Technology Short Take 183
Published on 4 Oct 2024 · Filed in Information · 620 words (estimated 3 minutes to read)Welcome to Technology Short Take #183! Fall is in the air; the nights and mornings are cooler and the leaves are turning (or have already turned in some areas!). I’ve got a slightly smaller collection of links for you this time around, but I do hope that you’ll find something shared here useful. Enjoy!
Networking
- Network World provides some coverage of the recent 2024 eBPF Summit, discussing why eBPF is critical and how it’s getting better.
- I first learned of Kmesh via this article by Jimmy Song. There’s no doubt eBPF is impacting lots of different areas of networking; this is just one more example.
- ARM-based architectures continue to see expanded usage in lots of different areas; here’s just one more example.
Security
- This article is a fascinating look into a series of misconfigurations and security flaws that culminates with full cluster admin privileges and access to internal software repositories. Wow! Remember, kids: outbound sidecars are not secure enforcement points.
- A group of individuals being able to accidentally become the admins of a top-level domain (TLD) underscores just how fragile many parts of the Internet are today.
- Ricky Mondello (who works on Apple’s new Passwords app) advises people to consider slowing down when switching password managers.
- James Sheard discusses a (now patched) security flaw in AWS Transit Gateway Peering Attachments.
- This article discusses a security vulnerability in the Arc browser; more specifically, in the Arc browser’s companion online services.
- A botnet of up to a quarter million devices?
Cloud Computing/Cloud Management
- Spurred on by a comment from a colleague that in turn pointed me to a random GitHub issue, I’ve learned about CEL (Common Expression Language). You can learn more about CEL via the CEL web site. Why does this matter? This is notable for its inclusion in Kubernetes, and the use of CEL in Validating Admission Policies (which are GA as of Kubernetes 1.30). I do wonder about the future of other tools used for admission control (top of mind for me is OPA/Gatekeeper) and how CEL will affect them.
- In the event you aren’t familiar with the structure of a Kubeconfig file (for connecting to a Kubernetes cluster), this article is somewhat helpful.
Operating Systems/Applications
- Minderbinder is a tool that injects failures into running processes via eBPF. I could be reading this wrong, but it looks like Minderbinder is (currently) focused around injecting network-centric failures.
- I haven’t tried this out yet, but it looks interesting/useful.
- Thinking of trying Arch Linux? Here’s a walkthrough of setting it up on a laptop.
- I am absolutely in love with
kubecolor.
Programming/Development
- Here’s a good article on rate limiting, cells, and GCRA.
Virtualization
- Gina Minks mourns the loss of the vCommunity after attending VMware Explore (formerly VMworld) in Las Vegas. While we might disagree whether the Broadcom acquisition was a good thing or not, and while we might disagree about the future of VMware, I think we can agree that the VMware Community of days past is on its way out (some might say it’s already gone). Gina rightfully calls out just how unique the VMware community was during its heyday—I am thankful to have been a small part of it.
- Eric Sloof recently shared a link to a set of performance best practices for vSphere 8.0 Update 3, if that’s what you’re using.
That’s all for now, folks! Thanks for reading; I appreciate the opportunity to share information with you. If you have any feedback for me—or if you just want to say hi—feel free to reach out to me on Twitter, on the Fediverse, in one of the Slack communities I frequent, or by dropping me an e-mail (my address isn’t hard to find). I’d love to hear from you!