Language Selection

English French German Italian Portuguese Spanish

Server: Docker Swarm, Kubernetes, DevOps, Running Apache Cassandra on Kubernetes

Filed under
Server
  • Difference between Docker swarm and Kubernetes

    When you are on learning curve of application containerization, there will be a stage when you come across orchestration tools for containers. If you have started your learning with Docker then Docker swarm is the first cluster management tool you must have learnt and then Kubernetes. So its time to compare docker swarm and Kubernetes. In this article, we will quickly see what is docker, what is kubernetes and then comparison between the two.

  • Stop Killing Your Cattle: Server Infrastructure Advice

    If you've spent enough time at DevOps conferences, you've heard the phrase "pets versus cattle" used to describe server infrastructure. The idea behind this concept is that traditional infrastructure was built by hand without much automation, and therefore, servers were treated more like special pets—you would do anything you could to keep your pet alive, and you knew it by name because you hand-crafted its configuration. As a result, it would take a lot of effort to create a duplicate server if it ever went down. By contrast, modern DevOps concepts encourage creating "cattle", which means that instead of unique, hand-crafted servers, you use automation tools to build your servers so that no individual server is special—they are all just farm animals—and therefore, if a particular server dies, it's no problem, because you can respawn an exact copy with your automation tools in no time.

    If you want your infrastructure and your team to scale, there's a lot of wisdom in treating servers more like cattle than pets. Unfortunately, there's also a downside to this approach. Some administrators, particularly those that are more junior-level, have extended the concept of disposable servers to the point that it has affected their troubleshooting process. Since servers are disposable, and sysadmins can spawn a replacement so easily, at the first hint of trouble with a particular server or service, these administrators destroy and replace it in hopes that the replacement won't show the problem. Essentially, this is the "reboot the Windows machine" approach IT teams used in the 1990s (and Linux admins sneered at) only applied to the cloud.

  • Running Apache Cassandra on Kubernetes

    The Cassandra controller can, of course, perform operations within the Cassandra cluster. For example, want to scale down your Cassandra cluster? Instead of manipulating the StatefulSet to handle this task, the controller will see the CRD change. The node count will change to a lower number (say from six to five). The controller will get that state change, and it will first run a decommission operation on the Cassandra node that will be removed. This ensures that the Cassandra node stops gracefully and redistributes and rebalances the data it holds across the remaining nodes. Once the Cassandra controller sees this has happened successfully, it will modify that StatefulSet definition to allow Kubernetes to decommission that pod. Thus, the Cassandra controller brings needed intelligence to the Kubernetes environment to run Cassandra properly and ensure smoother operations.

    As we continue this project and iterate on the Cassandra operator, our goal is to add new components that will continue to expand the tool's features and value. A good example is Cassandra SideCar (shown in the diagram above), which can take responsibility for tasks like backups and repairs. Current and future features of the project can be viewed on GitHub. Our goal for the Cassandra operator is to give devs a powerful, open source option for running Cassandra on Kubernetes with a simplicity and grace that has not yet been all that easy to achieve.

More in Tux Machines

Netrunner Rolling 2019.04 released

Like its cousin, the Debian based version, Netrunner Rolling also ships a dark Look and Feel theme including the Kvantum theme engine. Using the Kvantum Theme engine plus the Alpha-Black Plasma Theme allowed us to create a more 3D-looking design. Moving the mouse into the lower right corner now visibly activates the “Minimize all Windows to show Desktop” function by a light glow. For those who prefer the classic look, going back to the well-known LNF is a three-button click and explained under “Tips” in our current Readme Section. Read more Also: Debian-Based Netrunner Linux Gets April 2019 Release with New Look and Feel

Android Leftovers

Server: Cloudwashing by SUSE and Openwashing by Red Hat

  • Why Hybrid Cloud is About to Get a Whole Lot Easier
    It seems like analysts, vendors and IT decision makers have been talking about “hybrid cloud” for the longest time. The concept has been around for at least a decade – and that’s a really long time in the IT industry. Is it still important? Absolutely. Almost every piece of cloud market research I read shows the majority of enterprises are focusing on a hybrid cloud strategy. Why? Because they all need increased agility, innovation and productivity, better cost optimization and improved customer experience.
  • The Open Organization guide to Red Hat Summit 2019 [Ed: The 'Open Organization' slant in Red Hat Summit 2019 with Microsoft CEO as keynote because it's all about money, not "open" or "free" (just proprietary and expensive]
    When Red Hat CEO Jim Whitehurst published The Open Organization in 2015, he didn't just release a book. He catalyzed a global conversation about the ways open principles are reshaping organizational culture and design.
  • Developing distributed applications and services for tomorrow: a proof of concept
    Innovation is accelerating across the automobile industry, bringing advances in the in-vehicle experience. Connected vehicle technologies are opening up new business models and providing a whole range of new software and data-driven services. When it comes to new software and data-driven services, the possibilities are immense. But there is one trend many use cases have in common: they are becoming more distributed. To provide a great user experience, connected in-vehicle services often need to integrate increasingly diverse data.

Security: Updates, One Year With Spectre, Purism Librem Key and Lanner’s 'Security Appliances' With Back-Doored Chips

  • Security updates for Tuesday
  • A year with Spectre: a V8 perspective
    On January 3, 2018, Google Project Zero and others disclosed the first three of a new class of vulnerabilities that affect CPUs that perform speculative execution, dubbed Spectre and Meltdown. Using the speculative execution mechanisms of CPUs, an attacker could temporarily bypass both implicit and explicit safety checks in code that prevent programs from reading unauthorized data in memory. While processor speculation was designed to be a microarchitectural detail, invisible at the architectural level, carefully crafted programs could read unauthorized information in speculation and disclose it through side channels such as the execution time of a program fragment. When it was shown that JavaScript could be used to mount Spectre attacks, the V8 team became involved in tackling the problem. We formed an emergency response team and worked closely with other teams at Google, our partners at other browser vendors, and our hardware partners. In concert with them, we proactively engaged in both offensive research (constructing proof-of-concept gadgets) and defensive research (mitigations for potential attacks).
  • The Purism Librem Key
    The Librem Key is a new hardware token for improving Linux security by adding a physical authentication factor to booting, login and disk decryption on supported systems. It also has some features that make it a good general-purpose OpenPGP smart card. This article looks at how the Librem Key stacks up against other multi-factor tokens like the YubiKey 5 and also considers what makes the Librem Key a unique trusted-computing tool. Purism is a new player in the security key and multi-factor authentication markets. With the introduction of the Librem Key, Purism joins the ranks of other players—such as Yubico, Google, RSA and so on—in providing hardware tokens for multi-factor authentication. In addition, like the YubiKey 5 series, the Librem Key also provides OpenPGP support with cryptographic functions that take place securely on-key. This allows users to generate and use GnuPG public and private keys without exposing any secret key material to the host computer where the USB device is attached. The Librem Key is based on the German-manufactured Nitrokey Pro 2, but it has been modified to focus on "trusted boot" when used with Purism's Linux laptops. (I take a closer look at what the trusted boot process is and how the Librem Key fits into that process, later in this article.)
  • Atom-based network security appliances focus on industrial control
    Lanner’s Apollo Lake based “LEC-6041” and Bay Trail “LEC-6032” are Linux-supported network security appliances for industrial control monitoring with up to 7x GbE ports, including SFP ports, plus magnetic isolation and extended temp support.