Newsletter #21


Software releases, news articles and other new stuff

DuckDuckGo, Mozilla launch privacy settings for the internet

A group of tech companies, publishers, and activist groups including the Electronic Frontier Foundation, Mozilla, and DuckDuckGo are backing a new standard to let internet users set their privacy settings for the entire web.

Such initiatives are very welcome and I for sure will turn on this option. Although I doubt that the effect will be that big, like "Do Not Track", which was a good idea but rarely adhered to. I for myself defend my privacy by using several tools: Pi-Hole, uBlock Origin and Firefox.

IBM to split into two companies by end of 2021
#ibm, #redhat, #openshift

IBM announced this morning that the company would be spinning off some of its lower-margin lines of business into a new company and focusing on higher-margin cloud services. During an investor call, CEO Arvind Krishna acknowledged that the move was a "significant shift" in how IBM will work, but he positioned it as the latest in a decades-long series of strategic divestments.

Interesting move. For me it's not that clear which part of IBM goes where, we'll find out once they announce more. It's also not clear to me what the impact to Red Hat will be with this change, hopefully it's for the best.

Dendrite is entering Beta! |
#matrix, #chat, #release

We’re very excited to announce that Dendrite, the next-generation Matrix homeserver from the core Matrix team, is at last exiting alpha development and entering beta testing!

While following the Matrix project I wondered for a long time what happened to Dendrite. Here we are, a beta release. The article also contains some interesting history. Unfortunately I'm not really actively using Matrix. I'm reachable under

Introducing DigitalOcean App Platform
#digitalocean, #paas, #kubernetes

It’s every developer’s dream to simply write code, click a button, and then automatically deploy and run their code at scale for millions or even billions of users.

Yet another PaaS. DigitalOcean is and was capable of delivering very user friendly services, this eventually makes it possible for having a chance in the PaaS market.

Python Release Python 3.9.0
#python, #release

Python 3.9.0 is the newest major release of the Python programming language, and it contains many new features and optimizations.

Too bad it takes very long for new Python releases to hit mainstream Linux distros. Good for me as an Arch user, packaging is already ongoing.

Rancher Release v2.5.0
#rancher, #release

Cluster Explorer, Rancher Continuous Delivery powered by Fleet, Enhanced EKS Lifecycle Management, Istio 1.7, RKE Government, CentOS/RHEL 8 Support, OPA Gatekeeper, RancherD

A huge release as far as I can see. At least Fleet, RKE Government and RancherD are very promising features. Although I'm very puzzled what RancherD actually is: "As mentioned, RancherD is powered by our new Kubernetes distribution, RKE Government". OK, but clicking on the docs links points to RKE2. There we can read Why two names?. So now we have "RancherD", "RKE Government", "RKE2" and "K3s". Looking forward to get some clarification from Rancher Labs on that. Naming was already hard (Company name the same as the product is always hard).

OpenSSH 8.4
#openssh, #release

It is now possible to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K. For this reason, we will be disabling the "ssh-rsa" public key signature algorithm by default in a near-future release.

OpenSSH is in full swing. Too bad again that it takes a long time to reach mainstream Linux distros, especially on the server side. I see many good features in the past few releases which I would love to see usable, most prominently "FIDO/U2F Support" since 8.2.

Crossplane 0.13

While writing the newsletter the release wasn't out, but as I could read in Slack it was very actively being worked on. So by the time you read this newsletter it might be released and ready. In my understanding that's not just a version bump from 0.12 to 0.13 but feels more like to 2.0 as it changes a lot of concepts completely for example with the concept of Crossplane Composition. I'll certainly add more infos in the next issue when the release is out including the release notes and hopefully some blog posts.


Interesting articles and blog posts

A Linux sysadmin's introduction to cgroups
#cgroups, #linux, #kernel

Defining cgroups and how they help with resource management and performance tuning in this first article kicking off a four-part series covering cgroups and resource management.

It's always good understand the basics and from time to time a refresh is needed. That is a good one, especially when working with containers all day.

How to Defeat Busy Culture
#psychology, #work

At home and at work, “busy” culture worsens the problems it promises to solve. It’s natural to assume that the busier we are, the bigger the impact we’ll be able to make — but in reality, studies have shown that busy culture destroys productivity and pulls us away from both our families and deeper relationships with our coworkers.

Being busy is a huge stress factor for me. Slowing down actually makes me much more productive, feeling better and the results of the work is much much better. It's not easy, but saying no, no and again no is they key to slowing down. Check out It's OK, this page also helps!

How to Run Keycloak in HA on Kubernetes
#keycloak, #ha, #kubernetes

How to setup Keycloak, the Open Source Identity and Access Management, in HA on Kubernetes.

Not being able to log in because the log in system is down definitively is a no-no. Run your Keycloak HA!

How to migrate OpenShift 3 to OpenShift 4 - VSHN AG
#openshift, #migration

Migrating OpenShift Container Platform (OCP) 3 to 4: learn about possible migration paths and why you should make the move to the new version of OpenShift.

An article which I co-authored. Helps to get a few tips on how to migration to the next generation OpenShift platform.

The Absolute No-Frills Quite Ignorant Very Incomplete And Certainly Flawed Beginner’s Guide To Smalltalk – De Programmatica Ipsum
#smalltalk, #programming, #story

I must start this article of mine about Smalltalk with a similar disclaimer. It took me weeks to work out what to talk about for the Smalltalk issue of De Programmatica Ipsum. I just did not know anything about it.

Adrian, the author of this article, is a co-worker of mine at VSHN and I must admit that reading his articles is always a pleasure! This one especially, as I had some touching point with Smalltalk applications at one of the companies I worked for in the past.

USB3: why it's a bit harder than USB2 - kate's lab notebook
#usb, #hardware, #story

Interesting story. Very low-level, I could not understand everything, but it gave me an idea of the challenges.

Jan-Piet Mens :: Airports of the world
#dns, #airport, #iata

I thought it’d be amusing to provide the public domain data via the DNS, so I did just that. Each airport has a couple of TXT and a LOC record associated with it. The domain name is the 3-letter IATA code.

Jan-Piet and his DNS... A perfect match! Reading through this article again after a few days and seeing all the updates, all I can say is "that escalated quickly, wonderful!"

dig +short URI

Others are doing funny things with DNS as well:

dig +short TXT

How long can Prometheus retention be?

When planning a Prometheus deployment you might have gotten the impression that Prometheus isn't designed for more than 2 weeks of storage, so if you want more you have to use a clustered storage system such as Thanos, Cortex, or M3DB. This is however a common misconception.

Thanks for writing this down! I must admit that I always thought that keeping data for more than 15 days in Prometheus is a no-no, but I stand corrected after reading this article.

yq : A command line tool that will help you handle your YAML resources better - DEV
#kubernetes, #yaml, #template, #cli

yq is a great command-line tool for templating YAML files, and it’s a lighter weight option to popular tools such as Helm and Kustomize.

You need to know that tool to get a certified YAMLeneer.

Understanding How UUIDs Are Generated - Digital Bunker
#uuid, #security

You’ve likely used UUIDs in projects before and assumed them to be unique. Today, we’ll take a look at the main aspects of the implementation and understand why UUIDs are practically unique, though an incredibly small potential for duplication exists.

Oh wow! I always thought that UUIDs are just a bunch of random characters. But there's more behind.

Why managing dev environments is a full time job at Eventbrite | Blimp
#development, #kubernetes, #story

Deciding when to invest in developer productivity improvements is hard. If you’re on the ops side of things, you’re usually concerned about production and releases. If you’re a developer, you’re concerned about getting new features out as quickly as possible.

When developers can't do their work they're time is wasted. That's why we offer such services to other companies at VSHN, we think that developers should not have to care about their tooling and should just be able to code.

Speeding up HTTPS and HTTP/3 negotiation with... DNS
#dns, #https, #http3

In late June, Cloudflare's resolver team noticed a spike in DNS requests for the 65479 Resource Record thanks to data exposed through our new Radar service. We began investigating and found these to be a part of Apple’s iOS14 beta release where they were testing out a new SVCB/HTTPS record type.

Calling this new DNS Resource Record HTTPS certainly doesn't look like a good idea. "Please query for an HTTPS record over DNS over HTTPS, thanks".


Open Source tools newly discovered

Kdo: deployless development on Kubernetes | kdo
#kubernetes, #dockercompose, #development

Kdo is a command line tool that enables developers to run, develop and test code changes in a realistic deployed setting without having to deal with the complexity of Kubernetes deployment and configuration.

GitHub - chriswalz/bit: Bit is a modern Git CLI
#git, #cli

bit is an experimental modernized git CLI built on top of git that provides happy defaults and other niceties:

GitHub - screego/server: screen sharing for developers

In the past I've had some problems sharing my screen with coworkers using corporate chatting solutions like Microsoft Teams. I wanted to show them some of my code, but either the stream lagged several seconds behind or the quality was so poor that my colleagues couldn't read the code. Or both. That's why I created screego. It allows you to share your screen with good quality and low latency. Screego is an addition to existing software and only helps to share your screen. Nothing else (:.

GitHub - storax/kubedoom: Kill Kubernetes pods by playing Id's DOOM!
#kubernetes, #doom, #game, #chaos

The next level of chaos engineering is here! Kill pods inside your Kubernetes cluster by shooting them in Doom!

GitHub stevesoltys/seedvault: A backup application for the Android Open Source Project.
#android, #backup, #lineageos

This application is compiled with the operating system and does not require a rooted device for use. It uses the same internal APIs as adb backup which is deprecated and thus needs a replacement.

GitHub - kelda/blimp: Blimp: Develop with Docker Compose in the cloud
#kubernetes, #development, #docker, #dockercompose

Blimp lets you develop in the cloud, reducing CPU and RAM usage on your laptop. It supports the same configuration and workflows as Docker Compose.

You've successfully subscribed to Tobias Brunner aka tobru
Great! Next, complete checkout to get full access to all premium content.
Error! Could not sign up. invalid link.
Welcome back! You've successfully signed in.
Error! Could not sign in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Error! Stripe checkout failed.
Success! Your billing info is updated.
Error! Billing info update failed.