Using Variables in AWS Tags with Terraform

I’ve been working to deepen my Terraform skills recently, and one avenue I’ve been using to help in this area is expanding my use of Terraform modules. If you’re unfamiliar with the idea of Terraform modules, you can liken them to Ansible roles: a re-usable abstraction/function that is heavily parameterized and can be called/invoked as needed. Recently I wanted to add support for tagging AWS instances in a module I was building, and I found out that you can’t use variable interpolation in the normal way for AWS tags. Here’s a workaround I found in my research and testing.

Normally, variable interpolation in Terraform would allow one to do something like this (this is taken from the aws_instance resource):

tags {
    Name = "${var.name}-${count.index}"
    role = "${var.role}"
}

This approach works, creating tags whose keys are “Name” and “role” and whose values are the interpolated variables. (I am, in fact, using this exact snippet of code in some of my Terraform modules.) Given that this works, I decided to extend it in a way that would allow the code calling the module to supply both the key as well as the value, thus providing more flexibility Continue reading

Supermicro is the latest hardware vendor with a security issue

Security researchers with Eclypsium, a firm created by two former Intel executives that specializes in rooting out vulnerabilities in server firmware, have uncovered vulnerabilities affecting the firmware of Supermicro servers. Fortunately, it’s not easily exploited.The good news is these vulnerabilities can be exploited only via malicious software already running on a system. So, the challenge is to get the malicious code onto the servers in the first place. The bad news is these vulnerabilities are easily exploitable and can give malware the same effect as having physical access to this kind of system.“A physical attacker who can open the case could simply attach a hardware programmer to bypass protections. Using the attacks we have discovered, it is possible to scale powerful malware much more effectively through malicious software instead of physical access,” Eclypsium said in a blog post announcing its findings.To read this article in full, please click here

Supermicro is the latest hardware vendor with a security issue

Security researchers with Eclypsium, a firm created by two former Intel executives that specializes in rooting out vulnerabilities in server firmware, have uncovered vulnerabilities affecting the firmware of Supermicro servers. Fortunately, it’s not easily exploited.The good news is these vulnerabilities can be exploited only via malicious software already running on a system. So, the challenge is to get the malicious code onto the servers in the first place. The bad news is these vulnerabilities are easily exploitable and can give malware the same effect as having physical access to this kind of system.“A physical attacker who can open the case could simply attach a hardware programmer to bypass protections. Using the attacks we have discovered, it is possible to scale powerful malware much more effectively through malicious software instead of physical access,” Eclypsium said in a blog post announcing its findings.To read this article in full, please click here

Network Break 188: Microsoft Buys More Friends, Huawei is No2, Tofino plus more Politics

Take a Network Break! Its the virtual stroopwafel edition this week. Drew is on annual leave and travelling to Amsterdam, don t panic he will be back next week with bags of virtual stroopwaffel s. Mike Fratto is c-hosting to keep the show flowing. 

Microsoft buys a bunch of new developer friends, Arista get some P4 & Tofino, Micron is embroiled in US-China politics to balance ZTE, Huawei is No2 Enterprise networking vendor, Fortinet buys Bradford Networks and more.

Sponsor: InterOptic

InterOptic offers high-performance, high-quality optics at a fraction of the cost. If you’re not doing optics correctly, you’re going to pay for it upfront (and then later too). Don’t be fooled by lesser optics. The difference between generic third-party and brand-equivalent optics matters.

Show Links

Microsoft Buys GitHub for $7.5 Billion Andreessen Horowitz

So Pigs Do Fly: Microsoft Acquires GitHub– Redmonk

Arista Announces New Multi-function Platform for Cloud Networking – Arista

Link: Micron Says It s Being Investigated by Chinese Regulatory Agents – Yahoo

Link: Trump strikes deal with Chinese telecom company ZTE amid trade talks – Axios – 

Link: Cloud computing sticker shock is now a monthly occurrence at many companies | ZDNet – 

Link: Continue reading

IoT has an obsolescence problem

The Internet of Things (IoT) is a long way from becoming a mature technology. From wearable devices to industrial sensors and consumer conveniences, IoT vendors and users are still trying to figure out what the technology does best as it grows into a $9 trillion market by 2020 (according to some estimates).And yet, IoT is somehow already faced with a huge and growing problem of obsolescence. The problem, ironically, lies in the “things” themselves.Apple Watch: A premature antique Don’t believe me? Consider the solid gold Apple Watch Edition, launched in 2015 and sold for $10,000 to as much as $17,000 a pop. A traditional watch at that price point would be expected to last decades, perhaps even generations as it turns into a family heirloom. But with the announcement of Apple Watch OS 5 at the company’s World Wide Developers Conference this week, the original version of these fancy timepieces can no longer keep up. They simply won’t run the latest version of the operating system due out this fall, and they won’t have the features of brand-new Apple Watches that cost a tiny fraction of that amount.To read this article in full, please click here

CLIC Québec – L’heure du déclic pour la découverte et l’accès en ligne au contenu culturel québécois

Dans un contexte de renouvellement des politiques culturelles du Québec et du Canada à l’ère du numérique, ISOC Québec a lancé le projet « CLIC Québec » grâce à la subvention Beyond The Net octroyée par l’Internet Society en juillet 2017. Ainsi, depuis bientôt un an, ISOC Québec oeuvre à travers « CLIC Québec » d’une part à sensibiliser les décideurs politiques et les utilisateurs finaux et d’autre part à identifier et valoriser les bonnes pratiques des milieux culturels en matière de diffusion, de promotion et d’accès en ligne aux contenus et produits culturels locaux.

Profitant de la tenue du 1er Forum sur la Gouvernance d’Internet au Québec (FGI Québec), qui coïncidait avec les célébrations des 25 ans de l’Internet Society en septembre 2017, ISOC Québec a organisé un atelier intitulé Cultures en réseaux et découvrabilité des contenus locaux au cours duquel une soixantaine de participants (professionnels de la culture, experts et consultants en politiques culturelles, spécialistes des métadonnées et du Web sémantique, chercheurs/universitaires, citoyens et utilisateurs finaux) ont identifié ensemble dix pistes d’action susceptibles d’accroître la présence et le rayonnement des contenus culturels québécois sur Internet.

Pour mobiliser davantage les acteurs des différents secteurs des industries culturelles québécoises Continue reading

What is digital twin technology? [and why it matters]

Digital twin technology has moved beyond manufacturing and into the merging worlds of the Internet of Things, artificial intelligence and data analytics.As more complex “things” become connected with the ability to produce data, having a digital equivalent gives data scientists and other IT professionals the ability to optimize deployments for peak efficiency and create other what-if scenarios.[ Click here to download a PDF bundle of five essential articles about IoT in the enterprise. ] What is a digital twin? The basic definition of a digital twin: it’s a digital representation of a physical object or system. The technology behind digital twins has expanded to include larger items such as buildings, factories and even cities, and some have said people and processes can have digital twins, expanding the concept even further.To read this article in full, please click here

Improving the expressiveness of deep learning frameworks with recursion

Improving the expressiveness of deep learning frameworks with recursion Jeong, Jeong et al., EuroSys’18

(If you don’t have ACM Digital Library access, the paper can be accessed either by following the link above directly from The Morning Paper blog site).

Last week we looked at the embedded dynamic control flow operators in TensorFlow. In today’s paper choice, Jeong et al. make the case for support of an additional control flow construct: recursion. A little recursion it turns out, can go a long way. Implemented on top of TensorFlow (and with a design that should also work for other embedded control flow machine learning frameworks e.g. Theano, Caffe, MXNet), support for recursion enables cleaner expression of a class of model architectures, and improved performance. The performance gains come from the increased opportunities to exploit parallelism within the recursive definitions.

In this paper, we introduce recursive definitions into the programming model of existing embedded control flow frameworks, adding first-class support for recursion. By allowing users to directly express recursive definitions in application code with enhanced programmability, models with recursive data structures such as trees or graphs can be written without requiring users to use a separate complex API Continue reading

Ansible Tips and Tricks

A collection of useful tips and tricks for Ansible which don't really justify a full blog post on their own. I'll keep updating this post when I come across something of value. Callbacks Convert the output of a playbook run to json. Either set the stdout_callback = json setting in...

Switch stacking for campus design: There’s a better way

We often receive the following campus design question: “do you support switch stacking?” This is a fair question, as many of the legacy vendors have promoted stacking designs for the past decade. It’s popular enough that people ask for it, so we must support it, right?

Well, the popular option isn’t always the best one, and switch stacking designs are a very good example of that philosophy. So when people ask if we support stacking, we think to ourselves “heck, no” before politely telling them that we do not because better options exist.

“Perfection is attained, not when there is nothing more to add, but when there is nothing more to take away.”

At Cumulus Networks, we believe that simplicity is the corner-stone of network design.

Or, to say it another way, complex designs fail in complex ways (shoutout to Eric Pulvino for that quote!). Our former Chief Scientist, Dinesh Dutt, gave an excellent explanation around the importance of simple building blocks in his Tech Field Day 9 Presentation (6min 50 seconds in).

Let’s address a little history on switch stacking and then break down the major technical downfalls of a stacking design, the stacking protocol itself, Continue reading

Boston, London, & NY developers: We can’t wait to meet you

Boston, London, & NY developers: We can't wait to meet you

Boston, London, & NY developers: We can't wait to meet you
Photo by Patrick Tomasso / Unsplash

Are you based in Boston, London, or New York? There's a lot going on this month from the London Internet Summit to Developer Week New York and additional meetups in Boston and New York. Drop by our events and connect with the Cloudflare community.

Event #1 (Boston): UX, Integrations, & Developer Experience: A Panel feat. Drift & Cloudflare

Boston, London, & NY developers: We can't wait to meet you
Photo by The Opte Project / Originally from the English Wikipedia; description page is/was here.]

Tuesday, June 12: 6:00 pm - 8:00 pm

Location: Drift - 222 Berkley St, 6th Floor Boston, MA 02116

Join us at Drift HQ for a panel discussion on user experience, developer experience, and integration, featuring Elias Torres from Drift and Connor Peshek and Ollie Hsieh from Cloudflare.

The panelists will speak about their experiences developing user-facing applications, best practices they learned in the process, the integration of the Drift app and the Cloudflare Apps platform, and future platform features.

View Event Details & Register Here »

Event #2 (London): Cloudflare Internet Summit

Boston, London, & NY developers: We can't wait to meet you
Photo by Luca Micheli / Unsplash

Thursday, June 14: 9:00 am - 6:00 pm

Location: The Tobacco Dock - Wapping Ln, Continue reading

At Cisco Live!

The Network Collective crew—Jordan, Eyvonne, and I—will be at Cisco Live this week. You can normally find me hanging around the certifications or social media lounge, or just walking around the floor talking to folks. I’m presenting at the CCDE techtorial on Sunday.

Myth Busted: Who Says Software Based Networking Performance Does Not Match Physical Networking?

100 Gbps Performance with NSX Data Center

NSX Data Center has shown for some time now (see VMworld 2016 NSX Performane Session (NET 8030) that it can drive upwards of 100G of throughput per node for typical data center workloads. In that VMworld session, we ran a live demo showing the throughput being limited by the actual physical ports on the host, which were 2 x 40 Gbps, and not by NSX Data Center.

Typically, in physical networking, performance is measured in raw packets per seconds to assure variety of traffic at variable packet sizes be forwarded between multiple physical ports. While in virtualized data center this is not a case, as hypervisor hosts only have to satisfy few uplinks, typically no more than four physical links. In addition, most of the virtualized workload use TCP protocol. In that case. ESXi hypervisor fowards the TCP data segments in highly optimized way, thus not always based on number of packets transferred but the amount of data segment forwarded in software. In typical data center workloads, TCP optimizations such as TSO, LRO and RSS or Rx/Tx Filters help drive sufficient throughput at hardly any CPU cost. TSO/LRO help move large amounts of Continue reading

1 1,583 1,584 1,585 1,586 1,587 3,849