Up to this point, my series on HPC fundamentals has covered PDSH, to run commands in parallel across the nodes of a cluster, and Lmod, to allow users to manage their environment so they can specify various versions of compilers, libraries, and tools for building and executing applications. One missing piece is how to share files across the nodes of a cluster.
File sharing is one of the cornerstones of client-server computing, HPC, and many other architectures. You can perhaps get away without it, but life just won’t be easy any more. This situation is true for clusters of two nodes or clusters of thousands of nodes. A shared filesystem allows all of the nodes to “see” the exact same data as all other nodes. For example, if a file is updated on cluster node03, the updates show up on all of the other cluster nodes, as well.
Fundamentally, being able to share the same data with a number of clients is very appealing because it saves space (capacity), ensures that every client has the latest data, improves data management, and, overall, makes your work a lot easier. The price, however, is that you now have to administer and manage a central file server, as well as the client tools that allow the data to be accessed.
Although you can find many shared filesystem solutions, I like to keep things simple until something more complex is needed. A great way to set up file sharing uses one of two solutions: the Network File System (NFS) or SSH File System (SSHFS).
Open Networking Summit Europe is taking place in Amsterdam, September 25-27. Can’t make it? You’ll be missed, but you don’t have to miss out on the action. Tune in to the free livestream to catch all of the keynotes live from your desktop, tablet or phone! Sign Up Now >>
Live video streaming of the keynote sessions from Open Networking Summit Europe 2018 will take place during the following times:
Tuesday, September 25
13:15 – 14:55 (CEST)
Watch keynotes from Cloud Native Computing Foundation, Red Hat, China Mobile, Intel, Orange Group Network and The Linux Foundation.
Wednesday, September 26
9:00 – 10:30 (CEST)
Watch keynotes from Türk Telekom, IBM, IHS/Infonetics Research, Huawei, China Mobile, and Vodafone Group.
Thursday, September 27
9:00 – 10:35 (CEST)
Watch keynotes from Deutsche Telekom AG, Imperial College London, China Mobile, AT&T, and Amdocs, Huawei, VMware and The Linux Foundation.
Deepin Linux. You may not have heard much about this distribution, and the fact that it’s often left out of the conversation is a shame. Why? Because Deepin Linux is as beautiful as it is user-friendly. This distribution has plenty of “wow” factor and very little disappointment.
For the longest time, Deepin Linux was based on Ubuntu. But with the release of 15.7, that all changed. Now, Deepin’s foundation is Debian, but the desktop is still that beautiful Deepin Desktop. And when I say it’s beautiful, it truly is one of the most gorgeous desktop environments you’ll find on any operating system. That desktop uses a custom-built QT5 toolkit, which runs as smoothly and with as much polish as any I’ve ever used. Along with that desktop, comes a few task-specific apps, built with the same toolkit, so the experience is consistent and integrated.
What makes the 15.7 release special is that it comes just two short months after the 15.6 release and is focused primarily on performance. Not only is the ISO download size smaller, many core components have been optimized with laptop battery performance in mind. To that end, the developers have gained up to 20 percent better battery life and a much-improved memory usage. Other additions to Deepin Linux are:
NVIDIA Prime support (for laptops with hybrid graphics).
On-screen notifications (for the likes of turning on or off the microphone and/or Wi-Fi).
New drag and drop animation.
Added power saving mode and auto-mode switching for laptops.
Application categories in mini mode.
Full disk installation.
For a full list of improvements and additions, check out the 15.7 Release notes.
Let’s install Deepin Linux and see just what makes this distribution so special.
Installation
In similar fashion to the desktop, the Deepin Linux installer is one of the most beautiful OS installers you will find (Figure 1). Not only is the installer a work of art, it’s incredibly simple. As with most modern Linux distributions, installing Deepin is only a matter of answering a few questions and clicking Next a few times.
Figure 1: Installing Deepin Linux is as easy as it is beautiful.
Installation shouldn’t take more than 10 minutes tops. In fact, based on the download experience I had with the main download mirror, the installation will go faster than the ISO download. To that end, you might went to pick one of the following mirrors to snag a copy of Deepin Linux:
Once you’ve installed Deepin Linux, you can then log onto your new desktop.
First Steps
Upon first login, you’ll be greeted by a setup wizard that walks you through the configuration of the desktop (Figure 2).
Figure 2: The Deepin Desktop setup wizard.
In this wizard, you will be asked to configure the following:
Desktop Mode: Between Efficient (a more standard layout) and Fashion (a GNOME 3-like layout).
Window Effects: Enable or disable.
Icon theme.
Once you’ve select those options, you’ll find yourself on the Deepin Desktop (Figure 3).
Figure 3: The Deepin Desktop is at the ready.
Applications
The application list might surprise some users, especially those who have grown accustomed to certain applications being installed by default. What you’ll find on Deepin Linux is a list of applications that includes:
WPS Office
Google Chrome
Spotify
Deepin Store
Deepin Music
Deepin Movie
Steam
Deepin Screenshot
Foxit Reader
Thunderbird Mail
Deepin Screen Recorder
Deepin Voice Recorder
Deepin Cloud Print
Deepin Cloud Scan
Deepin Font Installer
ChmSee
Gparted
What the developers have done is to ensure users have as complete a desktop experience as possible, out of the box. In other words, most every average user wouldn’t have to bother installing any extra software for some time. And for those who question the choice of WPS Office, I’ve used it on plenty of occasions and it is quite adept at not only creating stand-alone documents, but collaborating with those who work with other office suites. The one caveat to that is WPS Office isn’t open source. However, Deepin Linux doesn’t promote itself as a fully open desktop, so having closed-source applications (such as the Spotify client and WPS Office) should surprise no one.
Control Center
Deepin takes a slightly different approach to the Control Center. Instead of it being a stand-alone, windowed application, the Control Center serves as a sidebar (Figure 4), where you can configure users, display, default applications, personalization, network, sound, time/date, power, mouse, keyboard, updates, and more.
Figure 4: The Deepin Linux Control Center.
Click on any one of the Control Center categories and you can see how well the developers have thought out this new means of configuring the desktop (Figure 5).
Figure 5: The Control Center in action.
Hot Corners
The Deepin Desktop also has a nifty hot corners feature on the desktop. With this feature, you can set each corner to a specific action, such that when you hover your mouse over a particular corner, the configured action will occur. Available actions are:
Launcher
Fast Screen Off
Control Center
All Windows
Desktop
None
To set the hot corners, right-click on the desktop and select Corner Settings from the pop-up menu. You can then hover your cursor over one of the four corners and select the action you want associated with that corner (Figure 6).
Figure 6: Setting hot corners on Deepin Desktop.
A Must-Try Distribution
If you’re looking for your next Linux desktop distribution, you’d be remiss if you didn’t give Deepin Linux 15.7 a try. Yes, it is beautiful, but it’s also very efficient, very user-friendly, and sits on top of a rock solid Debian foundation. It’s a serious win-win for everyone. In fact, Deepin 15.7 is the first distribution to come along in a while to make me wonder if there might finally be a contender to drag me away from my long-time favorite distro… Elementary OS.
Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.
Internet Corporation for Assigned Names and Numbers (ICANN) has voted to go ahead with the first-ever changing of the cryptographic key that helps protect the internet’s address book – the Domain Name System (DNS).
The ICANN Board at its meeting in Belgium this week, decided to proceed with its plans to change or “roll” the key for the DNS root on Oct. 11, 2018. It will mark the first time the key has been changed since it was first put in place in 2010.
The KSK rollover means generating a new cryptographic public and private key pair and distributing the new public component to parties who operate validating resolvers, according to ICANN.
At Node+JS Interactive, attendees collaborate face to face, network, and learn how to improve their skills with JS in serverless, IoT, and more. Stephanie Evans, Content Manager for Back-end Web Development at LinkedIn Learning, will be speaking at the upcoming conference about building a secure ecosystem for Node.js. Here she answers a few questions about teaching and learning basic security practices.
Linux.com: Your background is in tech education, can you provide more details on how you would define this and how you got into this area of expertise?
Stephanie Evans:It sounds cliché, but I’ve always been passionate about education and helping others. After college, I started out as an instructor of a thoroughly analog skill: reading. I worked my way up to hiring and training reading teachers and discovered my passion for helping people share their knowledge and refine their teaching craft. Later, I went to work for McGraw Hill Education, publishing self-study certification books on popular IT certs like CompTIA’s Network+ and Security+, ISAAP’s CISSP, etc. My job was to figure out who the biggest audiences in IT were; what they needed to know to succeed professionally; hire the right book author; and help develop the manuscript with them.
I moved into online learning/e-learning 4 years ago and shifted to video training courses geared towards developers. I enjoy working with people who spend their time building and solving complex problems. I now manage the video training library for back-end web developers at LinkedIn Learning/Lynda.com and figure out what developers need to know; hire instructors to create that content; and work together to figure out how best to teach it to them. And, then update those courses when they inevitably become out of date.
Linux.com: What initially drove you to use your skill set in education to help with security practices?
Evans:I attend a lot of conferences, watch a lot of talks, and chat to a lot of developers as part of my job. I distinctly remember attending a security best practices talk at a very large, enterprise-tech focused conference and was surprised by the rudimentary content being covered. Poor guy, I’d thought…he’s going to get panned by this audience. But then I looked around and most everyone was engaged. They were learning something new and compelling. And it hit me: I had been in a security echo chamber of my own making. Just like the mainstream developer isn’t working with the cutting-edge technology people are raving about on Twitter, they aren’t necessarily as fluent in basic security practices as I’d assumed. A mix of unawareness, intense time pressure, and perhaps some misplaced trust can lead to a “security later” mentality. But with the global cost of cybercrime up to 600 billion a year from 500 billion in 2014 as well as the exploding amount of data on the web. We can’t afford to be working around security or assuming everyone knows the basics.
Linux.com: What do you think are some common misconceptions about security with Node.js and in general with developers?
Evans:I think one of the biggest misconceptions is that security awareness and practices should come “later” in a developer’s career (and later in the development cycle). Yes, your first priority is to learn that Java and JavaScript are not the same thing—that’s obviously most important. And you do have to understand how to create a form before you can understand how to prevent cross-site -scripting attacks. But helping developers understand—at all stages of their career and learning journey—what the potential vulnerabilities are and how they can be exploited needs to be a much higher priority and come earlier than we may intuitively think.
I joke with my instructors that we have to sneak in the ‘eat your vegetables’ content to our courses. Security is an exciting, complex and challenging topic, but it can feel like you’re having to eat your vegetables as a developer when you dig into it. Often ‘security’ is a separate department (that can be perceived as ‘slowing things down’ or getting in the way of deploying code) and it can further distance developers from their role in securing their applications.
I also think that those who truly understand security can feel that it’s overwhelmingly complex to teach—but we have to start somewhere. I attended an introductory npm talk last year that talked about how to work with dependencies and packages…but never once mentioned the possibility of malicious code making it into your application through these packages. I’m all about teaching just enough at the right time and not throwing the kitchen sink of knowledge at new developers. We should stop thinking of security—or even just security awareness—as an intermediate or advanced skill and start bringing it up early and often.
Linux.com: How can we infuse tech education into our security practices? Where does this begin?
Evans:It definitely goes both ways. Clear documentation and practical resources right alongside security recommendations go a long way towards ensuring understanding and adoption. You have to make things as easy as possible if you want people to actually do it. And you have to make those best practices accessible enough to understand.
The 2018 Node User Survey Report from the Node.js Foundation showed that while learning resources around Node.js and JavaScript development improved, the availability and quality of learning resources for Node.js Security received the lowest scores across the board.
After documentation and Stack Overflow, many developers rely on online videos and tutorials—we need to push security education to the forefront, rather than expecting developers to seek it out. OWASP, the nodegoat project, and the Node.js Security Working Group are doing great work here to move the needle. I think tech education can do even more to bring security in earlier in the learning journey and create awareness about common exploits and important resources.
Learn more at Node+JS Interactive, coming up October 10-12, 2018 in Vancouver, Canada.
The following is the first in a series of posts from The Cloud Foundry Foundation on digital transformation, in preparation for the upcoming Cloud Foundry Summit in Basel, Switzerland.
Not so long ago, business leaders repeatedly asked: “What exactly is digital transformation and what will it do for my business?” Today we’re more likely to hear, “How do we chart a course?”
Our answer: the path to digital involves more than selecting a cloud application platform. Instead, digital, at its heart, is a human journey. It’s about cultivating a mindset, processes, organization and culture that encourages constant innovation to meet ever-changing customer expectations and business goals.
In this two-part blog series we’ll share seven guidelines for getting digital right. Read on for the first three.
1. Start with the End: Know What You Want
Whatever your objective, you’ll need to put together the people, technology and processes to release better software, faster. Execution velocity is a key differentiator in the digital economy, so think in terms of days, not weeks or months. Get there by creating a minimum viable product (MVP) and then iterating.
Dependency cycles will be familiar to you if you have ever locked your keys inside your house or car. You can’t open the lock without the key, but you can’t get the key without opening the lock. Some cycles are obvious, but more complex dependency cycles can be challenging to find before they lead to outages. Strategies for tracking and controlling dependencies are necessary for maintaining reliable systems.
Reasons to Manage Dependencies
A lockout, as in the story of the cyclic coffee shop, is just one way that dependency management has critical implications for reliability. You can’t reason about the behavior of any system, or guarantee its performance characteristics, without knowing what other systems it depends on. Without knowing how services are interlinked, you can’t understand the effects of extra latency in one part of the system, or how outages will propagate. How else does dependency management affect reliability?
SLO
No service can be more reliable than its critical dependencies.8 If dependencies are not managed, a service with a strict SLO1 (service-level objective) might depend on a back end that is considered best-effort. …
After a disaster, it may be necessary to start up all of a company’s infrastructure without having anything already running. Cyclic dependencies can make this impossible: a front-end service may depend on a back end, but the back-end service could have been modified over time to depend on the front end. As systems grow more complex over time, the risk of this happening increases. Isolated bootstrap environments can also provide a robust QA environment.
Security
In networks with a perimeter-security model, access to one system may imply unfettered access to others.9 If an attacker compromises one system, the other systems that depend on it may also be at risk. Understanding how systems are interconnected is crucial for detecting and limiting the scope of damage. You may also think about dependencies when deploying DoS (denial of service) protection: one system that is resilient to extra load may send requests downstream to others that are less prepared.
A Linux repository is a storage location from which your system retrieves and installs OS updates and applications. Each repository is a collection of software hosted on a remote server and intended to be used for installing and updating software packages on Linux systems. When you run commands such as “sudo apt update” or “sudo apt upgrade”, you may be pulling package information and package updates from a number of repositories.
Repositories contain thousands of programs. Standard repositories provide a high degree of security, since the software included is thoroughly tested and built to be compatible with a particular distribution and version. So, you can expect the updates to occur with no unexpected “side effects.”
Repositories may be standard or non-standard. Once a non-standard repository has been added to your system’s list of repositories, the system can install software from it, as well as from the standard ones; otherwise, it cannot.
The talk was inspired by this article, in which Rikki examined some ways that writing can “spark joy” and improve your career in unexpected ways. Full disclosure: I have known Rikki for a long time. We worked at the same company for many years, raised our children together, and remain close friends.
Write and learn
As Rikki noted in the talk description, “even if you don’t consider yourself to be ‘a writer,’ you should consider writing about your open source contributions, project, or community.” Writing can be a great way to share knowledge and engage others in your work, but it has personal benefits as well. It can help you meet new people, learn new skills, and improve your communication style.
I find that writing often clarifies for me what I don’t know about a particular topic. The process highlights gaps in my understanding and motivates me to fill in those gaps through further research, reading, and asking questions.
“Writing about what you don’t know can be much harder and more time consuming, but also much more fulfilling and help your career. I’ve found that writing about what I don’t know helps me learn, because I have to research it and understand it well enough to explain it,” Rikki said.
Writing about what you’ve just learned can be valuable to other learners as well. In her blog, Julia Evans often writes about learning new technical skills. She has a friendly, approachable style along with the ability to break down topics into bite-sized pieces. In her posts, Evans takes readers through her learning process, identifying what was and was not helpful to her along the way, essentially removing obstacles for her readers and clearing a path for those new to the topic.
Communicate more clearly
Writing can help you practice thinking and speaking more precisely, especially if you’re writing (or speaking) for an international audience. In this article, for example, Isabel Drost-Fromm provides tips for removing ambiguity for non-native English speakers. Writing can also help you organize your thoughts before a presentation, whether you’re speaking at a conference or to your team.
“The process of writing the articles helps me organize my talks and slides, and it was a great way to provide ‘notes’ for conference attendees, while sharing the topic with a larger international audience that wasn’t at the event in person,” Rikki stated.
If you’re interested in writing, I encourage you to do it. I highly recommend the articles mentioned here as a way to get started thinking about the story you have to tell. Unfortunately, our discussion at Open Source Summit was not recorded, but I hope we can do another talk in the future and share more ideas.
Check out the schedule of talks for Open Source Summit Europe and sign up to receive updates:
