All of this adds a bit of complexity to the services we write, which it would be nice to avoid. It also adds to the attack surface: privilege dropping code has been a source of vulnerabilities, notably on a couple of occasions in Bash. Avoiding writing it at all, or at least delegating it to other software with more testing than our own, would be good.

A number of years ago we started the Discoverable Partitions Specification which defines GPT partition type UUIDs and partition flags for the various partitions Linux systems typically deal with.

This is a virtual kubelet provider that uses systemd as its backend. Every Linux system has systemd nowadays. By utilizing K3s (just one Go binary) and this virtual kubelet you can provision a system using the Kubernetes API. The networking is the host's network, so it make sense to use this for more heavy weight (stateful?) applications. The filesystem is semi hidden, but emptyDir and the like works.

Using Linux & bumped into journald? Learn what it is, what are its benefits & more. We also analyze the journald vs syslog battle (see why journald wins!)

On any server, the logs can start to add up and take considerable amount of disk space. Systemd conveniently stores these in /var/log/journal and has a systemctl command to help clear them. Take this example: $ du -hs /var/log/journal/ 4.1G /var/log/journal/ 4.1GB worth of journal files, with the oldest dating back over 2 months. $ …

In fact I don’t, I’m just using Docker to create a Docker image, which I will export to a tar and use as a base filesystem for my container

Systemd is in all the major distributions nowadays and there is a lot of ways you can take advantages of it. It provides an easy way to manage your system and…