cron.weekly issue #82: Puppet 5, Debian 9, Chef, Vim, CNI, TFS, Haraka, PostgreSQL & moreMay 28, 2017 - Mattias Geniar
Welcome to cron.weekly issue #82 for Sunday, May 28th, 2017.
I suddenly see why last week was a shorter issue, everyone was timing their good posts & news for this week! There’s quite a lot to share, and every link is worth it.
We’re melting in Belgium at roughly 35°C (that’s 95°F for you US folks), I hope you can find a chill spot that doesn’t overheat your laptop to enjoy this weeks’ issue.
If you run any kind of Samba service, chances are you’re vulnerable for a pretty serious leak; just about every NAS is vulnerable for a remote code execution bug that requires your urgent attention to update.
A good write-up and comparison of open source software we all love and use with the self-service checkout machines at a grocery store.
A sneak peak into what Puppet 5 will offer from Puppet Labs. The short version: module compatibility between Puppet 4 & 5, release date in this summer & consistent versioning between client & server. I’m biased as a Puppet user, but I’m looking forward to it.
Hey, I like Chef too! 🙂 There’s a new “Learn Chef” playground available with many tracks and modules to learn the basics and advanced usages of Chef as your config management tool of choice. It’s got badges!
A deeper look at the mosh shell, offering reliable SSH connections over UDP on flaky connections.
Stack Overflow shares some insights into the most frequently asked questions on their platform, including how to exit vim; “during peak traffic hours on weekdays, there are about 80 people per hour that need help getting out of Vim.”. Damn!
The team behind Elastic, which offers ElasticSearch, Logstash, Kibana, … is moving away from Alpine Docker containers and standardizing on CentOS 7.
Debian 9, code name Stretch, is due to be out on June 17th, 2017. This mailing list announcement has more details on the planning and timeline up to that release.
Quite a few new packages are finding their way to the new Debian release, in this post they get highlighted with a brief summary of what each does. Looks like a very big addition!
Lots of technical details here about the Dirty COW vulnerability from a few months ago, explaining how to carry out the attack and what happens in the kernel when that occurs.
Both Canonical and Red Hat have announced “universal packages”, a way to package binaries or services with all their dependencies, without interfering with others. This post takes a closer look at all the promises made by marketing, and looks at what universal packages offer today.
The Cloud Native Computing Foundation (CNCF) voted to accept CNI (Container Networking Interface) as the 10th hosted project alongside Kubernetes, Prometheus, OpenTracing, Fluentd, Linkerd, gRPC, CoreDNS, containerd, and rkt.
Tools & Projects
Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)
You know what sucks? Having an unexpected DNS change. Or waiting for a DNS change that doesn’t come through. Stop waiting & start monitoring! DNS Spy alerts you of any DNS change, wanted or unwanted, to any of your domains. And you know what’s great? It’s free for Open Source project maintainers. (Sponsored)
mysqldump every DB of your MySQL Server to its own, 7z-compressed file. The provided setup.sh auto-installs/updates the code and makes the script available as a new, simple shell command (zzmysqldump).
You (probably) won’t use this on your servers, but it’s useful if you have a Linux or Mac running at home; mchromecast lets you Cast your macOS and Linux Audio/Video to your Google Cast and Sonos Devices.
Magic lets you define bash functions on a per-directory basis.
This is a collection of Docker files and Vagrant boxes to get a development environment up-and-running for PHP. You can learn/use many of their Docker files if you’re implementing something similar in your own environment.
TFS is a modular, fast, and feature rich next-gen file system, employing modern techniques for high performance, high space efficiency, and high scalability. It’s inspired by the ideas behind ZFS, but at the same time it aims to be modular and easier to implement.
The Pappy (Proxy Attack Proxy ProxY) Proxy is an intercepting proxy for performing web application security testing. The CLI is different than most though (in a good way), allowing you to easily see, replay & modify HTTP headers. The (short) video on the homepage is worth a watch.
Haraka is a highly scalable node.js email server with a modular plugin architecture. Haraka can serve thousands of concurrent connections and deliver thousands of messages per second. Haraka and plugins are written in asyncronous JS and are very fast.
A new open-source project that provides a uniform way to help connect, secure, manage and monitor microservices. In the wise words of Kelsey Hightower: “Kubernetes changed how we deploy applications. Istio is going to change how we connect, manage, and secure them.“. That’s a high praise.
A first stable release of the systemd-free version of Debian 8, named Devuan.
Have you ever wanted to run Windows Defender on Linux? Well good news – now you can! This repository contains a library that allows native Linux programs to load and call functions from a Windows DLL.
Guides & Tutorials
Revisiting some older commands, like column, cal, factor, shred & numfmt.
We all care about performance, don’t we? This is a case of PostgreSQL performance troubleshooting with perf, flamegraphs & fair bit of SQL optimisations.
This post has quite a few code examples, but covers the basics in theory too: what you need to set up a HA (master/slave) Redis environment, and how to use that in your/the developer’s code.
I think that title is pretty self-explanatory. This post explains how to back up, restore and – wait for it – migrate PostgreSQL databases. With Barman. On CentOS 7. I know. Really!
Many of you are Python developers or use Python as the go-to language for scripting, so you’ll like this: all videos from PyCon 2017 are available on YouTube.
Over 100 videos from Red Hat’s conference a few weeks ago, covering OpenShift & OpenStack, container security, containers at scale, storage, …