Language Selection

English French German Italian Portuguese Spanish

Server

Red Hat Looks Beyond Docker for Container Technology

Filed under
Server
Security

While Docker Inc and its eponymous container engine helped to create the modern container approach, Red Hat has multiple efforts of its own that it is now actively developing.

The core component for containers is the runtime engine, which for Docker is the Docker Engine which is now based on the Docker-led containerd project that is hosted at the Cloud Native Computing Foundation (CNCF). Red Hat has built its own container engine called CRI-O, which hit its 1.0 release back in October 2017.

For building images, Red Hat has a project called Buildah, which reached its 1.0 milestone on June 6.

Read more

Containers: The Update Framework (TUF), Nabla, and Kubernetes 1.11 Release

Filed under
Server
Security
  • How The Update Framework Improves Software Distribution Security

    In recent years that there been multiple cyber-attacks that compromised a software developer's network to enable the delivery of malware inside of software updates. That's a situation that Justin Cappos, founder of The Update Framework (TUF) open-source project, has been working hard to help solve.

    Cappos, an assistant professor at New York University (NYU), started TUF nearly a decade ago. TUF is now implemented by multiple software projects, including the Docker Notary project for secure container application updates and has implementations that are being purpose-built to help secure automotive software as well.

  • IBM's new Nabla containers are designed for security first

    Companies love containers because they enable them to run more jobs on servers. But businesses also hate containers, because they fear they're less secure than virtual machines (VM)s. IBM thinks it has an answer to that: Nabla containers, which are more secure by design than rival container concepts.

    James Bottomley, an IBM Research distinguished engineer and top Linux kernel developer, first outlines that there are two kind of fundamental kinds of container and virtual machine (VM) security problems. These are described as Vertical Attack Profile (VAP) and Horizontal Attack Profile (HAP).

  • [Podcast] PodCTL #42 – Kubernetes 1.11 Released

    Like clockwork, the Kubernetes community continues to release quarterly updates to the rapidly expanding project. With the 1.11 release, we see a number of new capabilities being added across a number of different domains – infrastructure services, scheduling services, routing services, storage services, and broader CRD versioning capabilities that will improve the ability to not only deploy Operators for the platform and applications. Links for all these new features, as well as in-depth blog posts from Red Hat and the Kubernetes community are included in the show notes.

    As always, it’s important to remember that not every new feature being released is considered “General Availability”, so be sure to check the detailed release notes before considering the use of any feature in a production or high-availability environment.

Containers or virtual machines: ​Which is more secure? The answer will surprise you

Filed under
Server
Security

Are virtual machines (VM) more secure than containers? You may think you know the answer, but IBM Research has found containers can be as secure, or more secure, than VMs.

James Bottomley, an IBM Research Distinguished Engineer and top Linux kernel developer, writes: "One of the biggest problems with the current debate about Container vs Hypervisor security is that no-one has actually developed a way of measuring security, so the debate is all in qualitative terms (hypervisors 'feel' more secure than containers because of the interface breadth) but no-one actually has done a quantitative comparison." To meet this need, Bottomley created Horizontal Attack Profile (HAP), designed to describe system security in a way that it can be objectively measured. Bottomley has discovered that "a Docker container with a well crafted seccomp profile (which blocks unexpected system calls) provides roughly equivalent security to a hypervisor."

Read more

'Cloud-Native'

Filed under
Linux
Server
  • What are cloud-native applications?

    As cloud computing was starting to hit its stride six or seven years ago, one of the important questions people were struggling with was: "What do my apps have to look like if I want to run them in a public, private, or hybrid cloud?"

    There were a number of takes at answering this question at the time.

    One popular metaphor came from a presentation by Bill Baker, then at Microsoft. He contrasted traditional application "pets" with cloud apps "cattle." In the first case, you name your pets and nurse them back to health if they get sick. In the latter case, you give them numbers and, if something happens to one of them, you eat hamburger and get a new one.

  • KubeCon + CloudNativeCon, Copenhagen

    I attended KubeCon + CloudNativeCon 2018, Europe that took place from 2nd to 4th of May. It was held in Copenhagen, Denmark. I know it’s quite late since I attended it, but still I wanted to share my motivating experiences at the conference, so here it is!

    I got scholarship from the Linux Foundation which gave me a wonderful opportunity to attend this conference. This was my first developer conference aboard and I was super-excited to attend it. I got the chance to learn more about containers, straight from the best people out there.

How the Kubernetes Release Process is Different Than Other Open Source Projects

Filed under
Server
OSS

The Kubernetes 1.11 release became generally available on June 27, providing users of the container orchestration with multiple new features and continued performance improvements.

While Kubernetes releases were originally all led by Google staffers, that has changed in the last two years, with a rigous release management Special Interest Group (SIG) that has mandated that there be a new leader for each release. For the 1.11 release, the role of release lead was held by Red Hat's Josh Berkus, who is well known in the open-source community for his work helping to lead PostgreSQL database releases.

Read more

PostgreSQL 11 Beta 2 Released

Filed under
Server
OSS
  • PostgreSQL 11 Beta 2 Released!

    The PostgreSQL Global Development Group announces that the second beta release of PostgreSQL 11 is now available for download. This release contains previews of all features that will be available in the final release of PostgreSQL 11 (though some details of the release could change before then) as well as bug fixes that were reported during the first beta.

    In the spirit of the open source PostgreSQL community, we strongly encourage you to test the new features of PostgreSQL 11 in your database systems to help us eliminate any bugs or other issues that may exist. While we do not advise for you to run PostgreSQL 11 Beta 2 in your production environments, we encourage you to find ways to run your typical application workloads against this beta release.

  • PostgreSQL 11 Beta 2 Released With VACUUM & XML Fixes

    One month has passed since PostgreSQL 11 Beta 1 while today the second beta has succeeded it.

    PostgreSQL 11 is prepping many new features including various performance improvements, better partitioning, parallelism enhancements, SQL stored procedure handling, initial JIT compilation for some code using LLVM, various performance optimizations, and much more.

Servers: TOP500, Kubernetes, Blockchain, and 'DevOps'

Filed under
Server
  • Linux Finally Stands Alone on the TOP500 Supercomputer List [Ed: Finally? No. That happened in past years.]

    The new TOP500 list, which shows the 500 most powerful computer units in the entire world, shows some form of the Linux kernel powering every single machine that packs that kind of processing ability. Linux has already been the force behind most of the world’s most powerful computers for years, so this isn’t a surprising fact.

    What’s more surprising is how long it’s taken to get to this point since the kernel was only finally able to shove all other operating systems off the list back in November.

  • Why Kubernetes Is the New Application Server

    Have you ever wondered why you are deploying your multi-platform applications using containers? Is it just a matter of “following the hype”? In this article, I’m going to ask some provocative questions to make my case for Why Kubernetes is the new application server.

  • As Cloud Computing Providers Post Record Profits, One Company Wants to Make Them Obsolete

    Another blockchain-based startup, called AXEL, is similarly trying to wrest a portion of the cloud from large stakeholders—this time, cloud storage. By letting users set up their own remote storage devices, rather than paying an exorbitant monthly fee for access to a terabyte of storage space, AXEL users simply can buy a cheap terabyte drive, plug it in to their desktop at home and link it to their AXEL account—at that point, they have an entirely private connection to that HDD that allows full cloud access without even the possibility of outside interference or surveillance by the service provider. And if you want another five terabyte of cloud storage? It's as easy as buying five more terabytes of storage and hooking them up to the network. Since you own the drives, moving a file onto a linked drive takes zero upload time—it's in your cloud-linked folders, after all, and thus has nowhere else it needs to go.

  • How Important Is Open Source for DevOps, Really?

    Depending on your perspective, you might believe that DevOps and open source go hand in hand. Or you may think that, quite to the contrary, the two have little to do with each other. There are good arguments to be made for both interpretations.

  • Blockchain evolution: A quick guide and why open source is at the heart of it

    It isn't uncommon, when working on a new version of an open source project, to suffix it with "-ng", for "next generation." Fortunately, in their rapid evolution blockchains have so far avoided this naming pitfall. But in this evolutionary open source ecosystem, changes have been abundant, and good ideas have been picked up, remixed, and evolved between many different projects in a typical open source fashion.

    In this article, I will look at the different generations of blockchains and what ideas have emerged to address the problems the ecosystem has encountered. Of course, any attempt at classifying an ecosystem will have limits—and objectors—but it should provide a rough guide to the jungle of blockchain projects.

Servers: Containers, TOP500, Red Hat OpenStack Platform

Filed under
Server
  • Containers: Debunking the myths

    Linux-based containers themselves are nothing new, but the community driven by Docker has recently become hugely popular across a large cross-section of technology users

  • Linux Powers ALL TOP500 Supercomputers In The World | US Beats China For #1

    Just recently we told you about the IBM Summit supercomputer that is developed for the Oak Ridge National Laboratory in the US. The computing beast is being called the most powerful supercomputer yet, beating China’s Sunway.

    Summit has tasted another bread of success as the TOP500 List of the world’s fastest supercomputers renews for the year 2018. It’s not surprising to see Summit ( with its Linpack score of 122.3 petaflops) taking the throne away from Sunway TaihuLight (Linpack score: 93 petaflops). But China still has the largest number of supercomputers on the list.

  • Red Hat OpenStack Platform 13 is here!

    In the digital economy, IT organizations can be expected to deliver services anytime, anywhere, and to any device. IT speed, agility, and innovation can be critical to help stay ahead of your competition. Red Hat OpenStack Platform lets you build an on-premise cloud environment designed to accelerate your business, innovate faster, and empower your IT teams.

Cockpit 171

Filed under
Server
Software

Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 171.

Read more

Goodbye, Microsoft: Deleting Github and Azure

Filed under
Development
Server
Microsoft
  • Why GitLab Is Moving From Azure to Google Cloud Platform

    To old timers in the open source game, it might come as a surprise that a company like GitLab that's proud of it's open source roots would be using Azure to begin with. After all, wasn't distrust of Microsoft's ownership of GitHub the reason behind the mass exodus to GitLab earlier this month? While a "new" and more open source friendly Microsoft was undoubtedly one of the reasons why GitLab would even consider the move to Redmond's cloud -- the motivating factor was money.

  • postmarketOS is #movingtogitlab

    After learning that Microsoft will buy GitHub at the end of 2018, for a lot of people trust in GitHub was shattered like the glass of @opendata26's Sony Xperia Z2 Tablet. But independent of that, GitHub has always had a vendor lock-in with the user's issues and pull requests hidden behind a rate limited API instead of a proper export feature. And even if you managed to export it through that API, you can not host your own GitHub instance and modify it as you like because there is not even a partially open source version of it.

    We want to be in control of our own data. While we can't maintain a self-hosted solution at this point, at least we want to be able to create a public backup of all our > 1500 issues and pull requests once a week. After some discussion we ended up with gitlab.com as alternative, because its API allows to create a whole backups at once and we can import them into our own instance if we want to do that in the future. The workflow is similar to GitHub, so we expect a rather smooth transition compared to using something entirely different.

Syndicate content