Keeping the Cloudflare API ‘all green’ using Python-based testing
At Cloudflare, we reuse existing core systems to power multiple products and testing of these core systems is essential. In particular, we require being able to have a wide and thorough visibility of our live APIs’ behaviors. We want to be able to detect regressions, prevent incidents and maintain healthy APIs. That is why we built Scout.
Scout is an automated system periodically running Python tests verifying the end to end behavior of our APIs. Scout allows us to evaluate APIs in production-like environments and thus ensures we can green light a production deployment while also monitoring the behavior of APIs in production.
Why Scout?
Before Scout, we were using an automated test system leveraging the Robot Framework. This older system was limiting our testing capabilities. In fact, we could not easily match json responses against keys we were looking for. We would abandon covering different behaviors of our APIs as it was impossible to decide on which resources a given test suite would run. Two different test suites would create false negatives as they were running on the same account.
Regarding schema validation, only API responses were validated against a json schema and tests would not fail if the Continue reading
Barriers To Kubernetes
If you’re a system administrator or Infrastructure Engineer that has: Managed upgrades for large-scale systems Managed high availability and horizontal scaling Deployed binaries on Linux or Windows VMs Deployed virtualization and bare-metal environments Kubernetes is going to be a major upgrade for you, how you deploy, and how you manage services. Kubernetes truly does make […]
The post Barriers To Kubernetes appeared first on Packet Pushers.
Dynamic MAC Learning: Hardware or CPU Activity?
An ipSpace.net subscriber sent me a question along the lines of “does it matter that EVPN uses BGP to implement dynamic MAC learning whereas in traditional switching that’s done in hardware?” Before going into those details, I wanted to establish the baseline: is dynamic MAC learning really implemented in hardware?
Hardware-based switching solutions usually use a hash table to implement MAC address lookups. The above question should thus be rephrased as is it possible to update the MAC hash table in hardware without punting the packet to the CPU? One would expect high-end (expensive) hardware to be able do it, while low-cost hardware would depend on the CPU. It turns out the reality is way more complex than that.
Dynamic MAC Learning: Hardware or CPU Activity?
An ipSpace.net subscriber sent me a question along the lines of “does it matter that EVPN uses BGP to implement dynamic MAC learning whereas in traditional switching that’s done in hardware?” Before going into those details, I wanted to establish the baseline: is dynamic MAC learning really implemented in hardware?
Hardware-based switching solutions usually use a hash table to implement MAC address lookups. The above question should thus be rephrased as is it possible to update the MAC hash table in hardware without punting the packet to the CPU? One would expect high-end (expensive) hardware to be able do it, while low-cost hardware would depend on the CPU. It turns out the reality is way more complex than that.
An Economic Perspective on Internet Centrality
What sustains a digital monopoly in today's world? It's not the amassing of a huge workforce, or even having access to large pool of capital. It's not even the use of proprietary technologies that are not accessible to others. So why isn't the Internet fulfilling its vision of profound and intense competitive pressure in every part of the digital supply chain? Whjat is sustaining the domination of the digital world by a select group of behemoths? And, can we change this picture?Kubernetes Security And Networking 4: Helpful Tips To Secure The API Server – Video
In the previous video, Michael Levan walked through some security essentials for protecting worker nodes in a Kubernetes cluster. In this video he focuses on essential protections for the API server. He looks at security benchmarks from CIS, using Kubescape for security scanning, and how to integrate the two. Michael Levan hosts the “Kubernetes Unpacked” […]
The post Kubernetes Security And Networking 4: Helpful Tips To Secure The API Server – Video appeared first on Packet Pushers.
Intel Pushes Out Hybrid CPU-GPU Compute Beyond 2025
One of the reasons why Intel can even think about entering the GPU compute space is that the IT market, and indeed just about any market we can think of, likes to have at least three competitors. …
Intel Pushes Out Hybrid CPU-GPU Compute Beyond 2025 was written by Timothy Prickett Morgan at The Next Platform.
Network Break 420: Cisco, HPE Buy Security Startups; Can We Finally Hold Vendors Responsible For Software Defects?
Take a Network Break! We begin with some FU on what constitutes on-prem and off-prem, and then dive into news. Cisco and T-Mobile are partnering on 5G gateways, Cisco Webex is getting installed as a feature(?) in Mercedes E-Class cars, and Cisco is buying multi-cloud security startup Valtix. Valtix offers firewalling, IPS, a cloud Web... Read more »Network Break 420: Cisco, HPE Buy Security Startups; Can We Finally Hold Vendors Responsible For Software Defects?
Take a Network Break! We begin with some FU on what constitutes on-prem and off-prem, and then dive into news. Cisco and T-Mobile are partnering on 5G gateways, Cisco Webex is getting installed as a feature(?) in Mercedes E-Class cars, and Cisco is buying multi-cloud security startup Valtix. Valtix offers firewalling, IPS, a cloud Web […]
The post Network Break 420: Cisco, HPE Buy Security Startups; Can We Finally Hold Vendors Responsible For Software Defects? appeared first on Packet Pushers.