2018-09-28, 09:30–10:15 (UTC), Loft
After years of development and experimentation, we finally have comprehensive OS-level work-conserving resource isolation working and are now in the process of deploying for various applications including workload protection and container stacking. This talk examines the project and the resulting resource control methods.
Functional resource control using cgroup2
FB has been actively experimenting with cgroup2 resource control for years. In the process, we developed several kernel and userland mechanisms, fixed numerous isolation issues, and discovered a number of surprising interactions.
We finally have comprehensive OS-level work-conserving resource isolation working and are now in the process of refining and deploying the developed comprehensive resource isolation mechanism for various applications such as workload protection and container stacking.
Let's take a look at the mistakes, the lessons, the result, and discuss how best this can be integrated into the whole operating system.
Stef is an avid open source hacker. He's contributed to over a hundred open source projects. He can be found preaching about continuous integration and working on the Cockpit Linux admin interface. He's a usability freak. Stef lives in Germany, and works at Red Hat.
Holger Levsen has been a Debian user for 20 years and started contributing 15 years ago. He got involved in doing QA work on Debian in 2007 via first working on piuparts, which led him to start https://jenkins.debian.net in 2012. At the end of 2013 he had the idea to use this jenkins setup and a small script to build some packages twice and compare the results. That's how he got involved in Reproducible Builds.