Home Blog Page 4

Open Mainframe Project Announces the Full Schedule for the 2nd Annual Open Mainframe Summit on September 22-23

The open source mainframe virtual event features keynote speakers from DeployHub, FINOS, Jono Bacon Consulting, the Linux Foundation, ZEDEDA and more 

SAN FRANCISCO, August 12, 2021 The Open Mainframe Project (OMP), an open source initiative that enables collaboration across the mainframe community to develop shared tool sets and resources, today announces the complete schedule of the 2nd annual Open Mainframe Summit. This year’s virtual event, which takes place on September 22-23, will feature keynote speakers Gabriele Columbro, Executive Director of Fintech Open Source Foundation (FINOS); Jason Shepherd, Vice President of Ecosystem at ZEDEDA and Chair of the LF Edge Governing Board; Jono Bacon, a leading community and collaboration speaker and founder of Jono Bacon Consulting; Steve Winslow, Vice President of Compliance and Legal at The Linux Foundation; Tracy Ragan, CEO and Co-Founder of DeployHub and Continuous Delivery Foundation Board Member, and more.

The theme of this year’s Open Mainframe Summit expands beyond the mainframe to highlight influencers with strengths in the areas supporting or leveraging the technology like continuous delivery, edge computing, financial services and open source. It will also highlight projects, diversity and business topics that will offer seasoned professionals, developers, students and leaders an opportunity to share best practices and network with like-minded individuals.

Conference Sessions highlight projects, diversity and business topics such as:

Mainframe Mavens: 5 Women to Know – Stacey Miller, Global Product Marketing Manager at SUSE and Yvette LaMar, Director of the IBM Z Influencer Ecosystem at IBMThe Facts about COBOL – Misty Decker, Product Marketing Director at Micro Focus; Derek Britton, Director of Communications and Brand Strategy at Micro Focus; and Cameron Seay, Adjunct Instructor at East Carolina UniversityMaking Our Strong Community Stronger moderated by Dr. Gloria Chance, CEO at Mousai Group -Jeanne Glass, CEO and Founder of VirtualZ Computing; David Jeffries, Vice President of Development IBM z/OS Software at IBM; Greg Lotko, Broadcom; Andy Youniss, Rocket SoftwareConsoleZ – Accessing z/VM Console Data from a Browser – Mike MacIsaac, Systems Programmer at ADPWorkflow wiZard: A Flexible Workflow Creation Tool for z/OSMF – Ray Cole, Product Architect at BMC SoftwareFeilong: The Open Source API for z/VM Automation – Mike Friesenegger, Solutions Architect at SUSEIntegrating Tessia for Self-Provisioning of Linux Distributions on Z – Alexander Efremkin, Tessia Architect, Linux Workload Enablement on IBM Z at IBMIntroducing ZEBRA – an Incubation Project for Zowe – Salisu Ali, Student at Bayero University Kano, Andrew Twydell, Intern at IBM and Alex Kim, Enterprise Solutions Architect at Vicom InfinityDIY: Zowe Explorer Starter Kit – Jessielaine Punongbayan, Product Marketing Engineer at Broadcom and Richelle Anne Craw, Senior Software Engineer at Broadcom

With a commitment to diversity, equity and inclusion, Open Mainframe Project worked closely with the CHAOSS Diversity & Inclusion Badging Program, which encourages events to obtain D&I badges for leadership, self-reflection, and self-improvement on issues critical to building the Internet as a social good. Open Mainframe Summit earned a Gold Badge for prioritizing diversity and inclusion.

See the full conference schedule here. Conference Registration for the online event is $50 for general attendance and $15 for academia.

Open Mainframe Summit is made possible thanks to Platinum Sponsors Broadcom, IBM, Rocket Software and SUSE; Gold Sponsors Micro Focus and Vicom Infinity; Silver Sponsor BMC; and Academic and Community Sponsors CD Foundation and FINOS. For information on becoming an event sponsor, click here

Members of the press who would like to request a press pass to attend should contact Maemalynn at maemalynn@linuxfoundation.org.

About the Open Mainframe Project

The Open Mainframe Project is intended to serve as a focal point for deployment and use of Linux and Open Source in a mainframe computing environment. With a vision of Open Source on the Mainframe as the standard for enterprise class systems and applications, the project’s mission is to build community and adoption of Open Source on the mainframe by eliminating barriers to Open Source adoption on the mainframe, demonstrating value of the mainframe on technical and business levels, and strengthening collaboration points and resources for the community to thrive. Learn more about the project at https://www.openmainframeproject.org.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and commercial adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

###

The post Open Mainframe Project Announces the Full Schedule for the 2nd Annual Open Mainframe Summit on September 22-23 appeared first on Linux Foundation.

Facebook, Google, Isovalent, Microsoft and Netflix Launch eBPF Foundation as Part of the Linux Foundation

Industry leaders come together to drive the growth of eBPF as a transformational technology to redefine networking, security, tracing and observability

SAN FRANCISCO, August 12, 2021 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced that it is hosting the eBPF Foundation. Founding members include Facebook, Google, Isovalent, Microsoft and Netflix. This comes in advance of the eBPF Summit, a free and virtual event taking place August 18-19, 2021.

eBPF allows developers to safely and efficiently embed programs in any piece of software, including the operating system kernel. As a result, eBPF is quickly becoming the method of choice for achieving a wide range of infrastructure use cases, delivering significant efficiency and performance gains and dramatically reducing the complexity of the system. For example, Facebook is using eBPF as the primary software-defined load balancer in its data centers, and Google is using Cilium to bring eBPF-based networking and security to the managed Kubernetes offerings GKE and Anthos.

“eBPF is a revolutionary technology that allows us to modify operating system behavior in real time without risky or expensive kernel code changes. It’s had a remarkable impact on our ability to iterate quickly on everything from networking to security to containerization,” said Alexei Starovoitov, Co-creator and Maintainer of eBPF, Kernel Developer at Facebook.

eBPF changes the way operating systems and infrastructure services are designed. It bridges the boundary between kernel and user space. It encourages and accelerates innovation and is a significant leap forward in open source technology for networking, security, application profiling/tracing and system observability use cases. eBPF enables users to even combine and apply logic across multiple subsystems which were traditionally completely independent.

“eBPF has redefined the way we think about the operating system and has led to a massive wave of innovation in networking, security, and observability. Because of its deep relevance in the cloud native world, eBPF adoption has been accelerating at an incredible pace,” said Daniel Borkmann, Co-creator and Maintainer of eBPF, Kernel Developer at Isovalent.

By making the OS kernel programmable, infrastructure software can leverage existing layers, making them more intelligent, scalable and feature-rich without continuing to add additional layers of complexity to the system. eBPF has resulted in the development of a completely new generation of tooling in areas such as networking, security, application profiling/tracing and performance troubleshooting that no longer rely on existing kernel functionality but instead actively reprogram runtime behavior without compromising execution efficiency or safety.

The eBPF Foundation will expand the significant level of contributions being made to extend the powerful capabilities of eBPF and grow beyond Linux. It will be the home for open source eBPF projects and technologies and nurture the community through a variety of activities, including summits and other collaboration events in order to further drive the growth and adoption of the eBPF ecosystem.

“eBPF is one of the greatest examples of the kind of innovation that happens in the Linux community and encompasses technologies that are natural for us to host. It also represents the future of operating systems and microservices delivery,” said Mike Dolan, general manager and senior vice president of projects at the Linux Foundation. “We look forward to supporting the work of the eBPF Foundation and community.”

For more information, please visit: https://www.ebpf.io

Member Quotes

Facebook
“For many years, eBPF has played a critical role in accelerating the kernel development — thanks to the tireless work of many dedicated developers and maintainers,” said Chris Mason, Kernel Maintainer and Engineering Director at Facebook. “We’re excited to support the work of the eBPF community, enabling them to build the tools needed to power the next generation of Linux system development.”

Google
“We are excited to see the Linux Foundation announce their decision to host eBPF,” said Chris DiBona, director of open source at Google. “eBPF is the future of networking for the Linux kernel and Google is pleased to be part of the evolving standard it has created.”

Isovalent
“The programmability of eBPF has enabled a revolution in security, observability, and networking. In particular in the area of containers and the cloud native space more broadly. We are proud to have played a central role in developing and co-maintaining eBPF from its early days to the industry standard it has become. We are looking forward to continuing to work with the community,” said Thomas Graf, Chief Technology Officer, Isovalent. “Even though eBPF has already found its ways into the production stacks of countless enterprises, we are still at the beginning of the innovation curve that eBPF as a technology unlocks.”

Microsoft
“eBPF has resulted in a new generation of tooling that allows developers to easily diagnose problems, innovate quickly, and extend operating system functionality,” said Mark Russinovich, Chief Technology Officer, Microsoft Azure. “Microsoft looks forward to partnering with the community in further expanding the use of eBPF in new scenarios and platforms.  We’re excited to collaborate with the other founding members and hope additional organizations will join.”

Netflix
“eBPF is a new type of software that provides superpower capabilities, birthing an industry of networking, performance, and security technologies,” said Brendan Gregg, senior performance engineer at Netflix. “Netflix has pioneered uses of eBPF for observability, providing insight into countless areas that were previously difficult or prohibitively expensive to instrument. eBPF has helped us lower application latency and find cost savings. Netflix is delighted to join the eBPF Foundation to collaborate and develop more exciting technologies.”

Supporting Quote

Intel
Intel welcomes the creation of the eBPF Foundation. Technologies including eBPF have the potential to revolutionize critical applications and use cases across compute, storage, networking, and next generation infrastructure. We are excited to continue to contribute to eBPF and look forward to working with the new eBPF Foundation to accelerate customer workloads and unlock innovation,” said Jesse Brandeburg, a Principal Software Engineer in the Ethernet Products Group at Intel.

About The Linux Foundation
Founded in 2000, The Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. The Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page:  https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact
Jennifer Cloer
for the Linux Foundation
503-867-2304
jennifer@storychangesculture.com

The post Facebook, Google, Isovalent, Microsoft and Netflix Launch eBPF Foundation as Part of the Linux Foundation appeared first on Linux Foundation.

The Linux Foundation and Fintech Open Source Foundation Announce the Agenda for Open Source Strategy Forum London 2021, Oct 4-5

Experts from financial services, technology and open source will come together to deepen collaboration and drive innovation across the industry in order to deliver better code, faster.

SAN FRANCISCO, August 11, 2021 —  The Linux Foundation, the nonprofit organization enabling mass innovation through open source, and co-host Fintech Open Source Foundation (FINOS), a nonprofit whose mission is to accelerate adoption of open source software, standards and best practices in financial services, today announced the conference agenda for Open Source Strategy Forum London 2021 (OSSF). The event takes place October 4-5 in London, England. The schedule can be viewed here.

The event will gather experts from financial services, technology and open source who will come together for thought-provoking insights and conversations, providing unique opportunities to hear from and engage with those who are leveraging open source software to solve industry challenges. OSSF is the only conference dedicated to driving collaboration and innovation in financial services through open source.

The event will feature 35+ sessions and endless opportunities to learn about the most cutting edge topics at the cross section of finance, open source and technology, revealing recent developments and the direction of open source in financial services.

Conference Session Highlights:

An Open-sourced Solution to Data Governance? How Legend May Be the Answer to Data Quality Concerns in the Financial Industry – Ffion Acland & Beeke-Marie Nelke, Goldman SachsNew Generation of Mainframers – John Mertic, The Linux Foundation; Jessielaine Punongbayan, Broadcom; and Alex Kim, Vicom InfinityOpen Banking, Open Source, and Open Standards – Kevin Morris, Large Credit Union CoalitionHow to Maximize Open Source Investment to Drive Business Innovation – Traci Robinson-Williams, GitLabIf It’s Such a Good Idea, Why Haven’t We Been Doing It? – Gil Yehuda, U.S. BankDevelop Automated Workflows in Seconds – Olivier Poupeney, Symphony Communication Services

Registration is offered at the early price of 220 GBP through Aug 17. Members of The Linux Foundation receive a 20 percent discount – members can contact events@linuxfoundation.org to request a member discount code. Members of FINOS can attend at no cost – members can contact ossf@finos.org to request the FINOS Member registration code. 

Health and Safety
In-person attendees will be required to be fully vaccinated against the COVID-19 virus and wear a mask while onsite at the event. Additionally, all attendees will need to comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. To learn more, visit the Health & Safety webpage and read our blog post.

Diversity & Need-Based Scholarships and Travel Funding

Applications for diversity and need-based scholarships are currently being accepted here. The Linux Foundation’s Travel Fund is also accepting applications, with the goal of enabling open source developers and community members to attend events that they would otherwise be unable to attend due to a lack of funding. We place an emphasis on funding applicants who are from historically underrepresented or untapped groups and/or those of lower socioeconomic status. To learn more and apply, click here.

Sponsor

For information on becoming an event sponsor, click here or email us for more information and to speak to our team. The Sponsorship deadline is September 9. 

Press
Members of the press who would like to request a press pass to attend should contact Kristin O’Connell.

About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, Linkedin, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

###

Media Contact

Kristin O’Connell
The Linux Foundation

koconnell@linuxfoundation.org

The post The Linux Foundation and Fintech Open Source Foundation Announce the Agenda for Open Source Strategy Forum London 2021, Oct 4-5 appeared first on Linux Foundation.

How OpenStack uses Ceph for storage

You may know that OpenStack can use Ceph as back-end storage, but do you know how it works?
Read More at Enable Sysadmin

Build a lab in five minutes with three simple commands

It’s handy to have a lab environment separate from your day-to-day workstation. Use these commands to set up a place to learn and experiment without risking your work environment.
Read More at Enable Sysadmin

How to use the Linux BIND command to install and configure DNS

The DNS helps you get where you want to be on the internet. Make sure you know what it is and how to set up, configure, and test it.
Read More at Enable Sysadmin

Funded open source security work at the Linux Foundation

Open source software (OSS) is vitally important to the functioning of society today; it underpins much of the global economy. However, some OSS is highly secure, while others are not as secure as they need to be.

By its very nature, open source enables worldwide peer review, yet while its transparency has the potential for enhanced software security, that potential isn’t always realized. Many people are working to improve things where it’s needed. Most of that work is done by volunteers or organizations outside the Linux Foundation (LF) who directly pay people to do the work (typically as employees). Often those people work together within a foundation that’s part of the Linux Foundation. Sometimes, however, the LF or an LF foundation/project (e.g., a fund) directly funds people to do security work.

At the Linux Foundation (LF), I have the privilege of overseeing focused work to improve OSS security by the very people paid to do it. This work is funded through various grants and foundations, with credits to organizations like Google, Microsoft, the Open Source Security Foundation (OpenSSF), the LF Public Health foundation, and the LF itself.

The LF and its foundations do much more that I don’t oversee, so I’ve only listed the ones I am personally involved with in the interest of brevity. I hope it will give you a sense of some of the things we’re doing that you might not know about otherwise.

The typical LF oversight process for this work is described in “Post-Approval LF Security Funding.” Generally, performers must provide a periodic summary of their work so they can get paid. Most of those summaries are public, and in those cases, it’s easy for others to learn about their interesting work!

Here’s a sample of the work I oversee:

Ariadne Conill is improving Alpine Linux security, including significant improvements to its vulnerability processing and making it reproducible. For example, as noted in the July 2021 report, this resulted in Alpine 3.14 being released with the lowest open vulnerability count in the final release in a long time. Alpine Linux’s security is important because many containers use it. For more information, see “Bits relating to Alpine security initiatives in June” and “Bits relating to Alpine security initiatives in July.”kpcyrd is doing a lot of reproducible build work on Linux distributions, especially Alpine Linux (including on the Raspberry Pi) and Arch Linux. Reproducible builds are a strong countermeasure against build system attacks (such as the devastating attack on SolarWinds Orion). More than half of the currently unreproducible packages in Arch Linux have now been reviewed and classified.David Huseby has been working on modifying git to have a much more flexible cryptographic signing infrastructure. This will make it easier to verify the integrity of software source code; git is widely used to manage source code.Theo de Raadt has also been receiving funding to secure the critical “plumbing” behind modern communications infrastructure:This funding is being used towards improving OpenSSH (a widely-used tool whose security is critical). These include various smaller improvements, an updated configuration file parser, and a transition to using the SFTP protocol rather than the older RCP protocol inside the scp(1) program.It is also being used to improve rpki-client, implementing Resource Public Key Infrastructure (RPKI). RPKI is an important protocol for protecting the Internet’s routing protocols from attack. These improvements implement the RPKI Repository Delta Protocol (RRDP) data transfer protocol and fix various edge cases (e.g., through additional validation checks). The https://irrexplorer.nlnog.net/ service is even using rpki-client behind the scenes.

Nathan Chancellor is improving the Linux kernel’s ability to be compiled with clang (instead of just gcc). This includes eliminating warning messages from clang (which helps to reduce kernel bugs even when gcc is used) and fixing/extending the clang compiler (which helps clang users when compiling code other than the Linux kernel). Unsurprisingly this involves changing both the Linux kernel and the clang/LLVM compiler infrastructure, and sometimes other software as well.In the long run, eliminating warnings that by themselves aren’t bugs is important; developers will ignore warnings if there are many irrelevant ones, but if there are only a few warnings, they’ll examine them (making warnings more useful).Of notable mention for security implications is clang support for Control-Flow Integrity (CFI); this can counter many attacks on arm64, and work will eventually enable x86_64 support.

I oversee some security audits conducted via the Open Source Technology Improvement Fund (OSTIF) when funded through the LF. We (the LF) often work with OSTIF to conduct security audits. We work with OSTIF to define the audit scope, and then OSTIF runs a bidding process where qualified security audit firms propose to do the work. We then work with OSTIF to select the winner (who isn’t always the cheapest — we want good work, not a box-check). OSTIF & I then oversee the process and review the final result. Note that we don’t just want to do audits, we also want to fix or mitigate any critical issues the audits identify, but the audits help us find the key problems. Subject matter experts perform the audit reports, and handling bidding is OSTIF’s primary focus, so my main contribution is usually to help ensure these reports are clear to non-experts while still being accurate. Experts sometimes forget to explain their context and jargon, and it’s sometimes hard to fix that (you must know the terminology & technology to explain it).This work included two security audits related to the Linux kernel, one for signing and key management policies and the other for vulnerability reporting and remediation. I’ve also overseen audits of the exposure notification applications COVID Shield and COVID Green: It’s not part of my oversight of OSTIF on behalf of the LF, but I also informally talk with OSTIF about other OSS they’re auditing (such as flux2, lodash, jackson-core, jackson-databind, httpcomponents-core, httpcomponents-client, laravel, and slf4j). A little coordination and advice-sharing among experts can make everything better.

The future is hard to predict, but we anticipate that we will be doing more. In late July, the OpenSSF Technical Advisory Council (TAC) recommended approving funding for a security audit of (part of) Symfony, a widely-used web framework. The OpenSSF Governing Board (GB) approved this on 2021-08-05 and I expect OSTIF will soon take bids on it.

The OpenSSF is also taking steps to raise more money via membership dues (this was delayed due to COVID; starting a new foundation is harder during a pandemic). Once the OpenSSF has more money, we expect they’ll be funding a lot more work to identify critical projects, do security audits, fix problems, and improve or create projects to enhance OSS security. The future looks bright.

Please remember that this is only a small part of ongoing work to improve OSS security. Almost all LF projects need to be secure, so most foundations’ projects include security efforts not listed here. As noted earlier, most development work is done by volunteers or by non-LF organizations directly paying people to do the work (typically employees). 

The OpenSSF has several working groups and many projects where people are working together to improve OSS security. These include free courses on how to develop secure software and the CII Best Practices badge project. We (at the LF) also have many other projects working to improve OSS security. For example, sigstore is making cryptographic signatures much easier; sigstore’s “cosign” tool just released its version 1.0. Many organizations have recently become interested in software bill-of-materials (SBOMs), and we’ve been working on SBOMs for a long time.

If you or your organization would like to fund focused work on improving OSS security, please reach out! You can contribute to the OpenSSF (in general or as a directed fund); just contact them (e.g., Microsoft contributed to OpenSSF in December 2020). If you’d prefer, you can create a grant directly with the Linux Foundation itself — just email me at <dwheeler@linuxfoundation.org> if you have questions. For smaller amounts, say to fund a specific project, you can also consider using the LFX crowdfunding tools to fund or request funding. Many people & organizations struggle to pay individual OSS developers because of the need to handle taxes and oversight. If that’s your concern, talk to us. The LF has experience & processes to do all that, letting experts focus on getting the work done.

My sincere thanks to all the performers for their important work and to all the funders for their confidence in us!

About the author: David A. Wheeler is Director of Open Source Supply Chain Security for The Linux Foundation.

The post Funded open source security work at the Linux Foundation appeared first on Linux Foundation.

How to set up and use Python virtual environments for Ansible

Python’s venv module gives you freedom to test new Ansible features before deploying them to production and without disturbing your system install.
Read More at Enable Sysadmin

A sysadmin’s guide to setting up collaboration with Mattermost

Mattermost offers sysadmins an open source, on-premises collaboration suite that can be customized easily to suit a team’s specific needs.
Read More at Enable Sysadmin

Deep dive into Ansible ad hoc commands

Make life easier when dealing with Ansible automation by using ad hoc commands.
Read More at Enable Sysadmin