Welcome to Technology Short Take #118! Next week is VMworld US in San Francisco, CA, and I’ll be there live-blogging and meeting up with folks to discuss all things Kubernetes. If you’re going to be there, look me up! Otherwise, I leave you with this list of links and articles from around the Internet to keep you busy. Enjoy!
- Networking guru Ivan Pepelnjak has migrated his online presence to AWS; read more here.
- Interesting (but otherwise not terribly useful) article on how to turn a MacBook into a touchscreen. Lack of a touch screen remains the MacBook line’s second most egregious shortcoming against competing products (the first being the awful keyboard).
- I came across this article on tools and methods for auditing Kubernetes RBAC policies, which had some new tools I hadn’t seen before.
- This web developer security checklist has a nice list of some “current recommended practices” for properly securing web applications/sites.
- Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discuss the KNOB attack (a Bluetooth vulnerability).
Cloud Computing/Cloud Management
- My teammate John Harris has a great post on ensuring least privilege in Kubernetes using impersonation. Good stuff here.
- Alex Brand (also a teammate!) has a post on using Sonobuoy to test Kubernetes Network Policy enforcement (this is to ensure that your installed CNI plugin has the abilitiy to enforce Netowrk Policies).
- I’ve been using Pulumi quite a bit to help with managing infrastructure environments (spinning up and tearing down test environments). I then found this article by Lee Briggs on using Pulumi for Kubernetes configuration management, and it has me interested to continue to explore Pulumi’s capabilities. (Oh, and while we’re talking about Pulumi, here’s another article on using Pulumi for infrastructure as code.)
- Gary Stafford has a fairly in-depth article on managing AWS infrastructure using Ansible, CloudFormation, and CodeBuild.
- Here’s how to create a snippet in VS Code to wrap text with some other text of your choosing. This is handy—I had some similar things set up for Sublime Text, but haven’t managed to do the same for VS Code yet.
- Network bonding in Linux—as outlined in this article—is something I may have to explore. Right now I have a custom shell script I wrote that “docks” and “undocks” my laptop by manipulating, among other things, some associated network settings. What I’d really like to have is something like ControlPlane (née Marco Polo for the longtime Mac users), but for Linux. Alas, it appears that even ControlPlane has been abandoned…
- Major Hayden explains how to use Fedora 30 on GCE.
sed. Learn them, use them, love them.
- Ivan Velichko journals his journey of learning about containerization and orchestration in this blog post. If nothing else, this post at least helps clarify the relationship between commonly-mentioned projects like
cri-o, and others.
- Youichi Fujimoto discusses running Kubernetes locally with KinD and Docker. I’ve found KinD to be easier to use and more flexible than Minikube, but I’m on Linux and have a native Docker installation.
- Tim Little shares some “lessons learned” regarding increasing resilience in Kubernetes, such as taking advantage of features like Pod Anti-Affinity, scaling up Deployments to have more than a single Pod, and configuring Readiness probes for all workloads.
- Via this blog post by Myles Gray, VMware has announced Cloud Native Storage (CNS), powered by a new CSI (Container Storage Interface) driver for Kubernetes (and other orchestration platforms that use CSI).
- When it comes to storage, Cormac Hogan is an invaluable resource. It’s great to see Cormac turning his attention to Kubernetes environments, and in a recent post Cormac tackled failure scenarios with Kubernetes storage on vSphere.
- Laurens van Dujin ferrets out a small detail regarding network connectivity while troubleshooting vSAN Witness Node isolation.
- Joey Ketels steps readers through how to set up RHEL7 desktops with Horizon Instant Clones.
- Via the vExpert Slack instance, I came across this article on the effect of the scarcity mentality in IT careers.
- Silvia Botros has a great piece of how we keep learning. There’s some good stuff in here, I highly recommend reading it.
- Although written for the creative industry, I think this article by Paul Jun on five things no one tells you about going full-time again probably holds equally true for IT freelancers moving back into corporate life, or even moving from startup culture to big company culture after an acquisition.
I guess that’ll have to do for now. It is my sincere hope that you’ve found something useful in this post, and if you have any feedback I invite you to contact me on Twitter. Thanks for reading!