Beyond IP lists- a registry format for bots and agents (6 minute read)
To help website operators identify and verify bots and agents, Cloudflare is proposing a registry of bots and agents that would expand Web Bot Auth with a list of URLs where agent keys can be retrieved. The registry format would foster an open ecosystem of curators that website operators can trust.
|
BGP zombies and excessive path hunting (10 minute read)
Cloudflare is hunting "BGP zombies," which are outdated routes stuck in the Internet's Default-Free Zone (DFZ) due to issues like buggy software or slow route processing, potentially disrupting Internet traffic. When a more-specific BGP prefix is withdrawn, routers exhaustively search for the best path, called "path hunting", which can lead to the creation of these zombies. To lessen the likelihood of these zombies, Cloudflare will introduce improvements for BGP traffic forwarding internally and encourage customers to use a multi-step draining process for on-demand prefixes.
|
Prometheus native histograms in Grafana Cloud: Get more precision from your Grafana visualizations (6 minute read)
Prometheus native histograms are now generally available in Grafana Cloud, offering higher resolution and precision compared to classic Prometheus histograms. Grafana Cloud customers found that native histograms solved the issue of traditional histograms with predefined bucket boundaries by dynamically adjusting buckets and efficiently capturing distributions, with pricing structured at one active bucket multiplied by 0.25. The update directly integrates with Grafana Metrics Drilldown, automatically identifying native histogram metric types and generating corresponding queries and visualizations without needing PromQL.
|
|
4 reasons to upgrade your secret scanner (6 minute read)
Open source secret scanners are useful for basic detection but struggle with complex environments, limited coverage, and manual remediation. Commercial solutions like Vault Radar provide continuous, context-aware monitoring, automated remediation, enterprise-scale visibility, and compliance support.
|
Moving tables across PostgreSQL instances (5 minute read)
To migrate specific PostgreSQL tables between instances, native logical replication can be used instead of Google's Database Migration Service, which only supports full-database transfers. The process involves granting replication access, copying schemas without constraints, setting up publication and subscription, rebuilding indexes and foreign keys, syncing sequences, and using PgBouncer for near-zero downtime during switchover.
|
|
Formae (GitHub Repo)
Formae, a 100% code-based, agentic Infrastructure-as-Code (IaC) tool built from scratch, was designed to keep infrastructure code automatically in sync and adaptable for various team roles. Supporting GitOps without enforcing it, Formae merges changes from other tools like Terraform and ClickOps, providing a consistent, version-controlled view of infrastructure.
|
Lights Off(GitHub Repo)
Lights Off is a lightweight tool that helps reduce AWS costs by stopping EC2 instances and RDS/Aurora databases based on cron schedules specified in resource tags. The tool also allows users to trigger AWS Backup and delete CloudFormation stacks temporarily by tagging them with cron schedules.
|
|
Behind the scenes: Designing Argo CD in Octopus (4 minute read)
Octopus Deploy has introduced Early Access support for Argo CD, allowing users to combine GitOps workflows with Octopus deployment orchestration. The integration includes steps to update container images, manage manifests, map applications via annotations, connect to Argo CD instances through a gateway, and view live application status for enhanced observability.
|
How We Hijacked a Claude Skill with an Invisible Sentence (4 minute read)
Anthropic's release of Claude Skills, which allows users to package instructions, resources, and code into a shareable format, is being hailed as a potential "Cambrian explosion" of new AI capabilities. However, it has been demonstrated that a logic-based attack can bypass both human review and platform guardrails by embedding malicious instructions in a seemingly benign PDF document, leading to potential phishing attacks.
|
|
|
Love TLDR? Tell your friends and get rewards!
|
|
Share your referral link below with friends to get free TLDR swag!
|
|
|
|
|
Track your referrals here.
|
|
Want to advertise in TLDR? π°
If your company is interested in reaching an audience of devops professionals and decision makers, you may want to advertise with us.
Want to work at TLDR? πΌ
Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!
If you have any comments or feedback, just respond to this email!
Thanks for reading,
Kunal Desai & Martin Hauskrecht
|
|
|
|
