Missed the big CPU news this month?

Sponsored Post: In case you missed the big news earlier this month, Intel introduced its 4th Gen Intel® Xeon® Scalable processors (formerly codenamed Sapphire Rapids) to a huge industry fanfare – groundbreaking datacenter silicon which promises to push the boundaries of performance for high performance computing (HPC), artificial intelligence (AI) and networking workloads.

Missed the big CPU news this month? was written by Martin Courtney at The Next Platform.

Ansible Automation Platform 2.3 Configuration as Code Improvements

On November 29, we launched Red Hat Ansible Automation Platform 2.3, which included new and exciting features including improvements for Configuration as Code (CaC). Ansible Automation Platform 2.3 also includes improvements to automation controller as well as the introduction of Ansible validated content. This blog post will walk you through what CaC is and the benefits it can bring to your organization, including a UI and API walkthrough of automation controller and how to take a full Configuration as Code approach to your automation infrastructure.  

 

What is Configuration as Code (CaC) in Ansible Automation Platform?

CaC is a term generally referring to the separation of configuration settings from the actual code. The ideal being you can store that configuration data in source control, and easily run and tweak it to match different environments.

In Ansible Automation Platform terms, we can use the features within the automation controller in combination with CaC to provide a more flexible, richer experience. Essentially we’ve added ‘Prompt on Launch’ to everything within a job template, many of which will also trickle down into workflows.

‘Prompt on launch’ is our Ansible Automation Platform way of saying ‘this is the Continue reading

CVE-2022-47929: traffic control noqueue no problem?

CVE-2022-47929: traffic control noqueue no problem?
CVE-2022-47929: traffic control noqueue no problem?

USER namespaces power the functionality of our favorite tools such as docker, podman, and kubernetes. We wrote about Linux namespaces back in June and explained them like this:

Most of the namespaces are uncontroversial, like the UTS namespace which allows the host system to hide its hostname and time. Others are complex but straightforward - NET and NS (mount) namespaces are known to be hard to wrap your head around. Finally, there is this very special, very curious USER namespace. USER namespace is special since it allows the - typically unprivileged owner to operate as "root" inside it. It's a foundation to having tools like Docker to not operate as true root, and things like rootless containers.

Due to its nature, allowing unprivileged users access to USER namespace always carried a great security risk. With its help the unprivileged user can in fact run code that typically requires root. This code is often under-tested and buggy. Today we will look into one such case where USER namespaces are leveraged to exploit a kernel bug that can result in an unprivileged denial of service attack.

Enter Linux Traffic Control queue disciplines

In 2019, we were exploring leveraging Linux Traffic Control's queue Continue reading

Red Hat Enterprise Linux arrives in Oracle’s cloud

Red Hat and Oracle announced jointly Tuesday that they have partnered to bring Red Hat Enterprise Linux (RHEL) to Oracle Cloud Infrastructure, broadening Oracle’s available public cloud options and creating a measure of détente between two long-standing competitors.The announcement couched the news as step one in a broader partnership between Red Hat and Oracle, but provided details mostly of the OCI integration. RHEL will be available on Oracle’s VMs, ranging in size from 1 to 80 CPU cores and from 1GB of memory up to 1024GB. Initial support will be limited to the newer OCI virtual machine shapes, which use AMD, Intel and Arm processors.To read this article in full, please click here

Red Hat Enterprise Linux arrives in Oracle’s cloud

Red Hat and Oracle announced jointly Tuesday that they have partnered to bring Red Hat Enterprise Linux (RHEL) to Oracle Cloud Infrastructure, broadening Oracle’s available public cloud options and creating a measure of détente between two long-standing competitors.The announcement couched the news as step one in a broader partnership between Red Hat and Oracle, but provided details mostly of the OCI integration. RHEL will be available on Oracle’s VMs, ranging in size from 1 to 80 CPU cores and from 1GB of memory up to 1024GB. Initial support will be limited to the newer OCI virtual machine shapes, which use AMD, Intel and Arm processors.To read this article in full, please click here

What is hybrid cloud computing? The benefits of mixing private and public cloud services

A hybrid cloud is a computing platform built from both private and public cloud components. A public cloud is what usually comes to mind when we talk about cloud computing: storage and compute resources offered by a vendor to customers who pay on a metered basis and don't have to worry about provisioning and managing the underlying infrastructure.One drawback to using public cloud resources is that they often run in virtualized environments, and customers share hardware and other resources.  As an alternative, a customer could set up a private cloud themselves on their own infrastructure, offering the same sort of flexible access to compute resources to internal users.To read this article in full, please click here

Design Clinic: Small-Site IPv6 Multihoming

I decided to stop caring about IPv6 when the protocol became old enough to buy its own beer (now even in US), but its second-system effects keep coming back to haunt us. Here’s a question I got for the February 2023 ipSpace.net Design Clinic:

How can we do IPv6 networking in a small/medium enterprise if we’re using multiple ISPs and don’t have our own IPv6 Provider Independent IPv6 allocation. I’ve brainstormed this with people far more knowledgeable than me on IPv6, and listened to IPv6 Buzz episodes discussing it, but I still can’t figure it out.

Read more …

Design Clinic: Small-Site IPv6 Multihoming

I decided to stop caring about IPv6 when the protocol became old enough to buy its own beer (now even in US), but its second-system effects keep coming back to haunt us. Here’s a question I got for the February 2023 ipSpace.net Design Clinic:

How can we do IPv6 networking in a small/medium enterprise if we’re using multiple ISPs and don’t have our own IPv6 Provider Independent IPv6 allocation. I’ve brainstormed this with people far more knowledgeable than me on IPv6, and listened to IPv6 Buzz episodes discussing it, but I still can’t figure it out.

Read more …

Global Microsoft cloud-service outage traced to rapid BGP router updates

Outages that made Microsoft Azure and multiple Microsoft cloud services widely unavailable for 90 minutes on Jan. 25 can be traced to the cascading effects of repeated, rapid readvertising of BGP router prefixes, according to a ThousandEyes analysis of the incident.The Cisco-owned network intelligence company traced the Microsoft outage to an external BGP change by Microsoft that affected service providers. (Read more about network and infrastructure outages in our top 10 outages of 2022 recap.)Multiple Microsoft BGP prefixes were withdrawn completely and then almost immediately readvertised, ThousandEyes said. Border gateway protocol (BGP) tells Internet traffic what route to take, and the BGP best-path selection algorithm determines the optimal routes to use for traffic forwarding.To read this article in full, please click here

Tech Bytes: Fortinet’s FortiRecon Customizes Digital Risk Protection (Sponsored)

On today's Tech Bytes podcast we discuss security reconnaissance with sponsor Fortinet. We drill into FortiRecon, a service that can provide critical information, personalized for your organization, about potential threats to company assets, employees, and customers.

The post Tech Bytes: Fortinet’s FortiRecon Customizes Digital Risk Protection (Sponsored) appeared first on Packet Pushers.

MacOS Ventura 13.1 Breaks Wireshark

If you recently updated your Mac to Ventura 13.1 or 13.2, and you had installed Wireshark previously, then you may be having some trouble. If you open Wireshark, you will likey see the message “You don’t have permission to capture on local interfaces” and “You can fix this by installing ChmodBPF“. Even after installing this […]

The post MacOS Ventura 13.1 Breaks Wireshark appeared first on Packet Pushers.

Network Break 415: WAN Update Severs Microsoft Cloud Services; Intel To Wind Down Network ASIC Biz

Take a Network Break! This week we discuss new capabilities in Juniper's Astra data center automation software; a major Microsoft outage that affected Outlook, Teams, and more; reports that Intel will discontinue selling the Tofino programmable ASIC; a heap of financial results; and more.

The post Network Break 415: WAN Update Severs Microsoft Cloud Services; Intel To Wind Down Network ASIC Biz appeared first on Packet Pushers.

1 322 323 324 325 326 3,804