Kubernetes Unpacked 024: Day Zero Kubernetes With Kristina Devochko
In this episode, Michael catches up with Kristina Devochko, a Senior Software Architect to talk about Day Zero Kubernetes. Originally, Michael thought that it would be similar to Day One and Day Two Ops, but Day Zero is drastically different. Kristina and Michael discuss what engineers need to know to get the job done, how to think about planning Kubernetes architecture, and overall security best practices for what’s needed in Day Zero.
The post Kubernetes Unpacked 024: Day Zero Kubernetes With Kristina Devochko appeared first on Packet Pushers.
Kubernetes Unpacked 024: Day Zero Kubernetes With Kristina Devochko
In this episode, Michael catches up with Kristina Devochko, a Senior Software Architect to talk about Day Zero Kubernetes. Originally, Michael thought that it would be similar to Day One and Day Two Ops, but Day Zero is drastically different. Kristina and Michael discuss what engineers need to know to get the job done, how to think about planning Kubernetes architecture, and overall security best practices for what’s needed in Day Zero.Mastodon Needs More Brand Support
As much as I want to move over to Mastodon full time, there’s one thing I feel that is massively holding it back. Yes, you can laud the big things about federations and freedom as much as you want. However, one thing I’ve seen hanging out in the fringes of the Fediverse that will ultimately hold Mastodon back is the hostility toward brands.
Welcoming The Crowd
If you’re already up in arms because of that opening, ask yourself why. What is it about a brand that has you upset? Don’t they have the same right to share on the platform as the rest of us? I will admit that not every person on Mastodon has this outward hostility toward companies. However I can also sense this feeling that brands don’t belong.
It reminds me a lot of the thinly veiled distaste for companies that some Linux proponents have. The “get your dirty binary drivers out of my pristine kernel” crowd. The ones that want the brands to bend to their will and only do things the way they want. If you can’t provide us the drivers and software for free with full code support for us to hack as much Continue reading
What is SASE? Definition, Benefits, and How to Use It
Secure Access Service Edge (SASE) combines WAN edge services with Secure Service Edge tools and services to securely connect remote users and sites to data, cloud services, and the enterprise.Why Is OSPF (and BGP) More Complex than STP?
I got this question from one of my readers:
Why are OSPF and BGP are more complex than STP from a designer or administrator point of view? I tried everything to come to a conclusion but I couldn’t find a concluded answer, ChatGPT gave a circular loop answer.
There are numerous reasons why a protocol, a technology or a solution might be more complex than another seemingly similar one (or as Russ White would have said, “if you haven’t found the tradeoffs, you haven’t looked hard enough"):
Why Is OSPF (and BGP) More Complex than STP?
I got this question from one of my readers:
Why are OSPF and BGP are more complex than STP from a designer or administrator point of view? I tried everything to come to a conclusion but I couldn’t find a concluded answer, ChatGPT gave a circular loop answer.
There are numerous reasons why a protocol, a technology or a solution might be more complex than another seemingly similar one (or as Russ White would have said, “if you haven’t found the tradeoffs, you haven’t looked hard enough”):
Calico’s 3.26.0 update unlocks high density vertical scaling in Kubernetes
Kubernetes is a highly popular and widely used container orchestration platform designed to deploy and manage containerized applications at a scale, with strong horizontal scaling capabilities that can support up to 5,000 nodes; the only limit in adding nodes to your cluster is your budget. However, its vertical scaling is restricted by its default configurations, with a cap of 110 pods per node. To maximize the use of hardware resources and minimize the need for costly horizontal scaling, users can adjust the kubelet maximum pod configuration to increase this limit allowing more pods to run concurrently on a single node.
To avoid network performance issues and achieve efficient horizontal scaling in a Kubernetes cluster that is tasked to run a large number of pods, high-speed links and switches are essential. A reliable and flexible Software Defined Networking (SDN) solution, such as Calico, is also important for managing network traffic efficiently. Calico has been tested and proven by numerous companies for horizontal scaling, but in this post, we will discuss recent improvements made to help vertical scaling of containerized applications to just work.
For example, the following chart illustrates the efficiency achieved with the improvements of vertical scaling in Calico 3. Continue reading
Network Administrator Skills: The Essential Job Toolkit
While network technologies are rapidly advancing, the fundamental talents administrators need to succeed remain relatively unchanged. Learn how mastering just a few basic skills can advance your job and career.Day Two Cloud 192: OpenTelemetry – Getting From Visibility To Observability With Ben Hall
OpenTelemetry is an open-source project that brings together tools, SDKs, and APIs for collecting telemetry--that is, logs, metrics, and traces---in a standardized way. The goal of the project is to help developers and operators instrument highly distributed applications and services to understand dependencies, monitor performance, and quickly troubleshoot problems. On today's Day Two Cloud podcast we explore OpenTelemetry and how it works. We also discuss the difference between visibility and observability, and why this matters. Our guest is Ben Hall.
The post Day Two Cloud 192: OpenTelemetry – Getting From Visibility To Observability With Ben Hall appeared first on Packet Pushers.
Day Two Cloud 192: OpenTelemetry – Getting From Visibility To Observability With Ben Hall
OpenTelemetry is an open-source project that brings together tools, SDKs, and APIs for collecting telemetry--that is, logs, metrics, and traces---in a standardized way. The goal of the project is to help developers and operators instrument highly distributed applications and services to understand dependencies, monitor performance, and quickly troubleshoot problems. On today's Day Two Cloud podcast we explore OpenTelemetry and how it works. We also discuss the difference between visibility and observability, and why this matters. Our guest is Ben Hall.Announcing the Rafay Certification program
Today I’m extremely happy to announce the launch of the Rafay Certification program – the industry’s first and only multi-cloud Kubernetes operations certification. This is a unique program for platform teams, infrastructure engineers, SREs, and application developers to develop competencies in application modernization using Kubernetes. Let’s face it. Kubernetes is difficult! Enterprises are finding it … Continue reading Announcing the Rafay Certification programIs Dynamic MAC Learning Better Than EVPN?
One of my readers worried about the control-plane-induced MAC learning lag in EVPN-based networks:
In all discussions about the advantages/disadvantages of VXLAN/EVPN, I can’t find any regarding the lag in learning new macs when you use the control plane for mac learning.
EVPN is definitely slower than data plane-based dynamic MAC learning (regardless of whether it’s done in hardware or software), but so is MLAG.
Is Dynamic MAC Learning Better Than EVPN?
One of my readers worried about the control-plane-induced MAC learning lag in EVPN-based networks:
In all discussions about the advantages/disadvantages of VXLAN/EVPN, I can’t find any regarding the lag in learning new macs when you use the control plane for mac learning.
EVPN is definitely slower than data plane-based dynamic MAC learning (regardless of whether it’s done in hardware or software), but so is MLAG.