Arch Family: Kubernetes in Arch Linux and aurutils 3.0.0
-
Arch Linux got kubernetes packaged into the [community] repository the past week with the hard work of David Runge. I contribute to testing the packages so I thought it would be interesting to write up quickly the testing that was done. Originally I did the testing with docker but with the dockershim deprecation I rewrote the blog to utilize containerd instead.
David has reworked the kubernetes archwiki article as well. It currently doesn’t cover all use cases and contributions welcome. I will try cover the containerd parts of this page to the wiki.
-
With the amount of changes, details spread over pull requests, git commit logs, and the documentation, I've written this post to detail the most important changes in aurutils 3.0.0. If you've used aurutils 2.3 before, I highly recommend reviewing the Transition table. Happy hacking!
Open Hardware: Raspberry Pi and Arduino, Among Others
-
-
The Raspberry Pi 4 is a pretty cool board, but if you wished it was just a bit smaller, and you could use the PCIe interface exposed by the Broadcom BCM2711 processor more easily, Timon has designed Piunora carrier board for the Raspberry Pi Compute Module 4. The solution provides a board with the guts of Raspberry Pi 4 SBC but using the Arduino form factor including access to the six ADC pins, and an M.2 socket with the PCIe signal from the Broadcom SoC.
-
We’ve all see Christmas ornaments shaped like a ball – interesting, but a bit passive. Will Donaldson, however, has created an amazing enhancement for these “orbaments,” adding a rheoscopic fluid inside that shows turbulent swirling patterns as it moves.
The fluid is simply tap water and food coloring, plus the special rheoscopic concentrate that contains an array of light reflecting particles. To maintain a state or turbulence, Donaldson affixed a small drone-style motor to the hanger assembly on top of each orb using hot glue.
Motors were inserted with propellers attached, which were bent to fit inside. To vary the speed of the turbulence, Donaldson included an Arduino Nano, along with an L293 driver, using the analogWrite() function for PWM control.
-
The company also offers a range of carrier boards for people not wanting to design their own custom baseboards for Notecard M.2 module that include support for LiPo or AA battery, Raspberry Pi HAT, a minimal board with micro USB, and one model designed for “embedded design”, meaning integration into end products.
-
The low power consumption technology of the development board reduces the current requirements. This significantly improves the design by eliminating the heat factor. The ASIC optimized for DSP intensive deep learning applications makes it multifunctional to perform voice, vision, and vibration detection and recognition. The all-in-one EVB contains many inbuilt devices that make it a good option over other “high profile boards such as the Arduino Nano 33 BLE Sense and ESP32” The support for the Tensorflow Lite Microcontrollers adds an additional feature of easy deployment. In terms of performance, the latency time for the 250KB TensorFlow Lite for Microcontrollers “Person detection” example is only 40ms, while the latency time of the 20KB TensorFlow Lite for Microcontrollers “Micro speech” example is only 6ms.
today's howtos
-
Building Encrypted Images for Confidential Computing [Ed: Confidential Computing is typically just a misleading euphemism of surveillance companies that steal your data and then pretend to value your privacy by encrypting the stolen data for themselves and their data brokers
With both Intel and AMD announcing confidential computing features to run encrypted virtual machines, IBM research has been looking into a new format for encrypted VM images. The first question is why a new format, after all qcow2 only recently deprecated its old encrypted image format in favour of luks. The problem is that in confidential computing, the guest VM runs inside the secure envelope but the host hypervisor (including the QEMU process) is untrusted and thus runs outside the secure envelope and, unfortunately, even for the new luks format, the encryption of the image is handled by QEMU and so the encryption key would be outside the secure envelope. Thus, a new format is needed to keep the encryption key (and, indeed, the encryption mechanism) within the guest VM itself. Fortunately, encrypted boot of Linux systems has been around for a while, and this can be used as a practical template for constructing a fully confidential encrypted image format and maintaining that confidentiality within a hostile cloud environment. In this article, I’ll explore the state of the art in encrypted boot, constructing EFI encrypted boot images, and finally, in the follow on article, look at deploying an encrypted image into a confidential environment and maintaining key secrecy in the cloud.
[...]
Traditionally grub is actually installed into the disk master boot record, but for EFI boot that changed and the disk (or VM image) must have an EFI System partition which is where the grub.efi binary is installed. Part of the job of the grub.efi binary is to find the root partition and source the /boot/grub1/grub.cfg. When you install grub on an EFI partition a search for the root by UUID is actually embedded into the grub binary. Another problem is likely that your distribution customizes the location of grub and updates the boot variables to tell the system where it is. However, a cloud image can’t rely on the boot variables and must be installed in the default location (\EFI\BOOT\bootx64.efi). This default location can be achieved by adding the –removable flag to grub-install.
-
Jenkins in the Ops space is in general already painful. Lately the deprecation of the multiple-scms plugin caused some headache, becaue we relied heavily on it to generate pipelines in a Seedjob based on structure inside secondary repositories. We kind of started from scratch now and ship parameterized pipelines defined in Jenkinsfiles in those secondary repositories. Basically that is the way it should be, you store the pipeline definition along with code you'd like to execute. In our case that is mostly terraform and ansible.
-
In Linux, a service is a program that runs in the background . Services can be started on-demand or at the boot time.
If you are using Linux as your primary operating system or development, platform you will deal with different services such as webserver, ssh or, cron . Knowing how to list running services or check the service status is important when debugging system issues.
Most of the recent Linux distributions are using systemd as the default init system and service manager.
-
Once the servers have created & have been deployed to development or production etc, main task of system admin is to make sure that servers keep running by continuously monitoring its resource usage like memory utilization, CPU utilization etc with the help of various utilities. One such utility that is used for monitoring RHEL/CentOS servers is, SAR.
SAR or System Activity Report is used for monitoring Linux system resources . It can be used to generate reports relating to performance of a system i.e CPU reports, Memory reports, Disk reports etc. It saves reports in the form of log files on the system.
-
Netcat (also known as ‘nc’) is a networking tool used for reading or writing from TCP and UDP sockets using an easy interface. It is designed as a dependable ‘back-end’ device that can be used directly or easily driven by other programs and scripts. Therefore, this tool is a treat to network administrators, programmers, and pen-testers as it’s a feature rich network debugging and investigation tool.
-
As you may or may not be aware, I work for Canonical on Snapcraft and Ubuntu. I use Ubuntu as my daily driver, and spend a lot of time maintaining snap packages, and listening to developers and users talk about software packaging, publishing, delivery and use.
Over time I’ve collected a bunch of virtual notes in my head. Much of it has been turned into documentation, but often the information is rather spread out. I wanted to “brain dump” a bunch of notes, for common things people ask me about snap, snapd and snapcraft. Here’s the first set, about snap / snapd. A later post will focus on snapcraft.
-
Data processing is at the core of every business. A PC with mediocre specs is decent enough for simple data processing, but on a larger scale, it will not suffice. As data continues to grow, businesses are always searching for the latest technologies that can accelerate data processing. High-speed computer components are crucial in processing big chunks of data real-time. One of the key components that require upgrading is the internal secondary storage device. These devices play a vital role in capturing, accessing, processing and transforming data, and these have evolved significantly to meet business demands. NVMe (Non-Volatile Memory Express) drive is the latest and by far the fastest evolution of storage devices. Before we delve deeper into NVMe, let’s briefly look at the different internal secondary storage media utilized today.
Audiocasts/Shows: TLLTS, LINUX Unplugged, Open Source Security, and Former Linux Journal Staff
-
icewm, xfce, sansa clip, toys, happy holidays
-
Mike details his favorite python tools and his tricks for performance concerns.
Plus a bunch of workspace improvment ideas, feedback, and more.
-
Screensharing is various apps can be kind of a pain so instead of doing that why you just turn OBS into a camera and then just do everything from OBS instead, and we're doing this with a simple plugin known as obs v4l2sink which will soon be a main part of OBS.
-
Josh and Kurt talk about the idea of information wanting to be free. It’s Christmas, we should give it what it wants!
-
Doc Searls and Katherine Druckman talk to Kyle Rankin and Petros Koutoupis about the SolarWinds hack, and Facebook's reaction to Apple privacy initiatives.
Recent comments
1 hour 17 sec ago
1 hour 48 min ago
3 hours 27 min ago
8 hours 4 min ago
8 hours 9 min ago
8 hours 27 min ago
15 hours 47 min ago
17 hours 10 min ago
17 hours 19 min ago
22 hours 58 min ago