Slides for a quick introduction to Linux containers (lxc) and Docker from a hands-on talk given at the Johannesburg Linux User Group on the 20th Jan 2014
Presented Docker in 15 minutes with two of my classmates at school.
Presentation covering topics:
Virtualization
Virtual Machines
Container Technology (Docker)
Docker Compose
Docker Swarm
The demo can be found at:
https://github.com/DanishKhakwani/SimpleDockerDemo
How can OpenNebula fit your needs - OpenNebulaConf 2013 Maxence Dunnewind
In the scope of a European Project (BonFIRE - www.bonfire-project.eu ), I had to tune openNebula to fit our requirement that are unusual in a private cloud environment (small hardware, small number of base images, but lot of vms created).
These slides explain how, thanks to how OpenNebula enables administrators to tune it, I updated the transfer manager scripts to improve our deployment speed by almost 8.
This the talk I gave at Docker Docker Docker Austin Cloud Users meetup in Austin on January 21st, 2014. The talk was about the use of Docker at Flux7 Labs (flux7.com). I chose to deep dive into one of the most interesting Internet of Things use cases: Implement multi-tenancy on Solar Panel Monitoring Solution using Docker.
Presented Docker in 15 minutes with two of my classmates at school.
Presentation covering topics:
Virtualization
Virtual Machines
Container Technology (Docker)
Docker Compose
Docker Swarm
The demo can be found at:
https://github.com/DanishKhakwani/SimpleDockerDemo
How can OpenNebula fit your needs - OpenNebulaConf 2013 Maxence Dunnewind
In the scope of a European Project (BonFIRE - www.bonfire-project.eu ), I had to tune openNebula to fit our requirement that are unusual in a private cloud environment (small hardware, small number of base images, but lot of vms created).
These slides explain how, thanks to how OpenNebula enables administrators to tune it, I updated the transfer manager scripts to improve our deployment speed by almost 8.
This the talk I gave at Docker Docker Docker Austin Cloud Users meetup in Austin on January 21st, 2014. The talk was about the use of Docker at Flux7 Labs (flux7.com). I chose to deep dive into one of the most interesting Internet of Things use cases: Implement multi-tenancy on Solar Panel Monitoring Solution using Docker.
LXD is a container "hypervisor" and a new user experience for LXC.
The daemon exports a REST API both locally and if enabled, over the network.
The command line tool is designed to be a very simple, yet very powerful tool to manage all your containers. It can handle connect to multiple container hosts and easily give you an overview of all the containers on your network, let you create some more where you want them and even move them around while they're running.
How Can OpenNebula Fit Your Needs: A European Project FeedbackNETWAYS
BonFIRE is an european project which aims at providing a ”multi-site cloud facility for applications, services and systems research and experimentation”. Grouping different research cloud providers behind a common set of tools, APIs and services, it enables users to run their experiment against a heterogeneous set of infrastructure, hypervisors, networks, etc …
BonFIRE, and thus the (OpenNebula) testbeds, provide a relatively small set of images used to boot VMs. However, the experimental nature of BonFIRE projects results in a big ”turnover” of running VMs. Lot of VMs are used for a time period between a few hours and a few days, and an experiment startup can trigger deployment of many VMs at same time on a small set of OpenNebula workers, which does not correspond to usual Cloud workflow.
Default OpenNebula is not optimized for such usecase (small amount of worker nodes, high VMs turnover). However, thanks to its ability to be easily modified at each level of a Cloud deployment workflow, OpenNebula has been tuned to make it fit better with BonFIRE deployment process. This presentation will explain how to change OpenNebula TM and VMM to improve the parrallel deployment of many VMs in a short amount of time, reducing time needed to deploy an experiment to its lowest without lot of expensive hardware.
Container-relevant Upstream Kernel DevelopmentsDocker, Inc.
There is a lot of work going on in upstream Linux by a number of different entities focused on making containers more featureful. For example, namespaced file capabilities, LSM stacking, namespaced integrity management, user-id shifting filesystems, and perhaps even a `struct container` definition in the kernel proper.
In this talk, I'll cover several of these sorts of container-relevant patchsets that have been proposed in the kernel, including motivating why they are interesting, as well as discussing where the patchsets need to go before being merged to mainline.
Docker: The basics - Including a demo with an awesome full-stack JS appMarcelo Rodrigues
What is Docker?
What is Jquery, MongoDB and Nashorn?
The high-level architecture of the Online Kanban Board
Docker run syntax / putting everything together
What is Docker-Compose and why it is so amazing
DEMO
Q & A
Docker lends itself to a git-style workflow, combining layers of containers in an easy-to-use format, centralized in a universal repository. But what about Docker deployments inside an isolated datacenter? This talk will cover options, pros and cons, and show you a sensible way to develop and distribute Docker containers.
This presentation discusses using the libvirt virtualization API for controlling bhyve virtual machines under FreeBSD.
Video for this presentation is available at:
https://www.youtube.com/watch?v=LRLV_SZo6Sw
Containerd internals: building a core container runtimeDocker, Inc.
In this talk, we’ll briefly overview of the OpenWhisk serverless (function-as-a-service) framework that initially used the full Docker container engine as the execution vehicle for invoking user functions via containers. After several performance and stability challenges, this project decided to assess the various layers of the Docker engine (containerd and runC) as potential options for the function invoker. Out of that work came an open source project, bucketbench, that can be used to generate benchmarks of container lifecycle operations (e.g., start, stop, kill, remove, pause, unpause) and compare multithreaded operation throughput and stability of each optional engine.
This talk will provide details on the bucketbench project, explain how it has been used to generate performance data for these container runtimes, and shares lessons learned along the way that greatly impact container runtime performance, including bottlenecks in the Linux kernel.
In this talk you’ll learn how you can use bucketbench for your own performance tuning or assessment of container runtimes and how you can collaborate on improvements to the bucketbench project.
rkt is the next-generation container manager for Linux clusters. Designed for security, simplicity, and composability within modern cluster architectures, rkt discovers, verifies, fetches, and executes application containers with pluggable isolation. rkt can run the same container with varying degrees of protection, from lightweight, OS-level namespace and capabilities isolation to heavier, VM-level hardware virtualization.
Kонтейнерная виртуализация в продуктах parallels прошлое, настоящее и будущее.WG_ Events
Доклад: Контейнерная виртуализация в продуктах Parallels: прошлое, настоящее и будущее.
Kонстантин Хоренко закончил ВМиК МГУ в 2001 году, пришёл в Parallels (тогда ещё SWsoft) в 2005 году, занимался разработкой ядра (Linux + поддержка виртуализации) продуктов OpenVZ/Virtuozzo/PSBM/PCS, занимался поддержкой ядерной части продуктов в качестве инженера 3-й линии, с 2012 года руковожу командой разработчиков ядра Linux в Parallels.
Introduction to Docker, December 2014 "Tour de France" EditionJérôme Petazzoni
Docker, the Open Source container Engine, lets you build, ship and run, any app, anywhere.
This is the presentation which was shown in December 2014 for the "Tour de France" in Paris, Lille, Lyon, Nice...
LXD is a container "hypervisor" and a new user experience for LXC.
The daemon exports a REST API both locally and if enabled, over the network.
The command line tool is designed to be a very simple, yet very powerful tool to manage all your containers. It can handle connect to multiple container hosts and easily give you an overview of all the containers on your network, let you create some more where you want them and even move them around while they're running.
How Can OpenNebula Fit Your Needs: A European Project FeedbackNETWAYS
BonFIRE is an european project which aims at providing a ”multi-site cloud facility for applications, services and systems research and experimentation”. Grouping different research cloud providers behind a common set of tools, APIs and services, it enables users to run their experiment against a heterogeneous set of infrastructure, hypervisors, networks, etc …
BonFIRE, and thus the (OpenNebula) testbeds, provide a relatively small set of images used to boot VMs. However, the experimental nature of BonFIRE projects results in a big ”turnover” of running VMs. Lot of VMs are used for a time period between a few hours and a few days, and an experiment startup can trigger deployment of many VMs at same time on a small set of OpenNebula workers, which does not correspond to usual Cloud workflow.
Default OpenNebula is not optimized for such usecase (small amount of worker nodes, high VMs turnover). However, thanks to its ability to be easily modified at each level of a Cloud deployment workflow, OpenNebula has been tuned to make it fit better with BonFIRE deployment process. This presentation will explain how to change OpenNebula TM and VMM to improve the parrallel deployment of many VMs in a short amount of time, reducing time needed to deploy an experiment to its lowest without lot of expensive hardware.
Container-relevant Upstream Kernel DevelopmentsDocker, Inc.
There is a lot of work going on in upstream Linux by a number of different entities focused on making containers more featureful. For example, namespaced file capabilities, LSM stacking, namespaced integrity management, user-id shifting filesystems, and perhaps even a `struct container` definition in the kernel proper.
In this talk, I'll cover several of these sorts of container-relevant patchsets that have been proposed in the kernel, including motivating why they are interesting, as well as discussing where the patchsets need to go before being merged to mainline.
Docker: The basics - Including a demo with an awesome full-stack JS appMarcelo Rodrigues
What is Docker?
What is Jquery, MongoDB and Nashorn?
The high-level architecture of the Online Kanban Board
Docker run syntax / putting everything together
What is Docker-Compose and why it is so amazing
DEMO
Q & A
Docker lends itself to a git-style workflow, combining layers of containers in an easy-to-use format, centralized in a universal repository. But what about Docker deployments inside an isolated datacenter? This talk will cover options, pros and cons, and show you a sensible way to develop and distribute Docker containers.
This presentation discusses using the libvirt virtualization API for controlling bhyve virtual machines under FreeBSD.
Video for this presentation is available at:
https://www.youtube.com/watch?v=LRLV_SZo6Sw
Containerd internals: building a core container runtimeDocker, Inc.
In this talk, we’ll briefly overview of the OpenWhisk serverless (function-as-a-service) framework that initially used the full Docker container engine as the execution vehicle for invoking user functions via containers. After several performance and stability challenges, this project decided to assess the various layers of the Docker engine (containerd and runC) as potential options for the function invoker. Out of that work came an open source project, bucketbench, that can be used to generate benchmarks of container lifecycle operations (e.g., start, stop, kill, remove, pause, unpause) and compare multithreaded operation throughput and stability of each optional engine.
This talk will provide details on the bucketbench project, explain how it has been used to generate performance data for these container runtimes, and shares lessons learned along the way that greatly impact container runtime performance, including bottlenecks in the Linux kernel.
In this talk you’ll learn how you can use bucketbench for your own performance tuning or assessment of container runtimes and how you can collaborate on improvements to the bucketbench project.
rkt is the next-generation container manager for Linux clusters. Designed for security, simplicity, and composability within modern cluster architectures, rkt discovers, verifies, fetches, and executes application containers with pluggable isolation. rkt can run the same container with varying degrees of protection, from lightweight, OS-level namespace and capabilities isolation to heavier, VM-level hardware virtualization.
Kонтейнерная виртуализация в продуктах parallels прошлое, настоящее и будущее.WG_ Events
Доклад: Контейнерная виртуализация в продуктах Parallels: прошлое, настоящее и будущее.
Kонстантин Хоренко закончил ВМиК МГУ в 2001 году, пришёл в Parallels (тогда ещё SWsoft) в 2005 году, занимался разработкой ядра (Linux + поддержка виртуализации) продуктов OpenVZ/Virtuozzo/PSBM/PCS, занимался поддержкой ядерной части продуктов в качестве инженера 3-й линии, с 2012 года руковожу командой разработчиков ядра Linux в Parallels.
Introduction to Docker, December 2014 "Tour de France" EditionJérôme Petazzoni
Docker, the Open Source container Engine, lets you build, ship and run, any app, anywhere.
This is the presentation which was shown in December 2014 for the "Tour de France" in Paris, Lille, Lyon, Nice...
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsElasTest Project
In this workshop the basics about container use in the development environment are presented. Then we go further by describing how to leverage containers in the CI server, using Jenkins and Pipelines.
Introduction to Docker at the Azure Meet-up in New YorkJérôme Petazzoni
This is the presentation given at the Azure New York Meet-Up group, September 3rd.
It includes a quick overview of the Open Source Docker Engine and its associated services delivered through the Docker Hub. It also covers the new features of Docker 1.0, and briefly explains how to get started with Docker on Azure.
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionJérôme Petazzoni
Docker, the Open Source container Engine, lets you build, ship and run, any app, anywhere.
This is the presentation which was shown in December 2014 for the last stop of the "Tour de France" in Bordeaux. It is slightly different from the presentation which was shown in the other cities (http://www.slideshare.net/jpetazzo/introduction-to-docker-december-2014-tour-de-france-edition), and includes a detailed history of dotCloud and Docker and a few other differences.
Special thanks to https://twitter.com/LilliJane and https://twitter.com/zirkome, who gave me the necessary motivation to put together this slightly different presentation, since they had already seen the other presentation in Paris :-)
Introduction to Docker at Glidewell Laboratories in Orange CountyJérôme Petazzoni
In this presentation we will introduce Docker, and how you can use it to build, ship, and run any application, anywhere. The presentation included short demos, links to further material, and of course Q&As. If you are already a seasoned Docker user, this presentation will probably be redundant; but if you started to use Docker and are still struggling with some of his facets, you'll learn some!
Linux container (LXC) seems to be preferred technology for deployment of Platform as a service (PaaS) in cloud. Partly because it's easy to install on top of existing visualization platforms (KVM, VMware, VirtualBox), partly because it is lightweight solution to provide separation and process allocations between separate containers running under single kernel.
In this talk we will take a look at LXC and try to explain how to combine it with mandatory access control (MAC) mechanisms within Linux kernel to provide secure separation between different users of applications.
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Jérôme Petazzoni
If you're not familiar yet with Docker, here is your chance to catch up. This presentation includes a quick overview of the Open Source Docker Engine, and its associated services delivered through the Docker Hub. Recent features are listed, as well as a glimpse at what's next in the Docker world.
This presentation was given during OSCON, at a meet-up hosted by New Relic, with co-presentations from CoreOS and Rackspace OnMetal.
Containers: from development to production at DevNation 2015Jérôme Petazzoni
In Docker, applications are shipped using a lightweight format, managed with a high-level API, and run within software containers which abstract the host environment. Operating details like distributions, versions, and network setup no longer matter to the application developer.
Thanks to this abstraction level, we can use the same container across all steps of the life cycle of an application, from development to production. This eliminates problems stemming from discrepancies between those environments.
Even so, these environments will always have different requirements. If our quality assurance (QA) and production systems use different logging systems, how can we still ship the same container to both? How can we satisfy the backup and security requirements of our production stack without bloating our development stack?
In this sess, you will learn about the unique features in containers that allow you to cleanly decouple system administrator tasks from the core of your application. We’ll show you how this decoupling results in smaller, simpler containers, and gives you more flexibility when building, managing, and evolving your application stacks.
Create a presentation on Docker with help of 5 group members which is presented by two members of our group at school. Presentation covering topics: Virtualization Virtual Machines Container Technology (Docker) Docker Compose Docker Swarm
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017Jumping Bean
An overview of the LPI-OT DevOps Tools Engineer certification's Ansible objectives. The slides cover the concepts and components of Ansible and demonstrate the basic principles of any infrastructure as code management tool such as idempotence and repeatability.
Postgrtesql as a NoSQL Document Store - The JSON/JSONB data typeJumping Bean
Our presentation from PGDay Asia 2016 on the JSON/JSONB data type in Postgres and how you can have the best of both the SQL and NoSQL worlds in one. There is JavaScript in my SQL.
How to set up an IPv6 LAN with Linux. Using IPv6 requires two steps, firstly setting up the local LAN to support IPv6 and secondly connecting to the internet. The exact mechanism to connect to the Internet depends on your ISP. If you have an IPv4 address of IPv6 and whether you trying to access an IPv4 or IPv6 host.
Jumping Bean offers IPv6 training for businesses (http://www.jumpingbean.co.za/ipv6-training)
HTML 5 and the modern web - A talk about why HTML 5 is important to the open web and the free Internet that we know and love and its current status and APIs. This is from a talk I gave at the Firefox OS Mozilla meetup.
Secrets of a linux ninja Software Freedom Day 2013 Johannesburg, South AfricaJumping Bean
The slides from a hands on lab given on Software Freedom Day on the 31 August 2013 at the University of the Witwatersrand.
It was aimed at showing some of the lesser know features of well known commands as well as some lesser known, yet powerful and command line tools
SELinux Johannesburg Linux User Group (JoziJUg)Jumping Bean
SELinux presentation given at the Jozi Lug in March. If you are in Johannesburg, South Africa and want to join us see our page on meetup.com. Search for JLug.
http://www.meetup.com/Jozi-Linux-User-Group-JLUG/
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
2. Introduction to Linux Containers
●
Makes use of:
–
Namespaces:
●
●
●
●
●
User
Network
Hostname
Filesystem
Process table
–
Cgroups for resource limits
–
Seccomp – filtering of system calls
–
AppArmour/SELinux
–
Like chroot environment, only more secure and more full featured
3. Introduction to Linux Containers
●
Benefits
–
–
Near native performance,
–
●
Application isolation,
Dynamic control of resource allocation, change
during run time and resources only allocated as
used
Limitations
–
All use hosts kernel,
4. Introduction to Linux Containers
●
apt-get install lxc
●
lxc-create -t ubuntu -n <name>
–
–
Templates available - /usr/share/lxc/templates/
–
●
Default user/password: ubuntu/ubuntu
Backing store - /var/lib/lxc
Start a container
–
lxc-start -n <name>
●
–
Lxc-start -n <name> -d
●
●
●
To shutdown issue “shutdown -h now”
Attach lxc-console
Detach via “ctrl-a q”
5. Introduction to Linux Containers
●
lxc-ps – List processes running in container
●
lxc-ls – List container running on host
●
lxc-netstat – List routing table of container
●
lxc-freeze – Pause a container
●
lxc-unfreeze - Unpause a container
●
lxc-shutdown – Shutdown a container
●
lxc-destory – Hard stop a container
●
lxc-monitor – monitor the state of a container
●
lxc-cgroup – change resources allocated to a container
●
lxc-clone/lxc-backup/lxc-restore ….
6. Introduction to Linux Containers
●
Light-weight virtualisation
–
●
No need for additional kernel nor
hypervisor/translation layer
Network setup similar to virtualisaiton
–
Bridged or
–
Routed (Natted)
7. Introduction to Linux Containers
●
Libvirt integration
●
Can connect via
–
–
VNC,
–
VT: tty
–
●
Console (ssh,lxc-console)
VT: x
Autostart on startup /etc/lxc/auto
8. What is Docker
●
Docker is an application deployment tool that
uses containers,
●
Runtime manager for containers,
●
Allows for image repository,
●
Pushing of incremental changes from
dev,test,production
9. What is docker?
●
Docker runs as a
–
A daemon to manage lxc containers,
–
A cli for creating, managing lxc containers
–
A client to access repositories for images
10. What is docker?
●
docker search
●
docker pull
●
docker run
●
docker ps
●
docker inspect
●
docker images
●
docker push
11. What is docker?
●
docker run ping www.jumpingbean.co.za
●
sudo docker run -i -t base/arch /bin/bash
–
i interactive
–
t terminal
●
Sudo docker run -i -t mmckeen/opensuse-13.1 -p 80
●
docker port name 8080
–
●
List local host port that has been forwared to 8080
docker run -d
12. What is docker
●
Create an account on the repo server
–
●
Create a image on the repo server
–
●
sudo docker login
sudo docker commit $CONTAINER_ID
username/container-name
Update your image on the repo server
–
sudo docker push username/container-name