Can We Trust Server DSCP Marking?
A reader of my blog sent me this question:
Do you think we can trust DSCP marking on servers (whether on DC or elsewhere - Windows or Linux )?
As they say “not as far as you can throw them”.
Does that mean that the network should do application recognition and marking on the ingress network node? Absolutely not, although the switch- and router vendors adore the idea of solving all problems on their boxes.
AWS CLI Installation and Setup
In this post I will show you how to get the AWS CLI install and setup so that you can interact with AWS service via the CLI on your local machine. Installation At the time of writing there are two version of the AWS CLI. It is recommended to install version 2 of the software as all the...AWS CLI Installation and Setup
Getting the AWS CLI installed and setup.Using Existing AWS Security Groups with Cluster API
I’ve written before about how to use existing AWS infrastructure with Cluster API (CAPI), and I was recently able to help update the upstream documentation on this topic (the upstream documentation should now be considered the authoritative source). These instructions are perfect for placing a Kubernetes cluster into an existing VPC and associated subnets, but there’s one scenario that they don’t yet address: what if you need your CAPI workload cluster to be able to communicate with other EC2 instances or other AWS services in the same VPC? In this post, I’ll show you the CAPI functionality that makes this possible.
One of the primary mechanisms used in AWS to control communications among instances and services is the security group. I won’t go into any detail on security groups, but this page from AWS provides an explanation and overview of how security groups work.
In order to make a CAPI workload cluster able to communicate with other EC2 instances or other AWS services, you’ll need to somehow use security groups to make that happen. There are at least two—possibly more—ways to accomplish this:
- You could add other instances or services to the CAPI-created security groups. The Cluster API Provider Continue reading
Daily Roundup: IBM Container Apps Hide Behind Fortanix
IBM and Fortanix doubled down on confidential computing; Google Anthos built a bridge to AWS; and...
Kernel of Truth season 3 episode 5: Routing protocols in the datacenter fabric
Subscribe to Kernel of Truth on iTunes, Google Play, Spotify, Cast Box and Sticher!
Click here for our previous episode.
Hosts Roopa Prabhu and Pete Lumbis are joined by a special guest to the podcast, Russ White! The group come together virtually to discuss what we should think about when it comes to routing protocols in the datcenter. What are the tradeoffs when using traditional protocols like OSPF or BGP? What about new protocols like RIFT or a hybrid approach with things like BGP-link state? Spoiler alert: it depends.
Guest Bios
Roopa Prabhu: Roopa Prabhu is Chief Linux Architect at Cumulus Networks. At Cumulus she and her team work on all things kernel networking and Linux system infrastructure areas. Her primary focus areas in the Linux kernel are Linux bridge, Netlink, VxLAN, Lightweight tunnels. She is currently focused on building Linux kernel dataplane for E-VPN. She loves working at Cumulus and with the Linux kernel networking and debian communities. Her past experience includes Linux clusters, ethernet drivers and Linux KVM virtualization platforms. She has a BS and MS in Computer Science. You can find her on Twitter at @__roopa.
Pete Lumbis: Pete, CCIE R&S #28677 and CCDE 2012::3, is Continue reading
Ericsson Weathers Pandemic With ‘Limited Impact’
Ericsson closed Q1 with 86 commercial 5G contracts and 29 live 5G networks. It activated an...
Drilling Down Into The SiPearl European Arm Server Chip
The European Union has made it clear that it wants to be able to stand on its own two feet in the design of server processors, for both general purpose uses and for exascale-class supercomputers. …
Drilling Down Into The SiPearl European Arm Server Chip was written by Timothy Prickett Morgan at The Next Platform.
NetApp Introduces Project Astra for Kubernetes Portability
Project Astra offers a normalized application data management approach that results in the...
AT&T Boasts Confidence Amid Chaos
“AT&T’s been through a lot of other crises before and each time you’ve seen us emerge in...
Aqua Attacks Container Image-Based Malware in Sandbox
Dynamic Threat Analysis protects containerized applications from image-based malware by...
Using Docker Desktop and Docker Hub Together – Part 1
Introduction
In today’s fast-paced development world CTOs, dev managers and product managers demand quicker turnarounds for features and defect fixes. “No problem, boss,” you say. “We’ll just use containers.” And you would be right but once you start digging in and looking at ways to get started with containers, well quite frankly, it’s complex.
One of the biggest challenges is getting a toolset installed and setup where you can build images, run containers and duplicate a production kubernetes cluster locally. And then shipping containers to the Cloud, well, that’s a whole ‘nother story.
Docker Desktop and Docker Hub are two of the foundational toolsets to get your images built and shipped to the cloud. In this two-part series, we’ll get Docker Desktop set up and installed, build some images and run them using Docker Compose. Then we’ll take a look at how we can ship those images to the cloud, set up automated builds, and deploy our code into production using Docker Hub.
Docker Desktop
Docker Desktop is the easiest way to get started with containers on your development machine. The Docker Desktop comes with the Docker Engine, Docker CLI, Docker Compose and Kubernetes. With Docker Desktop there Continue reading
Bufferbloat in Action due to Covid-19
Four people now live and work in my home 24×7; my wife Andi, her mother, my daughter and myself. Many of you now live in similar situations.
Very occasionally, everyone will have network trouble, such as occurred to us this morning. Sometimes it is our “last mile” connection: it is easy to see these failures in our cable modem log. (Often available by looking at the address 192.168.100.1, which seems to be the default address for cable modems.). Occasionally it can be the ISP (in our case, Comcast), either due to some routing failure or DNS failure. These can be harder to diagnose.
Bufferbloat, however, is insidious. It comes and goes, and most users have been “trained” to ignore temporary bad behavior over many years. When you go to diagnose it, you usually stop the operation that is causing it. This blog has recorded our efforts to fix bufferbloat. Now that there are many more people at home at the same time trying to do more demanding applications, this problem is much more common. Other people in your home can inflict the bufferbloat problem on you without you or they understanding what is happening.
Yesterday afternoon Continue reading
Day Two Cloud 045: Tackling Multi-Cloud Challenges With An Actual Multi-Cloud Consumer
We get the architectural nitty-gritty on a multi-cloud migration to Azure and Oracle Cloud on today's Day Two Cloud podcast. Guest Snehal Patel, Network and Cloud Architect for a large corporation, walks us through design and migration details as his company moves applications into two different public clouds.Day Two Cloud 045: Tackling Multi-Cloud Challenges With An Actual Multi-Cloud Consumer
We get the architectural nitty-gritty on a multi-cloud migration to Azure and Oracle Cloud on today's Day Two Cloud podcast. Guest Snehal Patel, Network and Cloud Architect for a large corporation, walks us through design and migration details as his company moves applications into two different public clouds.
The post Day Two Cloud 045: Tackling Multi-Cloud Challenges With An Actual Multi-Cloud Consumer appeared first on Packet Pushers.
How does the IETF work? – John Scudder, Distinguished Engineer @ Juniper Networks
In this episode we discuss with John Scudder how to drive an idea to a standard via the standards organisation IETF.
John is a IETF veteran and tells us all about workgroups, chairs, drafts and RFCs.
Listen below, in your favourite podcast app or subscribe on the homepage!
