Lightning-fast Kubernetes networking with Calico & VPP
Public cloud infrastructures and microservices are pushing the limits of resources and service delivery beyond what was imaginable until very recently. In order to keep up with the demand, network infrastructures and network technologies had to evolve as well. Software-defined networking (SDN) is the pinnacle of advancement in cloud networking; by using SDN, developers can now deliver an optimized, flexible networking experience that can adapt to the growing demands of their clients.
This article will discuss how Tigera’s new Vector Packet Processing (VPP) data plane fits into this landscape and share some benchmark details about its performance. Then it will demonstrate how to run a VPP-equipped cluster using AWS public cloud and secure it with Internet Protocol Security (IPsec).
Introduction to Vector Packet Processing
Project Calico is an open-source networking and security solution. Although it focuses on securing Kubernetes networking, Calico can also be used with OpenStack and other workloads. Calico uses a modular data plane that allows a flexible approach to networking, providing a solution for both current and future networking needs.
VPP is an easily extensible, kernel-independent, highly optimised, and blazing-fast open-source data plane project that operates between layer 2 and layer 4 of the OSI Continue reading
Simplification through Unification: One Network Across the Entire Multi-Cloud
Two major pillars of VMworld 2021 focus on enhancing productivity and consistency. More than ever, businesses are demanding consistent, secure, and reliable communication between apps and users. What Networking professionals at VMworld want to reinforce is that multi-cloud ops shouldn’t have to slow down due to poor app distribution among workspaces. The network should be durable and secure everywhere. While threats are inevitable, businesses can be prepared by learning how to converge networking, security, and threat detection within the cloud. And that’s exactly what we’re going to teach you at this year’s virtual event.
Valued customers of all different industries have chosen to allow VMware’s multi-cloud ops solutions to guide them through their digital transformation. Susan Wu, Senior Product Marketing Manager, and Aamer Aakhter, Product Manager, are two seasoned VMware leaders who will take you through how customers achieved multi-cloud excellence, and how you can say “Goodbye Compromises Everywhere. Hello Productivity Anywhere,” with this VMworld session.
While simplicity may look different depending upon an organization’s goals, there is one thing that remains constant: performance shouldn’t have to be sacrificed for safety. Your enterprise should be able to streamline the entire multi-cloud to remain agile, productive, and increasingly adaptive against any threat or operational hiccup.
IT portfolios are becoming increasingly Continue reading
Network Modernization Driving Emergence of Micro-SaaS
Network modernization is resulting in a new, distributed model for security and delivery technologies. Increasingly these services will be delivered not just as SaaS, but as micro-SaaS: the delivery of individual app security and delivery technologies as SaaS offerings.Announcing Cloudflare R2 Storage: Rapid and Reliable Object Storage, minus the egress fees
We’re excited to announce Cloudflare R2 Storage! By giving developers the ability to store large amounts of unstructured data, we’re expanding what’s possible with Cloudflare while slashing the egress bandwidth fees associated with typical cloud storage services to zero.
Cloudflare R2 Storage includes full S3 API compatibility, working with existing tools and applications as built.
Let’s get into the R2 details.
R2 means “Really Requestable”
Object Storage, sometimes referred to as blob storage, stores arbitrarily large, unstructured files. Object storage is well suited to storing everything from media files or log files to application-specific metadata, all retrievable with consistent latency, high durability, and limitless capacity.
The most familiar API for Object Storage, and the API R2 implements, is Amazon’s Simple Storage Service (S3). When S3 launched in 2006, cloud storage services were a godsend for developers. It didn’t happen overnight, but over the last fifteen years, developers have embraced cloud storage and its promise of infinite storage space.
As transformative as cloud storage has been, a downside emerged: actually getting your data back. Over time, companies have amassed massive amounts of data on cloud provider networks. When they go to retrieve that data, they’re hit with massive egress fees that Continue reading
Registrar for Everyone
Today, we are excited to announce that all Cloudflare customers now have full Registrar access, including the ability to register new domains.
Second, starting today — and over the course of the next few weeks — we will be introducing over 40 new top-level domains (TLDs). We’re starting with .uk, our most requested country code extension. Initially, customers will only be able to transfer in existing .uk domains from other registrars, but support for new registrations will become available within the next few weeks. In keeping with our at-cost model, .uk domains will be priced at the wholesale registry fee.
A short registrar primer
In the domain name world, there are two key players: registrars and registries. Understandably, the two are often confused. One way to look at it is that registries are the wholesalers and registrars are the retailers. Registries host the centralized database of registered domains within a TLD. They are responsible for establishing the policies and business rules for the TLD. They also set the wholesale price. Registrars sell domains to end users and manage those registrations on an ongoing basis. They set the retail fee, collect payment, provide customer support, and ensure registrations are renewed Continue reading
A Better Internet with UN Global Compact
Every year during Birthday Week, we talk about what we mean by our mission to help build a better Internet. We release support for new standards and products that help the global Internet community and give things like unmitigated DDoS Protection away for free. We also think about our role as an active participant in the global community of individuals, companies and governments that make the Internet what it is.
In 2020, we decided to formalize our commitment to being an active partner in the global community by joining the UN Global Compact (UNGC) as a signatory. We share the view that achievement of the Sustainable Development Goals set out in the UN Global Compact are the blueprint for a better and more sustainable future. Today, we are proud to release our first Communication on Progress, which describes how we are integrating UNGC principles across our company and as part of helping build a better Internet.
Shared values, economy, and Internet
In 1999, then UN Secretary General Kofi Annan shared a sober message with business leaders gathered at the World Economic Forum in Davos. He argued that basic protections like human rights, environmental sustainability, and fair labor practices are Continue reading
Graceful Restart 101
In the Non-Stop Forwarding (NSF) article, I mentioned that the routers adjacent to the device using NSF have to play along to make the idea work. That capability is called Graceful Restart. Today we’ll explore its intricate details, be diplomatic, and leave the shortcomings and tradeoffs for the next blog post.
The Problem
Imagine an access (provider edge) router providing connectivity services to its clients and running a routing protocol with one or more upstream devices.
Graceful Restart (GR) 101
In the Non-Stop Forwarding (NSF) article, I mentioned that the routers adjacent to the device using NSF have to play along to make the idea work. That capability is called Graceful Restart. Today we’ll explore its intricate details, be diplomatic, and leave the shortcomings and tradeoffs for the next blog post.
The Problem
Imagine an access (provider edge) router providing connectivity services to its clients and running a routing protocol with one or more upstream devices.
Nornir – The Basics
If you have an understanding of Python and have been working with Ansible it is likely at some point you will get to the stage where you ask yourself ‘there has to be something better’. For network automation that better could well be Nornir.
Learn How to Implement Stronger Multi-Cloud Security at VMworld 2021
One of the major focuses at VMworld 2021 is to educate network security teams on how they can achieve the strongest security posture by enabling Zero Trust. The Zero Trust model is essential to securing your entire digital footprint and to remain secure as it grows. Leaders like the White House, CISOs, and industry analysts of all kinds, agree that the Zero Trust approach to network architecture is the best way to protect not only the existing perimeter but also the critical apps and workloads inside.
During the Never Trust: Building Zero Trust Networks VMworld 2021 session, industry leaders will take a practical look at what it takes to adopt Zero Trust at scale, offer a blueprint to the Zero Trust Architecture model, and suggest next steps to implement Zero Trust for your organization.
An extension of learning to build Zero Trust networks is sharing tangible solutions to get your business the strength and security it needs. VMware leaders Christopher Kruegel, VP of Security Services, and Vivek Bhandri, Senior Director of Product Marketing, share VMware’s NSX Distributed Firewall service that will strengthen your East-West security to protect any workload in any cloud. Add A Modern Firewall For Any Cloud and Any Workload [SEC2688] to your VMworld itinerary now.
To gain visibility and control within the network via Zero Trust, means giving enterprises room to breathe. Eliminating any hesitation when it comes to threat prevention hardens your organization’s security infrastructure Continue reading
How to Shift to a New Approach for Cybersecurity Asset Management
With a SASE architecture, the access requirements of enterprises can be dealt with securely, regardless of employee location.Tech Bytes: Getting Performance Visibility Into The Last 6 Feet (Sponsored)
You’ve heard of the last mile problem. Today on the Tech Bytes podcast we’re talking problems with the last six feet. With work-from-anywhere becoming commonplace, one of the hardest challenges for IT is how to measure user experience and troubleshoot problems happening somewhere between the desktop and a home router. Our sponsor AppNeta has some ideas on how to help.
The post Tech Bytes: Getting Performance Visibility Into The Last 6 Feet (Sponsored) appeared first on Packet Pushers.
Tech Bytes: Getting Performance Visibility Into The Last 6 Feet (Sponsored)
You’ve heard of the last mile problem. Today on the Tech Bytes podcast we’re talking problems with the last six feet. With work-from-anywhere becoming commonplace, one of the hardest challenges for IT is how to measure user experience and troubleshoot problems happening somewhere between the desktop and a home router. Our sponsor AppNeta has some ideas on how to help.Network Break 352: Nokia Announces 800G Routing Silicon; Pica8 Enticingly Prices Its Campus Controller, Switches
This week's Network Break podcast discusses Nokia's new beefed-up routing silicon, how Pica8 is pursuing campus switching with a controller/switch pricing bundle, and the latest critical security patches from Cisco. We also look at the latest ransomware attacks against US agricultural companies, a MacOS bug, and more tech news.
The post Network Break 352: Nokia Announces 800G Routing Silicon; Pica8 Enticingly Prices Its Campus Controller, Switches appeared first on Packet Pushers.