Anatomy of the “kubernetes.default”

Every Kubernetes cluster is provisioned with a special service that provides a way for internal applications to talk to the API server. However, unlike the rest of the components that get spun up by default, you won’t find the definition of this service in any of the static manifests and this is just one of the many things that make this service unique.

The Special One

To make sure we’re on the same page, I’m talking about this:

$ kubect get svc kubernetes -n default
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   161m

This service is unique in many ways. First, as you may have noticed, it always occupies the first available IP in the Cluster CIDR, a.k.a. --service-cluster-ip-range.

Second, this service is invincible, i.e. it will always get re-created, even when it’s manually removed:

$ kubectl get svc
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   118s
$ kubectl delete svc kubernetes
service "kubernetes" deleted
$ kubectl get svc
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   0s

You may notice that it comes up with the Continue reading

Jinja2 Tutorial – Part 3 – Whitespace control

Weekend Reads 062620

A little late, but still…

In the recent GitHub Satellite online conference, one of the most exciting product announcements was GitHub Codespaces. The idea is to have a code button on every repository. —Michael Yuan

High impact vulnerabilities in modern communication protocol used by mobile network operators (MNOs) can be exploited to intercept user data and carry out impersonation, fraud, and denial of service (DoS) attacks, cautions a newly published research. —Ravie Lakshmanan

I want to explain the cost structure that firms, and in particular technology companies, must manage. I absorbed these lessons by studying the financial documents and annual reports of companies that perhaps you aspire to work for or whose products you may use and enjoy. —Adam Naor

As a search engine optimization (SEO) and domain name consultant, one of the questions I get asked most often about domain names is whether or not the domain name or TLD (Top-Level Domain) matters. Will the domain name ending have an effect on SEO or search engine rankings. Are certain domain name endings preferred by the search engines over other domain name extensions? I decided to answer this question based on search engine optimization testing and not just on my Continue reading

USB to Serial Console from MacOS

ServiceNow Boosts Data Centre Capacity in Europe

ServiceNow is increasing investment in its data centre infrastructure by developing new facilities...

Read More »

Cryptojackers Target Docker Containers for Monero Mining

Palo Alto Networks and Aqua Security researchers say cryptojackers are inserting malicious images...

Read More »

Daily Roundup: HPE Sells Software Strategy

HPE rolled out a new software strategy and software brand, Ezmeral; AWS sweetened the no-code pot;...

Read More »

SES Launches Space WAN From Orbit

RCS Communications is SES's first SD-WAN customer, and it's using SD-WAN to enhance and fortify its...

Read More »

Huawei Cops To Lack of US Ambition

“We don’t necessarily have any ambition in the U.S. market just because this is such a...

Read More »

VMware Tanzu Mission Control Gains Data Protection

The feature allows for central management of data protection of Kubernetes clusters running across...

Read More »

Heavy Networking 525: Gluware Automating Terracon’s Network (Sponsored)

Heavy Networking 525: Gluware Automating Terracon’s Network (Sponsored)

Some of our favorite Heavy Networking discussions are with folks deep in the hot aisle making technology work. No slide decks, just engineers doing the thing. How did it go? What do you wish you had done differently? What worked out well? We have one of these chats today with Jamie Hughes, Infrastructure Architect at Terracon. He's rolled out many complex network changes with Gluware's network automation platform.

The post Heavy Networking 525: Gluware Automating Terracon’s Network (Sponsored) appeared first on Packet Pushers.

Closing the Digital Divide in Nepal

COVID-19 has pushed the world into a digital revolution and closing Nepal’s digital divide has never been more important.

Nepal is a landlocked least developed country, and according to the International Telecommunication Union, less than 20% of its population are online compared to 87% in developed countries.

While connecting some of Nepal’s most remote places isn’t easy, two community network projects are case studies of how it can be done. They are Wireless for Communities (W4C) Nepal and Rural Communities Access to Information Society (RUCCESS), both supported by the Internet Society.

Community networks are networks built, managed and used by local communities. They are often established in rural and remote areas that are not commercially viable for Internet service providers (ISPs). The networks are often built using low-cost WiFi equipment and unlicensed spectrum bands to interconnect members of the community and improve their lives.

W4C Nepal

W4C Nepal was launched in the aftermath of the Gorkha Earthquake in April 2015, in partnership with the Nepal Wireless Networking Project, an initiative of Mahabir Pun, an Internet Hall of Fame recipient and winner of the Ramon Magsaysay Award.

Using wireless networks, all powered by solar panels as the villages are Continue reading

VMware NSX-T Service Insertion and Gigamon GigaVUE Cloud Suite

We are delighted that our valued partner, Gigamon, and it’s GigaVUE Cloud Suite has met the certification requirements for VMware NSX-T  service insertion. 

Service Insertion for NSX-T

The concept of service insertion is key for the NSX platform, enabling users to seamlessly add third party applications at various points throughout the network. Having a robust ecosystem of partners provides maximum flexibility for NSX-T, allowing customers to add partner functionality, tailored to their unique requirements without degrading performance elsewhere in the software-defined data center (SDDC). Partner applications are put through a rigorous certification process ensuring the highest level of interoperability and reliability.

With the certification, GigaVUE Cloud Suite is now interoperable with VMware’s NSX-T and vCenter Server through APIs for improved agility and reduced manual management tasks. Gigamon customers now have comprehensive application visibility across complex hybrid environments, including east-west traffic, at scale.

Learn more

Please join the VMware and Gigamon teams at a joint webinar, Illuminate Applications in VMware-based Clouds to Secure and Optimize, on June 30, 10 am PDT. Learn about NSX service insertion, Gigamon GigaVue, and the advantages and a demo of Gigamon next-generation network visibility solutions.

The post VMware NSX-T Service Insertion and Gigamon GigaVUE Continue reading

Introducing Regional Services

In a world where, increasingly, workloads shift to the cloud, it is often uncertain and unclear how data travels the Internet and in which countries data is processed. Today, Cloudflare is pleased to announce that we're giving our customers control. With Regional Services, we’re providing customers full control over exactly where their traffic is handled.

We operate a global network spanning more than 200 cities. Each data center runs servers with the exact same software stack. This has enabled Cloudflare to quickly and efficiently add capacity where needed. It also allows our engineers to ship features with ease: deploy once and it's available globally.

The same benefit applies to our customers: configure once and that change is applied everywhere in seconds, regardless of whether they’re changing security features, adding a DNS record or deploying a Cloudflare Worker containing code.

Having a homogenous network is great from a routing point of view: whenever a user performs an HTTP request, the closest datacenter is found due to Cloudflare's Anycast network. BGP looks at the hops that would need to be traversed to find the closest data center. This means that someone near the Canadian border (let's say North Dakota) could easily find Continue reading

DevAsc – Python Classes

Python classes are very useful when you need to create objects with the same characteristics. This is often referred to as Object Oriented Programming (OOP). Not having much of a programming background, I found classes to be a bit confusing, and I wasn’t fully understanding the use of __init__ and self. Thanks to the Twitter community, my friend Peter Palúch , and the videos of Cory Schafer, I know feel I have a better understanding, and wanted to share my findings, from a networking person’s perspective.

First, let’s look at why classes are needed in the first case. Let’s say that we want to keep track of our network devices. The attributes we are interested in are:

• Hostname
• Vendor
• Device type
• Model
• Loopback

We can of course create this information manually, without classes, like this:

daniel@devasc:~/DevAsc$ python3
Python 3.8.2 (default, Apr 27 2020, 15:53:34) 
[GCC 9.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> device1_hostname = "r1"
>>> device1_vendor = "Cisco"
>>> device1_type = "router"
>>> device1_model = "ISR4331"
>>> device1_loopback = "192.0.2.1"
>>> device2_hostname = "sw1"
>>> device2_vendor = "Cisco"
>>> device2_type = "switch"
>>> device2_model =  Continue reading

Summer Break 2020

Almost 30 webinars, an online course, and over 140 blog posts later it’s time for another summer break.

While we’ll do our best to reply to support and sales requests (it might take us a bit longer than usual), don’t expect anything deeply technical for the new two months… but of course you can still watch over 280 hours of existing content, listen to over 100 podcast episodes, or read over 3500 blog posts.

We’ll be back with tons of new content in early September.

In the meantime, automate everything, get away from work, turn off the Internet, and enjoy a few days in your favorite spot with your loved ones!

USB to Serial Console from MacOS

Troubleshooting KISS with bpftrace

This is the troubleshooting story about me finding out why some packets were getting dropped when running AX.25 over D-Star DV between a Kenwood TH-D74 and an Icom 9700.

Troubleshooting: “Trouble”, from the latin “turbidus” meaning “a disturbance”. “Shooting”, from American English meaning “to solve a problem”.

The end result is this post, and this is the troubleshooting story.

The setup: laptop->bluetooth->D74->rf->9700->usb->raspberry pi.

I’m downloading from the raspberry pi, with the laptop sending back ACKs. But one of the ACKs is not getting through.

axlisten -a clearly showed that the dropped packet was being sent from the laptop:

radio: fm M0XXX to 2E0XXX-9 ctl RR6-

But nothing received on the receiver side. I saw the D74 light up red to TX, and the 9700 light up green on RX, but then nothing. Error counters in ifconfig ax0 were counting up on the receiver side. So something is being sent over the air.

And it wasn’t the first packet. All the ones before it were fine. They were always fine. This packet was always dropped. It was always only that packet that caused it to stall. The window size was set to 2, so session establishment, RR0, RR2 Continue reading

Natural Ways to Support Brain Health

June is Alzheimer’s and Brain Awareness Month. And with 50 million people suffering from Alzheimer’s disease and other types of dementia worldwide, this sadly common brain health condition is one of the biggest health problems in the world today.

All About Alzheimer’s

Alzheimer’s is a degenerative brain disease. Although its cruel effects are not noticeable at first, doctors believe that brain degeneration begins around 20 years before symptoms first appear, possibly earlier. This means that although younger people may consider that Alzheimer’s only affects “old people” it is important to remember that this disease does not suddenly appear fully formed once you have hit senior age. Alzheimer’s can hit people in their early 50s in some cases, so what you do in your 20s and 30s will certainly have an impact on your long-term brain health.

Nobody fully understands the causes and risk factors for Alzheimer’s disease. There could be a genetic link to the condition, but growing evidence points towards dietary factors. Studies show that a diet rich in antioxidants, with plenty of fresh fruit and vegetables and oily fish – such as the Mediterranean diet does have a neuroprotective effect.

However with the average American diet which is Continue reading