Language Selection

English French German Italian Portuguese Spanish

Red Hat: OperatorHub.io, OpenShift, CVE-2019-5736, Openwashing, Testing Flicker Free Boot on Fedora 29 and Bodhi 3.13.3

Filed under
Red Hat
  • Introducing OperatorHub.io: The place for finding Kubernetes-native services

    Today Red Hat is launching OperatorHub.io in collaboration with AWS, Google Cloud and Microsoft. OperatorHub.io is designed to be the public registry for finding Kubernetes Operator backed services.

    Introduced by CoreOS in 2016, and now championed by Red Hat and a large portion of the Kubernetes community, the Operator pattern enables a fundamentally new way to automate infrastructure and application management tasks using Kubernetes as the automation engine. With Operators, developers and Kubernetes administrators can gain the automation advantages of public cloud-like services, including provisioning, scaling, and backup/restore, while enabling the portability of the services across Kubernetes environments regardless of the underlying infrastructure.

    As the Operator concept has experienced growing interest across upstream communities and software providers, the number of Operators available has increased. However, it remains challenging for developers and Kubernetes administrators to find available Operators, including those that meet their quality standards. With the introduction of OperatorHub.io, we are helping to address this challenge by introducing a common registry to publish and find available Operators. At OperatorHub.io, developers and Kubernetes administrators can find curated Operator-backed services for a base level of documentation, active communities or vendor-backing to show maintenance commitments, basic testing, and packaging for optimized life-cycle management on Kubernetes.

  • Getting started with the Couchbase Autonomous Operator in Red Hat OpenShift 3.11
  • Latest container exploit (runc) can be blocked by SELinux

    A flaw in runc (CVE-2019-5736), announced last week, allows container processes to "escape" their containment and execute programs on the host operating system. The good news is that well-configured SELinux can stop it.

  • Open Outlook: Open culture [Ed: More of Red Hat's typical openwashing]
  • Testing Flicker Free Boot on Fedora 29

    For those of you who want to give the new Flicker Free Boot enhancements for Fedora 30 a try on Fedora 29, this is possible now since the latest F29 bugfix update for plymouth also includes the new theme used in Fedora 30.

  • Bodhi 3.13.3 released

Kubernetes blog on OperatorHub.io

  • Automate Operations on your Cluster with OperatorHub.io

    One of the important challenges facing developers and Kubernetes administrators has been a lack of ability to quickly find common services that are operationally ready for Kubernetes. Typically, the presence of an Operator for a specific service - a pattern that was introduced in 2016 and has gained momentum - is a good signal for the operational readiness of the service on Kubernetes. However, there has to date not existed a registry of Operators to simplify the discovery of such services.

    To help address this challenge, today Red Hat is launching OperatorHub.io in collaboration with AWS, Google Cloud and Microsoft. OperatorHub.io enables developers and Kubernetes administrators to find and install curated Operator-backed services with a base level of documentation, active maintainership by communities or vendors, basic testing, and packaging for optimized life-cycle management on Kubernetes.

    The Operators currently in OperatorHub.io are just the start. We invite the Kubernetes community to join us in building a vibrant community for Operators by developing, packaging, and publishing Operators on OperatorHub.io.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Announcing the election for the next TDF Board of Directors

On October 18, we officially announced the upcoming election for the next Board of Directors of The Document Foundation, the non-profit entity behind LibreOffice. As per § 7 II of our statutes (binding German version and non-binding English translartion) the Board’s term lasts two years. The current Board started its duty on February 18, 2020. Therefore, the old Board remains in charge until the end of February 17, 2022, so the new Board will be in charge the day after that, which is February 18, 2022. That upcoming term will then (regularly) end on February 17, 2024, so the next election of the Board of Directors will take place before. As per § 6 III, only members of the Board of Trustees of The Document Foundation, as well as current members of any of its bodies, are eligible to be elected into the Board of Directors, and the election is prepared and supervised by the Membership Committee (§ 7 II). Read more

VirtualBox 6.1.28 Released with Initial Support for Linux 5.14 and 5.15 Kernels

VirtualBox 6.1.28 is here about three months after VirtualBox 6.1.26 to introduce initial guest and host support for the Linux 5.14 and 5.15 kernel series. This means that you can now use VirtualBox on GNU/Linux systems powered by Linux kernels 5.14 or 5.15, as well as to run distributions powered by Linux 5.14 or 5.15 kernels inside virtual machines. In addition, this release introduces initial support for the upcoming Red Hat Enterprise Linux 8.5 operating system, improves the detection of kernel modules in Linux hosts to prevent unnecessary rebuilds, fixes a display corruption on Linux Mint systems, and adds bindings support for Python 3.9. Read more

More Mozilla Spying and Management Shuffle

  • William Lachance: Learning about Psychological Safety at the Recurse Center

    Some context: I’m currently working as a software engineer at Mozilla, building out our data pipeline and analysis tooling. I’ve been at my current position for more than 10 years (my “anniversary” actually passed while I was out). I started out as a senior engineer in 2011, and was promoted to staff engineer in 2016. In tech-land, this is a really long tenure at a company. I felt like it was time to take a break from my day-to-day, explore some new ideas and concepts, and hopefully expose myself to a broader group of people in my field. My original thinking was that I would mostly be spending this time building out an interactive computation environment I’ve been working on called Irydium. And I did quite a bit of that. However, I think the main thing I took away from this experience was some insight on what makes a remote environment for knowledge work really “click”. In particular, what makes somewhere feel psychologically safe, and how this feeling allows us to innovate and do our best work. While the Recurse Center obviously has different goals than an organization that builds and delivers consumer software, I do think there are some things that it does that could be applied to Mozilla (and, likely, many other tech workplaces).

  • [Older] Firefox Now Sends Your Address Bar Keystrokes to Mozilla

    Firefox now sends more data than you might think to Mozilla. To power Firefox Suggest, Firefox sends the keystrokes you type into your address bar, your location information, and more to Mozilla’s servers. Here’s exactly what Firefox is sharing and how to control it.

  • Support.Mozilla.Org: What’s up with SUMO – October 2021

    As we enter October, I hope you’re all pumped up to welcome the last quarter of the year and, basically, wrapping up projects that we have for the remainder of the year. With that spirit, let’s start by welcoming the following folks into our community. [...] Thanks for Jefferson Scher for straightening the Firefox Suggest confusion on Reddit. That definitely help people to understand the feature better.

  • Welcome Imo Udom, Mozilla’s new Senior Vice President, Innovation Ecosystems

    I am delighted to share that Imo Udom has joined Mozilla as Senior Vice President, Innovation Ecosystems. Imo brings a unique combination of strategy, technical and product expertise and an entrepreneurial spirit to Mozilla and our work to design, develop and deliver new products and services.

Security Leftovers

  • Security updates for Tuesday

    Security updates have been issued by Debian (redmine and strongswan), Fedora (containerd, fail2ban, grafana, moby-engine, and thunderbird), openSUSE (curl, firefox, glibc, kernel, libqt5-qtsvg, rpm, ssh-audit, systemd, and webkit2gtk3), Red Hat (389-ds:1.4, curl, kernel, kernel-rt, redis:5, and systemd), SUSE (util-linux), and Ubuntu (ardour, linux-azure, linux-azure-5.11, and strongswan).

  • Best Open Source Security Tools | eSecurityPlanet

    Over the past quarter of a century, the open source movement has gone from strength to strength. But that success and the openness inherent in the community have led to a major challenge – security. The more software that is developed, the greater the likelihood there is for vulnerabilities. To make matters worse, the open source world prides itself on openness and transparency. Therefore, any security vulnerabilities are disclosed publicly. In this age of organized gangs of cybercriminals, that is like placing an ad asking for an attack. This has given rise to a large number of open source security tools. They take care of all aspects of the management of security in open source components, examine dependencies, fix bugs in code, and lower risk.

  • Credit card PINs can be guessed even when covering the ATM pad

    Researchers have proven it’s possible to train a special-purpose deep-learning algorithm that can guess 4-digit card PINs 41% of the time, even if the victim is covering the pad with their hands. The attack requires the setting up of a replica of the target ATM because training the algorithm for the specific dimensions and key spacing of the different PIN pads is crucially important.

  • Using Machine Learning to Guess PINs from Video - Schneier on Security

    This works even if the person is covering the pad with their hands.

  • Google Developing "SiliFuzz" For Fuzzing CPUs To Uncover Electrical Defects - Phoronix

    With OSS-Fuzz for continuous fuzzing of open-source projects and along with working on the various sanitizers for compilers, Google has been doing a lot for proactively uncovering software defects in key open-source projects. Now though a group of their engineers have been working on SiliFuzz for software aiming to discover new CPU defects.