BrandPost: BUILDING A BEST-OF-BREED MULTICLOUD STRATEGY

Best-of-breed strategies have long since fallen out of favor in the enterprise, because the work required to stitch together the components proved to be too difficult. But best of breed is back with cloud. Companies today are hell-bent on buying the ideal SaaS, PaaS, and IaaS cloud services for the job, and while APIs make the integration work easier, the resultant cloud silos create a new challenge: How do you assure service performance in this multi-cloud world?The short answer: By maintaining global knowledge of what is happening (and where) across IT infrastructure, applications, and services. But we’ll get back to that.Companies use eight cloud providers on average, according to IHS Markit Ltd., a research firm in London. IHS’ survey of 155 companies in a range of industries shows that number swelling to 11 within two years. When you include any and all SaaS services, the average number of cloud applications that companies use explodes to almost 1,500, by some counts. To read this article in full, please click here

BrandPost: SERVICE INTELLIGENCE: CLOUD MIGRATION’S SECRET WEAPON

By now, it's pretty clear that cloud migration can yield big benefits. In fact, a recent survey from research firm ESG found that nearly 40% of respondents said migrating reduced data center build-out costs. It also increases resource elasticity and speeds up service provisioning.Reaping those benefits is by no means a sure thing, however.  To attain cloud migration nirvana, companies must successfully navigate a host of challenges, including retaining visibility and control over service quality and performance.To read this article in full, please click here

The Evolution Of Hyperconverged Storage To Composable Systems

Hyperconverged infrastructure in some ways is like the credit card in those old TV ads: in this case, it’s everywhere that enterprises want to be. HCI put compute and storage on the same cluster, tightly integrate them with networking and unified management tools and essentially give enterprises a private cloud for the datacenter as well as pushing compute out to the edges in a consistent manner.

HCI also promises a bunch of other things beneficial to enterprises, including streamlined management, lower costs, faster speeds, and easier scalability than traditional IT systems to better address the rise of cloud computing, analytics,

The Evolution Of Hyperconverged Storage To Composable Systems was written by Jeffrey Burt at The Next Platform.

On the ‘web: The Best Decicions

A long time ago, when I worked for a major vendor’s escalation team, I was called into a customer to help them move from one routing protocol to another. We spent some time looking over their network, discussing how best to approach the problems they would probably encounter, how long it would take to make the change, and many other issues involved. Finally, over lunch, I asked why they were planning on changing routing protocols. @ECI

Docker Birthday #5: Thank you Docker Community! 

Docker Birthday

Last month, Docker turned five! In celebration of this milestone, we turned the spotlight on our amazing global community of customers, users, Community Leaders, Captains, mentors, partners and sponsors, and asked them to reflect on their Docker learning journey. Everyone came together to celebrate how far they had come, think about where they would like to go and take that next step towards reaching their goal.

We invite you to do the same. Whether you just want to test the waters, or want to dive right in, there are a variety of ways for you to take the next step on your Docker journey:

Just getting started and want to learn the basics? Check out the Play with Docker Classroom and work through our self paced labs to learn about containers and the Docker platform.

Want to learn about the latest update to Docker Enterprise Edition ? Join Docker and thousands of your peers for the Docker Continue reading

Cloudflare launches 1.1.1.1 DNS service with privacy, TLS and more

There was an important development this month with the launch of Cloudflare’s new 1.1.1.1 DNS resolver service. This is a significant development for several reasons, but in particular it supports the new DNS-over-TLS and DNS-over-HTTPS protocols that allow for confidential DNS querying and response.

Why 1.1.1.1?

Before we get to that though, Cloudflare joins Google’s Public DNS that uses 8.8.8.8 and Quad9 DNS that uses 9.9.9.9, by implementing 1.1.1.1 as a memorable IP address for accessing its new DNS service. IP addresses are generally not as memorable as domain names, but you need access to a DNS server before you can resolve domain names to IP addresses, so configuring numbers is a necessity. And whilst a memorable IP address might be cool, it’s also proved important recently when DNS resolvers have been blocked or taken down, requiring devices to be pointed elsewhere.

The 1.1.1.1 address is part of the 1.1.1.0 – 1.1.1.255 public IP address range actually allocated to APNIC, one of the five Regional Internet Registries, but it has been randomly used as an address for Continue reading

HPC Provides Big Bang, But Needs Big Bucks, Too

Supercomputers keep getting faster, but they are keep getting more expensive. This is a problem, and it is one that is going to eventually affect every kind of computer until we get a new technology that is not based on CMOS chips.

The general budget and some of the feeds and speeds are out thanks to the requests for proposal for the “Frontier” and “El Capitan” supercomputers that will eventually be built for Oak Ridge National Laboratory and Lawrence Livermore National Laboratory. So now is a good time to take a look at not just the historical performance of capability

HPC Provides Big Bang, But Needs Big Bucks, Too was written by Timothy Prickett Morgan at The Next Platform.

One in five serverless apps has a critical security vulnerability

Serverless computing is an emerging trend that is likely to explode in popularity this year. It takes the idea of a smaller server footprint to the next level. First, there were virtual machines, which ran a whole instance of an operating system. Then they were shrunk to containers, which only loaded the bare minimum of the OS required to run the app. This led to a smaller footprint.Now we have “serverless” apps, which is a bit of a misnomer. They still run on a server; they just don’t have a dedicated server, virtual machine, or container running 24/7. They run in a server instance until they complete their task, then shut down. It’s the ultimate in small server footprint and reducing server load.To read this article in full, please click here

One in five serverless apps has a critical security vulnerability

Serverless computing is an emerging trend that is likely to explode in popularity this year. It takes the idea of a smaller server footprint to the next level. First, there were virtual machines, which ran a whole instance of an operating system. Then they were shrunk to containers, which only loaded the bare minimum of the OS required to run the app. This led to a smaller footprint.Now we have “serverless” apps, which is a bit of a misnomer. They still run on a server; they just don’t have a dedicated server, virtual machine, or container running 24/7. They run in a server instance until they complete their task, then shut down. It’s the ultimate in small server footprint and reducing server load.To read this article in full, please click here

One in five serverless apps has a critical security vulnerability

Serverless computing is an emerging trend that is likely to explode in popularity this year. It takes the idea of a smaller server footprint to the next level. First, there were virtual machines, which ran a whole instance of an operating system. Then they were shrunk to containers, which only loaded the bare minimum of the OS required to run the app. This led to a smaller footprint.Now we have “serverless” apps, which is a bit of a misnomer. They still run on a server; they just don’t have a dedicated server, virtual machine, or container running 24/7. They run in a server instance until they complete their task, then shut down. It’s the ultimate in small server footprint and reducing server load.To read this article in full, please click here

DNA data storage closer to becoming reality

Hundreds of megabytes of data have been encoded using DNA in the last few years by scientists. But more recently, not only has the media been stored perfectly in the synthetic variant of the genetic instructions that make up all organic life, but archived data files have been individually retrieved with zero errors, too.It appears that Microsoft Research’s target of a DNA storage system actually functioning within a data center by the turn of the decade, as reported by MIT’s Technological Review a year ago, might be becoming increasingly viable.To read this article in full, please click here

Introducing Spectrum: Extending Cloudflare To 65,533 More Ports

Introducing Spectrum: Extending Cloudflare To 65,533 More Ports

Today we are introducing Spectrum, which brings Cloudflare’s security and acceleration to the whole spectrum of TCP ports and protocols for our Enterprise customers. It’s DDoS protection for any box, container or VM that connects to the internet; whether it runs email, file transfer or a custom protocol, it can now get the full benefits of Cloudflare. If you want to skip ahead and see it in action, you can scroll to the video demo at the bottom.

Introducing Spectrum: Extending Cloudflare To 65,533 More Ports

DDoS Protection

The core functionality of Spectrum is its ability to block large DDoS attacks. Spectrum benefits from Cloudflare’s existing DDoS mitigation (which this week blocked a 900 Gbps flood). Spectrum’s DDoS protection has already been battle tested. Just soon as we opened up Spectrum for beta, Spectrum received its first SYN flood.

One of Spectrum's earliest deployments was in front of Hypixel’s infrastructure. Hypixel runs the largest minecraft server, and because gamers can be - uh, passionate - they were one of the earliest targets of the terabit-per-second Mirai botnet. “Hypixel was one of the first subjects of the Mirai botnet DDoS attacks and frequently receives large attacks. Before Spectrum, we had to rely on unstable services & techniques Continue reading

Abusing Linux’s firewall: the hack that allowed us to build Spectrum

Abusing Linux's firewall: the hack that allowed us to build Spectrum

Today we are introducing Spectrum: a new Cloudflare feature that brings DDoS protection, load balancing, and content acceleration to any TCP-based protocol.

Abusing Linux's firewall: the hack that allowed us to build Spectrum
CC BY-SA 2.0 image by Staffan Vilcans

Soon after we started building Spectrum, we hit a major technical obstacle: Spectrum requires us to accept connections on any valid TCP port, from 1 to 65535. On our Linux edge servers it's impossible to "accept inbound connections on any port number". This is not a Linux-specific limitation: it's a characteristic of the BSD sockets API, the basis for network applications on most operating systems. Under the hood there are two overlapping problems that we needed to solve in order to deliver Spectrum:

  • how to accept TCP connections on all port numbers from 1 to 65535
  • how to configure a single Linux server to accept connections on a very large number of IP addresses (we have many thousands of IP addresses in our anycast ranges)

Assigning millions of IPs to a server

Cloudflare’s edge servers have an almost identical configuration. In our early days, we used to assign specific /32 (and /128) IP addresses to the loopback network interface[1]. This worked well when we had dozens of IP Continue reading

1 1,603 1,604 1,605 1,606 1,607 3,795