Cloud

CoreOS Launches Rkt 1.0 (eweek.com) 50

darthcamaro writes: Docker is about to get some real competition in the container runtime space, thanks to the lofficial aunch of rkt 1.0. CoreOS started building rkt in 2014 and after more than a year of security, performance and feature improvement are now ready to declare it 'production-ready.' While rkt is a docker runtime rival, docker apps will run in rkt, giving using a new runtime choice: "rkt will remain compatible with the Docker-specific image format, as well as its own native App Container Image (ACI). That means developers can build containers with Docker and run those containers with rkt. In addition, CoreOS will support the growing ecosystem of tools based around the ACI format."
Businesses

Docker Moves Beyond Containers With Unikernel Systems Purchase (thenewstack.io) 69

joabj writes: Earlier today, Docker announced that it had purchased the Cambridge, U.K.-based Unikernel Systems, makers of the OCaml-based MirageOS, a unikernel or "virtual library-based operating system." Unikernels go beyond containers in stripping virtualization down to the bare essentials in that they only include the specific OS functionality that the application actually needs. Their design builds on decades of research into modular OS design. Although unikernels can be complex to deploy for developers, Docker aims to make the process as standardized as possible, for easier deployment.
Open Source

Linux Kernel 4.4 LTS Officially Released 132

prisoninmate writes: January 10, 2016, will enter in the Linux history books as the day when the Linux kernel 4.4 LTS (Long-Term Support) has been officially released by Linus Torvalds and his team of hard working kernel developers. Prominent features of Linux kernel 4.4 LTS include 3D support in the virtual GPU driver, allowing for 3D hardware-accelerated graphics in virtualization guests, a leaner and faster loop device that supports Asynchronous I/O and Direct I/O, thus increasing the system's performance and saving memory, and support for Open-Channel Solid State Drives (SSDs) through LightNVM. Phoronix also took a look during the newest kernel's development cycle, and has an overview of 4.4's new features.
Cloud

Amazon Makes It Almost Impossible To Calculate Their "Virtual CPU" Equivalent (informationweek.com) 114

dkatana writes: AWS started out defining its virtual CPUs as being composed of EC2 compute units, or ECUs, which it defined as an equivalent to a physical Xeon processor. However, a virtual CPU now looks suspiciously variable... A virtual CPU is whatever Amazon wants to offer in an instance series. The user has no firm measure to go by. From the article: [B]y doing a little math, you could actually compare what you were getting in virtual CPUs in EC2 versus Azure. Also by doing a little math, you knew how to compare one Amazon instance to another based on the ECU count in each virtual CPU. Microsoft didn't look too bad in the comparison. That is one of the casualties of the nomenclature change. I have searched for updated information on how a virtual CPU is measured and found nothing comparable to the definition of the 2012 ECU measure. I have questioned Amazon representatives three times between Oct. 27 and Dec. 21, and don't have much of an answer."
Windows

Microsoft Windows Server 2016 Moving To Per-Core Licensing (arstechnica.com) 288

rbrandis writes: Windows Server 2012 has two main editions, Standard and Datacenter. They had identical features, and differed only in terms of the number of virtual operating system instances they supported. The licenses for both editions were sold in two-socket units; one license was needed for each pair of sockets a system contained.

Windows Server 2016 reinstates the functional differences between Standard and Datacenter editions. Datacenter will include additional storage replication capabilities, a new network stack with richer virtualization options, and shielded virtual machines that protect the content of a virtual machine from the administrator of the host operating system. These features won't be found in the Standard edition.

Windows Server 2016 licensing moves to a per core model. Instead of 2012's two socket license pack, 2016 will use a 2-core pack, with the license cost of each 2016 pack being 1/8th the price of the corresponding 2 socket pack for 2012. Each system running Windows Server 2016 must have a minimum of 8 cores (4 packs) per processor, and a minimum of 16 cores (8 packs) per system.

Virtualization

The Tamagochi Singularity Made Real: Infinite Tamagochi Living On the Internet (hackaday.com) 84

szczys writes: Everyone loves Tamagochi, the little electronic keychains spawned in the '90s that let you raise digital pets. Some time ago, XKCD made a quip about an internet-based matrix of thousands of these digital entities. That quip is now a reality thanks to elite hardware hacker Jeroen Domburg (aka Sprite_TM). In his recent talk called "The Tamagochi Singularity" at the Hackaday SuperConference he revealed that he had built an infinite network of virtual Tamagochi by implementing the original hardware as a virtual machine. This included developing AI to keep them happy, and developing a protocol to emulate their IR interactions. But he went even further, hacking an original keychain to use wirelessly as a console which can look in on any of the virtual Tamagochi living on his underground network. This full-stack process is unparalleled in just about every facet: complexity, speed of implementation, awesome factor, and will surely spark legions of other Tamagochi Matrices.
Books

Book Review: the Network Security Test Lab: a Step-by-Step Guide 19

benrothke writes: It wasn't that long ago that building a full network security test lab was an expensive prospect. In The Network Security Test Lab: A Step-by-Step Guide, author Michael Gregg has written a helpful hands-on guide to provide the reader with an economical method to do that. The book is a step-by-step guide on how to create a security network lab, and how to use some of the most popular security and hacking tools. Read below for the rest of Ben's review.
Businesses

Ask Slashdot: Advice On Enterprise Architect Position 198

dave562 writes: I could use some advice from the community. I have almost 20 years of IT experience, 5 of it with the company I am currently working for. In my current position, the infrastructure and applications that I am responsible for account for nearly 80% of the entire IT infrastructure of the company. In broad strokes our footprint is roughly 60 physical hosts that run close to 1500 VMs and a SAN that hosts almost 4PB of data. The organization is a moderate sized (~3000 employees), publicly traded company with a nearly $1 billion market value (recent fluctuations not withstanding).

I have been involved in a constant struggle with the core IT group over how to best run the operations. They are a traditional, internal facing IT shop. They have stumbled through a private cloud initiative that is only about 30% realized. I have had to drag them kicking and screaming into the world of automated provisioning, IaaS, application performance monitoring, and all of the other IT "must haves" that a reasonable person would expect from a company of our size. All the while, I have never had full access to the infrastructure. I do not have access to the storage. I do not have access to the virtualization layer. I do not have Domain Admin rights. I cannot see the network.

The entire organization has been ham strung by an "enterprise architect" who relies on consultants to get the job done, but does not have the capability to properly scope the projects. This has resulted in failure after failure and a broken trail of partially implemented projects. (VMware without SRM enabled. EMC storage hardware without automated tiering enabled. Numerous proof of concept systems that never make it into production because they were not scoped properly.)

After 5 years of succeeding in the face of all of these challenges, the organization has offered me the Enterprise Architect position. However they do not think that the position should have full access to the environment. It is an "architecture" position and not a "sysadmin" position is how they explained it to me. That seems insane. It is like asking someone to draw a map, without being able to actually visit the place that needs to be mapped.

For those of you in the community who have similar positions, what is your experience? Do you have unfettered access to the environment? Are purely architectural / advisory roles the norm at this level?
Upgrades

Revisiting How Much RAM Is Enough Today For Desktop Computing 350

jjslash writes: An article at TechSpot tests how much RAM you need for regular desktop computing and how it affects performance in apps and games. As it turns out, there's not much benefit going beyond 8 GB for regular programs, and surprisingly, 4GB still seems to be enough for gaming in most cases. Although RAM is cheap these days, and they had to go to absurdly unrealistic settings to simulate high demand for memory outside of virtualization, it's a good read to confirm our judgment calls on what is enough for most in 2015.
Education

Ask Slashdot: Switching To a GNU/Linux Distribution For a Webdesign School 233

spadadot writes: I manage a rapidly growing webdesign school in France with 90 computers for our students, dispatched across several locations. By the end on the year it will amount to 200. Currently, they all run Windows 8 but we would love to switch to a GNU/Linux distribution (free software, easier to deploy/maintain and less licensing costs). The only thing preventing us is Adobe Photoshop which is only needed for a small amount of work. The curriculum is highly focused on coding skills (HTML, CSS, JavaScript, PHP/MySQL) but we still need to teach our students how to extract images from a PSD template. The industry format for graphic designs is PSD so The Gimp (XCF) is not really an option. Running a Windows VM on every workstation would be hard to setup (we redeploy all our PCs every 3 months) and just as costly as the current setup. Every classroom has at least 20Mbit/s — 1Mbit/s ADSL connection so maybe setting up a centralized virtualization server would work? How many Windows/Photoshop licenses would we need then? Anything else Slashdot would recommend?
Open Source

What Goes Into a Decision To Take Software From Proprietary To Open Source 45

Lemeowski writes: It's not often that you get to glimpse behind the curtain and see what led a proprietary software company to open source its software. Last year, the networking software company Midokura made a strategic decision to open source its network virtualization platform MidoNet, to address fragmentation in the networking industry. In this interview, Midokura CEO and CTO Dan Mihai Dumitriu explains the company's decision to give away fours years of engineering to the open source community, how it changed the way its engineers worked, and the lessons learned along the way. Among the challenges was helping engineers overcome the culture change of broadcasting their work to a broader community.
Emulation (Games)

Emulator Now Runs x86 Apps On All Raspberry Pi Models 82

DeviceGuru writes: Russia-based Eltechs announced its ExaGear Desktop virtual machine last August, enabling Linux/ARMv7 SBCs and mini-PCs to run x86 software. That meant that users of the quad-core, Cortex-A7-based Raspberry Pi 2 Model B, could use it as well, although the software was not yet optimized for it. Now Eltechs has extended extended ExaGear to support earlier ARMv6 versions of the Raspberry Pi. The company also optimized the emulator for the Pi 2 allowing, for example, Pi 2 users to use automatically forwarding startup scripts.
Cloud

Google Offers Cheap Cloud Computing For Low-Priority Tasks 59

jfruh writes: Much of the history of computing products and services involves getting people desperate for better performance and faster results to pay a premium to get what they want. But Google has a new beta service that's going in the other direction — offering cheap cloud computing services for customers who don't mind waiting. Jobs like data analytics, genomics, and simulation and modeling can require lots of computational power, but they can run periodically, can be interrupted, and can even keep going if one or more nodes they're using goes offline.
Security

'Venom' Security Vulnerability Threatens Most Datacenters 95

An anonymous reader sends a report about a new vulnerability found in open source virtualization software QEMU, which is run on hardware in datacenters around the world (CVE-2015-3456). "The cause is a widely-ignored, legacy virtual floppy disk controller that, if sent specially crafted code, can crash the entire hypervisor. That can allow a hacker to break out of their own virtual machine to access other machines — including those owned by other people or companies." The vulnerable code is used in Xen, KVM, and VirtualBox, while VMware, Hyper-V, and Bochs are unaffected. "Dan Kaminsky, a veteran security expert and researcher, said in an email that the bug went unnoticed for more than a decade because almost nobody looked at the legacy disk drive system, which happens to be in almost every virtualization software." The vulnerability has been dubbed "Venom," for "Virtualized Environment Neglected Operations Manipulation."
Windows

Microsoft Announces Device Guard For Windows 10 190

jones_supa writes: Microsoft has announced a new feature for Windows 10 called Device Guard, which aims to give administrators full control over what software can or cannot be installed on a device. "It provides better security against malware and zero days for Windows 10 by blocking anything other than trusted apps—which are apps that are signed by specific software vendors, the Windows Store, or even your own organization. ... To help protect users from malware, when an app is executed, Windows makes a determination on whether that app is trustworthy, and notifies the user if it is not. Device Guard can use hardware technology and virtualization to isolate that decision making function from the rest of the Windows operating system, which helps provide protection from attackers or malware that have managed to gain full system privilege." It's intended to be used in conjunction with traditional anti-virus, not as a replacement.
OS X

For Boot Camp Users, New Macs Require Windows 8 Or Newer 209

For anyone using Windows 7 by way of Apple's Boot Camp utility, beware: support for Windows via Boot Camp remains, but for the newest Apple laptops, it's only for Windows 8 for now. From Slashgear: This applies to the 2015 MacBook Air, and the 13-inch model of the 2015 MacBook Pro. Windows 8 will remain compatible, as will the forthcoming Windows 10. The 2013 Mac Pro also dropped Boot Camp support for Windows 7, while 2014 iMacs are still compatible, along with 2014 MacBook Airs and 2014 MacBook Pros. For those who still prefer to run Windows 7 on their Macs, there are other options. This change to Boot Camp will not affect using the Microsoft operating system through virtualization software, such as Parallels and VMware Fusion. Also at PC Mag.
Cloud

Red Hat Strips Down For Docker 44

angry tapir writes Reacting to the surging popularity of the Docker virtualization technology, Red Hat has customized a version of its Linux distribution to run Docker containers. The Red Hat Enterprise Linux 7 Atomic Host strips away all the utilities residing in the stock distribution of Red Hat Enterprise Linux (RHEL) that aren't needed to run Docker containers. Removing unneeded components saves on storage space, and reduces the time needed for updating and booting up. It also provides fewer potential entry points for attackers. (Product page is here.)
Oracle

VirtualBox Development At a Standstill 288

jones_supa writes: Phoronix notes how it has been a long time since last hearing of any major innovations or improvements to VirtualBox, the virtual machine software managed by Oracle. This comes while VMware is improving its products on all platforms, and KVM, Xen, Virt-Manager, and related Linux virtualization technologies continue to advance as well. Is there any hope left for a revitalized VirtualBox? It has been said that there are only four paid developers left on the VirtualBox team at the company, which is not enough manpower to significantly advance such a complex piece of software. The v4.3 series has been receiving some maintenance updates during the last two years, but that's about it.
Programming

The Legacy of CPU Features Since 1980s 180

jones_supa writes: David Albert asked the following question:

"My mental model of CPUs is stuck in the 1980s: basically boxes that do arithmetic, logic, bit twiddling and shifting, and loading and storing things in memory. I'm vaguely aware of various newer developments like vector instructions (SIMD) and the idea that newer CPUs have support for virtualization (though I have no idea what that means in practice). What cool developments have I been missing? "

An article by Dan Luu answers this question and provides a good overview of various cool tricks modern CPUs can perform. The slightly older presentation Compiler++ by Jim Radigan also gives some insight on how C++ translates to modern instruction sets.

Slashdot Top Deals