running-pod ● Ephemeral Containers - https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/ ● Introduction Ephemeral Containers - https://opensource.googleblog.com/2022/01/Introducing%20Ephemeral%20C ontainers.html