Automation and State

To State or not to State

State

State its purpose.

That is a state matter.

It was a messy night. Alice was filthy. She was in a state.

The router had some state.

What to do with state

Automation is a constantly changing state of affairs. It raises questions like:

a) If a service or API is idempotent, do I have to track state?
b) Should my workflows consider external state?
c) Should I normalise state?

Idempotency

Something is said to be idempotent if it gives you the same response if you call it repetitively.

I always view idempotency quite simply.

  1. Bob makes a terrible mistake building a NETCONF server for Alice.
  2. Alice punished Bob with the task of hoovering the office floor.
  3. Bob starts hoovering at 3pm when Alice is out of the office.
  4. Alice Tweets Bob mid-hoovering (because they’re millennials) with “Bob, it’s time to hoover.”.
  5. As Bob is idempotent, Bob carries on hoovering and ignores Alice’s Tweet.

If Bob wasn’t idempotent, he might have packed away the hoover, gotten it back out and started hoovering again (also assuming Bob was actually delivering on his punishment and hadn’t outsourced it to a cleaner).

Can you imagine the Continue reading

Worth Reading: Crafted DDoS

We’d like to introduce you to one of the most devastating ways to cause service instability in modern micro-service architectures: application DDoS. A specially crafted application DDoS attack can cause cascading system failures often for a fraction of the resources needed to conduct a more traditional DDoS attack. This is due to the complex, interconnected relationships between applications. —Scott Behrens and Bryan Payne @ Netflix

The post Worth Reading: Crafted DDoS appeared first on rule 11 reader.

Standards bodies (like W3C) need more transparency

Any organization that creates and promotes industry standards should operate in an open and transparent way. Any lack of visibility will cause tremendous doubt and concerns around those standards. Case in point: the World Wide Web Consortium (W3C). A few weeks back, I wrote about one of their most recent standards—Electronic Media Extensions (EME)—which sought to create a standard framework for Digital Right Management (DRM) on the web. When the W3C officially approved this standard, it generated massive backlash from every corner of the technology world. To read this article in full or to leave a comment, please click here

Flat OSPF network is not a problem ! But

Flat OSPF network, or single area OSPF networks are real. In fact most of the OSPF network today deployed, is flat OSPF networks. But how many routers can be placed safely in an OSPF area ? Any number from the real world OSPF deployment ? I will share in this post. Let me explain what […]

The post Flat OSPF network is not a problem ! But appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

A better way to monitor the end-user experience

The concept of user performance management (UPM) is easy to understand but very difficult to implement. The Holy Grail of UPM would be a single, unified dashboard where IT operations would be able to “see” the status of every user. If a website were taking too long to load or an application were performing poorly, the operations staff could click on that user and immediately see where the problem is. One challenge for IT departments is that today’s user isn’t always a person. Thanks to the rise in the number of Internet of Things (IoT) devices, “headless” clients that provide critical services to users now pump data through the network. For example, medical devices deliver time-critical information that can be the difference between life and death. Getting a grip on how these headless devices are performing on the network has become a daunting task for IT staff. To read this article in full or to leave a comment, please click here

A better way to monitor the end-user experience

The concept of user performance management (UPM) is easy to understand but very difficult to implement. The Holy Grail of UPM would be a single, unified dashboard where IT operations would be able to “see” the status of every user. If a website were taking too long to load or an application were performing poorly, the operations staff could click on that user and immediately see where the problem is. One challenge for IT departments is that today’s user isn’t always a person. Thanks to the rise in the number of Internet of Things (IoT) devices, “headless” clients that provide critical services to users now pump data through the network. For example, medical devices deliver time-critical information that can be the difference between life and death. Getting a grip on how these headless devices are performing on the network has become a daunting task for IT staff. To read this article in full or to leave a comment, please click here

MC-LAG lab – advanced IRB functionality

For simplified Layer 3 gateway services, where Layer 3 routing protocols are not run on the MC-LAG peers, you simply configure the same Layer 3 gateway IP address on both MC-LAG peers and enable IRB MAC address synchronization. This IP address is used as the default gateway for the MC-LAG servers or hosts.
For more advanced Layer 3 gateway services, where Layer 3 routing protocols and Layer 3 multicast operations are required on the MC-LAG peers, you configure unique IRB interface addresses on each MC-LAG peer and then configured the virtual router redundancy protocol (VRRP) between the peers in an active/standby role.
To help with some forwarding operations, the IRB MAC address of each peer is replicated on the other peer and is installed as a MAC address with the forwarding next hop of the ICL-PL. This is achieved by configuring a static ARP entry for the remote peer.

IRB interfaces configurations:

vQFX1:
irb {
    unit 100 {
        family inet {
            address 172.16.0.1/24 {
                arp 172.16.0.2 l2-interface xe-0/ Continue reading

Is DefCon Wifi safe?

DEF CON is the largest U.S. hacker conference that takes place every summer in Las Vegas. It offers WiFi service. Is it safe?

Probably.

The trick is that you need to download the certificate from https://wifireg.defcon.org and import it into your computer. They have instructions for all your various operating systems. For macOS, it was as simple as downloading "dc25.mobileconfig" and importing it.

I haven't validated the DefCon team did the right thing for all platforms, but I know that safety is possible. If a hacker could easily hack into arbitrary WiFi, then equipment vendors would fix it. Corporations widely use WiFi -- they couldn't do this if it weren't safe.

The first step in safety is encryption, obviously. WPA does encryption well, you you are good there.

The second step is authentication -- proving that the access-point is who it says it is. Otherwise, somebody could setup their own access-point claiming to be "DefCon", and you'd happily connect to it. Encrypted connect to the evil access-point doesn't help you. This is what the certificate you download does -- you import it into your system, so that you'll trust only the "DefCon" access-point that has Continue reading

Last 10 days for the August 2017 CCDE Online Bootcamp

My Webex based, Online CCDE Bootcamp will start in 10 days.    August 7, 2017 is the first day of my live CCDE Bootcamp.   As the best CCDE Training, I will cover all CCDE Blueprint topics as usual. Before and after the Bootcamp, there are many other resources which you will go through. These […]

The post Last 10 days for the August 2017 CCDE Online Bootcamp appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Moved to new house , Finished the new course but !

I have been very busy for last one month.   I announced 2 , 3 months before Service Provider Design Workshop and conducted it at last two weekends.   I moved to new house, lot’s of things to deal with, believe me. First time I will share the photos of it here.   Meanwhile I […]

The post Moved to new house , Finished the new course but ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

The Supercomputing Slump Hits HPC

Supercomputing, by definition, is an esoteric, exotic, and relatively small slice of the overall IT landscape, but it is, also by definition, a vital driver of innovation within IT and in all of the segments of the market where simulation, modeling, and now machine learning are used to provide goods and services.

As we have pointed out many times, the supercomputing business is not, however, one that is easy to participate in and generate a regular stream of revenues and predictable profits and it is most certainly one where the vendors and their customers have to, by necessity, take the

The Supercomputing Slump Hits HPC was written by Timothy Prickett Morgan at The Next Platform.

Reaffirming the Internet as a Force for Good: The Next 25 Years

To mark its 25th Anniversary, the Internet Society is beginning a global dialogue on the impact of the Internet on societies.  So far, we have held discussions at Chatham House in London, and opened up the dialogue in a recent public forum with more than 100 participants from 30 countries across Africa, the Middle East, Europe & Central Asia, Latin America and the Caribbean, and South Asia. 

Konstantinos Komaitis
1 1,965 1,966 1,967 1,968 1,969 3,842