Archive

Category Archives for "Networking"

Kubernetes Unpacked 005: Serverless Kubernetes In Azure

Since the inception of Kubernetes, the goal has been to make our lives as engineers easier. But with great power comes great responsibility---which in this case is the need to manage a bunch of control planes and worker nodes! Host Michael Levan catches up with Jason Haley, Microsoft MVP and independent consultant to talk about serverless Kubernetes with Azure Container Apps.

The post Kubernetes Unpacked 005: Serverless Kubernetes In Azure appeared first on Packet Pushers.

Kubernetes Unpacked 005: Serverless Kubernetes In Azure

Since the inception of Kubernetes, the goal has been to make our lives as engineers easier. But with great power comes great responsibility---which in this case is the need to manage a bunch of control planes and worker nodes! Host Michael Levan catches up with Jason Haley, Microsoft MVP and independent consultant to talk about serverless Kubernetes with Azure Container Apps.

Hedge 139: Open Source Supply Chain Security

There is a rising concern about the security of open source projects—particularly in terms of open source software supply chain. Alistair Woodman, who works closely with multiple open source software projects, joins Tom and Russ to discuss the reality of securing open source projects. The final answer? Essentially, buyer—or in the case of open source software, user—beware.

download

Day Two Cloud 155: Terraform Stinks

Today on Day Two Cloud, we talk about why Terraform stinks. OK, maybe it doesn't stink, but just because everyone seems to love a particular tool doesn't make it right for you. We talk with Dan Moore, a developer advocate at FusionAuth, who tried to use Terraform and just couldn't get behind it. This episode is based on a presentation Dan gave at Gluecon in May 2022.

All the Things a Service Mesh Can Do

Van Phan Van is a technical product marketing manager for Consul at HashiCorp. He has been in the infrastructure space for most of his career and loves learning about new technologies and getting his hands dirty. When not staring at his computer screen, he's sharing pictures of food to his wife's dismay. Even as service mesh adoption continues to grow, some organizations are still trying to understand the full extent of what a service mesh can and can’t do. They may not realize that a service mesh is not just another single-purpose tool, but one that addresses a wide variety of networking needs. A service mesh may actually help consolidate multiple existing tools to help reduce management toil and costs. Just take a look at these two multicloud network architectures. Automating and offloading network services and security-related capabilities onto a cloud-agnostic service mesh can help simplify management in multicloud environments. Multicloud architecture using cloud-vendor-specific networking solutions: Using a cloud-agnostic service mesh: Many service mesh products include service discovery, zero trust networking and load-balancing capabilities, while some other service mesh products extend even further to provide multicloud/multiruntime connectivity, network automation and north-south traffic control. Let’s take a look at the capabilities Continue reading

UK data centers can’t handle the heat

As temperatures in the UK reached a record-breaking 40 degrees Celsius (104 degrees Fahrenheit) on Tuesday, data centers belonging to Oracle and Google Cloud reported cooling-related failures, causing issues for customers trying to access services.Multiple Oracle Cloud Infrastructure services were disrupted, including networking, storage and object compute resources, all of which are powered by servers in the south of England, where temperatures were among the hottest on record.A message appeared on Oracle’s status page at 4:41 p.m. BST stating: “As a result of unseasonal temperatures in the region, a subset of cooling infrastructure within the UK South (London) Data Center experienced an issue.”To read this article in full, please click here

UK data centers can’t handle the heat

As temperatures in the UK reached a record-breaking 40 degrees Celsius (104 degrees Fahrenheit) on Tuesday, data centers belonging to Oracle and Google Cloud reported cooling-related failures, causing issues for customers trying to access services.Multiple Oracle Cloud Infrastructure services were disrupted, including networking, storage and object compute resources, all of which are powered by servers in the south of England, where temperatures were among the hottest on record.A message appeared on Oracle’s status page at 4.41pm BST stating: “As a result of unseasonal temperatures in the region, a subset of cooling infrastructure within the UK South (London) Data Center experienced an issue.”To read this article in full, please click here

The emergence of multi-cloud networking software

Multi-cloud networking software (MCNS), which is available from industry stalwarts like Cisco and VMware, as well as a slew of startups, is designed to address the challenge of how to safely and efficiently connect networks and applications across multiple public cloud environments.Traditional approaches to network architecture and operations are untenable in today’s multi-cloud world, says Brian Casemore, vice president of research, datacenter and multi-cloud networking at IDC.And the cloud service providers have come up short in their ability to effectively integrate multiple clouds, says Ron Howell, managing enterprise network architect at IT consulting firm Capgemini Americas. He says that each public cloud service tends to focus on its own cloud as if it were the only one an enterprise would ever need, which is far from the truth or reality. "This is where multi-cloud networking software adds value," Howell says.To read this article in full, please click here

Improving DNS Privacy With QNAME Minimization (RFC7816)

This post originally appeared on the Packet Pushers’ Ignition site on October 1, 2019.   When a host doesn’t know the IP address for a hostname, what does it do? It asks its configured DNS server to resolve the hostname. (Usually. There are apps, notably browsers, that might do their own thing. But let’s go […]

The post Improving DNS Privacy With QNAME Minimization (RFC7816) appeared first on Packet Pushers.

Why your security teams are not ready for containers and Kubernetes, and what you can do about it

From a people perspective and an organizational standpoint, many CISOs have said that their security teams are not ready for containers and Kubernetes. This isn’t surprising, given the stark contrast between where we were less than a decade ago and where we are today in terms of systems architecture. I am of course referring to the cloud-native era, which has ushered in a whole new architectural approach.

With Kubernetes at the center asserting its domination, it’s time to start thinking about how we can best prepare security teams for this new era. To do that, let’s look at why they’re struggling in the first place (spoiler alert: it’s because organizations are struggling, too).

Security and organizational structure in the era of cloud-native computing

In the traditional software development and deployment model, things were quite static. We can think of the traditional model as a relay race where the baton was passed from the development team to the platform team to the security team. While this model works well for traditional application architectures, this type of organizational structure is less effective for new architectures for container orchestration and Kubernetes-native applications, where everything is dynamic and highly automated.

But perhaps the most Continue reading

What is a Lifestyle Brand and Does It Make Sense for Your Business?

The term “lifestyle brand” is often used to describe a company or product that is associated with a certain lifestyle or set of values. A lifestyle brand may target a specific demographic, such as millennials, or it may be more broadly appealing.

Some companies embrace the lifestyle brand label while others shy away from it, preferring to focus on their product or service rather than any sort of perceived image. 

So, what exactly is a lifestyle brand? And does it make sense for your business? Let’s take a closer look.

What is a lifestyle brand?

A lifestyle brand can be defined as a company or product that is associated with a certain lifestyle or set of values. The key word here is “associated.” A lifestyle brand doesn’t necessarily produce products that are directly related to the lifestyle in question. Rather, the connection is more abstract.

For example, consider the clothing brand Levi’s. Levi’s isn’t explicitly a “lifestyle brand,” but it is often associated with the “casual cool” lifestyle. This is because Levi’s has built its image around being a relaxed, comfortable, and stylish brand. As a result, people who identify with the “casual cool” lifestyle are more likely Continue reading

How Do I Raise Awareness Of My Open Source Software Project? feat. Emily Omier – Video

Positioning Consultant Emily Omier advises the Day Two Cloud podcast audience on how to raise awareness of your open source software project. Just don’t say “marketing”! 😊😬 For the rest of Emily’s insights, listen to episode 118 of Day Two Cloud. https://packetpushers.net/series/day2cloud/ More Emily? https://www.linkedin.com/in/cloud-native-positioning/ You can subscribe to the Packet Pushers’ YouTube channel for […]

The post How Do I Raise Awareness Of My Open Source Software Project? feat. Emily Omier – Video appeared first on Packet Pushers.

Using Apache Kafka to process 1 trillion inter-service messages

Using Apache Kafka to process 1 trillion inter-service messages
Using Apache Kafka to process 1 trillion inter-service messages

Cloudflare has been using Kafka in production since 2014. We have come a long way since then, and currently run 14 distinct Kafka clusters, across multiple data centers, with roughly 330 nodes. Between them, over a trillion messages have been processed over the last eight years.

Cloudflare uses Kafka to decouple microservices and communicate the creation, change or deletion of various resources via a common data format in a fault-tolerant manner. This decoupling is one of many factors that enables Cloudflare engineering teams to work on multiple features and products concurrently.

We learnt a lot about Kafka on the way to one trillion messages, and built some interesting internal tools to ease adoption that will be explored in this blog post. The focus in this blog post is on inter-application communication use cases alone and not logging (we have other Kafka clusters that power the dashboards where customers view statistics that handle more than one trillion messages each day). I am an engineer on the Application Services team and our team has a charter to provide tools/services to product teams, so they can focus on their core competency which is delivering value to our customers.

In this blog I’d Continue reading