cron.weekly issue #2


cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, November 10, 2015

Follow me on Twitter as @mattiasgeniar

This is the second edition of the cron.weekly newsletter. I’ve gotten some good feedback on the previous edition and I’ve taken it to heart: from now on, links are grouped more logically as you’ll see below.

News

Letsencrypt.org public beta on December 3rd

The LetsEncrypt.org initiative is about to enter the public beta stage on December 3rd. That means: free, secure and trusted TLS certificates for everyone that wants one. The beta label gives them some freedom to make changes to their scripts, procedures and outcome – but the TLS certificates are valid nonetheless.

More than 1600 games on Steam for Linux

This may not be relevant for everyone, but having games on the Linux platform is a great motivator for both driver compatibility, kernel stability and new features / hardware support.

Why improving kernel security is important

This is a blogpost arguing why the kernel needs to focus more on security in order to prevent kernel bugs from turning into exploitable vulnerabilities in userspace.

The Stack Behind Netflix Scaling

An interesting writeup on all the open source tools used by Netflix to get where they are today. Lots of good links and internal information on the workings of Netflix.

Tools & projects

fwupd

The fwupd project offers a daemon that allows you to install firmware updates to your physical hardware.

Tensorflow: Google’s open source library for machine intelligence

The title sort of says it all. This is a huge project that’s being open sourced by Google. Tensorflow.org has some more marketing material on the project and Jeff Dean’s (Google) youtube video does a clean job of explaining where the project came from and what problems it solves for Google.

icmptunnel

This is an interesting solution to tunnel your network traffic through obscure networks, by encapsulating it in icmp echo/reply packets. Most networks allow icmp (ping) so this could be a convenient way to tunnel your traffic in those restricted networks.

Vegeta: HTTP load testing

Vegeta is a versatile HTTP load testing tool written in Go built out of a need to drill HTTP services with a constant request rate. It can be used both as a command line utility and a library. This is a lightweight HTTP load tester that’s not as heavy as say ab or siege, but not as flexible as jmeter.

Clair: Container Vulnerability Analysis Service

Clair is a new project by the CoreOS. It’s a tool to monitor the security of your containers. It can inspect containers for known security flaws. It’s API driven and should be easily integrated into any continuous integration service.

Guides & Tutorials

Understanding sudoers(5) syntax

This is a clean and organised blogpost with more details on how sudo works, the syntax involved and some best practices.

Kubernetes: Basic Concepts

A technical rundown on the components involved in Kubernetes, a container orchestration and cluster management tool. From resource scheduling to the individual components and nomenclature. If you haven’t had a change to look at Kubernetes yet, this is a good introduction.

Digging into Kubernetes with Sysdig

This sort of ties in with the Kubernetes post above, this time from the sysdig crew with a technical rundown on how you can use sysdig to inspect containers running via Kubernetes.

Moving a service from Puppet to Docker

Having config management is great, but it’s not the best solution to every problem you face. While this post targets Puppet, it applies to all other brands of CM’s as well. There’s an argument to be made as to why Docker is, in some cases, a better alternative for managing your infrastructure.

Get the most out of systemd

Systemd is here to stay. This guide covers the command line interface, the unit files and some useful examples of the built-in cron replacements and journalling systemd offers.



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.