Archive

Category Archives for "Networking – The New Stack"

What Has COVID-19 Taught Us About Information Networks?

Niraj Tolia Niraj Tolia is the CEO and co-founder at Kasten and is interested in all things Kubernetes. He has played multiple roles in the past, including the Senior Director of Engineering for Dell EMC's CloudBoost family of products and the VP of Engineering and Chief Architect at Maginatics (acquired by EMC). Niraj received his Ph.D., MS, and BS in Computer Engineering from Carnegie Mellon University. COVID-19 has been the most disruptive event in modern history, right up there with 9/11. But unlike a terrorist’s attack, this one has no geographic, ideological, or political boundaries. It’s been an equal opportunity pestilence, and there’s no way to downplay its impact. However, it may be comforting to know that if it had occurred as recently as 30 or 40 years ago, a coronavirus outbreak would have been a far greater disaster. That’s because, during the intervening decades, a robust global communication network infrastructure has emerged. Today, a significant portion of the world’s commerce, administrative, and productive work is routinely conducted through that network’s digital conduits, clouds, server farms, data centers, and privately owned user devices. As a result, even with a massive workforce quarantine in place, a lot of work Continue reading

Istio 1.5 Brings a Binary Installer, WASM-Based Extensibility for Envoy

The newest version of the open source version 1.5, comes with a fresh installer to simplify the deployment process, along with a new extension model, based on WebAssembly (WASM), to help proxy servers better filter traffic. The development team behind Istio mark the Envoy‘s, the data plane most frequently used with Istio. “WASM will give developers the ability to safely distribute and execute code in the Envoy proxy — to integrate with telemetry systems, policy systems, control routing and even transform the body of a message,” a web page Linkerd and HashiCorp’s istioctl configuration tool. Security has been enhanced through the support of Kyle Glenn on 

Beyond Kube-Proxy: Project Calico Harnesses eBPF for a Faster Data Plane

Thanks to the power of the newly-introduced Calico network management software with a new data plane mode, one that can speed pod-to-pod data communication and eliminate the dependency on Kubernetes’ kube-proxy for traffic management. Tigera had started releasing work with eBPF almost a year ago, but this is the first release of Calico that fully harnesses the power of the new Linux kernel technology, Tigera co-founder and chief technology officer, said. “We wanted to derive what we were doing from fundamentals, to be confident we were building the right thing for users,” said scale Continue reading

Stateless Rethinks Modern Networking

There’s a whole new realm that the network is expected to accomplish with the newest architectures, according toBarefoot Tofino P4 Ethernet switch with the Stateless Luxon software to provide programmability deeper into the switch. Intel acquired Barefoot Networks, the creator of the protocol-independent Murad Kablan has said. Stateless aims to change all that. Its customers are looking to provide multitenancy and multitiered multitenancy — hundreds of thousands Continue reading

NS1 Builds on DNS to Speed Traffic Management

When user experience is increasingly synonymous with speed and reliability, new traffic management sub-teams are appearing at elite digital enterprises. In this episode of The New Stack Makers podcast, we talk to NS1, the networking automation company or, as he calls it, “the system of record for many, many of the key domains and the applications on the internet today.” Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn He says that each of us interacts with NS1 dozens of times a day, like when we are connecting on LinkedIn or sharing files on DropBox. NS1 sits at the base of this new traffic management stack, steering that traffic across our increasingly complex and distributed systems. This stack also includes content networking delivery networks (CDN), load-balancing tooling, edge networking footprints, service meshes, and software for service discovery and egress optimization. This new role isn’t just about measuring if traffic is working correctly, but really understanding both your users and systems Continue reading

Akamai: The Financial Sector Is Seeing More APIs-Based Attacks

Cyberattackers are now increasingly targeting APIs, especially in the financial sector, according to content delivery network Akamai’s between 15% and 30% of all web traffic. The Cambridge, Massachusetts-based company hAndy Ellis neatly summarized the resultsemail to VentureBeat, Akamai explained some of the advantages of automation: criminals “use bots and tools that allow threading, or multiple simultaneous connections, to attempt multiple logins at once.” And by targeting APIs, “they hope to avoid some front-end defenses and speed up their validation times.” A recent Franck V. on 

How Much Will App Services Like Service Mesh Grow?

Network management services for modern architectures, such as the service mesh and the API gateway, are increasingly on IT professionals’ roadmaps, especially within public cloud environments. Notably, 37% of IT professionals expect to start using service meshes in the public cloud in the next year, but actual adoption rates may be significantly lower if the technology’s hype bubble bursts. Those are two of our takeaways from F5 Networks’ “

Cisco Previews Managed HyperFlex Application Platform for Kubernetes

AppDynamics Customer Journey Map, HyperFlex Application Platform for Kubernetes, and it has said that all three are expected to be generally available sometime within the next few months. The first two products are meant to provide insight into and optimization of application performance, and even target business metrics such as cost. The HyperFlex Application Platform for Kubernetes, meanwhile, is Cisco’s new managed Kubernetes product, which will not only provide a “turnkey” Kubernetes platform, but also a number of other managed services, including container networking, container storage, ingress and L7 load balancer, logging, monitoring, a container registry, and service mesh. Gerd Altmann from 

How to Manage a Home Network with Infrastructure as Code

Unifi Dream Machine home management device because, in addition to my personal and guest SSIDs, there is an apartment in my house for which I wanted to segment traffic. I also wanted to add an extra layer of security around some of the home automation and IoT devices that were being added to our home network with a fourth SSID. I started to configure the new network, I had started a spreadsheet of VLANs, subnet CIDRs and mappings of those to SSIDs. Additionally, I needed to track firewall rules, port forwards and other settings and configurations. Needless to say, this was a lot of information to maintain and manage. My day job is working on the Infrastructure-as Code (IaC) product

WireGuard VPN Protocol Coming to a Linux Kernel Near You

The coming to the Linux kernel, much to the delight of Linux creator “Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn’t perfect, but I’ve skimmed it, and compared to the horrors that are OpenVPN and IPSec, it’s a work of art,” Torvalds enthused, on the OpenVPN). Another reason WireGuard is special is how it functions. Unlike the more complex competition, WireGuard functions in a similar fashion to SSH — by exchanging public keys. Once the keys have been exchanged and the connection made, there’s no need to manage connections or daemons, or be concerned about state or what’s going on under the hood. For those that are interested in what’s going on under the hood, WireGuard makes use of the Curve25519, Poly1305, SipHash24, Jason Donenfeld’s prettysleepy1 from 

Apstra’s Intent-Based Networking Brings Enterprises to Cloud Parity

For some companies, things like cloud native deployments on Kubernetes with microservices is a given. For others, those technologies comprise a still distant future, and contemporary complexities include the stuff of network switches, proprietary, vendor-specific configurations, and on-prem networks that require manual operations to manage. For companies in the latter category, intent-based networking (IBN), which means to replace the manual processes of configuring networks and reacting to network issues with a system that responds to a system administrator’s outcome-focused requests. Apstra has been in the business of delivering intent-based networking since 2014, emerging from stealth in 2016. Apstra CEO and co-founder SONiC network operating system, which is based on Linux and is meant to run on switches from various vendors. Much like Apstra’s initial intention of providing a singular, automated entry point to manage a variety of different network components, SONiC provides “a full-suite of network functionality, like BGP and RDMA” that functions regardless of proprietary hardware. Feature image by Pixabay. The post Apstra’s Intent-Based Networking Brings Enterprises to Cloud Parity appeared first on The New Stack.

Distributed Systems and the Butterfly Effect

The late science fiction author Ray Bradbury’s short story classic“Jurassic Park”film franchise by decades, the follies of technology innovation that allow, among other things, for humans to interact with dinosaurs, predictably goes awry. However, “A Sound of Thunder”’s main theme is not so much about the risks of appeasing humans’ archetypical curiosity about scary beasts as it is about how interconnected our actions are. Bradbury portrays, for example, how the mere accident of going back in time and stepping on a butterfly can set in motion a chain of reaction that eventually leads to cataclysmic events in the future. Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn In today’s IT world of distributed systems built with Kubernetes and container orchestration technologies, it is beginning to emerge just how deep applications really are, as well as how deeply distributed they are. One of the effects this very distributed and connected infrastructure has is reflected in the famous

VMware Acquires Nyansa for AI-Aided Networking Analytics

VMware has been on a buying jag in the past year, and its latest planned acquisition is the Palo Alto, Calif.-based Sanjay Uppal said in the acquisition announcement. CEO and co-founder blog post: First, Nyansa can proactively predict client problems, optimize their network, better enable the behavior of critical IoT devices, and justify infrastructure changes based on actual user, network and application data. Second, you will be able to use the breadth and depth of Nyansa’s data ingestion and analysis, including packet analysis and metrics via API across multivendor wired and wireless LAN environments. Finally, the combination of Nyansa’s AI/ML capabilities with VMware’s existing analytics, visibility and remediation capabilities will make it easier for you to operate and troubleshoot the virtual cloud network and accelerate the realization of a self-healing network. Nyansa was valued at around $65 million after its most recent funding two years ago and had raised about $26.5 million, Carbon Black. The transaction is expected to close within the next few months, subject to customary closing conditions. VMware is a sponsor of The New Stack. Feature image

Re-Imagining the Network for the Cloud Native Era

Vijoy Pandey Vijoy Pandey is the VP and CTO of Cloud at Cisco, having joined Cisco in August 2018. Vijoy was previously at Google where he has held various leadership roles in the architecture, engineering and operations of Google's global data center networking footprint, Cloud networking, and their two global WAN networks. He also led the development of software and systems for intent-driven zero-touch automation, diagnostic telemetry, data analytics and ML/AI and application-level awareness in the infrastructure. Prior to Google, Vijoy served in numerous CTO capacities including CTO of Networking at IBM Cloud and at IBM Systems and Software Group; CTO of Blade Network Technologies, and has led global engineering teams at Blade Network Technologies, Nortel and Alteon. Vijoy has led the industry’s automation and data analytics efforts for cloud-scale networks, and was instrumental in delivering many industry firsts — including the first intent-driven e2e automation framework at cloud scale, the first Open Source SDN controller; the first VM-aware switch, and the first low-latency HFT/HPC switch. He has a Ph.D. in Computer Science, and holds over 60 patents in distributed systems and networking. In the last few years, we have seen application architectures evolve dramatically and become cloud native. Continue reading

DENT: An Operating System for Disaggregated Network Switches

The Linux Foundation has launched a project called LF Edge framework early this year, bringing together three existing projects and two new ones in an effort to foster interoperability and collaboration across the development communities for edge computing and the Internet of Things. It added two more projects in September: Arpit Joshipura, general manager of networking at The Linux Foundation. Traditional vendors have sold Continue reading

Network Automation and the Lack of Innovation in the Management Plane

Chris Wade Chris Wade serves as the co-founder and CTO of Itential, a network automation software company focused on simplifying and accelerating the adoption of network automation and transforming network operations practices. There has been tremendous innovation in IT infrastructure with the adoption of cloud-scale architecture and a migration towards modern applications. In contrast, Enterprise networking has been viewed over the last 30 years primarily for moving data between client-server applications. This basic premise along with consumer devices drove innovation in the network domain to prioritize “speeds and feeds” as the primary objective for networking vendors. Even with the adoption of cloud-scale infrastructure, most adoption meant a migration from current data centers to cloud platforms for IaaS (Infrastructure as a Service) which didn’t dramatically impact networking requirements. For some context on network innovation, it is important to break network devices into their logical components. A simplified view of networks separates general functionality into three primary components: Data Plane — Movement of packets or network data between network elements Control Plane — Decision logic of where to send network data on the data plane Management Plane — Interfaces that allow users & external systems to modify the behavior of the network. Continue reading

Packet and Sprint on Why Bare Metal Is the ‘Lowest-Common Denominator’

IFX2019. In this latest The New Stack Makers podcast recorded live at Zachary Smith, CEO and co-founder of Packet, and Sprint, discussed how bare metal fits into the emerging Internet of Things. The Dec. 4-5 event was Packet’s second annual vendor-neutral infrastructure conference and ran at the same time as AW Re:Invent. A metaphor Rook used to describe bare-metal deployments for Sprint, a Packet customer, came from his daughter who had to tell her grade school class what her father did for a living: she said her father was a “machine whisperer.” Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn The metaphor fits well because it aptly reflects what bare-metal machines “try to tell you,” Rook said. “An individual machine cannot tell you much, but what machines tell you only start to make sense when you do two things: Number one is you start to listen to all of them at same time, and number two is you start to learn what they tell Continue reading