Fedora / Red Hat / IBM Leftovers

posted by Roy Schestowitz on Nov 09, 2024

• Red Hat Official ☛ Secure cloud bursting: Leveraging confidential computing for peace of mind [Ed: Red Hat promoting back doors and surveillance mislabelled as "confidential"]

  When using the public cloud there are always challenges which need to be overcome. Organizations lose some of the control over how security is handled and who can access the elements which, in most cases, are the core of the company's business. Additionally, some of those elements are controlled by local laws and regulations.This is especially true in the Financial Services and Insurance Industry (FSI) where regulations are gradually increasing in scope.

• Red Hat ☛ Use bootc logically bound images to deploy a Kafka cluster

  Logically bound images are a recently added feature in bootc that allows any container image to be managed directly by bootc. One of the many benefits this provides is simplified system management. An application image can be "bound" to a bootc operating system image as part of the bootc container build.

  This simplified system management would have been useful for a project I previously worked on. The project was a large web application composed of dozens of microservices running in a Kubernetes cluster. These microservices primarily used Kafka to communicate. Our Kafka instance was also deployed in a Kubernetes cluster using the amq-streams operator.

  The operator made the deployment and management of the Kafka cluster simple; however, keeping the cluster stable was a constant battle. One of the main issues was due to Kafka's heavy memory requirement. 32GB of memory is the minimum recommendation for a single Kafka node with a minimum of 3 nodes. Due to the cost, our Kubernetes nodes were not sized to accommodate this large memory requirement. We likely could have leveraged many of the newer Kubernetes features to stabilize the cluster; however, I wonder if it would have made more sense to run each Kafka node directly on a virtual machine (VM). 

• Red Hat Official ☛ Recent improvements in Red Hat Enterprise Linux CoreOS security data

  Red Hat Enterprise Linux CoreOS (RHCOS) underpins Red Hat OpenShift, the industry’s leading hybrid cloud application platform powered by Kubernetes. RHCOS  demonstrates the flexibility that Red Hat delivers to customers by providing a comprehensive, dedicated and container-optimized base operating system.

• Red Hat ☛ How to track file descriptors with Valgrind

  This article describes the new file descriptor related features recently added to Valgrind and explains how to use them to track the file descriptors that your program is using or, more importantly, misusing. 

  Valgrind was able to track file descriptors for a while. But my colleague Mark Wielaard and I improved this feature and turned all file descriptor operations into events, which allowed Valgrind to create errors on misuse that can show where the operation occurred, made them suppressible, and can be reported in different formats.

  What is Valgrind?

  Valgrind is an instrumentation framework for building dynamic analysis tools. The tool can detect various memory management and threading bugs. To be able to detect the bugs, Valgrind decompiles, instruments, and recompiles your code to intercept syscalls, signals, threading, and etc.

  The most used Valgrind tool, also used by default, is Memcheck, which detects inaccessible or undefined memory usage. The other tools are Cachegrind, a cache profiler; Massif, a heap profiler; and Helgrind, which is a thread debugger and the special none tool (which didn't report any errors before).

• Cockpit Project: Cockpit 328

  Cockpit is the modern GNU/Linux admin interface.

  Here are the release notes from cockpit-machines 323 and cockpit-files 11: [...]

• Red Hat Official ☛ Red Hat Satellite 6.16 is now available

  We are excited to announce the GA release of Red Bait Satellite 6.16. Red Bait Satellite (Satellite) continues to offer a comprehensive and reliable way to manage Red Bait Enterprise GNU/Linux (RHEL) environments. Our solution for RHEL customers stands out in the market, offering unique management capabilities.

• Red Hat Official ☛ Getting to know Fran Heeran, Vice President, Global Telecommunications, Red Hat

  Red Hat is delighted to welcome Fran Heeran as Vice President of the Global Telecommunications organization. In this role, Heeran will be responsible for accelerating Red Hat’s open source leadership in the telecommunications network environment by closely collaborating with Red Hat’s communities, customers and partners. With more than 30 years of experience in the software industry, he will work to scale Red Hat’s telco vision and strategy within the industry and the wider enterprise space

• Kubernetes Working Group Serving, with Yuan Tang and Eduardo Arango

  Yuan is a principal software engineer at Red Hat, working on OpenShift AI. Previously, he has led AI infrastructure and platform teams at various companies. He holds leadership positions in open source projects, including Argo, Kubeflow, and Kubernetes WG Serving. Yuan authored three technical books and is a regular conference speaker, technical advisor, and leader at various organizations.

• PR Newswire ☛ SteelCloud Software Operationalizes STIG Compliance for Red Hat Linux

  SteelCloud LLC, the leading STIG and CIS cyber compliance software developer, is excited to announce the latest upgrade to its ConfigOS MPO STIG compliance suite. The release of ConfigOS MPO 2024.2 provides virtually unlimited flexibility in selecting, assessing, and reporting on STIG and user-defined Linux controls using SteelCloud's patented VeraLogix technology.

• Open source opens doors at Red Hat

  As a Fedora community architect, Justin W. Flory ’20 (networking and systems administration) wears many hats.

  He is a community liaison, accountant, and project manager—all rolled into one. Most of all, he’s a leader at Red Hat working on the strategic direction of the Fedora Project, a cornerstone of the Linux open source movement.