How To Fix Ubuntu 18.04 ‘apt update’ Throwing An NGINX Repository i386 Package Error

When running ‘apt update’ on Ubuntu 18.04 to prepare for routine system patching, the system kicked back the following error.

N: Skipping acquire of configured file 'nginx/binary-i386/Packages' as repository
'http://nginx.org/packages/ubuntu bionic InRelease' doesn't support architecture 'i386'

The issue is that the existing sources list file for NGINX has gone stale, and appears to be requesting the i386 package. NGINX does not support i386 on Ubuntu 18.04 (Bionic). The solution is to update the sources list file for NGINX.

OLD /etc/apt/sources.list.d/nginx.list

deb http://nginx.org/packages/ubuntu bionic nginx

NEW /etc/apt/sources.list.d/nginx.list

deb [arch=amd64] http://nginx.org/packages/mainline/ubuntu/ bionic nginx

After this change, the error should be gone when running ‘apt update’.

For More Information

NGINX Linux Packages

NGINX update issue (Ubuntu 18.04 Bionic) – Vesta Control Panel Forum

Ubuntu Server 18.04 Nginx i386 – StackOverflow

Get updates on the health of your origin where you need them

We are thrilled to announce the availability of Health Checks in the Cloudflare Dashboard’s Notifications tab, available to all Pro, Business, and Enterprise customers. Now, you can get critical alerts on the health of your origin without checking your inbox! Keep reading to learn more about how this update streamlines notification management and unlocks countless ways to stay informed on the health of your servers.

Keeping your site reliable

We first announced Health Checks when we realized some customers were setting up Load Balancers for their origins to monitor the origins’ availability and responsiveness. The Health Checks product provides a similarly powerful interface to Load Balancing, offering users the ability to ensure their origins meet criteria such as reachability, responsiveness, correct HTTP status codes, and correct HTTP body content. Customers can also receive email alerts when a Health Check finds their origin is unhealthy based on their custom criteria. In building a more focused product, we’ve added a slimmer, monitoring-based configuration, Health Check Analytics, and made it available for all paid customers. Health Checks run in multiple locations within Cloudflare’s edge network, meaning customers can monitor site performance across geographic locations.

What’s new with Health Checks Notifications

Health Checks email Continue reading

Understanding Data Center Fabrics 02: Clos Fabric History – Video

In the second part of this 9-video series, Russ White describes crossbar fabrics and how they interconnect, using historical telephone networks as an example. He jumps from this to help you understand what’s going on inside of data center fabrics, including Clos architectures. Other details Russ touches on include non-blocking fabrics, how an undertaker impacted […]

The post Understanding Data Center Fabrics 02: Clos Fabric History – Video appeared first on Packet Pushers.

Cloud Engineering For The Network Pro: Part 5 – Cloud Firewalls And Security Groups In Azure And AWS (Video)

Michael Levan reviews the differences between firewalling on premises and in the public cloud and how to set basic rules in AWS and Azure. You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a diverse a mix of content from Ethan and Greg, plus selected videos from […]

The post Cloud Engineering For The Network Pro: Part 5 – Cloud Firewalls And Security Groups In Azure And AWS (Video) appeared first on Packet Pushers.

DDoS attacks and BGP Flowspec responses

This article describes how to use the Containerlab DDoS testbed to simulate variety of flood attacks and observe the automated mitigation action designed to eliminate the attack traffic.

docker run --rm -it --privileged --network host --pid="host" \
  -v /var/run/docker.sock:/var/run/docker.sock -v /run/netns:/run/netns \
  -v ~/clab:/home/clab -w /home/clab \
  ghcr.io/srl-labs/clab bash

curl -O https://raw.githubusercontent.com/sflow-rt/containerlab/master/ddos.yml

containerlab deploy -t ddos.yml

docker exec -it clab-ddos-sp-router vtysh -c "show bgp ipv4 flowspec detail"

At any time, run the command above to see the BGP Flowspec rules installed on the sp-router. Simulate the volumetric attacks using hping3.

Note: While the hping3 --rand-source option to generate packets with random source addresses would create a more authentic DDoS attack simulation, the option is not used in these examples because the victims responses to the attack packets (ICMP Port Unreachable) will be sent back to the random addresses and may leak out of the Containerlab test network. Instead varying source / destination ports are used to create entropy in the attacks. 

When you are finished trying the examples below, run the following command Continue reading

High Availability Options for IBM I Applications in the Cloud

Zero Trust for SaaS: Deploying mTLS on custom hostnames

Cloudflare has a large base of Software-as-a-Service (SaaS) customers who manage thousands or millions of their customers’ domains that use their SaaS service. We have helped those SaaS providers grow by extending our infrastructure and services to their customer’s domains through a product called Cloudflare for SaaS. Today, we’re excited to give our SaaS providers a new tool that will help their customers add an extra layer of security: they can now enable mutual TLS authentication on their customer’s domains through our Access product.

Primer on Mutual TLS

When you connect to a website, you should see a lock icon in the address bar — that’s your browser telling you that you’re connecting to a website over a secure connection and that the website has a valid public TLS certificate. TLS certificates keep Internet traffic encrypted using a public/private key pair to encrypt and decrypt traffic. They also provide authentication, proving to clients that they are connecting to the correct server.

To make a secure connection, a TLS handshake needs to take place. During the handshake, the client and the server exchange cryptographic keys, the client authenticates the identity of the server, and both the client and the server generate Continue reading

Using the ldd command on Linux

Shared object files streamline programs by providing information applications need to do their jobs, but that don't have to be part of the application itself. To find out which of these files a Linux command calls on, use the ldd command.What is a shared object file? Shared object files (designated as .so) are libraries that are automatically linked into a program when the program starts, yet exist as a standalone files. They contain information that can be used by one or more programs to offload resources so that any program calling a .so file doesn't itself have to actually provide all the needed tools. These files can be linked to any program and be loaded anywhere in memory.To read this article in full, please click here

Surprise! The metaverse could be great news for the enterprise edge

When you think about the metaverse and the enterprise, do you think about millions of workers buzzing about in a virtual world to do their work?  Maybe employees picking Star Wars characters as avatars and fighting with light sabers?  CEOs likely blanch at that image; to most, virtual workers implies virtual work, and it’s hard to say how that generates real sales and products.  Fortunately, there’s an alternative that depends not on enterprises using the metaverse but on riding its coattails.If you ask enterprises what they think about the next frontier in cloud computing is, the responses are mixed between “the edge” and “IoT”, and of course the latter is really an example of an edge application. Well that frontier may be delayed because service providers would have to make a significant investment in infrastructure just to create an edge/IoT option for enterprises, and most enterprises aren’t willing to start planning for that next frontier until services are available. With buyers waiting for services and sellers wanting proven demand, we could be in for an era of false starts, edge-wise.To read this article in full, please click here

Using the ldd command on Linux

Shared object files streamline programs by providing information applications need to do their jobs, but that don't have to be part of the application itself. To find out which of these files a Linux command calls on, use the ldd command.What is a shared object file? Shared object files (designated as .so) are libraries that are automatically linked into a program when the program starts, yet exist as a standalone files. They contain information that can be used by one or more programs to offload resources so that any program calling a .so file doesn't itself have to actually provide all the needed tools. These files can be linked to any program and be loaded anywhere in memory.To read this article in full, please click here

Cisco DevNet certs jump 50%, fanned by network automation

Software skills are becoming increasingly desirable for network engineers and architects, and the uptick in Cisco’s DevNet certification program reflects the trend. According to Cisco, there’s been more than 50% growth in the number of DevNet certifications awarded in the past year.Cisco says it no longer gives out specific numbers, but in 2020, nearly 8,000 participants earned some 10,500 DevNet certifications, including DevNet Associate, DevNet Professional and DevNet Specialist. These DevNet certifications focus on coding, automation, network access, IP connectivity, security and application development on Cisco platforms, as well as what developers need to know about network doctrines.To read this article in full, please click here

Surprise! The metaverse could be great news for the enterprise edge

When you think about the metaverse and the enterprise, do you think about millions of workers buzzing about in a virtual world to do their work?  Maybe employees picking Star Wars characters as avatars and fighting with light sabers?  CEOs likely blanch at that image; to most, virtual workers implies virtual work, and it’s hard to say how that generates real sales and products.  Fortunately, there’s an alternative that depends not on enterprises using the metaverse but on riding its coattails.If you ask enterprises what they think about the next frontier in cloud computing is, the responses are mixed between “the edge” and “IoT”, and of course the latter is really an example of an edge application. Well that frontier may be delayed because service providers would have to make a significant investment in infrastructure just to create an edge/IoT option for enterprises, and most enterprises aren’t willing to start planning for that next frontier until services are available. With buyers waiting for services and sellers wanting proven demand, we could be in for an era of false starts, edge-wise.To read this article in full, please click here

MPLS/LDP Creation Myths

Hannes Gredler wrote an interesting comment to my Segment Routing vs LDP in Hub-and-Spoke Networks blog post:

In 2014 when I did the first prototype implementation of MPLS-SR node labels, I was stunned that just with an incremental add of 500 lines of code to the vanilla IPv4/IPv6 IS-IS codebase I got full any-to-any connectivity, no sync issues, no targeted sessions for R-LFA …. essentially labeled transport comes for free.

Based on that, one has to wonder “why did we take the LDP detour and all the complexity it brings?”. Here’s what Hannes found out:

MPLS/LDP Creation Myths

Hannes Gredler wrote an interesting comment to my Segment Routing vs LDP in Hub-and-Spoke Networks blog post:

In 2014 when I did the first prototype implementation of MPLS-SR node labels, I was stunned that just with an incremental add of 500 lines of code to the vanilla IPv4/IPv6 IS-IS codebase I got full any-to-any connectivity, no sync issues, no targeted sessions for R-LFA …. essentially labeled transport comes for free.

Based on that, one has to wonder “why did we take the LDP detour and all the complexity it brings?”. Here’s what Hannes found out:

The NetOps Struggle is Real

NeoVim Install and Configure

Call me crazy, but I decided to have a look at using in this the year of our lord and saviour 2022. NeoVim is a minimal fork of VIM which supports LUA as a scripting engine. In this post, I will show you how to install and configure NeoVim with some fancy plugins and a smattering of TMUX...continue reading

AMD’s new EPYC chips are out, with bigger cache for intense workloads

AMD is adding four new processor SKUs to its EPYC (formerly codenamed Milan-X) lineup of high-end chips, building additional L3 cache capability onto the existing EPYC series.The key new feature of the new 7773X, 7573X, 7473X, and 7373X chips, which were initially announced in a roadmap made public late last year, is in their physical construction — AMD refers to the new technique as 3D V-Cache. Where most processors are constructed with a single piece of silicon inside, the new AMD chips mount a second microprocessor die atop the first one, which allows for a larger L3 cache.IDC's research vice president for computing semiconductors, Shane Rau, said that this is an important feature for the very high-end applications that AMD is targeting with the EPYC series, which AMD groups under the rubric of "technical computing" — highly demanding enterprise workloads like modeling and visualization, as well as academic and scientific applications.To read this article in full, please click here

AMD’s new EPYC chips are out, with bigger cache for intense workloads

AMD is adding four new processor SKUs to its EPYC (formerly codenamed Milan-X) lineup of high-end chips, building additional L3 cache capability onto the existing EPYC series.The key new feature of the new 7773X, 7573X, 7473X, and 7373X chips, which were initially announced in a roadmap made public late last year, is in their physical construction — AMD refers to the new technique as 3D V-Cache. Where most processors are constructed with a single piece of silicon inside, the new AMD chips mount a second microprocessor die atop the first one, which allows for a larger L3 cache.IDC's research vice president for computing semiconductors, Shane Rau, said that this is an important feature for the very high-end applications that AMD is targeting with the EPYC series, which AMD groups under the rubric of "technical computing" — highly demanding enterprise workloads like modeling and visualization, as well as academic and scientific applications.To read this article in full, please click here

How to enable Recurring Cloudwatch Alarms?

If you do not deal with AWS/CloudWatch you don’t have to read this post.

What: The issue was simple, we had a cloud watch alarm for Lambda Function invocation, now the way I wanted was to send us recurring email notifications if the alarm was not addressed, apparently this is not a cloud-watch native feature and there is a work-around for this.

Short Story: Implementing this will have a new step function which will start alarming based on an alert-timer, this won’t by default apply to all the alarms that you configure, you need to specifically tag it with a keyword, more of those options detailed in the article, so based on the timer you set, Cloud-watch say send SNS notification or any action of your choice to get implemented.

Link:https://aws.amazon.com/blogs/mt/how-to-enable-amazon-cloudwatch-alarms-to-send-repeated-notifications/

Why Article if you have a Link that explains ?: To start with not everything that I encountered was straightforward, the install process requires you to have a docker environment, and a proper node install and then a CDK install, I never did that and it did waste some time so I wanted to document and also this might help anyone to implement the same.

Spoilers:

Continue reading

Tech Bytes: Apstra Extends Intent-Based Data Center Networking To The Edge (Sponsored)

Today on the Tech Bytes podcast we’re talking about a new release of Juniper’s Apstra intent-based networking platform for data centers. Apstra is introducing new features including a collapsed fabric to extend intent-based networking to edge locations and a new capability that enables group-based policies for more fine-grained policy enforcement.

The post Tech Bytes: Apstra Extends Intent-Based Data Center Networking To The Edge (Sponsored) appeared first on Packet Pushers.