cron.weekly issue #109: PostgreSQL, GIF, VLC, containerd, Docker, NTP & moreDecember 10, 2017 - Mattias Geniar
Welcome to cron.weekly issue #109 for Sunday, December 10th, 2017.
A bigger issue than last time, so hopefully it’ll be enough to keep you all busy. 🙂
This isn’t exactly news to most of us, but more & more big companies are turning to open source, only to lure customers to their paid version of the same software, boasting with their operational efficiency. After all, open source software needs maintenance, engineers, up-time, bugfixes, …
With the latest Safari update, all major browsers have support for MP4 video. All GIF’s can now be replaced with the much more efficient video format.
The European Parliament has approved budget to extend the software security audit programme (FOSSA), in this case by providing a bug bounty on VLC, allowing anyone to report security issues & be rewarded for it.
These folks work at a scale most of us can only imagine: Netflix has its own “spot market”, donating free cpu cycles/memories from their servers to internal projects like video rendering (which server isn’t oversized nowadays?).
Last week, Chrome 63 was automatically rolled out worldwide. With it, the change that forces all domains ending in “.dev” to HTTPS. If your development crew uses local .dev domains, make sure they either support HTTPS or consider another development TLD, like “.test”.
The Let’s Encrypt team highlighted their roadmap for 2018. My biggest feature I’m looking forward to: wildcard certificates, which should be available around February 27th, 2018.
Tools & Projects
Go from a global view of your infrastructure to inspecting an individual request trace, all in one developer-friendly platform. Start a free 14-day trial. (Sponsored)
The Swiss Container Platform APPUiO is based on OpenShift by Red Hat. Reliable Open Source concepts such as Docker and Kubernetes allow you to develop, operate and scale your application according to your needs. Contact us for a free one month trial of APPUiO. (Sponsored)
This project allows you to use the RocksDB storage engine in MySQL server, giving you up to 2x the compression capacity, faster replication & improved write efficiency.
fswatch is a file change monitor that receives notifications when the contents of the specified files or directories are modified.
Sysdig Inspect is a powerful opensource interface for container troubleshooting and security investigation. Inspect’s user interface is designed to intuitively navigate the data-dense sysdig captures that contain granular system, network, and application activity of a Linux system.
Misocoin is a barebones bitcoin-like protocol implemented in Python 3.x.
memcached-operator is a Kubernetes Operator for deploying and managing a cluster of Memcached instances. memcached-operator provides a single Service endpoint that memcached client applications can connect to to make use of the memcached cluster.
The industry-standard runtime for building container solutions, has reached its 1.0 milestone.
Zbox is a zero-details, privacy-focused embeddable file system. Its goal is to help application store files securely, privately and reliably. By encapsulating files and directories into an encrypted repository, it provides a virtual file system and exclusive access to authorised application.
Network packet captures tend to produce huge files. TrimPCAP is a free open source tool that reduces the size of capture files in an intelligent way.
Kata Containers is a new open source project building extremely lightweight virtual machines that seamlessly plug into the containers ecosystem.
healthchecks is a watchdog for your cron jobs. It’s a web server that listens for pings from your cron jobs, plus a web interface, and can alert when pings have been missed (and the cronjobs haven’t run).
Guides & Tutorials
GoCD or Spinnaker? This post is an overview of GoCD and Spinnaker, why they are different from each other and which problems you should use them to solve. Check it out. (Sponsored)
This is an interesting dev-trick, you can overwrite functions in applications yourself, by making your sure code/library/binary gets loaded before the actual application, using the LD_PRELOAD environment variable.
A fun exercise on what kind of (unwanted) auth requests you get on your SSH server, by logging all the passwords in plain text.
A lot of in-depth info on what it takes to scale applications beyond a single core or thread, talking about sharing variables & data structures across threads. Very theoretical, but I found it interesting.
A fun read on how a WordPress running inside in Docker could be hacked and the author got root access on the host.
I won’t pretend to fully understand the math, but it’s an interesting problem: if NTP updates are sent via the internet, how do you know if it’s still accurate, or delayed due to packetloss or jitter on the line?
PGExercises provides a series of questions and explanations built on a single, simple dataset. The exercises on this site range from simple select and where clauses, through joins and case statements, and on to aggregations, window functions, and recursive queries.
Even if you’re a die-hard Linux user, chances are you have a Windows box around you need for some proprietary code. This post explains how to get Windows Event Viewer data into Elasticsearch, so you can use Kibana to visualize logs & events.
How does a database geek solve a sudoku? He writes a recursive SQL query, obviously.
Another interesting post-mortem, after a near 2 hour outage on a PostgreSQL cluster. Lots of interesting details how their cluster was set up, combining both sync & async slaves for redundancy. I like that approach!
That title explains it all, doesn’t it? 🙂
Platforms such as Kubernetes, Mesos, Amazon Elastic Container Service (ECS), Azure Container Service, and Google Kubernetes Engine provide a layer of abstraction and automation to help manage large numbers of ephemeral containers. This research looks at the different trends in the landscape.