ClonOS to be Rolled Out

ClonOS is web UI for controlling, deploying and managing FreeBSD jails containers and more
29 January 2019   2508

After three years of development, the first release of ClonOS, a specialized distribution for deploying virtual server infrastructure based on FreeBSD 12.0 and the CBSD toolkit (developed by the CBSD author), was published. Puppet is used for centralized configuration management. As part of the project, a web interface is being developed for simple deployment and management of FreeBSD jail containers and virtual environments based on Bhyve and Xen hypervisors. The project code is published on GitHub. An iso-image and an image for installation on USB-drives are prepared for download. It is possible to deploy the system on top of existing FreeBSD installations.

For tasks to be solved, ClonOS resembles Proxmox, Triton (Joyent), OpenStack, OpenNebula, and Amazon AWS, the main difference from which is the use of FreeBSD. Currently, ClonOS remains the only available platform that allows the Xen and Bhyve hypervisor to coexist on the same host. In addition, thanks to the use of FreeBSD as the base system, ClonOS can use jail-containers to run FreeBSD applications without losing performance.

From the nearest future plans, it is noted that the Bhyve live-migration tools (binding over cbsd bmigrate) and Xen-based environment management tools will be added to the web-interface. Far plans include support for CEPH / GlusterFS, iSCSI for XEN and bhyve virtual block devices, high availability tools (HA-cluster) and automatic load balancing between nodes, integration with Prometheus / Grafana / Zabbix monitoring systems, system for automatic updating of cluster nodes, network interface aggregation, RestAPI, extended access control with integration with Active Directory, RBAC and SSO.

Ethereum Services to be Under New Thread

At the moment, the vulnerability has already been fixed, hackers did not have time to use it
05 February 2019   339

Specialists from the blockchain-startup Parity Technologies have discovered a vulnerability in the JSONRPC protocol that threatens the security of the entire Ethereum ecosystem. In particular, MyEtherWallet, MyCrypto and Infura services are under threat of hacking.

At the moment, the problem has already been fixed, the attackers did not have time to use it.

The developers of Parity Technologies recommended that users update the nodes to the new software version in order to reduce the risk of losing access to decentralized applications.

Recall that in January, due to the critical vulnerability in improving the EIP-1283, which allows hackers to steal user funds, the hardfork network was postponed indefinitely
Ethereum Constantinople.