Archive

Category Archives for "Networking"

Using Traefik Ingress Controller with Istio Service Mesh

Tetrate sponsored this post. Petr McAllister Petr is an IT Professional with more than 20+ years of international experience and Master’s Degree in Computer Science. He is a technologist at Tetrate. The Istio service mesh comes with its own ingress, but we see customers with requirements to use a non-Istio ingress all the time. Previously, we’ve covered Traefik ingress. With some slight adjustments to the approach we suggested previously, we at Tetrate learned how to implement Traefik as the ingress gateway to your Istio Service Mesh. This article will show you how. The flow of traffic is shown on the diagram below. As soon as requests arrive at the service mesh from the Traefik ingress, Istio has the ability to apply security, observability and traffic steering rules to the request: Incoming traffic bypasses the Istio sidecar and arrives directly at Traefik, so the requests terminate at the Traefik ingress. Traefik uses the IngressRoute config to rewrite the “Host” header to match the destination, and forwards the request to the targeted service, which is a several step process: Requests exiting Traefik Ingress are redirected to the Istio sidecar Continue reading

The effect of switching to TCMalloc on RocksDB memory use

The effect of switching to TCMalloc on RocksDB memory use

In previous posts we wrote about our configuration distribution system Quicksilver and the story of migrating its storage engine to RocksDB. This solution proved to be fast, resilient and stable. During the migration process, we noticed that Quicksilver memory consumption was unexpectedly high. After our investigation we found out that the root cause was a default memory allocator that we used. Switching memory allocator improved service memory consumption by almost three times.

Unexpected memory growth

After migrating to RocksDB, the memory used by the application increased significantly. Also, the way memory was growing over time looked suspicious. It was around 15GB immediately after start and then was steadily growing for multiple days, until stabilizing at around 30GB.  Below, you can see a memory consumption increase after migrating one of our test instances to RocksDB.

The effect of switching to TCMalloc on RocksDB memory use

We started our investigation with heap profiling with the assumption that we had a memory leak somewhere and found that heap size was almost three times less than the RSS value reported by the operating system. So, if our application does not actually use all this memory, it means that memory is ‘lost’ somewhere between the system and our application, which points to possible problems with Continue reading

Data-center staffing shortage to spike in coming years

With the predicted growth in the data-center market comes a concurrent need for more staff. According to a report from the Uptime Institute, the number of staff needed to run the world's data centers will grow from around two million in 2019 to nearly 2.3 million by 2025.This estimate covers more than 230 specialist job roles for different types and sizes of data centers, with varying criticality requirements, from design through operation, and across all global regions.Already the industry is bedeviled by staffing shortages. Fifty percent of those surveyed by Uptime Institute said they were currently experiencing difficulties finding candidates for open positions, up from 38% in 2018.To read this article in full, please click here

Impact of Centralized Control Plane Partitioning

A long-time reader sent me a series of questions about the impact of WAN partitioning in case of an SDN-based network spanning multiple locations after watching the Architectures part of Data Center Fabrics webinar. He therefore focused on the specific case of centralized control plane (read: an equivalent of a stackable switch) with distributed controller cluster (read: switch stack spread across multiple locations).

SDN controllers spread across multiple data centers

SDN controllers spread across multiple data centers

Impact of Centralized Control Plane Partitioning

A long-time reader sent me a series of questions about the impact of WAN partitioning in case of an SDN-based network spanning multiple locations after watching the Architectures part of Data Center Fabrics webinar. He therefore focused on the specific case of centralized control plane (read: an equivalent of a stackable switch) with distributed controller cluster (read: switch stack spread across multiple locations).

SDN controllers spread across multiple data centers

SDN controllers spread across multiple data centers

The Internet of Trash

It's often a clear signal that we’re in in deep trouble when politicians believe that they need to lend a hand and help out with regulations. Either the actions of the market have failed consumers and some form of public action is necessary to address aspects of this failure, or the situation is so desperately broken and beyond help that the legislature is performing a largely ineffectual action that serves more to disclaim any residual responsibility on the part of the public sector for the mess that we’ve created.

azruntime: Manage Azure Infrastructure with Python

I wrote a new Python script called azruntime. It helps me manage my Azure VMs. The script is open-source and should work for anyone who also uses the Azure CLI. azruntime is available on my azure-scripts GitHub repository.

Table of Azure VM information

I learned a lot about the Azure Python SDK while working on the azruntime project. In this post, I share what I learned and highlight the more interesting topics like how to find information faster in the Azure Python SDK documentation, Azure authorization, and sorting nested lists by key.

Learning the Azure Python SDK and API

Microsoft offers excellent documentation of all its Azure services, including detailed documentation for the Azure Python SDK. The problem may be that there is so much documentation it is hard to know where to start.

In my opinion, the best place to start is to look at the Azure sample scripts available at the following URL:

Search by keyword or category. When you find a script that appears to display some of the functionality you want to implement, use a search engine to search for the Azure Python SDK classes and functions you see used in the sample scripts.

This is a faster Continue reading

Arista embraces segmentation as part of its zero-trust security

Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.The new software, Macro-Segmentation Service (MSS)-Group, expands the company’s MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company’s MSS Host focuses on data-center security policies.See how AI can boost data-center availability and efficiency MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision’s network information can be utilized by Arista networking partners including VMware, Microsoft and IBM’s Red Hat.To read this article in full, please click here

Arista embraces segmentation as part of its zero-trust security

Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.The new software, Macro-Segmentation Service (MSS)-Group, expands the company’s MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company’s MSS Host focuses on data-center security policies.See how AI can boost data-center availability and efficiency MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision’s network information can be utilized by Arista networking partners including VMware, Microsoft and IBM’s Red Hat.To read this article in full, please click here

Arista embraces segmentation as part of its zero-trust security

Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.The new software, Macro-Segmentation Service (MSS)-Group, expands the company’s MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company’s MSS Host focuses on data-center security policies.See how AI can boost data-center availability and efficiency MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision’s network information can be utilized by Arista networking partners including VMware, Microsoft and IBM’s Red Hat.To read this article in full, please click here

Internet Society Foundation Awards $1M in Research Grants Studying the Future of the Internet

From the environment to the economy, the Internet is reshaping and disrupting several sectors of our society. What might future patterns of disruption look like? How will these changes affect all of us, particularly those on the margins of society? What new solutions can we generate today, to address the challenges of tomorrow?

At the Internet Society Foundation, we believe the answers to these questions and many others can be found in research. That’s why in September 2020 we announced $1M in grants to support researchers worldwide studying the future and sustainability of the Internet.

Today we’re thrilled to announce the seven awardees. Their projects explore important questions around the Internet’s relationship to society, such as the economic cost of the digital gender gap, the impact of digital labor platforms on worker’s rights, what climate solutions might help decarbonize the subsea cable network, and more.

Learn more about the awardees!


The Research programme is open to independent researchers and research institutions worldwide and is currently accepting statements of interest, to be reviewed on a rolling basis. Grants of up to US$200,000 will be awarded for research lasting up to two years.


The Internet Society Foundation was established in 2019 to Continue reading

The Time for Zero Trust Networking is Now

Arista is trusted and powers the world’s largest data centers and cloud providers based on the quality, support and performance of its products. The experience gained from working with over 7000 customers has helped redefine software defined networking and many of our customers have asked us how we plan to address security. To us, security must be a holistic and inherent part of the network. Our customers have been subjected to the fatigue of point products, reactive solutions, proprietary vendor lock-ins and most of all, operational silos created between CloudOps, NetOps, DevOps and SecOps. By leveraging cloud principles, Arista’s cloud network architectures bring disparate operations together to secure all digital assets across client to IoT, campus, data center and cloud protecting them from threats, thefts and compromises.

The Time for Zero Trust Networking is Now

Arista is trusted and powers the world’s largest data centers and cloud providers based on the quality, support and performance of its products. The experience gained from working with over 7000 customers has helped redefine software defined networking and many of our customers have asked us how we plan to address security. To us, security must be a holistic and inherent part of the network. Our customers have been subjected to the fatigue of point products, reactive solutions, proprietary vendor lock-ins and most of all, operational silos created between CloudOps, NetOps, DevOps and SecOps. By leveraging cloud principles, Arista’s cloud network architectures bring disparate operations together to secure all digital assets across client to IoT, campus, data center and cloud protecting them from threats, thefts and compromises.

Introduction To The Riverbed Technical Podcast

In this episode we (Brandon, Phil, and Vince) introduce ourselves and share what drives our passion for network visibility and performance.  While we are all from Riverbed, this is not your typical vendor podcast.  We have a lot planned to discuss around why visibility is a key that networks must focus on today.  We talk about cloud and what that overused blanket term really means to us, and how migrations to the cloud are a key time to ensure that we have visibility into apps that have been forgotten, where our data is, what’s leaving the cloud, and what the performance looks like, before, during, and after. We touch on Security, AI/ML, and performance as well, as we setup shop and plan to discuss these areas in further detail.

Reference Links:

Brandon Carroll
Host
Phil Gervasi
Host
Vince Berk
Host

The post Introduction To The Riverbed Technical Podcast appeared first on Network Collective.

Dell partners to provide 5G networking, edge solution

Dell Technologies, its VMware subsidiary, and SK Telecom have partnered to provide OneBox MEC, a single-box approach that provides enterprises with an integrated, private-5G and edge-computing platform. 5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can’t Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises Consulting giant Deloitte believes private 5G networks will become the preferred choice of networks for many of the world’s largest businesses, especially for industrial environments such as manufacturing plants, logistics centers, and ports.To read this article in full, please click here

Dell partners to provide 5G networking, edge solution

Dell Technologies, its VMware subsidiary, and SK Telecom have partnered to provide OneBox MEC, a single-box approach that provides enterprises with an integrated, private-5G and edge-computing platform. 5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can’t Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises Consulting giant Deloitte believes private 5G networks will become the preferred choice of networks for many of the world’s largest businesses, especially for industrial environments such as manufacturing plants, logistics centers, and ports.To read this article in full, please click here

Factorials and unscrambling words with bash on Linux

In this post, we examine a bash script that takes a string of letters, rearranges them in every possible way and checks each permutation to identify those that are English words. In the process, we'll take a close look at the script and calculate how hard it might have to work.Note that, in the algorithm used, each letter arrangement must use all of the letters in the string provided. Words formed by substrings are not considered.How to loop forever in bash on Linux First, the script expects the scrambled string to be provided as an argument and prompts for it if none is provided. It then checks out each arrangement of letters to find those that exist in the system's words file – in this case, that's /usr/share/dict/words. Here are the first lines in the script:To read this article in full, please click here

Factorials and unscrambling words with bash on Linux

In this post, we examine a bash script that takes a string of letters, rearranges them in every possible way and checks each permutation to identify those that are English words. In the process, we'll take a close look at the script and calculate how hard it might have to work.Note that, in the algorithm used, each letter arrangement must use all of the letters in the string provided. Words formed by substrings are not considered.How to loop forever in bash on Linux First, the script expects the scrambled string to be provided as an argument and prompts for it if none is provided. It then checks out each arrangement of letters to find those that exist in the system's words file – in this case, that's /usr/share/dict/words. Here are the first lines in the script:To read this article in full, please click here