cron.weekly issue #37: Kubernetes, diffs, SYN floods, chage, Jenkins & more!

cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, July 17, 2016

Follow me on Twitter as @mattiasgeniar

Welcome to cron.weekly issue #37 for Sunday, July 17th, 2016.

I’d like to give a special thanks to Papertrail for sponsoring the previous 4 editions of cron.weekly. If you’re looking to promote a product or service relevant to open source & linux sysadmins, have a look at the sponsorship options.

And now without further ado, enjoy this week’s edition!


Kubernetes to support rkt

Rkt is a relatively new container technology, next to Docker. The Kubernetes project now supports the rkt runtime as of version 1.3.

Original Apollo 11 source code released

The source code that got the Apollo 11 rocket to the moon (and back!) with Neil Armstrong and Buzz Aldrin in 1969, is now available as open source.

Jenkins 2 becomes TLS, 1.x EOL

The Jenkins team has declared the latest 2.7.1 release LTS, meaning long term support is here for the 2.x branch. At the same time, Jenkins 1.x is now end of life and all users are encouraged to upgrade to 2.x.

Tools & Projects


While this isn’t new, it isn’t very known either: systemd has a subsystem that allows you to manage and spawn containers, much like Docker or LXC.

Open Source Events

This tip was sent in via e-mail: a list of conferences on (open source) software development and their CFP (Call For Paper) dates.


An improvement to ye old diff tool, with a more modern diff output. The biggest improvement is in highlighting the differences within a single line.


The team at Github have created their own DDoS mitigation technique for preventing SYN floods: Synsanity. Synsanity is a SYN flood DDoS mitigation module for Linux 3.x.

Poppins 0.2

A new release for the Poppins script. This rotating backup script is based on rsync with support for BTRFS/ZFS snapshots.

Mango: decentralised git

An interesting project: it stores all git objects on IPFS — a content addressable storage network, while an Ethereum smart contract provides means for access control and stores the pointers to the latest repository revisions. It’s blockchain-meets-git.

A simple crontab visualizer, easier to read than the cryptic crontab output.


A terminal built entire from HTML, CSS and JavaScript which makes it very expandable.

Guides & Tutorials

The beginners guide to Infrastructure Automation

Quite a lengthy read but a good one: how our industry is moving from a “task oriented” system to more “state oriented” with config management and how that’s evolving to containers.

How Product Hunt uses logs and metrics (PDF)

A bit about how Product Hunt monitors and troubleshoots their Ruby and Node.js stack. Most microservices run on Heroku, often with Heroku Postgres. (PDF) (Sponsored)

Getting Started with vSphere Integrated Containers v0.4.0

A practical guide on using Docker on VMware’s vSphere Integrated Container (VIC). For those running a VMware stack, this looks like a great way to integrate containers.

Understanding Containers: Docker, CoreOS, LXD and Container Partners

A good high-level introduction into the different container stacks, their terminology and technology and a look at container orchestration.

Bootstrapping Kubernetes “The Hard Way”

An excellent guide if you really want to learn and understand Kubernetes: from setting up etcd clusters to managing CA’s and TLS certs, Kubernetes control plane, … No “one-click install scripts”, but really getting deep into each part of the setup.

How to manage Linux password expiry with the chage command

When you need to enforce password changes for users on Linux machines, the chage command-line tool is a must-have.

Limit your SSH logins using GeoIP

This is a clever hack: by using a specific configuration in /etc/hosts.allow you can spawn a Bash script whenever the SSH daemon would accept a connection. This Bash script can, by looking at a GeoIP database, determine if you’re allowed access or not. I didn’t know _hosts.allow _or hosts.deny could do this!

Linux IP Networking

This document is a guide to understanding how the Linux kernel (version 2.2.14 specifically) implements networking protocols, focused primarily on the Internet Protocol (IP). And it’s a thorough one, very in-depth.

strace Wow Much Syscall

A slightly older post, but a good reminder that running strace on processes can be dangerous: they can slow down applications by factor 400x (!) while pausing system calls and performing context switches.

My First 10 Seconds On A Server

This is a Bash script that does a couple of repetitive things whenever you install a new server: set the timezone, update the system, enable the firewall, … It doesn’t do a lot, but scripts like these show what the first few things on any server can be (although I’m missing a config management installation step).

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.