Language Selection

English French German Italian Portuguese Spanish

August 2019

Announcing etcd 3.4

Filed under
Server
OSS

etcd v3.4 includes a number of performance improvements for large scale Kubernetes workloads.

In particular, etcd experienced performance issues with a large number of concurrent read transactions even when there is no write (e.g. “read-only range request ... took too long to execute”). Previously, the storage backend commit operation on pending writes blocks incoming read transactions, even when there was no pending write. Now, the commit does not block reads which improve long-running read transaction performance.

We further made backend read transactions fully concurrent. Previously, ongoing long-running read transactions block writes and upcoming reads. With this change, write throughput is increased by 70% and P99 write latency is reduced by 90% in the presence of long-running reads. We also ran Kubernetes 5000-node scalability test on GCE with this change and observed similar improvements. For example, in the very beginning of the test where there are a lot of long-running “LIST pods”, the P99 latency of “POST clusterrolebindings” is reduced by 97.4%. This non-blocking read transaction is now used for compaction, which, combined with the reduced compaction batch size, reduces the P99 server request latency during compaction.

More improvements have been made to lease storage. We enhanced lease expire/revoke performance by storing lease objects more efficiently, and made lease look-up operation non-blocking with current lease grant/revoke operation. And etcd v3.4 introduces lease checkpoint as an experimental feature to persist remaining time-to-live values through consensus. This ensures short-lived lease objects are not auto-renewed after leadership election. This also prevents lease object pile-up when the time-to-live value is relatively large (e.g. 1-hour TTL never expired in Kubernetes use case).

Read more

Petty gripes about kernel versioning and tarballs

Filed under
Linux
Red Hat

Today in gripes that about 5 people including me will have: it's really difficult to find a unified way to get a tarball from something on kernel.org to the Fedora dist-git in a way that meets the Fedora packaging guidelines.

Let's start with my pettiest gripe: the lack of a trailing 0 on official releases. Official kernel releases are usually versioned like 5.1, 5.2. Note the lack of a trailing 0 there. Stable updates are 5.2.3, 5.2.3 etc. This would be okay except for if you look at the Makefile for stable releases, there's still a 0 in the SUBLEVEL filed where stable updates come from. "But Laura, there's macros to take care of that" yes, in the kernel itself. I'm working on going from the kernel to dist-git so this means I'm writing scripts which have to re-do this work and think about this when generating a version string. If I wanted to be really petty, I'd start a conversation about changing the kernel versioning completely. The 5.0 numbering means nothing. The bump from 4.x to 5.x was because the second number was getting to high. The numbers mean nothing at this point except they keep getting larger. I'd love to see the numbers correspond to a date since the kernel is basically on a time base release at this point anyway.

Fedora has packaging guidelines describing how packages should work. It's to the benefit of everyone to follow these guidelines. The guidelines for Source recommend using tarballs and give a few other suggestions for how to set Source0 appropriately.

The Fedora kernel generates 3 types of kernel releases: official releases (v5.2, v5.2.1), rc releases (v5.3-rc6), and snapshots that don't correspond to an official tag. Currently, the way we generate all these is starting with the base (e.g. 5.2) and then applying a patch on top of it (patch-5.3-rc6, patch-5.2.10). We do this by grabbing the individual tarballs and patches from kernel.org.

Read more

'Abandon Ship' on GNU/Linux

Filed under
Gaming

Wine 4.15

Filed under
Software
  • Wine Announcement
    The Wine development release 4.15 is now available.
    
    What's new in this release (see below for details):
      - Initial implementation of the HTTP service.
      - Stack unwinding support on ARM64.
      - Better multi-monitor support on macOS.
      - RichEdit control optimizations.
      - Various bug fixes.
    
    
  • Wine 4.15 Brings Initial HTTP Service Implementation (HTTP.sys)

    Wine 4.15 is out for testing this US holiday weekend. With Wine 4.15 it brings an initial implementation of Windows' HTTP.sys as the HTTP protocol stack that is a kernel-mode driver that lists for HTTP requests and passes it onto Microsoft's IIS.

    An initial implementation of this HTTP.sys service is now in place as one of the major features to Wine 4.15. HTTP.sys has been the replacement to the Winsock API by IIS and is geared to provide better performance than the Windows Sockets API and other features. This big round of HTTP.sys work was led by Wine developer Zebediah Figura.

  • The Wine 4.15 development release is out now

    What's a Friday without a little Wine? Thankfully today we don't have to find out as the Wine 4.15 development release is now out.

today's leftovers

Filed under
Misc
  • Storj Labs advances decentralized cloud storage platform

    Open source cloud storage startup Storj Labs is set to bring its vision of decentralized cloud storage to enterprise users.

    The Storj Labs Tardigrade service uses blockchain technology and a distributed network of storage nodes, provided by people or organizations that are paid for providing storage capacity. The initial versions of the Storj Labs decentralized cloud storage platform were not focused on providing the controls and guarantees needed for commercial use, but that is changing with version 3 of the Storj Labs platform and the Tardigrade platform, which became available in beta on Aug. 22.

  • Open-source serverless framework wants to pave the way towards serverless 2.0

    According to Jonas Bonér, CTO at Lightbend, today’s current serverless movement focuses a lot on automation and infrastructure, but neglects requirements at the application layer. This is because data, streaming and event-driven stateful architectures can be challenging, he explained.

    “The next generation serverless platform and programming model will take a more holistic grip on the whole system, end-to-end, and allow general-purpose application development—e.g. microservices, fast data, streaming pipelines, AI/ML, etc. It will let us implement common use-cases such as: shopping carts, user sessions, transactions, ML model training serving, low-latency prediction and recommendation serving, anomaly detection, job scheduling, and much more,” Bonér told SD Times. “What we are missing is support for long-lived virtual stateful functions, a way to manage distributed—durable and ephemeral—state in a scalable and available fashion, ways to co-locate processing and data, and options for choosing the right consistency model for the job.”

  • Talking Digital Transformation With The New And Prior CEO

    Here is a situation that each and every IT manager and chief information officer has experienced and will continue to experience: Having a very long conversation with the president or chief executive officer of their company about how to engage in or continue with digital transformation and the application and database modernization that this entails. And sometimes, that conversation will happen as a new person takes the helm of the company.

    That’s precisely what we did this week, but with a twist or two. We are not an IT manager or CIO, but rather an observer in the boardrooms of IBM i shops around the world, and the current and prior CEOs that we were talking to not only had to do some digital transformation and modernization projects of their own, but more importantly they run a company that for more than three decades has been involved in helping other organizations make this transformation. Specifically, we talked to Daniel Crépeau, who has just been appointed president and CEO at Fresche Solutions, one of the largest IBM i business partners in the world, and Andy Kulakowski, one of the co-founders of the company and the leader of the management buyout of what was then called Fresche Legacy and what was also a much smaller company with a much narrower market.

  • Unix as a Second Language: The touch command
  • Fabiano Fidencio: GUADEC 2019

    I've just came back from GUADEC 2019, which happened in Thessaloniki (Greece), and it's time to a small report of what has been accomplished there.

    As most of you probably know although I'm not exactly a GNOME developer, I do a bunch of work which is either specifically to be consumed by GNOME Boxes (and other management applications will take advantage of the work) or GNOME Boxes can, at least, take advantage of.

    With that in mind, I've headed to GUADEC 2019 with basically two major things in mind:
    - Meet my Google Summer of Code student and plan what's going on for the future;
    - Join the GNOME Boxes' BoF and check whether we could have an agreement on how to default to UEFI whenever it's possible;

    What I didn't have in mind, though, was that I'd be able to meet people like Will Thompson (from Endless OS), Carl Richell (from System76), and Cassidy James (from Elementary OS). Talking to them in person was something amazing which allowed me to have conversations on how to have the work they do better present in GNOME Boxes (with regard to displaying updated entries, in case of Endless OS and Pop!_OS, or with regard to having their entries added, in case of Elementary OS).

Linux Foundation: Hyperledger and LF Edge

Filed under
OSS
  • Ethereum Poised to Be First Public Blockchain in Hyperledger Consortium

    Ethereum could become the first public blockchain on Hyperledger – if the open-source consortium’s technical steering committee approves a proposal to adopt the ConsenSys-backed Pantheon project.

    Pantheon is a suite of ethereum-based services built by PegaSys, a 50-strong engineering team at ConsenSys. The Pantheon ethereum client, built on Java, is used to develop enterprise applications with features like privacy and permissioning.

    The proposal was sent out in a Hyperledger mailing list email on Aug. 8, and if it is accepted, Pantheon will be renamed Hyperledger Besu (a Japanese term for base or foundation).

  • Ethereum Client Becomes First Public Blockchain on Hyperledger

    “We’ve always wanted to be a gateway for enterprises to public chains while also meeting the needs of private and permissioned networks,” Hartley told CoinDesk. “I think this is a good step in that process.”

    Now the Hyperledger staff will work with ConsenSys to transfer Pantheon’s GitHub repository to the consortium and set up email lists and chat channels connected to the project. In recent months, ConsenSys has also donated ConsenSys CAVA to the Apache Software Foundation, which is now being incubated as Apache Tuweni.

  • Linux Foundation Defines Edge Computing with New Glossary

    Edge Computing today is a somewhat nebulous concept with an associated set of equally hazy related technologies. The Linux Foundation's LF Edge project is all about Edge Computing and is seeking to help define Edge Computing and its' associated concepts with the second version of the Open Glossary of Edge Computing released on August 29.
    "As the diversity of LF Edge increases, we want frameworks in place that make it easy to talk about edge computing in consistent and less-biased ways," stated Arpit Joshipura, general manager, Networking, Edge, and IoT, at the Linux Foundation. "It’s imperative the community comes together to converge on a shared vocabulary, as it will play a substantial role in how our industry discusses and defines the next-generation internet."

Hardware With Linux: OrangeCrab, Nexcom’s and Arbor’s Devices

Filed under
Hardware
  • ULX3S Education Board is Powered by Lattice Semi ECP5 FPGA & ESP32 WiFi/BLE Module

    A few days ago, we covered the KiCAD designed OrangeCrab open-source hardware board powered by a Lattice Semi ECP5 FPGA, and compliant with Adafruit Feather form factor.

    It’s turned out there’s another Lattice Semi ECP5 FPGA board that’s also designed with KiCAD and open source hardware. Radiona ULX3S differs are it’s larger and exposes more I/Os since it was specifically designed to meet the meets of the digital logic course at the Faculty of Electrical Engineering and Computing (FER) of the University of Zagreb in Croatia.

  • Apollo Lake industrial computer is only 26mm tall

    Nexcom’s compact, rugged “NISE 51” industrial computer runs Linux or Windows on a dual-core Apollo Lake Celeron with a pair each of GbE, USB 3.0, USB 2.0, M.2, and RS232 plus RS422/485, DP, and mini-PCIe.

    Nexcom has announced an “affordable” and “cost effective” computer for smart factory and M2M applications that measures a trim 162 x 150 x 26mm. The rugged NISE 51 runs Linux 4.1 or Windows 10 IoT Enterprise on an up to 2.4GHz, dual-core Celeron N3550 from Intel’s Apollo Lake generation.

  • Coffee Lake signage player supports triple 4K displays

    Arbor’s fanless, rugged ”ELIT-1930” signage player runs Linux or Windows on an 8th Gen Coffee Lake-S CPU with up to 32GB DDR4, triple 4K displays, 2x GbE, 3x COM, 4x USB 3.1, and 3x M.2.

    Arbor Technology announced a new member of its ELIT series of digital signage systems equipped with Intel’s 8th Gen Coffee Lake S-series Core processors with 35W TDPs. The ELIT-1930 runs Linux 4.x or Windows 10 IoT on CPUs including the 6x core/12x thread Core i7-8700T clocked at 2.4GHz/4GHz. There’s also a hexa-core i5-8500T and quad-core i3-8100T, both of which are single threaded. The system has an Intel Q370 chipset and Intel UHD Graphics 630.

OSS and Security Leftovers

Filed under
OSS
Security
  • What Would it Take to Challenge DJI’s Dominance in the Drone Market?

    Monday, CNN reported that Ellen Lord, the U.S. Undersecretary of Defense for Acquisition and Sustainment, told reporters that the department was seeking investors to develop U.S. manufactured drones so that the military would not be reliant upon Chinese-manufactured DJI products. That may be somewhat misleading – DJI certainly has never claimed to go after the military market, and accusations about “sending data back to China” remain vague and unproven. It is true, however, that drone manufacturers globally have struggled to compete with DJI’s rapid development cycles and manufacturing efficiencies: and there may be an argument that more competition in the commercial market could help to expand use cases and broaden the scope of drone innovation.

    [...]

    Understanding the Concept of an Open Source Platform for Drones

    While adoption of the open source platform is growing rapidly, it’s still a confusing concept to many consumers or commercial drone pilots. The common comparison is between Apple and Android, with DJI as the iOS of the drone world. Auterion co-founder Kevin Sartori clarifies that the comparison isn’t entirely accurate: the drone industry is still in the very early stages of development towards its real potential.

    “Our high level assumption is that drones are still feature phones,” says Sartori. “We might not be at smart phone stage, we’re still talking about Nokia,” he explains. “Drones aren’t connected yet. There is no easy way to distribute apps. With Auterion, we are building the infrastructure that will allow the industry to get there.”

    How Open Source is Being Used Now – and Auterion’s Place in the Market

    PX4 and open source tools are now being used to make new and innovative hardware products fly: from offerings from Chinese manufacturer Yuneec to new U.S. drone manufacturer Impossible Aerospace, developing a long endurance battery powered aircraft. Open source is allowing new drone companies and customers to focus on specific problems, says Sartori, without having to reinvent a way to make the drone fly: “Companies don’t actually build the whole solution, they focus on their added value,” he says. “It’s a natural evolution of the industry, and it helps the industry accelerate.”

  • The 13 Best Open Source Network Monitoring Tools

    We at Solutions Review compiled a list of the best open source network performance monitoring tools currently on the market!

  • Platform9 Raises $25 Mn to Leverage Open-source Modern Technologies and Enhance Cloud-native Infrastructure

    Platform9, the in SaaS-managed hybrid cloud company, announced that raised $25 million in Series D funding, bringing the total amount raised by the company to $61.5 million. This round was led by NGP Capital, with participation from Mubadala Ventures and all existing investors (Redpoint Ventures, Menlo Ventures, Canvas Ventures, and HPE Pathfinder). Rohini Chakravarthy, Partner at NGP Capital, joins Platform9’s board of directors with this round of financing.

  • Security updates for Friday

    Security updates have been issued by Arch Linux (dovecot, gettext, go, go-pie, libnghttp2, and pigeonhole), Debian (djvulibre, dovecot, and subversion), Fedora (sleuthkit and wireshark), openSUSE (containerd, docker, docker-runc, and qbittorrent), Oracle (pango), SUSE (kernel, nodejs10, and python-SQLAlchemy), and Ubuntu (apache2).

  • This Week In Security: VPN Gateways, Attacks In The Wild, VLC, And An IP Address Caper

    We'll start with more Black Hat/DEFCON news.

Highlights of YaST Development Sprint and OpenSUSE Tumbleweed News

Filed under
SUSE
  • Highlights of YaST Development Sprint 83

    The summer is almost gone but, looking back, it has been pretty productive from the YaST perspective. We have fixed a lot of bugs, introduced quite interesting features to the storage layer and the network module refactoring continues to progress (more or less) as planned.

    So it is time for another sprint report. During the last two weeks, we have been basically busy squashing bugs and trying to get the network module as feature-complete as possible. But, after all, we have had also some time to improve our infrastructure and organize for the future.

  • openSUSE Tumbleweed – Review of the weeks 2019/34 & 35

    The last two weeks have been average weeks when it comes to the number of snapshots and updates. We have released a total of 6 snapshots. From a user point of view, I think this is actually a pretty good pace. The 6 snapshots were 0815, 0820, 0822, 0823, 0824 and 0828.

More in Tux Machines

Apache Rya matures open source triple store database

The open source Apache Rya database effort is continuing to move forward as it reaches a new level of project maturity and acceptance. Rya (pronounced "ree-uh") is an RDF (resource description framework) triple store database. The project started at the U.S. government's Laboratory for Telecommunication Sciences with an initial research paper published in 2012. The project joined the Apache Software Foundation (ASF) in 2015 as an incubated project, and in September 2019 achieved what is known as Top-Level Project status. The Top-Level status is an indication and validation of the project's maturity, code quality and community. The ASF is home to Hadoop, Spark and other widely used database and data management programs. Read more Also: Yahoo Groups is being prepared for shutdown, with all stored archives to be deleted on Dec 14

The Spectre Mitigation Impact For Intel Ice Lake With Core i7-1065G7

For those wondering if -- or how much -- of a performance impact mitigations still make regarding Spectre for Intel's long-awaited 10nm+ Ice Lake processors, here is the rundown on the mitigation state and the performance impact. One of the areas that Phoronix readers have requested testing on with the recent purchase of the Dell XPS 7390 with Core i7 1065G7 is regarding the mitigation state and performance. Ice Lake with its Sunny Cove microarchitecture -- similar to Cascade Lake -- is no longer affected by Meltdown, MDS, or L1TF / Foreshadow. Read more

Networking SBCs run Linux on quad -A53 and -A72 NXP LS chips

Forlinx’s sandwich-style OK1043A-C and OK1046A SBCs run Linux on NXP’s quad -A53 LS1043A and quad -A72 LS1046A SoCs, respectively, and offer a 10GbE port and up to 6x GbE ports with optional SFP. Forlinx has posted product pages for two similar COM Express modules and carrier boards that run Linux on NXP’s networking focused LS series processors. The FET1043A-C module taps the up to 1.6GHz, quad-core, Cortex-A53 LS1043A while the FET1046A-C uses the up to 1.8GHz, quad-core, Cortex-A72 LS1046A. All the processors are headless — without GPUs. Read more

Security: WireGuard, Birds and Updates

  • WireGuard Restored In Android's Google Play Store After Brief But Controversial Removal

    After Google dropped the open-source WireGuard app from their Play Store since it contained a donation link, the app has now been restored within Google's software store for Android users but without the donation option. The WireGuard app for Android makes it easy to setup the secure VPN tunnel software on mobile devices, similar to its port to iOS and other platforms. The WireGuard apps are free but have included a donation link to the WireGuard website should anyone wish to optionally make a donation to support the development of this very promising network tech.

  • Letting Birds scooters fly free

    At that point I had everything I need to write a simple app to unlock the scooters, and it worked! For about 2 minutes, at which point the network would notice that the scooter was unlocked when it should be locked and sent a lock command to force disable the scooter again. Ah well. So, what else could I do? The next thing I tried was just modifying some STM firmware and flashing it onto a board. It still booted, indicating that there was no sort of verified boot process. Remember what I mentioned about the throttle being hooked through the STM32's analogue to digital converters[3]? A bit of hacking later and I had a board that would appear to work normally, but about a minute after starting the ride would cut the throttle. Alternative options are left as an exercise for the reader. Finally, there was the component I hadn't really looked at yet. The Quectel modem actually contains its own application processor that runs Linux, making it significantly more powerful than any of the chips actually running the scooter application[4]. The STM communicates with the modem over serial, sending it an AT command asking it to make an SSL connection to a remote endpoint. It then uses further AT commands to send data over this SSL connection, allowing it to talk to the internet without having any sort of IP stack. Figuring out just what was going over this connection was made slightly difficult by virtue of all the debug functionality having been ripped out of the STM's firmware, so in the end I took a more brute force approach - I identified the address of the function that sends data to the modem, hooked up OpenOCD to the SWD pins on the STM, ran OpenOCD's gdb stub, attached gdb, set a breakpoint for that function and then dumped the arguments being passed to that function. A couple of minutes later and I had a full transaction between the scooter and the remote. The scooter authenticates against the remote endpoint by sending its serial number and IMEI. You need to send both, but the IMEI didn't seem to need to be associated with the serial number at all. New connections seemed to take precedence over existing connections, so it would be simple to just pretend to be every scooter and hijack all the connections, resulting in scooter unlock commands being sent to you rather than to the scooter or allowing someone to send fake GPS data and make it impossible for users to find scooters.

  • Security updates for Friday

    Security updates have been issued by Debian (poppler, sudo, and wordpress), Oracle (java-1.8.0-openjdk), Red Hat (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk, java-11-openjdk, and kernel), and SUSE (kernel and postgresql10).