NetworkingNexus.net

Setting up the Kubernetes AWS Cloud Provider

The AWS cloud provider for Kubernetes enables a couple of key integration points for Kubernetes running on AWS; namely, dynamic provisioning of Elastic Block Store (EBS) volumes and dynamic provisioning/configuration of Elastic Load Balancers (ELBs) for exposing Kubernetes Service objects. Unfortunately, the documentation surrounding how to set up the AWS cloud provider with Kubernetes is woefully inadequate. This article is an attempt to help address that shortcoming.

More details are provided below, but at a high-level here’s what you’ll need to make the AWS cloud provider in Kubernetes work:

The hostname of each node must match EC2’s private DNS entry for that node
An IAM role and policy that EC2 instances can assume as an instance profile
Kubernetes-specific tags applied to the AWS resources used by the cluster
Particular command-line flags added to the Kubernetes API server, Kubernetes controller manager, and the Kubelet

Let’s dig into these requirements in a bit more detail.

Node Hostname

It’s important that the name of the Node object in Kubernetes matches the private DNS entry for the instance in EC2. You can use hostnamectl or a confiugration management tool (take your pick) to set the instance’s hostname to the FQDN that matches the EC2 Continue reading

4 Unlikely Places Wi-Fi Access Points Are Hiding

As user demand for Wi-Fi connectivity grows, organizations need to get creative when it comes to where they deploy their access points.

Back By Popular Demand – Docker Pals Is Coming To Barcelona!

At DockerCon Copenhagen we launched the Docker Pals program in order to connect attendees and help them make the most out of their trip to DockerCon. Attending a conference by yourself can be intimidating and we don’t want anyone to feel that way at DockerCon! Pals get matched with a few others who are new (the “Pals”), and someone who knows their way around (the “Guide”) so that you will know someone before you arrive at the conference. So, DockerCon veterans, please consider signing up to be a Guide and help welcome those newer to DockerCon to the amazing Docker community. Participating gives you the opportunity to learn even more, grow an even bigger network, and have even more fun!

Here’s what Pals had to say:

“Docker Pals was an excellent opportunity to meet new Docker Captains and Community Leaders who are open to engaging with container enthusiasts of all skill levels, specialities and backgrounds. I would certainly take advantage of the program again, and volunteer to be a Guide next year.” – Jackie Liu

“I was able to learn and understand how Docker is used in real time and in production with my fellow Docker Pal.” – Continue reading

Columnstore and B+ tree – are hybrid physical designs important?

Columnstore and B+ tree – are hybrid physical designs important? Dziedzic et al., SIGMOD’18

Earlier this week we looked at the design of column stores and their advantages for analytic workloads. What should you do though if you have a mixed workload including transaction processing, decision support, and operational analytics? Microsoft SQL Server supports hybrid physical design combining both column store and B+ tree indexes in the same database.

It is generally understood that columnstores are crucial to achieving high performance for analytic queries and that B+ tree indexes are key to supporting transactional workloads efficiently. However, it is not well understood whether hybrid physical designs – both columnstore and B+ tree indices on the same database and potentially the same table – are important for any of the above workloads.

Through a series of benchmarks the authors show that hybrid physical designs can result in more than an order of magnitude lower execution costs for many workloads when compared to alternatives using B+ tree-only or columnstore-only. The Database Engine Tuning Advisor (DTA) for SQL Server is extended to analyze and recommend the appropriate indices for a given workload. Support for columnstore indices and the new DTA functionality was Continue reading

BrandPost: It’s Time to Think Outside the Router

“Turn Me Loose” I finally delivered four large boxes of CDs to my local library – my collection of nearly 1,000 titles, some as old as 33 years, like my Loverboy CD, when I acquired them in back in 1985. And back in 1985, or maybe 1986, I did a similar uncluttering with my cassettes and vinyl (except for a few select albums like an original release of Dark Side of the Moon).Music has gone from 12” vinyl to more compact cassette tapes to even more compact CDs and now streaming services that connect listeners to music anywhere, anytime. Just as music technology has changed through the years to provide more flexibility on how music is consumed, the application consumption model has changed, too. The “job of the WAN” has always been to connect users to applications, but wide area networking (WAN) technology based on conventional branch routers has not kept up to provide the optimal means of connecting to them.To read this article in full, please click here

LinkedIn: Open19 Data Center Tech Ready for Prime Time and Edge

While the Open19 Project started as a way for LinkedIn to optimize its data centers, its founders quickly realized that the platform was well suited for edge deployments.

Barefoot Preps for 5G and IoT With Its Tofino Chip and the P4 Language

Paired with the P4 programming language, Barefoot’s Tofino chip gives users the freedom to design what the chip can do.

A Rare Peek into IBM’s True North Neuromorphic Chip

We did not plan it, but today has become make-your-eyes-bleed-with-chip architecture-patent-applications day. …

A Rare Peek into IBM’s True North Neuromorphic Chip was written by Nicole Hemsoth at .

Industrial IoT faces big challenges

Future cellular Internet of Things (IoT) networks are going to be expected to deliver much lower latency and significantly higher reliability. Getting to that point, however, must be a step-by-step approach, said a telco equipment executive at Mobile World Congress Americas earlier this month.“Doing one at a time is not so difficult, but doing both at the same time is a challenge,” said Jawad Manssour, head of Networks Portfolio Management at Product Area Networks with equipment maker Ericsson, during a presentation at the conference.Ericsson is one of the world’s big three principal base station and cellular equipment vendors, along with Huawei and Nokia. Mobile network providers Sprint and Ericsson recently announced that they are building a distributed virtualized core IoT network and an IoT operating system.To read this article in full, please click here

Industrial IoT faces big challenges

Don’t Miss The Latest Module In Our Certified Ethical Hacking v10 Technology Course!

Module 9 is here! Tune into Josue Vargas’s newest video – Certified Ethical Hacking: Denial of Service to learn about DoS and DDoS attacks and how to prevent them.

About the Course

DoS and DDoS are disruptive attacks meant to bring a server or network out of operation. You might have seen some of this in the news, especially as related to hacktivism (people who hack for a cause). A DDoS attack can be a big financial hit on an organization. In this module you will learn how this type of attack is accomplished and even how it can be done stealthily. As an ethical hacker you will get the point of view of the attacker, as usual, but you will also learn how to protect your organization from this type of event using the right tools and strategies.

Worth Reading: Why you shouldn’t join a startup

According to a statistic published in a Harvard Business School study by Shikhar Ghosh, 75% of venture-backed (yes, venture-backed) startups fail. In a study by Statistic Brain, Startup Business Failure Rate by Industry, 50 percent of all U.S. companies fail after 5 years, and over 70 percent fail after 10 years. This is if you are lucky enough to get some venture funding. —Sean Choi @Free Code Camp

Cisco unearths 13 ‘High Impact’ IOS vulnerabilities you need to patch now

Cisco today exposed 13 vulnerabilities in its IOS and IOS XE switch and router operating software that the company said should be patched as soon as possible.The vulnerabilities were detailed in Cisco’s twice-yearly dump of IOS exposures. All have a High Impact security rating, and fixes should be evaluated by users quickly.[ Also see Invaluable tips and tricks for troubleshooting Linux. ] The company said this particular batch of issues could let an attacker gain elevated privileges for an affected device or cause a denial of service (DoS) on an affected device.To read this article in full, please click here