cron.weekly issue #125: Kernel, Intel, Netscanner, Memcached, APT & more


cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.
Image of Mattias Geniar

Mattias Geniar, March 15, 2020

Follow me on Twitter as @mattiasgeniar

Hi everyone! 👋

Welcome to cron.weekly issue #125.

Last week, the newsletter crossed the 10.000 subscribers mark! It’s pretty crazy to see as I still remember the first issue that went out to a handful of you.

I hope you’re all staying safe with the Corona craziness going around. The goal now is to do “social distancing” and I feel that’s just perfect for us techies. We were made for this! We were born for this! We’re the kings & queens of avoiding social contact! 😎

Stay inside, get comfortable and enjoy this issue. ☕️

The Corona Section

Sorry, I have to. I’m sure you’re tired of hearing of it all by now, but I do want to share these three links. Scroll further down for the tech-content.

Corona Science Journal

Bert Hubert, from PowerDNS fame, has been gathering an impressive list of science-articles, links & facts on this single page. Lots to go through, lots of updates. A very good starting point if you want a deep-dive into the Corona/COVID-19 virus. Straight up facts.

Flatten the curve

At this point I’m convinced there’s no outrunning Corona, pretty much everyone will at one point come into contact with it. The goal, as it stands, is to reduce the overload on the medical system and spread it longer across time. This ensures more people can get the clinical help they need.

Stay the Fuck Home

You’ve always wanted a reason to work from home, skip parties, avoid family events and “postpone” sports - right? This is it. This is your excuse. Let’s all just stay the fuck home.

News & general 🗞

Ask HN: Which configuration management software would/should you use in 2020?

This thread contains quite a few good suggestions, especially if you’re relatively new to the Config Management System (CMS) space. Lots of interesting discussions between immutable infrastructure vs. the reality of ever-changing servers. 😄

Linux Kernel Teaching - The Linux Kernel documentation

“This is a collection of lectures and labs on Linux kernel topics. The lectures focus on theoretical and Linux kernel exploration.

Lots of info on system calls, how interrupts work, SMP (Symmetric Multi-Processing), … and many labs with a lot of Make files to build modules, examples & exercises. Such a treasure trove!

Open Source Code Search

Google released a project that allows you to quickly search through known open-source code. Quite a few syntax-options are available for searching, could allow for some powerful correlations.

Three new Intel CPU flaws disclosed

Yet another batch of Intel CPU flaws, this time it could allow access to secure enclaves. I guess it’s time to admit hardware has inherent flaws and should not be trusted?

Some more reading on the vulnerabilities:

I’m just glad I don’t have the responsibility of hardware anymore. 😅

The Kernel Change That May Be Slowing Down Your App

A kernel “bug fix” that happened at the end of last year may be killing the performance of your Kubernetes- or Mesos-hosted applications. It’s related to the Completely Fair Scheduler (CFS) when you have CPU limits defined.

To link straight to the patch with comments, have a read here: sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu slices.

Tools & Projects 🛠

Dynamic container monitoring sponsored

Monitor all your EC2 services, Kubernetes and Docker container clusters in one place with Datadog. Easily determine which containers or pods are consuming excess resources with Datadog’s real-time container view and auto-generated container map. Start a free 14-day trial today.

ShiftLeft Inspect: Code Analysis for Dev & Ops (Fast, Accurate & Free) sponsored

ShiftLeft Inspect is static code analysis (SAST), purpose-built to insert into developer workflows without slowing them down. Inspect is 40X faster and 3X more accurate than traditional code analysis vendors. Sign-up for a free account and see for yourself.

SVT-AV1

SVT-AV1 is an open-source AV1 codec implementation that is the result of a partnership between Intel & Netflix. They’ve been working on the SVT-AV1 encoder and decoder framework since August 2018.

Twilio open source video app

The Twilio team announced they’re open sourcing three video collaboration applications, one for iOS, one for Android, and a ReactJS one for the Web. Looks to be pretty feature-complete, could make for a good basis to build future video apps on top of.

netscanner

netscanner is a TCP/UDP scanner to find open or closed ports, similar to nmap. I like the tcpdump-like style of passing CLI parameters.

Photo Stream

Photo stream is a simpler home for your photos. Easy to use, self-hosted, no tracking, just photos.

sanoid

Sanoid is a policy-driven snapshot management tool for ZFS filesystems. When combined with the Linux KVM hypervisor, you can use it to make your systems functionally immortal.

Bottlerocket OS

Bottlerocket is a free and open-source Linux-based operating system meant for hosting containers. Bottlerocket is currently in a developer preview phase.

legit

Legit is a complementary command-line interface for Git, optimized for workflow simplicity.

Memcached 1.6

A pretty big release for Memcached: deprecation of the binary protocol & some serious performance improvements in the network stack.

StatusBay

StatusBay is an open source tool that provides the missing visibility into the K8S deployment process. It does that by subscribing to K8S cluster(s), collecting all the relevant events from K8S and providing a step by step “zoom-in” into the deployment process.

APT 2.0 released

After brewing in experimental for a while, and getting a first outing in the Ubuntu 19.10 release, APT 2.0 is now landing in unstable. Some useful quality-of-life improvements are in this one. What I especially like is this one:

When apt cannot acquire the lock, it prints the name and pid of the process that currently holds the lock.

Small but very useful!

Firecracker

Firecracker is an open-source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services. Firecracker was developed at Amazon Web Services to improve the customer experience of services like AWS Lambda and AWS Fargate.

Guides & Tutorials 🎓

A QUIC look at HTTP/3

A very good summary on the changes coming to HTTP/3, by first looking at the history of HTTP/1 & HTTP/2. It’s important to understand the past if we are to understand the future! #SoundSmart

Why Are There Single “[]” and Double “[[]]” Brackets In Bash? What’s the Difference?

I started wondering what the difference of this was in Bash and found this post. A pretty good explanation that clicked for me. I was surprised to see that /usr/bin/[ actually exists, I always assumed it was a Bash built-in that got interpreted by the shell - but it’s an actual binary on the system.

Best Practices for ACME Client Operations

This massive page contains tons of tips & best practices when working with certificate authorities. If you’ve ever worked with SSL/TLS certs, make sure to glance the table of index - lots of interesting topics.

Speeding up zsh and Oh-My-Zsh

This was interesting to see how you can troubleshoot zsh with its built-in profiling & debugging tools. If you’ve ever cursed at a slow shell startup, this will get you started in finding the culprit.

Job Control: the Bash Feature You Only Think You Don’t Need

This post covers the basics of a very powerful Bash feature: jobs! How to send processes to the background, foreground, pause jobs, … Very useful if you’re in vim and want to quickly hop back/forth between the shell.



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.