eric naud | — brain dumps, technology & development news

okd – The Origin Community Distribution of Kubernetes that powers Red Hat OpenShift.

Posted on February 6, 2019 - February 6, 2019 by Eric Naud

Built around a core of OCI container packaging and Kubernetes container cluster management, OKD is also augmented by application lifecycle management functionality and DevOps tooling. OKD provides a complete open source container application platform.

OKD is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. OKD adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams. OKD is the upstream Kubernetes distribution embedded in Red Hat OpenShift.

KD embeds Kubernetes and extends it with security and other integrated concepts. OKD is also referred to as Origin in github and in the documentation. An OKD release corresponds to the Kubernetes distribution – for example, OKD 1.10 includes Kubernetes 1.10. If you are looking for enterprise-level support, or information on partner certification, Red Hat also offers Red Hat OpenShift Container Platform.

Find out more at its website.

Be careful: Microsoft Outlook iOS app is using Azure cloud services to process, store and cache your email data

Posted on July 31, 2018 - July 31, 2018 by Eric Naud

I tried out the Microsoft Outlook app on iOS. Checking what kind of features this product might bring to me or my customers.
Since I do host my own email services on my servers, I realized after some time, that Microsoft catches your emails via an online service, hosted on Microsoft’s own Azure cloud platform.

THIS, I DID NOT know beforehand!

This means to me and for everybody else:

Using this Software will transfer, cache and store my email data in a Microsoft cloud service.
My email account information will be transfered to and stored within this cloud service environment. For Exchange based accounts and also your normal IMAP and POP3 based accounts
Since the Microsoft cloud service is a service provided by an American company that has to follow the law of the United States, it is not clear whether you or the company itself is able to make sure, that your data is secured under the duties of the European data protection security laws.

After some quick research I found the following architecture diagram on a Microsoft website, explaining their technology:

Here ist the link to the Microsoft website explaining their technology.

Result for me:

I did immediately stop using this product for accounts I host directly on my email servers and changed the account information for every account I did use and connect with this tool.

Changes between Red Hat Enterprise Linux 6 and 7

Posted on April 27, 2018 - May 1, 2018 by Eric Naud

The distribution RHEL 7.x comes with a lot of changes on the administration side. Make sure you are aware of those and plan the migration of your infrastructure.

Paket manager Yum shifts to DNF

Yum is going to be deprecated and replaced by DNF. It brings some significant changes:

Faster, more mathematically correct method for solving dependency resolution
A “clean”, well documented Python API with C bindings &
Python 3 support

DNF or Dandified yum is the next generation version of yum. It roughly maintains CLI compatibility with yum and defines a strict API for extensions and plugins. Plugins can modify or extend features of DNF or provide additional CLI commands on top of those mentioned below. If you know the name of such a command (including commands mentioned bellow), you may find/install the package which provides it using the appropriate virtual provide in the form of dnf-command(<alias>) where <alias> is the name of the command; e.g. dnf-command(repoquery) for a repoquery command (the same applies to specifying dependencies of packages that require a particular command).

Isn’t this a Release by Another Name?

No, DNF marks a shift, and not just a fork to Python 3, C support and cleaner docs. The move to libsolv, librepo and a slim, planned API means Yum’s organic sprawl and bespoke depsolving are being phased out.

The shift solves old depsolving problems and readies DNF for some of the changes afoot in the devops world — e.g. empowered and independent devops-ers who don’t want to reinvent the wheel on each deploy. Whether that warrants more than a major release is a bike-shed argument.

System and command changes between RHEL 6 and RHEL 7

Between RHEL6 and RHEL7 there are a number of changes to tools, commands, and workflows. Changes that are likely to affect common administrative tasks are listed here:

Anaconda RHEL installer completely redesigned
Legacy GRUB boot loader replaced by GRUB2
Procedure for bypassing root password prompt at boot completely different³
SysV init system and all related tools replaced by systemd
ext4 replaced by xfs as default filesystem type
Directories /bin, /sbin, /lib and /lib64 are now all under the /usr directory
Network interfaces have a new naming scheme based on physical device location (e.g., eth0 might become enp0s3)⁷
ntpd replaced by chronyd as the default network time protocol daemon
GNOME2 replaced by GNOME3 as default desktop environment
System registration and subscription now handled exclusively with Red Hat Subscription Management (RHSM)
MySQL replaced by Mariadb
tgtd replaced by targetcli
High Availability Add-On: RGManager removed as resource-management option (in favor of Pacemaker); all CMAN features merged into Corosync (qdiskd replaced by votequorum plugin); all tools unified into pcs
ifconfig and route commands are further deprecated in favor of ip
netstat further deprecated in favor of ss
System user UID range extended from 0-499 to 0-999
locate no longer available by default; (available as mlocate package)
nc (netcat) replaced by nmap-ncat

Read more information on the support pages of RedHat

portainer.io – Lightweight open source GUI to manage docker swarm

Posted on February 10, 2018 - February 10, 2018 by Eric Naud

Portainer gives you access to a central overview of your Docker host or Swarm cluster. From the dashboard, you can easily access any manageable entity.

SIMPLE TO USE

It has never been so easy to manage Docker. Portainer provides a detailed overview of Docker and allows you to manage containers, images, networks and volumes. It is also really easy to deploy, you are just one Docker command away from running Portainer anywhere.

MADE FOR DOCKER

Portainer is meant to be plugged on top of the Docker API. It has support for the latest versions of Docker, Docker Swarm and Swarm mode.

PORTAINER & DOCKER

Portainer has been built to run on a Docker engine so it can run anywhere where Docker is running. It is compatible with Docker for Linux AND Docker for Windows.
It has been designed to support everything that the Docker API has to offer. As the Docker API will evolve and propose new features, so will Portainer.

MULTIPLE VERSIONS COMPLIANT

Portainer is compatible with multiple Docker versions.

Learn more

PIWIK the web analytics software will be renamed/rebranded.

Posted on January 10, 2018 - January 10, 2018 by Eric Naud

Why are we changing from Piwik to Matomo?

“After an epic 10 year journey creating and perfecting the best open digital analytics solution, we felt it was a good time to refresh our brand to reflect how far we have come and to reaffirm our vision:
To create, as a community, the leading international open source digital analytics platform, that gives every user full control of their data.”

Matthieu Aubry, creator of Piwik

Nextcloud, the fork of ownCloud – Another open source solution for your own file hosting solution service

Posted on January 3, 2018 - January 3, 2018 by Eric Naud

Nextcloud is a suite of client-server software for creating and using file hosting services. It is functionally similar to Dropbox, although Nextcloud is free and open-source, allowing anyone to install and operate it on a private server.

In contrast to proprietary services like Dropbox, the open architecture allows adding additional functionality to the server in form of applications and enables the user to have full control of their data.

The original ownCloud developer Frank Karlitschek forked ownCloud and created Nextcloud, which continues to be actively developed by Frank and other members of the original ownCloud team.

34C3 – Chaos Computer Congress

Posted on January 2, 2018 - January 3, 2018 by Eric Naud

This year, the Chaos Computer Congress opened his doors in Leipzig.
About 15000 visitors joined the presentation & questions sessions.

All sessions have been recorded and are provided in various formats:
https://media.ccc.de/c/34c3

R.E.A.R. – Relax and Recover

Posted on October 21, 2016 - August 2, 2018 by Eric Naud

Relax-and-Recover has a few interesting characteristics you may find useful when assessing it as a Disaster Recovery solution:

Modular design, written in Bash
- easy to extend with custom functionality
- targeted at sysadmins foremost
Set up and forget nature
- designed to be easy to setup
- designed to require no maintenance (e.g. cron integration, nagios monitoring)
Recovery image based on original distribution with original tools
- recovery process remains compatible with original system and applications
- hardware support is guaranteed
Two-step recovery, with optional guided menus
- disaster recovery process targeted at operational teams
- migration process offers flexibility and control
Bare metal recovery on dissimilar hardware
- support for physical-to-virtual (P2V), virtual-to-physical (V2P)
- support for physical-to-physical (P2P) and virtual-to-virtual (V2V)
- various virtualization technologies supported (KVM, Xen, VMware)
Support for various integrated boot media types, incl.
- ISO
- USB
- eSATA
- OBDR/bootable tape
- PXE
Support for various transport methods, incl.
- HTTP
- HTTPS
- FTP
- SFTP
- NFS
- CIFS (SMB)
Extensive disk layout implementation, incl.
- HWRAID (HP SmartArray)
- SWRAID
- LVM
- multipathing
- DRBD
- iSCSI
- LUKS (encrypted partitions and filesystems)
Supports various 3rd party backup technologies, incl.
- CommVault Galaxy
- EMC NetWorker (Legato)
- HP DataProtector
- IBM Tivoli Storage Manager (TSM)
- SEP Sesam
- Symantec NetBackup
- Bacula
- Bareos
- duplicity / duply
Supports various internal backup methods
- tar
- rsync
Two phase disk layout recovery, allows reconfiguration before recovery, e.g.
- migrations from e.g. SWRAID to HWRAID, or unencryped to encrypted partitions
- HWRAID reconfigurations
- migration from partitions to LVM
Various techniques to help troubleshooting
- structured log files and guided menus
- log files are moved to recovery image, and to recovered system (available in every step for debugging)
- advanced debugging options to help trace scripts or develop new functionality
Integration with monitoring (examples for Nagios/Opsview)
Integration with scheduler (e.g. let cron recreate and transfer your images upon disk layout changes)
Various best practices to assist recovery
- integrates with local bootloader (in case it is still possible, you can restore from local disk through Grub)
- automatic network and ssh configuration (for remote recovery)
- automatic serial console support (useful for recovery through iLO or KVM serial console)
- shell history-stuffing (stuff shell history with useful commands at every step)
- automatic recovery when possible, guided recovery when needed

M	T	W	T	F	S	S
« Feb
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31