cron.weekly issue #60: Debian, Vim, Gitlab, Jenkins, Piwik, Nginx, MySQL & more!December 25, 2016 - Mattias Geniar
Welcome to a slightly later cron.weekly issue #60 for Sunday, December 25th, 2016.
The holidays are messing with the timing a bit, so this issue is a bit later than usual. If you’re the kind of person that likes to celebrate Christmas, have a merry one. If you don’t care about that sort of things I hope this newsletter can provide you with some distractions.
Just a heads-up, depending on how the next week plays out, I may skip next Sunday’s issue.
The pro’s and con’s of doing automated upgrades are discussed in this post. If they go through, it may set a precedent to other distro’s to do the same.
A look at what major security incidents the Linux community had in 2016 as well as a good overview of what’s been done this year to increase overall security.
Some light reading when you’re up for some background story about Vim and what’s going to be in store for Vim 8.
An article with a skeptic look at jump servers and the threat and risks they can pose to an organisation.
The Linux Foundation is now offering a “Linux Credit Card“. For every card activation, the Linux Foundation will receive $50 as well as a percentage of every purchase made with the credit card.
Tools & Projects
Track & alert on the health and performance of every server, container, and app in any environment. Sign up for a free 14-day trial. (Sponsored)
This new release brings hash table improvements, unified integer classes, performance improvements, OpenSSL 1.1.0 support and better deadlock detection (that will help in debugging).
Minor version increases don’t usually hold much excitement, but this one does: auto-deploy. It automates setting up deploys and review apps. For a Ruby on Rails project, this brings setup time to under a minute. In this release, there’s also support for Slack chatops, global git hooks, a web terminal and better e-mail notifications. This could’ve just as easily been called Gitlab 9.
This distribution is widely used as the basis for Docker images (because of their size), in the 3.5 release: they switched from OpenSSL to LibreSSL, add support for ZFS, R, JRuby and OCaml.
Beringei is a high performance, in-memory storage engine for time series data. In the fall of 2015, Facebook published the paper “Gorilla: A Fast, Scalable, In-Memory Time Series Database” at VLDB 2015. Beringei is the open source representation of the ideas presented in this paper.
pg_probackup is a backup and recovery manager for PostgreSQL servers able to do differential and full backup as well as restore a cluster to a state defined by a given recovery target. It is designed to perform periodic backups of an existing PostgreSQL server, combined with WAL archives to provide a way to recover a server in case of failure of server because of a reason or another.
If you’re using Puppet as your config management tool with Hiera as the “data backend”, you know finding out which Hiera resource is being used can be tricky. This tool shows the hierarchy being used to retrieve that data.
KET (Kismatic Enterprise Toolkit) is a set of production-ready defaults and best practice tools for creating enterprise-tuned Kubernetes clusters. KET was built to make it simple for organizations who fully manage their own infrastructure to deploy and run secure, highly-available Kubernetes installations with built-in sane defaults for scalable cross-cluster networking, distributed tracing, circuit-breaking, request-level routing, cluster health-checking and much more!
A while back, the Jenkins team showcased a new layout/GUI for their web frontend called “Blue Ocean”. You can now download and run that as a beta program. It looks absolutely amazing!
A useful set of Bash helper functions for common patterns like “what character is at position X“, “isInteger“, a foreach method, …
Ofelia is a modern and low footprint job scheduler for docker environments, built on Go. Ofelia aims to be a replacement for the old fashioned cron.
This self-hosted alternative to Google Analytics has reached a new milestone: a full redesign and multiple security improvements.
This release removes support for SSHv1, lots of bugfixes, quite a few security improvements & easier restricting of user accounts (prevents X11, agent, TCP, tunnel & Unix domain socker forwarding) via a simple setting.
Bazel is Google’s own build tool, now publicly available in Beta. Bazel has built-in support for building both client and server software, including client applications for both Android and iOS platforms. The slogan is “correct, reproducible, fast builds for everyone“, to build software of any size, quickly and reliably, just as engineers do at Google.
The Github team introduced orchestrator to manage MySQL service failovers, promotes slaves to masters, detect failure scenario’s, …
Guides & Tutorials
An original approach to solving prime number calculations that leads to various new ways of using the Unix shell for things like “find intersection of 2 sets“, “find union of 2 sets“, … using tools like: sort, uniq, diff, grep, head/tail, … Very interesting ideas here that can teach you new ways to use your favourite CLI tools.
In this guide, Nginx is compiled from source with the latest OpenSSL to add support for the ChaCha ciphers.
Some good insights when you run (large) MySQL servers and experience problems related to SWAP and disk I/O usage, where the Linux kernel can decide – at unexpected times – to write/read from SWAP with memory to spare.
A Deep Dive Into Docker For Engineers Interested In The Gritty Details.
This initiative looks at what abilities an inventory management solution for Ansible needs to have in order to be current with the competition and to make things easier for us as sysadmins. Plenty of ideas, I’m curious to see how this plays out.
A very powerful video showcasing the new BPF capabilities in Linux. The demo highlights many interesting use cases like finding the bottleneck in code, sorting by function calls, quickly exploring stacktraces, …