Reading-Summary 2018-06

Posts I found interesting around the web:

man7 Linux cgroups

Linux manual page to cgroups feature in the kernel, which restricts Linux processes CPU, max process numbers, memory usage, network setup and etc…

man7 Linux namespaces

Linux manual page to namespaces feature in the kernel. Namespaces can be specified by the clone syscall, and isolates the child process’ cgroup, IPC, network, mount, domain names, and etc…

GOTO 2018 Containers From Scratch

When all the ingredients come together, it’s the foundation where Docker is built upon. This very interesting talk from GOTO2018 demonstrates how you can use the following technologies already built-in the Linux kernel to create your own very small proof-of-concept docker:

  • chroot
  • namespace
  • cgroups

It also includes very interesting details including (but not limited to):

  • You’ll need to mount the /proc virtual file systems for your ‘containerized’ child process.
  • You’ll need to provide ‘UnshareFlag’ CLONE_NEWNS to the clone system call, to ‘unshare’ the mount point from the child process from the parent process, so that parent doesn’t see child’s mount points (which could be many and messy).

A Classical Math Problem Gets Pulled Into the Modern World

An optimization problem is being used in AI, and therefore all AI applications, including self-driving, etc. Math is magical.

Wikipedia is fixing one of Internet’s biggest flaws

As it actually encourages collaborations, discussions, and exposure to opposing views.

Golang Patterns - Part 2

Technical Writing: Learning from Kernighan

Learning technical writing from the author of your favorite C programming book, ‘The C Programming Language’.