В версии ядра Linux 3.9 (ага, давно) добавили такую фичу для сокетов как
Так вот, зачем оно надо? А затем, что можно делать zero-downtime деплой даже не в кластер. Можно даже делать zero-downtime деплой на отдельновзятой машине в кластере. Конечно, это не так актуально, если у вас действительно всё кластеризировано, но всё равно интересно
Небольшая презентация об этом деле с примерами кода на Python и Ruby:
https://speakerdeck.com/joewalnes/linux-port-sharding
#linux
SO_REUSEPORT
aka port sharding. Смысл в том, что несколько процессов могут слушать один и тот же порт, а ядро само разрулит, кому что посылать. Ну код должен со своей стороны эту фичу тоже поддерживать, конечно жеТак вот, зачем оно надо? А затем, что можно делать zero-downtime деплой даже не в кластер. Можно даже делать zero-downtime деплой на отдельновзятой машине в кластере. Конечно, это не так актуально, если у вас действительно всё кластеризировано, но всё равно интересно
Небольшая презентация об этом деле с примерами кода на Python и Ruby:
https://speakerdeck.com/joewalnes/linux-port-sharding
#linux
Speaker Deck
Linux port sharding
The mysterious SO_REUSEPORT option introduced in Linux kernel 3.9.
Example code here: https://github.com/joewalnes/port-sharding
Example code here: https://github.com/joewalnes/port-sharding
Forwarded from Українська девопсарня
На CatOps опубликовали интересный пост о SO_REUSEPORT (https://t.me/catops/329). Собственно хочу в догонку скинуть старый пост из github о том что не все так хорошо с SO_REUSEPORT на примере Haproxy.
Если коротко, то между прекращением приема сообщений и закрытием сокета может пройти какое-то время (несколько миллисекунд) и все подключения за этот период будут сброшены, потому что старый демон их уже не обрабатывает, но еще не закрыл сокет.
Вариант решения от Haproxy — дропать syn запросы на этот период. Вариант решения от GitHub (и nginx) использовать отдельный демон, который будет держать сокет открытым.
Если коротко, то между прекращением приема сообщений и закрытием сокета может пройти какое-то время (несколько миллисекунд) и все подключения за этот период будут сброшены, потому что старый демон их уже не обрабатывает, но еще не закрыл сокет.
Вариант решения от Haproxy — дропать syn запросы на этот период. Вариант решения от GitHub (и nginx) использовать отдельный демон, который будет держать сокет открытым.
Telegram
CatOps
В версии ядра Linux 3.9 (ага, давно) добавили такую фичу для сокетов как SO_REUSEPORT aka port sharding. Смысл в том, что несколько процессов могут слушать один и тот же порт, а ядро само разрулит, кому что посылать. Ну код должен со своей стороны эту фичу…
Хорошее видео для выходного дня про BPF и том, как Cilium использует эту технологию для управления сетью в Kubernetes
#kubernetes #networking #linux
#kubernetes #networking #linux
YouTube
Cilium - Bringing the BPF Revolution to Kubernetes Networking and Security
https://media.ccc.de/v/ASG2018-221-cilium_-_bringing_the_bpf_revolution_to_kubernetes_networking_and_security
Thomas Graf
https://cfp.all-systems-go.io/en/ASG2018/public/events/221
Thomas Graf
https://cfp.all-systems-go.io/en/ASG2018/public/events/221
Спасиок временно бесплатных курсов Linux Academy на Март:
- Linux Operating System Fundamentals
- Source Control with Git
- Hadoop Quick Start
- Google Cloud Essentials
- CoreOS Essentials
- NGINX Web Server Deep Dive
- AWS IAM Deep Dive
- Kubernetes QuickStart
- Kubernetes Essentials
Курсы, доступные бесплатно для участников Community Membership без временных ограничений:
- Vim – The Improved Editor
- Jenkins Quick Start
- How to Get a Linux Job
- LXC/LXD Deep Dive
- Build Your Own Linux From Scratch
- AWS Concepts
- Big Data Essentials
- AWS Essentials
- Azure Concepts
- Mastering Regular Expressions
- DevOps Essentials
- YAML Essentials
#learn #courses #linux
- Linux Operating System Fundamentals
- Source Control with Git
- Hadoop Quick Start
- Google Cloud Essentials
- CoreOS Essentials
- NGINX Web Server Deep Dive
- AWS IAM Deep Dive
- Kubernetes QuickStart
- Kubernetes Essentials
Курсы, доступные бесплатно для участников Community Membership без временных ограничений:
- Vim – The Improved Editor
- Jenkins Quick Start
- How to Get a Linux Job
- LXC/LXD Deep Dive
- Build Your Own Linux From Scratch
- AWS Concepts
- Big Data Essentials
- AWS Essentials
- Azure Concepts
- Mastering Regular Expressions
- DevOps Essentials
- YAML Essentials
#learn #courses #linux
Прекрасное выступление про CPU throttling в мультипроцессорных окружениях и баг ядра c планированием ресурсов CPU
https://youtu.be/UE7QX98-kO0
#linux #containers
https://youtu.be/UE7QX98-kO0
#linux #containers
YouTube
Throttling: New Developments in Application Performance with CPU Limits - Dave Chiluk, Indeed
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference…
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference…
There were a lot of culture posts here lately, but no worries were still in the engineering domain!
So, today I want to share a neat detective/mystery story abut ZFS by Brendan Gregg.
It's called "ZFS Is Mysteriously Eating My CPU" and I won't add any more details here to keep the suspense.
Enjoy!
#performance #linux
So, today I want to share a neat detective/mystery story abut ZFS by Brendan Gregg.
It's called "ZFS Is Mysteriously Eating My CPU" and I won't add any more details here to keep the suspense.
Enjoy!
#performance #linux
Sometimes it is worth getting your head from clouds down to Earth.
Here is a great post-mortem story of a failed Ceph cluster.
The investigation led them down to more “invisible” underlying layers rather than just Ceph itself, but I won’t spoil more. This is an interesting and not that long read, so you can go through it yourself. Also, at least for me, every post-mortem looks like a detective story, not just a technical article.
P.S. I haven’t worked much with Ceph myself. When I was a very junior engineer, we had a few small Ceph clusters in a company I worked for. I was not involved in that project, though. However, I remember that once we had an issue with one of the clusters and my colleague spent a night fixing it.
The next day he said: “We didn’t quite lose the data. We just cannot retrieve it”. I think from that time this became a strong association for me with Ceph, even though Ceph is usually not the case.
#postmortem #ceph #linux
Here is a great post-mortem story of a failed Ceph cluster.
The investigation led them down to more “invisible” underlying layers rather than just Ceph itself, but I won’t spoil more. This is an interesting and not that long read, so you can go through it yourself. Also, at least for me, every post-mortem looks like a detective story, not just a technical article.
P.S. I haven’t worked much with Ceph myself. When I was a very junior engineer, we had a few small Ceph clusters in a company I worked for. I was not involved in that project, though. However, I remember that once we had an issue with one of the clusters and my colleague spent a night fixing it.
The next day he said: “We didn’t quite lose the data. We just cannot retrieve it”. I think from that time this became a strong association for me with Ceph, even though Ceph is usually not the case.
#postmortem #ceph #linux
A nice overview of how Docker works on non-Linux hosts as well as an explanation, why I/O operations are so slow. Plus, some hints on how to make it faster for the local development.
tl;dr. Because Docker requires Linux capabilities, thus is has to have Linux VM to run Linux-based images on MacOS and Windows. This VM shares filesystem with the host, which is slow. There’s a new implementation VirtioFS, which is faster, but still not ideal.
We briefly discussed ways of running Docker on the new M-based Macs on our previous voice chat and this article has links to some tools we mentioned there, specifically: Rancher Desktop and Colima.
Also, I recall developers at my previous job complaining about slow-ish Docker performance, but IIRC VirtioFS was not widely adopted back then.
#docker #linux
tl;dr. Because Docker requires Linux capabilities, thus is has to have Linux VM to run Linux-based images on MacOS and Windows. This VM shares filesystem with the host, which is slow. There’s a new implementation VirtioFS, which is faster, but still not ideal.
We briefly discussed ways of running Docker on the new M-based Macs on our previous voice chat and this article has links to some tools we mentioned there, specifically: Rancher Desktop and Colima.
Also, I recall developers at my previous job complaining about slow-ish Docker performance, but IIRC VirtioFS was not widely adopted back then.
#docker #linux
Paolomainardi
Docker on MacOS is slow and how to fix it
Thanks to the DALL·E 2, we finally have a very nice graphic representation of the feelings of a Docker container inside a macOS environment, I will try with this article to make this poor container safe to the coast.
TL;DR Link to heading At the time of writing…
TL;DR Link to heading At the time of writing…
From our subscriber:
Till the end of June you can save up to 40% on the Linux Foundation courses with this promo code:
JUNEBBQ40
UPD. Also, AWS has extended the promo code for exam retake. So, if you fail the exam the first time, you can retake it for free. More details:
AWSRETAKE
#linux #education #kubernetes #aws
Till the end of June you can save up to 40% on the Linux Foundation courses with this promo code:
JUNEBBQ40
UPD. Also, AWS has extended the promo code for exam retake. So, if you fail the exam the first time, you can retake it for free. More details:
AWSRETAKE
#linux #education #kubernetes #aws
Linux Foundation - Training
Promo Inactive - Linux Foundation - Training
Sign up for our newsletter to get updates on our latest promotions.
The upcoming systemd 256 release will have a replacement for
You can read more about
#linux
sudo
- run0.
You can read more about
run0
in this article.#linux
Hongkiat
run0 Command: An Alternative to sudo - What We Know So Far
The systemd project continues to revolutionize the Linux ecosystem with its latest addition: the run0 command. Announced recently by systemd lead