Welcome to cron.weekly issue #109 for Sunday, December 10th, 2017.
A bigger issue than last time, so hopefully it’ll be enough to keep you all busy. đ
News
Open source innovation is now all about vendor on-ramps
This isn’t exactly news to most of us, but more & more big companies are turning to open source, only to lure customers to their paid version of the same software, boasting with their operational efficiency. After all, open source software needs maintenance, engineers, up-time, bugfixes, âŚ
Evolution of img: Gif without the GIF
With the latest Safari update, all major browsers have support for MP4 video. All GIF’s can now be replaced with the much more efficient video format.
European Parliament has approved budget for VLC bug bounty program
The European Parliament has approved budget to extend the software security audit programme (FOSSA), in this case by providing a bug bounty on VLC, allowing anyone to report security issues & be rewarded for it.
The Eternal Cost Savings Of Netflix’s Internal Spot Market
These folks work at a scale most of us can only imagine: Netflix has its own âspot marketâ, donating free cpu cycles/memories from their servers to internal projects like video rendering (which server isn’t oversized nowadays?).
Chrome to force .dev domains to HTTPS via preloaded HSTS
Last week, Chrome 63 was automatically rolled out worldwide. With it, the change that forces all domains ending in â.devâ to HTTPS. If your development crew uses local .dev domains, make sure they either support HTTPS or consider another development TLD, like â.testâ.
Wildcard Let’s Encrypt certificates coming in February 2018
The Let’s Encrypt team highlighted their roadmap for 2018. My biggest feature I’m looking forward to: wildcard certificates, which should be available around February 27th, 2018.
Tools & Projects
Get full-stack observability with Datadog
Go from a global view of your infrastructure to inspecting an individual request trace, all in one developer-friendly platform. Start a free 14-day trial. (Sponsored)
APPUiO: Open Container Platform with a Powerful Community
The Swiss Container Platform APPUiO is based on OpenShift by Red Hat. Reliable Open Source concepts such as Docker and Kubernetes allow you to develop, operate and scale your application according to your needs. Contact us for a free one month trial of APPUiO. (Sponsored)
RocksDB storage engine for MySQL
This project allows you to use the RocksDB storage engine in MySQL server, giving you up to 2x the compression capacity, faster replication & improved write efficiency.
fswatch
fswatch is a file change monitor that receives notifications when the contents of the specified files or directories are modified.
sysdig-inspect
Sysdig Inspect is a powerful opensource interface for container troubleshooting and security investigation. Inspect’s user interface is designed to intuitively navigate the data-dense sysdig captures that contain granular system, network, and application activity of a Linux system.
misocoin
Misocoin is a barebones bitcoin-like protocol implemented in Python 3.x.
Kubernetes Memcached Operator
memcached-operator is a Kubernetes Operator for deploying and managing a cluster of Memcached instances. memcached-operator provides a single Service endpoint that memcached client applications can connect to to make use of the memcached cluster.
containerd 1.0
The industry-standard runtime for building container solutions, has reached its 1.0 milestone.
zbox
Zbox is a zero-details, privacy-focused embeddable file system. Its goal is to help application store files securely, privately and reliably. By encapsulating files and directories into an encrypted repository, it provides a virtual file system and exclusive access to authorised application.
TrimPCAP
Network packet captures tend to produce huge files. TrimPCAP is a free open source tool that reduces the size of capture files in an intelligent way.
katacontainers
Kata Containers is a new open source project building extremely lightweight virtual machines that seamlessly plug into the containers ecosystem.
healthchecks
healthchecks is a watchdog for your cron jobs. It’s a web server that listens for pings from your cron jobs, plus a web interface, and can alert when pings have been missed (and the cronjobs haven’t run).
Guides & Tutorials
Continuous Delivery: GoCD VS Spinnaker
GoCD or Spinnaker? This post is an overview of GoCD and Spinnaker, why they are different from each other and which problems you should use them to solve. Check it out. (Sponsored)
Dynamic linker tricks: Using LD_PRELOAD to cheat, inject features and investigate programs
This is an interesting dev-trick, you can overwrite functions in applications yourself, by making your sure code/library/binary gets loaded_ before_ the actual application, using the LD_PRELOAD environment variable.
How Iâve captured all passwords trying to ssh into my server!
A fun exercise on what kind of (unwanted) auth requests you get on your SSH server, by logging all the passwords in plain text.
ffwd: delegation is (much) faster than you think
A lot of in-depth info on what it takes to scale applications beyond a single core or thread, talking about sharing variables & data structures across threads. Very theoretical, but I found it interesting.
Pentest: owning a docker host
A fun read on how a WordPress running inside in Docker could be hacked and the author got root access on the host.
Measuring Asymmetric latency via NTP
I won’t pretend to fully understand the math, but it’s an interesting problem: if NTP updates are sent via the internet, how do you know if it’s still accurate, or delayed due to packetloss or jitter on the line?
pgexercises
PGExercises provides a series of questions and explanations built on a single, simple dataset. The exercises on this site range from simple select and where clauses, through joins and case statements, and on to aggregations, window functions, and recursive queries.
Monitoring for Windows Event Logs and the Untold Story of proper ELK Integration
Even if you’re a die-hard Linux user, chances are you have a Windows box around you need for some proprietary code. This post explains how to get Windows Event Viewer data into Elasticsearch, so you can use Kibana to visualize logs & events.
Sudoku Recursive Common Table Expression Solver
How does a database geek solve a sudoku? He writes a recursive SQL query, obviously.
PostgreSQL HA cluster failure: a post-mortem
Another interesting post-mortem, after a near 2 hour outage on a PostgreSQL cluster. Lots of interesting details how their cluster was set up, combining both sync & async slaves for redundancy. I like that approach!
Check disk space of your BTRFS snapshots with btrfs-du
That title explains it all, doesn’t it? đ
8 emerging trends in container orchestration
Platforms such as Kubernetes, Mesos, Amazon Elastic Container Service (ECS), Azure Container Service, and Google Kubernetes Engine provide a layer of abstraction and automation to help manage large numbers of ephemeral containers. This research looks at the different trends in the landscape.