Language Selection

English French German Italian Portuguese Spanish

Cilium 1.0.0-rc4 Released: Transparently Secure Container Network Connectivity Utilising Linux BPF

Filed under
Linux
OSS

Cilium is open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes. Cilium 1.0.0-rc4 has recently been released, which includes: the Cloud Native Computing Foundation (CNCF)-hosted Envoy configured as the default HTTP/gRPC proxy; the addition of a simple health overview for connectivity and other errors; and an improved scalable kvstore interaction layer.

Microservices applications tend to be highly dynamic, and this presents both a challenge and an opportunity in terms of securing connectivity between microservices. Modern approaches to overcoming this issue have coalesced around the CNCF-hosted Container Network Interface (CNI) and the increasingly popular "service mesh" technologies, such as Istio and Conduit. According to the Cilium documentation, traditional Linux network security approaches (such as iptables) filter on IP address and TCP/UDP ports. However, the highly volatile life cycle of containers and IP addresses cause these approaches to struggle to scale alongside the application as the large number of load balancing tables and access control lists must be updated continually.

Read more

More in Tux Machines

Five-Way Linux OS Comparison On Amazon's ARM Graviton CPU

Last month Amazon rolled out their "Graviton" ARM processors in the Elastic Compute Cloud. Those first-generation Graviton ARMv8 processors are based on the ARM Cortex-A72 cores and designed to offer better pricing than traditional x86_64 EC2 instances. However, our initial testing of the Amazon Graviton EC2 "A1" instances didn't reveal significant performance-per-dollar benefits for these new instances. In this second round of Graviton CPU benchmarking we are seeing what is the fastest of five of the leading ARM Linux distributions. An Amazon EC2 a1.4xlarge instance with 16 cores / 32GB RAM was used for this round of benchmarking across the five most common ARM Linux distributions that were available at the time of testing on the Elastic Compute Cloud. The tests included: Amazon Linux 2 - The reference Amazon Linux machine image with the Linux 4.14 kernel and GCC 7.3. Read more

Take a swim at your Linux terminal with asciiquarium

We're now nearing the end of our 24-day-long Linux command-line toys advent calendar. Just one week left after today! If this is your first visit to the series, you might be asking yourself what a command-line toy even is. We’re figuring that out as we go, but generally, it could be a game, or any simple diversion that helps you have fun at the terminal. Read more

Photography and Linux

So, as you can see, except for the printing step, pretty much the whole workflow is handled very easily by Linux and open-source photography software. Could I have done the whole thing in Linux? Yes and no. Depending on your printing needs, you could forego the printer entirely and use a local professional printing service. Many of those shops use the ROES system for the uploading and management of images to be printed. The ROES client is written in Java and is compatible with Linux. If you invest in a large format printer, you may have to investigate using a solution similar to what I have set up. Open-source software RIPs exist, but they have not been updated for more than a decade. Some commercial Linux solutions are available, but they are prohibitively expensive. Read more

Linux 3.18.130

I'm announcing the release of the 3.18.130 kernel. All users of the 3.18 kernel series must upgrade. The updated 3.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... Read more