Happy new year cron.weekly readers! It’s january 1st, 2017 and this is probably the first newsletter to arrive in your inbox in 2017.
My wishes for your new year: may your favourite abandoned open source project get an active fork and may your own open source projects become a source of steady income as you continue to support them.
If you’re using this newsletter as a distraction during yet-another-family-dinner , I hope it can keep you entertained.
News How Facebook Uses linux and Btrfs: An Interview with Chris MasonSome good insights in how Facebook handles upstream kernel releases, how they’re running the 4.6 kernel and how and where they’re fitting in the Btrfs file system.
Why I close PRs (OSS project maintainer notes)If you’ve ever maintained an open source project you know sometimes you have to say “no” to a pull request, because it doesn’t align with your own (or the projects’ ) interests. This post explores some of the good reasons why you might want to say “no”.
For God’s sake, secure your Mongo/Redis/etc!Yet another good reminder than unauthenticated protocols, like MongoDB, Redis or Memcached, need to be firewalled or properly configured to prevent anyone on the internet from spying on your data.
Are You Load Balancing Wrong?There are 2 different kind of load balancing: for capacity vs for resilience. This post explores both and gives some examples of situations whereit’s easy to make mistakes in your load balancers.
Tools & Projects All your infrastructure, in one placeTrack & alert on the health and performance of every server, container, and app in any environment. Sign up for a free 14-day trial . (Sponsored)
dnscrypt-proxyDNScrypt is a protocol for securing communications between a client and a DNS resolver, using high-speed high-security elliptic-curve cryptography.dnscrypt-proxy is a client-implementation of the protocol. It requires a DNSCrypt server on the other end.
syncthingOpen Source Continuous File Synchronization. Syncthing is an easy-to-use file and directory synchronisation protocol & tool.
AlertaThe Alerta monitoring tool was developed with the following aims in mind:distributed and de-coupled so that it is scalable,minimal configurationthat easily accepts alerts from any source,quick at-a-glance visualisationwith drill-down to detail.
GiteaGitea is a community managed fork of Gogs , lightweight code hosting solution written in Go and published under the MIT license. Gitea is apainless self-hosted Git service.
GNU ParallelGNU parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU parallel can then split the input and pipe it into commands in parallel.
mitmproxy 1.0An SSL-capable man-in-the-middle proxy for pen testers and web developers.
BosunBosun is an open-source monitoring and alerting system by Stack Exchange . It has an expressive domain specific language for evaluating alerts and creating detailed notifications. It also lets you test your alerts against history for a faster development experience.
Bash-itBash-it is a collection of community Bash commands and scripts.Includes autocompletion, themes, aliases, custom functions, a few stolen pieces from Steve Losh, and more.
puppet-in-dockerThis repository contains Dockerfiles for a complete Puppet 4 infrastructure running in Docker. The following components are used: HAProxy, Puppetserver, PuppetDB, Postgres, r10k, NATS, Puppet explorer.
Guides & Tutorials Puppet tutorialThis is a slightly older tutorial, but still spot-on: how to get started with Puppet.
Understanding Kubernetes resourcesIn this blog post, the author explains how the Kubernetes resource model works, why you should alwaysset resource limits on your containers, and then show you how you can do exactly that.
A container networking overviewA really good explanation on networking inside containers. It covers vxlan, ip-in-ip, the route tabel, local networks, … Looking forward to the follow-ups on this one.
Basics of Making a Rootkit: From syscall to hook!Quite a lot of code in this article, but very interesting if you like the low-level details of how rootkits work on Linux.