Container Security through Segregation

One of my readers sent me a container security question after reading the Application Container Security Guide from NIST:

We are considering segregating dev/test/prod environments with bare-metal hardware. I did not find something in the standard concerning this. What should a financial institution do in your opinion?

I am no security expert and know just enough about containers to be dangerous, but there’s a rule that usually works well: use common sense and identify similar scenarios that have already been solved.

Read more ...

Most Important Skills in Networking

It’s easy to get blinded these days by all the talk about cloud, SDN and automation leading both new and existing people in networking to make decisions in their career which may not be the best ones long term. I’ve had the pleasure of interacting and working together with a lot of prominent people in the industry. Based on this I have identified some skills that all of these people have to some degree and that I believe to be crucial to succeeding in the IT industry.

Ability to write – Many of the successful people in the industry like Ivan Pepelnjak, Russ White, Nick Russo and so on have either authored books, write blogs or both. The ability to put your thoughts down into writing is critical. For someone like me that is working in network design, it is probably the most important skill, not only to write technical documents but to interact with customers, colleagues, managers and so on. It doesn’t matter if you are a technical savant if you can’t put a brief document together describing why and how a certain technology should be implemented.

Ability to speak – A lot of people in IT are a Continue reading

Poweron and Poweroff Esxi instance from CLI using a Python script

Hi,

I have to agree that to start a esxi node i was depending heavily on a windows VM and then was using a VSphere client to connect to a Esxi 5.5.

In a typical day all of my VM’s are hosted on Esxi and am not any advanced user of esxi by any stretch of Imagination.

It came down to a point where i had to manually click close to 8 VMS in order to boot up and all this was sort of irriatating for me, so i wrote a very basic script which can do this for me. Most of the experienced VM admins have been doing this for very long, for someone like me or anyone who is new to Esxi this is going to help.

Here is the code for the script, all you need to do is to copy to your lab esxi, obviously if any one using production esxi they already know how to manage this.

https://github.com/yukthr/auts/tree/master/vmware_scripts

Requirement – I have 5 Vm-machines and i would like  to start them via script and also power them off.

First things, list the Vm-instances

 

 

Now that we have it, let explore the Continue reading

Worth Reading: Automation: Easy Button vs Sentient Voodoo Magic Button

I’m always telling network engineers attending my network automation workshops and online courses that there’s no magic bullet or 3-steps-to- success.

You cannot automate a process until you can describe it with enough details so that someone who has absolutely no clue what should be done can execute it.

David Gee published a long (and somewhat ranty) version of that statement. Enjoy!

Link Propagation 113

Welcome to Link Propagation, a Packet Pushers newsletter. Link Propagation is included in your free membership. Each week we scour the InterWebs to find the most relevant practitioner blog posts, tech news, and product announcements. We drink from the fire hose so you can sip from a coffee cup. Blogs Getting started with Jenkins for […]

Open Compute Iron Is All About Acceleration

The Open Compute Project (OCP) held its 9th annual US Summit recently, with 3,441 registered attendees this year. While that might seem small for a top-tier high tech event, there were also 80 exhibitors representing most of the cloud datacenter supply chain, plus a host of outstanding technical sessions. We are always on the hunt for new iron, and not surprisingly the most important gear we saw at OCP this year was related to compute acceleration.

Here is how that new iron we saw breaks down across the major trends in acceleration.

The first interesting thing we saw was a

Open Compute Iron Is All About Acceleration was written by Timothy Prickett Morgan at The Next Platform.

Show 384: The Packet Pushers Unleashed

On today’s show Greg and Ethan talk about a few things that have been on their minds, including updates on the forthcoming Packet Pushers subscription site and a post-mortem of the recent Virtual Design Clinic.

They also hash out some tech conversations, including Cloudflare’s new DNS resolver, peak open networking, a review of the Aruba Atmosphere wireless conference, and more nerdy topics.

Sponsor: ThousandEyes

ThousandEyes gives you visibility, insights, and actionable intelligence into user experience from every user to every application over any network, so you transform your WAN, troubleshoot faster and deliver exceptional user experiences in the cloud and on premises. Try ThousandEyes for free at thousandeyes.com/packetpushers and grab a fun t-shirt!

Sponsor: Cumulus Networks

The Cumulus Linux network OS is simple, open, untethered Linux that can run on more than 70 hardware platforms and help you transition from your legacy infrastructure. Cumulus Networks is Web-scale networking for the digital age. Go to cumulusnetworks.com to find out more.

Show Links:

Introducing DNS Resolver, 1.1.1.1 (not a joke) – Cloudflare

Announcing 1.1.1.1: the fastest, privacy-first consumer DNS service – Cloudflare

jedisct1/dnsblast: A simple and stupid load testing tool for DNS resolversContinue reading

Now Open: DockerCon US Diversity Scholarship!

DockerCon Scholarship

DockerCon is a hub for the IT industry , bringing together members from all parts of our growing ecosystem and  global community. By actively promoting inclusivity, our goal is to make DockerCon a safe place for everyone to learn, belong and collaborate. With the support of Docker and our DockerCon scholarship sponsor, the Open Container Initiative (OCI), we are excited to announce the launch of this year’s DockerCon Diversity Scholarship Program to provide members of the Docker community, who are traditionally underrepresented, a financial scholarship to attend DockerCon US 2018. This year, we are increasing the number of scholarships we are granting to ensure attending DockerCon is an option for all.

Apply Now!

Deadline to Apply:

Wednesday, April 25, 2018 at 5:00PM PST

Selection Process

A committee of Docker community members will review and select the scholarship recipients. Recipients will be notified by the week of May 7, 2018

What’s included:

Full Access DockerCon Conference Pass

Requirements

Must be able to attend DockerCon US 2018

Must be 18 years old or older to apply

Learn more about the DockerCon Diversity Scholarship here. 

Have questions or concerns? Reach us at [email protected]

#DockerCon US Diversity Scholarship is now open! Learn more and Continue reading

Muhammad Shabbbir Awan: Reflections on the WTDC17

It’s been 5 months since WTDC17 concluded and I had time to reflect on the outcomes of the conference and the experience itself. WTDC sets the ITU’s development agenda and in Argentina last October over 1000 government delegates from close to 135 countries gathered during the two-week period. They were there to discuss a range of issues and shape the development sector’s priorities for the next four years. For me, it was a trip of many firsts: my first experience as an observer participating in a multilateral conference; my first trip to South America; and, as a visually impaired person, the eighteen hours flight duration was my first such experience.

To recall, I was a member of the Internet Society delegation as a Fellow. For me, the two motivators to apply for the fellowship opportunity were: first, the theme for WTDC17 (“ICTs for Sustainable Development Goals”) and possibility to make a difference. Second, my quest to learn even more about Internet Governance processes and to participate in the discussions.

WTDC17 had a packed agenda that included ceremonial events marking the 25th Anniversary of the Development Sector and side events on a range of Sustainable Development Goal (SDG) topics.

My Continue reading

Stuff The Internet Says On Scalability For April 6th, 2018

Hey, it's HighScalability time:

 

Programmable biology - engineered cells execute programmable multicellular full-adder logics. (Programmable full-adder computations)

If you like this sort of Stuff then please support me on Patreon. And I'd appreciate if you would recommend my new book—Explain the Cloud Like I'm 10—to anyone who needs to understand the cloud (who doesn't?). I think they'll learn a lot, even if they're already familiar with the basics. 

  • $1: AI turning MacBook into a touchscreen; $2000/month: BMW goes subscription; 20MPH: 15′ Tall, 8000 Pound Mech Suit; 1,511,484 terawatt hours: energy use if bitcoin becomes world currency; $1 billion: Fin7 hacking group; 1.5 million: ethereum TPS, sort of; 235x: AWK faster than Hadoop cluster; 37%: websites use a vulnerable Javascript library; $0.01: S3, 1 Gig, 1 AZ; 

  • Quotable Quotes:
    • Huang’s Law~ GPU technology advances 5x per year because the whole stack can be optimized. 
    • caseysoftware: Metcalfe lives here in Austin and is involved in the local startup community in a variety of ways.  One time I asked him how he came up with the law and he said something close Continue reading

sFlow available on Juniper MX series routers

sFlow support on MX Series devices—Starting in Junos OS Release 18.1R1, you can configure sFlow technology (as a sFlow agent) on a MX Series device, to continuously monitor traffic at wire speed on all interfaces simultaneously. The sFlow technology is a monitoring technology for high-speed switched or routed networks.  - New and Changed Features

Understanding How to Use sFlow Technology for Network Monitoring on a MX Series Router lists the following benefits of sFlow Technology on a MX Series Router:
  • sFlow can be used by software tools like a network analyzer to continuously monitor tens of thousands of switch or router ports simultaneously.
  • Since sFlow uses network sampling (forwarding one packet from ‘n’ number of total packets) for analysis, it is not resource intensive (for example processing, memory and more). The sampling is done at the hardware application-specific integrated circuits (ASICs) and hence it is simple and more accurate.
With the addition of the MX series routers, Juniper now supports sFlow across its entire product range:
Universal support for Continue reading

Introducing “Cooking with Cumulus” – Episode one

Alright, we know you’re hungry for more Cumulus goodness, so we’ve cooked up something new that we think will satiate your appetite for awesome technical content. It’s the perfect mix of one part technical deep-dive, one part fun and just a pinch of silliness. The wait is over — our latest project is hot, fresh and ready to serve!

Okay, enough teasing. Today we’re introducing the new Cumulus Networks video series “Cooking with Cumulus!”

“Wait, what does cooking have to do with networking??” you may think to yourself. Glad you asked. You may already know JR Rivers as the CTO and co-founder of Cumulus Networks, but did you know he’s also a master of the culinary arts? Here at the Mountain View office, we know it’s the start of a good day when JR brings in his homemade food to share. From chocolate chip cookies to paella, we’ve approved (and enjoyed) his many recipes. So, we decided that we wanted to share that gift with the rest of the Cumulus community by combining two of JR’s greatest passions — networking and cooking. The resulting brain child was a video series where we put two networking nerds in a Continue reading

1 1,610 1,611 1,612 1,613 1,614 3,795