Language Selection

English French German Italian Portuguese Spanish

Red Hat

Kata Containers and Running Kubernetes in the Federal Government

Filed under
Red Hat
  • Kata Containers, gVisor offer more secure container strategies

    Kata Containers and Google gVisor present two approaches to addressing container security issues that balance the speed of containers with the safety of VMs.

    Containers are fast, lightweight instances that can benefit a variety of workloads, especially ones that include microservices and serverless applications. Organizations that implement containers on bare-metal hardware introduce security risks because containers can expose the underlying infrastructure, which leaves the entire platform vulnerable to attack.

  • Running Kubernetes in the Federal Government

    Tackling security compliance is a long and challenging process for agencies, systems integrators, and vendors trying to launch new information systems in the federal government. Each new information system must go through the Risk Management Framework (RMF) created by the National Institute of Standards and Technology (NIST) in order to obtain authority to operate (ATO). This process is often long and tedious and can last for over a year. Open Control is a new standard by 18F, an agency bringing lean start-up methods to the U.S. Government, in order to address ATO repeatability. Red Hat has worked with 18F to help create a Kuberenetes implementation based on Open Control to automate much of the ATO process for Kubernetes systems.

Fedora: ROCm, Qubes OS and More

Filed under
Red Hat

LVFS Nets Phoenix

Filed under
Red Hat
  • Phoenix joins the LVFS

    Just like AMI, Phoenix is a huge firmware vendor, providing the firmware for millions of machines. If you’re using a ThinkPad right now, you’re most probably using Phoenix code in your mainboard firmware. Phoenix have been working with Lenovo and their ODMs on LVFS support for a while, fixing all the niggles that was stopping the capsule from working with the loader used by Linux. Phoenix can help customers build deliverables for the LVFS that use UX capsule support to make flashing beautiful, although it’s up to the OEM if that’s used or not.

  • Firmware Vendor Phoenix Tech Joins The LVFS For Linux Firmware Updates

    Last month firmware vendor AMI joined the Linux Vendor Firmware Service (LVFS) while today the other big firmware vendor, Phoenix Technologies, is also backing LVFS for their OEM/ODM partners that want to distribute firmware update capsules on this RedHat-based service.

    Phoenix provides the basic firmware implementation for the likes of Lenovo ThinkPads, Tuxedo Computers, and plenty of other OEM/ODM partners for motherboards. Phoenix has already been helping their partners with UEFI firmware updates on LVFS and now they will continue doing so as an official member. But it will still be up to their actual customers to want to engage with LVFS support for their products.

Fedora: Nightlies, Debugging Adventures, Participation in Google Code In 2018

Filed under
Red Hat
  • nightly builds are too fast and too slow

    When you write code and test it, you want that feedback loop to be as tight as possible. Write code, save, compile, test - the faster these things happen, the faster your brain stays engaged.

    If you have to sit and wait a few minutes to get information back about whether your code is correct or your build process succeeded, you're going to context switch to something else and lose time when you forget to switch back.

    When we reach build processes that take hours, now we're in the "Meh, I'll check it when I'm back from lunch" territory. At that rate, you're probably only going to be running that process three or four times a day, max. Your workday is only eight hours, after all. The thoroughput for your changes drops through the floor.

    Now imagine extending that feedback loop even further, to a full 24 hours. You've just arrived at the "nightly build".

    When that nightly build breaks, you have eight working hours to fix it and then you get to wait again for tomorrow morning when you find out the new problem.

    After a few days of this, you no longer arrive at work with the same positive mental energy. Your morning email inbox experience becomes a thing where you discover what has gone wrong during the night, because you never saw it go right during the daytime.

    Operational tempo slides further, because it feels like "everything takes so long around here." Teams lower their optimistic expectations that anything should ever happen quickly.

    I've seen several odd knock-on effects here.

    Sometimes what happens then is that you have multiple "nightlies" for a single day. One is the first broken nightly that ran in cron, and the others are multiple attempts where someone ran the script by hand trying to get it to pass. The "nightly" is no longer nightly. Odds are that those manual runs did not do everything exactly like the full cron job did. More confusion ensues across the organization.

  • AdamW’s Debugging Adventures: Python 3 Porting 201

    Hey folks! Time for another edition of AdamW’s Debugging Adventures, wherein I boast about how great I am at fixin’ stuff.

    Today’s episode is about a bug in the client for Fedora’s Koji buildsystem which has been biting more and more Fedora maintainers lately. The most obvious thing it affects is task watching. When you do a package build with fedpkg, it will by default “watch” the build task – it’ll update you when the various subtasks start and finish, and not quit until the build ultimately succeeds or fails. You can also directly watch tasks with koji watch-task. So this is something Fedora maintainers see a lot. There’s also a common workflow where you chain something to the successful completion of a fedpkg build or koji watch-task, which relies on the task watch completing successfully and exiting 0, if the build actually completed.

  • Fedora Participates in Google Code In 2018

Browsers: Epiphany, Chromium, and Firefox in Fedora

Filed under
Red Hat
  • Epiphany automation mode

    Last week I finally found some time to add the automation mode to Epiphany, that allows to run automated tests using WebDriver. It’s important to note that the automation mode is not expected to be used by users or applications to control the browser remotely, but only by WebDriver automated tests. For that reason, the automation mode is incompatible with a primary user profile.

  • Fedora Updates Chromium With VAAPI Support, Here's How To Enable Hardware-Accelerated Video Decoding

    Chromium was updated in Fedora with a patch that enables VAAPI (Video Acceleration API) support. When VAAPI is used, the video playback should be smoother, while also using less CPU and improving the power usage.

    While this patch was rejected by the upstream Chromium maintainers, there are quite a few third party packages that include the VAAPI patch, for Ubuntu, Arch Linux, and others. And now, Fedora includes this by default!

  • Fedora's Firefox To Stick With GCC Over Clang, Beefed Up By LTO/PGO Optimizations

    Last month Fedora developers were planning on building their Firefox package with Clang rather than GCC to follow the move by upstream Mozilla in transitioning their production builds from being built under GCC to LLVM Clang. But now Fedora has reversed course and will continue building with GCC though now benefiting also from PGO and LTO optimizations.

    After announcing their plans to move over to Clang-built Firefox builds for Fedora (and receiving the necessary permission from the FESCo committee), they are sticking to the GNU Compiler Collection after all. GCC developers from both Red Hat and SUSE stepped up and found and fixed some bugs that improved the Firefox build. Additionally, arguments against Clang were raised on the basis of missing features and security.

  • Cambodia – Statistics
  • Our Letter to Congress About Facebook Data Sharing

    Last week Mozilla sent a letter to the House Energy and Commerce Committee concerning its investigation into Facebook’s privacy practices. We believe Facebook’s representations to the Committee — and more recently — concerning Mozilla are inaccurate and wanted to set the record straight about any past and current work with Facebook. You can read the full letter here.

Red Hat and IBM News

Filed under
Red Hat
  • Red Hat Summit 2019 registration is now open!

    We’re heading back to Boston and the Boston Convention and Exhibition Center on May 7-9, 2019, where we expect thousands of customers, partners and technology industry leaders from around the world to come together for a high-energy week of innovation, education and collaboration.

  • Automatically Update Red Hat Container Images on OpenShift 3.11

    Red Hat OpenShift manages container images using a registry. This is the place where it caches upstream container images and stores the images from your own builds as well. Each build or container image correlates to an ImageStream, which is an object that defines any number of related images by tags. For example, one specific version of a Ruby container might be v2.5-22, but you can have one ImageStream definition that holds ruby tags and correlates images for v2.5, v2.4, v2.3 and so on.

  • Combining Federation V2 and Istio Multicluster

    In a previous post, we saw how to leverage Istio Multicluster to deploy an application (bookinfo) on multiple Red Hat OpenShift clusters and apply mesh policies on all of the deployed services.

    We also saw that the deployment process was relatively complex. In this post we are going to see how Federation V2 can help simplify the process of deploying an application to multiple clusters.

  • First Commercial Quantum Computer From IBM Features An Awe Inspiring Design

    With CES 2019 underway, IBM has unveiled the world’s first commercial quantum computing system Q System One. Visually, it’s nothing less than a piece of art. Q System One lays the foundation of IBM’s plans to make quantum computing systems a commercial reality.

Openwashing Leftovers

Filed under
Red Hat
  • Could the rise of open source be the key to wider DevOps adoption?

    Alongside excitement and surprise, both deals have sparked some trepidation and worries in the developer community. With some of the biggest stewards of open source now under the umbrella of big tech, will the basic tenants of the movement be put at risk? What independent organizations might take up the mantle?

    Five years ago, these acquisitions might have been more worrisome, but big companies today understand the importance of open source, Sijbrandij said.

    The acquisition of Red Hat, the largest software company acquisition in history, brought no proprietary source code to IBM. Big Blue knows "they have to be a great steward, because they didn't buy it for the [intellectual property] because there is no IP," he said.

  • Should open leaders expect to have privacy? [Ed: Red Hat's site composed by Microsoft with the typical openwashing of companies]

    As an open leader, I share because I want to be inclusive. In my moment of sharing, I set the example for others to donate their stories so we can be a more fully realized, creative group.

    Sound too touchy feely for you? Think about a time when you feel like you're doing your best work. I bet your best work occurs when you're connecting with and learning from others. These feelings stem from open leaders' desire to create inclusive teams.

    The word "inclusive" is the key word here, as I do not want to inadvertently exclude or marginalize anyone by sharing something private. I value the different perspectives and habits people bring to interactions, so I don't want something I post or share online to quiet others and prevent more sharing in the future. Instead, I want people to feel like they're learning something from what I share.

  • Using a local NuGet server with Red Hat OpenShift [Ed: Red Hat is pushing .NOT on behalf of Microsoft]
  • LeddarTech Joins Baidu’s Apollo Autonomous Driving Open Platform

These former Red Hat employees just got $25 million to try to find a new business model for open source software

Filed under
Red Hat

  • These former Red Hat employees just got $25 million to try to find a new business model for open source software

    Back in the early 2000s, people would balk at the notion of using free, open source software to run a serious business — companies like Red Hat, which bet its business model on the concept, were seen as oddities. But times have changed: Open source software is key to most modern computing infrastructures. And over a decade later, IBM plans to acquire Red Hat for a colossal $34 billion.

    Now, a group of former Red Hat employees have co-founded Tidelift, a startup that wants to repeat the trick and pioneer a new business model for open source software. To that end, Tidelift announced on Monday $25 million in new funding from General Catalyst, Foundry Group, and former Red Hat CEO Matthew Szulik.

  • Tidelift Raises $25M Series B Just Seven Months After Last Funding

    Tidelift, a startup focused on helping developers work with open source technology, announced today the close of a $25 million Series B round of funding just seven months after its last raise.

    The Boston company has now raised a total of $40 million since it was founded in 2017.

  • Tidelift’s “Netflix for Open-Source Software” Model Gets $25M Boost

    Tidelift, a startup trying to solve some of the open-source software industry’s problems around compensation and security, said it wrapped up a $25 million investment to gather more publicly maintained software projects under its umbrella.

    The Boston-based company, founded in 2017 by four Red Hat vets, said it is trying to recreate what Red Hat (NYSE: RHT) did with the Linux open-source computer operating system—but with as large a swath of the open-source realm as possible.

  • Open source monetization startup Tidelift raises $25m series
  • Open source startup Tidelift grabs $25 mln Series B
  • Former Red Hat CEO Backs Tidelift’s $25M Series B

    Open source software company Tidelift raised $25 million in a Series B funding round, which followed closely on the heels of its $15 million Series A just seven months ago. General Catalyst, Foundry Group, and former Red Hat Chairman and CEO Matthew Szulik co-led the Series B. All three investors also co-led the startup’s Series A.

    The Boston-based company provides support services for open source projects including JavaScript, Java, Python, Ruby, Apache Struts, and Mongoose by partnering with project maintainers.

    Its business model works like this: companies pay Tidelift a subscription, and in return they receive professional support for the open source projects they use from the developers who created and maintain these projects. This includes security updates, maintenance, and legal assurances.

    Tidelift, in turn, pays the developers to provide this support. And this cycle “makes open source work better for everyone,” wrote co-founder and CEO Donald Fischer in a blog about the Series B. “More than 35 million open source repositories now depend on packages that are included in the Tidelift Subscription.”

To No Surprise, Fedora 30 Will Target GNOME 3.32

Filed under
Red Hat

New Fedora releases go hand-in-hand with the latest and greatest GNOME releases. But as a formality, the change proposal has been submitted to officially approve shipping Fedora Workstation 30 with the GNOME 3.32 desktop.

With needing the approval of the Fedora Engineering and Steering Committee (FESCo), the change proposal was drafted on Monday for updating GNOME against its 3.32 release that will be out in March.

Read more

Also: Introduction to eBPF in Red Hat Enterprise Linux 7

How Should I Run My Community Elections?

Filed under
Red Hat

Sooner or later in the growth of a community project, the question arises of how to choose representatives for the community. For some projects, this is when they lose a founder, and as a group decide to move to a “ruling technical council” model; for other projects, the need comes from the move to a non-profit governing body with paying members, and the desire to have a technical steering committee chosen from members; other projects evolve over time to a representative leadership model.

I have been involved in boot-strapping, reforming, or running elections in a number of different communities over the years (GNOME, Maemo, OpenStack, OPNFV, OpenDaylight,, and others). Which voting system to use, how to define the electorate, and limiting the pool of eligible candidates have tended to create the deepest rat-hole conversations in all projects I have been involved in when the topic of elections has come up.

The Python project, in the context of debating a governance change, recently put together a comprehensive survey of project governance and voting procedures, and voted to move to an elected Steering Committee model. This article attempts to synthesize some of the best practices I have seen used in various projects and elections, covering who gets to vote, who can be a candidate, and how elections are run.

Read more

More: Neary: How Should I Run My Community Elections?

Syndicate content

More in Tux Machines

Mozilla's Work on a New Browsers Called "Fenix"

  • Mozilla Fenix: New Android browser's intriguing details start to surface
    The new non-Firefox browser for Android is apparently targeted at younger people, with Mozilla developers on GitHub tagging the description, 'Fenix is not your parents' Android browser'. Fenix mockups found by Mozilla contributor Sören Hentzschel and Ghacks suggest the makers of Fenix are turning the Firefox Android browser on its head, currently toying with the idea of putting the URL bar and home button down at the bottom of user interface. News of Fenix as a possible replacement surfaced in the middle of 2018 after someone spotted the new Mozilla mobile project on GitHub. Activity on the project has picked up in recent months.
  • Firefox Fenix for Android mockups
    Mozilla is working on a new web browser for Android to replace the currently available Firefox for Android mobile browser. Firefox users who use the browser on Android may have noticed that development slowed down in recent time. Updates are still released regularly but they address issues such as slowdowns, crashes, or security issues for the most part. The core reason for that is that Mozilla's working on Fenix, a new mobile browser for Android. Fenix is based on Android Components and GeckoView. In other words, Fenix will be powered by built-in components on Android and Mozilla's GeckoView.
  • Keep Smart Assistants from Spying on You with Alias, Security Advisory for Old scp Clients, Major Metasploit Framework Release, Mozilla Working on a New Browser for Android and VirtualBox 6.0.2 Is Out
    Mozilla is working on a new Android browser called Fenix. According to ZDNet, this "new non-Firefox browser for Android is apparently targeted at younger people, with Mozilla developers on GitHub tagging the description, 'Fenix is not your parents' Android browser'." In addition, mockups suggest that Fenix developers are "currently toying with the idea of putting the URL bar and home button down at the bottom of user interface."

CTL Announces $300 Rugged Chromebook Tablet for the Education Market

The Chromebook Tablet (seriously though, why can’t get rid of the “book” in that title?) education revolution is here. Acer started it, ASUS got in on it, and now CTL is getting in the game. Here’s the skinny. You’d be forgiven if your first thought was “…who is CTL?,” because honestly, they’re not as well known as some of the other companies that are active in the Chrome OS market. Still, they make some fantastic Chromebooks and Chromeboxes (see, we don’t say “Chromebook Desktop,” so why aren’t they called Chrometabs?) designed to be more robust than the average Chrome OS device. Read more

Plasma ergonomics - Lessons in life

The bugsy trends aren't unique to Plasma - this is the desktop all over. The agile thingie, the curse of quality and usability everywhere. Even looking at something like Windows, there are far more annoyances in Windows 8.1 than there were in Windows 7, and then a whole order of magnitude more still in Windows 10. These could be seemingly small things - and there sure ain't enough testing to begin with - but they can mean a world to the end user. And if Plasma wants to be top dog, it needs to do everything better than the competition. Today, I uncovered a fresh handful issues, and that's just a couple of extra months of rigorous usage. It will be interesting to see what happens a year or two down the road. Well, my Plasma journey continues. Stay tuned. Read more Also: KDE Students Excel during Google Code-in 2018

today's howtos