今日已更新 386 条资讯 | 累计 20358 条内容
关于我们

标签:#devops

找到 359 篇相关文章

AI 资讯

I Read Your AI Agent Logs So You Don't Have To: A $149 Service That Beats Another Dashboard

I Read Your AI Agent Logs So You Don't Have To: A $149 Service That Beats Another Dashboard What if the cheapest fix for your broken AI agent is a stranger reading 40 hours of traces for $149? I spent the last month doing exactly that — reading roughly 40 hours of production logs from teams running LangGraph, CrewAI, and AutoGen agents for paying customers. Not building observability dashboards. Not comparing LangSmith vs Langfuse. Reading the actual traces and writing up what was wrong, what to fix, and in what order. Three observations from those 40 hours: The dashboard was never the problem. Every team already had LangSmith or Helicone or a homegrown equivalent logging every LLM call. None of them were reading the logs. The "fix" was almost always one of seven patterns. I kept seeing the same shapes — stuck retry loops, idempotency gaps, tool-call argument drift, etc. — dressed up in different framework jargon. The teams that asked for "another tool" were the ones least likely to use it. They had 14 tools. The teams that paid for an hour of my time were the ones who said "I don't have time to look at this myself." That second group is who I'm now building a $149 service for. Here's why I think it works, what the deliverable looks like, and where the limits are. Why a $149 fixed-fee reading and not an hourly rate I tested three pricing models against the same deliverable: a written diagnostic of an agent's last 7 days of traces, prioritized fixes with code-level examples, and a 30-minute async follow-up. Model Conversion Avg revenue / inquiry Notes $200/hr (estimated 3hr) 2/40 inquiries $15 (lost 38 to sticker shock) Freelance default, fails on cold traffic $1,500 flat project 0/40 inquiries $0 Above the "I'll just keep it broken" threshold for most small teams $149 fixed diagnostic 11/40 inquiries $41 Below "another contractor" threshold, above "free advice" The $149 number is the inversion point — low enough that a stressed eng lead can expense it without a meet

2026-06-05 原文 →
AI 资讯

Should AI Help Write the Tests, or Change What You Test?

You just merged an AI-assisted feature branch, the code review looks clean, and the app works in your local smoke test. Now comes the real question: do you add another traditional browser test, let an AI tool generate the coverage, or spend the time improving the observability around the existing suite? That decision is where a lot of teams get stuck. AI-assisted development changes more than coding speed. It changes the shape of bugs, the pace of UI churn, the expectations for review, and the amount of test maintenance you can tolerate. If you treat AI testing as a magic replacement for your current process, you will probably add noise. If you ignore it entirely, you miss a chance to reduce repetitive work and catch gaps earlier. The real choice is not AI vs non-AI The useful decision is usually this, should AI help create and maintain tests, should it assist human review, or should it stay out of the critical path and only support investigation? That splits into three practical modes: 1. AI assists development, but humans own test strategy This is the safest default. AI can help draft test cases, suggest assertions, summarize failing traces, or propose missing edge cases, but the team still decides what belongs in the suite. If your product has regulated flows, complex permissions, or revenue-critical paths, that ownership matters more than any automation shortcut. 2. AI generates or heals tests inside a human-defined framework This is useful when the team already knows what it wants to cover, but not every selector, fixture, or assertion has to be hand-written. AI can reduce repetitive maintenance, especially for UI-heavy apps that change often. The hidden cost is that you still need a way to judge whether the generated test reflects product intent or just mirrors the current page state. 3. AI becomes part of the evaluation and triage loop Here the value is not test creation, it is speed of diagnosis. AI can summarize logs, cluster failures, or explain a flaky pa

2026-06-05 原文 →
AI 资讯

Defender zero-days CVE-2026-41091 and 45498 — what defenders should do today (May 2026)

Microsoft published two Defender vulnerabilities on May 19, 2026 that are being actively exploited in the wild, and CISA has already pushed both into the Known Exploited Vulnerabilities catalog. If you run Windows endpoints, this is a same-week update item, not a "schedule it for the next maintenance window" item. The patches exist, the abuse is happening, and the BOD 22-01 deadline for federal civilian agencies is June 3, 2026. what follows: what happened, who needs to act, and what to do today before someone else makes the decision for you. What's being exploited CVE-2026-41091 is an Elevation of Privilege bug in Microsoft Defender's scanning logic, rated Important. The root cause is improper link resolution before file access. An authenticated local attacker plants symbolic links or NTFS junctions that point at attacker-controlled paths, then triggers Defender to follow them. Defender operates with SYSTEM privileges during scan operations, so the file actions Defender performs on those crafted targets execute as SYSTEM. Net result: a non-admin local user gets full SYSTEM on the host. The attacker needs an authenticated session already. That sounds like a high bar until you remember that initial-access malware lands at user-level, then chains a local privilege escalation to get persistence and lateral-movement capability. CVE-2026-41091 is the second-stage tool intrusion sets are looking for. The Hacker News and BleepingComputer both confirm the in-the-wild abuse is happening. CVE-2026-45498 is a Denial of Service in the Microsoft Defender Antimalware Platform itself. Attackers can trigger a platform-level crash that takes Defender's protection capabilities offline. The exploitation pattern here is the obvious one: kill the EDR/AV before deploying the actual payload, get a clean window for follow-on actions, restore Defender or leave it broken depending on how careful the operator is. CISA's KEV listing tells you this is being chained operationally, not a theoreti

2026-06-05 原文 →
AI 资讯

Ansible Vault — Managing Secrets Securely in Ansible and AWX — My DevOps Journey By Sireesha

One thing I kept putting off when I started with Ansible was properly securing my secrets. Passwords, API keys, tokens — they were just sitting in plain text inside my vars files. I knew it was wrong but it worked and I kept moving forward. Then I started thinking about what happens when this goes into GitLab. Anyone with access to the repo can see every password. That's when I properly sat down and learned Ansible Vault — and honestly I wish I'd done it from day one. In this blog I'll walk through how I use Ansible Vault from the command line and then how I handle it properly inside AWX so scheduled jobs and workflow templates can still run without someone manually typing a password every time. What is Ansible Vault? Ansible Vault is a built-in feature that lets you encrypt sensitive data — passwords, keys, tokens — so they can be safely stored in your playbooks and pushed to GitLab without exposing anything. The beauty of it is that it works right inside your existing YAML files. Your playbook structure doesn't change — Vault just encrypts the values that need protecting. What I Was Doing Before — The Wrong Way This is what my vars file looked like before Vault: # vars/main.yml ubuntu_sudo_password : MyPassword123 db_password : SuperSecret456 api_token : abcd1234efgh5678 Pushed straight to GitLab. Anyone with repo access could read every single one of those. Not good. Encrypting a Single Value with Ansible Vault The first thing I learned was how to encrypt just a single variable value — not the entire file. This is cleaner because the rest of the vars file stays readable. ansible-vault encrypt_string 'MyPassword123' --name 'ubuntu_sudo_password' It asks you to create a vault password — this is the master password you'll use to decrypt later. Enter it twice: New Vault password: Confirm New Vault password: The output looks like this: ubuntu_sudo_password : !vault | $ANSIBLE_VAULT;1.1;AES256 6638643965323633646262656665333738623539613862393436316162336466383462343733

2026-06-04 原文 →
AI 资讯

Provide private storage for internal company documents

Create a storage account and configure high availability. Create a storage account for the internal private company documents. In the portal, search for and select Storage accounts . Select + Create . Select the Resource group created in the previous lab. Set the Storage account name to private . Add an identifier to the name to ensure the name is unique. Select Review , and then Create the storage account. Wait for the storage account to deploy, and then select Go to resource . This storage requires high availability if there’s a regional outage. Read access in the secondary region is not required. Configure the appropriate level of redundancy . Explanation A storage account is like a digital locker in the cloud. Resource group is a folder that organizes related services. High availability means your files stay safe even if one region (data center area) has problems Configure Redundancy In the storage account, in the Data management section, select the Redundancy blade . Ensure Geo-redundant storage (GRS) is selected. **Refresh **the page. Review the primary and secondary location information. Save your changes. Explanation : Redundancy means keeping copies of your files in multiple places. GRS ensures your files are copied to another region for safety. Create a storage container, upload a file, and restrict access to the file. Create a private storage container for the corporate data. In the storage account, in the Data storage section, select the Containers blade. Select + Container . Ensure the Name of the container is private . Ensure the Public access level is Private (no anonymous access). As you have time, review the Advanced settings, but take the defaults. It means: don’t change anything in the Advanced settings unless the lab specifically tells you to. Azure already chooses safe, recommended defaults for you. Select Create . Explanation : A container is like a folder inside your storage account. Setting Public access level to Private means nobody can see

2026-06-04 原文 →
AI 资讯

Kubernetes vs Docker (2026): What's the Difference and Which Should You Learn First?

📌 This article was originally published on Sherdil E-Learning . I'm republishing it here so the dev.to community can benefit too. The Kubernetes vs Docker question is one of the most common sources of confusion for developers entering DevOps. People hear both names constantly, see them used together in job listings, and assume they must be competitors. They are not. Docker and Kubernetes do different jobs, and most modern infrastructure uses both. This guide explains what each tool actually does, how they fit together in a real deployment, the practical difference between Docker Compose and Kubernetes, and which one you should learn first. Docker: the container creator Docker is a tool for building, running, and managing containers . A container is a lightweight, portable package that contains an application together with its dependencies, runtime, system libraries, environment variables, and configuration files. The same container runs the same way on a laptop, a CI runner, a production server, or a cloud platform. In a typical Docker workflow you: Write a Dockerfile that describes how to build the image Run docker build to produce the image Run docker run to launch a container from it For multiple containers (a web app plus a database, for example), you use Docker Compose to define the whole set in a docker-compose.yml file and start them with one command. Docker is excellent for individual containers and small multi-container applications. The limitation is scale. What happens when you need a hundred containers across a dozen servers? When one container crashes at 3 a.m.? When you need to roll out a new version without downtime? Docker alone does not solve those problems. For the official reference, see docs.docker.com . Kubernetes: the orchestration layer above Docker Kubernetes (often shortened to K8s ) is an open-source platform that runs containers across many machines as a single coordinated system . It was originally built at Google, based on their internal

2026-06-04 原文 →
AI 资讯

AI-Assisted QA Changes the Testing Job, Not the Testing Need

Internal note to the team, we need to improve test coverage and keep shipping, which means we should treat AI as a helper in the workflow, not as a replacement for testing discipline. AI-assisted development changes the shape of our risk. It can produce more code faster, but it also increases the chance that small logic mistakes, brittle selectors, and shallow test cases slip through review. The answer is not to add more manual checking everywhere. The answer is to be more deliberate about what we review, what we automate, and where we let AI help. What changes when AI writes part of the code The first thing that changes is review. When a developer uses AI to draft a feature, a test, or a refactor, the reviewer is no longer only checking intent and style. The reviewer also needs to check whether the generated code matches the product rule, whether it introduced a hidden dependency, and whether it quietly weakened coverage. That does not mean every AI-assisted change deserves extra ceremony. It means our review checklist should shift from "does this look correct" to "what did the model assume, and did we verify those assumptions?" That is especially important for test code, because generated tests often look plausible even when they do not prove much. Coverage should move from volume to signal AI tends to produce more test cases, but more cases are not the same as better coverage. If a generated test suite repeats the same happy path under slightly different names, the team gets a false sense of safety. Coverage should answer a more practical question, where are we most likely to break the user experience, and where will a test actually catch it? For chat and other AI features, prompt-by-prompt manual checks are a trap. They do not scale, and they encourage a habit of eyeballing output instead of verifying behavior. A better pattern is to build assertions around expected properties, create eval sets for representative prompts, and add regression coverage for failure

2026-06-04 原文 →
AI 资讯

No Trading Firewall: The Publish Gate That Blocks Token Calls

No Trading Firewall Disclosure: AI tools were used for source collection and editorial review. The article was written by a human author, who checked the facts, code, and conclusions. Crypto risk disclosure: This article is a technical explanation, not investment advice. It is not a recommendation to buy, sell or hold any cryptoasset. A no-trading firewall belongs at the publish transition, not in a footer. A draft can be repaired quietly. A public DEV update changes the blast radius, so the pipeline should ask a narrower question before it sends published:true : did the AI-assisted article stay technical, or did it become a token call? The artifact below is a publish-gate test trace. It does not prove legal compliance, DEV acceptance, or model judgment. It only records why a draft can stay editable while the public transition stays blocked. Publish Transition The firewall is easier to audit when the transition is explicit: draft_update: operation: update published: false default: allow repair work to continue public_publish: operation: update published: true default: require clean test trace and human approval Forem's API documentation describes article create and update transport, including the published state. A successful transport is not editorial approval. The gate sits before transport, and it should be stricter when an update moves from draft maintenance to public publication. Test Set The firewall needs a test set, not just a list of forbidden words. These rules are the author's editorial model, not DEV-native, SEC-native, FINRA-native, FTC-native, or OpenAI-native labels. Test case Input excerpt Expected rule Decision Safe output Public transition allowed? T-PRICE-01 "ETH will rip after the next unlock" trading.price_prediction fail Explain the unlock mechanism without forecasting price no T-HOLD-02 "keep holding and farm the safer yield route" trading.buy_sell_hold_call and trading.yield_promise fail Describe signer, slashing, withdrawal, and protocol-ris

2026-06-04 原文 →
AI 资讯

Building a Multi-Agent Security Framework for Kubernetes: Autonomous Detection, Investigation, and Remediation

Kubernetes is the industry standard for scaling cloud-native workloads While it offers tremendous scalability and flexibility, securing Kubernetes environments remains a significant challenge. Organizations often rely on a collection of disconnected security tools to handle vulnerability scanning, runtime monitoring, compliance validation, and incident response. As clusters grow in complexity, security teams face increasing alert fatigue, delayed response times, and difficulties correlating security events across multiple layers of the platform. Recent advancements in Agentic AI present an opportunity to rethink Kubernetes security. Instead of relying solely on static rules and isolated security products, organizations can deploy a collaborative network of AI-powered security agents that continuously monitor, investigate, and remediate threats. This blog explores how a Multi-Agent Security Framework can transform Kubernetes security operations through autonomous detection, investigation, and remediation. The Problem with Traditional Kubernetes Security Modern Kubernetes environments generate security signals from multiple sources: Runtime security tools Container vulnerability scanners Admission controllers Network monitoring systems Compliance platforms Cloud security posture management tools Each system produces valuable information, but most operate independently. Consider a common scenario: A container begins executing suspicious commands. A runtime security platform detects the behavior and raises an alert. However, determining whether the threat is critical requires additional context: Is the pod exposed externally? Does the workload have excessive privileges? Can it access sensitive namespaces? Is lateral movement possible? Does it violate organizational policies? Answering these questions often requires multiple tools and human intervention. This is where multi-agent systems become valuable. What is a Multi-Agent Security Framework? A Multi-Agent Security Fr

2026-06-04 原文 →
AI 资讯

Mutagen 0.4.0 Released: Service Extraction, Bug Crunches, and Fixed Persona Drift

Mutagen 0.4.0 addresses the friction points that plague agentic workflows: context bloat, brittle persona transitions, and the lack of a deterministic path from design document to deployed artifact. We aren't trying to make prompts smarter; we are making the harness that executes them more precise. This release introduces a Rust-based service extraction layer that decouples static dependency mapping from generative reasoning, implements an adversarial verification pipeline to gate deployment, and enforces strict stage transitions to prevent the agent personas we rely on from drifting into one another's scopes. The Service Extraction Layer: Decoupling Logic from LLM Context The primary bottleneck in current agentic stacks is token consumption. When a model attempts to reason about a codebase that spans multiple dependencies, it often spends its context window parsing file headers and resolving imports before it can actually write logic. This approach treats static infrastructure as if it were part of the reasoning problem. Mutagen 0.4.0 changes this by introducing a dedicated Rust layer designed to extract service definitions directly from your codebase without polluting the primary agent context. Instead of asking an LLM to map dependencies, the harness queries the local file system and executes static analysis routines. It isolates business logic execution from the generative reasoning loop used by Claude and Codex. This separation allows the model to focus on how to solve a problem rather than where the pieces are located. In practice, this means offloading static infrastructure queries to the harness rather than the LLM. The result is reduced latency and significantly lower token costs for complex applications. You get a dependency map that is as reliable as a compiler's parse tree, not a probabilistic guess from a prompt. // Example: Service extraction logic isolated from the reasoning loop fn extract_services_from_codebase () -> HashMap < String , Vec < Depende

2026-06-04 原文 →
AI 资讯

How we architected a FedRAMP Moderate boundary on AWS GovCloud for an AI SaaS

Draw the boundary first. Then write Terraform. A federal customer was ready to procure. The architecture was not. This is a redacted write-up of a real engagement: a FedRAMP Moderate authorization boundary built on AWS GovCloud for an AI SaaS vendor selling into federal buyers, against a customer-driven timeline tied to a fiscal year. The context The client ran production on commercial AWS with a strong engineering culture, modern Terraform practice, and zero prior federal experience. A federal customer had committed to procurement contingent on a FedRAMP Moderate path, with an aggressive deadline. The internal team understood the application deeply and had read enough FedRAMP material to know they were in trouble. The architecture decisions that worked beautifully for commercial customers each failed boundary review: shared accounts with the commercial environment a hosted vector store outside the cloud OpenAI behind the application an observability stack running outside the cloud account The remediation list grew faster than the team could keep up with, and the timeline did not move. They reached out for boundary architecture help. Not policy writing, not 3PAO selection. Engineering work to redesign the cloud footprint so the boundary could be drawn cleanly and the assessment could proceed. The approach: boundary before Terraform The most common FedRAMP failure pattern is to start with the existing environment and try to bend it to fit the boundary. We do not do that. The first deliverable was a boundary diagram drawn from scratch, before any IaC was touched, identifying every service inside, outside, and at the edge of the authorization boundary. From the boundary, every other architectural decision derived. The Terraform module library was written against the boundary, not the existing accounts. Identity federation, network architecture, KMS topology, and logging all followed. ┌─────────────────────────── FedRAMP Moderate Boundary (AWS GovCloud) ────────────────

2026-06-04 原文 →
AI 资讯

Cutting HIPAA deploy time 70% with GitLab parent/child pipelines and an Ansible control plane

Parent/child first. Evidence emission second. Ansible control plane third. Every release was a manual evidence collection exercise. The pipeline was the bottleneck. This is a redacted write-up of a real engagement: rebuilding a healthcare SaaS company's CI/CD pipeline across a fleet of Linux hosts on AWS. The context The engineering team had grown faster than the pipeline architecture had evolved. What started as a single-stage GitLab job for a small team had been extended, patched, and worked around as the team scaled past the patterns the original pipeline was built for. The result was familiar. Each deploy took 30 to 45 minutes of mostly-serial execution. Engineers had developed informal habits to work around the slowness, including pushing partial changes outside the pipeline when the timeline got tight. Audit windows were preceded by three-week sprints in which the team manually compiled deployment logs, screenshots of access reviews, and approval chains into PDFs describing what the pipeline was supposed to be doing. The work was technically passing HIPAA audits, but the audit was a snapshot of a system the auditor could not independently verify. The cost was paid twice: the velocity loss on every deploy, and the three-week scramble before each assessment. The team knew the architecture was wrong. They needed engineering hands to redesign it without slowing the product roadmap the audits were already eating into. The approach The redesign moved in three layers. First, decompose the monolithic pipeline into parent/child stages so work can parallelize and the audit boundary of each stage is provable. Second, build structured evidence emission into every stage as a property of how it runs, not an after-the-fact compilation task. Third, layer an Ansible control plane across the host fleet so HIPAA control state is continuously validated, not reviewed quarterly. ┌────────────────────────── Parent Pipeline (.gitlab-ci.yml) ──────────────────────────┐ │ │ │ ┌────────

2026-06-04 原文 →
AI 资讯

Microsoft's Agentic Transformation Playbook Shows Why AI Agent Governance Is Now Infrastructure

Microsoft's Agentic Transformation Patterns Playbook is a useful signal because it does not treat AI agents as another productivity tool. It frames agentic AI as an enterprise operating-model shift: agents are moving from assisting humans to executing work across processes, systems, and teams. The implication for software teams is sharper than it looks -- coding agents are on the same trajectory, and architectural governance becomes part of the infrastructure stack the moment agents start executing. Microsoft's playbook describes six transformation patterns and emphasizes that each pattern requires different ownership, governance, and operating discipline. That is the move worth paying attention to. It reframes agentic AI from a model question into an enterprise operating-model question. That shift matters for software teams because coding agents are following the same path. They are moving from autocomplete to execution. Once agents edit files, open PRs, modify infrastructure, or coordinate multi-step changes, architectural governance becomes infrastructure. What is Microsoft's Agentic Transformation Playbook? Microsoft's playbook is a practical guide for choosing, scaling, and operating AI agents across the enterprise. Public summaries describe it as a 52-slide guide covering six transformation patterns, from employee productivity to core business processes and customer-facing agents. The throughline is that agents are not a single category -- they are a family of patterns with different ownership models, different risk surfaces, and different requirements for governance. That framing matters because it cuts against the dominant adoption narrative. Most enterprises are still treating AI as a per-team productivity story: this team gets Copilot, that team gets an internal assistant, another team is piloting an agent for support tickets. Microsoft is arguing that the pattern of deployment determines the operating discipline required, and that ad-hoc deployment does n

2026-06-04 原文 →
AI 资讯

Agent Runtime Governance: The Next AI Infrastructure Layer

Google's Managed Agents announcement is one of the clearest signals yet that the AI industry is moving beyond stateless tool calling toward persistent execution environments and long-running agent systems. That shift expands what models can do. It also expands the governance surface -- from prompt and PR review into the runtime itself. We spent two years building brains in jars For most of the current AI cycle, the system around the model has been thin. Models could reason, propose commands, and orchestrate small tool calls. But they ran in short sessions, against narrow APIs, under human supervision, with ephemeral state. The model was a brain; the body was a few HTTP requests and a JSON tool schema. That assumption is ending. The frontier is not just better reasoning. It is a body for the brain. The brain finally has a body. Now it needs governance. The runtime layer for AI agents is arriving Google Managed Agents (and the parallel motion across the ecosystem -- OpenAI's containerized execution work, Claude Code's persistent sessions, MCP-based tool ecosystems, hosted agent harnesses) formalizes the runtime as a product: Sandboxed execution Persistent state across sessions Orchestration loops Infrastructure-native agents Agent-as-a-service lifecycle Long-running sessions Mid-session tool injection Managed runtime lifecycle This resembles the transition from scripts -> applications -> cloud platforms. Agents are no longer just calling tools. They are beginning to inhabit programmable environments . Why persistent agent systems change governance Once agents can continuously modify filesystems, maintain state across sessions, autonomously remediate, inject tools dynamically, operate against production systems, and coordinate across workflows, governance failures stop being one-off review misses. They compound over time . What that compounding looks like: Architectural drift -- small deviations accumulate across long-running sessions Policy propagation failures -- con

2026-06-04 原文 →
AI 资讯

The Acceleration Whiplash and the Governance Gap

The Faros AI Engineering Report 2026 is not a survey of developer sentiment. It is two years of telemetry from 22,000 developers across 4,000 teams, measuring what AI adoption actually produces downstream. The findings have a name: the Acceleration Whiplash. The structural explanation has one too. What the telemetry actually shows The output numbers in the Faros report are real and worth stating plainly. Epics completed per developer are up 66.2%. Task throughput per developer is up 33.7%. PR merge rate per developer is up 16.2%. These represent genuine delivery acceleration, and dismissing them would be dishonest. AI coding tools are producing real productivity gains at the business level. The production quality numbers are also real: Metric Change Incidents per PR under high AI adoption +242.7% Median time in code review +441.5% Code churn (lines deleted to lines added) +861% PRs merged with no review at all 31.3% Source: Faros AI Engineering Report 2026: The Acceleration Whiplash . Telemetry from 22,000 developers across 4,000+ teams. Figures represent metric change from lowest to highest AI adoption periods within each organization. Both sets of numbers are true simultaneously. That is the whiplash. Throughput accelerated. The downstream systems built to validate that throughput did not. Plotted together, generation throughput rises steeply while control capacity stays nearly flat -- and the gap between the two curves is the governance debt. Why the systems did not scale Code review, incident response, and architectural validation were all designed for a world where development velocity was human-paced. A senior engineer could review the meaningful PRs in a sprint. An incident postmortem could trace a failure to a specific change and a specific decision gap. Architectural drift was visible because it moved slowly enough to catch. AI-generated code broke these assumptions quietly. Not because the code was obviously bad, but because it was often superficially conv

2026-06-04 原文 →
AI 资讯

Docker on Proxmox LXC: What Actually Works (and Why Unprivileged Doesn't)

The Setup I run a Proxmox 9 homelab (pve-manager/9.0.5, kernel 6.14.8-2-pve) and I needed to run Docker inside an LXC container — not a VM — to test a customer-style "bring-your-own-VPS" deployment path for a PaaS I'm building. The container had to act like a standard Ubuntu cloud VM: Docker, systemd, the works. LXC over a full VM gets me near-bare-metal performance, a fraction of the RAM overhead, and instant boots. The catch: the "Docker on LXC" recipes you'll find on most blog posts and Proxmox forum threads are out of date . They assume kernel 5.x and runc 1.1.x. On a modern Proxmox (kernel 6.14 + runc 1.2+ shipped with Docker 29) those recipes fail in two new and confusing ways before you even reach the workarounds we used to know about. This article walks through exactly what fails, why it fails, and the config that actually works in 2026 — plus an honest look at the security tradeoffs, because spoiler: the working config is privileged , and that matters. The Goal A Proxmox LXC container that can: Run docker run hello-world cleanly Pull and build complex images (multi-stage builds, overlay2 storage driver) Run nested containers with their own systemd Use systemd --user for per-service lingering processes Attempt 1: Unprivileged LXC (the path you "should" take) Conventional wisdom says: use unprivileged LXC. The container's root is mapped to an unprivileged UID on the host (typically 100000 ), so even a full container compromise can't escape to host root. Modern Proxmox makes this the default and recommended mode. I started with an unprivileged Ubuntu 25.04 container, added the now-standard features: pct set <vmid> -features nesting = 1,keyctl = 1,fuse = 1 Then inside the container, installed Docker from the official download.docker.com repo and ran: docker run --rm hello-world Here's what happened: docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start

2026-06-03 原文 →
AI 资讯

Creating Robust systemd Services for Embedded Applications

There is a moment every embedded Linux developer hits eventually. You have spent days building something that works beautifully — a sensor pipeline, a streaming server, an MQTT client — and then you reboot the device and everything is silent. Nothing started. You SSH in, manually run your script, and it all comes back to life. The hardware is fine. Your code is fine. You just have no way of automatically running it. That is the gap systemd fills. It is the init system on virtually every modern Linux distribution, and on embedded Linux systems like the Raspberry Pi it is what decides what runs at boot, what gets restarted if it crashes, and where all the logs go. Once you understand how to write a service file, your applications stop being fragile scripts you need to babysit and start being first-class system services that survive reboots, network drops, and unexpected crashes. This tutorial builds up from the simplest possible service file to a production-ready configuration, explaining every line along the way. By the end you will have a service running your own Python application, logging to the system journal, and automatically restarting itself after failures. See Complete Tutorial in Github: Systemd Services Tutorial What systemd Actually Does Before writing any configuration, it helps to understand what problem systemd is solving, because the design of service files makes much more sense once you see the underlying model. When your Raspberry Pi boots, the Linux kernel starts and immediately hands control to process ID 1 — the very first user-space process. On modern systems, that process is systemd . Everything that happens next — mounting filesystems, bringing up the network, starting your application — is orchestrated by systemd. It reads configuration files called unit files that describe what should be started, when, in what order, and what to do if something goes wrong. A service file is just one type of unit file (there are also unit files for timers, so

2026-06-03 原文 →