Welcome to Technology Short Take #131! I’m back with another collection of articles on various data center technologies. This time around the content is a tad heavy on the security side, but I’ve still managed to pull in articles on networking, cloud computing, applications, and some programming-related content. Here’s hoping you find something useful here!
- This recent Ars Technica article points out that a feature in Chromium—the open source project leveraged by Chrome and Edge, among others—is having a significant impact on root DNS traffic. More technical details can be found in an associated APNIC blog post.
- Here’s a few details around Open Service Mesh.
- Quentin Machu outlines a series of problems his company experienced using Weave Net as the CNI for their Kubernetes clusters, as well as describes the migration process to a new CNI. His blog post is well worth a read, IMO.
- I thought I’d mentioned this already, but there’s a flaw in a Snapdragon chip that puts greater than 1 billion Android phones at risk, according to Ars Technica.
- Jed Salazar of Isovalent (the company behind Cilium) has a fairly detailed article showing some examples of how Cilium protects against certain network attacks.
- Via this post by Ivan Pepelnjak, I found Nadeem Lughmani’s GitHub repository aimed to helping to secure one’s public cloud deployment.
- Here’s a review of targeted attacks and APTs (advanced persistent threats) on Linux.
- A significant flaw in Microsoft’s Netlogon protocol has been discovered, potentially exposing privilege escalation to Domain Admin. More details are found in this article. The “TL;DR” is you should patch your domain controller “as fast as possible.”
- Here’s a quick review of various sandboxing and workload isolation mechanisms out there. The article doesn’t go deep on any of them, but does provide some useful information and comparison of the various mechanisms.
Cloud Computing/Cloud Management
- Joaquín Menchaca shares a couple of posts related to EKS—first there’s an article on creating an Amazon VPC for EKS, followed by an article on using
eksctlto create an EKS cluster in said pre-created VPC.
- Oh, and while we are on the topic of EKS—here’s an article by AWS on using Gatekeeper as a drop-in replacement for Pod Security Policies, and here’s one (also by AWS) on using Auto Scaling Groups in multiple AZs in Kubernetes.
- Colin Walters lays out the arguments against the use of “immutable.” I get the arguments, but in my humble opinion this is kind of like arguing that there are still servers in serverless.
- Ádám Sándor talks about some of the bad and the ugly with GitOps. This is helpful because many folks only have glowing things to say about GitOps, which—surprise, surprise!—isn’t perfect. (Hint: no technology is perfect.)
- I use
scpall the time. Per this article, I guess it’s time to switch to
- If you’re relatively new to the Linux/macOS/UNIX/*BSD side of the world, this post on making the most of OpenSSH may prove quite useful. Heck, even if you’re not new to OpenSSH, you might pick up something new.
- Stepan Stipl writes about detecting and dealing with deprecated APIs in Kubernetes.
- Not sure how consensus algorithms work? No worries, start here.
- This is an interesting article about why the CockroachDB team created Pebble, a KV store intended to replace RocksDB.
- Here’s a pretty comprehensive resource for using
- Kyle Galbraith has two articles that I read over the last several weeks, one on the repository pattern and one on the adapter pattern. Since I’m still quite the programming newbie, both were a bit of a stretch of my knowledge, but I think I gleaned enough of the concepts to be able to use them later.
- Laurens van Dujin brings to light a bug in vCenter 7.0.0c that causes high CPU usage; turns out this bug is related to the new Workload Control Plane features in vSphere 7. You can disable the service to bring the CPU usage down, but there are caveats. Be sure to read Laurens’ post for details.
- This is a great post on some undesirable traits in company culture. This post is part 5 in a series; I need to make some time to read some of the earlier posts as well.
- I enjoyed this post by Daniel Teycheney on being proactive and conscious (I might use the word “deliberate”) about solving problems in your career.
OK, that’s all for now. Hopefully you’ve found something useful in this post. If so, I’d love to hear about it—feel free to reach out to me on Twitter. Similarly, if you have suggestions for how I might improve the content of these types of posts, I’m open to all constructive criticism. Thanks for reading!