Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Device access filtering in cgroup v2

2cf373725ded741824c50fd571eda6e1?s=47 KONDO Uchio
October 09, 2021
Technology
0
310

Device access filtering in cgroup v2

第15回 コンテナ技術の情報交換会@オンライン -> https://ct-study.connpass.com/event/223739/

2cf373725ded741824c50fd571eda6e1?s=128

KONDO Uchio

October 09, 2021
Tweet

More Decks by KONDO Uchio

See All by KONDO Uchio
Narrative of Ruby & Rust
2cf373725ded741824c50fd571eda6e1?s=48 udzura
0
5
開発者生産性指標の可視化 / pepabo-four-keys
2cf373725ded741824c50fd571eda6e1?s=48 udzura
3
500
Talk of RBS
2cf373725ded741824c50fd571eda6e1?s=48 udzura
0
110
Re: みなさん最近どうですか? / FGN tech meetup in 2021
2cf373725ded741824c50fd571eda6e1?s=48 udzura
0
430
Dockerとやわらかい仮想化 - ProSec-IT/SECKUN 2021 edition -
2cf373725ded741824c50fd571eda6e1?s=48 udzura
1
310
"Story of Rucy" on RubyKaigi takeout 2021
2cf373725ded741824c50fd571eda6e1?s=48 udzura
0
260
生産性を可視化したい! / SUZURI's four keys
2cf373725ded741824c50fd571eda6e1?s=48 udzura
11
4.6k
@udzura at prog-lang-sys-ja
2cf373725ded741824c50fd571eda6e1?s=48 udzura
0
32
“Railsな人” のための低レイヤへの招待 / introduction-to-low-level-mruby
2cf373725ded741824c50fd571eda6e1?s=48 udzura
8
3k

Other Decks in Technology

See All in Technology
Puny to Powerful PostgreSQL Rails Apps
65e84915478a95a22dd40da712f304df?s=48 andyatkinson
PRO
0
280
Scrum Fest Niigata 2022 開発エンジニアに聞いてみよう!
478bd912a17b65fa0ab8c1d81912b9b1?s=48 moritamasami
1
140
プロダクション環境の信頼性を損ねず観測する技術
3baceb46dfe36422370df30b8eab61d1?s=48 egmc
4
490
THETA Xの登場はジオ業界を変えるか?
5314ec2302336bf68c95bdb5b1476227?s=48 furuhashilab
0
160
Steps toward self-service operations in eureka
71929a476c581dd754e4e1f355ac07d0?s=48 fukubaka0825
0
580
次期LTSに備えよ!AOS 6.1 HCI Core 編
A4d5b3aae2e67f31b513c88c726514c2?s=48 smzksts
0
180
How We Foster Reliability in Diversity
Ed424b1e857828ce69b0fdf4c3291d2e?s=48 nari_ex
PRO
9
2.6k
2022年度ロボットフロンティア第1回
114d1b33c50cdc86c4c641682190407f?s=48 ryuichiueda
0
140
Research Paper Introduction #98 "NSDI 2022 recap"
464d1574ef169d2457c907e77794d973?s=48 cafenero_777
0
200
[SRE NEXT 2022]組織に対してSREを適用するとはどういうことか
667ad57b416187cb22589158805603b4?s=48 srenext
0
130
事業の成長と共に歩む、ABEMA SRE探求の歴史 / SRE-Next 2022
762fa63fae184f8e08f11d527a93ba3f?s=48 nagaa052
0
150
AWS CLI入門_20220513
1642254df0e7560327cda4ddc071397e?s=48 suzakiyoshito
0
3.8k

Featured

See All Featured
Building Applications with DynamoDB
39488f9d172ab92fd352f2cd7b73258d?s=48 mza
83
4.6k
The Pragmatic Product Professional
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
19
2.9k
Streamline your AJAX requests with AmplifyJS and jQuery
9cde37f47e4a800ea081ea42de8d749a?s=48 dougneiner
125
8.5k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
5b9fe87ec1faa67a4599782930f45ec9?s=48 sstephenson
151
12k
The Language of Interfaces
Fde6c3a50ca518a909ef35c22c0ee0e4?s=48 destraynor
148
20k
The Power of CSS Pseudo Elements
5b6a2bd86ef643786a381a212e0ef2f1?s=48 geoffreycrofte
46
3.9k
Reflections from 52 weeks, 52 projects
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
337
17k
Practical Orchestrator
168ccec72eee0530b818d44f3fedaacf?s=48 shlominoach
178
8.6k
The Cult of Friendly URLs
Ded01cdab114abe4ec13511e4c25b9bb?s=48 andyhume
68
4.7k
Clear Off the Table
Ef32e0b1ac5082450dc8c1fca3a26b5c?s=48 cherdarchuk
79
280k
GraphQLとの向き合い方2022年版
893f54413c2bd9ba41d11d753aacaf2c?s=48 quramy
16
8.1k
Infographics Made Easy
282d599b414022eba5096510f675b6e2?s=48 chrislema
233
17k

Transcript

  1. ͳΜͰ΋#1'Ͱ΍Δ࣌୅ͳΜͩͳΝ 6DIJP,POEP(.01FQBCP *OD DHSPVQWͷ σόΠεΞΫηεϑΟϧλ

  2. γχΞɾϓϦϯγύϧΤϯδχΞ ۙ౻ Ӊஐ࿕ / @udzura https://blog.udzura.jp/ Uchio Kondo ٕज़෦ ٕज़ج൫νʔϜ/σʔλج൫νʔϜ

    @ GMOϖύϘ ΤϯδχΞΧϑΣʢ෱Ԭࢢ੺ẂנจԽձؗʣ αϙʔλʔ Duolingo Diamond Leaguer 💎 * ޷͖ͳγεςϜίʔϧ: open_by_handle_at(2) * ޷͖ͳLinux Namespace: Time Namespace * ࠷ۙ͸ݴޠ࣮૷ʼOSࣗ࡞ʼBPFɺίϯςφɺͱ͍͏ײ͡...

  3. ͜Ε·Ͱͷ͋Β͢͡ wF#1'ͱ͍͏ٕज़͕͋Δ w<F#1'DIJLVXBJU>·ͨ͸<F#1'JENNJ>Ͱݕࡧ wͳΜ΍ΧʔωϧͰ҆શߴ଎ʹϑΟϧλ͢Δٕज़

  4. F#1'ͷϓϩάϥϜλΠϓ wW w ଟ͗ͯ͢೺ѲͰ͖ͳ͍ͷͰ ୭͔෩དྷͷγϨϯʹྫ͑ͯ؆ܿʹڭ͑ͯཉ͍͠

  5. BPF_PROG_TYPE_CGROUP_DEVICE

  6. DHSPVQWͷσόΠεΞΫηε੍ݶ wEFWJDFTͱ͍͏αϒγεςϜ͕͋ͬͨ wಛఆͷϑΥʔϚοτͰEFWJDFTBMMPX΍EFWJDFTEFOZʹॻ͖ࠐΉ IUUQTXXXLFSOFMPSHEPD%PDVNFOUBUJPODHSPVQWEFWJDFTUYU

  7. DHSPVQWͰͷσόΠεΞΫηε੍ݶ wJOUFSGBDFpMF͕ͳ͘ͳΔʢʂʣ w#1'@$(3061@%&7*$&ͳϓϩάϥϜΛDHSPVQʹΞλον͢Δͱͷ͜ͱ wϓϩάϥϜͰΑΓࡉ੍͔͘ޚՄೳԿͳΒྫ͑͹ϩάΛ࢒ͨ͠Γ΋Ͱ͖Δ IUUQTXXXLFSOFMPSHEPD%PDVNFOUBUJPODHSPVQWUYUɹ

  8. σϞϓϩάϥϜ

  9. ϑΟϧλ͢ΔϓϩάϥϜʢ$Ͱॻ͘ʣ

  10. ϑΟϧλ͢ΔϓϩάϥϜʢ$Ͱॻ͘ʣ ηΫγϣϯ໊ͷࢦఆ EFWVSBOEPNͰ͋Ε͹Λฦ͢ σϑΥϧτΛฦ͢

  11. Ϗϧυ͢Δ ͖ͬ͞ͷ$ίʔυ͕͜͏͍͏ #1'ϓϩάϥϜʹίϯύΠϧ͞Ε͍ͯΔ

  12. Ξλον͢Δ w΄΅Χʔωϧಉࠝͷ αϯϓϧίʔυͦͷ ··Ͱ͕͢

  13. None

  14. ΧϨϯτϓϩηε͕UFTUCQGʹॴଐ͍ͯ͠Δ WͳͷͰͷߦͷΈݟΔ EFWVSBOEPNʹΞΫηεͰ͖ͳ͍ ʢͪͳΈʹSPPUͰ΋Ͱ͖·ͤΜʣ ଞͷσόΠε͸0,

  15. ͔͜͜Β༨ஊ

  16. 3VDZͱ͍͏ϓϩάϥϜΛ࡞ͬͨ w3VCZͷεΫϦϓτΛ௚઀#1'ʹ͠·͢ SVDZίϚϯυͰΦϒδΣΫτϑΝΠϧΛ ੜ੒͠ɺಉ༷ʹϩʔυ͢Δͱ༗ޮʹͳΔ

  17. ࢓૊Έ Ruby Script mruby OpCodes BPF OpCodes BPF Object (ELF

    format) mruby Rucy transpiler wNSVCZͷ0Q$PEFΛ࡞ΓɺͦΕΛ#1'0Q$PEFʹ຋༁͢Δ

  18. ໋ྩηοτͷൺֱʢҰ෦ʣ wNSVCZ wϨδελϚγϯ7.ɺϨδελ͸ݸʢݸΛਪ঑ʣ w໋ྩ͸Մม௕ɺҾ਺͸3 3ɺ೚ҙͷϨδελΛฦ٫Մ w#1' wϨδελϚγϯ7.ɺϨδελ͸ݸ w໋ྩ͸ݪଇݻఆ௕ʢCJUɺඞཁͳ৔߹CJUʣ wҾ਺͸3 3ɺฦ٫஋͸ඞͣ3

  19. ม׵ͷྫ

  20. ·ͱΊʁ

  21. ॴײͱ͔ w#1'ϓϩάϥϜͷதͰ΋ɺσόΠεΞΫηεϑΟϧλ͸ খ͍࣮͞૷Ͱࢼ͢͜ͱ͕Ͱ͖ΔͷͰɺ 3VDZͷ࣮૷Λ͢Δࡍʹςετઌͱͯ͠ศརͩͬͨɻ wΈͳ͞Μ΋σόΠεΞΫηεϑΟϧλ͔Β#1'࢝Ί·ͤΜ͔ʁ