Language Selection

English French German Italian Portuguese Spanish


Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Latest on Kubernetes

  • Annotating Kubernetes Services for Humans | Kubernetes

    Have you ever been asked to troubleshoot a failing Kubernetes service and struggled to find basic information about the service such as the source repository and owner? One of the problems as Kubernetes applications grow is the proliferation of services. As the number of services grows, developers start to specialize working with specific services. When it comes to troubleshooting, however, developers need to be able to find the source, understand the service and dependencies, and chat with the owning team for any service.

  • Defining Network Policy Conformance for Container Network Interface (CNI) providers | Kubernetes

    Special thanks to Tim Hockin and Bowie Du (Google), Dan Winship and Antonio Ojea (Red Hat), Casey Davenport and Shaun Crampton (Tigera), and Abhishek Raut and Antonin Bas (VMware) for being supportive of this work, and working with us to resolve issues in different Container Network Interfaces (CNIs) over time. A brief conversation around "node local" Network Policies in April of 2020 inspired the creation of a NetworkPolicy subproject from SIG Network. It became clear that as a community, we need a rock-solid story around how to do pod network security on Kubernetes, and this story needed a community around it, so as to grow the cultural adoption of enterprise security patterns in K8s.

  • Certified Kubernetes Administrator

    CKA certification is a problem-solving exam, meaning you don’t have any questions but instead have a number of scenarios to troubleshoot.

Debian: Ritesh Raj Sarraf on Retaining Data, ProtonMail Bridge on Sparky Linux, EasyOS Updates

  • Ritesh Raj Sarraf: Catching Up Your Sources

    I’ve mostly had the preference of controlling my data rather than depend on someone else. That’s one reason why I still believe email to be my most reliable medium for data storage, one that is not plagued/locked by a single entity. If I had the resources, I’d prefer all digital data to be broken down to its simplest form for storage, like email format, and empower the user with it i.e. their data. Yes, there are free services that are indirectly forced upon common users, and many of us get attracted to it. Many of us do not think that the information, which is shared for the free service in return, is of much importance. Which may be fair, depending on the individual, given that they get certain services without paying any direct dime. [...] So for my communication, I like to prefer emails over any other means. That doesn’t mean I don’t use the current trends. I do. But this blog is mostly about penning my desires. And desire be to have communication over email format. Such is the case that for information useful over the internet, I crave to have it formatted in email for archival. RSS feeds is my most common mode of keeping track of information I care about. Not all that I care for is available in RSS feeds but hey such is life. And adaptability is okay. But my preference is still RSS. So I use RSS feeds through a fine software called feed2imap. A software that fits my bill fairly well.

  • ProtonMail Bridge

    There is a new tool available for Sparkers: ProtonMail Bridge

  • SeaMonkey bumped to

    Just a short post. There has been a bugfix release of SeaMonkey. EasyOS has SM 2.53.7. I have compiled SM and it will be in the next release of Easy, expected to be version 2.7.1.   

  • Support for Samsung printers

    OK, I got those two files 'rastertospl' and '' and created a PET, ''. It is about 1Mb so will increase the size of 'easy.sfs' by that amount.  Have included it in the build, but there has to be a limit to this of course. There are so many other special files for various brands of printer and scanner.   

  • Brightness control in the tray

    I have compiled 'setcolortemperature' package in OE. This has the 'sct' executable. Added this to the package-list for Easy, as well as the 'brightness-control' PET that provides the tray operation (and uses sct).   

Graphics: Turnip and Vulkan

  • Samuel Iglesias: Low Resolution Z Buffer support on Turnip

    Last year I worked on implementing in Turnip the support for a HW feature present in Qualcomm Adreno GPUs: the low-resolution Z buffer (aka LRZ). This is a HW feature already supported in Freedreno, which is the open-source OpenGL driver for these GPUs. What is low-resolution Z buffer Low-resolution Z buffer is very similar to a depth prepass that helps the HW avoid executing the fragment shader on those fragments that will be subsequently discarded by the depth test afterwards (Hidden surface removal). This feature comes with some limitations though, such as the fragment shader not being allowed to have side effects (writing to SSBOs, atomic operations, etc) among others. The interesting part of this feature is that it allows the applications to submit the vertices in any order (saving CPU time that was otherwise used on ordering them) and the HW will process them in the binning pass as explained below, detecting which ones are occluded and giving an increase in performance in some specific use cases due to this.

  • Google Deprecating RenderScript In Favor Of Vulkan Compute - Phoronix

    Google announced today that with Android 12.0 they will be deprecating their RenderScript APIs. Moving forward Android developers should primarily target the Vulkan API for high performance compute needs. RenderScript has been an API around since Android 3.0 for heterogeneous CPU/GPU programming and for some time even had a 3D rendering API. RenderScript though has been of less relevance with GPU compute being available for some time via Vulkan and even OpenGL. Some current Android devices only support RenderScript for CPU-only execution and with Android 12.0 the APIs will be deprecated.

  • Vulkan 1.2.176 Released With VK_EXT_extended_dynamic_state2

    It's been just one week since the release of Vulkan 1.2.175 that introduced the Vulkan Video extensions while out this morning is now the Vulkan 1.2.176 revision.

today's howtos

  • What I learned of the VOIP hacker scene by setting up a SIP Honeypot

    I got interested in telephones and the Voice Over IP (VOIP) scene soon after reading Phil Lapsley’s Exploding the phone (2013). According to the book, there is a whole underground of VOIP hackers. I had not come across them while lurking in the information security scene. After my interest sparked, I started paying more attention to telephone-related security research.

  • Listing the contents of a remote ZIP archive, without downloading the entire file

    This got me thinking if it might be possible, to construct some minimal set of requests, that only gets the part of the ZIP file containing information about its content.

    I didn’t really know anything about the ZIP file format beforehand, so this might be trivial if you are already familiar, but as it turns out, ZIP files contain information about their contents in a data block at the end of the file called the Central Directory.

    This means that it’s only this part of the archive that’s required in order to list out the content.

  • [Old] Setup Pi-Hole to protect your network and privacy

    To be able to understand what a DNS sinkhole is you have to first understand what DNS is and does. DNS is short for Domain Name System and it basically does the same thing phonebook does. It translates numbers to names because numbers are a lot harder to memorize. When you want to visit your computer will put that request out to a DNS server on your network which will translate that name to the IP address where is living. This is also called a DNS query. Pi-Hole is a DNS server so if you setup a Pi-Hole on your network it will answer the DNS queries for all the devices in your network and this means that you can redirect DNS lookup to anywhere you like. You now have the power to redirect DNS queries to ad-serving networks to an alternate IP address basically eliminating those from showing on any device connected to your network :). This process is called DNS sinkhole and also how Pi-Hole works. If you want to read more about it check out this Wikipedia article.

  • Bandwidth management in go-IPFS

    In this article I will explain a few important parameters for the reference IPFS node server go-ipfs in order to manage the bandwidth correctly for your usage.

  • Gemini Quickstart!

    More details are in the Official Gemini FAQ. Be aware that it’s targeted at a more technical audience than this quick start page, so you might want to skip it for now and come back later. The main thing to know is that you’re going to get a much more stripped-down experience compared to the modern WWW, but that’s okay! Some of the choices made to keep Gemini simple may seem too extreme, compared to even a bare-bones web site, but there are hidden benefits that won’t be obvious at first.

  • dRAID, Finally! A sneak-peak into the latest, and long-awaited feature of OpenZFS

    Admins will often use wide RAID stripes to maximize usable storage given a number of spindles. RAID-Z deployments with large stripe widths, ten or larger, are subject to poor resilver performance for a number of reasons. Resilvering a full vdev means reading from every healthy disk and continuously writing to the new spare. This will saturate the replacement disk with writes while scattering seeks over the rest of the vdev. For 14 wide RAID-Z2 vdevs using 12TB spindles, rebuilds can take weeks. Resilver I/O activity is deprioritized when the system has not been idle for a minimum period. Full zpools get fragmented and require additional I/O’s to recalculate data during reslivering. A pool can degenerate into a never ending cycle of rebuilds or loss of the pool Aka: the Death Spiral.

  • Linux 101: $HOME is where the heart is - TechRepublic

    In Linux, there's no place like ~/, or $HOME or just home. That's right, three ways to say the same thing. For new Linux users, this can get confusing. First off, what is home? Why are there numerous ways to notate home? Let's see if we can solve this puzzle together.

  • How to check if a port is open on remote Linux system

    When installing or configuring an application in the Linux system, the associated port should also be open which allows the application for external access. If the application port is not open, it will make the program throw errors and hence malfunction. For instance, when you configure the Apache Web server on Linux, you must open ports 80 and 443 that listens to incoming connections for Apache on the firewall, and that allows users to access websites hosted on your web server through the browser.