摘要：Debootstrap a standalone Debian system across multiple partitions Tuesday, July 07, 2015 Having finally finished my MSci Computer Science course at Lo 阅读全文

摘要：Logging to syslog from Your Script Problem You’d like your script to be able to log to syslog. Solution Use logger, Netcat, or bash’s built-in network 阅读全文

摘要：root@(none):/# host_vsock_addr=x00x00x14x14x00x00x02x00x00x00x00x00x00x00 root@(none):/# socat -u "fd:3" "socket-connect:40:0:${host_vsock_addr}" 2020 阅读全文

摘要：112 packages can be upgraded. Run 'apt list --upgradable' to see them. bash: sudo: command not found root@ubuntu:/var/lib/dpkg# apt-get install sudo r 阅读全文

摘要：Manually, using qemu-kvm command line There are a nice set of details on the QEMU wiki describing this, so this section will be quite short. To share 阅读全文

摘要：背景 最近在阅读 runc 的实现，发现在 runc 中比较重要的一个逻辑是在设置 namespace 过程中的 nsenter 模块，其中逻辑有些绕，也发现了一段很长很有意思的注释，分享一下。 What 什么是 nsenter，nsenter 是 runc 中的一个 package，它包含了一个特 阅读全文

摘要：default_vcpus = 1 root@ubuntu:/# lscpu Architecture: aarch64 Byte Order: Little Endian CPU(s): 1 On-line CPU(s) list: 0 Thread(s) per core: 1 Core(s) 阅读全文

摘要：#define _GNU_SOURCE #include<sched.h> #include<stdio.h> #include<stdlib.h> #include<sys/wait.h> #include<unistd.h> #include<errno.h> #include<string.h 阅读全文

摘要：One of the building blocks to implement containers is Linux namespaces. Namespaces control what a process can see. It can be the processes IDs, mount 阅读全文

摘要：root@cloud:~# ps -elf | grep nsexec 0 S root 57368 56786 0 80 0 - 420 wait 14:23 pts/0 00:00:00 ./nsexec 0 S root 57387 57371 0 80 0 - 1418 pipe_r 14: 阅读全文

摘要：https://x3fwy.bitcron.com/post/runc-malicious-container-escape The `nsenter` package will `import "C"` and it uses [cgo](https://golang.org/cmd/cgo/) 阅读全文

摘要：https://github.com/kata-containers/runtime/issues/571 https://github.com/gotoz/runq#storage docker run -it --runtime=kata-runtime --device data1:/data 阅读全文

摘要： 阅读全文

摘要：https://www.junmajinlong.com/virtual/namespace/mount_namespace/ root@cloud:~# ls -1 /proc/$$/mount* /proc/3374/mountinfo /proc/3374/mounts /proc/3374/ 阅读全文

摘要：func setupStorages(sandbox *Sandbox) []*grpc.Storage { storages := []*grpc.Storage{} caps := sandbox.hypervisor.capabilities() // append 9p shared vol 阅读全文

摘要：persistent namespaces Today I merged support for persistent namespaces to unshare(1). The persistent namespace does not require any running process wi 阅读全文

摘要：func (a *agentGRPC) CreateContainer(ctx context.Context, req *pb.CreateContainerRequest) (resp *gpb.Empty, err error) { if err := a.createContainerChe 阅读全文

摘要：Select boot-target : – via /etc/systemd/system/default.target symlink; – appending number or systemd.unit=<target> to bootargs. root@ubuntu:/# systemc 阅读全文

摘要：root@ubuntu:/# journalctl -r -t Openvmi-Container-Manager No journal files were found. -- No entries -- root@ubuntu:/# systemctl restart systemd-journ 阅读全文

摘要：惠春阳, Intel 软件工程师, 主要从事SPDK开发和存储软件性能优化的工作。 文章转载自DPDK与SPDK开源社区 随着存储技术的发展, 对存储性能的不懈追求, 高性能存储开始探索向内存通道的迁移。 在这样的情况下, NVDIMM 技术便应运而生了。 NVDIMM (Non-Volatile 阅读全文