cron.weekly issue #49: kernel 4.8, IP Spoofing, RethinkDB, ProxySQL, Postgres, Elasticsearch & more!October 9, 2016 - Mattias Geniar
If you’re reading this, it means the mailing list migration went as planned! If you aren’t … well … something something schrödinger. 🙂
I took the time to tweak the layout a bit too, if it renders or looks weird on your device, send me a screenshot if you will. I’ll whip out the old CSS skills and see what I can do.
In the meanwhile: a diverse issue this time, lots of content. So grab a coffee, make yourself comfortable and enjoy reading!
Last Sunday, the 4.8 kernel was released: lots of new hardware support, improved drivers and a lot of storage improvements: a btrfs rewrite, the basics to add support for data deduplication and copy-on-write for XFS, …
A post I think many of us can relate to: you find yourself being a sysadmin or developer and suddenly you’re a database administrator. You can’t look at databases the same way you look at webservers, it’s a different mindset. This post dives into a post-portem of a “MongoDB gone wrong” and critiques the methods used.
By now, everyone benefits from using HTTPs on websites. This post gives a good overview of the reasons why you should switch to HTTPs. Time to use these arguments to change all your configs to TLS!
A bit of Unix trivia I was unaware of: long before Linus Torvalds wrote Linux, Microsoft was the king of Unix world. The company, somehow, developed Xenix, the most popular version of Unix of its time. However, IBM’s decision to go ahead with MS-DOS in its PCs acted as a death blow.
This are inevitably going to break: whether it’s hardware, software or human error. This post explains how there’s usually not a single cause, but a series of events that lead to downtime and how hidden bias can influence our thinking in finding root causes.
Not so fun news from the community this time: the team behind RethinkDB is shutting down. This document store for (mostly) JSON competed with MongoDB.
It’s only since I started mirroring the linux-kernel mailing list that I noticed just how much e-mail goes back and forth with patches and kernel discussion. In this post, the author defends that choice and why it beats systems like GitHub or GitLab.
A big investment from Mozilla’s Open Source Support: they threw 300.000$ to 4 more projects: Redash, Review Board, Kea and Speech Rule Engine.
Tools & Projects
Gitzone is a git-based zone file management tool for BIND. Users can update their zones in a git repository then during a push the zone files are checked, updated & reloaded from git receive hooks.
Zulip is a powerful, open source group chat application. Written in Python. Zulip also supports fast search, drag-and-drop file uploads, image previews, group private messages, audible notifications, missed-message emails, desktop apps, and much more.
A high-performance MySQL proxy with a GPL license. It has query caching, query routing over multiple backends, failover support, … The only other competitor in this space I know of is MariaDB’s MaxScale.
A fully featured mail setup: webmail, IMAP & SMTP server, spam & greylisting, backups to Amazon S3, Let’s Encrypt support, …
This is sort of a shell on top of git. It tries to make git less complicated but is still compatible with the “standard” git implementation, as it’s basically git behind the scenes.
Cypht is like a news reader, but for E-mail. Cypht does not replace your existing accounts – it combines them into one. And it’s also a news reader.
A retrospec plugin for puppet that generates puppet rspec test code based on the current code inside your module. It basically writes all your tests for you. Sort of.
Guides & Tutorials
A very nice write-up on a presentation given at Strange Loop about IP spoofing, how it works, how they’re used in DDoS attacks and how you can prevent them as a sysadmin or network engineer.
In this article the author shows a Docker based workflow in Jenkins 2.0 with both the CI pipeline and the build environment version controlled. The end result is a container with code ready to deploy.
In this post Brendan Gregg introduces the ext4dist and ext4slower tools to look at the system for metrics on how I/O performance impacts the running applications.
Did you, like me, learn vim years ago? Maybe you’re still using a few shortcuts or commands that can be made more efficient. This post lists the most frequent “quick wins” in terms of efficiency when using vim.
Some good pointers on where and how to design your PostgreSQL schema/structure when trying to build a multi-tenant SaaS offering, contains a couple of practical tips for DBA’s too.
A very nice overview of security features that landed in the 4.8 kernel: many things I can’t even fake understanding, I hope they make more sense to you than they did to me.
This write-up talks honestly about what it’s like to run 1 or 50 containers, the lessons learned, the design decisions between Docker vs. Rkt, …
There’s a new PostgreSQL version out, but why upgrade? This post gives the biggest reasons: parallelism, better lock monitoring, synced standby’s and a safer replication model called “remote apply”.
Lots of practical tips & metrics to watch in your Elasticsearch environment to monitor your performance.
A dive into the procfs (/proc file system) to better understand what goes on behind the scenes of a process.
Like the previous post, this article describes what happens when new processes spawn: from system calls to environment variables to parents/children & forks.
In August 2016 the Laracon conference held place in Amsterdam, focusing talks on the Laravel PHP framework. Lots of talks are now online about scaling applications, Varnish, introducing TDD, MySQL 5.6 changes, …