Welcome to _cron.weekly _issue #73 for Sunday, March 26th, 2016.

Those of you that signed up for this newsletter to learn about new tools are going to be super happy, because there are a ton of them in this release. Many shiny new projects!

Happy Sunday!

News

Open source database community event. MySQL, MongoDB, MariaDB, PostgreSQL & other open source databases. 1 day of tutorials & 3 days of keynote & breakout sessions. Register Now w/ CRON15 for 15% off. (Sponsored)

CloudFlare recently enabled TLS 1.3 for its customers, and has just enabled 0-RTT – making TLS more efficient, especially on high latency links. This post highlights the benefits of TLS 1.3 and its technical implementation. I’m looking forward to enabling this on all our servers, too!

The team behind the OpenSSL project is moving their license from a – at first glance – rather obscure one, to one of the open source standards: Apache License Version 2.0. Quite a big move, as it seems, as all current contributors need to be informed & agree on the change.

A really nice extra from the Github team: if a project has a LICENSE file, it’ll show a summary of the most interesting points related to that license. See a demo of the MIT license on one of my own repos. Or have a look at the Kubernetes repo for an Apache 2 license example.

An online job board focussing on jobs that directly improve and involve FOSS or Open Hardware projects.

A list of GitHub issues to help beginners make their first pull request.

Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)

Ostinato is a packet crafter, network traffic generator and analyzer with a friendly GUI. Also a powerful Python API for network test automation. Craft and send packets of several streams with different protocols at different rates. Think of it as “Wireshark in Reverse”.

TimescaleDB is an open-source database designed to make SQL scalable for time-series data. It is engineered up from PostgreSQL, providing automatic partitioning across time and space (partitioning key), as well as full SQL support.

The latest “big” release of Red Hat Enterprise Linux 6.x series, 6.9. Updates to TLS 1.2, preparations to migrate existing workloads to containers on RHEL 7 & new hardware support and bugfixes. This also marks the last big release of the RHEL 6.x series, what follows now are security and critical bugfixes. Expect a CentOS 6.9 in the next few weeks.

Bcachefs is an advanced new filesystem for Linux, with an emphasis on reliability and robustness. It has a long list of features, completed or in progress: copy-on-write (COW), data & metadata checksumming, compression, encryption, snapshots, caching & a heap more features.

A new tmux session manager.

A new major release, offering: improved project navigation, deploy boards, application performance monitoring, subgroups, a revamped merge request widget, … so many new things!

NetBox is an IP address management (IPAM) and data center infrastructure management (DCIM) tool. Initially conceived by the network engineering team at DigitalOcean, NetBox was developed specifically to address the needs of network and infrastructure engineers.

This is an implementation of an ACME-based CA, that Let’s Encrypt uses. If you want to run your own CA at the office, this might be a tool for you.

A basic user tool to execute simple docker containers in user space without requiring root privileges. Enables basic download and execution of docker containers by non-privileged users in Linux systems were docker is not available.

This tool lets you explore what’s taking up space in your .o, .a, .so, and executable binary files.

A new OpenSSH release, focussing mostly on bugfixes.

Stone is a simple TCP/IP packet repeater according to its manual but it also does UDP/IP repeating. It also supports proxy, ssl encryption.

How2 finds the simplest way to do something in a unix shell. It’s like man, but you can query it in natural language.

Puppet Systems Infrastructure Construction Kit: A Puppet control-repo generator on steroids, featuring multiple ways to test Puppet code, a Gitlab CI pipeline, …

*nixy filter that adds color to its standard input by rows or (space separated) columns.

Guides & Tutorials

This is a pretty cool method where you can use iptables to block packages based on a particular payload or “string”, in this example it’s used to block certain kind of DNS requests. This method can be used for virtually any protocol.

A follow-up in-depth post, looking at the Epoll implementation and its flaws.

A link-baity title, but gives some good examples of CLI tools; it introduces apropos, typo correction in your history, incron, usage of {}, …

An introduction to nice, cpulimit and cgroups to limit CPU usage on processes.

Not your typical copy/paste config, but a carefully written guide on the reason & background of each parameter, so you can make informed decisions about your .vimrc configs.

Newsletters

These are 2 newsletters I’d like to highlight.

Written by Chris Short, this newsletter gives you lots of “soft” news about DevOps, collaboration and focusses more on the human side of doing Dev and/or Ops.

A new weekly newsletter about all things monitoring, that looks promising. It’s written by Jason Dixon and Mike Julian, who both have extensive backgrounds in monitoring.

Videos

The latest Linux kernels have implemented a Berkeley Packet Filter (BPF) virtual machine which can provide safe and efficient syscall hooking. There are many logging systems in Linux that provide security relevant data, and several excellent open source tools that sit on top of these. This talk showcases one particular BPF implementation.