Home Blog Page 54

Enabling Open Source Projects with Impactful Engineering Experience

This post originally appeared on the FINOS Community Blog. The author, James McLeod, is the Director of Community at the Fintech Open Source Foundation, a project of the Linux Foundation. You may also want to listen to the Open Source in Finance podcast

I often talk about “engineering experience” and the importance for open source projects to provide fast, easy and impactful ways for open source consumers to realise return on engagement. Just like e-commerce stores that invest in user experience to encourage repeat sales, successful open source projects provide a slick installation, well written contextual documentation and a very compelling engagement model that encourages collaboration.

In fact, within the open source community, it’s possible to drive commitment to open source projects through “engineering experience”. Successful projects develop lives of their own and build communities of thousands that flock to repos, Meetups and in-person events.

This article is focused on the “engineering experience” related to automation and deployment, but future articles will also cover providing an engaging README.md, contextual documentation and the workflows needed to engage new and experienced open source contributors.

ENGINEERING EXPERIENCE PROVIDES DAY ZERO OPEN SOURCE VALUE

The risk of ignoring an open source project’s “engineering experience” is the project becoming a lifeless repository waiting for a community to discover them. Imagine the questions that have been answered in dormant repos that could be solving real world problems if engagement was easy.

At FINOS we’re driven to provide day zero value to financial services engineers looking to utilise FINOS open source projects. This philosophy is demonstrated by FINOS projects like LegendWaltzPerspective and FDC3 that engage in open source methodologies for ease of installation.

Without engaging in a healthy “engineering experience”, engineer teams might find themselves working through reams of documentation, setting flags and system settings that could take days to configure and test against each and every operating system on their route to production.

The scenario highlighted above has been mitigated by FINOS projects Legend and Waltz by using Juju and Charms, an open source framework that enables easy installation and automated operations across hybrid cloud environments. Without Juju and Charms, Legend and Waltz would need to be manually installed and configured for every single project instance.

By engaging Juju and Charms, Legend and Waltz are shipped using a method that enables the projects to be installed across the software development lifecycle. This accelerator provides a positive “engineering experience” whilst increasing engineering velocity and saving development and infrastructure costs.

From the very first point of contact, open source projects should be smooth and simple to understand, install, deploy and leverage. The first set of people an open source project will meet on its journey to success is the humble developer looking for tools to accelerate projects.

Hybrid cloud and containerisation is a powerful example of how projects should be presented to engineers to vastly improve end-to-end engineering experience, another is the entire node.js and JavaScript ecosystem.

ENGINEERING EXPERIENCE ENABLES NODE.JS AND JAVASCRIPT OPEN SOURCE DEVELOPMENT

Take node.js and the various ways the node ecosystem can be maintained. I’m a massive fan of Node Version Manager, an open source project that enables the node community to install and traverse versions of node from a simple and easy to engage command line tool.

Node Version Manager removes the requirement to install, uninstall and reinstall different versions of node on your computer from downloaded binaries. Node Version Manager runs on your local computer and manages the version of node needed with simple bash commands.

After installing nvm with a simple curl of the latest install.sh, Node Version Manager is now running on your local computer, Mac in my case, and node can be installed with nvm install node. Such a simple way to keep the node.js community engaged, updated and supported. Not only this, but the vast open source world of JavaScript can now be leveraged.

With Node Version Manager provided as an open source tool, the further “engineering experience” of yarn and npm can be explored. Which enables FINOS projects, like Perspective and FDC3, to be installed using node.js to accelerate the financial services industry with simple commands like yarn add @finos/perspective and yarn add @finos/fdc3.

The chaining together of “engineering experience”, that removes the pain of manual configuration by leveraging containers and command line automation, not only invites experimentation, but it’s contributed greatly to the exponential success of open source itself.

As the articles move through the different ways to engage open source communities to make open source projects successful, it would be great to hear your “engineering experience” experiences by emailing james.mcleod@finos.org or by raising a GitHub issue on the FINOS Community Repo.

The post Enabling Open Source Projects with Impactful Engineering Experience appeared first on Linux Foundation.

The Linux Foundation Announces Conference Schedule for Open Source Summit Europe 2022

The premier event in Europe for open source code and community contributors features 200+ sessions across 13 micro-conferences, covering the pivotal topics and technologies at the core of open source.

SAN FRANCISCO, July 12, 2022 —  The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the full schedule for Open Source Summit Europe, the leading conference for open source developers, technologists, and community leaders. The event is taking place September 13-16 in Dublin, Ireland and virtually. The schedule can be viewed here.

OS Summit Europe will feature a robust program of 325+ talks across 13 micro-conferences covering the most essential and cutting edge topics in open source: Linux Systems, Supply Chain Security, AI + Data, OSPOs, Community Leadership, Embedded IoT, Cloud, Diversity, Containers, Embedded Linux and more.

2022 Conference Session Highlights Include:

LinuxConContainers as an Illusion – Michael Kerrisk, man7.orgHow to Report Your Linux Kernel Bug – Thorsten Leemhuis
Embedded Linux ConferenceBooting Automotive ECUs Really Fast with Modern Security Features – Brendan Le Foll, BMW Car IT GmbHFrom a Security Expert’s Diary: DOs and DON’Ts when Choosing Software for Your Next Embedded Product – Marta Rybczynska, Syslinbit
CloudOpenAddressing the Transaction Challenge in a Cloud-native World – Grace Jansen, IBMThe Challenges and Solutions of Open Edge Infrastructures – Ildiko Vancsa, Open Infrastructure Foundation
OSPOConBuilding a Team for the Upstream: Things We Learned Building InnerSource Teams for Open Source Impact – Emma Irwin, MicrosoftA Practical Guide for Outbound Open Source – Which Scales and Can Be Adapted Easily for Companies of Different Size – Oliver Fendt, Siemens AG
Critical Software SummitThe Unexpected Demise of Open Source Libraries – Liran Tal, SnykAddress Space Isolation for Enhanced Safety of the Linux Kernel – Igor Stoppa, NVIDIA
Emerging OS ForumDemystifying the WASM Landscape: A Primer – Divya Mohan, SUSEHow Open Source Helps a Grid Operator with the Challenges of the Energy Transition – Jonas van den Bogaard & Nico Rikken, Alliander
SupplyChainSecurityConComposing the Ultimate SBOM – Ivana Atanasova & Velichka Atanasova, VMwareFrom Kubernetes With Open Tools For Open, Secure Supply Chains – Adolfo García Veytia, Chainguard
Diversity Empowerment SummitOvercoming Imposter Syndrome to Become a Conference Speaker! – Dawn Foster, VMwareTeaching Collaboration to the Next Generation of Open Source Contributors – Ruth Suehle, Red Hat
Open Source On-RampDebugging Embedded Linux – Marta Rybczynska, SyslinbitGetting Started with Kernel-based Virtual Machine (KVM) – Leonard Sheng Sheng Lee, Computas
Open AI + Data Forum Beyond Neural Search: Hands-on Tutorial on Building Cross-Modal/Multi-Modal Solution with Jina AI – Han Xiao & Sami Jaghouar, Jina AITruly Open Lineage – Mandy Chessell, Pragmatic Data Research Ltd
ContainerConEvaluation of OSS Options to Build Container Images – Matthias Haeussler, NovatecInteractive Debugging of Dockerfile With Buildg – Kohei Tokunaga, NTT Corporation
Community Leadership ConferencePanel Discussion: Growing Open Source in the Irish Government – Clare Dillon, Open Ireland Network; Tony Shannon, Department of Public Expenditure & Reform in Government of Ireland; Tim Willoughby, An Garda Síochána, Ireland’s Police Service; Gar Mac Criosta, Linux Foundation Public Health; John Concannon, Department of Foreign AffairsDev Team Metrics that Matter – Avishag Sahar, LinearB
Embedded IoT Summit Design of an Open Source, Modular, 5G Capable, Container Based, Scientific Data Capture Hexacopter – Mauro Borrageiro & Ngoni Mombeshora, University of Cape TownContributing to Zephyr vs (Linux and U-boot) – Parthiban Nallathambi, Linumiz

Keynote speakers will be announced in the coming weeks. 

Registration (in-person) is offered at the early price of $850 through July 17. Registration to attend virtually is $25. Members of The Linux Foundation receive a 20 percent discount off registration and can contact events@linuxfoundation.org to request a member discount code. 

Applications for diversity and need-based scholarships are currently being accepted. For information on eligibility and how to apply, please click here. The Linux Foundation’s Travel Fund is also accepting applications, with the goal of enabling open source developers and community members to attend events that they would otherwise be unable to attend due to a lack of funding. To learn more and apply, please click here.

Health and Safety
In-person attendees will be required to be fully vaccinated against the COVID-19 virus and will need to comply with all on-site health measures, in accordance with The Linux Foundation Code of Conduct. To learn more, visit the Health & Safety webpage.

Event Sponsors
Open Source Summit Europe 2022 is made possible thanks to our sponsors, including Diamond Sponsors: AWS, Google and IBM, Platinum Sponsors: Huawei and Intel, and Gold Sponsors: Cloud Native Computing Foundation, Codethink, Docker, Mend, Red Hat, and Styra. For information on becoming an event sponsor, click here or email us.

Press
Members of the press who would like to request a press pass to attend should contact Kristin O’Connell.

ABOUT THE LINUX FOUNDATION
Founded in 2000, the Linux Foundation and its projects are supported by more than 2,950 members. The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, ONAP, Hyperledger, RISC-V, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at https://linuxfoundation.org/

The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.

Visit our website and follow us on Twitter, LinkedIn, and Facebook for all the latest event updates and announcements.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds. 

###

Media Contact

Kristin O’Connell
The Linux Foundation
koconnell@linuxfoundation.org

The post The Linux Foundation Announces Conference Schedule for Open Source Summit Europe 2022 appeared first on Linux Foundation.

10th Annual Jobs Report: Skill up for the summer and your next open source gig

For those of us in the northern hemisphere, summer is finally here! Perhaps you celebrated the Summer Solstice a few weeks ago. If you’re from the United States, the fireworks from the 4th of July are now just a fun memory.

Like me, you’re now probably thinking about how you’re going to spend your downtime this summer. Perhaps you plan on taking things easy, maybe finishing off that novel you never got to this year, or taking a road trip?

Well, it’s time to quit slacking, penguin. With the news of layoffs and inflation, and investment market declines taking the wind out of summer sailboats, there’s no better time than now to skill up for your next job, or to stay up-to-date on your current one. The good news is that there are great resources to help stay competitive during uncertain market times, and just in time for summer, too!

Linux Foundation Research and LF Training & Certification recently published its latest paper, the 10th Annual Open Source Jobs Report. While it’s not your usual beach reading material, the conclusions are timely and significant, so you should pay close attention.

One of the key takeaways was this: open source professionals seek satisfying employment with plenty of opportunities to develop skills. Unsurprisingly, they want to work in a pleasant and collaborative atmosphere, with a competent staff that is equally enthusiastic about their chosen field. If you’re highly skilled, maybe now’s a good time to ask for a raise?

And the folks that want to fill those jobs, the hiring managers? They’re seeking the brightest talent to fill open positions. They want individuals who are not only qualified but also a good match for their business culture. And guess what. There are not enough people with the necessary skills.

So what does this mean for open source professionals? Training and certifications can give you that extra edge when looking for that new position and potentially command a higher salary in your current job.

FINOS Announces 2022 State of Open Source in Financial Services Survey

FINOS, the fintech open source foundation, and its research partners, Linux Foundation Research, GitHub, Intel, Mend, Red Hat, Scott Logic, SUSE, Symphony, Tradeweb, and Wipro, are conducting its second annual survey as part of its ongoing research on the state of open source adoption, contribution, and readiness in the financial services industry. 

The increased prevalence, importance, and value of open source is well understood and widely reported by many industry surveys and studies. However, the rate at which different industries acknowledge this shift and adapt their working practices to capitalize on the new world of open source-first differs considerably.

The financial services industry has been a long-time consumer of open source software; however, many are struggling in contributing to and publishing open source software and standards and adopting open source methodologies. A lack of understanding of building and deploying efficient tooling and governance models is often seen as a limiting factor.

This survey and report seek to explore open source within the context of financial services organizations, including banks, asset managers, and hedge funds but it is designed as a resource to be used by all financial services organizations as an annual tracking of metrics. 

Please participate now; we intend to close the survey in early August. Privacy and confidentiality are important to us. Neither participant names, nor their company names, will be published in the final results.

To take the 2022 FINOS Survey, click the button below:

BONUS

As a thank-you for completing this survey, you will receive a 25% discount code on enrollment in any course in the Linux Foundation Training catalog.

PRIVACY

Your name and company name will not be published. Reviews are attributed to your role, company size, and industry. Responses will be subject to the Linux Foundation’s Privacy Policy, available at https://linuxfoundation.org/privacy. Please note that survey partners who are not Linux Foundation employees will be involved in reviewing the survey results. If you do not want them to have access to your name or email address, please do not provide this information.

VISIBILITY

We will summarize the survey data and share the findings during Open Source Strategy Forum, 2022. The summary report will be published on the FINOS and Linux Foundation websites. 

QUESTIONS

If you have questions regarding this survey, please email us at info@finos.org

The post FINOS Announces 2022 State of Open Source in Financial Services Survey appeared first on Linux Foundation.

How to configure a firewall on Linux with firewalld

Learn how to install, configure, and use firewalld to restrict or allow a computer’s access to services, ports, networks, subnets, and IP addresses.

Read More at Enable Sysadmin

Hendrick and Jarvis Talk Software Security

While open source software is ubiquitous and generally regarded as being secure, software development practices vary widely across projects regarding application development practices, protocols to respond to defects, or lack of standardized selection criteria to determine which software components are more likely to be secure. Consequently, software supply chains are vulnerable to attack, with implications and challenges for open source project communities. 

To help improve the state of software supply chain security, the Linux Foundation, the Open Source Security Foundation (OpenSSF), Snyk, the Eclipse Foundation, CNCF, and CI/CD Foundation conducted research and released the findings in the report, Addressing Cybersecurity Challenges in Open Source Software, during the 2022 Open Source Summit North America. 

At the Summit, Stephen Hendrick, LF’s Vice President of Research, and Matt Jarvis, Director of Developer Relations at Snyk, sat down with Alan Shimel of TechStrong TV to discuss the findings and next steps. Here are some key takeaways:

Alan: “ I think we’re always disappointed when we do the surveys that we find out, you know, beyond the lip service that gets paid to security, what actually is going on under the covers, and we’re always wishing for and hoping for more. That being said, I don’t want to be pessimistic. I am of the glass half full opinion that we are doing better and more security now than we probably ever have done.”

Stephen: “On the issue of, do organizations have an open source security policy. What we found was 49% said they had one, that’s good. 34% did not. And 17% said they don’t know.”

Matt: “In larger enterprises… you’ve got that kind of ingrained culture over a long time in terms of security and about how you consume software. . . the hardest problem in security isn’t really about technology at all. It’s always about people and culture. . . We’ve got two kinds of things happening in almost a perfect storm. At the same time, we’ve got this massive rise in supply chain attacks on open source, because, you know, it’s a victim of its own success. And attackers have realized it’s a lot easier to get into the supply chain than it is to find zero days in end user applications. So you’ve got that going on, where all of a sudden, folks are going, well, everything we do is based on open source, like, what do I do about security? And then, as Steve pointed out, you’ve got this, this ongoing, massive transformation of how we develop software, you know, this superfast high velocity.”

Stephen: “We asked. . . how do you intend to improve on the situation?. . . Top of the list was organizations are looking for more intelligent tools. . .  That was at 59%. . . Right behind that at 52% was a strong desire to understand and essentially codify best practices for how to do secure software development”

Matt: “Culture change is such a big part of how you make that transition from your kind of old school, security as gatekeeper kind of function, to this thing, where we put it to the developers, because the developers are the ones who, you know, you fix it at the developer eyeball before it’s got anywhere near production. That is the cheapest.”

Stephen: “You know, I did a report last year on SBOMs. And I gotta tell you that factors right into this. . . we did some stats in this survey on dependencies, you know, both direct and transitive, and found, really, sort of low levels of strong, strong security around organizations understanding the security posture of all these different dependencies and dependencies of dependencies. Really low numbers there. SBOMs would go so far in helping sort all that out.

“They’re going to give you knowledge about the metadata, it’s gonna give you usability, so you know that you’re licensed to use the stuff, and it’s going to know if it was good, if you trust that not only what you’re looking at for metadata is not falsified, but also understanding quite clearly, you know, what’s been fixed, what hasn’t been fixed from a vulnerability standpoint.”

Matt: “I think when people think about policies, they think, Oh, this needs to be like a 100 page document of some kind, you know, then it becomes overwhelming, but really a policy can be a one liner.”

Watch the full interview and read the transcript below.

LEGO and Angel Island

Like many of the folks in open source, the LF’s Kenny Paul is a huge fan of building things out of LEGO. For Kenny however, it goes a bit beyond just opening a box and following the instruction book. In fact, he rarely ever builds anything from a kit, instead building highly complex and detailed models entirely from his imagination. Yes, for you LEGO Movie fans, Kenny is a Master Builder

 When I get a new kit I usually look at it in terms of pure raw material rather than whatever is shown on the box

 “When I get a new kit I usually look at it in terms of pure raw material rather than whatever is shown on the box”, he says with a smile radiating the possibilities. That approach seems to have worked quite well for him for a long time now. Over the holiday season he builds a 120 square foot display in his garage that often draws 300+ people a day, he worked on the Mythbusters’ Giant LEGO Ball episode (#117), he has scale models of farm equipment in the permanent collection of a local museum, and in January of 2020 he finished second in a competition for one of LEGOLand’s coveted LEGO Master Model Builder positions, of which there are only 13 in all of North America. 

Photos: MythBusters Giant LEGO Ball mid-build, LEGOLand’s LEGO Master Model Builder Competition, and Kenny’s holiday garage display

Angel Island

However, he recently finished a project that he says has been the most difficult and meaningful project he has ever been a part of. The subject matter revolves around a troubling chapter in American history and a small bit of rock and scrub brush in the middle of San Francisco Bay called Angel Island.

Ask your average 4th grader if they have ever heard of Ellis Island and they can probably tell you at least something about the well-known narrative surrounding immigration and the United States. Ask them about Angel Island, however, and you’ll probably get a confused look and a shake of the head.

Although Angel Island was often called, “The Ellis Island of the West” in the early 1900s, it was anything but welcoming. In reality it was established specifically for the purpose of excluding immigration for those of Asian descent and Chinese immigrants in particular. It wasn’t a place for, Give me your tired, your poor, your huddled masses… It was more like, Nope, talk to the hand. 

Japanese Internments

When Japan attacked the US Naval base at Pearl Harbor on December 7th, 1941, Angel Island took on an entirely new role during the early stages of the war, but one that was unfortunately still in line with its original anti-Asian roots. Many people are still unaware that following Pearl Harbor, the US Government, on the orders of President Franklin D. Roosevelt, rounded up thousands of US citizens and put them into internment camps for the duration of the war simply because of their Japanese ancestry. Yes, that’s right. This included US citizens who were officially reclassified as enemies of the state purely based upon their heritage. For the first wave of those who were incarcerated, Angel Island was used as the processing center before they were sent off to one of the infamous internment camps across the US, like Manzanar, Tule Lake, or Heart Mountain

How to educate children about the history?

Remember how we mentioned 4th graders earlier?  Well, learning about California history is a pillar of the 4th grade curriculum here in the Golden State and that is what led to this particular project. The problem? Hundreds of 4th graders tour Angel Island every year – How do you engage them on very painful and hard to understand subject matter like internment?  Well, the folks from the California State Park system and the Angel Island Immigration Station Foundation, which runs the museum there, thought that a LEGO model of the site as it existed during WWII might help bridge that gap.

AIISF reached out to the local LEGO club in the Bay Area in August of 2021 to see if anyone might be interested in volunteering for a project. A number of folks joined the introductory Zoom call, but after hearing the scope of what was being requested, it was clear that this was a long duration project that would take months to complete. After that first meeting, only Kenny and two other members of the club, Johannes van Galen and Nick McConnell, agreed to proceed with the build.

The LEGO Build

The model was unveiled as the center anchor point for the exhibit, “Taken From Their Families; …” in May, which is Asian & Pacific Islander Heritage Month. Measuring 4 feet by 6 feet, it contains an estimated 30,000 LEGO pieces. The trio invested over 400 hours between research, design, procuring the parts, and of course the build itself.

Getting the model to the museum was no easy feat either. It had to be built in sections, moved by van about 60 miles from where it was being constructed, taken over to the island on a state park supply ship, then reassembled and “landscaped” once on site. 

The Research

“The research aspect was really fascinating to me”, said Kenny, who was responsible for building all of the buildings. He spent countless hours pouring through archival photos and diagrams and topographic maps provided by the state park and even went as far as looking at records from the Library of Congress in some cases. The goal was to be as accurate as possible while still working within the limitations of scale, plus LEGO part and color availability.  In one case that research took an unexpected turn that as Kenny puts it, “Stood the hairs up on the back of my neck.”  

The largest building in the camp during WWII was still under construction when the war broke out. It replaced a previous building which burned to the ground in 1940. After Pearl Harbor, the new building was rapidly completed and pressed into service. Following the War, it was bulldozed by the Army. The problem was that no one working on the project could figure out what that building actually looked like. Only two grainy photos of the WWII era building could be found and neither photo made sense when compared to the building foundations that can still be seen on the island today. Then Kenny realized a well-known watercolor drawing in the museum’s collection solved the puzzle. The most remarkable aspect of the drawing is that the entire camp is depicted the way it looks from offshore rather than as viewed from the perspective of the detention barracks where prisoners were held. The realization was stunning – it was painted from memory by the artist. It was the way he saw the island the day he steamed into San Francisco Bay from Hawaii as a political prisoner of his own country. Smiling as tears well up in his eyes, Kenny says, “Every time I think about the fact I needed a painting made by one of the very first Japanese Americans arrested during that time to complete a scale model of that same camp 80 years later, it always chokes me up.”  

Every time I think about the fact I needed a painting made by one of the very first Japanese Americans arrested during that time to complete a scale model of that same camp 80 years later, it always chokes me up.

The model is now on permanent display in the same mess hall that was used by the prisoners. For more information on the exhibit, please see https://aiisf.org/taken.

Kenny Paul works as a Senior Technical Community Architect at the Linux Foundation. He currently works on the Open Network Automation Project (ONAP) and LF Networking. His is just one of the many unique backgrounds that make up the people behind open source. To hear more stories, listen to our Untold Stories of Open Source podcast

And on a related aside, this is a gripping and heart-warming story about bonds made at the Heart Mountain Japanese internment camp in Wyoming.

Below are photos of some of Kenny’s favorites builds.

Photos: Some of Kenny’s favorite builds: B-17; Firehouse #7 in Washington, DC, home to the first all-black engine company in the days of departmental segregation between 1919 and 1962; and, LEGO tractors built for a museum display.

Some other stories behind open source

The post LEGO and Angel Island appeared first on Linux Foundation.

How to install RHEL a new way with image builder

Red Hat Enterprise Linux’s image builder service saves time and reduces complexity when deploying optimized systems across datacenters and cloud footprints.

Read More at Enable Sysadmin

Reasons to install Unbreakable Enterprise Kernel release 7 (UEK7) on Oracle Linux

With the release of UEK7 comes a plethor

Click to Read More at Oracle Linux Kernel Development

How to manage Apache web servers using Jinja2 templates and filters

Get your infrastructure running quickly and reliably by automating your configuration using Jinja2 templates for Ansible.

Read More at Enable Sysadmin