Open source project recommendation
LSF
This project can run the FreeBSD subsystem on Linux systems, and theoretically supports other Unix-like systems, and can run in Docker containers.
E.g:
(linux)$ docker build -t lsf .
(linux)$ docker run -it --rm --security-opt seccomp=unconfined lsf
# file /bin/sh
/bin/sh: ELF 64-bit LSB pie executable, x86-64, version 1 (FreeBSD), dynamically linked, interpreter /libexec/ld-elf.so.1, for FreeBSD 13.1, FreeBSD-style, stripped
# uname -a
FreeBSD 177f2177ddab 13.1-RELEASE-p1 FreeBSD 13.1-RELEASE-p1 LSF amd64Phantun
A powerful UDP tunneling tool, written entirely in Rust, that obfuscates UDP packets into TCP packets via the tun NIC, thereby bypassing UDP blocking or QoS. The following is a performance test comparison with udp2raw:
k8s-pod-restart-info-collector
This is a Kubernetes controller that observes Pod state changes and collects Pod restart reasons, logs, and events when Pod restarts, and sends them to Slack channels.
buildg
This is a Dockerfile real-time debugging tool based on Buildkit, supports breakpoint debugging, provides an interactive shell, and also provides IDE plug-ins such as VS Code, which can be debugged directly in the IDE.
q
This is a DNS domain name query tool written in Go, supporting UDP, TCP, DoT, DoH, DoQ and ODoH. E.g:
$ q A AAAA kubesphere.io -s tls://dot.pub
kubesphere.io. 5m0s A 104.21.80.188 [美国 CloudFlare公司CDN节点]
kubesphere.io. 5m0s A 172.67.153.33 [美国 CloudFlare节点]
kubesphere.io. 5m0s AAAA 2606:4700:3030::ac43:9921 [全球 Cloudflare, Inc. Anycast网段]
kubesphere.io. 5m0s AAAA 2606:4700:3032::6815:50bc [全球 Cloudflare, Inc. Anycast网段]proxmox-exporter
This is a Proxmox Exporter to monitor Proxmox and support node temperature monitoring.
Article recommendation
KubeSphere three-step integration of enterprise-level mirror warehouse Harbor
Although KubeSphere provides an operation-friendly wizard-style interface that can help us quickly build a powerful and feature-rich container cloud platform, in practice, the image push of our service needs to be done manually on all nodes in the cluster docker build , very inconvenient. So we need a private mirror repository.
What is CKS certification? How to prepare for the exam?
CKA and CKS are the authoritative technical level certification exams in the field of cloud native technology organized by the Linux Foundation and the CNCF community. The exams are conducted in practice. CKS stands for Certified Kubernetes Security Specialist, which tests candidates' knowledge of Kubernetes and cloud security in a simulated real-world environment. Before taking the CKS exam, you must have passed the CKA (Kubernetes administrator certification), and you can book the CKS exam after obtaining the CKA certificate.
This article records the knowledge points obtained in the CKS exam and shares it with students who need it.
Deploy Single Node ClickHouse in Production
ClickHouse is a columnar storage database for Online Analytical Processing (OLAP: Online Analytical Processing) MPP architecture open sourced by Yandex in Russia in 2016. It can be scaled linearly, either as a single instance or as a cluster deployment. This article describes how to deploy a single-node ClickHouse in AWS, monitor it, and automate backups.
Cloud Native Dynamics
Istio 1.15 released
A few days ago, Istio 1.15 was released, which is the third Istio release in 2022. With the release of Istio 1.15, you can deploy Istio on the arm64 architecture out of the box, without having to compile the image for the arm architecture yourself.
Argo Rollouts 1.3 Pre-Release
Argo Rollouts 1.3 is coming! The new version has the following major changes:
- Header-based routing (Istio): Argo Rollouts has a new step in the rollouts resource called setHeaderRoute that allows users to match specific request headers to send traffic to canary pods.
- Traffic mirroring (Istio): Similar to Header-based routing, the new traffic mirroring feature also defines a new step in the Rollout resource called setMirrorRoute that configures how traffic is mirrored to the canary service.
- Traefik routing support: Argo Rollouts now supports Traefik in Canary deployments.
- Dashboard Improvements: The Argo Rollouts dashboard has been enhanced to provide more information in the UI, showing users the details of an analysis run. The canary scale box can also be expanded to reveal more detail.
- InfluxDB Metrics Provider Support: It is now possible to use InfluxDB as a metric provider during Argo Rollouts analysis.
Grafana Tempo 1.5 Released
The main feature of Grafana Tempo 1.5 is experimental support for Parquet. This new column format unlocks the next iteration of Tempo as a distributed tracing backend. This format allows us to extract 5 to 10 times as much data from the backend of each query by focusing only on the columns specified in the query. Additionally, this format allows advancing plans for TraceQL, a new trace query language based on Parquet's Grafana Tempo.
Another important feature is the addition of queues and databases to service graph metrics. Tempo uses standard notation defined by OpenTelemetry semantic conventions to generate metrics representing the roles of queues and databases in the service graph.
Kubernetes 1.25: cgroup v2 officially GA
cgroup v2 is the latest version of the Linux cgroup API. cgroup v2 provides a unified control system with enhanced resource management capabilities.
cgroup v2 includes several improvements over cgroup v1, such as:
- Single Unified Hierarchy Design in API
- Safer subtree delegation to containers
- New features such as pressure stall information
Enhanced resource allocation management and isolation across multiple resources
- Unified accounting of different types of memory allocations (network and kernel memory, etc.)
Account for non-immediate resource changes, such as page cache writebacks
This article is published by OpenWrite , a multi-post blog platform!
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。