Blockchains have to be trusted in order for them to succeed, and public blockchains can cause problems you may not think about, according to Bruce Schneier, a fellow and lecturer at the Harvard Kennedy School, in his keynote address at December’s Hyperledger Global Forum on “Security, Trust and Blockchain.”
Schneier began his talk by citing a quote from Bitcoin’s anonymous developer, Satoshi Nakamoto, who said “We have proposed a system for electronic transaction without relying on trust.”
“That’s just not true,’’ Schneier said. “Bitcoin is not a system that doesn’t rely on trust.” It eliminates certain trust intermediaries, but you have to somehow trust Bitcoin, he noted. Generally speaking, the Bitcoin system changes the nature of trust.
Schneier called himself a big fan of “systems thinking,” which is what the issue boils down to, he said. This is something that is in too short supply in the tech world right now,’’ he maintained, and “we need a lot more of it.”
Trust relationships
Schneier’s talk focused on the data structures and protocols that make up a public blockchain. He called private blockchains “100 percent uninteresting,” explaining that they’re easy to create and secure, they don’t need any special properties, and they’ve been around for years.
Public blockchains are what’s new, he noted. They have three elements that make them work:
The ledger, which is the record of what happened and in what order
The consensus algorithm, which ensures all copies of the ledger are the same
The token, which is the currency
All the pieces fit together as a single system, and whether they can achieve anything gets back to the issue of trust, he said.
Learn how to get network information using the ss command in this tutorial from the archives.
Linux includes a fairly massive array of tools available to meet almost every need. From development to security to productivity to administration…if you have to get it done, Linux is there to serve. One of the many tools that admins frequently turned to was netstat. However, the netstat command has been deprecated in favor of the faster, more human-readable ss command.
Thess command is a tool used to dump socket statistics and displays information in similar fashion (although simpler and faster) to netstat. The ss command can also display even more TCP and state information than most other tools. Because ss is the new netstat, we’re going to take a look at how to make use of this tool so that you can more easily gain information about your Linux machine and what’s going on with network connections.
The ss command-line utility can display stats for the likes of PACKET, TCP, UDP, DCCP, RAW, and Unix domain sockets. The replacement for netstat is easier to use (compare the man pages to get an immediate idea of how much easier ss is). With ss, you get very detailed information about how your Linux machine is communicating with other machines, networks, and services; details about network connections, networking protocol statistics, and Linux socket connections. With this information in hand, you can much more easily troubleshoot various networking issues.
Let’s get up to speed with ss, so you can consider it a new tool in your administrator kit.
Basic usage
The ss command works like any command on the Linux platform: Issue the command executable and follow it with any combination of the available options. If you glance at the ss man page (issue the command man ss), you will notice there aren’t nearly the options found for the netstat command; however, that doesn’t equate to a lack of functionality. In fact, ss is quite powerful.
If you issue the ss command without any arguments or options, it will return a complete list of TCP sockets with established connections (Figure 1).
Figure 1: A complete listing of all established TCP connections.
Because the ss command (without options) will display a significant amount of information (all tcp, udp, and unix socket connection details), you could also send that command output to a file for later viewing like so:
ss > ss_output
Of course, a very basic command isn’t all that useful for every situation. What if we only want to view current listening sockets? Simple, tack on the -l option like so:
ss -l
The above command will only output a list of current listening sockets.
To make it a bit more specific, think of it this way: ss can be used to view TCP connections by using the -t option, UDP connections by using the -u option, or UNIX connections by using the -x option; so ss -t, ss -u, or ss -x. Running any of those commands will list out plenty of information for you to comb through (Figure 2).
Figure 2: Running ss -u on Elementary OS offers a quick display of UDP connections.
By default, using either the -t, the -u, or the -x options alone will only list out those connections that are established (or connected). If we want to pick up connections that are listening, we have to add the -a option like:
ss -t -a
The output of the above command will include all TCP sockets (Figure 3).
Figure 3: Notice the last socket is ssh listening on the device.
In the above example, you can see that UDP connections (in varying states) are being made from the IP address of my machine, from various ports, to various IP addresses, through various ports. Unlike the netstat version of this command, ss doesn’t display PID and command name responsible for these connections. Even so, you still have plenty of information to begin troubleshooting. Should any of those ports or URLs be suspect, you now know what IP address/Port is making the connection. With this, you now have the information that can help you in the early stages of troubleshooting an issue.
Filtering ss with TCP States
One very handy option available to the ss command is the ability to filter using TCP states (the the “life stages” of a connection). With states, you can more easily filter your ss command results. The ss tool can be used in conjunction with all standard TCP states:
established
syn-sent
syn-recv
fin-wait-1
fin-wait-2
time-wait
closed
close-wait
last-ack
listening
closing
Other available state identifiers ss recognizes are:
all (all of the above states)
connected (all the states with the exception of listen and closed)
synchronized (all of the connected states with the exception of syn-sent)
bucket (states which are maintained as minisockets, for example time-wait and
syn-recv)
big (Opposite to bucket state)
The syntax for working with states is simple.
For tcp ipv4:ss -4 state FILTERFor tcp ipv6:ss -6 state FILTER
Where FILTER is the name of the state you want to use.
Say you want to view all listening IPv4 sockets on your machine. For this, the command would be:
ss -4 state listening
The results of that command would look similar to Figure 4.
Figure 4: Using ss with a listening state filter.
Show connected sockets from specific address
One handy task you can assign to ss is to have it report connections made by another IP address. Say you want to find out if/how a machine at IP address 192.168.1.139 has connected to your server. For this, you could issue the command:
ss dst 192.168.1.139
The resulting information (Figure 5) will inform you the Netid, the state, the local IP:port, and the remote IP:port of the socket.
Figure 5: A remote machine has established an ssh connection to our local machine.
Make it work for you
The ss command can do quite a bit to help you troubleshoot issues with your Linux server or your network. It would behoove you to take the time to read through the ss man page (issue the command man ss). But, at this point, you should at least have a fundamental understanding of how to make use of this must-know command.
Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.
Building applications that run on your own servers and networks used to mean some very firm demarcations between what was considered a developer task and what was left up to the network team. The move to cloud platforms and cloud abstractions (even on your own hardware) has changed where those divisions fall — just as network operations teams have been adopting new ways of working, in part to keep up with new demands from developers used to being able to control the environment of their application without having to wait for access to resources, whether that’s VMs, storage or connectivity.
In the cloud, you don’t touch a physical network switch because clouds like Amazon Web Services, Microsoft Azure and the Google Cloud Platform don’t let developers anywhere near that level of the hardware. But developers set up all the networking for their applications, managing IP ranges and creating virtual networks and performing networking tasks that they want to automate and operationalize.
“More and more, cloud native developers are having to grapple with networks in a way they hadn’t before,” explains Nigel Kersten, vice president of ecosystem engineering at Puppet.
I talk a lot about containerd. I write blog posts about it, speak at conferences about it, give introductory presentations internally at IBM about it and tweet (maybe too much) about it. Due to my role at IBM, I’ve helped IBM’s public cloud Kubernetes service, IKS, start a migration to use containerd as the CRI runtime in recent releases and similarly helped IBM Cloud Private (our on-premises cloud offering) offer containerd as a tech preview in the past two releases. Given that backdrop of activity and the communities I participate in, I obviously hear a lot of chatter about replacing Docker with {fill in the blank}. Given my containerd resume, you might assume that I always think replacing Docker is the right step for anyone working with container runtimes.
Replace Docker!? or “Choose The Right Tool For The Job”
Maybe due to historic frustrations and/or differences of opinion across the container runtime space, some have failed to see that picking the right tool for the job is just as valuable in this context as it is in any other. There have definitely been “party lines” drawn in some circles based on vendor-affiliation, or some basing decisions off the latest arguments on HackerNews. But, let’s ignore that (which, I’ll admit, is good advice generally!) and look at what we are talking about when we compare the Docker toolset to any of rkt,cri-o,containerd, or any other runtime alternative.
An open-spec, Allwinner H6 based “Orange Pi 3” SBC has gone on sale for $30 to $40, with the latter giving you 2GB of RAM and 8GB eMMC. Other highlights: GbE, HDMI 2.0, 4x USB 3.0, WiFi-ac, and mini-PCIe.
The long-awaited Orange Pi 3 — the highest end of three Allwinner H6 based Orange Pi SBCs — has arrived for about the price of a Raspberry Pi 3. The most powerfully equipped H6-based SBC to date will attempt to take on Rockchip RK3399 based boards, including Shenzhen Xunlong’s own Orange Pi RK3999.
Ah, the age-old question: Which Linux distribution is best suited for servers? Typically, when this question is asked, the standard responses pop up:
RHEL
SUSE
Ubuntu Server
Debian
CentOS
However, in the name of opening your eyes to maybe something a bit different, I’m going to approach this a bit differently. I want to consider a list of possible distributions that are not only outstanding candidates but also easy to use, and that can serve many functions within your business. In some cases, my choices are drop-in replacements for other operating systems, whereas others require a bit of work to get them up to speed.
Some of my choices are community editions of enterprise-grade servers, which could be considered gateways to purchasing a much more powerful platform. You’ll even find one or two entries here to be duty-specific platforms. Most importantly, however, what you’ll find on this list isn’t the usual fare.
What is ClearOS? For home and small business usage, you might not find a better solution. Out of the box, ClearOS includes tools like intrusion detection, a strong firewall, bandwidth management tools, a mail server, a domain controller, and much more. What makes ClearOS stand out above some of the competition is its purpose is to server as a simple Home and SOHO server with a user-friendly, graphical web-based interface. From that interface, you’ll find an application marketplace (Figure 1), with hundreds of apps (some of which are free, whereas some have an associated cost), that makes it incredibly easy to extend the ClearOS featureset. In other words, you make ClearOS the platform your home and small business needs it to be. Best of all, unlike many other alternatives, you only pay for the software and support you need.
ClearOS Business – ideal for small businesses, due to the inclusion of paid support
To make the installation of software even easier, the ClearOS marketplace allows you to select via:
By Function (which displays apps according to task)
By Category (which displays groups of related apps)
Quick Select File (which allows you to select pre-configured templates to get you up and running fast)
In other words, if you’re looking for a Linux Home, SOHO, or SMB server, ClearOS is an outstanding choice (especially if you don’t have the Linux chops to get a standard server up and running).
You’ve heard of Fedora Linux. Of course you have. It’s one of the finest bleeding edge distributions on the market. But did you know the developers of that excellent Fedora Desktop distribution also has a Server edition? The Fedora Server platform is a short-lifecycle, community-supported server OS. This take on the server operating system enables seasoned system administrators, experienced with any flavor of Linux (or any OS at all), to make use of the very latest technologies available in the open source community. There are three key words in that description:
Seasoned
System
Administrators
In other words, new users need not apply. Although Fedora Server is quite capable of handling any task you throw at it, it’s going to require someone with a bit more Linux kung fu to make it work and work well. One very nice inclusion with Fedora Server is that, out of the box, it includes one of the finest open source, web-based interface for servers on the market. With Cockpit (Figure 2) you get a quick glance at system resources, logs, storage, network, as well as the ability to manage accounts, services, applications, and updates.
Figure 2: Cockpit running on Fedora Server.
If you’re okay working with bleeding edge software, and want an outstanding admin dashboard, Fedora Server might be the platform for you.
NethServer is about as no-brainer of a drop-in SMB Linux server as you’ll find. With the latest iteration of NethServer, your small business will enjoy:
Built-in Samba Active Directory Controller
Seamless Nextcloud integration
Certificate management
Transparent HTTPS proxy
Firewall
Mail server and filter
Web server and filter
Groupware
IPS/IDS or VPN
All of the included features can be easily configured with a user-friendly, web-based interface that includes single-click installation of modules to expand the NethServer feature set (Figure 3) What sets NethServer apart from ClearOS is that it was designed to make the admin job easier. In other words, this platform offers much more in the way of flexibility and power. Unlike ClearOS, which is geared more toward home office and SOHO deployments, NethServer is equally at home in small business environments.
Rockstor is a Linux and Btfrs powered advanced Network Attached Storage (NAS) and Cloud storage server that can be deployed for Home, SOHO, as well as small- and mid-sized businesses alike. With Rockstor, you get a full-blown NAS/Cloud solution with a user-friendly, web-based GUI tool that is just as easy for admins to set up as it is for users to use. Once you have Rockstor deployed, you can create pools, shares, snapshots, manage replication and users, share files (with the help of Samba, NFS, SFTP, and AFP), and even extend the featureset, thanks to add-ons (called Rock-ons). The list of Rock-ons includes:
CouchPotato (Downloader for usenet and bittorrent users)
Deluge (Movie downloader for bittorrent users)
EmbyServer (Emby media server)
Ghost (Publishing platform for professional bloggers)
GitLab CE (Git repository hosting and collaboration)
Gogs Go Git Service (Lightweight Git version control server and front end)
Headphones (An automated music downloader for NZB and Torrent)
Logitech Squeezebox Server for Squeezebox Devices
MariaDB (Relational database management system)
NZBGet (Efficient usenet downloader)
OwnCloud-Official (Secure file sharing and hosting)
Plexpy (Python-based Plex Usage tracker)
Rocket.Chat (Open Source Chat Platform)
SaBnzbd (Usenet downloader)
Sickbeard (Internet PVR for TV shows)
Sickrage (Automatic Video Library Manager for TV Shows)
Sonarr (PVR for usenet and bittorrent users)
Symform (Backup service)
Rockstor also includes an at-a-glance dashboard that gives admins quick access to all the information they need about their server (Figure 4).
Zentyal is another Small Business Server that does a great job of handling multiple tasks. If you’re looking for a Linux distribution that can handle the likes of:
Directory and Domain server
Mail server
Gateway
DHCP, DNS, and NTP server
Certification Authority
VPN
Instant Messaging
FTP server
Antivirus
SSO authentication
File sharing
RADIUS
Virtualization Management
And more
Zentyal might be your new go-to. Zentyal has been around since 2004 and is based on Ubuntu Server, so it enjoys a rock-solid base and plenty of applications. And with the help of the Zentyal dashboard (Figure 5), admins can easily manage:
System
Network
Logs
Software updates and installation
Users/groups
Domains
File sharing
Mail
DNS
Firewall
Certificates
And much more
Figure 5: The Zentyal dashboard.
Adding new components to the Zentyal server is as simple as opening the Dashboard, clicking on Software Management > Zentyal Components, selecting what you want to add, and clicking Install. The one issue you might find with Zentyal is that it doesn’t offer nearly the amount of addons as you’ll find in the likes of Nethserver and ClearOS. But the services it does offer, Zentyal does incredibly well.
Plenty More Where These Came From
This list of Linux servers is clearly not exhaustive. What it is, however, is a unique look at the top five server distributions you’ve probably not heard of. Of course, if you’d rather opt to use a more traditional Linux server distribution, you can always stick with CentOS, Ubuntu Server, SUSE, Red Hat Enterprise Linux, or Debian… most of which are found on every list of best server distributions on the market. If, however, you’re looking for something a bit different, give one of these five distos a try.
Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.
In this presentation, Bridget Kromhout discusses what containers and Kubernetes clusters are at a high level, looks into the practical application of open source tools to simplify cluster management, and shows how to deploy Kubernetes clusters in a repeatable and portable fashion.
“You’re probably here because you want to Kuber some netes. And I might dissuade you or I might give you some ideas about tools that will help you do that. The traditional second slide, you have to have the second slide to establish bonafides, bona fides, not sure how to say that, so you can check that off as she does not know how to say bona fides. But I’m Bridget, I live in Minneapolis. I work for Microsoft on the cloud advocacy team. I co-host the Arrested DevOps podcast with Matty Stratton, which is wonderful, because he is here and I sent him to live tweet Bryan Cantrill’s talk, because, uhh, tragically, a talk that I really would like to go to is at the same time as mine. So if any of you decide this Kubernetes is not for you and you want to hear about Rust, Bryan Cantrill is very funny.” …
“Starting with the what even are containers, how did we even get to this place? Quick show of hands, how many people are using containers in some regard right now? I’m going to say 80% of the room. Awesome. Keep your hand up if you’re using them in production. Close, maybe 65% to 70%. And how many of you are using Kubernetes in any regards right now? Maybe, it’s 40%. And in production? Yes, maybe 25%. And I think this is very natural hype cycle stuff. The future is here, like William Gibson tells us, it’s just not evenly distributed.”
Crouton used to have a target which allowed easy Cinnamon installation, but that’s no longer available. Installing Cinnamon desktop on a Chromebook using Crouton is still possible, and this article guides you through this process.
Cinnamon is a desktop environment that’s derived from Gnome 3 but using a traditional desktop layout, being the main desktop environment of the Linux Mint distribution. Since Crouton doesn’t support Linux Mint, Ubuntu 18.04 (Bionic Beaver) will be used as the Linux distribution on top of which we’ll install Cinnamon desktop.
The Linux Foundation just recently announced its 2019 events schedule, featuring all your favorite events as well as some brand-new ones to cover the latest technologies. Make plans now to speak or attend and expand your experience with open source.
The Linux Foundation’s 2019 events are projected to welcome more than 35,000 open source influencers to learn and share best practices in open source technologies ranging from operating systems, cloud applications, containers, IoT, AI, networking, security, storage, and more. New events on the schedule for this year include Cephalocon and gRPC Conf.
Submit a Proposal
If you’re interested in submitting a proposal, act soon because calls for papers for some of the earliest 2019 events are on the verge of closing. Speaking proposals are now being accepted for:
Check back soon for submission details for other upcoming events, as the calendar is regularly updated. The Linux Foundation welcomes first-time speakers and is happy to provide additional information about the submission process.
If you don’t plan to speak but do want to attend, note that events like KubeCon + CloudNativeCon Europe are expected to sell out. The recent event in Seattle was record-breaking in terms of attendance, so register early to secure your spot.
Could decluttering your work life make you more productive and happy in 2019? Considering the fact that millions of people have bought into Marie Kondo’s organization method, as described in her book “The Life-Changing Magic of Tidying Up,” and in her popular new Netfilx series, it’s an idea worth exploring.
We asked IT and business leaders for their “life-changing” hacks for filtering out the distractions and focusing on their most important work. Read on for their tips, and consider if any of these ideas can help spark more joy in your work day.
Redefine “enough”
Elene Cafasso, founder and president, Enerpace, Inc.: “Decluttering your work life begins with prioritizing. Most of us define ‘enough’ as everything. What happens when everything becomes impossible to accomplish?
