Twitter
Home Blog Page 485

Six Strategies for Scaling an Open Source Community

By
OpenStack
-

We have solved some of the scaling problems with the release management and documentation teams, and are planning a solution for an issue now facing the dependency management team. In the course of working with those teams, I have developed a six-step process that I use to find more sustainable approaches to scaling open source community practices.

1. Understand history — Why are things they way they are today? What requirements were we trying to meet? Before making a major change to a process, we need to establish the original requirements and identify their sources. We also need to understand any constraints that influenced early decisions, and how long-standing processes have evolved since being created. This stage involves asking questions, examining mailing list archives, and studying existing tools.

Read more at OpenStack Superuser

Introducing Fastify, a Speedy Node.js Web Framework

By
The New Stack
-

The following is a contributed article from Node.js core technical committee member Matteo Collina, summarizing the talk he will give at the Node.js Interactive conference, to be held Oct. 4 – 6 in Vancouver. 

Why have we written yet another web framework for Node.js? I am committed to making the Node.jsplatform faster, more stable and more scalable. In 2016, myself and David Mark Clements started Pino, which was designed to be the fastest logger for Node.js, and it now has four active maintainers and an ecosystem of hundreds of modules.

Fastify is a new web framework inspired by HapiRestify and Express. Fastify is built as a general-purpose web framework, but it shines when building extremely fast HTTP APIs that use JSON as the data format. These are extremely common in both web and mobile software architectures, so Fastify could improve the throughput of the majority of applications.

Read more at The New Stack

Android Oreo: Google Adds in More Linux Kernel Security Features

By
ZDNet
-

Google has outlined four key kernel hardening features its engineers have backported from upstream Linux to Android kernels on devices that ship with Android 8.0 OreoThey will benefit “all Android kernels supported in devices that first ship with this release”, according to Sami Tolvanen, a senior software engineer on the Android Security team.

The new kernel protections should also help developers who are responsible for building Android hardware drivers detect kernel security bugs before shipping them to users. According to Google, 85 percent of the kernel vulnerabilities in Android were due to bugs in vendor drivers.

Read more at ZDNet

Why Python Is a Crucial Part of the DevOps Toolchain

By
Jaxenter
-

DevOps is a way of thinking; it’s an approach, not a specific set of tools. And that’s all well and good – but it only gives you half the picture. If we overstate DevOps as a philosophy or a methodology, then it becomes too easy to forget that the toolchain is everything when it comes to DevOps. In fact, DevOps thinking forces you to think about your toolchain more than ever – when infrastructure becomes code, the way in which you manage it, change it is constantly.

Skills Up survey: Python is the primary language used by those working in DevOps

Because DevOps is an approach built for agility and for handling change, engineers need to embrace polyglotism. But there’s one language that’s coming out as a crucial component of the DevOps toolchain — Python. In this year’s Skill Up survey, publisher Packt found that Python was the primary language used by those working in DevOps. Indeed, it was a language that dominated across job roles – from web development to security to data science – a fact which underscores Python’s flexibility and adaptability. But it’s in DevOps that we can see Python’s true strengths. If DevOps is a modern, novel phenomenon in the software world, it’s significant that Python is the tool that DevOps practitioners share as a common language.

Read more at JAXenter

How People Collaborate on Linux Kernel Mailing Lists

By
Swapnil Bhartiya
-

Linux is one of the largest and most successful open source projects in history.  According to a 2016 report from The Linux Foundation, more than 13,500 developers from more than 1,300 companies have contributed to the Linux kernel since tracking began 11 years ago.

At Open Source Summit in Los Angeles, Dawn Foster, a part-time consultant at The Scale Factory and a PhD student at the University of Greenwich in London, will share her research into how these many developers and contributors collaborate on the Linux kernel mailing lists, including network visualizations of mailing list interactions between contributors.

With more than 20 years of experience in business and technology with expertise in open source software, community building and management, market research, and more, Foster says that while there is quite a bit of data about the people and companies who commit Linux kernel code, there isn’t much data about how people work together on the mailing lists where they decide what patches will be accepted.

In this interview, Foster who is passionate about bringing people together through a combination of online communities and real-world events shares some insight about her research and her upcoming talk. In her presentation at OS Summit, you can expect to learn more about the people, their employers, and other data that impacts participation on the Linux kernel mailing lists.

Linux.com: What value/benefit do you see in learning how these developers work together?

Foster: When I worked in the Open Source Technology Center at Intel, we had quite a few kernel developers on the team, and I was always interested in how they worked closely together with other people from a wide variety of companies, including our competitors.

One of the interesting things about the Linux kernel is that the vast majority of people who contribute to the kernel are employed by companies to do this work. However, most of the academic research on open source software assumes that participants are volunteers. Based on my experience, I know that this assumption isn’t valid for many projects, and I wanted to use my time as a PhD student to do research that takes corporate involvement in open source projects into account. The hope is that after I finish my PhD and go back to work in the technology sector, I will have encouraged more researchers to include the employer relationship in their open source research.

However, looking at this employer relationship is a bit tricky. When I talk to kernel developers, they almost always say that it’s the contributions that are important, not your employer. As a part of my PhD research, I interviewed 16 kernel developers and most of them said that they really don’t pay much attention to where someone works. So, from a more practical standpoint, I wanted to test this idea out a bit and explore whether where you work, along with several other factors, influences how people work together in the kernel.

Linux.com: Don’t threads on mailing lists provide enough data?

Foster: The focus of my research is on collaboration, and looking at which people tend to work together on the kernel. With the Linux kernel, discussions about patches happen on various mailing lists, so it’s really the best place to look if you want to understand how people are working together.

The hard part is that there are well over 100 unique mailing lists for various subsystems, so the mistake I see some researchers making is picking just LKML (the main Linux Kernel Mailing List) to study. However, this ignores the fact that most of the work and the collaboration on patches happens on subsystem mailing lists, not LKML. Since I’m interested in how people work together and because people tend to work together in subsystems, I’ve been picking a few subsystems for my research, USB for example.

This doesn’t mean that I’m ignoring the source code. One of the things that I include in my research as something that might influence how people work together is whether someone is an active contributor (has recently made code commits) or is a maintainer for some part of the code.

Linux.com: The discussions seen on mailing lists are purely about that patch/project. Is it possible that non-public discussions within companies or group of developers play a much more important role in how these people work together?

Foster: The reality is that there is no way to get perfect data when trying to understand how humans work with each other. It would never be practical to get access to the content of every hallway discussion, conference, meeting, private chat or internal email. So, we work with what we have, which is mailing list data. The kernel developers that I talked to said that all of the discussions should happen on the mailing lists, but most of them also admitted to having informal discussions with friends and coworkers about patches, especially when they wanted advice. It’s also quite common for new contributors to get initial feedback and coaching outside of the public mailing lists while they are developing a patch, and some people collaborate internally with other employees when working on patches.

As I mentioned earlier, most of the discussions don’t really happen on LKML, but on the various mailing lists for each subsystem. Since the patches eventually end up on one of the subsystem mailing lists where they can be discussed, I can learn about the formal collaboration that happens around these patches. All research is based on assumptions and limitations. I know that there are certainly some informal discussions that aren’t included in my analysis, which is a limitation, but my assumption is that the important discussions happen on the mailing list. The idea is that enough of the important discussions happen on the subsystem mailing lists to make it a feasible way to look at how people work together within that subsystem.

Linux.com: Who will benefit from this data? Will it help developers or companies and organizations become more efficient in ensuring their participation?

Foster: In my experience working with open source communities, the people within those communities tend to be interested in learning more about how people work together. It’s easy for people to get caught up in doing their bits of work, and it can be interesting to see the project from a different perspective. I also suspect that some developers will be interested in attending just to see if I’m “getting it right,” and I welcome those people to my talk. I’d rather know if I’m making mistakes or bad assumptions now, while I still have time to fix them before I finish my dissertation in the next six months.

I also think that it will help companies and organizations, especially ones who are newer to the Linux kernel, understand how people work together. However, I think that even experienced companies might have something to learn about some of the nuances behind how people collaborate on the kernel.

Linux.com: Who should attend your talk and why?

Foster: The talk is intended for Linux kernel developers and other people who are interested in better understanding how kernel developers collaborate on the mailing lists. In addition to kernel developers, people from companies who are a bit newer to kernel development should find it interesting, and I would expect people who are interested in community and metrics to enjoy the talk.

Check out the full schedule for Open Source Summit here. Linux.com readers save on registration with discount code LINUXRD5Register now!

How to Get an Open-Source Job

By
ZDNet
-

As Dice, the leading technology job site, and The Linux Foundation recently found in their latest Open Source Jobs Survey and Report, there’s an abundance of open-source jobs. Here’s how you land one of them for yourself.

First, simply having mad open-source developer skills or kick-ass Linux sysadmin abilities isn’t enough. You must be able to prove that you can actually walk the walk and not just talk the talk. There are several ways to do that.

SUSE human resources expert Marie Louise van Deutekom said, “Let’s face it, open source is all about community. You can elevate your career through contributions to your community. You can elevate your career through contributions to your community. SUSE looks at contributions as part of our recruitment strategy. Not to mention, it’s great to see how much people really do contribute to these communities over time, which in turn helps my team understand specific skill levels and where to place potential candidates.”

Read more at ZDNet

Continuous Deployment Plugins for Kubernetes and Azure Container Service

By
Microsoft Azure
-

We have created a Azure Container Service (ACS) plugin for Jenkins, so that no matter which ACS orchestrator you have chosen, you can continuously deploy to that cluster from Jenkins with the same, simple plugin.

Azure Container Service optimizes the configuration of popular open-source tools and technologies specifically for Azure. You get an open solution that offers portability for both your containers and your application configuration. You select the size, number of hosts, and choice of orchestrator tools (Docker SwarmKubernetes or DC/OS) – Container Service handles everything else.

When we were working on the ACS plugin, we surveyed the Jenkins landscape and couldn’t find a plugin that allowed native continuous deployment from Jenkins to Kubernetes. So we decided to create one, as we think it would be extremely valuable to both the Jenkins and Kubernetes communities. Our ACS plugin uses this plugin as a dependency for Kubernetes support.

Here’s a sneak preview:

Read more at Microsoft Azure

Kerberos Explained in Pictures

By
Dev.to
-

Kerberos is an authentication protocol that can be used for single sign-on (SSO). The idea behind SSO is simple, we want to login just once and be able to use any service that we are entitled to, without having to login on each of those services.

The Wikipedia page is pretty good, but even after reading the Explain like I’m 5: Kerberos, I ended up having to draw myself some diagrams.

The puzzle

So imagine the objective is for a user to talk to an FTP service and for the FTP service to be sure that the user is who they claim to be, given that there are wrongdoers who will try to to intercept any message sent between actors and attempt to make use of it.

Read more at Dev.to

OpenStack Pike Debuts Re-Defining the Open-Source Cloud Platform

By
eWeek
-

The 16th release of OpenStack now uses the open-source Python 3.5 programming language and provides new standalone project component options.

The OpenStack Foundation debuted its 16th milestone release today with the launch of the OpenStack Pike cloud infrastructure platform. Pike follows the OpenStack Ocata release which came out in February and had a focus on cloud federation.

Unlike Ocata, the new Pike release has a particular emphasis on enabling standalone OpenStack services, without the need for an entire set of OpenStack projects. For several years, the OpenStack community debated a definition for a common set of projects, known as Defcore that define what it is to be an OpenStack cloud.

Read more at eWeek

Time-Series-Based Monitoring with Prometheus

By
ADMIN Magazine
-

Wherever container-based microservices spread, classic monitoring tools such as Nagios [1] and Icinga [2] quickly reach their limits. They are simply not designed to monitor short-lived objects such as containers. In native cloud environments, Prometheus [3], with its time series database approach, has therefore blossomed into an indispensable tool. The software is related to the Kubernetes [4] container orchestrator: Whereas Kubernetes comes from Google’s Borg cluster system, Prometheus is rooted in Borgmon, the monitoring tool for Borg.

Matt Proud and Julius Volz, two former site reliability engineers (SREs) with Google, started the project at SoundCloud in 2012. Starting in 2014, other companies began taking advantage of it. In 2015, the creators published it as an open source project with an official announcement [5], although it previously also existed as open source on GitHub [6]. Today, programmers interested in doing so can develop Prometheus under the umbrella of the Cloud Native Computing Foundation (CNCF) [7], along with other prominent projects such as Containerd, rkt, Kubernetes, and gRPC.

What’s Going On

Thanks to its minimalist architecture and easy installation, Prometheus, written in Go, is easy to try out. To install the software, first download Prometheus [8] and then unpack and launch:

Read more at ADMIN 

1...484485486...10,742Page 485 of 10,742