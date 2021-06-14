The Istio Gateway and DestinationRule can load private keys and certificates from Kubernetes secrets via the credentialName configuration. For Istio 1.8 and above, the secrets are conveyed from Istiod to gateways or workloads via the XDS API. In the above approach, a gateway or workload deployment should only be able to access credentials (TLS certificates and private keys) stored in the Kubernetes secrets within its namespace. However, a bug in Istiod permits an authorized client the ability to access and retrieve any TLS certificate and private key cached in Istiod.

A leading analyst has warned big, non-tech companies against database deployments in the Kubernetes, dubbing the approach as “emerging technology” for enterprises. While developers might want the flexibility and agility the stateless container orchestrator promised, Carl Olofson, research vice president, data management software, IDC urged caution with enterprise deployments. Speaking at the Postgres Vision 2021 conference this week, the seasoned database expert said: “You really need to make sure you're using functions that are well established. You want to be conservative. Kubernetes is open source, so the updates and the testing and all that, follows a rather slow formal process from the time that submission comes to the timer that goes out. Kubernetes is still rapidly evolving. Like any technology: if you're trying to commit your enterprise to functions that run on an emerging technology, then you are accepting some risks.”

The most recent Cloud Native Computing Foundation (CNCF) End User Technology Radar, focusing on multicluster management, finds that cluster management is complex with no clearly defined path to success. This announcement may come as no surprise to those involved, but the findings and methodology still shed light on the growth and development of the Kubernetes ecosystem. The CNCF Technology Radar, according to the website, acts as “an opinionated guide to a set of emerging technologies” and is intended for a technical audience that wants to know which cloud-native solutions end users use and recommend.

We are incredibly proud to announce the beginning of the Impish Indri wallpaper competition! (That’s the code name for Ubuntu 21.10) You can submit your artwork and read the rules over on the Ubuntu discourse. Every new release of Ubuntu comes pre-loaded with new background images that users can select ‘out of the box’. For the Ubuntu Impish Indri release, we are running a competition for members of the community to get their artwork baked into an Ubuntu release, forever.

Games: Developing on GNU/Linux, FidelityFX, and Steam on Chrome OS Developing Games on Linux: An Interview with Little Red Dog GamesLittle Red Dog Games is an indie... Little Red Dog Games is an indie game developer that primarily uses Godot to create games such as Deep Sixed, Precipice, and their latest game, Rogue State Revolution. To learn more about their experience developing games in Linux, we sat down for an interview with CEO Ryan Hewer and Lead Programmer, Denis Comtesse. Tell us a little about Little Red Dog Games. How did you come into being as a company? Ryan: We’ve been around for the better part of a decade now—I’d say maybe 8 years. We’re based out of northern New York, and Denis resides in Germany. We started off as a hobby business making point-and-click adventure games and playing around with various tools that are out there. With every product we said, alright, well what if we take it a little bit further? What if we push ourselves a little bit more? Then we started taking on increasingly ambitious games.

Valve's Dota 2 Adds AMD FidelityFX Super Resolution - Phoronix Valve's Dota 2 game is the latest adding support for AMD FidelityFX Super Resolution and the first time having a Linux-native game support FSR for enhanced image upscaling. Wednesday's update to Dota 2 brings support for FidelityFX Super Resolution, which FSR launched this week as AMD's alternative to NVIDIA DLSS. Dota 2 FSR works when using the game's Direct3D 11 or Vulkan renderers -- basically no OpenGL, due to FSR itself only catering to these newer graphics APIs.

Steam on Chrome OS is so close I can taste it It has been well over a year since Google’s Director of Product Management, Kan Liu, tipped the news that Google and Valve were working together to bring a native Steam gaming experience to Chrome OS. In that time, a lot of work has been done in preparation for what we believe could see ‘Borealis‘ launching as early as Q3 of this year. In its current state, Steam will actually install and run just fine on most Linux-enabled Chromebooks but the gameplay is still a bit shoddy even on titles that aren’t very graphics intensive. Over the past few months, I have spent more time than I probably should have tinkering to see if I could get the Borealis app installed on various Chromebooks. This week, I made some headway, albeit minimal. After a few Developer Mode antics and some code acrobatics, I was able to get the Borealis app installed on my Chromebook and above, we finally have our first look at the initial installation screen for the Steam container. Sadly, as the second image denotes, the installation process throws an error for missing permissions. This wasn’t too much of a surprise considering the ongoing work being done on the project. Borealis has its own set of DLC(downloadable content) that is required for the setup process and my guess is that this content is still gated on the server-side. Then, there’s another missing piece that will be needed to make this experience fully viable on Chrome OS and that piece is Vulkan.