Technology Short Take 117
Published on 2 Aug 2019 · Filed in Information · 701 words (estimated 4 minutes to read)Welcome to Technology Short Take #117! Here’s my latest gathering of links and articles from the around the World Wide Web (an “old school” reference for you right there). I’ve got a little bit of something for most everyone, except for the storage nerds (I’m leaving that to my friend J Metz this time around). Here’s hoping you find something useful!
Networking
- Ronald de Jong sheds some light on a potential “gotcha” with distributed multi-tier routing configuration in NSX. The key takeaway here is that anytime there is firewalling or other stateful services in place, the traffic will route to the (non-distributed) service router instead of just the distributed routers.
- Northbound Networks provides some information on the P4 programming language.
- Via the Packet Pushers blog, Daniel Himes provides a guide to a starting point for enterprise (network) automation.
Servers/Hardware
- AnandTech has a nice article on the future PCIe 6.0 spec, expected in to land in 2021.
Security
- Ronnie Flathers shares how he uses Docker for penetration testing.
- Interested in running Hashcat on AWS EC2? See this article by Ben Mason.
- Another data breach, this time from Capital One, hit the news this past week. Corey Quinn has his take on the breach here, and Brian Krebs has more information here.
Cloud Computing/Cloud Management
- Dan Finneran has a great introductory post on first steps with
govmomi
. - Iman Tumorang shares how to use a private instance of Google Container Registry (GCR) from a Kubernetes cluster.
- Mohamed Labouardy has a write-up showing how to pull together various Google services, including GKE, Cloud Build, and GCR along with Terraform and Packer, to build a CI/CD workflow.
- This is probably the strongest use case I’ve seen so far for using a general-purpose programming language for infrastructure-as-code. The linked article uses TypeScript with Pulumi, but the concept—being able to extend existing concepts via a general purpose programming language to add new functionality—applies equally well to other environments as well.
Operating Systems/Applications
- Steve Sloka explains how to run Contour (a Kubernetes ingress controller) using
kind
. - Nicholas Lane digs into using Kubernetes’
client-go
dynamic client to work with namespaced Custom Resource Definitions (CRDs). - David Holder talks briefly about application security with mutual TLS (mTLS) via Istio. I take exception to the use of “application security” in David’s title, which I (personally) take to mean something more than mutual TLS (which is more about application identity and authentication/authorization). However, that’s a minor nit, and the article is a good introduction to what mTLS is and how it may be implementing using Istio.
- Fatih Arslan shares some tips for writing idempotent Bash scripts.
- Daniel Weibel has ideas for boosting your
kubectl
productivity. - I recently stumbled across
kube-score
, which performs static analysis of Kubernetes object definitions (for more information, see the GitHub repository). - The Kubernetes ecosystem is rapidly exploring ideas to help with the creation and manipulation of YAML (and JSON) for object definitions. Two new (to me, at least) options are CUE and
jk
. Gareth Rushgrove describes CUE in this post (also see the CUE website for more information), and Damien Lespiau briefs readers on thejk
tool for generating object definitions using TypeScript. - Some of the Kubernetes APIs are being deprecated in the upcoming 1.16 release; more details are available here.
- Ian Miell talks about purging Docker from all his home servers.
Storage
Nothing from me this time around, but if you’re really hurting for some storage news and views, check out Storage Short Take #12 from J Metz.
Virtualization
- Gavin Stephens talks about using Ansible to automate VM and OVA appliance deployments.
Career/Soft Skills
- James Beswick explores the cloud skill shortage and why it exists even though there are plenty of folks who are certified. The “TL;DR” is, in my mind, captured in this statement: “They want people with solid experience, a risk-free bet that the new hire can execute the tech flawlessly.” I’d say this is a strong indicator that experienced IT folks who are able to assimilate new skills are going to have an advantage moving forward.
OK, enough is enough, time to wrap it up. As always, feel free to engage with me on Twitter if you have any questions, corrections, suggestions, or other feedback. Thanks!