Language Selection

English French German Italian Portuguese Spanish

Red Hat and SUSE Leftovers

Filed under
Red Hat
SUSE
  • Are DevOps certifications valuable? 10 pros and cons
  • Kubernetes 1.15: Enabling the Workloads

    The last mile for any enterprise IT system is the application. In order to enable those applications to function properly, an entire ecosystem of services, APIs, databases and edge servers must exist. As Carl Sagan once said, “If you wish to make an apple pie from scratch, you must first invent the universe.”

    To create that IT universe, however, we must have control over its elements. In the Kubernetes universe, the individual solar systems and planets are now Operators, and the fundamental laws of that universe have solidified to the point where civilizations can grow and take root.

    Discarding the metaphor, we can see this in the introduction of Object Count Quota Support For Custom Resources. In English, this enables administrators to count and limit the number of Kubernetes resources across the broader ecosystem in a given cluster. This means services like Knative, Istio, and even Operators like the CrunchyData PostgreSQL Operator, the MongoDB Operator or the Redis Operator can be controlled via quota using the same mechanisms that standard Kubernetes resources have enjoyed for many releases.

    That’s great for developers, who can now be limited by certain expectations. It would not benefit the cluster for a bad bit of code to create 30 new PostgreSQL clusters because someone forgot to add a “;” at the end of a line. Call them “guardrails” that protect against unbounded object growth in your etcd database.

  • Red Hat named HPE’s Partner of the Year at HPE Discover 2019

    For more than 19 years, Red Hat has collaborated with HPE to develop, deliver and support trusted solutions that can create value and fuel transformation for customers. Our work together has grown over these nearly two decades and our solutions now include Linux, containers and telecommunications technologies, to name just a few. As a testament to our collaboration, HPE has named Red Hat the Technology Partner of the Year 2019 for Hybrid Cloud Solutions.

  • Demystifying Containers – Part II: Container Runtimes

    This series of blog posts and corresponding talks aims to provide you with a pragmatic view on containers from a historic perspective. Together we will discover modern cloud architectures layer by layer, which means we will start at the Linux Kernel level and end up at writing our own secure cloud native applications.
    Simple examples paired with the historic background will guide you from the beginning with a minimal Linux environment up to crafting secure containers, which fit perfectly into todays’ and futures’ orchestration world. In the end it should be much easier to understand how features within the Linux kernel, container tools, runtimes, software defined networks and orchestration software like Kubernetes are designed and how they work under the hood.

  • Edge > Core > Cloud: Transform the Way You Want

    For more than 25 years, SUSE has been very successful in delivering enterprise-grade Linux to our customers. And as IT infrastructure has shifted and evolved, so have we. For instance, we enabled and supported the move to software-defined data centers as virtualization and containerization technologies became more prevalent and data growth demanded a new approach.

  • SUSE OpenStack Cloud Technology Preview Takes Flight

    We are pleased to announce that as of today we are making a technology preview of a containerized version of SUSE OpenStack Cloud available that will demonstrate a future direction for our product. The lifecycle management for this technology preview is based on an upstream OpenStack project called Airship, which SUSE has been using and contributing to for some time. This follows our open / open policy of upstream first and community involvement.

More in Tux Machines

It's Not A VPN-busting Bug, It's A Social Media Enhancer For UNIX Users

Kidding aside, this vulnerability applies to most UNIX based OSes, with most Linux distros, Android, iOS, macOS, FreeBSD, and OpenBSD all affected. The attacker needs to be able to intercept your data, which means they need to already be on the same network span as your machine or by having control of the router or other exit point, but if they do they can use this flaw to determine the exact SEQ and ACK numbers in your encrypted session. That information can be used to successfully inject data, hijack the connection and possibly redirect your VPN session to imposter pages or other places on the web you really don’t want to go to. Not all VPNs are vulnerable, the researches quoted at The Register tested this on OpenVPN, WireGuard, and IKEv2/IPSe. Read more

New GNU/Linux Screencasts and Audiocasts: Ubuntu Cinnamon Remix 19.10, Debian 11 Alpha 1, This Week in Linux and Linux Headlines

  • Ubuntu Cinnamon Remix 19.10 | Cinnamon, Ubuntu's new flavor.

    In this video, I am going to show an overview of Ubuntu Cinnamon Remix 19.10 and some of the applications pre-installed.

  • Debian 11 Alpha 1 Gnome Run Through

    In this video, we are looking at Debian 11 Alpha 1, the Gnome edition.

  • Episode 89 | This Week in Linux

    01:32 = Sponsored by Digital Ocean · [link] 02:30 = elementary OS 5.1 “Hera” Released · [elementary.io] 07:15 = Ubuntu 20.04 LTS Pre-release Survey · [ubuntu.com] 09:36 = Ubuntu Cinnamon – First Release · [Links: ubuntu.com, 13:35 = Tails 4.1 Released · [tails.boum.org] 16:39 = Kali Linux 2019.4 Released · [kali.org] 19:49 = CAINE 11.0 Released · [caine-live.net] 21:13 = DLN + FreeGeek = DLN Charity Drive · link coming soon 23:19 = Firefox 71 Released · [mozilla.org] 25:17 = Timekpr-nExT (Parental Controls) · [launchpad.net/timekpr-next] 29:24 = TWinL Housekeeping 33:21 = KDE Improvements for Plasma 5.18 · [Links: pointieststick.com 36:40 = Lutris 0.5.4 Released · [Links: lutris.net, 39:02 = Humble Choice Replaces Humble Monthly · [tuxdigital.com/go/humble-choice] 41:45 = Indie Hits Sale on Humble Store · [tuxdigital.com/go/humble-indie-hits-sale] 42:13 = Humble Sonic Bundle 2019 · [tuxdigital.com/go/humble-sonic-bundle-2019] 43:27 = Data Science Book Bundle · [tuxdigital.com/go/ 43:56 = Yogscast Jingle Jam · [humblebundle.com] 45:14 = Outro

  • 2019-12-09 | Linux Headlines 64

    The Raspberry Pi 4 Ubuntu bugs get sorted out, and Canonical reaffirms its commitment to the platform and all future devices. Plus an approachable way to give back to KDE, and more.

Programming: RcppClassic, LLVM, Rust, Python and Django

  • Dirk Eddelbuettel: RcppClassic 0.9.12

    A maintenance release 0.9.12 of the RcppClassic package arrived earlier today on CRAN. This package provides a maintained version of the otherwise deprecated initial Rcpp API which no new projects should use as the normal Rcpp API is so much better. Changes are all internal. Testing is now done via tinytest, vignettes are now pre-built and at the request of CRAN we no longer strip the resulting library. No other changes were made. CRANberries also reports the changes relative to the previous release from July of last year.

  • [llvm-dev] [10.0.0 Release] Release schedule
    Hello everyone,
    
    I know 9.0.1 is still in full swing, and 10.0.0 isn't due for some
    time, but I'd like to get the schedule settled well before we start.
    
    Below is my proposed timeline. It's essentially the same as last time.
    
    - 15 January 2020: Create the release branch, Release Candidate 1
    ships soon after
    
    - 5 February 2020: Release Candidate 2
    
    - 26 February 2020: Final (this usually slips a little, but let's try not to).
    
    Please let me know what you think.
    
    Thanks,
    Hans
    
  • LLVM / Clang 10.0 Should Be Out In Late February Or Early March

    Google's Hans Wennborg is once again stepping up to manager the next feature release of LLVM and sub-projects like Clang. If all goes well, LLVM 10.0 will be out with Clang 10.0 and friends before the end of February. For the projected release date of 26 February to be realized, Wennborg is aiming to branch the code (and thereby the feature freeze) around 15 January and after that to issue the first release candidate.

  • Niko Matsakis: Async Interview #2: cramertj

    For the second async interview, I spoke with Taylor Cramer – or cramertj, as I’ll refer to him. cramertj is a member of the compiler and lang teams and was – until recently – working on Fuchsia at Google. They’ve been a key player in Rust’s Async I/O design and in the discussions around it. They were also responsible for a lot of the implementation work to make async fn a reality.

  • More fun with Jinja2 templates

    When last I left this discussion, I was advocating using Python 3 dataclasses to wrap Jinja2 templates. I had another idea and a chance to experiment with it, and I was reasonably happy with the results. Can the dataclass corresponding to the Jinja2 template be used by the test suite to check that all required parameters for a template are present in the dataclass? The answer is mostly yes, although unfortunately there are some substantial caveats because Jinja2 doesn't provide all of the tools that one would like to analyze parsed templates.

  • Django Weblog: 2020 DSF Board Election Results

    Our 2020 Django Software Foundation Election results are in. The Top 7 candidates are listed below in order of their ranking: Frank Wiles Anna Makarudze James Bennett William Vincent Kátia Nakamura Aaron Bassett Sayantika Banik

Fedora: rpminspect, Fedora 31 and Fedora 32 Passwords

  • rpminspect-0.10 released

    I released rpminspect-0.10 today. There are a lot of bug fixes in this release, but also some new features.

  • Fedora 31 : Can be better? part 003.

    Yes! The Fedora distro Linux can be better. One bad problem for most Fedora users is video drivers. I have an old NVIDIA graphic card: NVIDIA Corporation GT218 [GeForce 210] (rev a2).

  • Fedora 32 Will Still Allow Empty Passwords By Default

    Last month was a proposal for Fedora 32 to disallow empty passwords for local users by default but at today's Fedora Engineering and Steering Committee (FESCo) they completely shot down that proposal. Fedora has been shipping with the Fedora PAM module parameter that allows for empty/null passwords on local users -- to be clear, root passwords cannot be null and the default OpenSSH server configuration doesn't allow empty passwords either for logging into user accounts. Fedora local accounts can have an empty password for legitimate use-cases like testing environments where security is of little to no importance, throw-away VMs/instances, and some tooling like Fedora Live images relying upon this behavior.

  • Quality and Badlisting in Kanidm

    Passwords are still a required part of any IDM system. As much as I wish for Kanidm to only support webauthn and stronger authentication types, at the end of the day devices can be lost, destroyed, some people may not be able to afford them, some clients aren’t compatible with them and more. This means the current state of the art is still multi-factor auth. Something you have and something you know. Despite the presence of the multiple factors, it’s still important to quality check passwords. Microsoft’s Azure security team have written about passwords, and it really drives home the current situation. I would certainly trust these people at Microsoft to know what they are talking about given the scale of what they have to defend daily. The most important take away is that trying to obscure the password from a bruteforce is a pointless exercise because passwords end up in password dumps, they get phished, keylogged, and more. MFA matters! It’s important here to look at the “easily guessed” and “credential stuffing” category. That’s what we really want to defend against with password quality, and MFA protects us against keylogging, phising (only webauthn), and reuse.