Language Selection

English French German Italian Portuguese Spanish


Servers: IBM/Red Hat and Uptime Records

Filed under
Red Hat
  • 10 Years of OpenStack – Julia Kreger at Red Hat
  • Keeping Kubernetes secrets secret

    DevNation Tech Talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions plus code and sample projects to help you get started. In this talk, you’ll learn how to manage Kubernetes secrets from Alex Soto Bueno and Burr Sutter.

    Everyone is talking about microservices and serverless architecture, and how to deploy them using cluster managers like Kubernetes. But, what about the secrets (such as certificates, passwords, SSH, and API keys)? The current trend increases the number of secrets required to run our services. This fact places a new level of maintenance on our security teams.

    How can we share and manage these secrets for our services in dynamic scenarios where instances are started automatically, or where there are multiple instances of the same services for scalability reasons? Are you keeping up?

  • A teenage aspiring SysOp in the age of the text-only BBS

    This was when I got into "computer things." I was a young teenager in 1993 when my dad brought home his first PC—a Gateway 2000 486/SX with a whopping 4MB of RAM, and a whole 320MB hard drive. It ran MS-DOS 6.21 and Windows (for workgroups) 3.11.

    In those days, computers just weren't that fast. That little 486 had trouble running Doom; forget about the multimedia experience that is today's internet. So, the majority of what you could do online was text. On top of that, the internet was still a very new thing, and not everyone could get access to it. Broadband was not a thing. Couple that with the fact that my dad was a telco guy, and knew that the internet was pretty much the wild west at the time—I wasn't allowed anywhere near it. That, however, just made me want to explore it that much more.

  • Most Reliable Hosting Company Sites in August 2020 [Ed: Almost everything GNU/Linux]

    The most reliable hosting company site in August 2020 belonged to, with no failed requests and the fastest average connection time. has now had the most reliable hosting company site three times in 2020. The company provides a range of services including cloud hosting, dedicated servers, colocation and managed services from four locations across the US, Europe and Asia.

    Swishmail appeared in second place, also responding to all of Netcraft's requests in August. Swishmail provides business email services alongside hosting solutions.

    Rackspace, Bigstep and EveryCity appear in third, fourth and fifth places. Rackspace had the second fastest average connection time and has appeared in the top 10 six times in 2020. Bigstep offers "bare metal" cloud hosting to provide the flexibility of cloud hosting but without the associated overhead and performance reductions of virtualization. EveryCity has appeared in the top 10 seven times in 2020 and is the only site that uses SmartOS.

How Raspberry Pi and Kubernetes work together

Filed under

Raspberry Pi and Kubernetes are both “cool” technologies cut from different cloths. But have you considered using them together?

The Raspberry Pi is hardware, a single-board computer with an ARM-compatible CPU, while Kubernetes is software for running and managing containers.

They’re both popular: the Raspberry Pi hit the 30 million units shipped milestone near the end of 2019, and apparently has seen a new sales surge this year. Kubernetes adoption is growing leaps and bounds, too. The nature of their popularity differs, though.

The Raspberry Pi has become commonly associated with computer science education, especially in K-12 education, since their relative affordability makes these devices accessible. In general, the Raspberry Pi lends itself to the kinds of tinkering and project-based work that cultivates the curiosity and learning that draws many people to technology in the first place.

Read more

Also: GMK brings referral contest as Nucbox Indiegogo campaign attains 1800% funding

Istio and Kubernetes Development

Filed under
  • Istio 1.7: Development Stays on Track Despite Controversies

    The August release of Istio 1.7 indicates that the continuing controversy around the open source service mesh project's governance hasn't affected ongoing development.

  • Introducing Structured Logs

    Logs are an essential aspect of observability and a critical tool for debugging. But Kubernetes logs have traditionally been unstructured strings, making any automated parsing difficult and any downstream processing, analysis, or querying challenging to do reliably.

    In Kubernetes 1.19, we are adding support for structured logs, which natively support (key, value) pairs and object references. We have also updated many logging calls such that over 99% of logging volume in a typical deployment are now migrated to the structured format.

  • Warning: Helpful Warnings Ahead

    As Kubernetes maintainers, we're always looking for ways to improve usability while preserving compatibility. As we develop features, triage bugs, and answer support questions, we accumulate information that would be helpful for Kubernetes users to know. In the past, sharing that information was limited to out-of-band methods like release notes, announcement emails, documentation, and blog posts. Unless someone knew to seek out that information and managed to find it, they would not benefit from it.

    In Kubernetes v1.19, we added a feature that allows the Kubernetes API server to send warnings to API clients. The warning is sent using a standard Warning response header, so it does not change the status code or response body in any way. This allows the server to send warnings easily readable by any API client, while remaining compatible with previous client versions.

  • Kubernetes Networking With EndpointSlices

    EndpointSlices are an exciting new API that provides a scalable and extensible alternative to the Endpoints API. EndpointSlices track IP addresses, ports, readiness, and topology information for Pods backing a Service.

    In Kubernetes 1.19 this feature is enabled by default with kube-proxy reading from EndpointSlices instead of Endpoints. Although this will mostly be an invisible change, it should result in noticeable scalability improvements in large clusters. It also enables significant new features in future Kubernetes releases like Topology Aware Routing.

Postfix vs. Sendmail

Filed under

Postfix and Sendmail are in the same category of Mail Transfer Agents. When selecting the MTA (Mail Transfer Agent) for your system, to choose the best option that meets your needs, you must consider a few important features, such as performance, security, documentation, and feasibility.

Read more

Servers Leftovers

Filed under


  • COVID-19 Pandemic Forces Reckoning with Cloud Costs

    While cloud applications are both more accessible and more resilient than on-premises applications, the cost of migrating applications to the cloud is substantial. In the wake of the economic downturn brought on by the pandemic, there’s naturally now a lot more focus on those costs. To help IT organizations better assess those costs, the Linux Foundation has launched the FinOps Foundation, a consortium dedicated to identifying best practices to rein in IT costs.


  • Announcing the General Availability of Bottlerocket, an open source Linux distribution built to run containers

    As our customers increasingly adopt containers to run their workloads, we saw a need for a Linux distribution designed from the ground up to run containers with a focus on security, operations, and manageability at scale. Customers needed an operating system that would give them the ability to manage thousands of hosts running containers with automation.

    Meet Bottlerocket, a new open source Linux distribution that is built to run containers. 


  • KubeCon + CloudNativeCon Europe 2020

    This year I managed to partecipate to KubeCon + CloudNativeCon Europe 2020. As you can imagine, the conference did not happen in real life, but it was converted to an online conference. More virtual conferences I attend to, more I understand the limits and the advantages of them compared to real conferences. In this particular conference, I realized that one of the biggest problems I have with virtual conferences is that, during the conference, the conference events and talks add to your usual events and meetings, making it impossible to follow all events you wanted to follow.


  • Increasing the Kubernetes Support Window to One Year

    Starting with Kubernetes 1.19, the support window for Kubernetes versions will increase from 9 months to one year. The longer support window is intended to allow organizations to perform major upgrades at a time of the year that works the best for them.

    This is a big change. For many years, the Kubernetes project has delivered a new minor release (e.g.: 1.13 or 1.14) every 3 months. The project provides bugfix support via patch releases (e.g.: 1.13.Y) for three parallel branches of the codebase. Combined, this led to each minor release (e.g.: 1.13) having a patch release stream of support for approximately 9 months. In the end, a cluster operator had to upgrade at least every 9 months to remain supported.

    A survey conducted in early 2019 by the WG LTS showed that a significant subset of Kubernetes end-users fail to upgrade within the 9-month support period.

  • Introducing IDE support for Apache Camel K Modeline

    Apache Camel K is a lightweight integration framework built on Apache Camel that runs natively on Kubernetes. Camel K is designed explicitly for serverless and microservices architectures and allows you to run an integration written in Camel DSL on your cloud.

    Since Apache Camel K 1.0.0, it has been possible to specify the configuration options for starting an integration route using Apache Camel K Modeline. Just place a single comment line, // camel-k:, at the top of your config file. Using this method allows you to specify a relatively complex integration project in a single file.

    Until now, you could only access these configuration options through the command line. In this article, I introduce the new IDE support for Apache Camel K’s Modeline configuration.

  • 10 Years of OpenStack – Shane Wang at Intel

    Storytelling is one of the most powerful means to influence, teach, and inspire the people around us. To celebrate OpenStack’s 10th anniversary, we are spotlighting stories from the individuals in various roles from the community who have helped to make OpenStack and the global Open Infrastructure community successful.

Securedrop Worktstation and how can you help

Filed under

The second half of the event was a live demo of the new SecureDrop Workstation project.

SecureDrop is an open source whistleblower submission system that media organizations and NGOs can install to securely accept documents from anonymous sources. It was originally created by the late Aaron Swartz and is now managed by Freedom of the Press Foundation. SecureDrop is available in 20 languages.

The current SecureDrop is dependent heavily on air-gapped Tails systems. This means increased security but also means a lot of time in accessing the submissions by the journalists. SecureDrop Workstation is the next generation system coming up to help in reducing this and also provide much smoother user experience without giving up the security.

Read more

LXD 4.5 has been released

Filed under

The LXD team is very excited to announce the release of LXD 4.5!

This is another pretty busy release for LXD with the main highlight no doubt being the addition of OVN to our networking options.

On top of that, we have some welcome improvements to our container support with both the bpf syscall interception and the new allocation logic for pts devices.

And lastly, good improvements to clustering and to security with the improved remote storage work and the new AppArmor profiles.

Read more

Kubernetes 1.19: Accentuate the Paw-sitive

Filed under

Finally, we have arrived with Kubernetes 1.19, the second release for 2020, and by far the longest release cycle lasting 20 weeks in total. It consists of 33 enhancements: 12 enhancements are moving to stable, 18 enhancements in beta, and 13 enhancements in alpha.

The 1.19 release was quite different from a regular release due to COVID-19, the George Floyd protests, and several other global events that we experienced as a release team. Due to these events, we made the decision to adjust our timeline and allow the SIGs, Working Groups, and contributors more time to get things done. The extra time also allowed for people to take time to focus on their lives outside of the Kubernetes project, and ensure their mental wellbeing was in a good place.

Contributors are the heart of Kubernetes, not the other way around. The Kubernetes code of conduct asks that people be excellent to one another and despite the unrest in our world, we saw nothing but greatness and humility from the community.

Read more

Happy 10th anniversary, OpenStack!

Filed under

OpenStack has transformed the open source industry since it launched 10 years ago. It was an endeavor to bring greater choice in cloud solutions by combining NASA's Nova with Rackspace's Swift object storage and has since grown into a strong base for open infrastructure.

In 2010, "the cloud" was barely a thing, and having a standardized, open source platform for public and private clouds was a dream. A decade later, OpenStack is a cloud platform that critical industries rely on. As evidence of its massive market base, 451 Research projects a US$ 7.7 billion OpenStack market by 2023, with the most growth in Asia (36%), Latin America (27%), Europe (22%), and North America (17%).

Within a year, the fledgling OpenStack community grew from a couple-dozen developers to nearly 250 unique contributors to its first release, dubbed Austin. Fast-forward to 2020: OpenStack now ranks among the top three most active open source projects in the world and is the most widely deployed open source cloud infrastructure software.

Read more

Nextcloud Desktop Client Gets End-to-End Encryption, New User Interface

Filed under

End-to-end encryption is probably one of the most requested features in Nextcloud, the most popular on-premises file share and collaboration platform. With the release of Nextcloud Desktop Client 3.0, Nextcloud has become the first vendor to offer an enterprise-grade end-to-end encryption solution designed with file sync and share in mind.

Thanks to end-to-end encryption, users no longer need to manually exchange encryption keys, share large encrypted volumes or long and complex passwords when share files securely. Nextcloud’s solution works on a per-folder level to ensure local encryption of all files and features a fully secure key management system with Cryptographic Identity Protection in the form of server-signed certificates.

Read more

Syndicate content

More in Tux Machines

Septor 2020.5

Tor Browser is fully installed (10.0.2) System upgrade from Debian Buster repos as of October 21, 2020 Update Linux Kernel to 5.9.0-1 Update Thunderbird to 78.3.1-2 Update Tor to Update Youtube-dl to 2020.09.20 Read more

Incremental backup with Butterfly Backup

This article explains how to make incremental or differential backups, with a catalog available to restore (or export) at the point you want, with Butterfly Backup. Read more

Regressions in GNU/Linux Evolution

  • When "progress" is backwards

    Lately I see many developments in the linux FOSS world that sell themselves as progress, but are actually hugely annoying and counter-productive. Counter-productive to a point where they actually cause major regressions, costs, and as in the case of GTK+3 ruin user experience and the possibility that we'll ever enjoy "The year of the Linux desktop". [...] We live in an era where in the FOSS world one constantly has to relearn things, switch to new, supposedly "better", but more bloated solutions, and is generally left with the impression that someone is pulling the rug from below one's feet. Many of the key changes in this area have been rammed through by a small set of decision makers, often closely related to Red Hat/Gnome/ We're buying this "progress" at a high cost, and one can't avoid asking oneself whether there's more to the story than meets the eye. Never forget, Red Hat and Microsoft (TM) are partners and might even have the same shareholders.

  • When "progress" is backwards

Graphics: Vulkan, Intel and AMD

  • NVIDIA Ships Vulkan Driver Beta With Fragment Shading Rate Control - Phoronix

    This week's Vulkan 1.2.158 spec release brought the fragment shading rate extension to control the rate at which fragments are shaded on a per-draw, per-primitive, or per-region basis. This can be useful similar to OpenGL and Direct3D support for helping to allow different, less important areas of the screen be shaded less than areas requiring greater detail/focus. NVIDIA on Tuesday released the 455.26.02 Linux driver (and 457.00 version for Windows) that adds this fragment shading rate extension.

  • Intel Begins Adding Alder Lake Graphics Support To Their Linux Driver - Phoronix

    Intel has begun adding support for Alderlake-S to their open-source Linux kernel graphics driver. An initial set of 18 patches amounting to just around 300 lines of new kernel code was sent out today for beginning the hardware enablement work on Alderlake-S from the graphics side. Yes, it's only a few hundred lines of new driver code due to Alder Lake leveraging the existing Gen12/Tigerlake support. The Alder Lake driver patches similarly re-use some of the same workarounds and changes as set for the 14nm Rocket Lake processors with Gen12 graphics coming out in Q1.

  • AMD Linux Driver Preparing For A Navi "Blockchain" Graphics Card - Phoronix

    While all eyes are on the AMD Radeon RX 6000 "Big Navi" graphics cards set to be announced next week, it also looks like AMD is preparing for a Navi 1x "Blockchain" graphics card offering given the latest work in their open-source Linux driver. Patches posted today provide support for a new Navi graphics card referred to as the "navi10 blockchain SKU." The Navi 10 part has a device ID of 0x731E. From the AMDGPU Linux kernel driver perspective, the only difference from the existing Navi 10 GPU support is these patches disable the Display Core Next (DCN) and Video Core Next (VCN) support with this new SKU not having any display support.