Welcome to Technology Short Take #137! I’ve got a wide range of topics for you this time around—eBPF, Falco, Snort, Kyverno, etcd, VMware Code Stream, and more. Hopefully one of these links will prove useful to you. Enjoy!
- Matt Oswalt digs into eBPF.
- Justin Pietsch Has a lengthy article on why network engineers need to focus on getting the network out of the way. Although it is a lengthy read, it is—in my opinion—well worth the time to read it.
- I recently mentioned on Twitter that I was considering building out a new Linux PC to replace my aging Mac Pro (it’s a 2012 model, so going on 9 years old). Joe Utter shared with me his new lab build information, and now I’m sharing it with all of you. Sharing is caring, you know.
- Kaizhe Huang examines Falco versus AuditD from a host intrusion detection system (HIDS) perspective.
- A major security flaw in
sudohas been discovered; more details available here.
- Eclypsium discusses ways of protecting system firmware storage.
- I didn’t even know that Snort was still a thing, but apparently version 3 was recently released.
Cloud Computing/Cloud Management
- I was going to put this under Security, but decided it fit here better—Michael Foster of StackRox (recently acquired by Red Hat) has been working on a CKS (Certified Kubernetes Security Specialist) certification study guide. I’ll link you to part 6, since it contains links to all the previous sections. I also like that StackRox has published a GitHub repository with the study materials as well.
- Sebastian Kurfürst shares some insights on running Cilium in K3s and K3d on macOS (for development purposes).
- David Anderson shares some thoughts on what a better Kubernetes might look like.
- If you’re using AWS’ AI or ML services, it may be worth reading this post about opting out of data usage.
- Christian Posta talks a bit about some of the challenges of adopting service mesh in enterprise organizations. His recommendations do feel a bit biased (he recommends starting with an API gateway, such as the one his company provides), but it doesn’t mean the recommendations are wrong. To summarize Christian’s recommendations at the end: start small and expand slowly where and as it makes sense.
- Emre Odabas has some “best practices” for the CKA exam.
- Chip Zoller has a great article on some use cases for Kyverno.
- There is an absolute wealth of information in this etcd article by Michael Gasch. Make time to read it. Seriously, it’s that good.
- Daniele Ulrich has a four-part series (so far) on installing the TKG extensions (part 1, part 2, part 3, and part 4).
- Mark Ukotic has some information on using Kubernetes pipelines and tasks in VMware Code Stream.
- Turns out that the
apt-keycommand on Debian and Debian derivatives (like Ubuntu and its derivatives) has been deprecated. This article walks users through how to work with OpenPGP repository signing keys without the use of
- I recently watched this YouTube video series on
tmuxin order to get more familiar with this very popular tool. I can definitely see the value, but it’s going to take me some time to adjust my habits and workflows to take advantage of
- Red Hat continues its effort to commodotize Docker’s position with developers: this time by taking aim at Docker Compose.
- Here’s an article on deploying Kubernetes nodes on vSphere using Terraform.
- James Kiarie shows how to create a VM template for KVM.
- Julia Evans spent some time with Firecracker, and shares what she’s learned here.
- Lee Briggs shares a great post on learning to code with infrastructure as code (using infrastructure as code is something I think is a good career move for pretty much everyone). I like how Lee shares some very specific recommendations on how folks can get started.
while I’d love to keep going, I’d better wrap it up here. If you have any feedback for me, feel free to hit me on Twitter. I’d love to hear from you.