Linux Blimp

Source

Let’s talk about Amazon CloudWatch.

For those fortunate enough to not be stuck in the weeds of Amazon Web
Services (AWS), CloudWatch is, and I quote from the official
AWS description, “a monitoring and
management service built for developers, system operators, site reliability
engineers (SRE), and IT managers.” This is all well and good, except for the
part where there isn’t a single named constituency who enjoys working with
the product. Allow me to dispense some monitoring heresy.

Better, let me describe this in the context of the 14 Amazon
Leadership Principles that reportedly guide every decision Amazon makes.
When you take a hard look at CloudWatch’s complete failure across all
14 Leadership Principles, you wonder how this product ever made it out
the door in its current state.

“Frugality”

I’ll start with billing. Normally left for the tail end of articles like
this, the CloudWatch billing paradigm is so terrible, I’m leading with
it instead. You get billed per metric, per month. You get billed per
thousand metrics you request to view via the API. You get billed per
dashboard per month. You get billed per alarm per month. You get charged for
logs based upon data volume ingested, data volume stored and “vended logs”
that get published natively by AWS services on behalf of the customer. And,
you get billed per custom event. All of this can be summed up best as
“nobody on the planet understands how your CloudWatch metrics and logs get
billed”, and it leads to scenarios where monitoring vendors can inadvertently
cost you thousands of dollars by polling CloudWatch too frequently. When the
AWS charges are larger than what you’re paying your monitoring vendor, it’s
not a wonderful feeling.

“Invent and Simplify”

CloudWatch Logs, CloudWatch Events, Custom Metrics, Vended Logs and Custom
Dashboards all mean different things internally to CloudWatch from what you’d
expect, compared to metrics solutions that actually make some fathomable
level of sense. There are, thus, multiple services that do very different
things, all operating under the “CloudWatch” moniker. For example, it’s not
particularly intuitive to most people that scheduling a Lambda function to
invoke once an hour requires a custom CloudWatch Event. It feels overly
complicated, incredibly confusing, and very quickly, you find yourself in a
situation where you’re having to build complex relationships to monitor
things that are themselves far simpler.

“Think Big”

All business people, when asked what they want from a monitoring platform,
will respond with something that resembles “a dashboard” or “a
single pane of glass view”. CloudWatch offers minutia up the wazoo, but
it categorically offers no global view, no green/yellow/red status
indicator that gives you even a glimmer of the overall health of your site.
Want a graph of each core in your instance’s CPU for the past 30
seconds? Easy! Want to know if your entire company should be putting out the
burning fire that is the current production state of your website? Keep
looking—CloudWatch has nothing to offer you.

“Insist on the Highest Standards”

By its very nature, CloudWatch feels like small thinking. The entire
experience, start to finish, smacks of “what’s the absolute least we
could do and get away with it?” They built their MVP, and then just
sorta…stopped, frozen in amber. They created a set of building blocks,
except they didn’t solve the problem of “how do I monitor my AWS resources?”
Instead, it feels like the entire team phoned it in and let a large market
of monitoring vendors develop as a result. None of those vendors have the
level of access to the raw data that CloudWatch does; all of them have built
better products. You’d think the CloudWatch team would take a clue from
the innovation that’s rapidly happening in this space, but that’d
require someone to Learn and Be Curious.

“Are Right, a Lot”

Recent data is “eventually consistent”, so you always get graphs like the
one shown in Figure 1.

Figure 1. Example CloudWatch Graph

Here in reality, that would be a terrifying thing to see on an accurate
dashboard—something is obviously very wrong with your site! For better or
worse, the “accurate” description doesn’t apply to CloudWatch, and that’s
just how your graphs always look. “Your metrics will be eventually
consistent” is very nearly the last thing you want to hear about your
monitoring platform, second only to “what metrics?” This ties directly
to…

“Earn Trust”

Let me be very clear here—the real issue isn’t the ingestion problem.
Absolutely every vendor on the planet has the same issue—you can’t
display data you don’t have. Where CloudWatch drops the ball is in
exposing this behavior to the end user without explanation as to what’s
going on. Thus, until you grow accustomed to it, you have a heart-stopping
moment of “what the hell just happened to the site” whenever you
glance at a dashboard. This conditions you to be entirely too calm when
looking at sensible dashboards when a disaster just happened. If you trust
what the CloudWatch dashboards show you, you’re making a terrible
mistake.

“Dive Deep”

If you’re using Lambda or Fargate, you have no choice but to use CloudWatch
Logs, wherein searching for everything is absolutely terrible. If you’re
using CloudWatch Logs to diagnose anything, congratulations: you’re
diving so deep, you may drown before making it back to the surface.
For example, if I have a Lambda function that throws an error, in order to
diagnose the problem, I must:

• Find the fact that it encountered an error in the first place by looking at
  the invocation error CloudWatch dashboard. I also could set up a filter to
  run a continuous query on the logs and alert when something shows up, except
  that isn’t natively supported—I need a third-party tool for that (such
  as
  PagerDuty).
• Go diving into a variety of CloudWatch log groups and find the one named
  after the specific erroring function.
• Scroll manually through the many, many, many pages of log groups to find the
  specific invocation that threw an error.
• Realize that the JSON object that’s retained isn’t enough to troubleshoot
  with, cry in despair, and go write an article just like this one.
• Do some quick math and realize I’m paying an uncomfortable percentage of my
  AWS bill for a service that’s only of somewhat marginal utility at best.

“Deliver Results”

All of your metrics, all of your logs—they’re locked away inside
CloudWatch’s various components. You’re not going to find a
“page me when this threshold is exceeded” option in CloudWatch; your
options are relegated to “design an alert delivery pipeline with baling
wire and SNS” or pay a non-AWS vendor for another monitoring product.

“Customer Obsession”

CloudWatch keeps all of your metrics. It keeps your logs. It lets you build
custom dashboards to view your metrics all in one place. The building blocks
of a great service are already here—it’s the expression of that utility
that falls short, sometimes drastically. The fact that large monitoring
vendors are premier sponsors of AWS events would be laughable if CloudWatch
ever were to get its act together. You’d not need a third party to make
sense of a pure AWS environment, and many of them would starve to death as
they grow too weak to interrupt your conversation to ask if they can scan
your badge. Choosing to use CloudWatch vs. literally anything else is like
buying a car. “Why yes, I would like to buy the Yugo instead of the Honda.
After all, it checks all the boxes of technically being a car, so it’s fine,
right?”

“Disagree and Commit”

It may very well be that the root cause of many of CloudWatch’s failings
comes from the product engineers who built it misunderstanding this
(admittedly slippery!) Leadership Principle. It’s envisioned as
passionately expressing your reservations about a decision, but once
it’s reached that you commit to the decision that was made.
Unfortunately, it appears that the engineering teams responsible for
CloudWatch decided to “Disagree in Commits” and inflict their
arguments upon the world in the form of the product.

“Ownership”

If I were to go on the internet and post about how terrible virtually any
other AWS service was, people would rally to that service’s defense.
It’s the internet; people will do that. But when these and many more
similar comments about CloudWatch appear, and nobody from AWS pipes in to
say “wow, I’m sorry, why do you feel that way?”, it’s
abundantly clear that if any people on the CloudWatch team really care about
the product, they’ve been locked in a malfunctioning bathroom stall for
the better part of a decade. These comments go back at least that far, but
Amazon
is
totally
on
it, rocking
the company’s “Bias for Action” principle.

“Hire and Develop the Best”

The people who build CloudWatch aren’t terrible at their jobs; I
genuinely believe they don’t quite grasp how their product is perceived.
Given that it’s poor form to write a rant like this and not offer
suggestions for positive improvement, here are some product enhancements I’d
like to see:

• Give me the option to rate-limit API calls at arbitrary levels rather than
  being surprised at month end by a bill that’s approximately Zanzibar’s
  GDP.
• “Here’s an error that your Lambda function threw, here’s the log output from
  that specific function” should be at most two clicks away—not 30.
• If your dog has a litter of 14 puppies, perhaps you don’t need to name
  all of them subtle variations of the term “CloudWatch”. The proliferation of
  services and companies that all start with the word “Cloud” is the subject
  of a completely separate rant.

Please don’t misunderstand me. I use, enjoy and promote AWS services,
and I’m considered to be “an authentic voice” largely because in
addition to praising things that are wonderful, I’ll call out things
that aren’t, as I’ve just done. I’ve built my career and
business on working within that ecosystem. I find AWS employees to be
intelligent and well-intentioned, and most of their services quite good.
CloudWatch could get there with some work, but it’s got a number of very
painful usability issues that keep it from being good, let alone great.

Source

How to Install cPanel on CentOS 7

cPanel is the most popular and most widely-used control panel for managing and automating web hosting tasks. It is the world’s most intuitive and user-friendly control panel, with a very simple and straight-to-the-point graphical interface. cPanel is a Linux-based web hosting control panel, that utilizes a 3 tier structure for system administrators, resellers and end-user website owners, all via a web-browser. Other than the beautiful user interface, cPanel has command line access and API-based access for third-party software integration, for web hosting providers or developers and administrators to automate their system administration processes. In this tutorial, we will show you how to install WHM and cPanel on CentOS 7.

cPanel Installation Requirements

• CentOS 7 VPS
• Minimum of 1GB RAM (2GB RAM is recommended)
• Minimum 20GB disk space (40GB recommended)
• cPanel license (there is also 15 day trial period which gets activated as soon as the installation is complete)

Installation of cPanel in CentOS 7

1. Connect to your server

First, you need to connect to your server via SSH.

To connect to your server via SSH as user root, use the following command:

ssh root@IP_ADDRESS -p PORT_NUMBER

and replace “IP_ADDRESS” and “PORT_NUMBER” with your actual server IP address and SSH port number.

2. WHM/cPanel installation

Cpanel is written in Perl, so before we start the installation you must make sure that you have Perl installed on your server.

To install Perl in your server, run the following command:

yum install perl

WHM/cPanel also requires that the hostname of your server is a Fully Qualified Domain Name (FQDN) that does not match any of your server’s domains. In our example, we will set the hostname of our server to host.mydomain.com (you can replace mydomain.com with your actual domain name). To change the hostname of your server you can use the following command:

hostnamectl set-hostname host.mydomain.com

To download the cPanel installation script you will need to use the cURL command. If cURL is not present on your server you can install it with the following command:

yum install curl

Before you download the script, let’s change your current directory to /home with the following command:

cd /home

You can now download the latest version of cPanel & WHM with:

curl -o latest -L https://securedownloads.cpanel.net/latest

To start the installation, execute the following command:

sh latest

You should see the following output on your screen, indicating that the installation has been started:

Verifying archive integrity… All good.
Uncompressing cPanel & WHM Installer……
____ _
___| _ __ _ _ __ ___| |
/ __| |_) / _` | ‘_ / _ |
| (__| __/ (_| | | | | __/ |
___|_| __,_|_| |_|___|_|

Installer Version v00080 rfaafe3bcf5b92fd14d1cb80357765325dd0f351a

Beginning main installation.

The installation process may take up to 30 minutes. After the installation is complete, you may be asked to reboot your server. The following output will be displayed on your screen:

cPanel install finished in 17 minutes and 44 seconds!
2018-10-19 13:08:18 1195 ( INFO): Congratulations! Your installation of cPanel & WHM 11.74 is now complete. The next step is to configure your server.
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): Before you configure your server, ensure that your firewall allows access on port 2087.
2018-10-19 13:08:18 1195 ( INFO): On RHEL, CentOS, and CloudLinux systems, execute /scripts/configure_firewall_for_cpanel to accomplish this.
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): After ensuring that your firewall allows access on port 2087, you can configure your server.
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): 1. Open your preferred browser
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): 2. Type https://1.2.3.4:2087 in the address bar
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): 3. Enter the word root in the Username text box
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): 4. Enter your root password in the Password text box
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): 5. Click the Login button
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): Visit https://go.cpanel.net/whminit for more information about first-time configuration of your server.
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): Visit http://support.cpanel.net or https://go.cpanel.net/whmfaq for additional support
2018-10-19 13:08:18 1195 ( INFO):
2018-10-19 13:08:18 1195 ( INFO): Thank you for installing cPanel & WHM 11.74!

You can now open your browser and navigate to https://your-server-ip:2087

This will give you access to WHM (Web Host Manager) from where you can finish the installation in your browser. WHM is a web hosting manager that allows administrative access so you can manage every cPanel hosting account on your server.

With WHM you can create cPanel user accounts, manage them, establish pricing tiers, monitor the services running on the server and the server resources, generate user backups, transfer data between WHM hosts, and more.

To log in, enter “root” as username and use your root password.

Once logged in, you need to read the cPanel and WHM End User License Agreement and then click on I Agree/Go to Step 2 to proceed to the next step.

You will be taken to the Set Up Networking part of the configuration. Here you will need to enter your contact information. Enter your email address in the Server Contact Email Address field. In the Hostname section, you will also be able to enter a new hostname.

In the Resolvers section, cPanel will automatically detect and fill in the details with the resolvers provided by your internet service provider. If your ISP does not have DNS resolvers, you can use Google’s public DNS resolvers. The last section lets you choose the Main Network or Ethernet Device. After you are done, you can click on Save and Go to Step 3.

In Step 3, you will be able to set your server’s main IP address. You can also add additional IPs if you have more than one IP address assigned to your server. Once you are done with this step, you can click on Go to Step 4.

In Step 4, you can choose your Nameserver Configuration. There are multiple options available and you can check the advantages and disadvantages of each of them. It is recommended that you choose the BIND name server option. If you do not want to have DNS server on your VPS you can choose the Disabled option.

If you scroll down, you will also be able to enter the nameservers that will be assigned to your server (for example ns1.mydomain.com/ns2.mydomain.com). In the end, you will need to check the Add “A Entries” for Hostname checkbox and enter your server IP address. When you are done, click on Save and Go to Step 5.

In the next step, you can choose which FTP server you would like to use on your server. The recommended option is Pure-FTPD, but if you want to use an FTP server you can choose the Disabled option. You can also enable and configure the cPHulk Brute Force Protection on this page.

And finally, on the last step, you will be able to choose to enable file system quotas or not. If you want to be able to track the amount of disk space used by individual users, you should make sure that file system quotas are enabled. To finish the initial configuration click on the Finish button.

You can now access the main WHM home page. If you already have a valid cPanel license and it is not yet activated on your server, you can log back to your server via SSH and run the following command:

/usr/local/cpanel/cpkeyclt

And that’s it. WHM/cPanel has now been installed on your server. For more information about cPanel, its features, and configuration, you can check the official cPanel documentation page.

Of course, you don’t have to Install cPanel on CentOS 7 if you use one of our cPanel hosting services, in which case you can simply ask our expert Linux admins to install Install cPanel on CentOS 7, for you. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post, on Installing cPanel on CentOS 7, please share it with your friends on the social networks using the buttons below or simply leave a comment in the comments section. Thanks.

Source

Game Dev Studio, another game to let you attempt to rise to greatness in the games industry just recently added a Linux version.

Here’s what they said about it:

With that said, the game now features a Linux build on the default (non-develop) branch of the game. This does not mean that the game officially supports Linux yet (it will when Update #23 is released). However it does mean that support for it is right around the corner. So if you have any friends that have been interested in the game, but weren’t able to play it because they run Linux, now is a good time to tell them that this is about to change! As usual, because this content is still in-development, there may be stability issues with it. It’s best to wait until Update #23 is formally released before trying out the Linux build of the game.

As the developer said, it might be best to wait until the next update where it will have “official” support. Still, it’s really great to see more developers put up early Linux builds to get more feedback and it’s something I applaud.

The game does sound quite interesting and a little more open than previous attempts at this type of game. With the ability to expand by purchasing new buildings, dealing with building game engines as well as the games, various forms of advertising, the ability to buy out your competitors along with different game modes. It certainly sounds quite interesting.

Find it on Steam.

Hat tip to NuSuey/TuxDB.

Source

If your company is in need of a Content Management System (CMS), there are a bevy of available options, many of which are open source. One such option is the Subrion CMS. Subrion is a free, open source CMS that includes all the features you need:

• Admin Dashboard
• Easy content management (including blogs, custom fields, languages, emails)
• Templates
• Plugins
• SEO Inclusive
• Mobile friendly
• User/group management
• One-click upgrades

Subrion can be installed on any platform that includes the following requirements:

• Apache 1.3 or above (mod_rewrite module installed)
• MySQL 4.1 or above
• PHP 5 or above (GD lib, XML lib, FreeType installed)

SEE: Side-by-side chart of popular Linux distros (Tech Pro Research)

I’m going to walk you through the process of installing Subrion on the Ubuntu Server 16.04 platform. The process isn’t difficult, nor should it consume too much of your time.

Let’s get to work.

Update/Upgrade

The first thing will do is update and upgrade our server. Remember, this process could upgrade your kernel, which would require a reboot. If this is a production server, make sure the upgrade happens at a time when a reboot is feasible.

To update and upgrade the Ubuntu Server, open a terminal window and issue the commands:

sudo apt-get update
sudo apt-get upgrade

Once those commands finish, if the kernel is upgraded, reboot the server with the command sudo reboot.

Installing dependencies

The next step is to install the necessary dependencies. We’ll first install the web and database servers with the following commands:

sudo apt-get install apache2
sudo apt-get install mysql-server

During the MySQL server install, you will be required to create/verify an admin user password.

Now we’ll install the remaining dependencies. Back at the terminal window, issue the following command:

sudo apt-get install php libapache2-mod-php php-mysql php-mbstring php-xml php-gd unzip

Create the database

We now must create a database for Subrion. From the terminal window, issue the command:

mysql -u root -p

Type the admin user password you created during the MySQL server installation. From the MySQL prompt, type the following commands:

CREATE DATABASE subrion;
GRANT ALL PRIVILEGES ON subrion.* TO ‘subrionuser’@’localhost’ IDENTIFIED BY ‘PASSWORD’ WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;

where PASSWORD is a unique, strong password.

Configure Apache

Apache must be configured to know about Subrion, as well as have mod_rewrite, php7.0, and mpm_prefork enabled. The first thing to do is edit the default Apache .conf file to add the mod_rewrite options. Issue the command:

sudo nano /etc/apache2/sites-available/000-default.conf

In that file, add the following under the DocumentRoot /var/www/html line:

<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>

Save and close that file.

Enable the modules with the commands:

sudo a2enmod mpm_prefork
sudo a2enmod php7.0

Restart Apache with the command:

sudo systemctl restart apache2

Download the Installer Package

Now we’re going to download the source package, unpack it, and give it the necessary permissions. First change into the /var/www/html directory with the command:

cd /var/www/html

Download the necessary file with the command:

sudo wget https://tools.subrion.org/get/latest.zip

Unzip the file with the command:

sudo unzip latest.zip

Set the necessary permissions with the following commands:

sudo chmod -R 777 tmp/ modules includes/
sudo chmod 777 backup/ uploads/

Start the web-based installer

Open a browser and point it to http://SERVER_IP/install (where SERVER_IP is the IP address of the server hosting Subrion). This should land you on the pre-installation check, where everything should test out okay (Figure A).

Figure A

The Subrion pre-installation checks out.

 

Click Next to begin the installation. This process requires the following:

• License agreement (it’s a GPL license, so just click Next).
• General/Database/Administrator setup (Figure B).

Figure B

The Subrion install configuration page.

 

Once you’ve configured Subrion, click Next and you’ll find yourself on the final page (Figure C), where you can install plugins, or go directly to either the Admin panel or the Home page.

Figure C

The Subrion installation is complete.

 

The final step is to change the permissions of the Subrion configuration file so that it is unwritable and remove the install.php file. Do this with the commands:

sudo chmod u-w /var/www/html/includes/config.inc.php
sudo rm /var/www/html/install/modules/module.install.php

At this point you can continue configuring Subrion to perfectly meet the needs of your business. Congratulations on successfully installing a powerful, flexible, open source Content Management System.

Also see

• How to monitor your Linux server with Glances (TechRepublic)
• How to install Zentyal Server on Ubuntu Server 16.10 (TechRepublic)
• How to install OrangeHRM on Ubuntu 16.04 (TechRepublic)
• How to install the Dolibarr ERP/CRM on Ubuntu 18.04 (TechRepublic)
• Around 62 percent of all Internet sites will run an unsupported PHP version in 10 weeks (ZDNet)
• Pretty low level, pretty big deal: Apache Kafka and Confluent Open Source go mainstream (ZDNet)

Source

Bitnami Elasticsearch Stack is a freely downloadable and cross-platform software project that provides users with an all-in-one graphical installer that helps them easily and quickly deploy the Elasticsearch web-based application and its runtime dependencies on personal computers.

What is Elasticsearch?

Elasticsearch is an open source, free and flexible distributed real-time analytics and search engine. The Bitnami Elasticsearch Stack includes ready-to-run versions of the Elasticsearch, Elasticsearch Head plugin and Oracle Java.

Getting started with Bitnami Elasticsearch Stack

The Bitnami Elasticsearch Stack product is available for all mainstream operating systems, supporting GNU/Linux, Microsoft Windows and Mac OS X. To install it on your GNU/Linux distribution, download the package that corresponds to your computer platform (32-bit or 64-bit).

Save the self-executable file on your desktop or Home folder, make it executable (right click on the file, go to Properties, access the Permissions tab and check the “Allow executing file as program” option), double-click it and follow the instruction displayed on the screen.

During the installation, you will be asked to choose the target directory for the installation, which can be a folder on your Home directory, as well as to specify the node host for the Elasticsearch app.

Run Elasticsearch in the cloud

In addition to installing Elasticsearch on your personal computer, it is also possible to run the application in the cloud using the pre-build cloud images created by Bitnami for the Amazon EC2 and Windows Azure cloud hosting providers. Bitnami also offers its own cloud infrastructure for running web apps like Elasticsearch.

Virtualize Elasticsearch on VMware and VirtualBox

Another interesting features is that you will be able to virtualize Elasticsearch on the Oracle VirtualBox and VMware ESX/ESXi virtualization software, thanks to Bitnami’s virtual appliance based on the latest LTS (Long Term Support) release of the Ubuntu Linux operating system.

Source

This story was originally published on Feb. 27, 2018, and is brought to you today as part of our Best of ECT News series.

It’s common for Linux users to hop between distributions and survey the field, and I recently reached a point where I had to seriously rethink the one I was using most of the time.

Between hardware compatibility issues with my old standby and some discouraging missteps with other go-to choices, I felt the time had come to reassess my pool of preferred distributions and repopulate it from scratch.

As my journey progressed, I realized that as often as I’ve discussed the field of Linux-based systems, I had not addressed how to pick one out. To give you an idea of how to approach distribution selection, I wanted to volunteer my recent search as one template. This is certainly not the only or best way to go about it — everyone has their own criteria and priorities — but my intention is to provide some reference points for mapping out your own way.

My Former Linux Flames

Before getting into how I ended up where I did, I’ll provide a snapshot of the distributions I came from. Formerly, my distribution of choice was Arch Linux. In use cases where hardware compatibility is solid and unshakable stability is not paramount, it still is.

After troubleshooting in my early Linux days repeatedly took me to the Arch Wiki, the appeal of embracing the distribution that produced such extensive documentation grew until it eventually won me over.

The distribution I previously reserved as a fallback in case Arch got too dicey was Ubuntu. Besides the fact that Ubuntu also has thorough documentation and a helpful community, it has the backing of a major player, its parent company Canonical. These factors made Ubuntu my refuge when dependability became essential.

So how did these two end up getting displaced from their lofty positions? Since some of the reevaluations I made about Ubuntu influenced my view of Arch, I’ll start there.

As I noted in an earlier piece, Ubuntu recently and egregiously
dropped the ball in terms of kernel maintenance. Late last year, Ubuntu included an experimental module in its version of the kernel, despite warnings from the upstream Linux kernel project (the source of the stock kernel that all distributions inherit and respectively customize) that it wasn’t ready. While there’s nothing wrong with pushing the envelope — it’s a good way to stand out in Linux’s crowded pack — this is an area where a conservative approach is wiser.

The unfinished Intel SPI driver in the Ubuntu 17.10 kernel went on to
damage the boot firmware — the extremely sensitive code directing your computer how to turn on — on machines by several manufacturers.

Mistakes do happen, even among Linux titans, but while I can’t prove this definitively, I suspect that Canonical’s termination of Ubuntu’s Unity desktop project and the ensuing organizational shakeup threw off its work somewhat.

Although this error was specific to Ubuntu, it led me to acknowledge that Arch, with its cutting-edge kernel, runs a higher risk of a similar stumble, since there is less time to test changes passed down from the upstream Linux kernel project. For me personally, when the stars align, there’s no other Linux experience like Arch, but that happens less often than I would like.

Consider This

I considered a number of worthy distributions before reaching my destination. By virtue of its exalted station in the Linux world,
Debian is worth a look for any Linux user. Debian outmatches most distributions in stability, and it is exceptionally lightweight, so it has a lot going for it.

Ironically, its solidity is why I eliminated it: In trying not to shake things up, Debian’s default kernel is too basic to support the features I need. You can swap in a more advanced kernel, but you have to switch to the Testing or Unstable tracks and reduce system stability comparably to Arch’s, at which point I’d rather use Arch.

In general, with the Debian experience you either take it or leave it — and for me, there were enough unappealing elements to choose the latter.

Another distribution I weighed was
openSuse, especially since it is regarded for security. Another draw is that it has two equally supported tracks, “Leap” for a smooth and dependable experience, and “Tumbleweed” for the thrill of the latest upgrades.

However, my research revealed that Leap suffers from Debian’s rigidity, and Tumbleweed from Arch’s volatility (perhaps more so).

Finally, I entertained a notable newcomer,
Solus. The distribution has climbed the rankings on
Distrowatch.com, and it showcases considerable polish, such as its impressive Budgie flagship desktop.

Unfortunately, as a distribution a small team developed from scratch (i.e., not based on any other), its selection of packages is limited. Additionally, while the Budgie desktop has made great strides, it is in the middle of a daunting transition. It simultaneously has been changing its underlying libraries from GTK to Qt and its display server from the ubiquitous X to the upstart Wayland. I am eager to try Solus once this transformation is complete, but I’ll leave them alone during the messy interim.

Top of the Heap

The distribution that emerged victorious in this contest was
Manjaro. While based on Arch, Manjaro holds onto its packages a little longer for further testing before release, adding stability. It also offers users what is probably the widest selection of kernel versions to run of any distribution I’ve seen. Best of all for those of us who revel in Arch, Manjaro takes the menial grunt work out of configuring Arch without compromising its power.

For a stability-minded auxiliary, I chose
Linux Mint. It’s possibly more stable than Debian, but still manages a slightly more adventurous update track. Moreover, the Mint update manager is a particularly impressive feat of engineering — it both streamlines the update process and adds granularity to the tracks users can follow. By dividing updates into five classes of potential system impact, users can choose the balance they want to strike.

My jaunt through the Linux ecosystem took me a long way and yet not very far: I ended up with two distributions that are built on my previous two.

Even so, I learned a lot in the process, and I found systems that are that much closer to my ideals. Does that mean you should use them too? Maybe, but just because they’re best for me — for now — doesn’t mean they are for you, too.

By relating my experience, my intention is to supply an example of the kinds of priorities you might want to consider, and how to weigh them. If you haven’t sampled many distributions, I hope you’ll now feel confident enough to give some of them a try. Consider this a little push!

Jonathan Terrasi has been an ECT News Network columnist since 2017. His main interests are computer security (particularly with the Linux desktop), encryption, and analysis of politics and current affairs. He is a full-time freelance writer and musician. His background includes providing technical commentaries and analyses in articles published by the Chicago Committee to Defend the Bill of Rights.

Source

Wednesday October 31, 2018 @11:21AM

from the quick-primer dept.

Donald Fischer, who served as a product manager for Red Hat Enterprise Linux during its creation and early years of growth, writes:

Red Hat saw, earlier than most, that the ascendance of open source made the need to pay for code go away, but the need for support and maintenance grew larger than ever. Thus Red Hat was never in the business of selling software, rather it was in the business of addressing the practical challenges that have always come along for the ride with software. […] As an open source developer, you created that software. You can keep your package secure, legally documented, and maintained; who could possibly do it better? So why does Red Hat make the fat profits, and not you? Unfortunately, doing business with large companies requires a lot of bureaucratic toil. That’s doubly true for organizations that require security, legal, and operational standards for every product they bring in the door. Working with these organizations requires a sales and marketing team, a customer support organization, a finance back-office, and lots of other “business stuff” in addition to technology. Red Hat has had that stuff, but you haven’t.

And just like you don’t have time to sell to large companies, they don’t have time to buy from you alongside a thousand other open source creators, one at a time. Sure, big companies know how to install and use your software. (And good news! They already do.) But they can’t afford to put each of 1100 npm packages through a procurement process that costs $20k per iteration. Red Hat solved this problem for one corner of open source by collecting 2,000+ open source projects together, adding assurances on top, and selling it as one subscription product. That worked for them, to the tune of billions. But did you get paid for your contributions?

You will be successful in your work.

Working…

Source

FreeBSD is a free and open source operating system for many different kinds of computers. FreeBSD’s based upon BSD, the version of UNIX developed at the University of California, Berkeley. FreeBSD is an alternative to Linux or Windows-based system. You can run almost all apps written in Perl, Python, PHP and other programming languages. FreeBSD heavily used by Netflix, EMC, IBM, Juniper, NetApp, Apple, Sony, and others. Absolute FreeBSD (3rd ed) book aims to be the complete guide to FreeBSD. Let us see why Michael W. Lucas’ FreeBSD system administration books so favorite among Unix lovers.

Book Review: Absolute FreeBSD (3rd Edition)

The book starts with an introduction to FreeBSD operating system and its history and strengths. The book divided into twenty-four chapters:

1. Getting More Help – You may find yourself needing more help about FreeBSD even after reading the book. The author talks about using man pages and resources on the Intenet to find more help match your requirements.
2. Before You Install – Before you start configuring FreeBSD box, you need to install FreeBSD. The author provides tips on avoiding common mistakes while installing FreeBSD.
3. Installation Walk-Through – This chapter provides a quick overview of installing FreeBSD with different filesystems and options.
4. Start Me Up! The Boot Process – The understanding of the FreeBSD boot process is an essential task for a sysadmin. Quite useful to solve and troubleshoot server issues.
5. Read This Before You Break Something Else! (Backup and Recovery) – The author talks about how to back up the FreeBSD system so that one can recover from human mistakes or system failures.
6. Kernel Games – The author explains how to configure the FreeBSD kernel to meet your requirements using the sysctl command, device drivers, custom kernel configs and more.
7. The Network – In this chapter, Michael talks about the basis of TCP/IP protocol.
8. Configuring Networking – The seventh chapter covered the theoretical part of TCP/IP. It is time to get hand dirty and learn actual commands that one can use to configure FreeBSD networking, routing, DNS, NIC teaming, VLAN and more.
9. Securing Your System – Securing the Internet-connected system is an essential task for the sysadmin. One can secure users, groups, files, FreeBSD system security level, and more.
10. Disks, Partitioning, and GEOM – Another import task is to configure and manage hard drives and partitions on your system. The author talks about partitioning schemes, disk alignment, and commands to manage disks under FreeBSD operating system.
11. The Unix File System – Unix File System (UFS) has been part of FreeBSD and Unix-like system for decades. ZFS is a cool FS but the much older system (read as “legacy” systems) and newer cloud-based system hosted by AWS/Google cloud by default use UFS. Learning UFS and its management commands are another crucial tasks for sysadmins.
12. ZFS – UFS is a 40-year-old and reliable file system for FreeBSD. However, ZFS is a newer and recommend filesystem to store a large amount of data, virtual machines, backups and more. One can learn about ZFS datasets, pools, virtual devices, and management commands for ZFS. (see also Book Review: FreeBSD Mastery – ZFS)
13. Foreign Filesystems – UFS and ZFS are the first class citizen of FreeBSD. Nevertheless, as a sysadmin one might need to mount different disks or configure file system for different client machines. The author talks about DVD/CD, ISOs, burning DVDs, temfs, configuring NFS/CIFS to create classic Unix file server and more. (see also Book Review: FreeBSD Mastery – Storage Essentials)
14. Exploring /etc – The author talks about the many configuration files in FreeBSD and how they work.
15. Making Your System Useful – Applications are the main reason to use any server and the author demos how to install, configure, remove, manage various applications on FreeBSD box using pkg command.
16. Customizing Software with Ports – The author talked about pkg command in the previous chapter. For most users, pre-built packages work out of the box, but in some cases, one might need to configure packages as per needs. FreeBSD ports provide additional tunning and building options for applications, and the author explains how to use FreeBSD ports system in details.
17. Advanced Software Management – The author talks about various concepts and commands for running software on FreeBSD systems such as SMP based system, rc scripts used at boot or shutdown times, shared libraries and more.
18. Upgrading FreeBSD – Want to upgrade FreeBSD system? Read this chapter to upgrade FreeBSD either using binary or source method.
19. Advanced Security Features – Over the years FreeBSD added the more exciting security features. The author discusses some of the important ones such as stateful packet filtering, public key encryption, OpenSSL, preparing system for intrusions, monitoring system, packages and more.
20. Small System Services – Want to turn FreeBSD into a small business server for LAN/WAN users? The author talks about popular services such as DHCP, email, time (ntpd), ssh (openssh), print server and more.
21. System Performance and Monitoring – Monitoring and running FreeBSD server is an essential task for the seasoned sysadmin. One can learn about the various command to find out the bottleneck that slowed down the system. The author talks about FreeBSD’s performance testing and troubleshooting tools that one might need to use to solve problems in production environments.
22. Jails – One must run all internet facing services in an isolated environment to maintain system security and integrity when you have multiple users or services. FreeBSD comes with Jails, and the author talks about setting up Jails to improve FreeBSD system security.
23. The Fringe of FreeBSD – The author covers some interesting topics such as running server/desktop without disks (diskless booting), and cloud-friendly features such as libxo. The libxo allows a FreeBSD application to generate text, XML, JSON, and HTML output using a standard set of function calls.
24. System (and Sysadmin) Crashes and Panics – Software and hardware crash. Sometimes one might find a ghost in the machine. How does one deal with rare occasions when a FreeBSD system fails? Fear not, the author shows how to debug problems, and create a useful problem report.

Absolute FreeBSD is a fantastic book on FreeBSD. Clear. Concise. Informative for new FreeBSD users and sysadmins. The author gives out best practices to learn FreeBSD operating system management and exciting tips to improve your skills. Lastly, I think this book is a must-have book for all people interested in learning FreeBSD system managment.

Book Info:

• Title: Absolute FreeBSD (3rd ed)
• Author: Michael W. Lucus
• Publisher: No starch press
• Length: 708 pages
• Target: System administrators or developers
• Rating: 5/5
• Disclaimer: No starch press sent us a review copy.
• Purchase online at Amazon

Source

News briefs for October 31, 2018.

The Fedora Project Manager announced the official release of Fedora 29 yesterday. This release is the first to include the Fedora Modularity feature across
all variants. Other changes include “GNOME 3.30 on the desktop, ZRAM for our ARM images, and a Vagrant image
for Fedora Scientific”. You can download it from here.

Red Hat Enterprise Linux 7.6 launched yesterday with improved security. eWeek reports that the new release features “TPM 2.0 support for security authentication, as well as integrating the open source
nftables firewall technology effort”. eWeek quotes principal project manager Steve Almy: “The TPM 2.0 integration in 7.6 provides an additional
level of security by tying the hands-off decryption to server hardware in addition to the network bound disk
encryption (NBDE) capability, which operates across the hybrid cloud footprint from on-premise servers to
public cloud deployments.” Version 7.6 is the second major milestone release of 2018.

Linux Lite 4.2 Final is now available. Linux Lite creator Jerry Bezencon says the release is “a ‘refinement’ and not a ‘major upgrade’.
There are some new wallpapers thanks to @whateverthing and some minor tweaks here and there.” One change with
this version is the addition of
Redshift, which “adjusts the color temperature according to the position of the sun”.

Google and a group of cetologists have been using AI to listen to years of undersea recordings with the hope of
creating “a machine learning model that can spot humpback whale calls”. According to TechCrunch, the project is part of Google’s AI for Social Good
initiative.

Resin.io, a container-based server platform for Linux device management, has “changed its name to balena and released an
open source version of its IoT fleet management platform for Linux devices called openBalena”, Linux
Gizmos reports. Founder and CEO of the company says the name change is due to “to trademark issues, to
cannabis references, and to people mishearing it as ‘raisin'”. balenaOS is “an open
source spinoff of the container-based device software that works with balenaCloud”, and the new openBalena “is an
open version of the balenaCloud server software. Customers can now choose between letting balena manage their
fleet of devices or building their own openBalena based server platform that manages fleets of devices running
balenaOS”.

Source