Why Does Internet Keep Breaking?
James Miles sent me a long list of really good questions along the lines of “why do we see so many Internet-related outages lately and is it due to BGP and DNS creaking of old age”. He started with:
Over the last few years there are more “high profile” incidents relating to Internet connectivity. I raise the question, why?
The most obvious reason: Internet became mission-critical infrastructure and well-publicized incidents attract eyeballs.
Ignoring the click baits, the underlying root cause is in many cases the race to the bottom. Large service providers brought that onto themselves when they thought they could undersell the early ISPs and compensate their losses with voice calls (only to discover that voice-over-Internet works too well).
Javascript Notes: Types
Javascript is a dynamically type language. The types of variables are evaluated at runtime based on the contents of the variable. Typescript is a superset of Javascript which adds static typing to the language (amongst other things). There are two kinds of types in Javascript;...continue reading
Triggering Network Automation From The Web
How best to return from a cliffhanger ending – in a previous post we used Django’s Model class .save() to write network state—that is CLI standard output transformed to JSON using pyATS—into a PostgreSQL database table. Django also helped us convert, or migrate, a Pythonic class-based model into this SQL table in the first place. […]
The post Triggering Network Automation From The Web appeared first on Packet Pushers.
Cloudsourcing Your Way to Network Optimization
Cloud-managed network services use cloudsourcing and AI to see what types of network configurations produce ideal network performance.Fast and simple troubleshooting with GUI-based Dynamic Packet Capture
With the Calico 3.10 release, Dynamic Packet Capture is available in Dynamic Service Graph.
This means users who require self-service, live troubleshooting for microservices and Kubernetes workloads can capture and evaluate traffic packets on endpoints without writing a single line of code or using any 3rd-party troubleshooting tools. Users don’t need to learn about or have knowledge of kubectl or YAML to troubleshoot their microservices and Kubernetes cluster. Calico helps enforce organizational security policies by only allowing users to access their assigned namespaces and endpoints for troubleshooting.
About Dynamic Packet Capture
In most situations when you need to do a packet capture, the problem doesn’t last long and usually happens randomly. But once you narrow down the issue to a particular time or activity, you will need to set the right action plan to tackle the problem. Packet capture is now much easier, simpler, and faster than before.
Dynamic Packet Capture facilitates fast troubleshooting and easy debugging of microservice connectivity issues and performance hotspots in Kubernetes clusters. It is a Kubernetes-native custom resource that runs as part of user code against specific workloads in the cluster, without the need to execute any programs inside the cluster. Dynamic Packet Capture Continue reading
10 Resources to Get Started on Container Network Security
Ready to get started? The following resources and tutorials will enhance your understanding of container network security and help you get started.
Analyst Research
Get an independent analyst’s view on the state of container security:
- GigaOm Radar Report for Evaluating Service Mesh
- Forrester Research: Best Practices for Container Security
Blogs
Many container network security experts are blogging about lessons learned and sharing their knowledge on how to secure mod- ern applications. Follow their conversations:
- Securing Modern Applications and APIs: Why and How?
- It’s Time to Rethink Security Across the Software Supply Chain
- Multi-Cloud Connectivity and Security Needs of Kubernetes Applications
- Announcing the General Availability of Container Security in VMware Carbon Black Cloud
- VMware to Help Customers Make Modern Apps More Secure with Intent to Acquire Mesh7
- Forging a Path to Continuous, Risk-based Security with VMware Tanzu Service Mesh
Courses and Certifications
Developers and platform operators alike need to learn how to secure applications and platforms. Why not take a class to enrich your understanding? There are many free and low-cost options, including the following:
Day Two Cloud 122: Two Customer Journeys To VMware Cloud (Sponsored)
Ethan Banks and Ned Bellavance hosted a panel discussion at VMworld 2021 with two VMware customers using VMware Cloud---the University of Miami and Sterling National Bank. This discussion looks at what works, where the customers ran into issues, and how their cloud journeys are progressing.
The post Day Two Cloud 122: Two Customer Journeys To VMware Cloud (Sponsored) appeared first on Packet Pushers.
Day Two Cloud 122: Two Customer Journeys To VMware Cloud (Sponsored)
Ethan Banks and Ned Bellavance hosted a panel discussion at VMworld 2021 with two VMware customers using VMware Cloud---the University of Miami and Sterling National Bank. This discussion looks at what works, where the customers ran into issues, and how their cloud journeys are progressing.The tale of a single register value
“Once you eliminate the impossible, whatever remains, no matter how improbable, must be the truth.” — Sherlock Holmes
Intro
It’s not every day that you get to debug what may well be a packet of death. It was certainly the first time for me.
What do I mean by “a packet of death”? A software bug where the network stack crashes in reaction to a single received network packet, taking down the whole operating system with it. Like in the well known case of Windows ping of death.
Challenge accepted.
It starts with an oops
Around a year ago we started seeing kernel crashes in the Linux ipv4 stack. Servers were crashing sporadically, but we learned the hard way to never ignore cases like that — when possible we always trace crashes. We also couldn’t tie it to a particular kernel version, which could indicate a regression which hopefully could be tracked down to a single faulty change in the Linux kernel.
The crashed servers were leaving behind only a crash report, affectionately known as a “kernel oops”. Let’s take a look at it and go over what information we have there.
Parts of the oops, like offsets into Continue reading
The Circular Data Center: Deploy a Cloud Operating Model While Lowering Cost and Climate Impacts
ITRenew has announced that Pluribus Netvisor ONE OS and the Adaptive Cloud Fabric controllerless SDN software are now available as part of Sesame by ITRenew rack-scale cloud solutions.
The post The Circular Data Center: Deploy a Cloud Operating Model While Lowering Cost and Climate Impacts appeared first on Pluribus Networks.
The Circular Data Center: Deploy a Cloud Operating Model While Lowering Cost and Climate Impacts
ITRenew has announced that Pluribus Netvisor ONE OS and the Adaptive Cloud Fabric controllerless SDN software are now available as part of Sesame by ITRenew rack-scale cloud solutions. Pluribus is very pleased to take part in this new circular approach to building data centers; one where we can deliver a cloud operating model with on-prem performance, while also helping our customers achieve their sustainability goals.
The timing of this partnership is apropos given the global attention to COP26, the United Nations Climate Change Conference and ongoing efforts worldwide to scale back emissions. While all industries have a responsibility on this front, the data center industry has specific, well-documented sustainability challenges that are only just starting to be properly addressed.
Most efforts to build the “green data center” have largely focused on increasing energy efficiency and using renewable energy sources, even though power used during the operational phase is only part of the problem. The bigger environmental culprit is that the industry continues to manufacture and deploy brand-new IT infrastructure equipment at a rapid pace.
In its report, “The Financial & Sustainability Case for Circularity,” ITRenew used a lifecycle model, assuming a typical 3-year operational lifetime for the equipment, Continue reading
La découverte des peers BGP LLDP
The post La découverte des peers BGP LLDP appeared first on Noction.
Even Simple Data Models Are a Huge Win
Dan Augustine sent me a wonderful example illustrating how even a very simple data model together with some automation templates can simplify a large-scale deployment.
We have a 100 router installation coming up for our schools and both of our installation vendors do not use open source templating tools and they are not willing to share.
Having taken the Data Models in Network Automation part of your Network Automation Concepts webinar, I decided to install GitLab, make an Ansible project and invite our installation partners to the project.
Even Simple Data Models Are a Huge Win
Dan Augustine sent me a wonderful example illustrating how even a very simple data model together with some automation templates can simplify a large-scale deployment.
We have a 100 router installation coming up for our schools and both of our installation vendors do not use open source templating tools and they are not willing to share.
Having taken the Data Models in Network Automation part of your Network Automation Concepts webinar, I decided to install GitLab, make an Ansible project and invite our installation partners to the project.