cron.weekly issue #47: OpenSSL, ripgrep, httpstat, CouchDB, Latency & more!

September 25, 2016

Welcome to _cron.weekly _issue #47 for Sunday, September 25th, 2016.

A bit later than usual, but I’m liking it better this way. From now on, cron.weekly is not going to have a fixed time for delivery. It’s still weekly and it’ll still be sent on Sunday, but it’s less formal from now on.

After all, it’s just a hobby and having a time constraint & deadline in the weekend is taking its toll on me. Having the ability to finish the newsletter later will give me more peace of mind.

So long 08:00 UTC+2, hello $RANDOM!

News#

OpenSSL Security Advisory [22 Sep 2016] #

A new high severity vulnerability has been patched in OpenSSL: a denial of service attack when using OCSP stapling.

The MIT license explained, line by line #

This is one of the most popular open source licenses, and it’s broken down line-by-line by a lawyer, in clear language (heck, even I understood it). The MIT license is pretty short, but there are a lot of nuances in those words that can make a difference.

Introducing the GitHub Load Balancer #

The GitHub team has introduced their custom load balancer setup which handles their HTTP/HTTPS/SSH traffic. A mix of layer4 (ECMP) and Layer7 (proxies) are used to handle all the requests. Looking forward to their follow-up posts!

What it costs to run Let’s Encrypt #

I like how they open up their finances too: a total yearly cost of 2.9M USD of which 2.0M USD goes to staffing.

Blurred Lines #

An interesting blogpost about what happens when you join the company behind an open source project you’ve been contributing to, what changes, who takes responsibility, …

Tools & Projects#

ripgrep #

A faster grep, beating the silver searcher, ack, egrep, … Quite a lot of benchmarks on this page proving the speed of ripgrep!

httpstat #

This one is going into my daily arsenal of HTTP tools: a wrapper around “curl -v” which offers a better view of the timings of a curl request. Nicely done! (make sure to check out the screenshot)

ClonOS #

ClonOS is a free open-source FreeBSD-based platform for virtual environments creation and management. In the core: Xen, Jails, Puppet, bhyve hypervisor & ZFS.

pgslice #

Postgres partitioning as easy as pie. Works great for both new and existing tables, with zero downtime and minimal app changes.

Deepstream #

This is a fast, secure and scalable websocket & tcp server for mobile, web & “internet of things”. Think if it like a socket.io/Firebase/Pusher pub/sub & messaging server you can self-host.

CouchDB 2.0 #

A new major release for the database engine: native support for clustering, new admin interface, easier queries & improved performance.

Shipyard #

Built on Docker Swarm, Shipyard gives you the ability to manage Docker resources including containers, images, private registries and more.

Vossibility-stack #

Vossibility provides better visibility for your open source project. It can collect data from GitHub and visualise them, like commits, issues reported/solved, … In short, a fun dashboard for your OSS project.

TLSlayer #

TLSlayer is a FAST TLS/SSL reconnaisance tool written in Go. The primary aim is to provide a tool that has no dependencies on OpenSSL that can utilize multiple cores.

VCLFiddle #

A fun web interface to play around with the Varnish VCL configs, without having to spin up your own instances.

Guides & Tutorials#

You probably want to start using the -w option with iptables #

Did you know iptables can be locked? If that’s the case, commands you send to iptables will happily be ignored. The -w option prevents that from happening. This post is a good write-up on where that might sting you.

Upgrade your SSH keys to ed25519 #

A good post with practical tips on using more secure ciphers for your SSH keys by moving to an ed25519 key.

Using Ansible’s command and shell modules properly #

This post offers some good tips (at least for beginner Ansible users) on when to use the command and the shell options.

Videos#

How not to measure latency #

I liked this talk about common pitfalls when monitoring latency, or just monitoring in general. Offers some good and practical points on improving your metrics and drawing better conclusions.

#

Conferences#

LinuxDays Prague #

On the 8th and 9th October 2016 in Prague, Czech. Quite the schedule if you happen to be around!

ContainerDays NYC #

A different continent, ContainerDays is happening in New York on November 3-4. And if you’re looking for a discount, use promocode “CRON.TAINERDAYS”. That’s right, the first cron.weekly reader perk!