Servers: Google, Kubernetes, Red Hat and SUSE

• Google Open-sources Sandboxed API, a tool that helps in automating the process of porting existing C and C++ code

  Yesterday, the team at Google open-sourced Sandboxed API, a tool that Google has been using internally for its data centers for years. It is a project for sandboxing C and C++ libraries running on Linux systems. Google has made the Sandboxed API available on GitHub. Sandboxed API helps coders to automate the process of porting their existing C and C++ code in order to run on top of Sandbox2, which is Google’s custom-made sandbox environment for Linux operating systems. Sandbox2 has also been open-sourced and is included with Sandboxed API GitHub repository. Christian Blichmann & Robert Swiecki, from Google’s ISE Sandboxing team, said, “Many popular software containment tools might not sufficiently isolate the rest of the OS, and those which do, might require time-consuming redefinition of security boundaries for each and every project that should be sandboxed.”

• Google open-sources its Sandboxed API tools for isolating application processes

  Google LLC has open-sourced a new tool for developers that lets them sandbox C and C++ libraries that run on Linux-based operating systems. Developed internally by Google, the Sandboxed API has been used in its data centers for several years already, the company said in a blog post Monday announcing the move. Google has made Sandboxed API available to download on GitHub, together with its documentation that describes how to get it up and running.

• Init Container Build Pattern: Knative build with plain old Kubernetes deployment

  With Kubernetes evolving at supersonic speed and seeing a lot of adoption in the enterprise world, the developer community is now looking for solutions to common Kubernetes problems, such as patterns. In this article, I will explore a new Kubernetes pattern using Init Containers. Let’s start with the use case that gave birth to this problem: Quarkus—Supersonic and Subatomic Java—has excited the Java developer community with its amazing speed and all new native build artifact for Java applications. As one of those excited developers, I want to quickly build and deploy a Quarkus application on to Kubernetes.

• KubeEdge, a Kubernetes Native Edge Computing Framework

  Open source edge computing is going through its most dynamic phase of development in the industry. So many open source platforms, so many consolidations and so many initiatives for standardization! This shows the strong drive to build better platforms to bring cloud computing to the edges to meet ever increasing demand. KubeEdge, which was announced last year, now brings great news for cloud native computing! It provides a complete edge computing solution based on Kubernetes with separate cloud and edge core modules. Currently, both the cloud and edge modules are open sourced. Unlike certain light weight kubernetes platforms available around, KubeEdge is made to build edge computing solutions extending the cloud. The control plane resides in cloud, though scalable and extendable. At the same time, the edge can work in offline mode. Also it is lightweight and containerized, and can support heterogeneous hardware at the edge. With the optimization in edge resource utlization, KubeEdge positions to save significant setup and operation cost for edge solutions. This makes it the most compelling edge computing platform in the world currently, based on Kubernetes!

• Red Hat Security: The Product Security Blog has moved!

  Red Hat Product Security has joined forces with other security teams inside Red Hat to publish our content in a common venue using the Security channel of the Red Hat Blog. This move provides a wider variety of important Security topics, from experts all over Red Hat, in a more modern and functional interface. We hope everyone will enjoy the new experience!

• From virtualization to emerging workloads: How Red Hat and NVIDIA are driving enterprise innovation

  Innovations like artificial intelligence (AI), machine learning (ML) and other emerging workloads present a vision of IT’s future, one where intelligent solutions can more effectively analyze and address evolving business needs. But this vision can be limited by current IT infrastructure, which can often require significant investments in order to enable new workloads. One answer to this challenge is through workload acceleration, which uses specialized computational resources, like graphic processing units (GPUs) to tackle intense computing tasks. Established in scientific and research computing, GPUs such as those offered by NVIDIA are now catching the attention of enterprise IT as a technology that can accelerate compute-intensive operations found in data science and AI, extending their reach to a broader range of end users.

• SUSE Enterprise Storage 6 Beta Program

  SUSE Enterprise Storage 6, the upcoming release from SUSE, enables IT organizations to seamlessly adapt to changing business demands while reducing IT operational expense with new features focused on containerized and cloud workload support, improved integration with public cloud and enhanced data protection capabilities. This release of SUSE Enterprise Storage will be available for first customer ship in early June. However, you can download a BETA version today and give release 6 a test drive. It is built on the upstream Ceph release: Nautilus and updated to run on SUSE Linux Enterprise Server 15 SP1 BETA. There are a lot of new features in SUSE Enterprise Storage 6.

• From Paris with Love

  Last week, I had the great pleasure of being among the team representing SUSE at HPE’s Technology and Solutions Summit (aka HPE TSS) in Paris. HPE’s largest and most comprehensive technical and solutions knowledge transfer event is aimed at presales consultants and solutions architects from HPE and their partners, bringing together teams from within HPE and their partner community all with the aim of sharing knowledge about their products and services. Around 3,000 delegates converged upon the City of Lights to learn, exchange ideas and have a little fun in the city that is home to Notre Dame Cathedral, the Louvre Museum, the legendary Eiffel Tower, and of course the many creperies serving up delicious treats to hungry visitors!

Development on Devices: Aaeon, Nageru on GPUs, CircuitPython Hacking by Keith Packard, Coreboot and More

• Latest UP board combines Whiskey Lake with AI Core X modules

  Aaeon has posted specs for a Linux-ready “UP Xtreme” SBC with a 15W, 8th Gen Whiskey Lake-U CPU, up to 16GB DDR4 and 128GB eMMC, 2x GbE, 6x USB, SATA, and optional AI Core X modules via M.2 and mini-PCIe. Aaeon’s community-backed UP project, which most recently brought us the Intel Apollo Lake based Up Squared and UP Core Plus SBCs, has announced an UP Xtreme hacker board built around Intel’s 8th Gen Whiskey Lake U-series Core processors. This is likely the fastest open-spec, community-backed SBC around, depending on your definition.

• When your profiler fools you

  If you've been following my blog, you'll know about Nageru, my live video mixer, and Futatabi, my instant replay program with slow motion. Nageru and Futatabi both work on the principle that the GPU should be responsible for all the pixel pushing—it's just so much better suited than the CPU—but to do that, the GPU first needs to get at the data. Thus, in Nageru, pushing the data from the video card to the GPU is one of the main CPU drivers. (The CPU also runs the UI, does audio processing, runs an embedded copy of Chromium if needed—we don't have full GPU acceleration there yet—and not the least encodes the finished video with x264 if you don't want to use Quick Sync for that.) It's a simple task; take two pre-generated OpenGL textures (luma and chroma) with an associated PBO, take the frame that the video capture card has DMAed into system RAM, and copy it while splitting luma from chroma. It goes about as fast as memory bandwidth will allow. [...] Seemingly after a little more tuning of freelist sizes and such, it could sustain eight 1080p59.94 MJPEG inputs, or 480 frames per second if you wanted to—at around three cores again. Now the profile was starting to look pretty different, too, so there were more optimization opportunities, resulting in this pull request (helping ~15% of a core). Also, setting up the command buffers for the GPU copy seemingly takes ~10% of a core now, but I couldn't find a good way of improving it. Most of the time now is spent in the original memcpy to NVIDIA buffers, and I don't think I can do much better than that without getting the capture card to peer-to-peer DMA directly into the GPU buffers (which is a premium feature you'll need to buy Quadro cards for, it seems). In any case, my original six-camera case now is a walk in the park (leaving CPU for a high-quality x264 encode), which was the goal of the exercise to begin with. So, lesson learned: Sometimes, you need to look at the absolutes, because the relative times (which is what you usually want) can fool you.

• Keith Packard: metro-snek

  When I first mentioned Snek a few months ago, Phillip Torrone from Adafruit pointed me at their Metro M0 board, which uses an Arduino-compatible layout but replaces the ATMega 328P with a SAMD21G18A. This chip is an ARM Cortex M0 part with 256kB of flash and 32kB of RAM. Such space! Even though there is already a usable MicroPython port for this board, called CircuitPython, I figured it would be fun to get Snek running as well. The CircuitPython build nearly fills the chip, so the Circuit Python boards all include an off-chip flash part for storing applications. With Snek, there will be plenty of space inside the chip itself for source code, so one could build a cheaper/smaller version without the extra part.

• Intel Working On Some Interesting Coreboot Improvements: Multi-CPU Support, SMM

  Last week during Facebook's Open Compute Project (OCP) Summit, some interesting details were revealed by Intel and their work on this open-source hardware initialization effort alternative to proprietary BIOS/firmware. One is that Intel is working on multi-CPU support within Coreboot for multi-socket server platforms. The code for this has yet to be published.

• gym-gazebo2 toolkit uses ROS 2 and Gazebo for reinforcement learning

  The first gym-gazebo was a successful proof of concept, which is being used by multiple research laboratories and many users of the robotics community. Given its positive impact, specially regarding usability, researchers at Acutronic Robotics have now freshly launched gym-gazebo2.

today's howtos

• Installing network printers under Linux

• Installing Microsoft SQL Server on Red Hat Enterprise Linux 8 Beta

• Epiphany Technology Preview Upgrade Requires Manual Intervention

• [Quick Tip] Move Clock To The Right of Top Panel in Ubuntu 18.04

• Driftnet on Debian: Sniffing images within a network

• Install and Use Email Client on elementary OS

• CloudLinux Installation Wizard — From Beta to Production within a Week!

• Keep All Your Linux Servers in Check

• How to install Cachet status page system on Ubuntu Server 18.04

Sway – A Tiling Wayland i3-Compatible Compositor

I have covered window tiling editors/managers previously with apps like herbstluftwm and Tilix so check them out if you haven’t already. Sway is a free and open source tiling Wayland compositor that is compatible with the i3 window manager, uses the same configuration syntax, and works with most of the software designed for i3. Sway makes use of all the available space on your screen and automatically adjusts window sizes as you open more apps and you can navigate between apps with your keyboard. App windows can be arranged horizontally, vertically, stacked, or tabbed and you can change their size as well as split windows into containers of several windows all without touching your mouse. You could, however, use your mouse to rearrange windows and even take windows out of the tiling grid and manipulate them.44