Makura no Soshi

On microservices and containers …

• Modules, monoliths, and microservices – Avery Pennarun
  Module boundaries and service boundaries are two different things.
• STOP!! You don’t need Microservices. – Ebin John
  Having seen microservices playing the role of both the protagonist and the antagonist, I exhort myself to be the devil’s advocate. If you’re an architect or a designer who is leaning towards microservices as a default architecture, I urge you to bite the bullet and ask a few questions to yourself.
• The Business Executive’s Guide to Kubernetes – Jessie Frazelle
  I thought it would be fun to write a post aimed towards business leaders making technology decisions for their organizations. There is a lot of hype in our field and little truth behind the hype.
• What is a container? – Marc’s Blog
  When you use the word container, consider whether your audience is using the same definition as you.
• Docker vs. containerd vs. Nabla vs. Kata vs. Firecracker: Welcome To The Container Jungle! – Simon Kienzler
  In this blog post, we compare more than ten container runtimes and classify them based on standards like OCI, Kubernetes’ CRI and CNI.
• OCI Image Layout – Batuhan Apaydin
  A container image is nothing magical—it’s just a packed directory structure, much like a good old tar archive.

On Linux and WSL …

• Sorting out what the Single Unix Specification is and covers – Chris Siebenmann
  For most purposes, then, I can just talk about ‘POSIX’ or ‘Single Unix Specification’ interchangeably, which is somewhat different than how I used to think it was.
• Pragmatic Debian packaging (2019) – Vincent Bernat
  Building Debian packages with the official tools can become straightforward if you bend some rules.
• Major Linux Problems on the Desktop, 2023 edition – Artem S. Tashkinov
  In this regularly but rarely updated article, which is without doubt the most comprehensive list of Linux distributions’ problems on the entire Internet, we only discuss their main problems and shortcomings […]
• Why I Will Never Use Alpine Linux Ever Again – Martin Heinz
  There are plenty of reasons why you should not use Alpine for your container images, some of which can cause you great amount of grief…
• Windows for Linux Nerds – Jessie Frazelle
  I am super excited about Windows Subsystem for Linux. It is one of the coolest pieces of tech I’ve seen since I started using Docker.
• Windows Subsystem for Linux: The lost potential – Julio Merino
  WSL 2 “throws away” all of the Linux subsystem parts […] What this means is that the beauty of the WSL 1 design is gone.

Some older texts, all about blockchains …

• Bitcoin’s Academic Pedigree – ACM Queue, Arvind Narayanan and Jeremy Clark
  The concept of cryptocurrencies is built from forgotten ideas in research literature.
• Git, PGP, and the Blockchain: A Comparison – Netfuture, Marcel Waldvogel
  An attempt at technological genealogy.
• XML, blockchains, and the strange shapes of progress – apenwarr
  XML solved syntax, which turned out not to be the problem. Blockchains [purport to] solve centralization, which will turn out not to be the problem. But they do create the incentive to slash and burn and invest a lot of money hiring consultants.
• 10 years of… whatever this has been – apenwarr
  I forgot one essential reason bitcoin has survived: Because people really, really, really want it to.
• Ten years in, nobody has come up with a use for blockchain – Kai Stinchcombe
  After years of tireless effort and billions of dollars invested, nobody has actually come up with a use for the blockchain—besides currency speculation and illegal transactions.
• Cryptocurrency is an abject disaster – Drew DeVault
  Cryptocurrency has invented an entirely new category of internet abuse.

I still keep a rather old PGP key around, and I have extended its lifetime by changing its expiry date. Something I would not recommend, because everyone with an old copy of the key in their keyring gets an “expired” warning or error.

Read the rest of this entry »

For an easy way to lookup a domain’s SMTP TLS Reporting Policy try my nice MTA-STS Policy Viewer.

After writing the first notes on SMTP TLS Reporting I thought it would be nice to see all setting on one page, without using multiple tools and lookups for DNS and HTTPS data. The first iteration was a shell script, and the second iteration was a Python function. With some more fiddling I set it up as a Google Cloud Function, with a simple web frontend.

The SMTP standard is just as ubiquitous as it is ossified and hard to change. Thus all newer RFCs follow similar patterns of a) adding optional extensions and b) providing feedback loops to detect usage, problems, and abuse of these extensions.

One more recent extension tries to enforce TLS transport between mailservers. This sounds very simple (and would be very simple if one could change the SMTP standard to require TLS), but is not trivial when compatibility is necessary and all TLS policies are “opt-in”.

Read the rest of this entry »

On Open Source and AWS …

• research!rsc: Our Software Dependency Problem – Russ Cox
  Software dependencies carry with them serious risks that are too often overlooked.
• What comes after “open source” – Steve Klabnik
  Software licenses can only restrict what people can do when they distribute the source code, and that’s it. It cannot force someone to have a bug tracker, or a code of conduct, or accept your patch.
• The Cloud and Open Source Powder Keg – Stephen O’Grady, RedMonk
  The Amazon and Elastic controversy is the product of a collision of models.
• The problem with Amazon and Open Source isn’t Amazon – VM (Vicky) Brasseur
  These projects are not being relicensed to protect them from Amazon. Claiming that they are is at best naive and at worst wilfully lying.
• The Complicated Economy of Open Source Software – Daniel Oberhaus, VICE
  A look at the complicated business of funding open source software development.
• AWS Ruins Own Attempt at Sabotage – Corey Quinn
  AWS has now found themselves in the headlines again for an unforced error that makes anyone with other job options reconsider accepting an offer—or even interviewing at AWS at all.

More on programming …

• The Lines of Code That Changed Everything, Slate
  To shed light on the software that has tilted the world on its axis, the editors polled computer scientists, software developers, historians, policymakers, and journalists. They were asked to pick: Which pieces of code had a huge influence? Which ones warped our lives?
• UTC is Enough for Everyone, Right? – Zach Holman
  Programming time is pretty weird. It can sometimes make you feel week in the knees, and very days and confused about how it all fits together. But watch it: this is hour burden to bear, and we can’t just let it past us over.
• So you want to be a wizard – Julia Evans
  This zine is about what the skill of “figure it out anyway” looks like.
• In space, no one can hear you kernel panic – Glenn Fleishman, Increment
  When you’re millions of miles from home, it’s hard to install an operating system update—but not impossible.
• Programmer’s critique of missing structure of operating systems – Bystroushaak
  As I was thinking about it, I’ve realized that architecture of the operating system itself is wrong for this kind of job. The stuff it offers and the stuff it allows us to do, is not what we want and expect. […] How about we take away all the weird string formats, whether it’s passing command line parameters when launching programs or communication in between the programs, and replace them with a concise, easy-to-write language for structure definitions?
• Programming for Everyone, Everyone’s a Programmer? – Observations from Uppsala
  It is probably good to be able to do a little bit of it at home for household needs. But don’t equate that to the professional development of industrial-strength software.