Welcome to _cron.weekly _issue #73 for Sunday, March 26th, 2016.
Those of you that signed up for this newsletter to learn about new tools are going to be super happy, because there are a ton of them in this release. Many shiny new projects!
Happy Sunday!
News
Percona Live Open Source Database Conference: April 24-27, 2017 in Santa Clara, CA
Open source database community event. MySQL, MongoDB, MariaDB, PostgreSQL & other open source databases. 1 day of tutorials & 3 days of keynote & breakout sessions. Register Now w/ CRON15 for 15% off. (Sponsored)
Introducing Zero Round Trip Time Resumption (0-RTT)
CloudFlare recently enabled TLS 1.3 for its customers, and has just enabled 0-RTT – making TLS more efficient, especially on high latency links. This post highlights the benefits of TLS 1.3 and its technical implementation. I’m looking forward to enabling this on all our servers, too!
OpenSSL project changes license to Apache 2.0
The team behind the OpenSSL project is moving their license from a – at first glance – rather obscure one, to one of the open source standards: Apache License Version 2.0. Quite a big move, as it seems, as all current contributors need to be informed & agree on the change.
Open source license descriptions and metadata
A really nice extra from the Github team: if a project has a LICENSE file, it’ll show a summary of the most interesting points related to that license. See a demo of the MIT license on one of my own repos. Or have a look at the Kubernetes repo for an Apache 2 license example.
Fossjobs.net
An online job board focussing on jobs that directly improve and involve FOSS or Open Hardware projects.
Embrace open source
A list of GitHub issues to help beginners make their first pull request.
Tools & Projects
Datadog: all your infrastructure, in one place
Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)
Ostinato
Ostinato is a packet crafter, network traffic generator and analyzer with a friendly GUI. Also a powerful Python API for network test automation. Craft and send packets of several streams with different protocols at different rates. Think of it as “Wireshark in Reverse”.
TimescaleDB
TimescaleDB is an open-source database designed to make SQL scalable for time-series data. It is engineered up from PostgreSQL, providing automatic partitioning across time and space (partitioning key), as well as full SQL support.
RHEL 6.9
The latest “big” release of Red Hat Enterprise Linux 6.x series, 6.9. Updates to TLS 1.2, preparations to migrate existing workloads to containers on RHEL 7 & new hardware support and bugfixes. This also marks the last big release of the RHEL 6.x series, what follows now are security and critical bugfixes. Expect a CentOS 6.9 in the next few weeks.
bcachefs
Bcachefs is an advanced new filesystem for Linux, with an emphasis on reliability and robustness. It has a long list of features, completed or in progress: copy-on-write (COW), data & metadata checksumming, compression, encryption, snapshots, caching & a heap more features.
tmuxp
A new tmux session manager.
Gitlab 9.0
A new major release, offering: improved project navigation, deploy boards, application performance monitoring, subgroups, a revamped merge request widget, … so many new things!
netbox
NetBox is an IP address management (IPAM) and data center infrastructure management (DCIM) tool. Initially conceived by the network engineering team at DigitalOcean, NetBox was developed specifically to address the needs of network and infrastructure engineers.
boulder
This is an implementation of an ACME-based CA, that Let’s Encrypt uses. If you want to run your own CA at the office, this might be a tool for you.
udocker
A basic user tool to execute simple docker containers in user space without requiring root privileges. Enables basic download and execution of docker containers by non-privileged users in Linux systems were docker is not available.
Bloaty McBloatface
This tool lets you explore what’s taking up space in your .o, .a, .so, and executable binary files.
OpenSSH 7.5
A new OpenSSH release, focussing mostly on bugfixes.
stone
Stone is a simple TCP/IP packet repeater according to its manual but it also does UDP/IP repeating. It also supports proxy, ssl encryption.
how2
How2 finds the simplest way to do something in a unix shell. It’s like man, but you can query it in natural language.
psick
Puppet Systems Infrastructure Construction Kit: A Puppet control-repo generator on steroids, featuring multiple ways to test Puppet code, a Gitlab CI pipeline, …
colorize
*nixy filter that adds color to its standard input by rows or (space separated) columns.
Guides & Tutorials
Block DNS queries for specific zone with IPTables
This is a pretty cool method where you can use iptables to block packages based on a particular payload or “string”, in this example it’s used to block certain kind of DNS requests. This method can be used for virtually any protocol.
Epoll is fundamentally broken 2/2
A follow-up in-depth post, looking at the Epoll implementation and its flaws.
Best 15 Unix Command Line Tools
A link-baity title, but gives some good examples of CLI tools; it introduces apropos, typo correction in your history, incron, usage of {}, …
Restricting process CPU usage using nice, cpulimit, and cgroups
An introduction to nice, cpulimit and cgroups to limit CPU usage on processes.
A good vimrc
Not your typical copy/paste config, but a carefully written guide on the reason & background of each parameter, so you can make informed decisions about your .vimrc configs.
Newsletters
These are 2 newsletters I’d like to highlight.
DevOps-ish
Written by Chris Short, this newsletter gives you lots of “soft” news about DevOps, collaboration and focusses more on the human side of doing Dev and/or Ops.
Monitoring Weekly
A new weekly newsletter about all things monitoring, that looks promising. It’s written by Jason Dixon and Mike Julian, who both have extensive backgrounds in monitoring.
Videos
Linux Monitoring at Scale with eBPF
The latest Linux kernels have implemented a Berkeley Packet Filter (BPF) virtual machine which can provide safe and efficient syscall hooking. There are many logging systems in Linux that provide security relevant data, and several excellent open source tools that sit on top of these. This talk showcases one particular BPF implementation.