Graduate Tech Program: Foundations Course
A study in abstraction, orchestration, and scalability.
Modern software engineering is the art of managing complexity through layers of abstraction. Each layer hides the underlying mechanical details of the layer below it.
Hardware → Kernel → OS → Runtime → Container → Application
The kernel acts as the primary mediator between hardware resources and user-space processes.
To ensure system stability and security, modern OS architecture enforces a strict boundary.
Kernel Space: High privilege, direct hardware access, critical for system integrity.
User Space: Restricted privilege, where application logic resides, isolated from hardware failures.
The OS manages the lifecycle of a process through various states:
A fundamental abstraction that provides each process with the illusion of having a contiguous, private address space, regardless of physical fragmentation.
Key mechanisms: Paging, Segmentation, and Translation Lookaside Buffers (TLB).
Virtualization allows a single physical machine to host multiple, independent operating systems by introducing a Hypervisor layer.
Benefit: Increased hardware utilization and isolation.
While virtualization provides isolation, it introduces "tax":
Unlike VMs, containers do not virtualize hardware. Instead, they virtualize the operating system kernel.
They share the host's kernel but maintain isolated user-space environments.
| Feature | VM | Container |
|---|---|---|
| Isolation | Hardware-level | Process-level |
| Startup Time | Minutes | Seconds |
| Resource Usage | High | Low |
As the number of containers grows, manual management becomes impossible. Orchestrators like Kubernetes handle:
Cloud computing is the delivery of computing services—including servers, storage, databases, and networking—over the Internet.
From "Ownership" to "Utility."
IaaS: Infrastructure as a Service (e.g., AWS EC2).
PaaS: Platform as a Service (e.g., Heroku, Google App Engine).
SaaS: Software as a Service (e.g., Gmail, Salesforce).
Cloud security is a partnership.
The Provider: Responsible for security of the cloud (Hardware, Global Infrastructure).
The Customer: Responsible for security in the cloud (Data, IAM, OS Configuration).
Treating infrastructure setup the same way as application code: versioned, repeatable, and automated.
The structured process of developing software, from requirements gathering to maintenance.
Modern cycles emphasize continuous loops rather than linear paths.
DevOps is not a tool, but a culture of breaking down silos between Development and Operations.
Core Pillars: Automation, Monitoring, Communication, and Continuous Improvement.
The practice of automating the integration of code changes from multiple contributors into a single software project.
Key: Automated testing on every commit.
Automating the release of code to production environments. When tests pass, the code is deployed without human intervention.
Requires high-confidence testing and robust rollback capabilities.
Understanding how data moves across the wire through layers of abstraction.
Layer 7: Application | Layer 4: Transport | Layer 3: Network | Layer 2: Data Link
Decomposing a monolithic application into a collection of small, independent, and loosely coupled services.
Enables independent scaling and deployment but increases complexity in communication.
In a distributed system, you can only guarantee two of the following three:
"Never trust, always verify."
Moving away from the concept of a "trusted perimeter" to a model where every request, regardless of origin, must be authenticated and authorized.
A security concept where a user or process is given the minimum levels of access—or permissions—needed to perform its job functions.
Monitoring: Tells you *that* something is wrong (e.g., "CPU is at 95%").
Observability: Tells you *why* something is wrong (e.g., "This specific query is causing high CPU due to a missing index").
1. Metrics: Aggregatable numbers over time.
2. Logs: Discrete records of events.
3. Traces: The journey of a request through a distributed system.
The trajectory of software environments is toward greater abstraction and greater automation.
Next steps: Deep dive into Kubernetes internals and Cloud-Native security architectures.