VMware Cloud on AWS with NSX: Connecting SDDCs Across Different AWS Regions

I prior shared this post on the LinkedIN publishing platform and my personal blog at HumairAhmed.com. In my prior blog post, I discussed how with VMware Cloud on AWS (VMC on AWS) customers get the best of both worlds for their move to a Software Defined Data Center (SDDC) – the leading compute, storage, and network virtualization stack for enterprises deployed on dedicated, elastic, bare-metal, and highly available AWS infrastructure. Another benefit of VMC on AWS, and the focus of this post, is that you can easily have a global footprint by deploying multiple VMC SDDCs in different regions. Continue reading

How “expensive” is crypto anyway?

I wouldn’t be surprised if the title of this post attracts some Bitcoin aficionados, but if you are such, I want to disappoint you. For me crypto means cryptography, not cybermoney, and the price we pay for it is measured in CPU cycles, not USD.

If you got to this second paragraph you probably heard that TLS today is very cheap to deploy. Considerable effort was put to optimize the cryptography stacks of OpenSSL and BoringSSL, as well as the hardware that runs them. However, aside for the occasional benchmark, that can tell us how many GB/s a given algorithm can encrypt, or how many signatures a certain elliptic curve can generate, I did not find much information about the cost of crypto in real world TLS deployments.

CC BY-SA 2.0 image by Michele M. F.

As Cloudflare is the largest provider of TLS on the planet, one would think we perform a lot of cryptography related tasks, and one would be absolutely correct. More than half of our external traffic is now TLS, as well as all of our internal traffic. Being in that position means that crypto performance is critical to our success, and as it Continue reading

How “expensive” is crypto anyway?

I wouldn’t be surprised if the title of this post attracts some Bitcoin aficionados, but if you are such, I want to disappoint you. For me crypto means cryptography, not cybermoney, and the price we pay for it is measured in CPU cycles, not USD.

If you got to this second paragraph you probably heard that TLS today is very cheap to deploy. Considerable effort was put to optimize the cryptography stacks of OpenSSL and BoringSSL, as well as the hardware that runs them. However, aside for the occasional benchmark, that can tell us how many GB/s a given algorithm can encrypt, or how many signatures a certain elliptic curve can generate, I did not find much information about the cost of crypto in real world TLS deployments.

CC BY-SA 2.0 image by Michele M. F.

As Cloudflare is the largest provider of TLS on the planet, one would think we perform a lot of cryptography related tasks, and one would be absolutely correct. More than half of our external traffic is now TLS, as well as all of our internal traffic. Being in that position means that crypto performance is critical to our success, and as it Continue reading

From Zero to One Hundred in the Arctic Slope

In November 2017, the Internet Society hosted the inaugural Indigenous Connectivity Summit in Santa Fe, New Mexico. The event brought together community network operators, Internet service providers, community members, researchers, policy makers, and Indigenous leadership. One of the participants shared her story.

“‘Mom, did you have YouTube?’” Patuk Glenn, recalls her six year old son asking. Glenn, who lives in Utqiaġvik – a city in Alaska north of the Arctic Circle – laughs as she remembers one of his first words: “loading,” thanks to the sluggish Internet speeds on the Arctic Slope. But things are changing, and soon. Fiber optic cable is going live in Glenn’s community and she has travelled to the Indigenous Connectivity Summit looking for lessons from other Indigenous communities. “We’re going from zero to one hundred overnight,” says Glenn. “How can we best prepare our people?”

It’s not just a question of digital literacy. Glenn’s looking for information on cybersecurity and entrepreneurship – as high-speed Internet opens avenues for economic development and for community members to share their own content with the rest of the world. Like many summit participants, Glenn sees connectivity as a pathway to enable education: not only unlocking online courses, but Continue reading

Top 5 blogs of 2017: Spring Boot Development with Docker

We’ve rounded up the top five most popular Docker blogs of 2017. Coming in at number four is, Spring Boot Development With Docker, part of a multi-part tutorial series.

The AtSea Shop is an example storefront application that can be deployed on different operating systems and can be customized to both your enterprise development and operational environments. In my last post, I discussed the architecture of the app. In this post, I will cover how to setup your development environment to debug the Java REST backend that runs in a container.

Building the REST Application

I used the Spring Boot framework to rapidly develop the REST backend that manages products, customers and orders tables used in the AtSea Shop. The application takes advantage of Spring Boot’s built-in application server, support for REST interfaces and ability to define multiple data sources. Because it was written in Java, it is agnostic to the base operating system and runs in either Windows or Linux containers. This allows developers to build against a heterogenous architecture.

Project setup

The AtSea project uses multi-stage builds, a new Docker feature, which allows me to use multiple images to build a single Docker image that includes all the components needed for Continue reading

Twinax – Cheap, Cheerful and Annoyingly Chubby

What’s not to love about twinax? Formerly the exclusive domain of IBM systems, twinax has seen itself reborn in the last few years in the form of the Direct Attach Cable (DAC) used to connect systems at speeds of 10Gbps and 40Gbps (by way of bundling four twinax pairs in a single cable).

Twinax

Direct Attach Cables

Before diving into the pros and cons of DAC, it’s important to understand the different varieties that are available. A DAC is a cable which has SFP+ format connectors hard-wired on each end; plug each end into an SFP+ socket and, vendor support notwithstanding, the link should come up. A direct attach cable is frequently and erroneously referred to as a “DAC cable”, so if the words “PIN number” give you the jitters, working anywhere with DACs is likely to drive you to drink.

Passive Copper DAC (Twinax)

The most common kind of DAC is the passive DAC. The SFP+ connector on a passive DAC, give or take some electrical protection circuitry, is pretty much a direct connection from the copper in the twinax to the copper contacts which connect to the host device:

Passive Copper DAC

Sending a 10G signal over a single copper pair requires Continue reading

IDG Contributor Network: 4 advantages of using a Bluetooth mesh network

Companies everywhere are waking up and starting to realize that implementing a mesh network is the best choice for them if they want to remain relevant well into the future. While various technologies are being employed across the nation to achieve this goal, it remains inarguable that Bluetooth is the best option for most companies aiming to leverage a mesh network for success in the marketplace.So why should you choose to employ a Bluetooth-based strategy, and what specific advantages will you gain from it that others who shun it will miss out on? Check out these boons that you’ll soon be enjoying if you rely on a Bluetooth mesh network, and your company will be clamoring to adopt it in no time.To read this article in full, please click here

IDG Contributor Network: 4 advantages of using a Bluetooth mesh network

Companies everywhere are waking up and starting to realize that implementing a mesh network is the best choice for them if they want to remain relevant well into the future. While various technologies are being employed across the nation to achieve this goal, it remains inarguable that Bluetooth is the best option for most companies aiming to leverage a mesh network for success in the marketplace.So why should you choose to employ a Bluetooth-based strategy, and what specific advantages will you gain from it that others who shun it will miss out on? Check out these boons that you’ll soon be enjoying if you rely on a Bluetooth mesh network, and your company will be clamoring to adopt it in no time.To read this article in full, please click here

Tech predictions for 2018: Data center trends to watch for

Yes, it's that time of the year again. Another year gone by, which means another batch of predictions for the future.As is always the case, I own up to my misfires by leading off with the predictions I made last year and admitting what came true and what didn't. So, let's get that out of the way.My 2017 predictions: some hits, some misses Apple continues to lose its cool. — I think I got this one right. iPhone 8/X sales are not what they were expected to be, the list of complaints is growing and more and more people say the company has fallen behind. Hell, even I switched to a Galaxy after frustration with the poor quality of iOS 11. Cloud adoption will slow. — Oh, boy, did I blow that one. Some tech manufacturing will return to the U.S. — I don’t know about tech, although I did see Microsoft has moved Surface manufacturing to China. But overall, manufacturing has gained 138,000 jobs in 2017 vs. a loss of 34,000 in 2016. And we all know who will take credit for that. China will lose its luster as a manufacturing hub. — Clearly that has Continue reading

Tech predictions for 2018: Data center trends to watch for

Yes, it's that time of the year again. Another year gone by, which means another batch of predictions for the future.As is always the case, I own up to my misfires by leading off with the predictions I made last year and admitting what came true and what didn't. So, let's get that out of the way.My 2017 predictions: some hits, some misses Apple continues to lose its cool. — I think I got this one right. iPhone 8/X sales are not what they were expected to be, the list of complaints is growing and more and more people say the company has fallen behind. Hell, even I switched to a Galaxy after frustration with the poor quality of iOS 11. Cloud adoption will slow. — Oh, boy, did I blow that one. Some tech manufacturing will return to the U.S. — I don’t know about tech, although I did see Microsoft has moved Surface manufacturing to China. But overall, manufacturing has gained 138,000 jobs in 2017 vs. a loss of 34,000 in 2016. And we all know who will take credit for that. China will lose its luster as a manufacturing hub. — Clearly that has Continue reading

(Micro)benchmarking Linux kernel functions

Usually, the performance of a Linux subsystem is measured through an external (local or remote) process stressing it. Depending on the input point used, a large portion of code may be involved. To benchmark a single function, one solution is to write a kernel module.

Minimal kernel module

Let’s suppose we want to benchmark the IPv4 route lookup function, fib_lookup(). The following kernel function executes 1,000 lookups for 8.8.8.8 and returns the average value.1 It uses the get_cycles() function to compute the execution “time.”

/* Execute a benchmark on fib_lookup() and put
   result into the provided buffer `buf`. */
static int do_bench(char *buf)
{
    unsigned long long t1, t2;
    unsigned long long total = 0;
    unsigned long i;
    unsigned count = 1000;
    int err = 0;
    struct fib_result res;
    struct flowi4 fl4;

    memset(&fl4, 0, sizeof(fl4));
    fl4.daddr = in_aton("8.8.8.8");

    for (i = 0; i < count; i++) {
        t1 = get_cycles();
        err |=  Continue reading
1 1,731 1,732 1,733 1,734 1,735 3,794