QFX Upgrades – Check Host Version

I came across a situation where a software upgrade failed for some members in a Juniper QFX Virtual Chassis. There is a known issue with upgrades with a certain configuration + version combination, but I thought it didn’t apply to me. Turns out that the key was the host OS version, not the Junos VM version. Your host and guest versions can be out of sync with Juniper QFX 5K devices, and this can lead to confusing behavior, especially in a virtual chassis where host OS versions might vary.

Upgrade Failures - post-install error

When upgrading an old Juniper QFX5100, you might see these messages when running the upgrade:

1
2
Error: jinstall-vjunos fails post-install
Error: jinstall-vjunos-14.1X53-D34-domestic-signed fails post-install

In my case, I saw it for some nodes in a Virtual Chassis. Some worked, some failed. KB31923 says that this error is due to this configuration:

1
2
3
# show system internet-options
tcp-drop-synfin-set;
no-tcp-reset drop-tcp-with-syn-only;

Easy enough to change:

1
2
3
4
5
6
7
8
9
10
# delete system internet-options
{master:0}[edit]
root# show |compare
[edit system]
  internet-options {
      tcp-drop-synfin-set;
     no-tcp-reset drop-tcp-with-syn-only;
 
{master:0}[edit]
root# commit

Continue reading

QFX Upgrades – Check Host Version

I came across a situation where a software upgrade failed for some members in a Juniper QFX Virtual Chassis. There is a known issue with upgrades with a certain configuration + version combination, but I thought it didn’t apply to me. Turns out that the key was the host OS version, not the Junos VM version. Your host and guest versions can be out of sync with Juniper QFX 5K devices, and this can lead to confusing behavior, especially in a virtual chassis where host OS versions might vary.

Upgrade Failures - post-install error

When upgrading an old Juniper QFX5100, you might see these messages when running the upgrade:

1
2
Error: jinstall-vjunos fails post-install
Error: jinstall-vjunos-14.1X53-D34-domestic-signed fails post-install

In my case, I saw it for some nodes in a Virtual Chassis. Some worked, some failed. KB31923 says that this error is due to this configuration:

1
2
3
# show system internet-options
tcp-drop-synfin-set;
no-tcp-reset drop-tcp-with-syn-only;

Easy enough to change:

1
2
3
4
5
6
7
8
9
10
# delete system internet-options
{master:0}[edit]
root# show |compare
[edit system]
  internet-options {
      tcp-drop-synfin-set;
     no-tcp-reset drop-tcp-with-syn-only;
 
{master:0}[edit]
root# commit

Continue reading

Worth Reading: Seven Deadly Sins of Predicting the Future of AI

The next time the sales system engineer working for your beloved $vendor drops by with a glitzy unicorn-based slide deck full of AI/ML goodies, read this article to get a slightly better understanding of where we are... from the perspective of someone who has actual experience doing that stuff.

Akraino Edge Stack Gains NFV, Mixed Reality Blueprints

Daily Roundup: DigitalOcean Drowns Jobs

Heavy Networking 498: Creating A Single Source Of Truth For Network Automation

For network automation you need a single source of truth that’s programmatically accessible, reflects intended state, and enables others to stand up infrastructure correctly without you getting in the middle of every provisioning request. Tim Schreyack joins us today to discuss network automation approaches using Ansible and Python, and of course, a single source of truth.

The post Heavy Networking 498: Creating A Single Source Of Truth For Network Automation appeared first on Packet Pushers.

Pacific Report to the Dynamic Coalition of Small Island Developing States in the Internet Economy

2019 was an active year for Pacific involvement in the Internet economy. What we have demonstrated is that originating from small island developing states (SIDS) in the Pacific does not restrict one’s opportunity to become a leader within large international organizations like ICANN, which manages and allocates domain names and IP addresses globally.

I was very honored that my colleagues from the ICANN At-Large Advisory Committee (ALAC) elected me to be their Chair for 2019, and again for the upcoming year. It has enabled me to use my organizational management skills which I did by distance learning from Rarotonga through Massey University in New Zealand.

My Cook Islands colleague, Pua Hunter, was also elected at the recent ICANN meeting as regional co-chair for the Government Advisory Committee (GAC). She is already the chair of GAC’s Underserved Regions Committee. Such leadership roles have also been achieved by others from SIDS in other Internet-related organizations, which goes to show that being from small islands does not mean that we will go unnoticed if we are prepared to be active in our commitment to improving our regions.

The Pacific Islands Chapter of the Internet Society (PICISOC) received a boost at the elections last Continue reading

IBM Secures $1.1B Contract With Banco Sabadell

Verizon Expands 4G LTE Small Cell Navy Base Footprint

Capturing Logs in Docker Desktop

Docker Desktop runs a Virtual Machine to host Docker containers. Each component within the VM (including the Docker engine itself) runs as a separate isolated container. This extra layer of isolation introduces an interesting new problem: how do we capture all the logs so we can include them in Docker Desktop diagnostic reports? If we do nothing then the logs will be written separately into each individual container which obviously isn’t very useful!

The Docker Desktop VM boots from an ISO which is built using LinuxKit from a list of Docker images together with a list of capabilities and bind mounts. For a minimal example of a LinuxKit VM definition, see https://github.com/linuxkit/linuxkit/blob/master/examples/minimal.yml — more examples and documentation are available in the LinuxKit repository. The LinuxKit VM in Docker Desktop boots in two phases: in the first phase, the init process executes a series of one-shot “on-boot” actions sequentially using runc to isolate them in containers. These actions typically format disks, enable swap, configure sysctl settings and network interfaces. The second phase contains “services” which are started concurrently and run forever as containerd tasks.

The following diagram shows a simplified high-level view of the boot process:

By default Continue reading

Oracle Fixes 334 Bugs in Record-Breaking Critical Patch Update

DigitalOcean Slashes Jobs as Part of Restructure

Technology Short Take 123

Welcome to Technology Short Take #123, the first of 2020! I hope that everyone had a wonderful holiday season, but now it’s time to jump back into the fray with a collection of technical articles from around the Internet. Here’s hoping that I found something useful for you!

Networking

• Eric Sloof mentions the NSX-T load balancing encyclopedia (found here), which intends to be an authoritative resource to NSX-T load balancing configuration and management.
• David Gee has an interesting set of articles exploring service function chaining in service mesh environments (part 1, part 2, part 3, and part 4).

Servers/Hardware

• Frank Denneman has a nice article aimed at helping readers understand PCIe device to NUMA Node Locality.
• Guiliano Bertello introduces PowerVCF, a PowerCLI module aimed at interacting with the SDDC Manager and VMware Cloud Foundation (VCF) stack. (If you’re not familiar with VCF, see here.)
• This is pricey, but I can’t say I don’t want one.
• James Hamilton is back with a post on the AWS Graviton2 ARM processors.

Security

• On January 13, Brian Krebs discussed the critical flaw (a vulnerability in crypt32.dll, a core Windows cryptographic component) that was rumored Continue reading

JetBrains Mono: A free and open source typeface for developers

Looks Lush.

The post JetBrains Mono: A free and open source typeface for developers appeared first on EtherealMind.

Weekly Wrap: Nokia Cuts 180 Jobs With More to Come

Video: Fallacies of Distributed Computing

What better way to start How Networks Really Work webinar than with fallacies of distributed computing… and that’s exactly what I did in late August 2019.

Synthesizing data structure transformations from input-output examples

Synthesizing data structure transformations from input-output examples, Feser et al., PLDI’15

The Programmatically Interpretable Reinforcement Learning paper that we looked at last time out contained this passing comment coupled with a link to today’s paper choice:

It is known from prior work that such [functional] languages offer natural advantages in program synthesis.

That certainly caught my interest. The context for the quote is synthesis of programs by machines, but when I’m programming, I’m also engaged in the activity of program synthesis! So a work that shows functional languages have an advantage for programmatic synthesis might also contain the basis for an argument for natural advantages to the functional style of programming. I didn’t find that here. We can however say that this paper shows “functional languages are well suited to program synthesis.”

Never mind, because the ideas in the paper are still very connected to a question I’m fascinated by at the moment: “how will we be developing software systems over this coming decade?”. There are some major themes to be grappled with: system complexity, the consequences of increasing automation and societal integration, privacy, ethics, security, trust (especially in supply chains), interpretability vs black box models, Continue reading

How to back up Kubernetes and Docker

Yes, your container infrastructure needs some type of backup.  Kubernetes and Docker will not magically build themselves after a disaster. As discussed in a separate article, you don’t need to back up the running state of each container, but you will need to back up the configuration used to run and manage your containers.Here’s a quick reminder of what you’ll need to back up.[Get regularly scheduled insights by signing up for Network World newsletters.] Configuration and desired-state information The Dockerfiles used to build your images and all versions of those files The images created from the Dockerfile and used to run each container Kubernetes etcd & other - K8s databases that info on cluster state Deployments - YAML files describing each deployment Persistent data created or changed by containers Persistent volumes Databases Dockerfiles Docker containers are run from images, and images are built from Dockerfiles. A proper Docker configuration would first use some kind of repository such as GitHub as a version-control system for all Dockerfiles. Do not create ad hoc containers using ad hoc images built from ad hoc Dockerfiles. All Dockerfiles should be stored in a repository that allows you to pull historical Continue reading

Cache Is King

The gap between the performance of processors, broadly defined, and the performance of DRAM main memory, also broadly defined, has been an issue for at least three decades when the gap really started to open up. …

Cache Is King was written by Timothy Prickett Morgan at The Next Platform.

McAfee Hires New CEO, Mulls Sale or IPO