Mozilla Announces Major Improvements to Its Hubs Social Mixed Reality Platform, Windmill Enterprise Joins The Linux Foundation, Cloud Foundry Survey Results, New Bodhi Linux Major Release and Red Hat Linux 7.6 Now Available
News briefs for August 22, 2018.
Mozilla announced major improvements in its open-source Hubs, "an experiment to bring Social Mixed Reality to the browser". You now are able to bring videos, images, documents and 3D models into Hubs just by pasting in a link. You can join a room in Hubs and get together with others in Mixed Reality using any VR device or your phone or PC. In addition, any content you upload is available only to others in the room and is encrypted and removed when no longer used. The code for Hubs is available on GitHub.
Windmill Enterprise announces it has joined The Linux Foundation to collaborate on EdgeX Foundry and LF Networking (LF). As part of its work with these projects, "Windmill will incorporate open source, blockchain solutions that enable broader adoption of industrial IoT frameworks into the enterprise. In addition, Windmill will contribute enterprise-class mobile networking security solutions to the largest global open source innovation community." Windmill is also working with the FreeIPA project for identity management. You can learn more here.
The Bodhi Team announced a new major release this morning, version 5.0.0. The announcement notes that the new version doesn't include a ton of changes, but instead "simply serves to bring a modern look and updated Ubuntu core (18.04) to the lightning fast desktop you have come to expect from Bodhi Linux."
These days, Intel's name is Mud in various circles because of the Spectre/Meltdown CPU flaws and other similar hardware issues that seem to be emerging as well. But, there was a recent discussion between some Intel folks and the kernel folks that was not related to those things. Some thrust-and-parry still was going on between kernel person and company person, but it seemed more to do with trying to get past marketing speak, than at wrestling over what Intel is doing to fix its longstanding hardware flaws.
Reinette Chatre of Intel posted a patch for a new chip feature called Cache Allocation Technology (CAT), which "enables a user to specify the amount of cache space into which an application can fill". Among other things, Reinette offered the disclaimer, "The cache pseudo-locking approach relies on generation-specific behavior of processors. It may provide benefits on certain processor generations, but is not guaranteed to be supported in the future."
Thomas Gleixner thought Intel's work looked very interesting and in general very useful, but he asked, "are you saying that the CAT mechanism might change radically in the future [that is, in future CPU chip designs] so that access to cached data in an allocated area which does not belong to the current executing context wont work anymore?"
Reinette replied, "Cache Pseudo-Locking is a model-specific feature so there may be some variation in if, or to what extent, current and future devices can support Cache Pseudo-Locking. CAT remains architectural."
Thomas replied, "that does NOT answer my question at all."
At this point, Gavin Hindman of Intel joined the discussion, saying:
Support in a current generation of a product line doesn't imply support in a future generation. Certainly we'll make every effort to carry support forward, and would adjust to any changes in CAT support, but we can't account for unforeseen future architectural changes that might block pseudo-locking use-cases on top of CAT.
And Thomas replied, "that's the real problem. We add something that gives us some form of isolation, but we don't know whether next generation CPUs will work. From a maintainability and usefulness POV that's not a really great prospect."
Elsewhere in a parallel part of the discussion, Thomas asked, "Are there real world use cases that actually can benefit from this [CAT feature] and what are those applications supposed to do once the feature breaks with future generations of processors?"
Reinette replied, "This feature is model-specific with a few platforms supporting it at this time. Only platforms known to support Cache Pseudo-Locking will expose its resctrl interface."
To which Thomas said, "you deliberately avoided to answer my question again."Go to Full Article
Haiku Release R1/beta1, Flatpack v. 1.0.0, SUSE Updates Their Kernel to Boost Performance on Azure, Debian Receives Mitigation Updates to Vulnerability
Any old school BeOS fans in the audience? If so, the Haiku development team just announced the upcoming release R1/beta1.
Flatpak, the software utility for package deployment in a sandbox environment just cut release version 1.0.0. It comes with performance and stability improvements.
SUSE has had a long history with Microsoft, and it would seem that their relationship with the software giant continues with the Linux distribution's updates to their kernel to boost performance on Azure.
In more L1TF related news, the Debian GNU/Linux 9 (Stretch) distribution just received mitigation updates to this recent and high profile vulnerability.News
News briefs for August 21, 2018.
Freespire 4.0 has been released. This release brings a migration of the Ubuntu 16.04 LTS codebase to the 18.04 LTS codebase, which adds many usability improvements and more hardware support. Other updates include intuitive dark mode, "night light", Geary 0.12, Chromium browser 68 and much more.
Mozilla announced its 2018–2019 Fellows in openness, science and tech policy today. These fellows "will spend the next 10 to 12 months creating a more secure, inclusive, and decentralized internet". In the past, Mozilla fellows "built secure platforms for LGBTQ individuals in the Middle East; leveraged open-source data and tools to bolster biomedical research across the African continent; and raised awareness about invasive online tracking." See the Mozilla blog for more information and the list of Fellows.
Flatpak 1.0 has been released, marking the first version in a new stable series. Distributions should update as soon as possible. See the GitHub for all the fixes and new features, which include faster installation and updates, a new portal, applications can now be marked as end-of-life, and much more. See also the Flatpak documentation for more information.
Reuters reports that 22 states are asking the US appeals court to reinstate Net Neutrality rules. In addition, several internet companies, media and technology advocacy groups filed a separate challenge yesterday to overturn the FCC ruling.News Freespire Mozilla KDE Net Neutrality KDevelop Flatpak
Everything You Need to Know about Linux Containers, Part I: Linux Control Groups and Process Isolation
Everyone's heard the term, but what exactly are containers?
The software enabling this technology comes in many forms, with Docker as the most popular. The recent rise in popularity of container technology within the data center is a direct result of its portability and ability to isolate working environments, thus limiting its impact and overall footprint to the underlying computing system. To understand the technology completely, you first need to understand the many pieces that make it all possible.
Sidenote: people often ask about the difference between containers and virtual machines. Both have a specific purpose and place with very little overlap, and one doesn't obsolete the other. A container is meant to be a lightweight environment that you spin up to host one to a few isolated applications at bare-metal performance. You should opt for virtual machines when you want to host an entire operating system or ecosystem or maybe to run applications incompatible with the underlying environment.Linux Control Groups
Truth be told, certain software applications in the wild may need to be controlled or limited—at least for the sake of stability and, to some degree, security. Far too often, a bug or just bad code can disrupt an entire machine and potentially cripple an entire ecosystem. Fortunately, a way exists to keep those same applications in check. Control groups (cgroups) is a kernel feature that limits, accounts for and isolates the CPU, memory, disk I/O and network's usage of one or more processes.
Originally developed by Google, the cgroups technology eventually would find its way to the Linux kernel mainline in version 2.6.24 (January 2008). A redesign of this technology—that is, the addition of kernfs (to split some of the sysfs logic)—would be merged into both the 3.15 and 3.16 kernels.
The primary design goal for cgroups was to provide a unified interface to manage processes or whole operating-system-level virtualization, including Linux Containers, or LXC (a topic I plan to revisit in more detail in a follow-up article). The cgroups framework provides the following:
- Resource limiting: a group can be configured not to exceed a specified memory limit or use more than the desired amount of processors or be limited to specific peripheral devices.
- Prioritization: one or more groups may be configured to utilize fewer or more CPUs or disk I/O throughput.
- Accounting: a group's resource usage is monitored and measured.
- Control: groups of processes can be frozen or stopped and restarted.
A cgroup can consist of one or more processes that are all bound to the same set of limits. These groups also can be hierarchical, which means that a subgroup inherits the limits administered to its parent group.Go to Full Article
Trinity Desktop Environment New Release, New Read-Only File System Designed for Android Devices, CloudNative Conference Coming Up, Retro Arcade Games Coming to Polycade
The Huawei developed EROFS is finding its way into the Linux 4.19 staging tree. EROFS is a read-only file system designed for Android devices.
Mark your calendars for September 12-13: the CloudNative, Docker, and K8s Summit will be hosted in Dallas, Texas this year. To learn more, visit the official conference website.
Tyler Bushnell, the son of Atari co-founder, Nolan Bushnell, is working to bring back retro arcade games with Polycade. Polycade is an arcade machine that is smaller than a cabinet and can hang on a wall.News
Use Node.js to build a command-line interface that creates a file based on your needs.
HowToForge: ELK is the combination of 3 services: ElasticSearch, Logstash, and Kibana. The tutorial will use MySQL log files as the source to be monitored.
OMGubuntu: These new fangled app formats have their upsides
Kubernetes security has come a long way since the project's inception, but still contains some gotchas.