When the proposed to be included in the still v.02, had only been around less than six months, and yet it aimed to skip the entry-level most young projects enter at and instead applied for inclusion at the secondary incubation tier. While the project was founded primarily by Google and IBM, and boasted numerous other contributors such as Yahoo, Apprenda, Concur, and AT&T, it was met with skepticism — it was so new, it didn’t really have adoption to speak of quite yet, and there were some Solo.io CEO
Cloudflare’s Jonathan Sullivan, NS1 chief technology officer and co-founder, told The New Stack.
While Cloudflare — an NS1 competitor — did have DNS redundancy built into its infrastructure, the resulting traffic drop in its network infrastructure was about 50% throughout its network and resulted in a 27-minutes outage of Cloudflare Internet properties and services, Cloudflare Chief Technology Officer blog post.
A router overload in the state of Georgia resulted in the Cloudflare outage. One way Cloudflare learned to prevent such an event from recurring was to set a limit on the Georgia router’s traffic for BGP sessions. This will result in the shutdown of Continue reading
Matthew O’Riordan
A serial entrepreneur and seasoned developer with over 15 years of hands-on development experience. Matthew is the CEO of Ably, an Infrastructure-as-a-Service (IaaS) provider. He was co-founder and technical director of Aqueduct, a leading digital agency in London and Founder of easyBacklog, a SaaS agile backlog management tool. Matthew co-founded Econsultancy, a global digital marketing publishing, training and research business, with Ashley Friedlein and exited via a £25m trade sale to Centaur Media plc in 2012.
The publish-subscribe (or pub/sub) messaging pattern is a design pattern that provides a framework for exchanging messages that allows for loose coupling and scaling between the sender of messages (publishers) and receivers (subscribers) on topics they subscribe to.
Messages are sent (pushed) from a publisher to subscribers as they become available. The host (publisher) publishes messages (events) to channels (topics). Subscribers can sign up for the topics they are interested in.
This is different from the standard request/response (pull) models in which publishers check if new data has become available. This makes the pub/sub method the most suitable framework for streaming data in real-time.
It also means that dynamic networks can be built at internet scale. However, building a messaging infrastructure at Continue reading
The open source Envoy proxy, joined the Cloud Native Computing Foundation (CNCF) as an incubation level project, skipping over the traditional sandbox level entry point. The project, originally developed in 2017 at Heptio before the company’s acquisition by VMware, displayed a level of usage in the field, support in the community and activity in its ecosystem that warranted skipping the sandbox, said
KubeCon + CloudNativeCon sponsored this post, in anticipation of Linkerd can deliver critical features such as transparent mutual TLS, gRPC load balancing, blue-green deploys, and golden metrics. But like all abstractions, these features come at a cost. Some of this cost is human in nature: the more complex the service mesh, the more effort required to operate it successfully. Some of the cost is system cost: a service mesh consumes CPU and memory, and introduces latency to the application.
Linkerd’s goal is to minimize this cost by being the smallest, fastest service mesh for Kubernetes (a claim which
“I’m pretty sure that you won’t hear anybody saying, ‘Oh, yeah, we implemented a service mesh, and it was easy to do.’ They were just extremely complicated systems,” said Marco Palladino. The first generation of service meshes, released around 2017, “came with lots of moving parts, lots of dependencies, and lots of assumptions that we did not necessarily agree with.”
Those meshes were hyperfocused on Kubernetes, he said, while customers, though perhaps running K8s, also were still running virtual machines. They don’t scale and require a new cluster for each mesh.
This month the tech industry’s lexicon is seeing a small but significant shift: Common technical phrases, most notably “Master/Slave” and “Whitelist/Blacklist” that have been red-flagged as offensive, or even racist, sometimes for decades, are getting updates. Android and GitHub Android, Splunk. Many orgs are also looking at replacing the concept of “whitelist” in both its documentation and in its APIs. Other companies and open source projects are following suit.
This work is in part to take another semantic and moral stand that Black Lives Matter. And, at times, it is
HashiCorp has expanded its Consul network control plane by widening its scope for different highly distributed services and environments — while simplifying and expanding its compliance and policy management capabilities.
By adding gateway options and compliance features with today’s release of Consul 1.8, HashiCorp has made the control plane able to manage many different environments in a single interface, the company says. These might include services and applications running in containers, Kubernetes or virtual machines (VMs) on bare metal, traditional data centers or multicloud environments that are often widely dispersed geographically.
“We are useful to customers because we offer a layer across [different environments] with a single management plane. The challenges customers have is they have many services that sit outside of service mesh, such as traditional applications, and need to bring them into the same fold,” HashiCorp, told The New Stack. “So how can services talk to your applications within your service mesh, and how do the applications in the service mesh talk out? Consul 1.8 solves that problem.”
Consul 1.8’s audit logging and single sign-on (SSO) features (which are part of the enterprise version) Continue reading
“Open source is free like a puppy,” said Aspen Mesh, provider of an enterprise version of the open source Linkerd, that is the only reason to turn to William Morgan, CEO of Buoyant. “This is more of a philosophical stance. However, if you want to have a commercial relationship with us, we will make sure the service mesh works for you, with services and integration and all that stuff.”
Taming Complexity
Service meshes are designed for very complex architectures. They only make sense for companies Continue reading
In 2016, when the digital media arm of the in increasingly large numbers.
“I remember the fear that the huge event we were experiencing could bring our platform down,” said recalled at HAProxy 2019. They kept watching the Grafana dashboard, searching for potential anomalies.
In the end, however, nothing bad happened. “We ended up drinking beers and eating pizzas,” he said. But Gallissot didn’t want to go through such a stressful experience again, and so started an initiative to move M6 to the cloud.
Like many organizations dealing with surges of traffic, M6 decided on Kubernetes as the platform for a multicloud architecture, to ease the process of easily scaling up and down traffic. And one of the most crucial parts of the Kubernetes setup is routing the incoming traffic to the appropriate services.
Kubernetes itself offers an option to capture the
Ian Baxter
Ian Baxter is the Vice President of Pre-Sales Engineering at IRONSCALES and has more than 20 years of extensive industry experience in the information security, technology and communications fields, having held various positions including both individual contributor and systems engineering management roles. During his career, Ian has regularly presented at various industry events on security topics such as threat prevention, ransomware, and best practices. Prior to IRONSCALES, Ian served as Americas' Director of Data Center Sales for NetApp covering Canada, Latin America and the US. He's also worked for large multinational technology companies such as Palo Alto Networks, Foundry Networks/Brocade, Alcatel Lucent, and Fore Systems/Marconi. Ian is originally from South Africa, and now resides in the United States.
Robert Metcalfe, co-inventor of Ethernet, is renowned for many things, but perhaps none more so than his namesake law:
The need for faster and more reliable VPN connections has certainly spiked recently in the wake of the COVID-19 pandemic and the massive shift of workers away from office hubs to home locations.
For developers who must rely on VPNs for data transfers, the act of loading code on git and other more mundane tasks can obviously take much longer depending on network saturation from remote locations. Productivity is obviously lost, as well as time, which is in short supply for so many these days.
Managed DNS support for VPNs can help to boost both network data transfer rates and robustness for VPNs, as well as other network infrastructure for any user, in addition to developers working remotely.
To that end, DNS solutions provider Terry Bernstein, NS1 director of product management, said.
The end result is improved VPN connectivity, which through load-balancing and steering connections at the DNS layer, are connected to the best performing endpoint. NS1’s DNS Continue reading
Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week’s episode, we spoke with The New Stack correspondent Jennifer Riggins about all of the reporting she and others on the TNS team have been doing recently on the effects that the COVID-19 global pandemic is having on the tech industry.
TNS editorial and marketing director Libby Clark hosted this episode, alongside founder and TNS publisher Alex Williams and TNS managing editor Joab Jackson.
Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn
For this episode, we wanted to look at and not only discuss the changing patterns in network traffic that the global COVID-19 pandemic has wrought, due to factors such as people staying at home and working from home, and the sudden acceleration of e-learning. As Riggins writes in a recent post:
For a lot of tech and infrastructure teams, they not only are going through the stress of the collective trauma we’re sharing in, but they are struggling to keep up with ever-scaling, extreme strains on their systems. Simply put, Continue reading
If you deal with Kubernetes, you know that storage is one of the core building blocks of the cluster infrastructure. It is as important as the compute building block delivered by the worker nodes. Since the power of the cluster is always measured in terms of the number of worker nodes and their configuration, storage doesn’t get its share of attention.
Imagine this: you configured a powerful bare-metal cluster and want to run a highly available and mission-critical workload on it. Without a solid storage engine, your cluster is only good for running stateless and ephemeral workloads that don’t need persistence. But any enterprise application is a combination of both — stateless and stateful services. You wouldn’t be able to justify the investment made in the brand new Kubernetes cluster if you are unable to run end-to-end applications on it.
When you install the open source, up-steam Kubernetes distribution, it doesn’t come with a high-performance storage engine. Unlike managed Kubernetes services in the public cloud that come with default storage classes mapped to their respective block storage services, your cluster doesn’t have any storage class.
A persistent volume is to storage what a node is to compute.
Just like the Continue reading
Application performance management company Michael Olson, director of product marketing at New Relic, said.
“It’s very difficult to be able to quickly diagnose quickly detect, diagnose and ultimately Continue reading
How do companies manage the security implications of working from home, in a country where remote work has generally been frowned on? Devo, a data analytics and security platform with headquarters in Madrid, helps companies get visibility into their networks — something that has become even more critical as more companies rely on virtual private network (VPNs) to security connect team members working from home.
We spoke with Devo, and carloyuen from