Issue #75
Read about infrastructure topics and news every week
Nexteam is sponsoring this newsletter. I am looking for a new sponsor.
Courtesy of r/networkingmemes
Containerlab
It reminds me of GNS3 but it uses containers. Nice.
Deep Dive — Inspect Deployment Network Traffic in Kubernetes
https://jysk.tech/inspect-deployment-network-traffic-in-kubernetes-8a348110df4d
NixThePlanet
This is a Nix flake that allows you to run medieval operating systems, some new and some old.
https://github.com/MatthewCroughan/NixThePlanet/
pfSense Makes no Sense
If you want to hear some crazy behaviour from Netgate, listen to this and many other nice information about self-hosted topics.
FrankenPHP
A new PHP server based on GOlang and Caddy.
What are Terraform stacks and what are their benefits?
If you are a Terraform power user you probably have a script wrapping Terraform so you have stacks (or multiple Terraform projects). Now it seems that Terraform is supporting, which is quite nice but at the moment it seems that there is only a preview on Terraform Cloud. I have a feeling that there will be more and more Terraform features only available to Terraform Cloud subscribers.
https://www.hashicorp.com/blog/terraform-stacks-explained
The Supabase Album
If you are building something and you need a futuristic and inspiring soundtrack.
A Sneak Peek Into the State of PostgreSQL 2023
I see that the highest usage percentage is in Europe. The biggest users are developers. The most used plugin is Postgis.
https://www.timescale.com/blog/a-sneak-peek-into-the-state-of-postgresql-2023/
Zero downtime Postgres upgrades
A tale of how Knock has made a major database update without downtime.
https://knock.app/blog/zero-downtime-postgres-upgrades
45homelab
From 45Drives, a new home lab server.
Rust Vs Go: A Hands-On Comparison
A comparison between the best two system programming languages.
https://www.shuttle.rs/blog/2023/09/27/rust-vs-go-comparison
River: a Fast, Robust Job Queue for Go + Postgres
Introduced just last month, River is an open-source job queue “for building fast, airtight applications” that’s written in Go and takes advantage of generics.
Solomon Hykes Discusses Dagger, DevOps, and Docker
https://www.infoq.com/podcasts/dagger-devops-docker/
Ubuntu Confidential VMs on Azure: Introducing Ephemeral OS disks & vTPMs
Canonical is enhancing confidential computing on Microsoft Azure with ephemeral OS disks for Ubuntu confidential VMs (CVMs). This feature allows storing VM disks on the VM's OS cache or temp/resource disk, eliminating the need for remote Azure Storage. It introduces a Virtual Trusted Platform Module (vTPM) that resets each reboot, supporting a stronger remote attestation process and reducing cloud infrastructure reliance.
Confidential computing protects sensitive workloads in hardware-protected environments (TEEs). It employs technologies like AMD SEV-SNP and Intel TDX for confidentiality and integrity. Despite these advancements, verifying cloud provider deployment in genuine hardware TEEs remains challenging. Traditional attestation methods cover only initial software loads, not the entire guest OS or user workloads, limiting their effectiveness.
Canonical's solution addresses this by using ephemeral OS disks operated by a stateless ephemeral vTPM, which generates new cryptographic material at each boot. This approach suits stateless workloads that don't depend on persistent cloud storage and can handle VM failures.
This development marks a significant step in enhancing CVM attestation, focusing on transparency and overcoming confidential computing challenges, with further advancements expected in the future.
https://ubuntu.com//blog/ephemeral-ubuntu-confidential-vms-azure
Updated Debian 12: 12.4 released
https://www.debian.org/News/2023/20231210
OpenSSH 9.6 released!
https://undeadly.org/cgi?action=article;sid=20231219122431
Newsletter sponsor: Nexteam
Technology, Experience, Delivered.
Thanks for reading the Infra Weekly Newsletter! Subscribe for free to receive new posts and support my work.