Technology Short Take 166

 Published on 10 Mar 2023 ·  Filed in Information ·  857 words (estimated 5 minutes to read)

Welcome to Technology Short Take #166! I’ve been collecting links for the last few weeks, and now it’s time to share them with all of you. There are some familiar names in the links below, but also some newcomers—and I’m really excited to see that! I’m constantly on the lookout for new sources (if you have a site you think I should check out, hit me up—my contact info is at the bottom of this post!). But enough of that, let’s get on with the content. Enjoy!

Networking

• Kevin Jin’s post on the APNIC blog about network automation tools is a great read. He discusses Netmiko, NAPALM, and Nornir in some detail, and provides some guidance around which network automation tool may be right for you.
• Rob Novak shares his experience in replacing Meraki with TP-Link Omada.
• Anton Kuliashov writes about why Palark uses Cilium for Kubernetes networking.
• Nick Buraglio discusses IPv6 Unique Local Addressing (ULA).
• Given how frequently I include content from Ivan, you can probably tell that I’m a big fan. This time I’m including two of his articles. In the first, he discusses the relationships between Layer 2 (VLAN) and Layer 3 (subnet) segments. In the second, Ivan unpacks news of recent vulnerabilities hiding malicious packets behind the LLC SNAP header. Both are great reads. But then when is one of Ivan’s posts not a great read?

Servers/Hardware

• Kevin Houston provides some instructions on backing up the Dell PowerEdge MX7000 settings and configurations.
• Frank Denneman digs into Sapphire Rapids memory configurations (Sapphire Rapids is Intel’s 4th generation Scalable Processor Architecture).
• William Lam shares news about higher-capacity SODIMMs available for small or ultra small form factor systems.

Security

• Jeff Warren discusses a potential way for malicious players to bypass multi-factor authentication, aka the “Pass the Cookie” attack.
• Aditya Patel takes a closer look at AWS’ recent announcement to enable server-side encryption (SSE) on S3 by default, and whether this new default setting offers any real improvement in security posture. I won’t spoil you by sharing his conclusion; go read the article (which is really well-written, in my opinion) to find out for yourself.
• Alberto Pellitteri with Sysdig discusses SCARLETEEL, an operation conducted by an attacker that leveraged many of the tools found in modern cloud environments: Kubernetes, Terraform, and AWS. I highly recommend reviewing the article and considering what takeaways apply to your environment, if any.
• Martin Smolár of ESET provides the first public analysis of a UEFI bootkit that is capable of bypassing UEFI Secure Boot, a bootkit known as BlackLotus.

Cloud Computing/Cloud Management

• This article on using Open Policy Agent (OPA) as a custom Lambda authorizer for the AWS API Gateway was informative and helpful. It did underscore something for me, though: I need to improve my coding skills.
• Do you need Argo CD? This article by Kirill Shirinkin provides, in the author’s words, “some guidelines that will help you to assess if Argo CD makes sense for your setup”.

Operating Systems/Applications

• Stewart X Addison shares some macOS “first experiences” from a Linux user.
• Simon Willison shares a “Today I Learned” entry about sips, a command line-based image processing utility for macOS.
• Kaleidoscope is my “go to” diff tool on macOS, and so I found this article on using Kaleidoscope to compare binary files interesting. In the future, I think I’ll use this article to help folks understand why I prefer the terminal, too; compare the GUI solution via Shortcuts to the terminal solution at the end!
• Recently the runwasi project joined containerd, enabling containerd to support WASM (WebAssembly) containers. This article provides more details. Given containerd’s prevalence—the article points out it’s also behind Docker—is this the nudge that WASM containers need to go mainstream?
• Via Nick Schmidt, I learned about D2, a language for “diagrams as code” using a DSL. I’ll be giving this a spin soon, but in the meantime if this sounds interesting to you check out the D2 GitHub repository.
• Yorick Peterse shares his experience with Fedora Silverblue.
• Diego Crespo talks about PowerShell on Linux and his experience with it.
• Here’s an article with some useful tips on improving Git performance (note that most of this applies to large repositories).
• ffmpeg is such a useful tool (prompted by this article).

Storage

• This is a good (albeit slightly dated) overview of EBS volume types.
• Ever wondered how much data you can store in a single S3 bucket? Wonder no longer.

Virtualization

• Frank Denneman discusses simulating NUMA nodes for nested ESXi virtual appliances.
• If you’re into the VMware homelab thing (and I know quite a few folks are), then William’s article on interesting homelab kits for 2023 might be right up your alley.

I don’t have any career/soft skills links for you this time, so that’s all for now! I hope that I’ve included something that you’ll find useful. As always, I invite your feedback on this post or any post on my site; feel free to reach out to me on Twitter or find me on Mastodon. I’m also present in a number of Slack communities, and you’re welcome to contact me directly there as well. Thank you for reading!

Metadata and Navigation

 Automation  AWS  Cilium  Encryption  ESXi  Fedora  Git  Hardware  Kubernetes  Linux  macOS  Networking  OPA  Security  Storage  Terraform  Virtualization  VMware
Previous Post: Creating a Talos Linux Cluster on AWS with Pulumi
Next Post: Creating a Talos Linux Cluster on Azure with Pulumi

Be social and share this post!