Language Selection

English French German Italian Portuguese Spanish

Server

Announcing Oracle Solaris 11.4 SRU12

Filed under
OS
Server

Today we are releasing the SRU 12 for Oracle Solaris 11.4. It is available via 'pkg update' from the support repository or by downloading the SRU from My Oracle Support Doc ID 2433412.1.

Read more

Also: Oracle Solaris 11.4 SRU12 Released - Adds GCC 9.1 Compiler & Python 3.7

Replicating Particle Collisions at CERN with Kubeflow

Filed under
Server
OSS
Ubuntu

This is where Kubeflow comes in. They started by training their 3DGAN on an on-prem OpenStack cluster with 4 GPUs. To verify that they were not introducing overhead by using Kubeflow, they ran training first with native containers, then on Kubernetes, and finally on Kubeflow using the MPI operator. They then moved to an Exoscale cluster with 32 GPUs and ran the same experiments, recording only negligible performance overhead. This was enough to convince them that they had discovered a flexible, versatile means of deploying their models to a wide variety of physical environments.

Beyond the portability that they gained from Kubeflow, they were especially pleased with how straightforward it was to run their code. As part of the infrastructure team, Ricardo plugged Sofia’s existing Docker image into Kubeflow’s MPI operator. Ricardo gave Sofia all the credit for building a scalable model, whereas Sofia credited Ricardo for scaling her team’s model. Thanks to components like the MPI operator, Sofia’s team can focus on building better models and Ricardo can empower other physicists to scale their own models.

Read more

Also: Issue #2019.08.19 – Kubeflow at CERN

Fedora and Red Hat: New F30 Builds, Flock Report, Servers and Package Management Domain Model

Filed under
Red Hat
Server
  • Ben Williams: F30-20190818 updated isos released.

    The Fedora Respins SIG is pleased to announce the latest release of Updated F30-20190816 Live ISOs, carrying the 5.2.8-200 kernel.

    This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have 1.2GB of updates)).

    A huge thank you goes out to irc nicks dowdle, satellite,Southern-Gentlem for testing these iso.

  • Flock to Fedora 2019 Conference report

    Last week I attended “Flock to Fedora” conference in Budapest, Hungary. It was a Fedora contributors conference where I met some developers, project leaders, GSoC interns. Below is a brief report of my attendance.

  • What salary can a sysadmin expect to earn?

    The path to reliable salary data sometimes is sometimes paved with frustration. That’s because the honest answer to a reasonable question—what should I be paid for this job?—is usually: "It depends."

    Location, experience, skill set, industry, and other factors all impact someone’s actual compensation. For example, there’s rarely a single, agreed-upon salary for a particular job title or role.

    All of the above applies to system administrators. It’s a common, long-established IT job that spans many industries, company sizes, and other variables. While sysadmins may share some common fundamentals, it’s certainly not a one-size-fits-all position, and it’s all the truer as some sysadmin roles evolve to take on cloud, DevOps, and other responsibilities.

    What salary can you expect to earn as a sysadmin? Yeah, it depends. However, that doesn’t mean you can’t get a clear picture of what sysadmin compensation looks like, including specific numbers. This is information worth having handy if you’re a sysadmin on the job market or seeking a promotion.

    Let’s start with some good news from a compensation standpoint. Sysadmins—like other IT pros these days—are in demand.

    "In today’s business environment, companies are innovating and moving faster than ever before, and they need systems that can keep up with the pace of their projects and communications, as well as help everything run smoothly," says Robert Sutton, district president for the recruiting firm Robert Half Technology. "That’s why systems administrators are among the IT professionals who can expect to see a growing salary over the next year or so."

  • Run Mixed IT Efficiently, The Adient – SUSE Way.

    When you have multiple distributions, such as Red Hat and SUSE, you can reduce administration complexity and save administration time and resources with a common management tool. Adient had applications running on both SUSE Linux Enterprise Server and Red Hat Enterprise Linux. Adient deployed SUSE Manager to manage their Mixed IT environment involving both distributions.

  • Package Management Domain Model

    When I wrote this model, we were trying to unify a few different sorts of packages. Coming from SpaceWalk, part of the team was used to wokring on RPMS with the RPM Database for storage, and Yum as the mechanism for fetching them. The other part of the team was coming from the JBoss side, working with JAR, WAR, EAR and associated files, and the Ivy or Maven building and fetching the files.

    We were working within the context of the Red Hat Network (as it was then called) for delivering content to subscribers. Thus, we had the concept of Errata, Channels, and Entitlements which are somewhat different from what other organizations call these things, but the concepts should be general enough to cover a range of systems.

    There are many gaps in this diagram. It does not discuss the building of packages, nor the relationship between source and binary packages. It also does not provide a way to distinguish between the package storage system and the package fetch mechanism.

    But the bones are solid. I’ve used this diagram for a few years, and it is useful.

Apache: Self Assessment and Security

Filed under
Server
OSS
  • The Apache® Software Foundation Announces Annual Report for 2019 Fiscal Year

    The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the availability of the annual report for its 2019 fiscal year, which ended 30 April 2019.

  • Open Source at the ASF: A Year in Numbers

    332 active projects, 71 million lines of code changed, 7,000+ committers…

    The Apache Software Foundation has published its annual report for fiscal 2019. The hub of a sprawling, influential open source community, the ASF remains in rude good health, despite challenges this year including the need for “an outsized amount of effort” dealing with trademark infringements, and “some in the tech industry trying to exploit the goodwill earned by the larger Open Source community.”

    [...]

    The ASF names 10 “platinum” sponsors: AWS, Cloudera, Comcast, Facebook, Google, LeaseWeb, Microsoft, the Pineapple Fund, Tencent Cloud, and Verizon Media

  • Apache Software Foundation Is Worth $20 Billion

    Yes, Apache is worth $20 billion by its own valuation of the software it offers for free. But what price can you realistically put on open source code?

    If you only know the name Apache in connection with the web server then you are missing out on some interesting software. The Apache Software Foundation ASF, grew out of the Apache HTTP Server project in 1999 with the aim of furthering open source software. It provides a licence, the Apache licence, a decentralized governance and requires projects to be licensed to the ASF so that it can protect the intellectual property rights.

  • Apache Security Advisories Red Flag Wrong Versions in Patching Gaffe

    Researchers have pinpointed errors in two dozen Apache Struts security advisories, which warn users of vulnerabilities in the popular open-source web app development framework. They say that the security advisories listed incorrect versions impacted by the vulnerabilities.

    The concern from this research is that security administrators in companies using the actual impacted versions would incorrectly think that their versions weren’t affected – and would thus refrain from applying patches, said researchers with Synopsys who made the discovery, Thursday.

    “The real question here from this research is whether there remain unpatched versions of the newly disclosed versions in production scenarios,” Tim Mackey, principal security strategist for the Cybersecurity Research Center at Synopsys, told Threatpost. “In all cases, the Struts community had already issued patches for the vulnerabilities so the patches exist, it’s just a question of applying them.”

Cockpit and the evolution of the Web User Interface

Filed under
Server

This article only touches upon some of the main functions available in Cockpit. Managing storage devices, networking, user account, and software control will be covered in an upcoming article. In addition, optional extensions such as the 389 directory service, and the cockpit-ostree module used to handle packages in Fedora Silverblue.

The options continue to grow as more users adopt Cockpit. The interface is ideal for admins who want a light-weight interface to control their server(s).

Read more

Server: Managing GNU/Linux Servers and Cost of Micro-services Complexity

Filed under
Server
  • Keeping track of Linux users: When do they log in and for how long?

    The Linux command line provides some excellent tools for determining how frequently users log in and how much time they spend on a system. Pulling information from the /var/log/wtmp file that maintains details on user logins can be time-consuming, but with a couple easy commands, you can extract a lot of useful information on user logins.

  • Daily user management tasks made easy for every Linux administrator

    In this article, we will be going over some tasks that a Linux administrator may need to perform daily related to user management.

  • The cost of micro-services complexity

    It has long been recognized by the security industry that complex systems are impossible to secure, and that pushing for simplicity helps increase trust by reducing assumptions and increasing our ability to audit. This is often captured under the acronym KISS, for "keep it stupid simple", a design principle popularized by the US Navy back in the 60s. For a long time, we thought the enemy were application monoliths that burden our infrastructure with years of unpatched vulnerabilities.

    So we split them up. We took them apart. We created micro-services where each function, each logical component, is its own individual service, designed, developed, operated and monitored in complete isolation from the rest of the infrastructure. And we composed them ad vitam æternam. Want to send an email? Call the rest API of micro-service X. Want to run a batch job? Invoke lambda function Y. Want to update a database entry? Post it to A which sends an event to B consumed by C stored in D transformed by E and inserted by F. We all love micro-services architecture. It’s like watching dominoes fall down. When it works, it’s visceral. It’s when it doesn’t that things get interesting. After nearly a decade of operating them, let me share some downsides and caveats encountered in large-scale production environments.

    [...]

    And finally, there’s security. We sure love auditing micro-services, with their tiny codebases that are always neat and clean. We love reviewing their infrastructure too, with those dynamic security groups and clean dataflows and dedicated databases and IAM controlled permissions. There’s a lot of security benefits to micro-services, so we’ve been heavily advocating for them for several years now.

    And then, one day, someone gets fed up with having to manage API keys for three dozen services in flat YAML files and suggests to use oauth for service-to-service authentication. Or perhaps Jean-Kevin drank the mTLS Kool-Aid at the FoolNix conference and made a PKI prototype on the flight back (side note: do you know how hard it is to securely run a PKI over 5 or 10 years? It’s hard). Or perhaps compliance mandates that every server, no matter how small, must run a security agent on them.

Announcing Oracle Linux 7 Update 7

Filed under
GNU
Linux
Red Hat
Server

Oracle is pleased to announce the general availability of Oracle Linux 7 Update 7. Individual RPM packages are available on the Unbreakable Linux Network (ULN) and the Oracle Linux yum server. ISO installation images will soon be available for download from the Oracle Software Delivery Cloud and Docker images will soon be available via Oracle Container Registry and Docker Hub.

Read more

Also: Oracle Linux 7 Update 7 Released

Server: Kata Containers in Tumbleweed, Ubuntu on 'Multi' 'Cloud', and Containers 101

Filed under
Server
  • Kubic Project: Kata Containers now available in Tumbleweed

    Kata Containers is an open source container runtime that is crafted to seamlessly plug into the containers ecosystem.

    We are now excited to announce that the Kata Containers packages are finally available in the official openSUSE Tumbleweed repository.

    It is worthwhile to spend few words explaining why this is a great news, considering the role of Kata Containers (a.k.a. Kata) in fulfilling the need for security in the containers ecosystem, and given its importance for openSUSE and Kubic.

  • Why multi-cloud has become a must-have for enterprises: six experts weigh in

    Remember the one-size-fits-all approach to cloud computing? That was five years ago. Today, multi-cloud architectures that use two, three, or more providers, across a mix of public and private platforms, are quickly becoming the preferred strategy at most companies.

    Despite the momentum, pockets of hesitation remain. Some sceptics are under the impression that deploying cloud platforms and services from multiple vendors can be a complex process. Others worry about security, regulatory, and performance issues.

  • Containers 101: Containers vs. Virtual Machines (And Why Containers Are the Future of IT Infrastructure)

    What exactly is a container and what makes it different -- and in some cases better -- than a virtual machine?

Server: Surveillance Computing, Kubernetes Ingress, MongoDB 4.2, Linux Foundation on 'DevOps'

Filed under
Server
  • Linux and Cloud Computing: Can Pigs Fly? Linux now Dominates Microsoft Azure Servers [Ed: This is not about "Linux" dominating Microsoft but Microsoft trying to dominate GNU/Linux]

    Over the last five years things have changed dramatically at Microsoft. Microsoft has embraced Linux. Earlier in the year, Sasha Levin, Microsoft Linux kernel developer, said that now more than half of the servers in Microsoft Azure are running Linux.

  • Google Cloud Adds Compute, Memory-Intensive VMs

    Google added virtual machine (VM) types on Google Compute Engine including second-generation Intel Xeon scalable processor machines and new VMs for compute- and memory-heavy applications.

  • Kubernetes Ingress

    On a similar note, if your application doesn’t serve a purpose outside the Kubernetes cluster, does it really matter whether or not your cluster is well built? Probably not.

    To give you a concrete example, let’s say we have a classical web app composed of a frontend written in Nodejs and a backend written in Python which uses MySQL database. You deploy two corresponding services on your Kubernetes cluster.

    You make a Dockerfile specifying how to package the frontend software into a container, and similarly you package your backend. Next in your Kubernetes cluster, you will deploy two services each running a set of pods behind it. The web service can talk to the database cluster and vice versa.

  • MongoDB 4.2 materialises with $merge operator and indexing help for unstructured data messes

    Document-oriented database MongoDB is now generally available in version 4.2 which introduces enhancements such as on-demand materialised views and wildcard indexing.

    Wildcard indexing can be useful in scenarios where unstructured, heterogeneous datasets make creating appropriate indexes hard. Admins can use the function to create a filter of sorts that matches fields, arrays, or sub-documents in a collection, and adds the hits to a sparse index.

    [...]

    Speaking of cloud, last year MongoDB decided to step away from using the GNU Affero General Public License for the Community Edition of its database and switched to an altered version. The Server-Side Public License is meant to place a condition – namely, to open source the code used to serve the software from the cloud – on offering MongoDB as a service to clients.

  • Announcing New Course: DevOps and SRE Fundamentals-Implementing Continuous Delivery

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced today that enrollment is now open for the new DevOps and SRE Fundamentals – Implementing Continuous Delivery eLearning course. The course will help an organization be more agile, deliver features rapidly, while at the same time being able to achieve non-functional requirements such as availability, reliability, scalability, security, etc.

    According to Chris Aniszczyk, CTO of the Cloud Native Computing Foundation, “The rise of cloud native computing and site reliability engineering are changing the way applications are built, tested, and deployed. The past few years have seen a shift towards having Site Reliability Engineers (SREs) on staff instead of just plain old sysadmins; building familiarity with SRE principles and continuous delivery open source projects are an excellent career investment.”

Server Side: IBM, Apache and CNCF

Filed under
Server
  • Take Your Time With IBM Stock as it Digests its Behemoth Linux Maker Deal

    Prior to the Red Heat deal, IBM was treading water. The company released earnings on July 17. For the second quarter of 2019, revenue was down year-over-year. Sales were $19.1 billion, down from $20 billion in the prior year’s quarter. The company’s Cloud and Business Services unit saw slight growth (5% and 3% YoY, respectively), but declines in the Global Technology Services and Systems units countered this improvement. Despite this slight revenue slip, IBM managed to keep quarterly operating income steady at ~$2.8 billion.

    The Red Hat deal adds a variety of growth catalysts to the International Business Machines story. For one thing, the acquisition makes IBM a bigger player in the $1 trillion cloud computing space. The deal is expected to accelerate revenue growth and improve gross margins. The deal is also very synergistic. IBM can now sell Red Hat’s suite of solutions to their existing customer base. With IBM’s global reach, the company could expand Red Hat’s business better than Red Hat would have done as an independent company.

  • Apache Software Foundation's Code-Base Valued At $20 Billion USD

    The Apache Software Foundation has published their 2019 fiscal year report highlighting their more than 350 open-source projects/initiatives and this also marks their 20th anniversary. 

    The Apache Software Foundation's 2019 report values their code-base at more than $20 billion USD using the COCOMO 2 model for estimating. Though for their 2019 fiscal year the foundation turned a profit of $585k USD thanks to sponsors. There are more than 190 million lines of code within Apache repositories. 

  • 9 open source cloud native projects to consider

    I mean, just look at that! And this is just a start. Just as NodeJS’s creation sparked the explosion of endless JavaScript tools, the popularity of container technology started the exponential growth of cloud-native applications.

    The good news is that there are several organizations that oversee and connect these dots together. One is the Open Containers Initiative (OCI), which is a lightweight, open governance structure (or project), "formed under the auspices of the Linux Foundation for the express purpose of creating open industry standards around container formats and runtime." The other is the CNCF, "an open source software foundation dedicated to making cloud native computing universal and sustainable."

    In addition to building a community around cloud-native applications generally, CNCF also helps projects set up structured governance around their cloud-native applications. CNCF created the concept of maturity levels—Sandbox, Incubating, or Graduated—which correspond to the Innovators, Early Adopters, and Early Majority tiers on the diagram below.

Syndicate content

More in Tux Machines

Security: Sphinx, Ransomware, Webmin, YubiKey

  • Exposed Sphinx Servers Are No Challenge for Hackers [Ed: That’s the same agency and the same troll site that initially promoted the lies and the FUD about VLC]

    A popular open-source text search server, Sphinx offers impressive performance for indexing and searching data in databases or just in files. It is cross-platform, available for Linux, Windows, macOS, Solaris, FreeBSD, and a few other operating systems. [...] CERT-Bund posted the warning on Twitter today alerting network operators and providers about the risk of running Sphinx servers with a default configuration that are open on the web. The organization highlights that Sphinx lacks any authentication mechanisms. Exposing it on the web gives an attacker the possibility "to read, modify or delete any data stored in the Sphinx database."

  • Ransomware Hits Texas Local Governments [iophk: Windows TCO]

    The attack was observed on the morning of August 16 and appears to have been launched by a single threat actor, the DIR announcement reads.

    The State Operations Center (SOC) was activated soon after the attack reports started to come in, and DIR says that all of the entities that were actually or potentially affected appear to have been identified and notified.

    A total of twenty-three entities have been confirmed as impacted so far, and the responders are working on bringing the affected systems back online.

  • Webmin Backdoored for Over a Year

    The security hole impacts Webmin 1.882 through 1.921, but most versions are not vulnerable in their default configuration as the affected feature is not enabled by default. Version 1.890 is affected in the default configuration. The issue has been addressed with the release of Webmin 1.930 and Usermin version 1.780.

  • The YubiKey 5Ci is the 'first' iOS-compatible security key

    Like other YubiKey options in the 5 series, the YubiKey 5Ci supports multiple authentication protocols, including IDO2/WebAuthn, FIDO U2F, OTP (one-time-password), PIV (Smart Card), and OpenPGP.

Android Leftovers

Analysis of the state of play of Open Source policies in EU Member States

The study on OSS policies will answer the following research questions, each of which will be elaborated upon in dedicated chapters: [...] Read more

Android Leftovers