Technology Short Take 92
Published on 5 Jan 2018 · Filed in Information · 960 words (estimated 5 minutes to read)Welcome to Technology Short Take 92, the first Technology Short Take of 2018. This one was supposed to be the last Tech Short Take of 2017, but I didn’t get it published in time (I decided to spend time with my family instead—some things are just more important). In any case, hopefully the delay of one additional week hasn’t caused any undue stress—let’s jump right in!
Networking
- Lindsay Hill walks through using Telegraf, InfluxDB, and Grafana to monitor network statistics.
- Via Ivan Pepelnjak, I found this article by Diane Patton at Cumulus Networks talking about container network designs. The article is a bit heavy on pushing the Host Pack (a Cumulus thing), but otherwise provides a good overview of several different possible container network designs, along with some of the criteria that might lead to each design.
- Erik Hinderer takes a stab (based on his field experience) at estimating how long it takes to upgrade VMware NSX. Erik’s figures are just estimates, of course; actual values will be determined based on each customer’s specific environment.
- This post is a bit older, but covers a challenge faced by cloud-native darling Netflix—how does one, exactly, identify which application used which IP address at a given point in time? When you’re operating at the scale at which Netflix operates, this is no trivial feat.
Servers/Hardware
- Christian Kellner talks about work done on Thunderbolt 3 security levels for GNU/Linux. There is more work ahead, but it’s great to see progress being made.
Security
- The CPU architecture flaw involving speculative execution has been garnering a great deal of attention (see here, here, here, and here). Also, here’s Google Project Zero’s write-up (along with a support FAQ from Google on mitigation). There’s lots more coverage, obviously, but this should be enough to get you started.
Cloud Computing/Cloud Management
- Kevin Carter has a detailed write-up on efforts around leveraging
systemd-nspawnfor deploying OpenStack via OpenStack Ansible.systemd-nspawnis an interesting technology I’ve been watching since early this year, and it will be cool (in my opinion) to see a project using it in this fashion. - The vSphere provider for Terraform (did you know there was one?) recently hit 1.0, and HashiCorp has a blog post (re-)introducing the provider. I thought I also saw a VMware blog post on the provider as well, but couldn’t find any link (guess I was mistaken).
- Oh, and speaking of Terraform: check out this post on the release of Terraform 0.11.
- Tim Nolet reviews some differences between Azure Container Instances and AWS Fargate (recently announced at AWS re:Invent 2017). Tim’s review of each of the offerings is pretty balanced (thanks for that), and I’d recommend reading this post to get a better idea of how each of them work.
- Jorge Salamero Sanz (on behalf of Sysdig) provides a similar comparison, this time looking at ECS, Fargate, and EKS. Jorge’s explanation of Fargate as “managed ECS/EKS instances” is probably the most useful explanation of Fargate I’ve seen so far.
- Michael Gasch digs relatively deep to address the question of how Kubernetes reconciles allocatable resources and requested resources in order to satisfy QoS. Good information here, in my opinion. Thanks Michael!
- Running distributed systems such as etcd, Kubernetes, Linkerd, etc., to support applications means making a conscious decision to embrace a certain level of complexity in exchange for the benefits these systems offer. Read this post-mortem on an outage to gain a better idea of some of the challenges this additional complexity might present when it comes to troubleshooting.
- Tim Hinrichs provides some details on Rego, the policy language behind the Open Policy Agent project.
- Paul Czarkowski walks you through creating your first Helm chart.
Operating Systems/Applications
- I came across this mention of Mitogen, a project whose goal—as described by the creator—is to “make it childsplay [sic] to run Python code on remote machines”.
- From the “interesting-but-not-practicallly-useful” department, Nick Janetakis shows how to use Docker to run a PDP-11 simulator. The magic here, in my opinion, is in the simulator (not in Docker), but it’s still an interesting look at how one might use Docker.
- Also from Nick, here’s an attempt to the answer the question, “Do I learn Docker Swarm or Kubernetes?”
- I debated on adding this link because I wasn’t sure how useful it might be to readers, but decided to include it anyway. Apache Guacamole describes itself as “a clientless remote desktop gateway” supporting standard protocols like SSH, VNC, and RDP.
- Tamás Török has a quite lengthy post on transforming your system into microservices. It’s nice to see some of the challenges—which aren’t all technical—mentioned as well, as sometimes today’s tech writers only seem to see microservices through rose-colored glasses.
- This is an awesome collection of patched fonts.
- OpenSSH on Windows—what a time to be alive! It almost makes me want to add a Windows 10 machine to my collection…
- I enjoyed this developer-centric comparison of Kubernetes and Pivotal Cloud Foundry.
Storage
Virtualization
- Brendan Gregg has a really good post describing the AWS virtualization journey and Nitro, their new lightweight KVM-based hypervisor.
- Here’s a look at using
govcto manage vSphere from the Linux command line. I haven’t messed much withgovc(mainly because I don’t have a home lab running vSphere), but it looks pretty cool. - Luc Dekens shares a PowerShell script to clean up vSphere permissions.
Career/Soft Skills
- Although targeted at “creatives,” I think there are some tips and ideas in this post that are equally applicable to IT professionals.
That’s it for this time around. Look for the next Technology Short Take in a couple of weeks, where I’ll have another curated collection of links and articles for you. Until then, enjoy!