Language Selection

English French German Italian Portuguese Spanish

Server

MicroK8s Gets Powerful Add-ons

Filed under
Server
Software
Ubuntu

We are excited to announce new Cilium and Helm add-ons, coming to MicroK8s! These add-ons add even more power to your Kubernetes environment built on MicroK8s. The Cilium CNI plugin brings enhanced networking features, including Kubernetes NetworkPolicy support, to MicroK8s. You’ll also get direct CLI access to Cilium within MicroK8s using the microk8s.cilium wrapper.

If you do not already have a version of cilium installed you can alias microk8s.cilium to cilium using the following command:
snap alias microk8s.cilium cilium

Helm, the package manager for Kubernetes will allow even easier management of your MicroK8s environment.

Read more

6 Best Log Management Tools For Linux in 2019

Filed under
Server
Software

Before we can talk about log management, let’s define what a log is. Simply defined, a log is the automatically-produced and time-stamped documentation of an event relevant to a particular system. In other words, whenever an event takes place on a system, a log is generated. Systems and devices will generate logs for different types of events and many systems give administrators some degree of control over which event generates a log and which doesn’t.

As for log management, It is simply referring to the processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and eventual disposal of large volumes of log data. Although not clearly stated, log management implies a centralized system where logs from multiple sources are collected. Log management is not just log collection, though. It is the management part which is the most important. And log management systems often have multiple functionalities, collecting logs being just one of them.

Once logs are received by the log management system, they need to be standardized into a common format as different systems format logs differently and include different data. Some start a log with the date and time, some start it with an event number. Some only include an event ID while others include a full-text description of the event. One of the purposes of log management systems is to ensure that all collected log entries are stored in a uniform format. This will event correlation and eventual searching much easier down the line.

Even correlation and searching are two additional major functions of several log management systems. The best of them feature a powerful search engine that allows administrators to zero-in on precisely what they need. Correlation functions will automatically group related events, even if they are from different sources. How—and how successfully—different log management system accomplish that is a major differentiating factor.

Read more

Announcing Oracle Solaris 11.4 SRU12

Filed under
OS
Server

Today we are releasing the SRU 12 for Oracle Solaris 11.4. It is available via 'pkg update' from the support repository or by downloading the SRU from My Oracle Support Doc ID 2433412.1.

Read more

Also: Oracle Solaris 11.4 SRU12 Released - Adds GCC 9.1 Compiler & Python 3.7

Replicating Particle Collisions at CERN with Kubeflow

Filed under
Server
OSS
Ubuntu

This is where Kubeflow comes in. They started by training their 3DGAN on an on-prem OpenStack cluster with 4 GPUs. To verify that they were not introducing overhead by using Kubeflow, they ran training first with native containers, then on Kubernetes, and finally on Kubeflow using the MPI operator. They then moved to an Exoscale cluster with 32 GPUs and ran the same experiments, recording only negligible performance overhead. This was enough to convince them that they had discovered a flexible, versatile means of deploying their models to a wide variety of physical environments.

Beyond the portability that they gained from Kubeflow, they were especially pleased with how straightforward it was to run their code. As part of the infrastructure team, Ricardo plugged Sofia’s existing Docker image into Kubeflow’s MPI operator. Ricardo gave Sofia all the credit for building a scalable model, whereas Sofia credited Ricardo for scaling her team’s model. Thanks to components like the MPI operator, Sofia’s team can focus on building better models and Ricardo can empower other physicists to scale their own models.

Read more

Also: Issue #2019.08.19 – Kubeflow at CERN

Fedora and Red Hat: New F30 Builds, Flock Report, Servers and Package Management Domain Model

Filed under
Red Hat
Server
  • Ben Williams: F30-20190818 updated isos released.

    The Fedora Respins SIG is pleased to announce the latest release of Updated F30-20190816 Live ISOs, carrying the 5.2.8-200 kernel.

    This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have 1.2GB of updates)).

    A huge thank you goes out to irc nicks dowdle, satellite,Southern-Gentlem for testing these iso.

  • Flock to Fedora 2019 Conference report

    Last week I attended “Flock to Fedora” conference in Budapest, Hungary. It was a Fedora contributors conference where I met some developers, project leaders, GSoC interns. Below is a brief report of my attendance.

  • What salary can a sysadmin expect to earn?

    The path to reliable salary data sometimes is sometimes paved with frustration. That’s because the honest answer to a reasonable question—what should I be paid for this job?—is usually: "It depends."

    Location, experience, skill set, industry, and other factors all impact someone’s actual compensation. For example, there’s rarely a single, agreed-upon salary for a particular job title or role.

    All of the above applies to system administrators. It’s a common, long-established IT job that spans many industries, company sizes, and other variables. While sysadmins may share some common fundamentals, it’s certainly not a one-size-fits-all position, and it’s all the truer as some sysadmin roles evolve to take on cloud, DevOps, and other responsibilities.

    What salary can you expect to earn as a sysadmin? Yeah, it depends. However, that doesn’t mean you can’t get a clear picture of what sysadmin compensation looks like, including specific numbers. This is information worth having handy if you’re a sysadmin on the job market or seeking a promotion.

    Let’s start with some good news from a compensation standpoint. Sysadmins—like other IT pros these days—are in demand.

    "In today’s business environment, companies are innovating and moving faster than ever before, and they need systems that can keep up with the pace of their projects and communications, as well as help everything run smoothly," says Robert Sutton, district president for the recruiting firm Robert Half Technology. "That’s why systems administrators are among the IT professionals who can expect to see a growing salary over the next year or so."

  • Run Mixed IT Efficiently, The Adient – SUSE Way.

    When you have multiple distributions, such as Red Hat and SUSE, you can reduce administration complexity and save administration time and resources with a common management tool. Adient had applications running on both SUSE Linux Enterprise Server and Red Hat Enterprise Linux. Adient deployed SUSE Manager to manage their Mixed IT environment involving both distributions.

  • Package Management Domain Model

    When I wrote this model, we were trying to unify a few different sorts of packages. Coming from SpaceWalk, part of the team was used to wokring on RPMS with the RPM Database for storage, and Yum as the mechanism for fetching them. The other part of the team was coming from the JBoss side, working with JAR, WAR, EAR and associated files, and the Ivy or Maven building and fetching the files.

    We were working within the context of the Red Hat Network (as it was then called) for delivering content to subscribers. Thus, we had the concept of Errata, Channels, and Entitlements which are somewhat different from what other organizations call these things, but the concepts should be general enough to cover a range of systems.

    There are many gaps in this diagram. It does not discuss the building of packages, nor the relationship between source and binary packages. It also does not provide a way to distinguish between the package storage system and the package fetch mechanism.

    But the bones are solid. I’ve used this diagram for a few years, and it is useful.

Apache: Self Assessment and Security

Filed under
Server
OSS
  • The Apache® Software Foundation Announces Annual Report for 2019 Fiscal Year

    The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the availability of the annual report for its 2019 fiscal year, which ended 30 April 2019.

  • Open Source at the ASF: A Year in Numbers

    332 active projects, 71 million lines of code changed, 7,000+ committers…

    The Apache Software Foundation has published its annual report for fiscal 2019. The hub of a sprawling, influential open source community, the ASF remains in rude good health, despite challenges this year including the need for “an outsized amount of effort” dealing with trademark infringements, and “some in the tech industry trying to exploit the goodwill earned by the larger Open Source community.”

    [...]

    The ASF names 10 “platinum” sponsors: AWS, Cloudera, Comcast, Facebook, Google, LeaseWeb, Microsoft, the Pineapple Fund, Tencent Cloud, and Verizon Media

  • Apache Software Foundation Is Worth $20 Billion

    Yes, Apache is worth $20 billion by its own valuation of the software it offers for free. But what price can you realistically put on open source code?

    If you only know the name Apache in connection with the web server then you are missing out on some interesting software. The Apache Software Foundation ASF, grew out of the Apache HTTP Server project in 1999 with the aim of furthering open source software. It provides a licence, the Apache licence, a decentralized governance and requires projects to be licensed to the ASF so that it can protect the intellectual property rights.

  • Apache Security Advisories Red Flag Wrong Versions in Patching Gaffe

    Researchers have pinpointed errors in two dozen Apache Struts security advisories, which warn users of vulnerabilities in the popular open-source web app development framework. They say that the security advisories listed incorrect versions impacted by the vulnerabilities.

    The concern from this research is that security administrators in companies using the actual impacted versions would incorrectly think that their versions weren’t affected – and would thus refrain from applying patches, said researchers with Synopsys who made the discovery, Thursday.

    “The real question here from this research is whether there remain unpatched versions of the newly disclosed versions in production scenarios,” Tim Mackey, principal security strategist for the Cybersecurity Research Center at Synopsys, told Threatpost. “In all cases, the Struts community had already issued patches for the vulnerabilities so the patches exist, it’s just a question of applying them.”

Cockpit and the evolution of the Web User Interface

Filed under
Server

This article only touches upon some of the main functions available in Cockpit. Managing storage devices, networking, user account, and software control will be covered in an upcoming article. In addition, optional extensions such as the 389 directory service, and the cockpit-ostree module used to handle packages in Fedora Silverblue.

The options continue to grow as more users adopt Cockpit. The interface is ideal for admins who want a light-weight interface to control their server(s).

Read more

Server: Managing GNU/Linux Servers and Cost of Micro-services Complexity

Filed under
Server
  • Keeping track of Linux users: When do they log in and for how long?

    The Linux command line provides some excellent tools for determining how frequently users log in and how much time they spend on a system. Pulling information from the /var/log/wtmp file that maintains details on user logins can be time-consuming, but with a couple easy commands, you can extract a lot of useful information on user logins.

  • Daily user management tasks made easy for every Linux administrator

    In this article, we will be going over some tasks that a Linux administrator may need to perform daily related to user management.

  • The cost of micro-services complexity

    It has long been recognized by the security industry that complex systems are impossible to secure, and that pushing for simplicity helps increase trust by reducing assumptions and increasing our ability to audit. This is often captured under the acronym KISS, for "keep it stupid simple", a design principle popularized by the US Navy back in the 60s. For a long time, we thought the enemy were application monoliths that burden our infrastructure with years of unpatched vulnerabilities.

    So we split them up. We took them apart. We created micro-services where each function, each logical component, is its own individual service, designed, developed, operated and monitored in complete isolation from the rest of the infrastructure. And we composed them ad vitam æternam. Want to send an email? Call the rest API of micro-service X. Want to run a batch job? Invoke lambda function Y. Want to update a database entry? Post it to A which sends an event to B consumed by C stored in D transformed by E and inserted by F. We all love micro-services architecture. It’s like watching dominoes fall down. When it works, it’s visceral. It’s when it doesn’t that things get interesting. After nearly a decade of operating them, let me share some downsides and caveats encountered in large-scale production environments.

    [...]

    And finally, there’s security. We sure love auditing micro-services, with their tiny codebases that are always neat and clean. We love reviewing their infrastructure too, with those dynamic security groups and clean dataflows and dedicated databases and IAM controlled permissions. There’s a lot of security benefits to micro-services, so we’ve been heavily advocating for them for several years now.

    And then, one day, someone gets fed up with having to manage API keys for three dozen services in flat YAML files and suggests to use oauth for service-to-service authentication. Or perhaps Jean-Kevin drank the mTLS Kool-Aid at the FoolNix conference and made a PKI prototype on the flight back (side note: do you know how hard it is to securely run a PKI over 5 or 10 years? It’s hard). Or perhaps compliance mandates that every server, no matter how small, must run a security agent on them.

Announcing Oracle Linux 7 Update 7

Filed under
GNU
Linux
Red Hat
Server

Oracle is pleased to announce the general availability of Oracle Linux 7 Update 7. Individual RPM packages are available on the Unbreakable Linux Network (ULN) and the Oracle Linux yum server. ISO installation images will soon be available for download from the Oracle Software Delivery Cloud and Docker images will soon be available via Oracle Container Registry and Docker Hub.

Read more

Also: Oracle Linux 7 Update 7 Released

Server: Kata Containers in Tumbleweed, Ubuntu on 'Multi' 'Cloud', and Containers 101

Filed under
Server
  • Kubic Project: Kata Containers now available in Tumbleweed

    Kata Containers is an open source container runtime that is crafted to seamlessly plug into the containers ecosystem.

    We are now excited to announce that the Kata Containers packages are finally available in the official openSUSE Tumbleweed repository.

    It is worthwhile to spend few words explaining why this is a great news, considering the role of Kata Containers (a.k.a. Kata) in fulfilling the need for security in the containers ecosystem, and given its importance for openSUSE and Kubic.

  • Why multi-cloud has become a must-have for enterprises: six experts weigh in

    Remember the one-size-fits-all approach to cloud computing? That was five years ago. Today, multi-cloud architectures that use two, three, or more providers, across a mix of public and private platforms, are quickly becoming the preferred strategy at most companies.

    Despite the momentum, pockets of hesitation remain. Some sceptics are under the impression that deploying cloud platforms and services from multiple vendors can be a complex process. Others worry about security, regulatory, and performance issues.

  • Containers 101: Containers vs. Virtual Machines (And Why Containers Are the Future of IT Infrastructure)

    What exactly is a container and what makes it different -- and in some cases better -- than a virtual machine?

Syndicate content

More in Tux Machines

Servers: Kubernetes, CentOS in HPC and Red Hat's Self-Promotion

Linux Foundation: ACT Program, Dent and Delta Lake

  • Google, VMware Headline Linux Foundation's ACT Program
  • Amazon is joining a project that could upend network chipmakers such as Broadcom

    Amazon is contributing to a new piece of open-source software that could give it a leg up in its physical stores. The Linux Foundation, a nonprofit organization that maintains the Linux operating system and open-source software, announced the new networking operating system, called Dent, in a statement on Friday. Dent is a proposed operating system for switches, which are pieces of hardware used to route data around networks, usually within companies or between companies and the internet. The market has traditionally been dominated by big companies such as Broadcom, which provides a lot of the underlying silicon chips, and Cisco, which sells finished assembled product.

  • Calmer waters promised in the data lake through Linux Foundation Delta Lake Project

    Delta Lake (wait for it… the clue is in the name) is a project focusing on improving the reliability and performance of data lakes. Delta Lake was actually announced by unified analytics company Databricks earlier this year before this autumn becoming a Linux Foundation project with an open governance model. The team points out that organisations in every vertical aspire to get more value from data through data science, machine learning and analytics, but they are hindered by the lack of data reliability within data lakes.

Latest Openwashing in the News

Programming/Admin: Rootconf, Awk, UNIX, Wireguard and Python

  • Rootconf Hyderbad, 2019

    Rootconf is the conference on sysadmins, DevOps, SRE, Network engineers. Rootconf started its journey in 2012 in Bangalore, 2019 was the 7th edition of Rootconf. In these years, through all the Rootconfs, there is a community that has developed around Rootconf. Now people do come to attend Rootconf not just to attend the conference but also to attend friends and peers to discuss projects and ideas.

  • A bit of fun with awk

    I learned a few tidbits in awk this week. awk is a language I have, at best, looked at only very superficially, even though I use it frequently if very basically: to chop a line into fields. I tend to use it more than cut(1) because I can print additional data to that which I’ve cut out (without having to add sed(1) so awk just is more versatile for me.

  • How Unix Works: Become a Better Software Engineer

    I’ll put just enough commands for us to play along, assuming you’re starting from scratch. We’ll explore concepts, see them in practice in a shell, and then scream “I GET THIS!”. Along the way, we’ll also figure out what a shell really is.

    But we can’t begin without getting into the minds of the creators: exploring Unix’s philosophy.

    For now, we can assume Linux is Unix. If you want to know why that’s not really the case, you can skip to the bottom and come back. We’ll end the Unix vs linux confusion once and for all.

  • wireguard

    wireguard (wg) is a modern vpn protocol, using the latest class of encryption algorithms while at the same time promising speed and a small code base.

    modern crypto and lean code are also tenants of openbsd, thus it was a no brainer to migrate my router from openvpn over to wireguard.

  • Python Software Foundation: Mozilla and Chan Zuckerberg Initiative are funding pip with $407,000

    The Mozilla Corporation and the Chan Zuckerberg Initiative are funding the Python package installer pip with $407,000 USD to support work that is planned for 2020. Where is pip headed next year? The roadmap has been laid out, so let’s have a look at what the future holds. As the Python Software Foundation (PSF) announced in a blog post, it is receiving $207,000 USD from Mozilla via the Mozilla Open Source Support Award and $200,000 USD from the Chan Zuckerberg Initiative (CZI) as Essential Open Source Software for Science grant. The funds are designated to support a three-phased working plan for pip in 2020 to make the package installer “easier for people to use and troubleshoot”, and here’s what’s going to happen.

  • A Tiny Python Exception Oddity

    If you go back to the first case I discussed, with the unmatched parenthesis, in Friendly-traceback, I rely on the location of the error shown by Python to indicate where the problem arose and, when appropriate, I look *back* to also show where the potential problem started. Unfortunately, I cannot do that in this case with CPython.