cron.weekly issue #33: Snaps, Serverless, Unikernels, Habitat, gzip, mysql, file descriptors & more!June 19, 2016 - Mattias Geniar
Welcome to cron.weekly issue #33 for Sunday, June 19th, 2016.
There are 2 main themes in this week’s edition: serverless and package managers. Many articles related to Ubuntu’s new “snap” package manage – Some good, some bad, but I’ll leave the judging up to you.
Ubuntu’s latest “snap” package manager is coming to RHEL, CentOS, Gentoo, OpenSUSE and a whole lot of other distros. We’re already packaging applications as containers, are “snaps” the future?
A practical look at Ubuntu’s snap package manager, on Fedora – it’s already implemented!
It’s not all fun & games with that new package format: because snaps package all the dependencies in the package, they can become up to 4x as large as “normal” packages.
Some more news on Snaps and Flatpak (more on that below): the author highlights some of the flaws in the Snap package manager.
The next ‘logical’ step after containers are, according to some, unikernels. Applications compiled into the OS to be as efficient as possible. This lengthy article is worth your time if you’re interested in knowing where unikernels come in.
We rely on open source contributors and package maintainers to fix bugs, create features and package them up for us to use. This post describes a move in the FOSS community where all that is being done by vendors who are increasingly want more profitability over user satisfaction and quality.
A nice read on the history of the ZFS file system and how Apple almost used it in its own OS.
Some nice insights into what it’s like creating packages in the Fedora world: which commands and tools are used, some clever hacks to help debug packaging issues and more.
Some more background into this new “serverless” way of doing things that’s getting more attention. It explains the concepts and use cases. It also mentions my preferred term of serverless: Functions as a Service or FaaS.
Some more background into the serverless movement, this time from one of the organizers of the #serverless event a few weeks ago.
That title says it all. Very nicely done illustrations on explaining Kubernetes. Reminds me of the SELinux coloring book.
Tools & Projects
Parsync is a parallel rsync wrapper for large data transfers.
Malspider is a web spidering framework that inspects websites for characteristics of compromise. It has built-in detection for characteristics of compromise like hidden iframes, reconnaisance frameworks, vbscript injection, email address disclosure, etc.
The team behind Chef’s config management tool introduced Habitat: Habitat is a new approach to automation that focuses on the application instead of the infrastructure it runs on. With Habitat, the apps you build, deploy, and manage behave consistently in any runtime — metal, VMs, containers, and PaaS.
From Ebay comes Fabio, a fast, modern, zero-conf load balancing HTTP(S) router for deploying microservices managed by consul.
This is an alternative to Ubuntu’s “snap” packages. Distributing applications on Linux is a pain: different distributions in multiple versions, each with their own versions of libraries and packaging formats. Flatpak is here to change all that. It allows the same app to be installed on different Linux distributions, including different versions. And it has been designed from the ground up with security in mind, so that apps are isolated from each other and from the host system.
Shodan is a search engine for “Internet-connected devices”. But for sysadmins like us, it’s also a tool to find public memcached ports, MongoDB instances, Redis instances, … that all by default have no authentication and pose a security risk.
Guides & Tutorials
Some nice insights into the history of the most popular compression algorithms on Linux servers.
This is a handy little one-liner that makes it easier to restore a multi-database MySQL server: instead of a single, large, SQL dump file, every database gets its own separate file.
An interesting read if you’re using Puppet. Ever wondered how Puppet (or any kind of config management) fits into the new world of containers? As part of Project Blueshift, the Puppet team looks at how to combine those technologies.
A nice overview of using the Linux crontab for running scheduled tasks.
We know how to send signals to running applications with the kill command, but how do they work? This post explains what signals are, how they’re used and shows a couple of use cases where they excel.
By default, there are limits to the amount of file descriptors you can open in Linux. A file descriptor is anything from a file, a directory, a symlink, a socket, a TCP or UDP connection or a stream. This post show how to increase that per user on your system.
A collection of good best-practices on what to do the first time you log into a server or prepare a new server for production use.
It’s not easy, but not impossible either to make money while doing open source work: this github repo offers some ideas and methods of doing that, from advertising to donations, crowdfunding and sponsorhips. If you’ve wanted to make money from your open source project(s), have a read.