Welcome to cron.weekly issue #46, for Sunday, September 18th, 2016.
Loads of new tools this time, plenty of variation all around. Enjoy!
News
Some questions about Docker and rkt
This is a fun introduction comparing Docker to rkt by running over the steps involved to get both to work in production, each with its’ pro’s and con’s.
Uber’s Self-driving Pickups In Pittsburgh are Powered by Ubuntu
What else but Linux would power self-driving cars?
May the Fork Be with You: A Short History of Open Source Forks
A nice overview of ‘what’s a fork of what’: ubuntu vs debian, centos vs red hat, openbsd vs netbsd, …
Scalable and secure access with SSH
A description of how Facebook handles SSH: signed certificates, security domains, lots of info on the implementation.
Remote Code Execution in MySQL
Nearly all MySQL variants (Oracle, MariaDB) are vulnerable to a critical remote code execution that grants root privileges. While the requirements to exploit are rather complicated, it’s best to schedule your upgrades.
Tools & Projects
Fiaas
The project stands for “Full install as a Service”: a collection of Ansible roles and playbooks to setup an configure a full LAMP stack with additional services like Varnish, Memcached or Redis where required. The FIAAS playbooks generate more than just the standard service on your VM.
Bash 4.4
It’ll probably take a while until this release hits the DEB/RPM repo’s, but some nifty new features: different signal handling for async jobs, loadable plugins, better –help output and loads of bugfixes.
dingo
A caching DNS proxy for the Google DNS-over-HTTPS. It effectively encrypts all your DNS traffic.
Naxsi
NAXSI is an open-source, high performance, low rules maintenance Web Application Firewall for Nginx.
Logtrail
LogTrail is a plugin for Kibana to view, analyze, search and tail log events from multiple hosts in realtime with devops friendly interface inspired by Papertrail.
Goofy
Goofy is an HTTP load testing tool that simulates waves of surfers in a somewhat unusual way.
Varnish 5.0
A new release for the popular Varnish caching daemon: first (experimental) support for HTTP/2, a new shard directory (load balancing base on strings/keys) and the ability to more easily split the VCL files among multiple files.
Zabbix 3.2
The latest stable release of the Zabbix monitoring solution adds event tags, event correlation, nested host groups, better alert flapping detection & prevention.
Swift 3.0
The Swift language (originally developed by Apple) has reached a new milestone. It now has a stable API, so if you’re thinking of getting started with Swift, now is a good time – the runtime, syntax & usage of Swift isn’t likely to change much any time soon.
mysqlslap
A load testing tool for MySQL, simulating client connections & SQL queries, all fully configurable.
MySQL 8.0
A new release of Oracle’s version of MySQL: 8.0. It implements SQL roles, new character sets, invisible indexes, better IPv6 manipulation, improved performance schema & much more.
alwsl
This project adds support for Arch Linux as the WSL (Windows Subsystem for Linux) host. So, you can now run Arch Linux as a native Linux system on Windows.
DHCP Load Balancer
You know you’re working at scale when you need a DHCP load balancer! This tool, dhcplb, comes from the Facebook team.
Vim 8.0
A new release of the popular text editor: Asynchronous I/O support, channels, JSON, Jobs, Timers, Partials, Lambdas and Closures.
pyinfra
pyinfra automates service deployment. It does this by diff-ing the state of the server with the state defined in the deploy script. Deploys are asyncronous and highly performant. The inventory & deploy are managed with pure Python, allowing for near-infinite extendability.
borg
A terminal based search engine for bash commands. Borg was built out of the frustration of having to leave the terminal to search for bash commands.
kimchi
An HTML5 management interface for KVM.
frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
Guides & Tutorials
An Updated Performance Comparison of Virtual Machines and Linux Containers (PDF)
This is an interesting paper comparing the performance of VMs (in this case on KVM) to the performance of containers running via Docker.
From Kafka to ZeroMQ for real-time log aggregation
This post describes how challenges involving high-available Kafka setups drove them to ZeroMQ to process application & server logs in a streaming, real-time, fashion.
Turtles on the wire: understanding how the OS uses the modern NIC
A really in-depth article explaining everything that goes on network-wise in your server: virtualized NICs, buffer addresses & lengths, MAC address filtering & promiscuous mode, how CPU’s relate to packet handling, …
Building Docker images with Puppet
Lots of examples in this post explaining how you can use your Puppet config management to create and manage containers.
An introduction to Linux network routing
A good introduction to the routing table, Linux servers acting as routers, how to configure routing via the route tool & a solid reminder of the TCP stack.
Apache Hadoop Explained: Kafka, ZooKeeper, HDFS and Cassandra
This post gives a high level overview of how the Kafma, ZooKeeper, HDFS & Cassandra work together.