LXC (Linux Containers) provides operating-system-level virtualization without the overhead of full virtualization. It isolates processes into containers using kernel namespaces and control groups. Containers can be limited in their CPU, memory, storage, and network usage. Common commands like lxc-start are used to deploy whole operating systems within containers. LXC provides many of the benefits of virtualization with less overhead since it leverages existing Linux kernel features rather than requiring a separate kernel like traditional virtualization.
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConJérôme Petazzoni
Containers are everywhere. But what exactly is a container? What are they made from? What's the difference between LXC, butts-nspawn, Docker, and the other container systems out there? And why should we bother about specific filesystems?
In this talk, Jérôme will show the individual roles and behaviors of the components making up a container: namespaces, control groups, and copy-on-write systems. Then, he will use them to assemble a container from scratch, and highlight the differences (and likelinesses) with existing container systems.
presentation held at SUSE Linux Expert Forum December 2014
Linux container history and Linux namespaces
examples include:
* Move a VPN connection to its own namespace(p 25)
* User namespaces demo(p 28)
see collection of useful articles and advanced container usecases pp 29
Linux Containers(LXC) allow running multiple isolated Linux instances (containers) on the same host.
Containers share the same kernel with anything else that is running on it, but can be constrained to only use a defined amount of resources such as CPU, memory or I/O.
A container is a way to isolate a group of processes from the others on a running Linux system.
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Jérôme Petazzoni
Linux containers are different from Solaris Zones or BSD Jails: they use discrete kernel features like cgroups, namespaces, SELinux, and more. We will describe those mechanisms in depth, as well as demo how to put them together to produce a container. We will also highlight how different container runtimes compare to each other.
This talk was delivered at DockerCon Europe 2015 in Barcelona.
The latest releases of today’s popular Linux distributions include all the tools needed to do interesting things with Linux containers.
For the Makefile MicroVPS project, I set out to build a minimal virtual private server-like environment in a Linux container from scratch.
These are my requirements for the MicroVPS:
Minimal init sequence
Most of what happens in a rc.sysinit file is not needed (or wanted) in a container. However, to work like a virtual private server, the MicroVPS will need some kind of init system. The absolute minimum would be enough to start the network and at least one service.
Native network namespace
The MicroVPS will have a dedicated network namespace. It should be easy to configure.
Native package management
The package set installed in the container image will be managed using native tools like deb or rpm.
Automated build
An automated repeatable build process is a must.
Fast iteration cycle
The building and testing cycle must be fast enough not to drive me insane.
Easy management
It should be easy to distribute, monitor, and run a MicroVPS container.
In this tutorial, I will show how to use the tools included with Linux to build a virtual private server in a Linux container from scratch, using GNU Make to automate the build process.
An introduction to Linux Container, Namespace & Cgroup.
Virtual Machine, Linux operating principles. Application constraint execution environment. Isolate application working environment.
Docker storage drivers by Jérôme PetazzoniDocker, Inc.
The first release of Docker only supported AUFS, and AUFS was available (out of the box) only on Debian and Ubuntu kernel. Then Red Hat wanted Docker to run on its distros, and contributed the Device Mapper driver, and later the BTRFS driver, and recently the overlayfs driver.
Jérôme presents how those drivers compare from a high-level perspective, explaining their pros and cons.
Then he showed each driver in action, and look at low-level implementation details. We won't dive into the golang implementation code itself, but we will explain the concepts of each driver. This will help to better understand how they work, and give some hints when it comes to troubleshoot their behaviour.
Internal presentation of Docker, Lightweight Virtualization, and linux Containers; at Spotify NYC offices, featuring engineers from Yandex, LinkedIn, Criteo, and NASA!
While probably the most prominent, Docker is not the only tool for building and managing containers. Originally meant to be a "chroot on steroids" to help debug systemd, systemd-nspawn provides a fairly uncomplicated approach to work with containers. Being part of systemd, it is available on most recent distributions out-of-the-box and requires no additional dependencies.
This deck will introduce a few concepts involved in containers and will guide you through the steps of building a container from scratch. The payload will be a simple service, which will be automatically activated by systemd when the first request arrives.
LXC, Docker, security: is it safe to run applications in Linux Containers?Jérôme Petazzoni
Linux Containers (or LXC) is now a popular choice for development and testing environments. As more and more people use them in production deployments, they face a common question: are Linux Containers secure enough? It is often claimed that containers have weaker isolation than virtual machines. We will explore whether this is true, if it matters, and what can be done about it.
If you're not familiar with Docker yet, here is your chance to catch up: a quick overview of the Open Source Docker Engine, and its associated services delivered through the Docker Hub. It also includes Jérôme will also discuss the new features of Docker 1.0, and briefly explain how you can run and maintain Docker on Azure. In addition, an Azure team member will demonstrate how deploy docker to Azure. The presentation will be followed by a Q&A session!
Towards an Instructional Design Motivational Framework to Address the Retenti...Dr Stylianos Mystakidis
Presentation of the paper "Addressing the Retention Gap in MOOCs: Towards a Motivational Framework for MOOCs Instructional Design" at EARLI 2015 conference.
Existing design schemes of Massive Open Online Courses (MOOCs) usually focus on pedagogy, assessment and technology and rarely take into account learners’ experience and motivation. Drawing from the success of quest-based initiatives, gamified web platforms, and multi-user digital games, this paper introduces an innovative motivational framework for MOOCs instructional design coined as Open Quest Framework (OpenQuest). The framework is grounded on established motivational theories such as the Self-Determination Theory and Situated Motivational Affordance. It features specific motivational mechanisms including, quests and narration, reputation systems, progression mechanisms, multiple learning pathways, well-designed feedback and social elements, that can be used to enhance learners' engagement and reduce attrition rates in MOOCs.
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConJérôme Petazzoni
Containers are everywhere. But what exactly is a container? What are they made from? What's the difference between LXC, butts-nspawn, Docker, and the other container systems out there? And why should we bother about specific filesystems?
In this talk, Jérôme will show the individual roles and behaviors of the components making up a container: namespaces, control groups, and copy-on-write systems. Then, he will use them to assemble a container from scratch, and highlight the differences (and likelinesses) with existing container systems.
presentation held at SUSE Linux Expert Forum December 2014
Linux container history and Linux namespaces
examples include:
* Move a VPN connection to its own namespace(p 25)
* User namespaces demo(p 28)
see collection of useful articles and advanced container usecases pp 29
Linux Containers(LXC) allow running multiple isolated Linux instances (containers) on the same host.
Containers share the same kernel with anything else that is running on it, but can be constrained to only use a defined amount of resources such as CPU, memory or I/O.
A container is a way to isolate a group of processes from the others on a running Linux system.
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Jérôme Petazzoni
Linux containers are different from Solaris Zones or BSD Jails: they use discrete kernel features like cgroups, namespaces, SELinux, and more. We will describe those mechanisms in depth, as well as demo how to put them together to produce a container. We will also highlight how different container runtimes compare to each other.
This talk was delivered at DockerCon Europe 2015 in Barcelona.
The latest releases of today’s popular Linux distributions include all the tools needed to do interesting things with Linux containers.
For the Makefile MicroVPS project, I set out to build a minimal virtual private server-like environment in a Linux container from scratch.
These are my requirements for the MicroVPS:
Minimal init sequence
Most of what happens in a rc.sysinit file is not needed (or wanted) in a container. However, to work like a virtual private server, the MicroVPS will need some kind of init system. The absolute minimum would be enough to start the network and at least one service.
Native network namespace
The MicroVPS will have a dedicated network namespace. It should be easy to configure.
Native package management
The package set installed in the container image will be managed using native tools like deb or rpm.
Automated build
An automated repeatable build process is a must.
Fast iteration cycle
The building and testing cycle must be fast enough not to drive me insane.
Easy management
It should be easy to distribute, monitor, and run a MicroVPS container.
In this tutorial, I will show how to use the tools included with Linux to build a virtual private server in a Linux container from scratch, using GNU Make to automate the build process.
An introduction to Linux Container, Namespace & Cgroup.
Virtual Machine, Linux operating principles. Application constraint execution environment. Isolate application working environment.
Docker storage drivers by Jérôme PetazzoniDocker, Inc.
The first release of Docker only supported AUFS, and AUFS was available (out of the box) only on Debian and Ubuntu kernel. Then Red Hat wanted Docker to run on its distros, and contributed the Device Mapper driver, and later the BTRFS driver, and recently the overlayfs driver.
Jérôme presents how those drivers compare from a high-level perspective, explaining their pros and cons.
Then he showed each driver in action, and look at low-level implementation details. We won't dive into the golang implementation code itself, but we will explain the concepts of each driver. This will help to better understand how they work, and give some hints when it comes to troubleshoot their behaviour.
Internal presentation of Docker, Lightweight Virtualization, and linux Containers; at Spotify NYC offices, featuring engineers from Yandex, LinkedIn, Criteo, and NASA!
While probably the most prominent, Docker is not the only tool for building and managing containers. Originally meant to be a "chroot on steroids" to help debug systemd, systemd-nspawn provides a fairly uncomplicated approach to work with containers. Being part of systemd, it is available on most recent distributions out-of-the-box and requires no additional dependencies.
This deck will introduce a few concepts involved in containers and will guide you through the steps of building a container from scratch. The payload will be a simple service, which will be automatically activated by systemd when the first request arrives.
LXC, Docker, security: is it safe to run applications in Linux Containers?Jérôme Petazzoni
Linux Containers (or LXC) is now a popular choice for development and testing environments. As more and more people use them in production deployments, they face a common question: are Linux Containers secure enough? It is often claimed that containers have weaker isolation than virtual machines. We will explore whether this is true, if it matters, and what can be done about it.
If you're not familiar with Docker yet, here is your chance to catch up: a quick overview of the Open Source Docker Engine, and its associated services delivered through the Docker Hub. It also includes Jérôme will also discuss the new features of Docker 1.0, and briefly explain how you can run and maintain Docker on Azure. In addition, an Azure team member will demonstrate how deploy docker to Azure. The presentation will be followed by a Q&A session!
Towards an Instructional Design Motivational Framework to Address the Retenti...Dr Stylianos Mystakidis
Presentation of the paper "Addressing the Retention Gap in MOOCs: Towards a Motivational Framework for MOOCs Instructional Design" at EARLI 2015 conference.
Existing design schemes of Massive Open Online Courses (MOOCs) usually focus on pedagogy, assessment and technology and rarely take into account learners’ experience and motivation. Drawing from the success of quest-based initiatives, gamified web platforms, and multi-user digital games, this paper introduces an innovative motivational framework for MOOCs instructional design coined as Open Quest Framework (OpenQuest). The framework is grounded on established motivational theories such as the Self-Determination Theory and Situated Motivational Affordance. It features specific motivational mechanisms including, quests and narration, reputation systems, progression mechanisms, multiple learning pathways, well-designed feedback and social elements, that can be used to enhance learners' engagement and reduce attrition rates in MOOCs.
Playful Blended Digital Storytelling in 3D Immersive eLearning Environments f...Dr Stylianos Mystakidis
Presentation at IDEE Workshop 2014 (June 9th, 2014 Albacete, Spain) about the pedagogical design, the technical development and initial findings of the educational program “From the Ancient to the Modern Tablets” involving digital storytelling, gamification, playful design and 3d virtual worlds to motivate K-12 students and promote literacy and extracurricular reading.
Website development, Collaborative web 2.0 services & Social Media Marketing offered by the Hellenic Choir Association to its members.
Διαδικτυακές Υπηρεσίες της Στέγης Ελληνικών Χορωδιών προς τα μέλη της:
- Μουσική Βιβλιοθήκη
- Καλεντάρι Εκδηλώσεων
- Δημιουργία Ιστοτόπου
- Προβολή Εκδηλώσεων
- Ψηφιοποίηση οπτικοακουστικού υλικού
- Στρατηγική Κοινωνικών Δικτύων
Για περισσότερες πληροφορίες:
http://www.stegi-chorus.gr/
Information Literacy and Smart Life-Long Learning: Knowledge Antidotes in the...Dr Stylianos Mystakidis
Presentation delivered at the seminar on Libaries Development of Cyprus Association of Librarians – Information Scientists (CALIS), September 13th, 2013, via Second Life.
Πληροφοριακή Παιδεία και Έξυπνη Διά Βίου Μάθηση: Αντίδοτα Γνώσης στην Οικονομική Κρίση
Παρουσίαση στην ημερίδα της ΚΕΒΕΠ με θέμα «Ανάπτυξη βιβλιοθηκών/κέντρων πληροφόρησης εν μέσω οικονομικής κρίσης» που πραγματοποιήθηκε στις 13 Σεπτεμβρίου 2013 μέσω Second Life
Εκπαίδευση στις Συνεργατικές Εφαρμογές Διαδικτύου Web 2.0 στο Δημόσιο:
Moodle, Google Mail, Groups, Docs, Calendar, ΕΛΛΑΚ, Blogs, Wikis, RSS, Twitter, Delicious, Linkedin, E-Gov 2.0
Pogledat ćemo neke od metoda koje su korisne kod pisanja podrške za razne hardverske uređaje, sa posebnim osvrtom na RFID (Radio-frequency identification) sustav (i zašto bi bilo bolje da je slobodan).
Slobodni festival 3
(Čakovec, 3. - 5. srpnja 2009.)
http://2009.slobodnifestival.info/
Tapping the Potential of Open Blended Courses in Virtual Worlds in an epic quest for change in higher education.
Upatras Open Workshop presentation in the VWBPE (Virtual Worlds Best Practices in Education) conference takes place on Friday March 16th, 6pm SLT/PDT = Saturday, 17th 1 am GMT (London) = 3 am EET (Athens).
For more information on the Open Workshop please visit: http://openworkshop.wordpress.com/ and http://openworkshop.pbworks.com/
Isolating an applications using LXC – Linux ContainersVenkat Raman
configuring and running an application inside the container. Dockers are built on top of LXC. In Dockers case, its advantage is that its open-source engine can be used to pack, ship, and run any application as a lightweight, portable, self-sufficient LXC container that runs virtually anywhere. It’s a packaging system for applications.
Slides for a quick introduction to Linux containers (lxc) and Docker from a hands-on talk given at the Johannesburg Linux User Group on the 20th Jan 2014
In this talk Jiří Pírko discusses the design and evolution of the VLAN implementation in Linux, the challenges and pitfalls as well as hardware acceleration and alternative implementations.
Jiří Pírko is a major contributor to kernel networking and the creator of libteam for link aggregation.
Linux container (LXC) seems to be preferred technology for deployment of Platform as a service (PaaS) in cloud. Partly because it's easy to install on top of existing visualization platforms (KVM, VMware, VirtualBox), partly because it is lightweight solution to provide separation and process allocations between separate containers running under single kernel.
In this talk we will take a look at LXC and try to explain how to combine it with mandatory access control (MAC) mechanisms within Linux kernel to provide secure separation between different users of applications.
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQJérôme Petazzoni
Docker is the Open Source container engine. This is an introduction to Docker, what it is, how it works, and some material presenting the new features in versions 0.8 and 0.9.
You have one of those fruity *Pi arm boards and cheep sensor from China? Some buttons and LEDs? Do I really need to learn whole new scripting language and few web technologies to read my temperature, blink a led or toggle a relay? No, because your Linux kernel already has drivers for them and all you need is device tree and cat.
You got a network to take care of. How would you know what is on it? For years, people in the know used bro network monitoring to answer those questions. Now it's time to take a look what you can find out about your network if you wanted to be local big brother.
I hope to see more hacks of STM8 based devices since we have sdcc compiler with support for stm8, cheap SWIM programmer in form of ST-Link v2 (Chinese clones, which are also useful as ARM SWD programmers) and STM8 has comparable features to 8-bit AVR micro-controllers but cheaper.
Raspberry Pi is well known little Linux machine which almost everybody has. But, did you know that it can replace multiple programmers and enrich your hacking toolbox?
In this talk, we will take a look how to use Raspberry Pi (any model) to program any 3.3V target device from AVR micro-controllers, CPLD and FPGA devices and even CC110x which is available in IM-ME, nice little gadget useful for sub-1GHz radio spectrum analysis.
We will cover openocd, urjtag, avrdude and other projects which are useful if you want to run your own code on more of less any device.
This presentation gives overview or our Ganeti deployment
There is related YouTube playlist (in Croatian) with presentations https://www.youtube.com/playlist?list=PLDMnMa3XBHD_K6Rl2FBe2CC-MS6mdTOrJ
This presentation describes my experience with nRF24L01, Arduino, Bus Pirate and various other hardware toys when somebody who does software gets into contact with "real stuff".
Lightning talk about http://sysadmin-cookbook.rot13.org/
A convention to write files and scripts with notes which allows you to create nice html documentation with zero effort
Back in 2008, we moved our libraries in new building equipped with 3M RFID hardware.
Since then I examined hardware a little and wrote Open Source driver for it which provide simple HTTP/JSONP interface for it. This allows adding RFID support to Koha's intranet using nothing more than JavaScript include file using jquery.
Peer-to-peer networks are right solution for distributing mostly static content to multiple clients while exploiting bandwidth of all clients to share file chunks and available bandwidth.
Torrent is currently most used P2P network protocol, but in this day and age it suffers from lack of official specification and has stigma attached to it. However, if you want to distribute software updates or create multiple disaster recovery sites it makes sense to create private torrent network which will to it's job.
In this presentation I will try to explain what it takes to create your own peer-to-peer cloud based on torrent protocol.
Post-relational databases: What's wrong with web development? v3Dobrica Pavlinušić
Pogledat ćemo kako se razvoj aplikacija mijenjao kroz vrijeme i koji je najjednostavniji način da napravimo web aplikaciju korištenjem JavaScript-a i JSON-a koji nam omogućavaju brz i jednostavan razvoj aplikacija uz pomoć Angulara i CouchDB-a. Cilj je napraviti aplikaciju za jedno popodne!
This presentation provides quick overview of current features of my perl server-side faceted data browser available at: http://github.com/dpavlin/MojoFacets
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
3. Virtualization overview
● Xen
● Separate host i guest kernel (dom0, domU)
● Not upstream, massive duplication of kernel code
● Linux Vserver, OpenVZ (Virtuozzo), sVirt (SELinux based)
● Single kernel, out-of-tree patches
● Linux Containers - LXC
● chroot on steroids, based on cgroup Linux support
● Part of standard kernel, based on things you already know!
● Full-system virtualization: KVM, VirtualBox, VMWare
● But you can run LXC inside them! (e.g. EC2)
4. cgroup
● Process namespace in kernel
● Devices (even X11 in LXC!)
● CPU (sched, cpu account, cpuset) - NUMA
● Memory (not in Debian's kernel)
● Block I/O scheduling, limits
● Linus' 2.6.38 magic patch
● Setsid create new scheduler entry
● Used by Google Chrome, systemd...
11. Under construction
● Still not in: Linux 2.6.38.2
● lxc-attach
● Attach process (bash) inside running container
● Needed to set default route outside container
● lxc-checkpoint
● Similar to lxc-(un)freeze with checkpoint to disk
● https://ckpt.wiki.kernel.org/
12. LXC summary
● Isolate
● one application – lxc-execute
● whole OS – lxc-start
● use templates (lxc-create)
● Familiar Linux networking (bridges)
● Limiting features varies (kernel config/version)
● Ready to use today!