Archive

Category Archives for "Networking"

Heavy Networking 550: Automation Readiness Isn’t About Your Routers (Sponsored)

Today's Heavy Networking podcast examines cross-domain automation. Our sponsor is Cisco and our guest is Omar Sultan, Leader, Product Management for Cisco's Network Services Orchestrator (NSO) product. While the discussion starts with NSO, the conversation also covers dealing with automation complexity, the need for tool choice, and the critical roles that organizational structure and teams play in a successful automation/orchestration effort.

Heavy Networking 550: Automation Readiness Isn’t About Your Routers (Sponsored)

Today's Heavy Networking podcast examines cross-domain automation. Our sponsor is Cisco and our guest is Omar Sultan, Leader, Product Management for Cisco's Network Services Orchestrator (NSO) product. While the discussion starts with NSO, the conversation also covers dealing with automation complexity, the need for tool choice, and the critical roles that organizational structure and teams play in a successful automation/orchestration effort.

The post Heavy Networking 550: Automation Readiness Isn’t About Your Routers (Sponsored) appeared first on Packet Pushers.

Looking For a Mentor? Don’t Forget This Important Step!

With the insanity of the pandemic and the knowledge drain that we’re seeing across IT in general, there’s never been a more important time than right now to help out those that are getting started on this rise. The calls for mentors across the community is heartwarming. I’ve been excited personally to see many recognizable names and faces in the Security, Networking, and Wireless communities reaching out to let people know they are available to mentor others or connect them with potential mentors. It’s a way to give back and provide servant leadership to those that need it.

If you’re someone that’s reading this blog right now and looking for a mentor you’re in luck. There are dozens of people out there that are willing to help you out. The kindness of the community is without bounds and there are those that know what it was like to wander through the wilderness for a while before getting on the right track. They are the ones that will be of the most help to you. However, before you slide into someone’s DMs looking for help, you need to keep a few things in mind.

Make Me One With Everything

The single Continue reading

Linkerd Adds Default mTLS to Kubernetes to Enable Zero Trust

Linkerd, the open source service mesh, has been updated with a number of new features, including support for the ARM architecture, a new multicore proxy runtime, and the automatic enabling of mutual TLS (mTLS) security for all TCP connections. Buoyant, the company behind AWS Graviton, and support for Kubernetes’s new service topology feature will again increase operating efficiency with the ability to decide routing preferences. A complete rundown of Linkerd improvements, performance enhancements, and bug fixes can be found in the Ralf Skirr on 

NTC – A Conversation With Daren Fulwell

In this podcast, we sit down with Daren Fulwell.  Daren is a long-time network engineer, CCIE and CCDE, and is now a network automation evangelist.  Tune in to hear about not only Daren’s journey, but a great discussion dissecting the intersection of SDN, intent-based networking, and how we need more focus on understanding operational processes and workflows to really make a dent within a network automation journey.

Reference Links:

Daren Fulwell
Guest
Jason Edelman
Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post NTC – A Conversation With Daren Fulwell appeared first on Network Collective.

Automated Origin CA for Kubernetes

Automated Origin CA for Kubernetes
Automated Origin CA for Kubernetes

In 2016, we launched the Cloudflare Origin CA, a certificate authority optimized for making it easy to secure the connection between Cloudflare and an origin server. Running our own CA has allowed us to support fast issuance and renewal, simple and effective revocation, and wildcard certificates for our users.

Out of the box, managing TLS certificates and keys within Kubernetes can be challenging and error prone. The secret resources have to be constructed correctly, as components expect secrets with specific fields. Some forms of domain verification require manually rotating secrets to pass. Once you're successful, don't forget to renew before the certificate expires!

cert-manager is a project to fill this operational gap, providing Kubernetes resources that manage the lifecycle of a certificate. Today we're releasing origin-ca-issuer, an extension to cert-manager integrating with Cloudflare Origin CA to easily create and renew certificates for your account's domains.

Origin CA Integration

Creating an Issuer

After installing cert-manager and origin-ca-issuer, you can create an OriginIssuer resource. This resource creates a binding between cert-manager and the Cloudflare API for an account. Different issuers may be connected to different Cloudflare accounts in the same Kubernetes cluster.

apiVersion: cert-manager.k8s.cloudflare.com/v1
kind: OriginIssuer
metadata:
   Continue reading

How to sort ps output

The ps command is key to understanding what's running on your Linux system and the resources that each process is using. It's useful to know how to display the information that ps provides in whatever way helps you focus on the problem you're trying to resolve. One aspect of this is being able to sort the output of the ps aux command by any column to highlight particular information, such as how much memory processes are using or how long they've been running.The trick involves using the ps command's --sort option and knowing how to specify the column that you want to use for the sort. By default, ps sorts by process IDs (PIDs), showing the smallest first. PID 1 will appear at the top of the list, right under the column headings. The rest will follow in numeric order.To read this article in full, please click here

Video: Getting a Packet Across a Network

After (hopefully) agreeing on what routing, bridging, and switching are, let’s focus on the first important topic in this area: how do we get a packet across the network? Yet again, there are three fundamentally different technologies:

  • Source node knows the full path (source routing)
  • Source node opened a path (virtual circuit) to the destination node and uses that path to send traffic
  • The network performs hop-by-hop destination-address-based packet forwarding.

More details in the Getting Packets Across the Network video.

The video is part of How Networks Really Work webinar and available with Free ipSpace.net Subscription.

Video: Getting a Packet Across a Network

After (hopefully) agreeing on what routing, bridging, and switching are, let’s focus on the first important topic in this area: how do we get a packet across the network? Yet again, there are three fundamentally different technologies:

  • Source node knows the full path (source routing)
  • Source node opens a path (virtual circuit) to the destination node and uses that path to send traffic
  • The network performs hop-by-hop destination-address-based packet forwarding.

More details in the Getting Packets Across the Network video.

The video is part of How Networks Really Work webinar and available with Free ipSpace.net Subscription.

NetApp launches cloud-native storage solution for containers

After its purchase of cloud storage automation specialist Spot for $450 million this past June, NetApp is releasing its first new product under the brand. Called Spot Storage, it's a "storageless" solution that's designed to enable automated administration of cloud-native, container-based applications.NetApp describes Spot Storage as a cloud-based, serverless offering for application-driven architectures that run microservices-based applications in Kubernetes containers."Serverless computing" is a bit of a misnomer. Your application and data still reside on servers, but they're not tied to one particular physical location. Just like the cloud means never using the same physical box twice, a serverless storage service means the cloud provider runs the server and dynamically manages the allocation of machine resources.To read this article in full, please click here

Real-time network telemetry for automation


The video discusses telemetry and requirements for network automation, providing an overview of sFlow measurement architecture and a discussion of recently added packet drop monitoring functionality, and ending with a live demonstration of GPU compute cluster analytics. The slides from the video are available here.

The video is part of recent talk Using Advanced Telemetry to Correlate GPU and Network Performance Issues [A21870] presented at the NVIDIA GTC conference

New Features in MANRS Observatory: More Informative, Intuitive, and Easy to Use

In August 2019, the Internet Society supported the Mutually Agreed Norms for Routing Security (MANRS) initiative by creating a platform to visualize its members’ routing security data from around the globe. The MANRS Observatory’s interactive dashboard allows networks to check their progress in improving their routing security.

Last week, we updated some key features of the MANRS Observatory guided by member feedback. Below we share a summary of those changes.

Please note, detailed statistics and reports for specific networks are only available to MANRS participants. Your organization can become an MANRS member for free, and join a global group of people committed to making the Internet safer for us all. Find out how.

MANRS Observatory 3.0.1: Latest updates

  1. Shorter reporting cycle
  2. Improved favorite functionality
  3. Access to RIPEstat widget
  4. Change to how we round numbers

1. Shorter reporting cycle

Previously the MANRS Observatory provided status report updates up to 31 days after members’ had added their latest figures. While this wasn’t a real problem when looking at general trends, it was an issue for network operators who use the platform to check their network conformance. It was also an issue for the MANRS team, as we Continue reading

Network Automation Can Relieve Network Engineers Stretched Thin by Covid-19

The network has never been more vulnerable. Covid-19 has flung users out from the data center to home offices—where they are accessing critical systems, applications, and other users from unsecured devices and WiFi connections. As a result, it’s all hands on deck for IT, with network engineers deputized as IT support staff in a mad rush to give remote users fast and reliable, yet secure, access to the tools and information they need.

But what of the regular duties of these engineers? They are being pushed back in favor of new priorities—stretching network engineering resources, already spread thin, to the breaking point.

Enter network automationVMware NSX-T allows organizations to automate and simplify operations in the age of Covid. Tasks that were once performed manually through the UI or CLI can now be automated with the NSX API—creating the foundation for dynamic, flexible and responsive network architectures that can support a world where users, devices, applications and data connect across private, public and hybrid cloud environments.  

Virtual Cloud Network VMworld On-Demand Sessions

 

Networking professionals who want to learn more about how to automate operations should check out the following on-demand sessions from VMworld: 

NSX-T Network Automation: What To Do When You Have Continue reading

UK Black History Month at Cloudflare

UK Black History Month at Cloudflare
UK Black History Month at Cloudflare

In February 2019, I started my journey at Cloudflare. Back then, we lived in a COVID-19 free world and I was lucky enough, as part of the employee onboarding program, to visit our San Francisco HQ. As I took my first steps into the office, I was greeted by a beautiful bouquet of Protea flowers at the reception desk. Being from South Africa, seeing our national flower instantly made me feel at home and welcomed to the Cloudflare family - this memory will always be with me.

Later that day, I learnt it was Black History Month in the US. This celebration included African food for lunch, highlights of Black History icons on Cloudflare’s TV screens, and African drummers. At Cloudflare, Black History Month is coordinated and run by Afroflare, one of many Employee Resource Groups (ERGs) that celebrates diversity and inclusion. The excellent delivery of Black History Month demonstrated to me how seriously Cloudflare takes Black History Month and ERGs.

Today, I am one of the Afroflare leads in the London office and led this year’s UK Black History Month celebration. 2020 has been a year of historical events, which made this celebration uniquely significant. George Floyd’s murder Continue reading

With COVID-19 hanging on, migration to the cloud accelerates

With the COVID-19 pandemic showing no signs of abating, migration to the cloud is expected to accelerate as enterprises choose to let someone else worry about their server gear.In its global IT outlook for 2021 and beyond, IDC predicts the continued migration of enterprise IT equipment out of on-premises data centers and into data centers operated by cloud service providers (such as AWS and Microsoft) and colocation specialists (such as Equinix and Digital Realty).The research firm expects that by the end of 2021, 80% of enterprises will put a mechanism in place to shift to cloud-centric infrastructure and applications twice as fast as before the pandemic. CIOs must accelerate the transition to a cloud-centric IT model to maintain competitive parity and to make the organization more digitally resilient, the firm said.To read this article in full, please click here

With COVID-19 hanging on, migration to the cloud accelerates

With the COVID-19 pandemic showing no signs of abating, migration to the cloud is expected to accelerate as enterprises choose to let someone else worry about their server gear.In its global IT outlook for 2021 and beyond, IDC predicts the continued migration of enterprise IT equipment out of on-premises data centers and into data centers operated by cloud service providers (such as AWS and Microsoft) and colocation specialists (such as Equinix and Digital Realty).The research firm expects that by the end of 2021, 80% of enterprises will put a mechanism in place to shift to cloud-centric infrastructure and applications twice as fast as before the pandemic. CIOs must accelerate the transition to a cloud-centric IT model to maintain competitive parity and to make the organization more digitally resilient, the firm said.To read this article in full, please click here