The Pursuit of Inspired Leadership

At Arista Networks, great technology and leadership inspires us to innovate and continue our mission to reinvent. It’s an ongoing journey to create the right leaders and disruptive technology for market transitions and Arista’s evolution. Today I digress a bit, as I was reading a 2017 Harvard Business Review article on the four key traits identified for successful CEOs. So much of it resonated with me with respect to the Arista way and our company culture. Let’s review how these traits apply to a fast-paced technology company like Arista.

Dynamic Kubernetes Client for Ansible

Ansible-Dynamic-k8s

tl;dr

We condensed the Python Kubernetes/OpenShift client from 400,000 lines of code to 500, while adding features and closing nearly all known bugs. The new Kubernetes modules shipping in Ansible 2.6 support all resources the Kubernetes server supports, and fix nearly all the bugs that were in the 2.5 k8s_raw and openshift_raw modules. If you want to control your Kubernetes infrastructure with Ansible, now is a very good time to give it a try.

Previous Approaches

For anyone who has not followed the process of adding Kubernetes support to Ansible, this is actually our third attempt. With this iteration, we have finally worked out a lot of the kinks that made the modules difficult to use. Here’s a brief synopsis of the history of the project:

Generated client, generated modules

Our first iteration was backed by a generated OpenShift Python client, based on the existing Kubernetes Python client. This Python client ingested the OpenAPI spec for the OpenShift/Kubernetes API and generated one or more modules per resource type. Due to the size of the API, this resulted in ~400,000 lines of generated code.


The Ansible Kubernetes modules were in turn generated from the generated client, so for Continue reading

Innovative Approaches to Connecting Indigenous Communities

In November 2017, the Internet Society hosted its first Indigenous Connectivity Summit in Santa Fe, New Mexico. This event brought together over 200 Indigenous community members to talk about Internet access solutions, and the importance of connectivity for socioeconomic, health, community empowerment, education, and cultural and language preservation.

It was an incredible two days that resulted in new, meaningful relationships, partnerships, and opportunities for all those present. But the work isn’t done yet.

Connectivity in Indigenous communities continues to lag far behind non-Indigenous areas. Low speeds or non-existent service, high costs, and data caps plague many communities. In some Arctic communities in Canada, it is often cheaper and faster to mail a USB drive south, upload data, and mail it back North than it is to download the content on the slow and expensive services available.

To continue the conversation that was started in Santa Fe, the Internet Society will hold the second Indigenous Connectivity Summit in Inuvik, Northwest Territories, Canada on October 11-12. This event will bring together Indigenous community leaders, technical experts, researchers, policy makers, and service providers to address the unique connectivity issues Alaska Native, American Indian, Inuit, First Nation, and Métis communities face and how they Continue reading

Proxying traffic to Report URI with Cloudflare Workers

Proxying traffic to Report URI with Cloudflare Workers

The following is a guest post by Scott Helme, a Security Researcher, international speaker, and blogger. He's also the founder of the popular securityheaders.com and report-uri.com, free tools to help people deploy better security.

With the continued growth of Report URI we're seeing a larger and larger variety of sites use the service. With that diversity comes additional requirements that need to be met, some of them simple and some of them less so. Here's a quick look at those challenges and how they can be solved easily with a Cloudflare Worker. Continue reading

Amazon rumored to be entering the networking market

It’s hard to remember a time when people thought Amazon was nuts for going into the cloud computing business, since it was so far removed from the company’s core ecommerce business. No one is laughing now.It seems history could repeat itself. According to an article in The Information, Amazon is rumored to be targeting a new industry, albeit one dominated by a giant player and multiple healthy competitors — the network switching business. The move would put it in direct competition with Cisco, HPE, Juniper Networks, and Arista.To read this article in full, please click here

Amazon rumored to be entering the networking market

It’s hard to remember a time when people thought Amazon was nuts for going into the cloud computing business, since it was so far removed from the company’s core ecommerce business. No one is laughing now.It seems history could repeat itself. According to an article in The Information, Amazon is rumored to be targeting a new industry, albeit one dominated by a giant player and multiple healthy competitors — the network switching business. The move would put it in direct competition with Cisco, HPE, Juniper Networks, and Arista.To read this article in full, please click here

Amazon rumored to be entering the networking market

It’s hard to remember a time when people thought Amazon was nuts for going into the cloud computing business, since it was so far removed from the company’s core ecommerce business. No one is laughing now.It seems history could repeat itself. According to an article in The Information, Amazon is rumored to be targeting a new industry, albeit one dominated by a giant player and multiple healthy competitors — the network switching business. The move would put it in direct competition with Cisco, HPE, Juniper Networks, and Arista.To read this article in full, please click here

The Uncertainty of Measuring the DNS

In this article I’d like to explore a common aspect of measurements of the Internet’s Domain Name system. It’s nowhere near as formally stated as Heisenberg’s Uncertainty Principle, and cannot be proved formally, but the assertion is very similar, namely that there is a basic limit to the accuracy of measurements that can be made about the behaviour and properties of the DNS.

IETF 102, Day 2: Trust in the IETF

This week is IETF 102 in Montreal, Canada, and we’re bringing you daily blog posts highlighting the topics of interest to us in the ISOC Internet Technology Team. And today’s topics include IPv6, IoT and Trust technologies.

6MAN commences at 09.30 EDT/UTC-4, and has six new drafts up for discussion covering IPv6 Neighbor Discovery Extensions for Prefix Delegation, IPv6 VPNs, ICMPv6, OAM in Segment Routing Networks with an IPv6 Data plane, allowing low or zero valid lifetimes to be accepted in Router Advertisement Prefix Information Options where it’s known that there can only be one router on the link; as well as introducing a new IPv6 ‘unrecognised’ option for ICMPv6 that conveys whether an underlying network can transmit IPv6 packets.

There are also three working group sponsored drafts, adopted from the last meeting. Privacy Extensions for Stateless Address Autoconfiguration in IPv6 describes an extension that causes nodes to generate global scope addresses from interface identifiers that change over time; IPv6 Segment Routing Header specifies how a node can steer a packet through a controlled set of instructions (segments) by prepending an SR header to the packet; whilst IPv6 Router Advertisement IPv6-Only Flag is an update to RFC 5175 that indicates Continue reading

Making Application Collaboration Easier with Docker Application Packages

In the first blog post about the experimental Docker Application Packages, Gareth showed how our new open-source docker-app can be used to augment Compose files by adding metadata and separate settings.

Now that you know how to create an Application Package, how do you share it? Using a Docker registry solution like Docker Hub or Docker Enterprise of course! Let’s look at an example that works with the latest release of docker-app. Here’s a simple single-file format Application Package with the filename hello.dockerapp:

# This section contains your application metadata.

version: 0.1.0
name: hello
description: "A simple HTTP echo server"
maintainers:
- name: Chris Crone
  email: [email protected]
targets:
  swarm: true
  kubernetes: true

---

# This section contains the Compose file that describes your application services.

version: '3.6'
services:
  hello:
    image: hashicorp/http-echo:${version}
    command: ["-text", "${text}"]
    ports:
      - ${port}:5678

 ---

# This section contains the default values for your application settings.

port: 5678
text: hello development
version: latest

We can save this Application Package as a Docker image using the save command:

$ docker-app save
Saved application as image: hello.dockerapp:0. Continue reading

Encryption Is Critical for the Australian Economy

On 17 July 2018, the Internet Society and its locally based chapter, Internet Australia, joined 75 organizations in signing a letter urging Australia not to pursue legislation that could undermine the security of encrypted services and devices used by Australians.

As Internet Society CEO Kathy Brown wrote last year, “strong encryption is an essential piece to the future of the world’s economy … it allows us to do our banking, conduct local and global business, run our power grids, operate communications networks, and do almost everything else”.

Encryption should be the norm for all Internet traffic and stored data.

The Internet Society recognizes the concerns of law enforcement and remains firm in its conviction that encryption is an important technical solution that all Internet users should use to protect their communications and data. Legal or technical measures that weaken encryption or other digital security tools will place the well-being of law-abiding Australians, and the Internet at large, at risk.

We urge you to stand with us in support of encryption.

Voice your support via #aussiesencrypt.

The post Encryption Is Critical for the Australian Economy appeared first on Internet Society.

Smart Shopping Starts Today!

Let’s face it – things are different now than when we were kids.

I grew up with technology. My weekends consisted of frantically switching out floppy disks while on 13-inch-green-screen missions to destroy cubism-esque dragons, orcs and whatever else I could with my wizard powers. It taught me critical reasoning, innovative thinking, and gave me the courage to try new things.

Now that I’m a mom, I’m an advocate for my kids to use tech. But today’s tech is different. Now the Internet is everywhere and it’s a part of our everyday lives, in everyday things. Coffeemakers, toothbrushes, toasters, televisions and, yes – even teeth.

Did you ever think we’d have connected homes, let alone bras that might detect breast cancer?

These everyday things are known as the Internet of Things – IoT for short. It’s already everywhere.

Manufacturers are building connected things faster than most of us can keep up. While that means there’s lots of cool things hitting the shelves, many haven’t been built with our security or privacy in mind. That’s why we hear stories ranging from the somewhat humorous to the terrifying.

But we’re hungry for IoT devices – buying them as fast as manufacturers can Continue reading

IDG Contributor Network: 13 debts of tunnel networks

Tunnels for networking are not good. We see a real-life example taking place with the twelve Thai boys that were stuck at the end of a tunnel with a very narrow section under water preventing passage. The tunnel offered them only one way out, and the particular path was not passable. This is what happens in networks. We’re thankful for the heroic rescue of these brave boys, but networks don’t always fare as well.You will hear others speak about how a tunnel-based virtual network is the next amazing trend in networking. In fact, an analyst recently told me tunnels are great. And they are, when used for the purpose they were intended. But, using tunnels to get aggregates of packets to go where they wouldn’t go otherwise is dangerous, and will lead to the accumulation of technical debts.To read this article in full, please click here

IDG Contributor Network: 13 debts of tunnel networks

Tunnels for networking are not good. We see a real-life example taking place with the twelve Thai boys that were stuck at the end of a tunnel with a very narrow section under water preventing passage. The tunnel offered them only one way out, and the particular path was not passable. This is what happens in networks. We’re thankful for the heroic rescue of these brave boys, but networks don’t always fare as well.You will hear others speak about how a tunnel-based virtual network is the next amazing trend in networking. In fact, an analyst recently told me tunnels are great. And they are, when used for the purpose they were intended. But, using tunnels to get aggregates of packets to go where they wouldn’t go otherwise is dangerous, and will lead to the accumulation of technical debts.To read this article in full, please click here