In this entry I explore the basics of cgroups and how to use them for resource constraints for processes. As an example, I also create a process, add it to a new group, and restrain the resources being used by the process. Hope you enjoy digging through this as I have ! Cheers !
In today's post I will go over process isolation in operating systems and how to start doing the same in Linux. Further into this series I am going to compare what it means to isolate processes in other operating systems as well.
With Linux as a base we will understand how Kernel features in Linux allow us to implement process isolation and by extension, containerization. In future entries into this series we will see how other operating systems implement this functionality as well. For now we will start with process isolation in Linux, understand the tiers to process isolation and then see how we can do similar isolation in other operating systems.
I'm back with a new post today on keeping time in Linux, timespaces, network time protocol and how time synchronization became necessity during the advent of railways in the mid 1800s. We will look at how the Raillway mania of the 1840s paved way to time synchronization, how we synchronize time across devices using NTP and a peek into Linux clocks and time namespaces. Hope you enjoy this one !
Do share your experiences with debugging NTP issues and if you have any thoughts on Linux Timespaces and how you use it in production or know any tools which use it heavily.
From what I have learned, LitmusChaos and ChaosMesh have experiments which you can do to mess with the NTP and the kernel clocks, but I wasn't sure how useful people find it really. Do you perform any tests like these for your application ? Have time namespaces helped you in migrating containers in the recent past ?
My substack dashboard either took too long to load or there seemingly was some issue with CSS everytime, had to look into this. Have you faced a similar issue before ?
Second part of my series about exploring mirrord internals. In this one I start scratching the mirrord-layer surface and see how it's dynamically loaded with LD_PRELOAD into binaries to hook into libc functions whilst creating a layer which accepts inputs from mirrord-agent, which are then used to hydrate the hooked libc functions. I spend time in this article to explore this trying to intuitively understand what's going on.
Have a new entry on mirrord (https://mirrord.dev/) and how it mirrors a process from your local machine to Kubernetes. In this post I particularly talk about the mirrord agent but in the subsequent one, I will also be discussing about the tools you need to employ if you had to make this possible for yourself. Mirrord mirrors (and can steal) traffic from your Kubernetes environment to a local process which is the coolest part about it. Can't wait to talk more about it in the next one.
This is a huge security risk (both from a personal and desktop malware perspective), so I assume most people are only allowed to use it in staging. How many bugs reproduce in staging, though?
Not only do more bugs reproduce in staging than locally (for obvious reasons), but mirrord also saves you the trouble of figuring out how to run your stuff locally in the first place.
Previously, before you could add a single line of code to your microservice, you had to be able to run it and all of its dependencies on your local machine. This is such a huge challenge in some cases that people actually prefer to git push and deploy to the cloud for every little change.
With mirrord you can just clone the repo and debug.
I have been reading Outlive by Dr. Peter Attia. I believe this research is used in the book to talk about Alzheimer's. I'm guessing the book will have to be revised. Gonna have to check in the acknowledgements of the book now.
