B. Cameron Gain

Author Archives: B. Cameron Gain

VMware Redefines Security After a Surge in Attacks

Enterprise virtualization software giant VMware says it is “redefining” security as it seeks to help customers meet the challenges associated with a skyrocketing number of threats, more numerous attack vectors, and having fewer human resources at their disposal to help keep attacks at bay. “So what we’re asking all of these IT security teams to do is essentially to do more — and there’s a lot more complexity,” 2020 Threat Landscape report results, 81% of the survey respondents reported a breach during the past 12 months — with four out of the five breaches (82%) deemed material. At the Continue reading

Solo.io: Istio Is Winning the Service Mesh War

The open source Istio has emerged as the “dominant” service mesh to manage microservices and Kubernetes environments, solo.io executives say. Gloo Edge 2.0, to be released in beta in the middle of the year is the “first and the only” Istio-native API gateway with all of Istio’s native functionality, Posta said. The ingress controller will integrate #SoloCon2021 https://t.co/VKAxWqk5KJ is fully committed to Istio. We see it as the dominant service mesh—it’s the one that’s most deployed to production and the most mature. #Gloo @soloio_inc #sponsored March 24, 2021 Solo.io’s proclamation also coincides with a number of new improvements for solo.io’s Gloo Edge platforms announced the new capabilities feature, among other things, an even tighter integration between #SoloCon2021 Continue reading

Gloo Edge 2.0: A Fully Istio-Integrated API Gateway for Multiple Clusters

Version 2.0 of Solo.io’s Gloo Edge will integrate the Gloo Edge, an ingress controller, and the open source Istio service mesh will form a single control plane, Solo.io said this week during its Torsten Volk, an analyst for Enterprise Management Associates (EMA), said. “Most organizations have regarded Istio as something to ‘attack once it’s become more approachable and easier to manage,’” Volk said. “These Solo.io announcements might ring in this new age of “service mesh for everyone.” In a Continue reading

HAProxy Bonds with HashiCorp Consul to Extend Automated Service Discovery

Version 2.2 of offers service discovery and native support for the HashiCorp’s Daniel Corbett, head of product, HAProxy Technologies, in a blog post. Through a RESTful HTTP API, HAProxy connects directly to a defined Consul server and ingests the list of services and nodes from a Consul catalog, Corbett later told The New Stack. The API will set off a process that can “define an HAProxy backend and pool of servers to match this catalog and automatically scale up or down nodes/servers on-demand based on changes within the Consul catalog,” Corbett said. Corbett noted in the has also released version 2.3 of HAProxy itself, adding features such as forwarding, prioritizing, and translating of messages sent over the Syslog Protocol on both UDP and TCP, an OpenTracing SPOA, Stats Contexts, SSL/TLS enhancements, an improved cache, and changes in the connection layer that lay the foundation for support for HTTP/3/QUIC. For more information on the HAProxy’s Data Plane API,

NS1: Avoid the Trap of DNS Single-Point-of-Failure

Third-party DNS providers have seen tremendous consolidation during the past few years, resulting in dependence on a smaller pool of providers that maintain the world’s largest website lookups. Reliance on only one of a few single DNS providers also represents a heightened risk in the event of a Carnegie Mellon University, 89.2% of the CDN MaxCDN, the researchers noted. A

KubeCon+CloudNativeCon: Service Mesh Battle Stories and Fixes

KubeCon+CloudNativeCon. “There’s a lot to say about each of these service meshes and how they work: their architecture, why they’re made, what they’re focused on, what they do when they came about and why some of them aren’t here anymore and why we’re still seeing new ones,” Layer5, explained during his talk with “Service Mesh Specifications and Why They Matter in Your Deployment.” Service mesh is increasingly seen as a requirement to manage microservices in Kubernetes environments, offering a central control plane to manage microservices access, testing, metrics and other functionalities. One-third of the respondents in The New Stack survey of our readers said their organizations already use service mesh. Among the numerous service mesh options available; Envoy, Linkerd and

The HashiCorp Consul Service Comes to Microsoft Azure

The release of HashiCorp’s push to widen the scope of its managed services offerings on the cloud. The GA release of HCS on Armon Dadgar, co-founder and CTO of HashiCorp, said the Azure HCS release is part of HashiCorp’s shift to a more managed-services business model. “We are transitioning from being a desktop software vendor to becoming more of a cloud software vendor,” said Dadgar. Dadgar said HashiCorp opted for Azure since there is a lot of overlap between the kinds of customer organizations HashiCorp and Microsoft tend to focus on. The launch Continue reading

Cloudflare’s Network Shutdown Shows Why DNS Is a DevOps Problem

Cloudflare’s Jonathan Sullivan, NS1 chief technology officer and co-founder, told The New Stack. While Cloudflare — an NS1 competitor — did have DNS redundancy built into its infrastructure, the resulting traffic drop in its network infrastructure was about 50% throughout its network and resulted in a 27-minutes outage of Cloudflare Internet properties and services, Cloudflare Chief Technology Officer blog post. A router overload in the state of Georgia resulted in the Cloudflare outage. One way Cloudflare learned to prevent such an event from recurring was to set a limit on the Georgia router’s traffic for BGP sessions. This will result in the shutdown of Continue reading

How HashiCorp Widened the Reach of the Consul Service Mesh

HashiCorp has expanded its Consul network control plane by widening its scope for different highly distributed services and environments — while simplifying and expanding its compliance and policy management capabilities. By adding gateway options and compliance features with today’s release of Consul 1.8, HashiCorp has made the control plane able to manage many different environments in a single interface, the company says. These might include services and applications running in containers, Kubernetes or virtual machines (VMs) on bare metal, traditional data centers or multicloud environments that are often widely dispersed geographically. “We are useful to customers because we offer a layer across [different environments] with a single management plane. The challenges customers have is they have many services that sit outside of service mesh, such as traditional applications, and need to bring them into the same fold,” HashiCorp, told The New Stack. “So how can services talk to your applications within your service mesh, and how do the applications in the service mesh talk out? Consul 1.8 solves that problem.” Consul 1.8’s audit logging and single sign-on (SSO) features (which are part of the enterprise version) Continue reading

NS1 Shows How DNS Technology Can Speed VPN Connections

The need for faster and more reliable VPN connections has certainly spiked recently in the wake of the COVID-19 pandemic and the massive shift of workers away from office hubs to home locations. For developers who must rely on VPNs for data transfers, the act of loading code on git and other more mundane tasks can obviously take much longer depending on network saturation from remote locations. Productivity is obviously lost, as well as time, which is in short supply for so many these days. Managed DNS support for VPNs can help to boost both network data transfer rates and robustness for VPNs, as well as other network infrastructure for any user, in addition to developers working remotely. To that end, DNS solutions provider Terry Bernstein, NS1 director of product management, said. The end result is improved VPN connectivity, which through load-balancing and steering connections at the DNS layer, are connected to the best performing endpoint. NS1’s DNS Continue reading

SaltStack’s CTO on Pandemics, the End of Empires and Software’s Future

It is too early to determine to what extent our lives will change in the future once the Coronavirus pandemic has run its full course. However, in the software industry, some possible outcomes are beginning to emerge, including consolidation and the potential for great changes to take place — both good and bad. As a harbinger of what may come, SaltStack, a leading automation network infrastructure provider, evoked historical examples of pandemics and plagues in the past. He discussed what changes they wrought on ancient Egypt, the Roman Empire and the Renaissance era, while drawing parallels with the software industry. Patch also shared with The New Stack in this Q&A how software engineers’ lives have hardly changed, the folly of forcing workers to come to the office when they really do not need to and his observations of network infrastructure saturation in the wake of the

Q&A: Dynatrace on COVID-19 Effects and ‘Super Bowl’-Like Traffic Surges

Software intelligence company Alois Reitbauer, vice president and chief technology strategist for Dynatrace, shared his observations about what the company is seeing. While Reitbauer usually splits his time between living and working in the United States and Europe, Reitbauer spoke with The New Stack from his remote-location home in Austria. What traffic changes are your customers seeing due to the effects of the COVID-19 pandemic? It’s definitely important to know we’re experiencing a perfect storm scenario right now. We all need to be on the same page for what’s going to happen. We have certainly ramped up our monitoring of networks recently. So the way you can describe the situation for many websites now is it’s just like Black Friday, where all people go really wild on a certain number of sites. The only difference with Black Friday- or Super Bowl-like surges in traffic compared to the saturation COVID-19 might cause is that nobody knows when it’s happening. We Continue reading

How to Manage a Home Network with Infrastructure as Code

Unifi Dream Machine home management device because, in addition to my personal and guest SSIDs, there is an apartment in my house for which I wanted to segment traffic. I also wanted to add an extra layer of security around some of the home automation and IoT devices that were being added to our home network with a fourth SSID. I started to configure the new network, I had started a spreadsheet of VLANs, subnet CIDRs and mappings of those to SSIDs. Additionally, I needed to track firewall rules, port forwards and other settings and configurations. Needless to say, this was a lot of information to maintain and manage. My day job is working on the Infrastructure-as Code (IaC) product

Distributed Systems and the Butterfly Effect

The late science fiction author Ray Bradbury’s short story classic“Jurassic Park”film franchise by decades, the follies of technology innovation that allow, among other things, for humans to interact with dinosaurs, predictably goes awry. However, “A Sound of Thunder”’s main theme is not so much about the risks of appeasing humans’ archetypical curiosity about scary beasts as it is about how interconnected our actions are. Bradbury portrays, for example, how the mere accident of going back in time and stepping on a butterfly can set in motion a chain of reaction that eventually leads to cataclysmic events in the future. Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn In today’s IT world of distributed systems built with Kubernetes and container orchestration technologies, it is beginning to emerge just how deep applications really are, as well as how deeply distributed they are. One of the effects this very distributed and connected infrastructure has is reflected in the famous