Day Two Cloud 174: Building Kubernetes Clusters

On today's Day Two Cloud podcast we walk through how to build a Kubernetes cluster to support a container-based application. We cover issues such as what constitutes a minimum viable cluster, rolling your own vs. Kubernetes-as-a-service, managing multiple clusters, pros and cons of bare metal vs. running clusters in VMs, design recommendations and gotchas using a cloud service, and more.

Day Two Cloud 174: Building Kubernetes Clusters

On today's Day Two Cloud podcast we walk through how to build a Kubernetes cluster to support a container-based application. We cover issues such as what constitutes a minimum viable cluster, rolling your own vs. Kubernetes-as-a-service, managing multiple clusters, pros and cons of bare metal vs. running clusters in VMs, design recommendations and gotchas using a cloud service, and more.

The post Day Two Cloud 174: Building Kubernetes Clusters appeared first on Packet Pushers.

ICMP Redirects and Suboptimal Routing

A while ago, I wrote a blog post explaining why we should (mostly) disable ICMP redirects, triggering a series of comments discussing the root cause of ICMP redirects. A few of those blamed static routes, including:

Put another way, the presence or absence of ICMP Redirects is a red herring, usually pointing to architectural/design issues instead. In this example, using vPC Peer Gateway or, better yet, running a minimal IGP instead of relying on static routes eliminates ICMP Redirects from both the problem and solution spaces simultaneously.

Unfortunately, that’s not the case. You can get suboptimal routing that sometimes triggers ICMP redirects in well-designed networks running more than one routing protocol.

Read more …

ICMP Redirects and Suboptimal Routing

A while ago, I wrote a blog post explaining why we should (mostly) disable ICMP redirects, triggering a series of comments discussing the root cause of ICMP redirects. A few of those blamed static routes, including:

Put another way, the presence or absence of ICMP Redirects is a red herring, usually pointing to architectural/design issues instead. In this example, using vPC Peer Gateway or, better yet, running a minimal IGP instead of relying on static routes eliminates ICMP Redirects from both the problem and solution spaces simultaneously.

Unfortunately, that’s not the case. You can get suboptimal routing that sometimes triggers ICMP redirects in well-designed networks running more than one routing protocol.

Read more …

Adjusting pricing, introducing annual plans, and accelerating innovation

Adjusting pricing, introducing annual plans, and accelerating innovation

This post is also available in 繁體中文, 简体中文, 日本語, 한국어, Deutsch, Français, Pусский, Español, Português.

Adjusting pricing, introducing annual plans, and accelerating innovation

Cloudflare is raising prices for the first time in the last 12 years. Beginning January 15, 2023, new sign ups will be charged \$25 per month for our Pro Plan (up from \$20 per month) and \$250 per month for our Business Plan (up from \$200 per month). Any paying customers who sign up before January 15, 2023, including any currently paying customers who signed up at any point over the last 12 years, will be grandfathered at the old monthly price until May 14, 2023.

We are also introducing an option to pay annually, rather than monthly, that we hope most customers will choose to switch to. Annual plans are available today and discounted from the new monthly rate to \$240 per year for the Pro Plan (the equivalent of \$20 per month, saving \$60 per year) and \$2,400 per year for the Business Plan (the equivalent of \$200 per month, saving \$600 per year). In other words, if you choose to pay annually for Cloudflare you can lock in our old monthly prices.

After not Continue reading

5 DNS services to provide a layer of internet security

Having thorough IT security usually means having a layered approach. Basic antivirus, for instance, might catch PC-based malware once a user downloads it, but you could try to block it before it ever reaches the user device, or at least have another security mechanism in place that might catch it if the basic antivirus doesn’t. DNS-based filtering can do this! It can help stop users from browsing to malware and phishing sites, block intrusive advertising to them, and serve as adult content filters.First, a quick primer for those who are unfamiliar with DNS: You utilize the Domain Name System (DNS) every time you surf the Web. Each time you type a site name into the browser, DNS is queried for the IP address corresponding to that particular domain, so the browser can contact the Web server to get the content. The process of converting the domain name to its IP address is called domain-name resolution.To read this article in full, please click here

5 DNS services to provide a layer of internet security

Having thorough IT security usually means having a layered approach. Basic antivirus, for instance, might catch PC-based malware once a user downloads it, but you could try to block it before it ever reaches the user device, or at least have another security mechanism in place that might catch it if the basic antivirus doesn’t. DNS-based filtering can do this! It can help stop users from browsing to malware and phishing sites, block intrusive advertising to them, and serve as adult content filters.First, a quick primer for those who are unfamiliar with DNS: You utilize the Domain Name System (DNS) every time you surf the Web. Each time you type a site name into the browser, DNS is queried for the IP address corresponding to that particular domain, so the browser can contact the Web server to get the content. The process of converting the domain name to its IP address is called domain-name resolution.To read this article in full, please click here

Automation 17. Using Operational Commands via NETCONF at Nokia SR OS in Sequential Mode

Dear friend,

After a bit of break caused by preparation to Kubernetes exams (we will continue blogs about Kubernetes as well) we are getting back to network and network automation topics. One of the interesting things, which is gradually emerging these days, is the possibility to manage multiple aspects of network devices (not only configuration or collection of operational data), such us issuing ping/traceroute checks, copying file, etc in a model-drive way (i.e., NETCONF, RESTCONF, GNMI with YANG). Today we are going to look into such a topic.



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Is that About Model-Driven Automation?

It is exactly that. NETCONF/YANG all the things, my friend! Usage of model-driven network automation significantly improves the stability and manageability of the network due to much simpler way to perform all the operations remotely. You don’t need to scrape and parse CLI anymore; instead, you interact with network devices via programmable API, what makes it possible to integrate them Continue reading

Schneider Electric, SAP tighten bonds to ease IIoT system integration

ERP giant SAP and industrial automation company Schneider Electric Tuesday announced that they would expand their collaboration in the field of IIoT (industrial IoT) and digital transformation, with a focus on sustainable infrastructure and easy deployment.The two companies plan to create preconfigured deployment options for IIoT customers—so any company looking for, for example, a field service management tool using augmented reality can simply pick up and use the partnership’s preset hardware and software configuration. (Shop floor operational tech integration, using digital twins for lifecycle management, is also planned.)To read this article in full, please click here

Cisco updates SD-WAN to simplify provisioning, management

Cisco is set to unveil a new edition of its SD-WAN software that will extend the system’s reach and include new management capabilities.Among the most significant enhancements to Cisco SD-WAN release 17.10, expected in December, is the ability to use Cisco SD-WAN Multi Region Fabric (MRF) support with existing Software Defined Cloud Interconnect (SDCI) systems to significantly expand the reach and control of the SD-WAN environment. MRF lets customers divide their SD-WAN environments into multiple regional networks that operate distinctly from one another, along with a central core-region network for managing inter-regional traffic, according to Cisco. To read this article in full, please click here

Seagate introduces HDDs as fast as SSDs

Thanks to some engineering wizardry involving existing technologies, Seagate has introduced a new line of hard disk drives that can match the throughput of a solid state drive.The drives are part of Seagate’s Mach.2 line, called Exos 2X18. This is the second generation of the Mach.2, coming in 16TB and 18TB capacity and support either SATA3 6Gbps or SAS 12Gbps interfaces.The drive is essentially two drives in one, with two sets of platters served by two separate actuators, the arms with the drive heads, that work in parallel. So the 16TB/18TB capacity is achieved through two 8TB/9TB drives packed into one 3.5-inch form factor. The Mach.2 line is filled with helium to reduce friction.To read this article in full, please click here

Seagate introduces HDDs as fast as SSDs

Thanks to some engineering wizardry involving existing technologies, Seagate has introduced a new line of hard disk drives that can match the throughput of a solid state drive.The drives are part of Seagate’s Mach.2 line, called Exos 2X18. This is the second generation of the Mach.2, coming in 16TB and 18TB capacity and support either SATA3 6Gbps or SAS 12Gbps interfaces.The drive is essentially two drives in one, with two sets of platters served by two separate actuators, the arms with the drive heads, that work in parallel. So the 16TB/18TB capacity is achieved through two 8TB/9TB drives packed into one 3.5-inch form factor. The Mach.2 line is filled with helium to reduce friction.To read this article in full, please click here

Cisco to gauge user experience with its cloud-management service

Cisco is taking steps to better control the performance and observability of cloud-based enterprise applications.At the AWS re:Invent conference this week, Cisco said it has added a feature called business transaction insights to its AppDynamics Cloud system so it can more easily track performance of applications running on the AWS Cloud including on Kubernetes, microservices, and other AWS infrastructure.Available since June, AppDynamics Cloud is a cloud-native service designed to observe applications and take action to remediate performance problems. It is built on OpenTelemetry, an emerging standard for data collection that helps to visualize and measure application performance from multiple data sources, said AppDynamics Executive CTO Gregg Ostrowski.To read this article in full, please click here

Why Kubernetes And Containerization?

There’s a general consensus in today’s tech world:  “Use Kubernetes.” But why? Why jump into Kubernetes if you’re already running production-level workloads on virtual machines? Why change what your engineering team has been doing for ten years that works just fine? Why have engineers learn a new technology that may take time to implement? In […]

The post Why Kubernetes And Containerization? appeared first on Packet Pushers.

Service Mesh & Ingress In Kubernetes Lesson 8: Deploying An Ingress & Service Mesh For Production

This video walks you through installing an ingress controller and the Istio service mesh in a production cloud environment. Michael Levan brings his background in system administration, software development, and DevOps to this video series. He has Kubernetes experience as both a developer and infrastructure engineer. He’s also a consultant and Pluralsight author, and host […]

The post Service Mesh & Ingress In Kubernetes Lesson 8: Deploying An Ingress & Service Mesh For Production appeared first on Packet Pushers.

Live next week: The CalicoCon + Cloud-Native Security Summit!

Tigera is delighted to present the annual CalicoCon + Cloud-Native Security Summit on December 7th, 2022, 9:45 a.m. – 4:00 p.m. PT. This is your chance to network with top cloud-native platform, security, DevOps, and site reliability engineer (SRE) teams, and explore real-world use cases with major players in the cloud-native industry.

Live, free, and fully virtual, the Summit gathers industry experts to explore the best practices for securing, observing, and troubleshooting cloud-native applications through real-world stories.

Who should attend?

The Summit is curated for security, DevOps, SRE, and platform architect teams in the cloud-native world.

  • Security teams – Learn how to holistically secure your cloud-native applications using today’s best practices.
  • DevOps and SRE teams – Find out how you can incorporate security and observability in your CI/CD pipeline to enable security, observability, and troubleshooting,
  • Platform Architects – Learn architecture patterns and best practices to secure and troubleshoot cloud-native applications,

Speakers and sessions

From panels to workshops to fireside chats, the Summit offers a variety of interactive sessions. Here’s a quick peek at some of our speakers and sessions:

Cloudflare partners to simplify China connectivity for corporate networks

Cloudflare partners to simplify China connectivity for corporate networks
Cloudflare partners to simplify China connectivity for corporate networks

IT teams have historically faced challenges with performance, security, and reliability for employees and network resources in mainland China. Today, along with our strategic partners, we’re excited to announce expansion of our Cloudflare One product suite to tackle these problems, with the goal of creating the best SASE experience for users and organizations in China.

Cloudflare One, our comprehensive SASE platform, allows organizations to connect any source or destination and apply single-pass security policies from one unified control plane. Cloudflare One is built on our global network, which spans 275 cities across the globe and is within 50ms of 95% of the world’s Internet-connected population. Our ability to serve users extremely close to wherever they’re working—whether that’s in a corporate office, their home, or a coffee shop—has been a key reason customers choose our platform since day one.

In 2015, we extended our Application Services portfolio to cities in mainland China; in 2020, we expanded these capabilities to offer better performance and security through our strategic partnership with JD Cloud. Today, we’re unveiling our latest steps in this journey: extending the capabilities of Cloudflare One to users and organizations in mainland China, through additional strategic partnerships. Let’s break down Continue reading

1 346 347 348 349 350 3,793