Resource monitor that shows usage and stats for processor, memory, disks, network and processes.

Install Kubeadm to Configure Multi Nodes Kubernetes Cluster.

For IPTables, Kubernetes v1.15 has not supported IPTables version 1.8 yet now (Aug 2019 now), so switch to IPTables Legacy on Debian 10.

The first of McIlroy's dicta is often paraphrased as "do one thing and do it well", which is shortened from "Make each program do one thing well. To do a new job, build afresh rather than complicate old programs by adding new 'features.'"

McIlroy's example of this dictum is:

Surprising to outsiders is the fact that UNIX compilers produce no listings: printing can be done better and more flexibly by a separate program.

If you open up a manpage for ls on mac, you’ll see that it starts with

ls [-ABCFGHLOPRSTUW@abcdefghiklmnopqrstuwx1] [file ...]

That is, the one-letter flags to ls include every lowercase letter except for {jvyz}, 14 uppercase letters, plus @ and 1. That’s 22 + 14 + 2 = 38 single-character options alone.

I recently asked our writer community to share with us what they're reading. These folks come from all different walks of life and roles in tech. What they have in common is that they are living and breathing Linux and open source every day.

Drink in this fantastic list. Many of them are free and available to download.

You may see books you've been meaning to get around to, books that are completely new to you, and some that feel like old friends.

One of the things that makes the shell an invaluable tool is the amount of available text processing commands, and the ability to easily pipe them into each other to build complex text processing workflows. These commands can make it trivial to perform text and data analysis, convert data between different formats, filter lines, etc.

When working with text data, the philosophy is to break any complex problem you have into a set of smaller ones, and to solve each of them with a specialized tool.

Linux Kernel Teaching

This is a collection of lectures and labs Linux kernel topics. The lectures focus on theoretical and Linux kernel exploration.
https://linux-kernel-labs.github.io/refs/heads/master/index.html

Once in a while a new program really surprises me. Reminiscing a while
ago, I came up with a list of eye-opening Unix gems. Only a couple of
these programs are indispensable or much used. What singles them out is
their originality. I cannot imagine myself inventing any of them.

fail2ban is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses iptables profiles to block brute-force attempts:

Meld is a visual diff tool that makes it easier to compare and merge changes in files, directories, Git repos, and more.

As we can see the default Linux disk encryption implementation has a significant impact on our cache latency in worst case scenarios, whereas the patched implementation is indistinguishable from not using encryption at all. In other words the improved encryption implementation does not have any impact at all on our cache response speed, so we basically get it for free! That’s a win!

Pipes are cool! We saw how handy they are in a previous blog post. Let’s look at a typical way to use the pipe operator. We have some output, and we want to look at the first lines of the output. Let’s download The Brothers Karamazov by Fyodor Dostoevsky, a fairly long novel.

SSH is a powerful tool which often grants a lot of access to anyone using it to log into a server. In this post, I’m going to talk about a few different ways that you can easily improve the security of your SSH model without needing to deploy a new application or make any huge changes to user experience.

This article is about how pipes are implemented the Unix kernel. I was a little disappointed that a recent article titled “How do Unix pipes work?” was not about the internals, and curious enough to go digging in some old sources to try to answer the question.

he /sbin/mount.nfs helper program is provided by nfs-common. You can install it with:
sudo apt install nfs-common

sudo mount 192.168.1.5:/home/shared /mnt/common

JetBrains Mono is a new font designed especially for coders and developers. The lowercase characters are taller than the ones in other monospace fonts, improving readability.

The specific use case for a vTPM on vSphere is to support Windows 10 and 2016 security features. The HTML5 UI is designed with this in mind. Enablement of VBS does not require a vTPM.

Enablement of vTPM for any VM other than Windows 10 and 2016 is done via API. More on that in the future.

Let’s get a question I get asked about out of the way up front.

“Does this mean I can run Bitlocker on a Windows VM now?!”

Well, technically, all the parts are now there to run Bitlocker but I have to ask “Why??”. Remember, in order to enable vTPM you have to already have VM Encryption!

This means you already have a virtual machine encryption solution that’s easy to manage and works for every virtual machine that’s supported on vSphere, regardless of the guest operating system. Not to mention, you don’t have to manage the encryption “in guest” which lowers your overall workload significantly. #NoSecuritySnowflakes

If you want to test software which exploits TPM 2.0 functionality inside the qemu-kvm emulator, this can be challenging because the software stack is still quite new. Here is how I did it.

To login to the vm run: virsh console test
Please then complete the following steps:
dhclient should get an address for the vm
dnf install tpm2-tools tpm2-tss tpm2-abrmd

Then run the abrmd as root:
/usr/sbin/tpm2-abrmd --allow-root &

You should now be able to query the tpm with a command such as tpm2_pcrlist

• Edit /etc/systemd/logind.conf file:
• Find text #HandleLidSwitch=suspend
• Change suspend to ignore and remove the #
• Save file with changes

In this tutorial, learn to manage the persistent network configuration of your Linux host. Learn to:

• Understand basic TCP/IP host configuration.
• Configure Ethernet and wifi networks using Network Manager.
• Understand systemd-networkd.