Welcome to cron.weekly issue #77 for Sunday, April 23rd, 2017.

It’s been a busy week, both personally and in the open source world. So many good content to share this week, I hope you find something among the links you like!

I also ‘launched’ DNS Spy, the DNS monitoring & validation service I’ve been working on. If you’re reading this newsletter, you’re probably the kind of person that appreciates good monitoring, so go check it out at dnsspy.io! 🙂

News

This was a fun read to see how containers get used at Netflix, with an impressive 1.000.000 containers that get spawned weekly. That’s 1 million.

Canonical has partnered with AWS to create an AWS-tuned Ubuntu kernel for the Ubuntu 16.04 LTS release, with some impressive results: 30% faster boot times, better I/O performance & other small fixes.

This is a cool feature to land for the `column` tool: it can translate stdin input and convert it to a table with headers or JSON output.

The team behind Docker created a new project called Moby, with the goal to store all container components. Docker itself would be built on top of those components. Essentially, Docker remains the name of the (commercial & open source) product, Moby are the runtime components that make Docker possible. Some more info on mobyproject.org.

This is an unbelievable cool & scary attack; researches have managed to reliably extract info from another VM by probing the host CPU cache. On top of that, they managed to set up an encrypted TCP stream via SSH to allow inter-VM communication, via the CPU cache.

Some remarkable news here, as Intel follows both HP and Cisco to stop their (financial) support of OpenStack.

Track & alert on the health and performance of every server, container, and app in any environment, with Datadog. Sign up for a free 14-day trial. (Sponsored)

This is a pretty big release, with man-in-the-middle detection, HTTP/2 server push, new plugin capabilities & plenty more fixes & features.

webhook is a lightweight configurable tool written in Go, that allows you to easily create HTTP endpoints (hooks) on your server, which you can use to execute configured commands.

A modern $PAGER for noisy logs. The goal is to get more from logs than most of other pagers can. And to do so in less time. Basically slit is a verb, applied to logs.

Open source event based Platform as a Service.

A interactive command line tool for evaluating and debugging the puppet language.

The Docker team launches Linuxkit, the tooling to allow building custom Linux subsystems that only include exactly the components the runtime platform requires. This is the same toolkit that allows them to build & ship tools like Docker for Mac/Windows, which comes bundled with a lightweight Linux kernel.

I don’t usually give release candidates much attention, but I have to admit I didn’t think this would ever see the light of day: Devuan is the systemd free fork of Debian 8’s Jessie.

GoTTY is a simple GoLang based command line tool that enables you to share your terminal(TTY) as a web application. It turns command line tools into web applications.

A DNS-protocol proxy for Google’s DNS-over-HTTPS: allows you to run a server on your local network which responds to DNS queries, but requests records across the internet using HTTPS.

Crochet is a tool for building bootable FreeBSD images. There’s support for a lot of platforms, including Raspberry Pi’s.

Guides & Tutorials

A very theoretical summary of virtualization in Linux, where hypervisors come into play, how containers fit in, etc.

The `dc` command is pretty powerful for mathematics at the CLI, offering a range of additional options.

A post about, you guess it: vim & tmux! Lots of really good & practical config snippets to make cooperation between vim & tmux even better.

This post introduces termsaver (ASCII screensaver), pv (pipe view) & calendar.

Many details in this post, which covers load testing, graphing & monitoring, allowing HAProxy to use more than 1 core, detailed HAProxy configurations, …

Nginx, MySQL & PHP on a Debian 8 server, in a step-by-step guide.

A series of 6 free screencasts on setting up Jenkins, adding authentication & authorization, the new Blue Ocean interface, a working CI pipeline and managing the Jenkinsfile.

Who doesn’t want their own, easy-to-setup VPN? This guide gets you started with an OpenVPN docker instance.

You usually don’t have to think about CPU scheduling too much, but when you do, blogposts like these come in really handy. From tracing to resolving CPU scheduler issues with JAVA applications.

This post covers all the basics: prevent Postfix from leaking e-mail info, don’t listen to all interfaces, prevent/limit e-mail relaying, …

One of the core concepts of Kubernetes gets explained in this post; Ingress gives you a way to route requests to services based on the request host or path, centralizing a number of services into a single entrypoint.

This post explores a couple of popular malware detection tools for Linux; chkrootkit, rkhunter, fuser and ISPProtect.

To get started, all you need is SSH!