Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ricc-20210826

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Tomoki Sugiura Tomoki Sugiura
August 26, 2021
Programming
580
0

 ricc-20210826

Avatar for Tomoki Sugiura

Tomoki Sugiura

August 26, 2021

More Decks by Tomoki Sugiura

See All by Tomoki Sugiura
CiliumによるKubernetes Network Policyの実現 CNDT2021
Avatar for Tomoki Sugiura shanpu
0
1.4k
naist colloquium-B 2
Avatar for Tomoki Sugiura shanpu
0
240
IOT53
Avatar for Tomoki Sugiura shanpu
0
120
RICC-PIoT Workshop 2021
Avatar for Tomoki Sugiura shanpu
0
700
ricc-nii-2020
Avatar for Tomoki Sugiura shanpu
0
150
Cloud Native Kansai #05 LT4
Avatar for Tomoki Sugiura shanpu
1
1.1k
gcpug-kyoto#2-LT1
Avatar for Tomoki Sugiura shanpu
0
720
kubernetes-seminar
Avatar for Tomoki Sugiura shanpu
0
200
KansaiLT2
Avatar for Tomoki Sugiura shanpu
0
290

Other Decks in Programming

See All in Programming
JavaDoc 再入門
Avatar for nagise nagise
0
220
Spec-Driven Development with AI-Agents: From High-Level Requirements to Working Software
Avatar for Anton Arhipov antonarhipov
2
390
tsserverとは何だったのか、これからどうなるのか
Avatar for Ryota Nakamura nowaki28
1
420
Augmenting AI with the Power of Jakarta EE
Avatar for ivargrimstad ivargrimstad
0
390
初めてのRubyKaigiはこう見えた
Avatar for asano jellyfish700
0
360
These Five Tricks Can Make Your Apps Greener, Cheaper, & Nicer
Avatar for Holly Cummins hollycummins
0
250
TSKaigi 2026 TypeScriptバックエンドのオブザーバビリティ戦略 — Datadog × NestJSの実践
Avatar for Taisei Yamamoto taiseiyamamotoan
1
210
[KCD Czech] eBPF Meets the GPU: Future of AI Infra Observability
Avatar for Donia Chaiehloudj doniacld
0
130
運用エージェントは "作る" から "育てる" へ - 記憶と自己進化の3層設計パターン / self-evolving-agents-three-layer-agent-design
Avatar for geeawa gawa
12
3.3k
Oxlintはいかにしてtsgolintのlint ruleを呼び出しているのか
Avatar for syumai syumai
2
1k
誰も頼んでない機能を出荷した話
Avatar for Hidetaka Toriyama zekutax
0
150
AI駆動開発勉強会 広島支部 第一回勉強会 AI駆動開発概要とワークショップ
Avatar for smz hyt hayatoshimiu
0
410

Featured

See All Featured
Avoiding the “Bad Training, Faster” Trap in the Age of AI
Avatar for Mike Taylor tmiket
0
160
WCS-LA-2024
Avatar for Leonardo Collado-Torres lcolladotor
0
610
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
659
62k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
Avatar for Helen Beal helenjbeal
1
190
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
348
40k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
Ten Tips & Tricks for a 🌱 transition
Avatar for Manu Carrasco Molina stuffmc
0
120
Dominate Local Search Results - an insider guide to GBP, reviews, and Local SEO
Avatar for Greg Gifford greggifford
PRO
0
180
Lessons Learnt from Crawling 1000+ Websites
Avatar for Charles Meaden charlesmeaden
PRO
1
1.3k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
29
4.3k
Design in an AI World
Avatar for tapps tapps
1
220
How to Grow Your eCommerce with AI & Automation
Avatar for Katarina Dahlin katarinadahlin
PRO
1
190

Transcript

  1. Cilium Explicit Allow- Listing for ICMP GSoC 2021 3*$$೥౓ୈҰճݚڀ߹॓ /"*454%-BC.

    ਿӜஐج

  2. ֓ཁ 2 ˓ (PPHMF4VNNFSPG$PEFʢ(4P$ʣʹࢀՃ͠·ͨ͠ ˓ $JMJVNͱ͍͏ωοτϫʔΫ044ͷػೳ௥ՃΛ୲౰ ˔ *$.1ύέοτͷϑΟϧλʔػೳ ˓ ͜ͷൃදͰ͸$JMJVN΍ػೳͷ࣮૷ʹ͍ͭͯ঺հ

  3. Google Summer of CodeʢGSoCʣ 3 ˓ (PPHMFओ࠵ͷֶੜͷ044ߩݙΛࢧԉ͢ΔϓϩάϥϜ ˓ ֶੜ͸ϦετΞοϓ͞Εͨ044ʹରͯ͠ػೳ௥Ճͷ ϓϩϙʔβϧΛఏग़

    ˓ ࠾୒͞ΕͨΒʙ݄ͷिؒͰ࣮૷ ˔ ϝϯλʔ͋Γ ˓ தؒ৹ࠪɼ࠷ऴ৹ࠪͦΕͧΕ௨Δ͝ͱʹใ঑ۚ ˓ $JMJVNωοτϫʔΫϙϦγʔͷ*$.1ରԠ

  4. Cilium 4 ˓ ,VCFSOFUFTͷ$/*ϓϥάΠϯͷҰछ ˔ IUUQTHJUIVCDPNDJMJVNDJMJVN ˓ ॲཧج൫ʹF#1'Λ࢖༻ ˓ $/*ϓϥάΠϯք۾ͷதͰΞπ͍ଘࡏ

    ˔ (,&EBUBQMBOFWʹ࠾༻ ˔ $/$'JODVCBUJOHQSPKFDU΁ొ࿥ਃ੥த ˗ IUUQTHJUIVCDPNDODGUPDQVMM ˔ ೔ຊͰ͸͋·Γ࢖ΘΕͯͳ͍ ҹ৅ 🥺

  5. Kubernetes 5 ˓ ίϯςφΦʔέετϨʔγϣϯπʔϧͷσϑΝΫτ ˓ ෳ਺ͷίϯςφɺෳ਺ͷϊʔυΛ؅ཧ ˔ εέδϡʔϦϯά ˔ ࣗಈ෮چ

    ˔ ϘϦϡʔϜͷׂΓ౰ͯ ˔ FUD ˓ એݴతૢ࡞ͱϦίϯαΠϧϧʔϓʢௐ੔ϧʔϓʣ ˓ ΦϖϨʔλͷ࢓૊ΈΛ࢖ͬͯίϯςφҎ֎΋ ؅ཧ ˔ ίϯςφΦʔέετϨʔγϣϯ΋Ͱ͖Δπʔϧ

  6. KubernetesͱCNIϓϥάΠϯ 6 ˓ ,VCFSOFUFT͸ίϯςφͷωοτϫʔΫ*'ͷ࡞੒Λ֎෦ ϓϥάΠϯʹ೚͍ͤͯΔ ˔ ͦΕΛ୲͏ͷ͕$POUBJOFS/FUXPSL*OUFSGBDFʢ$/*ʣ ϓϥάΠϯ ˔ $/*ϓϥάΠϯ͸,VCFSOFUFTઐ༻πʔϧͰ͸ͳ͍

    ˓ 1PEʢ㲈$POUBJOFSʣੜ੒࣌ʹ,VCFMFU͕$/*ϓϥάΠϯ Λىಈ ˓ $/*ϓϥάΠϯͷ੹೚ൣғ͸͋͘·Ͱ*'ͷ࡞੒͕ͩ ωοτϫʔΫपΓͷॾʑΛ୲͍ͬͯΔ

  7. KubernetesͱCNIϓϥάΠϯ 7 ˓ $/*ͷఆٛ͸͜͜ ˓ $/*ͷఏڙ͢΂͖ػೳ ˔ "%% ˗ ίϯςφʹωοτϫʔΫ*'Λ௥ՃPSߋ৽

    ˔ %&- ˗ ίϯςφͷωοτϫʔΫ*'Λ࡟আPS6OEP ˔ $)&$, ˗ ίϯςφͷωοτϫʔΫ*'ͷঢ়ଶ֬ೝ ˔ 7&34*0/ ˗ $/*ϓϥάΠϯͷόʔδϣϯ֬ೝ

  8. ୅දతͳCNIϓϥάΠϯ 8 ˓ 'MBOOFM ˓ $BMJDP ˓ 8FBWF ˓ $JMJVN

  9. Ciliumͷಛ௃ 9 ˓ F#1'Λॲཧج൫ʹ׆༻ ˔ 9%1ʹΑΔύέοτॲཧͷߴ଎Խ ˗ JQUBCMFTΑΓ΋ύϑΥʔϚϯεߴ ˔ ௨৴ଳҬ؅ཧ

    ˔ ॆ࣮ͨ͠؂ࢹػೳ ˓ ΤϯυϙΠϯτͷ*%ϕʔε؅ཧʢOPU*1ΞυϨεʣ ˔ LT্ͷΞϓϦέʔγϣϯ͸*1ΞυϨε͕සൟʹมΘΔ

  10. eBPF 10 ˓ FYUFOEFE#FSLFMFZ1BDLFU'JMUFS ˔ 1BDLFU'JMUFSͱݴ͍ͭͭγεςϜίʔϧͷϑΟϧλϦϯάΛ ͨ͠ΓϓϩάϥϜͷτϨʔγϯάΛͨ͠Γ ˓ ಠ໋ࣗྩηοτΛ΋ͬͨΧʔωϧ಺Ծ૝ϚγϯͰ࣮ߦ ˔

    γεςϜ7.͡Όͳͯ͘ϓϩηε7. ˔ ϓϩάϥϜͷݕࠪػߏ͕͋Δ ˓ $ݴޠͰهड़ ˓ ࠷ۙF#1''PVOEBUJPO͕-JOVY'PVOEBUJOࡿԼʹ Ͱ͖ͨ

  11. Kubernetesʹ͓͚ΔNetwork Policy 11 ˓ $/*ϓϥάΠϯ͕ػೳΛ͍࣋ͬͯΕ͹࢖༻Մೳ ˓ ҎԼͷཁૉͰϗϫΠτϦετΛ࡞੒ ˔ *1ΞυϨε ˔

    ໊લۭؒ ˔ ϥϕϧ ˔ ϙʔτ൪߸ /FUXPSL1PMJDZྫ

  12. Cilium Network PolicyʢCNPʣ 12 ˓ $/1͸,VCFSOFUFT/FUXPSL1PMJDZͷ֦ு ˔ 4FSWJDF ˔ &OUJUZ

    ˔ '2%/ ˔ -ʢ)551ɼ,BGLBʣ ˔ FUD ˓ BMMPXEFOZ྆ํՄೳ -$/1ͷྫ

  13. CNPͱICMP 13 ˓ ͔͠͠*$.1ͷBMMPXEFOZػೳ͸ͳ͔ͬͨ ˔ -ͷBMMPXϧʔϧΛ࡞Δͱ-΋ࣗಈతʹઃఆ͞ΕΔ ˠ*$.1શͯυϩοϓ ˓ ແ͍ͳΒ࡞Ζ͏

  14. Ciliumʹ͓͚ΔPolicyͷ࣮ݱ 14 /FUXPSL1PMJDZΛهड़ͨ͠ ϚχϑΣετϑΝΠϧ

  15. Ciliumʹ͓͚ΔPolicyͷ࣮ݱ 15 ਖ਼͍͔͠νΣοΫ F#1'.BQߏ଄ମ (P Ϣʔβۭ֤ؒϊʔυʹͯ /1༻F#1'.BQʹ ରԠ͢Δߏ଄ମʹม׵ F#1'.BQʹ௥Ճ

  16. Ciliumʹ͓͚ΔPolicyͷ࣮ݱ 16 ύέοτ F#1'.BQ Χʔωϧۭؒ ϔομΛಡΈऔͬͯ ߏ଄ମʹม׵ F#1'.BQLFZ র߹͢Δ 1BTT

    %SPQ

  17. ICMP Policyͷ࣮૷1 17 ਖ਼͍͔͠νΣοΫ Ϣʔβۭ֤ؒϊʔυʹͯ /1༻F#1'.BQʹ ରԠ͢Δߏ଄ମʹม׵ F#1'.BQʹ௥Ճ *$.1ϑΟʔϧυͷνΣοΫ *$.1UZQFΛ%FTU1PSUʹೖΕΔ

  18. ICMP Policyͷ࣮૷2 18 ύέοτ F#1'.BQ Χʔωϧۭؒ ϔομΛಡΈऔͬͯ ߏ଄ମʹม׵ F#1'.BQLFZ র߹͢Δ

    1BTT %SPQ *$.1ϔομΛಡΈऔΓ

  19. ICMP Policyͷ࣮૷3 19 ˓ ৄ͘͠͸ͪ͜Β ˔ IUUQTHJTUHJUIVCDPNDIF[TIBOQV DBDBDDGBGGDBE

  20. ۤ࿑ϙΠϯτ 20 ˓ F#1'͸ϓϩάϥϜαΠζʢ໋ྩ਺ʣͷ੍ݶ͋Γ ˔ ΧʔωϧόʔδϣϯʹΑͬͯҧ͏ͷͰͦΕͧΕͰ֬ೝ ˔ ͜ͷ੍ݶʹΑΓ*$.1ϑΟϧλʔ͸Ծ࣮૷ঢ়ଶ🥺 ˓ ʢ୭͔͕͕$*յ͢ͱࣗ෼ͷมߋΛϚʔδͯ͠΋Β͑ͳ͍ʣ

  21. ·ͱΊ 21 ˓ ,VCFSOFUFT͸ωοτϫʔΫػೳΛ$/*ϓϥάΠϯʹҕ೚ ˓ $JMJVN͸F#1'Λ࢖ͬͨ$/*ϓϥάΠϯͷҰͭ ˓ F#1'ͷ੍ݶ͔Β*$.1ϑΟϧλʔػೳ͸Ծ࣮૷ঢ়ଶ ˓ (4P$͸ऴΘΓ·͕ͨ͠ɼ΋͏ͪΐͬͱؤுΓ·͢