Suggested Reads

LastPass has posted an update to the August security incident that raises some questions about stolen unencrypted data

Netgear is urging users to update their devices to address CVE-2022-48196 – a vulnerability affecting several models of routers.

Do you use the LastPass password manager? Did you know they suffered a data breach, and that your passwords may be at risk? You do now. Here's what you need to know.

Discover how Britta Ollrogge does Retrospective: We are sailing... in Miro with Miroverse, the Miro Community Templates Gallery. View Britta's Miro templates.

Fwupd 1.8.9 was just released as the newest version of this open-source firmware updating solution for Linux systems.

35W and 65W SKUs in name only.

For the past few years, we have seen a lot of discussions around the concept of the Software Supply Chain. These discussions started around the time of LeftPad and escalated with multiple incidents in the past few years. The problem of all the work in this domain is that it forgets a fundamental point.

There’s nothing like an abrupt shutdown of a mobile phone to get someone’s attention. | Verizon is the last of the Big 3 wireless carriers in the U.S. to shut down a 3G network and repurpose the spectrum for newer technology.

In talking about an upcoming game (more on that in a bit), Nintendo's Shigeru Miyamoto and Takashi Tezuka discuss the process they

News and feature lists of Linux and BSD distributions.

Follow us on Twitter @HackRead - Facebook @ /HackRead

Java’s BlockingQueue hierarchy is widely used for coordinating work between different producer and consumer threads. When set up with a maximum capacity (i.e. a bounded queue), no more elements can be added by producers to the queue once it is full, until a consumer has taken at least one element. For scenarios where new work may arrive more quickly than it can be consumed, this applies means of back-pressure, ensuring the application doesn’t run out of memory eventually, while enqueuing more and more work items.

Once a work enters the public domain it can legally be shared, performed, reused, repurposed, or sampled without permission or cost.

The comet C/2022 E3 (ZTF) is believed to have traveled billions of miles from the most distant region of the solar system — and this will likely be the only time it's visible from Earth for thousands of years.

Setting Vim file encodings and formats for DOS files

The e-commerce firm is canceling all recurring meetings with more than two people and encouraging staffers to decline invitations and detach from big internal chat groups.

I’m a designer & front-end engineer, co-founder of Iterate, and the creator of the iOS app Input. I write about prototyping, front-end development, and design.

The airline industry is long overdue for a tech overhaul that takes full advantage of the cloud and data integration, analysts say.

After Trump’s pullout, al-Shabab militants grew in strength and size.

Share this contentLG has today announced it’s new 2023 OLED TV range, including new the new 42″ C3 model that

For the love of all things sacred, please stop saying "GOAT" -- unless you are shouting about a herd of mid-size animals.

A growing number of people are interested in switching to plant-based alternatives to dairy. But are they better for the environment, and which is best?

Author: Takafumi Takahashi (Hitachi Vantara) Kubernetes v1.26, released last month, introduced an alpha feature that lets you specify a data source for a PersistentVolumeClaim, even where the source data belong to a different namespace. With the new feature enabled, you specify a namespace in the dataSourceRef field of a new PersistentVolumeClaim. Once Kubernetes checks that access is OK, the new PersistentVolume can populate its data from the storage source specified in that other namespace. Before Kubernetes v1.26, provided your cluster had the AnyVolumeDataSource feature enabled, you could already provision new volumes from a data source in the same namespace. However, that only worked for the data source in the same namespace, therefore users couldn't provision a PersistentVolume with a claim in one namespace from a data source in other namespace. To solve this problem, Kubernetes v1.26 added a new alpha namespace field to dataSourceRef field in PersistentVolumeClaim the API. How it works Once the csi-provisioner finds that a data source is specified with a dataSourceRef that has a non-empty namespace name, it checks all reference grants within the namespace that's specified by the.spec.dataSourceRef.namespace field of the PersistentVolumeClaim, in order to see if access to the data source is allowed. If any ReferenceGrant allows access, the csi-provisioner provisions a volume from the data source. Trying it out The following things are required to use cross namespace volume provisioning: Enable the AnyVolumeDataSource and CrossNamespaceVolumeDataSource feature gates for the kube-apiserver and kube-controller-manager Install a CRD for the specific VolumeSnapShot controller Install the CSI Provisioner controller and enable the CrossNamespaceVolumeDataSource feature gate Install the CSI driver Install a CRD for ReferenceGrants Putting it all together To see how this works, you can install the sample and try it out. This sample do to create PVC in dev namespace from VolumeSnapshot in prod namespace. That is a simple example. For real world use, you might want to use a more complex approach. Assumptions for this example Your Kubernetes cluster was deployed with AnyVolumeDataSource and CrossNamespaceVolumeDataSource feature gates enabled There are two namespaces, dev and prod CSI driver is being deployed There is an existing VolumeSnapshot named new-snapshot-demo in the prod namespace The ReferenceGrant CRD (from the Gateway API project) is already deployed Grant ReferenceGrants read permission to the CSI Provisioner Access to ReferenceGrants is only needed when the CSI driver has the CrossNamespaceVolumeDataSource controller capability. For this example, the external-provisioner needs get , list , and watch permissions for referencegrants (API group gateway.networking.k8s.io ). - apiGroups : ["gateway.networking.k8s.io" ] resources : ["referencegrants" ] verbs : ["get" , "list" , "watch" ] Enable the CrossNamespaceVolumeDataSource feature gate for the CSI Provisioner Add --feature-gates=CrossNamespaceVolumeDataSource=true to the csi-provisioner command line. For example, use this manifest snippet to redefine the container: - args : - -v=5 - --csi-address=/csi/csi.sock - --feature-gates=Topology=true - --feature-gates=CrossNamespaceVolumeDataSource=true image : csi-provisioner:latest imagePullPolicy : IfNotPresent name : csi-provisioner Create a ReferenceGrant Here's a manifest for an example ReferenceGrant. apiVersion : gateway.networking.k8s.io/v1beta1 kind : ReferenceGrant metadata : name : allow-prod-pvc namespace : prod spec : from : - group : "" kind : PersistentVolumeClaim namespace : dev to : - group : snapshot.storage.k8s.io kind : VolumeSnapshot name : new-snapshot-demo Create a PersistentVolumeClaim by using cross namespace data source Kubernetes creates a PersistentVolumeClaim on dev and the CSI driver populates the PersistentVolume used on dev from snapshots on prod. apiVersion : v1 kind : PersistentVolumeClaim metadata : name : example-pvc namespace : dev spec : storageClassName : example accessModes : - ReadWriteOnce resources : requests : storage : 1Gi dataSourceRef : apiGroup : snapshot.storage.k8s.io kind : VolumeSnapshot name : new-snapshot-demo namespace : prod volumeMode : Filesystem How can I learn more? The enhancement proposal, Provision volumes from cross-namespace snapshots , includes lots of detail about the history and technical implementation of this feature. Please get involved by joining the Kubernetes Storage Special Interest Group (SIG) to help us enhance this feature. There are a lot of good ideas already and we'd be thrilled to have more! Acknowledgments It takes a wonderful group to make wonderful software. Special thanks to the following people for the insightful reviews, thorough consideration and valuable contribution to the CrossNamespaceVolumeDataSouce feature: Michelle Au (msau42) Xing Yang (xing-yang) Masaki Kimura (mkimuram) Tim Hockin (thockin) Ben Swartzlander (bswartz) Rob Scott (robscott) John Griffith (j-griffith) Michael Henriksen (mhenriks) Mustafa Elbehery (Elbehery) It’s been a joy to work with y'all on this.