Technology Short Take 151
Published on 21 Jan 2022 · Filed in Information · 739 words (estimated 4 minutes to read)Welcome to Technology Short Take #151, the first Technology Short Take of 2022. I hope everyone had a great holiday season and that 2022 is off to a wonderful start! I have a few more links than normal this time around, although I didn’t find articles in a couple categories. Don’t worry—I’ll keep my eyes peeled and my RSS reader ready to pull in new articles in those categories for next time. And now for the content!
Networking
- Mike Fiedler explores differences in ways for container-to-container communication to occur.
- Aidan Steele examines how VPC sharing could potentially improve security and reduce cost.
- What do you think microsegmentation means?
- Nick Schmidt talks about using GitOps with the NSX Advanced Load Balancer.
Servers/Hardware
- The Next Platform takes a look at Amazon’s Graviton3 processor.
- Ru Singh provides a review of her M1-based MacBook Air.
- Here’s a great review of the Framework laptop.
- Losing to Apple—whose M-series chips are widely regarded as faster and more efficient than Intel’s chips—has apparently stung the chip giant into revving up the innovation engine. These details on their 12th-generation H processors shows that Intel appears to be intent to regain the lead. Time will tell how successful they are.
- Chris Evans revisits the discussion regarding Arm processor architectures in the public cloud.
- And, speaking of Arm processor architectures in the public cloud, here’s another look at Amazon’s Graviton2 and Graviton3 chips, as discussed in a pair of re:Invent talks.
Security
- Kat Traxler considers the impact of the Log4J vulnerability in cloud-based environments.
- I was very glad to see this blog post about the financial future of the GnuPG project.
- The story of a developer deliberately polluting their open source projects—as outlined here for the “colors.js” and “faker.js” libraries hosted on NPM—is a software supply chain issue that I suspect many organizations hadn’t considered. Now they’re going to have to start accounting for this possibility.
- Cross-platform malware. Ugh.
- Orca Security discusses the “Superglue” vulnerability in AWS Glue.
Cloud Computing/Cloud Management
- Benoît Bouré explains how to use short-lived credentials to access AWS resources from GitHub Actions.
- Ivan Velichko has a detailed article on Kubernetes API resources, kinds, and objects.
- Sander Rodenhuis wrote an article on security policies in Kubernetes. The post focuses on Otomi, which in turn leverages Open Policy Agent and Gatekeeper.
- Michael Gasch pontificates on Knative’s missteps in this post from June 2021.
- Yann Léger and Alisdair Broshar talk about the technology stack behind the Koyeb Serverless Engine.
- Lydia Leong has a great idea: why not improve cloud resilience using things that actually work, instead of chasing the multi-cloud failover unicorn? There’s some useful and practical advice here, in my opinion.
- Via the Kubernetes blog, Rory McCune of Aqua Security provides some guidelines for securing admission controllers.
Operating Systems/Applications
- I recently had a need to do a multicast DNS lookup, and this article was critical in figuring out how to use
dig
to do it. - If you need a quick start for HashiCorp Vault, this one worked really well for me. I found it easier/better than the documentation on the HashiCorp web site, in fact.
- Dennis Felsing shares some thoughts on switching to macOS after 15 years on Linux.
- Running Docker on an M1 Max-based system? This article may provide some useful information.
- Here’s some information on why Microsoft Exchange stopped delivering e-mail messages on January 1, 2022.
- Mark Brookfield has started a series on automating SSL certificate issuance and renewal using HashiCorp Vault Agent, here’s part 1.
- Julia Evans has a quick post on finding a domain’s authoritative name servers. I was already familiar with this process, but I appreciate that there are lots of folks out there who may not have had to ever do this.
- Here’s a handy list of secret phone codes you can use. Some of these I already knew, but a few of them were new to me. Neat.
- The founder of the Nginx project recently stepped away from the project. Read more here.
- BIOS updates without a reboot, and under Linux first? Yes please!
That’s all for now. I hope this was useful in some way! If you have any feedback for me—constructive criticism, praise, suggestions for where I can find more articles (especially if the site supports RSS!), feel free to reach out. I’d love to hear from you! You can reach me on Twitter, or hit me up in any one of a number of different Slack communities.