cron.weekly issue #46: Kimchi, MySQL, Zabbix, Varnish, Logtrail, Swift, DHCP & more!

Welcome to cron.weekly issue #46, for Sunday, September 18th, 2016.

Loads of new tools this time, plenty of variation all around. Enjoy!

News#

Some questions about Docker and rkt #

This is a fun introduction comparing Docker to rkt by running over the steps involved to get both to work in production, each with its’ pro’s and con’s.

Uber’s Self-driving Pickups In Pittsburgh are Powered by Ubuntu #

What else but Linux would power self-driving cars?

May the Fork Be with You: A Short History of Open Source Forks #

A nice overview of ‘what’s a fork of what’: ubuntu vs debian, centos vs red hat, openbsd vs netbsd, …

Scalable and secure access with SSH #

A description of how Facebook handles SSH: signed certificates, security domains, lots of info on the implementation.

Remote Code Execution in MySQL #

Nearly all MySQL variants (Oracle, MariaDB) are vulnerable to a critical remote code execution that grants root privileges. While the requirements to exploit are rather complicated, it’s best to schedule your upgrades.

Tools & Projects#

Fiaas #

The project stands for “Full install as a Service”: a collection of Ansible roles and playbooks to setup an configure a full LAMP stack with additional services like Varnish, Memcached or Redis where required. The FIAAS playbooks generate more than just the standard service on your VM.

Bash 4.4 #

It’ll probably take a while until this release hits the DEB/RPM repo’s, but some nifty new features: different signal handling for async jobs, loadable plugins, better –help output and loads of bugfixes.

dingo #

A caching DNS proxy for the Google DNS-over-HTTPS. It effectively encrypts all your DNS traffic.

Naxsi #

NAXSI is an open-source, high performance, low rules maintenance Web Application Firewall for Nginx.

Logtrail #

LogTrail is a plugin for Kibana to view, analyze, search and tail log events from multiple hosts in realtime with devops friendly interface inspired by Papertrail.

Goofy #

Goofy is an HTTP load testing tool that simulates waves of surfers in a somewhat unusual way.

Varnish 5.0 #

A new release for the popular Varnish caching daemon: first (experimental) support for HTTP/2, a new shard directory (load balancing base on strings/keys) and the ability to more easily split the VCL files among multiple files.

Zabbix 3.2 #

The latest stable release of the Zabbix monitoring solution adds event tags, event correlation, nested host groups, better alert flapping detection & prevention.

Swift 3.0 #

The Swift language (originally developed by Apple) has reached a new milestone. It now has a stable API, so if you’re thinking of getting started with Swift, now is a good time – the runtime, syntax & usage of Swift isn’t likely to change much any time soon.

mysqlslap #

A load testing tool for MySQL, simulating client connections & SQL queries, all fully configurable.

MySQL 8.0 #

A new release of Oracle’s version of MySQL: 8.0. It implements SQL roles, new character sets, invisible indexes, better IPv6 manipulation, improved performance schema & much more.

alwsl #

This project adds support for Arch Linux as the WSL (Windows Subsystem for Linux) host. So, you can now run Arch Linux as a native Linux system on Windows.

DHCP Load Balancer #

You know you’re working at scale when you need a DHCP load balancer! This tool, dhcplb, comes from the Facebook team.

Vim 8.0 #

A new release of the popular text editor: Asynchronous I/O support, channels, JSON, Jobs, Timers, Partials, Lambdas and Closures.

pyinfra #

pyinfra automates service deployment. It does this by diff-ing the state of the server with the state defined in the deploy script. Deploys are asyncronous and highly performant. The inventory & deploy are managed with pure Python, allowing for near-infinite extendability.

borg #

A terminal based search engine for bash commands. Borg was built out of the frustration of having to leave the terminal to search for bash commands.

kimchi #

An HTML5 management interface for KVM.

frp #

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Guides & Tutorials#

An Updated Performance Comparison of Virtual Machines and Linux Containers  (PDF)#

This is an interesting paper comparing the performance of VMs (in this case on KVM) to the performance of containers running via Docker.

From Kafka to ZeroMQ for real-time log aggregation #

This post describes how challenges involving high-available Kafka setups drove them to ZeroMQ to process application & server logs in a streaming, real-time, fashion.

Turtles on the wire: understanding how the OS uses the modern NIC #

A really in-depth article explaining everything that goes on network-wise in your server: virtualized NICs, buffer addresses & lengths, MAC address filtering & promiscuous mode, how CPU’s relate to packet handling, …

Building Docker images with Puppet #

Lots of examples in this post explaining how you can use your Puppet config management to create and manage containers.

An introduction to Linux network routing #

A good introduction to the routing table, Linux servers acting as routers, how to configure routing via the route tool & a solid reminder of the TCP stack.

Apache Hadoop Explained: Kafka, ZooKeeper, HDFS and Cassandra #

This post gives a high level overview of how the Kafma, ZooKeeper, HDFS & Cassandra work together.