With the newest edition of the gRPC protocol, Microservices-based systems will no longer need separate stand-alone service mesh sidecars, noted Envoy, one of the most popular sidecar proxies in use today.
Created at Google and released in 2016,
If you are going to use a service mesh to manage a set of microservices, you might as well start thinking of the service mesh as the “security kernel” for these distributed systems, suggested Tetrate Senior Engineer U.S. National Institute of Standards and Technology (NIST) and Tetrate, a purveyor of an
eBPF could provide a “fundamentally better data plane” for cloud native operations, explained eBPF maintainers as well as an engineer at Linux networking company eBPF Summit last week.
The eXpress Data Path, a Linux hook to
In 2016, when the digital media arm of the in increasingly large numbers.
“I remember the fear that the huge event we were experiencing could bring our platform down,” said recalled at HAProxy 2019. They kept watching the Grafana dashboard, searching for potential anomalies.
In the end, however, nothing bad happened. “We ended up drinking beers and eating pizzas,” he said. But Gallissot didn’t want to go through such a stressful experience again, and so started an initiative to move M6 to the cloud.
Like many organizations dealing with surges of traffic, M6 decided on Kubernetes as the platform for a multicloud architecture, to ease the process of easily scaling up and down traffic. And one of the most crucial parts of the Kubernetes setup is routing the incoming traffic to the appropriate services.
Kubernetes itself offers an option to capture the
Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week’s episode, we spoke with The New Stack correspondent Jennifer Riggins about all of the reporting she and others on the TNS team have been doing recently on the effects that the COVID-19 global pandemic is having on the tech industry.
TNS editorial and marketing director Libby Clark hosted this episode, alongside founder and TNS publisher Alex Williams and TNS managing editor Joab Jackson.
Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn
For this episode, we wanted to look at and not only discuss the changing patterns in network traffic that the global COVID-19 pandemic has wrought, due to factors such as people staying at home and working from home, and the sudden acceleration of e-learning. As Riggins writes in a recent post:
For a lot of tech and infrastructure teams, they not only are going through the stress of the collective trauma we’re sharing in, but they are struggling to keep up with ever-scaling, extreme strains on their systems. Simply put, Continue reading
Dragonfly, a peer-to-peer image and file-sharing technology developed by Cloud Native Computing Foundation. The software provides a way to quickly distribute images across large cloud native deployments, eliminating the dependency on a single registry to distribute all the copies of an image.
“Dragonfly is one of the backbone technologies for container platforms within Alibaba’s ecosystem, supporting billions of application deliveries each year, and in use by many enterprise customers around the world,” said Dragonfly in 2015, originally to ease file distribution. By 2017, when it was adopted to share containers within Kubernetes environments, it was being used by the Chinese cloud service to share 3.4PB each month. It was originally accepted into the OCI (Open Container Initiative). It can work with CNCF’s Prometheus and display them on a Helm can be used to install Dragonfly within a Kubernetes cluster.
Project maintainers come from Alibaba, ByteDance, eBay, and Meitu. Overall it has 67 contributors from 21 organizations. It has been downloaded over 100,000 times from Docker Hub and has massed 6,000 GitHub stars.
Learn more about Dragonfly, visit liggraphy from
The newest version of the open source version 1.5, comes with a fresh installer to simplify the deployment process, along with a new extension model, based on WebAssembly (WASM), to help proxy servers better filter traffic.
The development team behind Istio mark the Envoy‘s, the data plane most frequently used with Istio. “WASM will give developers the ability to safely distribute and execute code in the Envoy proxy — to integrate with telemetry systems, policy systems, control routing and even transform the body of a message,” a web page Linkerd and HashiCorp’s istioctl configuration tool. Security has been enhanced through the support of Kyle Glenn on
Thanks to the power of the newly-introduced Calico network management software with a new data plane mode, one that can speed pod-to-pod data communication and eliminate the dependency on Kubernetes’ kube-proxy for traffic management.
Tigera had started releasing work with eBPF almost a year ago, but this is the first release of Calico that fully harnesses the power of the new Linux kernel technology, Tigera co-founder and chief technology officer, said.
“We wanted to derive what we were doing from fundamentals, to be confident we were building the right thing for users,” said scale Continue reading
Consul services networking platform with the capability to manage service namespaces at an organization-wide level.
Released Tuesday, Consul 1.7 also comes with additional plugins to support a number of application monitoring and management tools, including AppDynamics, Datadog and the NGINX proxy.
HashiCorp presents Consul as a network automation tool for enterprises to connect and secure application services across multiple clouds and on-prem environments, putting all the services on a single communication plane with a shared registry.
The thinking behind Consul is that “you need a namespace service registry for the new, dynamic environment,” noted
on the HashiCorp blog.
HashiCorp is a sponsor of The New Stack.
Portworx sponsored The New Stack’s coverage of KubeCon+CloudNativeCon North America 2019.
While you may thinking of Kubernetes as the future of computing, but it was, until recently, still stuck in the past in one way, namely that it was built on IPv4, the widely-used, though a soon-to-be-legacy version of the Internet Protocol upon which the internet was built.
The Internet Engineering Task Force has been long urging the internet service providers to move to IPv6, now that the world has exhausted the supply of 32-bit IPv4 addresses. With its 128-bit address space, IPv6 will offer an inexhaustibly supply of internet addresses.
“We ignored it,” admitted KubeCon + CloudNativeCon North America 2019 conference he gave with
HashiCorp has launched what it calls the first fully managed service mesh, Armon Dadgar, during the kickoff of the company’s annual Consul-based approach is to manage a mix of Kubernetes and non-Kubernetes assets, either on Azure or on other clouds or from private data centers, noted
Released a little over a month ago, Microsoft's new Edge browser has gotten its first set of critical security patches.As part of its monthly round of security fixes, colloquially known as Patch Tuesday, Microsoft released a critical bulletin, MS15-05, with four patches covering vulnerabilities in the Windows 10-only Edge browser.Overall this month, Microsoft issued 12 bulletins covering 56 vulnerabilities. Five bulletins were deemed as critical, meaning they should be addressed as soon as possible.In addition to Edge, this month's patches cover issues in Internet Explorer, Windows, Office, Exchange, the .Net framework, the Hyper-V virtual machine, Active Directory, and Skype for Business.To read this article in full or to leave a comment, please click here
Released a little over a month ago, Microsoft's new Edge browser has gotten a set of critical security patches.As part of its monthly round of security fixes, colloquially known as Patch Tuesday, Microsoft released a critical bulletin, MS15-095, with four patches covering vulnerabilities in the Windows 10-only Edge browser.Overall this month, Microsoft issued 12 bulletins covering 56 vulnerabilities. Five bulletins were deemed as critical, meaning they should be addressed as soon as possible.In addition to Edge, this month's patches cover issues in Internet Explorer, Windows, Office, Exchange, the .Net framework, the Hyper-V virtual machine, Active Directory, and Skype for Business.To read this article in full or to leave a comment, please click here
Biometric technologies may soon replace cumbersome passwords, but the U.S. National Institute of Technology is looking out to a time when you won't even have to press your finger onto a grimy fingerprint reader to gain entry to a computer.NIST has funded a number of companies to make touchless fingerprint readers possible, and is creating a framework for evaluating possible technologies for widespread use.Touchless fingerprint readers could be particularly useful for quickly identifying large numbers of people, such as a queue entering a controlled facility, NIST contends. Germaphobes would also appreciate the technology, as they would not have to touch potentially germy fingerprint readers to gain access to their computers.To read this article in full or to leave a comment, please click here
Hewlett-Packard has devised two new ways of securing enterprise systems in the endless war on malicious network attackers.One service inspects the Internet addresses being requested by employees for malicious links and the other service learns how an organization's coders write their programs.The two new releases aim to "protect the interactions among your most valuable assets: your users, your applications and your data," said Frank Mong, HP vice president of solutions. The company announced the new software at the HP Protect security conference, held this week near Washington.HP DNS Malware Analytics (DMA) monitors outbound DNS (Domain Name System) requests to ensure employee browsers aren't contacting rogue or malware Web sites. A DNS server provides specific numeric Internet addresses to end-user computers requesting Web sites by their domain names.To read this article in full or to leave a comment, please click here
VMware is making a case that network virtualization can improve security in the enterprise.VMware, one of the biggest proponents of virtualizing the entire data center, says CIOs concerned about protecting their IT infrastructures from attackers should look at virtual networking, which has been around a while but isn't as popular as server virtualization."The security industry is messy and complicated, and we spend the bulk of our dollars on products that don't really solve the problem. It simply isn't working," said Pat Gelsinger, VMware CEO, in a keynote talk at the VMworld conference in San Francisco.To read this article in full or to leave a comment, please click here
Today, organizations need to analyze data from multiple sources and, to stay competitive, they need to do it when the data is fresh off the wire. But installing the software to take on this task can be onerous.Open source software vendor Mesosphere plans to release a stack of integrated open source software that would make it easy for enterprises to capture data in real time and analyze it on the fly.The stack, called Mesosphere Infinity, is based on Apache Mesos open source software for managing clusters of servers. Mesosphere offers a commercial edition of this open source software called the Mesosphere Data Center Operating System, which is used in this package.To read this article in full or to leave a comment, please click here
Responding to allegations from anonymous ex-employees, security firm Kaspersky Lab has denied planting misleading information in its public virus reports as a way to foil competitors.“Kaspersky Lab has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing,” reads an email statement from the company. “Accusations by anonymous, disgruntled ex-employees that Kaspersky Lab, or its CEO, was involved in these incidents are meritless and simply false.”MORE: 13 Big Data & Analytics Startups to WatchTo read this article in full or to leave a comment, please click here
Released almost two weeks ago, the new Windows 10 operating system already has its first set of security patches.For August, Microsoft’s monthly round of security patches contains five bulletins that cover Windows 10, as well as a bulletin that covers the new Edge browser that runs on Windows 10.Overall, Microsoft released 14 security bulletins for this month’s Patch Tuesday—which occurs on the second Tuesday of each month.Three of the bulletins were marked as critical, meaning that they should be patched as quickly as possible. A bulletin typically contains a set of patches for a single set of software products, such as all the supported versions of Windows.To read this article in full or to leave a comment, please click here
Oracle published, then quickly deleted, a blog post criticizing third-party security consultants and the enterprise customers who use them.Authored by Oracle chief security officer Mary Ann Davidson, the post sharply admonished enterprise customers for reverse engineering, or hiring consultants to reverse engineer, the company’s proprietary software, with the aim of finding as of yet unfixed security vulnerabilities.The missive, entitled “No, You Really Can’t,” was issued Monday on Davidson’s corporate blog, then pulled a few hours later. The Internet Archive captured a copy of the post.To read this article in full or to leave a comment, please click here