Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ricc-20210826

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Tomoki Sugiura Tomoki Sugiura
August 26, 2021
Programming
580
0

 ricc-20210826

Avatar for Tomoki Sugiura

Tomoki Sugiura

August 26, 2021

More Decks by Tomoki Sugiura

See All by Tomoki Sugiura
CiliumによるKubernetes Network Policyの実現 CNDT2021
Avatar for Tomoki Sugiura shanpu
0
1.4k
naist colloquium-B 2
Avatar for Tomoki Sugiura shanpu
0
240
IOT53
Avatar for Tomoki Sugiura shanpu
0
120
RICC-PIoT Workshop 2021
Avatar for Tomoki Sugiura shanpu
0
690
ricc-nii-2020
Avatar for Tomoki Sugiura shanpu
0
150
Cloud Native Kansai #05 LT4
Avatar for Tomoki Sugiura shanpu
1
1.1k
gcpug-kyoto#2-LT1
Avatar for Tomoki Sugiura shanpu
0
710
kubernetes-seminar
Avatar for Tomoki Sugiura shanpu
0
200
KansaiLT2
Avatar for Tomoki Sugiura shanpu
0
290

Other Decks in Programming

See All in Programming
Structured Concurrency, Scoped Values and Joiners in the JDK 25 26 27
Avatar for José josepaumard
1
140
Kingdom of the Machine
Avatar for yui-knk yui_knk
2
1.4k
書籍「ユーザーストーリーマッピング」が私のバイブル
Avatar for asumikam asumikam
4
480
KMP × Kotlin 2.3 - How Android Got Slower While iOS Builds Improved by 47%
Avatar for Ryosuke Shimizu (RIO) rio432
0
130
Claude Code × Gemini × Ebitengine ゲーム制作素人WebエンジニアがGoでゲームを作った話
Avatar for webzawa webzawa
0
220
JAWS-UG横浜 #100 祝・第100回スペシャル AWS は VPC レスの時代へ
Avatar for maroon1st maroon1st
0
220
AI時代のエンジニアリングの原則 / Engineering Principles in the AI ​​Era
Avatar for haru860 haru860
0
1.1k
ついに来た!本格的なマルチクラウド時代の Google Cloud
Avatar for maroon1st maroon1st
0
390
ソフトウェア設計の結合バランス #phperkaigi
Avatar for Takuma Kajikawa kajitack
0
490
Road to RubyKaigi: Play Hard(ware)
Avatar for makicamel makicamel
1
550
ふにゃっとしない名前の付け方 〜哲学で茹で上げる、コシのあるソフトウェア設計〜
Avatar for akshimo shimomura
0
110
The Past, Present, and Future of Enterprise Java
Avatar for ivargrimstad ivargrimstad
0
520

Featured

See All Featured
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
370
20k
The untapped power of vector embeddings
Avatar for Frank van Dijk frankvandijk
2
1.7k
Code Review Best Practice
Avatar for Trisha Gee trishagee
74
20k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
55
9.9k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
35
2.4k
エンジニアに許された特別な時間の終わり
Avatar for watany watany
106
240k
We Are The Robots
Avatar for Honza Javorek honzajavorek
0
220
jQuery: Nuts, Bolts and Bling
Avatar for Doug Neiner dougneiner
66
8.4k
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
1
540
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
Avatar for Andy Polaine apolaine
0
300
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
275
41k
Google's AI Overviews - The New Search
Avatar for Barry Adams badams
0
1k

Transcript

  1. Cilium Explicit Allow- Listing for ICMP GSoC 2021 3*$$೥౓ୈҰճݚڀ߹॓ /"*454%-BC.

    ਿӜஐج

  2. ֓ཁ 2 ˓ (PPHMF4VNNFSPG$PEFʢ(4P$ʣʹࢀՃ͠·ͨ͠ ˓ $JMJVNͱ͍͏ωοτϫʔΫ044ͷػೳ௥ՃΛ୲౰ ˔ *$.1ύέοτͷϑΟϧλʔػೳ ˓ ͜ͷൃදͰ͸$JMJVN΍ػೳͷ࣮૷ʹ͍ͭͯ঺հ

  3. Google Summer of CodeʢGSoCʣ 3 ˓ (PPHMFओ࠵ͷֶੜͷ044ߩݙΛࢧԉ͢ΔϓϩάϥϜ ˓ ֶੜ͸ϦετΞοϓ͞Εͨ044ʹରͯ͠ػೳ௥Ճͷ ϓϩϙʔβϧΛఏग़

    ˓ ࠾୒͞ΕͨΒʙ݄ͷिؒͰ࣮૷ ˔ ϝϯλʔ͋Γ ˓ தؒ৹ࠪɼ࠷ऴ৹ࠪͦΕͧΕ௨Δ͝ͱʹใ঑ۚ ˓ $JMJVNωοτϫʔΫϙϦγʔͷ*$.1ରԠ

  4. Cilium 4 ˓ ,VCFSOFUFTͷ$/*ϓϥάΠϯͷҰछ ˔ IUUQTHJUIVCDPNDJMJVNDJMJVN ˓ ॲཧج൫ʹF#1'Λ࢖༻ ˓ $/*ϓϥάΠϯք۾ͷதͰΞπ͍ଘࡏ

    ˔ (,&EBUBQMBOFWʹ࠾༻ ˔ $/$'JODVCBUJOHQSPKFDU΁ొ࿥ਃ੥த ˗ IUUQTHJUIVCDPNDODGUPDQVMM ˔ ೔ຊͰ͸͋·Γ࢖ΘΕͯͳ͍ ҹ৅ 🥺

  5. Kubernetes 5 ˓ ίϯςφΦʔέετϨʔγϣϯπʔϧͷσϑΝΫτ ˓ ෳ਺ͷίϯςφɺෳ਺ͷϊʔυΛ؅ཧ ˔ εέδϡʔϦϯά ˔ ࣗಈ෮چ

    ˔ ϘϦϡʔϜͷׂΓ౰ͯ ˔ FUD ˓ એݴతૢ࡞ͱϦίϯαΠϧϧʔϓʢௐ੔ϧʔϓʣ ˓ ΦϖϨʔλͷ࢓૊ΈΛ࢖ͬͯίϯςφҎ֎΋ ؅ཧ ˔ ίϯςφΦʔέετϨʔγϣϯ΋Ͱ͖Δπʔϧ

  6. KubernetesͱCNIϓϥάΠϯ 6 ˓ ,VCFSOFUFT͸ίϯςφͷωοτϫʔΫ*'ͷ࡞੒Λ֎෦ ϓϥάΠϯʹ೚͍ͤͯΔ ˔ ͦΕΛ୲͏ͷ͕$POUBJOFS/FUXPSL*OUFSGBDFʢ$/*ʣ ϓϥάΠϯ ˔ $/*ϓϥάΠϯ͸,VCFSOFUFTઐ༻πʔϧͰ͸ͳ͍

    ˓ 1PEʢ㲈$POUBJOFSʣੜ੒࣌ʹ,VCFMFU͕$/*ϓϥάΠϯ Λىಈ ˓ $/*ϓϥάΠϯͷ੹೚ൣғ͸͋͘·Ͱ*'ͷ࡞੒͕ͩ ωοτϫʔΫपΓͷॾʑΛ୲͍ͬͯΔ

  7. KubernetesͱCNIϓϥάΠϯ 7 ˓ $/*ͷఆٛ͸͜͜ ˓ $/*ͷఏڙ͢΂͖ػೳ ˔ "%% ˗ ίϯςφʹωοτϫʔΫ*'Λ௥ՃPSߋ৽

    ˔ %&- ˗ ίϯςφͷωοτϫʔΫ*'Λ࡟আPS6OEP ˔ $)&$, ˗ ίϯςφͷωοτϫʔΫ*'ͷঢ়ଶ֬ೝ ˔ 7&34*0/ ˗ $/*ϓϥάΠϯͷόʔδϣϯ֬ೝ

  8. ୅දతͳCNIϓϥάΠϯ 8 ˓ 'MBOOFM ˓ $BMJDP ˓ 8FBWF ˓ $JMJVN

  9. Ciliumͷಛ௃ 9 ˓ F#1'Λॲཧج൫ʹ׆༻ ˔ 9%1ʹΑΔύέοτॲཧͷߴ଎Խ ˗ JQUBCMFTΑΓ΋ύϑΥʔϚϯεߴ ˔ ௨৴ଳҬ؅ཧ

    ˔ ॆ࣮ͨ͠؂ࢹػೳ ˓ ΤϯυϙΠϯτͷ*%ϕʔε؅ཧʢOPU*1ΞυϨεʣ ˔ LT্ͷΞϓϦέʔγϣϯ͸*1ΞυϨε͕සൟʹมΘΔ

  10. eBPF 10 ˓ FYUFOEFE#FSLFMFZ1BDLFU'JMUFS ˔ 1BDLFU'JMUFSͱݴ͍ͭͭγεςϜίʔϧͷϑΟϧλϦϯάΛ ͨ͠ΓϓϩάϥϜͷτϨʔγϯάΛͨ͠Γ ˓ ಠ໋ࣗྩηοτΛ΋ͬͨΧʔωϧ಺Ծ૝ϚγϯͰ࣮ߦ ˔

    γεςϜ7.͡Όͳͯ͘ϓϩηε7. ˔ ϓϩάϥϜͷݕࠪػߏ͕͋Δ ˓ $ݴޠͰهड़ ˓ ࠷ۙF#1''PVOEBUJPO͕-JOVY'PVOEBUJOࡿԼʹ Ͱ͖ͨ

  11. Kubernetesʹ͓͚ΔNetwork Policy 11 ˓ $/*ϓϥάΠϯ͕ػೳΛ͍࣋ͬͯΕ͹࢖༻Մೳ ˓ ҎԼͷཁૉͰϗϫΠτϦετΛ࡞੒ ˔ *1ΞυϨε ˔

    ໊લۭؒ ˔ ϥϕϧ ˔ ϙʔτ൪߸ /FUXPSL1PMJDZྫ

  12. Cilium Network PolicyʢCNPʣ 12 ˓ $/1͸,VCFSOFUFT/FUXPSL1PMJDZͷ֦ு ˔ 4FSWJDF ˔ &OUJUZ

    ˔ '2%/ ˔ -ʢ)551ɼ,BGLBʣ ˔ FUD ˓ BMMPXEFOZ྆ํՄೳ -$/1ͷྫ

  13. CNPͱICMP 13 ˓ ͔͠͠*$.1ͷBMMPXEFOZػೳ͸ͳ͔ͬͨ ˔ -ͷBMMPXϧʔϧΛ࡞Δͱ-΋ࣗಈతʹઃఆ͞ΕΔ ˠ*$.1શͯυϩοϓ ˓ ແ͍ͳΒ࡞Ζ͏

  14. Ciliumʹ͓͚ΔPolicyͷ࣮ݱ 14 /FUXPSL1PMJDZΛهड़ͨ͠ ϚχϑΣετϑΝΠϧ

  15. Ciliumʹ͓͚ΔPolicyͷ࣮ݱ 15 ਖ਼͍͔͠νΣοΫ F#1'.BQߏ଄ମ (P Ϣʔβۭ֤ؒϊʔυʹͯ /1༻F#1'.BQʹ ରԠ͢Δߏ଄ମʹม׵ F#1'.BQʹ௥Ճ

  16. Ciliumʹ͓͚ΔPolicyͷ࣮ݱ 16 ύέοτ F#1'.BQ Χʔωϧۭؒ ϔομΛಡΈऔͬͯ ߏ଄ମʹม׵ F#1'.BQLFZ র߹͢Δ 1BTT

    %SPQ

  17. ICMP Policyͷ࣮૷1 17 ਖ਼͍͔͠νΣοΫ Ϣʔβۭ֤ؒϊʔυʹͯ /1༻F#1'.BQʹ ରԠ͢Δߏ଄ମʹม׵ F#1'.BQʹ௥Ճ *$.1ϑΟʔϧυͷνΣοΫ *$.1UZQFΛ%FTU1PSUʹೖΕΔ

  18. ICMP Policyͷ࣮૷2 18 ύέοτ F#1'.BQ Χʔωϧۭؒ ϔομΛಡΈऔͬͯ ߏ଄ମʹม׵ F#1'.BQLFZ র߹͢Δ

    1BTT %SPQ *$.1ϔομΛಡΈऔΓ

  19. ICMP Policyͷ࣮૷3 19 ˓ ৄ͘͠͸ͪ͜Β ˔ IUUQTHJTUHJUIVCDPNDIF[TIBOQV DBDBDDGBGGDBE

  20. ۤ࿑ϙΠϯτ 20 ˓ F#1'͸ϓϩάϥϜαΠζʢ໋ྩ਺ʣͷ੍ݶ͋Γ ˔ ΧʔωϧόʔδϣϯʹΑͬͯҧ͏ͷͰͦΕͧΕͰ֬ೝ ˔ ͜ͷ੍ݶʹΑΓ*$.1ϑΟϧλʔ͸Ծ࣮૷ঢ়ଶ🥺 ˓ ʢ୭͔͕͕$*յ͢ͱࣗ෼ͷมߋΛϚʔδͯ͠΋Β͑ͳ͍ʣ

  21. ·ͱΊ 21 ˓ ,VCFSOFUFT͸ωοτϫʔΫػೳΛ$/*ϓϥάΠϯʹҕ೚ ˓ $JMJVN͸F#1'Λ࢖ͬͨ$/*ϓϥάΠϯͷҰͭ ˓ F#1'ͷ੍ݶ͔Β*$.1ϑΟϧλʔػೳ͸Ծ࣮૷ঢ়ଶ ˓ (4P$͸ऴΘΓ·͕ͨ͠ɼ΋͏ͪΐͬͱؤுΓ·͢