cron.weekly issue #68: Virtual Memory, Jenkins, Etckeeper, Tensorflow, PGP, Let’s Encrypt & moreFebruary 19, 2017 - Mattias Geniar
Welcome to cron.weekly issue #68 for Sunday, February 19th, 2017.
I hope last weeks’ issue gave you lots of reading material! This is a slightly shorter one but still plenty of good content on Node, Go, Jenkins, the eternal struggle of tar, SELinux, virtual memory on Linux & plenty more good stuff.
More and more, developers are using yarn as the Node package manager. In this post, the problems/challenges with npm are highlighted and why yarn was a much-needed replacement.
Some good insights into the crucial nature of NTP and how efforts being made to make NTP more secure & resilient might actually have introduced whole new operational challenges.
The Jenkins project introduced the Blue Ocean redesign a few months ago and have now launched a beta to make modifying your “build pipelines” (aka: set of steps to take before a task is considered complete) a breeze. This will make the adoption and getting started with Jenkins so much easier.
You really only need 2 commands when using tar: extracting an archive and creating one. This new site shows exactly those 2 commands.
Some background and analysis of code merges inside the Linux kernel.
One of the long-time readers asked to include this survey on your use of your infrastructure. It covers questions like which cloud provider you use, the kind of applications you have and so on. The results will be made public in the near future. If you have 10min, feel free to fill out this survey!
Tools & Projects
Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)
It’s sometimes impossible to answer what’s consuming resources like CPU, IO, & memory in a complex software such as a database. This ebook explains how a specialization of ordinary linear regression answers seemingly unsolvable database questions. (Sponsored)
Your own Travis CI to run tests locally. It uses Docker to read the .travis.yml file and run those tests locally.
This new release is 20-30% faster than 1.7, faster compile times, better & shorter garbage collection and a lot of updated standard library components.
An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. Use cases can also include handling file or secret uploads from your clients or coworkers, though.
Google’s open source machine learning software Tensorflow has reached a stable 1.0. I do still feel you need a PHD and an IQ over 160 to understand it and be able to use it, but machine learning is hard – no matter what software you use.
Pijul is a free and open source (AGPL 3) distributed version control system. Its distinctive feature is to be based on a sound theory of patches, which makes it easy to learn and use, and really distributed.
If you like to ‘git commit’ your /etc directory changes, this tool is for you.
Community-driven templates and tools for creating cloud, virtual machines, containers and metal operating system environments.
mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing.
Guides & Tutorials
This isn’t Linux specific but covers a lot of best practices on securing an office, server farm, home network, … take your pick.
You’ll often find confusing flags in .htaccess or Apache & PHP-FPM configurations related to PHP configuration overwrites. This post explains when to use each one and when they do & don’t work.
A solid introduction to container orchestration/management tools and why you need them; covering Kubernetes, Mesosphere and the Docker built-in Swarm.
More SELinux content: introducing SELinux labels, assigning & removing labels, enforcement & handling files.
To me, memory management remains the hardest concept in Linux. So many things go into calculating a simple questing as “how much memory does process X really use?”. This guide offers a really good explanation covering page tables, memory mapping, the MMU & page faults.
Open source software is made by people just like you. Learn how to launch and grow your project. Made by the team at Github.
Covering Nginx, SNI and using Let’s Encrypt for requesting & installing TLS certificates.
An interesting debug question to conclude that systemd can limit processes to a default of 512 child processes.
This is a guide on secure communication using email with PGP encryption. It does require a basic knowledge of PGP to get started.
This practical guide teaches you how to auto-scale on Kubernetes and shares some Jenkins tips & tricks along the way.