Updates on technologies, trends, and tools

Google Announces Kubeflow to Bring Kubernetes to Machine Learning

After Kubernetes and TensorFlow, Google has now released Kubeflow, a new open source project that makes it easy to consume machine learning (ML) stacks with Kubernetes.

Kubernetes is being touted as the cloud Linux, and an increasing number of people are employing it in different use cases. Machine learning is one of the fastest growing use cases for Kubernetes, but it's quite a challenge to get the entire machine learning stack up and running.

"Building any production-ready machine learning system involves various components, often mixing vendors and hand-rolled solutions. Connecting and managing these services for even moderately sophisticated setups introduces huge barriers of complexity in adopting machine learning," said David Aronchick and Jeremy Lewi, project manager and engineer, respectively, on the Kubeflow project. "Infrastructure engineers will often spend a significant amount of time manually tweaking deployments and hand rolling solutions before a single model can be tested."

Kubeflow solves this problem because it makes using ML stacks on Kubernetes fast and extensible. It's hosted on GitHub, and the repository contains three components: JupyterHub, to create and manage interactive Jupyter notebooks; a TensorFlow (TF) Custom Resource Definition (CRD) that can be configured to use CPUs or GPUs and adjusted to the size of a cluster with a single setting; and a TF Serving container.

Kubeflow is a multicloud solution. If you can run Kubernetes in your environment, you can run Kubeflow.

Critical Flaw in phpMyAdmin

A security researcher has found a critical flaw in phpMyAdmin that allows an attacker to damage databases. According to Hacker News, "The vulnerability is a cross-site request forgery (CSRF) attack and affects phpMyAdmin versions 4.7.x (prior to 4.7.7)."

The vulnerability was discovered by researcher Ashutosh Barot. Barot wrote in a blog post, "In this case (phpMyAdmin), a database admin/Developer can be tricked into performing database operations like DROP TABLE using CSRF. It can cause devastating incidents! The vulnerability allows an attacker to send a crafted URL to the victim and if she (authenticated user) clicks it, the victim may perform a DROP TABLE query on her database."

On its advisory page, phpMyAdmin wrote that "by deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables, etc." The phpMyAdmin project has already released a patch and suggests users either apply the patch to the existing installs or upgrade to phpMyAdmin 4.7.7 or newer.

phpMyAdmin is an open source tool for managing MySQL over the web. It supports a wide range of functions, including management of database, tables, columns, relations, indexes, users, permissions, etc. via the user interface, instead of using a command-line interface. This ease of use has made phpMyAdmin a very popular tool for hosting providers.

More Online

Linux Magazine




HPC Compilers * Carla Guillen and Reinhold Bader

If you compile software on an expensive supercomputer, it's a good idea to select the languages and compilers with particular care. We report on tried-and-proved tools used on SuperMUC, a supercomputer at the Leibniz Supercomputing Center in Germany.

ADMIN Online


Project management with PhabricatorOliver Frommel

Bug trackers are the least thing that can be deployed to combat chaos in daily IT work. The free Phabricator software provides this service and many others.

Automated compliance testing with InSpecMartin Loschwitz

Don't equate compliance through certification with security, because compliance and security are not the same. We look at automated compliance testing with InSpec for the secure operation of enterprise IT.

Correctly integrating containersThomas Fricke

If you run microservices in containers, they are forced to communicate with each other – and with the outside world. We explain how to network pods and nodes in Kubernetes.

ADMIN DevOps Focus


Docker Forensics * Chris Binnie

The handy auditd package can help track down weaknesses in your system before, during, or after an attack.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More