profile
viewpoint
zhangwei_cs WeiZhang555 Kata Containers Beijing, China weizhang555.github.io Former Kata Containers Architecture Committee, Container Fans, Cloud Native developer. Live long and prosper!

WeiZhang555/agent 0

Virtual Machine agent for hardware virtualized containers

WeiZhang555/bilibili_go_server 0

https://github.com/openbilibili/go-common/

WeiZhang555/blessed-contrib 0

Build terminal dashboards using ascii/ansi art and javascript

WeiZhang555/bolt 0

An embedded key/value database for Go.

WeiZhang555/cc-oci-runtime 0

OCI (Open Containers Initiative) compatible runtime

WeiZhang555/cgroups 0

cgroups package for Go

WeiZhang555/clair 0

Container Vulnerability Analysis Service

WeiZhang555/cni 0

Container Network Interface

WeiZhang555/containerd 0

Standalone Container Daemon

startedgo-swagger/go-swagger

started time in a month

issue commentWeiZhang555/weizhang555.github.io

Notary介绍

@hixichen 可以看到由于这个用户由于没有合法的密钥,是无法给image做签名的。但是镜像上传成功了。这部分理论上应该有registry的身份认证拦截。 是因为notary 设计的时候只是考虑download, not the upload?

实际上这个是由于registry和notary没有交互造成的。docker第一步先push镜像到registry里面,第二步才做签名,两步是分离的,因而第一步成功第二步失败的时候,就有垃圾image存到了registry里面。

理想的解决方案是registry和notary做在一起或者要有交互,image+签名一次性push上去,增加原子性保证,一起成功或者一起失败,而不能只失败第二步。

WeiZhang555

comment created time in 2 months

startedonevcat/OneV-s-Den

started time in 2 months

issue commentopen-policy-agent/opa

rego policy has poor performance

@tsandall OK. Thanks for your help any way 😄

WeiZhang555

comment created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

Notary介绍

https://weizhang555.github.io/2018/12/Notary%E4%BB%8B%E7%BB%8D/

  1. TUF

created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

kubernetes安装指南

https://weizhang555.github.io/2019/12/kubrenetes%E5%AE%89%E8%A3%85%E6%8C%87%E5%8D%97/

kubeadm安装三节点集群

created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

docker-runc主机逃逸漏洞复现:CVE-2019-5736

https://weizhang555.github.io/2019/12/runc%E4%B8%BB%E6%9C%BA%E9%80%83%E9%80%B8%E6%BC%8F%E6%B4%9E%E5%A4%8D%E7%8E%B0/

尝试了github上的示例: https://github.com/Frichetten/CVE-2019-5736-PoC 复现成功。

created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

创建kata的K8s集群

https://weizhang555.github.io/2018/08/create-k8s-cluster-with-kata/

本文介绍下如何创建kata的k8s集群,kata项目链接:https://github.com/kata-containerskata是什么不介绍了,能看到这篇文章的相信对kata都已经有一定了解了。

created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

Kernel调试基础--制作initramfs

https://weizhang555.github.io/2018/04/make-initramfs-for-qemu-start/

通过自己制作initramfs可以使用qemu启动自定义的内核,可以用于调试或测试。这里记录一下制作简单的initramfs的脚本,方便后续使用。

created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

Kata Containers介绍,附上演讲ppt

https://weizhang555.github.io/2018/04/kata-containers-introduction/

最近在51cto举办的meetup上做了关于Kata Containers的演讲,KataContainers是github上的新项目,前身是Intel的clear container和Hyper的runv,融合了普通容器的轻快和虚拟机的高隔离高安全性的优点。

created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

containerd源码阅读(1)--框架篇

https://weizhang555.github.io/2017/09/containerd-code-analysis/

  1. 简介

created time in 2 months

issue commentWeiZhang555/weizhang555.github.io

runc源码阅读

test

WeiZhang555

comment created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

runc源码阅读

https://weizhang555.github.io/2017/09/runc-code-analysis/

runc是docker的核心底层依赖,是容器运行的runtime,目前所属的仓库是opencontainers/runc,是docker将原先的libcontainer模块独立出来,并贡献给oci社区的产物。

created time in 2 months

issue closedWeiZhang555/weizhang555.github.io

Kata Containers介绍,附上演讲ppt

https://weizhang555.github.io/2018/04/kata-containers-introduction/

closed time in 2 months

WeiZhang555

issue closedWeiZhang555/weizhang555.github.io

Kernel调试基础--制作initramfs

https://weizhang555.github.io/2018/04/make-initramfs-for-qemu-start/

closed time in 2 months

WeiZhang555

issue closedWeiZhang555/weizhang555.github.io

创建kata的K8s集群

https://weizhang555.github.io/2018/08/create-k8s-cluster-with-kata/

closed time in 2 months

WeiZhang555

issue closedWeiZhang555/weizhang555.github.io

Notary介绍

https://weizhang555.github.io/2018/12/Notary%E4%BB%8B%E7%BB%8D/

closed time in 2 months

WeiZhang555

issue closedWeiZhang555/weizhang555.github.io

docker-runc主机逃逸漏洞复现:CVE-2019-5736

https://weizhang555.github.io/2019/12/runc%E4%B8%BB%E6%9C%BA%E9%80%83%E9%80%B8%E6%BC%8F%E6%B4%9E%E5%A4%8D%E7%8E%B0/

closed time in 2 months

WeiZhang555

issue closedWeiZhang555/weizhang555.github.io

kubernetes安装指南

https://weizhang555.github.io/2019/12/kubrenetes%E5%AE%89%E8%A3%85%E6%8C%87%E5%8D%97/

closed time in 2 months

WeiZhang555

issue closedWeiZhang555/weizhang555.github.io

containerd源码阅读(1)--框架篇

https://weizhang555.github.io/2017/09/containerd-code-analysis/

closed time in 2 months

WeiZhang555

issue closedWeiZhang555/weizhang555.github.io

runc源码阅读

https://weizhang555.github.io/2017/09/runc-code-analysis/

closed time in 2 months

WeiZhang555

issue commentWeiZhang555/weizhang555.github.io

起个头

测试

WeiZhang555

comment created time in 2 months

issue openedWeiZhang555/weizhang555.github.io

起个头

https://weizhang555.github.io/2017/09/first-page/

之前也在其他地方开过博客,每次都坚持不了多久,零零散散写一些,回头看一下没多少有价值的东西。这次搬家到github pages上面,算是个新的开始,旧的东西就随风而去吧,不带过来了。

created time in 2 months

issue closedWeiZhang555/weizhang555.github.io

起个头

https://weizhang555.github.io/2017/09/first-page/

closed time in 2 months

WeiZhang555

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha aa25e5d44621539f04c58167095bfdbe195f603b

gittalk: swtich from gitment to gittalk gitment has expired certificate,switch to gittalk Signed-off-by: Wei Zhang <fangcun.zw@antfin.com>

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha 7d486d554cac22399e5fc40bd876b3550c9e43d0

gittalk: swtich from gitment to gittalk gitment has expired certificate,switch to gittalk Signed-off-by: Wei Zhang <fangcun.zw@antfin.com>

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha d8529f25e8a9885b81c78e85baa748ec1ea06b30

fix login error can't login, try to fix github comment login error Signed-off-by: Wei Zhang <fangcun.zw@antfin.com>

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha 5bedb32b838fb36a5ecac22a6f488b0861c0f7fd

fix login error can't login, try to fix github comment login error Signed-off-by: Wei Zhang <fangcun.zw@antfin.com>

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha 6efdc02bf248afc244313c99e54413732dcce1ed

fix login error can't login, try to fix github comment login error Signed-off-by: Wei Zhang <fangcun.zw@antfin.com>

view details

push time in 2 months

issue commentWeiZhang555/weizhang555.github.io

Can not leave comment even after login with github account

@hixichen Oops, which article? I need to check what happened, thanks for reporting!

hixichen

comment created time in 2 months

more