cron.weekly issue #17: Mint, GCC, Ansible, Python, Kubernetes, MongoDB & performance


cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, February 28, 2016

Follow me on Twitter as @mattiasgeniar

Welcome to cron.weekly for Sunday, February 28th, 2016.

Once again a full edition with lots of interesting links and follow-up items.

News

Mint Backdoored Linux Mint, and the Perils of Checksums

Lots of attention last week to this problem: it seems the forums of Linux Mint were hacked for several weeks, and the attackers managed to build a custom .ISO that was offered for download. It even spawned some reactions concerning general security in the Mint project.

Impressions from #AnsibleFest London 2016

A really nice write-up on the AnsibleFest conference 2 weeks ago. The post has plenty of links to the presentations and other blogposts that further summarise this Ansible event. From networking to continuous deployment to immutable infrastructures.

Cheap BlueTooth Buttons and Linux

A fun article looking at the low-level bluetooth implementation of cheap buttons, like used in selfiesticks. Interesting script & code examples to use on Linux, too.

Gitlab 8.5 released

This open source Github/Bitbucket clone reached a new milestone with their 8.5 release: much faster (like: 3-5x), introducing TODO’s, custom domains for Gitlab Pages and a much easier way to revert a commit via the GUI.

Distribution packages considered insecure

This post explores the implicit thrust we place in package maintainers and the faith we have in them for responding to security vulnerabilities within a reasonable timeframe. Lots of good arguments there.

Microsoft’s Python Engineering blog

This could become an interesting blog to follow: the Python team at Microsoft now has a tech-blog of their own.

These 3 things are trying to kill Linux containers

This post is fairly high-level, but offers some food for thought on what’s going on with Linux containers: fragmentation, open vs. partially open sourced containers and improper use of containers by vendors.

UEFI bricking via ‘rm’ fixed in kernel

This commit fixes the problem where an “rm” command from a Linux server could, accidentally, destroy the UEFI firmware running the machine – rendering it unusable.

9 really odd Linux commands

I’m not usually interested in typical list-posts, but this one covered some tools I never heard of: shuf, look, cowsay, factor, … and some more obscure tools.

Interesting GCC 6 feature: -Wmisleading-indentation

GCC 6 is just around the corner, and the new compiler has a very interesting new compiler flag: -Wmisleading-indentation. In C-code, it’s very easy to misread code because its indentation is of. Think the classical ‘goto fail;‘ bug in Mac OSX. This new flag warns the user about misleading indentation, potentially causing bugs or security vulnerabilities.

Improving Kubernetes Scheduler Performance

If your primary job, as a tool, is the schedule containers, it better be good at it. This blogpost dives into the way Kubernetes handles it, with lots of technical insights.

What companies and open source can learn from each other

If you liked Nadia’s previous open source post (‘How I Stumbled Upon The Internet’s Biggest Blind Spot‘), you might like this one too: comparing the way companies and open source projects handle management, decision making and sustainability.

Out with Iceweasel, in with Firefox

After almost a decade of having to name the Firefox package ‘Iceweasel’, the Debian project have reached an agreement with Mozilla to finally have the rights to name the browser Firefox.

Ubuntu 16.04 LTS beta 1

The first beta of Ubuntu 16.04 is up for download: this blogpost covers what’s new and what’s interesting.

How Ubuntu 16.04 Is Performing Compared To Five Other Linux Distributions

In follow-up of the previous link: this 7-page article tests Ubuntu 16.04 against Fedora 23, Ubuntu 15 and openSUSE 42. Benchmarks run on the graphics, the OS and disk I/O.

Why We Chose Kubernetes

If you’re running multiple Docker containers, chances are you’re looking for some kind of scheduler or orchestrator to handle that workload. This post compares Swarm, Mesosphere, Tutum and Kubernetes.

Tools & Projects

linkerd

How do you operate a microservice application at scale? It introduces lots of interesting challenges like unpredictable workloads, scalability, … Linkerd is a new tool to help manage those microservices, introducing load balancing, real-time traffic routing and lots of statistics for monitoring.

peer-tweet

This project offers decentralized feeds (RSS) using BitTorrent’s DHT. An interesting implementation of a tracker-less, distributed, protocol.

how2

A StackOverflow client from the CLI: simply type “how2 read a file while changing”, and you get a nicely presented answer on how to use tail from StackOverflow.

mosh

The mosh shell isn’t new, but is worth mentioning nonetheless: this shell is ideal for roaming users, with high latency and intermittent connectivity, while still continuing to work.

cash

Cross-platform Linux without the suck: a node package you can install on any platform, that emulates Linux. Like Cygwin, but without the hassle.

BeeGFS

BeeGFS (formerly FhGFS) is a parallel cluster file system, developed with a strong focus on performance and designed for very easy installation and management.

Guides & Tutorials

Understanding git for real by exploring the .git directory

Git is a complex beast. Instead of following countless tutorials, repeating the same actions, this guide explores git by looking at the hidden .git directory and looking at it from a very technical point-of-view.

From Catalog To Mgmt

A couple of issues back I mentioned “mgmt“, the next generation config management tool. This blogpost explores a way to have Puppet’s catalog be used as input for the new mgmt tool. Really cool proof-of-concept if you’re a Puppet fan.

MongoDB performance tuning with ‘dex’

This post covers the use case of the ‘dex’ tool, which can read your MongoDB logs and offer meaningful improvements. Sort of like mysqltuner for MySQL, but for MongoDB.

50 Shades of System Calls

Sysdig has several ‘plugins’ that can further enhance its features: this post dives into a particular plugin (or ‘chisel’, as they call it) named ‘spectogram’. It can show a heatmap of system calls (open, close, read, write, socket, …) which could be useful when debugging.

Import a Docker Container in Python

Imagine being able to communicate with an application running in a Docker container from Python with very little code? This blogpost introduces a tool called sidomo which does just that.

Creating Your Own SSL Certificate Authority (and Dumping Self Signed Certs)

A useful guide if you’re running a lot of internal systems and are tired of self-signed SSL certificate warnings: how to run your own Certificate Authority.

Install Elasticsearch, Logstash, and Kibana (ELK Stack) on CentOS 7

Install the entire ELK stack on CentOS 7.

perf top: an awesome way to spy on CPU usage

A practical guide on using ‘perf’ to investigate and analyse CPU usage on a linux server.

A performance comparison of ZFS and BTRFS on Linux (PDF)

This thesis (in PDF) does a really in-depth analysis of the performance of ZFS vs. BTRFS on Linux. If anything, skip to the conclusion and read the interesting takeaways there.



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.