Contact Us

Technology Short Take 132

Cloud

Welcome to Technology Short Take #132! My list of links and articles from around the web seems to be a bit heavy on security-related topics this time. Still, there’s a decent collection of networking, cloud computing, and virtualization articles as well as a smattering of other topics for you to peruse. I hope you find something useful!

Networking

  • I think a fair number of folks may not be aware that the Nginx ingress controller for Kubernetes—both the community version and the Nginx-maintained open source version—do suffer from timeouts and errors resulting from changes in the back-end application’s list of endpoints (think pods being added or removed). This performance testing post lays out all the details. In particular, see the section titled “Timeout and Error Results for the Dynamic Deployment.”
  • Ivan Pepelnjak attempts to answer the question, “How much do I need to know about Linux networking?”
  • Speaking of Linux networking…Marek Majkowski of Cloudflare digs deep into conntrack, used for stateful firewalling functionality.

Servers/Hardware

  • Normally I talk about server hardware and such here, but with so much moving to public cloud providers, let’s expand that focus a little bit: in this post, Jeramiah Dooley provides his perspective on the Surface Duo after a month of use.

Security

  • I recently stumbled across this utility to help protect your macOS-based system against persistent malware.
  • I’m not sure if I should put this under “Hardware” or here under “Security”: Apple’s T2 chip has an “unfixable vulnerability” that could lead to significant system compromise. There’s more detail available in this post as well.
  • Here’s an interesting read: the story of some security researchers who hacked on Apple for three months.
  • Brad Geesaman has a write-up on CVE-2020-15157, aka “ContainerDrip,” that you may want to review.
  • Intel has released a security advisory for BlueZ, which is related to Bluetooth support in the Linux kernel.
  • It appears that Apple may have left themselves a “network backdoor” in macOS Big Sur. This article provides links to a Twitter thread that outlines the backdoor in more detail, but the gist of the situation is that kernel extensions have been deprecated in Big Sur and their replacement appears not to affect some Apple applications (most notably the App Store).

Cloud Computing/Cloud Management

  • Brandon Willmott has a post outlining the important directories to know when working with Kubernetes (it’s also helpful for the CKA exam).
  • Docker recently open-sourced the Docker Compose integration for Amazon ECS and Microsoft ACI. This code hasn’t made it into the docker-compose CLI yet. This Docker blog post has more details.
  • This is a slightly older post, but Rich Burroughs has a nice summary/recap of KubeCon EU 2020.
  • Ahmed Bham and Marcelo Boeira of AWS have a walkthrough for migrating a self-managed Kubernetes cluster on EC2 to Amazon EKS.
  • Yann Hamon of Contentful shares that they have open-sourced a Kubernetes operator to sync Kubernetes Secrets from AWS Secrets Manager.
  • In this post, Docker shares they they are delaying the enforcement of their new image retention policy, and reminds folks of the image pull rate limits that are due to start on November 1. I know that Docker Hub must consume enormous resources for the company (and thus has a large associated cost), but limiting the ubiquity of Docker Hub—and thus driving developers/users elsewhere—seems shortsighted. I guess time will tell.

Operating Systems/Applications

Storage

Programming

Virtualization

Career/Soft Skills

That’s all for now, folks! Thanks for taking the time to read, and I hope that I was able to share something you’ll find useful. If you have any feedback on this post, or on the site in general, feel free to hit me on Twitter. I’d love to hear your feedback!

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google
Spotify
Consent to display content from Spotify
Sound Cloud
Consent to display content from Sound