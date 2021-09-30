Fedora and IBM/Red Hat Leftovers
How to build a home lab to learn new Linux skills | Enable Sysadmin
Most IT people learn by doing. Creating a Linux home-lab environment puts you in a position to accomplish a series of tasks.
Bring your Kubernetes workloads to the edge
Although cloud-based applications continue to grow, some use cases require moving workloads out of cloud data centers. The reason is usually to keep your computing power closer to the users, the source of data, or other things you want to control. Instead of running these workloads as separate entities, you might want to create uniform systems, extending clouds to the edge. This technique is known as edge computing.
The past few years have seen a proliferation of edge computing infrastructure. Today you have a wealth of options, from running containers directly in container runtimes (such as Podman), to joining nodes to Kubernetes clusters, to running whole lightweight Kubernetes distributions on edge nodes.
As infrastructure becomes widely accessible, developers need to think through the edge computing journey. An important question in this arena is, How do we build our workloads for this new world? This article discusses the current state of tools for managing containers at the edge, including what WebAssembly (also known as Wasm) offers in this domain and what to expect from the field of edge computing in the near future.
The NeuroFedora Blog: Next Open NeuroFedora meeting: 22 November 1300 UTC
IT leadership: 3 CIO priorities in 2022
Every CIO is beginning to make plans for 2022. While there is always an overwhelming list of things to achieve, strategic CIOs can focus on these three key areas to guide their organization forward in the coming year:
Digital transformation: 4 ways to create a sense of urgency
In the last 18 months, entire industries were pushed to make decisions in days that would typically be debated and planned for months or even years. Customer-facing brands, in particular, were forced to cope with rapid, unpredictable changes in supply, demand, and logistics.
Adding to these challenges, a recent survey found that nearly 40 percent of respondents give a business only one chance to provide a satisfactory digital experience before moving to another supplier. With just one opportunity to make a lasting impression, many enterprises have made it a top business priority to create more personalized customer experiences.
Here are four key actions that will bring increased urgency to your digital transformation strategies.
Apple and Microsoft Leftovers
On CVE-2019-5021
A few years ago, it was discovered that the root account was not locked out in Alpine’s Docker images. This was not the first time that this was the case, an actually exploitable case of this was first fixed with a hotfix in 2015, but when the hotfix was replaced with appropriate use of /etc/securetty, the regression was inadvertently reintroduced for some configurations. It should be noted that I said some configurations there. Although CVE-2019-5021 was issued a CVSSv2 score of 9.8, in reality I have yet to find any Alpine-based docker image that is actually vulnerable to CVE-2019-5021. Of course, this doesn’t mean that Alpine shouldn’t have been locking out the root user on its minirootfs releases: that was a mistake, which I am glad was quickly rectified. Lately, however, there have been a few incidents involving CVE-2019-5021 involving less than honest actors in the security world. For example, a person named Donghyun Lee started mass-filing CVEs against Alpine-based images without actually verifying if the image was vulnerable or not, which Jerry Gamblin called out on Twitter last year. Other less than honest actors, have focused instead on attempting to use CVE-2019-5021 to sell their remediation solutions, implying a risk of vulnerability, where most likely none actually exists.
Claws Mail 4 in experimental
A full month has passed since Claws Mail 4.0.0 was uploaded to Debian experimental, and, somewhat surprisingly, I've received no bug report about it. This of course can be either because nobody has been brave enough to install it or because well, it works really nice. For those who don't know what I'm talking about, just note that this version is the first Debian upload for the GTK+3 version of Claws Mail. There was an initial upstream release, namely 3.99, but it was less polished and also I was very busy, so I decided not to upload it. Since then I've been using git's 'gtk3' branch daily without problems, so, for me, it's as stable as its GTK+2 counterpart. There's still some rough edges, of course.
Run your Ubuntu in US Government Clouds
In August 2016, the United States government announced a new federal source-code policy, which mandates that at least 20% of custom source code developed by or for any agency of the federal government must be released as open-source software (OSS). The memo of this policy also states that the Federal Government spends more than $6 billion each year on software through more than 42,000 transactions. Obviously, this is a huge business for all open-source developers. The question is “how can you get the business from the Federal Government?” The answer is FIPS. Federal Information Processing Standards (FIPS) are standards and guidelines for federal computer systems that are developed by National Institute of Standards and Technology (NIST). Certain federal-related applications are required to be FIPS compliant, and many non-government organizations also follow FIPS standards. Ubuntu Pro provides you with cryptographic packages that are tested and attested by atsec Information Security, a NIST accredited laboratory. And Google automatically encrypts traffic between VMs that travels between Google data centers using FIPS 140-2 validated encryption. Your workloads can easily be FIPS compliant if you properly deploy your workloads on Ubuntu Pro in Google Cloud. Ubuntu 18.04 Pro offers you two FIPS options: FIPS and FIPS-updates. Let’s SSH into your Ubuntu Pro virtual machine. If you haven’t yet upgraded your Ubuntu LTS to Ubuntu Pro, please follow this tutorial. In less than One Minute, you will be able to get your Ubuntu Pro machine without losing any of your mission-critical workloads. Also: History of Open Source Identity Management (part 2)
