I recommend this introduction to SDN (Software Defined Networking) from Nick McKeown in the Open Networking Summit. I love the example he gives where SDNs are used for implementing an intelligent distributed load balancer in a complex country-wide topology. I have also discovered the Mininet network simulator, a “real-network” simulator based on Linux namespaces and their ability to have isolated network spaces in a kernel.
"Metal as a service" is one of the last cutting edge technology in the cloud world, where a provider does not offer you a virtual machine but a physical, bare-metal machine, something where you can install whatever OS you want to run. More power for you, but also more difficult to maintain and more expensive.
Canonical is really into it (with Juju) and Openstack has some support in the latest version, and there are some providers (ie, baremetalcloud, stormondemand, etc) that already offer these features as well…
An explanation on how Valgrind works. Basically, Valgrind acts as a virtual machine that executes your program, intercepting every single call to allocate/free memory, and performing some accountancy for detecting memory leaks.
A look at how Go programs keep time information in Linux. Syscalls, monotonic clocks and locales…
CoreOS is just that: a core Linux operating system. Designed as a minimal Linux, it is free of all the packages that come pre-installed with standard distributions. The reason for that is because, once the OS has booted up, CoreOS has been designed for running docker containers.
CoreOS has some unique features, like:
- some sort of dual-boot feature for auto-updates, where one instance of the OS updates the main installation
- fleet, a cluster management tool that promises to be like systems for clusters (developed in Go)
- and etcd, a distributed key-value database (also developed in Go), as the main configuration system.
Namespaces is a Linux abstraction that makes a system resource to appear within that namespace as an isolated instance. For example:
Network namespaces […] provide isolation of the system resources associated with networking. Thus, each network namespace has its own network devices, IP addresses, IP routing tables, /proc/net directory, port numbers, and so on.
So processes associated with a namespace will see completely different network devices, routing tables, etc. than other processes running in the same system. This enables one of the most important lightweight “virtualization" technologies used nowadays, containers, where a group of processes have the illusion they are the only ones running on bare metal hardware.
There are currently 6 different types of namespaces (mount, UTS, IPC, PID, network, user). But one of the most interesting things is yet to come:
Starting in Linux 3.8, unprivileged processes can create user namespaces, which opens up a raft of interesting new possibilities for applications
The most common case would be a unprivileged process (i.e., user) that becomes root when entering a particular namespace.
A new deadlock detection library, based on the same code already found on the Linux kernel since v2.6, promises to detect wrong mutexes usages in user-space programs. It is mainly targeted to C/C++ programs, as it replaces pthread_mutex_t (and associated functions) with some wrappers, and depends on the Linux kernel for the detection.
I didn’t know Linux had builtin support for TIPC, the Transparent Inter-process Communication (TIPC). TIPC is a protocol for inter-process communication in clusters, with interesting things like very small latency, local peers discovery, reliable and unreliable messages, etc…