Introducing Services: Build Composable, Distributed Applications on Cloudflare Workers
First, there was the Worker script. It was simple, yet elegant. With just a few lines of code, you could rewrite an HTTP request, append a header, or make a quick fix to your website.
Though, what if you wanted to build an entire application on Workers? You’d need a lot more tools in your developer toolbox. That’s why we’ve introduced extensions to Workers platform like KV, our distributed key-value store; Durable Objects, — a strongly consistent, object-oriented database; and soon R2, the no-egress object storage. While these tools allow you to build a more robust application, there’s still a gap when it comes to building a system architecture, composed of many applications or services.
Imagine you’ve built an authentication service that authorizes requests to your API. You’d want to re-use that logic among all your other services. Moreover, when you make changes to that authentication service, you’d want to test it in a controlled environment that doesn’t affect those other services in production. Well, you don’t need to imagine anymore.
Introducing Services
Services are the new building block for deploying applications on Cloudflare Workers. Unlike the script, a service is composable, which allows services to talk Continue reading
Optimizing the Time-to-First-Byte
I don’t think I’ve ever met someone saying “I wish my web application would run slower.” Everyone wants their stuff to run faster, but most environments are not willing to pay the cost (rearchitecting the application). Welcome to the wonderful world of PowerPoint “solutions”.
The obvious answer: The Cloud. Let’s move our web servers closer to the clients – deploy them in various cloud regions around the world. Mission accomplished.
Not really; the laws of physics (latency in particular) will kill your wonderful idea. I wrote about the underlying problems years ago, wrote another blog post focused on the misconceptions of cloudbursting, but I’m still getting the questions along the same lines. Time for another blog post, this time with even more diagrams.
Optimizing the Time-to-First-Byte
I don’t think I’ve ever met someone saying “I wish my web application would run slower.” Everyone wants their stuff to run faster, but most environments are not willing to pay the cost (rearchitecting the application). Welcome to the wonderful world of PowerPoint “solutions”.
The obvious answer: The Cloud. Let’s move our web servers closer to the clients – deploy them in various cloud regions around the world. Mission accomplished.
Not really; the laws of physics (latency in particular) will kill your wonderful idea. I wrote about the underlying problems years ago, wrote another blog post focused on the misconceptions of cloudbursting, but I’m still getting the questions along the same lines. Time for another blog post, this time with even more diagrams.
AX.25 in user space
The Linux kernel AX.25 implementation (and userspace) is pretty poor. I’ve encountered many problems. E.g.:
-
you can’t read() and write() from the same socket at the same time
-
CRC settings default such that at least all my radios (and direwolf) drop the first two packets sent. (fix with
kissparms radio -c 1) -
On 64bit Raspberry Pi OS
setsockoptfor some flags don’t take effect at all (e.g. settingAX25_EXTSEQ), and treat other obvious correct ones as invalid (e.g. can’t setAX25_WINDOWto any value at all). -
I also get kernel null pointer dereferences on 32bit Raspberry Pi OS when testing AX.25. Not exactly comforting.
-
Other OSs don’t have AX.25 socket support. E.g. OpenBSD. And it’s not obvious to me that this is best solved in kernel space.
-
It doesn’t seem clear to anyone how the AX.25 stack in the kernel is supposed to work. E.g. should
axparms -assocbe an enforcing ACL? It’s not, but is it supposed to be? -
I’ve also seen suggestions that AX.25 should be ripped out of the Linux kernel. Continue reading
Learn How Real-World Organizations Benefited from an Overhaul of their Security Lifestyle
Achieving better security is something we all know is necessary but can struggle to get there. It’s like improving your diet: you know you need to eat better and exercise to cultivate a healthier, more well-rounded lifestyle. But you don’t do it because it’s hard, often expensive, and can be a pain. So, you avoid it (trust me, we’ve all been there). But, you learn that putting one foot in front of the other forces you to take small steps toward big results. The same notion applies to needing better security. We know we need it, but it’s not always easy to know where to begin.
There is no quick fix for sustainable change. Sure, we can make better choices each day, but it takes consistency and a solid structural foundation – a lifestyle change – to maintain these advancements. Losing weight is one thing; when it comes to better multi-cloud security, this is a process that leaves little room for fluctuation. Start with the fundamentals and tighten your belt over time.
Let’s take a look at real-world organizations that have benefitted from doing the hard stuff. They’ve done the work and have seen the results. Continue reading
Nexus Dashboard Fabric Controller 12
Good day every one,
As you certainly know, we are now rebranding DCNM 11 to Nexus Dashboard Fabric Controller, consequently, NDFC 12 is the new acronym to automate and operate NX-OS based fabrics
It is NOT just about changing the name, there are several significant changes with NDFC 12. To list few of them:
- Enhanced Topology View
- Ability to modify switch discovery IP
- Flexible CLI option – config profile or native NXOS CLI
- Performance Programmable reports
- Granular RBAC
- Secure POAP User
- Simplified and flexible Image Management
- Server Smart Licensing
- Automate IOS-XR configuration
- Automate VXLAN EVPN fabric deployment with Cat9k
One of the key evolution in regard to NDFC is that it now joins the ecosystem of services that runs natively on top of the common Nexus dashboard platform.
One of the key advantages for the network operators with this evolution, is that they just need a single experience, it doesn’t really matter what application you run, from the installation process to the common Web GUI. All applications or services look with the same logic behind any requests.
You have a single pane of glass which is the Nexus dashboard platform through which the end-user can consume different applications for the Continue reading
Tech Bytes: Containerlab Makes Container And VM Networking Labs Easy (Sponsored)
Today on the Tech Bytes podcast we discuss Containerlab, open-source software that lets you build virtual network labs on a server or even a laptop. It supports a variety of network OSs for network emulation, training, and testing. Containerlab was developed by Nokia, our sponsor for this episode.
The post Tech Bytes: Containerlab Makes Container And VM Networking Labs Easy (Sponsored) appeared first on Packet Pushers.
Tech Bytes: Containerlab Makes Container And VM Networking Labs Easy (Sponsored)
Today on the Tech Bytes podcast we discuss Containerlab, open-source software that lets you build virtual network labs on a server or even a laptop. It supports a variety of network OSs for network emulation, training, and testing. Containerlab was developed by Nokia, our sponsor for this episode.Smart Security Strategies in the World of Social Media
Social media security is vital for every enterprise in blocking targeted attacks, securing corporate accounts from compromise, and fighting scams and frauds.Thoughts on Auto Disaggregation and Complexity
Way in the past, the EIGRP team (including me) had an interesting idea–why not aggregate routes automatically as much as possible, along classless bounds, and then deaggregate routes when we could detect some failure was causing a routing black hole? To understand this concept better, consider the network below.
In this network, B and C are connected to four different routers, each of which is advertising a different subnet. In turn, B and C are aggregating these four routes into 2001:db8:3e8:10::/60, and advertising this aggregate towards A. From a control plane state perspective, this is a major win. The obvious gain is that the amount of state is reduced from four routes to one. The less obvious gain is A doesn’t need to know about any changes in the state for the four destinations aggregated into the /60. Depending on how often these links change state, the reduction in the rate of change is, perhaps, more important than the reduction in the amount of control plane state.
We always know there will be a tradeoff when reducing state; what is the tradeoff here? If C somehow loses its connection to one of the four routers, say the router advertising 11::/64, Continue reading
Network Break 359: Arista Increases Its 400G Switch Portfolio; Nvidia Accelerates InfiniBand
This week's Network Break examines new 400G switches from Arista, discusses the Wi-Fi Alliance's certification program for the HaLow long-range low-power standard, targets key Nvidia announcements, catches up on the latest in space networking, and more IT news.
The post Network Break 359: Arista Increases Its 400G Switch Portfolio; Nvidia Accelerates InfiniBand appeared first on Packet Pushers.
Network Break 359: Arista Increases Its 400G Switch Portfolio; Nvidia Accelerates InfiniBand
This week's Network Break examines new 400G switches from Arista, discusses the Wi-Fi Alliance's certification program for the HaLow long-range low-power standard, targets key Nvidia announcements, catches up on the latest in space networking, and more IT news.Introducing Relational Database Connectors
At Cloudflare, we’re building the best compute platform in the world. We want to make it easy, seamless, and obvious to build your applications with us. But simply making the best compute platform is not enough — at the heart of your applications are the data they interact with.
Cloudflare has multiple data storage solutions available today: Workers KV, R2, and Durable Objects. All three follow Cloudflare’s design goals for Workers: global by default, infinitely scalable, and delightful for developers to use. We’ve partnered with third-party storage solutions like Fauna, MongoDB and Prisma, who have built data platforms that align beautifully with our design goals and written tutorials for databases that already support HTTP connections.
The one area that’s been sorely missed: relational databases. Cloudflare itself runs on relational databases, and we’re not alone. In April, we asked which Node libraries you wanted us to support, and four of the top five requests were related to databases. For this Full Stack Week, we asked ourselves: how could we support relational databases in a way that aligned with our design goals?
Today, we’re taking a first step towards that world by announcing support for relational databases, including Postgres and Continue reading
Developer Spotlight: Winning a Game Jam with Jamstack and Durable Objects
Welcome to a new blog post series called Developer Spotlight. In this series we will be showcasing interesting applications built on top of the Cloudflare Workers Ecosystem.
And to celebrate Durable Objects going GA, what better to kick off the series than with a really cool tech demo of Durable Objects called Full Tilt?
Full Tilt by Guido Zuidhof is a game jam entry for Ludum Dare, one of the biggest and oldest game jams around, where he won first place in the innovation category. A game jam is like a hackathon for games, where you have a very short amount of time (usually 48-72 hours) to create a game from scratch.
We love Full Tilt, not just because Guido used Workers and Durable Objects to build a cool game where you control a game on your computer via your phone, but especially because it shows how powerful Durable Objects are. In less than 48 hours Guido was able to write all the logic to instantly spin up a personal gaming server anywhere in the world, as close to that player as possible. And it is so fast that you feel like you are controlling the computer directly.
But Continue reading