CNW #7: Patterns of Distributed Systems & Go features I like
Patterns of Distributed Systems, Holistic view on infrastructure when you start a new project as consultant, Some critical vulnerabilities in container ecosystem, Why I like Go so much?
Dear Readers,
We have crossed over 100 subscribers now and looking forward to bringing more useful and engaging content that adds value to your time. Thanks for subscribing to this newsletter. I would love to get your feedback so that I can provide more relevant content to you.
Recommended Reading
Patterns of Distributed System
We all use distributed systems every day in modern software architecture. This article written by Unmesh Joshi discusses various design constructs that are already being used by popular projects such as a database using Write Ahead Logs for reliably storing and reconstructing data in case of a failure. Patterns are repetitions of proven solutions in the software architecture to build new components. Interestingly, the remix of multiple patterns brings up new patterns and innovations. I have provided the links to the patterns discussed in the main article by the author.
“If I have seen further, it is by standing on the shoulders of giants.” - Sir Isaac Newton
Patterns
What to look for When Reviewing Company’s Infrastructure?
Marco Lancini has put in-depth thoughts on various aspects of Infrastructure from the consultant’s point of view. It provides a set of questions that you can ask particularly when you are new to an IT environment. How do you prioritize stuff? How do you audit? What tools you can utilize? Have a read, surely an article you can always keep as a bookmark.
:: Dirty Pipe Linux Vulnerability ::
Dirty Pipe vulnerability is a flaw in the Linux kernel that allows an unprivileged process to write to any file including the files to which the unprivileged process doesn’t have access. An example could be /etc/passwd, where you can overwrite the root’s credential and use it to become the root user. A lot of Linux kernels are impacted by this critical vulnerability. A system is likely to be vulnerable if it has a kernel version higher than 5.8, but lower than 5.16.11, 5.15.25, or 5.10.102. Datadog has shared a POC demoing a breakout to root from the container environment exploiting this vulnerability. Deploy a defense-in-depth strategy to protect your workload from such vulnerabilities.
On a similar line, there is another critical vulnerability dubbed cr8escape in CRI-O impacting container workload disclosed recently by Crowdstrike. Again, strengthens the narrative of putting the defense in depth.
Why I like Go so much (With examples)?
Good for beginners if you haven’t explored why Golang has got so much popularity in recent years.
Interesting Projects
Litmus Chaos — How do you test that your cluster is production-ready? How do test the reliability of your Kubernetes cluster and application deployed on Kubernetes? For all these answers, you have to run a load test and try to fail your cluster with possible failure scenarios by using Chaos engineering principles. Litmus project has a variety of experiments in their hub which can be used to simulate chaos.
Cloud Native Jobs
Lummo - Platform Engineers (SDE2, SDE3), Remote, 100% cloud native stack. Reach out to me if you need more information about these open roles.
kube.careers - Well-curated collection of Kubernetes / Cloud Native jobs.
If you are looking to advertise jobs or projects in this newsletter, let’s talk.