cron.weekly issue #3

cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, November 21, 2015

Follow me on Twitter as @mattiasgeniar

This is the 3rd edition of the cron.weekly newsletter. I’m seeing new signups and no unsubscribes – that motives me even more to keep the new content coming!

A lot of things happened last week, so it’s a pretty big issue this time.

News

Icinga 2.4 released

This new version features a REST API and improved web interface. Most of the development in this release went into the API and making all other tools (web, cli, graphite) take advantage of it.

Copy-Paste from Website to Terminal is dangerous

This is a good reminder on why we shouldn’t blindly copy/paste commands from the web into our terminal. Even if we ignore copy/pasting from the web, evaluating the content of a script that contains terminal escape sequences is tricky and could allow an attacker to trick even the most experienced of sysadmins.

Scale Testing Docker Swarm to 30,000 Containers

This is an impressive demo on how the team at Docker used Swarm, their container clustering tool, to launch and manage over 30.000 containers on 1.000 hosts.

Red Hat Enterprise Linux 7.2 released

Red Hat has released version 7.2 of their Enterprise Linux distribution. We should expect to see a CentOS 7.2 within a couple of weeks. It contains quite a few bugfixes and adds improved support for OpenSCAP (Security Content Automation Protocol) as wel as updates to the Docker engine and its management tools.

Nmap 7 released

Quite the release week, indeed! Nmap released version 7 of its network and security scanner. Among its top improvements are better Scripting Engine support, mature IPv6, faster scans and more SSL/TLS scanning options.

Wireshark 2.0 released

The releases just keep on coming: Wireshark, the popular network packet capturer has released version 2.0.0. The most obvious change is a new GUI that should run smoother.

TrueCrypt is safer than previously reported

It’s taken a bit of a beating the last couple of months, but recent analysis concludes that TrueCrypt is, in fact, pretty safe to use.

Microsof’s Visual Studio “Code” now open source

I know what you’re thinking, this is a Linux newsletter – right? Well, turns out … the latest release of Microsoft’s Visual Studio editor is both open source and runs fine on Linux and Mac machines. Its code project seems like a great editor for both .NET and Node.js coding.

DARLING: run unmodified OS X binaries on Linux

Similar to how the Wine project allows you to run Windows binaries on Linux, the Darling project allows you to run Mac OSX binaries on Linux. It’s a young project, but the first proof-of-concepts are already available.

Tools & Projects

Traefik: a modern reverse proxy

Traefik is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease. It supports several backends directly (Docker, Mesos/Marathon, Consul, Etcd, Zookeeper, BoltDB, Rest API, file…) to manage its configuration automatically and dynamically.

Nixar – Joyable equivalents for existent linux commands

If you’ve ever felt the cli interface to lack coherence or logic, maybe this project is something for you. It “joyable” equivalents for existent linux/mac/windows commands for developers and admins.

Mailur: the future open source replacement for Gmail

This new webmail client tries to compete with Gmail, using a slick and lightweight interface with tabs, bidirectional synchronisation, threads and labels.

Desk: A lightweight workspace manager for the shell

Desk makes it easy to flip back and forth between different project contexts in your favorite shell. Change directory, activate a virtualenv or rvm, load in domain-specific aliases, functions, arbitrary shell files, all in a single command.

Spinnaker

Another fine release from the Netflix open source team! Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.  Spinnaker is designed with pluggability in mind; the platform aims to make it easy to extend and enhance cloud deployment models.

Heroic: time series database by Spotify

Heroic is the in-house time series database Spotify uses as the backend for its monitoring infrastructure. It’s a layer on top of Kafka, Cassandra and Elasticsearch.

Adsuck: DNS blocker

Adsuck is a small DNS server that spoofs blacklisted addresses and forwards all other queries. The idea is to be able to prevent connections to undesirable sites (such as ad servers, crawlers and other bloat).

Yoke

Yoke is a Postgres redundancy/auto-failover solution that provides a high-availability PostgreSQL cluster that’s simple to manage.

Apache Geode

Geode is an open source, distributed, in-memory database for scale-out applications. In short, Geode is an application that could replace your memcached setups if you’re struggling with the limitations of memcached.

Guides & Tutorials

Defending against a Varnish cache poisoning attack

This blogpost by the Varnish team offers some insights into Varnish cache poisoning/invalidation attacks that could be used to launch a denial-of-service attack against a running Varnish instance. They go into more detail on using multiple different backends to protect against such an attack.

Core technology: signals

This post goes into more details on the signals you can send to processes. What are the differences between a SIGHUP and a SIGINT? How do applications implement different signals? A good read to refresh your knowledge on process signals in Linux.

Using tar to Perform Incremental Dumps

A short but useful guide on using tar to create incremental back-ups instead of full back-ups on each run.

More privacy, less latency: improved handshakes in TLS version 1.3

A really in-depth blogpost for all the crypto fans. It focusses on the improvements TLS 1.3 can bring in terms of speed for setting up TLS connections faster.

Scaling Node.js Applications

This post dives into 2 techniques to make Node.je more scalable: building multi-core support in the code itself, with the cluster module and placing an nginx reverse proxy & load balancer in front of it.

MonitoringScape: a monitoring tool overview

This is an impressive overview of the different monitoring tools out there. The last couple of years, a lot of the #monitoringsucks camp has been moving to a more positive #monitoringlove attitude. The result is an immense growth in monitoring solutions, database backends and on-call services. This post gives you a nice overview of each of them.

The Event Loop API of libsystemd

This blogpost comes form one of the creators of systemd. It goes into more detail on the creation of sd-event, a new event-loop API written for systemd. It goes deeper into the API and offers a lot of insights from a technical point of view.

Multimedia on Linux Command Line: wget, PdfTK, ffmpeg, flac, SoX

Some nice hands-on examples of modifying PDF files, converting video and audio and doing screen recording with tools at the Linux CLI.

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.