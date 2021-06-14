Language Selection

IBM/Red Hat/Fedora Leftovers

Submitted by Roy Schestowitz on Thursday 24th of June 2021 10:43:08 PM
Red Hat

  • Red Hat Rewrites the Business Automation Playbook with End-to-End Kubernetes-Native Decision Management Capabilities

    Red Hat, Inc., the world's leading provider of open source solutions, today announced new end-to-end Kubernetes-native decision management capabilities as part of the latest release of Red Hat Process Automation. Based on the open source Kogito project, the new capabilities enable individual business decisions to be created and deployed as containerized microservices that are managed by Kubernetes alongside other containers in the application environment, reducing redundancy and the footprint of traditional decision management systems when deploying in cloud-native environments like Red Hat OpenShift.

  • Automakers Race to the IoT and Manufacturing Edge | IT Pro

    Thanks to increased demand for internet-connected cars, autos are driving the manufacturing edge with robotics-driven automation during assembly.

  • Open Data Hub: A Meta Project for AI/ML Work

    Open source software is a critical resource in data science today, but integrating the various open source products together can be a complex task. This is what drove Red Hat to develop Open Data Hub, which brings over two dozen commonly used tools together into a single cohesive framework that simplifies access to AI and machine learning capabilities for data professionals.

    Open Data Hub (ODH) originated about five years ago as an internal Red Hat project to simply store large amounts of data so that it was accessible for data scientists to build models, according to Will McGrath, a senior principal product marketing manager at Red Hat. In Red Hat’s case, the engineers chose Ceph, the S3-compatbile object storage system.

    After getting a handle on the storage aspect of the data, Red Hat’s team then brought a handful of tools into the equation, starting with Jupyter, Apache Spark, and TensorFlow. The system supported internal Red Hat use cases, such as analyzing log files from customer complaints or for searching the internal knowledgebase, McGrath says.

    Eventually, word of ODH’s existence leaked out to a handful of Red Hat customers, who expressed an interest in trying out the software, he says. In 2018, the company made the decision to turn ODH into a full-fledged open source project that could be downloaded and used by the general public, as well as contributed to from the open source community. You can see a short history of the product in this Red Hat video.

    Today, Red Hat bills ODH as “a blueprint for building an AI as a service platform.” It follows a general workflow that will be familiar to data professionals, starting with data storage and data ingestion; leading to data analysis, model building; and model training; followed by model validation, deployment, and model serving; with ongoing monitoring and optimization.

  • Red Hat shares roadmaps for OpenShift Application Services

    Red Hat OpenShift API Management is a hosted API management service for microservices-based applications. It has three main components: API Manager, API Gateway, and single sign-on based on Red Hat SSO. It is available today as an add-on to Red Hat OpenShift Dedicated as well as on the new Red Hat OpenShift Service on AWS, which became generally available in April. It achieved PCI compliance certification in May of this year.

    The planned roadmap for the next year includes additional compliance certifications such as ISO, SOC2, and FedRAMP, API monetization, an API registry for storing open API definitions, support for additional cloud providers including Azure Red Hat OpenShift, Google Cloud Platform, and IBM Cloud (ROKS). Self-managed service integration using Istio and Knative is in the cards, as is the addition of features for high throughput customers.

  • Upgraded LoRaWAN gateway adds Node-RED support

    ICP Germany has upgraded its “UG65” LoRaWAN gateway to add Node-RED support. The unit supports 8 simultaneous LoRa channels and more than 2,000 LoRaWAN nodes, along with Ethernet, Wi-Fi and cellular (optional) connectivity.

    We missed covering ICP Germany’s UG65 LoRaWAN gateway when it was first announced in mid-March. Now the company has upgraded the UG65 with new features. With the firmware update to version 60.0.0.35, the UG65 LoRaWAN gateway adds support for Node-RED and provides LoRa class updates.

    Developed by IBM, Node-RED is a programming interface that can be used to connect hardware, interfaces and services from the IoT. According to ICP, this feature makes the UG65 more attractive to developers of Smart applications. Target applications for the unit include IoT systems, Smart Infrastructure, sensor-to-cloud systems and Smart Agriculture.

  • 4 change management strategies for the hybrid work era

    In addition to expediting long-planned platform migrations and digital transformations, the pandemic forced most businesses to undergo involuntary changes, testing their abilities to deploy and manage these transitions quickly and effectively.

    As the world adjusts to the next normal in 2021, business leaders can anticipate more change as they accommodate hybrid work. According to PwC’s U.S. Remote Work Survey, 75 percent of executives expect half of their employees to return to the office by July of this year. These business leaders view the in-person experience as essential to maintaining company culture: Only 5 percent of respondents believe that culture can be maintained without employees in the office.

  • Application analysis in the DevSecOps life cycle

    June is application analysis month in the Red Hat’s monthly Security series! Beginning in March 2021, the Red Hat Security Ecosystem team has provided an introduction to a DevOps Security topic in a monthly fashion to help you learn how Red Hat weaves together DevOps and Security to master the force called DevSecOps. We explain how to assemble Red Hat products and our security ecosystem partners to aid in your journey to deploying a comprehensive DevSecOps solution.

  • New ecosystem opportunities at the service provider edge

    Edge computing, which locates services closer to consumers and data sources, can help enable applications and use cases in which real-time processing, low latency, and a corresponding boost in the Quality of Experience (QoE) are critical.

    In our previous post, Industry trends from the ever evolving service provider edge, we noted that service providers (SPs) are in an ideal situation to take advantage of the edge computing shift. Along with their traditional strengths in building networks, connectivity, physical location(s), and existing data consumption and management models, SPs are well positioned to develop partnerships and ecosystems to create new revenue streams.

  • Fedora Linux 34 Release Party videos available now – Fedora Community Blog

    The Fedora Project had a successful Fedora Linux 34 Release Party on April 30th & May 1st, 2021. The Release Party had nearly 500 registrations with a 78% turnout rate, which is above Hopin’s calculated industry average. As promised, the Mindshare Committee wrapped up the video editing: the recordings of the sessions are now up on Youtube as a playlist for your perusal. Feel free to share this series of videos on the latest and greatest in the Fedora community!

Ubuntu 21.10 Wallpaper Competition

  • Ubuntu 21.10 Wallpaper Competition

    We are incredibly proud to announce the beginning of the Impish Indri wallpaper competition! (That’s the code name for Ubuntu 21.10) You can submit your artwork and read the rules over on the Ubuntu discourse. Every new release of Ubuntu comes pre-loaded with new background images that users can select ‘out of the box’. For the Ubuntu Impish Indri release, we are running a competition for members of the community to get their artwork baked into an Ubuntu release, forever.

  • The Ubuntu Wallpaper Contest is Back After 2 Year Break

    After a two year break, the Ubuntu community team is reviving and refreshing this much-loved staple of the Ubuntu release cycle. Artists, graphic designers, illustrators, photographers, and anyone else with creative flair can contribute artwork for potential inclusion in the Ubuntu 21.10 “Impish Indri” release this autumn.

Kubernetes News and Istio Flaw Patched

  • No Silver Bullet for Kubernetes Multicluster Management

    The most recent Cloud Native Computing Foundation (CNCF) End User Technology Radar, focusing on multicluster management, finds that cluster management is complex with no clearly defined path to success. This announcement may come as no surprise to those involved, but the findings and methodology still shed light on the growth and development of the Kubernetes ecosystem. The CNCF Technology Radar, according to the website, acts as “an opinionated guide to a set of emerging technologies” and is intended for a technical audience that wants to know which cloud-native solutions end users use and recommend.

  • Enterprise databases deployed in Kubernetes? Proceed with caution, warns seasoned analyst

    A leading analyst has warned big, non-tech companies against database deployments in the Kubernetes, dubbing the approach as “emerging technology” for enterprises. While developers might want the flexibility and agility the stateless container orchestrator promised, Carl Olofson, research vice president, data management software, IDC urged caution with enterprise deployments. Speaking at the Postgres Vision 2021 conference this week, the seasoned database expert said: “You really need to make sure you're using functions that are well established. You want to be conservative. Kubernetes is open source, so the updates and the testing and all that, follows a rather slow formal process from the time that submission comes to the timer that goes out. Kubernetes is still rapidly evolving. Like any technology: if you're trying to commit your enterprise to functions that run on an emerging technology, then you are accepting some risks.”

  • ISTIO-SECURITY-2021-007

    The Istio Gateway and DestinationRule can load private keys and certificates from Kubernetes secrets via the credentialName configuration. For Istio 1.8 and above, the secrets are conveyed from Istiod to gateways or workloads via the XDS API. In the above approach, a gateway or workload deployment should only be able to access credentials (TLS certificates and private keys) stored in the Kubernetes secrets within its namespace. However, a bug in Istiod permits an authorized client the ability to access and retrieve any TLS certificate and private key cached in Istiod.

  • Announcing Istio 1.9.6

    This release fixes the security vulnerabilities described in our June 24th post, ISTIO-SECURITY-2021-007 as well as a few minor bug fixes to improve robustness. This release note describes what’s different between Istio 1.9.5 and Istio 1.9.6.

  • Announcing Istio 1.10.2

    This release fixes the security vulnerabilities described in our June 24th post, ISTIO-SECURITY-2021-007 as well as a few minor bug fixes to improve robustness. This release note describes what’s different between Istio 1.10.1 and 1.10.2.

Games: Developing on GNU/Linux, FidelityFX, and Steam on Chrome OS

  • Developing Games on Linux: An Interview with Little Red Dog GamesLittle Red Dog Games is an indie...

    Little Red Dog Games is an indie game developer that primarily uses Godot to create games such as Deep Sixed, Precipice, and their latest game, Rogue State Revolution. To learn more about their experience developing games in Linux, we sat down for an interview with CEO Ryan Hewer and Lead Programmer, Denis Comtesse. Tell us a little about Little Red Dog Games. How did you come into being as a company? Ryan: We’ve been around for the better part of a decade now—I’d say maybe 8 years. We’re based out of northern New York, and Denis resides in Germany. We started off as a hobby business making point-and-click adventure games and playing around with various tools that are out there. With every product we said, alright, well what if we take it a little bit further? What if we push ourselves a little bit more? Then we started taking on increasingly ambitious games.

  • Valve's Dota 2 Adds AMD FidelityFX Super Resolution - Phoronix

    Valve's Dota 2 game is the latest adding support for AMD FidelityFX Super Resolution and the first time having a Linux-native game support FSR for enhanced image upscaling. Wednesday's update to Dota 2 brings support for FidelityFX Super Resolution, which FSR launched this week as AMD's alternative to NVIDIA DLSS. Dota 2 FSR works when using the game's Direct3D 11 or Vulkan renderers -- basically no OpenGL, due to FSR itself only catering to these newer graphics APIs.

  • Steam on Chrome OS is so close I can taste it

    It has been well over a year since Google’s Director of Product Management, Kan Liu, tipped the news that Google and Valve were working together to bring a native Steam gaming experience to Chrome OS. In that time, a lot of work has been done in preparation for what we believe could see ‘Borealis‘ launching as early as Q3 of this year. In its current state, Steam will actually install and run just fine on most Linux-enabled Chromebooks but the gameplay is still a bit shoddy even on titles that aren’t very graphics intensive. Over the past few months, I have spent more time than I probably should have tinkering to see if I could get the Borealis app installed on various Chromebooks. This week, I made some headway, albeit minimal. After a few Developer Mode antics and some code acrobatics, I was able to get the Borealis app installed on my Chromebook and above, we finally have our first look at the initial installation screen for the Steam container. Sadly, as the second image denotes, the installation process throws an error for missing permissions. This wasn’t too much of a surprise considering the ongoing work being done on the project. Borealis has its own set of DLC(downloadable content) that is required for the setup process and my guess is that this content is still gated on the server-side. Then, there’s another missing piece that will be needed to make this experience fully viable on Chrome OS and that piece is Vulkan.

Security Leftovers

  • Security updates for Thursday

    Security updates have been issued by Mageia (apache-mod_auth_openidc, bind, bluez, cifs-utils, ffmpeg, gnome-autoar, guacd, kernel, kernel-linus, qtwebsockets5, slic3r, tunnel, wavpack, wireshark, and xscreensaver), openSUSE (apache2, cryptctl, go1.15, libnettle, python-rsa, salt, thunderbird, wireshark, libvirt, sbc, libqt5-qtmultimedia, xstream, and xterm), and SUSE (cryptctl, freeradius-server, libnettle, and libsolv).

  • Splunk Security Cloud Now Generally Available [Ed: But this is proprietary software]

    Splunk has announced the new Splunk Security Cloud, the data-centric modern security operations platform that delivers enterprise-grade advanced security analytics, automated security operations, and integrated threat intelligence with an open ecosystem.

  • Have a Dell desktop or laptop? You should upgrade your firmware now

    Even with Secure Boot enabled it seems it doesn't really help and affects at least 129 different models of Dell laptops, tablets, and desktops. Eclypsium estimate around 30 million devices will be affected by this. It doesn't specifically state it's an issue for Linux and does mention Windows explicitly but the point is the same, you'll be vulnerable if you don't ensure you're up to date. The series of issues allows a "privileged network attacker to gain arbitrary code execution within the BIOS of vulnerable machines".

  • Dell BIOS/UEFI Under Attack From New Vulnerabilities - Use FWUPD For The Latest Updates - Phoronix

    For those wondering about the recent skyrocketing in LVFS/FWUPD usage for Linux firmware updates, it appears to be attributed to Dell pushing out a massive number of updates with more than one hundred models impacted by newly-disclosed BIOS/UEFI vulnerabilities. [...] Dell has been publishing updated BIOS/UEFI for not only their Windows customers but also posting the new firmware to LVFS so it can be deployed quickly on Linux. Those with Dell desktops and laptops should run sudo fwupdmgr update as soon as possible.

  • Report picks holes in the Linux kernel release signing process

    A report looking into the security of the Linux kernel's release signing process has highlighted a range of areas for improvement, from failing to mandate the use of hardware security keys for authentication to use of static keys for SSH access. The Linux kernel is at the heart of a wealth of modern technology, from embedded gadgets and network equipment all the way up to supercomputers. Its broad deployment makes it a tempting target for ne'er-do-wells, as was made all-too-obvious in 2011 when attackers gained root access to key servers used in its development and distribution.

