cron.weekly issue #6: Kernel Releases, TLS, Hostess, Polscan, Dtrace, Docker & many moreDecember 12, 2015 - Mattias Geniar
This is the cron.weekly release for Sunday December 13th.
A lot of media got this announcement wrong: Mozilla isn’t dropping Firefox OS, their OS optimised for smartphones. It is however stopping their work to build and ship smartphones through carrier partners. Instead, they’ll be focusing on Internet of Things (IoT) with the Firefox OS project.
An interesting read to better understand how Fedora releases their new kernels and which versions are considered and which aren’t.
A nice announcement for us still managing physical hosts: firmware updates to UEFI in Linux will work out-of-the-box on Dell boxes in the near future.
This discussion focusses on whether or not TLS, the Transport Layer Security used in HTTPs and all other encrypted protocols, should be part of the Linux kernel or remain a standalone project like OpenSSL.
A call for attention for a better compression algoritm called “xz”. It can compress up to twice as good as gzip and has been supported in most linux distributions since 2009.
Tools & Projects
Similar to how drush works for Drupal or wp-cli for WordPress, prestashop-cli gives you a command line interface to interact with a prestashop install. This is ideal for us sysadmin folks who may not have a login to the web interface but who still want to have some control over the installation.
Granted, it’s not exactly hard to manage your /etc/hosts file, but having a simple CLI interface to be used in scripts is an upside. Hostess is an idempotent command-line utility for managing your /etc/hosts file.
This new project is a publish/subscribe (or “pub/sub” in short) module for Nginx. It can be configured as a standalone server, or as a shim between your application and tens, thousands, or millions of live subscribers.
Shellcheck automatically detects problems in sh/bash scripts and commands. Copy/paste your script and get an analysis back of potential security problems and bugs you may encounter in your script.
In a cluster of servers, all hosts should be identical – right? More than often you’ll find some hosts’ configuration drifts from others. Polscan helps mark those hosts and maps them out in a grid for easier identification.
I wouldn’t recommend using it, but it’s a nifty proof-of-concept. Bashhub is a “Bash History in the cloud”. Interesting from a technology point of view, but I’ll never install this on any of my machines.
Guides & Tutorials
A very in-depth piece of writing on all the pieces where Nginx differs from more traditionals webservers like Apache. It details the workers, process handling, threads, …
Given a real use case (“why are my tests running slow”), this blogpost shows you how to use the dtrace tool to find bottlenecks in an application by finding the system calls that cause the most time and CPU consumption.
Now that HTTP/2 is reaching a broader audience, it’s time to start thinking about how to make full use of it. This blogpost shares insights in the do’s and don’ts when trying to get the most out of HTTP/2.
Tools like systemd give us more abilities to script startup/stop of services and all the management that comes with of it. This guide shows you how the unit files work and how you can make unit files for your own custom services (like init.d scripts in SysVinit).
This post will explain why this particular company found that using MySQL for the key/value use case is better than most of the dedicated NoSQL engines, and provide guidelines to follow when using MySQL in this way.
A practical guide on running docker containers using Docker Machine (an abstraction layer on top of Docker), Swarm (native docker clustering) and Compose (managing the applications inside Docker).
This post features protection mechanisms to defend against Web server DDoS attacks against an Apache webserver.
There are many container schedulers nowadays: Fleet, Kubernetes, Mesos, Rancher, Swarm, … This post focusses on Nomad as a new container resource scheduler for Docker.