Kubernetes Podcast: SIG-Node, with Dawn Chen

https://kubernetespodcast.com/episode/022-sig-node/
Dawn Chen, TL for SIG-Node and the Google Kubernetes Engine node team, joins Craig and Adam this week. She has worked on containers and container schedulers since 2007 - not a typo. We also bring you the news, in part from the echo chamber of Google Cloud Summit in Sydney.

Do you have something cool to share? Some questions? Let us know:

• web: kubernetespodcast.com
• mail: kubernetespodcast@google.com
• twitter: @kubernetespod

Chatter of the week

• Stickers!
• Google Cloud Summit in Hong Kong
• Google Cloud Next in London
• Gartner Symposium Orlando
• KubeCon Shanghai

News of the week

• NetApp acquires StackPointCloud
• Cloud news:
  • Sandbox pods on GKE
    • Signup form
  • Kubernetes tools for Azure Stack
  • EKS can generate kubeconfig files!
• GSoC: katacontainer support in containerd, by Jian Liu
• linkerd 2.0 is GA
  • Thomas Rampelberg tells you how to use it
• Cortex added to the CNCF sandbox
• Red Hat OpenShift Service Mesh, based on Istio
• Microservice observability with Istio at Trulia
• Contour 0.6 from Heptio

Links from the interview

• Dawn Chen on GitHub
• The Borg paper
• Process containers (later ‘cgroups’):
  • The first submission of containers to the Linux kernel
  • Early coverage of process containers
  • Paul Menage’s 2007 paper “Adding Generic Process Containers to the Linux Kernel”
  • Dawn’s first job: tracking processes. Each job had its own GID - she would use netlink connection tracking to map processes and threads to GIDs, and, using procfs, figure out CPU and memory usage.
  • Dawn’s second job: adjusting CPU usage using nice
  • Today we just use memcg
  • Fake NUMA - cut a machine into big chunks and assign them to groups of processes.
• Linux Plumbers Conference
  • Tim Hockin’s presentation at the Linux Plumbers Conference in 2011, talking about the work Dawn’s team were doing
• lmctfy - Let Me Contain That For You
  • In case you don’t get the joke
  • It’s like runc and containerd
• SIG Node
  • Node and lifecycle management
  • Application management
  • Container runtimes and kubelet
  • Node problem detection
  • Resource management
  • GPU & TPU
  • Security isolation
  • gVisor and Sandbox Pods
  • Logging and monitoring
• Was SIG Node the first SIG?
  • Tied with SIG API Machinery
• How did we get to CRI?
  • rktnetes was released with Kubernetes 1.3
  • Hyper_ containers (now Kata Containers)
  • LXC and LXD
  • kubevirt for running VMs instead of containers
  • OCI
  • CRI was released with Kubernetes 1.5
  • containerd and CRI-O
• Container RuntimeHandler, so some pods can run with one runtime and some with another