SECCLO Community

Jack Henschel | @jack@social.secclo.community

Hi, I'm Jack!
Cycling and cloud computing enthusiast currently located in Geneva, Switzerland.
Working as an OpenShift administrator at CERN.

Due to an issue in ext4 with data corruption in kernel 6.1.64-1, we are a pausing the 12.3 image release for today while we attend to fixes. Please do not update any systems at this time, we urge caution for users with UnattendeUpgrades configured. Please see bug# 1057843: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057843 https://micronews.debian.org/2023/1702150551.html?utm_source=dlvr.it&utm_medium=mastodon

What's your favorite way to install your Nextcloud instance?

Your 2023 HomeLab Unwrapped

It's a play on Spotify's unwrapped yearly event but in the tone of homelab.  It's orange and purple and has an 8 bit mouse cursor along with a windows 98 "My Computer" icon.  

 It reads:

Your 2023 Wrapped
HomeLab

• You entered 2,850 terminal commands
• 50% of them were the ⬆️‎‎‏‏‎ ‎arrow
• Your data hoarding grew by 900%
• You transferred 2,000 petabytes of data
• 25% of that was with iperf while tuning
• You whispered “Please work!” 900 times
• Only 100 were followed by “Yes!”
• You created 323 Virtual Machines
• Only 2 of those survive today
• 1 of your Docker containers has 
  been in a crash loop since 2022

There is also an image of technotim in the lower right corner.

As some of you know, our and friends is the longest-running once since the pandemic.

We're always looking for venues, speakers, and speakers. If you're interested, feel free to poke me.

For the meetup: https://www.meetup.com/grafana-and-friends-munich/

As always, boosts appreciated.

Hello World!

Hi all, we have news regarding our plans for RHEL 10, Xorg server and Wayland we want to share with you. We wrote a blog post to that end. With this, we're looking forward to continue building with the community, and gained focus, the future of Linux.

https://www.redhat.com/en/blog/rhel-10-plans-wayland-and-xorg-server

CERN is launching its Open Source Programme Office today!
https://opensource.cern

#opensource #ospo

I have some new coworkers at CERN!

Keeping the train rolling now that is over (😭​​) we've released a few more things!

First, openshift-routes v0.3.1! If you're not familiar with openshift-routes, it enables you to annotate Route resources just like you'd annotate Ingress or Gateway resources in vanilla Kubernetes!

This release also includes a Helm chart for the first time 🚀

https://github.com/cert-manager/openshift-routes/releases/tag/v0.3.1

I've been self-hosting Drone (and later Woodpecker) since 2017, now I finally made the switch to Gitea Actions - and it was pretty smooth overall!

I also took the opportunity to play around with systemd / Podman's new quadlet feature.

https://blog.cubieserver.de/2023/switching-from-woodpecker-to-gitea-actions/

#gitea #podman #quadlet

I have recently been using Vector for a couple of projects (at work & at home) and I’m really impressed! Vector is a new tool by Datadog for building powerful & flexible observability pipelines: collecting logs, processing them, generating metrics, forwarding to external systems etc.

Here’s what I like about it (compared to other tools in this space):

  • super efficient (in terms of CPU and memory usage)
  • lots of options for data sources (“inputs”) and sinks (“outputs”)
  • memory safe (written in Rust)
  • well documented
  • active community

Check out the posts on my blog for some inspiration what Vector can be used for: https://blog.cubieserver.de/tags/logs/

#vector #observability #logging #metrics

Short, honest and funny talk from SREcon23 a month ago: "That time I accidentally DDoS'd my company"

https://www.youtube.com/watch?v=kuQ93-s4SBI

Two surprising statistics:

1. More Kubernetes regressions happen because of bugfixes than because of new features
2. 90% of Kubernetes regressions appeared in _patch_ releases, not _minor version updates_

Jordan Liggitt, "Swimming with the current: make it easy to stay up-to-date"

There's a class of performance bugs that you can feel.

Today I inadvertently implemented "Schlemiel the Painter's algorithm", and it's obvious: performance was great at first, and then it gradually deteriorates.

@cks and then you run into processes that are in "D" state (uninterruptible sleep) and not even kill -9 is helping.

What a lovely error page Github has! (Also: I haven’t seen it in a long while)

Especially the recent Pod Security Standards are quite disappointing in this regard: you can warn and forbid insecure settings, but they don't help you to automatically apply these settings.

I would like something similar to #openshift Security Context Constraints: "restricted" -> your pod automatically gets a random UID, runs as non-root, does not allow privilege escalation etc.

It's really a shame that #kubernetes #security has gone the same way as systemd security: instead of having sane defaults, it's a free for all by default and you need to specify dozens of parameters to "lock down" a service.

Last week I have been playing with a new landing page for my #homelab - I landed on using https://github.com/benphelps/homepage

It’s a little more heavyweight than I’d like for a simple landing page (~100MB RAM), but the integrations (widgets, services etc.) make it worth it.

Check out the result here: https://www.cubieserver.de/

@purpleidea @cks @whack Agreed, for most cycling activities (also extended ones) platform pedals are totally fine (I did a 300km ride around the lake Vättern in Sweden with them).

At the same time, I don't want to miss having the extra security of clipless when you are properly sprinting with a road bike or coming down a mountain pass.

In both cases, you need some shoes that have a solid sole!

»