sudneo

Io sto seguendo https://meduza.io/en/live/2023/06/23/yevgeny-prigozhin-s-coup live. È ancora presto per capire cosa succederà. Io sono comunque preoccupato per la mia ragazza che al momento è in Ucraina.

The performance impact usually is negligible. Containers are nothing else than cgroups and a set of namespaces. In fact, you can create a container without any container runtime (podman, docker etc.). It might be that the performance hit was due to an image being built poorly, or the runtime being configured in a strange way? The only metric where there is some performance hit is the network, and that's because - depending on the configuration - the traffic **might ** flow through more hoops. Obviously it is possible to run the containers in the host network namespace, if this is really an issue.

All of this not to try to convince you or to claim your experience is false, is just that I am very surprised, I am aware that containers have some downsides, but usually performance is not really one of them.

I think you are giving waaay too much credit. I would be very happy if that will be the case, but I think the "now we have this and we gotta finish it" narrative is more likely, unfortunately.

That seems to me more a way in for him in the ministry of Defense. Scapegoating current defense minister and replacing him...

That's a LOT of changes. Kudos to all the people involved.

So you are running one instance of autorestic as a sidecar container for every pod whose data you want to backup?

Also, looking at the Dockerfile it seems that the app is running as root?

Really good read. I was not aware of the history in such details, but the argument is very compelling.

For Kubernetes you can use Velero. I tried it, but I didn't like it (overly complex for my use case), so I wrote my own tool.

Essentially the strategy for me is fairly straightforward, but it depends on the data you have.

I have mostly 2 types:

• manifests and configuration. This I have all in git (as I am using flux).
• persistent volumes. I use openEBS, but for a low resources cluster I use host volumes only. For these I have written my tool that simply runs as a daemonset with the whole root of the host mounted in RO and the DAC_read_search capability, queries the API for volumes and backs up using restic the whole PV to Backblaze. Incidentally, this is also the same way I do all my other backups, outside K8s (I.e.borg or restic to b2).

I chose b2 mostly for the price, but any s3 will do. Since all I am uploading there is encrypted anyway, I don't need to worry about the privacy implication of having a third party potentially having access to my data.

Si si, infatti ho specificato "su feddit.it", anche se non si capiva bene. Grazie per la precisazione :)

Da quello che so, la creazione di community su feddit.it è una funzione che solo i gestori dell'istanza hanno. Credo che questo sia (ragionevolmente) per evitare un miliardo di community con pochi iscritti. Credo che puoi discutere dell'idea su https://feddit.it/c/main ?

Really? This type doesn't have any cheese or topping in general on top. It's just a carbs meal with very low fat (basically just the oil), essentially, I don't think it's inherently unhealthy, and my internet search is all over the place with the results.

But I am fully aware my knowledge about the topic is extremely limited.

My very Italian answer is "pizza bianca" . I guess "healthy" depends, but it's generally OK carbs, it's delicious and with few Euros you can buy quite a lot (enough for a lunch).