Posts

Objective To understand PCI Express(PCIe) from the perspective of software engigneering. Concepts PCIe PCIe, or peripheral component interconnect express, is an interface standard for connecting high-speed I/O components such as GPUs, TPUs, RAID/HBA cards, Ethernet NICs , SSD add-on cards or WiFi cards. PCIe is point to point serial connection. SerDes, Lanes, Links and Slots. Each PCIe lane utilizes two SerDes(Serializer/Deserializer)pairs, one for transmitting and one for receiving data, resulting in a total of four physical wires or signal traces. ...

Objective To understand how Kubernetes HA is implemented, especially the stacked etcd topology. Kubernetes Control Plane HA Architecture Concepts In addition to three control plane nodes, HAProxy and Keepalived are the key components to implement Highly Available Kubernetes Control Plane. HAProxy Like Nginx, HAProxy is a popular open source TCP/HTTP Loadbalancer and Proxy solution. HAProxy balance the traffic among Kubernetes Control Plane nodes via Control Plane VIP. However, if a single HAProxy instance is deployed, Kubernetes Control Plane will become unavailable once the HAProxy failed. Multiple HAProxy instances are used to avoid the single point of failurei problem. ...

This post will collect all articles related to Linux Performance Tuning. Objective To understand the performance tuning by going deeper and provide guidance to tune the performance of Kubernetes node. System Linux Performance Performance Tunning ArchLinux: Improving perfomance Linux Performance Tuning Low latency tuning guide Hadoop Tuning Guide for AMD EPYC Kafka Performance HPC Cluster Tuning on 3rd Gen Intel Xeon Processors Intel Extension for Pytorch CPU 3 tips for Linux process performance improvement with priority and affinity Memory Disk I/O Dealing with Memory and Disk I/O Filesystem Peformance Tuning for EXT4 Fast disk I/O with ext4 HOWTO EXT4 Filesystem Tuning Benchmarks PostgreSQL Filesystem Tuning BeeGFS: Tips for Storage Server Tuning Linux OS Tuning for MySQL Optimizing Your NFS Filesystem Linux kernel tuning for GlusterFS Linux disk performance tuning Intel: Tuning the performance of Intel SSD Networking Broadcom: TCP Performance Tuning SUSE: Tuning the network DPDK: Get best performance with Intel NIC Linux Performance Tuning Guide for Intel NIC Tuning 10Gb NICs highway to hell

Objective To understand which Kubernetes node a pod is running on. Overview Various applications can be deployed in a Kubernetes cluster: Linux system daemons, Kubernetes components, Kubernetes Addons and various Kubernetes workloads. To bind applications to a Kubernete node, there are two ways: Static Binding Dynamic Scheduling Static Binding Critical Linux system daemons such as systemd, chrony, Network Manager, kubelet, Container Runtimes are required to run on each node as standalone programs. Kubernetes control plane components are running in static pods, which are managed directly by the kubelet daemon using manifest files under /etc/kubernetes/manifests. Static pod can not refer to other Kubernetes objects like Service Account, ConfigMap, Secret, etc, and do not support ephemeral containers. ...

Objective To illustrate kubernetes cluster architecture and understand critical Kubernetes components. Cluster Architecture Control Plane Components Control Plane components run on one or mulptile control plane nodes. kube-apiserver kube-apiserver implements the Kubernetes API, and is designed to scale horizontally. kube-apiserver runs as a static pod or systemd daemon, configured using Pod specification or systemd unit and configuration file in /etc. etcd etcd is a consistent and highly-available key value store used for storing Kubernetes’ cluster data. ...

Objective To understand the Service concept in Kubernetes. Concepts The following concepts are critical to understand the Service API in Kubernetes. Service Service is an abstraction to expose groups of Pods over a newtwork. Pods are selected via Labels and Selectors. Each Service object defines a logic set of Endpoints or EndpointSlice by Kubernetes control plane automatically. There are 4 Services types: ClusterIP, NodePort, LoadBalancer and ExternalName. Refer this article for illustration. ClusterIP CluterIP is the default Service type and exposes the Service within the cluster ONLY. The IP address can be statically or dynamically chosen from service-cluster-ip-range configured for the Kubernetes API server. ...

Objective To understand how vSphere CSI driver works and is being deployed. vSphere CSI Driver Architecture vSphere CSI Driver Deployment vSphere CSI Driver is a Kubernetes Deployment that includes multiple containers and runs on the control plane node. csi-snapshotter csi-snapshotter is the sidecar container that watches for VolumeSnapshotContent create/update/delete events. csi-snapshotter works with CSI snapshot controller together implement CSI snapshot function. See Description and Github for further details. csi-resizer csi-resizer is a sidecar container that watches the Kubernetes API server for PersistentVolumeClaim updates and triggers ControllerExpandVolume operation. ...

It will be helpful to understand modern software system like Kuberneteswith fundamental security concepts. For example, symmetric encryption, asymmetric encryption, public/private key, digital signature, certificate and signing. Objective Use diagram to illustrate critical security concepts used in modern software. Concepts Encryption Symmetric encryption uses same key for both encryption and decryption; while asymmetric encryption use different but mathematically relatedkeys for enryption and decryption. Symmetric Encyption can be illustrated in the following diagram: ...

In Kubernetes 1.24, dockershim will be removed. What does it mean, let’s take a look the container stackbefore and after dockershim removal. Objective To walkthrough container stack on a Kubernetes node. Before 1.24 release Since 1.24 release Walk-through Using the opportunity, we can walkthrough the container stack and corresponding tooling on a Kubernetes node from top to bottom. apiserver apiserver sits on the Kubernetes master, validates and configures data for the api objects which include pods, services, replicationcontrollers and others. The API Server services REST operations and provides the cluster’s shared state. ...

This post collects productivity tools used in my daily worklife. Documenting Excalidraw: Draw a diagram DokuWiki: a Wiki for yourself Programming Visual Studio Code: Code editor SourceGraph: Search the code in Github OpenGrok: Search any code, host your own git: Distributed version control system github.com: Well known code repository Review Board: Code review tool Gerrit Code Review: Another code review tool: Another code review tool Jenkins: CI/CD tools JIRA: an enterprise bug tracking system Bugzilla: an open source bug tracking system remark: A simple, in-browser, markdown-driven slideshow tool. Linux Kernel Linux Kernel Cross Reference Linux Kernel CVEs