The Linux Foundation

This post originally appeared on the LF Energy’s blog. LF Energy is a project at the Linux Foundation that provides a neutral, collaborative community to build the shared digital investments that will transform the world’s relationship to energy.

The energy sector is amid a huge transformation that will impact the entire world and grid operators need new innovations to match those needs.

That’s why we’re especially excited to see the recognition awarded Antonello Monti, Director of the Institute for Automation of Complex Power Systems at RWTH Aachen University and group Leader at Center for Digital Energy, Fraunhofer FIT, for his leadership with SOGNO, the “Service-based Open-source Grid automation platform for Network Operation” of the future.

Monti received the second most prestigious award given by the German government, the innovation prize of North Rhine-Westphalia. Awarded annually, this prize recognizes outstanding achievements and excellent research.

We are so proud of the work Monti, who also serves at the Technical Advisory Committee Chair for LF Energy, and Markus Mirz have undertaken. We also want to extend our congratulations to the many individuals, companies, and the European Commission who funded the original work for SOGNO (meaning “dream” in Italian).

SOGNO is an LF Energy project that is creating plug-and-play, cloud-native, micro-services to implement our next generation of data-driven monitoring and control systems. It will simplify the life of distribution utilities by enabling them to optimize their network operations through open source to deliver cost-effectively, and seamless, secure power to customers.

A breakthrough innovation is that SOGNO introduces the idea of grid automation as a modular system in which components can be added through time. This is in opposition to classical monolithic solutions, which weren’t constructed with today’s energy landscape in mind.

Today, as more renewables come onto the grid, the flow of energy moves from just one way, which was true in the past, to both ways on and off the grid.In the future, power system networks will be composed of assets whose profiles may shift between loads, resources, and the ability to provide flexibility back to the grid.

Reinforcing the current system is not sufficient to deal with the increasing complexity of distribution systems. Rather, we are at the cusp of needing deployment of advanced distribution management systems that can be implemented as centralized but even better as distributed architecture.

We reiterate our deep gratitude and support for this project, and the people and entities who’re making it happen.

Read here for more information

The post The SOGNO Project Wins Prestigious Award for Focus on Modular Grid Automation appeared first on Linux Foundation.

Open source communities are driven by a mutual interest in collaboration and sharing around a common solution. They are filled with passion and energy. As a result, today’s world is powered by open source software, powering the Internet, databases, programming languages, and so much more. It is revolutionizing industries and tackling the toughest challenges. Just check out the projects fostered here at the Linux Foundation for a peek into what is possible. 

What is the challenge? 

As the communities and the projects they support grow and mature, active community engagement to recruit, mentor, and enable an active community is critical. Organizations are now recognizing this as they are more and more dependent on open source communities. Yet, while the ethos of open source is transparency and collaboration, the tool chain to automate, visualize, analyze, and manage open source software production remains scattered, siloed, and of varying quality.

How do we address these challenges?

And now, involvement and engagement in open source communities goes beyond software developers and extends to engineers, architects, documentation writers, designers, Open Source Program Office professionals, lawyers, and more. To help everyone stay coordinated and engaged, a centralized source of information about their activities, tooling to simplify and streamline information from multiple sources, and a solution to visualize and analyze key parameters and indicators is critical. It can help: 

• Organizations wishing to better understand how to coordinate internal participation in open source and measure outcomes
• CTOs and engineering leads looking to build a cohesive open source strategy 
• Project maintainers needing to wrangle the legal and operational sides of the project
• Individual keeping track of their open source impacts

Enter the Linux Foundation’s LFX Platform – LFX operationalizes this approach, providing tools built to facilitate every aspect of open source development and empowers projects to standardize, automate, analyze, and self-manage while preserving their choice of tools and development workflows in a vendor-neutral platform.

LFX tools do not disrupt a project’s existing toolchain but rather integrate a project’s community tools and ecosystem to provide a common control plane with APIs from numerous distributed data sources and operations tools. It also adds intelligence to drive outcome-driven KPIs and utilizes a best practices-driven, vendor-agnostic tools chain. It is the place to go for active community engagement and open source activity, enabling the already powerful open source movement to be even more successful.

How does it work? 

Much of the data and information that makes up the open source universe is, not surprisingly, open to see. For instance, GitHub and GitLab both offer APIs that allow third-parties to track all activity on open projects. Social media and public chat channels, blog posts, documentation, and conference talks are also easily captured. For projects hosted at a foundation, such as the Linux Foundation, there is an opportunity to aggregate the public and semi-private data into a privacy respecting, opt-in unified data layer. 

More specifically to an organization or project, LFX is modular, extensible, and API-driven. It is pluggable and can easily integrate the data sources and tools that are already in use by organizations rather than force them to change their work processes. For instance:

• Source control software (e.g. Git, GitHub, or GitLab)
• CI/CD platforms (e.g. Jenkins, CircleCI, Travis CI, and GitHub Actions)
• Project management (e.g. Jira, GitHub Issues)
• Registries  (e.g. Docker Hub)
• Documentation  (e.g. Confluence Wiki)
• Marketing automation (e.g. social media and blogging platforms)
• Event management platforms (e.g. physical event attendance, speaking engagements, sponsorships, webinar attendance, and webinar presentations)

This holistic and configurable view of projects, organizations, foundations, and more make it much easier to understand what is happening in open source, from the most granular to the universal. 

What do real-world users think? 

Part of LFX is a community forum to ask questions, share solutions, and more. Recently, Jessica Wagantall shared about the Open Network Automation Platform (ONAP). She notes:

ONAP is part of the LF Networking umbrella and consists of 30+ components working together towards the same goal since 2017. Since then, we have faced situations where we have to evaluate if the components are getting enough support during release schedules and if we are identifying our key contributors to the project.

In this time, we have learned a lot as we grow, and we have had the chance to have tools and resources that we can rely on every step of the way. One of these tools is LFX Insights.

We rely on LFX Insights tools to guide the internal decisions and keep the project growing and the contributions flowing.

LFX Insights has become a potent tool that gives us an overview of the project as well as statistics of where our project stands and the changes that we have encountered when we evaluate release content and contribution trends.

Read Jessica’s full post for some specific examples of how LFX Insights helps her and the whole team. 

John Mertic is a seasoned open source project manager. One of his jobs currently is helping to manage the Academy Software Foundation. John shares: 

The Academy Software Foundation was formed in 2018 in partnership with the Academy of Motion Pictures Arts and Sciences to provide a vendor-neutral home for open source software in the visual effects and motion picture industries.

A challenge this industry was having was that there were many key open source projects used in the industry, such as OpenVDB, OpenColorIO, and OpenEXR, that were cornerstones to production but lacked developers and resources to maintain them. These projects were predominantly single vendor owned and led, and my experience with other open source projects in other verticals and horizontal industries causes this situation, which leads to sustainability concerns, security issues, and lack of future development and innovation.

As the project hit its 3rd anniversary in 2021, the Governing Board was wanting to assess the impact the foundation has had on increasing the sustainability of these projects. There were three primary dimensions being assessed.

• Contributor growth

• Contribution growth

• Contributor diversity

We at the LF know that seeing those metrics increasing is a good sign for a healthy, sustainable project.

Academy Software Foundation projects use LFX Insights as a tool for measuring community health. Using this tool enabled us to build some helpful charts which illustrated the impacts of being a part of the Academy Software Foundation.

We took the approach of looking at before and after data on the contributor, contribution, and contributor diversity.

Here is one of the charts that John shared. You can view all of them on his post. 

.avia-image-container.av-l4ijhe8x-49c22b374fb21496873bb00fd1a8f756 .av-image-caption-overlay-center{ color:#ffffff; }
Conclusion 

LFX will improve communication and collaboration, simplify management, surface the best projects and project leaders, and provide insightful guidance based on real data captured at scale, across the widest variety of projects ever collected into a single source of information. And it is available to you – all Linux Foundation members and projects have access to LFX. 

To learn more about what it can do for you and your organization and project(s), read our white paper (LINK), read posts in the LFX Community Forum, or just log in with your free LFID and give it a spin. And check back here on the LF Blog for more articles in the coming months on LFX – digging in deeper. 

If you would like to talk to someone at the Linux Foundation about LFX or membership, reach out to Jen Shelby at jshelby@linuxfoundation.org. 

The post One Place to Manage Your Open Source Projects and Communities appeared first on Linux Foundation.

As more and more organizations adopt open source initiatives and/or seek to mature their involvement in open source, they often face many challenges, such as educating developers on good open source practices, building policies and infrastructure, ensuring high-quality and frequent releases, engaging with developer communities, and contributing back to other projects effectively. They recognize that open source is a complex ecosystem that is a community of communities. It doesn’t follow traditional corporate rules, so guidance is needed to overcome cultural change. 

To help address these challenges and take advantage of the opportunities, organizations are turning to open source program offices (OSPOs). An OSPO is designed to be the center of competency for an organization’s open source operations and structure. This can include setting code use, distribution, selection, auditing, and other policies, as well as training developers, ensuring legal compliance, and promoting and building community engagement that benefits the organization strategically. 

The Linux Foundation’s TODO Group’s mission is to help foster the adoption and improvement of OSPOs around the world. They are a tremendous resource, with extensive guides, a new mind map, an online course, case studies, and more. Check out their resources, community, and join their efforts. 

Thanks in part to their efforts, the OSPO movement is expanding across industries and regions of all types and sizes. However, due to the wide range of responsibilities and ways to operate, OSPO professionals often find it difficult to implement OSPO best practices, policies, processes, or tools for their open source management efforts.

To help people with these challenges, the TODO Group is introducing a new framework for in-person OSPO workshops. The framework is publicly available in ospology. This repo encapsulates a set of open initiatives (including an OSPO Mind Map 2.0, virtual global & regional meetings, an OSPO discussion forum, monthly OSPO News, and now, in-person workshops) to work in collaboration that aims to study and discuss the status of OSPOs and, ultimately, make them even more effective. 

TODO is piloting these in Europe first, and they are currently seeking collaborators to bring together the various communities involved in OSPO-specific topics and help organizations effectively implement OSPO Programs based on the specific needs for the region.

Backing up a bit, let’s look at the OSPOlogy.live framework. 

OSPOlogy.live framework in a nutshell

• Follows an “unconference style,” meaning it’s a participants-driven meeting
• Adheres to the Chatham House Rule in order to share openly and learn from each other 
• Connects OSPOs with various open source communities involved in the open source activities that matter to them (e.g. policies, tooling, standards, and community building)
• Takes place over two days and is an in-person event
• Consists of prepared presentations, hands-on workshops, and space for networking
• Falls under the Linux Foundation’s policies and code of conduct
• Held at a location provided by one of the participants for free
• Each participant pays for their own food, travel, and lodging. Meals may be free if workshop organizers find sponsors.
• Participants can register their interest to receive an invite via Linux Foundation’s community platform as seats are limited.

With that overview, let’s dig in a little on how the workshop is conducted.

Unconference style

Typically at an unconference, the agenda of the workshop portion is created by the attendees at the beginning of the meeting. Anyone who wants to initiate a discussion on a topic can claim a time and a space. OSPOlogy workshops are not fully an unconference as the first day is a series of prepared presentations, so you know what the sessions are before joining (1 or 2 will be chosen by the participants ahead of time). For Day 2, the workshops follow the unconference model. Participants vote on topics to be worked on that day. Participants may be asked to submit their topic before the workshop to accelerate/simplify the voting process.

Suggested workshop sections

• OSPO USE CASES Expert-led panels or talks to share experiences and case studies from specific OSPOs
• OSPO ACCELERATORS Presentation highlighting a specific activity within the specific project, such as outcomes of recent community activities. The aim of the presentation is to give people insights on various topics the communities are working on and get their feedback / to ask for contributions.
• SHARED CHALLENGES ASSESSMENT Description: Identify OSPO shared challenges / pain points on the OSPO Mind Map 2.0 and let the audience vote for the areas of interest (working groups) for the workshop breakout groups. For instance, focus areas can be specific activities within OSPO responsibilities.
• BREAK OUT SESSIONS Define goals and identify pain points. Each break out group aims to capture their challenges for the selected focus and if possible document their experiences/solutions.
• NETWORKING

Interested in becoming a collaborator?

We can’t do this alone! If you are part of an open source community involved in OSPO-specific topics or an organization willing to help with the workshop planning, schedule and/or provide a space to kick off the first meet-up in Europe, we need your help! Please contact:

• Ana Jimenez ana@todogroup.org
• Thomas Steenbergen opensource@steenbe.nl

And check out the FAQs below. 

Don’t live in Europe? Pencil us in for when this is expanded. 

Not involved in an OSPO yet? Take time to check out the TODO Group and join the community to start your OSPOlogy journey.

Also, consider joining OSPONCon North America next week, June 21-24, 2022, either in Austin, Texas during the Open Source Summit or virtually. Register here.

Frequently Asked Questions What do we mean by communities involved in OSPO-specific topics?

OSPO-specific topics range from safely using open source to license compliance, sustainability, contributing back to the community, and more. For the full list of OSPO topics please see https://ospomindmap.todogroup.org/:

• Develop and Execute Open Source Strategy
• Oversee Open Source Compliance
• Establish and Improve Open Source Policies and Processes
• Prioritize and Drive Open Source Upstream Development
• Collaborate with Open Source Organizations
• Track Performance Metrics
• Implement InnerSource Practices
• Grow and Retain Open Source Talent Inside the Organization
• Give Advice on Open Source
• Manage Open Source IT Infrastructure

Some examples of OS communities highly involved in these topics are:

• OpenChain
• SPDX
• CHAOSS
• OpenSSF
• InnerSource Commons

What are the necessary roles to set up an OSPOlogy.live workshop?

There are two ways in which you can play your part in OSPOlogy.live set up: (1) the hosting party who makes available a meeting room; and, (2) the workshop organizer/facilitator in charge of workshop activities and planning. (1) and (2) may be the same entity/individual. Further details can be found in the framework documentation. 

Where can I register for the next OSPOlogy.live?

Efforts are already on the way to organize the OSPOlogy workshops in different European countries each quarter. Once collaborators and days are confirmed, registration details and schedules will be published via the OSPOlogy community platform.

For further updates, please subscribe to OSPONewsletter and join the TODO community.

The post A New Framework for In-Person OSPO Workshops: TODO Group Seeks Collaborators appeared first on Linux Foundation.

Software Bill of Materials (SBOMs) are like ingredient labels on food. They are critical to keep consumers safe and healthy, they are somewhat standardized, but it is a lot more exciting to grow or make the food rather than the label. 

What is an SBOM?

What is an SBOM? In short, it is a way to tell another party all of the software that is used in the stack that makes up an application. One benefit of having a SBOM is you know what is in there when a vulnerability comes up. You can easily determine if you are vulnerable and where. 

As modern software is built utilizing a base of software already written (no sense in recreating the wheel), it is important that all of the components don’t get lost in the shuffle. It isn’t readily apparent what a particular piece of software utilizes. So, if a vulnerability for Software A arises, you need to know, do I have that piece of software somewhere in my ecosystem, and, if so, where. Then you can remediate if you need to.

I can’t take credit for the food label analogy used in my introduction. I heard it from Allan Friedman, a Senior Advisor and Strategist at the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and a key SBOM advocate, when he presented about SBOMs at the RSA Conference 2022 with Kate Stewart, the VP of Dependable Embedded Systems here at the Linux Foundation. Allan made the point that food labels only provide information. The consumer needs to read and understand them and take appropriate action. For instance, if they are allergic to peanuts, they can look at an ingredient label and determine if they can safely eat the food. 

SBOMs are similar – they tell a person what software is used as an “ingredient” so someone can determine if they need to take action if a vulnerability arises. It isn’t a silver bullet, but it is a vital tool. Without SBOMs no one can track what component “ingredients” are in their software applications.

SBOMs and the Software Supply Chain

Supply chains are impacting our lives more than just restricting availability of consumer goods. Software supply chains are immensely more complicated now as software is built with pre-existing components. This makes software better, more effective, more powerful, etc. But it also introduces risk as more and more parties touch a particular piece of software. Much like our world has become so interdependent, so has our software. 

Understanding what is in the supply chain for our software helps us effectively secure it. When a new risk emerges, we know what we need to do. 

SBOMs and Software Security

SBOMs are increasingly being recognized as an important pillar in any comprehensive software security plan. A global survey conducted in 2021 Q3 by the Linux Foundation found that 78% of organizations responding plan to use SBOMs in 2022. Additionally, the recently published Open Source Software Security Mobilization Plan recommends SBOMs be universal and the U.S. Executive Order on Improving the Nation’s Cybersecurity requires SBOMs be provided for software purchased by the U.S. government. And, as Allan points out in his talk, “We buy everything.” The E.O. actually lays out a nice summary of SBOMs and their benefits: 

The term “Software Bill of Materials” or “SBOM” means a formal record containing the details and supply chain relationships of various components used in building software.  Software developers and vendors often create products by assembling existing open source and commercial software components.  The SBOM enumerates these components in a product.  It is analogous to a list of ingredients on food packaging.  An SBOM is useful to those who develop or manufacture software, those who select or purchase software, and those who operate software.  Developers often use available open source and third-party software components to create a product; an SBOM allows the builder to make sure those components are up to date and to respond quickly to new vulnerabilities.  Buyers can use an SBOM to perform vulnerability or license analysis, both of which can be used to evaluate risk in a product.  Those who operate software can use SBOMs to quickly and easily determine whether they are at potential risk of a newly discovered vulnerability.   A widely used, machine-readable SBOM format allows for greater benefits through automation and tool integration.  The SBOMs gain greater value when collectively stored in a repository that can be easily queried by other applications and systems.  Understanding the supply chain of software, obtaining an SBOM, and using it to analyze known vulnerabilities are crucial in managing risk.

Allan and Kate spent time in their talk going into the current state of SBOMs, challenges, benefits, tools available for creating and sharing SBOMs, what is a minimum SBOM, standards being developed, making them fully automated, and more. Look for some future LF Blog posts digging into these. 

But there are things you can do now. 

What can you and your organization do now?

Allan and Kate laid out several things you and your organization can do, starting now. Starting within your organization: 

Next week: Understand origins of software your organization is using

• Commercial: can you ask for an SBOM?
• Open source: do you have an SBOM for the binary or sources you’re importing? 

Three months: Understand what SBOMs your customers will require

• Expectations: which standards, dependency depth, licensing info?

Six months: Prototype and deploy

• Implement SBOM through using an OSS tool and/or starting a conversation with vendor

And participate in ongoing discussions to determine best practices for the ecosystem and contribute to open source project any code developed to support SBOMs.  But there are also steps you can take as an individual: Next week: Start playing with an open source SBOM tool and apply it to a repo

Three months: Have an SBOM strategy that explicitly identifies tooling needs

Six months: 

• Begin SBOM implementation through using an OSS tool or starting a conversation with vendor
• Participate in a plugfest and try to consume another’s SBOM

And make sure to share any open source and commercial tools you find helpful and work with the tools to help harden them, test and report bugs, and push them to scale. How can you shape the future of SBOMs?

First, I want to highlight some upcoming opportunities they shared to help shape the future of SBOMs. CISA is running public Tooling & Implementation work stream discussions in July 2022. They are the same, but occur at different times to help accommodate more time zones: 

• July 13, 2022 – 3:00-4:30 PM ET
• July 21, 2022 – 9:30-11:00 AM ET 

If you want to participate, please email SBOM@cisa.dhs.gov. 

Additionally, there will be “plugfests” to be announced soon, and they suggested organizations already adopting SBOMs publish case studies and reference tooling workflows to help others. 

Conclusion

SBOMs are here to stay. If you aren’t already, get on the train now. It is pulling out of the station, but you still have an opportunity to help shape where it is going and how well the journey goes. 

Allan’s and Kate’s slides are available here. If you registered to attend the RSA Conference, you can now watch their full presentation on demand here.

The Software Package Data ExchangeⓇ (SPDXⓇ)

The Linux Foundation hosts SPDX, which is an open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. SPDX reduces redundant work by providing a common format for companies and communities to share important data, thereby streamlining and improving compliance. The SPDX specification is an international open standard (ISO/IEC 5962:2021). Learn more at spdx.dev. 

The post SBOM – SB Doesn’t Stand for Silver Bullet appeared first on Linux Foundation.

O3D community building a first-class, open-source 3D engine to advance development across gaming, the metaverse, and a variety of other applications

SAN FRANCISCO – June 15, 2022 – The Open 3D Foundation (O3DF), the home of a vibrant community focused on advancing the future of open 3D development, announces its growing ecosystem with the addition of LightSpeed Studios as a Premier member alongside Adobe, AWS, Huawei, Intel, Microsoft and Niantic.

Today’s top-quality 3D engines are as complex as operating systems, requiring significant time, cost, and human capital investments to keep pace with advancements. Open source has repeatedly proven to be the path to quickest innovation. The Open 3D Engine (O3DE) offers a high-fidelity, fully-featured, open source alternative poised to revolutionize real-time 3D development across a variety of industries—from game development, the metaverse, AI and digital twin, to automotive, healthcare, robotics and more.

As a Premier member, LightSpeed Studios will bring its leadership and wealth of experience in global research and development of high-quality games to help drive the development of O3DE’s specifications and initiatives. Tencent Senior Project Manager, Lanye Wang, will join the Open 3D Foundation’s Governing Board, helping shape the Foundation’s strategic direction and its stewardship of 3D visualization and simulation projects. 

“We are very excited to join the Open 3D Foundation, especially for the opportunity to leverage the connection with all of the other members to dive deep into the graphic technologies and build a top-level open source 3D engine community,” said Lanye Wang, representing LightSpeed Studios. “We look forward to working with you.”

LightSpeed Studios is one of the world’s most innovative and successful game developers, with teams around the world. Founded in 2008, LightSpeed Studios has created over 50 games across multiple platforms and genres for over 4 billion registered users. Comprised of passionate players who advance the art and science of game development through great stories, great gameplay and advanced technology, LightSpeed Studios is focused on bringing next-generation experiences to gamers who want to enjoy them anywhere, anytime across multiple genres and devices.

“It has been amazing to see the rapid growth of the O3D ecosystem, and we’re elated to welcome LightSpeed Studios to our community,” said Royal O’Brien, Executive Director of Open 3D Foundation and General Manager of Games and Digital Media at the Linux Foundation. “LightSpeed Studios has achieved a strong reputation as a leading global game developer, offering high-quality gaming experiences to hundreds of millions of users worldwide, and we are excited to collaborate with them as we enhance O3DE’s capabilities for global 3D developers.”

A Growing Community

LightSpeed Studios is one of 25 member companies since the public announcement of the Open 3D Foundation in July 2021. Other premier members include Adobe, AWS, Huawei, Intel, Microsoft and Niantic.

In May, O3DE announced its latest release, focused on performance, stability and usability enhancements. With over 1,460 code merges, this new release offers several improvements aimed to make it easier to build 3D simulations for AAA games and a range of other applications. Significant enhancements include core stability, installer validation, motion matching, user-defined property (UDP) support for the asset pipeline, and automated testing advancements. The O3D Engine community is very active, averaging up to 2 million line changes and 350-450 commits monthly from 60-100 authors across 41 repos.

Where to See the O3D Engine Next

On October 17-19, the Open 3D Foundation will host O3Dcon, its flagship conference, bringing together technology leaders, indie and independent 3D developers, and the academic community to share ideas, discuss hot topics and foster the future of 3D development across a variety of industries and disciplines. For those interested in sponsoring this event, please contact sponsorships@linuxfoundation.org. 

Anyone interested in the O3D Engine is invited to get involved and connect with the community on Discord.com/invite/o3de and GitHub.com/o3de. 

About the Open 3D Engine (O3DE) project

O3D Engine is the flagship project managed by the Open 3D (O3D) Foundation. The open-source project is a modular, cross-platform 3D engine built to power anything from AAA games to cinema-quality 3D worlds to high-fidelity simulations. The code is hosted on GitHub under the Apache 2.0 license. To learn more, please visit o3de.org.

About the Open 3D Foundation

Established in July 2021, the mission of the Open 3D Foundation (O3DF) is to make an open-source, fully-featured, high-fidelity, real-time 3D engine for building games and simulations, available to every industry. The Open 3D Foundation is home to the O3D Engine project. To learn more, please visit o3d.foundation.

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Media Inquiries:

pr@o3d.foundation

# # #

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

The post LightSpeed Studios Joins the Open 3D Foundation as a Premier Member to Further the Vast Potential of the 3D Ecosystem appeared first on Linux Foundation.

A brief about my experience with the Linux Foundation Mentorship. The post originally appeared on deprov477’s blog. The author, Anubhav Choudhary, particpated in the Linux Foundation’s Mentorship Program in 2022. The program is designed to help developers — many of whom are first-time open source contributors — with necessary skills and resources to learn, experiment, and contribute effectively to open source communities. By participating in a mentorship program, mentees have the opportunity to learn from experienced open source contributors as a segue to get internship and job opportunities upon graduation. If you are interested, we invite you to learn more and apply today here.

Hi everyone, I recently completed my LFX Mentorship project. I was a mentee for the LFXM summer term of 2022 at Pixie, a CNCF sandbox project donated by The New Relic.

In this blog, I will be sharing my experience of mentorship. (TLDR; just awesome, one-of-a-kind experience <3)

If you’re also applying for this (which every open-source newbie should), or have a doubt, feel free to drop me a message. I’d be more than happy to help.

What is LFX Mentorship?

Let’s start this by knowing about The Linux Foundation. The Linux Foundation (LF) is a non-profit organization, that standardizes the development of the Linux kernel and also promotes open source projects such as Kubernetes, GraphQL, Hyperledger, RISC-V, Xen project, etc.

The Linux Foundation Mentorship is a program run by LF, which helps developers with the necessary skills and resources to learn and contribute to open source projects, through 3 or 6 months of internship. During this period, the mentee is guided through the development workflow and methodologies used by open source organizations, through a project.

Selection procedure

I’ve been involved in open source for some time and have been applying for the mentorship, but got rejected every time.

This time also I was going through the projects and found a particularly interesting project. It was about parsing a protocol. This took my eye as at that time I was learning networking and experimenting a lot with communications. So naturally, I got interested. After reading the project details, I went to the project’s slack channel to find a mentor. Omid, one of Pixie’s founding engineers, was kind enough to reply to my message and asked for a quick call.

I talked to him and told him about my interest and how I made a preliminary Mongo wire protocol parser using Node.js as preparation. He seemed satisfied with this and told me about further steps and time commitment.

Other formalities included submitting a cover letter, and my resume.

A few days later got this:

Finally, after applying so many times, got selected !!!

Month 1

Started, and was introduced to my mentor Yaxiong Zhao, another founding engineer at Pixie. He told me about what we were going to do in the next 3 months. He demoed me the Pixie UI and explained to me the working of it, and how pixie catches packets (hint: eBPF). And then sent me the AMQP spec sheet, and how it needs to be implemented using C++.

Yes, the protocol changed from Mongo to AMQP, and the language from Node.js to C++. But I guess a very important survival quality of industry is being flexible.

So, in the first month, I got a theoretical knowledge about AMQP wire spec and experimented with it by deploying a local RabbitMQ server, and monitoring packets using Wireshark. My mentor also tried helping me build Pixie on my local machine, but we failed, even after switching distros. At last, we were able to set up my dev environment inside a container.

…quite a month

Month 2

In the first half of this month, I continued my research on AMQP (apparently implementing a protocol required a lot of extensive reading) and found analogies of it with protocols I was already familiar with, and kept on manually experimenting with packet translation.

3rd week of the month, It was finally time for me to start writing some code. Okay, so this was the difficult part. Having very limited knowledge of C++, continued forward. But my mentor was being an angel at this point, very patiently explaining to me, and pointing me in the right direction, making me understand every lex required. I started with implementing a data structure for storing and creating relations between packets. After some effort, finally got my PR merged.

Month 3

Continuing my code work, I started building a parser code. Yaxiong was very patient and helpful during this time, sending me blogs, and guides and explaining to me every little doubt I had. Thanks to him I was able to finally submit my preliminary code for parsing the code.

And a final thing for this was to write tests. Learned google’s C++ testing library. Wrote code, pushed.

Concluding the program

Like every good thing, this also came to an end. 12 weeks just fly by — faster than you can think — The program opened up a new world of open source and got me introduced to a lot of professional tools and etiquette. I appreciate the time and efforts my mentor put into this program.

Completing this internship was a dream come true, dodging tonnes of problems: internet, college, placement preparation, exams, everything. At many points in the internship, I was very certain I won’t be able to complete the project. but:

At some point, everything’s gonna go south on you… everything’s going to go south and you’re going to say, this is it. This is how I end. Now you can either accept that, or you can get to work. That’s all it is. You just begin. You do the math. You solve one problem… and you solve the next one… and then the next. And If you solve enough problems, you get to come home.

— Tail ender, The Martian.

The post LFX Mentorship for Me appeared first on Linux Foundation.

The article by Srikrishna ‘Kris’ Sharma with Canonical originally appeared in the FINOS Project’s Community Blog. It is another example of enterprises open sourcing their code so that they can “collectively solve common problems so they can separately innovate and differentiate on top of the common baseline.” Read more about Why Do Enterprises Use and Contribute to Open Source Software.

Orchestrating Legend with Juju

Goldman Sachs open sourced the code and contributed its internally developed Legend data management platform into FINOS in October 2020.  Legend provides an end-to-end data platform experience covering the full data lifecycle. It encompasses a suite of data management and governance components known as the Legend Platform. Legend enables breaking down silos and building a critical bridge over the historical divide between business and engineering, allowing companies to build data-driven applications and insightful business intelligence dashboards.

Accelerate FINOS Open Source Project Adoption

Ease and speed of deployment enables innovation and lowers the barrier of entry to open source consumption and contribution. Engineering experience is about leveraging software ops automation to demonstrate impact of an open source project to the community. An awesome engineering experience is more often required to enable wider adoption and contribution to an open source project.

Over the last few months, Canonical has been working closely with FINOS and its community members to offer a consistent way to deploy and manage enterprise applications using Juju and Charmed Operators with a focus on Day 2 operations. The idea is to provide a software ops automation framework and toolkit that enables the DevOps teams at financial institutions to realise the benefits of rapid deployment/ testing and application management using a platform that is 100% open source, vendor-agnostic and hybrid-multi-cloud ready.

What is Juju and Charmed Operator? Charmed Operator:

A charmed operator (also known, more simply, as a “charm”) encapsulates a single application and all the code and know-how it takes to operate it, such as how to combine and work with other related applications or how to upgrade it. Charms are programmed to understand a single application, its operations, and its potential to integrate with other applications. A charm defines and enables the channels by which applications connect. Hundreds of charms are available at charmhub.io.

Juju Operator Lifecycle Manager (OLM) is a hybrid-cloud application management and orchestration system for installation and day 2 operations. It helps deploy, configure, scale, integrate, maintain, and manage Kubernetes native, container-native and VM-native applications—and the relations between them.

Juju allows anyone to deploy and operate charmed operators (charms) in any cloud–including Kubernetes, VMs and Metal. Charms encapsulate the application plus deployment and operations knowledge into one single reusable artefact. Juju manages the lifecycle of applications and infrastructure stacks from cloud to the edge. Juju is cloud-vendor agnostic and hybrid-multi-cloud by nature: it can manage the lifecycle of applications in public clouds, private clouds, or on bare metal. Once bootstrapped, Juju will offer the same deployment and operations experience regardless of the cloud vendor.

The Legend Charm Bundle

In the spirit of providing an enterprise-grade automated deployment and maintenance experience to FINOS members, Canonical created a charmed bundle for Legend and contributed it to FINOS.

The Legend Charm Bundle provides a simple, efficient and enterprise-ready way to deploy and orchestrate a Legend instance in various environments across the CI/CD pipeline, from developer’s workstation to production environment. The bundle includes several Charmed Operators, one for each Legend component.

Why a Legend Charm Bundle?

1. A simple way to evaluate Legend
   One can spin up a Legend environment from scratch using one single command juju deploy finos-legend-bundle
2. An intuitive approach (for banks and other financial institutions) to spin up production environments
3. Provides orchestration capabilities, not only deployment scripting
4. Easily plugs into Legend release lifecycle and simplifies Legend FINOS instance maintenance

The Legend charm documentation resides on finos/legend-integration-juju github repository and here is the link to related repositories.multiple components.

Detailed instructions are available for local and cloud installations if you would like to spin up your own Legend instance within a few mins and start using Legend either locally or on AWS EKS.

• Local installation 
• AWS EKS installation 

The post Juju and Charmed Operators Accelerating FINOS Open Source Projects Adoption appeared first on Linux Foundation.

In open source communities, we meet people every day.  We probably know their current role and responsibilities, but we don’t always have perspective on the history, education, and career path that made them who they are.  These are some of the untold stories of open source.  

At the Linux Foundation, we’re a couple of weeks away from launching a new podcast series, The Untold Stories of Open Source.  For our blog readers, you’re getting a sneak peek into a few of the stories that will kick off our series.  Today, we’ll share perspectives from episode 1, Priyanka Sharma.

After Graduating

Priyanka Sharma is an evangelist for the power of community in open source. Okay, she is much more than that, and we will get to that in a bit, but her passion and what drives all of her other successes in open source is the power of an inclusive, supportive community. 

Priyanka didn’t begin in open source. After graduating from Stanford University in 2009 with a degree in computer science, she started her career at Google in the online partnership group, where she was a technical consultant onboarding new Doubleclick clients and acted as an interim project manager for internal insights tools. Following Google, she held roles at Outright and GoDaddy, including integrating the Outright product into the GoDaddy sales catalog.  However, she was bitten by the build-a-business bug years earlier. In 2014, she gathered up some ideas and funding, experimenting with consumer products, but nothing was sticking. 

A Road to TechCrunch Disrupt

She realized that her business partner had built a time-tracking app for himself that was geared towards software developers. It was plugin based, so you could put it into your IDE and have time tracking at your fingertips. After all, who wants to track time, so the easier you make it, the better. 

All of the plugins were open source – introducing her to the world that she was about to live in. She noticed how people were drawn to the plugins, customizing them to work better for what they needed. She thought, “Maybe this is what we should focus on.” So, with a path she couldn’t have seen coming, she ended up getting into developer tools. The plugins were eventually used by 100,000 developers, featured by TechCruch Disrupt, and chosen by Y-Combinator. 

Setting Out on Her Own

But, as she says, “All that glitters isn’t gold.” There were challenges every day as with any startup, from fundraising to public visibility. Getting into Y-Combinator was a pivotal moment, forcing the team to come to terms with what it would take to work together to make a real commitment to the project together, as a team. 

Priyanka thought back to that time, “I think you can overcome anything when you are part of a team when you jive with each other, where everyone is aligned on the final outcome. When that is not the case, it is very tricky because everyone is going towards different goals. That is the meta issue that led us to go our different ways.” 

Now out on her own, she realized that there were not many people who understood marketing developer tools or a go-to-market strategy for developer tools. So, she began working with Heavybit, an accelerator and incubator for developer products. “They really took me in and gave me opportunities to help their portfolio companies.” Her work helped Rainforest QA, Lightstep, LaunchDarkly, and Postman API. 

Reflecting on Ben’s Approach

She ended up joining the Lightstep team because she saw not only the value of their reputation, but was drawn to the top-notch team and what they could teach her. Part of the draw was Dapper, a tool built at Google to provide developers with a distributed tracing system exploring the behavior of complex distributed systems. Dapper sparked many tools that weren’t anticipated by its initial developers. Ben Sigelman, co-creator of Dapper and the OpenTracing and OpenTelemetry projects, now part of the Cloud Native Computing Foundation (CNCF). “Ben’s approach was very much as an educator. There are lots of experts out there, but if they aren’t interested in teaching, I don’t get any value in it.” 

As the second hire at Lightstep, she had a variety of roles, including developer relations, marketing, documentation, and more. 

The initial focus of the company was on OpenTracing. They initially were an independent open source project, but they eventually decided to join the Cloud Native Computing Foundation to give them more firepower than “us by ourselves.” 

Now, between her startup and Lightstep, she heard more and more about open source. She was drawn to the value placed on creation and collaboration. 

Evolving to Cloud Native

Priyanka attributes the growth of cloud native to the fact that the core group welcomed everyone. You can see that in person at KubeCon + CloudNativeCon, the largest open source events in the world. She recalls how nervous she was going to her first Kube Con, feeling out of her element, but as soon as she walked through the doors, everyone was so welcoming and inclusive. 

Dan Kohn built CNCF into one of the most successful open source foundations in the world in large part because it was built on being an open and welcoming community. Priyanka recalls, “Dan baked DEI into everything at CNCF from day one. . . He set the example and put it into the structure.” 

Priyanka felt welcomed into the community and began asking for opportunities to participate. Sometimes the answer was yes, sometimes it was no thank you. But she still felt she had the support of the community. She had a sense of belonging for the first time in her career. 

In 2018, she joined GitLab as director of technical evangelism, where she formed the technical thought leadership team. She was also in charge of cloud native alliances. At the urging of her boss at GitLab, she put her name forward to be elected to the CNCF Board of Directors. 

While on the CNCF Board, she was energized by several other women on the Board. She said they set the bar high with a focus on the project’s good at all times. 

Fast forward. Now, Priyanka is the general manager of the CNCF, leading one of open source’s largest and most effective foundations. 

Seeking More Insight

You can listen to the full episode with her story on the Untold Stories of Open Source podcast and hear about the power of the CNCF community and its impact. 

The Untold Stories of Open Source is a new podcast from the Linux Foundation to share the stories behind those in open source. Take time to listen to all of the episodes and let us know what you think (or if you have suggestions of stories to be told). Look for the formal launch at Open Source Summit North America and OpenSSF Day on June 20, 2022. 

There are thousands of incredible open source stories to share and we’re looking forward to bringing more of them your way.  If you like what you hear, we encourage you to add the series to your playlist.  

For those seeking even more open source stories from across the Linux Foundation and the communities we serve, you might start with some of the other storytelling pioneers including: Open Source Stories, , FinOpsPod, I am a Mainframer, and The Changelog.  As we grow deeper roots in the podcasting arena, we’ll introduce more news about a network of open source podcasts.

Have even more time? Feedspot recently covered an additional 40 Open Source Podcasts worth listening to on your morning walk or commute home from the office.

The post Untold Stories of Open Source: Priyanka Sharma appeared first on Linux Foundation.

There are some universal truths about open source software (OSS). It has revolutionized our world and become the foundation of our digital society, the backbone of our digital economy, and the basis of our digital existence. Every household and enterprise brand name in technology is built upon it, whether that name is Alexa or Android, Azure, or AWS. 

Open source software has played a significant part in everything from the internet and mobile apps we use every day to operating systems and programming languages used to construct the future. Even the systems we traditionally think of as being closed, such as Microsoft Windows and Apple’s Mac and iPhone, are developed using open source software.

Just as a powerful current drives the arteries of a river, open source software is the force that propels our digital economy and allows for scientific and technological advancements that benefit our lives. 

But only a few decades ago, few people had even heard of open source software, and it was limited to a small group of enthusiastic devotees. Yet the concept of free and open source software (FOSS) has been around a long time, going back to the early days of the user communities for IBM mainframes and academic institutions. FOSS is software that anyone can use, study, modify, and distribute without restriction. The term “open source” was coined to describe this type of software, and the concept was formalized with the launch of the Open Source Initiative (OSI) in 1998.

Organizations involved in building products or services involving software, regardless of their specific industry or sector, are likely to adopt OSS and contribute to open source projects deemed critical to their products and services. Organizations are creating open source program offices (OSPOs) to manage their open source activities, from adopting OSS and compliance with applicable licenses to participating in open standards and foundations. 

Many new industries and thousands of businesses have joined the open source revolution. Those organizations that chose a deliberate OSS strategy, incorporating best practices,  methods, and engineering processes, emerged as leaders in their industries or verticals for open source initiatives.

And yet, many organizations have not embraced open source at all. Some see it as a risky undertaking, lacking a strategy to move forward, needing pathways to see the value proposition of free and open source software, and requiring migration from a risk point of view to a value point of view. In addition to challenges with open source consumption, many organizations prohibit their employees from open source contributions either on their behalf or personally in the employee’s spare time.

To help guide organizations through their own open source journeys, Ibrahim Haddad, Ph.D., Executive Director of LF AI & Data, has written a report that offers a practical and systematic approach to establishing an OSS strategy, which includes developing an implementation plan and accelerating an organization’s open source efforts. 

The past two decades have been critical for open source software in enterprise engagement and adoption. The challenge for organizations is their transition from ad hoc and incidental adoption to open source value delivered back to the business using a strategic and planned methodology. This report delivers on the promise of helping enterprises establish an open source strategy, develop and execute an implementation plan, and accelerate their open source efforts to support their business goals. 

Ibrahim Haddad, Ph.D.

This research is a collection of learnings and best practices that Dr. Haddad has developed, collaborating with the LF AI & Data community members who have pursued their own open source journeys for years.

Effective organizations have guided their open source usage through strategy, honed over time with communities such as LF AI & Data and the TODO Group to guide their ongoing use of OSS and their engagement with the open source ecosystem.

This report helps to address the fears of transitioning to open source and explore the many opportunities it offers by covering the following topics:

• The business case for open source software
• How to develop an open source strategy
• Creating an open source program office
• Implementing an open source strategy
• Measuring success with open source
• Best practices for organizational involvement in open source projects

Download Research

The post A Guide to Enterprise Open Source: Why Your Organization Needs It Now appeared first on Linux Foundation.

When people find out I work at the Linux Foundation they invariably ask what we do? Sometimes it is couched around the question, As in the Linux operating system? I explain open source software and try to capture the worldwide impact into 20 seconds before I lose their attention. If they happen to stick around for more, we often dig into the question, Why would enterprises want to participate in open source software projects or use open source software? The reality is – they do, whether they know it or not. And the reality is thousands of companies donate their code to open source projects and invest time and resources helping to further develop and improve open source software.

How extensively used is open source software

To quote from our recently released report, A Guide to Enterprise Open Source, “Open source software (OSS) has transformed our world and become the backbone of our digital economy and the foundation of our digital world. From the Internet and the mobile apps we use daily to the operating systems and programming languages we use to build the future, OSS has played a vital role. It is the lifeblood of the technology industry. Today, OSS powers the digital economy and enables scientific and technological breakthroughs that improve our lives. It’s in our phones, our cars, our airplanes, our homes, our businesses, and our governments. But just over two decades ago, few people had ever heard of OSS, and its use was limited to a small group of dedicated enthusiasts.”

Open source software (OSS) has transformed our world and become the backbone of our digital economy and the foundation of our digital world.

But what does this look like practically:

• In vertical software stacks across industries, open source penetration ranges from 20 to 85 percent of the overall software used
• Linux fuels 90%+ of web servers and Internet-connected devices
• The Android mobile operating system is built on the Linux kernel
• Immensely popular libraries and tools to build web applications, such as: AMP, Appium, Dojo, jQuery, Marko, Node.js and so many more are open source
• The world’s top 100 supercomputers run Linux
• 100% of mainframe customers use Linux
• The major cloud-service providers – AWS, Google, and Microsoft – all utilize open-source software to run their services and host open-source solutions delivered through the cloud

Why do companies want to participate in open source software projects

Companies primarily participate in open source software projects in three ways:

1. They donate software they created to the open source community
2. They provide direct funding and/or allocate software developers and other staff to contribute to open source software projects

The question often asked is, why wouldn’t they want to keep all of their software proprietary or only task their employees to work on their proprietary software?

The 30,000-foot answer is that it is about organizations coming together to collectively solve common problems so they can separately innovate and differentiate on top of the common baseline. They see that they are better off pooling resources to make the baseline better. Sometimes it is called “coopetition.” It generally means that while companies may be in competition with each other in certain areas, they can still cooperate on others.

It is about organizations coming together to collectively solve common problems so they can separately innovate and differentiate

Some old-school examples of this principle:

• Railroads agreed on a common track size and build so they can all utilize the same lines and equipment was interchangeable
• Before digital cameras, companies innovated and differentiated on film and cameras, but they all agreed on the spacing for the sprockets to advance the film
• The entertainment industry united around the VHS and Blu-Ray formats over their rivals

Now, we see companies, organizations, and individuals coming together to solve problems while simultaneously improving their businesses and products:

• Let’s Encrypt is a free, automated, and open certificate authority with the goal of dramatically increasing the use of secure web protocols by making it much easier and less expensive to setup. They are serving 225+ million websites, issuing ~1.5 million certificates each day on average.
• The Academy Software Foundation creates value in the film industry through collectively engineering software that powers much of the entertainment, gaming, and media industry productions and open standards needed for growth.
• The Hyperledger Foundation hosts enterprise-grade blockchain software projects, notably using significantly fewer energy resources than other popular solutions.
• LF Energy is making the electric grid more modular, interoperable, and scalable to help increase the use of renewable energy sources
• Dronecode is enabling the development of drone software so companies can use their resources to innovate further
• OpenSSF is the top technology companies coming together to strengthen the security and resiliency of open source software
• Kubernetes was donated by Google and is the go-to solution for managing cloud-based software

These are just a small sampling of the open source software projects that enterprises are participating in. You can explore all of the ones hosted at the Linux Foundation here.

How can companies effectively use and participate in open source software projects?

Enterprises looking to better utilize and participate in open source projects can look to the Linux Foundation’s resources to help. Much of what organizations need to know is provided in the just-published report, A Guide to Enterprise Open Source. The report is packed with information and insights from open source leaders at top companies with decades of combined experience. It includes chapters on these topics:

• Leveraging Open Source Software
• Preparing the Enterprise for Open Source
• Developing an Open Source Strategy
• Setting Up Your Infrastructure for Implementation
• Setting Up Your Talent for Success
• Challenges

Additionally, the Linux Foundation offers many open source training courses, events throughout the year, the LFX Platform, and hosts projects that help organizations manage open source utilization and participation, such as:

• The TODO Group provides resources to setup and run an open source program office, including their extensive guides
• The Openchain Project maintains an international standard for sharing what software package licenses are included in a larger package, including information on the various licensing requirements so enterprises can ensure they are complying with all of the legal requirements
• The FinOps Foundation is fostering an, “evolving cloud financial management discipline and cultural practice that enables organizations to get maximum business value by helping engineering, finance, technology, and business teams to collaborate on data-driven spending decisions.”
• The Software Data Package Exchange (SPDX) is an open standard for communication software bill of materials (SBOMs) so it is clear to every user which pieces of software are included in the overall package.

Again, this is just a snippet of the projects at the Linux Foundation that are working to help organizations adapt, utilize, contribute, and donate open source projects.

The bottom line: Enterprises are increasingly turning to open source software projects to solve common problems and innovate beyond the baseline, and the Linux Foundation is here to help.

The post Why Do Enterprises Use and Contribute to Open Source Software appeared first on Linux Foundation.

This article originally appeared on the Open Mainframe Project’s blog. The author, John Mertic, is Director of Program Management at The Linux Foundation. 

One of the big things I celebrate about open source is the vast diversity of individuals that come together to build amazing technologies. A core belief that I have – and also that those at the Linux Foundation share – is that a diverse group of people coming together brings better outcomes, bigger innovations, and a more sustainable project. We at the Open Mainframe Project are truly fortunate to have such a global and diverse community, and with our hosted projects and working groups thriving, we see the impact of that diverse collaborative effort.

As many of you know, three of my children come from an Asian background – South Korea and China. I’ve shared in the past the joy they bring my wife and me, as well as those around us, but also the challenges and struggles of growing up in a culture different from where they were born.

Nowadays though, I worry about their safety and struggles even more – as there has been a rise in Asian American and Pacific Islander (AAPI) hate and crime. According to Stop AAPI Hate, from March 19, 2020 to December 31, 2021, a total of 10,905 hate incidents against AAPI persons were reported across the nation. This is sickening to me.

I was discussing this with a good friend recently and they shared that so much of diversity and inclusion is changing how you think about people, situations, and how you engage with others. This hits home for me now more than ever. I think about that with my children and me as a parent; seeing the world through their eyes has given me a new perspective on others and taught me empathy and understanding. But it has also given me an appreciation for others; who they are, where they come from, and what experiences and ideas they have.

In open source projects, it’s not a zero-sum game but a positive-sum game – open source development is based on the idea that, collectively, we are smarter than any one of us. That mindset is strong in our communities, and helps create that welcome space for all.

As we celebrate the last day of May and AAPI Heritage Month, I want to thank those Asian American and Pacific Islanders from our communities who have made a great impact. In fact, two of our members recently shared personal stories about their journeys. Thank you to Maemalynn Meanor, Senior Public Relations & Marketing Manager at the Linux Foundation, and Alex Kim, Technology Business Development Executive/OSS Incubator Advocate at IBM T.J. Watson Research Center, for offering a look into their personal and professional lives. You can read their blogs here:

• Where my journey started and where it’s going – Alex Kim, IBM
• Lesson Learned: Always listen to my mom – Maemalynn Meanor, The Linux Foundation

I thank everyone from those backgrounds for their great contributions to not only our projects, but open source in general, and hope that we can continue to make our communities a safe and inclusive place for all.

The post Asian American And Pacific Islander Heritage Month appeared first on Linux Foundation.

This blog post originally appeared on the Open Mainframe Project’s blog. They invited Open Mainframe Projects community members, contributors, and leaders to share their stories in honor of Asian Americans and Pacific Islanders (AAPI) Heritage Month.  The author, Alex Kim, Open Mainframe Project Mentor, Zowe contributor and Technology Business Development Executive/OSS Incubator Advocate at IBM T.J. Watson Research Center, shares about how his family has influenced his life.  

Watching a recent TV show “Pachinko,” I was truly impressed by how the directors used screen arts and music.  Based on the New York Times bestseller, this show chronicles the hopes and dreams of a Korean immigrant family across four generations as they leave their homeland in an indomitable quest to survive. It was relatable and magical and wonderful to see how they focused on how three generations of a family dealt with biggest challenges of their times. After watching the first season,  I couldn’t help thinking about my parents and my own family here in U.S.

My dad was born in mid 1930’s from the Southern region of Korea, when Korea was still under Japanese colonial territory. His family endured a lot of hardships, loss and scary moments because they had to survive through the Korean War. In fact, one of his stories that he tells often is about how, when he was just 12-years old, he and his brother escaped a massacre that happened at their small town.

.avia-image-container.av-l3u8j3jy-d35106f68084f103226420787e7cd700 .av-caption-image-overlay-bg{ opacity:0.4; background-color:#000000; } .avia-image-container.av-l3u8j3jy-d35106f68084f103226420787e7cd700 .av-image-caption-overlay-center{ color:#ffffff; }

My dad when he was in army building peace house near DMZ in 1960s

Photo: My dad when he was in army building peace house near DMZ in 1960s.

Like most of the community, my dad’s family was very poor and couldn’t afford to have “normal” food. Young children were living on eating dregs from the liquor factory in the town.

The poverty, however, couldn’t stop my dad from learning and advancing . Eventually he went to naval academy and had a successful career where he then retired as an Army Corporal. He said he was the first person to ‘escape’ the poor rural town and successfully landed a job in Seoul, the capital of South Korea. He later oversaw the building of Panmunjom in 1965 – buildings in Joint Security Area near DMZ – a very famous landmark that you might even remember from when President Trump met with Kim Jong-un a few years ago.

.avia-image-container.av-l3u8kp2j-3561c5f42bb17114d687dce22e6fc6d6 .av-caption-image-overlay-bg{ opacity:0.4; background-color:#000000; } .avia-image-container.av-l3u8kp2j-3561c5f42bb17114d687dce22e6fc6d6 .av-image-caption-overlay-center{ color:#ffffff; }

Photo of recent Panmunjom – you can see they still have the buildings from when my dad used to work to build them in 1960s

Photo of recent Panmunjom – you can see they still have the buildings from when my dad used to work to build them in 1960s

My dad endured a lot in his life but what always stayed strong was his drive to survive and succeed, which is what he instilled in me.

In August 1999, I landed at New York’s JFK airport with one big luggage (called ‘E-Min Gah Bang’, meaning ‘immigration bag’) and two large carton boxes. My destination was somewhere in Brooklyn, where I was supposed to start attending Brooklyn Polytech for a graduate study. Sometimes, when I look back,  I am not sure how I did it.  I didn’t have any friends. I didn’t know the language well and I didn’t really know the country itself.

If I’m honest, it was a little scary, but my heart was filled with excitement. I would survive and succeed – just like my dad did. I could learn anything and become what I wanted. (Also, I still can’t forget the taste of Junior’s Cheesecake – where my roommate took me to celebrate my first night in the US.)

I was truly lucky that I got so much help from many people, as for one I  got to join a research lab for Professor Ramesh Karri, where his team was implementing AES candidates into circuits. I implemented the Rijndael algorithm, which was selected as ‘the standard’ in 2000. This experience later led to a job opportunity at IBM Poughkeepsie where designed the first AES engine in hardware format within the company.

.avia-image-container.av-l3u8une7-dc51b97fe287ed80f7a64f21b6ecd444 .av-caption-image-overlay-bg{ opacity:0.4; background-color:#000000; } .avia-image-container.av-l3u8une7-dc51b97fe287ed80f7a64f21b6ecd444 .av-image-caption-overlay-center{ color:#ffffff; }

Photo of IBM 4758 – which was replaced with IBM 4764 that I worked on. Learn more – IBM CryptoExpress HSM.

Photo of IBM 4758 – which was replaced with IBM 4764 that I worked on. Learn more – IBM CryptoExpress HSM.

When I visited Korea after I got the job offer, my dad was proud of me. He reflected how me going to New York was the same as him leaving the small town he grew up. I didn’t realize much at the time what it means leaving families and going abroad for my own goals. I was just happy about the fact that I made my parents proud for the small success I could achieve. Thinking back now, my generation was still in this ‘make your parents proud’ lifestyle – it seemed very common in many Asian cultured families.

More than 20 years have passed since my first day at work. I have been through different jobs and different companies.  I got married and have my own family now. When my children were born and as they grew older, I had to face something that I didn’t realize I was going to miss.

I am the youngest of four siblings – so I never felt lonely growing up. We always had extended family members visiting during holidays and had big family events like weddings and New Years parties. Now, with my children in New York and far from my family in Korea, I am a little sad that I can’t give them the festive feelings and experiences that I was given. My wife and I celebrate with them as best we can but it is a little different when it’s a small family of four compared to an extended family with lots of cousins, aunts, uncles and grandparents.

.avia-image-container.av-l3u8woq9-4c8f33023555c41dbe336cc21d9cbffc .av-caption-image-overlay-bg{ opacity:0.4; background-color:#000000; } .avia-image-container.av-l3u8woq9-4c8f33023555c41dbe336cc21d9cbffc .av-image-caption-overlay-center{ color:#ffffff; }

Recent family gathering in Korea celebrating ‘Parents Day’ on May 8th 2022.

Photo: Recent family gathering in Korea celebrating ‘Parents Day’ on May 8th 2022.

I feel bad that I haven’t given them this opportunity yet – an opportunity to have days filled with fun, noisy family gatherings over the holidays. An opportunity to have a fight with cousins and rumble around the house screaming.

This is why, I am taking my kids to Korea this summer. It’s a little challenging as COVID is still a bad situation there but this will be a short trip. I hope I can give some of those ‘extended family’ memories to my kids as we visit with family.

I want to spend more time with my dad – I hope I can ask him how he felt when I was growing up. I want to ask him if he was worried like me. I want to ask him if it was hard for him sending me abroad and not being able to see me for many years.

Although I chose this career path and I love it – I don’t think I had enough thoughts about what my (and my own family’s) life would be like if I live abroad. I don’t regret on any of my choices – I rather feel I am truly blessed. However, growing up with the culture where ‘Hyo(filial duty)’ is one of the most important virtue in Korea – I am not doing it right as I can’t live near my parents and help them when they needed me.

I think many Asian cultures have this deep rooted family foundation in which the children take care of the parents when they get older. But for those of us who dreamed big and moved out of the countries we grew up in to search for a new life, an opportunity to build a better life, this is hard.

Yesterday I was talking to my mom and she told me my dad fell on the steps outdoor and hurt his leg. I wished I could run back to their house and help him visit a doctor’s office – but I can’t.  All I could do was make a few phone calls.

These thoughts and feelings never came up when I was younger. They were probably planted in my heart long ago when I was a still kid – but it took more than 30 years to grow and finally bloom into a more mature, grown-up heart.

.avia-image-container.av-l3u8yo85-65352f4727cedc48d07ba4ad7efd5776 .av-caption-image-overlay-bg{ opacity:0.4; background-color:#000000; } .avia-image-container.av-l3u8yo85-65352f4727cedc48d07ba4ad7efd5776 .av-image-caption-overlay-center{ color:#ffffff; }

Recent photo of my family

Photo: Recent photo of my family

Now, I wonder how my kids will feel when they get to my age. How will they feel growing up in America as second generation Asian American immigrants? Will they fit in here? Will they want to know more of their Korean family?

I will probably never understand their feelings – but I hope they ask me their own questions about life as they grow up. I hope they remember all of the short visits to Korea and remember where their parents came from. I hope they aspire to visit Korea themselves someday with their families. It makes me smile thinking about these things. I think I am getting old now… I am thankful that we all are in this journey together.

My journey started with my dad in a small town in Korea and continued when I put roots down in Brooklyn. I can’t wait to see what happens next.

The post Where My Journey Started and Where It’s Going appeared first on Linux Foundation.

The Fintech Open Source Foundation continues to expand support across all constituents and geographies with increased buy-side, cloud and financial technology representation

New York, NY – May 31 – The Fintech Open Source Foundation (FINOS), the financial services umbrella of the Linux Foundation, announced today the addition of six new corporate members, including Google Cloud, Société Générale, American Express, Point72, Mirantis, and The Digital Dollar Project. Building upon its 19 new Members in 2021 and its recent addition of Wellington Management Company to its Governing Board, FINOS now has 57 corporate members ushering a new era in open collaboration across the global financial services industry. 

These new members, as well as the entire FINOS ecosystem will meet in London on July 13 at its annual Open Source in Finance Forum. 

This addition of new members reinforces FINOS’ position as the arena of choice to build the next generation of financial technologies on common standards and open source components for financial institutions on both the sell-side and buy-side, fintechs, cloud companies, regulators, industry consortia and individual contributors. FINOS continues to see growth in the number and diversity of its corporate members across the world, with more than a 35% increase in the number of members year-over-year, fueling a community of more than 1,200 active contributors. This announcement is particularly significant as the engagement of cloud vendors and new buy-side firms signals widespread reception of open source return on investment across the technology value chain as a whole.

“We are at a pivotal moment in our evolution as a Community, where literally every constituent of the industry has come to the realization that open source collaboration has the concrete potential to bring to life the vision of a highly efficient, interoperable and developer-friendly global financial technology stack,” said Gabriele Columbro, Executive Director of FINOS. “From cloud and open source leaders heading the charge to some of the historically most conservative firms in the world now rolling out Open Source Program Offices (OSPOs), we are incredibly proud to see global recognition of the value in open source and of the role FINOS played in this evolution.” 

Meet the new members 

Google Cloud becomes the first global cloud service provider joining FINOS as a Gold member. Google Cloud will contribute to critical efforts for cloud deployments in financial services like the FINOS Open RegTech and Compliant Financial Infrastructure initiatives, aimed at driving adoption of FINOS open source projects in the cloud. 

“For more than 20 years, Google has helped shape the future of computing with its technology leadership and support across the open source ecosystem,” said Zac Maufe, Director, Financial Services, Google Cloud. “We are thrilled to join FINOS and its community of companies and people dedicated to open source. As the financial services industry accelerates its adoption of cloud technologies, FINOS open source projects will deliver valuable support to both our customers and the financial services tech community at large.”

Société Générale (SocGen), a French multinational investment bank and financial services company, joins FINOS as a Gold member, representing an important addition to the European sell-side representation in FINOS. This comes on the heels of the Linux Foundation amplifying its global focus with the recently announced inaugural European World of Open Source: 2022 Europe Spotlight Survey, a testament to the truly global nature and potential of the open source Community.

“Société Générale implemented an ‘Open Source First’ policy in 2017 and established it’s Open Source Program office (OSPO) in 2020,” said Alain Voiment, CIO for Group digital foundations and corporate functions, Société Générale. “Over the years, our focus has been to evolve in the open source journey by deriving benefits from infrastructure layer to applicative layer to business value add while engaging our developers’ community. As we become a more ‘tech enabled’ company leveraging the power of IT, digital, and data, we continue to foster our innovation capacity in bringing added value for our clients. Collaboration with FINOS is the right step in this direction and there couldn’t be a better time to embark on this journey.”

Our third Gold member, American Express, is dedicated to delivering digital products and services that enhance the lives of their customers, and believe open-source is a key component in supporting innovative growth across the industry. 

“Our technology philosophy focuses on delivering increased scale and efficiency, improved speed to market, high-quality, and security, while always keeping our customer at the center of all we do,” said Hilary Packer, Executive Vice President & Chief Technology Officer, American Express. “We’re excited to join FINOS because of the opportunities it will provide to collaborate with and contribute to the community, while supporting our ongoing adoption of open-source software, standards, and best practices, which in turn will help drive the continued success and growth of our company.”

FINOS also continues to expand the open source technology footprint among buy-side institutions to deliver innovation among the investment and asset management industries. Firms now have the ability to leverage open source connectivity, through projects like FDC3 that bolster interoperability with the sell-side, to access the market quickly in a vendor agnostic fashion. Newest Silver member Point72, a global asset manager which invests in multiple strategies and asset classes, was the first buy-side firm to join FINOS earlier in 2022, signaling their leadership and strong focus on the use of open source in this industry sector.

“Open source has emerged as an increasingly important driver of innovation in leading technology organizations within financial services,” said Mark Brubaker, Chief Technology Officer at Point72. “Our decision to join FINOS reflects our belief that open source collaboration raises all boats, benefiting all organizations and technologists.”

Mirantis, an established open source leader and cloud management platform that helps organizations easily ship code on public and private clouds, also joined FINOS as a Silver member.

“We are proud and excited to join FINOS,” said Andy Wild, Chief Revenue Officer of Mirantis. “With the rapid adoption of Cloud Native Technologies driven by Kubernetes in the financial industry, Mirantis understands that collaboration is the fastest path to innovation, and our open source based products and services have helped to drive innovation and growth for our financial customers for years. Joining FINOS, we look forward to having the opportunity to further align with the needs of the financial industry.”

FINOS also welcomes its latest Associate member, The Digital Dollar Project, a leading private-public partnership advancing the study and exploration of a potential U.S. Central Bank Digital Currency (CBDC), an initiative FINOS recently announced its support for in Davos.

“New advances in financial technology, including CBDCs, have the power to transform economies and connect people, governments, and businesses, locally and globally,” said Jennifer Lassiter, Executive Director of The Digital Dollar Project. “We know that experimentation and information sharing are critical to innovation, which is why we are thrilled to contribute to open source solutions as a new addition to the vibrant FINOS community.”

The addition of new Gold, Silver and Associate members marks continued forward momentum of FINOS’ mission to drive mass open source adoption across all facets of the financial services industry, strengthening its position as the leading organization supporting the industry as they collaborate on vital areas, such as interoperability, data standards, and open source security.

To learn more about joining FINOS as a member, visit the Membership Benefits page. Meet the FINOS team in London on July 13 at its annual Open Source in Finance Forum. 

About FINOS

FINOS (The Fintech Open Source Foundation) is a nonprofit whose mission is to foster adoption of open source, open standards and collaborative software development practices in financial services. It is the center for open source developers and the financial services industry to build new technology projects that have a lasting impact on business operations. As a regulatory compliant platform, the foundation enables developers from these competing organizations to collaborate on projects with a strong propensity for mutualization. It has enabled codebase contributions from both the buy- and sell-side firms and counts over 50 major financial institutions, fintechs and technology consultancies as part of its membership. FINOS is also part of the Linux Foundation, the largest shared technology organization in the world. Get involved and join FINOS as a Member.

Media Contact:
Catharine Rybeck 
Caliber Corporate Advisers 
catharine@calibercorporateadvisers.com 

The post Google Cloud, Société Générale, American Express, Point72, Mirantis, and The Digital Dollar Project Join FINOS, as Open Source Collaboration Becomes Increasingly Critical Across the Global Financial Ecosystem appeared first on Linux Foundation.

This article originally appeared on the Open Mainframe Project’s blog. The author, Maemalynn Meanor, is a senior public relations and marketing manager at The Linux Foundation. 

In honor of Asian Americans and Pacific Islanders (AAPI) Heritage Month, I wanted to share something my mother passed on to me.

I’ve worked in communications and public relations for the technology industry for almost 20 years. I’ve had to learn new industries, competitors, the intricacies of different technologies and how to interpret engineering language.

In all of these roles – no matter where I was – one thing remained the same. I was often the only Asian woman in the room. Without a roadmap or someone to look up to as an example of what to do I often leaned on my mom because standing in a room full of men who made me doubt myself was scary and intimidating. Always.

Whether it was in person or via webex or phone, nothing is worse than that moment when you say something and all the men in the room pause. Sometimes, they’ve agreed with my recommendations. Sometimes, they shot it down. One time, someone mansplained my idea back to me and then everyone in the room agreed that “that” idea was better than mine.

My mom always had the same advice. Trust yourself. Let your heart work with your mind – the strength of it encompasses not just things I learned in school but things my parents taught me about my family and my Thai heritage and culture.

She said this often. But there were times when I ignored her advice. I didn’t trust myself.

I remember one particular time more than a decade ago that I decided to distance myself from my heritage. I didn’t want to be the Asian woman in the room. I even tried to not be the woman in the room. I tried to be part of the “boy’s club.” I laughed at the inappropriate jokes. I was quiet when they complained about women leaders and used derogatory language.

This made me feel terrible about myself, my work and my life in general. I was going through the motions and no longer enjoyed my work and nor did I like my surroundings. But I kept going. It was my job after all.

A few months later, I was asked to go back to my college and meet with the Asian Students in Alliance (ASIA) club, which I was the former Vice President of, about my career in public relations and communications.

I struggled with this – am I really going to walk into a room full of bright Asian students and tell them that their culture doesn’t belong in the workplace? Am I okay with telling them to not highlight their differences and to not be proud of their culture? Am I really going to tell a room full of beautiful people from different Asian backgrounds – to just try to “blend in?”

No. My mom raised me better than that.

So I took her words and repeated them over and over again. Trust yourself. Believe in you. Let your heart and mind lead you where you need to be because they have the support of all your ancestors, your heritage and your traditions.

That night, I told my mom she’s right. I believe her response was “I know. I’m right about everything. Always. Don’t forget that.”

I am still sometimes the only Asian woman in the room but I’m happy to say that it’s not as often as it used to be. Now, there are more diverse backgrounds, more women, more voices – more of everything. It’s becoming easier to be who you are and love what you represent inside the workplace. This sense of belonging is something I don’t take for granted and will always be thankful for.

The post Lesson Learned: Always Listen to Mom appeared first on Linux Foundation.

I confess I am a lifelong learner – addicted to learning about new things and gaining new skills. So, when I started at The Linux Foundation, I was excited to see the depth and breadth of the training we offer (and employees have access to the catalog, so you should work here). It is truly impressive. And it makes sense. After all, the LF mission is to create the greatest shared technology investment in history by enabling open source collaboration across companies, developers, and users. Training is a necessary part of that. 

For starters, we practice what we preach. Every employee – and I mean every employee, from admin to engineering – is required to take 9 different LF training courses to get an in-depth overview of open source methodologies:

• Open Source 101
• Open Source Introduction
• A Beginner’s Guide to Open Source
• Open Source Licensing Basics for Software Developers
• Open Source Business Strategy
• Effective Open Source Program Management
• Open Source Development Practices
• Open Source Compliance Programs
• Collaborating Effectively with Open Source Projects

Each of these courses is also offered to the public through the LF Training and Certification portal. 

LF Training and Certification Portal

Speaking of the portal, this is your one-stop-shop for all of our training and certification resources. It hosts our training programs created by well-respected developers that cover the most important open source projects and includes opportunities for certification exams. It is all vendor-neutral, providing foundational knowledge and skills in the technologies running the modern world. 

You can access 30+ e-learning courses, 20+ instructor-led classes, 12+ certification exams, and 40+ free massive open online courses (MOOCs) in partnership with edX. (I just signed up for a blockchain one with 96,000 of my closest friends).

If there is a specific field of study you want to focus on, there are learning paths for: 

• Application Development
• Blockchain
• Cloud and Containers
• Cybersecurity
• DevOps and Site Reliability
• Embedded Development
• Linux Kernel Development
• Networking
• System Administration
• Systems Engineering and Architecture

In short there is something for you, and you can join the 2 million+ students who have enrolled and 50,000+ professionals who already earned certifications.

Developing Secure Software Course

I do want to highlight a course that came up during the Open Source Software Security Summit II a couple of weeks ago. The importance of teaching secure software development principles was one of the recommendations to improve the resiliency of open source software. Good news – the LF offers the “Developing Secure Software” (LFD121) course. It focuses on the fundamentals of developing secure software. Both the course and certificate of completion are free. It is entirely online, takes about 14-18 hours to complete, and you can go at your own pace. Those who complete the course and pass the final exam will earn a certificate of completion valid for two years. 

It is geared towards software developers, DevOps professionals, software engineers, web application developers, and others interested in learning how to develop secure software. It focuses on practical steps that can be taken, even with limited resources, to improve information security. 

Why is it needed? Many software developers have never been told how to effectively counter the ever-increasing barrage of cyberattacks. This course explains the fundamentals of developing secure software. A basic security principle – build it more secure in the beginning and you will spend less time fending off attacks later. From the course description: 

This course starts by discussing the basics of cybersecurity, such as what risk management really means. It discusses how to consider security as part of the requirements of a system, and what potential security requirements you might consider. This first part of the course then focuses on how to design software to be secure, including various secure design principles that will help you avoid bad designs and embrace good ones. It also considers how to secure your software supply chain, that is, how to more securely select and acquire reused software (including open source software) to enhance security. The second part of this course focuses on key implementation issues: input validation (such as why allowlists should be used and not denylists), processing data securely, calling out to other programs, sending output, and error handling. It focuses on practical steps that you (as a developer) can take to counter the most common kinds of attacks. The third part of the course discusses how to verify software for security. In particular, it discusses the various static and dynamic analysis approaches, as well as how to apply them (e.g., in a continuous integration pipeline). It also discusses more specialized topics, such as the basics of how to develop a threat model and how to apply various cryptographic capabilities.

You can learn more about the course and enroll for free here. 

Future Announcements 

We are always working to improve and expand what we offer. There are a lot of exciting announcements coming up next month during the Open Source Summit North America, including insights from our 10th Annual Open Source Jobs Report, the winners of the 500 LiFT Scholarships for 2022, some new training courses, and more. Even if you aren’t able to attend, keep an eye out for our announcements. Some exciting stuff, but I have said too much already. Sign up for the newsletter so you are the first to know when new courses are offered, and – arguably more importantly – get access to promotions. I mean – new skills and saving money, how can you say no. 

I hope you have an opportunity to take some of our courses and become certified. You will be a better person for it.

The post Your Path to More Knowledge and Opportunities appeared first on Linux Foundation.

Zowe LTS V2 increases product stability, security and interoperability and ensures longevity compatibility with the Conformance and Conformant Support Provider Programs

SAN FRANCISCO, May 26, 2022 – The Open Mainframe Project announced today that Zowe, an open source software framework for the mainframe that strengthens integration with modern enterprise applications, marks a major technical milestone with the Long Term Support (LTS) V2 release. The second version, which comes 2 years after the first LTS release, will offer vendors and customers product stability, security, interoperability as well as easy installation and upgraded features.

“As organizations expand their hybrid cloud workloads, the Zowe framework evolves to address critical architectural requirements,” said Rose Sakach, Chair of the Zowe Technical Advisory Committee and Product Manager at Broadcom. “Since its launch in 2018, Zowe has become a foundational enabler to businesses’ hybrid IT strategy. The LTS V2 Release will continue to strengthen this value with developer-friendly features and benefits.”

Benefits of the LTS V2 include:

• Stability: Organizations can confidently adopt the technology for enterprise use and upgrade when appropriate for their environment, minimizing the risk of disruption.
• Interoperability: Zowe consumers can be assured LTS-conformant extensions have adapted to and support LTS features.
• Longevity: Zowe is designed for years of use and plans are in place for continued updates and support.

Open Mainframe Project launched Zowe, the first-ever open source project based on z/OS, in 2018 to serve as an integration platform for the next generation of administration, management and development tools on z/OS mainframes.  The Zowe framework uses the latest web technologies among products and solutions from multiple vendors. Zowe enables developers to use familiar, industry-standard, open source tools to access mainframe resources and services.

Feedback and interest in Zowe have been noteworthy. Since January 2022, Zowe has more than:

• 130,000 downloads
• 87,000 page views and 16,000 visitors of zowe.org
• 520 contributors

Key features of Zowe LTS V2 include:

• More security features built in to ensure data and user credentials are always encrypted and safe.
• A new daemon mode delivering performance improvements for the command line interface.
• The time to value to configure Zowe is faster and easier.
• There is more engagement and collaboration between team members using Zowe for modern DevOps at scale.
• New APIs created by the community

For more features, click here.

“Zowe continues to innovate as a direct result of the contributions, leadership and passion of the global open source community,” said John Mertic, Director of Program Management for the Linux Foundation and Open Mainframe Project. “Zowe shows no sign of slowing momentum and the LTS V2 release demonstrates our commitment to interoperability, stability and security.”

Other Zowe Updates

• Zowe Chat, a new incubator project that extends z/OS use by focusing on working with mainframes from chat clients such as Slack, Microsoft Teams and Mattermost (with extensibility for other solutions). A set of commonly used scenarios will be provided, and the framework will be extensible so sites can add new scenarios. Similar to other Zowe core packages, the chat framework will be extensible by vendor tools, bringing an integrated user experience for more elaborate cross-vendor scenarios. Read more about it here.

• Zowe IntelliJ Plugin , a new incubator project that provides access to the mainframe from IDEs like IntelliJ, PyCharm, WebStorm and more. Launched by IBA Group, the IntelliJ IDEA plug-in leverages z/OSMF to interact with mainframe data sets and USS files, which enables those familiar with these IDEs to comfortably work with the mainframe just like other projects. This integration will improve the efficiency and overall happiness of IntelliJ enthusiasts now working on the mainframe. Learn more in this blog.

• Zowe was recognized as the Best DevOps for Mainframe Award in this year’s DevOps Dozen competition. It was selected over a number of commercial vendor offerings, reflecting a widespread appreciation for the value of an open source solution for the mainframe. Learn more.

The Zowe Conformance Program is Updated with LTS V2 Guidelines

Aimed to build a vendor-neutral ecosystem around Zowe, Open Mainframe Project’s Zowe Conformance Program launched in 2020.  The program has helped Open Mainframe Project members such as ASG Technologies, BMC, Broadcom, IBM, Micro Focus, Phoenix Software International, and Rocket Software incorporate Zowe with new and existing products that enable integration of mainframe applications and data across the enterprise.

To date, 75 products have implemented extensions based on the Zowe framework and earned these members conformance badges

Additional Resources:

• Zowe GitHub Repository
• Zowe Convenience Build Download
• Getting Started documentation site 
• Open Mainframe Project’s I am a Mainframer Podcast

About the Open Mainframe Project

The Open Mainframe Project is intended to serve as a focal point for deployment and use of Linux and Open Source in a mainframe computing environment. With a vision of Open Source on the Mainframe as the standard for enterprise class systems and applications, the project’s mission is to Build community and adoption of Open Source on the mainframe by eliminating barriers to Open Source adoption on the mainframe, demonstrating value of the mainframe on technical and business levels, and strengthening collaboration points and resources for the community to thrive. Learn more about the project at https://www.openmainframeproject.org.

About The Linux Foundation

The Linux Foundation is the organization of choice for the world’s top developers and companies to build ecosystems that accelerate open technology development and commercial adoption. Together with the worldwide open source community, it is solving the hardest technology problems by creating the largest shared technology investment in history. Founded in 2000, The Linux Foundation today provides tools, training and events to scale any open source project, which together deliver an economic impact not achievable by any one company. More information can be found at www.linuxfoundation.org.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

###

The post Open Mainframe Project Announces Major Technical Milestone with Zowe’s Longer Term Support V2 Release appeared first on Linux Foundation.

Software Metadata Standards Wrap Up Bigger Connections

This article originally appeared on Linux.com. The author, Cameron Laird, is vice president of Phaseit, Inc. where he implements software projects and publishes articles about the results. A long-time developer, manager, and author, he’s most recently concentrated on architectural challenges of “continuous everything”: continuous integration, continuous testing, and so on.

You’re in the news. But not with the headline you want.

You’re not getting attention because of your choice of text editor or the number of spaces you use to indent code blocks. However motivating those preferences are for you and me, the non-technical world sees them as private choices. You find your code in the headlines for a different and unpleasant reason: open source dependency management.

We have dependencies, of course, because we know not to “reinvent the wheel”; instead, we software experts re-use the implementations others have created. However, when done poorly, dependency management introduces more risk and degrades the quality of your application. For example, failure to comply with license requirements might be the problem.  Even worse: the absence of a license tied to a component you embedded in your application. In both cases, there are potential legal implications.

Still more traumatic is a media headline announcing that a vulnerability just breached your organization in one of those dependencies. Projects frequently re-use software components to simplify or accelerate development; but sometimes, it can have detrimental results by introducing said vulnerabilities.

That’s not all:  suppose you are experienced and thoughtful enough to recognize this hazard and commit to good dependency management.  It turns out that’s a harder problem than might first appear, and certainly not the kind of thing that can be slipped into a project on its last days, without significant time or other costs.

Building A Standard For Software Bill Of Materials

How, for instance, does an industrial oven manufacturer communicate that one of its products depends on a particular library with a known vulnerability?  How does it say that it does not have such a dependency?  One of the difficulties comes from mixing open and closed information sets. What happens in a scenario where an automotive chip uses an open source sorting algorithm, but the auto manufacturer wants to keep the use of that algorithm proprietary?

Without a better alternative, any discussion about the algorithm has to occur under cover of a non-disclosure agreement (NDA), often one written specifically for the business and technical situation.  Where developers investigating a particular piece of software might be accustomed to connecting to GitHub and inspecting the source in question in a few seconds, even the simplest proprietary questions sometimes take months of legal, security, and compliance negotiation to begin to examine. “Manual” inspection, in any case, is unscalable.  The average application contains 200 OSS components, and each component might manually take three hours to inspect.  Does your project have a better use for 600 hours of effort?  Open source truly begins to pay off when it’s inspected not just by expert engineers but by automatic tools.

Recognize, moreover, that transitive dependencies make dependency management a harder problem than first appears.  Many of the most notorious breaches occurred not because anything was wrong with the source of a product or even the source of the libraries on which it depends; the vulnerability only turned up in a library used by those other libraries.  Over and over again, CEOs who’ve asked, “does $SOME_PROBLEM affect us?” have received the answer, “we don’t know yet: we’re not sure where it shows up in our systems.” We need transparency about dependencies and enough intelligence and standardization around hierarchical relationships to “trace the whole tree.” Organizations must track dependencies through to the operating system run-time and sometimes down to “the silicon,” that is, the microprocessor on which the software runs.

It’s a hard problem but also a solvable one.  Part of any solution is a well-defined software bill of materials (SBOM or sometimes SBoM). That’s where Kate Stewart’s career began to track this story.  Stewart currently serves the Linux Foundation as a vice president of Dependable Embedded Systems.  In previous assignments with such employers as Motorola, Freescale Semiconductor, Canonical, and Linaro, she frequently faced challenges that mixed technical and legal aspects.  As she explained her long-time focus in a recent interview, “if open source components are going to be in safety-critical places … [we need] to be able to trust open source in those spaces …” Good SBOM practices are simply necessary for the level of trust we want to have not just in industrial ovens, but airplanes, medical devices, home security systems, and much more.  An SBOM organizes such metadata about a software artifact as its identity, verification checks it hasn’t been tampered with, copyright, license, where to look up known security vulnerabilities, dependencies to check, and so on. Think of an SBOM as an ingredients list for your software.  It makes those ingredients visible, trackable, and traceable.  It lets you know if you have used the highest quality and least risky open source components to build your software.

Enter SPDX

Stewart and other technologists eventually began to team with specialists in intellectual property, product managers, and others. They developed such concepts in the early years of this millennium as SBOM, the Software Package Data Exchange (SPDX), and the OpenChain Specification.  She co-founded SPDX in 2009 to pursue “[a]n open standard for communicating software bill of materials information ….” Among other features and benefits, these frameworks provide standard and scalable ways to discuss dependencies.

Instead of each vendor having to certify that each of its releases has been verified for security and license compliance of each of eight hundred JavaScript libraries, for example, many of the most time-consuming aspects of compliance can be automated.  When a new vulnerability is identified in an implementation of a networking protocol, automated methods can largely be applied to determine which products embed known vulnerable libraries, even while we developers remain largely unaware of the details of each component and dependency they use.  For Stewart, standards-based transparency and best practices are prerequisites for the security of safety-critical communities she helps serve.  As Stewart observes, “you can’t really be safe unless you know what you’re running.”

Daily Headlines

Does that sound mundane?  The reality’s far different:  SBOM and related technologies actually play roles in events on the world stage.  For example, on the 12th of May, 2021, US President Biden issued Executive Order 14028 on Cybersecurity Improvement; SBOMs play a prominent role there.  The Open Source Initiative just named Stefano Maffulli its first Executive Director precisely because of the need for mature open source licensing practices.  Dr. Gail Murphy argued in a recent interview that it’s time to recognize that open source software is a “triumph of information-hiding [and] modularity …” in enabling the remarkable software supply chains on which we depend.  Emerging information on breaches including SolarWinds, Rapid7, Energetic Bear, and especially the latest on Juniper’s Dual-EC affair shows how disastrous it becomes when we get those supply chains wrong.  The most prominent breaches in computing history have been tied to component vulnerabilities that seemed peripheral until break-ins demonstrated their centrality.

Drone strikes?  Vaccine efficacy?  Voter fraud?  International commerce?  Nuclear proliferation?  Questions about software and data reliability and fidelity are central to all these subjects, not mere technical tangents.

That’s why SPDX’s management of hierarchical relationships is so crucial.

ISO/IEC 5926:2021 Introduces SBOM Standard

SPDX went live as an official international standard at the end of August.  With that milestone, standardization lowers many of the hurdles to the successful completion of an SBOM project.  Implementation becomes more consistent. “Bookkeeping” about external parts becomes largely a responsibility of the standard.  Software engineers focus more on the details specific to an application.  Then, as those external parts–the ingredients of an SBOM recipe–age and security vulnerabilities are discovered in them, developers can reliably track those components to the applications where they were used and update components to newer, hardened versions. What does that mean for you?  In your own work, the faster you identify and update vulnerable components, the less likely the chance you will have of becoming the next breach headline following an attack.

SPDX’s standardization fits in the frameworks of the International Organization for Standardization (ISO) the International Electrotechnical Commission (IEC).  ISO is a post-war transnational creation that originally focused on bolt sizes, temperature measurements, and medical supplies.  ISO tracks human affairs, of course, and its attention in recent years has shifted from materials to business processes and, in this millennium, to software.  IEC is a prior generation’s initiative to pursue the same kinds of standardization and cooperation, specifically in the realm of electrical machinery; the IEC and ISO often collaborate.

In bald terms, ISO and IEC matter to you as a programmer because governments trust them.  The new standard is sure to make its way rapidly into procurement specifications, especially for government purchases.  Suppliers become accustomed to compliance with such standards and apply them in their practices more generally.  The earlier ISO 9000 collection of standards has already greatly influenced software development.

Important Though Abstract

The impact and scope of ISO:IEC 5926:2021 is a challenge to understand, let alone explain.  On the one hand, millions of working programmers worldwide go about their daily chores with little thought of SPDX or even SBOMs.  While we all know we depend on packages, we largely leave it to Maven or npm, or RubyGems, etc., to handle the details for us.  Standardization of SPDX looks like a couple of layers of abstraction, even more remote from the priorities of the current sprint or customer emergency on our desks right now.

And it’s true:  SPDX is abstract, and its technical details look dry to some programmers, the opposite of the “sexy” story many start-ups aspire to.

Without this infrastructure, though, the development of many large, complex, or mission-critical projects would grind to a halt from the friction of communication about proprietary dependencies on open source artifacts.  Think of it on a weight basis:  as the Linux Foundation’s own press release underlines, “… between eighty and ninety percent of a modern application is assembled from open source software components.” SPDX is immensely important at the same time as it’s uninteresting to all but the most specialized practitioners.

Look to history for examples of how momentous this kind of standardization is.  The US’s Progressive movement at the beginning of the twentieth century is instructive.  While often taught in ideological terms, many of its greatest achievements had to do with mundane, household matters:  does a milk bottle actually contain milk?  Can standard doses of medicines be trusted?  Is a “pound” in a butcher’s shop a full sixteen ounces?  Standards in these areas resulted in more convenience and transformed commerce to enable new market arrangements and achievements. That’s the prospect for SPDX:  more transparent and effective management of software dependencies and interactions will have far larger consequences than are first apparent.  Notice, for instance, that while the standard examples of its use have to do with open-source software, the standard itself and the tools that support it can also be applied to proprietary software and other intellectual property.  SPDX doesn’t solve all problems of communicating about dependencies; it goes a long way, though, to clarify the boundaries between technical and legal aspects.

Long Lead Time

The significance and need for secure software supply chains haven’t made SPDX’s adoption easy, though.  Stewart reports that individual companies drag their feet: “why should we do something before we have to?” these profit-oriented companies reasonably wonder.  Even in the best of circumstances, when an industry has largely achieved a technical consensus, “From first proposal to final publication, developing a standard usually takes about 3 years.“

Stewart herself cites this year’s Executive Order as crucial: “the one thing that made a difference” in pushing forward adoption of SPDX in 2021 was the emerging SBOM requirements that followed EO14028.  Much of her own emphasis and achievement of late has been to get decision-makers to face the reality of how crucial their dependence on open source is. No longer can they restrict focus to the 10% of a proprietary product because supply chain attacks have taught us that the 90% they re-use from the software community at large needs to be exposed and managed.

Publication of a standard mirrors application development in having so many dependencies “under the covers.” It’s not just Stewart who worked on this for more than a decade, but, as I’ll sketch in follow-ups through the next month, a whole team of organizations and individuals who each supplied a crucial requirement for completion of ISO/IEC 5926:2021.  When you or I think of great software achievements, our memories probably go to particular winning prototypes turned out over a weekend. Standards work isn’t like that.  The milestones don’t come at the rapid pace we relish. Successful standards hold out the promise, though, of impacting tens of thousands of applications at a time. That’s a multiplier and scalability that deserves more attention and understanding.

SBOMs For Everything

And that’s why ISO/IEC 5926:2021 is good news for us.  We still have licensing and security issues to track down. We still need to attend meetings on governance policies. Management of proprietary details remains delicate.  Every project and product needs its own SBOM, and vulnerabilities will continue to crop up inconveniently. With the acceptance of ISO/IEC 5926:2021, though, there’s enough standardization to implement continuous integration/continuous deployment (CI/CD) pipelines usefully. We can exchange dependency information with third parties reliably. SPDX provides a language for describing dependency management chores. SPDX gives answers that are good enough to focus most of our attention on delivering great new functionality.

The best practices of application development applied by developers as a learned methodology can be something more than an exercise in walking a tightrope of intellectual property restrictions. Enterprise-class proposal requests become more engineering than lawyering.  You have a better shot at being in the news for your positive achievements rather than the security calamities into which you’ve stumbled.

Check in over the next several weeks to learn more about what SPDX means to your own programming, how SPDX is a model for other large-scale collaborations the Linux Foundation enables, and how teamwork is possible across profit-making boundaries.  In the meantime, celebrate ISO/IEC 5926:2021 as one more problem that each project does not have to solve for itself.

The post ISO establishes SBOM standard for open source development with SPDX appeared first on Linux Foundation.

Welcomes SoftBank Group to its member ranks

TOKYO, May 25, 2022 – The SODA Foundation, which hosts the SODA Open Data Framework (ODF) for data mobility from edge to core to cloud, today announced two new open source projects: Kahu and Como. Kahu streamlines data protection for Kubernetes and its application data, and Como is a virtual data lake project to enable seamless access to data stored in different clouds. The SODA Foundation also welcomes SoftBank Group as an end-user supporter and key collaboration partner on the Como project.

According to the 2021 SODA Data and Storage Trends Report, two of the top challenges in managing data in containers and cloud-native environments are availability (46%) and management tools (38%).  In direct response to the report findings, the SODA Foundation community collaborated to introduce new tooling options through the Kahu project to improve backup and restore practices critical to data availability.  Furthermore, as enterprises become more data-driven and data growth for some enterprises can exceed 10PB per year, object data management offered by the Como Project will play an important role in performance and scalability requirements for cloud-native environments.

“Data collection, management, and consumption is becoming the new competitive battlefield in IT”, said Steven Tan, chairman, SODA Foundation. “We’re excited to announce Kahu and Como as the latest advances in open source data management and storage. Our 28 members are also excited to welcome the engineers and open source community within SoftBank Group to the Foundation.” 

“Data is the fuel of our global digital economy and harnessing its power requires collaboration on a massive scale”, said Kuniyoshi Suzuki, Senior Director, Cloud Engineering , SoftBank Group.  “Softbank is excited to be joining a community of open source software developers focused on enabling improvements toward data storage, recovery, and retention in cloud environments. We look forward to collaborating with the SODA Foundation and its members, while contributing to the future of this important community.”

New Open Source Releases

In addition to the announcement of Kahu and Como projects, the SODA Foundation also announced the:

• Release of SODA Framework Madagascar v1.7.0: Formerly Open Data Framework (ODF), SODA Framework comprises independent projects initiated by the community to solve common data and storage problems faced by end users. It includes:
  • Terra: a universal SDS controller for connecting storage to Kubernetes, OpenStack, and VMware environments.
  • Delfin: a performance monitor for heterogeneous storage infrastructure in a single pane of glass.
  • Strato: a multi-cloud data controller using a common S3-compatible interface to connect to cloud storage.
  • Kahu : new project to streamline data protection for Kubernetes and application data.

• Expansion of its Eco Project Initiative with the introduction of more open source projects: 

DAOS: a software-defined object store designed from the ground up for massively distributed Non Volatile Memory (NVM), providing features such as transactional non-blocking I/O, advanced data protection with self-healing on top of commodity hardware, end-to-end data integrity, fine-grained data control and elastic storage.

YIG: extends Minio backend storage aggregating multiple Ceph clusters to form a massive storage resource pool that can easily scale up to exabyte (EB) levels with minimal performance disruption.

CubeFS: a cloud-native storage platform used as the underlying storage infrastructure for online applications, database or data processing services and machine learning jobs orchestrated by Kubernetes.

Karmada: a Kubernetes management system that enables organizations to run cloud-native applications across multiple Kubernetes clusters and clouds, with no changes to your applications.

SBK: an open source software framework for the performance benchmarking of any storage system.

Conferences and Survey

• SODACODE: this week, developers from around the world will participate in SODACODE 2022 – the Data & Storage Hackathon on May 25 – 26.  The first-of-its-kind coding event organized by SODA Foundation is open to developers from all levels ranging from beginner to advanced. The hackathon will conclude with project demonstrations, presentation sessions, panel discussions and an award ceremony for the hackathon winners.
• Trend Survey: The SODA Foundation will release its second-annual Data and Storage Trends Survey on June 30, 2022.
• SODACON: a technical conference held by SODA Foundation, will be held this year in Yokohama, Japan on December 7, 2022. The conference will bring together industry leaders, developers and end users to present and discuss the most recent innovations, trends, and concerns as well as practical challenges and solutions in the field of Data and Storage Management in the era of cloud-native, IoT, big data, machine learning, and more.

Additional Resources

• Join the SODA Foundation
• Attend SODACODE 2022 – The Data & Storage Hackathon
• Read the 2021 Data and Storage Trends Report

About the SODA Foundation

Previously OpenSDS, the SODA Foundation is part of the Linux Foundation and includes both open source software and standards to support the increasing need for data autonomy. SODA Foundation Premiere members include China Unicom, Fujitsu, Huawei, NTT Communications and Toyota Motor Corporation. Other members include China Construction Bank Fintech, Click2Cloud, GMO Pepabo, IIJ, MayaData, LinBit, Scality, Sony, Wipro and Yahoo Japan.

Media Contact

info@sodafoundation.io

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

The post SODA Foundation Prioritizes Backup and Restore for Containers, Introduces Object Data Management Across Cloud Providers appeared first on Linux Foundation.

The power of a story. I first wrote about this 7 years ago in a series I titled Lessons from a Two Year Old. But it is a reality as old as time itself – humans are wired for stories. We enjoy listening to them, telling them, and they help us to relate to others and to remember things. 

And everyone has a story to tell – many of which haven’t been told yet. 

Our own Mark Miller is working on sharing the previously untold stories of the people in open source. He has a unique gift for pulling stories out of people and showcasing what made each person who they are today and how their journey resulted in some of the top open source projects of all time. Each person is making a positive difference in our world, and each one has their own unique journey.

Mark will be sharing these stories in our upcoming, aptly named podcast, The Untold Stories of Open Source. It will be formally launched at the Open Source Summit North America and OpenSSF Day in June, but you are in luck and he has soft-launched with his first episode, telling the story of Brian Behlendorf, General Manager of the OpenSSF. But, Brian had quite the journey before his role at OpenSSF and that story is now being told. 

Like myself, Brian was coming of age when PCs were being introduced to the world, Oregon Trail was the game of choice (okay, it was about the only game), and the Internet was still a project at the National Science Foundation. Brian’s parents worked in the science and technology field – they even met at IBM. His father was a COBOL programmer, which gave Brian a look into the world of programming. Imagining a life of coding in basements, away from people, is why he decided against majoring in computer science. I can relate – we both started college in the fall of 1991, and, I too, decided against majoring in computer science because I envisioned a future of myself, a computer, a pot of coffee, and little social interaction. 

The Internet was just getting introduced to the world in 1991 – and Brian, like all incoming freshmen at the University of California – Berkeley, received an email address. With this, he connected with others who shared a common interest in R.E.M. and 4AD and the rave scene around San Francisco. He built a mailing list around this shared interest. Yada…yada… The first issue of Wired magazine mesmerizes Brian in 1993.

Turns out one of the friends Brian met in his music community was working at Wired to get it – well wired. It started as a print newsletter (ironically). His friend, Jonathan, reached out and hired Brian for $100/week to help them get back issues online. Unlike today’s iconic, stunning design, it was black text on a white background. 

Besides just digitizing previously published content, Brian helped produce digital-only content. A unique approach back then. It was one of the first ad-supported websites – hotwired.com. Brian jokes, “I like to say I put the first ad-banner on the web, and I have been apologizing for it ever since.” 

As Brian worked on the content, he had a vision of publishing books online. But, turns out, back then publishers didn’t have the budgets to devote to web content. But bigger brands, looking to advertise on Hotwired, did, and they needed to have a website to point to.  So he joined Organic, a web design firm, as CTO at the ripe age of 22. They build the websites for some of the first advertisers on Hotwired like Club Med, Volvo, Saturn cars, Levis, Nike, and others. 

Back then, Wired and the sites Organic built all ran on a web server software developed by students at the University of Illinois, in the same lab that developed the NCSA Mosaic browser. Long before the term open source was coined, software running the web almost always included the source code. Brian notes there was an unwritten code (pun intended) that if you find a bug, you were morally obligated to fix it and push the code upline so that everyone had it. He and a group of students started working on further developing the browser. Netscape bought the software, which halted ongoing student support for the browser. Although the code remains open. Brain and others kept updating the code, and they decided to change the name since it was a new project. Because it was a group of patches, they chose the name Apache Web Server (get it – a patchy server). It now runs an estimated 60% of all web servers in the world. 

As interesting as Brian’s story is to this point – I really just scratched the surface. Mark’s first episode of the podcast shares the rest, from founding Collab.net to a medical records system in Rwanda to working at the White House to his roles at Hyperledger and now OpenSSF and more.

Okay – I have said too much. No real spoilers. You can listen to the full episode now on Spotify. (more platforms coming soon). 

Mark has been recording and stitching together episodes all year. I look forward to listening. Look for the formal launch, and several new episodes, at Open Source Summit North America and OpenSSF Day on June 20, 2022.

The post Linux Foundation Podcast Series: “The Untold Stories of Open Source” appeared first on Linux Foundation.

This article originally appeared on the LF Training Blog. You can access all of the LF Training resources and courses, including Kubernetes certifications, at here. 

Faseela K. is a platform development engineer with a background in open source networking. As she saw the use of containers growing more than the VMs she was working with, she began studying Kubernetes and eventually decided to pursue a Certified Kubernetes Administrator (CKA). We spoke to her about her experience.

Linux Foundation: What was the experience like taking the CKA exam?

Faseela K: I was actually nervous, as this was the first online certification exam I was taking from home, so there was some uncertainty going in. Would the proctor turn up on time? Will the cloud platform where we are taking the exam get stuck? Will I be able to finish the exam on time? Those and several other such questions ran through my mind. But I turned down all my concerns, had a very smooth exam experience, and was able to finish it without any difficulties.

LF: How did you prepare for the exam?

FK: I am a person who uses Kubernetes in my day to day work, so the topics in the syllabus were familiar to me. On top of that I did some practice tests and online courses. Preparing for the exam made so many of my day to day work related tasks much easier, and my level of expertise on K8s increased considerably.

LF: How did preparing for and taking CKA help you improve your skills?

FK: Though I work on K8s regularly, the range of concepts and capabilities I was using were minimal. Preparing for CKA helped me touch upon all areas of K8s, and the experience which I already had helped me get a complete end to end view of things. I can troubleshoot Kubernetes issues in a better way now, and go deep into each problem to find a solution.

LF: Tell us more about your current job role. What types of activities are you engaged in and how has the CKA helped with them?

FK: I currently work as a platform development engineer at Cisco, where we develop and maintain an enterprise Kubernetes platform. Troubleshooting, upgrading, networking, and system management of containerized platforms are part of our daily tasks, and CKA has helped me master all these areas with perfection. The training which I took to prepare for the CKA phenomenally transformed my perspective about Kubernetes administration, and this has helped me attain an end to end view of the product. Debugging any issues in the platform has become easier than ever, and the certification has given me even more confidence with fixing issues in a time sensitive manner.

LF: You mentioned to us previously you’d like to take the Certified Kubernetes Application Developer (CKAD) next; what appeals to you about that certification?

FK: I am planning to go deeper into containerized application development in my career, and hence CKAD was appealing to me. In fact, I already completed CKAD and became CKAD certified within less than a month of achieving my CKA certification. The confidence I gained after CKA helped me try the second one also faster.

LF: Tell us about your experience working on the OpenDaylight project. What prompted you to move from focusing on SDN to Kubernetes?

FK: I was previously a member of the Technical Steering Committee of the OpenDaylight project at The Linux Foundation, and made a lot of contributions to OpenDaylight. Working in open source has been the most amazing experience I have ever had in my life, and OpenDaylight gave me exposure to the various activities under LF Networking, while being a part of The Linux Foundation generally helped me engage with some of the top notch brains across organizations.

Coming together from across the globe during various conferences and DDFs, and working together across the company boundaries to solve common SDN problems has given me so much satisfaction. Over a period of time, containers were gaining traction over VMs, and I wanted to get more involved with containerization and platform development, where Kubernetes looked more promising.

LF: What are your future career goals?

FK: I intend to learn more about K8s internal implementation, and also to get involved with projects like istio, servicemesh and networkservicemesh in the future. My dream is to become a cloud native software developer, who promotes containerized application development in a cloud native way.

LF: What technology are you most interested in studying next?

FK: I am currently pursuing a course on the golang programming language. I also plan to take the Certified Kubernetes Security Specialist (CKS) exam if time permits.

The post Success Story: Preparing for Kubernetes Certification Improves a Platform Development Engineer’s Skills appeared first on Linux Foundation.