Modernization Myths: Monoliths and Microservices
We aren't modernizing apps; we're modernizing interaction with apps to enable a new means of engaging with the business.The Hedge Podcast #57: Brian Trammell and PANRG
Brian Trammell joins Alvaro Retana and Russ White to discuss the Path Aware Research Group in the IRTF. According to the charter page, PANRG “aims to support research in bringing path awareness to transport and application layer protocols, and to bring research in this space to the attention of the Internet engineering and protocol design community.”
Day Two Cloud 071: It’s Not Too Late To Make DevOps Work
Technology is accelerating like crazy, with new tools, services, open-source projects, and processes. If you're trying to make DevOps work in your organization, you might feel like you're perpetually behind. This Day Two Cloud episode is here to say: You're going to be OK. You can still engage with DevOps to move your career and your organization forward. Our guest to tell you how is April Edwards, a Senior Software Engineer at Microsoft.Day Two Cloud 071: It’s Not Too Late To Make DevOps Work
Technology is accelerating like crazy, with new tools, services, open-source projects, and processes. If you're trying to make DevOps work in your organization, you might feel like you're perpetually behind. This Day Two Cloud episode is here to say: You're going to be OK. You can still engage with DevOps to move your career and your organization forward. Our guest to tell you how is April Edwards, a Senior Software Engineer at Microsoft.
The post Day Two Cloud 071: It’s Not Too Late To Make DevOps Work appeared first on Packet Pushers.
The Cloudflare Radar 2020 Elections Dashboard
There is significant global attention around the upcoming United States election. Through the Athenian Project and Cloudflare for Campaigns, Cloudflare is providing free protection from cyber attacks to a significant number of state and local elections' websites, as well as those of federal campaigns.
One of the bedrocks of a democracy is that people need to be able to get access to relevant information to make a choice about the future of their country. This includes information about the candidates up for election; learning about how to register, and how to cast a vote; and obtaining accurate information on the results.
A question that I’ve been increasingly asked these past few months: are cyberattacks going to impact these resources leading up to and on election day?
Internally, we have been closely monitoring attacks on the broader elections and campaign websites and have a team standing by 24x7 to help our current customers as well as state and local governments and eligible political campaigns to protect them at no cost from any cyberattacks they may see.
The good news is that, so far, cyberattacks have not been impacting the websites of campaigns and elections officials we are monitoring and protecting. Continue reading
Whiteboards Don’t Remote Work
Its a mistake to think whiteboards are the only tool you have.
Validate Ansible YAML Data with JSON Schema
When I published the Optimize Network Data Models series a long while ago, someone made an interesting comment along the lines of “You should use JSON Schema to validate the data model.”
It took me ages to gather the willpower to tame that particular beast, but I finally got there. In the next installment of the Data Models saga I described how you can use JSON Schema to validate Ansible inventory data and your own YAML- or JSON-based data structures.
To learn more about data validation, error handling, unit- and system testing, and CI/CD pipelines in network automation, join our automation course.
Docker DDoS testbed
Docker testbed describes how to use Docker Desktop to build a test network to experiment with real-time sFlow streaming telemetry and analytics. This article extends the testbed to experiment with distributed denial of service (DDoS) detection and mitigation techniques described in Real-time DDoS mitigation using BGP RTBH and FlowSpec.
Start a Host sFlow agent using the pre-built sflow/host-sflow image:
docker run --rm -d -e "COLLECTOR=host.docker.internal" -e "SAMPLING=10" \
--net=host -v /var/run/docker.sock:/var/run/docker.sock:ro \
--name=host-sflow sflow/host-sflow
Start ExaBGP using the pre-built sflow/exabgp image. ExaBGP connects to the sFlow-RT analytics software and displays BGP RTBH / Flowspec controls sent by sFlow-RT:
docker run --rm sflow/exabgp
In a second terminal window, start an instance of the sFlow-RT analytics software using the pre-built sflow/ddos-protect image:
GW=`docker network inspect bridge -f '{{range .IPAM.Config}}{{.Gateway}}{{end}}'`
SUBNET=`docker network inspect bridge -f '{{range .IPAM.Config}}{{.Subnet}}{{end}}'`
docker run --rm -p 6343:6343/udp -p 8008:8008 -p 1179:1179 --name=sflow-rt \
sflow/ddos-protect -Dddos_protect.router=$GW -Dddos_protect.as=65001 \
-Dddos_protect.enable.flowspec=yes -Dddos_protect.group.local=$SUBNET \
-Dddos_protect.mode=automatic \
-Dddos_protect.udp_amplification.action=filter \
-Dddos_protect.udp_amplification.threshold=5000Open the sFlow-RT dashboard at http://localhost:8008/
The sFlow Agents gauge confirms that sFlow is being received from the Host sFlow agent. Now access the Continue reading
A Communication Fabric for Today’s Omni-Channel Digital Experience
How to connect the myriad vendors leveraged by enterprises to create robust consumer journeys.Insight Analytics with Custom Tagging: Cost-Effective Insight into Networks and Applications
Insight Analytics with custom tagging lets operators tailor their traffic views to their environment to gain deeper insight and accelerate trouble resolution.Technologies that Didn’t: Network Operating Systems
For those with a long memory—no, even longer than that—there were once things called Network Operating Systems (NOS’s). These were not the kinds of NOS’s we have today, like Cisco IOS Software, or Arista EOS, or even SONiC. Rather, these were designed for servers. The most common example was Novell’s Netware. These operating systems were the “bread and butter” of the networking world for many years. I was a Certified Netware Expert (CNE) version 4.0, and then 4.11, before I moved into the routing and switching world. I also deployed Banyan’s Vines, IBM’s OS/2, and a much simpler system called LANtastic, among others.
What were these pieces of software? They were largely built around providing a complete environment for the network user. These systems began with file sharing and directory services and included a small driver that would need to be installed on each host accessing the file share. This small driver was actually a network stack for a proprietary set of protocols. For Vines, this was VIP; for Netware, it was IPX. Over time, these systems began to include email, and then, as a natural outgrowth of file sharing and email, directory services. For some time, there Continue reading
Full Stack Journey 047: Using Kubernetes And Crossplane To Provision Cloud Infrastructure
Today's Full Stack Journey episode explores the Crossplane project, which uses APIs in Kubernetes and public cloud providers to allow you to provision and manage cloud services and infrastructure from Kubernetes. Crossplane maintainer Daniel Mangum is our guide.
The post Full Stack Journey 047: Using Kubernetes And Crossplane To Provision Cloud Infrastructure appeared first on Packet Pushers.
Full Stack Journey 047: Using Kubernetes And Crossplane To Provision Cloud Infrastructure
Today's Full Stack Journey episode explores the Crossplane project, which uses APIs in Kubernetes and public cloud providers to allow you to provision and manage cloud services and infrastructure from Kubernetes. Crossplane maintainer Daniel Mangum is our guide.