Getting With The Program On Software Defined Networks

If the profit margins are under pressure among the switch and router makers of the world, their chief financial officers can probably place a lot of the blame on Nick McKeown and his several partners throughout the years. And if McKeown is right about what is happening as the network software is increasingly disaggregated from the hardware – what is called software defined networking – they will either have to adapt or be relegated to the dustbins of history.

McKeown cut his teeth after university in the late 1980s at Hewlett Packard Labs in Bristol, England, one of the hotbeds …

Getting With The Program On Software Defined Networks was written by Timothy Prickett Morgan at The Next Platform.

Rock Stars, Builders, and Janitors: You’re Doing it Wrong

This is a liveblog of the session titled “Rock Stars, Builders, and Janitors: You’re Doing it Wrong”. The speaker is Alice Goldfuss (@alicegoldfuss) from GitHub. This session is part of the “Transform” track at DockerCon; I’m attending it because I think that cultural and operational transformation is key for companies to successfully embrace new technologies like containers and fully maximize the benefits of these technologies. (There’s probably a blog post in that sentence.)

Goldfuss starts out by asking the audience some questions about what they’ve been doing for the last 3 months, and then informs the attendees that they are, in fact, part of the problem.

Goldfuss now digs into the meat of the presentation by covering some terminology. First, what is a rock star? They’re the idea person, the innovator. They’re curious, open-minded, iterating faster, and always looking for the new things and the new ideas. They’re important to our companies, but they do have some weaknesses. They get bored easily, they have no patience for maintenance, and they’re not used to thinking about end user experience. Thus, according to Goldfuss, you can’t have a team of only rock stars.

Next, Goldfuss talks aboutbuilders. Builders Continue reading

IDG Contributor Network: 4 things reshaping IoT for the future

For many Internet of Things observers, the IoT’s dizzying embracing and subsequent reshaping of modern business and cultural standards seems like it happened only yesterday. Yet the IoT is moving ever faster, developing at an astonishing rate and continuously reinventing itself. So what’s the next step in the long-line of IoT innovation, and how can eager investors cash in on tomorrow’s IoT fad today?Those used to the ever-changing nature of the IoT will know by now that it’s constantly changing, but will also be aware that innovation in certain areas matters much more than gradual developments elsewhere. A quick review of the 4 things reshaping the IoT’s future the most shows which industries will be most vital towards its development and offers an alluring glance of what the IoT of tomorrow will look like:To read this article in full or to leave a comment, please click here

Cisco Knows No One Wants To Manage The Management Stack

The highly distributed and increasingly cloud-based nature of the modern IT environment is adding to the complexity that organizations have to deal with, particularly in terms of managing their infrastructures. Mobility, the internet of things, new development paradigms, containerization, more distributed applications, data analytics and multi-cloud deployments are all conspiring to create even more challenges in what is an already complicated management scenario for enterprises facing cost and time constraints.

At a time when speed and scalability are imperative and human errors can be costly, the answer to many of these challenges may lie in the cloud. That’s the …

Cisco Knows No One Wants To Manage The Management Stack was written by Jeffrey Burt at The Next Platform.

The Flawed Hunt for IT Talent

The Flawed Hunt for IT Talent

DockerCon EU 2017 Day 1 Keynote

This is a liveblog of the day 1 keynote/general session at DockerCon EU 2017 in Copenhagen, Denmark. Prior to the start of the keynote, attendees are “entertained” by occasional clips of some Monty Python-esque production.

At 9:02, the lights go down and another clip appears, the first of several cliups that depict life “without Docker” and then again “with Docker” (where everything is better, of course). It’s humorous and a good introduction to the general session.

Steve Singh, CEO of Docker, now takes the stage to kick off the general session. Singh thanks the attendees for their time, discusses the growth of the Docker community and the Docker ecosystem, welcomes new members of the community (including himself), and positions Docker less as a container company and more as a platform company. (Singh comes to Docker from SAP, following SAP’s acquisition of Concur.) Singh pontificates for a few moments about his background, the changes occurring in the industry, and the “center stage front-row” seat that Docker has to witness—and affect/shape—these changes.

Singh pivots after a few minutes to talk about Docker growth in terms of specific metrics (21 million Docker hosts, for example). This allows him to return to the Continue reading

Docker Platform and Moby Project add Kubernetes

Today we’re announcing that the Docker platform is integrating support for Kubernetes so that Docker customers and developers have the option to use both Kubernetes and Swarm to orchestrate container workloads. Register for beta access and check out the detailed blog posts to learn how we’re bringing Kubernetes to:

• Docker Enterprise Edition
• Docker Community Edition on the desktop with Docker for Mac and Windows
• The Moby Project

Docker is a platform that sits between apps and infrastructure. By building apps on Docker, developers and IT operations get freedom and flexibility. That’s because Docker runs everywhere that enterprises deploy apps: on-prem (including on IBM mainframes, enterprise Linux and Windows) and in the cloud. Once an application is containerized, it’s easy to re-build, re-deploy and move around, or even run in hybrid setups that straddle on-prem and cloud infrastructure.

The Docker platform is composed of many components, assembled in four layers:

• The containerd industry-standard container runtime implementing the OCI standards
• Swarm orchestration that transforms a group of nodes into a distributed system
• Docker Community Edition providing developers a simple workflow to build and ship container applications, with features like application composition, image build and management
• Docker Enterprise Edition, to manage an end Continue reading

Extending Docker Enterprise Edition to Support Kubernetes

At DockerCon Europe, we announced that Docker will be delivering seamless integration of Kubernetes into the Docker platform. Bringing Kubernetes to Docker Enterprise Edition (EE) will simplify and advance the management of Kubernetes for enterprise IT and deliver the advanced capabilities of Docker EE to a broader set of applications.

Swarm and Kubernetes Side-by-Side

Docker EE is an enterprise-grade container platform that includes a private image registry, advanced security features and centralized management for the entire container lifecycle. By including Kubernetes for container orchestration, customers will have the ability to run both Swarm and Kubernetes in the same Docker EE cluster while still leveraging the same secure software supply chain for building and deploying applications.

Figure 1. Docker EE Architecture with Multiple Orchestrators

This is possible because Docker EE has a modular architecture that is designed to support multiple orchestrators. The Linux nodes are both Swarm and Kubernetes-ready and application teams can decide which orchestrator to use at app deployment time.

When creating a new Stack in Docker EE, you are given the choice of deploying it as Swarm Services or as Kubernetes Workloads:

Figure 2. Selectable modes at app deployment time

Upon deployment, the Docker EE dashboard has a “Shared Resources” area Continue reading

Beta Docker for Mac and Windows with Kubernetes

Today, as part of our effort to bring Kubernetes support to the Docker platform, we’re excited to announce that we will also add optional Kubernetes to Docker Community Edition for Mac and Windows. We’re demoing previews at DockerCon (stop by the Docker booth!) and will have a beta program ready at the end of 2017. Sign up to be notified when the beta is ready.

With Kubernetes support in Docker CE for Mac and Windows, Docker Inc. can provide customers an end-to-end suite of container-management software and services that span from developer workstations, through test and CI/CD through to production on-prem or in the cloud.

Docker for Mac and Windows are the most popular way to configure a Docker dev environment and are used everyday by hundreds of thousands of developers to build, test and debug containerized apps. Docker for Mac and Windows are popular because they’re simple to install, stay up-to-date automatically and are tightly integrated with macOS and Windows respectively.

The Kubernetes community has built solid solutions for installing limited Kubernetes development setups on developer workstations, including Minikube (itself based partly on the docker-machine project that predated Docker for Mac and Windows). Common to these solutions however, Continue reading

IETF 100 Hackathon: Bringing Innovation and Running Code to the IETF

Interested in contributing running code to the Internet Engineering Task Force (IETF)? Do you see a problem with DNS, DNSSEC, IPv6, TLS, or something else that you want to help fix?

The IETF is holding its next meeting in Singapore in November. Just before IETF 100, on 11-12 November, is a Hackathon to encourage developers to discuss, collaborate and develop utilities, ideas, sample code and solutions that show practical implementations of IETF standards.

Check out the Hackathon Wiki to learn more about how to register, get involved in a project, add your own topic of interest, or even participate remotely if you can’t make it to Singapore next month. You can also read more about a past Hackathon in this IETF Journal article.

As an added bonus, there are some prizes on the line! A panel of judges announces winners in several categories at the end of the event, with winners choosing from sponsor-donated prizes.

Remember, the IETF needs operational expertise to make sure its protocols and standards actually work in real life networks.

The post IETF 100 Hackathon: Bringing Innovation and Running Code to the IETF appeared first on Internet Society.

Upgrading Virtual Appliances

In every SDDC workshop I tried to persuade the audience that the virtual appliances (particularly per-application instances of virtual appliances) are the way to go. I usually got the questions along the lines of “who will manage and audit all these instances?” but once someone asked “and how will we upgrade them?”

Short answer: you won’t.

Qualcomm Says Mobile 5G Will Be Real in First Half of 2019

San Diego firm says it has a 5G smartphone reference design ready for testing.

NSX Real World Use Cases for Pivotal Cloud Foundry

Pivotal cloud foundry is the leading PaaS solution for enterprise customers today, providing a fast way to convert their ideas from conception to production. This is achieved by providing a platform to run their code in any cloud and any language taking care of all the infrastructure stuff for them.

From building the container image, compiling it with the required runtime, deploying it in a highly available mode and connecting it to the required services, PCF allows dev shops to concentrate on developing their code.

While the platform is providing developers with the most simplified experience conceivable, under the hood there are many moving parts that make that happen and plumbing all these parts can be complex. That’s where customers are really enjoying the power of VMware’s SDDC, and the glue between the PaaS and SDDC layers is NSX, it is the enabler that makes it all work.

In this blog post, I detail some of the main uses cases customers has already deployed NSX for PCF on top of vSphere and how PCF and NSX are much better together in the real world.

The use cases customers are deploying with NSX for PCF are varied and ill divide them Continue reading

Hyperledger Stitches in Another Blockchain Project

The Quilt project focuses on transactions across ledgers.

WPA2 KRACK Fallout in the Enterprise

WPA2 KRACK Fallout in the Enterprise

KRACK proves we need more encryption on the Internet

A serious weakness in Wi-Fi security was made public earlier today. The Key Reinstallation Attack (KRACK) can break Wi-Fi encryption, opening your data up to eavesdropping. This, combined with issues in Linux and Android, make it possible for attackers to change websites you view. This is a serious problem for Wi-Fi Protected Access 2 (WPA2), a protocol used in millions of networks worldwide.

Luckily, the use of Transport Layer Security (TLS) is on the rise. Mozilla’s data shows that over 60% of pages loaded in Firefox use TLS. More and more companies are using encryption for all traffic and removing the ability to connect to unencrypted versions of their sites. When connecting to these sites, KRACK isn’t as big of a deal, because the data is encrypted before it’s sent across Wi-Fi. Even if WPA2 is broken, the data is still secure.

Unfortunately there are still millions of sites that don’t provide this security. Their users are vulnerable to eavesdropping, fake content, malware injection, and more. We need more companies and operators to use TLS and HTTP Strict Transport Security (HSTS) to mitigate the potential impact of KRACK.
Internet traffic exists in layers, which makes it possible to use more Continue reading

KRACK proves we need more encryption on the Internet

A serious weakness in Wi-Fi security was made public earlier today. The Key Reinstallation Attack (KRACK) can break Wi-Fi encryption, opening your data up to eavesdropping. This, combined with issues in Linux and Android, make it possible for attackers to change websites you view. This is a serious problem for Wi-Fi Protected Access 2 (WPA2), a protocol used in millions of networks worldwide.

Luckily, the use of Transport Layer Security (TLS) is on the rise. Mozilla’s data shows that over 60% of pages loaded in Firefox use TLS. More and more companies are using encryption for all traffic and removing the ability to connect to unencrypted versions of their sites. When connecting to these sites, KRACK isn’t as big of a deal, because the data is encrypted before it’s sent across Wi-Fi. Even if WPA2 is broken, the data is still secure.

Unfortunately there are still millions of sites that don’t provide this security. Their users are vulnerable to eavesdropping, fake content, malware injection, and more. We need more companies and operators to use TLS and HTTP Strict Transport Security (HSTS) to mitigate the potential impact of KRACK.

Internet traffic exists in layers, which makes it possible to use more Continue reading

IS-IS Multi Instance: RFC8202

Multi-Instance IS-IS
One of the nice things about IS-IS is the ability to run IPv6 and IPv4 in the same protocol, over a single instance. So long as the two topologies are congruent, deploying v6 as dual stack is very simply. But what if your topologies are not congruent? The figure below illustrates the difference.

In this network, there are two topologies, and each topology has two different set of level 1/level 2 flooding domain boundaries. If topology 1 is running IPv4, and topology 2 is running IPv4, it is difficult to describe such a pair of topologies with “standard” IS-IS. The actual flooding process assumes the flooding domain boundaries are on the same intermediate systems, or that the two topologies are congruent.

One way to solve this problem today is to use IS-IS multi-topology, which allows the IPv6 and IPv4 routing information to be carried in separate TLVs so two different Link State Databases (LSDBs), so each IS can compute a different Shortest Path Tree (SPT), one for IPv4, and another for IPv6. Some engineers might find the concept of multi-topology confusing, and it seems like it might be overkill for other use cases. For instance, perhaps you do Continue reading