DOCSLIB.ORG

AD Bridge User Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
AD Bridge User Guide AD Bridge User Guide May 2019 Legal Notice © Copyright 2019 Micro Focus or one of its affiliates. The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice. For additional information, such as certification-related notices and trademarks, see http://www.microfocus.com/about/legal/. Contents About This Guide 5 1 Getting Started 7 2 Installing AD Bridge 9 Linux Requirements and Supported Platforms . 9 Linux Requirements . 9 Supported Linux Platforms. 10 Installing the AD Bridge Linux Agent. 11 Licensing the Linux Agent . 12 Joining Active Directory - Post Installation . 13 Installing the AD Bridge GPEdit Extension . 13 3 Managing Linux GPO Settings 15 Accessing or Creating Group Policy Objects . 15 Configuring Linux GPO Settings . 16 Managing Linux Agent Services with GPOs . 17 Importing Custom Configuration File Settings. 18 Managing Linux Applications with GPOs . 18 Managing User Logins with GPOs . 19 Viewing Policy Injection on a Linux Agent. 20 A Appendix 21 Linux Agent GPO Settings . 21 Linux Agent Commands and Lookups . 22 GPO Best Practices . 23 Contents 3 4 About This Guide The AD Bridge User Guide provides information to help you understand, install, configure, and employ the Micro Focus AD Bridge product to help manage your enterprise environment. Audience This guide is written for administrators and users who will use Micro Focus AD Bridge to more effectively manage Active Directory and group policies in a cross-platform environment. Feedback We want to hear your comments and suggestions about this manual and the other documentation included with this product. Please use the User Comments feature at the bottom of each page of the online documentation. Additional Documentation AD Bridge is supported by other documentation (in both PDF and HTML formats) that you can use to learn about and implement the product. For additional documentation, see the AD Bridge documentation website. About This Guide 5 6 About This Guide 1 1Getting Started AD Bridge is a solution that extends Active Directory (AD) capabilities by enabling domain controllers to add Linux servers to the AD environment to interface with identity services, group policies, and domain resources. This is accomplished with the installation of an AD Bridge Agent on Linux computers and a GPMC snap-in tool “AD Bridge GPEdit Extension” on the domain controller. After the AD Bridge Agent and GPEdit Extension are installed on their respective computers, you can configure built-in and custom group policies for Linux agents via the Group Policy Management Console on the domain controller. This capability enables the following group policy options for agent computers: Configure Allow and Deny controls for Firewall settings Start, stop, or restart agent services Import and manage Open SSH and Custom Configuration files Modify and control agent application files Configure Active Directory login controls For more information about these settings, see the Linux Agent GPO Settings. Reference the graphic below for a visual depiction of how AD Bridge will work with your Active Directory environment. Getting Started 7 8 Getting Started 2 2Installing AD Bridge This section contains information that will help you understand the following: AD Bridge Agent requirements for Linux distributions Supported Linux distributions How to install the AD Bridge Agent on a Linux server Prerequisites for the AD Bridge GPMC snap-in “GPEdit Extension” How to install the AD Bridge GPEdit Extension on the domain controller Linux Requirements and Supported Platforms Review the information in this section before installing the AD Bridge Agent on a Linux server. Linux Requirements The following requirements must be met to install the Linux Agent and join Active Directory: Install the Linux Agent with “root” (requires administrator password) DNS name servers on the Linux Agent must list the Active Directory DNS servers The Active Directory domain is listed as one of the default search domains Prerequisite Linux packages are able to download and install from respective vendors during the Linux Agent installation. Otherwise, the following Linux packages must be installed prior to running the Linux Agent installation: Linux Distribution Required Linux Packages All distributions .NetCore system update to install .NetCore 2.1 and its prerequisites. For more information, see Linux distribution dependencies. RHEL 6, RHEL 7, CentOS 6, CentOS 7, Oracle 6, samba Oracle 7 samba-client samba-winbind samba-winbind-clients cifs-utils openldap-clients SLES 12, SLES 15 realmd adcli sssd sssd-tools sssd-ad samba-client krb5-client openldap2-client Installing AD Bridge 9 Linux Distribution Required Linux Packages Ubuntu 18.04 realmd sssd sssd-tools libnss-sss libpam-sss adcli samba-common-bin oddjob oddjob-mkhomedir packagekit krb5-user cifs-utils keyutils Ubuntu 16.04 ntpdate samba krb5-config krb5-user winbind libpm-winbind libnss-winbind cifs-utils NOTE: If a prerequisite package check or installation fails, the failure notice will identify any missing prerequisites. Supported Linux Platforms The following Linux platforms are supported by AD Bridge: Linux Distribution Version Red Hat Enterprise (RHEL) RHEL 6 RHEL 7 SUSE Linux Enterprise (SLES) SLES 12 SLES 15 CentOS Enterprise Linux CentOS 6 CentOS 7 Ubuntu Ubuntu 16 Ubuntu 18 Oracle Enterprise Linux Oracle 6 Oracle 7 10 Installing AD Bridge Installing the AD Bridge Linux Agent When you download the AD Bridge Linux Agent installer, you will need to unpack the installer for your specific Linux distribution. An example of the files included with the final distribution installer is shown below: agent-rhel-centos-sles-1.0.rpm install.sh uninstall.sh To install the AD Bridge Linux Agent on a Linux machine: 1 Download the AD Bridge installer onto a Windows device and extract the zipped contents. 2 Copy the Linux Agent installer file applicable to your distribution onto the Linux machine. Installer file Linux distribution ADBridge_Agent.tar.gz RHEL CentOS SUSE Oracle ADBridge_Ubuntu_Agent.tar.gz Ubuntu 3 On the command line, log in as the root user and type the following command to unpack the applicable installation package from the table above: tar xvzf <file name> 4 For all distributions except Ubuntu, type the command again using the file name specific to your platform from the table below. For example: tar xvf <file name> Installer file Linux distribution RHEL7_CentOS7_SLES.tar RHEL 7 CentOS 7 SUSE 12 & 15 Oracle 6 & 7 RHEL6_CentOS6.tar RHEL 6 CentOS 6 Oracle 6 & 7 NOTE: You can use either of the installation files above for Oracle 6 or Oracle 7. 5 Verify the installer files are on the machine with a list command: # ls 6 Run the install.sh script file with root to set up the Linux Agent. For example: # ./install.sh #bash install.sh Installing AD Bridge 11 Installation time will vary depending on your environment and the prerequisites that need to be installed. Warning messages during the installation are informational and do not necessarily require action unless you experience an installation failure. IMPORTANT: For SUSE installations, you may receive a confirmation prompt y/n before the installation will start. For SUSE 15 installations, the dotnet-runtime-2.1 installation displays a problem dependency for libicu52-1. Enter 2 to ignore the dependency and enter y when prompted to install “NEW packages.” 7 Enter y when prompted to join Active Directory. NOTE: This step and the following step are optional if you want to join Active Directory at a later time. For information about joining Active Directory after installation, see Joining Active Directory - Post Installation. 8 When prompted, provide the full domain name, the AD account that has permission to join a domain, and the AD account password. For example: myCompany.com administrator <password> During the installation, the Linux Agent will be added by default to the Computers OU in Active Directory. After the installation is complete, the Linux Agent service will be running on the Linux system, as demonstrated in the example below of an installation on a Red Hat distribution. NOTE: For information on how to start the Linux Agent Service or verify that it is running, see Linux Agent Commands and Lookups the Appendix. Licensing the Linux Agent The AD Bridge Linux Agent installation is provided with a 30-day evaluation period. To continue using AD Bridge after 30 days, purchase the product and install the license before the 30 days elapses. For more information, contact Micro Focus Sales. To download this product, go to the Micro Focus Downloads or Customer Center website. To activate the AD Bridge license subscription: 1 Copy the license XML file into the Linux Agent directory at usr/local/bin/agent. 12 Installing AD Bridge 2 Restart the Linux Agent Service. See Start the Linux Agent Service in the Appendix. Restarting the service replaces the temporary license with the new active license and enables all AD Bridge functionality. NOTE: If your license subscription is approaching the expiration date, you will follow the same steps above to renew the license. Joining Active Directory - Post Installation
Load more

Recommended publications
  • The Seeds of Rural Resilience
    NEWS & VIEWS FROM THE SUSTAINABLE SOUTHWEST Growing a Regional Food System THE SEEDS OF RURAL RESILIENCE October 2017 NORTHERN NEW MEXICO’S LARGEST DISTRIBUTION NEWSPAPER Vol. 9 No. 10 2 Green Fire Times • October 2017 www.GreenFireTimes.com Is Your Roof Winter Ready? Whether your roof is currently leaking or you’d like to restore your roof before it fails, Fix My Roof is the right choice. Call today for a free roof assessment! www.GreenFireTimes.com Green Fire Times • October 2017 3 YOU’LL LOVE WHAT YOU SEE! PROGRAM PARTNERS: FRIDAY SATURDAY OCT 27 NOV 14 7:30 PM 7:30 PM Sponsored by The L.A. Grow the Growers Browns Dance Farm Training 5 Project Business Incubation A CULTIVATING BERNALILLO COUNTY INITIATIVE bernalillo Applications for the 2018 Opencounty Space internships now available Lensic.org 505-988-1234 For more information NONPROFIT • COMMUNITY FUNDED SERVICE CHARGES APPLY AT ALL POINTS OF PURCHASE A special thanks to our www.bernco.gov/growthegrowers 2017/2018 sponsor: Find Your Future in ENGINEERING @Northern New Mexico College NORTHERN The most affordable 4-year now offering college in the Southwest classes at Santa Fe HEC! Northern Engineering programs include: n ABET-accredited Bachelor in INFORMATION ENGINEERING Tech (IET) n Ask about our new CYBERSECURITY concentration in IET Schedule your campus visit today! n Bachelor in ELECTROMECHANICAL Engineering/Solar Energy Concentration CALL 505.747.2111 or visit nnmc.edu n Associate of Applied Science degrees in RENEWABLE ENERGY and ELECTRICAL TECH 4 Green Fire Times Oc tober 2017 www.GreenFireTimes.com Vol. 9, No. 10 October 2017 Issue No.
    [Show full text]
  • List of New Applications Added in ARL #2517
    List of New Applications Added in ARL #2517 Application Name Publisher ActiveEfficiency 1.10 1E ACL Add-In 14.0 ACL Services ACL for Windows 14.2 ACL Services ACL for Windows 14.1 ACL Services Direct Link 7.5 ACL Services ACL Add-In 1.1 ACL Services Creative Cloud Connection 5 Adobe Experience Manager forms 6.5 Adobe Elements Auto Analyzer 12.0 Adobe Token Resolver 3.4 Adobe Token Resolver 3.6 Adobe LogTransport 1.6 Adobe LogTransport 2.4 Adobe IPC Broker 5.6 Adobe Data Workbench Adobe Token Resolver 3.5 Adobe Token Resolver 3.7 Adobe Dimension 3.2 Adobe Photo Downloader 8.0 Adobe LogTransport 2.2 Adobe GC Invoker Utility 4.5 Adobe GC Client 5.0 Adobe Crash Reporter 2.0 Adobe Crash Reporter 2.1 Adobe GC Invoker Utility 6.4 Adobe Dynamic Link Media Server 12.1 Adobe Token Resolver 3.3 Adobe Token Resolver 4.7 Adobe GC Client 4.4 Adobe Genuine Software Integrity Service 6.4 Adobe Creative Cloud Libraries 3 Adobe Token Resolver 3.9 Adobe Token Resolver 5.0 Adobe Genuine Software Integrity Service 6.5 Adobe Create PDF 17.1 Adobe Crash Reporter 1.5 Adobe Notification Client 4.9 Adobe GC Client 6.4 Adobe GC Client 6.5 Adobe Crash Reporter 1.6 Adobe Crash Reporter 2.2 Adobe Crash Reporter 2.4 Adobe GPU Sniffer 19.0 Adobe Token Generator 7.0 Adobe Token Resolver 3.8 Adobe LogTransport 1.5 Adobe InDesign Server CC (2020) Adobe GC Invoker Utility 5.0 Adobe GC Invoker Utility 6.5 Adobe RED Importer Plugin Unspecified Adobe Token Generator 8.0 Adobe GC Client 1.2 Adobe GC Client 4.5 Adobe EmailNotificationPlugin 11.0 Apple BatteryUIKit 1.0 Apple
    [Show full text]
  • Snap Vs Flatpak Vs Appimage: Know the Differences | Which Is Better
    Published on Tux Machines (http://www.tuxmachines.org) Home > content > Snap vs Flatpak vs AppImage: Know The Differences | Which is Better Snap vs Flatpak vs AppImage: Know The Differences | Which is Better By Rianne Schestowitz Created 08/12/2020 - 8:29pm Submitted by Rianne Schestowitz on Tuesday 8th of December 2020 08:29:48 PM Filed under Software [1] Every Linux distribution has its own package manager tool or command-line based repository system to update, install, remove, and manage packages on the system. Despite having a native package manager, sometimes you may need to use a third-party package manager on your Linux system to get the latest version of a package to avoid repository errors and server errors. In the entire post, we have seen the comparison between Snap, AppImage, and Flatpak. Snap, Flatpak, and AppImage; all have their pros and cons. In my opinion, I will always prefer the Flatpak package manager in the first place. If I can?t find any packages on Flatpak, then I?ll go for the AppImage. And finally, Snap is an excellent store of applications, but it still requires some development. I would go to the Snap store for proprietary or semi-proprietary applications than main applications. Please share it with your friends and the Linux community if you find this post useful and informative. Let us know which package manager do you prefer to use on your Linux system. You can write also write down your opinions regarding this post in the comment section. [2] Software Source URL: http://www.tuxmachines.org/node/145224 Links: [1] http://www.tuxmachines.org/taxonomy/term/38 [2] https://www.ubuntupit.com/snap-vs-flatpak-vs-appimage-know-the-difference/.
    [Show full text]
  • Ubuntu Server Guide Basic Installation Preparing to Install
    Ubuntu Server Guide Welcome to the Ubuntu Server Guide! This site includes information on using Ubuntu Server for the latest LTS release, Ubuntu 20.04 LTS (Focal Fossa). For an offline version as well as versions for previous releases see below. Improving the Documentation If you find any errors or have suggestions for improvements to pages, please use the link at thebottomof each topic titled: “Help improve this document in the forum.” This link will take you to the Server Discourse forum for the specific page you are viewing. There you can share your comments or let us know aboutbugs with any page. PDFs and Previous Releases Below are links to the previous Ubuntu Server release server guides as well as an offline copy of the current version of this site: Ubuntu 20.04 LTS (Focal Fossa): PDF Ubuntu 18.04 LTS (Bionic Beaver): Web and PDF Ubuntu 16.04 LTS (Xenial Xerus): Web and PDF Support There are a couple of different ways that the Ubuntu Server edition is supported: commercial support and community support. The main commercial support (and development funding) is available from Canonical, Ltd. They supply reasonably- priced support contracts on a per desktop or per-server basis. For more information see the Ubuntu Advantage page. Community support is also provided by dedicated individuals and companies that wish to make Ubuntu the best distribution possible. Support is provided through multiple mailing lists, IRC channels, forums, blogs, wikis, etc. The large amount of information available can be overwhelming, but a good search engine query can usually provide an answer to your questions.
    [Show full text]
  • Edgex Foundry Snap Package.Pdf
    CanSnap Package Tech Talks - Session 11 November 2018 edgexfoundry.org | @edgexfoundry Agenda ● Introduction to snaps ● Overview of the edgexfoundry snap ● How to install ● How to configure/manage/update ● How to use with additional device services ● Further references ● Upcoming tech talks ● Q&A edgexfoundry.org | @edgexfoundry Ian Johnson <[email protected]> ● Canonical / Software Engineer Field Engineering - Devices & IoT ● Primary snap developer for Dehli release ● Contributed CI work for snap build ● Contributed code to security to decouple Docker-isms ● Involved in testing most services for Dehli ● Contributed bug fixes to SMA ● Member of the DevOps working group edgexfoundry.org | @edgexfoundry Tony Espy <[email protected]> ● Canonical / Technical Architect Field Engineering - Devices & IoT ● Technical Steering Committee member ● Former Device Services WG chair ● Author of Device Services SDK Requirements ● Original developer of device-sdk-go ● Active member of Core, Device Services & Security working groups ● Created first EdgeX snap prototype edgexfoundry.org | @edgexfoundry Introduction What's a snap? Snaps are containerised software packages that work on all major Linux distributions without modification. Simple to create and publish, they automatically update safely. edgexfoundry.org | @edgexfoundry Introduction Snaps are... ● Self-contained squashfs-based software packages ● Containing one or more applications or services ● Cryptographically-signed by publisher and tamper-proof ● Published to risk-based update channels
    [Show full text]
  • Install a Microk8s Single Node Cluster Locally on Windows 10
    Install a MicroK8s single node cluster locally on Windows 10 By Philippe Beraud, Microsoft France This walkthrough guides you through all the steps required to create and configure a MicroK8s cluster on Windows 10. Kubernetes1 runs on Linux. As such, MicroK8s2 provides a single command installation of the latest Kubernetes release on a Linux machine for development and testing. MicroK8s is easy to install and use on Ubuntu or any other Linux distro which supports snaps, i.e. pre-packaged applications (similar to Docker containers). Although Windows 10 now has some very useful features, such as the ability to install Ubuntu as an app, the integration of Windows Subsystem for Linux 2 (WSL2) doesn’t provide (yet) all the Ubuntu functionalities required to make MicroK8s run smoothly right out-of-the-box (OOB) and thus use the snap daemon. If you wish to experiment with running MicroK8s semi-natively, see: • Discourse post Using snapd in WSL2 • Post Running Snaps on WSL2 (Insiders only for now) along with the short YouTube video Use this ONE trick to run Linux Snap packages in Windows Subsystem for Linux 2 (WSL2) For now, and for the sake of simplicity for anyone looking to try out Kubernetes on Windows 10, let’s run MicroK8s on Windows 10 with virtualization. MicroK8s will install without problems on Ubuntu on a virtual machine (VM). The Canonical way to get a Linux VM on Windows 10 and to run MicroK8s in it is with multipass. Multipass gives you an easy to use interface to manage VMs on Windows 10 – Same is true on MacOS and Linux -.
    [Show full text]
  • Snappy Ubuntu Core Enabling Secure Devices with App Stores We Are the Company
    Snappy Ubuntu Core Enabling secure devices with app stores We are the company behind Ubuntu. Canonical and Ubuntu | Best of both worlds CANONICAL Ubuntu Commercial backing #1 Linux Desktop for the #1 general purpose Linux OS: #1 Cloud OS Ubuntu Now also for Global Services, phones, tablets & Support, IoT devices Certification! It has never been easier to make a custom hardware appliance... Building an IoT Appliance Beaglebone Black Raspberry Pi 2 Snickerdoodle Intel NUC Qualcomm DragonBoard Samsung Artik But why? Old-School Modern Embedded Embedded RTOS/Embedded General Linux cross-compilation normal toolchain single-purpose multi-purpose constrained 256M RAM 2G SD rare updates constant updates offline connected expensive & custom cheap & easy software devel software devel Linux Server Linux Device Ops Ops centralised distributed supported field-serviced expensive cheap elastic spof cheap to service expensive to fix Autopilot App Business App Lite (free, included) Farmers ($500) Pro ($100) Avalanches ($2500) Elite ($250) Miners ($9950) $600 drone (hardware) Apps, Services and SaaS Infrastructure Certification. Support. Assurance. Security. Maintenance. Compatibility. Transactional updates Application confinement Familiar Ubuntu app development classic snappy app writable app writable any package can area area write to any file app snap app snap os writable files writable spaces os snap per snap read-only snaps kernel config filesystem kernel snap Snappy system architecture Software Innovator(s) Snap Snap Snap ● Automatic updates Library
    [Show full text]
  • How Containers Work Sasha Goldshtein @Goldshtn CTO, Sela Group Github.Com/Goldshtn
    Linux How Containers Work Sasha Goldshtein @goldshtn CTO, Sela Group github.com/goldshtn Agenda • Why containers? • Container building blocks • Security profiles • Namespaces • Control groups • Building tiny containers Hardware Virtualization vs. OS Virtualization VM Container ASP.NET Express ASP.NET Express RavenDB Nginx RavenDB Nginx App App App App .NET Core .NET Core V8 libC .NET Core .NET Core V8 libC Ubuntu Ubuntu Ubuntu RHEL Ubuntu Ubuntu Ubuntu RHEL Linux Linux Linux Linux Linux Kernel Kernel Kernel Kernel Kernel Hypervisor Hypervisor DupliCated Shared (image layer) Key Container Usage Scenarios • Simplifying configuration: infrastructure as code • Consistent environment from development to production • Application isolation without an extra copy of the OS • Server consolidation, thinner deployments • Rapid deployment and scaling Linux Container Building Blocks User Namespaces node:6 ms/aspnetcore:2 openjdk:8 Copy-on- /app/server.js /app/server.dll /app/server.jar write layered /usr/bin/node /usr/bin/dotnet /usr/bin/javaControl groups filesystems /lib64/libc.so /lib64/libc.so /lib64/libc.so 1 CPU 2 CPU 1 CPU 1 GB 4 GB 2 GB syscall Kernel Security profile Security Profiles • Docker supports additional security modules that restrict what containerized processes can do • AppArmor: text-based configuration that restricts access to certain files, network operations, etc. • Docker uses seccomp to restrict system calls performed by the containerized process • The default seccomp profile blocks syscalls like reboot, stime, umount, specific types of socket protocols, and others • See also: Docker seccomp profile, AppArmor for Docker Experiment: Using a Custom Profile (1/4) host% docker run -d --rm microsoft/dotnet:runtime …app host% docker exec -it $CID bash cont# apt update && apt install linux-perf cont# /usr/bin/perf_4.9 record -F 97 -a ..
    [Show full text]
  • Conflict Resolution Via Containerless Filesystem Virtualization
    Dependency Heaven: Conflict Resolution via Containerless Filesystem Virtualization Anonymous Author(s) Abstract previous installation, effectively preventing concurrent ver- Resolving dependency versioning conflicts in applications sions of that library from coexisting. The same is true for is a long-standing problem in software development and packages whose executable names does not change across deployment. Containers have become a popular way to ad- releases; unless the user renames the existing executable dress this problem, allowing programs to be distributed in a files prior to the installation of a new version it is notpos- portable fashion and to run them under strict security con- sible to keep both installations around. The problem with straints. Due to the popularity of this approach, its use has that approach is that it breaks package managers, as the re- started to extend beyond its original aim, with users often named files will not be featured in the package manager’s creating containers bundling entire Linux distributions to database and, consequently, will not be tracked anymore. run mundane executables, incurring hidden performance Further, unless executables depending on the renamed files and maintenance costs. This paper presents an alternative are modified to reflect their new path, users need todefine approach to the problem of versioning resolution applied to which executable to activate at a given time, usually through locally-installed applications, through a virtualization tool tricky management of symbolic
    [Show full text]
  • Snap Creator Framework 4.1.1 Installation Guide
    Snap Creator® Framework 4.1.1 Installation Guide NetApp, Inc. Telephone: +1 (408) 822-6000 Part number: 215-09552_A0 495 East Java Drive Fax: +1 (408) 822-4501 November 2014 Sunnyvale, CA 94089 Support telephone: +1 (888) 463-8277 U.S. Web: www.netapp.com Feedback: [email protected] Table of Contents | 3 Contents What the Snap Creator Framework does .................................................. 5 Snap Creator architecture ............................................................................................ 6 Snap Creator Server ........................................................................................ 6 Snap Creator Agent ......................................................................................... 7 Plug-ins for application integration ................................................................. 7 Preinstallation requirements ....................................................................... 9 Snap Creator installation and configuration requirements .......................................... 9 Downloading the Snap Creator software .................................................................. 11 Creating a Snap Creator user for Data ONTAP ........................................................ 12 Data ONTAP operating in 7-mode ................................................................ 12 Clustered Data ONTAP ................................................................................. 13 Installing Java on Snap Creator hosts ......................................................................
    [Show full text]
  • WAM Tmarm User’S Guide
    WAM TMArm User’s Guide Barrett Technology® Inc. Document: D1001 Version: AA.00 Table of Contents Getting Started ........................................................................................................................................................ 2 Unpacking.............................................................................................................................................................................................2 System Setup.........................................................................................................................................................................................3 System Startup ......................................................................................................................................................................................7 Hardware................................................................................................................................................................. 8 WAM Arm............................................................................................................................................................................................8 WAM Wrist: .......................................................................................................................................................................................11 PC & Control Software........................................................................................................................................
    [Show full text]
  • Package Management and Distribution in a Cloud World
    Package Management and Distribution in a Cloud World Jose Miguel Parrella About me • Jose Miguel Parrella – GitHub: @bureado • Principal Program Manager, Office of the CTO, Microsoft Azure • Linux and open source enthusiast for 15+ years • Debian Developer, career distro-builder Package management in open source: always changing • 15 years ago: APT and RPM • Programming languages: from CPAN and PyPI to NPM and Golang packages Ecosystem Debian Upstream As a % Ruby 1100 9300 11.83% • Next-generation package Perl 3700 31000 11.94% management: Flatpak, Snaps, Nix, Python 3700 118000 3.14% etc. Node.js 1300 350000 0.37% • Container image specification & All-up libs 30K 2.8M 1.07% hub/store workflow Source: libraries.io and APT lists • Use cases where provenance is controlled by final distributor (e.g., embedded) It’s getting busy out there… Why is this challenging now? • Most IT Professionals working with Linux and open source technologies are not using modern package managers (or containers!) – A significant portion of the Enterprise IT budget depends on a historical decision: APT or RPM • The general community sentiment (sysadmin, DevOps, SRE, etc.) on this evolving technical story is skeptical Why do these technologies exist? We don’t know • Push the packaging responsibility upstream? • Be able to distribute non-free software more effectively and/or monetize? • Provide additional container and application security capabilities? • Reduce the size of a Linux distribution? • Make it easier to package for Linux by removing dependency tracking?
    [Show full text]