Issue #52
Read about infrastructure topics and news every week
Courtesy of Unsplash
Nexteam is sponsoring this newsletter. Please tell your friends and colleagues about this publication. Thank you.
When should you use K3s vs. MicroK8s?
Looking for an efficient, user-friendly alternative to traditional Kubernetes? Compare the popular lightweight distributions K3s and MicroK8s to decide which is best for you.
https://www.techtarget.com/searchitoperations/answer/When-should-you-use-K3s-vs-MicroK8s
Linux 6.5 Slated To Add Provisioning Primitives For Thinly Provisioned Storage
Another feature scheduled to be sent in for the upcoming Linux 6.5 kernel merge window is introducing support for provisioning primitives for thinly provisioned storage with the Device Mapper (DM) code.
https://www.phoronix.com/news/Linux-65-Provisioning-Primitive
Linux 6.5 Adding Support For NCT6799D Sensors Found In Various Newer Motherboards
https://www.phoronix.com/news/Linux-6.5-NCT6799D
So You Want to Run Kubernetes On Bare Metal
Why you may want to run your Kubernetes clusters on bare metal, plus key considerations and best practices for doing so.
https://deploy.equinix.com/blog/guide-to-running-kubernetes-on-bare-metal/
Day-2 Operations
https://about.gitlab.com/solutions/day-2-ops/
Hypervisor Vulnerabilities and Some Defense Mechanisms, in Cloud Computing Environment
When running VMs in multitenant environments your VM can be hacked by other malicious users running in another VM. Read this PDF to know how to harden a system from this kind of attack. It is a PDF.
https://www.ijitee.org/wp-content/uploads/papers/v10i2/B82621210220.pdf
Life of a DevSecOps Engineer (w/ Aras "Russ" Memisyazici)
An introduction to DevSecOps. There are tips on how to get into this field but not about the tools he uses to add Sec in DevOps. He also talks about the 'Shared Responsibility Model'.
HIVELOCITY
HIVELOCITY private cloud can deploy directly to Proxmox and other solutions, it sounds interesting. Also, the pricing looks very good.
https://www.hivelocity.net/products/private-cloud/
New Cryptomining Protection Program offers $1 million for costly crypto mining attacks
New GCP initiative to help customers victims of crypto mining attacks.
North Korea Hackers and Crypto
North Korean hackers have stolen more than $3 billion in crypto over the last 5 years, and their heists are now funding fully half of its ballistic missile program.
https://twitter.com/dnvolz/status/1667890297794183172
Amazon CloudWatch Logs data protection account level policy configuration
It can be set at account level not like before where you have to set it up for each resource.
Amazon Detective extends finding groups to Amazon Inspector
https://aws.amazon.com/about-aws/whats-new/2023/06/amazon-detective-finding-groups-amazon-inspector/
Amazon GuardDuty enhances console experience with findings summary view
https://aws.amazon.com/about-aws/whats-new/2023/06/amazon-guardduty-console-summary-view/
Amazon Inspector announces the general availability of Code Scans for AWS Lambda function
https://aws.amazon.com/about-aws/whats-new/2023/06/amazon-inspector-code-scans-aws-lambda-function/
AWS Transfer Family announces quantum-safe key exchange for SFTP
Linux 6.5 To Bring Better NUMA Awareness For The NFSD/RDMA Server
The upcoming Linux 6.5 merge window, set to open next week, has already received several early pull requests. Noteworthy among these submissions are the changes to the Linux NFS server (NFSD). An important improvement in this cycle is the enhanced NUMA awareness of the NFSD and RDMA server code.
Chuck Lever from Oracle has been actively working on optimizing NUMA memory allocation for the NFS/RDMA server code. These optimizations, which have been incorporated into the svcrdma code, ensure that memory allocation for different purposes now takes place on the node closest to the underlying device.
In addition to the improved NUMA awareness for allocating pages and other objects, the NFSD code for Linux 6.5 also includes enhancements for observability and addresses a race condition related to accepting a TCP socket.
The NFSD pull request was submitted on 23 June 2023. Barring any unexpected concerns from Linus Torvalds regarding the overall stability of Linux 6.4, we can anticipate the stable kernel release to be available this Sunday, followed by the commencement of the Linux 6.5 merge window.
Ansible 8.1.0 is out
https://groups.google.com/g/ansible-announce/c/iN-qliVQTbU
pg_easy_replicate
https://github.com/shayonj/pg_easy_replicate
Newsletter sponsor: Nexteam
Technology, Experience, Delivered.
Thanks for reading Infra Weekly Newsletter! Subscribe for free to receive new posts and support my work.