Open-source News

AMD EPYC 7773X Performance Continues To Impress With Tremendous Opportunity For Large-Cache Server CPUs

Phoronix - Tue, 07/12/2022 - 21:00
Back in March when AMD Milan-X rolled out I published a number of EPYC 7773X benchmarks as well as Milan-X benchmarks in the cloud. Since then there have been new Linux kernel improvements and other changes in the ever-advancing open-source world. Plus simply more time to conduct additional tests over the summer. Here is the latest round of my AMD EPYC 7773X 1P and 2P benchmarking compared to the Milan EPYC 7713/7763 SKUs as well as Intel's Xeon Platinum 8380 "Ice Lake" competition.

X.Org Server Hit By New Local Privilege Escalation, Remote Code Execution Vulnerabilities

Phoronix - Tue, 07/12/2022 - 21:00
Getting things started for this "Patch Tuesday" are the disclosure of two new X.Org Server vulnerabilities...

10th Annual Jobs Report: Skill up for the summer and your next open source gig

The Linux Foundation - Tue, 07/12/2022 - 21:00

For those of us in the northern hemisphere, summer is finally here! Perhaps you celebrated the Summer Solstice a few weeks ago. If you’re from the United States, the fireworks from the 4th of July are now just a fun memory.

Like me, you’re now probably thinking about how you’re going to spend your downtime this summer. Perhaps you plan on taking things easy, maybe finishing off that novel you never got to this year, or taking a road trip?

Well, it’s time to quit slacking, penguin. With the news of layoffs and inflation, and investment market declines taking the wind out of summer sailboats, there’s no better time than now to skill up for your next job, or to stay up-to-date on your current one. The good news is that there are great resources to help stay competitive during uncertain market times, and just in time for summer, too!

Linux Foundation Research and LF Training & Certification recently published its latest paper, the 10th Annual Open Source Jobs Report. While it’s not your usual beach reading material, the conclusions are timely and significant, so you should pay close attention.

One of the key takeaways was this: open source professionals seek satisfying employment with plenty of opportunities to develop skills. Unsurprisingly, they want to work in a pleasant and collaborative atmosphere, with a competent staff that is equally enthusiastic about their chosen field. If you’re highly skilled, maybe now’s a good time to ask for a raise?

And the folks that want to fill those jobs, the hiring managers? They’re seeking the brightest talent to fill open positions. They want individuals who are not only qualified but also a good match for their business culture. And guess what. There are not enough people with the necessary skills.

So what does this mean for open source professionals? Training and certifications can give you that extra edge when looking for that new position and potentially command a higher salary in your current job.

And what kinds of open source skills are organizations looking for when hiring prospective professionals?

  • 77% of organizations are growing in their use of open cloud and container technologies like Kubernetes. Cloud and container technologies were the top-ranked, in-demand skills for 2022 by hiring managers and open source professionals, followed by Linux, DevOps, and cybersecurity.
  • 67% of hiring managers seek open source professionals with architectural skills, followed by the ability to deploy open source software (67%) and using open source development tools (such as GitHub) at 42%

To put it in perspective, in 2022, it’s all about architecting, deploying, and developing open source software.

At the Linux Foundation, we’ve got the courseware and certification exams for you to achieve this, with over 55 offerings in open cloud and container technologies alone, including tracks for Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified Kubernetes Security Specialist (CKS).

To help make these offerings more affordable, from July 12-13 you can save 25% on all training and certification by using code FLASH22 in your shopping cart at checkout.

What if you want to get started without laying any money out? We’ve got over 50 courses in these technologies that are absolutely free.

We know that getting rewarding jobs in open source isn’t always easy. Nor is it easy to fill open positions. But there are also numerous opportunities for those individuals willing to secure them, and an equal number of training options for managers to work with upskilling the talent that is already in-house.

So what’s on your summer reading list now? Make sure it’s the 10th Annual Jobs Report.

Download 10th Annual Jobs Report

The post 10th Annual Jobs Report: Skill up for the summer and your next open source gig appeared first on Linux Foundation.

FINOS Announces 2022 State of Open Source in Financial Services Survey

The Linux Foundation - Tue, 07/12/2022 - 20:25

FINOS, the fintech open source foundation, and its research partners, Linux Foundation Research, GitHub, Intel, Mend, Red Hat, Scott Logic, SUSE, Symphony, Tradeweb, and Wipro, are conducting its second annual survey as part of its ongoing research on the state of open source adoption, contribution, and readiness in the financial services industry. 

The increased prevalence, importance, and value of open source is well understood and widely reported by many industry surveys and studies. However, the rate at which different industries acknowledge this shift and adapt their working practices to capitalize on the new world of open source-first differs considerably.

The financial services industry has been a long-time consumer of open source software; however, many are struggling in contributing to and publishing open source software and standards and adopting open source methodologies. A lack of understanding of building and deploying efficient tooling and governance models is often seen as a limiting factor.

This survey and report seek to explore open source within the context of financial services organizations, including banks, asset managers, and hedge funds but it is designed as a resource to be used by all financial services organizations as an annual tracking of metrics. 

Please participate now; we intend to close the survey in early August. Privacy and confidentiality are important to us. Neither participant names, nor their company names, will be published in the final results.

To take the 2022 FINOS Survey, click the button below:

Take Survey (EN) BONUS

As a thank-you for completing this survey, you will receive a 25% discount code on enrollment in any course in the Linux Foundation Training catalog.

PRIVACY

Your name and company name will not be published. Reviews are attributed to your role, company size, and industry. Responses will be subject to the Linux Foundation’s Privacy Policy, available at https://linuxfoundation.org/privacy. Please note that survey partners who are not Linux Foundation employees will be involved in reviewing the survey results. If you do not want them to have access to your name or email address, please do not provide this information.

VISIBILITY

We will summarize the survey data and share the findings during Open Source Strategy Forum, 2022. The summary report will be published on the FINOS and Linux Foundation websites. 

QUESTIONS

If you have questions regarding this survey, please email us at info@finos.org

The post FINOS Announces 2022 State of Open Source in Financial Services Survey appeared first on Linux Foundation.

LibreOffice 7.4 RC1 Available For Testing This Latest Open-Source Office Suite

Phoronix - Tue, 07/12/2022 - 18:36
The Document Foundation has made available this morning the LibreOffice 7.4 release candidate as the newest test version of this cross-platform, open-source office suite...

Intel Ready With Habana Labs Gaudi2 Support For Linux 5.20

Phoronix - Tue, 07/12/2022 - 17:26
Last month Intel began publishing the Linux kernel driver changes needed for Habana Labs' Gaudi2 AI accelerator. That enablement and subsequent kernel review process has went well and that hardware support has now been queued into char-misc ahead of the upcoming Linux 5.20 merge window...

IBM Announces New Power10 Servers

Phoronix - Tue, 07/12/2022 - 16:50
IBM this morning announced more Power10 servers being added to their portfolio, now including mid-range and scale-out platforms based on this latest POWER architecture...

OpenWrt, an open source alternative to firmware for home routers

opensource.com - Tue, 07/12/2022 - 15:00
OpenWrt, an open source alternative to firmware for home routers Stephan Avenwedde Tue, 07/12/2022 - 03:00 2 readers like this 2 readers like this

If you're reading this article from home, you are probably connected with a LTE/5G/DSL/WIFI router. Such devices are usually responsible to route packets between your local devices (smartphone, PC, TV, and so on) and provide access to the world wide web through a built-in modem. Your router at home has most likely a web-based interface for configuration purposes. Such interfaces are often oversimplified as they are made for casual users.

If you want more configuration options, but don't want to spend for a professional device you should take a look at an alternative firmware such as OpenWrt.

OpenWrt features

OpenWrt is a Linux-based, open source operating system targeting embedded network devices. It is mainly used as a replacement for the original firmware on home routers of all kinds. OpenWrt comes with all the useful features a good router should have like a DNS server (dnsmasq), Wifi access point and client functionality, PPP protocol for modem functionality and, unlike with the standard firmware, everything is fully configurable.

LuCI Web Interface

OpenWrt can be configured remotely by command line (SSH) or using LuCI, a GUI configuration interface. LuCI is a lightweight, extensible web GUI written in Lua, which enables an exact configuration of your device. Besides configuration, LuCI provides a lot of additional information like real time graphs, system logs, and network diagnostics.

Image by:

Stephan Avenwedde, CC BY-SA

There are some optional extensions available for LuCI to add even further configuration choices.

Writeable file system

Another highlight is the writeable filesystem. While the stock firmware is usually read-only, OpenWrt comes with a writeable filesystem thanks to a clever solution that combines OverlayFS with SquashFS and JFFS2 filesystems to allow installation of packages to enhance functionality. Find more information about the file system architecture in the OpenWrt documentation.

Extensions

OpenWrt has an associated package manager, opkg, which allows to install additional services. Some examples are an FTP server, a DLNA media server, an OpenVPN server, a Samba server to enable file sharing, or Asterisk (software to control telephone calls). Of course, some extensions require appropriate resources of the underlying hardware.

Motivation

You might wonder why you should try to replace a router manufacture's firmware, risking irreparable damage to your device and loss of warranty. If your device works the way you want, then you probably shouldn’t. Never touch a running system! But if you want to enhance functionality, or if your device is lacking configuration options, then you should check whether OpenWrt could be a remedy.

In my case, I wanted a travel router which I can place on an appropriate position when I’m on a campsite in order to get a good connection to the local Wifi access point. The router should connect itself as an ordinary client and broadcasts it’s own access point for my devices. This allows me to configure all my devices to connect with the routers access points and I only have to change the routers client connection when I’m somewhere else. Moreover, on some campsites you only get an access code for one single device, which I can enhance with this setup.

As my travel router, I choose the TP-Link TL-WR902AC for the following reasons:

  • Small
  • Two Wifi antennas
  • 5V power supply (USB)
  • Low power consumption
  • Cost effective (you get it for around $30)

To get an idea of the size, here it is next to a Raspberry Pi4:

Image by:

Stephan Avenwedde, CC BY-SA 4.0

Even though the router brings all hardware capabilities I demand, I relatively quickly found out that the default firmware don’t let me configure it the way I wanted. The router is mainly intended as an Wifi access point, which repeats an existing Wifi network or connects itself to the web over the onboard Ethernet interface. The default firmware is very limited for these use cases.

Fortunately, the router is capable of running OpenWrt, so I decided to replace the original firmware with it.

Installation

When your LTE/5G/DSL/WIFI router meets the minimum requirements, chances are high that it's possible to run OpenWrt on it. As the next step, you look in the hardware table and check whether your devices is listed as compatible, and which firmware package you have to choose. The page for the TP-Link TL-WR902AC also includes the installation instructions which describe how to flash the internal memory.

The process of flashing the firmware can vary between different devices, so I won’t go into detail on this. In a nutshell, I had to connect the device over  a TFTP server on a network interface with a certain IP address, rename the OpenWrt firmware file and then boot up the device considering pressing the reset button.

Configuration

Once flashing was successfully, your device should now boot up with the new firmware. It may take a bit longer now to boot up as OpenWrt comes with much more features compared to the default firmware.

OpenWrt acts as a DHCP server, so in order to begin with configuration, make a direct Ethernet connection between your PC and the router, and configure your PC’s Ethernet adapter as a DHCP client.

On Fedora Linux, to activate the DHCP client mode for your network adapter, first you have to find out the connection UUID by running:

$ nmcli connection show
NAME          UUID         TYPE      DEVICE
Wired Conn 1  7a96b...27a  ethernet  ens33
virbr0        360a0...673  bridge   virbr0
testwifi      2e865...ee8  wifi     --
virbr0        bd487...227  bridge   --
Wired Conn 2  16b23...7ba  ethernet --

Pick the UUID for the connection you want to modify and then run:

$ nmcli connection modify <UUID> ipv4.method auto

You can find more information about these commands in the Fedora Networking Wiki.

After you have a connection to your router, open a web browser and navigate to http://openwrt/. You should now see LuCI’s login manager:

Image by:

Stephan Avenwedde, CC BY-SA 4.0

Use root as the username, and leave the password field blank.

Configuring Wifi and routing

To configure your Wifi antennas, click on the Network menu and select Wireless.

Image by:

Stephan Avenwedde, CC BY-SA 4.0

On my device, the antenna radio0 on top operates in 2.4 GHz mode and is connected to the local access point called MOBILE-INTERNET. The antenna radio1 below operates at 5 GHz and has an associated access point with the SSID OpenWrt_AV. With a click of the Edit button, you can open the device configuration to decide whether the device belongs to the LAN or WWAN network. In my case, the access point OpenWrt_AV belongs to the LAN network and the client connection MOBILE-INTERNET belongs to the WWAN network.

Image by:

Stephan Avenwedde, CC BY-SA 4.0

Configured networks are listed under Network, in the Interfaces panel.

Image by:

Stephan Avenwedde, CC BY-SA 4.0

More great content Free online course: RHEL technical overview Learn advanced Linux commands Download cheat sheets Find an open source alternative Explore open source resources

In order to get the functionality I want, network traffic must be routed between the LAN and the WWAN network. The routing can be configured in the Firewall section of the Network panel. I didn’t change anything here because, by default, the traffic is routed between the networks, and incoming packets (from WWAN to LAN) have to pass the firewall.

So all you need to know is whether an interface belongs to LAN or (W)WAN. This concept makes it relatively easy to configure, especially for beginners. You can find more information in OpenWrt’s basic networking guide.

Captive portals

Public Wifi access points are often protected by a captive portal where you have to enter an access code or similar. Usually, such portals show up when you are first connected to the access point and try to open an arbitrary web page. This mechanism is realized by the access point's DNS server.

By default, OpenWrt has a security feature activated that prevents connected clients from a DNS rebinding attack. OpenWrt’s rebind protection also prevents captive portals from being forwarded to clients, so you must disable rebind protection so you can reach captive portals. This option is in the DHCP and DNS panel of the Network menu.

Image by:

Stephan Avenwedde, CC BY-SA 4.0

Try OpenWrt

Thanks to an upgrade to OpenWrt, I got a flexible travel router based on commodity hardware. OpenWrt makes your router fully configurable and extensible and, thanks to the well-made web GUI, it's also appropriate for beginners. There are even a few select routers that ship with OpenWrt already installed. You are also able to enhance your router's functionality with lots of available packages. For example, I’m using the vsftp FTP server to host some movies and TV series on a connected USB stick. Take a look at the projects homepage, where you can find many reasons to switch to OpenWrt.

OpenWrt is a Linux-based, open source operating system targeting embedded network devices.

Image by:

Opensource.com

Networking What to read next This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License. Register or Login to post a comment.

7 kinds of garbage collection for Java

opensource.com - Tue, 07/12/2022 - 15:00
7 kinds of garbage collection for Java Jayashree Hutt… Tue, 07/12/2022 - 03:00 2 readers like this 2 readers like this

An application written using programming languages like C and C++ requires you to program the destruction of objects in memory when they're no longer needed. The more your application grows, the great the probability that you'll overlook releasing unused objects. This leads to a memory leak and eventually the system memory gets used up, and at some point there's no further memory to allocate. This results in a situation where the application fails with an OutOfMemoryError. But in the case of Java, Garbage Collection (GC) happens automatically during application execution, so it alleviates the task of manual deallocation and possible memory leaks.

Garbage Collection isn't a single task. The Java Virtual Machine (JVM) has eight different kinds of Garbage Collection, and it's useful to understand each one's purpose and strength.

1. Serial GC Image by:

Opensource.com

A primitive implementation of GC using just a single thread. When Garbage Collection happens, it pauses the application (commonly known as a "stop the world" event.) This is suitable for applications that can withstand small pauses. Garbage Collection has a small footprint, so this is the preferred GC type for embedded applications. This Garbage Collection style can be enabled at runtime:

$ java -XX:+UseSerialGC2. Parallel GC Image by:

Opensource.com

Like Serial GC, this also uses a "stop the world" method. That means that while GC is happening, application threads are paused. But in this case, there are multiple threads performing GC operation. This type of GC is suitable for applications with medium to large data sets running in a multithreaded and multiprocessor environment.

This is the default GC in JVM, and is also known as the Throughput Collector. Various GC parameters, like throughput, pause time, number of threads, and footprint, can be tuned with suitable JVM flags:

  • Number of threads: -XX:ParallelGCThreads=
  • Pause time: -XX:MaxGCPauseMillis=
  • Throughput (time spent for GC compared to actual application execution): -XX:GCTimeRatio=
  • Maximum heap footprint: -Xmx
  • Parallel GC can be explicitly enabled: java -XX:+UseParallelGC. With this option, minor GC in the young generation is done with multiple threads, but GC and compaction is done with a single thread in the old generation.

There's also a version of Parallel GC called Parallel Old GC, which uses multiple threads for both young and old generations:

$ java -XX:+UseParallelOldGC3. Concurrent Mark Sweep (CMS) Image by:

Opensource.com

Concurrent Mark Sweep (CMS) garbage collection is run alongside an application. It uses multiple threads for both minor and major GC. Compaction for live objects isn't performed in CMS GC after deleting the unused objects, so the time paused is less than in other methods. This GC runs concurrently with the application, which slows the response time of the application. This is suitable for applications with low pause time. This GC was deprecated in Java 8u, and completely removed from 14u onwards. If you're still using a Java version that has it, though, you can enable it with:

$ java -XX:+UseConcMarkSweepGC

In the case of CMS GC, the application is paused twice. It's paused first when it marks a live object that's directly reachable. This pause is known as the initial-mark. It's paused a second time at the end of the CMS GC phase, to account for the objects that were missed during the concurrent cycle, when application threads updated the objects after CMS GC were completed. This is known as the remark phase.

4. G1 (Garbage First) GC Image by:

Opensource.com

More on Java What is enterprise Java programming? Red Hat build of OpenJDK Java cheat sheet Free online course: Developing cloud-native applications with microservices Fresh Java articles

Garbage first (G1) was meant to replace CMS. G1 GC is parallel, concurrent, and incrementally compacting, with low pause-time. G1 uses a different memory layout than CMS, dividing the heap memory into equal sized regions. G1 triggers a global mark phase with multiple threads. After the mark phase is complete, G1 knows which region might be mostly empty and chooses that region for a sweep/deletion phase first.

In the case of G1, an object that's more than half a region size is considered a "humongous object." These objects are placed in the Old generation, in a region appropriately called the humongous region. To enable G1:

$ java -XX:+UseG1GC5. Epsilon GC

This GC was introduced in 11u and is a no-op (do nothing) GC. Epsilon just manages memory allocation. It doesn’t do any actual memory reclamation. Epsilon is intended only when you know the exact memory footprint of your application, and knows that it is garbage collection free.

$ java -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC6. Shenandoah

Shenandoah was introduced in JDK 12, and is a CPU intensive GC. It performs compaction, deletes unused objects, and release free space to the OS immediately. All of this happens in parallel with the application thread itself. To enable Shenandoah:

$ java -XX:+UnlockExperimentalVMOptions \ -XX:+UseShenandoahGC7. ZGC

ZGC is designed for applications that have low latency requirements and use large heaps. ZGC allows a Java application to continue running while it performs all garbage collection operations. ZGC was introduced in JDK 11u and improved in JDK 12. Both Shenandoah and ZGC have been moved out of the experimental stage as of JDK 15. To enable ZGC:

$ java -XX:+UnlockExperimentalVMOptions -XX:+UseZGCFlexible garbage collection

Java provides flexibility for memory management. It's useful to get familiar with the different methods available so you can choose what's best for the application you're developing or running.

Learn about the choices you have in Java for memory management.

Image by:

Photo by Nathan Dumlao on Unsplash

Java What to read next This work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License. Register or Login to post a comment.

How To Set Correct SSH Directory Permissions in Linux

Tecmint - Tue, 07/12/2022 - 13:39
The post How To Set Correct SSH Directory Permissions in Linux first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

For SSH to work well, it requires correct permissions on the ~/.ssh or /home/username/.ssh directory: the default location for all user-specific ssh configuration and authentication files. The recommended permissions are read/write/execute for the user,

The post How To Set Correct SSH Directory Permissions in Linux first appeared on Tecmint: Linux Howtos, Tutorials & Guides.

Ready to earn our success

Red Hat News - Tue, 07/12/2022 - 12:00

Editor’s note: Today, we announced that Matt Hicks will assume the role of president and chief executive officer of Red Hat, succeeding Paul Cormier who will serve as chairman of Red Hat, Inc. Matt shared the following email with Red Hatters. 

Hi all,

Taking the next step in Red Hat’s journey

Red Hat News - Tue, 07/12/2022 - 12:00

Editor’s note: Today, we announced that Matt Hicks will assume the role of president and chief executive officer of Red Hat, succeeding Paul Cormier who will serve as chairman of Red Hat, Inc. Paul shared the following email with Red Hatters. 

---

Hi all, 

In a few moments, we will publicly share an update about Red Hat’s leadership team externally. Before we do, I wanted to share it with you. 

Pages