Suggested Reads

Instead of using his time and military training for good, 21-year-old Josiah Garcia decided to become a hired gun—and failed in an epic way.

Pumpkin Sandstorm. Spandex Tempest. Charming Kitten. Is this really how we want to name the hackers wreaking havoc worldwide?

A 2TB SSD costs $150 or less, so why are companies charging us $4,000 to get a laptop with one?

Sudan is experiencing severe internet outages amid a power struggle that has pitted the army against a powerful paramilitary force in the streets of the capital Khartoum and around the country.

From supply chain security to confidential computing, Uptycs addresses the evolving landscape of cloud security

The Linux Foundation has launched a new organization to maintain and further develop TLA+, the spec language for programming.

The surprising story of the supply chain hack of VoIP provider 3CX got even crazier this week. Here's what your application security need to know.

Chicken Soup for the Soul Entertainment CEO Bill Rouhana tells THR he wants to buy the DVD business, though a Netflix source said it is not for sale, and will be wound down.

Construction of Google's campus in San Jose, California, has been halted as the company's cost-cutting efforts stifle development.

A new investigation calls out Chromebooks for their short lifespans.

The Rust Foundation is an independent non-profit organization to steward the Rust programming language and ecosystem, with a unique focus on supporting the set of maintainers that govern and develop the project.

NPR loses controversial tag, but state-controlled outlets had labels removed, too.

Ansible can great for automating routine IT tasks, but some may feel stymied by the command line. For those, here's how to install the Semaphore graphical user interface.

Modern UI for Ansible. Contribute to ansible-semaphore/semaphore development by creating an account on GitHub.

Document assesses Beijing’s ambitions to disrupt communications during wartime.

Design quirks, limited parts, and other ways Chromebooks frustrate repairs.

BuzzFeed is shutting down BuzzFeed News because it is not able to turn a profit, according to a memo CEO Jonah Peretti sent to company staff Thursday. The digital publisher is laying off 15% of its…

Amanda Schwartz Ramirez, former PayPal strategy leader and now COO advisor for startups, shares the 5 biggest fears that can derail your company's strategic planning sessions (and tactical advice for how to sidestep them).

Hacker called Doomed delights as First Amendment debate stokes chaos on Twitter.

After almost two years since SLSA’s initial preview release, we are pleased to announce our first official stable version, SLSA v1.0! The full announcement can be found at the OpenSSF press release, and a description of changes can be found at What’s new in v1.0. Thank you to all members of the SLSA community who made this possible through your feedback, suggestions, discussions, and pull requests!

Author: Aravindh Puthiyaparambil (Red Hat) Kubernetes 1.27 introduced a new feature called Node log query that allows viewing logs of services running on the node. What problem does it solve? Cluster administrators face issues when debugging malfunctioning services running on the node. They usually have to SSH or RDP into the node to view the logs of the service to debug the issue. The Node log query feature helps with this scenario by allowing the cluster administrator to view the logs using kubectl . This is especially useful with Windows nodes where you run into the issue of the node going to the ready state but containers not coming up due to CNI misconfigurations and other issues that are not easily identifiable by looking at the Pod status. How does it work? The kubelet already has a /var/log/ viewer that is accessible via the node proxy endpoint. The feature supplements this endpoint with a shim that shells out to journalctl , on Linux nodes, and the Get-WinEvent cmdlet on Windows nodes. It then uses the existing filters provided by the commands to allow filtering the logs. The kubelet also uses heuristics to retrieve the logs. If the user is not aware if a given system services logs to a file or to the native system logger, the heuristics first checks the native operating system logger and if that is not available it attempts to retrieve the first logs from /var/log/servicename or /var/log/servicename.log or /var/log/servicename/servicename.log . On Linux we assume that service logs are available via journald, and that journalctl is installed. On Windows we assume that service logs are available in the application log provider. Also note that fetching node logs is only available if you are authorized to do so (in RBAC, that's get and create access to nodes/proxy ). The privileges that you need to fetch node logs also allow elevation-of-privilege attacks, so be careful about how you manage them. How do I use it? To use the feature, ensure that the NodeLogQuery feature gate is enabled for that node, and that the kubelet configuration options enableSystemLogHandler and enableSystemLogQuery are both set to true. You can then query the logs from all your nodes or just a subset. Here is an example to retrieve the kubelet service logs from a node: # Fetch kubelet logs from a node named node-1.example kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet" You can further filter the query to narrow down the results: # Fetch kubelet logs from a node named node-1.example that have the word "error" kubectl get --raw "/api/v1/nodes/node-1.example/proxy/logs/?query=kubelet&pattern=error" You can also fetch files from /var/log/ on a Linux node: kubectl get --raw "/api/v1/nodes/insert-node-name-here/proxy/logs/?query=/insert-log-file-name-here" You can read the documentation for all the available options. How do I help? Please use the feature and provide feedback by opening GitHub issues or reaching out to us on the #sig-windows channel on the Kubernetes Slack or the SIG Windows mailing list .

Twitter CEO Elon Musk threatened Microsoft with a potential lawsuit on Wednesday, claiming the software giant used his company's data to train its AI.

Seagate sold the drives to Huawei between August 2020 and September 2021 despite an August 2020 rule that restricted sales of certain foreign items made with US technology to the company.

pic.twitter.com/G8dPZ5kRDC— non aesthetic things (@PicturesFoIder) April 19, 2023

It began with what seemed like a final mundane touch to my home server setup for hosting Time Machine backups: I wanted it to automatically…

Author: Chris Henzie (Google) With the release of Kubernetes v1.27 the ReadWriteOncePod feature has graduated to beta. In this blog post, we'll take a closer look at this feature, what it does, and how it has evolved in the beta release. What is ReadWriteOncePod? ReadWriteOncePod is a new access mode for PersistentVolumes (PVs) and PersistentVolumeClaims (PVCs) introduced in Kubernetes v1.22. This access mode enables you to restrict volume access to a single pod in the cluster, ensuring that only one pod can write to the volume at a time. This can be particularly useful for stateful workloads that require single-writer access to storage. For more context on access modes and how ReadWriteOncePod works read What are access modes and why are they important? in the Introducing Single Pod Access Mode for PersistentVolumes article from 2021. Changes in the ReadWriteOncePod beta The ReadWriteOncePod beta adds support for scheduler preemption of pods using ReadWriteOncePod PVCs. Scheduler preemption allows higher-priority pods to preempt lower-priority pods, so that they can start running on the same node. With this release, pods using ReadWriteOncePod PVCs can also be preempted if a higher-priority pod requires the same PVC. How can I start using ReadWriteOncePod? With ReadWriteOncePod now in beta, it will be enabled by default in cluster versions v1.27 and beyond. Note that ReadWriteOncePod is only supported for CSI volumes . Before using this feature you will need to update the following CSI sidecars to these versions or greater: csi-provisioner:v3.0.0+ csi-attacher:v3.3.0+ csi-resizer:v1.3.0+ To start using ReadWriteOncePod, create a PVC with the ReadWriteOncePod access mode: kind : PersistentVolumeClaim apiVersion : v1 metadata : name : single-writer-only spec : accessModes : - ReadWriteOncePod # Allow only a single pod to access single-writer-only. resources : requests : storage : 1Gi If your storage plugin supports dynamic provisioning , new PersistentVolumes will be created with the ReadWriteOncePod access mode applied. Read Migrating existing PersistentVolumes for details on migrating existing volumes to use ReadWriteOncePod. How can I learn more? Please see the alpha blog post and KEP-2485 for more details on the ReadWriteOncePod access mode and motivations for CSI spec changes. How do I get involved? The Kubernetes #csi Slack channel and any of the standard SIG Storage communication channels are great mediums to reach out to the SIG Storage and the CSI teams. Special thanks to the following people whose thoughtful reviews and feedback helped shape this feature: Abdullah Gharaibeh (ahg-g) Aldo Culquicondor (alculquicondor) Antonio Ojea (aojea) David Eads (deads2k) Jan Šafránek (jsafrane) Joe Betz (jpbetz) Kante Yin (kerthcet) Michelle Au (msau42) Tim Bannister (sftim) Xing Yang (xing-yang) If you’re interested in getting involved with the design and development of CSI or any part of the Kubernetes storage system, join the Kubernetes Storage Special Interest Group (SIG). We’re rapidly growing and always welcome new contributors.

Apple's processor manufacturer TSMC is asking the US for $15 billion in aid to help it build plants in the country, but is arguing against the Biden Administration's conditions.

Today I’m excited to share the results of the hard work of thousands of Fedora Project contributors: the Fedora Linux 38 release is here! With this release, we’re starting a new on-time streak. In fact, we’re ready a week early! As always, you should make sure your system is fully up-to-date before upgrading from a […]

After trying several services for home phones, I found a solution that costs me about $0.85 per month. ️️☎️