Sponsored Post: zanox Group, Varnish, LaunchDarkly, Swrve, Netflix, Aerospike, TrueSight Pulse, Redis Labs, InMemory.Net, VividCortex, MemSQL, Scalyr, AiScaler, AppDynamics, ManageEngine, Site24x7
Who's Hiring?
- The zanox Group are looking for a Senior Architect. We're looking for someone smart and pragmatic to help our engineering teams build fast, scalable and reliable solutions for our industry leading affiliate marketing platform. The role will involve a healthy mixture of strategic thinking and hands-on work - there are no ivory towers here! Our stack is diverse and interesting. You can apply for the role in either London or Berlin.
- Swrve -- In November we closed a $30m funding round, and we’re now expanding our engineering team based in Dublin (Ireland). Our mobile marketing platform is powered by 8bn+ events a day, processed in real time. We’re hiring intermediate and senior backend software developers to join the existing team of thirty engineers. Sound like fun? Come join us.
- Senior Service Reliability Engineer (SRE): Drive improvements to help reduce both time-to-detect and time-to-resolve while concurrently improving availability through service team engagement. Ability to analyze and triage production issues on a web-scale system a plus. Find details on the position here: https://jobs.netflix.com/jobs/434
- Manager - Performance Engineering: Lead the world-class performance team in charge of both optimizing the Netflix cloud stack and developing the performance observability capabilities Continue reading
Slacking Off
A Candlestick Phone (image courtesy of WIkipedia)
There’s a great piece today on how Slack is causing disruption in people’s work habits. Slack is a program that has dedicated itself to getting rid of email, yet we now find ourselves mired in Slack team after Slack team. I believe the real issue isn’t with Slack but instead with the way that our brains are wired to handle communication.
Interrupt Driven
People get interrupted all the time. It’s a fact of life if you work in business, not just IT. Even if you have your head down typing away at a keyboard and you’ve closed out all other forms of distraction, a pop up from an email or a ringing or vibrating phone will jar your concentration out of the groove and force your brain to deal with this new intruder into your solitude.
That’s evolution working against you. When we were hunters and gatherers our brain had to learn how to deal with external threats when we were focused on a task like stalking a mammoth or looking for sprouts on the forest floor. Our eyes are even developed to take advantage of this. Your peripheral vision will pick up Continue reading
Worth Watching: The Basics of ASIC Design
The post Worth Watching: The Basics of ASIC Design appeared first on 'net work.
Docker Networking Design Philosophy
From the experimental networking in Docker 1.7 to the initial release in Docker 1.9, the reception from the community has been fantastic! First of all we want to thank you for all the discussions, evaluations, PRs and filed issues. As … ContinuedDon’t let DROWN get you down
If you’re maintaining services on the internet, you know about the importance of keeping up to date with security patches as they come available. Today is no exception with the release of CVE-2016-0800, describing the ‘DROWN’ vulnerability in OpenSSL.
The key points of DROWN are that it can allow for passive decryption of encrypted traffic, via vulnerabilities in the obsolete SSLv2 protocol. Merely using SSLv2 for one service could cause the compromise the traffic of other services, even if they aren’t using SSLv2. More information can be found at http://www.drownattack.com/.
The Red Hat specific announcement can be found in the Red Hat Knowledgebase.
Obviously, this is a big deal, but patching your systems for DROWN doesn’t have to be a big deal, thanks to Ansible.
Here’s a sample playbook for Red Hat/Fedora/CentOS and Debian/Ubuntu systems (link to source):
- hosts: all gather_facts: true sudo: true tasks: - name: update openssl from apt if available apt: name=openssl state=latest update_cache=yes when: ansible_os_family == 'Debian' notify: restart_system - name: update openssl from yum if available yum: name=openssl state=latest update_cache=yes when: ansible_os_family == 'RedHat' notify: restart_system Continue reading
Announcing Docker Cloud
Today we are proud to announce the immediate general availability of Docker Cloud. And we are excited to invite and welcome everyone of you to try it out. Docker Cloud is the name of the new cloud service by Docker … ContinuedOPNFV Lets the Rivers of Brahmaputra Flow
It’s in a race with vendors doing similar work.
Staying afloat: the DROWN Attack and CloudFlare
CloudFlare customers are automatically protected against the recently disclosed DROWN Attack. We do not have SSLv2 enabled on our servers.
We publish our SSL configuration here so that others can use it. We currently accept TLS 1.0, 1.1 and 1.2.
We are proactively testing our customers' origin web servers to detect vulnerable servers and will be reaching out to any that have a server that is vulnerable to DROWN.
In the interim, ensure that SSLv2 is fully disabled and/or that private keys are not shared with servers that still need to have SSLv2.
Networking: Best-of-Breed Vs. Single Vendor
Should you take a multi-vendor approach to your network or is a homogeneous network the best bet?
Spanning Tree Protocol (STP) and Bridging Loops
Continuing our bridging loops discussion Christoph Jaggi sent me another question:
Theoretically STP should avoid bridging loops, and yet you claim they cause data center meltdowns. What am I missing?
In theory, STP avoids bridging loops. In practice, there are numerous reasons STP got a bad name.
Read more ...Taking The Mystery Out Of IoT
Some networking pros may still scoff at the impending Internet of Things, but ignore it at your peril.
Does your Wave2 AP need NBase-T?
Cisco recently launched the 2800 and 3800 series 802.11ac wave-2 access points. The 3800 Datasheet quotes a theoretical maximum throughput of 5.2Gbps when operating in Dual 5GHz radio mode (2 x 2.6Gbps). If you ran two cables to your AP you could use the second ethernet port to create a 2 x 1Gbps LAG. However there is still some debate about whether 2Gbps of throughput is sufficient for a single-radio Wave2 AP.
Some companies may not be willing to invest the time and expense to swap out their copper for fiber or run yet more copper to their APs. The NBase-T standard 802.3bz provides an alternative approach, promising speeds of 2.5Gbps or 5Gbps over Cat5e cabling over 100 Meter runs.
Peter Jones from Cisco is the chair of the NBase-T alliance and presented to us in Tech field day on the new 802.3bz standard and the technology behind it. Cisco terminology for NBase-T-like functionality is ‘MultiGigabit Ethernet’. Currently the Cisco Catalyst 2k, 3K, and 4K switching line have specific models or line cards which support a number of combined UPoE/MultiGig ports. The reason for new hardware is that new digital signal processors (DSPs) are required to achieve the 2.5Gbps Continue reading
Does your Wave2 AP need NBase-T?
Cisco recently launched the 2800 and 3800 series 802.11ac wave-2 access points. The 3800 Datasheet quotes a theoretical maximum throughput of 5.2Gbps when operating in Dual 5GHz radio mode (2 x 2.6Gbps). If you ran two cables to your AP you could … Continue reading
The post Does your Wave2 AP need NBase-T? appeared first on The Network Sherpa.
Simplifying Deployment of Packet Broker
In my last blog, I have discussed how a software defined visibility network could open up exciting applications for mobile operators. In this post, I would like to touch upon some typical operational challenges faced by implementation engineers and network operations staff when deploying and supporting network packet brokers. Operators often have a high-level understanding... Read more →