Well, today seems to be the day for x86 CPU vendors to push out memory security related features for the Linux kernel… After Intel posted the Secure Guard Extensions driver for Linux, AMD has come out with a patch-set for “Secure Memory Encryption” (SME) that looks like it will be a hardware feature of Zen.
I hadn’t heard much about AMD’s Secure Memory Encryption (SME) feature up to now and some quick searching isn’t turning up too much, but presumably is a feature for Zen. Tom Lendacky of AMD describes SME as:…
Ubuntu is the most popular GNU/Linux distribution, as it has been the easiest to use for many years now, making it an obvious choice for every newcomer. As most new users don’t know if and how they are supposed to maintain they distribution, and since Ubuntu doesn’t offer any tools for this job by default, I will provide an overview on the matter through this quick guide.
In Linux (also UNIX) $PATH is environment variable, used to tell the shell where to look for executable files. $PATH variable provides great flexibility and security to the Linux systems and it is definitely safe to say that it is one of the most important environment variables.
Ubuntu 16.04 has brought some interesting features that you must give try if you’ve upgraded. If you still don’t know what’s new in Ubuntu 16.04 then check out our article “What’s New In Ubuntu 16.04?“. In this article I’ll show you 10 things to do after installing or upgrading to Ubuntu 16.04. It’ll save your time tweaking the system and also will provide you the taste of new features of Ubuntu 16.04. Also don’t forget to take the poll below this article to tell us what you like the most in Ubuntu 16.04.
Individuals start open source projects because it matters to them. Whether motivated by passion, interest, necessity, curiosity or fame, projects are often started by individuals who want to build better software. Do better work. Have an impact. See their code in the world’s best technology and products.
Because open source today makes up an ever increasing footprint in technology infrastructure and products, we have a responsibility to these individuals and the community and industry at large to support this work and build practices and processes that sustain the world’s greatest shared technologies for the long term.
Part of this work is a shift in thinking, moving away from old world open source questions to new world open source questions. From questions like: Is everything really free and what is an OSS license? To how does my employer integrate OSS into the product development process? Are adequate resources committed to maintaining this project? Open source projects today must meet the level of sophistication companies expect and on which they’re investing their futures.
We can together help ensure this through focusing on new world open source questions and creating a bigger tent — a bigger tent that includes everyone: business managers, users and developers across gender, race and economic class. One that brings open source strategy, tools, training, compliance and more to everyone. We must invest in the open source professional and focus on open source readiness that supports innovative research and development.
This focus is already resulting in big tent outcomes. Outcomes that together we are making possible. Here are just a few.
Launching the TODO Group, a peer group of open source office program managers to share best practices about how to manage open source in some of the most cutting edge technology environments in the world – Facebook, Google, Twitter, Microsoft and more.
Facilitating network operators’ move to open source. China Mobile’s 880 million subscribers will be supported by a next-generation operations support system built with open source software.
You can learn more about how The Linux Foundation is working to support open source for decades to come in Jim Zemlin’s complete keynote from The Linux Foundation Collaboration Summit video, below.
Learn more about how to get started with creating pipelines in Python with Google’s Dataflow framework.
Google’s Dataflow framework is a data processing engine that supports various types of data-related jobs: ETL, batch jobs and most–importantly stream processing. It is based a programming model that takes into account complex problems such as balancing latency vs. consistency, dealing with out of order or late data. You can run data flow pipelines on the Google cloud platform where efficient use of resources in abstracted and let you focus on solving the problems you care about and not fiddle with moving bits around. – See more at: DevX
The China SDN/NFV Conference 2016 was held in Beijing on April 12-13. The two-day conference, co-sponsored by the SDN/NFV Industry Alliance and the China Communications Standards Association, discussed the latest developments in the field of software-defined networking and network functions virtualization (SDN/NFV), focusing on the hot issues concerning the industry. Recent developments in SDN/NFV were shared by carriers, device vendors, Internet companies, and international standards and open source organizations, and the problems and challenges facing SDN/NFV technology in practice were analyzed in all aspects and from different perspectives.
Many technical experts and representatives from well-known industry organizations were invited to speak at this year’s conference, including Guru Parulkar, the Executive Director of ONOS; Neela Jacques, Executive Director of OpenDaylight; Rick Bauer, Director of Technical Programs at the ONF; Heather Kirksey, Executive Director of OPNFV; and Ng Hwee Ming, Principal Technologist at Red Hat Asia Pacific; as well as experts from more than 20 organizations including MEF, The Linux Foundation, AT&T, Ericsson, Huawei, Intel, Telefónica, China Mobile, China Telecom, China Unicom, Alibaba, ZTE, H3C, Hewlett Packard Enterprise, and CertusNet.
The first day of the conference was hosted by Wang Zhiqin, Secretary General of the SDN/NFV Industry Alliance and Director of the Research Institute of Technology and Standards at CAICT, and the conference was opened with congratulatory remarks by Chen Jiachun, Deputy Director of Communication Development at the MIIT.
Chen Jiachun, Deputy Director of Communication Development at the MIIT, speaking at the China SDN/NFV Conference.
Deputy Director Chen noted that the SDN/NFV Industry Alliance has played a major role in promoting the development and deployment of SDN and NFV networks in China. As China moves toward a “moderately prosperous” society, strengthening broadband network infrastructure is of great importance in transforming China’s mode of economic development and advancing adjustment in China’s economic structure. To this end, the national government has sped up its strategy deployment, actively pushing forward the creation of the Broadband China Strategy, Cyberpower, and Internet Plus. However, SDN/NFV is still in the early stages of development, and technologies and products are not yet mature. There are many challenges yet to be faced, and the efforts of all members in the industry are required to overcome them.
Deputy Director Chen gave four suggestions with regards to the future development of SDN and NFV:
to take advantage of this opportunity to rebuild network architecture and create a new-generation network infrastructure;
to make the most of this chance to adjust and reconstruct the industry setup and create autonomous, open network chips and operating systems;
to make use of this new technological revolution to surpass planned deployments, increase investment, make breakthroughs in key technologies, and give full play to the industry alliance;
to keep in touch with the worldwide trend toward integration and broaden and develop cooperation, support the creation of open-source SDN/NFV applications, actively encourage the participation of alliance members, and work towards a sharing community.
Wei Leping, President of the SDN/NFV Industry Alliance, at the China SDN/NFV Conference.
Wei Leping, President of the SDN/NFV Industry Alliance, also gave an excellent speech on the status of SDN/NFV development as well as current trends. He stated his belief that SDN/NFV as a whole is currently in the field test, trial, and early commercial stages. Telecommunications networks have only now entered the mature stage, after a period of excess expectations that led to disillusion. Mr. Wei estimated that within 1 to 4 years they would enter the developmental stage one by one, and within 4 to 8 years begin the stable development stage. In terms of SDN/NFV trends, he said that Internet application companies, cloud service providers, and a small number of large carriers are currently leading the way in SDN/NFV development. Carriers are now moving from the proof of concept stage to the trial and early commercial stages, but progress is slow, and joint development of a orchestrator has become a hot topic in the field. Carriers must construct a “software mindset” and development capabilities, but the evolution from vendor SDN to open SDN and the level of intervention required will present problems.
Mr. Wei stated that the main problems faced by current SDN development are the lack of mature technology and the question of how existing networks can evolve into SDN networks. NFV faces both these issues as well as a lack of relevant knowledge and experience. Mr. Wei gave four recommendations for future SDN/NFV development: first, that an advantageous strategy must be chosen to deepen transformation; second, that tactics must be practical, with actions more important than words; third, that breakthroughs must be made in thought processes, and that people must dare to make breakthroughs; and fourth, that collaborative development is required in the industry to avoid fragmentation. Finally, Mr. Wei said that SDN/NFV development must actively accept other innovative technologies, and LSO and Docker are two major topics that need our attention. The evolution to future network management systems will be from vertically integrated, horizontally interworking networks to vertically isolated, horizontally coordinated networks. The evolution of virtualization systems will be from traditional virtualization based on virtual machines to light virtualization based on containers.
Cao Jiguang, Director of the Technical Experts Committee at the SDN/NFV Industry Alliance, introduced the “White Paper on NFV Industry Development”, which was written jointly by various members of the Alliance. The white paper will soon be published on the Alliance website and free to download. Ma Junfeng, Deputy Secretary General of the Alliance, gave a report on the contents of the “Evaluation Report of SDN Solution for Data Center” document, which is about test results of the data center SDN solution created by the Alliance in concert with China’s three major telecom companies. Afterwards, Chen Jiachun and Wei Leping presented certifications to the vendors that took part in the test. In addition, Ma Junfeng and Rick Bauer presented FiberHome with its ONF OpenFlow 1.3 certification; the company had just recently passed the certification in the Taier Laboratory at CAICT.
Presentation of certification to FiberHome.
On April 12, the SDN/NFV Industry Alliance signed a contract with the Metro Ethernet Forum (MEF) for strategic cooperation. Kevin Vachon, COO of MEF, and Wei Leping arrived at a preliminary agreement for cooperation on Lifecycle Service Orchestration (LSO), and expressed their intent to continue working together in the future. Wei Leping also signed an agreement with Guru Parulkar on the ONOS Industry Promotion Center (OIPC) and carried out the opening ceremony. After the memorandum on cooperation signed in 2015, this represents the next step in making the best use of both parties’ advantages in establishing the OIPC, developing ONOS certification and the Hackathon event, and joining together to promote open source SDN projects.
CAICT and the ONOS completed a signing ceremony for an agreement on SDN certification training, with both parties sharing opinions on how to continue the development of SDN certification education. This was another step forward for the training of SDN technical professionals in China.
Experts from Huawei, Intel, and ZTE all gave insightful speeches on their researches and practices in the SDN/NFV field. Ng Hwee Ming gave a speech on “Open Source NFV”; Rick Bauer gave a speech on “To Act and Not Lay Claim: The Ancient Wisdom of Open Source and Collective Effort”; Guru Parulkar, presented “CORD: Central Office Re-architected as a Datacenter”; Neela Jacques, gave a speech on “The State of SDN & NFV: 5 Years In”; Heather Kirksey gave a speech on “OPNFV: Open Source Meets NFV”; Nan Chen, President of the MEF, presented “MEF: Leading the Evolution to Third Networks Services”.
In the afternoon of April 12, 2016, three breakout sessions were organized on “Migration & Implementation”, “Architecture – Orchestration”, and “SDN Technologies for Carrier”, during which technical experts from the industries made their points on key technologies in the SDN/NFV field and future trends.
Experts from the China Unicom Research Institute, Intel, Huawei, OpenStack, and Red Hat held a panel discussion on creating next-generation data centers and cloud services using SDN and NFV, bringing a close to the first day’s events.
The theme of the conference’s second day was “How SDN and NFV Are Reshaping the Telecom Network, Services & Business.” Experts from carriers worldwide spoke on the current status of carrier SDN/NFV deployment as well as related problems and considerations.
Ma Junfeng, Deputy Secretary General of SDN/NFV Industry Alliance
Ma Junfeng, Senior engineer of Research Institute of Technology and Standards at CAICT (China Academy of Information and Communication Technology), Deputy Secretary General of SDN/NFV Industry Alliance, focuses on researching IP carrier network technology, IPv6, SDN/NFV, and future Internet technology. He has more than 15 years working experience on telecommunication and Internet fields. He has led and participated in several national projects about IP carrier network, IPv6, and future Internet during the past several years.
In a previous article, we discussed Docker Machine, a tool to create Docker hosts in the cloud. Docker Machine can be extremely handy for local testing if you are on Windows and OS X, but it also adds another dimension when you use it to start Docker hosts in your favorite cloud provider and/or create a cluster.
We then used Machine to go straight into an advanced subject and create a Docker Swarm, which is a cluster of Docker hosts. A cluster of Docker hosts is needed to run a truly distributed application in production. In this article, we will look at setting up networking for a Swarm to allow containers to communicate with each other across hosts. Indeed, a Swarm cluster allows us to use the native single host networking of Docker, but it also allows us to create a network overlay backed by VXLAN. Containers started in this overlay can communicate out of the box with each other. This article will show you how to create, use, and test an overlay network using Docker Swarm.
Creating an Overlay Network
After you’ve set up your Swarm, you could start using it right away and start containers in the way that you are accustomed to. Docker will automatically use what is called a bridge network. Although this is good and you can expose service on your hosts, it complicates networking between containers that are started on multiple hosts as you would have to bind services to the hosts and let the containers know where to find each other.
Libnetwork provides a network overlay that can be used by your containers so that they appear on the same subnet. The huge bonus is that they can reach each other and resolve each other’s DNS names, making service discovery a breeze.
With your Swarm master or worker nodes as your active Docker Machine, you can create an overlay network with the `docker network create` command, like so:
You can list the networks available to you. You will see multiple networks. Each host will have a `bridge`, a `host`, and a `none` network. These three network types are also available on a single Docker Engine setup, with the bridge network being the default setup. Our `foobar` overlay created above appears in this list and is global to all the hosts in our Swarm.
To use our overlay, we can start containers in the Swarm, giving them a name and specifying a `foobar` as our network like so:
$ docker run -d --name=foo --net=foobar nginx$ docker run -d --name=bar --net=foobar nginx
When listing our containers, we will see which host they have been started on. You might have to dive a bit into Swarm scheduling strategies to understand how Swarm picks a host to run a container. It could be that Swarm schedules your two test containers on the same host. In the test below, we had two worker nodes, and Swarm scheduled our containers on both of them, spreading the containers in the cluster.
$ docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES21587d81505d nginx "nginx -g 'daemon off" 2 seconds ago Up 2 seconds 80/tcp, 443/tcp swarm-node-1/bar6d66dc56af4f nginx "nginx -g 'daemon off" 9 seconds ago Up 8 seconds 80/tcp, 443/tcp swarm-node-2/foo
Testing the Overlay Network
This approach allows us to test our overlay networking. If all went well, they should be on the same overlay network even though they are on separate hosts. This means we should be able to `ping` each container using its name — which has been used in an embedded DNS registration. Let’s try it, using the `docker exec` command:
$ docker exec -ti swarm-node-1/bar ping -c 1 fooPING bar (10.0.0.3): 56 data bytes64 bytes from 10.0.0.3: icmp_seq=0 ttl=64 time=1.433 ms--- bar ping statistics ---1 packets transmitted, 1 packets received, 0% packet lossround-trip min/avg/max/stddev = 1.433/1.433/1.433/0.000 ms
Indeed, we can ping the container named `foo` from the container named `bar` and we can also do the opposite:
And just like that you have multi-host networking in Docker. Containers started on different hosts by the Swarm scheduler can reach each other on their private IP thanks to an overlay network.
In a future post, we will get back to Docker Compose and see how we can take advantage of a Swarm and its overlay networks to create a truly distributed application where containers can be started on different networks for isolation and where we can scale each service independently.
On Tuesday, CloudBees — the steward of commercial Jenkins — announced general availability of Jenkins 2.0 to the community. With this release comes the first officially supported implementation of one domain-specific language (DSL) for the coding of pipelines for continuous delivery — for “pipeline-as-code.”
Put another way, the name that has become synonymous with the very concept of continuous delivery is now implementing it for real.
“The benefit of Jenkins’ near-infinite extensibility, as it’s been used in different places in the industry over the past seven to eight years, is that people have actually been implementing continuous delivery pipelines with Jenkins,” said R. Tyler Croy, a veteran contributor to the Jenkins project and a co-implementer of Jenkins with Puppet, in an interview with The New Stack. “They’ve been sort of hacking it together with what was already there.”
For the last few decades, the Wide-Area Network (WAN) market has been nearly moribund. WANs are private networks that connect branch offices of large corporations, enabling them to control and secure their long-distance network connectivity without having to rely upon the public Internet. …
Today, Riverbed Technology, one of the leading WAN optimization vendors, is throwing its hat into the SD-WAN ring with SteelConnect. Leveraging the technology Riverbed acquired by purchasing Ocedo earlier this year, SteelConnect orchestrates application delivery across hybrid WANs, remote Local Area Networks (LANs), and cloud networks.
