Network Break 250: VMware Embraces Kubernetes; Dell Partners With VMware On Datacenters, SD-WAN
It's a heaping helping of Network Break as we try to parse all the Kubernetes pronouncements coming out of VMworld 2019, including Project Pacific and Tanzu Mission Control. Plus we cover new tech and new partnerships between Dell EMC and VMware, new products from Apstra and Mellanox, and HPE's latest financials.
The post Network Break 250: VMware Embraces Kubernetes; Dell Partners With VMware On Datacenters, SD-WAN appeared first on Packet Pushers.
If You Have to Simulate Your Whole Network, You’re Doing It Wrong
This blog post was initially sent to subscribers of my SDN and Network Automation mailing list. Subscribe here.
Have you ever seen a presentation in which a startup is telling you how awesome their product is because it allows you to simulate your whole network in a virtual environment? Not only that, you can use that capability to build a test suite and a full-blown CI/CD pipeline and test whether your network works every time you make a change to any one box in the network.
Sounds awesome, right? It’s also dead wrong. Let me explain why that’s the case.
Read more ...The TOGAF ADM – Part II
Continuing right off from my last post, we going to continue our run-though of the ADM wrapping the last few phases. Phase E: opportunities & Solution: Now, it’s time for us to review the outputs from our previous phases and to start defining the beginning of our implementation details. We do this in the form of creating the […]VMworld 2019 Vendor Meeting: Lightbits Labs
Last week at VMworld, I had the opportunity to meet with Lightbits Labs, a relatively new startup working on what they called “disaggregated storage.” As it turns out, their product is actually quite interesting, and has relevance not only in “traditional” VMware vSphere environments but also in environments more focused on cloud-native technologies like Kubernetes.
So what is “disaggregated storage”? It’s one of the first questions I asked the Lightbits team. The basic premise behind Lightbits’ solution is that by taking the storage out of nodes—by decoupling storage from compute and memory—they can provide more efficient scaling. Frankly, it’s the same basic premise behind storage area network (SANs), although I think Lightbits wants to distance themselves from that terminology.
Instead of Fibre Channel, Fibre Channel over Ethernet (FCoE), or iSCSI, Lightbits uses NVMe over TCP. This provides good performance over 25, 50, or 100Gbps links with low latency (typically less than 300 microseconds). Disks appear “local” to the node, which allows for some interesting concepts when used in conjunction with hyperconverged platforms (more on that in a moment).
Lightbits has their own operating system, LightOS, which runs on industry-standard x64 servers from Dell, HP, Lenovo, etc. To Continue reading
Just Published: NSX-T Technical Deep Dive Slide Deck
Last year when I was creating the first version of VMware NSX Deep Dive content, NSX-V was mainstream and NSX-T was the new kid on the block. A year later NSX-V is mostly sidelined, and all the development efforts are going into NSX-T. Time to adapt the webinar to new reality… taking the usual staged approach:
- The new slide deck covering NSX-V and NSX-T is ready. It includes early information about NSX-T release 2.5; I’ll fill in the details once the documentation becomes public.
- I’ll use the slide deck in day-long workshop in Zurich on September 10th.
- The live webinar sessions (including updated NSX-T 2.5 content) will start on November 14th.
IPA: invariant-preserving applications for weakly consistent replicated databases
IPA: invariant-preserving applications for weakly consistent replicated databases Balegas et al., VLDB’19
IPA for developers, happy days!
Last we week looked at automating checks for invariant confluence, and extending the set of cases where we can show that an object is indeed invariant confluent. I’m not going to re-cover that background in this write-up, so I suggest you head over there for a quick catch-up before reading on if you missed it first time around.
Today’s paper is very much in same spirit, building on the same foundation of invariant confluence (I-Confluence), and also on Indigo which introduced an annotation model for application invariants, a invariant violation avoidance mechanism using lock reservations and escrows, and limited support for repairing violations that do happen.
With Invariant-Preserving Applications (IPAs), Balegas et al. introduce new mechanisms for avoiding invariant violations and for repairing them when detected, based on CRDTs. There’s also a very nice looking developer workflow to help ensure you’ve got all the bases covered. At the end of the day, you get the dual benefit of higher throughput and lower latency (as compared to coordination-based approaches) coupled with knowing that there isn’t some nasty invariant-violating concurrency bug waiting Continue reading
Cumulus content roundup: Summer 2019
Summer has flown by and you may have missed some of the great content that was published. Don’t worry, you can catch up on some of our favorite podcasts, blog posts, and articles below. So settle in and then dive into all things open networking!
From Cumulus Networks:
Customizing your network: Take a quick look at the types of automation available in Linux, from basic to dynamic, and how these automation capabilities help to enable data center-wide orchestration here.
Kernel of Truth podcast: Network monitoring: When it comes to network monitoring, have you run into a “switch that cried wolf?”Kernel of Truth host Brian O’Sullivan is joined by two new guests to the podcast Justin Betz & Faye Ly to chat more about networking monitoring here.
Best practices: MLAG backup IP: We cover the best ways to build a redundant backup IP link for multi-chassis link aggregation (MLAG).
Exploring Batfish with Cumulus – part one: With Batfish supporting Cumulus Networks this year, we show how it can fit into pipelines & replace or complement existing testing strategies in part one of a two-part series.
Kernel of Truth podcast: Innovation in the data center: Spiderman aka Rama Continue reading
ClearOS Installation on QEMU
ClearOS is an operating system based on CentOS for use in small and medium enterprises as a network gateway and network server with a web-based administration interface.
ClearOS in Gateway mode acts as a firewall, gateway and server on a local network. The tutorial provides installation and configuration steps for deployement of ClearOS on QEMU VM. We will later connect ClearOS QEMU VM into GNS3 network topology in order to test features such as application traffic filtering and transparent proxy with user authentication.
Software Used:
Host OS: Kubuntu Linux 18.04.1 LTS with Qemu 3.0.0 installed and kvm-intel module loaded
Guest OS: ClearOS 7.5.0 x86_64
1. Preparing Host Network Infrastructure
As we are going to install ClearOS guest QEMU VM in a gateway mode, your host should have two network adapters available. (Picture 1). In our case, the first ClearOS guest network interface ens3 will be defined as LAN type during ClearOS installation. The second guest interface ens4 will be defined as External and used for connection to SOHO network. We will bridge the interface ens4 with the host interface enp4s0f2 using iproute utility. But first, we need to create tap interfaces tap0 and Continue reading
Juniper vQFX 18.4R1.8 Vagrant Libvirt Box Install
In this post I will cover how to create a Juniper vQFX Vagrant box 18.4R1.8 for use with the vagrant-libvirt provider. This is an update to a previous post post . Thankfully Juniper has released newer versions of the vQFX vagrant boxes for the Virtual box provider that can be utilized to...Juniper vQFX 18.4R1.8 Vagrant Libvirt Box Install
Build a Juniper vQFX 18.4R1.8 Vagrant box for use with the libvirt provider.Thread on the OSI model is a lie
I had a Twitter thread on the OSI model. Below it's compiled into one blogpost
Yea, I've got 3 hours to kill here in this airport lounge waiting for the next leg of my flight, so let's discuss the "OSI Model". There's no such thing. What they taught you is a lie, and they knew it was a lie, and they didn't care, because they are jerks.
You know what REALLY happened when the kid pointed out the king was wearing no clothes? The kid was punished. Nobody cared. And the king went on wearing the same thing, which everyone agreed was made from the finest of cloth.
The OSI Model was created by international standards organization for an alternative internet that was too complicated to ever work, and which never worked, and which never came to pass.
Sure, when they created the OSI Model, the Internet layered model already existed, so they made sure to include today's Internet as part of their model. But the focus and intent of the OSI's efforts was on dumb networking concepts that worked differently from the Internet.
OSI wanted a "connection-oriented network layer", one that worked like the telephone system, where every switch Continue reading
Thread on network input parsers
This blogpost contains a long Twitter thread on input parsers. I thought I'd copy the thread here as a blogpost.
I am spending far too long on this chapter on "parsers". It's this huge gaping hole in Computer Science where academics don't realize it's a thing. It's like physics missing one of Newton's laws, or medicine ignoring broken bones, or chemistry ignoring fluorine.
"Langsec" has the best model, but at the same time, it's a bit abstract ("input is a language that drives computation"), so I want to ease into it with practical examples for programmers.
Among the needed steps is to stamp out everything you were taught in C/C++ about pointer-arithmetic and overlaying internal packed structures onto external data. Big-endian vs. little-endian isn't confusing -- it's only made confusing because you were taught it wrongly.
Hmmm. I already see a problem with these tweets. People assume I mean "parsing programming languages", like in the Dragon book. Instead, I mean parsing all input, such as IP headers, PDF files, X.509 certificates, and so Continue reading
Juniper vMX 19.1R1.6 Vagrant Libvirt Box Install
In this post I will cover how to create a Juniper vMX 19.1R1.6 Vagrant box for use with the vagrant-libvirt provider. This post is an update to a previous post post that covers an earlier version. Prior to installing the vMX there are some required steps to get the KVM host prepped...Juniper vMX 19.1R1.6 Vagrant Libvirt Box Install
Build a Juniper vMX 19.1R1.6 Vagrant box for use with the libvirt provider.Heavy Networking 468: Making The Business Case For SD-WAN
Building a business case for SD-WAN involves more than just anticipating savings by moving from private circuits to business broadband connections. On today's Heavy Networking, we look at how to tie SD-WAN capabilities to business benefits, what to consider when developing a business case, how measure ROI, and more with guest Jason Gintert.
The post Heavy Networking 468: Making The Business Case For SD-WAN appeared first on Packet Pushers.
