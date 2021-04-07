IBM/Red Hat/Fedora Leftovers
The role of the Orchestrator in GitOps-driven operations
Typically, when a new technology or pattern emerges, various approaches are taken to determine how it best fits into a transformed model. Proponents of traditional methods are sometimes initially met with resistance by eager early adopters, who may discard lessons learned from foundational practices.
Established orchestration approaches versus GitOps methodologies demonstrate this inflection point.
While it would be an oversimplification to assume that one approach entirely can replace the other, we’ll examine the strengths and weaknesses of each in this post and find a balance between the two.
Switching SELinux on and off - Linux Concept
This is perhaps a weird section to begin with, but disabling SELinux is a commonly requested activity. Some vendors do not support their application running on a platform that has SELinux enabled, as those vendors do not have the expertise to develop SELinux policies for their own applications, or are not able to educate their own support lines to deal with SELinux.
Furthermore, system administrators are generally reluctant to use security controls they do not understand or find too complex to maintain. Luckily, SELinux is becoming a de facto standard technology in several Linux distributions, which is increasing its exposure and understanding among administrators. SELinux is also capable of selectively disabling its access controls for a part of a system rather than requiring us to disable it for a complete system.
Podman is gaining rootless overlay support | Enable Sysadmin
Podman can use native overlay file system with the Linux kernel versions 5.13. Up until now, we have been using fuse-overlayfs. The kernel gained rootless support in the 5.11 kernel, but a bug prevented SELinux use with the file system; this bug was fixed in 5.13.
Leveraging Cloud Computing to Enhance the Nation’s Cybersecurity [Ed: Pushing clown computing as a security 'solution' is truly insane (it's the cause of so many issues and a privacy/data protection catastrophe), but this is what IBM emeritus IWB is doing today]
There’s clearly an urgent need to significantly improve the security and resilience of IT systems and applications in light of the growing threat of cyberattacks, which FBI director Christopher Wray recently compared to addressing the challenge of global terrorism following the 9/11 attack. Earlier this week, the NY Times published this front page article - Once, Superpower Summits Were About Nukes. Now, It’s Cyberweapons, that said: “The rising tempo and sophistication of recent attacks on American infrastructure - from gasoline pipelines running up the East Coast, to plants providing a quarter of America’s beef, to the operations of hospitals and the internet itself - has revealed a set of vulnerabilities no president can ignore.” On May 12, President Biden issued an Executive Order to Improve the Nation’s Cybersecurity, a welcome and very important step.
Cloud-based technologies and Cloud Service Provides (CSPs) can play a major role in improving the nation’s cybersecurity. Over the years, CSPs have invested billions in cloud security, hired thousands of top cyber experts, and developed an array of new tools and methods. CIOs generally agree that the security on cloud platforms is superior to that of in-house data centers, a major reason why the top IDC prediction for the post-pandemic new normal was that “By the end of 2021, based on lessons learned, 80% of enterprises will put a mechanism in place to shift to cloud-centric infrastructure and applications twice as fast as before the pandemic.”
Authorino: Making open source, cloud-native API security simple and flexible
Authorino solves a persistent problem that arises when upgrading applications for secure internet use: the need to add authentication or authorization to APIs that were built without these security concepts in mind. Authorino provides an easy, cloud-native way to expose these APIs. You don’t have to modify or rebuild your API. A thin reverse-proxy layer with an external authorization filter, completely configurable via the Kubernetes API, allows you to add the right authentication and authorization model to suit your needs.
This article introduces Authorino with an overview of its uses and benefits, a look at its underlying mechanics, and a brief demonstration based on an example use case.
Java EE and Jakarta EE: What IT leaders should know | The Enterprisers Project
The first thing to know about Java EE is that it’s no longer called Java EE.
“Java EE is under new management,” says Mike Milinkovich, executive director of the Eclipse Foundation.
A bit of a quick history lesson, courtesy of Milinkovich: Oracle contributed Java EE to Eclipse in 2017, and it became an open source project. Subsequently, the name was changed to Jakarta EE. Today, the project is overseen by the Jakarta EE Working Group, which Milinkovich describes as a who’s who of Java industry leaders, such as Fujitsu, IBM, Oracle, Payara, Red Hat, and Tomitribe.
Jakarta EE can be viewed as a bridge between old and new, in the sense that it’s a means of adopting and working with modern technologies without dumping your existing application and infrastructure investments – a nonstarter for most companies, not to mention IT pros who’ve invested significant time and energy in their existing skill sets but want to continue to adapt to newer tools and languages.
Jakarta EE lets you leverage your existing Java EE code - and offers a future for your skilled Java developers.
“Jakarta EE provides your enterprise with two strategic advantages: a path forward for your existing investments in the Java EE application code running your business, and a bright future for the skilled Java developers on your staff,” Milinkovich says.
Hybrid work: 7 signs that meeting should be an email | The Enterprisers Project
Pointless meetings are nothing new; they’re so pervasive that surviving another meeting that should have been an email reached meme status back in the 2000’s. However, this problem risks reaching epidemic status in the age of Zoom. With the ongoing shift to hybrid work - combining office and remote work - video calls are going nowhere soon, so leaders need to know when to use them and when to skip directly to email or chat.
Many people are not using collaboration tools for informal updates.
Six out of ten individuals surveyed early this year by virtual work consultancy Vitira reported that the number of meetings they must attend has increased significantly since the pandemic began. “Most say that the ad-hoc chats they had at the office have been replaced by formal meetings,” says Cynthia Watson (formerly Spraggs), CEO of Vitira and author of a book on how to work from home, “which indicates that many are not using collaboration tools for informal updates.”
