Archive

Category Archives for "Networking – The New Stack"

Design an Edge System for the Cloud Native Edge Infrastructure

In the previous article, I discussed how Rancher’s Calico networking software, and the Intel NUCs. The infrastructure is based on K3s, Calico, and Portworx that provide the core building blocks of the Kubernetes cluster. Solution Architecture The sensors attached to the fans of the turbine provide the current rotational speed, vibration, temperature, and noise level. This telemetry data stream along with the deviceID from each fan acts as the input to the predictive maintenance solution. InfluxDB is connected to Mosquitto via Grafana dashboard to InfluxDB to build a beautiful visualization for our AIoT solution. In the next part of this tutorial, I will discuss the deployment architecture along with the storage and network considerations based on K3s, Calico, and Portworx. Stay tuned. Janakiram MSV’s Webinar series, “Machine Intelligence and Modern Infrastructure (MI2)” offers informative and insightful sessions covering cutting-edge technologies. Sign up for the upcoming MI2 webinar at

TAYGA: Bridge an IPv6 Network Back to IPv4 using NAT64

Every network admin on the planet knows this dirty little secret: We’re running out of IPv4 addresses. This was an inevitability, given how wide-spread the network and network devices have become. Even on your LAN, you sometimes have to use subnetting, simply because you’ve found the devices on your massive enterprise network have gobbled up all the 192.68.1.x addresses. It’s a problem. Which is why IPv6 was developed. IPv6 offers a larger pool of addresses from which to use. The problem is that IPv6 isn’t nearly as easy to employ as IPv4. After all, 192.168.1.1 is much easier to remember than 0:0:0:0:0:ffff:c0a8:101. But what’s a network administrator to do? Migrate all of those servers and various hardware devices from IPv4 to IPv6? In theory, yes, that is exactly what should happen. However, that’s not nearly as easy as one would like to think it would be. After all, you might have hundreds upon hundreds of devices and numerous locations. On top of which, there’s always that pesky DNS that must be updated (which could equate to downtime). Oh, and let’s not forget that IPv6 is not backward compatible with IPv4. Why was this decision Continue reading

Q&A: Building on 40 Years of Experience with Distributed Systems at Nokia

On the cloud native journey, there are both general lessons and best practices that apply to nearly all companies as well as industry-specific challenges. Cloud native journeys aren’t one-size-fits-all; the best way to handle storage, networking, security and even back-ups depends on the specifics of both the industry and the individual company.  We spoke with Nokia, about the specific challenges faced by telecom companies as they adopt containers and Kubernetes and how the industry is addressing them. Here’s what he had to say about best practices both for other telecoms as well as everyone making the move to cloud native.  Can you give an overview of Nokia’s cloud native journey? When did it start, how far are you in maturity? What have been major turning points/landmarks on the journey?  Nokia, as with many other telecom infrastructure vendors, has a long history in implementing and utilizing massively distributed systems. We started to build our own cluster management system back in the 1970s, which was based on proprietary hardware and software. As network function virtualization (NFV) technology gained momentum in 2016, we began offering infrastructure solutions and virtual network functions (VNFs) for the ETSI NFV Management and Orchestration (MANO) standard, leveraging OpenStack. Today, Nokia’s CloudBand MANO solution is Continue reading

KubeCon EU: Envoy Looks to WebAssembly to Extend Microservices Monitoring

The whole agile move towards autonomous development is great to embrace the individual team and even engineer preference. However, there’s no doubt it makes it difficult for governance. It’s hard to monitor, observe and learn from disparate tooling. Tetrate.io, KubeCon + CloudNativeCon Europe, virtual edition, a new Envoy extension as a single interpretation for these many languages. He started by saying how: “One fundamental purpose of Envoy is its ability to see into every single request received or made by your application.” Skopets says the next step is to extend Envoy as a way to learn from actual traffic in an efficient, flexible and simple manner. This usually involves natively developing Envoy in C++ and statically linking into the Envoy binary. He says this involves a lot of custom builds of Envoy which leads to “a lot of investment and commitment upfront.” Skopets suggests instead using AssemblyScript, which is a subset of the Fork the code for this instance on Github. KubeCon + CloudNativeCon is a sponsor of The New Stack. Feature image by Pixabay. The post KubeCon EU: Envoy Looks to WebAssembly to Extend Microservices Monitoring appeared first on The New Stack.

Introducing Contour: Routing Traffic to Applications in Kubernetes

KubeCon + CloudNativeCon and VMware sponsored this post, in anticipation of the virtual an incubation-level hosted project with the Cloud Native Computing Foundation (CNCF). This is a very proud moment and on behalf of the other project maintainers we want to thank the community for all of the work they put in to get us to this point. If you don’t already know it, Contour is a simple and scalable open source ingress controller for routing traffic to applications running in Kubernetes. We’ll be offering an in-depth look at how Contour works and outlining our development roadmap at a 

The HashiCorp Consul Service Comes to Microsoft Azure

The release of HashiCorp’s push to widen the scope of its managed services offerings on the cloud. The GA release of HCS on Armon Dadgar, co-founder and CTO of HashiCorp, said the Azure HCS release is part of HashiCorp’s shift to a more managed-services business model. “We are transitioning from being a desktop software vendor to becoming more of a cloud software vendor,” said Dadgar. Dadgar said HashiCorp opted for Azure since there is a lot of overlap between the kinds of customer organizations HashiCorp and Microsoft tend to focus on. The launch Continue reading

Gloo Federation Brings Unified Control Plane, Stitchable APIs Across Multicluster Deployments

For enterprises operating at scale and requiring high availability, ensuring failover at the Kubernetes node level simply isn’t enough. Instead, many are operating in a multicluster environment, ensuring that even if something fails at the cluster level their applications will remain operational. For companies also running API gateway and ingress controller, this multicluster environment had become a pain point, as each cluster would require its own Gloo deployment, which in turn meant configuration, management, and control plane. In response, Solo.io has launched Idit Levine. With federation, Levine said, not only is Gloo able Continue reading

Google’s Management of Istio Raises Questions in the Cloud Native Community

When the proposed to be included in the still v.02, had only been around less than six months, and yet it aimed to skip the entry-level most young projects enter at and instead applied for inclusion at the secondary incubation tier. While the project was founded primarily by Google and IBM, and boasted numerous other contributors such as Yahoo, Apprenda, Concur, and AT&T, it was met with skepticism — it was so new, it didn’t really have adoption to speak of quite yet, and there were some Solo.io CEO

Cloudflare’s Network Shutdown Shows Why DNS Is a DevOps Problem

Cloudflare’s Jonathan Sullivan, NS1 chief technology officer and co-founder, told The New Stack. While Cloudflare — an NS1 competitor — did have DNS redundancy built into its infrastructure, the resulting traffic drop in its network infrastructure was about 50% throughout its network and resulted in a 27-minutes outage of Cloudflare Internet properties and services, Cloudflare Chief Technology Officer blog post. A router overload in the state of Georgia resulted in the Cloudflare outage. One way Cloudflare learned to prevent such an event from recurring was to set a limit on the Georgia router’s traffic for BGP sessions. This will result in the shutdown of Continue reading

Publish-Subscribe: Introduction to Scalable Messaging

Matthew O’Riordan A serial entrepreneur and seasoned developer with over 15 years of hands-on development experience. Matthew is the CEO of Ably, an Infrastructure-as-a-Service (IaaS) provider. He was co-founder and technical director of Aqueduct, a leading digital agency in London and Founder of easyBacklog, a SaaS agile backlog management tool. Matthew co-founded Econsultancy, a global digital marketing publishing, training and research business, with Ashley Friedlein and exited via a £25m trade sale to Centaur Media plc in 2012. The publish-subscribe (or pub/sub) messaging pattern is a design pattern that provides a framework for exchanging messages that allows for loose coupling and scaling between the sender of messages (publishers) and receivers (subscribers) on topics they subscribe to. Messages are sent (pushed) from a publisher to subscribers as they become available. The host (publisher) publishes messages (events) to channels (topics). Subscribers can sign up for the topics they are interested in. This is different from the standard request/response (pull) models in which publishers check if new data has become available. This makes the pub/sub method the most suitable framework for streaming data in real-time. It also means that dynamic networks can be built at internet scale. However, building a messaging infrastructure at Continue reading

Contour Ingress Controller Joins CNCF at Incubation Level

The open source Envoy proxy, joined the Cloud Native Computing Foundation (CNCF) as an incubation level project, skipping over the traditional sandbox level entry point. The project, originally developed in 2017 at Heptio before the company’s acquisition by VMware, displayed a level of usage in the field, support in the community and activity in its ecosystem that warranted skipping the sandbox, said

Linkerd’s Little Secret: a Lightning Fast, Service Mesh Focused Rust Network Proxy

KubeCon + CloudNativeCon sponsored this post, in anticipation of Linkerd can deliver critical features such as transparent mutual TLS, gRPC load balancing, blue-green deploys, and golden metrics. But like all abstractions, these features come at a cost. Some of this cost is human in nature: the more complex the service mesh, the more effort required to operate it successfully. Some of the cost is system cost: a service mesh consumes CPU and memory, and introduces latency to the application. Linkerd’s goal is to minimize this cost by being the smallest, fastest service mesh for Kubernetes (a claim which

Kuma, a New CNCF Project, Enhances the Control Plane for Mixed Infrastructure

“I’m pretty sure that you won’t hear anybody saying, ‘Oh, yeah, we implemented a service mesh, and it was easy to do.’ They were just extremely complicated systems,” said Marco Palladino. The first generation of service meshes, released around 2017, “came with lots of moving parts, lots of dependencies, and lots of assumptions that we did not necessarily agree with.” Those meshes were hyperfocused on Kubernetes, he said, while customers, though perhaps running K8s, also were still running virtual machines. They don’t scale and require a new cluster for each mesh.

Words Matter: Finally, Tech Looks at Removing Exclusionary Language

This month the tech industry’s lexicon is seeing a small but significant shift: Common technical phrases, most notably “Master/Slave” and “Whitelist/Blacklist” that have been red-flagged as offensive, or even racist, sometimes for decades, are getting updates. Android and GitHub Android, Splunk. Many orgs are also looking at replacing the concept of “whitelist” in both its documentation and in its APIs. Other companies and open source projects are following suit. This work is in part to take another semantic and moral stand that Black Lives Matter. And, at times, it is