1_r/devopsish

Pulse Explore wireless earbuds and new Pulse Elite wireless headset revealed; features lossless, low latency audio using new PlayStation Link technology.

PlayStation Project Q is now called PlayStation Portal, a $200 handheld device that lets you stream your PS5 games via Remote Play. We went hands-on to see how it works.

Hugging Face's big valuation and crop of prominent backers reflect how a more collaborative approach to building AI has been gaining steam in recent months.

Learn how AI can help you operate Kubernetes today. An overview of tools for troubleshooting, generating kubectl commands and YAML manifests, validating your K8s resources, and more.

Over the years, there have been multiple examples of open-source software that, suddenly, was no longer open source; on August 10, some further examples were added to the pile. That happened when HashiCorp announced that it would be switching the license on its products from the Mozilla Public License 2.0 (MPL) to the Business Source License 1.1 (BSL or BUSL). At least one of the products affected by the change, the Terraform infrastructure-automation tool, has attracted an effort to continue it as an open-source tool in the form of a fork that would be maintained by the nascent OpenTF Foundation. That seems like a sensible reaction to the move, but it also helps serve up yet another reminder that code which is controlled by a single entity is normally always at risk of such adverse changes.

Developer News

The PlayStation Portal won’t support PS5 cloud streaming.

Inventors hope maiden voyage will help usher in new era of greener shipping.

Translate web pages, highlighted text, Netflix subtitles, private messages, speak the translated text, and save important translations to your personal dictionary to learn words even offline - GitH...

VMware and Nvidia today announced VMware Private AI Foundation with Nvidia to help enterprises deploy generative AI quickly and easily.

Intel is well regarded for their vast open-source contributions from being a major contributor to the Linux kernel and other areas like Mesa, GCC/glibc, and other key open-source projects to various niche projects like ConnMan and other smaller software projects

One nugget of information in the LibreOffice 7.6 release announcement for those who missed it and deserves calling out specifically..

An enterprise-level cloud-native observability solution, which can be used as drop-in replacement of Prometheus for alerting and Grafana for visualization. - GitHub - ccfos/nightingale: An enterpri...

A successful Arm debut could breathe new life into a depressed IPO market that has paused many venture-backed startups’ plans to go public for the past two years.

Identity Access Management? What's that?

Author: Francesco Romani (Red Hat) The podresources API is an API served by the kubelet locally on the node, which exposes the compute resources exclusively allocated to containers. With the release of Kubernetes 1.28, that API is now Generally Available. What problem does it solve? The kubelet can allocate exclusive resources to containers, like CPUs, granting exclusive access to full cores or memory, either regions or hugepages . Workloads which require high performance, or low latency (or both) leverage these features. The kubelet also can assign devices to containers . Collectively, these features which enable exclusive assignments are known as "resource managers". Without an API like podresources, the only possible option to learn about resource assignment was to read the state files the resource managers use. While done out of necessity, the problem with this approach is the path and the format of these file are both internal implementation details. Albeit very stable, the project reserves the right to change them freely. Consuming the content of the state files is thus fragile and unsupported, and projects doing this are recommended to consider moving to podresources API or to other supported APIs. Overview of the API The podresources API was initially proposed to enable device monitoring . In order to enable monitoring agents, a key prerequisite is to enable introspection of device assignment, which is performed by the kubelet. Serving this purpose was the initial goal of the API. The first iteration of the API only had a single function implemented, List , to return information about the assignment of devices to containers. The API is used by multus CNI and by GPU monitoring tools . Since its inception, the podresources API increased its scope to cover other resource managers than device manager. Starting from Kubernetes 1.20, the List API reports also CPU cores and memory regions (including hugepages); the API also reports the NUMA locality of the devices, while the locality of CPUs and memory can be inferred from the system. In Kubernetes 1.21, the API gained the GetAllocatableResources function. This newer API complements the existing List API and enables monitoring agents to determine the unallocated resources, thus enabling new features built on top of the podresources API like a NUMA-aware scheduler plugin . Finally, in Kubernetes 1.27, another function, Get was introduced to be more friendly with CNI meta-plugins, to make it simpler to access resources allocated to a specific pod, rather than having to filter through resources for all pods on the node. The Get function is currently alpha level. Consuming the API The podresources API is served by the kubelet locally, on the same node on which is running. On unix flavors, the endpoint is served over a unix domain socket; the default path is /var/lib/kubelet/pod-resources/kubelet.sock . On windows, the endpoint is served over a named pipe; the default path is npipe://\\.\pipe\kubelet-pod-resources . In order for the containerized monitoring application consume the API, the socket should be mounted inside the container. A good practice is to mount the directory on which the podresources socket endpoint sits rather than the socket directly. This will ensure that after a kubelet restart, the containerized monitor application will be able to re-connect to the socket. An example manifest for a hypothetical monitoring agent consuming the podresources API and deployed as a DaemonSet could look like: apiVersion : apps/v1 kind : DaemonSet metadata : name : podresources-monitoring-app namespace : monitoring spec : selector : matchLabels : name : podresources-monitoring template : metadata : labels : name : podresources-monitoring spec : containers : - args : - --podresources-socket=unix:///host-podresources/kubelet.sock command : - /bin/podresources-monitor image : podresources-monitor:latest # just for an example volumeMounts : - mountPath : /host-podresources name : host-podresources serviceAccountName : podresources-monitor volumes : - hostPath : path : /var/lib/kubelet/pod-resources type : Directory name : host-podresources I hope you find it straightforward to consume the podresources API programmatically. The kubelet API package provides the protocol file and the go type definitions; however, a client package is not yet available from the project, and the existing code should not be used directly. The recommended approach is to reimplement the client in your projects, copying and pasting the related functions like for example the multus project is doing . When operating the containerized monitoring application consuming the podresources API, few points are worth highlighting to prevent "gotcha" moments: Even though the API only exposes data, and doesn't allow by design clients to mutate the kubelet state, the gRPC request/response model requires read-write access to the podresources API socket. In other words, it is not possible to limit the container mount to ReadOnly . Multiple clients are allowed to connect to the podresources socket and consume the API, since it is stateless. The kubelet has built-in rate limits to mitigate local Denial of Service attacks from misbehaving or malicious consumers. The consumers of the API must tolerate rate limit errors returned by the server. The rate limit is currently hardcoded and global, so misbehaving clients can consume all the quota and potentially starve correctly behaving clients. Future enhancements For historical reasons, the podresources API has a less precise specification than typical kubernetes APIs (such as the Kubernetes HTTP API, or the container runtime interface). This leads to unspecified behavior in corner cases. An effort is ongoing to rectify this state and to have a more precise specification. The Dynamic Resource Allocation (DRA) infrastructure is a major overhaul of the resource management. The integration with the podresources API is already ongoing. An effort is ongoing to recommend or create a reference client package ready to be consumed. Getting involved This feature is driven by SIG Node . Please join us to connect with the community and share your ideas and feedback around the above feature and beyond. We look forward to hearing from you!

Research is under way to determine whether the mutation-laden lineage BA.2.86 is nothing to worry about — or has the potential to spread globally

Arm is aiming to sell shares to the public during a historically slow period for U.S. tech IPOs.

A string of executive changes over the last few months come as the company faces more pressure than ever — and executives want to try something new.

Congress must curtail or eliminate 2008 FISA Amendments Act enabling access to private calls, texts and emails.

A Kubernetes plugin that gives context to what is restarting in your Kubernetes cluster - soraro/kurt: A Kubernetes plugin that gives context to what is restarting in your Kubernetes cluster

Hotmail users worldwide have problems sending emails, with messages flagged as spam or not delivered after Microsoft misconfigured the domain's DNS SPF record.

It is fair to say that the DNF package manager is not the favorite tool of many Fedora users. It was brought in as a replacement for Yum but got off to a rather rocky start; DNF has stabilized over the years, though and the complaints have subsided. That can only mean one thing: it must be time to throw it away and start over from the beginning. The replacement, called DNF5, was slated to be a part of the Fedora 39 release, due in October, but that is not going to happen.

live sync audio streaming for local networks. Contribute to haileys/bark development by creating an account on GitHub.

The space agency says its facilities are in an "increasing state of decline."