Welcome to Technology Short Take #133! This time around, I have a collection of links featuring the new Raspberry Pi 400, some macOS security-related articles, information on AWS Nitro Enclaves and gVisor, and a few other topics. Enjoy!
- Pratik Mankad shows how to use DNS hostnames as targets for an AWS NLB. If we’re honest, it’s a bit of a hack; it uses AWS Lambda to periodically resolve the hostname and update the NLB target IP address(es) accordingly. Native DNS hostname support in NLBs would be a far better solution.
- Netflix has a good post on how they use prioritized load shedding to provide a good user experience during system outages.
- The Raspberry Pi 400 is a neat offering. See this post for more details.
- In the last Technology Short Take, I mentioned that some testing with macOS Big Sur indicated that Apple had left itself a backdoor for network traffic from its own applications. Here’s another article on the topic, with some additional technical detail.
- Here’s a fairly detailed article on macOS authorization.
- Wojciech Regula takes a look at accessing (“stealing”) confidential data stored in the macOS Keychain.
- How did I not know about Network Time Security (NTS)? Here’s a post on using NTS to secure NTP on Fedora.
- Here’s a list of some
Dockerfilesecurity best practices.
Cloud Computing/Cloud Management
- Raphael Yoshiga provides an Azure-to-AWS mapping of services.
- Ben Bridts has four tips to help you level up your CloudFormation usage.
- Chip Zoller explains how to use custom registries with Tanzu Kubernetes Grid (TKG). His method is enabled by the fact that TKG leverages Cluster API, and Cluster API builds on other community efforts like
kubeadm. (See, this is why learning
kubeadmstill has value in a Cluster API-based world!)
- Validating Kubernetes manifests in some sort of automated fashion is something I’ve been interested in for a while (I’ve had a draft blog post sitting around for nigh on a year now), and
kube-linterfalls right into that area. Check out the
kube-linterGitHub repository, and read the Stackrox blog post announcing the project.
- vSphere administrators may find this guide to day 2 operations with Tanzu Kubernetes Grid helpful.
- Google has a guide on how users can help prepare their Google Cloud environments for the Docker Hub pull request limits that will, by the time this post is published, have been live for almost two weeks.
- Forrest Brazeal provides his take on the rumor that AWS will announce a multi-cloud management tool.
- Geert Baeke has a post on the new HashiCorp tool, Waypoint, showing how to build and tag an image using Docker.
- And while we’re on the topic of building images, here’s a post from Alex Ellis on building containers without Docker.
- Richard Hughes provides an update on
- Here are some handy
- This is a pretty awesome (pun intended) list of resources for Visual Studio Code.
- Scott Bollinger has a post on an all-in-one alias for updating macOS.
- The Cilium team recently conducted the eBPF Summit, focused on all things eBPF. The Cilium website hosts recap posts of day 1 (here) and day 2 (here).
- I haven’t (yet) had the chance to walk through it, but this tutorial looks to be very promising, providing exposure to both AWS Lambda and using Go. It’s definitely on my list!
- David Stevens has a write-up on how to backup vCenter v7 using SMB.
- AWS Nitro Enclaves look like very interesting technology; see this blog post from AWS. Also, this post by Aidan Steele has some great information on Nitro Enclaves as well. If I’m honest, this is an opportunity VMware should have capitalized on a long time ago with vSphere. (If you’re wondering why this is under the “Virtualization” section, go read the blog post!)
- Sam Perrin has a list of useful automation/orchestration resources.
- Ian Lewis and Michael Pratt have a good post on gVisor and how it uses the concept of a “platform” in its functionality.
That’s all I have for now—hopefully you found something useful and informative! Feel free to hit me on Twitter if you have any feedback or suggestions for improvement. I’m also open to items that I should consider for inclusion in a future Tech Short Take.