cron.weekly issue #93: Debian, Git, Jerakia, Lighthouse, hey, load, compression, OpenVPN & moreAugust 13, 2017 - Mattias Geniar
Welcome to cron.weekly issue #93 for Sunday, August 13th, 2017.
It’s been a busy week with some lack of sleep, so if this seems like a shorter issue – it’s not your imagination, it is a shorter issue. But that doesn’t mean there isn’t enough content to share!
A nicely coordinated update to both git, svn & mercurial to help fix a security problem with ssh:// upstreams in your version control.
GoCD is a continuous delivery tool specializing in advanced workflow modeling and dependency management. New AWS ECS elastic agents plugin just released. Optimizes your utilization and reduces infrastructure cost now. (Sponsored)
Some pretty good arguments about how Kernel development, and its scale, require different approaches and how that doesn’t fit it with the way Github proposes to use git.
Puppet is a popular config management tool. This post looks at those Puppet server instances that are available on the internet and what information they expose. Tl;dr: make sure you firewall your Puppet servers.
Something tells me this might get reverted due to legacy applications, but it’s a great move for security: the plan is to leave only TLS 1.2 as the supported SSL/TLS protocol version.
A new resources to help convince users to switch to Linux and help them choose a distribution that would suite them best.
Tools & Projects
Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)
Jerakia is a pluggable hierarchical data lookup engine. It is not a database, Jerakia itself does not store any data but rather gives a single point of access to your data via a variety of back end data sources. Jerakia is inspired by Hiera, and can be used a drop in replacement.
kube-spawn is a tool to easily start a local, multi-node Kubernetes cluster on a Linux machine. While its original audience was mainly developers of Kubernetes, it’s turned into a tool that is great for just trying Kubernetes out and exploring.
A new system monitoring dashboard for terminal. Did anyone keep track of how many characters were still available to put before ‘top’? 🙂
stank is a library and collection of command line utilities for sniffing files to identify shell scripts like bash, sh, zsh, ksh, …
Transparent proxy server that works as a poor man’s VPN. Forwards over ssh. Doesn’t require admin. Works with Linux and MacOS. Supports DNS tunneling.
Up deploys infinitely scalable serverless apps, APIs, and static websites in seconds, so you can get back to working on what makes your project unique. Up currently supports Node.js, Golang, Python, Crystal, and static sites out of the box. Up is provider-agnostic, supporting AWS Lambda and API Gateway as the first targets.
Lighthouse analyzes web apps and web pages, collecting modern performance metrics and insights on developer best practices.
This is actually the project that caused my lack of sleep this week. I’ve been experimenting with the Go language and wrote a simple tool to send random HTTP calls to a webserver. Nothing you’d actually use, but a fun trip down concurrency lane in Go.
If you’re looking at HTTP load testing, this is probably more of a tool to use: it’s an HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom.
Open source service automation platform.
Utility to show network traffic (both TCP and UDP v4 and v6) split by process and remote host.
A bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocket.chat,hipchat (via xmpp), steam and matrix with REST API.
Guides & Tutorials
Make sure to hit ‘toggle pointless gifs’ to make this article more readable (by hiding them). Lots of really good info on how compression works by giving a clear, visual explanation. Applies to all kinds of compression we use daily, like tar/gzip/zip/…
Ever wondered what goes into the calculation of the “load” on Linux? Brendan Gregg finds out for us. Absolutely recommend this read, lots of history and information around one our industry standard metrics.
Ever wanted to block particular User-Agents from accessing your sites using some simple .htaccess code? This gets you going.
A nice & readable set of examples for nmap. I like how it’s ordered per section, makes it quick to look things up again.
How do you add redundant gateways if you have multiple site-to-site VPNs sharing the same subnet?