Linux

What’s new with tzdata: The time zone database for Red Hat Enterprise Linux

What’s new with tzdata: The time zone database for Red Hat Enterprise Linux

The Time Zone Database (tzdata) provides Red Hat Enterprise Linux (RHEL) with data that is specific to the local time zone. Applications in the Linux operating system use this data for various purposes. For instance, the GNU C Library (glibc) uses tzdata to ensure APIs such as strftime() work correctly, while applications such as /usr/bin/date use it to print the local date.

The tzdata package contains data files documenting both current and historic transitions for various time zones around the world. This data represents changes required by local government bodies or by time zone boundary changes, as well as changes to coordinated universal time (UTC) offsets and daylight saving time (DST).

This article is a quick update about changes to the tzdata package in 2019, as well as possible time zone changes that we are monitoring for package updates in 2020.

Continue reading “What’s new with tzdata: The time zone database for Red Hat Enterprise Linux”

Share
How to write an ABI compliance checker using Libabigail

How to write an ABI compliance checker using Libabigail

I’ve previously written about the challenges of ensuring forward compatibility for application binary interfaces (ABIs) exposed by native shared libraries. This article introduces the other side of the equation: How to verify ABI backward compatibility for upstream projects.

If you’ve read my previous article, you’ve already been introduced to Libabigail, a static-code analysis and instrumentation library for constructing, manipulating, serializing, and de-serializing ABI-relevant artifacts.

In this article, I’ll show you how to build a Python-based checker that uses Libabigail to verify the backward compatibility of ABIs in a shared library. For this case, we’ll focus on ABIs for shared libraries in the executable and linkable format (ELF) binary format that runs on Linux-based operating systems.

Continue reading “How to write an ABI compliance checker using Libabigail”

Share
Red Hat Universal Base Images for Docker users

Red Hat Universal Base Images for Docker users

Red Hat Universal Base Images (UBIs) allow developers using Docker on Windows and Mac platforms to tap into the benefits of the large Red Hat ecosystem. This article demonstrates how to use Red Hat Universal Base Images with Docker from a non-Red Hat system, such as a Windows or Mac workstation.

Red Hat Enterprise Linux and Docker

When Red Hat Enterprise Linux (RHEL) 8 was released almost a year ago, and it came with lots of new features related to containers. The biggest ones were the new container tools (Podman, Buildah, and skopeo) and the new Red Hat Universal Base Images. There was also confusion because RHEL 8 dropped support for the Docker toolset. Some developers thought that they could not work with Docker anymore, and had to either migrate to a Red Hat-ecosystem Linux system such as CentOS or stay away from Red Hat customers.

Continue reading “Red Hat Universal Base Images for Docker users”

Share
Ceph storage monitoring with Zabbix

Ceph storage monitoring with Zabbix

Storage prices are decreasing, while business demands are growing, and companies are storing more data than ever before. Following this growth pattern, demand grows for monitoring and data protection involving software-defined storage. Downtimes have a high cost that can directly impact business continuity and cause irreversible damage to organizations. Aftereffects include loss of assets and information; interruption of services and operations; law, regulation, or contract violations; along with the financial impacts from losing customers and damaging a company’s reputation.

Gartner estimates that a minute of downtime costs enterprise organizations $5,600, and an hour costs over $300,000.

On the other hand, in a DevOps context, it’s essential to think about continuous monitoring, which is a proactive approach to monitoring throughout the full application’s life cycle and that of its components. This approach helps identify the root cause of possible problems and then quickly and proactively prevent performance issues or future outages. In this article, you will learn how to implement Ceph storage monitoring using the enterprise open source tool Zabbix.

Continue reading “Ceph storage monitoring with Zabbix”

Share
Extending gdbserver to support an strace client

Extending gdbserver to support an strace client

The strace command traces system calls and signals, deciding them and their corresponding arguments into a symbolic form. A frequent debugging request from developers is the ability to allow strace to trace system calls for a program that is also being debugged by GDB, like this:

% gdb --args test-program
(gdb) b main
Breakpoint 1 at 0x40128e: file test-program.c, line 22.
(gdb) run
Starting program: test-program
Breakpoint 1, main (argc=3, argv=0x7fffffffdb98) at test-program.c:22
22 int thread_count = 2;
(gdb)

In another terminal window, we invoke strace on the same process GDB is debugging:

% strace -p $(pgrep -f test-program)
strace: attach: ptrace(PTRACE_SEIZE, 27882): Operation not permitted

The culprit here is that the ptrace system call, which is used by both GDB and strace to control the execution of programs, and does not allow both strace and GDB to control the same process.

Continue reading “Extending gdbserver to support an strace client”

Share
Configure and run a QEMU-based VM outside of libvirt with virt-manager

Configure and run a QEMU-based VM outside of libvirt with virt-manager

I recently needed to run a virtual machine (VM) created using virt-manager outside of libvirt. I was investigating an issue that required running QEMU with the machine option dump-guest-core=on. By default, libvirt runs with that option off, so I decided to set up a standalone QEMU environment. I found the process of configuring the test VM and writing the boot script more involved than expected, so I decided to document the steps I took.

I hope this article makes it easier for you to configure and run your own QEMU-based VM for similar investigations. Note that I do not recommend the approach described here for a VM running in production (at least, not without backup).

Continue reading “Configure and run a QEMU-based VM outside of libvirt with virt-manager”

Share
Managing JBoss EAP/Wildfly using Jcliff

Managing JBoss EAP/Wildfly using Jcliff

Systems management can be a difficult task. Not only does one need to determine what the end state should be but, more importantly, how to ensure systems attain and remain at this state. Doing so in an automated fashion is just as critical, because there may be a large number of target instances. In regard to enterprise Java middleware application servers, these instances are typically configured using a set of XML based files. Although these files may be manually configured, most application servers have a command-line based tool or set of tools that abstracts the end user from having to worry about the underlying configuration. WebSphere Liberty includes a variety of tools to manage these resources, whereas JBoss contains the jboss-cli tool.

Although each tool accomplishes its utilitarian use case as it allows for proper server management, it does fail to adhere to one of the principles of automation and configuration management: idempotence. Ensuring the desired state does not equate to executing the same action with every iteration. Additional intelligence must be introduced. Along with idempotence, another core principle of configuration management is that values be expressed declaratively and stored in a version control system.

Jcliff is a Java-based utility that is built on top of the JBoss command-line interface and allows for the desired intent for the server configuration to be expressed declaratively, which in turn can be stored in a version control system. We’ll provide an overview of the Jcliff utility including inherent benefits, installation options, and several examples showcasing the use.

Continue reading “Managing JBoss EAP/Wildfly using Jcliff”

Share
Verifying signatures of Red Hat container images

Verifying signatures of Red Hat container images

Security-conscious organizations are accustomed to using digital signatures to validate application content from the Internet. A common example is RPM package signing. Red Hat Enterprise Linux (RHEL) validates signatures of RPM packages by default.

In the container world, a similar paradigm should be adhered to. In fact, all container images from Red Hat have been digitally signed and have been for several years. Many users are not aware of this because early container tooling was not designed to support digital signatures.

In this article, I’ll demonstrate how to configure a container engine to validate signatures of container images from the Red Hat registries for increased security of your containerized applications.

Continue reading “Verifying signatures of Red Hat container images”

Share