Imagine you would have a system that would read network device configurations, figure out how those devices might be connected, reverse-engineer the network topology, and be able to answer questions like “what would happen if this link fails” or “do I have fully-redundant network” or even “how will this configuration change impact my network”. Welcome to Batfish.
Interested? You’ll find more in Episode 104 of Software Gone Wild.
DDSketch: a fast and fully-mergeable quantile sketch with relative-error guarantees Masson et al., VLDB’19
Datadog handles a ton of metrics – some customers have endpoints generating over 10M points per second! For response times (latencies) reporting a simple metric such as ‘average’ is next to useless. Instead we want to understand what’s happening at different latency percentiles (e.g p99).
The ability to compute quantiles over aggregated metrics has been recognized to be an essential feature of any monitoring system… Given how expensive calculating exact quantiles can be for both storage and network bandwidth, most monitoring system will compress the data into sketches and compute approximate quantiles.
Fortunately there are plenty of quantile sketching algorithms available including the GK-sketch, the t-digest, the HDR histogram, and the Moments sketch that we looked at last year. For reasons we’ll see shortly though, none of those were good enough for Datadog, so they developed their own sketching data structure, DDSketch. Officially in the paper DDSketch stands for ‘Distributed Distribution Sketch’ but that seems a bit of a stretch… surely it’s the ‘Datadog Sketch’ ! A glance at the code repository for the Python implementation confirms my suspicion: there are several references to Continue reading
Several factors led to a softening switch market in China during the quarter, not least of which...
One of Docker’s core missions is delivering choice and flexibility across different application languages and frameworks, operating systems, and infrastructure. When it comes to modern applications, the choice of infrastructure is not just whether the application is run on-premises, on virtual machines or bare metal, or in the cloud. It can also be a choice of which architecture – x86, Arm, or GPU.
Today, we’re happy to share some updates in Docker Hub that make it easier to access multi-architecture images and scanning results through the Tag UX.
In this example, we’re looking at a listing for a Docker Official Image that supports x86, PowerPC and IBMz as listed in the labels. When you land on the image page on Docker Hub, you can quickly identify if an image supports multiple architectures in the labels underneath the image name. For further details, you can click on ‘Tags’:
In this section, you can now view the different architectures separately to easily identify the right image for the architecture you need, complete with image size and operating system information:
If you click on the digest for a particular architecture, you will now also be able to Continue reading
Its namesake cloud data integration platform aims to address variables that come with ingesting and...
AquaSec’s Daniel Sagi recently authored a blog post about DNS spoofing in Kubernetes. TLDR is that if you use default networking in Kubernetes you might be vulnerable to ARP spoofing which can allow pods to spoof (impersonate) the IP addresses of other pods. Since so much traffic is dialed via domain names rather than IPs, spoofing DNS can allow you to redirect lots of traffic inside the cluster for nefarious purposes.
So this is bad, right? Fortunately, Calico already prevents ARP spoofing out of the box. Furthermore, Calico’s design prevents other classes of spoofing attacks. In this post we’ll discuss how Calico keeps you safe from IP address spoofing, and how to go above and beyond for extra security.
ARP spoofing is an attack that allows a malicious pod or network endpoint to receive IP traffic that isn’t meant for it. Sagi’s post already describes this well, so I won’t repeat the details here. An important thing to note, however, is that ARP spoofing only works if the malicious entity and the target share the same layer 2 segment (e.g. have direct Ethernet connectivity). In Calico, the network is fully routed at layer 3, meaning that Continue reading
Fast Reroute , Fast Convergence , WRED and WFQ. You may think that why Orhan is putting all these mechanisms together. I will give you an analogy. Those who participate my talks., know that I love using analogies. Before we try to understand how these mechanisms are related with each other, let me explain what …
Continue reading "Fast Reroute, Fast Convergence, WRED and WFQ"
The post Fast Reroute, Fast Convergence, WRED and WFQ appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
best known as one of the inventors of Random Early Detection
The post Sally Floyd, Who Helped Things Run Smoothly Online, Dies at 69 – The New York Times appeared first on EtherealMind.
In the new era of 5G, mobile network operators have the opportunity to move up the value chain and...
The addition of AWS Transit Gateway to Pureport's Multicloud Fabric platform means users can now...
Executives from both carriers highlighted the combined strengths of their networks at the Mobile...
Now that AnsibleFest is right around the corner, we wanted to take a closer look at each of the tracks that we will offer. We talked with Track Lead Brian Coursen and asked him a few questions about the Culture and Collaboration Track and sessions within the track.
Who is this track best for?
This track is best for attendees that want to see how Ansible is used and how it brings people and teams together in the workplace.
What topics will this track cover?
Topics will include how to create an automation culture as well as highlight some automation use cases. This will include minimizing business unit conflict with patch automation, how to build an open source network service orchestrator using Ansible at the core, and why automation isn't just a passing fad but a necessity in today's enterprise.
What should attendees expect to learn from this track?
Attendees will learn about DevOps culture and automation. They will also learn about how places like National Weather Service Southern Region; Datacom; and the British financial institution, RBS, are all using Ansible to create a culture of collaboration.
Where would you Continue reading