Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Device access filtering in cgroup v2

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for KONDO Uchio KONDO Uchio
October 09, 2021
Technology
1
990

Device access filtering in cgroup v2

第15回 コンテナ技術の情報交換会@オンライン -> https://ct-study.connpass.com/event/223739/

Avatar for KONDO Uchio

KONDO Uchio

October 09, 2021
Tweet

More Decks by KONDO Uchio

See All by KONDO Uchio
大規模レガシーテストを 倒すための CI基盤の作り方 / #CICD2023
Avatar for KONDO Uchio udzura
5
2.5k
Ruby x BPF in Action / RubyKaigi 2022
Avatar for KONDO Uchio udzura
0
290
Narrative of Ruby & Rust
Avatar for KONDO Uchio udzura
0
260
開発者生産性指標の可視化 / pepabo-four-keys
Avatar for KONDO Uchio udzura
3
1.8k
Talk of RBS
Avatar for KONDO Uchio udzura
0
490
Re: みなさん最近どうですか? / FGN tech meetup in 2021
Avatar for KONDO Uchio udzura
0
840
Dockerとやわらかい仮想化 - ProSec-IT/SECKUN 2021 edition -
Avatar for KONDO Uchio udzura
2
790
"Story of Rucy" on RubyKaigi takeout 2021
Avatar for KONDO Uchio udzura
0
890
生産性を可視化したい! / SUZURI's four keys
Avatar for KONDO Uchio udzura
11
5.5k

Other Decks in Technology

See All in Technology
ブラックボックス観測に基づくAI支援のプロトコルのリバースエンジニアリングと再現 ~AIを用いたリバースエンジニアリング~ @ SECCON 14 電脳会議 / Reverse Engineering and Reproduction of an AI-Assisted Protocol Based on Black-Box Observation @ SECCON 14 DENNO-KAIGI
Avatar for chibiegg chibiegg
0
140
Kaggleで鍛えたスキルの実務での活かし方 競技とプロダクト開発のリアル
Avatar for Recruit recruitengineers
PRO
1
160
Agentic Software Modernization - Back to the Roots (Zürich Agentic Coding and Architectures, März 2026)
Avatar for Markus Harrer feststelltaste
1
170
管理者向けGitHub Enterpriseの運用Tips紹介: 人にもAIにも優しいプラットフォームづくり
Avatar for yuriemori yuriemori
0
110
【SLO】"多様な期待値" と向き合ってみた
Avatar for kaita z63d
2
310
Introduction to Sansan Meishi Maker Development Engineer
Avatar for Sansan, Inc. sansan33
PRO
0
360
技術的負債の泥沼から組織を救う3つの転換点
Avatar for nwiizo nwiizo
7
2.3k
型を書かないRuby開発への挑戦
Avatar for Shia riseshia
0
190
Data Hubグループ 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
2.8k
LINE Messengerの次世代ストレージ選定
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
19
7.4k
メタデータ同期に潜んでいた問題 〜 Cache Stampede 時の Cycle Wait を⾒つけた話
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
0
150
問い合わせ自動化の技術的挑戦
Avatar for Recruit recruitengineers
PRO
2
150

Featured

See All Featured
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
38
2.8k
Tips & Tricks on How to Get Your First Job In Tech
Avatar for Honza Javorek honzajavorek
0
450
Building Adaptive Systems
Avatar for Chris Keathley keathley
44
2.9k
Prompt Engineering for Job Search
Avatar for Mfonobong Umondia mfonobong
0
180
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
Avatar for Michelle Schulp Hunt marktimemedia
31
2.7k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
13
1.1k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
254
22k
Documentation Writing (for coders)
Avatar for Carmen Chung carmenintech
77
5.3k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
Avatar for Ines Montani inesmontani
PRO
0
250
Mind Mapping
Avatar for Hélio Medeiros helmedeiros
PRO
1
110
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
1
360
AI in Enterprises - Java and Open Source to the Rescue
Avatar for ivargrimstad ivargrimstad
0
1.2k

Transcript

  1. ͳΜͰ΋#1'Ͱ΍Δ࣌୅ͳΜͩͳΝ 6DIJP,POEP(.01FQBCP *OD DHSPVQWͷ σόΠεΞΫηεϑΟϧλ

  2. γχΞɾϓϦϯγύϧΤϯδχΞ ۙ౻ Ӊஐ࿕ / @udzura https://blog.udzura.jp/ Uchio Kondo ٕज़෦ ٕज़ج൫νʔϜ/σʔλج൫νʔϜ

    @ GMOϖύϘ ΤϯδχΞΧϑΣʢ෱Ԭࢢ੺ẂנจԽձؗʣ αϙʔλʔ Duolingo Diamond Leaguer 💎 * ޷͖ͳγεςϜίʔϧ: open_by_handle_at(2) * ޷͖ͳLinux Namespace: Time Namespace * ࠷ۙ͸ݴޠ࣮૷ʼOSࣗ࡞ʼBPFɺίϯςφɺͱ͍͏ײ͡...

  3. ͜Ε·Ͱͷ͋Β͢͡ wF#1'ͱ͍͏ٕज़͕͋Δ w<F#1'DIJLVXBJU>·ͨ͸<F#1'JENNJ>Ͱݕࡧ wͳΜ΍ΧʔωϧͰ҆શߴ଎ʹϑΟϧλ͢Δٕज़

  4. F#1'ͷϓϩάϥϜλΠϓ wW w ଟ͗ͯ͢೺ѲͰ͖ͳ͍ͷͰ ୭͔෩དྷͷγϨϯʹྫ͑ͯ؆ܿʹڭ͑ͯཉ͍͠

  5. BPF_PROG_TYPE_CGROUP_DEVICE

  6. DHSPVQWͷσόΠεΞΫηε੍ݶ wEFWJDFTͱ͍͏αϒγεςϜ͕͋ͬͨ wಛఆͷϑΥʔϚοτͰEFWJDFTBMMPX΍EFWJDFTEFOZʹॻ͖ࠐΉ IUUQTXXXLFSOFMPSHEPD%PDVNFOUBUJPODHSPVQWEFWJDFTUYU

  7. DHSPVQWͰͷσόΠεΞΫηε੍ݶ wJOUFSGBDFpMF͕ͳ͘ͳΔʢʂʣ w#1'@$(3061@%&7*$&ͳϓϩάϥϜΛDHSPVQʹΞλον͢Δͱͷ͜ͱ wϓϩάϥϜͰΑΓࡉ੍͔͘ޚՄೳԿͳΒྫ͑͹ϩάΛ࢒ͨ͠Γ΋Ͱ͖Δ IUUQTXXXLFSOFMPSHEPD%PDVNFOUBUJPODHSPVQWUYUɹ

  8. σϞϓϩάϥϜ

  9. ϑΟϧλ͢ΔϓϩάϥϜʢ$Ͱॻ͘ʣ

  10. ϑΟϧλ͢ΔϓϩάϥϜʢ$Ͱॻ͘ʣ ηΫγϣϯ໊ͷࢦఆ EFWVSBOEPNͰ͋Ε͹Λฦ͢ σϑΥϧτΛฦ͢

  11. Ϗϧυ͢Δ ͖ͬ͞ͷ$ίʔυ͕͜͏͍͏ #1'ϓϩάϥϜʹίϯύΠϧ͞Ε͍ͯΔ

  12. Ξλον͢Δ w΄΅Χʔωϧಉࠝͷ αϯϓϧίʔυͦͷ ··Ͱ͕͢

  13. None

  14. ΧϨϯτϓϩηε͕UFTUCQGʹॴଐ͍ͯ͠Δ WͳͷͰͷߦͷΈݟΔ EFWVSBOEPNʹΞΫηεͰ͖ͳ͍ ʢͪͳΈʹSPPUͰ΋Ͱ͖·ͤΜʣ ଞͷσόΠε͸0,

  15. ͔͜͜Β༨ஊ

  16. 3VDZͱ͍͏ϓϩάϥϜΛ࡞ͬͨ w3VCZͷεΫϦϓτΛ௚઀#1'ʹ͠·͢ SVDZίϚϯυͰΦϒδΣΫτϑΝΠϧΛ ੜ੒͠ɺಉ༷ʹϩʔυ͢Δͱ༗ޮʹͳΔ

  17. ࢓૊Έ Ruby Script mruby OpCodes BPF OpCodes BPF Object (ELF

    format) mruby Rucy transpiler wNSVCZͷ0Q$PEFΛ࡞ΓɺͦΕΛ#1'0Q$PEFʹ຋༁͢Δ

  18. ໋ྩηοτͷൺֱʢҰ෦ʣ wNSVCZ wϨδελϚγϯ7.ɺϨδελ͸ݸʢݸΛਪ঑ʣ w໋ྩ͸Մม௕ɺҾ਺͸3 3ɺ೚ҙͷϨδελΛฦ٫Մ w#1' wϨδελϚγϯ7.ɺϨδελ͸ݸ w໋ྩ͸ݪଇݻఆ௕ʢCJUɺඞཁͳ৔߹CJUʣ wҾ਺͸3 3ɺฦ٫஋͸ඞͣ3

  19. ม׵ͷྫ

  20. ·ͱΊʁ

  21. ॴײͱ͔ w#1'ϓϩάϥϜͷதͰ΋ɺσόΠεΞΫηεϑΟϧλ͸ খ͍࣮͞૷Ͱࢼ͢͜ͱ͕Ͱ͖ΔͷͰɺ 3VDZͷ࣮૷Λ͢Δࡍʹςετઌͱͯ͠ศརͩͬͨɻ wΈͳ͞Μ΋σόΠεΞΫηεϑΟϧλ͔Β#1'࢝Ί·ͤΜ͔ʁ