Applications are ever evolving and so are the architecture patterns:
MONOLITH -> MICROSERVICES -> FUNCTIONS + FLOWS
Monoliths were easy. Route to them and send the returned packets back to their source.
Microservices (MS) sees a monolith or new application being reduced to smaller self-contained parts, which may talk east-west or north-south. It’s quite common to see a proxy deal with inbound connections and internal communication between components hidden from external interactions. Internal communication typically is either point-to-point (also could be through a load balancer/proxy) or via a message bus of some description.
Functions & Flows makes life even more interesting. We further break down the components of microservices to individual functions that deliver pages, computation and web application components etc. More flow information exists on the whole and the number of points involved in an interaction with an application increase with every de-aggregated component deployed.
For brevity, I’m going to call Functions & Flows, F2. I’ve never seen it shortened to this, so if you see it elsewhere, let me know!
To add to this, MS and F2 components may reside on different infrastructure, separated by the internet and differing policies. Thus, deduced, different IP underlying capabilities.
OpenFlow (OF) adoption failed due to scalability of forwarding tables on ASICS, not so great controllers, lack of applications and a non-existent community. OpenFlow however is still useful today for overriding forwarding decision making on a hop-by-hop basis and handling exceptions from what would otherwise be a normal steady state forwarding decision. Exceptions like bypassing limited throughput devices like DPI nodes for large known file transfers are a classic use case. We don’t care beyond simple authentication (maybe) who the client is, so take our file and don’t consume resources doing it.
OpenFlow presents flow state to an ASIC, state that can be granular. If we use it for forwarding equivalency classes (FECs) then it’s no different to normal routing and frame forwarding. That wasn’t the goal and thus, it added to the list of failure reasons. A controller programs flows via an OpenFlow interface on a network element, flows which could time out automatically or be long-lived, requiring the controller to remove them. Also, flows can be programmed proactively from a network design, or reactively from the controller receiving a header packet and deciding what to do with it. Vendors naturally added to Continue reading
This is part one of a series of posts on Application Composition within Network Service Meshes, otherwise known as Service Function Chaining, but at L7 ad not L3/L4.
In Network Service Meshes (NSM), it is a complex affair steering L7 requests and responses through the correct network of components. The current approach at the time of writing (November 27th 2019) is to accept requests on a proxy entity and couple that proxy to an application component through a data-plane. Ideally the model works in both private on-premises and cloud deployment models.
For the sake of building a mental image, this is a graph network that has both control-plane and data-plane attributes on nodes and vertexes.
In IP networking, IP packets are routed to their destination and return to their source, based on their destination IP header field and when policy requires it, we can use other fields like source IP, protocol and port numbers etc. In large networks (like the internet), it’s the destination field in the IP header. In both IPv4 and IPv6 there exists a means to steer packets through a network based on additional fields being present at the point of ingress to a network edge and Continue reading
These are productivity and work apps that I use personally and recommend to people.
The post Software I Use – Black Friday 2019 appeared first on EtherealMind.
The 4th Summit on Community Networks in Africa took place in Dodoma, Tanzania from 28 October to 2 November 2019 in partnership with the Association for Progressive Communications (APC) and hosted by the University of Dodoma. The format consisted of two days of valuable training sessions on defining the community network (CN) movement in Africa, the importance of exclusivity and communications in building CNs, and strategies for sustainability cooperative models among others. The next two days were dedicated to plenary sessions, which focused on discussions to promote the creation and growth of community networks, increase collaboration between CN operators in the region, and improve their business skills. The Summit concluded with a two-day site visit to the Kondoa Community Network for more hands-on technical learning and sharing of best practices.
This year, the Summit received 134 participants from 18 countries globally: Argentina, Cameroon, Canada, Democratic Republic of the Congo, France, Germany, Ethiopia, Kenya, Liberia, Malawi, Namibia, Nigeria, South Africa, Spain, Tanzania, Uganda, the U.K., and the U.S. Of these 36 participants were women and 77 participants were from Tanzania. The participation of women was notable – and important in addressing gender gaps related to access in particular.
Community Networks provide Continue reading
People like to see horses, but people want to see a unicorn.
With more than 2,800 branch deployments in North America alone, our guest Snehal Patel is running one of the largest SD-WAN deployments on the globe. He stops by the Heavy Networking podcast to share his experiences, both good and bad, on deployment and operations, management, training, security, working with carriers, and more. Snehal is a global network architect for a brand-name retailer.
The post Heavy Networking 490: Lessons Learned From A Large SD-WAN Deployment appeared first on Packet Pushers.
The second blog post in the series on HTML rewriters picks up the story in 2017 after the launch of the Cloudflare edge compute platform Cloudflare Workers. It became clear that the developers using workers wanted the same HTML rewriting capabilities that we used internally, but accessible via a JavaScript API.
This blog post describes the building of a streaming HTML rewriter/parser with a CSS-selector based API in Rust. It is used as the back-end for the Cloudflare Workers HTMLRewriter. We have open-sourced the library (LOL HTML) as it can also be used as a stand-alone HTML rewriting/parsing library.
The major change compared to LazyHTML, the previous rewriter, is the dual-parser architecture required to overcome the additional performance overhead of wrapping/unwrapping each token when propagating tokens to the workers runtime. The remainder of the post describes a CSS selector matching engine inspired by a Virtual Machine approach to regular expression matching.
In 2017, Cloudflare introduced an edge compute platform - Cloudflare Workers. It was no surprise that customers quickly required the same HTML rewriting capabilities that we were using internally. Our team was impressed with the platform Continue reading
No, we were not talking about IP fabrics in general - IP Fabric is a network management software (oops, network assurance platform) Gian Paolo discovered a while ago and thoroughly tested in the meantime.
He was kind enough to share what he found in Episode 107 of Software Gone Wild, and as Chris Young succinctly summarized: “it’s really sad what we still get excited about something 30 years after it was first promised”… but maybe this time it really works ;)
Vote of Confidence: Voting is open for Chapterthon 2019, the global Internet Society Chapters marathon, where Chapters can develop projects within a timeline and budget to achieve a common goal for the development of the Internet. This year’s theme is Connecting the Unconnected. Twenty-eight Chapters – from Argentina to Zimbabwe – have submitted projects.
Keep the connections: The Venezuela Chapter is among several groups calling for large technology companies to maintain the availability of their services to Venezuelans. While an executive order from U.S. President Donald Trump seeks to block support for the government of Nicolás Maduro, the order does not ban the Internet and other technology services from serving the nation, the chapter notes. Access to the Internet and online services is “critical” because it brings access to independent news and allows citizens to express their opinions, the chapter said.
Trading chips: The Washington, D.C., Chapter recently hosted a conference on digital trade, including the impact of some nations’ policies that require data to be stored locally. “Data has become the most traded good and/or service across borders,” the Chapter said. “Meanwhile, many countries have adopted policies that inhibit digital trade, including requirements that Continue reading
From the virtually limitless supply of IPv6 addressing to good vendor support to IPv6-only efforts and beyond, Ed, Scott, and Tom discuss what they’re most thankful for when it comes to IPv6 in this holiday episode of IPv6 Buzz.
The post IPv6 Buzz 040: What We’re Thankful For With IPv6 appeared first on Packet Pushers.
SD-WAN has reached an inflection point as enterprises — driven by cost savings, equipment...
The registration is still open for the Using VXLAN to Build Active-Active Data Centers workshop on December 3rd, but if you can’t make it to Zurich you might enjoy these live sessions we’ll run in December 2019:
All webinars I mentioned above are accessible with Standard ipSpace.net Subscription, and you’ll need Expert Subscription to enjoy the automation course contents.
To coincide with the launch of streaming HTML rewriting functionality for Cloudflare Workers we are open sourcing the Rust HTML rewriter (LOL HTML) used to back the Workers HTMLRewriter API. We also thought it was about time to review the history of HTML rewriting at Cloudflare.
The first blog post will explain the basics of a streaming HTML rewriter and our particular requirements. We start around 8 years ago by describing the group of ‘ad-hoc’ parsers that were created with specific functionality such as to rewrite e-mail addresses or minify HTML. By 2016 the state machine defined in the HTML5 specification could be used to build a single spec-compliant HTML pluggable rewriter, to replace the existing collection of parsers. The source code for this rewriter is now public and available here: https://github.com/cloudflare/lazyhtml.
The second blog post will describe the next iteration of rewriter. With the launch of the edge compute platform Cloudflare Workers we came to realise that developers wanted the same HTML rewriting capabilities with a JavaScript API. The post describes the thoughts behind a low latency streaming HTML rewriter with a CSS-selector based API. We open-sourced the Rust library as it can also be used Continue reading
We are excited to announce that the HTMLRewriter API for Cloudflare Workers is now GA! You can get started today by checking out our documentation, or trying out our tutorial for localizing your site with the HTMLRewriter.
Want to know how it works under the hood? We are excited to tell you everything you wanted to know but were afraid to ask, about building a streaming HTML parser on the edge; read about it in part 1 (and stay tuned for part two coming tomorrow!).
The HTMLRewriter can help solve two big problems web developers face today: making changes to the HTML, when they are hard to make at the server level, and making it possible for HTML to live on the edge, closer to the user — without sacrificing dynamic functionality.
Since the introduction of Workers, Workers have helped customers regain control where control either wasn’t provided, or very hard to obtain at the origin level. Just like Workers can help you set CORS headers at the middleware layer, between your users and the origin, the HTMLRewriter can assist with things like URL rewrites (see the example below!).
Back Continue reading
CXL has big beneficial implications for a wide range of industries, including high-performance...
Hugely useful tool because Time Machine runs way too often on my machine.
The post OS X: TimeMachineEditor App (Free) appeared first on EtherealMind.
The technology is still, at least partially, theoretical because it remains under development and...