DevOps Engineer, Husband & Dad
Claudio Kuenzler: In the past 20 years we have moved from SSL to TLS (yet we’re still talking about SSL certificates, funny isn’t it). According to Wikipedia’s Transport Layer Security page, this is the release history: SSL 1.0 -> Never officially released due to security flawsSSL 2.0 -> 1995, deprecated in 2011SSL 3.0 -> 1996, deprecated […]
One of my New Year’s resolution was to get back a bit closer to the lower level parts of Linux. And what’s there lower than the kernel itself? I always preferred vanilla kernel, even when I was fooling around with Gentoo, and this hasn’t changed. In December I started with preparing first builds. Nothing too […]
Not long ago I wrote about backporting BCC & bpftrace in Ubuntu with focus on bionic (18.04 LTS). With this new release, there’s a lot of going on: release notes. I “backported” this one already into my PPA. On that note, I did drop support for the disco (19.04) and added support for the upcoming […]
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. That’s the essence of the CVE-2019-20372. Yet again, as I mentioned in my NGINX Extended post I was not going to work […]
I’m following Brendan Gregg’s performance-related content for years now. I started when he was still in Joyent, later on I bought his Systems Performance book and I get back to it whenever I’m doing any profiling. Now I follow closely all of the latest work he’s doing on BPF front. There’s a small problem though. […]
I already briefly wrote about the idea of having dynamically discoverable upstreams in NGINX when I covered the topic of NGINX Extended. With the boom of microservices and containers scattered all over the place there was suddenly a need for something that would serve as a single source of truth. When solutions like Mesos/Marathon or […]
Backups are one of those things that are usually afterthought. Maybe reason for that was a bit too much of necessary configuration or not enough sensible default choices to fit the bill in the older apps I’ve been trying. Either way — this small, single-binary go application simply nails it. All backups are automagically encrypted […]
One of the things I really love about Mac is the availability of the nifty small utilities that aim at solving one problem and doing it right. Maybe it’s simply my admiration of UNIX philosophy. I’m an avid Last.fm user and I stumbled upon NepTunes while looking for something integrating iTunes with it. With the […]
Ansible 2.9 “Immigrant Song” has just been released. Back in May I already mentioned how slowly but surely Ansible won my heart and I must admit that I’m constantly impressed with what can be done with this tool. It’s a huge release yet again, but there are no major changes — which is good. It […]
I’ve been playing Ni no Kuni II: Revenant Kingdom for a while now and I still think it’s the best RPG I played in years. I’m also a big fan of Studio Ghibli and while NNKII wasn’t done in collaboration, the style and inspiration is clear. Some time ago I received as a gift Ni […]