Unifi Dream Machine home management device because, in addition to my personal and guest SSIDs, there is an apartment in my house for which I wanted to segment traffic. I also wanted to add an extra layer of security around some of the home automation and IoT devices that were being added to our home network with a fourth SSID.
I started to configure the new network, I had started a spreadsheet of VLANs, subnet CIDRs and mappings of those to SSIDs. Additionally, I needed to track firewall rules, port forwards and other settings and configurations. Needless to say, this was a lot of information to maintain and manage.
My day job is working on the Infrastructure-as Code (IaC) product
Prometheus, Spinnaker, Fluentd and Pixabay.
The post Part 4: When a ‘Service Mesh Lite’ Proxy Is Right for Your Organization appeared first on The New Stack.
The coming to the Linux kernel, much to the delight of Linux creator
“Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn’t perfect, but I’ve skimmed it, and compared to the horrors that are OpenVPN and IPSec, it’s a work of art,” Torvalds enthused, on the OpenVPN).
Another reason WireGuard is special is how it functions. Unlike the more complex competition, WireGuard functions in a similar fashion to SSH — by exchanging public keys. Once the keys have been exchanged and the connection made, there’s no need to manage connections or daemons, or be concerned about state or what’s going on under the hood.
For those that are interested in what’s going on under the hood, WireGuard makes use of the Curve25519, Poly1305, SipHash24, Jason Donenfeld’s prettysleepy1 from
For some companies, things like cloud native deployments on Kubernetes with microservices is a given. For others, those technologies comprise a still distant future, and contemporary complexities include the stuff of network switches, proprietary, vendor-specific configurations, and on-prem networks that require manual operations to manage. For companies in the latter category, intent-based networking (IBN), which means to replace the manual processes of configuring networks and reacting to network issues with a system that responds to a system administrator’s outcome-focused requests.
Apstra has been in the business of delivering intent-based networking since 2014, emerging from stealth in 2016. Apstra CEO and co-founder SONiC network operating system, which is based on Linux and is meant to run on switches from various vendors. Much like Apstra’s initial intention of providing a singular, automated entry point to manage a variety of different network components, SONiC provides “a full-suite of network functionality, like BGP and RDMA” that functions regardless of proprietary hardware.
Feature image by Pixabay.
The post Apstra’s Intent-Based Networking Brings Enterprises to Cloud Parity appeared first on The New Stack.
The late science fiction author Ray Bradbury’s short story classic“Jurassic Park”film franchise by decades, the follies of technology innovation that allow, among other things, for humans to interact with dinosaurs, predictably goes awry. However, “A Sound of Thunder”’s main theme is not so much about the risks of appeasing humans’ archetypical curiosity about scary beasts as it is about how interconnected our actions are. Bradbury portrays, for example, how the mere accident of going back in time and stepping on a butterfly can set in motion a chain of reaction that eventually leads to cataclysmic events in the future.
Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn
In today’s IT world of distributed systems built with Kubernetes and container orchestration technologies, it is beginning to emerge just how deep applications really are, as well as how deeply distributed they are. One of the effects this very distributed and connected infrastructure has is reflected in the famous
VMware has been on a buying jag in the past year, and its latest planned acquisition is the Palo Alto, Calif.-based Sanjay Uppal said in the acquisition announcement.
CEO and co-founder blog post:
First, Nyansa can proactively predict client problems, optimize their network, better enable the behavior of critical IoT devices, and justify infrastructure changes based on actual user, network and application data. Second, you will be able to use the breadth and depth of Nyansa’s data ingestion and analysis, including packet analysis and metrics via API across multivendor wired and wireless LAN environments. Finally, the combination of Nyansa’s AI/ML capabilities with VMware’s existing analytics, visibility and remediation capabilities will make it easier for you to operate and troubleshoot the virtual cloud network and accelerate the realization of a self-healing network.
Nyansa was valued at around $65 million after its most recent funding two years ago and had raised about $26.5 million, Carbon Black.
The transaction is expected to close within the next few months, subject to customary closing conditions.
VMware is a sponsor of The New Stack.
Feature image
Susanna Kass, who, after 30 years designing, building and operating data centers, is now the data center advisor for the SoundCloud | Pocket Casts | Apple Podcasts | Spotify | Darwin Laganzon from
Vijoy Pandey
Vijoy Pandey is the VP and CTO of Cloud at Cisco, having joined Cisco in August 2018. Vijoy was previously at Google where he has held various leadership roles in the architecture, engineering and operations of Google's global data center networking footprint, Cloud networking, and their two global WAN networks. He also led the development of software and systems for intent-driven zero-touch automation, diagnostic telemetry, data analytics and ML/AI and application-level awareness in the infrastructure. Prior to Google, Vijoy served in numerous CTO capacities including CTO of Networking at IBM Cloud and at IBM Systems and Software Group; CTO of Blade Network Technologies, and has led global engineering teams at Blade Network Technologies, Nortel and Alteon. Vijoy has led the industry’s automation and data analytics efforts for cloud-scale networks, and was instrumental in delivering many industry firsts — including the first intent-driven e2e automation framework at cloud scale, the first Open Source SDN controller; the first VM-aware switch, and the first low-latency HFT/HPC switch. He has a Ph.D. in Computer Science, and holds over 60 patents in distributed systems and networking.
In the last few years, we have seen application architectures evolve dramatically and become cloud native. Continue reading
The Linux Foundation has launched a project called LF Edge framework early this year, bringing together three existing projects and two new ones in an effort to foster interoperability and collaboration across the development communities for edge computing and the Internet of Things. It added two more projects in September: Arpit Joshipura, general manager of networking at The Linux Foundation.
Traditional vendors have sold Continue reading
Chris Wade
Chris Wade serves as the co-founder and CTO of Itential, a network automation software company focused on simplifying and accelerating the adoption of network automation and transforming network operations practices.
There has been tremendous innovation in IT infrastructure with the adoption of cloud-scale architecture and a migration towards modern applications. In contrast, Enterprise networking has been viewed over the last 30 years primarily for moving data between client-server applications. This basic premise along with consumer devices drove innovation in the network domain to prioritize “speeds and feeds” as the primary objective for networking vendors. Even with the adoption of cloud-scale infrastructure, most adoption meant a migration from current data centers to cloud platforms for IaaS (Infrastructure as a Service) which didn’t dramatically impact networking requirements.
For some context on network innovation, it is important to break network devices into their logical components. A simplified view of networks separates general functionality into three primary components:
Data Plane — Movement of packets or network data between network elements
Control Plane — Decision logic of where to send network data on the data plane
Management Plane — Interfaces that allow users & external systems to modify the behavior of the network.
Continue reading
IFX2019.
In this latest The New Stack Makers podcast recorded live at Zachary Smith, CEO and co-founder of Packet, and Sprint, discussed how bare metal fits into the emerging Internet of Things. The Dec. 4-5 event was Packet’s second annual vendor-neutral infrastructure conference and ran at the same time as AW Re:Invent.
A metaphor Rook used to describe bare-metal deployments for Sprint, a Packet customer, came from his daughter who had to tell her grade school class what her father did for a living: she said her father was a “machine whisperer.”
Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn
The metaphor fits well because it aptly reflects what bare-metal machines “try to tell you,” Rook said. “An individual machine cannot tell you much, but what machines tell you only start to make sense when you do two things: Number one is you start to listen to all of them at same time, and number two is you start to learn what they tell Continue reading
Consul services networking platform with the capability to manage service namespaces at an organization-wide level.
Released Tuesday, Consul 1.7 also comes with additional plugins to support a number of application monitoring and management tools, including AppDynamics, Datadog and the NGINX proxy.
HashiCorp presents Consul as a network automation tool for enterprises to connect and secure application services across multiple clouds and on-prem environments, putting all the services on a single communication plane with a shared registry.
The thinking behind Consul is that “you need a namespace service registry for the new, dynamic environment,” noted
on the HashiCorp blog.
HashiCorp is a sponsor of The New Stack.
Feature image
As NGINX, it has pledged published in the second half of 2018 found NGINX to be the most widely used ingress provider for Kubernetes.
For the Seattle-based application controller delivery software provider, a $670 million acquisition provides an established user base and mature technology that puts it at the center of microservice architectures.
Earlier this year, when it purchased NGINX, F5 said it planned to augment the open source web server/load balancer and reverse proxy software with F5’s own security technologies as well as with a set of “cloud native innovations” to enhance load balancing.
At François Locoh-Donou, president and CEO of F5 Networks pointed out that the technology acquisitions that have paid off for customers have been those in which the acquired company’s technology was core to the strategy of the acquiring company.
“NGINX is core to the strategy of F5 Networks,” he said. “Combined with the reach and breadth of the F5 application security portfolio, we Continue reading
IFX2019.
Developers tend to pay less attention to the underlying bare metal infrastructure supporting their open stack deployments. This is understandable amid the explosion of available open source tools and platforms on the cloud. But as the dust settles and organizations seek more ways to improve application performance, bare metal servers and devices are emerging as a key differentiator among DevOps teams looking for any way to improve application performance, and ultimately, the user experience. The issue, for many developer teams, is thus how to have control over the entire stack which, again, covers the bare metal infrastructure as well.
Packet has built its business around provisioning infrastructure for on-premises and the cloud, software that boosts server and overall ecosystem performance is critical as well — and for a number of reasons, open source alternatives play an obvious key role in what Packet does.
While Packet has contributed the open source community largely by providing servers and infrastructure for development purposes to projects such as the CNCF and CI/CD platform Nathan Goulding, chief architect for Continue reading
KubeCon + CloudNativeCon North America 2019, Nov. 18-21 in San Diego.
Perhaps the most global use case to come for Kubernetes is in the telecommunications industry. It does have about five billion users after all. And it’s inherently a hardware-backed, well-regulated industry.
The New Stack founder and publisher Alex Williams sat down at last month’s KubeCon + CloudNativeCon to talk about telco’s cloud native future with OPNFV), and Vulk Coop design and development cooperative. The different collaborative, telecom-focused Linux Foundation and Cloud Native Computing Foundation working groups that Kirksey and Carpenter are a part of have witnessed — and sometimes driven — telco’s move over the last five years from monolithic hardware appliances toward what’s now known as the cloud.
Subscribe: Fireside.fm | Stitcher | Overcast | TuneIn
For telcos, cloud native means software solving the complex problems heavy equipment traditionally did. It all comes down to answering two questions:
What are the problems Continue reading
Portworx sponsored this post.
Is it possible that managing stateful applications on Kubernetes will become easier than handling the stateless apps containers were originally designed for? Portworx, said that’s what customers are telling him.
When it comes to encouraging the adoption of Kubernetes in production in an enterprise setting, that is good news, but not something everyone would agree with. In a recent poll by The New Stack, 10% of respondents thought that improving Kubernetes’ integration with storage was the top challenge for the community — after concerns about user experience and support for multitenancy.
But Thirumale isn’t the only one who thinks the Kubernetes ecosystem is ready for stateful workloads. “People are starting to do serious stateful workloads in the cloud and in Kubernetes, in particular,” SoundCloud | Pocket Casts | Apple Podcasts | Spotify |
Portworx sponsored The New Stack’s coverage of KubeCon+CloudNativeCon North America 2019.
While you may thinking of Kubernetes as the future of computing, but it was, until recently, still stuck in the past in one way, namely that it was built on IPv4, the widely-used, though a soon-to-be-legacy version of the Internet Protocol upon which the internet was built.
The Internet Engineering Task Force has been long urging the internet service providers to move to IPv6, now that the world has exhausted the supply of 32-bit IPv4 addresses. With its 128-bit address space, IPv6 will offer an inexhaustibly supply of internet addresses.
“We ignored it,” admitted KubeCon + CloudNativeCon North America 2019 conference he gave with
Ashwath Nagaraj
Ashwath Nagaraj is co-founder and CTO of Aryaka, responsible for building the company’s vision and technology since its inception in 2009. He previously founded Allegro Systems; a security startup acquired by Cisco in 2001. Ashwath was also a founder of Assured Access Technologies, which developed WAN access and aggregation products. AAT was acquired by Alcatel in 1999. He holds 17 patents in storage, security, architecture and networking.
Business today moves at the speed of 1s and 0s, flashing through the internet into our computers, mobile phones, tablets and smart speakers. Digital Transformation is an undeniable driving force behind business success, and organizations that can’t adapt to the needs of their customers and the demands of their industry will get left behind. It has been eons (in internet terms) since just having a website was enough to be competitive. If your organization has mastered SEO, incorporated server virtualization, adapted to today’s mobile-first mentality — for both employees and customers — and are looking at the next step you can take to compete, SD-WAN is the next logical step.
SD-WAN (software-defined wide area network) at first glance appears to be an almost impossible chimera of “cheaper, faster and better” at Continue reading