Language Selection

English French German Italian Portuguese Spanish

Server

Life as a Linux system administrator

Filed under
GNU
Linux
Server

Linux system administration is a job. It can be fun, frustrating, mentally challenging, tedious, and often a great source of accomplishment and an equally great source of burnout. That is to say, it's a job like any other with good days and with bad. Like most system administrators, I have found a balance that works for me. I perform my regular duties with varying levels of automation and manual manipulation and I also do a fair amount of research, which usually ends up as articles. There are two questions I'm going to answer for you in this article. The first is, "How does one become a system administrator?," and second, "What does a Linux system administrator do?".

Read more

The 20 Best Control Panels for Hassle-Free Server Management

Filed under
Server
Software

It’s not very hard to manage web servers for most Linux powers users. However, it’s certainly not a child’s play, and new site owners often find it extremely difficult to manage their servers properly. Thankfully, there’s a huge list of robust control panels that makes server management hassle-free even for beginners. It can also be useful for experienced server owners who’re looking for convenient hosting panel management solutions. That’s why our editors have curated this guide outlining the 20 best admin panel for modern web servers.

Read more

Servers: SysAdmins, Kubernetes, OpenShift

Filed under
Red Hat
Server
  • Tales From The Sysadmin: Dumped Into The Grub Command Line

    Today I have a tale of mystery, of horror, and of hope. The allure of a newer kernel and packages was too much to resist, so I found myself upgrading to Fedora 30. All the packages had downloaded, all that was left was to let DNF reboot the machine and install all the new packages. I started the process and meandered off to find a cup of coffee: black, and darker than the stain this line of work leaves on the soul. After enough time had elapsed, I returned, expecting the warming light of a newly upgraded desktop. Instead, all that greeted me was the harsh darkness of a grub command line. Something was amiss, and it was bad.

    (An aside to the reader, I had this experience on two different machines, stemming from two different root problems. One was a wayward setting, and the other an unusual permissions problem.)

    How does the fledgling Linux sysadmin recover from such a problem? The grub command line is an inscrutable mystery to the uninitiated, but once you understand the basics, it’s not terribly difficult to boot your system and try to restore the normal boot process. This depends on what has broken, of course. If the disk containing your root partition has crashed, then sorry, this article won’t help.

  • Top Kubernetes Operators advancing across the Operator Capability Model

    At KubeCon North America 2019 we highlighted what it means to deliver a mature Kubernetes Operator. A Kubernetes Operator is a method of packaging, deploying and managing a Kubernetes application. The key attribute of an Operator is the active, ongoing management of the application, including failover, backups, upgrades and autoscaling, just like a cloud service.

    These capabilities are ranked into five levels, which are used to gauge maturity. We refer to this as the Operator Capability Model, which outlines a set of possible capabilities that can be applied to an application. Of course, if your app doesn’t store stateful data, a backup might not be applicable to you but log processing or alerting might be important. The important user experience that the Operator model aims for is getting that cloud-like, self-managing experience with knowledge baked in from the experts.

  • Red Hat simplifies transition to open source Kafka with new service registry and HTTP bridge

    Red Hat continues to increase the features available for users looking to implement a 100% open source, event-driven architecture (EDA) through running Apache Kafka on Red Hat OpenShift and Red Hat Enterprise Linux. The Red Hat Integration Q4 release provides new features and capabilities, including ones aimed at simplifying usage and deployment of the AMQ streams distribution of Apache Kafka.

    [...]

    In addition to the registry itself, users can leverage the included custom Kafka serializers and deserializers (SerDes). These SerDes Java classes allow Kafka applications to pull relevant schemas from the Service Registry instead of requiring the schemas to be bundled with the applications.

    Correspondingly, the registry has its own REST API to create, update, and delete artifacts as well as managing global and per-artifact rules. The registry API is compatible with another Kafka provider’s schema registry to facilitate a seamless migration to AMQ Streams as a drop-in replacement.

PHP Web Server GUI - Version 1.0.0 Released

Filed under
Server
Software

PHP's built-in web server is a CLI feature, as such it requires a specific command to use, one which is easy to forget and gets buried in your terminal's history. While writing a script can help, it too gets buried in your terminal history, or is often located in an inconvenient place on the filesystem, requiring you to browse to the script before you can use it. This basic GTK+ GUI solves these issues. It's as easy to use as any other app on your system.

It's also a great tool for teaching PHP or the fundamentals of how web servers work. It's an easy tool for students to use, for learning programming, in Raspberry Pi projects, robotics, or anything else that requires a web-based interface or centralized server communication. Many of these things are true of PHP's built-in web server itself, this GUI just makes it easier to use for people who are not comfortable using the command line.

Read more

Growth of Kubernetes

Filed under
Server
  • Just how popular is Kubernetes?

    In its study of usage data from thousands of companies and more than 1.5 billion containers, the company found "roughly 45% of Datadog customers running containers use Kubernetes, whether in self-managed clusters or through a cloud service." Not bad for a technology that's just over five years old.

    What's more telling though is that almost half of all Datadog container users have already turned to Kubernetes. It's Kubernetes' growth rate that really tells the story. In the last year, Kubernetes' numbers of users grew by 10%.

    In the meantime, other container orchestration programs, such as Marathon and Docker swarm mode, have simply not caught fire. Indeed, their parent companies, D2iQ, formerly Mesosphere, and Docker both started offering Kubernetes to their customers. Need more be said?

    Datadog also found that Kubernetes is very popular on the public cloud. In particular, managed Kubernetes services such as Google Kubernetes Engine (GKE) dominates the Google Cloud Platform (GCP). Since Kubernetes ancestry goes back to Google that comes as no surprise.

  • Rancher CEO on k3s: Kubernetes is the new Linux; you run it everywhere

    Once, Kubernetes was just some geeky cloud-native project for orchestrating containers (a virtualized method for running distributed applications). Isn’t it funny how it’s worked its way into practically every tech conversation in just a few years? In fact, thanks to technologies that shrink and simplify it, Kubernetes is about to find its way into even more use cases.

    With the technology and its uses expanding so rapidly, how do we even define it anymore? Sheng Liang (pictured), co-founder and chief executive officer of Rancher Labs Inc., has an idea: “Kubernetes is the new Linux, and you run it everywhere.”

    Cloud, on-premises data center, bare metal, internet of things edge, Raspberry Pi, surveillance camera? Check. The developer ecosystem is invading more and more spaces through tweaks that make Kubernetes easier than ever to deploy.

Servers: Kubernetes, Red Hat, USENET and Solaris

Filed under
Server
  • HPE launches container platform, aims to be 100% open source Kubernetes

    Hewlett Packard Enterprise launched its HPE Container Platform, a Kubernetes container system designed to run both cloud and on-premises applications.

    On the surface, HPE Container Platform will face an uphill climb as all the top cloud providers have Kubernetes management tools and instances and IBM with Red Hat has a big foothold for hybrid cloud deployments and the container management that goes with it.

    HPE, which recently outlined a plan to make everything a service, is betting that the HPE Container Platform can differentiate itself based on two themes. First, HPE is pledging that its container platform will be 100% open source Kubernetes compared to other systems that have altered Kubernetes. In addition, HPE Container Platform will be able to run across multiple environments and provide one management layer.

  • Virtio-networking: first series finale and plans for 2020

    Let's take a short recap of the Virtio-networking series that we've been running the past few months. We've covered a lot of ground! Looking at this series from a high level, let's revisit some of the topics we covered:

    [...]

    For those who didn't crack and made it all the way here, we hope this series helped you clarify the dark magic of virtio and low-level networking both in the Linux kernel and in DPDK.

  • Inside the Book of Red Hat

    Shared stories are the cornerstone of community. And in open organizations like Red Hat—where community is paramount—shared stories are especially important to the collective identity that binds participants together.

    At Red Hat, we're quite fond of the stories that inform our shared history, purpose, and culture. We've just collected some of them in a new version of the Book of Red Hat, which is available now.

    Here are just three of the community-defining moments the book recounts.

  • The Early History of Usenet, Part III: File Format

    When we set out to design the over-the-wire file format, we were certain of one thing: we wouldn't get it perfectly right. That led to our first decision: the very first character of the transmitted file would be the letter "A" for the version. Why not a number on the first line, including perhaps a decimal point? If we ever considered that, I have no recollection of it.
    A more interesting question is why we didn't use email-style headers, a style later adopted for HTTP. The answer, I think, is that few, if any, of us had any experience with those protocols at that time. My own personal awareness of them started when I requested and received a copy of the Internet Protocol Transition Workbook a couple of years later — but I was only aware of it because of Usenet. (A few years earlier, I gained a fair amount of knowledge of the ARPANET from the user level, but I concentrated more on learning Multics.)

    Instead, we opted for the minimalist style epitomized by 7th Edition Unix. In fact, even if we had known of the Internet (in those days, ARPANET) style, we may have eschewed it anyway. Per a later discussion of implementation, the very first version of our code was a shell script. Dealing with entire lines as single units, and not trying to parse headers that allowed arbitrary case, optional white space, and continuation lines was certainly simpler!

    [...]

    Sending a date and an article title were obvious enough that these didn't even merit much discussion. The date and time line used the format generated by the ctime() or asctime() library routines. I do not recall if we normalized the date and time to UTC or just ignored the question; clearly, the former would have been the proper choice. (There is an interesting discrepancy here. A reproduction of the original announcement clearly shows a time zone. Neither the RFC nor the ctime() routine had one. I suspect that announcement was correct.) The most interesting question, though, was about what came to be called newsgroups.

    We decided, from the beginning, that we needed multiple categories of articles — newsgroups. For local use, there might be one for academic matters ("Doctoral orals start two weeks from tomorrow"), social activities ("Reminder: the spring picnic is Sunday!"), and more. But what about remote sites? The original design had one relayed newsgroup: NET. That is, there would be no distinction between different categories of non-local articles.

  • From humble Unix sysadmin to brutal separatist suppressor to president of Sri Lanka

    A former Unix sysadmin has been elected the new president of Sri Lanka, giving hope to all those IT workers who fear they are trapped in a role where the smallest of decisions can have catastrophic consequences if it goes wrong.

    Gotabaya Rajapaksa, younger brother of former president Mahindra, won the popular vote in an election held on Saturday (16 November). He is notable to The Register's readership for his stint working in America as a Solaris system integrator and later as a Unix sysadmin for a Los Angeles university.

Supercomputing Articles

Filed under
Server
  • Exascale meets hyperscale: How high-performance computing is transitioning to cloud-like environments

    Twice a year the high-performance computing (HPC) community anxiously awaits the announcement of the latest edition of the Top500 list, cataloging the most powerful computers on the planet. The excitement of a supercomputer breaking the coveted exascale barrier and moving into the top position typically overshadows the question of which country will hold the record. As it turned out, the top 10 systems on the November 2019 Top500 list are unchanged from the previous revision with Summit and Sierra still holding #1 and #2 positions, respectively. Despite the natural uncertainty around the composition of the Top500 list, there is little doubt about software technologies that are helping to reshape the HPC landscape. Starting at the International Supercomputing conference earlier this year, one of the technologies leading this charge is containerization, lending further credence to how traditional enterprise technologies are influencing the next generation of supercomputing applications.

    Containers are borne out of Linux, the operating system underpinning Top500 systems. Because of that, the adoption of container technologies has gained momentum and many supercomputing sites already have some portion of their workflows containerized. As more supercomputers are being used to run artificial intelligence (AI) and machine learning (ML) applications to solve complex problems in science-- including disciplines like astrophysics, materials science, systems biology, weather modeling and cancer research, the focus of the research is transitioning from using purely computational methods to AI-accelerated approaches. This often requires the repackaging of applications and restaging the data for easier consumption, where containerized deployments are becoming more and more important.

  • Exploring AMD’s Ambitious ROCm Initiative

    Three years ago, AMD released the innovative ROCm hardware-accelerated, parallel-computing environment [1] [2]. Since then, the company has continued to refine its bold vision for an open source, multiplatform, high-performance computing (HPC) environment. Over the past three years, ROCm developers have contributed many new features and components to the ROCm open software platform.

    ROCm is a universal platform for GPU-accelerated computing. A modular design lets any hardware vendor build drivers that support the ROCm stack [3]. ROCm also integrates multiple programming languages and makes it easy to add support for other languages. ROCm even provides tools for porting vendor-specific CUDA code into a vendor-neutral ROCm format, which makes the massive body of source code written for CUDA available to AMD hardware and other hardware environments.

  • High-Performance Python – GPUs

    When GPUs became available, C code via CUDA, a parallel computing platform and programming model developed by Nvidia for GPUs, was the logical language of choice. Since then, Python has become the tool of choice for machine learning, deep learning, and, to some degree, scientific code in general.

    Not long after the release of CUDA, the Python world quickly created tools for use with GPUs. As with new technologies, a plethora of tools emerged to integrate Python with GPUs. For some time, the tools and libraries were adequate, but soon they started to show their age. The biggest problem was incompatibility.

    If you used a tool to write code for the GPU, no other tools could read or use the data on the GPU. After making computations on the GPU with one tool, the data had to be copied back to the CPU. Then a second tool had to copy the data from the CPU to the GPU before commencing its computations. The data movement between the CPU and the GPU really affected overall performance. However, these tools and libraries allowed people to write functions that worked with Python.

    In this article, I discuss the Python GPU tools that are being actively developed and, more importantly, likely to interoperate. Some tools don’t need to know CUDA for GPU code, and other tools do need to know CUDA for custom Python kernels.

  • Porting CUDA to HIP

    You’ve invested money and time in writing GPU-optimized software with CUDA, and you’re wondering if your efforts will have a life beyond the narrow, proprietary hardware environment supported by the CUDA language.

    Welcome to the world of HIP, the HPC-ready universal language at the core of AMD’s all-open ROCm platform [1]. You can use HIP to write code once and compile it for either the Nvidia or AMD hardware environment. HIP is the native format for AMD’s ROCm platform, and you can compile it seamlessly using the open source HIP/​Clang compiler. Just add CUDA header files, and you can also build the program with CUDA and the NVCC compiler stack (Figure 1).

  • OpenMP – Coding Habits and GPUs

    When first using a new programming tool or programming language, it’s always good to develop some good general habits. Everyone who codes with OpenMP directives develops their own habits – some good and some perhaps not so good. As this three-part OpenMP series finishes, I highlight best practices from the previous articles that can lead to good habits.

    Enamored with new things, especially those that drive performance and scalability, I can’t resist throwing a couple more new directives and clauses into the mix. After covering these new directives and clauses, I will briefly discuss OpenMP and GPUs. This pairing is fairly recent, and compilers are still catching up to the newer OpenMP standards, but it is important for you to understand that you can run OpenMP code on targeted offload devices (e.g., GPUs).

  • News and views on the GPU revolution in HPC and Big Data:

    Exploring AMD's Ambitious ROCm Initiative
    Porting CUDA to HIP
    Python with GPUs
    OpenMP – Coding Habits and GPUs

Bringing PostgreSQL to Government

Filed under
Server
OSS
  • Crunchy Data, ORock Technologies Form Open Source Cloud Partnership for Federal Clients

    Crunchy Data and ORock Technologies have partnered to offer a database-as-a-service platform by integrating the former's open source database with the latter's managed offering designed to support deployment of containers in multicloud or hybrid computing environments.

    The partnership aims to implement a PostgreSQL as a service within ORock's Secure Containers as a Service, which is certified for government use under the Federal Risk and Authorization Management Program, Crunchy Data said Tuesday.

  • Crunchy Data and ORock Technologies Partnership Brings Trusted Open Source Cloud Native PostgreSQL to Federal Government

    Crunchy Data and ORock Technologies, Inc. announced a partnership to bring Crunchy PostgreSQL for Kubernetes to ORock’s FedRAMP authorized container application Platform as a Service (PaaS) solution. Through this collaboration, Crunchy Data and ORock will offer PostgreSQL-as-a-Service within ORock’s Secure Containers as a Service with Red Hat OpenShift environment. The combined offering provides a fully managed Database as a Service (DBaaS) solution that enables the deployment of containerized PostgreSQL in hybrid and multi-cloud environments.

    Crunchy PostgreSQL for Kubernetes has achieved Red Hat OpenShift Operator Certification and provides Red Hat OpenShift users with the ability to provision trusted open source PostgreSQL clusters, elastic workloads, high availability, disaster recovery, and enterprise authentication systems. By integrating with the Red Hat OpenShift platform within ORock’s cloud environments, Crunchy PostgreSQL for Kubernetes leverages the ability of the Red Hat OpenShift Container Platform to unite developers and IT operations on a single FedRAMP-compliant platform to build, deploy, and manage applications consistently across hybrid cloud infrastructures.

Red Hat and Containers

Filed under
Red Hat
Server
OSS
  • Queensland government looks to open source for single sign-on project

    Red Hat Single Sign-On, which is based on the open source Keycloak project, and the Apollo GraphQL API Gateway platform will be the two key software components underpinning a Queensland effort to deliver a single login for access to online government services.

    Queensland is implementing single sign-on capabilities for state government services, including ‘tell us once’ capabilities that will allow basic personal details of individuals to be, where consent is given by an individual, shared between departments and agencies.

  • Red Hat Releases Open Source Project Quay Container Registry
  • Red Hat open sources Project Quay container registry

    Yesterday, Red Hat introduced the open source Project Quay container registry, which is the upstream project representing the code that powers Red Hat Quay and Quay.io. Open-sourced as a Red Hat commitment, Project Quay “represents the culmination of years of work around the Quay container registry since 2013 by CoreOS, and now Red Hat,” the official post reads.

    Red Hat Quay container image registry provides storage and enables users to build, distribute, and deploy containers. It will also help users to gain more security over their image repositories with automation, authentication, and authorization systems. It is compatible with most container environments and orchestration platforms and is also available as a hosted service or on-premises.

  • Red Hat declares Quay code open

    Red Hat has open sourced the code behind Project Quay, the six year old container registry it inherited through its purchase of CoreOS.

    The code in question powers both Red Hat Quay and Quay.IO, and also includes the Clair open source security project which was developed by the Quay team, and integrated with the registry back in 2015.

    In the blog post announcing the move, Red Hat principal software engineer – and CoreOS alumnus – Joey Schorr, wrote, “We believe together the projects will benefit the cloud-native community to lower the barrier to innovation around containers, helping to make containers more secure and accessible.”

  • New Open Source Offerings Simplify Securing Kubernetes

    In advance of the upcoming KubeCon 2019 (CyberArk booth S55), the flagship event for all things Kubernetes and Cloud Native Computing Foundation, CyberArk is adding several new Kubernetes offerings to its open source portfolio to improve the security of application containers within Kubernetes clusters running enterprise workloads.

  • Java Applications Go Cloud-Native with Open-Source Quarkus Framework

    "With Quarkus, Java developers are able to continue to work in Java, the language they are proficient in, even when they are working with new, cloud-native technologies," John Clingan, senior principal product manager of middleware at Red Hat, told IT Pro Today. "With memory utilization measured in 10s of MB and startup time measured in 10s of milliseconds, Quarkus enables organizations to continue with their significant Java investments for both microservices and serverless."

    Many organizations have been considering alternative runtimes to Java, like Node.js and Go, due to high memory utilization of Java applications, according to Clingan. In addition, Java’s startup times are generally too slow to be an effective solution for serverless environments. As such, Clingan said that even if an organization decided to stick with Java for microservices, it would be forced to switch to an alternative runtime for serverless, or functions-as-a-service (FaaS), deployment.

  • Styra Secures $14M in Funding Led by Accel to Expand Open Source and Commercial Solutions for Kubernetes/Cloud-native Security

    New technology—like Kubernetes, Containers, ServiceMesh, and CICD Automation—speed application delivery and development. However, they lack a common framework for authorization to determine where access should be allowed, and where it should be denied. Styra’s commercial and open source solutions—purpose-built for the scale of cloud-native development—provide this authorization layer to mitigate risk across cloud application components, as well as the infrastructure they are built upon.

The Secrets of Docker Secrets

Filed under
Server
HowTos

Most web apps need login information of some kind, and it is a bad idea to put them in your source code where it gets saved to a git repository that everyone can see. Usually these are handled by environment variables, but Docker has come up with what they call Docker secrets. The idea is deceptively simple in retrospect. While you figure it out it is arcane and difficult to parse what is going on.

Essentially the secrets function create in memory files in the docker image that contain the secret data. The data can come from files, or a Docker swarm.

The first thing to know is that the application running in the docker image needs to be written to take advantage of the Docker secrets function. Instead of getting the password from an environment variable, it would get the password from the file system at /run/secrets/secretname. Not all images available use this functionality. If they don't describe how to use Docker secrets, the won't work. The files will be created in the image, but the application won't read them.

Read more

Syndicate content