• images
  • 10:55 am
  • images
  • No Comments.

Linuxfest Northwest Trip Report

Last weekend, my two oldest kids and I attended the 2018 Linuxfest Northwest conference in Bellingham, WA. The best way I would describe the experience was that I worked at reducing the size of my Third Order Ignorance. Here is a brief summary of the talks I attended and the things I learned that I didn’t know that I didn’t know.

Saturday

Harness the power of Kubernetes – Application deployments can grow inside Kubernetes to the point where simple compositions are not capable of knowing what all the dependencies are. (Think hundreds of micro-services) A Service is a concept in Kubernetes created to handle this. So one service can discover and use another without being composed together in advance. IBM provided a few demos to walk through this. We overwhelmed the conference WiFi and so it was clear we would not get to debugging Kubernetes and the cooler parts of Istio so I left early.

Visual Studio and VS Code for Linux C/C++ development – Microsoft’s Visual Studio and VS Code have tight integration with cmake and gdb. Gdb in particular happens over ssh so can remotely debug.

Orchestrating Multi-service Applications on Kubernetes – For Kubernetes deployments that need access to service outside of Kubernetes, Automation Broker allows you to mange these service from within your cluster.

Moving Forward with Firewalld – Redhat has a new iptables wrapper called firewalld, similar to ubuntu’s ufw.

Sunday

Why We Can’t Have Nice Things – Noah is an interesting guy. I learned about SaltStack along the way as a tool to manage updates. Noah forked a repo with lots of information about it.

Hybrid multi-cloud infrastructure as code using Terraform – Think of Terraform as a generalization of the platform specific deployment solutions. (think Azure Resource Manager Templates) So now I can deploy my solution to any cloud and an adapter will make the necessary translations to make that happen.

Securing Docker on the Cheap – Part 1, 2 & 3 – There is a docker registry called Quay that will automatically scan your container for security vulnerabilities using Clair. Security is a money maker (something people are willing to pay for) so most open source solutions are hard to use and have paid versions that are much easier to operate. Sysdig spews a tons of data that Falco (think snort for sysdig logs) can analyze of security issues.