Prodfiler, with Thomas Dullien

Kubernetes Podcast from Google

Episode | Podcast

Date: Fri, 17 Sep 2021 13:58:12 +0000

<p>Prodfiler is a new tool that provides fleet-wide full-system continuous profiling. It is in some ways the second act of its co-creator <a href="https://twitter.com/halvarflake">Thomas Dullien</a>, who is an internationally-renowned reverse engineer and vulnerability researcher under the name Halvar Flake. Thomas joins us to discuss his career, what you should profile in a distributed system, and why you can’t sell something with a negative cost.</p> <p>Do you have something cool to share? Some questions? Let us know:</p> <ul> <li>web: <a href="https://kubernetespodcast.com">kubernetespodcast.com</a></li> <li>mail: <a href="mailto:kubernetespodcast@google.com">kubernetespodcast@google.com</a></li> <li>twitter: <a href="https://twitter.com/kubernetespod">@kubernetespod</a></li> </ul> <h3 id="chatter-of-the-week">Chatter of the week</h3> <ul> <li><a href="https://www.thenationalnews.com/mena/egypt/2021/09/09/breaking-news-suez-canal-blocked-as-container-ship-runs-aground/"> Container blocakges</a></li> <li><a href="https://www.dailymail.co.uk/news/article-9962505/Five-bedroom-NYC-home-entirely-21-containers-trendy-Williamsburg-goes-sale-5M.html"> Container houses</a></li> </ul> <h3 id="news-of-the-week">News of the week</h3> <ul> <li>Crossplane moves to incubation in CNCF: <ul> <li><a href="https://www.cncf.io/blog/2021/09/14/crossplane-moves-from-sandbox-to-cncf-incubator"> CNCF coverage</a></li> <li><a href="https://blog.crossplane.io/crossplane-cncf-incubation/">Crossplane coverage</a></li> <li><a href="https://kubernetespodcast.com/episode/141-crossplane/">Episode 141, with Daniel Mangum</a></li> </ul> </li> <li><a href="https://cloud.google.com/blog/products/storage-data-transfer/google-cloud-launches-backups-for-gke"> Backup for GKE</a></li> <li><a href="https://cloud.google.com/blog/topics/google-cloud-next/google-cloud-next21-session-catalog-is-live"> Google Cloud Next session catalog is live</a> <ul> <li><a href="https://cloud.withgoogle.com/next?utm_source=kubernetes&amp;utm_medium=audio&amp;utm_campaign=FY21-Q4-global-ES903-onlineevent-er-next-2021&amp;utm_content=kubernetes-podcast-july21&amp;utm_term=-"> Register here</a></li> </ul> </li> <li><a href="https://goo.gle/K8s-multi-cluster">Kubernetes multi-cluster panel on October 6</a></li> <li><a href="https://cloud.google.com/kubernetes-engine/docs/release-notes#September_14_2021"> GKE updates</a>: publishing with Private Service Connect, CSI driver for Filestore GA, SSL policies & HTTPS redirects for multi-cluster Ingress</li> <li><a href="https://unit42.paloaltonetworks.com/azure-container-instances/">Azurescape: attack on Azure Container Instances</a> by Unit 42 at Palo Alto Networks</li> <li><a href="https://groups.google.com/g/kubernetes-announce/c/-e9OlTcED5E/m/fEFtkU0DCQAJ"> CVE-2021-25741</a> for subpath mount symlink attack (High)</li> <li><a href="https://groups.google.com/g/kubernetes-announce/c/-2Dx8JdbzAo/m/DfRz61oDCQAJ"> CVE-2020-8561</a> for webhook response logging (Medium)</li> <li><a href="https://research.nccgroup.com/2021/09/09/nsa-cisa-kubernetes-security-guidance-a-critical-review/"> NCC Group weighs in on NSA guidance</a></li> <li><a href="https://venturebeat.com/2021/09/09/open-source-security-scanning-platform-snyk-raises-530m/"> Snyk raises $530m</a> <ul> <li><a href="https://kubernetespodcast.com/episode/140-security-and-snyk/">Episode 140, with Kamil Potrec</a></li> </ul> </li> <li><a href="https://cloud.google.com/blog/products/databases/sqlcommenter-merges-with-opentelemetry"> Sqlcommenter merges with OpenTelemetry</a></li> <li><a href="https://www.kubermatic.com/blog/kubermatic-kubernetes-platform-2-18-is-here/"> Kubermatic 2.18</a> and <a href="https://www.kubermatic.com/blog/life-is-hard-kubeone-1-3-makes-it-easier/"> KubeOne 1.3</a> <ul> <li><a href="https://kubernetespodcast.com/episode/109-kubermatic/">Episode 109, with Sebastian Scheele</a></li> </ul> </li> <li><a href="https://tanzu.vmware.com/content/blog/general-availability-vmware-tanzu-kubernetes-grid-1-4"> Tanzu Kubernetes Grid 1.4</a></li> <li><a href="https://mattklein123.dev/2021/09/14/5-years-envoy-oss/">5 years of Envoy OSS</a> <ul> <li><a href="https://feeds.libsyn.com/419861/%E2%80%8B%E2%80%8Bhttps:/kubernetespodcast.com/episode/033-envoy/"> Episode 33, with Matt Klein</a></li> </ul> </li> </ul> <h3 id="links-from-the-interview">Links from the interview</h3> <ul> <li><a href="https://thomasdullien.github.io/about/">Thomas Dullien/Halvar Flake</a></li> <li><a href="https://de.wikipedia.org/wiki/Mathematik">Mathematik, with a K</a></li> <li><a href="http://pearlsofrawnerdism.com/life-and-maths/">Stages of life vs. maths ability required</a>, by Pearls of Raw Nerdism</li> <li><a href="https://en.wikipedia.org/wiki/Vicky_the_Viking">Vicky the Viking</a> TV show</li> <li><a href="https://www.goodreads.com/book/show/539154.Assembly_Language_Master_Class"> Assembly Language Masterclass</a></li> <li><a href="https://www.pagetable.com/?p=1449">GEOS copy protection</a> by Michael Stiel</li> <li><a href="https://en.wikipedia.org/wiki/Time_travel_debugging">Time travel debugging</a></li> <li><a href="https://www.zdnet.com/article/german-hacker-denied-entry-into-u-s-for-black-hat-training/"> “German hacker denied entrance into US for Black Hat training”</a></li> <li><a href="http://blog.zynamics.com/2011/03/01/zynamics-acquired-by-google/">Zynamics acquired by Google</a> <ul> <li><a href="https://www.zynamics.com/bindiff.html">BinDiff</a></li> <li><a href="https://www.zynamics.com/binnavi.html">BinNavi</a></li> </ul> </li> <li><a href="https://googleprojectzero.blogspot.com/">Project Zero</a></li> <li>“For whom?”, asked <a href="https://en.wikipedia.org/wiki/Robert_Morris_(cryptographer)">R Morris Sr.</a></li> <li><a href="https://web.archive.org/web/20190607200517/https://optimyze.cloud/#services"> optimyze.cloud’s original business model</a></li> <li><a href="https://prodfiler.com/blog/introducing-prodfiler/">Introducing Prodfiler</a></li> <li><a href="https://en.wikipedia.org/wiki/Profiling_(computer_programming)">Profiling</a></li> <li><a href="https://research.google/pubs/pub35290/">The Datacenter As A Computer: An Introduction to the Design of Warehouse-Scale Machines</a></li> <li><a href="https://research.google/pubs/pub36575/">Google-Wide Profiling: A Continuous Profiling Infrastructure for Data Centers</a> <ul> <li><a href="https://research.google/pubs/pub36356/">Dapper, a Large-Scale Distributed Systems Tracing Infrastructure</a> and <a href="https://www.jaegertracing.io/">Jaeger</a></li> </ul> </li> <li><a href="https://prodfiler.com/blog/the-mystery-of-kubelet-eating-cpu-and-iops/"> The mystery of Kubelet eating CPU and IOPS</a></li> <li><a href="https://fortran.io/">Fortran Web Framework</a>: it’s not irrelevant, really!</li> <li><a href="https://twitter.com/halvarflake">Halvar Flake</a> on Twitter</li> </ul>