0

Converting Kubernetes to an HA Control Plane

While hanging out in the Kubernetes Slack community, one question I’ve seen asked multiple times involves switching a Kubernetes cluster from a non-HA control plane (single control plane node) to an HA control plane (multiple control plane nodes). As far as I am aware, this isn’t documented upstream, so I thought I’d walk readers through what this process looks like.

I’m making the following assumptions:

• The existing single control plane node was bootstrapped using kubeadm. (This means we’ll use kubeadm to add the additional control plane nodes.)
• The existing single control plane node is using a “stacked configuration,” in which both etcd and the Kubernetes control plane components are running on the same nodes.

I’d also like to point out that there are a lot of different configurations and variables that come into play with a process like this. It’s (nearly) impossible to cover them all in a single blog post, so this post attempts to address what I believe to be the most common situations.

With those assumptions and that caveat in mind, the high-level overview of the process looks like this:

1. Create a load balancer for the control plane.
2. Update the API server’s certificate.
3. Update the kubelet Continue reading

0

5 reasons to choose a managed SD-WAN and 5 reasons to think twice

Northgate Gonzalez Markets, a chain of grocery stores in southern California, was launching a fast-paced digital transformation initiative that required a complete revamp of its WAN infrastructure.Northgate was taking the bold step of eliminating its data center and moving around 500 servers’ worth of applications and data to the cloud. The old WAN topology of backhauling traffic from each of its 43 locations to a central data center via two T-1s had to be replaced with a direct, reliable, resilient, secure connection from each individual location to the cloud. More about enterprise SD-WAN: 10 hot SD-WAN startups to watch The inside scoop from real-world SD-WAN deployments SD-WAN: What is it and why you’ll use it one day 4 questions to ask before deploying SD-WAN How to choose the right SD-WAN transport and why it matters Harrison Lewis, CIO and chief privacy officer at Northgate Markets, settled on an SD-WAN deployment. After evaluating the pros and cons of the do-it-yourself (DIY) option versus a managed service, Lewis decided that a managed approach was preferable for multiple reasons, with speed at the top of the list. “We had a compressed timeline,” he says. “We didn’t have the luxury of saying, Continue reading

0

Money Moves: July 2019

Here are some of the most prominent venture capital and merger and acquisition news items from...

Read More »

0

GKE with VPN – Networking options

While working on a recent hybrid GCP plus on-premise customer architecture, we had a need to connect GKE cluster running in GCP to a service running in on-premise through a VPN. There were few unique requirements like needing to expose only a small IP range to the on-premise and having full control over the IP … Continue reading GKE with VPN – Networking options →

0

Weekly Top Posts: 2019-08-11

1. Dynatrace Scores $544M IPO, Cloudflare to Follow Suit
2. Cisco Pays $8.6M in First-Ever Security Software Whistleblower Payout
3. Lanner and GTT Leverage uCPE to Bolster SD-WAN Performance
4. IBM Packs Red Hat OpenShift Into Cloud Paks
5. Cohesity Adds Security Capabilities With CyberScan

0

Hacker Jeopardy, Wrong Answers Only Edition

Among the evening entertainment at DEF CON is "Hacker Jeopardy", like the TV show Jeopardy, but with hacking tech/culture questions. In today's blog post, we are going to play the "Wrong Answers Only" version, in which I die upon the hill defending the wrong answer.

0

The TOGAF ADM – Part I

In my last post we briefly looked at the TOGAF ADM. We won’t be able to fit it all into a single blog post but we will start to explore the ADM from a high level. ADM stands for Architecture Development Method and it organized in 10x different phases. These different phases are designed to […]

0

GitHub’s CI/CD Expansion Set to Change Workflows

“It will be interesting to see how the continuous integration players react. These vendors...

Read More »

0

DNS Query Privacy

In this article we'll look at DNS Query Name Minimisation in some detail and present the results of our measurement of the current level of use of this resolver query technique in today's Internet.

0

Intel and Lenovo partner on HPC and AI initiatives

Intel and Lenovo this week announced a new partnership aimed at accelerating artificial intelligence (AI) and high-performance computing (HPC) products by bringing together their respective technologies.The collaboration will integrate Lenovo's TruScale Infrastructure and Lenovo Neptune liquid cooling technology with a variety of Intel technologies, including its Optane DC persistent memory, Intel oneAPI programming framework, and current and future generations of its Xeon Scalable processors. Read more data center stories NVMe over Fabrics creates data-center storage disruption How AI can improve network capacity planning HPE to buy Cray, offer HPC as a service Data center workloads become more complex How to get a handle on multicloud management TruScale is a consumption-based offering that allows customers to use on-premises data center hardware and services without having to purchase the equipment outright; enterprises pay for the use, and Lenovo monitors their activity. It's a model all of the major OEMs have adopted in response to the cloud.To read this article in full, please click here

0

Intel and Lenovo partner on HPC and AI initiatives

Intel and Lenovo this week announced a new partnership aimed at accelerating artificial intelligence (AI) and high-performance computing (HPC) products by bringing together their respective technologies.The collaboration will integrate Lenovo's TruScale Infrastructure and Lenovo Neptune liquid cooling technology with a variety of Intel technologies, including its Optane DC persistent memory, Intel oneAPI programming framework, and current and future generations of its Xeon Scalable processors. Read more data center stories NVMe over Fabrics creates data-center storage disruption How AI can improve network capacity planning HPE to buy Cray, offer HPC as a service Data center workloads become more complex How to get a handle on multicloud management TruScale is a consumption-based offering that allows customers to use on-premises data center hardware and services without having to purchase the equipment outright; enterprises pay for the use, and Lenovo monitors their activity. It's a model all of the major OEMs have adopted in response to the cloud.To read this article in full, please click here

0

The Serverlist: Building out the SHAMstack

Check out our seventh edition of The Serverlist below. Get the latest scoop on the serverless space, get your hands dirty with new developer tutorials, engage in conversations with other serverless developers, and find upcoming meetups and conferences to attend.

Sign up below to have The Serverlist sent directly to your mailbox.

0

Heavy Networking 464: Provocative Statements With Tom Hollingsworth

Today's Heavy Networking is a conversation with Tom Hollingsworth that ranges over a variety of provocative statements about the networking and technology industries, including "certifications are dead," "enterprise networking is dying," "BGP as a kitchen sink protocol is a bad idea," and more. Tom responds and discussions ensue.

The post Heavy Networking 464: Provocative Statements With Tom Hollingsworth appeared first on Packet Pushers.

0

Fast Friday- Black Hat USA 2019

I just got back from my first Black Hat and it was an interesting experience. It was crazy to see three completely different security-focused events going on in town all at once. There was Black Hat, B-Sides Las Vegas, and DEFCON all within the space of a day or so of each other. People were flowing back and forth between them all and it was quite amazing.

A wanted to share a few quick thoughts about the event from my perspective being a first timer.

• The show floor wasn’t as bit as VMworld or Cisco Live, but it was as big as it needed to be. Lots of companies that I’ve heard of, but several more that were new to me. That’s usually a good sign of lots of investment in the security space.
• Speaking of which, I talked to quite a few companies about a variety of analytics, telemetry, and insider threat monitoring solutions. And almost all of them had a founder from Israel or someone that was involved in the cybersecurity areas of the IDF. That’s a pretty good track record for where the investment is going.
• The Vegas booth gimmicks never change. I think I’ve spent too Continue reading

0

Ulukhaktok: Community Networking in the (Far) North

In June of this year, I had the great privilege of traveling to Ulukhaktok, NWT, Canada to talk to community members about the possibility of building a new, local Internet service network. As a result of these meetings, and the incredibly driven individuals I met with in Ulu, this time next year, Ulukhaktok will be the proud owner of the far-most Northern community network in the world.

I left Washington, D.C. in the throes of summer – upper 80-degree weather and so humid you’d feel wet the second you stepped outside. Two days and five planes later I was in Ulukhaktok, a community of about 400 people on the 70^th parallel. Summer there is a little different, and I explored the community amidst summer snow and 24-hour days.

I spent four days getting to know the community, and it wasn’t hard to understand the deep sense of community pride right away. Ulu is a beautiful, U-shaped town on the edge of the Arctic Ocean. It’s filled with people who will stop when they see a stranger, smile, and ask who you are and what you’re doing. And every time someone stopped, I told them about the Internet Society, Continue reading

0

Using Automation vs Making Automation

First published in Packet Pushers Human Infrastructure Magazine 58 – you can subscribe here Another side of the debate around programming, automation and orchestration. Are you a user or a maker ? Platforms are 80/20 For the last 20 or 30 years, network management software has followed an 80/20 approach to customisation. On the first […]

The post Using Automation vs Making Automation appeared first on EtherealMind.

0

Innovations in CBD And Hemp

Cannabidiol (CBD) and hemp have been known to be used in health supplements for humans and animals, as well as in various beauty products. Since the legalization of marijuana in many U.S. states, innovations in CBD and hemp products have become an acceptable and highly effective alternative to synthetic drugs for the treatment of many conditions including:

• Chronic pain
• Anxiety and depression
• PTSD
• Arthritis 
• Sleep issues
  
  

While more studies need to be done, it is believed since CBD and hemp oil may help reduce inflammation in the body that it may help serve as treatment and preventions for such health issues as heart disease and diabetes. 

Innovative in CBD and hemp products for the treatment of dogs, specifically, may help to:

• Reduce aggression
• Relieve pain
• Improve skin and coat appearance
• Help reduce seizures
  

When CBD and hemp products do not offer a miracle cure, they have shown great promise in helping people who do not respond well to traditional drugs or who may simply not like the negative side effects for prescription drugs in treating certain medical conditions.

Keep in mind that most of the innovations in CBD and hemp are not designed to make you high, Continue reading

0

Big Cloud Fabric Underlay Automation for VMware Cloud Foundation

0

Introducing Certificate Transparency Monitoring

Today we’re launching Certificate Transparency Monitoring (my summer project as an intern!) to help customers spot malicious certificates. If you opt into CT Monitoring, we’ll send you an email whenever a certificate is issued for one of your domains. We crawl all public logs to find these certificates quickly. CT Monitoring is available now in public beta and can be enabled in the Crypto Tab of the Cloudflare dashboard.

Background

Most web browsers include a lock icon in the address bar. This icon is actually a button — if you’re a security advocate or a compulsive clicker (I’m both), you’ve probably clicked it before! Here’s what happens when you do just that in Google Chrome:

This seems like good news. The Cloudflare blog has presented a valid certificate, your data is private, and everything is secure. But what does this actually mean?

Certificates

Your browser is performing some behind-the-scenes work to keep you safe. When you request a website (say, cloudflare.com), the website should present a certificate that proves its identity. This certificate is like a stamp of approval: it says that your connection is secure. In other words, the certificate proves that content was not intercepted or Continue reading

0

VMware opens, reinforces hybrid-cloud migration software

VMware customers can now migrate non-vSphere, as well as increased amounts of on-premises application workloads, to a variety of cloud services with a new release of the company’s Hybrid Cloud Extension (HCX) application-mobility software.Introduced in 2017, VMware HCX lets vSphere customers tie together on-premises systems and applications with a variety of cloud services. vSphere VMware's flagship virtualization platform.  More about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space HCX includes services such as routing and WAN optimization and can utilize other VMware products and services such as the firm’s core networking software, NSX. NSX is targeted at organizations looking to support multivendor cloud-native applications, bare-metal workloads, hypervisor environments and the growing hybrid and multicloud worlds.  HCX is also included in other VMware packages such as its VMware Cloud on AWS.To read this article in full, please click here