Session
FOSDEM Schedule 2021
Containers

Advanced BPF kernel features for the container age

D.containers
Daniel Borkmann
<p>BPF is becoming ubiquitous in today's modern container environments and thanks to the fast pace of innovations from Linux kernel developers in the BPF subsystem, cloud native networking software such as Cilium is able to bring these extensions to a mainstream user base for improving throughput, latency and reliability of workloads and services. This talk provides a deep dive on recently added BPF kernel as well as Cilium extensions for Kubernetes environments which significantly reduce application tail latencies with the help of the earliest departure time (EDT) model for egress bandwidth management. Furthermore, recently added BPF redirection helpers are discussed which offer a low-latency switch into Pod network namespaces. Last but not least the talk also covers how Cilium's BPF kube-proxy replacement improves reliability for its high-performance XDP-based north-south service load-balancing through a BPF-based Maglev consistent hashing implementation. We'll discuss our path towards implementing these features, our lessons learned as well as future follow-up work.</p>

Additional information

Type devroom

More sessions

2/7/21
Containers
Jakub Dżon
D.containers
<p>Operator SDK is a solid foundation for building robust applications for Kubernetes; one of such applications is the VM import operator (https://github.com/kubevirt/vm-import-operator) allowing Kubernetes administrators to easily import their oVirt-managed virtual machines to KubeVirt. In this talk, the speaker will show how his team used Operator SDK to build the VM import operator and how that operator can be used.</p>
2/7/21
Containers
Vlad Bogolin
D.containers
<p>Containers are a central point for the MariaDB buildbot (buildbot.mariadb.org). In fact, almost all our builds run in Docker containers. In this short presentation, I will talk about the container environment used in order to build MariaDB from source both on Linux and Windows. Then, I will present some of the challenges associated with running Windows in a Docker container and finally I will focus on some of the advantages of having a container based continuous integration ...
2/7/21
Containers
Viktor Farcic
D.containers
<p>What are we going to do without Docker inside Kubernetes clusters?</p>
2/7/21
Containers
akrem
D.containers
<p>Hello, Our solution is developed from scratch using python django we aim to provide easy way and flexible to deploy virtual environment in enterprise , we use lxd as our core hypervisor and we developed a complete solution how to manage all machines and resources utilization with implementing all the lxd features And every thing is packaged one script it will do all the handy work we use NoVnc as Xserver to visualize the desktop monitoring tools grafana and ELK stack</p>
2/7/21
Containers
Christian Brauner
D.containers
<p>On most POSIX systems including Linux file ownership can only be changed globally, i.e. for all users through the chown*() syscall family. In this talk we will introduce idmapped mounts. Idmapped mounts allow to change the ownership of files under the mounts they appear in.</p>
2/7/21
Containers
Peter Zaitsev
D.containers
<p>DBaaS is the fastest growing way to deploy databases. It is fast and convenient and it helps to reduce toil a lot, yet it is typically done using proprietary software and tightly coupled to the cloud vendor. We believe Kubernetes finally allows us to build fully OpenSource DBaaS Solution capable to be deployed anywhere Kubernetes runs - on the Public Cloud or in your private data center.</p> <p>In this presentation, we will describe the most important user requirements and typical problems ...
2/7/21
Containers
Marco Mancini
D.containers
<p>Although Kubernetes is the leading container orchestration solution, it does not necessarily solve all container management-related challenges that one might face. Leaving fashions aside, some other technologies may actually be a better solution for some use cases and projects. Kubernetes is actually a very complex technology, with limited support for multi-tenancy and lacking secure isolation between tenants. Kubernetes does not offer cloud-like self-service provision features for users ...