nukemberg / 15m-ops-break Goto Github PK

• Scheduling priorities and classes
• nice, renice and nice levels
• How this interacts with cgroups

• TLS handshake, latency
• SNI headers, encrypted SNI
• Certificates and validation (client and server)
• TLS record sizes and TCP MSS
• Certificate chain and bundles

• rlimit/ulimit
• /etc/limits.conf
• pam_limit
• sysctl limits
• cgroups

• What is init
• What is systemd
• systemctl
• units, services, targets
• socket activation
• dependencies
• systemd-analyze

add readme with link to channel

• What is SSH
• Channels, subsystems
• Auth keys, agent
• Multiplexing
• Forwarding
• Is it safe to expose on public net?

• What is mount bind
• Soft/hard/recursive
• When to use

Intro to Git

• Merkle trees
• Content addressable storage
• Blobs, commits, heads
• Repo, work tree, staging area
• Merges vs rebase

Compare 3 ways of getting to the internet with packet capture and OSI diagrams

• Router - packets not touched only moved
• NAT - Layer 3/4 address rewrite
• SOCKS/HTTP proxy - Layer 3/4 full rewrite, Layer 7 rewrite (HTTP)

• Layers (OSI, ip suite)
• DNS (#10)
• End to end principle
• IP Routing: gateways, subnets
• TCP
• TLS/SSL
• HTTP
• Virtual hosting
• Proxies, routers, switches (intermediates)
• Load balancing (#24 )
• Tunnels (ip-in-ip/gre, ipsec, VPNs in general)
• HTTP Caching

• memory architecture
• TLB
• hugepages
• dirty pages
• mmap
• shared memory
• copy on write

• What is PAM
• Integrating SSO using PAM
• Automating audit, session management etc

• SMTP
• POP/IMAP
• Security

• strace
• ltrace
• perf
• ebpftrace
  separate video on ebpf

Classic interview question: list everything that happens when you click enter in the browser address box

Hi,

Would love it if you could create an episode about networking in the cloud - debugging, useful tools, and how it differs from "old times".
Also, networking in k8s - how it works, what to do/try when defining IP masquerade is not enough, and how the hell to debug stuff when containers are running alpine and no root so you don't have any curl/telnet/ping and other useful commands in the container and you can't install it either.

• Why we need random
• How random is "random"? random quality, "secure random", pseudo random
• Why we need PRNG (determinism, performance)
• /dev/random, /dev/urandom
• libc random(), srandom()
• uuid4

• How to read free, what are the memory categories
• Why doesn't free = total - used
• Kernel/userspace memory
• Shared memory
• Memory pressure behaviour

• The executable bit
• How Linux executes files: magic headers, binary formats, shells
• LDD and the linker
• binfmt extensions

What's the difference between compilers and interpreters, how does relate to runtimes and language VMs.

• Anatomy of resolve()
• NSSwitch, /etc/hosts
• DNS basics, /etc/resolv.conf
• DNS cache daemons

• what are readline and editline
• .inputrc, .editrc
• ncurses

quite related to resilience engineering IMO

• misconceptions
• how can these be calculated in complex systems (especially when dependent on public clouds)

How Linux boot sequence works:

• bootloader
• kernel
• initrd
• init
• runlevels

• The risk matrix (impact/frequency) and the long tail
• Failure domains
• Blast radius/bulkheading
• Preconditions/limits of automation
• Runbooks
• Monitoring/observability

• ICMP
• routing messages (destination not reachable)
• ping
• TTL header and traceroute

Load average is one of the basic metric we have while debugging performance issues. I often see people (candidates?) think that load average is only effected by CPU, while it can be effected by disk/network utilization, I think it worth an episode

Hi :)
Would love it if you could create an episode about kernel structure, and how knowing it can help incorporate it in day to day tasks and troubleshooting :)

• DNS
• IP (BGP, VIP)
• TCP
• HTTP (L7 proxy)
• Client side

• Its not about backup, it's about restore
• A replica is not a backup
• But dataset regeneration is
• RTO/RPO
• Full/incremental/differential

• Userspace/kernelspace
• System calls
• libc
• init
• packages

Why tools
Build your tools
Get your tools
Combine your tools
Master your tools (only a few, choose carefully)

The concept of virtualisation (generic, e.g. virtual memory, virtual methods, virtual machines), and how it relates and contrasts with emulation (e.g. terminals, machine emulation a-la qemu) and abstraction. In a nutshell:

• virtualisation: disconnecting an existing interface from implementation while keeping the implementation the same. often done for logistical reasons - improved resource management. E.g. hypervisors, virtual memory
• emulation: disconnecting an existing interface from implementation but providing it by a different unrelated implementation, pretending to be the original thing. Often done for compatibility. e.g. terminals
• abstraction: creating a new interface; this implies existing implementations do not dictate the interface. Usually done to reduce semantic surface (limit possible inputs), simplify and/or add high level features.
  Over time abstractions break and become dependent on their implementation, eventually requiring virtualisation and emulation.

• UID/GID process bits, getuid() family
• usernames, /etc/shadow, /etc/passwd, /etc/group
• nsswitch
• UID namespaces

• How should good graphs look like
  • Axis, bounds, resolution
  • Colors
• Peak erosion, resolution, aggregates
• Graphs should reflect a model
  • Reference lines/bars
  • Related graphs (e.g. USE, latency/throughtput/errors)
• Working with multiple series
  • Comparing timeframes
  • Clusters (bands, most deviants, top K)

Hi :)
Would love it if you could create an episode about memory management and how to debug memory issues

• What is a grid and why you need it
• K8s, Nomad, ECS, etc
• Responsibilities of a grid
  • Scheduling
  • Process management
  • Resource management
• Auxiliary services
  • Service discovery
  • Config data/meta data/secrets
  • Load balancing