cron.weekly issue #41: gdb, OpenStack, masscan, Linux Performance, SSHFS & more!August 14, 2016 - Mattias Geniar
Welcome to cron.weekly issue #41 for Sunday, August 14th, 2016.
Let’s call this “the debug issue” – lots of practical tips on how to use the gdb debugger on applications.
An interesting development in the Docker & OpenStack space: Google and Intel work together to run OpenStack as containers, orchestrating its control plane with the Kubernetes container orchestration tool. You’re actually running OpenStack as containers, managed by Kubernetes.
Some really interesting stats from a PostgreSQL benchmark over multiple kernel versions: from the oldest 2.6.x kernel to the latest 4.7, which is best for running a PostgreSQL workload?
Best to patch your servers for this one: a flaw in the TCP implementation allows an attacker to inject its own content in a TCP stream, potentially taking over servers or injecting malware in webservers.
Tools & Projects
Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all “intercepted” files from the HTTP traffic.
Goss is a YAML based serverspec-like tool for validating a server’s configuration. It eases the process of writing tests by allowing the user to generate tests from the current system state. Once the test suite is written they can be executed, waited-on, or served as a health endpoint.
This CLI tool integrates 1 Password in your terminal: all you need is iterm2, 1password and a Mac.
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
CoreDNS is a DNS server that started its life as a fork of the Caddy web(!)server. It chains middleware, where each middleware implements some DNS feature. CoreDNS is a complete replacement (with more features) for SkyDNS.
Guides & Tutorials
This is a cool visualisation of the history of SSL and TLS. A nice timeline of how things came to be. It starts all the way in 1994 and makes some bold predictions for 2018.
Remember that annoying HTTP vulnerability from a few years ago, Slowloris? This post is a trip down memory lane: how to detect a SlowLoris server-side, how to launch one and how to protect yourself from it.
You’d think with all these ‘Docker Explained’ posts, we’d know how Docker works – right? This post takes a slightly different approach: a good comparison with Vagrant images and an easy-to-understand explanation of the Dockerfile.
This really in-depth debugging session teaches you a lot about the gdb debugger and how to interpret the output, not just blindly copy/paste commands.
Another great gdb post: really good examples of using gdb on a Ruby application, how memory references work, some good old C code, …
This famous Linux performance tools diagram from Brendan Gregg just go an update last week: this is the 2016 edition! Print this out and hang it out on your desk. Want more? Head over to Brendan Gregg’s performance tools page.
Some useful openssl commands to decode certificates from a local file or a remote endpoint and show the contents in a readable fashion.
A follow-up from last week’s post on SSH jump hosts: this post introduces a clever trick of using wildcards & sed-magic in your SSH configs to create ‘dynamic’ jump hosts.
A lengthy read, but a good one: with everything running in containers, we need to rethink how we do and manage our logs.
A good tutorial on using the ssh file system to mount remote directories, over SSH, as if it was a local mount/directory.
FaceBook’s @Scale2016 conference has published its line-up: really interesting Data, DevOps, Tooling, Mobile & Hot Topics (aka: hipster-room) tracks. If you can make this one, it looks like it’ll be amazing.