Troubleshoot complex network and application issues with ksniff, a kubectl plugin that captures packets in Kubernetes pods.
Read More at Enable Sysadmin
Troubleshoot complex network and application issues with ksniff, a kubectl plugin that captures packets in Kubernetes pods.
Read More at Enable Sysadmin
Troubleshoot complex network and application issues with ksniff, a kubectl plugin that captures packets in Kubernetes pods.
Read More at Enable Sysadmin
LFN Community publishes white paper highlighting cybersecurity efforts Telecom, Cloud and Enterprise align with 5G Super Blue Print across ONAP, Anuket, EMCO, Magma, ORAN-SC and more projects as Enterprise eBFP project, L3AF, is inducted into LF NetworkingATOS, GenXComm, Keysight Technologies and Telaverge Communications join LFN as Silver members
SAN FRANCISCO, April 12, 2022 – LF Networking, which facilitates collaboration and operational excellence across open source networking projects, today announced continued momentum focused on re-aggregation, with updates to security, 5G blueprints, and the addition of four new Silver members: ATOS, GenXComm, Keysight Technologies, and Telaverge Communications.
“As the LF Networking community rolls into its fourth year as an umbrella project organization, we are pleased to see robust efforts focused on securing 5G across multiple project & foundations as we welcome even more industry-leading organizations to the project,” said Arpit Joshipura, general manager, Networking, Edge and IoT, the Linux Foundation. “It’s the robust and diverse set of member companies that enable LFN’s collaborative innovation into the future of 5G and networking.”
5G Super Blue Print Ecosystem Expands
The community is making progress with the 5G Super Blueprint, a community-driven integration/illustration of multiple open source initiatives, projects, and vendors coming together to show use cases demonstrating implementation architectures for end users. The 5G Super Blueprint is now integrated across even more projects––including Magma (1.6), EMCO, and Anuket––building open source components applicable to a variety of industry use cases. Preliminary scoping for future integrations with the O-RAN Software Community have begun, setting the stage for end-to-end open source interoperability from the core through the RAN and future compliance activities.
Meanwhile, the L3AF project has been inducted into the LF Networking umbrella, as membership expands further across the ecosystem with new Silver members.
L3AF is an open source project, developed by Walmart, housing cutting-edge solutions in the realm of eBPF (a revolutionary technology that allows us to run sandboxed programs in an operating system kernel) that provides complete life-cycle management of eBPF programs with the help of an advanced control plane that has been written in Golang. The control plane orchestrates and composes independent eBPF programs across the network infrastructure to solve crucial business problems. L3AF’s eBPF programs include load-balancing, rate limiting, traffic mirroring, flow exporter, packet manipulation, performance tuning, and many more. L3AF joined the Linux Foundation in fall of 2021 and has now been inducted into the LF Networking project umbrella.
New LFN Silver members include:
ATOS, a multi-vendor end-to-end system integrator in both IT and telecom network space; specialized in multi-cloud solutions, edge and MEC, 5G-enabled applications with an AI/ML focus, cybersecurity, and decarbonization. GenXComm Inc.’s mission is to deliver limitless computing power, fast connectivity, and on-demand intelligence to every location on EarthKeysight Technologies, Inc. is a leading technology company that delivers advanced design and validation solutions to help accelerate innovation to connect and secure the worldTelaverge Communications is the leader in complete Network Test Automation Orchestration and Digital Transformation products (Regal for Containers and Cloud) designed for enterprises, operators and OEM’s. Telaverge’s open source based private LTE and 5G cores are pre-integrated with Regal for zero touch testing and deployment.
A full list of LFN member organizations can be found here: https://www.lfnetworking.org/membership/members/
LFN Security White Paper
Highlighting its security efforts to help secure open source networking against cybersecurity attacks, the community published a white paper titled “Securing Open Source 5G from End to End” that is now available for download.
“A unique advantage of developing software in the open is more eyes on the code; when it comes to security, that translates to large groups of experts who can propose improvements and enhancements in a faster, more scalable fashion– and that is true for LFN,” said Amy Zwarico, vice chair of the ONAP Security subcommittee. “Community collaboration via security working groups and sub-committees to address secure software development practices, SBOMs, DDoS mitigation and other threats are just some of the steps LFN is taking to create code that can be trusted to run our networks.”
At a time when the United States White House has issued multiple Executive Orders to address cybersecurity and supply chain attacks, the LFN community continues to take steps to ensure open source networking is secure. The group is publishing a white paper to outline its security strategies, including the formation of security-focused committees and subcommittees; development and adoption of security Software Bill of Materials (SBOM); OpenSSF badging; and use of the LFX Platform’s Security Dashboard to enable developers to identify and resolve vulnerabilities quickly and easily; and more. Download the white paper for more information.
Upcoming Events
The LF Networking developer community will host the LFN Developer & Testing Forum this Spring, taking place June 13-16, in Porto, Portugal. Registration for that event is open, with more details to come.
Open Networking & Edge (ONE) Summit North America will take place November 15-16 in Seattle, Wash. The event will be followed by a two-day LFN Developer & Testing Forum (Nov 17-18) in the same venue. The Open Networking & Edge Summit is the industry’s premier open networking and edge computing event focused on end to end solutions powered by open source in the Telco, Cloud, and Enterprise verticals. Attendees will learn how to leverage open source ecosystems and gain new insights for digital transformation. More information will be available soon.
Support from new members
“The mission of Atos is to support our customers throughout a multitude of industry sectors on their edge-to-cloud journey. We help telecom customers leverage cloud synergies between their IT and their network, and introduce new edge computing and 5G MEC services. We are excited about ONAP and other programs of the LFN, as they facilitate exactly these synergies in a growing market.”
“Keysight is pleased to join LF Networking as a silver member and contribute to an ecosystem with the common goal of advancing technology and innovation built on open source software and standards,” said Kalyan Sundhar, vice president of Edge-to-Core Networks at Keysight Technologies. “Keysight leverages open source standards for end-to-end network harmonization produced by the LF Networking community to enable this ecosystem to cost-effectively accelerate protocol and performance design validation.”
About the Linux Foundation
Founded in 2000, the Linux Foundation is supported by more than 2,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit linuxfoundation.org.
The Linux Foundation Events are where the world’s leading technologists meet, collaborate, learn and network in order to advance innovations that support the world’s largest shared technologies.
The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.
###
The post Secure Open Source 5G Gains Momentum as Community Focuses on Re-aggregation, with 5G Super-Blueprints and New Members appeared first on Linux Foundation.
Simplify how you interact with containers by incorporating pods, init containers, additional image stores, system reset, and play kube into your work.
Read More at Enable Sysadmin
Simplify how you interact with containers by incorporating pods, init containers, additional image stores, system reset, and play kube into your work.
Read More at Enable Sysadmin
First in a regular series of blogs highl
Click to Read More at Oracle Linux Kernel Development
This is a classic article written by Jack Wallen from the Linux.com archives. For more great SysAdmin tips and techniques check out our free intro to Linux course.
Many years ago, when I first began with Linux, installing applications and keeping a system up to date was not an easy feat. In fact, if you wanted to tackle either task you were bound for the command line. For some new users this left their machines outdated or without applications they needed. Of course, at the time, most everyone trying their hand at Linux knew they were getting into something that would require some work. That was simply the way it was. Fortunately times and Linux have changed. Now Linux is exponentially more user friendly – to the point where so much is automatic and point and click – that today’s Linux hardly resembles yesterday’s Linux.
But even though Linux has evolved into the user-friendly operating system it is, there are still some systems that are fundamentally different than their Windows counterparts. So it is always best to understand those systems in order to be able to properly use those system. Within the confines of this article you will learn how to keep your Linux system up to date. In the process you might also learn how to install an application or two.
There is one thing to understand about updating Linux: Not every distribution handles this process in the same fashion. In fact, some distributions are distinctly different down to the type of file types they use for package management.
Ubuntu and Debian use .deb
Fedora, SuSE, and Mandriva use .rpm
Slackware uses .tgz archives which contain pre-built binaries
And of course there is also installing from source or pre-compiled .bin or .package files.
apt-get: Command line tool.
Update Manager: GUI tool.
Security updates: Daily
Non-security updates: Weekly
If you want to manually check for updates, you can do this by clicking the Administration sub-menu of the System menu and then selecting the Update Manager entry. When the Update Manager opens click the Check button to see if there are updates available.
Check the updates you want to install. By default all updates are selected.
Click the Install Updates button.
Enter your user (sudo) password.
Click OK.
The updates will proceed and you can continue on with  your work. Now some updates may require either you to log out of your desktop and log back in, or to reboot the machine. There are is a new tool in development (Ksplice) that allow even the update of a kernel to not require a reboot.
Once all of the updates are complete the Update Manage main window will return reporting that Your system is up to date.
Now let’s take a look at the command line tools for updating your system. The Ubuntu package management system is called apt. Apt is a very powerful tool that can completely manage your systems packages via command line. Using the command line tool has one drawback – in order to check to see if you have updates, you have to run it manually. Let’s take a look at how to update your system with the help of Apt. Follow these steps:
Open up a terminal window.
Issue the command sudo apt-get upgrade.
Enter your user’s password.
Look over the list of available updates (see Figure 2) and decide if you want to go through with the entire upgrade.
To accept all updates click the ‘y’ key (no quotes) and hit Enter.
Watch as the update happens.
That’s it. Your system is now up to date. Let’s take a look at how the same process happens on Fedora (Fedora 12 to be exact).
yum: Command line tool.
GNOME (or KDE) PackageKit: GUI tool.
Depending upon your desktop, you will either use the GNOME or the KDE front-end for PackageKit. In order to open up this tool you simply go to the Administration sub-menu of the System menu and select the Software Update entry.  When the tool opens (see Figure 3) you will see the list of updates. To get information about a particular update all you need to do is to select a specific package and the information will be displayed in the bottom pane.
To go ahead with the update click the Install Updates button. As the process happens a progress bar will indicate where GNOME (or KDE) PackageKit is in the steps. The steps are:
Resolving dependencies.
Downloading packages.
Testing changes.
Installing updates.
When the process is complete, GNOME (or KDE) PackageKit will report that your system is update. Click the OK button when prompted.
Now let’s take a look at upgrading Fedora via the command line. As stated earlier, this is done with the help of the yum command. In order to take care of this, follow these steps:
Open up a terminal window (Do this by going to the System Tools sub-menu of the Applications menu and select Terminal).
Enter the su command to change to the super user.
Type your super user password and hit Enter.
Issue the command yum update and yum will check to see what packages are available for update.
Look through the listing of updates (see Figure 4).
If you want to go through with the update enter ‘y’ (no quotes) and hit Enter.
Sit back and watch the updates happen.
Exit out of the root user command prompt by typing “exit” (no quotes) and hitting Enter.
Close the terminal when complete.
Your Fedora system is now up to date.
Granted only two distributions were touched on here, but this should illustrate how easily a Linux installation is updated. Although the tools might not be universal, the concepts are. Whether you are using Ubuntu, OpenSuSE, Slackware, Fedora, Mandriva, or anything in-between, the above illustrations should help you through updating just about any Linux distribution. And hopefully this tutorial helps to show you just how user-friendly the Linux operating system has become.
Ready to continue your Linux journey? Check out our free intro to Linux course!
The post Classic SysAdmin: Linux 101: Updating Your System appeared first on Linux Foundation.
Here at The Linux Foundation’s blog, we share content from our projects, such as this article by Joel Hans from the Cloud Native Computing Foundation’s blog.
The telecommunications industry is the backbone of today’s increasingly-digital economies, but it faces a difficult new challenge in evolving to meet modern infrastructure practices. How did telecommunications get itself into this situation? Because the risks of incidents or downtime are so severe, the industry has focused almost exclusively on system designs that minimize risk and maximize reliability. That’s fantastic for mission-critical services, whether public air traffic control or private high-speed banking, but it emphasizes stability over productivity and the adoption of new technologies that might make their operations more resilient and performant.
Telecommunications is playing catch-up on cloud native technology, and the downstream effects are starting to show. These organizations are now behind the times on the de facto choices for enterprise and IT, which means they’re less likely to recruit the top-tier engineering talent they need. In increasingly competitive landscapes, they need to escalate productivity and deploy new telephony platforms to market faster, not get quagmired in old custom solutions built in-house.
To make that leap from internally-trusted to industry-trusted tooling, telecommunications organizations need confidence that they’re on track to properly evolve their virtual network function (VNF) infrastructure to enable cloud native functions using Kubernetes. That’s where CNCF aims to help.
A cloud native network function (CNF) is an application that implements or facilitates network functionality in a cloud native way, developed using standardized principles and consisting of at least one microservice.
And the CNF Test Suite (cncf/cnf-testsuite) is an open source test suite for telcos to know exactly how cloud native their CNFs are. It’s designed for telecommunications developers and network operators, building with Kubernetes and other cloud native technology, to validate how well they’re following cloud native principles and best practices, like immutable infrastructure, declarative APIs, and a “repeatable deployment process.”
The CNCF is bringing together the Telecom User Group (TUG) and the Cloud Native Network Function Working Group (CNF WG) to implement the CNF Test Suite, which helps telco developers and ops teams build faster feedback loops thanks to the suite’s flexible testing and optimized execution time. Because it can be integrated into any CI/CD pipeline, whether in development or pre-production checks, or run as a standalone test for a single CNF, telecommunications development teams get at-a-glance understanding of how their new deployments align with the cloud native ecosystem, including CNCF-hosted projects, technologies, and concepts.
It’s a powerful answer to a difficult question: How cloud native are we?
The CNF Test Suite leverages 10 CNCF-hosted projects and several open source tools. A modified version of CoreDNS is used as an example CNF for end users to get familiar with the test suite in five steps, and Prometheus is utilized in an observability test to check the best practice for CNFs to actively expose metrics. And it packages other upstream tools, like OPA Gatekeeper, Helm linter, and Promtool to make installation, configuration, and versioning repeatable. The CNF Test Suite team is also grateful to contributions from Kyverno on security tests, LitmusChaos for resilience tests, and Kubescope for security policies.
The minimal install for the CNF Test Suite requires only a running Kubernetes cluster, kubectl, curl, and helm, and even supports running CNF tests on air-gapped machines or those who might need to self-host the image repositories. Once installed, you can use an example CNF or bring your own—all you need is to supply the .yml file and run `cnf-testsuite all` to run all the available tests. There’s even a quick five-step process for deploying the suite and getting recommendations in less than 15 minutes.
At the start of 2022, the CNF Test Suite can run approximately 60 workload tests, which are segmented into 7 different categories.
Compatibility, Installability & Upgradability: CNFs should work with any Certified Kubernetes product and any CNI-compatible network that meet their functionality requirements while using standard, in-band deployment tools such as Helm (version 3) charts. The CNF Test Suite checks whether the CNF can be horizontally and vertically scaled using `kubectl` to ensure it can leverage Kubernetes’ built-in functionality.
Microservice: The CNF should be developed and delivered as a microservice for improved agility, or the development time required between deployments. Agile organizations can deploy new features more frequently or allow multiple teams to safely deploy patches based on their functional area, like fixing security vulnerabilities, without having to sync with other teams first.
State: A cloud native infrastructure should be immutable, environmentally-agnostic, and resilient to node failure, which means properly managing configuration, persistent data, and state. A CNF’s configuration should be stateless, stored in a custom resource definition or a separate database over local storage, with any persistent data managed by StatefulSets. Separate stateful and stateless information makes for infrastructure that’s easily reproduced, consistent, disposable, and always deployed in a repeatable way.
Reliability, Resilience & Availability: Reliability in telco infrastructure is the same as standard IT—it needs to be highly secure and reliable and support ultra-low latencies. Cloud native best practices try to reduce mean time between failure (MTBF) by relying on redundant subcomponents with higher serviceability (mean time to recover (MTTR)), and then testing those assumptions through chaos engineering and self-healing configurations. The Test Suite uses a type of chaos testing to ensure CNFs are resilient to the inevitable failures of public cloud environments or issues on an orchestrator level, such as what happens when pods are unexpectedly deleted or run out of computing resources. These tests ensure CNFs meet the telco industry’s standards for reliability on non-carrier-grade shared cloud hardware/software platforms.
Observability & Diagnostics: Each piece of production cloud native infrastructure must make its internal states observable through metrics, tracing, and logging. The CNF Test suite looks for compatibility with Fluentd, Jaeger, Promtool, Prometheus, and OpenMetrics, which help DevOps or SRE teams maintain, debug, and gather insights about the health of their production environments, which must be versioned, maintained in source control, and altered only through deployment pipelines.
Security: Cloud native security requires attention from experts at the operating system, container runtime, orchestration, application, and cloud platform levels. While many of these fall outside the scope of the CNF Test Suite, it still validates whether containers are isolated from one another and the host, do not allow privilege escalation, have defined resource limits, and are verified against common CVEs.
Configuration: Teams should manage a CNF’s configuration in a declarative manner—using ConfigMaps, Operators, or other declarative interfaces—to design the desired outcome, not how to achieve said outcome. Declarative configuration doesn’t have to be executed to be understood, making it far less prone to error than imperative configuration or even the most well-maintained sequences of `kubectl` commands.
After deploying numerous tests in each category, the CNF Test Suite outputs flexible scoring and suggestions for remediation for each category (or one category if you chose that in the CLI), giving you practical next steps on improving your CNF to better follow cloud native best practices. It’s a powerful—and still growing—solution for the telecommunications industry to embrace the cloud native in a way that’s controllable, observable, and validated by all the expertise under the CNCF umbrella.
The Test Suite initiative will continue to work closely with the Telecom User Group (TUG) and the Cloud Native Network Function Working Group (CNF WG), collecting feedback based on real-world use cases and evolving the project. As the CNF WG publishes more recommended practices for cloud native telcos, the CNF Test Suite team will add more tests to validate each.
In fact, v0.26.0, released on February 25, 2022, includes six new workload tests, bug fixes, and improved documentation around platform tests. If you’d like to get involved and shape the future of the CNF Test Suite, there are already several ways to provide feedback or contribute code, documentation, or example CNFs:
Visit the CNF Test Suite on GitHub
Continue the conversation on Slack (#cnf-testsuite-dev)
Attend CNF Test Suite Contributor calls on Thursdays at 15:15 UTC
Join the CNF Working Group meetings on Mondays at 16:00 UTC
The CNF Test Suite is just the first exciting step in the upcoming Cloud Native Network Function (CNF) Certification Program. We’re looking forward to making the CNF Test Suite the de facto tool for network equipment providers and CNF development teams to prove—and then certify—that they’re adopting cloud native best practices in new products and services.
The wins for the telecommunications industry are clear:
Providers get verification that their cloud native applications and architectures adhere to cloud native best practices.
Their customers get verification that the cloud native services or networks they’re procuring are actually cloud native.
And they both get even better reliability, reduced risk, and lowered capital/operating costs.
We’re planning on supporting any product that runs in a certified Kubernetes environment to make sure organizations build CNFs that are compatible with any major public cloud providers or on-premises environments. We haven’t yet published the certification requirements, but they will be similar to the k8s-conformance process, where you can submit results via pull request and receive updates on your certification process over email.
As the CNF Certification Program develops, both the TUG and CNF-WG will engage with organizations that use the Test Suite heavily to make improvements and stay up-to-date on the latest cloud native best practices. We’re excited to see how the telecommunications industry evolves by adopting more cloud native principles, like loosely-coupled systems and immutability, and gathering proof of their hard work via the CNF Test Suite. That’s how we ensure a complex and essential industry makes the right next steps away toward the best technology infrastructure has to offer—without sacrificing an inch on reliability.
To take the next steps with the CNF Test Suite and prepare your organization for the upcoming CNF Certification Program, schedule a personalized CNF Test Suite demo or attend Cloud Native Telco Day, a co-located Event at KubeCon + CloudNativeCon Europe 2022 on May 16, 2022.
The post Looking Ahead: The CNF Certification Program appeared first on Linux Foundation.