• kubectl create pizza

    making kubernetes do what it was always meant to do - order pizza


  • kubernetes secrets

    exploring kubernetes secrets from the kubelet's perspective


  • quality of service and oom in kubernetes

    into the details of resource reservation and oom killing


  • containerd - concourse runtime up to speed

    an overview of containerd (internal Concourse chat)


  • go: observing stack grow and shrink

    enabling stackDebug to see debug prints from golang runtime


  • an intro to bpf

    an introductory talk on BPF


  • golang http context cancellation under the hood

    replicating the go way of cancelling a read over the network


  • a standalone kubelet with containerd

    installing containerd and getting a sole kubelet to create pods via CRI


  • failed to locate iptables

    kernel tracing to figure out a little mistake


  • a practical look into overlayfs

    how to use overlayfs and some analysis of its performance impact in certain situations


  • capturing system-wide process execution time

    /usr/bin/time is great, but, what if you could have a system-wide "time" program that captures process execution time with neglebible overhead?


  • the effect of writing to the uid map proc file

    a dive into the mechanics of writing to /proc/pid/uid_gid when setting up user namespaces


  • tar and permission bits

    exploring how tar deals with uid and gids when archiving and extracting under different types of users


  • the setuid bit, or, how sudo minimally works

    a deep dive into the mechanism that allows sudo to work


  • user namespaces and why some containers might take a while to start in Concourse

    a look into the translations performed under the hood


  • improving streaming between Concourse workers

    what if we cut the intermediaries?


  • tracing builds in Concourse

    what if we could use distributed tracing tools to better understand our builds?


  • why you just can't kill a Linux process that is frozen

    some explorations on how sending signals work, and why a SIGKILL fails for frozen processes


  • glibc and golang - an interesting mix

    exploring what glibc is, what ISO C and POSIX covers, and why golang might use glibc for some standard libraries.


  • booting a fresh linux kernel on qemu

    going from source code to a working linux on qemu


  • a very quick intro to prometheus

    a lightning talk on Prometheus


  • serving tarballs as container images

    some thoughts on serving container images from a tarball as if you had a container images registry


home

notes

@cirowrc