Original post date: May 13, 2014
We’ve mentioned sysdig several times before, but we haven’t published anything in our English-language blog about the program itself. Today, we’ll be pulling an article out of our archives and looking at our original review of sysdig. Read more
We launched a campaign at the start of July where anyone interested could test out the latest Intel Optane SSDs (see link for more details). It’s no exaggeration to say that the release of the Optane disk is a revolution in the field of information storage. In this article, we’ll be talking the technologies these new disks are based on and the benefits they offer. Read more
On July 12, Intel presented its new line of server processors under the code name Skylake SP (Scalable Processors). This is no coincidence: Intel has introduced a lot of innovations and, as one review (Rus) noted, “tried to offer something for everyone.” Read more
We’ve already written about how our Cloud Storage can be used as a platform for hosting static sites. Today, we’re going to discuss how our cloud can be used to host Single Page Applications (SPA). Read more
When working with potentially dangerous, unverified, or simply raw software, developers often use sandboxes. These are special environments that isolate or restrict programs and code from accessing data outside the environment. Sandboxes limit the software’s network access, OS interactions, and information from IO devices.
Lately, people have been turning more and more towards containers for launching unverified and non-secure software. Read more
Original publication date: September 22, 2015.
The audit subsystem is used to raise the level of security in Linux systems. Although it doesn’t offer additional security per se, it’s used to retrieve detailed information on system events. This provides detailed information on system violations, which can be used to implement additional targeted security measures. We’ll be taking a deeper look at the audit subsystem in this article. Read more
In May 2016, the developers of Sysdig released Falco, a tool for detecting anomalous system behavior.
Falco consists of two main components: the sysdig_probe kernel module (which Sysdig also runs on) and the daemon for writing the information it collects to the disk.
Falco tracks applications according to user-defined rules, and if any anomalies are detected, it writes the information to a standard output, syslog, or user-defined file. in their blog, the developers jokingly call Falco “…a hybrid of snort, ossec and strace,” and position it as a simple IDS that puts almost no additional load on the system.
Today we’ll be continuing our containerization blog series with a discussion about runC, a tool for launching containers according to Open Container Initiative (OCI) specifications. The initiative’s mission is to develop a single standard for containerization technology and is supported by such companies as Facebook, Google, Microsoft, Oracle, EMC, and Docker. The OCI Runtime Specifications were published in the summer of 2015.
Modern containerization tools already implement runC. The latest versions of Docker (starting with version 1.11) have been made according to OCI specifications and are built on runC. The libcontainer library, which is essentially a part of runC, has replaced LXC in Docker as of version 1.8.
In this article, we’ll show you how you can create and manage containers using runC.
We’ve already touched on the issue of processing events in real time. Today, we’re going to return to this topic and talk about a fairly new and interesting tool: the streaming DBMS PipelineDB.
PipelineDB is built on and fully compatible with the PostgreSQL 9.4 codebase. It was first released in June 2015 and the enterprise version came out in January 2016.
Below, we’ll compare PipelineDB with similar solutions, give brief installation and initial setup instructions, and also look at a use case.
In previous posts, we looked at various issues related to monitoring, collecting, and saving metrics and different methods and tools for getting around them. In today’s article, we’ll be discussing yet another tool that simplifies these processes: Netdata.
Unlike other analytical tools, Netdata is designed for gathering and visualizing metrics in real time (and when necessary, a backend can be incorporated for gathering and saving collected metrics).