AWS Advanced Networking — Task Statement 1.3: How load balancing works at Layer 3, layer 4, and Layer 7 of the OSI model

< MEDIUM: https://towardsaws.com/aws-advanced-networking-task-statement-1-3-c457fa0ed893 >

Ref: https://aws.amazon.com/elasticloadbalancing/

Why Elastic Load Balancer?

  • To Distribute incoming application traffic across EC2 instances / Containers / IP Addresses and these entities, generally, can be called targets and grouped as Target-Groups.
  • Another advantage is performing health checks, such as packet-loss or high-latency, and can be integrated with Auto-scaling, hence Elastic.
  • Depending on the ELB type and its operational requirement, this can further be subdivided into CLB, ALB, GLB, and NLB.

CLB — Classic Load Balancer

– AWS Recommends ALB today instead of CLB
– Intended for EC2 instances which are built in EC2-Classic Network
– Layer 4 or Layer 7 Load Balancing
– Provides SSL Offloading and IPv6 support for Classic Networks

ALB — Application Load Balancer

  • Works at the 7th Layer of the OSI Model.
  • Supports applications that run in Containers
  • Supports Content-based Routing
  • HTTP/HTTPS, Mobile Apps, Containers in EC2, and Microservices benefit greatly from ALB

Why Elastic Load Balancer?

  • To Distribute incoming application traffic across EC2 instances / Containers / IP Addresses and these entities, generally, can be called targets and grouped as Target-Groups.
  • Another advantage is performing health checks, such as packet-loss or high-latency, and can be integrated with Auto-scaling, Continue reading

Set up your Own wireguard-based Cloud VPN server without installing software on your laptop — GL-A1300 Slate Plus Wireless Router

< MEDIUM: https://aws.plainenglish.io/set-up-your-own-wireguard-based-cloud-vpn-server-without-installing-software-on-your-laptop-1bdc41b0b55 >

Note: This requires the purchase of a wireless router which is capable of running a Wireguard package in this case it’s Slate-Plus GL-A1300 and I do not have any affiliate or ads program with them, I simply liked it for its effectiveness and low cost.

The Need :

For one reason many of us want a VPN server which does decent encryption but won’t charge us a lot of money, in some cases, it can be done free of cost and in others for not want us to install a variety of software which messes up with internal client routing and also against some of the IT-Policies, even if it’s a browser-based plugin.

The Choice :

Wireguard: https://www.wireguard.com/ — VPN Software, Software-based encryption, extremely fast and light-weight.

GL-A1300 Slate-Plus — Wireless Router with support for Wireguard which is not a feature in many of the current market routers, had OpenWrt as the installed software.

Features

The GL-A1300 Slate Plus wireless VPN encrypted travel router comes packed with features that will make your life easier while travelling. Here are just a few of the most important:

AWS Rekognition — A simple classifier without having to build a lot of in-house or Cloud Environments — Sample Bird-Project

< MEDIUM : https://aws.plainenglish.io/aws-rekognition-a-simple-classifier-without-having-to-build-a-lot-of-in-house-or-cloud-a43fc6e9e8a >

A few weeks ago, I set up a bird feeder and used it to capture bird images, the classifier itself was not that accurate but was doing a decent job, what I have realised is that not every time we end up with highly accurate on-board edge classification especially while learning how to implement them.

So after a few weeks, there were a lot of images some of them sure enough had birds while some of them were taken in Pitch Dark and am not even sure what made the classifier figure out a birdie in the snapshot from the camera.

Now for me in order to make an Image, I have to rely on a re-classifier doing the job for me, initially, I thought I will write a lambda-based classifier as a learning experiment, but then I thought it was a one-time process every 6 months or so, so I went ahead with a managed service option and in this case, its AWS Rekognition, which is quite amazing.

https://aws.amazon.com/rekognition/

Code Snippet used for Classification

import os
import concurrent.futures
import boto3

def detect_birds(image_path):
# Configure AWS credentials and region
session Continue reading

Controversial Reads 071423


Indian-born CEOs are closing their firms and fleeing back to India to escape charges of fraud in the annual lotteries for visas to import H-1B foreign contract workers, says a lawyer for many Indian-owned subcontractors and visa workers.


Over the past few years, Apple has pursued a meal-prepping app with a pear logo, a singer-songwriter named Frankie Pineapple, a German cycling route, a pair of stationery makers, and a school district, among others.


Reddit, a link-aggregating website that claims to be the “front page of the internet,” has turned into a hotbed for radicalization.


Wolk wasn’t saying cable news was necessarily a terrible product; it was an obsolete one on an obsolete platform. While he didn’t predict that the death of cable was imminent, he made it clear it might be time to start looking for hospice care.


However, where the previous labor nuke decimated the white working class in flyover states, this one will explode closer to the power center of Corporate America. Creative AIs like ChatGPT most threaten one of the Regime’s most powerful assets: the managerial class.


A bid to legally muzzle critics of the Irish Data Protection Commission (DPC) is just the tip of the iceberg Continue reading

Weekend Reads 071423


For example, at a certain level, your password must include today’s Wordle answer. And then there’s rule #27: “At least 50% of your password must be in the Wingdings font.”


On 12 June, the DFIR Report published an in-depth analysis of a Truebot intrusion that began with several page redirects via a Traffic Distribution System (TDS) and ended with dropping a Master Boot Record (MBR) killer wiper onto a victim’s computer.


PL/I stands for Programming Language 1, and its aim was to be the Highlander of programming languages: there would be no need for 2, 3, or 4 if everything went to plan.


In this episode of PING, APNIC’s Chief Scientist Geoff Huston discusses how Sweden built a national time distribution system and the nature of time in the modern Internet.


When system architects sit down to design their next platforms, they start by looking at a bunch of roadmaps from suppliers of CPUs, accelerators, memory, flash, network interface cards – and PCI-Express controllers and switches.


In a recent investigation by Microsoft Incident Response of an intrusion, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, Continue reading

Akamai opens new data centers in push to public cloud

Content delivery network (CDN) and cloud computing provider Akamai has opened three new internet point of presence (POP) data centers this week, and will open two more later in the quarter, as the company looks to take over a bigger portion of the public cloud market.The three new sites open as of this week are in Paris, Washington, D.C., and Chicago. Sites in Seattle and Chennai will follow in the coming months, Akamai said. The expansion is part of the company's push into the public cloud market dominated by incumbents like Google, Amazon and Microsoft, Akamai said.The sites were chosen carefully, according to a statement from Akamai. Washington, D.C., is one of the biggest data center hubs in the world, with Northern Virginia containing upward of half of the major data center capacity in the US. Chicago is a well-situated secondary site for latency-sensitive workloads running either locally or in nearby markets, including Philadelphia and Washington, while the Paris site represents a new option for organizations facing data sovereignty challenges posed by EU regulation.To read this article in full, please click here

Heavy Networking 690: LACP Is Not Link Aggregation – With Tony Bourke

On today’s Heavy Networking we talk LACP and link aggregation. While bonding two or more links together to act as a single virtual link has been done for decades, LACP and link aggregation aren't the same thing, and the distinction matters. Our guest to get into the differences is network instructor Tony Bourke.

The post Heavy Networking 690: LACP Is Not Link Aggregation – With Tony Bourke appeared first on Packet Pushers.

New ML benchmarks show best algorithms for training chatbots

MLCommons, a group that develops benchmarks for AI technology training algorithms, revealed the results for a new test that determines system speeds for training algorithms specifically used for the creation of chatbots like ChatGPT.MLPerf 3.0 is meant to provide an industry-standard set of benchmarks for evaluating ML model training. Model training can be a rather lengthy process, taking weeks and even months depending on the size of a data set. That requires an awful lot of power consumption, so training can get expensive.The MLPerf Training benchmark suite is a full series of tests that stress machine-learning models, software, and hardware for a broad range of applications. It found performance gains of up to 1.54x compared to just six months ago and between 33x and 49x compared to the first round in 2018.To read this article in full, please click here

New ML benchmarks show best algorithms for training chatbots

MLCommons, a group that develops benchmarks for AI technology training algorithms, revealed the results for a new test that determines system speeds for training algorithms specifically used for the creation of chatbots like ChatGPT.MLPerf 3.0 is meant to provide an industry-standard set of benchmarks for evaluating ML model training. Model training can be a rather lengthy process, taking weeks and even months depending on the size of a data set. That requires an awful lot of power consumption, so training can get expensive.The MLPerf Training benchmark suite is a full series of tests that stress machine-learning models, software, and hardware for a broad range of applications. It found performance gains of up to 1.54x compared to just six months ago and between 33x and 49x compared to the first round in 2018.To read this article in full, please click here

Cisco snaps up Oort to bolster identity management technology

Cisco is continuing its summer buying spree with the acquisition of security startup Oort for an undisclosed amount.Oort offers an identity threat detection and response platform for enterprise security.  Founded in 2019, Oort raised $15 million in Series A funding that included money from Cisco’s venture capital arm.“With Oort’s API-driven, cloud-native, and agentless platform, they eliminate identity visibility gaps across disparate data sources, show misconfigurations, check for security vulnerabilities, and offer predictive identity analytics to proactively stop attacks,” wrote Raj Chopra, senior vice president and chief product officer for Cisco Security, in a blog about the acquisition. To read this article in full, please click here

Cisco snaps up Oort to bolster identity management technology

Cisco is continuing its summer buying spree with the acquisition of security startup Oort for an undisclosed amount.Oort offers an identity threat detection and response platform for enterprise security.  Founded in 2019, Oort raised $15 million in Series A funding that included money from Cisco’s venture capital arm.“With Oort’s API-driven, cloud-native, and agentless platform, they eliminate identity visibility gaps across disparate data sources, show misconfigurations, check for security vulnerabilities, and offer predictive identity analytics to proactively stop attacks,” wrote Raj Chopra, senior vice president and chief product officer for Cisco Security, in a blog about the acquisition. To read this article in full, please click here

Quickly see differences between Zone Versions with Version Comparisons

Quickly see differences between Zone Versions with Version Comparisons
Quickly see differences between Zone Versions with Version Comparisons

On the week of July 10, 2023, we launched a new capability for Zone Versioning - Version Comparisons. With Version Comparisons, you can quickly get a side by side glance of what changes were made between two versions. This makes it easier to evaluate that a new version of your zone’s configuration is correct before deploying to production.

Quickly see differences between Zone Versions with Version Comparisons

A quick recap about Zone Versioning

Zone Versioning was launched at the start of 2023 to all Cloudflare Enterprise customers and allows you to create and manage independent versions of your zone configuration. This enables you to safely configure a set of configuration changes and progressively roll out those changes together to predefined environments of traffic. Having the ability to carefully test changes in a test or staging environment before deploying them to production, can help catch configuration issues before they can have a large impact on your zone’s traffic. See the general availability announcement blog for a deeper dive on the overall capability.

Why we built Version Comparisons

Diff is a well known and often used tool by many software developers to quickly understand the difference between two files. While originally just a command line utility it is now ubiquitous across Continue reading

Subscription and Host Metric Changes in Ansible Automation Platform 2.4

What and Why?

Our customers use Ansible Automation Platform across a multitude of platforms, in a plethora of ways. Providing an accurate accounting and reporting capability is sometimes difficult across the various types of use cases we encounter.

If you have traditionally used the platform with infrequently changing or more static types of managed hosts, you’re probably pretty much covered. If however, you administer a more diverse and dynamic set of hosts, there may be occasions where you require more flexibility, when accounting for managed hosts against your purchased subscription.

That’s why in Ansible Automation Platform 2.4, we’ve introduced a new Host Metrics dashboard tab with the ability to:

  • View high level automation run details per managed host
  • The first and last time automated (this metric already existed)
  • The number of times automation has been run or attempted to be run against a host (new in 2.4)
  • The number of times a managed host has been deleted (new in 2.4)

The ability to view the number of times automation has been run on hosts is a simple but really useful metric:

  • Instantly see your most commonly automated hosts
  • See which hosts exist in Continue reading

Hedge 186: Hardware Root of Trust

The idea of a root of trust is somewhat foreign to network engineers—what is it, and why would it be important? Michael and Marcus from Hedgehog join Tom Ammon and Russ White to discuss how hardware roots of trust work, what problems they are designed to solve for network hardware, and the current state of this technology.

download

rough transcript will be supplied in a few days

Kyndryl services blitz to target AI, security, sustainability

Kyndryl Bridge has found early success with nearly 1,000 customers expected by the end of the year, and the integration platform has several new services on tap – including for AI, security and sustainability efforts – to help enterprises better manage their infrastructure resources.Announced last September, Kyndryl Bridge has roughly 60 digitally enabled services to date, and the company expects to grow that to 190 Bridge services by March 2024, according to Kyndryl CTO Antoine Shagoury.Bridge integrates all manner of management tools, intellectual property, and processes that Kyndryl has cultivated through years of delivering services – it was, after all, a division of IBM until November 2021. It then takes that centralized information and uses it to deliver as-a-service capabilities and applications that help control and manage enterprise infrastructure. It also uses AI and ML to analyze the aggregated data in real time to provide IT operations teams with the intelligence they need to keep systems running at peak performance, Kyndryl says.To read this article in full, please click here

Deploy real-time network dashboards using Docker compose


This article demonstrates how to use docker compose to quickly deploy a real-time network analytics stack that includes the sFlow-RT analytics engine, Prometheus time series database, and Grafana to create dashboards. 
git clone https://github.com/sflow-rt/prometheus-grafana.git
cd prometheus-grafana
./start.sh
Download the sflow-rt/prometheus-grafana project from GitHub on a system with Docker installed and start the containers. The start.sh script runs docker compose to bring up the containers specified in the compose.yml file, passing in user information so that the containers have correct permission to  write data files in the prometheus and grafana directories.
All the Docker images in this example are available for both x86 and ARM processors, so this stack can be deployed on Intel/AMD platforms as well as Apple M1/M2 or Raspberry Pi. Raspberry Pi 4 real-time network analytics describes how to configure a Raspberry Pi 4 to run Docker and perform real-time network analytics and is a simple way to run this stack for smaller networks.

Configure sFlow Agents in network devices to stream sFlow telemetry to the host running the analytics stack. See Getting Started for information on how to verify that sFlow telemetry is being received.

Connect to the Grafana web interface on Continue reading
1 253 254 255 256 257 3,832