Newsletter of Carlos Santana - Issue #21
The newsletter will take a break for 2 weeks during the holidays. I wish everyone a great holiday break and a happy new year.
I have gotten positive feedback on Twitter about the newsletter and will continue it in 2022.
In some personal news, I'm honored to announce that I was elected as a new member of the Knative Steering committee Yay!
News
Welcome new Steering Committee members Carlos and Lance - Knative — knative.dev Knative Blog
Google Online Security Blog: Understanding the Impact of Apache Log4j Vulnerability — security.googleblog.com Posted by James Wetter and Nicky Ringland, Open Source Insights Team More than 35,000 Java packages, amounting to over 8% of the Maven Cent...
IBM Cloud Solution Tutorials: 2021 in Review | IBM — www.ibm.com The year 2021 feels like 2020, but more mature and secure.
Kubernetes 1.23: StatefulSet PVC Auto-Deletion (alpha) | Kubernetes — kubernetes.io Author: Matthew Cary (Google) Kubernetes v1.23 introduced a new, alpha-level policy for StatefulSets that controls the lifetime of PersistentVolumeClaims (PVCs) generated from the StatefulSet spec template for cases when they should be deleted automatically when the StatefulSet is deleted or pods in the StatefulSet are scaled down. What problem does this solve? A StatefulSet spec can include Pod and PVC templates. When a replica is first created, the Kubernetes control plane creates a PVC for that replica if one does not already exist.
The Web3 Fraud | USENIX — www.usenix.org By now effectively all ;login:’s readers have heard the term “web3” and “dapps” bandied about as if they are some great revolution. They are not. The technical underpinnings are so terrible that it is clear they exist only to hype the underlying cryptocurrencies. The actual utility of these “decentralized” systems is already available in modern distributed systems in ways that are several orders of magnitude more efficient and more capable.
Lightbend 2022 Predictions: 3 Predictions for Serverless Computing and Development in 2022 : @VMblog — vmblog.com Here are my 2022 predictions around distributed state and compute, serverless and edge computing, and more.
Gitpod Workspace Networking — www.gitpod.io Gitpod workspaces are Kubernetes pods. Each Kubernetes pod maintains its own network namespace - similar to how a regular container would. We use a combination of user and network namespaces to enable features you wouldn't find in a normal Kubernetes pod.
PoC To Create A Keyless Signed OCI Helm Chart — blog.ediri.io PoC To Create A Keyless Signed OCI Helm Chart TL;DR Code https://github.com/dirien/signed-helm-chart Requirements CR_PAT for the GitHub container registry See this guide for more information on how to create a personal access token. Task Task is a ...
Google Online Security Blog: Improving OSS-Fuzz and Jazzer to catch Log4Shell — security.googleblog.com Posted by Jonathan Metzman, Google Open Source Security Team The discovery of the Log4Shell vulnerability has set the internet on fire. Sim...
eBPF for Service Mesh? Yes, but Envoy Proxy is here to stay - Solo.io — www.solo.io Our goal here at Solo.io is to bring valuable solutions to our customers around application networking and service connectivity. Back in October,
What is IPFS: The Web of the Future - Phemex Academy — phemex.com The InterPlanetary Filing System (IPFS) is a peer-to-peer hypermedia protocol designed to make the Internet faster, safer, and more open.
Cockroach Labs Boosts Its Value To $5 Billion With Latest Funding Round — www.crn.com Cockroach Labs, developer of the Cockroach DB cloud database, raised $278 million and boosted its valuation to $5 billion.
Go 1.18 Beta 1 is available, with generics - go.dev Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.
New tool: Mess with DNS! New tool: Mess with DNS!
KubeCon + CloudNativeCon Europe | Linux Foundation Events — events.linuxfoundation.org CNCF’s flagship conference gathers adopters & technologists from leading OS and cloud native communities for education and advancement of cloud native computing.
Using GitOps for Infrastructure and Applications With Crossplane and Argo CD - — codefresh.io If you have been following the Codefresh blog for a while, you might have noticed a common pattern in all the articles that talk about Kubernetes deployments. Almost all of them start with a Kubernetes cluster that is already there, and then the article explains how to deploy an application on top. The reason for … Read more
Cloud Computing: 2022’s Most Valuable Technologies in Tech - ELE Times — www.eletimes.com Cloud computing is touted as one of the most promising and valuable technologies in the recent past. Cloud computing was the most reliable
Shift your Workspaces to the Cloud | by Stéphane Este-Gracias | Data Essential | Nov, 2021 | Medium — medium.com This article presents a solution to deploy your workspace to the Cloud using Code-Server (by Coder) and Sysbox (by Nestybox). When working on your local computer, you probably heard from your…
Opal webcam: what you get for your $300 upgrade - Protocol — The people, power and politics of tech — www.protocol.com Opal built a webcam it promises is drastically better than the one built into your laptop, or even the fancy one you bought last year. And it's hoping to do even more going forward.
Log4shell by the numbers- Why did CVE-2021-44228 set the Internet on Fire? What the download numbers tell us about the impact of the critical vulnerability CVE-2021-44228
Mitigating log4j with Runtime-based Kubernetes Network Policies – Sysdig — sysdig.com Sysdig’s runtime analysis and Kubernetes network policies provide another layer of mitigation, preventing the log4shell exploit
What happens when you upgrade to Kubernetes v1.24? | jimangel.io — jimangel.io Break your cluster when you want to, not when you have to.
Understanding the Contrast Between Service Mesh and API Management — www.redhat.com API management and service mesh are two popular technologies for securing and managing services. API management products and service mesh products seem to offer some overlapping features, such as security and traffic management.
Deploy your IBM Cloud Paks on specific nodes in your cluster | by Michele Chilanti | Dec, 2021 | Medium — medium.com As you deploy your applications to a Kubernetes cluster, you might often need to ensure that workloads are confined to certain nodes — or group of nodes — so that you can control the allocation of…
All your tracing are belong to BPF | Trail of Bits Blog — blog.trailofbits.com By Alessandro Gario, Senior Software Engineer Originally published August 11, 2021 TL;DR: These simpler, step-by-step methods equip you to apply BPF tracing technology to real-word problems—no specialized tools or libraries required. BPF, a tracing technology in the Linux kernel for network stack tracing, has become popular recently thanks to new extensions that enable novel use-cases…
Cal.com, Inc. raises $7.4m Seed | cal.com — cal.com Cal.com has raised a $7.4m seed round led by Joseph Jacks from OSS Capital with the participation of an open-source all-star team including Naval Ravikant, James Beshara, Liu Jiang, Chad Hurley, Tod Sacerdoti, Remote First Capital, Tribe Capital, Balaji S. Srinivasan, Neha Narkhede, Eliot Horowitz, Job van der Voort, Harini Janakiraman, Glenn Solomon, Alex Bouaziz, Guillermo Rauch, Cassidy Williams, Paul Copplestone, On Deck and many more.
Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | Fastly — www.fastly.com CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.
How to use GitOps in your enterprise architecture strategy | Enable Architect — www.redhat.com Understanding the four guiding principles is like runway lighting for implementing GitOps in your enterprise.
Assets
Top Open Source 30 projects 1/1/2021 - 1/1/2022 - Google Drive
Developer Advocate focus on our mission of helping developers onboard into the Web3 space. — samina.dev Developer Advocate at Decentology
giscus — giscus.app A comments widget built on GitHub Discussions.
Hub Vulnerability Scanning | Docker Documentation Hub Vulnerability Scanning
The Crossplane Resource Graph — blog.upbound.io An open source GraphQL API for Crossplane
Scanning Container Images for CVE-2021-44228 - HackMD — hackmd.io # Scanning Container Images for CVE-2021-44228 Getting on top of the recently announced CVE-2021-44
GitHub - wasmerio/wasmer: 🚀 The leading WebAssembly Runtime supporting WASI and Emscripten — github.com 🚀 The leading WebAssembly Runtime supporting WASI and Emscripten - GitHub - wasmerio/wasmer: 🚀 The leading WebAssembly Runtime supporting WASI and Emscripten
Resto - A CLI app can send pretty HTTP & API requests with TUI. — dormoshe.io Refer to resto website for the documentation. Or you can check out the Wiki. thank you for your time and don't forgot to star the repo if you like it
GitHub - corretto/hotpatch-for-apache-log4j2: An agent to hotpatch the log4j RCE from CVE-2021-44228. — github.com An agent to hotpatch the log4j RCE from CVE-2021-44228. - GitHub - corretto/hotpatch-for-apache-log4j2: An agent to hotpatch the log4j RCE from CVE-2021-44228.
Running Netlify Dev and Eleventy Two or More Times At Once — www.raymondcamden.com A tip for folks using Netlify Dev and Eleventy
WTF is eBPF? A sneak peek interview with Liz Rice — blog.container-solutions.com eBPF is a technology that makes the Linux kernel programmable without developers needing to resort to adding additional modules or modifying the kernel source code itself.
Introducing WebContainers: Run Node.js natively in your browser — blog.stackblitz.com Today we're excited to announce WebContainers, a new type of WebAssembly-based operating system that boots instantly and enables Node.js environments to run natively in-browser.
Skills
Episode 14: The Hybrid Cloud Forecast - Outlook: Life - The Hybrid Cloud Forecast Series | Podcast on Spotify — open.spotify.com
Listen to this episode from The Hybrid Cloud Forecast Series on Spotify. In this episode of the Hybrid Cloud Forecast series, Andre talks to John Cohn, IBM Fellow Emeritus and "Distinguished Agitator Research".
Learn Web3 With These Free Resources — web3.career The List of Web3 Articles and Courses. Learn How to Develop Smart Contracts for Ethereum Blockchain.
Kubernetes Podcast from Google: Episode 167 - Kubernetes 1.23, with Rey Lejano — kubernetespodcast.com Learn all about what's new in today's Kubernetes 1.23 with its release team lead, Rey Lejano. Rey is a Field Engineer at SUSE/Rancher Labs, and a contributor to the Docs, Release and Security SIGs. Long time listener Adam also drops by to ask Craig what's been happening with the hiatus.
Navigating Istio Config: a look into Istio's toolkit - Solo.io — www.solo.io Let's talk about debugging Istio by looking directly at the generated Envoy configuration.... An Istio service mesh gives you dynamic traffic control
The POPCAST with Dan POP — popcast-d9f7b6dc.simplecast.com The POPcast with Dan POP! Join host Dan “Pop” Papandrea as he has conversations with the fascinating people that are driving technology and thought leadership. We cover their personal stories and their journeys including their wins and losses to deep dive into what it is like to lead through technology and new ways of thinking. The POPCAST is one of the world's first open source podcast where some guests and questions are driven through community contributors. Disclaimer: Purely for entertainment/informational purposes.
Committing to Cloud Native — podcast.curiefense.io A Podcast that covers how different organizations are contributing to the cloud native ecosystem.
Cloud Native Rejekts Podcast on Apple Podcasts — podcasts.apple.com Welcome to The Cloud Native Rejekts Podcast! This podcast series will focus on the iconoclastic inventors behind the Cloud Native Revolution. These are the people who “think different” - who Rejekt the status quo, and in so doing dare to risk Rejektion. In the words of Steve Jobs: “while some may se…
The Business of Cloud Native Podcast | Emily Omier Consulting — www.emilyomier.com The podcasts interviews CEOs, end-users, & venture capitalists in the cloud user-space on how to build a successful business around cloud-native technology.
[2105.00560] Deployment Archetypes for Cloud Applications — arxiv.org This is a survey paper that explores six Cloud-based deployment archetypes for Cloud applications and the tradeoffs between them to achieve high availability, low end-user latency, and acceptable costs. These are (1) Zonal, (2) Regional, (3) Multi-Regional, (4) Global, (5) Hybrid, and (6) Multi-Cloud deployment archetypes. The goal is to classify cloud applications into a set of deployment archetypes and deployment models that tradeoff their needs around availability, latency, and geographical constraints with a focus on serving applications. This enables application owners to better examine the tradeoffs of each deployment model and what is needed for achieving the availability and latency goals for their application.
DEF CON 29 - James Kettle - HTTP2: The Sequel is Always Worse HTTP/2 is easily mistaken for a transport-layer protocol that can be swapped in with zero security implications for the website behind it. Two years ago, I p...
Burnout: Can We Fix Work? | Science Vs Work can really suck. And for lots of us, burnout has been feeling especially terrible. This week, we dive into how burnout messes with our brains and bodies, and we find out whether working from home is making things worse. Plus: Could the four-day workweek be the key to fixing our jobs? We speak to neuroscientist Professor Wendy Suzuki, economist Professor Nick Bloom, and Dr. Alex Pang.
How This All Happened · Collaborative Fund — www.collaborativefund.com
This is a short story about what happened to the U.S. economy since the end of World War II. That’s a lot to unpack in 5,000 words, but the short story of what happened over the last 73 years is simple: Things were very uncertain, then they were very good, then pretty bad, then really good, then really bad, and now here we are. And there is, I think, a narrative that links all those events together. Not a detailed account.