cron.weekly issue #77: OpenStack, Moby, Caddy, Devuan, Linuxkit, Tmux, Jenkins & more

cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Image of Mattias Geniar

Mattias Geniar, April 23, 2017

Follow me on Twitter as @mattiasgeniar

Welcome to cron.weekly issue #77 for Sunday, April 23rd, 2017.

It’s been a busy week, both personally and in the open source world. So many good content to share this week, I hope you find something among the links you like!

I also ‘launched’ DNS Spy, the DNS monitoring & validation service I’ve been working on. If you’re reading this newsletter, you’re probably the kind of person that appreciates good monitoring, so go check it out at! 🙂


The Evolution of Container Usage at Netflix

This was a fun read to see how containers get used at Netflix, with an impressive 1.000.000 containers that get spawned weekly. That’s 1 million.

Ubuntu on AWS gets serious performance boost with AWS-tuned kernel

Canonical has partnered with AWS to create an AWS-tuned Ubuntu kernel for the Ubuntu 16.04 LTS release, with some impressive results: 30% faster boot times, better I/O performance & other small fixes.

`column` to get –table support

This is a cool feature to land for the `column` tool: it can translate stdin input and convert it to a table with headers or JSON output.

Docker becomes Moby. Sort of.

The team behind Docker created a new project called Moby, with the goal to store all container components. Docker itself would be built on top of those components. Essentially, Docker remains the name of the (commercial & open source) product, Moby are the runtime components that make Docker possible. Some more info on

SSH over CPU shared cache between VMs

This is an unbelievable cool & scary attack; researches have managed to reliably extract info from another VM by probing the host CPU cache. On top of that, they managed to set up an encrypted TCP stream via SSH to allow inter-VM communication, via the CPU cache.

Intel Pulls Out of OpenStack Effort It Founded with Rackspace

Some remarkable news here, as Intel follows both HP and Cisco to stop their (financial) support of OpenStack.

Tools & Projects

Datadog: all your infrastructure, in one place

Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)

Caddy 0.10

This is a pretty big release, with man-in-the-middle detection, HTTP/2 server push, new plugin capabilities & plenty more fixes & features.


webhook is a lightweight configurable tool written in Go, that allows you to easily create HTTP endpoints (hooks) on your server, which you can use to execute configured commands.


A modern $PAGER for noisy logs. The goal is to get more from logs than most of other pagers can. And to do so in less time. Basically slit is a verb, applied to logs.


Open source event based Platform as a Service.


A interactive command line tool for evaluating and debugging the puppet language.


The Docker team launches Linuxkit, the tooling to allow building custom Linux subsystems that only include exactly the components the runtime platform requires. This is the same toolkit that allows them to build & ship tools like Docker for Mac/Windows, which comes bundled with a lightweight Linux kernel.

Devuan Jessie 1.0 RC

I don’t usually give release candidates much attention, but I have to admit I didn’t think this would ever see the light of day: Devuan is the systemd free fork of Debian 8’s Jessie.


GoTTY is a simple GoLang based command line tool that enables you to share your terminal(TTY) as a web application. It turns command line tools into web applications.


A DNS-protocol proxy for Google’s DNS-over-HTTPS: allows you to run a server on your local network which responds to DNS queries, but requests records across the internet using HTTPS.


Crochet is a tool for building bootable FreeBSD images. There’s support for a lot of platforms, including Raspberry Pi’s.

Guides & Tutorials

Linux Server Virtualization: the basics

A very theoretical summary of virtualization in Linux, where hypervisors come into play, how containers fit in, etc.

Forgotten Unix Tools: The dc Command-Line Calculator

The `dc` command is pretty powerful for mathematics at the CLI, offering a range of additional options.

Tmux and Vim – even better together

A post about, you guess it: vim & tmux! Lots of really good & practical config snippets to make cooperation between vim & tmux even better.

More Unknown Linux Commands

This post introduces termsaver (ASCII screensaver), pv (pipe view) & calendar.

How we fine-tuned HAProxy to achieve 2,000,000 concurrent SSL connections

Many details in this post, which covers load testing, graphing & monitoring, allowing HAProxy to use more than 1 core, detailed HAProxy configurations, …

Complete installation guide for LEMP stack with PHP 7 in Debian 8 “Jessie”

Nginx, MySQL & PHP on a Debian 8 server, in a step-by-step guide.

Jenkins screencasts

A series of 6 free screencasts on setting up Jenkins, adding authentication & authorization, the new Blue Ocean interface, a working CI pipeline  and managing the Jenkinsfile.

How To Run OpenVPN in a Docker Container on Ubuntu 14.04

Who doesn’t want their own, easy-to-setup VPN? This guide gets you started with an OpenVPN docker instance.

Reducing latency spikes by tuning the CPU scheduler

You usually don’t have to think about CPU scheduling too much, but when you do, blogposts like these come in really handy. From tracing to resolving CPU scheduler issues with JAVA applications.

Postfix Hardening Guide for Security and Privacy

This post covers all the basics: prevent Postfix from leaking e-mail info, don’t listen to all interfaces, prevent/limit e-mail relaying, …

Kubernetes Ingress explained

One of the core concepts of Kubernetes gets explained in this post; Ingress gives you a way to route requests to services based on the request host or path, centralizing a number of services into a single entrypoint.

tools to scan a Linux server for malware and rootkits

This post explores a couple of popular malware detection tools for Linux; chkrootkit, rkhunter, fuser and ISPProtect.

How To Host Your Own Private Git Repositories

To get started, all you need is SSH!

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.