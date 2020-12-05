MariaDB is a popular open-source SQL database management system that is a fork and drop-in replacement for MySQL. Since the acquisition of MySQL by Oracle, MariaDB has become the database system of choice by the open-source community. MariaDB provides improved performance with faster replication speeds, tighter security measures, and additional storage engines to mention a few benefits. In this guide, you will learn how to install MariaDB on CentOS 7. There are two ways of installing the MariaDB server. You can install the default version that is available on CentOS 7 repositories or install the latest version by manually adding the MariaDB repository.

Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from Cockpit version 234 and Cockpit-Podman 26. [...] Cloning copies a virtual machine into a new VM, duplicating configuration and storage. After cloning, the original VM and its clone are nearly identical, with the exception of the few configuration changes that need to differ. Virtual machine cloning is often used for preparing an optimal virtual machine and then quickly spinning up several similar VMs without having to step through an installation process.

Analyzing your transformation path with migration toolkit for applications is just the beginning of modernizing a monolithic Java application. As a next step, you could break the application into microservices using cloud-native runtimes such as Quarkus, Spring Boot, and Node.js. With support from Red Hat Runtimes, you can gradually refactor your entire, monolithic application as a set of distributed cloud-native microservices.

Since we created the Rust teams, I have been serving as lead of two teams: the compiler team and the language design team (I’ve also been a member of the core team, which has no lead). For those less familiar with Rust’s governance, the compiler team is focused on the maintenance and implementation of the compiler itself (and, more recently, the standard library). The language design team is focused on the design aspects. Over that time, all the Rust teams have grown and evolved, with the compiler team in particular being home to a number of really strong members. Last October, I announced that pnkfelix was joining me as compiler team co-lead. Today, I am stepping back from my role as compiler team co-lead altogether. After taking nominations from the compiler team, pnkfelix and I are proud to announce that wesleywiser will replace me as compiler team co-lead. If you don’t know Wesley, there’ll be an announcement on Inside Rust where you can learn a bit more about what he has done, but let me just say I am pleased as punch that he agreed to serve as co-lead. He’s going to do a great job.

Welcome back to episode 10 of the previously-stream-of-consciousness-now-abbreviated log of me trying to teach myself the Rust programming language, stumbling my way through the puzzles from Advent of Code 2020. I have noticed that by now doing a puzzle each day and writing about it is somewhat tiring. I’ve found myself eager to solve the puzzle in the quickest way possible rather than to use each day’s puzzle as an excuse to learn a new language feature in Rust. But on the other hand I think that’s OK! Despite that, I am still enjoying it and looking forward each day to seeing what the new puzzle is. It’s just fine to want to solve puzzles in a hacky way; once the puzzle is solved, it’s done!

Welcome again to the not-so-stream-of-consciousness log, where the puns in the titles get worse every day. Today’s topic is the same as every day’s topic: me teaching myself the Rust programming language by doing programming puzzles from Advent of Code 2020.

It’s Day 8 of the no-longer-so-stream-of-consciousness-log of teaching myself the Rust programming language by solving the programming puzzles at Advent of Code 2020. Today I start off by refactoring my boilerplate code some more. I got loads of friendly advice from Federico Mena Quintero including how to configure Cargo so that the main.rs doesn’t have to be in a subdirectory, some reading material on error handling which I am working my way through, and a talk which I watched last night while washing the dishes, on Rust programs as a dialogue between the programmer and the compiler. A dialogue between the programmer and the compiler is certainly what some of these puzzles have been!

way to specify multiply branched conditionals in the Python language—akin to the C switch statement—has been a longtime feature request. Over the years, various proposals have been mooted, but none has ever crossed the finish line and made it into the language. A highly ambitious proposal that would solve the multi-branch-conditional problem (and quite a bit more) has been discussed—dissected, perhaps—in the Python community over the last six months or so. We have covered some of the discussion in August and September, but the ground has shifted once again so it is time to see where things stand. It seems quite possible that this could be the last major change that is made to the language—if it is made at all. As with many mature projects, there is a good deal of conservatism that tends to rear its head when big changes are proposed for Python. But this proposal has the backing of project founder (and former benevolent dictator for life) Guido van Rossum and has attracted support from other core developers—as well as opposition from within that group. It may also depend on one's definition of major, of course, but large syntactic and semantic language changes are definitely finding major headwinds in the Python community these days.

These concepts are the basis of most programming languages. Once you understand them, you can start figuring the rest out. Programming languages usually share some similarities. Once you know one programming language, you can learn the basics of another by recognizing its differences.

Have you noticed, that when building an API, you often keep writing the same code over and over again? You create a controller for [name your entity here] with methods for listing, creating, showing, updating, and deleting that [entity]. Then you create another controller, and it happens again, and again. Then you need to write some custom methods (endpoints) just to support updating a relation or a field on the pivot table? Sounds familiar, isn’t it? Over the past year I was working on a Laravel package that does exactly that – abstracts these patterns, so you could focus on what really matters – building your application. Laravel Orion allows you to build fully-featured REST APIs in a matter of minutes by providing common endpoints for CRUD operations, working with soft deletable models, and performing a comprehensive search. It works hand in hand with Laravel solutions like Requests for handling validation, Policies for handling authorization, and Resources for transforming responses.

New LWN Articles About Kernel Internals and Linux News From Phoronix Challenges in protecting virtual machines from untrusted entities As an ever-growing number of workloads are being moved to the cloud, CPU vendors have begun to roll out purpose-built hardware features to isolate virtual machines (VMs) from potentially hostile parties. These processor features, and their extensions, enable the notion of "secure VMs" (or "confidential VMs") — where a VM's "sensitive state" needs to be protected from untrusted entities. Drawing from his experience contributing to the secure VM implementation for the s390 architecture, Janosch Frank described the challenges involved in a talk at the 2020 (virtual) KVM Forum. Though the implementations across CPU vendors may vary, there are many shared problems, which opens up possibilities for collaboration. Secure Encrypted Virtualization (SEV) from AMD (more information is available in the slides [PDF] from a talk at last year's KVM Forum and LWN's brief recap of it), Trust Domain Extensions (TDX) by Intel, and IBM's Secure Execution for s390 (last year's KVM Forum talk [YouTube] about it) and Power are some of the hardware technologies that aim to protect virtual machines from potential malicious entities. Other architectures, such as Arm, are expected to follow suit. The sensitive state of a secure VM should not be accessible from the hypervisor, instead a "trusted entity" — a combination of software, CPU firmware, and hardware — manages it. But this raises a question: What counts as "sensitive state"? The lion's share comprises the guest's memory contents, which can contain disk encryption keys and other sensitive data. In addition, guest CPU registers can hold sensitive cryptographic key fragments. The execution path of the VM is another; a rogue hypervisor can potentially change the execution flow of a VM — e.g. it can inject an exception into the guest, which is highly undesirable. Therefore, effective "VM controls" that decide which instructions to execute, and how they're executed, must be protected. Furthermore, a hostile hypervisor, even if it can't extract any information from its guests, can still mount a denial-of-service (DoS) attack on them. Then there is "data at rest" (i.e. guest data stored on disk), which is often not protected by the trusted entity; it is the VM's responsibility to protect it with common techniques such as disk encryption. Successfully protecting VMs and their data allows users to deploy sensitive workloads in public clouds.

Scheduling for asymmetric Arm systems The Arm processor architecture has pushed the boundaries in a number of ways, some of which have required significant kernel changes in response. For example, the big.LITTLE architecture placed fast (but power-hungry) and slower (but more power-efficient) CPUs in the same system-on-chip (SoC); significant scheduler changes were needed for Linux to be able to properly distribute tasks on such systems. For all their quirkiness, big.LITTLE systems still feature CPUs that are in some sense identical: they can all run any task in the system. What is the scheduler to do, though, if confronted with a system where that is no longer true? Multiprocessor support on Linux was born in the era of symmetric multiprocessing — systems where all CPUs are, to a first approximation, identical. Any CPU can run any task with essentially the same performance; the scheduler's main concern on SMP systems is keeping all of the CPUs busy. While cache effects and NUMA locality discourage moving tasks between CPUs, the specific CPU chosen for any given task is usually a matter of indifference otherwise. Big.LITTLE changed that assumption by bundling together CPUs with different performance characteristics; as a result, the specific CPU chosen for each task became more important. Putting tasks on the wrong CPU can result in poor performance or excessive power consumption, so it is unsurprising that a lot of work has gone into the problem of optimally distributing workloads on big.LITTLE systems. When the scheduler gets it wrong, though, performance will suffer, but things will still work. Future Arm designs, though, include systems where some CPUs can run both 64-bit and 32-bit tasks, while others are limited to 64-bit tasks only. The advantage of such a design will be reduced chip area devoted to 32-bit support which, on many systems, may never actually be used at all; meanwhile, the ability to run the occasional 32-bit program still exists. The cost, though, is the creation of a system where some CPUs cannot run some tasks at all. The result of an incorrect scheduling choice is no longer a matter of performance; it could be catastrophic for the workload involved.

epoll_pwait2(), close_range(), and encoded I/O The kernel's "epoll" subsystem provides a high-performance mechanism for a process to wait on events from a large number of open file descriptors. Using it involves creating an epoll file descriptor with epoll_create(), adding file descriptors of interest with epoll_ctl(), then finally waiting on events with epoll_wait() or epoll_pwait(). When waiting, the caller can specify a timeout as an integer number of milliseconds. The epoll mechanism was added during the 2.5 development series, and became available in the 2.6 release at the end of 2003. Nearly 20 years ago, when this work was being done, a millisecond timeout seemed like enough resolution; the kernel couldn't reliably do shorter timeouts in any case. In 2020, though, one millisecond can be an eternity; there are users who would benefit from much shorter timeouts than that. Thus, it seems it is time for another update to the epoll API. Willem de Bruijn duly showed up with a patch set adding nanosecond timeout support to epoll_wait(), but it took a bit of a roundabout path. Since there is no "flags" argument to epoll_wait(), there is no way to ask for high-resolution timeouts directly. So the patch set instead added a new flag (EPOLL_NSTIMEO) to epoll_create() (actually, to epoll_create1(), which was added in 2.6.27 since epoll_create() also lacks a "flags" argument). If an epoll file descriptor was created with that flag set, then the timeout value for epoll_wait() would be interpreted as being in nanoseconds rather than milliseconds.

ID mapping for mounted filesystems Almost every filesystem (excepting relics like VFAT) implements the concept of the owner and group of each file; the higher levels of the operating system then use that information to control access to those files. For decades, it has usually sufficed to track a single owner and group for each file, but there is an increasing number of use cases wanting to make that ownership relative to the environment any given process is running in. Developers have been working for a few years to find solutions to this problem; the latest attempt is the ID-mapped mounts patch set from Christian Brauner. In truth, the ID-mapping problem is not exactly new. User and group IDs for files only make sense across a management domain if there is a single authority controlling the assignment of those IDs. Since that is often not the case, network filesystems like NFS have had the ability to remap IDs for many years. The growth of virtualization and container technologies has brought the problem closer to home; there can be multiple management domains running on a single machine. The NFS ID-remapping mechanism is of little use if NFS itself is not being used.

Intel Adding Interface To Pass Workload Hints To The Linux Kernel For Thermal/Power Purposes - Phoronix Intel's INT340X thermal code that is used by the likes of the Intel Thermal Daemon "Thermald" for thermal/power management with their modern SoCs will now be able to accept workload hints for making more informed thermal decisions. With Linux 5.11 the INT340X kernel code is set to see a mailbox driver introduced for handling of workload hints. The intent is to give an indication to the hardware/firmware about what's being run in order to better manage the system power and thermal conditions.

Some Of The Features You Can Expect To See With Linux 5.11: Lots From AMD, Intel - Phoronix The Linux 5.10 kernel is expected to be released this Sunday that will in turn start the Linux 5.11 merge window. Based on the material queued so far into the various "-next" branches, here is a look at what should be on the table for this next major kernel release and come February will be the first major kernel release of 2021.

PowerPC 40x Support Slated For Removal From The Linux Kernel - Phoronix Following the original, first-generation PowerPC CPU support being removed in the Linux 5.10 kernel, the original PowerPC 400 series is also looking like it will now be removed as well from the kernel. Patches were sent out for PowerPC 40x platform removal from the mainline kernel. This is for the early PowerPC 40x series parts but doesn't go as far as removing the newer but still old PowerPC 440 series. The PowerPC 40x platforms of Acadia, Kilauea, Klondike, Makalu, OBS600, and Walnut are all set for removal as part of this clearing of the 40x-specific code.

OpenZFS Now Supports Reacting To CPU/Memory Hot-Plugging - Phoronix Following the recent OpenZFS 2.0 release, a new feature that has landed in the latest OpenZFS development code is the ability to respond to CPU and memory hot-plugging.

Classic OSMesa Retires In Mesa 21.0 As The Worst Of The Software Rendering Paths - Phoronix While working on some core Mesa cleaning/improvements, Eric Anholt has retired the classic OSMesa support in next quarter's Mesa 21.0. Those wanting Mesa software rendering in 2020 and beyond should really be using LLVMpipe or otherwise Softpipe should LLVM not be available for your software/hardware platform. LLVMpipe offers much better performance not to mention OpenGL 4.6 and is actually maintained. With classic OSMesa code just rotting and being of minimal use these days for off-screen rendering, the classic code has been gutted.