eBPF could provide a “fundamentally better data plane” for cloud native operations, explained eBPF maintainers as well as an engineer at Linux networking company eBPF Summit last week.
The eXpress Data Path, a Linux hook to
77-year-old Vint Cerf is credited as the father of the internet — but he’s now tackling an even bigger challenge. He’s joined with the scientists who envision a network that can scale across hundreds of millions of miles, in an airless vacuum, where data transmissions can be blocked by, for example, the planet Jupiter. Cerf’s working with a team whose lofty new dream is an internet which can connect our spacecraft in outer space — to the other spacecraft, and to listeners waiting here on earth.
It’s instructive to see how engineers approach a task that stretches endless on an interplanetary scale — and what it took to lead scientists to this galaxy-sized dream.
Guide to the Galaxy
Back in the 1970s, Cerf co-developed the TCP/IP protocol with Bob Kahn, which became the foundation for all internet communication today. (Though in a recent article in Quanta, Cerf stresses that “A lot of people contributed to the creation of the internet.”) But what’s less known is that Cerf has also held a lifelong interest in outer space. One
KubeCon + CloudNativeCon North America 2020 – Virtual, Nov. 17-20.
Lior Nabat
Lior is KubeMQ’s technology leader and product architect. As a serial technology entrepreneur with over 20 years of experience in software ventures and product development, he brings cloud native expertise and hands-on experience. Lior founded Tradency (financial trading technology) 14 years ago and led as the CEO since inception. Previously he held key management positions at DSPG, Alpha Cell and TdSoft. Lior holds a B.A. in Mathematics and Computer Science from the Open University in Tel-Aviv Israel and AMP from the University of Pennsylvania-The Wharton School. @lior_nabat
Hybrid cloud is a powerful IT architecture — backed by market leaders and used by many enterprise organizations — that connects a company’s on-premises, private cloud services and third-party, public cloud services into a single, flexible infrastructure for running the organization’s applications and workload.
The principle behind hybrid cloud is a mix of public and private cloud resources — with a level of orchestration between them. This gives an organization the flexibility to choose the optimal cloud for each application or workload (and to move workloads freely Continue reading
Earlier this month, NGINX NGINX Service Mesh (NSM), a free and open source service mesh that uses NGINX proxy, to power its data plane. While many service meshes are built from entirely open source components, NGINX Vice President of Marketing Aspen Mesh, the more advanced, Istio-based service mesh built by its now-parent company Service Mesh Interface (SMI) is not supported, but it is on the roadmap, and the NGINX Unit to “introduce something that’s a little bit different and more novel to advance the industry dialogue.”
“We think there’s an option in the future to have a sidecar-less service mesh, where you’re not injecting sidecars in each service,” said Whitely. “Instead, you load your code, and you execute it, and the default runtime environment that’s executing your code has all the built-in proxying capabilities needed to handle east-west. It would take things down from a two container to one container kind of model.”
Feature image by Unsplash.
The post NGINX Steps into the Service Mesh Fray Promising a Simpler Alternative appeared first on The New Stack.
Similar to container-native storage, the container-native network abstracts the physical network infrastructure to expose a flat network to containers. It is tightly integrated with Kubernetes to tackle the challenges involved in pod-to-pod, node-to-node, pod-to-service and external communication.
Kubernetes can support a host of plugins based on the Cloud Native Computing Foundation.
Sponsor Note
KubeCon + CloudNativeCon conferences gather adopters and technologists to further the education and advancement of cloud native computing. The vendor-neutral events feature domain experts and key maintainers behind popular projects like Kubernetes, Prometheus, Envoy, CoreDNS, containerd and more.
Container-native networks go beyond basic connectivity. They provide dynamic enforcement of network security rules. Through a predefined policy, it is possible to configure fine-grained control over communications between containers, pods and nodes.
Choosing the right networking stack is critical to maintain and secure the CaaS platform. Customers can select the stack from open source projects including Contiv, Project CalicoTungsten Fabric and
Intel sponsored this post.
Smart Network Interface Controllers (SmartNICS) puts the service mesh at center stage where the network and the application layer meet. The new dimensions that come with the integration of hardware and software is ushering in a new generation of capabilities such as cryptographic operations and new approaches to resource utilization.
At VMworld last month, VMware featured SmartNICs as part of
Although the $40 billion deal still faces long scrutiny by regulators, the reasons behind proposed acquisition of planning to buy FPGA maker Xilinx.
NVidia doesn’t plan to change Arm’s IP licensing business model, or replace its Mali GPU with NVidia technology, CEO
In the previous article, I discussed how Rancher’s Calico networking software, and the Intel NUCs. The infrastructure is based on K3s, Calico, and Portworx that provide the core building blocks of the Kubernetes cluster.
Solution Architecture
The sensors attached to the fans of the turbine provide the current rotational speed, vibration, temperature, and noise level. This telemetry data stream along with the deviceID from each fan acts as the input to the predictive maintenance solution.
InfluxDB is connected to Mosquitto via Grafana dashboard to InfluxDB to build a beautiful visualization for our AIoT solution.
In the next part of this tutorial, I will discuss the deployment architecture along with the storage and network considerations based on K3s, Calico, and Portworx. Stay tuned.
Janakiram MSV’s Webinar series, “Machine Intelligence and Modern Infrastructure (MI2)” offers informative and insightful sessions covering cutting-edge technologies. Sign up for the upcoming MI2 webinar at
Every network admin on the planet knows this dirty little secret: We’re running out of IPv4 addresses. This was an inevitability, given how wide-spread the network and network devices have become. Even on your LAN, you sometimes have to use subnetting, simply because you’ve found the devices on your massive enterprise network have gobbled up all the 192.68.1.x addresses.
It’s a problem.
Which is why IPv6 was developed. IPv6 offers a larger pool of addresses from which to use. The problem is that IPv6 isn’t nearly as easy to employ as IPv4. After all, 192.168.1.1 is much easier to remember than 0:0:0:0:0:ffff:c0a8:101.
But what’s a network administrator to do? Migrate all of those servers and various hardware devices from IPv4 to IPv6? In theory, yes, that is exactly what should happen. However, that’s not nearly as easy as one would like to think it would be. After all, you might have hundreds upon hundreds of devices and numerous locations. On top of which, there’s always that pesky DNS that must be updated (which could equate to downtime).
Oh, and let’s not forget that IPv6 is not backward compatible with IPv4. Why was this decision Continue reading
On the cloud native journey, there are both general lessons and best practices that apply to nearly all companies as well as industry-specific challenges. Cloud native journeys aren’t one-size-fits-all; the best way to handle storage, networking, security and even back-ups depends on the specifics of both the industry and the individual company.
We spoke with Nokia, about the specific challenges faced by telecom companies as they adopt containers and Kubernetes and how the industry is addressing them. Here’s what he had to say about best practices both for other telecoms as well as everyone making the move to cloud native.
Can you give an overview of Nokia’s cloud native journey? When did it start, how far are you in maturity? What have been major turning points/landmarks on the journey?
Nokia, as with many other telecom infrastructure vendors, has a long history in implementing and utilizing massively distributed systems. We started to build our own cluster management system back in the 1970s, which was based on proprietary hardware and software.
As network function virtualization (NFV) technology gained momentum in 2016, we began offering infrastructure solutions and virtual network functions (VNFs) for the ETSI NFV Management and Orchestration (MANO) standard, leveraging OpenStack. Today, Nokia’s CloudBand MANO solution is Continue reading
The whole agile move towards autonomous development is great to embrace the individual team and even engineer preference. However, there’s no doubt it makes it difficult for governance. It’s hard to monitor, observe and learn from disparate tooling.
Tetrate.io, KubeCon + CloudNativeCon Europe, virtual edition, a new Envoy extension as a single interpretation for these many languages.
He started by saying how: “One fundamental purpose of Envoy is its ability to see into every single request received or made by your application.”
Skopets says the next step is to extend Envoy as a way to learn from actual traffic in an efficient, flexible and simple manner. This usually involves natively developing Envoy in C++ and statically linking into the Envoy binary. He says this involves a lot of custom builds of Envoy which leads to “a lot of investment and commitment upfront.”
Skopets suggests instead using AssemblyScript, which is a subset of the Fork the code for this instance on Github.
KubeCon + CloudNativeCon is a sponsor of The New Stack.
Feature image by Pixabay.
The post KubeCon EU: Envoy Looks to WebAssembly to Extend Microservices Monitoring appeared first on The New Stack.
happens! Security isn’t in a much better state, because the need for scale and connectivity opens us up to more vulnerability. Security researcher James Mickens sounded the alarm in his 2015
KubeCon + CloudNativeCon and VMware sponsored this post, in anticipation of the virtual an incubation-level hosted project with the Cloud Native Computing Foundation (CNCF). This is a very proud moment and on behalf of the other project maintainers we want to thank the community for all of the work they put in to get us to this point.
If you don’t already know it, Contour is a simple and scalable open source ingress controller for routing traffic to applications running in Kubernetes. We’ll be offering an in-depth look at how Contour works and outlining our development roadmap at a
Although Istio has been in the headlines, Microsoft has released its new crowded and Service Mesh Interface (SMI) specification and like Linkerd but unlike Istio, Open Service Mesh can be configured by that SMI and it may even serve Continue reading
The release of HashiCorp’s push to widen the scope of its managed services offerings on the cloud.
The GA release of HCS on Armon Dadgar, co-founder and CTO of HashiCorp, said the Azure HCS release is part of HashiCorp’s shift to a more managed-services business model.
“We are transitioning from being a desktop software vendor to becoming more of a cloud software vendor,” said Dadgar.
Dadgar said HashiCorp opted for Azure since there is a lot of overlap between the kinds of customer organizations HashiCorp and Microsoft tend to focus on.
The launch Continue reading
For enterprises operating at scale and requiring high availability, ensuring failover at the Kubernetes node level simply isn’t enough. Instead, many are operating in a multicluster environment, ensuring that even if something fails at the cluster level their applications will remain operational.
For companies also running API gateway and ingress controller, this multicluster environment had become a pain point, as each cluster would require its own Gloo deployment, which in turn meant configuration, management, and control plane. In response, Solo.io has launched Idit Levine.
With federation, Levine said, not only is Gloo able Continue reading