Sponsored Post: NationBuilder, Twitch, InMemory.Net, Triplebyte, Etleap, Stream, Scalyr, MemSQL

Who's Hiring? 

  • NationBuilder — if you’re a systems engineer, SRE or DevOps focused developer and have been looking for a place where you can help other people while still working in tech? We can give that opportunity. Please apply here

  • Twitch's commerce team in San Francisco is looking to hire senior developers to keep up with rapidly increasing demand for our Subscriptions and Payment platform. Engineers will be tasked with building new products and features to solve business and ecommerce challenges as we're dealing with engaging problems at a massive scale and will create solutions that impact millions of people around the world. Apply here

  • Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.

  • Need excellent people? Advertise your job here! 

Fun and Informative Events

  • Advertise your event here!

Cool Products and Services


  • InMemory.Net provides a Dot Net native in memory database for analysing large amounts of data. It runs natively on .Net, and provides a native .Net, COM & ODBC apis for integration. It also has an easy to use Continue reading

SANOG 32 – Another Success Story for MANRS

The SANOG 32 meeting was held on 2-10 August 2018 in Dhaka, Bangladesh, which marked fifteen amazing years of collaboration between network operators in the South Asia region. The Internet Society is proud to support the SANOG fellowship programme that provides opportunities for network engineers from countries in the region to attend, as well as organising the Network Security workshop during the event.

SANOG 32 also saw another MANRS milestone reached when the ISP Association of Bangladesh (ISPAB) signed a Memorandum of Understanding (MoU) with the Internet Society. ISPAB is a membership-based, not-for-profit organization that provides a forum for Bangladeshi ISPs to discuss technology, policy, regulatory and commercial issues and find collective solutions.

In accordance with the MoU, both ISPAB and ISOC will work together to promote and support MANRS, to encourage network operators in Bangladesh to join the initiative. There are currently only two MANRS participants in the country, so being able to increase engagement with the networking community is a welcome development.

Dr Philip Smith (NSRC and Chair of SANOG Programme Committee) also provided a MANRS update during the conference session.

The Network Security workshop attracted 40 participants and was lead by MANRS founding member Matsuzaki Yoshinobu (IIJ) and Continue reading

Bootstrapping an etcd Cluster with TLS using Kubeadm

The etcd distributed key-value store is an integral part of Kubernetes. I first wrote about etcd back in 2014 in this post, but haven’t really discussed it in any great detail since then. However, as part of my recent efforts to dive much deeper into Kubernetes, I needed to revisit etcd. In this post, I wanted to share how to boostrap a new etcd cluster with TLS certificates using kubeadm.

Before I go on, I feel compelled to state that this is certainly not the only way to bootstrap an etcd cluster with TLS certificates. I feel I must also state that nothing in what I’m about to share is new, novel, revolutionary, or unusual. In fact, a fair amount of it is based on these instructions, although this post will focus on using systemd unit files instead of static pods under Kubernetes. I’m simply documenting it here in the hopes of getting the information more broadly disseminated, and to help document my own journey of learning.

Preparing the Systems

Before you bootstrap the etcd cluster, you’ll first need to prepare the nodes for the process. Although I’ll list the steps manually below, in practice you’ll want to Continue reading

Bootstrapping an etcd Cluster with TLS using Kubeadm

The etcd distributed key-value store is an integral part of Kubernetes. I first wrote about etcd back in 2014 in this post, but haven’t really discussed it in any great detail since then. However, as part of my recent efforts to dive much deeper into Kubernetes, I needed to revisit etcd. In this post, I wanted to share how to boostrap a new etcd cluster with TLS certificates using kubeadm.

Before I go on, I feel compelled to state that this is certainly not the only way to bootstrap an etcd cluster with TLS certificates. I feel I must also state that nothing in what I’m about to share is new, novel, revolutionary, or unusual. In fact, a fair amount of it is based on these instructions, although this post will focus on using systemd unit files instead of static pods under Kubernetes. I’m simply documenting it here in the hopes of getting the information more broadly disseminated, and to help document my own journey of learning.

Preparing the Systems

Before you bootstrap the etcd cluster, you’ll first need to prepare the nodes for the process. Although I’ll list the steps manually below, in practice you’ll want to Continue reading

IDG Contributor Network: Don’t let yourself be erased from the business needs narrative

A CIO of a retail chain recently issued an edict that all requirements for networking must be stated as business needs, including all RFIs, RFQs and internal proposals. No networking protocols, features or terms are now permitted. At first glance this seems like a relatively simple instruction, but the IT staff struggled to articulate business needs and map them to network capabilities. The CIO is imposing a discipline of asking “why” three times to try to understand and separate the inertia of past choices from what their business needs today. I believe the CIO is wise in trying to connect the business needs to network capabilities.Speaking the language of the industry Networking professionals are being left out of the narrative. We are deemed a necessary evil rather than a partner in producing products and services. We are the people that slow things down, make things harder and budget for things people do not understand nor value. Becoming part of the narrative requires that each networking professional understand and anticipate their business’s needs. In fact, I would argue that the public cloud, bring your own device and shadow IT are the result of networking not being part of the narrative. Continue reading

IDG Contributor Network: Don’t let yourself be erased from the business needs narrative

A CIO of a retail chain recently issued an edict that all requirements for networking must be stated as business needs, including all RFIs, RFQs and internal proposals. No networking protocols, features or terms are now permitted. At first glance this seems like a relatively simple instruction, but the IT staff struggled to articulate business needs and map them to network capabilities. The CIO is imposing a discipline of asking “why” three times to try to understand and separate the inertia of past choices from what their business needs today. I believe the CIO is wise in trying to connect the business needs to network capabilities.Speaking the language of the industry Networking professionals are being left out of the narrative. We are deemed a necessary evil rather than a partner in producing products and services. We are the people that slow things down, make things harder and budget for things people do not understand nor value. Becoming part of the narrative requires that each networking professional understand and anticipate their business’s needs. In fact, I would argue that the public cloud, bring your own device and shadow IT are the result of networking not being part of the narrative. Continue reading

Rethinking Security in Cloud Networking

security-blog-2018

Every CXO worries about security because the perimeter is changing; in fact, there are no walls for protection. The lines between cloud, workloads, applications, enterprise networks and hosts are blurring and the challenges are getting exponentially greater. The true security architect must rapidly address the reality of a more holistic network-wide security strategy. It must be one that goes beyond the cyber threat of the day to address the risk, scale and mitigation of persistent security issues. The state of cyber security needs urgent resolution because:

Rethinking Security in Cloud Networking

security-blog-2018

Every CXO worries about security because the perimeter is changing; in fact, there are no walls for protection. The lines between cloud, workloads, applications, enterprise networks and hosts are blurring and the challenges are getting exponentially greater. The true security architect must rapidly address the reality of a more holistic network-wide security strategy. It must be one that goes beyond the cyber threat of the day to address the risk, scale and mitigation of persistent security issues. The state of cyber security needs urgent resolution because:

Pure Storage CEO on all-flash data centers and the cloud

One year ago Charlie Giancarlo took the helm of Pure Storage, which in fiscal year 2018 reported its first billion-dollar year.Giancarlo was a managing director and senior advisor at Silver Lake Partners before joining Pure Storage. Prior to that, he held multiple executive positions at Cisco, where he helped steer the company into markets such as Ethernet switching, VoIP, Wi-Fi and telepresence.[ Check out AI boosts data-center availability, efficiency. Also learn what hyperconvergence is and whether you’re ready for hyperconverged storage. For regularly scheduled insights sign up for Network World newsletters. ] Giancarlo talked with Network World's Ann Bednarz about what Pure is doing to keep the storage industry moving forward, and how the experience he gained during Cisco’s growth spurt is helping. To read this article in full, please click here

Pure Storage CEO on all-flash data centers and the cloud

One year ago Charlie Giancarlo took the helm of Pure Storage, which in fiscal year 2018 reported its first billion-dollar year.Giancarlo was a managing director and senior advisor at Silver Lake Partners before joining Pure Storage. Prior to that, he held multiple executive positions at Cisco, where he helped steer the company into markets such as Ethernet switching, VoIP, Wi-Fi and telepresence.[ Check out AI boosts data-center availability, efficiency. Also learn what hyperconvergence is and whether you’re ready for hyperconverged storage. For regularly scheduled insights sign up for Network World newsletters. ] Giancarlo talked with Network World's Ann Bednarz about what Pure is doing to keep the storage industry moving forward, and how the experience he gained during Cisco’s growth spurt is helping. To read this article in full, please click here

Upcoming Webinars and Events: Autumn 2018

The summer break is over, and we’ve already scheduled a half-dozen events and webinars in August and September:

We’ll run an event or webinar in almost every single week in September:

Read more ...

DNS privacy in new Android 9

I recently enrolled in the Android developer preview programme and got hold of the Android P (9 beta) OTA image for my Nokia 7 Plus phone, and while discovering what’s new, I found a new advanced option under network settings called ‘Private DNS’ that got my attention. This led to me finding an article from Erik Kline describing this new feature in Android 9, which to my surprise supports DNS-over-TLS (RFC 7858).

Last year we wrote about the experiments in the Go6lab with DNS-over-TLS where we set up a recursive DNS resolver listening on port 853 and serving DNS answers to queries encrypted with TLS. This setup was useful if your local DNS resolver was Unbound or Stubby, and since then I’ve been using Stubby as my local DNS client on MacOS with the Unbound DNS server at the Go6lab (privacydns.go6lab.si) as a recursive resolver for encrypted DNS queries without any issues.

So armed with the information from Erik, I decided to test out the Android implementation.

First thing was to turn on the setting and test it with the ‘privacydns.go6lab.si’ server which worked fine. Enabling ‘log-queries’ on the Unbound server quickly revealed that DNS queries are Continue reading

The Law of Snooping

There is a saying, attributed to Abraham Maslow, that when all you have is a hammer then everything looks like a nail. A variation is that when all you have is a hammer, then all you can do it hit things! For a legislative body, when all you can do is enact legislation, then that’s all you do! Even when it’s pretty clear that the underlying issues do not appear to be all that amenable to legislative measures, some legislatures will boldly step forward into the uncertain morass and legislate where wiser heads may have taken a more cautious and considered stance.

Workshop Epilogue 2

Networkers and Coding Q & A

In Part One of this blog I mentioned that I liked to start the second day of the workshop a little differently. The workshop itself was aimed very much at network engineers but the second day was all about using Python to interact with the ArubaOS-CX API. I know from experience that not everyone is comfortable with the notion of engineers diving into coding, that for many an API is just the latest ‘bright and shiny’ that will dull soon, and that network automation is just a marketing buzzword bubble. Regardless of all this, the exercises were all Python and the attendees were going to make API calls and pick through JSON. There was no exam, no compulsion to attend, no (ridiculous) participation certificate and no armed guards blocking the exits.

"Why are you here?"

With all this in mind I thought we might as well tackle the 'networker vs. dev' subject head on, so I put it to the attendees; "Today is about Python, you are network engineers, why are you here?" Rather than just have them listen to me provide my viewpoint, I wanted the group to interact and provide Continue reading

Definitive VMworld 2018 Guide for Micro-Segmentation Practitioners

As you plan to attend VMworld 2018 – Do you have questions like : how do I micro-segment? What grouping strategies do I use? How to do a Firewall-As-A-Service in hybrid VM and Container environments? Or you are a Pros and would like to know more of what is new? – We would like to help you answer and have the best possible help as you head back to your organizations. This blog captures the Micro-Segmentation sessions that are geared towards designing your micro-segmentation strategies. Meet with our experts go in details with you. Listen to our customers on their journeys and understand all the options that VMware can help you with this journey.

 

Monday: August 27, 2018

It starts at 11.30 am with:

Have lunch and then you have two choices:

OR

1 1,489 1,490 1,491 1,492 1,493 3,837