Issue #100
Read about infrastructure and programming topics and news every week
Courtesy of Giorgio Trovato - Unsplash
We have reached issue number 100! Thanks to my friends and other folks from the Internet following this newsletter.
Kubernetes 1.31 Arrives with New Support for AI/ML, Networking
This release brings a standard API for ML.
https://thenewstack.io/kubernetes-1-31-arrives-with-new-support-for-ai-ml-networking/
IntelOwl: Open-source threat intelligence management
“In late 2019, I faced a significant challenge while working as a cybersecurity analyst in a Security Operations Center (SOC). Our team was severely understaffed yet inundated with security alerts and incidents. The workload was overwhelming, leading to burnout. Recognizing the need for a solution, we searched for a tool to automate our most common workflows, particularly in threat intelligence data extraction and analysis. However, no existing open-source tool met all our requirements, so we decided to create one from scratch,” Matteo Lodi, the creator and maintainer of IntelOwl, told Help Net Security.
https://www.helpnetsecurity.com/2024/08/14/intelowl-open-source-threat-intelligence-management/
CVE-2024-7646 ingress-nginx controller
CVE-2024-7646 is a critical vulnerability in the ingress-nginx controller for Kubernetes. It allows attackers to bypass annotation validation, leading to potential unauthorized access to sensitive resources within a cluster. The flaw involves improper validation of annotations on Ingress objects, enabling command injection. This vulnerability affects all versions prior to v1.11.2 and poses significant risks, especially in multi-tenant environments. Mitigation steps include upgrading to the latest version, auditing Ingress objects, and enforcing strict RBAC policies.
243 | Breaking Analysis | Assessing Broadcom VMware Eight Months On
Piraeus HA Controller
This controller, used in conjunction with the Piraeus Operator, can reduce a failover (i.e. a node went down) from 15 minutes to few seconds.
https://github.com/piraeusdatastore/piraeus-ha-controller
Linstor Documents
Piraeus Operator is based on Linstor which has its own operator but it is used mostly by commercial customers. Still, it has many information on Linstor and Piraeus documentation is assuming that you know about Linstor.
https://linbit.com/drbd-user-guide/linstor-guide-1_0-en/#p-linstor-introduction
There are several integrations including create Proxmox volumes on Linstor: https://linbit.com/drbd-user-guide/linstor-guide-1_0-en/#ch-proxmox-linstor