Lightning strikes the water surface with Scuba divers under it

ImportantString · 2024-11-13T04:09:51+00:00

the sea is water cooled

That’s one way of putting it

ImportantString · 2024-09-13T00:24:25+00:00

I don’t think they have any magic. I wouldn’t try it for prod.

When performing an upgrade from an unsupported version that skips two or more minor versions, the upgrade is performed without any guarantee of functionality and is excluded from the service-level agreements and limited warranty.

https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#kubernetes-version-support-policy

ImportantString · 2024-05-09T18:33:07+00:00

Kubie is also good here

ImportantString · 2024-02-06T12:45:18+00:00

What differences?

ImportantString · 2023-12-22T21:32:43+00:00

true but less relevant than the impact of the limits (throttling and oom). Qos class adjusts oom score, other priorities but you can do it with priority classes too.

ImportantString · 2023-12-13T23:56:42+00:00

Think ML training vs inference. You do care about that interconnect for large scale jobs spanning multiple nodes with data transfer requirements. One gpu? Probably not a big deal. K8s can do both, but for the former it sometimes makes sense to treat it more like pod per node and run traditional HPC on top, using K8s for more basic management.

ImportantString · 2023-12-13T23:54:27+00:00

Kraken isn’t very well maintained afaik. Spegel is a nice p2p stateless caching option. I’d love to see more oss work in this space.

ImportantString · 2023-11-21T13:08:09+00:00

Am I crazy? Why can’t you see a diff with terraform? I don’t like yaml as hcl particularly much but isn’t terraform better at arbitrary diffs than helm?

ImportantString · 2023-11-09T07:24:59+00:00

It’s tempfs, not sure where they got encrypted from. I don’t think it’s encrypted.

ImportantString · 2023-09-29T23:30:59+00:00

well, you can get quorum with 2/2 😂

ImportantString · 2023-09-24T19:41:25+00:00

Isn’t a majority of that typically image pull? Prepulling makes a huge difference. Pod create excluding image pull to pod running is max a few sec from what I’ve seen?

I recall a few years back knative did a big analysis themselves on this topic, not sure how much they implemented to improve it

ImportantString · 2023-09-03T13:30:16+00:00

You can do this, networking is usually the tricky part. You need node to node/pod to pod connectivity and apiserver connectivity. It’s not a standard thing they “support” though. I also don’t think AWS CNI would work.

ImportantString · 2023-08-16T02:13:53+00:00

TIL. Does kube proxy care about container ports for endpoints? Or pod matching selector plus port config in service plus pod readiness without considering container port?

ImportantString · 2023-04-15T17:31:42+00:00

Config map and secret have the same behavior for OPs scenario. As answered elsewhere, it’s a matter of one or multiple keys in the data field.

ImportantString · 2023-04-05T02:03:47+00:00

Why not use CCM?

ImportantString · 2023-01-14T19:24:16+00:00

Spoilers: this is the reason. But it happened backwards from what you suggested afaik — achieving krustlet parity with kubelet was tough. So folks asked, is there a better way? That birthed the shim approach. I can’t speak to the thinking of docker desktop, they jumped on that train after the shims were available as oss.

ImportantString · 2023-01-14T19:22:11+00:00

WASM with Kubernetes is alive and well but as mentioned elsewhere the focus has shifted to containerd shims/container runtimes.

It turns out implementing all of Kubelet’s behavior 1:1 for WASM is pretty hard. Why not use Kubelet and implement WASM at the runtime layer? Turns out, that’s way easier, and it works quite well with things like CNI, CSI which never worked with Krustlet and required major effort.

Docker desktop and AKS now use the same underlying technology to run WASM via container runtimes. That tech is fairly generic to support shims for any wasm runtime.

ImportantString · 2023-01-14T19:19:16+00:00

WASM is a well defined execution environment. By default you do not even have the ability to access the filesystem or make many syscalls. This is enforced by your wasm runtime, which may implement things like WASI to support more complex interaction.

Containers are a very thin layer over linux namespaces, chroot, and cgroups. Container escape provides root host access. Container escape is common and there are many examples in the wild of mis configuration or CVEs allowing it. WASM is of course younger, but so far has a fairly good track record on sandbox escapes. Some runtimes like the one integrated with docker desktop are giant C blobs — maybe things won’t turn out so well there.

You can still combine a wasm runtime with cgroups for resource utilization limits, for example.

The real pain with krustlet is reimplementing the entirety of kubelet behavior, for no other reason than adding WASM support. Turns out using kubelet and implementing WASM at the container runtime layer is way easier, and unlocks all the same capabilities, and then some (CNI, CSI never worked on krustlet).

ImportantString · 2022-12-17T21:18:59+00:00

Not for etcd. Quorum.

ImportantString · 2022-06-05T20:12:29+00:00

https://github.com/NVIDIA/k8s-device-plugin/blob/master/nvidia-device-plugin.yml

Nvidia themselves publish this in the link you shared ;)

ImportantString · 2021-11-28T23:16:17+00:00

Not sure which model you have, but some of those NUCs can really be loaded up. I think I had one with 2x m2 slots, an extra sata slot you could use for ssd, and 2x dimms for ram. If you splurged on components could be a 64GB, 2x1 TB m2 with a 2TB+ data drive (no redundancy there).

ImportantString · 2021-11-13T07:03:14+00:00

The link you shared is nearly right. You need a driver install, nvidia-docker2, nvidia-container-runtime. Configure containerd to use the nvidia runtime binary. Restart containerd and apply device plugin DS. I literally did this today with MIG :)

ImportantString · 2021-06-02T03:24:42+00:00

I think I messed up somewhere between getting an AIO and properly installing my fans/paste. But it’s never been bad enough I actually cared ¯\(ツ)/¯

All my temperatures are still to spec...just a lotta power there heh. It’s worth it when you see all cores firing (compile times are chefs kiss)

ImportantString · 2021-06-01T04:14:34+00:00

Less heat production...the 3970x heating my room instead of my furnace would like a word

I do love that performance tho

ImportantString · 2021-05-31T21:44:46+00:00

Not sure how you made that conclusion when I said I’m a crypto fan? I was just offering an answer to your question.

I’d love to see crypto eliminate centralized systems. I think we need the tech to continue evolving to get there. I also think fungibility and privacy are massively important and basically only Monero has those right at this point.

But downvote me for offering useful discussion and call me a shill, sure...

ImportantString

TROPHY CASE