cron.weekly issue #41: gdb, OpenStack, masscan, Linux Performance, SSHFS & more!


cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, August 14, 2016

Follow me on Twitter as @mattiasgeniar

Welcome to cron.weekly issue #41 for Sunday, August 14th, 2016.

Let’s call this “the debug issue” – lots of practical tips on how to use the gdb debugger on applications.

News

Mirantis joins Google, Intel to flip OpenStack container landscape

An interesting development in the Docker & OpenStack space: Google and Intel work together to run OpenStack as containers, orchestrating its control plane with the Kubernetes container orchestration tool. You’re actually running OpenStack as containers, managed by Kubernetes.

PostgreSQL vs. Linux kernel versions

Some really interesting stats from a PostgreSQL benchmark over multiple kernel versions: from the oldest 2.6.x kernel to the latest 4.7, which is best for running a PostgreSQL workload?

TCP vulnerability in Linux kernel

Best to patch your servers for this one: a flaw in the TCP implementation allows an attacker to inject its own content in a TCP stream, potentially taking over servers or injecting malware in webservers.

Tools & Projects

justsniffer

Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all “intercepted” files from the HTTP traffic.

goss

Goss is a YAML based serverspec-like tool for validating a server’s configuration. It eases the process of writing tests by allowing the user to generate tests from the current system state. Once the test suite is written they can be executed, waited-on, or served as a health endpoint.

sudolikeaboss

This CLI tool integrates 1 Password in your terminal: all you need is iterm2, 1password and a Mac.

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

frp

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

coredns

CoreDNS is a DNS server that started its life as a fork of the Caddy web(!)server. It chains middleware, where each middleware implements some DNS feature. CoreDNS is a complete replacement (with more features) for SkyDNS.

Guides & Tutorials

SSL/TLS and PKI History

This is a cool visualisation of the history of SSL and TLS. A nice timeline of how things came to be. It starts all the way in 1994 and makes some bold predictions for 2018.

Effectively Using and Detecting The Slowloris HTTP DoS Tool

Remember that annoying HTTP vulnerability from a few years ago, Slowloris? This post is a trip down memory lane: how to detect a SlowLoris server-side, how to launch one and how to protect yourself from it.

Docker: Explained Simply

You’d think with all these ‘Docker Explained’ posts, we’d know how Docker works – right? This post takes a slightly different approach: a good comparison with Vagrant images and an easy-to-understand explanation of the Dockerfile.

gdb Debugging Full Example (Tutorial): ncurses

This really in-depth debugging session teaches you a lot about the gdb debugger and how to interpret the output, not just blindly copy/paste commands.

How does gdb work?

Another great gdb post: really good examples of using gdb on a Ruby application, how memory references work, some good old C code, …

Linux Performance Tools diagram

This famous Linux performance tools diagram from Brendan Gregg just go an update last week: this is the 2016 edition! Print this out and hang it out on your desk. Want more? Head over to Brendan Gregg’s performance tools page.

How To Read The SSL Certificate Info From the CLI

Some useful openssl commands to decode certificates from a local file or a remote endpoint and show the contents in a readable fashion.

Dynamic SSH jump hosts

A follow-up from last week’s post on SSH jump hosts: this post introduces a clever trick of using wildcards & sed-magic in your SSH configs to create ‘dynamic’ jump hosts.

Distributed Logging Architecture in the Container Era

A lengthy read, but a good one: with everything running in containers, we need to rethink how we do and manage our logs.

How to Mount Remote Linux Filesystem or Directory Using SSHFS Over SSH

A good tutorial on using the ssh file system to mount remote directories, over SSH, as if it was a local mount/directory.

Conferences

@Scale 2016 Line-up

FaceBook’s @Scale2016 conference has published its line-up: really interesting Data, DevOps, Tooling, Mobile & Hot Topics (aka: hipster-room) tracks. If you can make this one, it looks like it’ll be amazing.



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.