From 7aef60d2007b816b79db6463badbbc6fb50037de Mon Sep 17 00:00:00 2001 From: Raj Patil Date: Thu, 16 Jan 2025 11:15:45 +0530 Subject: [PATCH] updates Signed-off-by: Raj Patil --- Content/20230718223411-flow.org | 2 +- Content/20231129193025-processing.org | 1 + Content/20240212173904-cloud_computing.org | 4 +- Content/20240215173927-virtualization.org | 7 ++++ Content/20241102081419-multitenancy.org | 42 +++++++++++++------ ...2085521-identity_and_access_management.org | 2 +- Content/20250101161813-resumes.org | 4 +- Content/20250112191057-dunning_kruger.org | 8 ++++ Content/20250115144143-i_o.org | 5 +++ Content/20250116092003-mma.org | 17 ++++++++ Content/20250116092711-lucidity.org | 5 +++ Content/20250116092857-kick_boxing.org | 8 ++++ Content/20250116095536-jeet_kune_do.org | 9 ++++ Content/20250116104532-k8s_multitenancy.org | 19 +++++++++ Content/20250116104757-data_privacy.org | 5 +++ Content/20250116104858-rbac.org | 6 +++ Content/20250116105448-virtual_clusters.org | 5 +++ Content/20250116105946-network_policies.org | 8 ++++ Content/20250116110616-the_noisy_neighbor.org | 5 +++ 19 files changed, 145 insertions(+), 17 deletions(-) create mode 100644 Content/20250112191057-dunning_kruger.org create mode 100644 Content/20250115144143-i_o.org create mode 100644 Content/20250116092003-mma.org create mode 100644 Content/20250116092711-lucidity.org create mode 100644 Content/20250116092857-kick_boxing.org create mode 100644 Content/20250116095536-jeet_kune_do.org create mode 100644 Content/20250116104532-k8s_multitenancy.org create mode 100644 Content/20250116104757-data_privacy.org create mode 100644 Content/20250116104858-rbac.org create mode 100644 Content/20250116105448-virtual_clusters.org create mode 100644 Content/20250116105946-network_policies.org create mode 100644 Content/20250116110616-the_noisy_neighbor.org diff --git a/Content/20230718223411-flow.org b/Content/20230718223411-flow.org index 9aa5676..a36a159 100644 --- a/Content/20230718223411-flow.org +++ b/Content/20230718223411-flow.org @@ -2,7 +2,7 @@ :ID: 20230718T223411.394444 :END: #+title: flow -#+filetags: :book: +#+filetags: :meta:book: * Key takeaways diff --git a/Content/20231129193025-processing.org b/Content/20231129193025-processing.org index 90ec063..6524049 100644 --- a/Content/20231129193025-processing.org +++ b/Content/20231129193025-processing.org @@ -1,5 +1,6 @@ :PROPERTIES: :ID: 8afb9d29-252b-4f17-ad42-700444fe4464 +:ROAM_ALIASES: Compute :END: #+title: Processing #+filetags: :meta: diff --git a/Content/20240212173904-cloud_computing.org b/Content/20240212173904-cloud_computing.org index 6d158dd..d8e7f4b 100644 --- a/Content/20240212173904-cloud_computing.org +++ b/Content/20240212173904-cloud_computing.org @@ -4,13 +4,15 @@ #+title: Cloud Computing #+filetags: :root:cloud:programming: -In the context of [[id:5c2039f5-0c44-4926-b2d7-a8bf471923ac][Software Engineering]], see [[id:739d8493-d7a6-4eee-b31a-44d087f4fb42][cloud native]] +In the context of [[id:5c2039f5-0c44-4926-b2d7-a8bf471923ac][Software Engineering]], see [[id:739d8493-d7a6-4eee-b31a-44d087f4fb42][cloud native]]. +In the context of [[id:a9430614-4e6e-41ff-9788-0f51c2867e74][Hardware]], see [[id:fc34b43d-57e6-49a7-a678-8ec9df4d0c55][virtualization]] * Distilled Most of the services a cloud vendor provides can be segregated along the dimensions (via qualitative and quantitative elaborations) of: - Compute - Storage - Networking + * Abstract This is an epistemological dive into the nature of cloud computing services. diff --git a/Content/20240215173927-virtualization.org b/Content/20240215173927-virtualization.org index 5cb9dd6..ecd6991 100644 --- a/Content/20240215173927-virtualization.org +++ b/Content/20240215173927-virtualization.org @@ -9,6 +9,13 @@ A form of [[id:20230715T174319.700414][mapping]] that allows one to simulate som This something can be compute, storage or networking [[id:a9430614-4e6e-41ff-9788-0f51c2867e74][Hardware]]. Exploring in depth, specifically in the context of [[id:7291bab2-4e69-47ad-ae37-f3da260b1d89][Linux Virtualization]] + +The overarching aspects to consider when dealing with virtualization: + - [[id:8afb9d29-252b-4f17-ad42-700444fe4464][Compute]] + - [[id:a4e712e1-a233-4173-91fa-4e145bd68769][Network]] + - [[id:18491388-2dcc-488f-8f33-00582cf0f77e][Storage]] + - [[id:6c4c5f5c-eb8e-461c-9d70-47b2acf010b2][I/O]] + * Hypervisor This is the software responsible for the indirection of resources into symbolic units in the virtualized machines. Two basic types: diff --git a/Content/20241102081419-multitenancy.org b/Content/20241102081419-multitenancy.org index 92ca528..6782cf8 100644 --- a/Content/20241102081419-multitenancy.org +++ b/Content/20241102081419-multitenancy.org @@ -8,40 +8,44 @@ ** *Definition* Multitenancy is a software architecture where a single instance of a software application serves multiple customers, referred to as tenants. Each tenant's data is isolated and remains invisible to other tenants. +The strategic choices needed to facilitate the of this isolation is what makes this an interesting engineering exercise + ** *Components*: - *Tenant*: An individual user, a group, or an organization that uses the shared software service but experiences it as though it is solely dedicated to their use. + - *Instance*: A single deployment of the software solution that supports multiple tenants. + - *Isolation*: Techniques that keep tenant data and configurations separate from one another to ensure privacy and personalization. -** *Types of Multitenancy*: +** *Types of Multitenancy(Product Orientation)*: + - *Physical Multitenancy*: Different physical machines host different tenants. + - *Virtual Multitenancy*: Virtualization technology allows multiple tenants to share hardware resources. + - *Application-Level Multitenancy*: A single application serves multiple tenants, typically providing each with a customizable experience. ** *Benefits*: + - *Cost Efficiency*: Reduced operational costs as resources are shared among tenants. + - *Scalability*: Easier scaling since the architecture is designed to accommodate multiple tenants. + - *Simplified Management*: Centralized management and updates for software applications. ** *Challenges*: + - *Security Concerns*: Potential risks of data breaches or leaks between tenants. + - *Customization*: Balancing between offering shared resources and the customization needs of different tenants. + - *Performance*: Ensuring that the performance is optimal and equitable across all tenants. ** *Applications*: - - Widely used in SaaS (Software as a Service) products like CRM systems. - - Employed in cloud computing platforms to optimize resource utilization. - -** Connections and Insights -- Multitenancy aligns with the broader trends in cloud computing and SaaS, providing a practical means of delivering services at scale. -- Physical, virtual, and application-level multitenancy represents a spectrum of implementation strategies, each with trade-offs in terms of cost, performance, and security. + - Widely used in [[id:cbcb26f4-dd24-4f59-8003-25573a7cd034][SaaS]] (Software as a Service) -** Exploring Further - -- How do differing implementations of multitenancy impact the scalability and flexibility of a SaaS product? -- What best practices exist for ensuring data isolation and security in a multitenant architecture? -- How does multitenancy compare with single-instance architectures in terms of cost and operational efficiency? + - Employed in [[id:bc1cc0cf-5e6a-4fee-b9a5-16533730020a][cloud computing]] platforms to optimize resource utilization. * Data Isolation Mechanisms ** Primal Types @@ -57,9 +61,21 @@ Multitenancy is a software architecture where a single instance of a software ap ** Connections and Insights - Logical isolation balances resource efficiency with data separation, suitable for environments where cost is a concern. + - Dedicated schema and separate databases increase isolation but might introduce higher complexity and costs. -- Encryption serves as a critical layer of security across all types. +- Encryption serves as a critical layer of security across all types. +* Explicit Aspects +** [[id:11c09e36-bdef-4977-9142-6d8ec0e697ba][QoS]] +** [[id:7a7aad21-1c48-4d2c-9962-9a39e5bfe554][Data Privacy]] +** [[id:03f2c24c-ff4f-4ea7-a3b1-fa44ebd81a62][The Noisy Neighbor]] +** [[id:f2a87da7-b720-487b-87ad-1ff25ce4283a][Network Policies]] +* Fundamental Aspects +** [[id:d4f81cb7-e01b-4115-b8a1-9a303a82699d][Principle of Least Privelege]] +* Relevant Flavours +** [[id:607feebd-1de7-438e-906a-ddcb29e81ed1][K8s-MultiTenancy]] * Resources - https://www.ranthebuilder.cloud/videos + - https://kubernetes.io/docs/concepts/security/multi-tenancy/ + - https://www.cloudflare.com/learning/cloud/what-is-multitenancy/ diff --git a/Content/20241102085521-identity_and_access_management.org b/Content/20241102085521-identity_and_access_management.org index 203ddea..7fa202f 100644 --- a/Content/20241102085521-identity_and_access_management.org +++ b/Content/20241102085521-identity_and_access_management.org @@ -2,4 +2,4 @@ :ID: 4e1d433c-9f6b-46c7-ad06-4f8bf798785e :END: #+title: Identity and Access Management -#+filetags: :sec: +#+filetags: :cs:sec: diff --git a/Content/20250101161813-resumes.org b/Content/20250101161813-resumes.org index 5009f29..67633bb 100644 --- a/Content/20250101161813-resumes.org +++ b/Content/20250101161813-resumes.org @@ -23,7 +23,9 @@ From time to time, I land up in an interesting corner of the internet and find i - https://karthinks.com/ ** Mark Watson - https://markwatson.com/ -** [[id:fbd38417-13a0-4cda-b256-ee1ab94048f0][Paul Graham]] +** Patrick McKenzie + - https://www.kalzumeus.com/ +** Paul Graham - https://paulgraham.com/ ** Protesilaos Stavrou - https://protesilaos.com/ diff --git a/Content/20250112191057-dunning_kruger.org b/Content/20250112191057-dunning_kruger.org new file mode 100644 index 0000000..e8d845c --- /dev/null +++ b/Content/20250112191057-dunning_kruger.org @@ -0,0 +1,8 @@ +:PROPERTIES: +:ID: d543f055-3129-440b-9ff0-85a19b12b101 +:END: +#+title: Dunning Kruger +#+filetags: :meta: + +* Resources + - https://en.wikipedia.org/wiki/Dunning–Kruger_effect diff --git a/Content/20250115144143-i_o.org b/Content/20250115144143-i_o.org new file mode 100644 index 0000000..04d91b8 --- /dev/null +++ b/Content/20250115144143-i_o.org @@ -0,0 +1,5 @@ +:PROPERTIES: +:ID: 6c4c5f5c-eb8e-461c-9d70-47b2acf010b2 +:END: +#+title: I/O +#+filetags: :meta:cs: diff --git a/Content/20250116092003-mma.org b/Content/20250116092003-mma.org new file mode 100644 index 0000000..a6e1a24 --- /dev/null +++ b/Content/20250116092003-mma.org @@ -0,0 +1,17 @@ +:PROPERTIES: +:ID: 47545184-3ff9-4533-a756-932a9e480cda +:END: +#+title: MMA +#+filetags: :mma: + +* Stream +** 0x2341 + - two days ago, I moved my workouts from full-body power-building sessions into kick-boxing lessons. + - inspired by the [[id:e57d90a9-7a2b-4fd4-927c-9b6525411625][jargon file]]: http://www.catb.org/~esr/jargon/html/physical.html + - I've already begun experiencing minor bouts of [[id:20230718T223411.394444][flow]] in the first two sessions and was unknowingly practicing the 1-2 (jab-cross) in a [[id:e8c4ec47-e30f-4d02-af22-c450b6e96968][lucid dream]] + - really sore and can already see how shit my conditioning and endurance is + - initiating the season to build a weapon of a body and mind + - also started reading "[[id:cd004234-c3dd-4e76-ae77-7b2fd15e0beb][kick-boxing]]" by Pat O'Keeffe + - I'll also be maintaining epistemological and pragmatic accounts of whatever combat sports I explore in my life + - some interesting reads: https://www.clearerthinking.org/post/lessons-in-truth-seeking-from-the-world-of-martial-arts + - It also all began quite a while ago (~4 years) when I read Bruce Lee's Biography by Matthew Poly and learned about [[id:347ed26c-bbb4-4d15-a705-6df388f55d02][Jeet Kune Do]] diff --git a/Content/20250116092711-lucidity.org b/Content/20250116092711-lucidity.org new file mode 100644 index 0000000..0615d2c --- /dev/null +++ b/Content/20250116092711-lucidity.org @@ -0,0 +1,5 @@ +:PROPERTIES: +:ID: e8c4ec47-e30f-4d02-af22-c450b6e96968 +:END: +#+title: Lucidity +#+filetags: :mind:meta: diff --git a/Content/20250116092857-kick_boxing.org b/Content/20250116092857-kick_boxing.org new file mode 100644 index 0000000..14f2d65 --- /dev/null +++ b/Content/20250116092857-kick_boxing.org @@ -0,0 +1,8 @@ +:PROPERTIES: +:ID: cd004234-c3dd-4e76-ae77-7b2fd15e0beb +:END: +#+title: Kick Boxing +#+filetags: :mma: + +* Resources + - https://budodragon.com/the-best-kickboxing-books/ diff --git a/Content/20250116095536-jeet_kune_do.org b/Content/20250116095536-jeet_kune_do.org new file mode 100644 index 0000000..a5b48f9 --- /dev/null +++ b/Content/20250116095536-jeet_kune_do.org @@ -0,0 +1,9 @@ +:PROPERTIES: +:ID: 347ed26c-bbb4-4d15-a705-6df388f55d02 +:END: +#+title: Jeet Kune Do +#+filetags: :mma: + + +* Resources + - https://bruceleefoundation.org/jeetkunedo/ diff --git a/Content/20250116104532-k8s_multitenancy.org b/Content/20250116104532-k8s_multitenancy.org new file mode 100644 index 0000000..27352ff --- /dev/null +++ b/Content/20250116104532-k8s_multitenancy.org @@ -0,0 +1,19 @@ +:PROPERTIES: +:ID: 607feebd-1de7-438e-906a-ddcb29e81ed1 +:END: +#+title: K8s-MultiTenancy +#+filetags: :cs:k8s: + +See [[id:49b0dd1e-ca9e-46fa-a0b9-db0ec330833d][MultiTenancy]] + +* Supplementary Misc Aspects +** Control and Data + - Control Plane (masters) + - Data Plane Tenancy + +* Mechanisms +** [[id:92f509f7-5b8f-4beb-a66c-7890e79c84a3][Namespaces]] +** [[id:1d52ebeb-5e1f-4069-8c36-99611fa0659b][Virtual Clusters]] +* Resources + - https://kubernetes.io/docs/concepts/security/multi-tenancy/ + - https://github.com/kubernetes/community/blob/master/sig-multicluster/README.md diff --git a/Content/20250116104757-data_privacy.org b/Content/20250116104757-data_privacy.org new file mode 100644 index 0000000..70d58f2 --- /dev/null +++ b/Content/20250116104757-data_privacy.org @@ -0,0 +1,5 @@ +:PROPERTIES: +:ID: 7a7aad21-1c48-4d2c-9962-9a39e5bfe554 +:END: +#+title: Data Isolation +#+filetags: :cs:sec: diff --git a/Content/20250116104858-rbac.org b/Content/20250116104858-rbac.org new file mode 100644 index 0000000..279ce94 --- /dev/null +++ b/Content/20250116104858-rbac.org @@ -0,0 +1,6 @@ +:PROPERTIES: +:ID: fa347a1f-3277-41ff-8643-63e8aecd2869 +:ROAM_ALIASES: "Role Based Access Control" +:END: +#+title: RBAC +#+filetags: :sec:cs: diff --git a/Content/20250116105448-virtual_clusters.org b/Content/20250116105448-virtual_clusters.org new file mode 100644 index 0000000..40a972d --- /dev/null +++ b/Content/20250116105448-virtual_clusters.org @@ -0,0 +1,5 @@ +:PROPERTIES: +:ID: 1d52ebeb-5e1f-4069-8c36-99611fa0659b +:END: +#+title: K8S Virtual Clusters +#+filetags: :k8s: diff --git a/Content/20250116105946-network_policies.org b/Content/20250116105946-network_policies.org new file mode 100644 index 0000000..17e0def --- /dev/null +++ b/Content/20250116105946-network_policies.org @@ -0,0 +1,8 @@ +:PROPERTIES: +:ID: f2a87da7-b720-487b-87ad-1ff25ce4283a +:END: +#+title: Network Isolation +#+filetags: :cs:sec: + +* Relevant Nodes +** [[id:821aa28f-c16d-4982-bfc7-e1c9cf82c987][Service Meshes]] diff --git a/Content/20250116110616-the_noisy_neighbor.org b/Content/20250116110616-the_noisy_neighbor.org new file mode 100644 index 0000000..e4ca668 --- /dev/null +++ b/Content/20250116110616-the_noisy_neighbor.org @@ -0,0 +1,5 @@ +:PROPERTIES: +:ID: 03f2c24c-ff4f-4ea7-a3b1-fa44ebd81a62 +:END: +#+title: The Noisy Neighbor +#+filetags: :cs:meta: