Getting started with EKS and Calico
Cloud-native applications offer a lot of flexibility and scalability, but to leverage these advantages, we must create and deploy a suitable environment that will enable cloud-native applications to work their magic.
Managed services, self-managed services, and bare metal are three primary categories of Kubernetes deployment in a cloud environment. Our focus in this article will be on Amazon Web Service’s (AWS) managed Kubernetes service, Elastic Kubernetes Service (EKS), and capabilities that Calico Open Source adds to the EKS platform.
Managed services
A managed cluster is a quick and easy way to deploy an enterprise-grade Kubernetes cluster. In a managed cluster, mundane operations such as provisioning new nodes, upgrading the OS/Kubernetes, and scaling resources are transferred to the cloud provider, which allows you to expand your application with ease.
EKS is a managed service by AWS that offers a fault-tolerant Kubernetes control plane endpoint and automates worker node maintenance and deployment process.
Comparing popular CNI options in EKS
Most popular managed services, such as EKS, come with an official CNI that offers networking and other features for your cluster. While these CNIs are highly integrated with the underlying system, they can introduce some limitations. To remedy these limitations and unlock the Continue reading
HS036 Cyberstupid – Can We Stop Doing Dumb IT Security
You can't make a profit from Cybersecurity, its a cost. How do we work with business to see IT risk management on the same level as accounting and human resources ? Johna and Greg discuss various options on market, process and methods that could help you work on your cyber situation.
The post HS036 Cyberstupid – Can We Stop Doing Dumb IT Security appeared first on Packet Pushers.
HS036 Cyberstupid – Can We Stop Doing Dumb IT Security
You can't make a profit from Cybersecurity, its a cost. How do we work with business to see IT risk management on the same level as accounting and human resources ? Johna and Greg discuss various options on market, process and methods that could help you work on your cyber situation.
who me?
This blog is to share knowledge and experiences I come across within the trials and tribulations of networking and automation. As we all know the Internet is built on plagiarism. I do try and mention any sources I use, but if I do miss you out please don’t get offended, feel less important or come after me. Plagiarism is just confirmation of your superior knowledge. Some of the information maybe wrong, I am certain the grammar is wrong, but it is written with the best interests at heart.Debian 11 After Install Guide
I find Debian as one of the best Linux distros available. End users should generally […]
Debian 11 After Install Guide
I find Debian as one of the best Linux distros available. End users should generally […]
The post Debian 11 After Install Guide first appeared on Brezular's Blog.
Tech Bytes: Aruba Enhances Security Capabilities In EdgeConnect SD-WAN (Sponsored)
Today on the Tech Bytes podcast we’re talking SD-WAN. We dive into new features and capabilities in Aruba EdgeConnect SD-WAN, including new security and segmentation features, licensing options, and more. Our sponsor is Aruba, a Hewlett Packard Enterprise company.
The post Tech Bytes: Aruba Enhances Security Capabilities In EdgeConnect SD-WAN (Sponsored) appeared first on Packet Pushers.
Tech Bytes: Aruba Enhances Security Capabilities In EdgeConnect SD-WAN (Sponsored)
Today on the Tech Bytes podcast we’re talking SD-WAN. We dive into new features and capabilities in Aruba EdgeConnect SD-WAN, including new security and segmentation features, licensing options, and more. Our sponsor is Aruba, a Hewlett Packard Enterprise company.Ubuntu 20.04 Docker image – Python For Network Engineers
This is an updated Docker image of Python For Network Engineers (PFNE) based on Ubuntu 20.04 (minimal server distro). It contains all necessary tools for network / devops engineers to test automation and learn Python: OpensslNet-toolsIPutilsIProuteIPerfTCPDumpNMAPPython 2Python 3ParamikoNetmikoAnsiblePyntcNAPALMNetcatSocat If you notice a missing package which could be a value added for the scope of the … Continue reading Ubuntu 20.04 Docker image – Python For Network EngineersBGP Configuration on FortiOS
I’ve never done a post on Forti-anything, but I’m really appreciating the products Fortinet is putting out lately. They’re transitioning from “run your SMB off of our stuff” to “actually, we’re pretty good for larger companies”, so their GUI lacks features to keep the SMB from blowing stuff up, The advanced features are there in the CLI, and I wanted to use it to show that difference between the GUI and the real config.
Let’s review some of the basic configuration elements of BGP first. You need an autonomous system (AS) number and a router ID for your side. You also need the AS number of the remote system. You need the IP address on their side (usually the interface facing you). That looks something like this. We’re going to be ‘Fortigate 1’ for this exercise.
With just this information, we can turn up a BGP neighbor that does absolutely nothing. To actually send some routes, you need to tell BGP what to send. We’ll keep this simple and add just connected networks. Adding to the diagram, we get this.
Now we have something of value (though choosing BGP over OSPF or RIP for this little scenario is pretty horrible). Continue reading
The Cloud Gets Foggy
The explosion of sensor and IoT data at the edge is forcing organizations to rethink the location of their data processing infrastructure, “bringing down” the cloud to the ground in the form of fog computing.Network Break 405: Tech And Geopolitics Collide; Juniper Posts Record Q3 Results
Take a Network Break! This week we discuss a trio of stories at the intersection of tech and global political power struggles. Plus, startup Versa Networks lands $120 million investment in a pre-IPO round, and tech companies including Juniper Networks, Intel, and Google/Alphabet release financial results.
The post Network Break 405: Tech And Geopolitics Collide; Juniper Posts Record Q3 Results appeared first on Packet Pushers.
Network Break 405: Tech And Geopolitics Collide; Juniper Posts Record Q3 Results
Take a Network Break! This week we discuss a trio of stories at the intersection of tech and global political power struggles. Plus, startup Versa Networks lands $120 million investment in a pre-IPO round, and tech companies including Juniper Networks, Intel, and Google/Alphabet release financial results.BGP Configuration on FortiOS
I’ve never done a post on Forti-anything, but I’m really appreciating the products Fortinet is putting out lately. They’re transitioning from “run your SMB off of our stuff” to “actually, we’re pretty good for larger companies”, so their GUI lacks features to keep the SMB from blowing stuff up, The advanced features are there in the CLI, and I wanted to use it to show that difference between the GUI and the real config.
Let’s review some of the basic configuration elements of BGP first. You need an autonomous system (AS) number and a router ID for your side. You also need the AS number of the remote system. You need the IP address on their side (usually the interface facing you). That looks something like this. We’re going to be ‘Fortigate 1’ for this exercise.
With just this information, we can turn up a BGP neighbor that does absolutely nothing. To actually send some routes, you need to tell BGP what to send. We’ll keep this simple and add just connected networks. Adding to the diagram, we get this.
Now we have something of value (though choosing BGP over OSPF or RIP for this little scenario is pretty horrible). Continue reading