Hi everyone! 👋
Welcome to cron.weekly issue #125.
I hope you’re all staying safe with the Corona craziness going around. The goal now is to do “social distancing” and I feel that’s just perfect for us techies. We were made for this! We were born for this! We’re the kings & queens of avoiding social contact! 😎
Stay inside, get comfortable and enjoy this issue. ☕️
The Corona Section
Sorry, I have to. I’m sure you’re tired of hearing of it all by now, but I do want to share these three links. Scroll further down for the tech-content.
Bert Hubert, from PowerDNS fame, has been gathering an impressive list of science-articles, links & facts on this single page. Lots to go through, lots of updates. A very good starting point if you want a deep-dive into the Corona/COVID-19 virus. Straight up facts.
At this point I’m convinced there’s no outrunning Corona, pretty much everyone will at one point come into contact with it. The goal, as it stands, is to reduce the overload on the medical system and spread it longer across time. This ensures more people can get the clinical help they need.
You’ve always wanted a reason to work from home, skip parties, avoid family events and “postpone” sports - right? This is it. This is your excuse. Let’s all just stay the fuck home.
News & general 🗞
This thread contains quite a few good suggestions, especially if you’re relatively new to the Config Management System (CMS) space. Lots of interesting discussions between immutable infrastructure vs. the reality of ever-changing servers. 😄
“This is a collection of lectures and labs on Linux kernel topics. The lectures focus on theoretical and Linux kernel exploration.”
Lots of info on system calls, how interrupts work, SMP (Symmetric Multi-Processing), … and many labs with a lot of
Make files to build modules, examples & exercises. Such a treasure trove!
Google released a project that allows you to quickly search through known open-source code. Quite a few syntax-options are available for searching, could allow for some powerful correlations.
Three new Intel CPU flaws disclosed
Yet another batch of Intel CPU flaws, this time it could allow access to secure enclaves. I guess it’s time to admit hardware has inherent flaws and should not be trusted?
Some more reading on the vulnerabilities:
- LVI - Hijacking Transient Execution with Load Value Injection + CVE-2020-0551 / INTEL-SA-00334
- TRRespass (Extension of the Rowhammer vulnerability from 2012)
- Snoop-assisted L1 Data Sampling
I’m just glad I don’t have the responsibility of hardware anymore. 😅
A kernel “bug fix” that happened at the end of last year may be killing the performance of your Kubernetes- or Mesos-hosted applications. It’s related to the Completely Fair Scheduler (CFS) when you have CPU limits defined.
To link straight to the patch with comments, have a read here: sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu slices.
Tools & Projects 🛠
Dynamic container monitoring sponsored
Monitor all your EC2 services, Kubernetes and Docker container clusters in one place with Datadog. Easily determine which containers or pods are consuming excess resources with Datadog’s real-time container view and auto-generated container map. Start a free 14-day trial today.
ShiftLeft Inspect is static code analysis (SAST), purpose-built to insert into developer workflows without slowing them down. Inspect is 40X faster and 3X more accurate than traditional code analysis vendors. Sign-up for a free account and see for yourself.
SVT-AV1 is an open-source AV1 codec implementation that is the result of a partnership between Intel & Netflix. They’ve been working on the SVT-AV1 encoder and decoder framework since August 2018.
The Twilio team announced they’re open sourcing three video collaboration applications, one for iOS, one for Android, and a ReactJS one for the Web. Looks to be pretty feature-complete, could make for a good basis to build future video apps on top of.
netscanner is a TCP/UDP scanner to find open or closed ports, similar to
nmap. I like the
tcpdump-like style of passing CLI parameters.
Photo stream is a simpler home for your photos. Easy to use, self-hosted, no tracking, just photos.
Sanoid is a policy-driven snapshot management tool for ZFS filesystems. When combined with the Linux KVM hypervisor, you can use it to make your systems functionally immortal.
Bottlerocket is a free and open-source Linux-based operating system meant for hosting containers. Bottlerocket is currently in a developer preview phase.
Legit is a complementary command-line interface for Git, optimized for workflow simplicity.
A pretty big release for Memcached: deprecation of the binary protocol & some serious performance improvements in the network stack.
StatusBay is an open source tool that provides the missing visibility into the K8S deployment process. It does that by subscribing to K8S cluster(s), collecting all the relevant events from K8S and providing a step by step “zoom-in” into the deployment process.
After brewing in experimental for a while, and getting a first outing in the Ubuntu 19.10 release, APT 2.0 is now landing in unstable. Some useful quality-of-life improvements are in this one. What I especially like is this one:
When apt cannot acquire the lock, it prints the name and pid of the process that currently holds the lock.
Small but very useful!
Firecracker is an open-source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services. Firecracker was developed at Amazon Web Services to improve the customer experience of services like AWS Lambda and AWS Fargate.
Guides & Tutorials 🎓
A very good summary on the changes coming to HTTP/3, by first looking at the history of HTTP/1 & HTTP/2. It’s important to understand the past if we are to understand the future! #SoundSmart
I started wondering what the difference of this was in Bash and found this post. A pretty good explanation that clicked for me. I was surprised to see that
/usr/bin/[ actually exists, I always assumed it was a Bash built-in that got interpreted by the shell - but it’s an actual binary on the system.
This massive page contains tons of tips & best practices when working with certificate authorities. If you’ve ever worked with SSL/TLS certs, make sure to glance the table of index - lots of interesting topics.
This was interesting to see how you can troubleshoot
zsh with its built-in profiling & debugging tools. If you’ve ever cursed at a slow shell startup, this will get you started in finding the culprit.
This post covers the basics of a very powerful Bash feature: jobs! How to send processes to the background, foreground, pause jobs, … Very useful if you’re in
vim and want to quickly hop back/forth between the shell.