NetworkingNexus.net

containerd Graduates Within the CNCF

We are happy to announce that as of today, containerd, an industry-standard runtime for building container solutions, graduates within the CNCF. The successful graduation demonstrates containerd has achieved the maturity, stability and community acceptance required for broad ecosystem adoption. containerd has already been deployed in tens of millions of production systems today, making it the most widely adopted runtime and an essential upstream component of the Docker platform. containerd was donated to the CNCF as a top-level project because of its strong alignment with Kubernetes, gRPC and Prometheus and is the fifth project to make it to this tier. Built to address the needs of modern container platforms like Docker Enterprise and orchestration systems like Kubernetes, containerd ensures users have a consistent dev to ops experience.

From Docker’s initial announcement that it was spinning out its core runtime to its donation to the CNCF in March 2017, the containerd project has experienced significant growth and progress over the last two years. The primary goal of Docker’s donation was to foster further innovation in the container ecosystem by providing a core container runtime that could be leveraged by container system vendors and orchestration projects such as Kubernetes, Swarm, Continue reading

Kernel of Truth season 2 episode 2: The future of the Linux Kernel

Subscribe to Kernel of Truth on iTunes, Google Play, Spotify, Cast Box and Sticher!

Click here for our previous episode.

This episode, host Brian is joined by two of our in-house Linux Kernel experts David and Roopa. Joining them is Attilla who, like many of you, is curious about what’s coming down the line in regards to the Linux Kernel. Since they’re working ahead of everyone, what can we look forward to in the future? We promise you won’t need a crystal ball to find out, just listen here!

Guest Bios

Brian O’Sullivan: Brian currently heads Product Management for Cumulus Linux. For 15 or so years he’s held software Product Management positions at Juniper Networks as well as other smaller companies. Once he saw the change that was happening in the networking space, he decided to join Cumulus Networks to be a part of the open networking innovation. When not working, Brian is a voracious reader and has held a variety of jobs, including bartending in three countries and working as an extra in a German soap opera. You can find him on Twitter at @bosullivan00.

David Ahern is a Member of Technical Staff at Cumulus Networks. He traded Continue reading

DevOps is a Silo

Silos are bad. We keep hearing how IT is too tribal and broken up into teams that only care about their swim lanes. The storage team doesn’t care about the network. The server teams don’t care about the storage team. The network team is a bunch of jerks that don’t like anyone. It’s a viscous cycle of mistrust and playground cliques.

Except for DevOps. The savior has finally arrived! DevOps is the silo-busting mentality that will allow us all to get with the program and get everything done right this time. The DevOps mentality doesn’t reinforce teams or silos. It focuses on the only pure thing left in the world – committing code. The way of the CI/CD warrior. But what if I told you that DevOps was just another silo?

Team Players

Before the pitchforks and torches come out, let’s examine why IT has been so tribal for so long. The silo mentality came about when we started getting more specialized with regards to infrastructure. Think about the original compute resources – mainframes. There weren’t any silos with mainframes because everyone pretty much had to know what they were doing with every part of the system. Everything was connected Continue reading

ACI MultiPod and how to build MultiDatacenter with Cisco ACI

What is MultiPod? ACI MultiPod was first designed to enable the spread of ACI Fabric inside a building (into two or more Pods), let’s say in two rooms at different floors, without the need to connect all the Leafs from one room to all the Spines in the other room. It was a way of simplifying the cabling and all that comes with building spread CLOS topology fabric stuff. MultiPod also saves some Leaf ports giving the fact that Pod to Pod connection through Multicast enabled IPN network connects directly to Spines. People soon realized that MultiPod will be a great solution

The post ACI MultiPod and how to build MultiDatacenter with Cisco ACI appeared first on How Does Internet Work.

Internet Society Welcomes the Dominica Chapter

A new Internet Society Chapter had been founded within the Regional Bureau in Latin America & Caribbean. The creation of the Internet Society Dominica Chapter was officially launched on January 11, at the Fort Young Hotel in Roseau City. The event was attended by 25 people, several key stakeholders from two major ISPs, as well as government representatives.

We would like to extend a warm welcome to all members and to the new Chapter executives (pictured above from left to right): Craig Nesty (President), Grayson Stedman Jr. (Vice President), Ishmael Joseph (Secretary), and Austin Lazarus (Treasurer).

“The Chapter was founded by staff members of the National Telecommunications Regulatory Commission” says Melisha Toussaint, NTRC Assistant Engineer and Chapter member. “In recent times, the NTRC has updated its mandate not only to regulate the telecommunications industry in Dominica, but also to create an enabling environment for the growth and development of the Internet and ICTs.”

What are the key interests of the new Chapter?

One of the key goals is to support the Dominica government’s idea to create a climate resilient country following the passage of Hurricane Maria in 2017. The disaster helped realize the importance of communication post-disaster. In 2019, Continue reading

Digital Evidence Across Borders and Engagement with Non-U.S. Authorities

Since we first started reporting in 2013, our transparency report has focused on requests from U.S. law enforcement. Previous versions of the report noted that, as a U.S. company, we ask non-U.S. law enforcement agencies to obtain formal U.S. legal process before providing customer data.

As more countries pass laws that seek to extend beyond their national borders and as we expand into new markets, the question of how to handle requests from non-U.S. law enforcement has become more complicated. It seems timely to talk about our engagement with non-U.S. law enforcement and how our practice is changing. But first, some background on the changes that we’ve seen over the last year.

Law enforcement access to data across borders

The explosion of cloud services -- and the fact that data may be stored outside the countries of residence of those who generated it -- has been a challenge for governments conducting law enforcement investigations. A number of U.S. laws, like the Stored Communications Act or the Electronic Communications Privacy Act restrict companies from providing particular types of data, such as the content of communications, to any person or entity, including foreign law enforcement Continue reading

Thoughts on VPNs for Road Warriors

A few days ago I was talking with a few folks on Twitter and the topic of using VPNs while traveling came up. For those that travel regularly, using a VPN to bypass traffic restrictions is not uncommon. Prompted by my former manager Martin Casado, I thought I might share a few thoughts on VPN options for road warriors. This is by no means a comprehensive list, but hopefully something I share here will be helpful.

There were a few things I wanted to share with readers:

I found commercial VPN services too unreliable (it’s not uncommon for commercial VPN services to get blocked and thus defeat the purpose of using a VPN).
Instead, I’ve found more success using something like AutoVPN. AutoVPN helps you stand up an on-demand OpenVPN endpoint on AWS. I used this successfully in Beijing, setting up endpoints in Seoul, Singapore, Tokyo, and sometimes Sydney. Because these IP addresses are “ephemeral,” they’re far less likely to be blocked. (Here’s another example of using AWS as a personal VPN service.)
I also had success using AutoVPN not to get around traffic restrictions, but to change my source IP. My wife needed to access some real Continue reading

Why the industrial IoT is more important than consumer devices — and 7 more surprising IoT trends

Given the Internet of Things’ (IoT) perch atop the hype cycle, IoT trend-spotting has become a full-time business, not just an end-of-the-year pastime. It seems every major — and minor — IoT player is busy laying out its vision of where the technology is going. Most of them harp on the same themes, of course, from massive growth to security vulnerabilities to skills shortages.[ Also on Network World: Six IoT predictions for 2019 ] Those are all real concerns, but Chris Nelson, vice president of engineering at operational intelligence (OT) vendor OSIsoft, shared some more unique viewpoints via email. In addition to his contention that the IoT will blur the lines between IT, which runs the customers’ systems and email, and OT, which runs the technology behind the production systems, he talked about what will drive the IoT in the next year.To read this article in full, please click here

Sample Solution: Automating L3VPN Deployments

A long while ago I published my solution for automated L3VPN provisioning… and I’m really glad I can point you to a much better one ;)

Håkon Rørvik Aune decided to tackle the same challenge as his hands-on assignment in the Building Network Automation Solutions course and created a nicely-structured and well-documented solution (after creating a playbook that creates network diagrams from OSPF neighbor information).

Want to be able to do something similar? You missed the Spring 2019 online course, but you can get the mentored self-paced version with Expert Subscription.

NDSS 2019 Honors Timeless Papers

The papers and presentations are done, the awards and appreciation certificates have been handed out, and the boxes are packed and labeled for shipping. NDSS 2019 has come to a successful close. It was a record setting event with over 550 registrations, 89 papers, 36 posters, and four workshops. It was inspiring to see such energetic and passionate security research professionals gathered together in one place discussing their work. All of the highlights can be found at the NDSS 2019 website, including the Distinguished Paper and Distinguished Poster Awards for this year and the full program. It is worthwhile, however, to highlight a new award series initiated this year.

NDSS Test of Time Awards

This year, to kick off the second 25 years of NDSS, an NDSS Test of Time annual award was created. This award is for papers that were published more than ten years ago and have had a significant impact on both academia and industry in the years since. There were three awardees in the inaugural class.

The first Test of Time award is from 1996: SKEME: A Versatile Secure Key Exchange Mechanism for Internet by Hugo Krawczyk. SKEME was an integral component of early versions of Continue reading

Datanauts 159: Examining Public Cloud Maturity

How mature are APIs, toolsets, and other components of AWS and Azure? Cloud architect Alex Neihaus joins the Datanauts to discuss this question. We also explore public cloud migration, and Alex argues that organizations shouldn't get hung up on tools and focus on process instead.

The post Datanauts 159: Examining Public Cloud Maturity appeared first on Packet Pushers.

VMware preps milestone NSX release for enterprise-cloud push

Looking to ease deployments of software-defined networks while reinforcing automation and security for hybrid and multicloud customers, VMware has taken the wraps off of a major release of its NSX-T Data Center software.While the NSX-T 2.4 announcement includes over 100 upgrades, VMware said the release anoints NSX-T as the company’s go-to platform for future software-defined cloud developments.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] “This is NSX-T’s coming out party—it is now our primary platform and includes all the tools, services, security and support for future growth,” said Tom McCafferty, VMware’s senior director of product marketing for NSX.To read this article in full, please click here