Haconiwa's current status: security, mruby improvement, CRIU

Transcript

1. αʔϏεΛٕज़ͰࠩผԽ͢ΔͭͷτϐοΫ ۙ౻Ӊஐ࿕
   
   (.0
   1FQBCP
   *OD
   
   1FQBCP
   5FDI
   'SJEBZ )BDPOJXBͱ$3*6ͱࢲ

2. γχΞɾϓϦϯγύϧΤϯδχΞ ۙ౻ Ӊஐ࿕ / @udzura https://blog.udzura.jp/ Uchio Kondo ٕज़෦ ٕज़ج൫νʔϜ

   ࠷ۙ࢖͍ͬͯΔϒΩ: εΫεϩϕονϡʔ
3. None

4. 

5. ηΩϡϦςΟతͳڧԽ

6. "QQ"SNPS
   ΁ͷରԠ wNSUD IUUQTHJUIVCDPNIBDPOJXBIBDPOJXBQVMM

7. QJWPU@SPPU
   Խ wDISPPU 
   ʹΑΔVOKBJM͸͜ΕͰෆՄೳʹͳΔ IUUQTHJUIVCDPNIBDPOJXBIBDPOJXBQVMM

8. 4FOTJUJWFͳϑΝΠϧͷϚεΫ wQSPD΍EFWͳͲͷԼͷϑΝΠϧ IUUQTHJUIVCDPNIBDPOJXBIBDPOJXBQVMM

9. ηΩϡର

10. 

11. NSVCZ
    ΁ͷόάใࠂ
    ͱରԠʢ.BU[͕ʣ

12. 
    'JCFS
    Ͱ($͕े෼Ͱͳ͍͕࣌͋Δ IUUQTHJUIVCDPNNSVCZNSVCZJTTVFT

13. 
    BUUS΁ͷOJM
    HVBSE͕ಈ࡞͠ͳ͍ IUUQTHJUIVCDPNNSVCZNSVCZJTTVFT

14. 
    ྫ֎ͷߦ൪߸͕ͣΕ͍ͯΔ IUUQTHJUIVCDPNNSVCZNSVCZJTTVFT

15. 
    ಛఆͷ਺ࣈϦςϥϧΛFWBM Ͱ)BOH IUUQTHJUIVCDPNIBDPOJXBIBDPOJXBJTTVFT

16. શͯରॲࡁΈʂ
    ʢ.BU[͕ʣ
    ʢ͋Γ͕ͱ͏͍͟͝·ͨ͠ʣ

17. όάใࠂͷίπ

18. ɾใࠂͷʮܕʯΛ֮͑Δ
    ɾ࠷খέʔεΛݟ͚ͭΔ
    ɾHEC

19. 

20. $3*6ରԠ

21. None

22. Let’s take a glance at the future of containers! Please

    visit: https://speakerdeck.com/udzura/introduction-to-criu Introduction to CRIU

23. What I’m working on now • Bundling CRIU features into

    Haconiwa • haconiwa checkpoint: • To create checkpoint from a running container • haconiwa restore: • To make a restored container, with some spec changes

24. Normal FastCon lifecycle ngx_mruby Haconiwa Containers Restart on next request

    Stop after “Lifetime” Haconiwa

25. Lifecycle with CRIU ngx_mruby Haconiwa Containers ReSTORE on next request

    Make image just before stop, In async process haconiwa restore Image

26. #FGPSF"GUFS 3BJMT
    ˞CPPUTOBQͳ͠ ಉ౳ͷΞϓϦΛ
    $3*6
    *NBHF͔Β࠶ੜ

27. )BDPOJXB͸ࠓ΋
    ਐԽதͰ͢ʂ

28. -FU`T
    044

29. ͦͷଞ

30. ϑοΫॲཧͷ௥Ճ
    DHSPVQ
    IPPLT

31. ϝϞϦϓϨογϟʔͷݕ஌ IUUQTHJUIVCDPNIBDPOJXBIBDPOJXBQVMM