Keepalives considered harmful

Keepalives considered harmful

This may sound like a weird title, but hear me out. You’d think keepalives would always be helpful, but turns out reality isn’t always what you expect it to be. It really helps if you read Why does one NGINX worker take all the load? first. This post is an adaptation of a rather old post on Cloudflare’s internal blog, so not all details are exactly as they are in production today but the lessons are still valid.

This is a story about how we were seeing some complaints about sporadic latency spikes, made some unconventional changes, and were able to slash the 99.9th latency percentile by 4x!

Request flow on Cloudflare edge

I'm going to focus only on two parts of our edge stack: FL and SSL.

  • FL accepts plain HTTP connections and does the main request logic, including our WAF
  • SSL terminates SSL and passes connections to FL over local Unix socket:

Here’s a diagram:

Keepalives considered harmful

These days we route all traffic through SSL for simplicity, but in the grand scheme of things it’s not going to matter much.

Each of these processes is not itself a single process, but rather a master process and a collection of Continue reading

Managing the Complexity of Jinja2 Templates in Ansible

One of the first roadblocks you’ll hit in your “let’s master Ansible” journey will be a weird error deep inside a Jinja2 template. Can we manage that complexity somehow… or as one of the participants in our Building Network Automation Solutions online course asked:

Is there any recommendation/best practices on Jinja templates size and/or complexity, when is it time to split single template into function portions, what do you guys do? And what is better in terms of where to put logic - into jinja or playbooks

One of my friends described the challenge as “Debugging Ansible is one of the most terrible experiences one can endure…” and debugging Jinja2 errors within Ansible playbooks is even worse, but there are still a few things you can do.

Managing the Complexity of Jinja2 Templates in Ansible

One of the first roadblocks you’ll hit in your “let’s master Ansible” journey will be a weird error deep inside a Jinja2 template. Can we manage that complexity somehow… or as one of the participants in our Building Network Automation Solutions online course asked:

Is there any recommendation/best practices on Jinja templates size and/or complexity, when is it time to split single template into function portions, what do you guys do? And what is better in terms of where to put logic - into jinja or playbooks

One of my friends described the challenge as “Debugging Ansible is one of the most terrible experiences one can endure…” and debugging Jinja2 errors within Ansible playbooks is even worse, but there are still a few things you can do.

Read more ...

N95 Mask Sterilization Idea

SARS-CoV-2_without_background2This is an urgent call for expert help to quickly test a possible method to sterilize used N95 masks.  

In many places, hospital staff, first responders and others are at grave risk due to inadequate supplies of N95 masks. Already, some hospitals even in the U.S. report running out of N95 masks and face reusing possibly contaminated masks. My local fire department has about 20 N95 masks total available, as they face transporting patients to the hospital. People are faced with reusing masks without sterilization. I offer an idea that might alleviate the critical shortage. I have run this idea past my pulmonary care doctor of many years who believes that the idea may be viable, but everyone on the front lines of the epidemic are already working flat out.

I sent the letter below to Dr. Anthony Fauci that sets the context.

People with the right expertise are needed to vet the idea and ensure that it is safe and effective as quickly as possible.

Anthony S. Fauci, M.D., NIAID Director
NIAID Director
National Institutes of Health

Dear Dr. Fauci,

N95 masks are in critically short supply. Sterilization of disposable masks N95 could be a Continue reading

COVID-19 best practices for data-center operators

Data-center operators are trained to anticipate upheaval due to fires, floods, power outages and other catastrophic events. The novel coronavirus, however, is sending people in charge of mission-critical facilities into uncharted territory."Data centers and IT teams are typically very good at planning. We plan for normal operations, we plan for the future, we plan for abnormal events ... [but] very few people have planned for the type of pandemic that we're facing now," said Fred Dickerman, senior vice president for management services at Uptime Institute. READ MORE: Coronavirus challenges remote networkingTo read this article in full, please click here

Kernel of Truth season 3 episode 3: Linux networking with eBPF

Subscribe to Kernel of Truth on iTunes, Google Play, SpotifyCast Box and Sticher!

Click here for our previous episode.

This podcast is all about Linux and to talk about it, we have two of the top Linux kernel experts. Kernel of Truth host Roopa Prabhu is one and chats with our special guest David Ahern about eBPF. If you haven’t heard of eBPF, it’s the hottest Linux kernel technology bringing programmability and acceleration to many Linux subsystems. In this podcast we focus on eBPF’s impact on networking and the million possibilities it brings to the table.

Guest Bios

Roopa Prabhu: Roopa Prabhu is Chief Linux Architect at Cumulus Networks. At Cumulus she and her team work on all things kernel networking and Linux system infrastructure areas. Her primary focus areas in the Linux kernel are Linux bridge, Netlink, VxLAN, Lightweight tunnels. She is currently focused on building Linux kernel dataplane for E-VPN. She loves working at Cumulus and with the Linux kernel networking and debian communities. Her past experience includes Linux clusters, ethernet drivers and Linux KVM virtualization platforms. She has a BS and MS in Computer Science. You can find her on Twitter at @__roopa.

Continue reading

HashiCorp Scores $175M Funding Round, $5B Valuation

The company has posted a 100% year-over-year increase in revenue during the past four years, and...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Electronics should sweat to cool down, say researchers

Computing devices should sweat when they get too hot, say scientists at Shanghai Jiao Tong University in China, where they have developed a materials application they claim will cool down devices more efficiently and in smaller form-factors than existing fans.It’s “a coating for electronics that releases water vapor to dissipate heat from running devices,” the team explain in a news release. “Mammals sweat to regulate body temperature,” so should electronics, they believe.[Get regularly scheduled insights by signing up for Network World newsletters.] The group’s focus has been on studying porous materials that can absorb moisture from the environment and then release water vapor when warmed. MIL-101(Cr) checks the boxes, they say. The material is a metal organic framework, or MOF, which is a sorbent, a material that stores large amounts of water. The higher the water capacity one has, the greater the dissipation of heat when it's warmed.To read this article in full, please click here

Daily Roundup: COVID-19 Postpones Google Cloud Next

COVID-19 postponed Google Cloud Next; SoftIron placed its bets on SONiC; and Telefónica tapped...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

DoCoMo 5G Service Gets Launch Date

The carrier's network will have 500 base stations covering around 150 “locations” around the...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Telefónica Wades Into Open RAN Across Global Footprint

Open RAN is gaining momentum around the world and it’s being driven further by recently increased...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Nutanix Scales Out on Objects Update

Nutanix updated its object storage platform to bring “simplicity” and “performance” to big...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Juniper, Cox Pump $216M Into StackPath Coffers

In addition to leading the Series B, Juniper and Cox are also StackPath customers although they use...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

SoftIron Bets on SONiC With Hyperscale Switches

"Networking is the most neglected integrated thing that exists in IT right now," says SoftIron CEO...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Day Two Cloud 040: Building And Operating A Private Cloud

Today's Day Two Cloud delves into how and why to build a private cloud that functions as well as a public cloud. We examine the design and operational challenges of assembling and running cloud infrastructure on premises. Our guest is Bryan Sullins, Senior Systems Engineer for a large retailer.

The post Day Two Cloud 040: Building And Operating A Private Cloud appeared first on Packet Pushers.

1 1,019 1,020 1,021 1,022 1,023 3,860