Fedora

On public TLS certificates lifetime

September 13, 2020

On September 1st, 2020, the maximum lifetime of TLS certificates signed by Public Certificate Authority got reduced to 13 months. How did we arrive here, and what’s to come? Let’s start from understanding who decides the maximum lifetime of certificates and many other limitations around them. Who decides the TLS certificate guidelines Ultimately, the client (often a browser or an operating system) identifies the certificate as trustable or not (based on the CA that signed it as well as many other parameters), so the client can decide which parameters to look for and which values are acceptable and which are not.

Read More

KubeCon + CloudNativeCon Europe 2020

August 20, 2020

This year I managed to partecipate to KubeCon + CloudNativeCon Europe 2020. As you can imagine, the conference did not happen in real life, but it was converted to an online conference. More virtual conferences I attend to, more I understand the limits and the advantages of them compared to real conferences. In this particular conference, I realized that one of the biggest problems I have with virtual conferences is that, during the conference, the conference events and talks add to your usual events and meetings, making it impossible to follow all events you wanted to follow.

Read More

Fedora Nest 2020

August 10, 2020

This year Flock did not happen due to COVID-19, and in its place, Fedora Nest happened. After many events I’ve seen going virtual in the last few months, I was skeptical. I was yet to see an acceptable online platform to run events. I was wrong on the platform. Fedora Nest used Hopin , which is by far the best platform for events I’ve seen so far. Don’t get your expectations too high, though, because when I say the best one I’ve seen so far, only means that it is usable, and it does not mean in any way that is on par of real conferences.

Read More

A website with no cookies

July 19, 2020

Today I did a big update to this website. The goal of today’s update is the removal of Disqus. I have decided to remove Disqus more than a year ago, with the decision to remove all cookies from this website. The plan was to remove both Google Analytics and Disqus since those were the only two reasons this website was distributing cookies. I removed Google Analytics in June 2019, and now I’ve removed Disqus, so this goal has now been achieved.

Read More

ARM everywhere

June 25, 2020

In the last couple of months, we have seen a lot of news around ARM. More specifically, the most relevant ones, in my opinion, are (sorted by date): On May 11, AWS announced the availability of new instance types (M6g, C6g, R6g) based on Graviton2 , a new version of their in-house developed ARM processor On June 17, Ampere announced a 128 core ARM processor that will be added to their current line (that includes 32, 48, 64, 72, 80 cores ARM CPUs) On June 22, was made public that Fugaku, an ARM-based supercomputer, is the most potent publicly disclosed supercomputer On June 22, Apple announced that Macs will move to ARM Those pieces of news demonstrate how much the processors’ landscape is changing, and how fast the rate of change is.

Read More

Practical Ansible 2

Published on June 5, 2020
Authored by Daniel Oh, James Freeman, Fabio Alessandro Locati
Published by Packt Publishing Limited

Ansible enables you to automate software provisioning, configuration management, and application roll-outs, and can be used as a deployment and orchestration tool. While Ansible provides simple yet powerful features to automate multi-layer environments using agentless communication, it can also solve other critical IT challenges, such as ensuring continuous integration and continuous deployment (CI/CD) with zero downtime. In this book, you’ll work with Ansible 2.9 and learn to solve complex issues quickly with the help of task-oriented scenarios.

Read More Buy it on Packt Buy it on Amazon

GDPR - 2 years later

May 25, 2020

As it is becoming a sort of tradition, here we are, after two years from the enactment of GDPR to see how it performs in the real world. In our previous yearly check, we analyzed the situation from two points of view: the banners and the fines. Let’s see how those two topics have evolved in the last year. The Cookie Banners On the 1st of October 2019, with the judgment in case C-673/17 , the European Union Court of Justice clarified that pre-ticketed consent checkboxes are not sufficient since the consent has to be expressed actively by the user.

Read More

Why I switched to systemd-resolved

April 15, 2020

Yesterday, a controversial proposal got posted in the Fedora Devel mailing list: enable systemd-resolved by default. I see this change favorably since I already enabled it a few weeks ago, and I find it a very sensible option. First, I have to admit that I see systemd and its mission of standardizing the core of the Linux user-space very favorably. At the current level of evolution of Linux, over time, this standardization and consistency will pay off much more than other alternatives.

Read More

VPN with NAT in Google Cloud

March 1, 2020

Google Cloud provides the capability of terminating a VPN connection with a VPN Gateway. The problem is that the VPN Gateway - at the moment - is relatively limited in capabilities. One of the missing capabilities I would have liked to see implemented is the NAT capability. VPNs can be used to connect the machines of two different parties. Although this is usually not the best architectural pattern, since a connection on the public internet encrypted at the Transport Layer is often a better option, it’s relatively common in more legacy environments.

Read More

FOSDEM 2020

February 2, 2020 - Bruxelles, BE

This year, as it has happened for the last few years, I’ve been at FOSDEM. As always, I’ve enjoyed it a lot, and that’s why I continue to go there, and every time I have to suggest other people which events to attend in Europe, I always mention FOSDEM as the main event. I think it’s fascinating to see how room sizes and crowdedness of the rooms changes over time. Years ago, the container-related rooms (containers, container security, Go) were relatively small, but already crowded, and over the years, the rooms got bigger and bigger.

Read More