Technology Short Take 150
Published on 31 Dec 2021 · Filed in Information · 837 words (estimated 4 minutes to read)Welcome to Technology Short Take #150! This is the last Technology Short Take of 2021, so hopefully I’ll close the year out “with a bang” with this collection of links and articles on various technology areas. Bring on the content!
Networking
- Ivan Pepelnjak has a post on running network automation tools in a container. In fact, he’s already built some container images, and the post has information on running tools from his prebuilt container image. Well worth reading!
- Tom Hollingsworth likens networking disaggregation to “cutting the cord” and switching away from cable.
Servers/Hardware
- Derek Seaman chronicles his adventures in getting dual displays working with his M1 Pro-based 14" MacBook Pro.
- Glenn Fleishman offers more information on USB cables and standards than you probably cared to know.
Security
- Nicholas Weaver (no, not that Nick Weaver) discusses the Log4Shell vulnerability.
- The Log4J vulnerability and associated exploits has been on many folks’ minds, so it’s only natural that many security companies have been looking into how to mitigate this attack vector. Aqua Security has a write-up on some of their analysis here.
- This is an older post, but it doesn’t look like I’ve linked to it before, so I thought I’d include it here. Some Azure folks from Microsoft have published a threat matrix for Kubernetes. This is useful, in my opinion, because now platform operators have a “starting point” on the specific threats they need to try to mitigate.
- I found this article on NSO/Pegasus a very interesting read. There’s also some great information in this Google Project Zero blog post.
Cloud Computing/Cloud Management
- This is an older article, but resurfaced (on my radar, at least) recently—it’s a collection of serverless best practices from Paul Johnston.
- Cormac Hogan looks at using cert-manager to secure LDAP communication in TKG clusters. Although a lot of this is, in theory, portable to any Kubernetes cluster, keep in mind that some of the commands shared in Cormac’s post are specific to the way TKG does things.
- Dmitri Lerko shows how to use labels to do dynamic alert routing with Prometheus and AlertManager (in other words, routing alerts to the correct team based on labels).
- Tim O’Reilly takes a look at Web3.
- Kevin Swiber shows how to use Postman to deploy an application onto a Kubernetes cluster.
Operating Systems/Applications
- Jérôme Petazzoni lists some anti-patterns when building container images. I like that Jérôme also pointed out that these anti-patterns aren’t always bad (another way of saying sometimes you need to do things differently to satisfy your particular requirements).
- Will Thompson digs a bit deeper into Flatpak disk usage and deduplication. This article is apparently in response to this other article that is critical of Flatpak.
- Filippo Valsorda speculates on how open source maintainers need to evolve into professional maintainers. This is a topic that comes up every time a notable vulnerability or flaw is found in some piece of heavily-used open source software; the prompt this time, as far as I can tell, is the Log4j vulnerability. Regardless of the prompt, I do agree with many of the things Filippo says in this article.
- Beth Marshall (aka “Beth the Tester”) provides a reference guide to blocks in Postman Flows.
- Who’s interested in a graphical desktop companion app for Podman?
- I don’t know…I’m not sure if JSON can ever be described as “for humans” (see this site).
- LaunchBar is, in my opinion, an extremely useful macOS application. Making it even more useful is third-party actions like this one for easily looking up times in cities around the world. (There’s a whole collection of actions in this repository.)
Storage
- Jeff Geerling describes his backup plan. (Jeff, if you aren’t aware, is a fairly prolific YouTube content creator.)
Virtualization
- This article provides some in-depth information on optimizing gVisor to run at scale.
- Here’s how to enable UEFI support on KVM.
- Thomas Leonard has an interesting blog on using virtualization to isolate Xwayland.
- Via this Phoronix article, QEMU 6.2 is available. New features in QEMU 6.2 include, among other things, support for Apple Silicon-based virtualization hosts (to run AArch64 guests).
- I have a genuine question here (not trolling or being sarcastic): what is the use case/intended audience for Cloud Hypervisor? I’m not really understanding where this fits into the overall virtualization landscape.
Career/Soft Skills
- Katarina Brookfield recently shared her experience with the Certified Kubernetes Administrator (CKA) exam; you can find her notes here. Oh, and while we’re at it—you may find Curtis Collicutt’s experience with the Certified Kubernetes Security (CKS) specialist exam helpful as well.
- This post has a list of “10 ways to prove yourself during remote work.” It seems to be primarily targeted at leadership-type roles, but readers may find a few useful tips here.
That’s a wrap! Not only for this Technology Short Take, but also for 2021. I hope that 2022 brings you much success and joy. As always, feel free to contact me on Twitter if you’d like to provide feedback, ask a question, or just say hello. I’d love to hear from you!