logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Chris Aniszczyk
2023-04-20

tldr - powered by Generative AI

The Technical Oversight Committee (TOC) of the Cloud Native Computing Foundation (CNCF) is responsible for evaluating and approving projects for inclusion in the CNCF ecosystem. The TOC works to strike a balance between the needs of the projects, community members, and end users, while also ensuring that projects are aligned with the values and principles of Cloud Native. The TOC is also working to make its criteria for project evaluation more clear and consistent.
  • The TOC evaluates and approves projects for inclusion in the CNCF ecosystem
  • The TOC works to strike a balance between the needs of the projects, community members, and end users
  • The TOC ensures that projects are aligned with the values and principles of Cloud Native
  • The TOC is working to make its criteria for project evaluation more clear and consistent
Authors: Jeremi Piotrowski
2023-04-19

tldr - powered by Generative AI

Confidential Computing is a secure computing environment that allows users to protect their data and workloads from unauthorized access. The presentation discusses the different models of attestation and how they are implemented in real-world scenarios using Microsoft Azure and the Confidential Containers project. The attestation report is a key component of remote attestation, which is made possible by the unique key inside the AMD secure processor that signs the report. Confidential Computing is an answer to the security concerns of industries that deal with personal and financial data.
  • Confidential Computing is a secure computing environment that protects data and workloads from unauthorized access
  • Different models of attestation are used in real-world scenarios
  • The attestation report is a key component of remote attestation
  • Confidential Computing is an answer to the security concerns of industries that deal with personal and financial data
Conference:  ContainerCon 2022
Authors: Theresa Shan, Cathy Zhang
2022-06-22

tldr - powered by Generative AI

Design details of the elastic code method for Kubernetes and changes made to the Kubernetes code base to support it
  • Elastic code method involves creating application parts in three steps and using enclaves for security
  • Elastic code method reduces overhead and improves performance optimization
  • Changes made to Kubernetes include adding a replica field to the pod spec and modifying the API server, scheduler, and kubelet to support it
  • Replicated containers are managed through a set of states in the product status
  • Elastic code method schedules replicated containers onto the node that hosts the primary container
Authors: Adam Wolfe Gordon, Wayne Warren
2022-05-19

tldr - powered by Generative AI

The presentation discusses the HTTP interactions involved in image pushes and pulls, as well as the high-level overview of the distribution internals. It also highlights the interface methods and objects involved in the sequence of storing a chunk layer in the configured backend, specifically in the HTTP patch function for the blobs uploads endpoint.
  • HTTP interactions involved in image pushes and pulls
  • High-level overview of the distribution internals
  • Interface methods and objects involved in storing a chunk layer in the configured backend
  • Authentication, resuming the session, and uploading the data phases of the patch request
  • Use of S3 API as the configured backend
  • Implementation of data upload phase using an IO copy that reads from the patch request body and writes to the S3 blob writer
  • Use of multi-part upload for buffering in the S3 backend
Authors: Vincent Sevel
2022-05-18

Container orchestrators have become the de-facto standard to deploy a wide variety of workloads. As the number of deployments increases, so is the pressure on resource usage, and hardware costs. Container runtimes and Kubernetes come with a set of tools that help make the most out of your infrastructure such as cgroups with resource usage limitation and prioritization, requests and limits on cpu and memory, quality of services. Even with those tools, it can be challenging to understand how they work, and how to use them. In this talk, the speaker will offer a review of the available mechanisms, how they map at the orchestrator and runtime levels, and introduce the Vertical Pod Autoscaler as a mean to optimize resource tuning at scale. He will share some of the lessons the company learned since starting this effort. And finally he will describe where they are in the deployment phase, and give some perspective on the direction where they are headed.Click here to view captioning/translation in the MeetingPlay platform!
Authors: Alexander Jung
2021-10-14

tldr - powered by Generative AI

KubeKraft is a novel runtime that allows for running VMs with Kubernetes natively, without any container overhead. It aims to achieve higher cluster utilization while maintaining performance and security.
  • Virtualization strategies such as containers have gained immense popularity thanks to orchestration frameworks such as Kubernetes.
  • Typical deployments with Kubernetes involve four degrees of virtualization and indirection, which can be difficult to debug and add performance penalties.
  • KubeKraft introduces unikernels into the ecosystem and allows for running VMs with Kubernetes natively, without any container overhead.
  • KubeKraft's architecture is presented, along with its integration with Kubernetes and performance results.
  • Using a Unikraft NGINX unikernel, KubeKraft results in 2x the throughput of an official Docker NGINX image.
Authors: Kohei Tokunaga, Tao Peng
2021-10-14

tldr - powered by Generative AI

The presentation discusses the benefits and implementation of lazy loading and e-suggested images in container ecosystems.
  • Lazy loading can improve container startup time by prefetching data before it is needed.
  • E-suggested images allow for customization and optimization of container images.
  • Several tools and platforms support lazy loading and e-suggested images, including Podman, Buildkit, and Container Registry.
  • The presentation proposes extending the OCI image specification to include e-suggested images.
  • Lazy loading and e-suggested images can improve the efficiency and usability of container ecosystems.
Authors: Lukáš Hejtmánek, Viktória Spišaková
2021-10-13

tldr - powered by Generative AI

Challenges and solutions in implementing Kubernetes infrastructure and moving scientific computing to containers in the academic environment
  • Introduction of efforts made at CERIT-SC/Institute of Computer Science of Masaryk University to implement Kubernetes infrastructure and move scientific computing to containers
  • Challenges of multi-tenancy assurance, deploying applications under users, resource sharing, and building trust towards containerization among the research community
  • Several created solutions, presentation of European open-source projects, and demonstration of how containers help in the academic environment
  • Other issues faced and proposed ideas on new features