SIG-Node, with Dawn Chen

Kubernetes Podcast from Google

Episode | Podcast

Date: Wed, 26 Sep 2018 05:35:00 +0000

<p>Dawn Chen, TL for SIG-Node and the Google Kubernetes Engine node team, joins <a href="https://kubernetespodcast.com/about">Craig and Adam</a> this week. She has worked on containers and container schedulers since 2007 - not a typo. We also bring you the news, in part from the echo chamber of Google Cloud Summit in Sydney.</p> <p>Do you have something cool to share? Some questions? Let us know:</p> <ul> <li>web: <a href="https://kubernetespodcast.com">kubernetespodcast.com</a></li> <li>mail: <a href="mailto:kubernetespodcast@google.com">kubernetespodcast@google.com</a></li> <li>twitter: <a href="https://twitter.com/kubernetespod">@kubernetespod</a></li> </ul> <h3 id="chatter-of-the-week">Chatter of the week</h3> <ul> <li><a href="https://twitter.com/RafikN_/status/1044801399098429440">Stickers!</a></li> <li><a href="https://cloudplatformonline.com/2018-Summit-HongKong-Home.html">Google Cloud Summit in Hong Kong</a></li> <li><a href="https://cloud.withgoogle.com/next18/london">Google Cloud Next in London</a></li> <li><a href="https://www.gartner.com/en/conferences/na/symposium-us">Gartner Symposium Orlando</a></li> <li><a href="https://www.lfasiallc.com/events/kubecon-cloudnativecon-china-2018/"> KubeCon Shanghai</a></li> </ul> <h3 id="news-of-the-week">News of the week</h3> <ul> <li><a href="https://www.netapp.com/us/company/news/press-releases/news-rel-20180918-3539848.aspx"> NetApp acquires StackPointCloud</a></li> <li>Cloud news: <ul> <li><a href="https://twitter.com/DustinKirkland/status/1042320434669084672">Sandbox pods on GKE</a> <ul> <li><a href="https://docs.google.com/forms/d/e/1FAIpQLScfCnJj5DOIOQqKhqBeS8T8-StHeThNiGYeIwUaPdlUf4RA1w/viewform"> Signup form</a></li> </ul> </li> <li><a href="https://azure.microsoft.com/en-us/blog/new-investments-in-azure-stack-extend-microsoft-s-hybrid-cloud-leadership/"> Kubernetes tools for Azure Stack</a></li> <li><a href="https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-eks-simplifies-cluster-setup-with-update-kubeconfig-cli-command/"> EKS can generate kubeconfig files!</a></li> </ul> </li> <li><a href="https://www.cncf.io/blog/2018/09/17/gsoc-18-kata-containers-support-for-containerd/"> GSoC: katacontainer support in containerd, by Jian Liu</a></li> <li><a href="https://www.cncf.io/blog/2018/09/18/linkerd-2-0-in-general-availability/"> linkerd 2.0 is GA</a> <ul> <li><a href="https://kubernetes.io/blog/2018/09/18/hands-on-with-linkerd-2.0/">Thomas Rampelberg tells you how to use it</a></li> </ul> </li> <li><a href="https://www.cncf.io/blog/2018/09/20/cncf-to-host-cortex-in-the-sandbox/"> Cortex added to the CNCF sandbox</a></li> <li><a href="https://blog.openshift.com/istio-on-openshift/">Red Hat OpenShift Service Mesh, based on Istio</a></li> <li><a href="https://www.trulia.com/blog/tech/microservice-observability-with-istio/"> Microservice observability with Istio at Trulia</a></li> <li><a href="https://blog.heptio.com/introducing-heptio-contour-0-6-ecaa5ee6a67d"> Contour 0.6 from Heptio</a></li> </ul> <h3 id="links-from-the-interview">Links from the interview</h3> <ul> <li><a href="https://github.com/dchen1107">Dawn Chen on GitHub</a></li> <li><a href="https://ai.google/research/pubs/pub43438">The Borg paper</a></li> <li>Process containers (later ‘cgroups’): <ul> <li><a href="https://lwn.net/Articles/199643/">The first submission of containers to the Linux kernel</a></li> <li><a href="https://lwn.net/Articles/236038/">Early coverage of process containers</a></li> <li><a href="https://www.kernel.org/doc/ols/2007/ols2007v2-pages-45-58.pdf">Paul Menage’s 2007 paper “Adding Generic Process Containers to the Linux Kernel”</a></li> <li>Dawn’s first job: tracking processes. Each job had its own GID - she would use <a href="http://conntrack-tools.netfilter.org/manual.html">netlink connection tracking</a> to map processes and threads to GIDs, and, using <a href="https://en.wikipedia.org/wiki/Procfs">procfs</a>, figure out CPU and memory usage.</li> <li>Dawn’s second job: adjusting CPU usage using <a href="https://en.wikipedia.org/wiki/Nice_(Unix)">nice</a></li> <li>Today we just use <a href="https://www.kernel.org/doc/Documentation/cgroup-v1/memory.txt">memcg</a></li> <li><a href="https://www.kernel.org/doc/Documentation/x86/x86_64/fake-numa-for-cpusets"> Fake NUMA</a> - cut a machine into big chunks and assign them to groups of processes.</li> </ul> </li> <li><a href="https://www.linuxplumbersconf.org/">Linux Plumbers Conference</a> <ul> <li><a href="http://blog.linuxplumbersconf.org/2011/ocw/sessions/705">Tim Hockin’s presentation at the Linux Plumbers Conference in 2011, talking about the work Dawn’s team were doing</a></li> </ul> </li> <li><a href="https://github.com/google/lmctfy">lmctfy</a> - Let Me Contain That For You <ul> <li><a href="https://lmgtfy.com/">In case you don’t get the joke</a></li> <li>It’s like <a href="https://github.com/opencontainers/runc">runc</a> and <a href="https://containerd.io/">containerd</a></li> </ul> </li> <li><a href="https://github.com/kubernetes/community/tree/master/sig-node">SIG Node</a> <ul> <li>Node and lifecycle management</li> <li>Application management</li> <li>Container runtimes and <a href="https://github.com/kubernetes/kubelet">kubelet</a></li> <li><a href="https://github.com/kubernetes/node-problem-detector">Node problem detection</a></li> <li>Resource management</li> <li>GPU & <a href="https://cloud.google.com/tpu/">TPU</a></li> <li>Security isolation</li> <li><a href="https://github.com/google/gvisor">gVisor</a> and Sandbox Pods</li> <li>Logging and monitoring</li> </ul> </li> <li>Was SIG Node the first SIG? <ul> <li>Tied with <a href="https://github.com/kubernetes/community/tree/master/sig-api-machinery"> SIG API Machinery</a></li> </ul> </li> <li>How did we get to CRI? <ul> <li><a href="https://kubernetes.io/blog/2016/07/rktnetes-brings-rkt-container-engine-to-kubernetes/"> rktnetes was released with Kubernetes 1.3</a></li> <li><a href="https://hypercontainer.io/">Hyper_ containers</a> (now <a href="https://katacontainers.io/">Kata Containers</a>)</li> <li><a href="https://linuxcontainers.org/">LXC and LXD</a></li> <li><a href="https://kubevirt.io/">kubevirt for running VMs instead of containers</a></li> <li><a href="https://www.opencontainers.org/">OCI</a></li> <li><a href="https://kubernetes.io/blog/2016/12/container-runtime-interface-cri-in-kubernetes/"> CRI was released with Kubernetes 1.5</a></li> <li><a href="https://containerd.io/">containerd</a> and <a href="http://cri-o.io/">CRI-O</a></li> </ul> </li> <li><a href="https://github.com/kubernetes/community/blob/master/keps/sig-node/0014-runtime-class.md"> Container RuntimeHandler</a>, so some pods can run with one runtime and some with another</li> </ul>