Language Selection

English French German Italian Portuguese Spanish

Server

PostgreSQL adopts a code of conduct

Filed under
Server
OSS

The PostgreSQL community has, after an extended discussion, announced the adoption of a code of conduct "which is intended to ensure that PostgreSQL remains an open and enjoyable project for anyone to join and participate in".

Read more

How Kubernetes' Founder is Building an Un-Distribution at Heptio

Filed under
Server
Interviews
OSS

Unlike other software vendors that are part of the Kubernetes community, Heptio doesn't want to build a software distribution of Kubernetes. Rather, the Heptio Kubernetes Service (HKS) is about support and services to help organizations deploy and manage upstream Kubernetes. It's an approach that Heptio has referred to as being an Un-Distribution.

"Our goal with the whole idea of the un-distribution is we want to provide the best parts of a distribution without necessarily some of the downsides that come along with that," Beda said.

Beda said that generally what happens with a distribution of an open source project is that a software vendor takes the upstream code, cleans it up so it's fit for enterprise consumption and then shipping a combination of tools that are prove to work well together.

"Upstream Kubernetes doesn't need a lot of clean up, because the community is so strong and we want to keep it that way," he said.

As such, a lot of the work that Heptio is involved with is all upstream with effort to make Kubernetes easier to install and use. Beda said that Heptio is putting a lot of effort into the kubeadm installer effort from the upstream project as well as the cluster API effort. As part of HKS, Beda said that Heptio is developing a set of validated designs, which integrate best practices for deployment.

Read more

Server: Ubuntu Server, Canonical's Embrace of Buzzwords and LF on Storage

Filed under
Server
  • Ubuntu Server development summary – 11 September 2018

    Cloud-init version 18.3.39 adds jinja template support for user-data scripts and cloud config. As part of this feature, any cloud metadata crawled by cloud-init is presented as template variables. Any cloud-provided metadata such as ip addresses, hostname, region, availability_zone can be referenced in user-data cloud config or scripts without having to crawl and parse metadata in separate tooling.

    Since cloud-init generalizes some of this instance metadata across all clouds, it now allows user-data to be more flexible when deploying to different cloud platforms. See Using instance metadata for more information.

  • What is multi-cloud?

    Tech companies, Canonical included, have a problem. That problem is living in buzzwords and jargon, and then assuming everyone knows what we are talking about.

    At Canonical we call them ‘Canonicalisms’, other companies have their own names for it.

    Whilst we can joke about it, this over-reliance on jargon is a genuine barrier to our audience, developers, customers, people in need of technical help, people in need of assistance in understanding what all these buzzwords are. The jargon is a barrier to people understand what something like the cloud is, in its many different guises, and how these different architectures and strategies can be used for tangible business benefits.

    Fortunately, that’s a problem which is solvable.

    Canonical has decided to produce a whitepaper that details everything you need to know to understand every type of cloud from public to private and managed to multi-cloud. But, we haven’t stopped there, because these technologies don’t live in a bubble, they’re connected to technologies such as Kubernetes, containers, serverless computing, servers and virtual machines.

    Still, understanding the basics about these different technologies is only a piece of the picture, which is why we’ve also included guidance on the best strategies to use, use cases, when and where to deploy and make it a success.

  • Know Your Storage: Block, File & Object

    Dealing with the tremendous amount of data generated today presents a big challenge for companies who create or consume such data. It’s a challenge for tech companies that are dealing with related storage issues.

Server: Docker Swarm, Kubernetes, DevOps, Running Apache Cassandra on Kubernetes

Filed under
Server
  • Difference between Docker swarm and Kubernetes

    When you are on learning curve of application containerization, there will be a stage when you come across orchestration tools for containers. If you have started your learning with Docker then Docker swarm is the first cluster management tool you must have learnt and then Kubernetes. So its time to compare docker swarm and Kubernetes. In this article, we will quickly see what is docker, what is kubernetes and then comparison between the two.

  • Stop Killing Your Cattle: Server Infrastructure Advice

    If you've spent enough time at DevOps conferences, you've heard the phrase "pets versus cattle" used to describe server infrastructure. The idea behind this concept is that traditional infrastructure was built by hand without much automation, and therefore, servers were treated more like special pets—you would do anything you could to keep your pet alive, and you knew it by name because you hand-crafted its configuration. As a result, it would take a lot of effort to create a duplicate server if it ever went down. By contrast, modern DevOps concepts encourage creating "cattle", which means that instead of unique, hand-crafted servers, you use automation tools to build your servers so that no individual server is special—they are all just farm animals—and therefore, if a particular server dies, it's no problem, because you can respawn an exact copy with your automation tools in no time.

    If you want your infrastructure and your team to scale, there's a lot of wisdom in treating servers more like cattle than pets. Unfortunately, there's also a downside to this approach. Some administrators, particularly those that are more junior-level, have extended the concept of disposable servers to the point that it has affected their troubleshooting process. Since servers are disposable, and sysadmins can spawn a replacement so easily, at the first hint of trouble with a particular server or service, these administrators destroy and replace it in hopes that the replacement won't show the problem. Essentially, this is the "reboot the Windows machine" approach IT teams used in the 1990s (and Linux admins sneered at) only applied to the cloud.

  • Running Apache Cassandra on Kubernetes

    The Cassandra controller can, of course, perform operations within the Cassandra cluster. For example, want to scale down your Cassandra cluster? Instead of manipulating the StatefulSet to handle this task, the controller will see the CRD change. The node count will change to a lower number (say from six to five). The controller will get that state change, and it will first run a decommission operation on the Cassandra node that will be removed. This ensures that the Cassandra node stops gracefully and redistributes and rebalances the data it holds across the remaining nodes. Once the Cassandra controller sees this has happened successfully, it will modify that StatefulSet definition to allow Kubernetes to decommission that pod. Thus, the Cassandra controller brings needed intelligence to the Kubernetes environment to run Cassandra properly and ensure smoother operations.

    As we continue this project and iterate on the Cassandra operator, our goal is to add new components that will continue to expand the tool's features and value. A good example is Cassandra SideCar (shown in the diagram above), which can take responsibility for tasks like backups and repairs. Current and future features of the project can be viewed on GitHub. Our goal for the Cassandra operator is to give devs a powerful, open source option for running Cassandra on Kubernetes with a simplicity and grace that has not yet been all that easy to achieve.

Server: CI and CD, Kubernetes and Istio

Filed under
Server
  • Understanding the Difference Between CI and CD

    There is a lot of information out there regarding Continuous Integration (CI) and Continuous Delivery (CD). Multiple blog posts attempt to explain in technical terms what these methodologies do and how they can help your organization. Unfortunately, in several cases, both methodologies are usually associated with specific tools or even vendors.

  • How to survive an outage and live to tell about it!

    Kubernetes Federation‘s objective is to provide a control plane to manage multiple Kubernetes clusters. Unfortunately, Federation is still considered an alpha project with no timeline for General Availability release. As a stop gap for Federation services a couple of different solutions are available for dispersing cluster endpoints: a cluster stretched across multiple datacenters or multiple clusters deployed across datacenters.

    Kubernetes recommends that all VMs be isolated to a single datacenter: “when the Kubernetes developers are designing the system (e.g. making assumptions about latency, bandwidth, or correlated failures) they are assuming all the machines are in a single data center, or are otherwise closely connected.” Therefore, stretching an OpenShift Cluster Platform across multiple data centers is not recommended. However if you need to have a disaster recovery plan today this article will detail a potential solution.

  • Istio 101: “The future of the service mesh is one which operates in symbiosis with technologies like Knative and Apache Whisk”

    Istio is gaining a lot of attention especially now that 1.0 is here. But does it have what it takes to become the de facto service mesh for Kubernetes? If you ask Brian ‘Redbeard’ Harrington, Product Manager for Istio at Red Hat, the answer is yes. “With Istio, the deployment is straightforward and the integration with Kubernetes is top notch. It feels as if it should have been there all along.”

    Istio 1.0 arrived earlier this month; all the core features are now ready for production use.

    If you are already familiar with the features presented in 0.8, you should know that the list of new features presented in 1.0 is not that long; the team chose to focus on fixing bugs and improving performance. If you’d like to see all the changes introduced in Istio 1.0, I invite you to read the release notes.

10 Reasons Why Your Business Is Better Off With A Linux Server

Filed under
GNU
Linux
Server

When choosing a server for your business several considerations come into play especially cost and security. But the most important consideration of all, at least in my opinion, is your business. You should always bear in mind that there is no point cutting corners on getting a server when your business depends on it.

Read more

Servers and Red Hat Leftovers

Filed under
Red Hat
Server
  • Build a secure Docker host environment on Linux systems

    Run the latest stable OS release and patches on container hosts. Unlike VMs, containers share host OS resources and files, so a security issue could affect the entire Docker estate. OS management isn't difficult for enterprise IT teams, but approach with caution -- review all documentation prior to committing an update for Docker hosting systems. Virtual snapshots are a useful tool for this process, providing a log of changes and a rollback target if needed.

    Application security is only as good as what's on the stack below it. Assess the security settings on the host in question. Anyone with administrator-level access to the OS can manipulate the containers in the default configuration. Administrators should use keys for remote login to increase the environment's security level. In addition, implement a firewall, and restrict access to only trusted networks. Keep the attack surface to a minimum.

  • GDB 8.2 Released, Kernel 4.19 Officially the Next LTS Series, Cloudera Launches Open-Source IoT Architecture and Purism's Librem 5 Production Update

    Cloudera has launched an open-source, IoT architecture in collaboration with Red Hat and Eurotech. According to the press release, this end-to-end architecture is "based on open standards and is integrated, flexible and runs on multi- or hybrid-cloud environments", and it's "designed to provide the foundational components that organizations need to quickly and securely roll out IoT use cases".

  • How to feel connected on a distributed team

    In March 2016, I started a new role as a fully remote employee. I was joining a company that I highly respected to do something I loved, and I no longer had to get in a car every day. Not having to commute was a real sell, especially since it’s not uncommon to spend an hour each way to get to work in the DC area. Missing out on lunch with coworkers and free snacks in the office was worth the sacrifice. Plus, I had plenty of friends and family in the area, so I wouldn’t feel the impact of being alone for eight hours a day. I was convinced that I was going to live my dream life.

  • Market Value should Soar in coming Months: Red Hat, Inc. (RHT)

Server: Kubernetes, Containers, and Microsoft Downtime

Filed under
Server
  • Kubernetes is the new operating environment (Part 1)

    This is the first in a series of articles that consider the role of Kubernetes and application servers. Do application servers need to exist? Where does the current situation leave developers trying to choose the right path forward for their applications?

    Why Kubernetes is the new application server

    By now you’ve likely read “Why Kubernetes is The New Application Server” and you might be wondering what that means for you. How does it impact Java EE or Jakarta EE and Eclipse MicroProfile? What about application servers or fat JARs? Is it the end as we’ve known it for nearly two decades?

    In reality, it doesn’t impact the worldview for most. It’s in line with the efforts of a majority of vendors around Docker and Kubernetes deployments over the last few years. In addition, there’s greater interest in service mesh infrastructures, such as Istio, and how they can further assist with managing Kubernetes deployments.

    All these factors are drivers for the current trends within development—pushing more concerns traditionally associated with development down into the lower layers of the entire stack, with concerns moving into infrastructure or the operating environment an application runs on.

    Throughout the series, we will see that there is no need for doom and gloom. Although the mechanisms might change, there’s still a place for application servers and fat JARs when developing applications.

  • Understanding the State of Container Networking

    Container networking is a fast moving space with lots of different pieces. In a session at the Open Source Summit, Frederick Kautz, principal software engineer at Red Hat outlined the state of container networking today and where it is headed in the future.

    Containers have become increasingly popular in recent years, particularly the use of Docker containers, but what exactly are containers?

    Kautz explained the containers make use of the Linux kernel's ability to allow for multiple isolated user space areas. The isolation features are enabled by two core elements cGroups and Namespaces. Control Groups (cGroups) limit and isolate the resource usage of process groups, while namespaces partition key kernel structures for process, hostname, users and network functions.

  • Lightning strikes put Microsoft Azure data centre offline

    Microsoft's Azure cloud platform has suffered a massive outage that affected customers in various parts of the world, with cooling problems being identified at about 2.30am Pacific Time on Tuesday (7.30pm AEST Tuesday).

UCS 4.3-2 Published! New: Maintenance Mode for Release Updates …

Filed under
Server
Debian

UCS 4.3-2 now offers a maintenance mode for importing release updates via Univention Management Console (UMC). UMC is the web-based, graphical user interface for the administration of the entire domain. In the past, when a release update was recorded, short-term failures of the UMC could occur, for example, because the updated services were restarted. This new maintenance mode significantly improves the reliability during the import of release updates via UMC. In addition, you can now track the progress of the updates.

Read more

Servers: Load Balancing and Failover, Telcos, Google and Beyond Kubernetes

Filed under
Server
  • Improving the Standards of Linux Load Balancing and Failover

    Oracle supports both simple and weighted round-robin load balancing of requests from its web components and aims to improve features like high availability and load balancing. By following a specific path and port, Linux remote direct memory access (RDMA) has problems regarding performance and security perspectives. In the LDAP environment, load balancing for writes of a user and group data can produce undesirable behavior due to the replication. LDAP replication does not guarantee transaction integrity; the limitation of replication is however very dominant in the system itself.

    Segmenting the user and group data may be effective for distributing the load if the case rests upon separate user population in distinct branches of the Directory Information Tree (DIT). By maintaining different primary LDAP server for read and write purpose, load balances of such kind of operations can be obtained efficiently. Also, selecting a standard network interface card can be beneficial as they pick which network device is appropriate to transport the data. RDMA is proved to be more resilient over IP (RDMAIP) which creates a high availability connection to create a bonding group among adapters’ ports. The traffic automatically gets transported to the other ports in the group in case of loss of any significant port. This can be achieved by utilizing Oracle's Reliable Datagram Sockets (RDS).Oracle supports both simple and weighted round-robin load balancing of requests from its web components and aims to improve features like high availability and load balancing. By following a specific path and port, Linux remote direct memory access (RDMA) has problems regarding performance and security perspectives. In the LDAP environment, load balancing for writes of a user and group data can produce undesirable behavior due to the replication. LDAP replication does not guarantee transaction integrity; the limitation of replication is however very dominant in the system itself.

    Segmenting the user and group data may be effective for distributing the load if the case rests upon separate user population in distinct branches of the Directory Information Tree (DIT). By maintaining different primary LDAP server for read and write purpose, load balances of such kind of operations can be obtained efficiently. Also, selecting a standard network interface card can be beneficial as they pick which network device is appropriate to transport the data. RDMA is proved to be more resilient over IP (RDMAIP) which creates a high availability connection to create a bonding group among adapters’ ports. The traffic automatically gets transported to the other ports in the group in case of loss of any significant port. This can be achieved by utilizing Oracle's Reliable Datagram Sockets (RDS).

  • Linux Foundation maps out the telco’s future with edge and AI platforms

    The mobile operator no longer has the luxury of dealing with a relatively closed and well-defined set of technologies and partners. The mobile network is increasingly intertwined with fixed line connections, and also with broad virtualized, programmable platforms, which will be essential to enable new business models and justify the investment in 5G. That sees operators getting deeply involved in a host of new technologies and standards, and increasingly emerging from the secrecy of inhouse labs and working through open source projects. Two important areas of effort are edge computing and machine learning (ML). Both are the focus of several open initiatives, in which certain operators, notably AT&T, are prominent. Both are starting to be deployed, often starting with the…

  • Google infrastructure chief Urs Hölzle: This is the future of software and the cloud

    Look at the history of open source. Twenty years ago there was nothing that was relevant to an enterprise that was open source. Maybe BSD [Berkeley Software Distribution version of Unix], but basically nothing. Five years later, 2003, Linux and the LAMP stack [Linux, the Apache HTTP Server, the MySQL relational database management system and the PHP programming language] was pretty common already. Java wasn’t quite open source, but I’ll throw it in there. Basically, every five years afterwards, the amount of IT where open source was relevant was bigger.

  • Beyond Kubernetes - 5 Promising Cloud-Native Technologies To Watch
Syndicate content

More in Tux Machines

Security: Updates, US Demand for Back Doors, and Microsoft's Collusion with the NSA Keeps Serving Crackers

  • Security updates for Wednesday
  • State Department Still Sucks At Basic Cybersecurity And Senators Want To Know Why
    The senators are hoping the State Department will have answers to a handful of cybersecurity-related questions by October 12th, but given the agency's progress to compliance with a law that's been on the book for two years at this point, I wouldn't expect responses to be delivered in a timelier fashion. The agency's track record on security isn't great and these recent developments only further cement its reputation as a government ripe for exploitation. The agency's asset-tracking program only tracks Windows devices, its employees are routinely careless with their handling of classified info, and, lest we forget, its former boss ran her own email server, rather than use the agency's. Of course, given this long list of security failures, there's a good possibility an off-site server had more baked-in security than the agency's homebrew.
  • EternalBlue Vulnerability Puts Pirated Windows Systems at Malware Risk [Ed: Microsoft's collusion with the NSA (for US-controlled back doors) continues to cost billions... paid by people who foolishly chose or accepted PCs with Windows.]
    A particular vulnerability that has been codenamed EternalBlue is to be blamed for this misfortune. The malware risk especially affects computers which use pirated Windows versions. This gap in security has its traces back in the legacies of US secret service NSA. Even after several years, many systems continue to be vulnerable. For more than three years, US intelligence was using it for performing hidden attacks on all kinds of targets. The agency finally had to leak the vulnerability to Microsoft due to the danger of hacking by a famous hacker group, Shadow Brokers. Microsoft then consequently had to abandon a patch day for the very first time in the company’s history for filling in the gap as quickly as possible.

today's howtos

Moving Compiler Dependency Checks to Kconfig

One reason became clear recently when Linus Torvalds asked developers to add an entirely new system of dependency checks to the Kconfig language, specifically testing the capabilities of the GCC compiler. It's actually an important issue. The Linux kernel wants to support as many versions of GCC as possible—so long as doing so would not require too much insanity in the kernel code itself—but different versions of GCC support different features. The GCC developers always are tweaking and adjusting, and GCC releases also sometimes have bugs that need to be worked around. Some Linux kernel features can only be built using one version of the compiler or another. And, some features build better or faster if they can take advantage of various GCC features that exist only in certain versions. Up until this year, the kernel build system has had to check all those compiler features by hand, using many hacky methods. The art of probing a tool to find out if it supports a given feature dates back decades and is filled with insanity. Imagine giving a command that you know will fail, but giving it anyway because the specific manner of failure will tell you what you need to know for a future command to work. Now imagine hundreds of hacks like that in the Linux kernel build system. Read more

Fedora be pretty - The ultimate customization guide

I am quite pleased with the final result of this transformation. But it also requires a lot of non-standard changes, which is a shame, because none of what I did, subjective taste elements aside, is super complicated. Imagine a Fedora, or for that any which distro, that has everything really nicely tailored for max. efficiency, ergonomics, productivity, and fun. My journey encompasses the use of third-party repos, extra software, Gnome Tweak Tool, about a dozen extensions, new themes, icons, and fonts, the use of a dock, plus some extra visual polish. In the end, though, Fedora 28 looks and behaves the part. This is something I could happily show to other people, and I am convinced they would be inclined to try it. Well, there you go. The guide. Hopefully, you'll find it useful, and perhaps it may even hype up your enthusiasm for Linux. In these dreary times, an injection of fanboyese is quite needed. Take care. Read more