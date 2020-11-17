Language Selection

IBM/Red Hat/SUSE Leftovers

Submitted by Roy Schestowitz on Wednesday 18th of November 2020 06:56:59 PM
Red Hat
SUSE

  • Secure your containers with SELinux | Opensource.com

    When things aren't working correctly in your Linux environment, the easiest thing to do is disable Security-Enhanced Linux (SELinux). Things suddenly begin to work, and you forget about it—but this is a common pitfall that means you've lost a very powerful security tool.

    Threats are rising alongside the rise of containers, microservices, and distributed architecture. This is due to an old, well-known issue: velocity. The advantage of containers is that they enable you to move fast, do more, and change quickly. This means container adoption has gone off the roof, but the speed it affords also means you will encounter more issues and vulnerabilities. This happens naturally when you're doing more things faster and quicker.

  • How to fix Linux EFI secure-boot shim bootloop issue - Hans' hacking log — LiveJournal

    How to fix the Linux EFI secure-boot shim bootloop issue seen on some systems.

    Quite a few Bay- and Cherry-Trail based systems have bad firmware which completely ignores any efibootmgr set boot options. They basically completely reset the boot order doing some sort of auto-detection at boot. Some of these even will given an error about their eMMC not being bootable unless the ESP has a EFI/Microsoft/Boot/bootmgfw.efi file!

    Many of these end up booting EFI/Boot/bootx64.efi unconditionally every boot. This will cause a boot loop since when Linux is installed EFI/Boot/bootx64.efi is now shim. When shim is started with a path of EFI/Boot/bootx64.efi, shim will add a new efibootmgr entry pointing to EFI/fedora/shimx64.efi and then reset. The goal of this is so that the firmware's F12 bootmenu can be used to easily switch between Windows and Linux (without chainloading which breaks bitlocker). But since these bad EFI implementations ignore efibootmgr stuff, EFI/Boot/bootx64.efi shim will run again after the reset and we have a loop.

  • How security and compliance automation can help achieve a more secure hybrid cloud

    In hybrid cloud environments, where workloads are deployed in physical hosts, virtual machines and containers across on-premise and cloud environments, security becomes more and more complex. As a part of the AnsibleFest Virtual Experience, Lucy Kerner, a Red Hat security strategist and evangelist, and Justin Lacey, a Red Hat solution architect, led the breakout session "Implementing a secure hybrid cloud using security and compliance automation." The session highlighted a combination of Red Hat technologies that can help simplify and improve security and compliance in a hybrid cloud environment at scale using automation. Missed out on this session? We’re recapping some key points here.

  • Renewing my thrill at work with Ansible | Enable Sysadmin

    Ansible empowered me to utilize my own technical strengths and passion to improve processes and enjoy my time.

  • Using Multus and DataVolume in KubeVirt - Red Hat Developer

    KubeVirt is a cloud-native virtual machine management framework based on Kubernetes. KubeVirt orchestrates workloads running on virtual machines in the same way that Kubernetes does for containers. KubeVirt has many features for managing the network, storage, images, and the virtual machine itself. This article focuses on two mechanisms for configuring network and storage requirements: Multus-CNI and CDI DataVolumes. You will learn how to configure these KubeVirt features for use cases that require high performance, security, and scalability.

    [...]

    As a cloud-native virtual machine management framework, KubeVirt adopts cloud-native technologies alongside its own inventions. As a result, KubeVirt APIs and controllers support flexible and scalable virtual machine configurations and management that can integrate well with many technologies in the cloud-native ecosystem. This article focused on KubeVirt’s network and storage mechanisms. We look forward to sharing more exciting features in the future, including KubeVirt’s mechanisms for handling CPU, memory, and direct device access.

  • Addressing Modern IT Infrastructure Management with SUSE Manager and SUSE Manager for Retail

    Applications hide in containers, systems hide in other systems, new configurations appear and disappear with a single mouse click, and every file is a potential threat. It is no wonder that CIOs and IT managers are looking for new tools and a new approach that will bring harmony, safety and economy to precious IT assets in changing times. Welcome to the new world of IT infrastructure management.

  • SUSE Manager certified on Nutanix Acropolis Hypervisor

    Nutanix provides a fully software-defined stack that integrates compute, virtualization, storage, networking, and security to power any application at any scale. Nutanix Acropolis Hypervisor is their enterprise-ready hypervisor, offering integrated virtualization, app mobility, management, operational insights, and security.

    We are very excited that SUSE Manager is now certified on Nutanix Acropolis Hypervisor. As part of the Nutanix Ready Program SUSE Manager is now a recommended and trusted application. With this certification SUSE Manager can run confidently on Nutanix infrastructure.

Linux and open source: The biggest issue in 2020

For the most part, 2020 was actually pretty good for open source. Enterprise-level companies embraced open source software even further, containers and the cloud became even more crucial to both businesses and consumers, the Linux community found a larger piece of the support pie from large manufacturers like Microsoft, and distributions continued to wow. That doesn't mean the year was full of celebrations, as there were some rather cringe-worthy moments. A good number of major open source projects suffered from poorly written or out of date documentation, DockerHub started throttling image downloads, etc. There was, however, one particular issue open source faced in 2020 that will not only go down as a thorn in the side of the community for the year, but will probably haunt us moving forward. Read more

Banana Pi quad-GbE router SBC features M.2 and five mini-PCIe slots with SIM

SinoVoip’s $750 “Banana Pi GrassRouter” is a quad-GbE router board for mobile communications that runs Linux on a dual-core -A53 MediaTek MT7622E and offers 5x mini-PCIe for 4G, M.2 for 5G, and 7x SIM slots. In Aug. 2019, SinoVoip launched a $68 Banana Pi BPI-R64 router board with 4x GbE ports, a WAN port, and dual mini-PCIe slots. As part of the company’s “BPI 4.0 server” OEM/ODM customization service, the company developed a customized multi-link fusion version of the board for a customer with more mini-PCIe and SIM card slots. This Banana Pi GrassRouter SBC is now publicly available for $750. Read more

Mozilla and Tor: Release and Greenwashing

  • Tor Browser 10.0.5

    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody from watching your Internet connection and learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.

  • Release: Mozilla’s Greenhouse Gas emissions baseline - The Mozilla Blog

    Today, we are releasing our baseline Greenhouse Gas emissions (GHG) assessment for 2019, which forms the basis upon which we will build to reduce and mitigate Mozilla’s organisational impact. [...] Their impact is significant, and it is an approximation. We can’t yet really measure the energy required to run and use our products specifically. Instead, we are estimating how much power is required to use the devices needed to access our products for the time that we know people spent on our products. In other words, we estimate the impact of desktop computers, laptops, tablets, or phones while being online overall. For now, this helps us get a sense of the impact the internet is having on the environment. Going forward, we need to figure out how to reduce that share while continuing to grow and make the web open and accessible to all. The emissions related to our business services and operations cover all other categories from the GHG protocol that are applicable to Mozilla. For 2019, this includes 10 offices and 6 co-locations, purchased goods and services, events that we either host or run, all of our commercial travel including air, rail, ground transportation, and hotels, as well as estimates of the impact of our remote workforce and the commute of our office employees, which we gathered through an internal survey.

Programming Leftovers

  • Apply the Scientific Method to agile development

    Experimentation is the foundation of the scientific method, which is a systematic means of exploring the world around us. But experimentation is not only reserved for the field of scientific research. It has a central place in the world of business too. Most of us are by now familiar with the business methodology called Minimum Viable Product (MVP). This Minimum Viable Product is basically just an experiment. By building and launching MVPs, business operations are engaging in a systematic means of exploring the markets. If we look at market leaders today, we learn that they’re not doing projects anymore; the only thing they’re doing is experiments. Customer discovery and lean strategies are only used to test assumptions about the markets. Such an approach is equivalent to Test-Driven Development (TDD), which is the process we are intimately familiar with. In TDD, we write the hypothesis (the test) first. We then use that test to guide our implementation. Ultimately, product or service development is no different than TDD—we first write a hypothesis, then that hypothesis guides our implementation, which serves as measurable validation of the hypothesis.

  • Qt Design Studio 2.0 Beta released

    Qt Design Studio is a UI design and development tool that enables designers and developers to rapidly prototype and develop complex UIs. Both designers and developers use Qt Design Studio and this makes collaboration between the two a lot simpler and more streamlined. To get an impression, you should watch this video.

  • Qt Design Studio 2.0 Beta Released For Quickly + Easily Designing UIs

    The Qt Company has released their public beta of the forthcoming Qt Design Studio 2.0, their software for quickly and easily designing user interfaces with an emphasis on UI design for non-programmers. Qt Design Studio 2.0 is focused on improving the user experience for developing these Qt-based UIs. The 2.0 Beta release has improvements around thumbnail generation, rotating items, navigator improvements, and other enhancements.

  • Check the day of year, given a date

    The ugliest function in my data-auditing toolkit is "chkday". I wrote it for data tables containing both a date in ISO 8601 format and the corresponding day number for the given year.

