Software systems

Docker containers have been widely used by organizations because they are lightweight and single hardware can run multiple instances of a container. However, this ease of virtualization comes with weaker isolation as compared to virtual machines. A compromised container can allow the attacker to escape to the host and gain privileged access. Several approaches have been developed to reduce the...

This article begins with an overview of the central aspects of frameworks, then dives deeper into the benefits of frameworks, tradeoffs they entail, and the most important features we recommend implementing. Finally, we'll describe a practical application of frameworks at Google: how developing a microservices platform allowed us to break up Google's monolithic codebase, and how frameworks...

Computing demand continues to grow exponentially, largely driven by "big data" processing on hyperscale data stores. At the same time, the slowdown in Moore's law is leading the industry to embrace custom computing in large-scale systems. Taken together, these trends motivate the need to characterize live production traffic on these large data processing platforms and understand the opportunity...

Like all other Internet applications, the Domain Name System (DNS) depends on the Internet’s routing system, which controls the data paths across the Internet’s more than 70,000 autonomously managed networks. A longstanding problem with the routing system is that its key protocol, the border gateway protocol (BGP), does not protect against incorrect routing information. BGP was designed in the...