Technology Short Take 113

Published on 3 May 2019 · Filed in Information · 847 words (estimated 4 minutes to read)

Welcome to Technology Short Take #113! I hope the collection of links and articles I’ve gathered for you contains something useful for you. I think I have a pretty balanced collection this time around; there’s a little bit of something for almost everyone. Who says you can’t please everyone all the time?

Networking

Via the Kubernetes blog, Box announced it has open sourced a project called kube-iptables-tailer, which turns packet drops from iptables into Kubernetes events that can be logged for easier troubleshooting. The GitHub repository for the project is here.
Via BlueCat Networks, John Capobianco shares his network automation journey. In part 1, John discusses the frameworks/tooling and the goals for his network automation efforts; in part 2, John digs into getting started with Ansible and the initial impact of his efforts.
Diógenes Rettori has a comparison of Istio and Linkerd as solutions for service mesh. Personally, I could’ve done without the little product advertisement at the end, but that’s just me.
Here’s a good article on packets-per-second limits in EC2.

Servers/Hardware

AnandTech has some coverage of the latest Intel processor announcements, which totally flew by my radar.

Security

I recently read about the Evil-Twin Framework (ETF), a tool for doing some wireless penetration testing.
Dejan Zelic talks in some detail about the dangers of exposing the docker.sock socket.
Bogdan Popa educates folks on using ProxyCommand and ProxyJump instead of SSH agent forwarding.
Keybase discusses some challenges with encrypted chat applications and how their architecture avoids some of those challenges.

Cloud Computing/Cloud Management

This looks like a handy tool. It was pointed out to me quite some time ago, but I was lax in getting into a Technology Short Take.
This bare metal host management solution for Kubernetes looks interesting, but it seems like something that should be part of the community’s ClusterAPI efforts.
This past week Microsoft and VMware announced Azure VMware Solutions, which allows customers to run the VMware software stack on Azure (an arrangement similar in nature to VMware Cloud on AWS, as I understand it). One key difference to keep in mind is that this solution is delivered by Microsoft (not VMware); with VMware Cloud on AWS, the solution is delivered by VMware. Check out Thomas Maurer’s post on the announcement.
Henning Jacobs shares his perspective on many Kubernetes clusters vs. fewer Kubernetes clusters.
This article on edge triggering vs. level triggering in Kubernetes is really good, and well worth reading.

Operating Systems/Applications

This post is from 2012, but is—to me—still as applicable today as ever.
Nicolas Fränkel discussing some optimizations that might be possible by building dependencies into your Docker base layer. I could see this making sense in this case, since the dependencies are pretty stable.
William Henry takes some time to explain podman and buildah in terms that are familiar for existing Docker users.
I’ve said before that just becuase you can do something doesn’t mean you should do it. Nathaniel Schutta takes that approach to breaking your application down into microservices, and provides six factors to help gauge whether a microservices architecture is the right approach.
Rinu Gour an article titled “Kafka for Beginners,” but the article covers a lot of ground (in my opinion)—perhaps a bit too much for true beginners to Kafka (like myself). Still, it’s a useful collection of terminology and Kafka-related links.
This article on building DevOps pipelines with open source tools was exactly what a beginner (to CI/CD) needed. It’s high-level and not very detailed, but it outlines the basic components of a pipeline and provide options for each component. If you’re new to this space as well, you may also find this article helpful.
Lars Kellogg-Stedman has a post on writing Ansible filter plugins.

Storage

It’s the end of an era. This, plus the fact that Howard Marks is working for a vendor…what is the world coming to?
Jim Handy (“The SSD Guy”) has a four-part series (I think only three parts have been published as of this post) on the two different operating modes for Intel’s Optane DIMMs (persistent memory). Start with part 1, which is here. Thankfully, Jim has done a good job of linking together the different parts of the series.

Virtualization

Here’s a great post with more details on concerns over randomness in virtual machines.
Although written more from a security perspective (as in helping folks get started with security research), this article on Hyper-V provide some good foundational information that’s useful for just about anyone.

Career/Soft Skills

This slightly older post by Jessie Frazelle outlines what she envisions it means to be a “distinguished engineer” (or some other high-level technical individual contributor). There are some great points here that are, in my opinion, well worth considering.
Alice Goldfuss’ article on how to get into SRE is also worth reading, in my opinion, even if you aren’t interested in SRE specifically. Why? The guidance she offers is applicable in many cases to any technical specialty you might be interested in pursuing.

Hit me on Twitter with any comments or feedback. Otherwise, enjoy catching up on some technical reading!

Metadata and Navigation

Networking Hardware Security Storage Virtualization Docker SSH Kubernetes Ansible Automation AWS Intel HyperV
Previous Post: Technology Short Take 112
Next Post: A Sandbox for Learning Pulumi

Scott's Weblog The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking