Newsletter #34


Interesting articles and blog posts

Press Release - VideoLAN is 20 years old! - VideoLAN
#vlc, #streaming, #anniversary

The VideoLAN project and the VideoLAN non-profit organization are happy to celebrate today the 20th anniversary of the open-sourcing of the project.

I remember VLC very well, although don't use it anymore that much these days. A very cool application.

[German] Twitter-Frage: Wie kann man der Nutzung seiner Daten durch Clubhouse oder WhatsApp widersprechen? | Steiger Legal
#rights, #privacy

Bei Twitter wurde ich gefragt, wie und wo man der Nutzung seiner Daten bei Instant Messaging-Diensten und Social Media-Plattformen widersprechen kann.

Better don't use these services (anymore). There are good alternatives around.

The New Stack: Top Cloud Native Technology Trends from 2020 – The New Stack
#cloudnative, #technology

In our sector, however, development on cloud native technologies continued apace, as this community is no stranger to remote, distributed work.  From The New Stack (virtual) news desk, here are a few interesting technology trends that have emerged in the last 12 months in this space, and how we see them impacting cloud native computing in the years to come.

Crossplane! =)

Securing Your GitHub Project
#github, #security

Recently I have been thinking and talking to other people about open source security. The more conversations I had, the more convinced I became that this is a very complex topic. It is full of nuance and conflicting opinions. It is also an area that is in need of guidance and educational content.

How Prometheus monitoring mixins can make effective observability strategies accessible to all | Grafana Labs
#grafana, #mixin, #prometheus, #jsonnet

Three years ago, Tom Wilkie and Frederic Branczyk sketched out the idea for Prometheus monitoring mixins. This is a jsonnet-based package format for grouping and distributing logically related Grafana dashboards with Prometheus alerts and rules.

Kubernetes RBAC Security Pitfalls — impidio - Consulting for IT Security
#kubernetes, #security, #rbac

I want to provide some common mistakes and vulnerabilities that you probably want to know about when designing, configuring or auditing Kubernetes authorization. This post is not a complete guide to Kubernetes or RBAC security and only covers a few specific aspects.

Vertical Pod Autoscaling: The Definitive Guide - Povilas Versockas
#kubernetes, #resource, #vpa

When you deploy a new application to Kubernetes, you need to specify it’s resource requirements. Typically engineers start with some random number copy-pasted from somewhere. As you develop and deploy more and more applications, there will be many more resource requirement speculations. And the difference between actual usage and resource requirements will compound.

#nlnog, #ring, #network, #anniversary

This month marks the tenth anniversary of the NLNOG RING project. In this article we look back on how the project came to be and how it evolved over this past decade.

kettanaito/naming-cheatsheet: Comprehensive language-agnostic guidelines on variables naming.
#naming, #cheatsheet

Naming things is hard. This sheet attempts to make it easier. Although these suggestions can be applied to any programming language, I will use JavaScript to illustrate them in practice.

Firecracker: start a VM in less than a second
#firecracker, #vm, #howto

Hello! I spent this whole past week figuring out how to use Firecracker and I really like it so far.

Kubernetes: What is "reconciliation"? - Speaker Deck
#slides, #kubernetes, #reconciliation

A very brief exploration of what we mean when we talk about reconciliation in the context of Kubernetes APIs and controllers. This is mostly animation-style pictures, so don't be afraid of the length of it :)

Software development topics I've changed my mind on after 6 years in the industry - Blogomatano
#appdev, #opinion

What I Would Do If I Ran Tarsnap | Kalzumeus Software
#tarsnap, #backup, #productmanagement

Tarsnap is the world’s best secure online backup service.  It’s run by Colin Percival, Security Officer Emeritus at FreeBSD, a truly gifted cryptographer and programmer.  I use it extensively in my company, recommend it to clients doing Serious Business (TM) all the time, and love seeing it successful.

[German] Mini-Rechenzentren heizen Basler Wohnungen
#datacenter, #greenit

Wer rechnet, heizt richtig – und das im wortwörtlichen Sinn. Die Basler Energieversorgerin IWB installiert dezentrale Rechenzentren in Wohnhäusern. Und mit der Abwärme heizt sie die Stuben und das Duschwasser. So werden Kilowatt und Gigabit clever verknüpft.


Open Source tools newly discovered

dty1er/kubecolor: colorizes kubectl output
#kubectl, #shell, #colors

kubecolor colorizes your kubectl command output and does nothing else. kubecolor internally calls kubectl command and try to colorizes the output so you can use kubecolor as a complete alternative of kubectl.

Carvel - kapp
#kubernetes, #app, #deploy

Deploy and view groups of Kubernetes resources as "applications". Apply changes safely and predictably, watching resources as they converge.

KubeVela - Make shipping applications more enjoyable.
#kubernetes, #pipeline, #paas

For developers, KubeVela is an easy-to-use yet extensible platform that enables them to design and ship applications with minimal effort. For platform builders, KubeVela is the core engine that empowers them to create above platform with ease.

pipe-cd/pipe: Continuous Delivery for Declarative Kubernetes, Serverless and Infrastructure Applications
#gitops, #cicd, #kubernetes

PipeCD provides a unified continuous delivery solution for multiple application kinds on multi-cloud that empowers engineers to deploy faster with more confidence, a GitOps tool that enables doing deployment operations by pull request on Git.

GitHub - brennerm/uptimerobot-operator: An inofficial Kubernetes operator that creates UptimeRobot monitors for your ingresses
#kubernetes, #operator, #monitoring, #uptimerobot

This operator automatically creates uptime monitors at UptimeRobot for your Kubernetes Ingress resources. This allows you to easily integrate uptime monitoring of your services into your Kubernetes deployments.

GitHub - leg100/etok: Execute Terraform on Kubernetes
#terraform, #kubernetes

creativeprojects/resticprofile: Configuration profiles for restic backup
#restic, #backup, #schedule

resticprofile is the missing link between a configuration file and restic backup. Creating a configuration file for restic has been discussed before, but seems to be a very low priority right now.

homeport/dyff: /ˈdʏf/ - diff tool for YAML files, and sometimes JSON
#yaml, #diff, #shell

dyff is inspired by the way the old BOSH v1 deployment output reported changes from one version to another by only showing the parts of a YAML file that change.

virtual-kubelet/systemk: Systemk is a systemd backend for the virtual-kubelet. Instead of starting containers, you start systemd units.
#kubernetes, #systemd, #virtualkubelet, #k3s

This is a virtual kubelet provider that uses systemd as its backend. Every Linux system has systemd nowadays. By utilizing K3s (just one Go binary) and this virtual kubelet you can provision a system using the Kubernetes API. The networking is the host's network, so it make sense to use this for more heavy weight (stateful?) applications. The filesystem is semi hidden, but emptyDir and the like works.

cilium/team-manager: Bot to manage team members in GitHub organizations
#github, #team, #bot, #helper

Team manager is a utility that allows an organization owner to add or remove people from existing teams and / or assign people for GitHub team review assignments.

benbjohnson/litestream: Streaming S3 replication for SQLite.
#sqlite, #s3, #streaming

Litestream is a standalone streaming replication tool for SQLite. It runs as a background process and safely replicates changes incrementally to another file or S3. Litestream only communicates with SQLite through the SQLite API so it will not corrupt your database.

You've successfully subscribed to Tobias Brunner aka tobru
Great! Next, complete checkout to get full access to all premium content.
Error! Could not sign up. invalid link.
Welcome back! You've successfully signed in.
Error! Could not sign in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Error! Stripe checkout failed.
Success! Your billing info is updated.
Error! Billing info update failed.