Welcome to Technology Short Take #140! It’s hard to believe it’s already the start of May 2021—my how time flies! In this Technology Short Take, I’ve gathered some links for you covering topics like Azure and AWS networking, moving from macOS to Linux (and back again), and more. Let’s jump right into the content!

Networking

• Ivan Pepelnjak takes a look at why you might want to use Azure Route Server, followed by pulling back the covers on how Azure Route Server works.
• Maegan Jong and Dominik Tornow have a blog series that, in their words, “aims to advance the understanding of Kubernetes and its underlying concepts.” Specifically, this post talks about Kubernetes networking.
• Michael Kashin combines networking and programming in this post on getting started with eBPF and Go.
• This post on isolated networks on AWS takes a pretty comprehensive look at what’s required to build isolated AWS networks, including a look at potential data exfiltration paths.

Servers/Hardware

• Ben Wilcock shares his experience with an Intel NUC 11.
• VentureBeat discusses Armv9, a new architectural update for Arm-based CPUs.

Security

• Peyton Smith and Mitchell Moser share seven common Microsoft Active Directory misconfigurations that adversaries tend to abuse.
• Paulos Yibelo describes exploiting macOS with a text file.
• The folks at Netskope have a pair of blog posts on GCP OAuth token hijacking in Google Cloud (part 1, part 2). These are older posts, from August 2020, and I honestly don’t know if the vulnerability still exists (or if it has been patched). If you’re a Google Cloud user, this may be worth a closer examination to make sure your accounts are safe.
• Most of this was beyond my comprehension, but I found the tale fascinating to read nevertheless.

Cloud Computing/Cloud Management

• Stefan Büringer talks about optimizing Open Policy Agent (OPA)-based Kubernetes authorization. Note that this is a slightly older post (about 2 years old), so some of it may no longer apply to the latest versions of OPA and Gatekeeper.
• This post by “xssfox” takes an interesting (to me) look at a security hole created through the use of an automated code pipeline deploying to a production website.
• I’ve noted several pundits/experts who have noted the transformational nature of AWS Lambda, and the impact it is having/will have on AWS and its offerings. The introduction of S3 Object Lambda is just the latest example, it seems.
• Chris Evans examines the pricing of virtual instances compared to managed servie offerings as he ponders how hyper-scalers like AWS, Azure, and Google will go about/are going about optimizing service density (i.e., maximizing revenue per hardware instance). It’s an interesting observation, for sure (at least, it’s interesting to me).
• Marco Lancini discusses security logging in AWS environments.
• Pulumi recently released version 3; get more details on the latest release in this blog post.

Operating Systems/Applications

• Justin Garrison shares some thoughts on whiteboarding software (and hardware).
• Here is a reminder why time synchronization remains important.
• Carlos Fenollosa has a series of articles describing his attempt to move to Linux from macOS, and why he came back. Part 3 of the series, found here, describes some of the challenges with desktop Linux and why, in his words, “the grass is not greener on the other side.”
• Paddy Kelly shows how to filter JSON data in Ansible using json_query.
• Ivan Pepelnjak’s mention of Network to Code’s Schema Enforcer tool sent me down the rabbit hole of JSON Schema and validation. Don’t be surprised if you see a blog post on this topic pop up soon.
• If you’re new to vim, this post may be helpful.

Programming

• Peter Bourgon speaks out against using build tags for integration tests.

Storage

• Cormac Hogan discusses the VCP-to-vSphere CSI migration process (switching from the older in-tree cloud provider to the newer vSphere CSI driver).

Virtualization

• William Lam outlines some enhancements for USB NIC-only installations that appeared in ESXi 7.0 Update 2.

Career/Soft Skills

• There is no recipe for success. Well said.
• Former teammate Eric Shanks shares some details on his home audio/visual setup.

That’s all for now! I hope that I have shared something useful with you. If you have feedback, or if you just want to say hi, feel free to hit me on Twitter, or find me on one of the various Slack communities I frequent. Have a great weekend!