Language Selection

English French German Italian Portuguese Spanish

OSS

OSS Leftovers

Filed under
OSS

Events: Red Hat Summit, LF Events, Cephalocon APAC, OpenStack PTG

Filed under
OSS

Kubernetes News

Filed under
Server
OSS
  • Kubernetes Graduates CNCF Incubator, Debuts New Sandbox

    Though the Kubernetes container orchestration system has been widely deployed at scale in production around the world, it wasn't until March 6 that the project graduated from the Cloud Native Computing Foundation's (CNCF) incubator.

    The CNCF's process brings projects in as incubated projects and then aims to move them through to graduation, which implies a level of process and technology maturity. Kubernetes was the founding project for the CNCF, which was launched back in July 2015.

    Google contributed Kubernetes to the CNCF in an effort to help build a more diverse community of contributors and to spur adoption.

  • Kubernetes Ingress: NodePort, Load Balancers, and Ingress Controllers

    A fundamental requirement for cloud applications is some way to expose that application to your end users. This article will introduce the three general strategies in Kubernetes for exposing your application to your end users, and cover the various tradeoffs of each approach. I’ll then explore some of the more sophisticated requirements of an ingress strategy. Finally, I’ll give some guidelines on how to pick your Kubernetes ingress strategy.

  • Aqua Expands Container Security Platform With MicroEnforcer

    Aqua Security launched version 3.0 of its namesake container security platform on March 7, refocusing the product on providing Kubernetes cloud-native enterprise security controls.

    Aqua originally focused on just Docker container deployments, but with the new 3.0 update it is providing a series of capabilities that are aligned with Kubernetes deployments. Kubernetes provides container orchestration capabilities and has also been embraced by Docker Inc., which now also integrates Kubernetes as an option for its users.

    Looking beyond just Kubernetes, Aqua 3.0 also has a new capability called the MicroEnforcer, which is aimed at emerging forms of lightweight container deployments, such as the AWS Fargate service.

  • You got your VM in my container

    Containers and Kubernetes have been widely promoted as "disruptive" technologies that will replace everything that preceded them, most notably virtual machine (VM) management platforms such as vSphere and OpenStack. Instead, as with most platform innovations, Kubernetes is more often used to add a layer to (or complement) VMs. In this article, and in a presentation at SCALE16x, we'll be exploring two relatively new projects that aim to assist users in combining Kubernetes with virtualization: KubeVirt and Kata Containers.

    Most organizations still have large existing investments in applications that run on virtualized hosts, infrastructure that runs them, and tools to manage them. We can envision this being true for a long time to come, just as remnants of previous generations of technology remain in place now. Additionally, VM technology still offers a level of isolation that container-enablement features, like user namespaces, have yet to meet. However, those same organizations want the ease-of-use, scalability, and developer appeal of Kubernetes, as well as a way to gradually transition from virtualized workloads to containerized ones.

What is open source programming?

Filed under
OSS

At the simplest level, open source programming is merely writing code that other people can freely use and modify. But you've heard the old chestnut about playing Go, right? "So simple it only takes a minute to learn the rules, but so complex it requires a lifetime to master." Writing open source code is a pretty similar experience. It's easy to chuck a few lines of code up on GitHub, Bitbucket, SourceForge, or your own blog or site. But doing it right requires some personal investment, effort, and forethought.

Read more

Cilium 1.0.0-rc4 Released: Transparently Secure Container Network Connectivity Utilising Linux BPF

Filed under
Linux
OSS

Cilium is open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes. Cilium 1.0.0-rc4 has recently been released, which includes: the Cloud Native Computing Foundation (CNCF)-hosted Envoy configured as the default HTTP/gRPC proxy; the addition of a simple health overview for connectivity and other errors; and an improved scalable kvstore interaction layer.

Microservices applications tend to be highly dynamic, and this presents both a challenge and an opportunity in terms of securing connectivity between microservices. Modern approaches to overcoming this issue have coalesced around the CNCF-hosted Container Network Interface (CNI) and the increasingly popular "service mesh" technologies, such as Istio and Conduit. According to the Cilium documentation, traditional Linux network security approaches (such as iptables) filter on IP address and TCP/UDP ports. However, the highly volatile life cycle of containers and IP addresses cause these approaches to struggle to scale alongside the application as the large number of load balancing tables and access control lists must be updated continually.

Read more

OSS Leftovers

Filed under
OSS
  • OrbTV: Telefónica's Lopez on Open Source for Network Automation & Virtualization

    Patrick Lopez, VP of Networks Innovation at Telefónica, talks about how vendors and operators can utilize open source to take more control over the design and programming of networks. In addition, Lopez examines Telefónica's approach to edge computing, and use cases for the technology such as in IoT and robotics.

  • Check out the now open-source code powering UI layout in Heaven's Vault

    The dev shared the code powering SLayout on GitHub for fellow developers to download and play with. All in all, Inkle Studios says that SLayout can be used in Unity to provide an easier way to handle layout properties and animation for text and UI elements.

  • Crowdsourcing FOSS Project Success: Clearly defined project data, a smooth path to widespread adoption.

    Today the Open Source Initiative® (OSI) announced its Incubator Project, ClearlyDefined, a crowdsourced project aimed at boosting the success of FOSS projects by clearly defining their status. Absences or ambiguities around licensing or known security vulnerabilities can erode confidence and limit project success. Project teams often are not aware of these concerns or do not know how to address them. ClearlyDefined identifies the gaps and works with project teams to fill them.

    "This is an important project to amplify the success of FOSS projects through wider adoption and confidence. It aligns closely with OSI's mission to educate and advocate for open source," said Simon Phipps, President of the board of directors of the OSI, curator of the world's open source licenses.

  • New Review Team Member 2018

    The Review Team is a specialized group responsible in reviewing and approving or rejecting every budget requests made by Mozilla Reps.

  • Making climate models open source makes them even more useful

    Designing climate experiments is all but impossible in the real world. We can’t, for instance, study the effects of clouds by taking away all the clouds for a set period of time and seeing what happens.

    Instead, we have to design our experiments virtually, by developing computer models. Now, a new open-source set of climate models has allowed this research to become more collaborative, efficient and reliable.

GitHub makes open-source project licensing easier with an open-source program

Filed under
OSS

Open-source licensing can get ... complicated. These days, many programs are 20 percent original code on top of 80 percent previously open-sourced code. To help address the resulting licensing complications, GitHub has open sourced Licensed, an internal tool they've used to automate some of GitHub's open-source projects licensing process.

That's pretty impressive considering only a few years ago, GitHub's laissez-faire attitude to licensing had led to 77 percent of all GitHub programs having no licenses at all. If that doesn't sound important to you, then you're a developer who's never tried to commercialize their program.

Read more

3 open source tools for scientific publishing

Filed under
OSS

One industry that lags behind others in the adoption of digital or open source tools is the competitive and lucrative world of scientific publishing. Worth over £19B ($26B) annually, according to figures published by Stephen Buranyi in The Guardian last year, the system for selecting, publishing, and sharing even the most important scientific research today still bears many of the constraints of print media. New digital-era technologies present a huge opportunity to accelerate discovery, make science collaborative instead of competitive, and redirect investments from infrastructure development into research that benefits society.

Read more

Host your own email with projectx/os and a Raspberry Pi

Filed under
OSS

There are plenty of reasons not to want to hand off the tasks of storing your data and running your services to third-party companies; privacy, ownership, and avoiding abusive "monetization" are some of the top ones. But for most people, the task of running a server is just too time-consuming and requires too much-specialized knowledge. Instead, we compromise. We put aside our worries and just use cloud-hosted corporate services, with all the advertising, data mining and selling, and everything else that comes with them.

Read more

Openwashing and Foes of FOSS

Filed under
OSS
Syndicate content

More in Tux Machines

Mozilla: Rust, Security, Things Gateway, Firefox and More

  • Rust pattern: Precise closure capture clauses
    This is the second in a series of posts about Rust compiler errors. Each one will talk about a particular error that I got recently and try to explain (a) why I am getting it and (b) how I fixed it. The purpose of this series of posts is partly to explain Rust, but partly just to gain data for myself. I may also write posts about errors I’m not getting – basically places where I anticipated an error, and used a pattern to avoid it. I hope that after writing enough of these posts, I or others will be able to synthesize some of these facts to make intermediate Rust material, or perhaps to improve the language itself.
  • This Week in Rust
  • Mozilla publishes recommendations on government vulnerability disclosure in Europe
    As we’ve argued on many occasions, effective government vulnerability disclosure (GVD) review processes can greatly enhance cybersecurity for governments, citizens, and companies, and help mitigate risk in an ever-broadening cyber threat landscape. In Europe, the EU is currently discussing a new legislative proposal to enhance cybersecurity across the bloc, the so-called ‘EU Cybersecurity Act’. In that context, we’ve just published our policy recommendations for lawmakers, in which we call on the EU to seize the opportunity to set a global policy norm for government vulnerability disclosure.
  • Testing Strategies for React and Redux
  • K Lars Lohn: Things Gateway - a Virtual Weather Station
  • Firefox DevEdition 60 Beta 14 Testday Results
    As you may already know, last Friday – April 20th – we held a new Testday event, for Firefox DevEdition 60 Beta 14. Thank you all for helping us make Mozilla a better place: gaby2300, micde, Jarrod Michell, Thomas Brooks.
  • Supporting Same-Site Cookies in Firefox 60
    Firefox 60 will introduce support for the same-site cookie attribute, which allows developers to gain more control over cookies. Since browsers will include cookies with every request to a website, most sites rely on this mechanism to determine whether users are logged in. Attackers can abuse the fact that cookies are automatically sent with every request to force a user to perform unwanted actions on the site where they are currently logged in. Such attacks, known as cross-site request forgeries (CSRF), allow attackers who control third-party code to perform fraudulent actions on the user’s behalf. Unfortunately current web architecture does not allow web applications to reliably distinguish between actions initiated by the user and those that are initiated by any of the third-party gadgets or scripts that they rely on.
  • Enterprise Policy Support in Firefox
    Last year, Mozilla ran a survey to find out top enterprise requirements for Firefox. Policy management (especially Windows Group Policy) was at the top of that list. For the past few months we’ve been working to build that support into Firefox in the form of a policy engine. The policy engine adds desktop configuration and customization features for enterprise users to Firefox. It works with any tool that wants to set policies including Windows Group Policy.
  • any.js
    Thanks to Ms2ger web-platform-tests is now even more awesome (not in the American sense). To avoid writing HTML boilerplate, web-platform-tests supports .window.js, .worker.js, and .any.js resources, for writing JavaScript that needs to run in a window, dedicated worker, or both at once. I very much recommend using these resource formats as they ease writing and reviewing tests and ensure APIs get tested across globals.
  • Alex Gibson: My fifth year working at Mozilla
    Today marks my fifth year working for Mozilla! This past year has been both fun and frantic, and overall was a really good year for both Mozilla and Firefox. Here’s a run down a few of the things I got to work on.

Fedora Workstation 28 Coming Soon

  • Warming up for Fedora Workstation 28
    Been some time now since my last update on what is happening in Fedora Workstation and with current plans to release Fedora Workstation 28 in early May I thought this could be a good time to write something. As usual this is just a small subset of what the team has been doing and I always end up feeling a bit bad for not talking about the avalanche of general fixes and improvements the team adds to each release.
  • Fedora Workstation 28 Is Shaping Up To Be Another Terrific Update
    Fedora Workstation 28 is shaping up to be another compelling update for those that are fans of this bleeding-edge Red Hat sponsored Linux distribution. I've been running Fedora Workstation 28 snapshots on a few laptops and test machines here and am quite happy with how it's shaped up as another Fedora release that delivers not only the latest features, but doing so in a seemingly sane and stable manner: I haven't encountered any problems unlike some of the past notorious Fedora releases from years ago. Overall, I am quite excited for next month's Fedora 28 release and will be upgrading my main production system to it.

Android Leftovers

Configuring local storage in Linux with Stratis

Configuring local storage is something desktop Linux users do very infrequently—maybe only once, during installation. Linux storage tech moves slowly, and many storage tools used 20 years ago are still used regularly today. But some things have improved since then. Why aren't people taking advantage of these new capabilities? This article is about Stratis, a new project that aims to bring storage advances to all Linux users, from the simple laptop single SSD to a hundred-disk array. Linux has the capabilities, but its lack of an easy-to-use solution has hindered widespread adoption. Stratis's goal is to make Linux's advanced storage features accessible. Read more