Hi everyone! 👋
Welcome to cron.weekly issue #125.
Last week, the newsletter crossed the 10.000 subscribers mark! It’s pretty crazy to see as I still remember the first issue that went out to a handful of you.
I hope you’re all staying safe with the Corona craziness going around. The goal now is to do “social distancing” and I feel that’s just perfect for us techies. We were made for this! We were born for this! We’re the kings & queens of avoiding social contact! 😎
Stay inside, get comfortable and enjoy this issue. ☕️
The Corona Section
Sorry, I have to. I’m sure you’re tired of hearing of it all by now, but I do want to share these three links. Scroll further down for the tech-content.
Corona Science Journal
Bert Hubert, from PowerDNS fame, has been gathering an impressive list of science-articles, links & facts on this single page. Lots to go through, lots of updates. A very good starting point if you want a deep-dive into the Corona/COVID-19 virus. Straight up facts.
Flatten the curve
At this point I’m convinced there’s no outrunning Corona, pretty much everyone will at one point come into contact with it. The goal, as it stands, is to reduce the overload on the medical system and spread it longer across time. This ensures more people can get the clinical help they need.
Stay the Fuck Home
You’ve always wanted a reason to work from home, skip parties, avoid family events and “postpone” sports - right? This is it. This is your excuse. Let’s all just stay the fuck home.
News & general 🗞
Ask HN: Which configuration management software would/should you use in 2020?
This thread contains quite a few good suggestions, especially if you’re relatively new to the Config Management System (CMS) space. Lots of interesting discussions between immutable infrastructure vs. the reality of ever-changing servers. 😄
Linux Kernel Teaching - The Linux Kernel documentation
“This is a collection of lectures and labs on Linux kernel topics. The lectures focus on theoretical and Linux kernel exploration.”
Lots of info on system calls, how interrupts work, SMP (Symmetric Multi-Processing), … and many labs with a lot of Make files to build modules, examples & exercises. Such a treasure trove!
Open Source Code Search
Google released a project that allows you to quickly search through known open-source code. Quite a few syntax-options are available for searching, could allow for some powerful correlations.
Three new Intel CPU flaws disclosed
Yet another batch of Intel CPU flaws, this time it could allow access to secure enclaves. I guess it’s time to admit hardware has inherent flaws and should not be trusted?
Some more reading on the vulnerabilities:
- LVI - Hijacking Transient Execution with Load Value Injection + CVE-2020-0551 / INTEL-SA-00334
- TRRespass (Extension of the Rowhammer vulnerability from 2012)
- Snoop-assisted L1 Data Sampling
I’m just glad I don’t have the responsibility of hardware anymore. 😅
The Kernel Change That May Be Slowing Down Your App
A kernel “bug fix” that happened at the end of last year may be killing the performance of your Kubernetes- or Mesos-hosted applications. It’s related to the Completely Fair Scheduler (CFS) when you have CPU limits defined.
To link straight to the patch with comments, have a read here: sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu slices.
Tools & Projects 🛠
Dynamic container monitoring sponsored
Monitor all your EC2 services, Kubernetes and Docker container clusters in one place with Datadog. Easily determine which containers or pods are consuming excess resources with Datadog’s real-time container view and auto-generated container map. Start a free 14-day trial today.
ShiftLeft Inspect: Code Analysis for Dev & Ops (Fast, Accurate & Free) sponsored
ShiftLeft Inspect is static code analysis (SAST), purpose-built to insert into developer workflows without slowing them down. Inspect is 40X faster and 3X more accurate than traditional code analysis vendors. Sign-up for a free account and see for yourself.
SVT-AV1
SVT-AV1 is an open-source AV1 codec implementation that is the result of a partnership between Intel & Netflix. They’ve been working on the SVT-AV1 encoder and decoder framework since August 2018.
Twilio open source video app
The Twilio team announced they’re open sourcing three video collaboration applications, one for iOS, one for Android, and a ReactJS one for the Web. Looks to be pretty feature-complete, could make for a good basis to build future video apps on top of.
netscanner
netscanner is a TCP/UDP scanner to find open or closed ports, similar to nmap. I like the tcpdump-like style of passing CLI parameters.
Photo Stream
Photo stream is a simpler home for your photos. Easy to use, self-hosted, no tracking, just photos.
sanoid
Sanoid is a policy-driven snapshot management tool for ZFS filesystems. When combined with the Linux KVM hypervisor, you can use it to make your systems functionally immortal.
Bottlerocket OS
Bottlerocket is a free and open-source Linux-based operating system meant for hosting containers. Bottlerocket is currently in a developer preview phase.
legit
Legit is a complementary command-line interface for Git, optimized for workflow simplicity.
Memcached 1.6
A pretty big release for Memcached: deprecation of the binary protocol & some serious performance improvements in the network stack.
StatusBay
StatusBay is an open source tool that provides the missing visibility into the K8S deployment process. It does that by subscribing to K8S cluster(s), collecting all the relevant events from K8S and providing a step by step “zoom-in” into the deployment process.
APT 2.0 released
After brewing in experimental for a while, and getting a first outing in the Ubuntu 19.10 release, APT 2.0 is now landing in unstable. Some useful quality-of-life improvements are in this one. What I especially like is this one:
When apt cannot acquire the lock, it prints the name and pid of the process that currently holds the lock.
Small but very useful!
Firecracker
Firecracker is an open-source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services. Firecracker was developed at Amazon Web Services to improve the customer experience of services like AWS Lambda and AWS Fargate.
Guides & Tutorials 🎓
A QUIC look at HTTP/3
A very good summary on the changes coming to HTTP/3, by first looking at the history of HTTP/1 & HTTP/2. It’s important to understand the past if we are to understand the future! #SoundSmart
Why Are There Single “[]” and Double “[[]]” Brackets In Bash? What’s the Difference?
I started wondering what the difference of this was in Bash and found this post. A pretty good explanation that clicked for me. I was surprised to see that /usr/bin/[ actually exists, I always assumed it was a Bash built-in that got interpreted by the shell - but it’s an actual binary on the system.
Best Practices for ACME Client Operations
This massive page contains tons of tips & best practices when working with certificate authorities. If you’ve ever worked with SSL/TLS certs, make sure to glance the table of index - lots of interesting topics.
Speeding up zsh and Oh-My-Zsh
This was interesting to see how you can troubleshoot zsh with its built-in profiling & debugging tools. If you’ve ever cursed at a slow shell startup, this will get you started in finding the culprit.
Job Control: the Bash Feature You Only Think You Don’t Need
This post covers the basics of a very powerful Bash feature: jobs! How to send processes to the background, foreground, pause jobs, … Very useful if you’re in vim and want to quickly hop back/forth between the shell.