How to plan a software-defined data-center network

The data-center network is a critical component of enterprise IT’s strategy to create private and hybrid-cloud architectures. It is software that must deliver improved automation, agility, security and analytics to the data center network. It should allow for the seamless integration of enterprise-owned applications with public cloud services. Over time, leading edge software will enable the migration to intent-based data-center networks with full automation and rapid remediation of application-performance issues.To read this article in full, please click here(Insider Story)

How to plan a software-defined data-center network

The data-center network is a critical component of enterprise IT’s strategy to create private and hybrid-cloud architectures. It is software that must deliver improved automation, agility, security and analytics to the data center network. It should allow for the seamless integration of enterprise-owned applications with public cloud services. Over time, leading edge software will enable the migration to intent-based data-center networks with full automation and rapid remediation of application-performance issues.To read this article in full, please click here(Insider Story)

How to plan a software-defined data-center network

The data-center network is a critical component of enterprise IT’s strategy to create private and hybrid-cloud architectures. It is software that must deliver improved automation, agility, security and analytics to the data center network. It should allow for the seamless integration of enterprise-owned applications with public cloud services. Over time, leading edge software will enable the migration to intent-based data-center networks with full automation and rapid remediation of application-performance issues.To read this article in full, please click here(Insider Story)

More Handy CLI Tools for JSON

In late 2015 I wrote a post about a command-line tool named jq, which is used for parsing JSON data. Since that time I’ve referenced jq in a number of different blog posts (like this one). However, jq is not the only game in town for parsing JSON data at the command line. In this post, I’ll share a couple more handy CLI tools for working with JSON data.

(By the way, if you’re new to JSON, check out this post for a gentle introduction.)

JMESPath and jp

JMESPath is used by both Amazon Web Services (AWS) in their AWS CLI as well as by Microsoft in the Azure CLI. For examples of JMESPath in action, see the AWS CLI documentation on the --query functionality, which makes use of server-side JMESPath queries to reduce the amount of data returned by an AWS CLI command (as opposed to filtering on the client side).

However, you can also use JMESPath on the client-side through the jp command-line utility. As a client-side parsing tool, jp is similar in behavior to jq, but I find the JMESPath query language to be a bit easier to use than jq in Continue reading

How not to structure your database-backed web applications: a study of performance bugs in the wild

How not to structure your database-backed web applications: a study of performance bugs in the wild Yang et al., ICSE’18

This is a fascinating study of the problems people get into when using ORMs to handle persistence concerns in their web applications. The authors study real-world applications and distil a catalogue of common performance anti-patterns. There are a bunch of familiar things in the list, and a few that surprised me with the amount of difference they can make. By fixing many of the issues that they find, Yang et al., are able to quantify how many lines of code it takes to address the issue, and what performance improvement the fix delivers.

To prove our point, we manually fix 64 performance issues in [the latest versions of the applications under study] and obtain a median speed-up of 2x (and up to 39x max) with fewer than 5 lines of code change in most cases.

The Hyperloop website provides access to a tool you can use to identify and solve some of the common performance issues in your own (Rails) apps.

I’m going to skip the intro parts about what ORMs do and how a typical web app Continue reading

Lessons from nPetya one year later

This is the one year anniversary of NotPetya. It was probably the most expensive single hacker attack in history (so far), with FedEx estimating it cost them $300 million. Shipping giant Maersk and drug giant Merck suffered losses on a similar scale. Many are discussing lessons we should learn from this, but they are the wrong lessons.


An example is this quote in a recent article:
"One year on from NotPetya, it seems lessons still haven't been learned. A lack of regular patching of outdated systems because of the issues of downtime and disruption to organisations was the path through which both NotPetya and WannaCry spread, and this fundamental problem remains." 
This is an attractive claim. It describes the problem in terms of people being "weak" and that the solution is to be "strong". If only organizations where strong enough, willing to deal with downtime and disruption, then problems like this wouldn't happen.

But this is wrong, at least in the case of NotPetya.

NotPetya's spread was initiated through the Ukraining company MeDoc, which provided tax accounting software. It had an auto-update process for keeping its software up-to-date. This was subverted in order to deliver the initial NotPetya Continue reading

Packet Size, It Matters

As I mentioned in a previous post, I have been studying the materials for the Cisco CCDE. One thing that has come up only a time or two is that of MTU. MTU, or maximum transmission unit, is the maximum size a chunk of data can be for a given interface. In this article, we are speaking specifically of IP MTU and this is an important distinction that I will clarify later. Network design should incorporate a clear understanding of MTU challenges and operators need to understand what to look for when it is not properly built and configured.

A simplistic example of a problematic design is when there is a link with a smaller MTU somewhere between two endpoints capable of creating larger packets (see the image below). While this environment may work fine, understanding the interaction required between the hosts and the network devices is very important to network design.

A few years ago I wrote an article that outlined some of the behavior that can be witnessed when there are MTU discovery issues. Let’s quickly recount what path MTU discovery (PMTU-D) is, how it works, how it fails and some logic around appropriate design.

General Facts Around Continue reading

Worth Reading: The power of hyperscale

The growth of cloud-IT adoption continues unabated. Today’s landscape of cloud providers is dominated by a small handful of companies based in the U.S. and China that deploy company-owned hyperscale data centers. For the foreseeable future, these few will account for much of the growth in the cloud-IT market as many businesses decide to give up owning their own data centers and move their applications to cloud platforms. —Marc Cram @The Data Center Journal

1 1,510 1,511 1,512 1,513 1,514 3,798