Xavier Vello
Software engineer @ Datadog
Xavier is a data-addicted software engineer. After using instrumentation and data to optimize industrial equipment’s turnaround times and designing real-time feedback algorithms to help athletes perfect their technique, he is now part of Datadog’s container-monitoring engineering team. There, he chews orchestrator betas for breakfast and investigates how to get more and more insights on your containerised workload.
Talks
| 2017 | Datadog presents: Container monitoring challenges: isolation vs instrumentation |
|---|---|
|
45'
|
Containers provide increased security through isolation and rule-based access control. While this is a great improvement, this proved to be a challenge at Datadog for effectively instrumenting and monitoring containerised workloads. In this talk, we will go through several of the technical issues we encountered while developing container-aware instrumentation, and how what we learned can be leveraged to improve your deployment’s security and performance.
- Cgroup hierarchies: limits and accounting
- Kernel namespacing: what do --net, --pid, --privileged imply?
- Host-local traffic through Unix Domain Sockets: performance gains and origin detection thanks to ancillary data
- How to secure you Docker socket?
|
