Linux is my primary operating system. I used it on the servers, desktops, laptops, netbooks, and even mobile phones since approximately 1997. I’ve tried a number of distributions over the years, and even created a couple myself. I still look around sometimes to see what others are up to. But most of my machines are running some sort of Red Hat – either a quick and easy Fedora Linux, or a stable and secure Red Hat Enterprise Server, or a cheaper CentOS alternative.
And while by now I am very comfortable in the Linux environment (both graphical and command line), I still discover a lot of new and interesting things about it. When I come across something worthy, I usually share it with the rest of the Open Software world, using this category.
Fedora Magazine runs a handy article for anyone using work/corporate VPNs from a home computer – “Using the NetworkManager’s DNSMasq plugin“. This is also not the only use for the DNSMasq plugin. It comes in useful when you work local cluster setups for development or testing. Furthermore, pretty much any setup where you need to route DNS queries to different servers, this can either be used out of the box, or provide good ideas as to how to solve the problem.
“Learn Enough Docker to be Useful” is a series of articles (so far 6) that explains different parts of Docker in a very simple and straightforward way. Here are the parts so far:
There is plenty of documentation, tutorials, and guides online, explaining Docker containers, Kubernetes container orchestration, and microservices. Here are a few that I found useful for the quick and simple introduction into these technologies and how to tie them together.
Firstly, some basic 101s:
Secondly, “Introduction to Microservices, Docker, and Kubernetes” YouTube video nicely puts all the things together, with complete code and configuration examples, some glue, and extra tips.
And finally, a few bits that you might need to solve on the way, which are not necessarily related, but can throw you off:
Have fun!
It’s been a while since I had to dive into the iptables and netfilter. These days I mostly have to do some basic configuration here and there, with occasional adjustments or troubleshooting (less and less so, thanks to Amazon AWS). But if drilled on the details, I quickly lose my confidence. In an effort to refresh my memory, I looked around for a blog post or an article that is short and simple, yet deep enough for me to brush some rust of. I found “A Deep Dive into Iptables and Netfilter Architecture” very helpful.
Turns out, the bit I needed the most was this one:
Chain Traversal Order
Assuming that the server knows how to route a packet and that the firewall rules permit its transmission, the following flows represent the paths that will be traversed in different situations:
* Incoming packets destined for the local system:
PREROUTING->INPUT
* Incoming packets destined to another host:PREROUTING->FORWARD->POSTROUTING
* Locally generated packets:OUTPUT->POSTROUTING
Technical documentation is so much easier these days. I remember the old days of manual pages and HOWTO guides, and I think we’ve made a lot of progress.
“Docker and Kubernetes in high security environments” is an interesting case-study from the Swedish Police Authority, on how to setup and maintain a high security configuration of Docker and Kubernetes.
Not something that you’d think of on a daily basis, but a very handy guide for a weekend reading, or for a priority target scenario.