cron.weekly issue #19: GUI’s, Jenkins, Docker, Microsoft, jo, sshtron, cockpit & more!


cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, March 13, 2016

Follow me on Twitter as @mattiasgeniar

Welcome to cron.weekly issue 18 for Sunday March 13th, 2016.

Before you think this newsletter is turning into a Microsoft or Docker newsletter, I want to assure you: the focus is still on open source & linux. But Microsoft has been dominating the news lately (good & bad) and Docker seems to be omnipresent nowadays.

Either way, enjoy this weeks’ edition because there’s lots of content to share!

News

What happens when a modern Linux system boots without /bin/sh

An interesting tale of what happens when /bin/sh becomes corrupt and the system is rebooted. It’s a good use case for using alternate shells on your accounts so you still have access in case the default shell is corrupted.

The Linux Security Circus: On GUI isolation

This is something us server-side admin don’t have to worry about much, but desktop Linux – at least until Wayland makes its way – uses the X server to display windows and applications. In that X Server, there’s no GUI-level isolation. Two GUI applications running in X Server are not isolated from each other.

Why Wayland anyway?

Wayland, the new display server to replace X server, will fix that GUI isolation problem. This post explores some of the highlights of Wayland and confirms that it’s not yet coming to Fedora 24 but will probably make it in Fedora 25.

Linux BPF Superpowers

This is a very nice presentation by Brendan Gregg on BPF, which used to be called the Extended Berkeley Packet Filter. BPF is the in-kernel bytecode machine that can be used for network tracing, virtual networks, and more.

Microsoft Announces SQL Server on Linux

I didn’t see this one coming: SQL Server, the flagship SQL Server product from Microsoft, will be available to run on Linux around mid-2017. The current target is Ubuntu & RHEL and its derivatives, like CentOS. The items that remain unclear: licensing, cost and the upgrade & migration paths from Windows to Linux. Oh, and how other processes will get along with SQL Server.

Microsoft loves open source? Only when it’s convenient

Despite their several announcements of supporting open source, Microsoft is still suing several Linux distributions over patent infringements. Their “SQL Server on Linux” announcement got a lot of attention, but is it a cleverly timed coverup for more negative news towards open source that came out last week?

The Hardest Hire: Technical Support

Many of us linux & open source folks have started our careers in some kind of support environment, quickly learning new technologies to help support the business. This post resonated with me as it hits so close to home: the challenges involved in hiring technical support.

Holistic Configuration Management at Facebook

Learn from the biggest, I always say. This post describes some internals of Facebook’s config management, how often a day config changes occur (1.000+), what they’re used for (feature toggles, among others) etc.

Rise of The Docker Pattern

An interesting look at how Docker became so popular, which problems it’s solving and where our industry in general is coming from: starting at VMware to AWS to Docker.

Docker Swarm beats Kubernetes? Not so fast

A recent announcement claimed Docker Swarm to be faster than Kubernetes. Both try to manage (Docker) containers as efficiently as possible. This post further explores how speed isn’t the only factor to take into account when comparing such tools.

Docker & Security (PDF)

This presentation given by 2 hackers look into Docker’s isolation & governance modal from a security point of view. Lots of interesting technical remarks on UID mapping, privilege escalation, SELinux, …

Tools & Projects

jo

This tool allows you to create JSON output from the shell.

Universal Install Script

While not a real project, it’s something that can get you thinking: a universal install script that works for all platforms. (XKCD)

tcpkali

tcpkali is a high performance TCP and WebSocket load generator and sink. It can open millions of connections from a single host by using interface aliases.

Jenkins 2.0 preview

The much anticipated release of Jenkins is coming soon! It introduces ‘configuration as code’ for defining pipelines, a much cleaner UI & total backwards compatibility. I’m looking forward to this release.

PyPy 5.0

PyPy is a fast, compliant alternative implementation of the Python language (2.7.10 and 3.2.5). The focus is on speed and memory usage, while keeping compatibility with the ‘official’ Python releases.

x11fs

A filesystem for your X Windows. X11fs creates a vitual filesystem to represent open windows, similar to what /proc does for processes. This allows windows to be controlled using any language or tool with simple file IO, in a true unix fashion.

ownCloud 9.0

ownCloud is a file sync and share solution, much like Dropbox, and has reached version 9.0. The new release introduces collaboration features, improvements to scalability and brings federation to a new level.

Borg 1.0

BorgBackup (short: Borg) is a deduplicating backup program. Optionally, it supports compression and authenticated encryption. The main goal of Borg is to provide an efficient and secure way to backup data.

sshtron

Play Tron over SSH. It’s actually really incredible, just go ahead and test it: “ssh sshtron.zachlatta.com”.

Guides & Tutorials

How to Boot Linux ISO Images Directly From Your Hard Drive

This is a useful guide if you ever want to just download an ISO to your local harddrive and be able to boot from it. In GRUB2, you can modify the bootloader to load an ISO from the local hard drive to accomplish that.

ZFS on Linux

An interesting writeup from a company that’s used ZFS for a while now. The post has disk I/O benchmarks and operational metrics.

Bash One Liner – Compose Music From Entropy in /dev/urandom

That title says it all: let /dev/urandom generate random bits and bites and turn it into audio!

Getting Started with rkt

This guide explains the rkt container runtime, a project maintained by the CoreOS folks.

5 minutes collectd + facette setup

How to run both collectd with facette, a new tool to visualise time series values (like statsd values).

Cockpit: an overview

Cockpit is an elegant, beautiful way to see and manage your servers using just a web browser. It’s open source, and it is quickly growing new features and capabilities all the time.

Naive first steps with Terraform

A very honest introduction to Terraform, a new way of managing infrastructure as code from the creators of Vagrant. A simple file-based system gives you easy overview of your environments.

Some thoughts on ways of choosing what TLS ciphers to support

With the recent OpenSSL vulnerabilities, this isn’t a bad question to ask: what TLS ciphers should/can you support in your environment, from webservers to mailservers to IMAP and POP3 connections?

How Linux CPU usage time and Percentage can be calculated

Some low-level info on how CPU usage is calculated. A nice reminder on timing & clock cycles, too.

System statistics with sar and the /proc filesystem

There’s lots of ways to troubleshoot a problem in Linux, this post further explains the ‘sar’ command with a couple of useful examples.



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.