Looking Back: 2018 Project Report Card

Over the last five years or so, I’ve shared with my readers an annual list of projects along with—at the year’s end—a “project report card” on how I fared against the projects I’d set for myself. (For example, here’s my project report card for 2017.) Following that same pattern, then, here is my project report card for 2018.

Here’s the list of projects I established for myself in 2018 (you can also read the associated blog post for more context):

  1. Become extremely fluent in Kubernetes. (Stretch goal: Pass the CKA exam.)
  2. Learn to code/develop in Go.
  3. Make three contributions to open source projects. (Stretch goal: Make five contributions.)
  4. Read and review three technical books. (Stretch goal: Read and review five technical books.)
  5. Complete a “wildcard” project.

So, how did I do? Let’s take a look.

  1. Become extremely fluent in Kubernetes: This is, in my opinion, a hard one to accurately gauge. Why? Well, Kubernetes is a pretty massive project. I saw a tweet recently saying the project was now at a point where no one person can understand all of it. The other factor making it difficult for me to accurately gauge this is the caliber Continue reading

DNS-over-TLS in Linux (systemd)

Whilst we were putting together some content about DNS privacy recently, we learned that recent distributions of Linux ship with support or this. We therefore decided to give Ubuntu 18.10 a try on a laptop.

More recent versions of Ubuntu employ a special service for name resolution called ‘system-resolved.service(8)’. The configuration file ‘resolved.conf(5)’ specifies most of the details for name resolution, including which protocols and resolvers should be employed, whilst the ‘/etc/systemd/network/*.network’ configuration files (see ‘systemd.network(5)’ for details) of the ‘systemd-networkd.service(8)’ specify any per-link specific settings.

The default configuration of ‘systemd-resolved’ is selected at compile time, and ‘/etc/systemd/resolved.conf’ normally contains commented-out lines describing such defaults. For example, the contents of the aforementioned file on a fresh Ubuntu 18.10 installation are:

As may be inferred from the file, DNS-over-TLS (DoT) is supported, but disabled by default. At the time of  writing, only opportunistic DoT is supported according to the manual, which means that the resolver will first try resolution using DoT before falling back to traditional DNS in the event of failure – thus allowing for downgrade attacks where an attacker intentionally causes a DoT failure in order to cause name resolution to downgrade Continue reading

لمحة عامة حول حوكمة الإنترنت (General Overview about Internet Governance)

تلقى ملايين المستخدمين عبر فيسبوك مؤخراً رسائل تفيد بأن بياناتهم الشخصية قد تسربت بسبب اختراق  Cambridge Analytica لها، يأتي هذا  بعد أن كشفت صحيفة  Observer أن Cambridge Analytica ، التي عملت مع فريق دونالد ترامب الانتخابي استحوذت على ملايين الحسابات الشخصية لمواطنين أمريكيين واستخدمت بياناتهم لبناء برنامج حاسوبي للتنبؤ بالناخبين والتأثير عليهم.

التصدي للمشاكل والقضايا التي تخص الانترنت بما فيها قضايا الأمن والخصوصية ليس بالأمر السهل ليس فقط بسبب النمو والتطور الكبير لهذه الشبكة والأثر الكبير الذي أحدثته على شتى القطاعات ونواحي الحياة، بل أيضاً بسبب طبيعته اللامركزية أي أنه شبكة غير محكومة بسلطة مركزية واحدة تقوم بإدارة الإنترنت وحدها.

الإنترنت هو ثمرة جهود مشاريع بحثية مولتها الحكومة وجهود أفراد من الجامعات ومنظمات القطاع الخاص الذين قادوا معظم تطوره المبكر وجعلوا منه منصة قائمة على تعاون مختلف الجهات والأطراف المهتمة بالأنترنت والمتأثرة بقراراته والتي تساهم في وضع سياساته. نرى في جزء آخر من العالم التصدي لمشاكل الخصوصية وحماية البيانات الشخصية في إقرار المجلس الأوروبي لقانون حماية البيانات العامة للاتحاد الأوروبي (GDPR)، وذلك بعد سلسلة من النقاشات دامت حوالي أربع أعوام من أجل ضمان أمن بيانات الأفراد ضمن الاتحاد الأوروبي.  يمكننا أن نعبر عن العمليات القائمة بين أصحاب المصالح المتعددين والتي تؤثر على كيفية إدارة الإنترنت “بحوكمة الإنترنت”.

في سياق Continue reading

In Khartoum, A DNSSEC Deployathon

At the Internet Society Sudan Chapter office, adjacent to the west bank of the Blue Nile, four men decided to set up a local server capable of DNSSEC verification. It was an unplanned deployathon: a hands on, practical session in which a solution or service is deployed in a real-world scenario. Deployathons can help build technical capacity or set up a new service, and in this case, the men hoped to increase knowledge of DNSSEC and to prepare the individuals managing Sudan’s top-level domain (.sd) for signing in the near future.

During the SdNOG5 conference, these four men – we the authors, along with Jan Zorz of the Internet Society and Sander Steffann – continued the discussion on the deep technical challenges of deploying DNSSEC, and how Jan and Sander’s presence in Sudan provided an opportunity to leverage their experience with DNSSEC. We also reflected on the importance of DNSSEC for the country code top-level domain (ccTLD) and its positive impact on the national and international levels.

Having enjoyed some delicious Sudanese coffee, the four of us started to install a new server based on Centos 7, a Linux based operating system, from scratch. On this server, a DNS service Continue reading

Multithreading – Whats in it ?

Hi,

I never took threading seriously, partly because I was barely getting started with programming let alone running and improving a Programs performance. I have all the time in the universe to wait for the program to run instead of making it run much faster ?

Problem statement: Has 3 sites to ping, make 3 parallel pings (like opening 3 terminal and issuing a parallel ping statement) instead of one by one approach and has to be done with python

Threading Module comes to Rescue

https://github.com/yukthr/auts/blob/master/random_programs/threading_program.py

 

Basically, in the below output if you see two blocks, one block gets executed sequentially one ping after the other while the other one includes threading and everything is taken parallel and hence we see the output differences as well. I think am yet to figure on calculating time aspect of the threading but it is definitely faster.

Again not going much into GIL or (IO / CPU threading differences), all I can say is we can use this to enhance some day to day activities.

 

 

This may sound a little strange, macosx was not giving me any results for threading while any Linux / Unix (raspberry pi in this Continue reading

Meeting Your Deadlines Is Never Easy

2018 has been a busy year. There’s been a lot going on in the networking world and the pace of things keeps accelerating. I’ve been inundated with things this last month, including endless requests for my 2019 predictions and where I think the market is going. Since I’m not a prediction kind of person, I wanted to take just a couple of moments to talk more about something that I did find interesting from 2018 – deadlines.

Getting It Out The Door

Long-time readers of this blog may remember that I’ve always had a goal set for myself of trying to get one post published every week. It’s a deadline I set for myself to make sure that I didn’t let my blog start decaying into something that is barely updated. I try to hold fast to my word and get something new out every week. Sometimes it’s simple, like reflections on one of the various Tech Field Day events that I’m working on that week. But there’s always something.

That is, until Cisco Live this year. I somehow got so wrapped up in things that I missed a post for the first time in eight years! Granted, this was Continue reading

Top 5 Blog Posts of 2018: Introducing the New Docker Hub

In case you missed our announcement a couple of weeks ago, Docker Hub now has an improved user experience for finding, storing and sharing Docker container images. Our second most popular blog of 2018 gives users a preview of the new Docker Hub. Read on to learn more about what’s new on Docker Hub!

 

Today, we’re excited to announce that Docker Store and Docker Cloud are now part of Docker Hub, providing a single experience for finding, storing and sharing container images. This means that:

  • Docker Certified and Verified Publisher Images are now available for discovery and download on Docker Hub
  • Docker Hub has a new user experience

 

Millions of individual users and more than a hundred thousand organizations use Docker Hub, Store and Cloud for their container content needs. We’ve designed this Docker Hub update to bring together the features that users of each product know and love the most, while addressing known Docker Hub requests around ease of use, repository and team management.

Here’s what’s new:

Repositories

  • View recently pushed tags and automated builds on your repository page
  • Pagination added to repository tags
  • Improved repository filtering when logged in on the Docker Hub home page

Continue reading

Linux commands for measuring disk activity

Linux systems provide a handy suite of commands for helping you see how busy your disks are, not just how full. In this post, we're going to examine five very useful commands for looking into disk activity. Two of the commands (iostat and ioping) may have to be added to your system and these same two commands require you to use sudo privileges, but all five commands provide useful ways to view disk activity.Probably one of the easiest and most obvious of these commands is dstat.dtstat In spite of the fact that the dstat command begins with the letter "d", it provides stats on a lot more than just disk activity. If you want to view just disk activity, you can use the -d option. As shown below, you’ll get a continuous list of disk read/write measurements until you stop the display with a ^c. Note that, after the first report, each subsequent row in the display will report disk activity in the following time interval and the default is only one second.To read this article in full, please click here

Happy Pink Dot SG from the Proudflare team!

Happy Pink Dot SG from the Proudflare team!

Pink Dot SG is an event which takes place every June in Singapore to celebrate LGBTQIA+ pride! Cloudflare participated this year, on June 21st. We’re a little late, but wanted to share what we got up to. Pink Dot SG started in 2009, as a way for queer people and allies alike to demonstrate their belief that everyone deserves the “freedom to love.”

Proudflare at Pink Dot ‘18

Proudflare, Cloudflare's LGBTQIA+ employee resource group, finds ways to support and provide resources for the LGBTQIA+ community, both within Cloudflare and in the larger community.

Proudflare started in 2017 in our San Francisco headquarters and in 2018, the Proudflare Singapore chapter was formed. We were excited to participate in our first public-facing event and demonstrate Cloudflare’s commitment to equality and dignity for all people!

We took to the streets this year to celebrate, but more importantly demand equality for our community in Singapore. It was an exciting event, with heaps of buzz, cheer, and joy amongst the crowd! Pink Dot SG included LGBTQIA+-themed events, information tents, a concert, and onstage were 10 Declarations for Equality, a list of changes the LGBTQIA+ community and their allies are ready for and Continue reading

1 1,139 1,140 1,141 1,142 1,143 3,616