0

Stuff The Internet Says On Scalability For September 23rd, 2016

Hey, it's HighScalability time:

 

• October 2017: ICANN changes the DNSSEC root keys; $2.91M: cost of running Let's Encrypt; 20%: Amazon convenience tax; 100%: increase in spam; 6.2 km: Quantum teleportation across a metropolitan fibre network; March 18, 1982: birth of containers; 6 months: how long a lightening bolt can power a 60 watt bulb; trillions: EV cache hits per day @ Netflix; 5x: Spark is faster than MapReduce; billions: HTTP, Git and SSH connections served per day at GitHub; 28: # of websites in North Korea; 


• Quotable Quotes:
  • @vgcerf: It is time to admit after 18 years that the multistakeholder model of Internet operation works. #yestoIANA
  • @EricLathrop: Netflix found a 5x performance variation between AWS instances at the same price! They benchmark to avoid overpaying. @indirect #Strangeloop
  • @swardley: Perfectly reasonable @NigelBarron. Larry's statements are ludicrous, play is to milk existing customers whilst hoping to find a new future.
  • @BethanyMacri: Etsy is very anti-SOA. Monolith forever!
  • janfoeh: I've said it before Continue reading

0

Oracle is gunning for AWS with new infrastructure offering

Larry Ellison has a message for Amazon Web Services: Oracle is going to give Amazon a run for its money in the cloud market."Amazon's lead is over," he said during his keynote address at the OpenWorld conference in San Francisco. "Amazon's going to have serious competition going forward."To that end, the company he co-founded is launching a set of new cloud datacenters that are aimed at providing more powerful compute instances to help it compete against the likes of AWS, Azure and other cloud players. The generation 2 datacenters will be capable of bringing a variety of performance improvements to customers who want to run high-performance workloads in the cloud.To read this article in full or to leave a comment, please click here

0

Intel’s new PC, IoT chief brings fresh ideas to the veteran chip maker

Intel is now more than just a PC company. At industry events, the company's keynotes feature drones flying around, robots walking on stage and musicians creating tunes from wearables. The chip maker is helping BMW build an autonomous car, will sell modems to Apple, and is leading the development of next-generation 5G cellular networks. For all these new markets, it will provide chip and data-center technologies. The transformation is happening partly under the leadership of Venkata Renduchintala, president of the Client and Internet of Things (IoT) Businesses and Systems Architecture Group at Intel. As Intel's second-in-command, he helped cut struggling products like mobile CPUs and sharpened the company's focus on IoT, servers, and connectivity.To read this article in full or to leave a comment, please click here

0

Oracle will acquire cloud security vendor Palerra

Oracle has agreed to acquire Palerra, a vendor of software for securing cloud services, as part of its strategy to provide customers comprehensive identity and security cloud servicesPalerra offers a Cloud Access Security Broker product called Loric that offers a combination of visibility into cloud usage, data security, user behavior analytics, and security configuration, with automated incident responses."We think this is an important addition to our overall cloud security portfolio," Larry Ellison, Oracle's  executive chairman and chief technology officer said in his keynote Sunday at the Oracle OpenWorld conference.  "It [Security] is job one at Oracle. We'll keep building, and when we find a supplier out there who is doing good work, we'll buy them."To read this article in full or to leave a comment, please click here

0

Oracle will acquire cloud security vendor Palerra

Oracle has agreed to acquire Palerra, a vendor of software for securing cloud services, as part of its strategy to provide customers comprehensive identity and security cloud servicesPalerra offers a Cloud Access Security Broker product called Loric that offers a combination of visibility into cloud usage, data security, user behavior analytics, and security configuration, with automated incident responses."We think this is an important addition to our overall cloud security portfolio," Larry Ellison, Oracle's  executive chairman and chief technology officer said in his keynote Sunday at the Oracle OpenWorld conference.  "It [Security] is job one at Oracle. We'll keep building, and when we find a supplier out there who is doing good work, we'll buy them."To read this article in full or to leave a comment, please click here

0

Why Snowden won’t be pardoned

Edward Snowden (NSA leakerblower) won’t be pardoned. I’m not arguing that he shouldn’t be pardoned, but that he won’t be pardoned. The chances are near zero, and the pro-pardon crowd doesn't seem to be doing anything to cange this. This post lists a bunch of reasons why. If your goal is to get him pardoned, these are the sorts of things you’ll have to overcome.

The tl;dr list is this:

• Obama hates whistleblowers
• Obama loves the NSA
• A pardon would be betrayal
• Snowden leaked because he was disgruntled, not because he was a man of conscience (***)
• Snowden hasn’t yet been convicted
• Snowden leaked too much
• Snowden helped Russian intelligence
• Nothing was found to be illegal or unconstitutional

Obama hates whistleblowers

Obama campaigned promising to be the most transparent president in history. Among his campaign promises are:

Protect Whistleblowers: Often the best source of information about waste, fraud, and abuse in government is an existing government employee committed to public integrity and willing to speak out. Such acts of courage and patriotism, which can sometimes save lives and often save taxpayer dollars, should be encouraged rather than stifled as they have been during the Bush administration. We need to empower Continue reading

0

Salesforce is betting its Einstein AI will make CRM better

If there was any doubt that AI has officially arrived in the world of enterprise software, Salesforce just put it to rest. The CRM giant on Sunday announced Einstein, a set of artificial intelligence capabilities it says will help users of its platform serve their customers better.AI's potential to augment human capabilities has already been proven in multiple areas, but tapping it for a specific business purpose isn't always straightforward. "AI is out of reach for the vast majority of companies because it's really hard," John Ball, general manager for Salesforce Einstein, said in a press conference last week.To read this article in full or to leave a comment, please click here

0

Valve nukes Digital Homicide’s games after developer sues to unmask 100 Steam users

If you write a negative review for a game, is that harassment? It is according to game developer Digital Homicide which is suing 100 Steam users for $18 million.After Digital Homicide developer James Romine filed a lawsuit, an Arizona judge granted a subpoena to obtain the personal “identification and associated data” of 100 anonymous Steam users. Romine alleges that the Steam group of Jane and John Does created a “hate and harassment group, Digital Homicides Poop Games.”To read this article in full or to leave a comment, please click here

0

Valve nukes Digital Homicide’s games after developer sues to unmask 100 Steam users

If you write a negative review for a game, is that harassment? It is according to game developer Digital Homicide which is suing 100 Steam users for $18 million.After Digital Homicide developer James Romine filed a lawsuit, an Arizona judge granted a subpoena to obtain the personal “identification and associated data” of 100 anonymous Steam users. Romine alleges that the Steam group of Jane and John Does created a “hate and harassment group, Digital Homicides Poop Games.”To read this article in full or to leave a comment, please click here

0

Test-driving EVPN route publishing with GoBGP

In recent times there has been a lot of interest in tunnel based L2 networks, especially for Cloud Networks implemented with VXLAN.  The tunnel based networks were initially proposed with the idea of alleviating the 4k limit imposed with VLAN based networks. EVPN based VXLAN tunneled networks use BGP as control plane for L2 learning. … Continue reading Test-driving EVPN route publishing with GoBGP

0

Docker Weekly Roundup | September 11, 2016

 

As we arrive at the conclusion of another week, the team at Docker wanted to take a moment to reflect on a few of the top posts you might have missed, while also highlighting a few other Docker stories from around the web. Here’s the weekly roundup for the week of September 11, 2016:

• Docker Partner Program introducing the new tiered Docker Partner Program designed to address the growing demand by enterprise companies to adopt Containers as a Service environments with Docker Datacenter. 

• Dockercast Episode 3 in this podcast Docker catches up with Nirmal Mehta at Booz Allen Hamilton. We discuss how large government organizations are modernizing their IT infrastructures and why these types of institutions seem to be early adopters of Docker.

• Docker + Golang a short collection of tips and tricks by Jerome Petazzoni showing how Docker can be useful when working with Go code.

• IoT Swarm with Docker Machine the new Swarm Mode in Docker 1.12 makes it easy to build a Docker Swarm and connect different ARM devices to an IoT cluster. Instructions on how to build your own by Docker Captain Dieter Reuter.

• CentOS 7.2 ARM Docker Image the building of Continue reading

0

Triggered remote packet capture using filtered ERSPAN

Packet brokers are typically deployed as a dedicated network connecting network taps and SPAN/mirror ports to packet analysis applications such as Wireshark, Snort, etc.

Traditional hierarchical network designs were relatively straightforward to monitor using a packet broker since traffic flowed through a small number of core switches and so a small number of taps provided network wide visibility. The move to leaf and spine fabric architectures eliminates the performance bottleneck of core switches to deliver low latency and high bandwidth connectivity to data center applications. However, traditional packet brokers are less attractive since spreading traffic across many links with equal cost multi-path (ECMP) routing means that many more links need to be monitored.

This article will explore how the remote Selective Spanning capability in Cumulus Linux 3.0 combined with industry standard sFlow telemetry embedded in commodity switch hardware provides a cost effective alternative to traditional packet brokers.

Cumulus Linux uses iptables rules to specify packet capture sessions. For example, the following rule forwards packets with source IP 20.0.1.0 and destination IP 20.0.1.2 to a packet analyzer on host 20.0.2.2:

-A FORWARD --in-interface swp+ -s 20.0.0.2 -d 20. Continue reading

0

Getting Started in the Mobile World

Got this challenge from one of my readers:

I've recently changed jobs and I am currently working for a telco. The problem is that I have no idea of what they are talking about when they mention SGSN, GGSN, Gi, Gn, etc... I only know routing and switching stuff :(.

Obviously he tried to search for information and failed.

Read more ...

0

Juniper QFX 5100 & VMware ESXI Host NIC Teaming -Design Consideration

0

Let’s Encrypt plugin for ASA

I wrote a certbot (Let's Encrypt ACME client) plugin for Cisco ASA. It runs on a separate box, talks ACME to the Let's Encrypt service and uses the ASA REST API to manage certificates on the ASA.

Details here.

If you try it out, please let me know how it goes?

0

Review: “Snowden” (2016)

tldr:

• If you are partisan toward Snowden, you'll like the movie.
• If you know little about Snowden, it's probably too long/slow -- you'll be missing the subtext.
• If you are anti-Snowden, you'll hate it of course.

The movie wasn't bad. I was expecting some sort of over-dramatization, a sort of Bourne-style movie doing parkour through Hong Kong ghettos. Or, I expected a The Fifth Estate sort of movie that was based on the quirky character of Assange. But instead, the movie was just a slight dramatization of the events you (as a Snowden partisan) already know. Indeed, Snowden is a boring protagonist in the movie -- which makes the movie good. All the other characters in the movie are more interesting than the main character. Even the plot isn't all that interesting -- it's just a simple dramatization of what happens -- it's that slow build-up of tension toward the final reveal that keeps your attention.

In other words, it's clear that if you like Snowden, understand the subtext, you'll enjoy riding along on this slow buildup of tension.

Those opposed to Snowden, however, will of course gag on the one-side nature of the story. There's always two sides to Continue reading

0

Judge paves the way for British hacker’s extradition to US

A U.K. judge has ruled in favor of extraditing a British man to the U.S. on charges of hacking government computers, despite fears he may commit suicide.Lauri Love, 31, has been fighting his extradition for allegedly stealing data from U.S. government agencies, including the Department of Defense and NASA.On Friday, a Westminster Magistrates court ruled that Love can be safely extradited to the U.S. to face trial, even though he has Asperger Syndrome and a history of depression.“I send this case to the secretary of state for her decision as to whether or not Mr. Love should be extradited,” Judge Nina Tempia said in the ruling.To read this article in full or to leave a comment, please click here

0

Webcast: Hardening Microservices Security

Microservices is one of the buzz words of the moment. Beyond the buzz, microservices architecture offers a great opportunity for developers to rethink how they design, develop, and secure applications.

On Wednesday, September 21st, 2016 at 10am PT/1pm ET join SANS Technology Institute instructor and courseware author, David Holzer, as well as CloudFlare Solutions Engineer, Matthew Silverlock, as they discuss best practices for adopting and deploying microservices securely. During the session they will cover:

• How microservices differ from SOA or monolithic architectures
• Best practices for adopting and deploying secure microservices for production use
• Avoiding continuous delivery of new vulnerabilities
• Limiting attack vectors on a growing number of API endpoints
• Protecting Internet-facing services from resource exhaustion

Don't miss this chance to learn from the pros. Register now!

0

Wroth Reading: Exascale might prove difficult

The supercomputing industry is accustomed to 1,000X performance strides, and that is because people like to think in big round numbers and bold concepts. Every leap in performance is exciting not just because of the engineering challenges in bringing systems with kilo, mega, tera, peta, and exa scales into being, but because of the science that is enabled by such increasingly massive machines. But every leap is getting a bit more difficult as imagination meets up with the constraints of budgets and the laws of physics. The exascale leap is proving to be particularly difficult, and not just because it is the one we are looking across the chasm at. —The Next Platform

The post Wroth Reading: Exascale might prove difficult appeared first on 'net work.

0

HPE Docker Ready Servers Now Available – Get Docker Preinstalled On Your Favorite Hardware

It’s here!  HPE Docker ready servers are now available. These servers are pre-configured, integrated and validated with commercially supported Docker Engine out of the box. Enterprises can ease the adoption of Docker through a trusted hardware platform.  

Announced in June, the Docker and Hewlett Packard Enterprise (HPE) partnership, has been called “The 10 Most Important Tech Partnerships In 2016 (so far),” by CRN as a way to bring infrastructure optimized Docker technology to enable a modern application platform for the enterprise.

Integrated, Validated and Supported

Docker ready servers are available for the HPE ProLiant, Cloudline, and Hyper Converged Systems. These servers come pre-installed with the commercially supported Docker Engine (CS Engine) and enterprise class support direct from HPE, backed by Docker. Whether deploying new servers or facing a hardware refresh, enterprises looking to adopt containerization can benefit from a simplified and repeatable deployment option on hardware they trust.

HPE Docker ready servers accelerate businesses time to value with everything needed in a single server to scale and support Docker environments, combining the hardware and OS you already use in your environment with the Docker CS Engine. Docker CS Engine is a commercially supported container runtime and native Continue reading