cron.weekly issue #48: PostgreSQL 9.6, Security, Otto, armor, Config Mgmt Camp & more!October 2, 2016 - Mattias Geniar
Welcome to cron.weekly issue #48 for Sunday, October 2nd, 2016.
Lots of variation again that should keep you busy on your Sunday!
I’m also in the process of moving the e-mail list to something self-hosted, so keep an eye out on your spamfilter the next few weeks if you’re not receiving your Sunday dose of Linux & open source news.
This new release supports parallelizing some query operations over multiple cores, improved text search, improved back-ups and lots of smaller improvements. At the same time, Barman 2.0 has been released (the PostgreSQL back-up and recovery manager).
Not the best week for systemd: a single command, run by an unpriviliged user, can “crash” systemd. All processes will keep running, but you can no longer start/stop any services. Rebooting won’t work either, as that’s handled by systemd. You’re left resetting/power cycling your server.
I missed this a few weeks ago: HashiCorp announced Otto as the successor to Vagrant last year, but it seems the project got cancelled. You just can’t replace Vagrant.
This is a proposal to make everything in the *.localhost domain resolve to localhost, without having to explicitly specify it in DNS/hosts file. So for testing, “project1.localhost” could automatically point to 127.0.0.1 or ::1.
This new release adds much easier joining/creation of clusters via the ‘kubeadm’ CLI tool, simpler installation using apt/yum and a discovery API you could use to implement service discovery.
A good overview of several security measures that were introduced since kernel 4.3; lots of details on random memory mappings & better capability passing when processes are forked.
As it turns out, the fixes for a Denial of Service in OpenSSL that were released last week introduced a Remote Code Execution vulnerability. So this set of OpenSSL patches fixes those problems. Time to update, again.
A pretty good thought piece on how the Linux kernel should adapt to ever growing threats.
Tools & Projects
A new webserver written in Go which offers HTTP/2 and automatic TLS based on Let’s Encrypt. This looks to be very similar to Caddy in terms of goals and setup.
UpscaleDB is a nosql key/value store, but this project introduces UpscaleDB as a MySQL storage engine compatible with InnoDB. In other words, you could remove the InnoDB engine from MySQL and replace it with this one, and it *should* run faster.
mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern Web UI for administration.
Guides & Tutorials
Plenty of graphs and explanation to give an overview of Kubernetes, the layers (etcd, API, controller, scheduler, …), the control plane, how nodes work, …
Monitoring Docker isn’t that easy, as containers can come and go when needed. It introduces a couple of methods to handle this, mainly by not treating containers as “hosts” to individually monitor, but by looking at the overal architecture.
This post tells a tale how the author went about troubleshooting a PostgreSQL installation that was consuming more and more CPU steadily. Some good ideas if you ever need to troubleshoot PostgreSQL!
If you’re new to Linux or SSH, this is a good post describing how public & private keypairs work for SSH authentication.
This single day event takes place in Berlin on November 15th. If it’s anything like the Config Management Camps in Ghent, Belgium, it’s a must-attend!