The problem with thread^W event loops
Back when Cloudflare was created, over 10 years ago now, the dominant HTTP server used to power websites was Apache httpd. However, we decided to build our infrastructure using the then relatively new NGINX server.
There are many differences between the two, but crucially for us, the event loop architecture of NGINX was the key differentiator. In a nutshell, event loops work around the need to have one thread or process per connection by coalescing many of them in a single process, this reduces the need for expensive context switching from the operating system and also keeps the memory usage predictable. This is done by processing each connection until it wants to do some I/O, at that point, the said connection is queued until the I/O task is complete. During that time the event loop is available to process other in-flight connections, accept new clients, and the like. The loop uses a multiplexing system call like epoll (or kqueue) to be notified whenever an I/O task is complete among all the running connections.
In this article we will see that despite its advantages, event loop models also have their limits and falling back to good old threaded architecture is sometimes Continue reading
Solving “NAME is not exported by MODULE” When Using Local NPM Dependencies
This blog post will focus on a topic I don’t usually dive into (Javascript and related tooling), but I felt like others might benefit from the solution to a problem I encountered while doing local development for antidote-web, the web front-end that powers NRE Labs. A quick aside on the architecture for the front-end code for the Antidote platform - the antidote-web project is the lynchpin for everything. It’s where the general structure of the front-end app is managed.Google Cloud Next Now Postponed Due to COVID-19
The company's headquarters in Mountain View, California, are under a "shelter in place" ordinance...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
How to Efficiently Detect Domain Generation Algorithms (DGA) in Kubernetes with Calico Enterprise
Introduction
2020 is predicted to be an exciting year with more organizations adopting Kubernetes than ever before. As critical workloads with sensitive data migrate to the cloud, we can expect to encounter various Advanced Persistent Threats (APT) targeting that environment.
Domain Generation Algorithm (DGA) – What is It?
DGA is a technique that fuels malware attacks. DGA by itself can’t harm you. But it’s a proven technique that enables modern malware to evade security products and counter-measures. Attackers use DGA so they can quickly switch the command-and-control (also called C2 or C&C) servers that they’re using for malware attacks. Security software vendors act quickly to block and take down malicious domains hard-coded in malware. So, attackers used DGA specifically to counter these actions. Now DGA has become one of the top phone-home mechanisms for malware authors to reach C2 servers. This poses a significant threat to cloud security.
Mitre defines DGA as “The use of algorithms in malware to periodically generate a large number of domain names which function as rendezvous points for malware command and control servers”. Let’s examine this definition more closely. DGA at its core generates domains by concatenating pseudo-random strings and a TLD (e.g. .com, . Continue reading
Daily Roundup: Remote Workers Strain Services
Remote worker influx stifled services; Cisco, Hitachi sliced jobs; and Red Hat, Intel bridged the...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
A new era for Cumulus in the Cloud
When we launched Cumulus in the Cloud (CitC) over two years ago, we saw it as a way for our customer base to test out Cumulus Linux in a safe sandboxed environment. Looking back, September 2017 feels like an eternity ago.
Since then, CitC has become a place where we’ve been able to roll out new functionality and solutions to customers and Cumulus-curious alike — and we’ve done some really interesting things (some of our favs include integrating it with an Openstack demo and Mesos demo). It’s pretty much become a Cumulus technology playground.
As our CitC offering has evolved, we’ve also taken stock of the requirements from our customers and realized the direction we want to take CitC. So where is it heading? We’re excited to share that with the launch of our production-ready automation solution last week, CitC will have a new user experience and user interface.
Out with the old:
In with the new:
This redesigned UI comes with some really great enhancements:
- Auto-deployed production ready demos
- Customized external connectivity to oob-mgmt-server to run user customized applications
- Default lifetime increased to 12 hours
- NetQ native integration within the demo
- Ability to store and wake up Continue reading
Infinera Pushes 800G Further in Latest Trial
The trial marks the successful use of a transceiver that's headline data rate can be achieved over...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Cisco, Hitachi Vantara Slicing Hundreds of Silicon Valley Jobs
The job cuts include nearly 400 Cisco employees and 151 Hitachi Vantara employees.
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Liqid Composes Inspur OCP Racks, Western Digital Storage
The OCP-compliant Inspur system includes Nvidia GPUs and enables composability via PCIe...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
BiB089 Why Coronavirus Pandemic Could Ignite Cloud Repatriation
Could COVID19 lead to walk back from public cloud ? A discussion with Mike Dvorkin.BiB089 Why Coronavirus Pandemic Could Ignite Cloud Repatriation
Could COVID19 lead to walk back from public cloud ? A discussion with Mike Dvorkin.
The post BiB089 Why Coronavirus Pandemic Could Ignite Cloud Repatriation appeared first on Packet Pushers.
Telnyx api/sms saves my plants! Every single time.
When its a holiday, I do some house-hold farming, mostly into Hydroponics which is based on water and associated nutrients and does not require soil as a medium.
Let me show an example.
As you can see, Plant drinks up water, and the one which you are seeing is lemon plant from its seed stage, Monitoring water level is extremely important and for me there are many more in home so cant be keeping track of everything.
So sensor gets the data, Raspberry Pi talks to AWS IOT securely since Microcontrollers are still a pain to handle SSL and Rpi makes it easy and after processing MQTT message AWS IOT will process based on the Rules, in our case if the treshold is below 500 then plant is drying up.
Why Not Inbuilt SES/SMS with AWS ?
SES works great but I check my emails only once in two days and there is no way to alert based on the email, SMS I wanted to used multiple number pool (thinking to expand) and Cost with Telnyx is Really Amazing to do any Communication services
I have tried other vendors and results are not great either my carrier has some integration problems Continue reading
Working from Home: Keeping It Secure and Private
With the global efforts to curb the spread of COVID-19 coronavirus underway, we’re seeing an unprecedented disruption of day-to-day operations across virtually all work sectors.
Coronavirus coverage is dominating headlines as more country borders, schools, major events and public venues are shut down in hopes of flattening the infection curve. Likewise, companies around the world are making tough calls to prioritize employee safety with business continuity in mind.
But thanks to the Internet, many workplaces are rapidly adapting operations to do their part and accommodate for what may soon become a new normal: remote working.
There are no shortage of web-based applications and services that allow us to continue core functions like meetings and collaboration that we’d do in an office-based setting. And not just the proverbial meeting that could have been an email.
But how do we ensure confidentiality when working remotely? There are some simple ways businesses and employees can ensure they are protecting themselves and their workplaces from malicious actors.
The answer is simple: encryption.
Encryption is the process of scrambling or enciphering data so it can be read only by someone with the means to return it to its original state.
It allows all our online Continue reading
On the shoulders of giants: recent changes in Internet traffic
As the COVID-19 emergency continues and an increasing number of cities and countries are establishing quarantines or cordons sanitaire, the Internet has become, for many, the primary method to keep in touch with their friends and families. And it's a vital motor of the global economy as many companies have employees who are now working from home.
Traffic towards video conferencing, streaming services and news, e-commerce websites has surged. We've seen growth in traffic from residential broadband networks, and a slowing of traffic from businesses and universities.
The Cloudflare team is fully operational and the Network Operating Center (NOC) is watching the changing traffic patterns in the more than 200 cities in which we operate hardware.
Big changes in Internet traffic aren't unusual. They often occur around large sporting events like the Olympics or World Cup, cultural events like the Eurovision Song Contest and even during Ramadan at the breaking of the fast each day.
The Internet was built to cope with an ever changing environment. In fact, it was literally created, tested, debugged and designed to deal with changing load patterns.
Over the last few weeks, the Cloudflare Network team has noticed some new patterns and we wanted to Continue reading
Cisco Meraki vMX 100 deployment in Azure
Generalities There are many ways to connect your “on Premises” Data Center workloads with Microsoft Azure. I own the full meraki suite at home and have enjoyed it for the past three years. It provides all the features I need. I also have some workloads in Microsoft Azure and wanted to access them using a private and encrypted network instead of accessing them using their public IP. Meraki have the possibility to deploy a vMX 100 in Microsoft Azure. You can deploy a vMX100 either in Azure or in AWS and it will be part of your full mesh VPN as any other MX device that you own. It can support up to 500 Mbps of VPN throughput which can [Read More...]
The post Cisco Meraki vMX 100 deployment in Azure appeared first on VPackets.net.
Automation Story: Tools
As the last part of his network automation journey, Anne Baretta described the automation tools he used.
Notes
- We covered numerous automation tools (including the ones Anne used) in our Building Network Automation Solutions online course;
- For an overview of automation tools, watch the Network Automation Tools webinar.
Automation Story: Tools
As the last part of his network automation journey, Anne Baretta described the automation tools he used.
Notes
- We covered numerous automation tools (including the ones Anne used) in our Building Network Automation Solutions online course;
- For an overview of automation tools, watch the Network Automation Tools webinar.
Network Break 275: Aruba Bridges 5G And Wi-Fi; VMware Embraces K8s With Tanzu, vSphere 7
On today's Network Break we discuss potential impacts of the coronavirus pandemic on Internet loads, conferences and events, VPNs and working from home, and other tech areas. We also examine Aruba's new Air Pass and Air Slice offerings, drill into VMware's massive Tanzu and vSphere 7 releases, a WatchGuard acquisition, and more. Guest pontificator Ned Bellanvance comes along for the ride.
The post Network Break 275: Aruba Bridges 5G And Wi-Fi; VMware Embraces K8s With Tanzu, vSphere 7 appeared first on Packet Pushers.