Skip to content

Instantly share code, notes, and snippets.

View egernst's full-sized avatar

Eric Ernst egernst

83 followers · 9 following
View GitHub Profile
@sameo
sameo / containerd-runtime.md
Last active January 19, 2021 02:55

Containerd runtimes

A runtime in containerd does not stand at the runc level, but at the platform one. There are separate Linux and Windows runtimes, and they register as plugins:

const (
	runtimeName    = "linux"
	configFilename = "config.json"
@sameo
sameo / qboot.md
Last active October 15, 2021 00:59

Description

qboot is a simple x86 firmware that can boot Linux.

It is Paolo Bonzini's answer to the Clear Containers claim that QEMU takes too long to boot a Linux kernel.

qboot only works as a QEMU firmware as it's bound to QEMU's fw_cfg NVRAM firmware configuration device emulation mode.

@enzian
enzian / Kata-Container DinD
Last active September 24, 2022 10:39
# Running a DinD instance with Kata Containers
1. Start on a clean Ubuntu 16.04 machine (if virtualized, enable VT-X support in your hypervisor like Hyper-V).
2. Follow Kata's install guide for the Kata runtime [here](https://github.com/kata-containers/documentation/blob/master/install/ubuntu-installation-guide.md).
3. Continue with the installation guide for docker [here](https://github.com/kata-containers/documentation/blob/master/install/docker/ubuntu-docker-install.md) and skip step 4!
4. Rebuild the guest kernel with overlayfs & btrfs support:
@jcvenegas
jcvenegas / Release.md
Last active March 27, 2019 18:14
Kata Containers Release
@lizrice
lizrice / kubelet-api.md
Last active June 26, 2025 12:39
Checking Kubelet API access

Accessing Kubelet API

curl -sk https://localhost:10250/pods/
  • If --anonymous-auth is turned off, you will see a 401 Unauthorized response.
  • If --anonymous-auth is true and --authorization-mode is Webhook you'll see 403 Forbidden response with message Forbidden (user=system:anonymous, verb=get, resource=nodes, subresource=proxy)
  • If --anonymous-auth is true and --authorization-mode is AlwaysAllow you'll see a list of pods.
@chavafg
chavafg / containerd.conf
Created January 16, 2019 21:33
containerd + runtimeclass
$ cat /etc/containerd/config_runtimeclass.toml
root = "/var/lib/containerd"
state = "/run/containerd"
oom_score = 0
[grpc]
address = "/run/containerd/containerd.sock"
uid = 0
gid = 0
max_recv_message_size = 16777216
@amshinde
amshinde / K8s-Raw-Block-Kata.md
Last active December 29, 2020 03:55
K8s Raw Block storage support with Kata
@egernst
egernst / notes.md
Last active October 28, 2019 21:45
containerd + kubernetes, and making clr-examples do what i want on Bionic

Quick guide for getting Kata+containerd (using v2 shim) up and running super quick on bionic

Installation of Kube stuff on bionic:

Use the following sh:

sudo -E apt install -y curl
sudo bash -c "cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial-unstable main
@jimmychu0807
jimmychu0807 / string-conversion.rs
Created November 21, 2019 10:20
Conversion between String, str, Vec<u8>, Vec<char> in Rust
use std::str;
fn main() {
// -- FROM: vec of chars --
let src1: Vec<char> = vec!['j','{','"','i','m','m','y','"','}'];
// to String
let string1: String = src1.iter().collect::<String>();
// to str
let str1: &str = &src1.iter().collect::<String>();
// to vec of byte
@atheriel
atheriel / ralloc.bt
Last active April 6, 2020 12:09
Trace allocations of R vectors using bpftrace
#!/usr/bin/env bpftrace
/*
* ralloc - Print allocations of R vectors.
*
* Copyright 2020 Aaron Jacobs
* Licensed under the MIT License or the Apache License, version 2.0.
*/
BEGIN
{