Skip to main content

Posts

Showing posts from 2022

Fractals and Mandelbrot Set

While mathematics is in itself quite interesting and forms the basis of any modern day research, be it computational biology, machine learning or building complex structure, it can be quite a challenge to decide where to start.  That is why i decided to explore Fractals, thinking of it as a bridge between the nature and science. It brings in some really fascinating concepts which should be good enough for me as a gateway go deeper.  Fractals are in simple language never ending patterns which keep on repeating without an end, because fractals are never ending they have an infinite perimeter but finite area.  Since the patterns repeats indefinitely but if you draw a circle around the peremeter the area will remain finite.  It is like adding 1+0.1+0.01+0.001 and never making 2 This video explains the basic concept really well  Fractals are found everywhere nature in Trees, Rivers, Branching patterns, Hurricanes and Galaxies. It tries to bring order and understanding to the patterns that w

Cilium

  Cilium operates at L3/L4 to provide trasitional networking and security services It also works at L7 to provide application level servies like gRPC, HTTP, Kafka Cilium inserts itself in the kernel at Network IO Application Sockets and Tracepoints to implement security and visibility. Intelligent Routing Cilium can do more intelligent routing other than opening or blocking a port Allow all HTTP requests with method GET and path /public/.*. Deny all other requests. Allow service1 to produce on Kafka topic topic1 and service2 to consume on topic1. Reject all other Kafka messages. Require the HTTP header X-Token: [0-9]+ to be present in all REST calls. More examples of policies at  https://docs.cilium.io/en/stable/policy/#layer-7 Service to Service Communication

eBPF and Kubernetes

Scaling Kubernetes There are monitoring and logging systems, but its tough to monitor everything in a accurately and in a similar manner in a distributed environment The Kubernetes cluster does not expose kernel level monitoring data Process/Service Specific Monitoring Since Kubernetes Service is at the end a Process run by the linux Kernel With eBPF it is easy to monitor a specific process, so teams can monitor a process running across all of their infrastructure nodes. More granular than logs No special instrumentation needed unlike the sidecar pattern eBPF install a very small overhead Challenges There is no easy way to install eBPF on all nodes of the cluster, orchestration is a challenge, they can use Cilium like tools to get more visibility into their cluster though. References: https://searchitoperations.techtarget.com/answer/Why-and-how-to-use-eBPF-for-Kubernetes-scaling

eBPF

Written on: Jan 6th 2022 While Linux is a great operating system but because of the nature of the how it is built in an open source community it is not the mostly friendly operating system out there, there are [[challenges in modifying the kernel]], adding modules and with the new AI/IoT based devices using linux, there are even more challenges in debugging, tracking, tracking and modifying. Extended Berkley Packet Filter tries to solve this problem to extending, debugging the kernel by posing itself as a kernel technology which would let you extend the kernel without editing the source code or adding additional modules ( thus avoiding recompilation), it can be thought of as a lighter virtual machine linked with the kernel ( similar to the Lua JIT compiler in nginx ?) where programs can run BPF bytecode with all the kernel resources available in a single location Its like a program which runs in user space, but can extend the kernel as kernel calls it and runs the bytecode in a sandbox