0

Serverless in the wild: characterizing and optimising the serverless workload at a large cloud provider

0

Istio 1.5 Brings a Binary Installer, WASM-Based Extensibility for Envoy

The newest version of the open source version 1.5, comes with a fresh installer to simplify the deployment process, along with a new extension model, based on WebAssembly (WASM), to help proxy servers better filter traffic. The development team behind Istio mark the Envoy‘s, the data plane most frequently used with Istio. “WASM will give developers the ability to safely distribute and execute code in the Envoy proxy — to integrate with telemetry systems, policy systems, control routing and even transform the body of a message,” a web page Linkerd and HashiCorp’s istioctl configuration tool. Security has been enhanced through the support of Kyle Glenn on 

0

White Hat Hackers Fight COVID-19, Donate GPUs for a Cure

Security company Critical Start and its threat hunters are among the global contributors running...

Read More »

0

Daily Roundup: Cisco Patches SD-WAN Bugs

Cisco patched SD-WAN bugs; HashiCorp bagged $175 million on a $5 billion valuation; and Comcast...

Read More »

0

Using KinD with Docker Machine on macOS

I’ll admit right up front that this post is more “science experiment” than practical, everyday use case. It all started when I was trying some Cluster API-related stuff that leveraged KinD (Kubernetes in Docker). Obviously, given the name, KinD relies on Docker, and when running Docker on macOS you generally would use Docker Desktop. At the time, though, I was using Docker Machine, and as it turns out KinD doesn’t like Docker Machine. In this post, I’ll show you how to make KinD work with Docker Machine.

By the way, it’s worth noting that, per the KinD maintainers, this isn’t a tested configuration. Proceed at your own risk, and know that while this may work for some use cases it won’t necessarily work for all use cases.

Prerequisites/Assumptions

These instructions assume you’ve already installed both KinD and Docker Machine, along with an associated virtualization solution. I’ll be using VirtualBox, but this should be largely the same for VMware Fusion or Parallels (or even HyperKit, if you somehow manage to get that working). I’m also assuming that you have jq installed; if not, get it here.

Making KinD work with Docker Machine

Follow the steps below to make Continue reading

0

Cisco warns of five SD-WAN security weaknesses

Cisco has issued five  warnings about security weaknesses in its SD-WAN offerings, three of them on the high-end of the vulnerability scale.The worst problem is with the command-line interface (CLI) of its SD-WAN Solution software where a weakness could let a local attacker inject arbitrary commands that are executed with root privileges, Cisco wrote.To read this article in full, please click here

0

Storj Labs Tardigrade: Live for the Taking

"We can now confidently say that the network is resilient, performant, secure, and ready for broad...

Read More »

0

Introducing the Internet Society’s 2019 Impact Report

In these uncertain times we know the Internet is so much more than a tool. It’s a way for people to stay connected, informed, and educated. It shortens distances, spurs innovation, and fosters social and economic development. It empowers us and frees us.

It is a lifeline.

Yet, nearly 50% of the world still remains unconnected – and globally the Internet faces threats, each with the power to undermine the core of its existence. Now more than ever we must ensure the Internet remains open, globally connected, and secure.

The world is counting on it.

As we looked back at our work in 2019, an inspiring theme emerged: a global society driven by the idea that the Internet should be a resource for all, and persevering against odds to make this vision a reality. This society recognizes the Internet’s power as a way to stay in touch, to empower, to enable, and to create. Collectively, we are not just helping to bridge the digital divide, we are taking action to ensure the Internet remains resilient and trusted – a force for good.

Our 2019 Impact Report highlights the work of the Internet Society – our Chapters, Organization Members, individual members, Continue reading

0

MEF Awards First Round of SD-WAN Service Provider Certifications

The certification was unveiled in November, and aimed at helping enterprises select an SD-WAN...

Read More »

0

Cloud RAN on Pace to Surpass Traditional RAN by 2022

Traditional RAN site deployments have been dropping off since 2017 and will represent less than 15%...

Read More »

0

SFMIX San Francisco shelter in place

A shelter in place order restricted San Francisco residents to their homes beginning at 12:01 a.m. on March 17, 2020. Many residents work for Bay Area technology companies such as Salesforce, Facebook, Twitter, Google, Netflix and Apple. Employees from these companies are able to, and have been instructed to, work remotely from their homes. In addition, other housebound residents are making use of social networking to keep in touch with friends and family as well as streaming media and online gaming for entertainment.

The traffic trend chart above from the San Francisco Metropolitan Internet Exchange (SFMIX) shows the change in network traffic that has resulted from the shelter in place order. Peak traffic has increased by around 10Gbit/s (a 25% increase) and continues throughout the day (whereas peaks previously occurred in the evenings).

The SFMIX network directly connects a number of data centers in the Bay Area and the member organizations that peer from those data centers.  Peering through the exchange network keeps traffic local by directly connecting companies with their employees and customers and avoiding potentially congested service provider networks.
SFMIX recently finished a network upgrade to 100Gbit/s Arista switches and all fiber Continue reading

0

Cisco Patches 5 SD-WAN Vulnerabilities

All of these bugs require some form of authentication, which makes them more difficult to exploit....

Read More »

0

Using Cloudflare Gateway to Stay Productive (and turn off distractions) While Working Remotely

This week, like many of you reading this article, I am working from home. I don’t know about you, but I’ve found it hard to stay focused when the Internet is full of news related to the coronavirus.

CNN. Twitter. Fox News. It doesn’t matter where you look, everyone is vying for your attention. It’s totally riveting…

… and it’s really hard not to get distracted.

It got me annoyed enough that I decided to do something about it. Using Cloudflare’s new product, Cloudflare Gateway, I removed all the online distractions I normally get snared by — at least during working hours.

This blog post isn’t very long, but that’s a function of how easy it is to get Gateway up and running!

Getting Started

To get started, you’ll want to set up Gateway under your Cloudflare account. Head to the Cloudflare for Teams dashboard to set it up for free (if you don’t already have a Cloudflare account, hit the ‘Sign up’ button beneath the login form).

If you are using Gateway for the first time, the dashboard will take you through an onboarding experience:

The onboarding flow will help you set up your first location. A location is Continue reading

0

What is Healthy Risk Taking When it Comes to Your Career?

To move ahead in your career and achieve the goals you set for yourself at the start of your career is going to involve taking some risks. However, not every risk you take in your career is a wise and healthy risk that will lead to the rewards you are seeking. Before you take any risk in your career, you first need to define healthy risk taking behavior.

What is Healthy Risk Taking Behavior?

Healthy risk taking behavior can be defined as risk taking that is planned and calculated after weighing the pros and cons of taking that risk. You can also define healthy risk taking behavior as taking a risk to reach your career goals, knowing that taking that risk can lead to failure, but can also lead to great success.

Risk taking helps you to overcome your fear and take action in the pursuit of a higher goal. When engaging in healthy risk taking, there are some things you need to consider.

Possible Outcomes

What will be the possible outcomes of taking certain risks? For example, will changing from one company to another result in getting you a step closer to your career goals, or will the outcome Continue reading

0

IPv6 Buzz 047: End-User And Client Wireless IPv6

In this week's IPv6 Buzz episode, Ed and Tom discuss deploying end-user wireless IPv6 with Charlie Clemmer, a principal network engineer with HPE/Aruba and regular WLPC presenter. We talk about how to get started, key tools and utilities to help with deployment, and more.

0

IPv6 Buzz 047: End-User And Client Wireless IPv6

In this week's IPv6 Buzz episode, Ed and Tom discuss deploying end-user wireless IPv6 with Charlie Clemmer, a principal network engineer with HPE/Aruba and regular WLPC presenter. We talk about how to get started, key tools and utilities to help with deployment, and more.

The post IPv6 Buzz 047: End-User And Client Wireless IPv6 appeared first on Packet Pushers.

0

Keepalives considered harmful

This may sound like a weird title, but hear me out. You’d think keepalives would always be helpful, but turns out reality isn’t always what you expect it to be. It really helps if you read Why does one NGINX worker take all the load? first. This post is an adaptation of a rather old post on Cloudflare’s internal blog, so not all details are exactly as they are in production today but the lessons are still valid.

This is a story about how we were seeing some complaints about sporadic latency spikes, made some unconventional changes, and were able to slash the 99.9th latency percentile by 4x!

Request flow on Cloudflare edge

I'm going to focus only on two parts of our edge stack: FL and SSL.

• FL accepts plain HTTP connections and does the main request logic, including our WAF
• SSL terminates SSL and passes connections to FL over local Unix socket:

Here’s a diagram:

These days we route all traffic through SSL for simplicity, but in the grand scheme of things it’s not going to matter much.

Each of these processes is not itself a single process, but rather a master process and a collection of Continue reading

0

Managing the Complexity of Jinja2 Templates in Ansible

One of the first roadblocks you’ll hit in your “let’s master Ansible” journey will be a weird error deep inside a Jinja2 template. Can we manage that complexity somehow… or as one of the participants in our Building Network Automation Solutions online course asked:

Is there any recommendation/best practices on Jinja templates size and/or complexity, when is it time to split single template into function portions, what do you guys do? And what is better in terms of where to put logic - into jinja or playbooks

One of my friends described the challenge as “Debugging Ansible is one of the most terrible experiences one can endure…” and debugging Jinja2 errors within Ansible playbooks is even worse, but there are still a few things you can do.

0

Managing the Complexity of Jinja2 Templates in Ansible

One of the first roadblocks you’ll hit in your “let’s master Ansible” journey will be a weird error deep inside a Jinja2 template. Can we manage that complexity somehow… or as one of the participants in our Building Network Automation Solutions online course asked:

Is there any recommendation/best practices on Jinja templates size and/or complexity, when is it time to split single template into function portions, what do you guys do? And what is better in terms of where to put logic - into jinja or playbooks

One of my friends described the challenge as “Debugging Ansible is one of the most terrible experiences one can endure…” and debugging Jinja2 errors within Ansible playbooks is even worse, but there are still a few things you can do.

Read more ...

0

BGP security: an overview of the RPKI framework

The post BGP security: an overview of the RPKI framework appeared first on Noction.