Acer’s new low-cost handset will be upgradeable to Windows 10

Acer is getting a head-start on Windows 10, releasing a new smartphone that comes with Windows Phone 8.1 but which it promises will be upgradeable to the new OS when it arrives later this year. Called the Liquid M220, it’s priced from €79 (US$89) and will go on sale in Europe, the Middle East and Africa. Acer couldn’t immediately say if it will be sold in the U.S., but it’s been focussing on EMEA lately for its mobiles and wearables. It is one of many low-cost phones Acer is announcing at the Mobile World Congress in Barcelona. The others run Android.+ See our full coverage of MWC 2015 +To read this article in full or to leave a comment, please click here

Review: Hosting WordPress with GoDaddy

GoDaddy recently entered the turnkey WordPress hosting fray, offering a one year trial for $1 a month. I had been toying with the idea of another blog, so I decided to give them a try. The experience of hosting at GoDaddy has been...sort of neutral.

Filtering .raw fields with Python Elasticsearch DSL High-Level Client

It took me a while to figure out how to search the not_analyzed ".raw" fields created by Logstash in Elasticsearch indices, using the high-level Python Elasticsearch client. Because keyword arguments can't have attributes, Python throws an error if you try it the intuitive way (this assumes you've already set up a client as es and an index as i, as shown in the docs):

Instead, you create a dictionary with your parameters and unpack it using the ** operator:

This produces the Elasticsearch query we want:

Filtering .raw fields with Python Elasticsearch DSL High-Level Client

It took me a while to figure out how to search the not_analyzed ".raw" fields created by Logstash in Elasticsearch indices, using the high-level Python Elasticsearch client. Because keyword arguments can't have attributes, Python throws an error if you try it the intuitive way (this assumes you've already set up a client as es and an index as i, as shown in the docs):

Instead, you create a dictionary with your parameters and unpack it using the ** operator:

This produces the Elasticsearch query we want:

Installing cAdvisor and Heapster on bare metal Kubernetes

If you’ve spent some time with Kubernetes, or docker in general, you probably start to wonder about performance.  Moreover, you’re probably wondering how to gauge performance of he overall host as well as the containers running on it.  This is where cAdvisor comes in.  CAdvisor is a open source tool for monitoring docker and it’s running containers.  The best part about cAdvisor is that it has native docker support and is super easy to integrate into an existing Kubernetes cluster.  Additionally, cAdvisor runs in a container (starting to see why docker is awesome?) so the configuration changes required on the host are super minimal.  AKA – You just need to tell the host to run the container.

In addition to installing cAdvisor on our bare metal Kubernetes cluster, we’re also going to install another awesome open source Google tool call Heapster.  Heapster gathers all of the data from each Kubernetes node via cAdvisor and puts it all together for you in one spot.

So let’s get started with installing cAdvisor…

The cAdvisor container needs to run on each host you want cAdvisor to monitor.  While we could do this through the Continue reading

Experimenting with Docker, Registrator, and Consul

Over the last few days, I’ve been experimenting with Docker, Registrator, and Consul in an effort to explore some of the challenges involved in building a robust containerized infrastructure. While I haven’t finished fully exploring the idea (and documenting what I’ve learned), I did discover one interesting—and unexpected—interaction.

Here’s a quick overview of my testing environment:

  • I used two OpenStack Heat templates to spin up two clusters of 5 instances each.
  • The first cluster is a set of CoreOS Linux instances, customized via cloud-init to not run etcd. These instances are attached to a VMware NSX-powered logical network using IP addresses from the 10.1.1.0/24 subnet.
  • On each CoreOS Linux instance, I have Registrator running as a Docker container and listening to the Docker socket (thus listening to Docker events).
  • The second cluster is a set of Ubuntu 14.04 instances running Consul. These instances are connected to an NSX-powered logical network using IP addresses from the 10.1.2.0/24 subnet.
  • The two logical networks are connected by a logical router and thus have full connectivity.

Registrator, if you’re not already familiar with it, is a service registry tool that listens to the Docker Continue reading

Protecting web origins with Authenticated Origin Pulls

As we have been discussing this week, securing the connection between CloudFlare and the origin server is arguably just as important as securing the connection between end users and CloudFlare. The origin certificate authority we announced this week will help CloudFlare verify that it is talking to the correct origin server. But what about verification in the opposite direction? How can the origin verify that the client talking to it is actually CloudFlare?

TLS Client Authentication

Normal TLS handshake

TLS (the modern version of SSL) allows a client to verify the identity of the server it is talking to. Normally, a TLS handshake is one-way, that is, the client is able to verify the server's identity, but the server is not able to verify the client's identity. What about when both sides need to verify each other's identity?

Client authenticated TLS handshake

Enter TLS Client Authentication. In a client authenticated TLS handshake both sides provide a certificate to be verified. If the origin server is configured to only accept requests which use a valid client certificate from CloudFlare, requests which have not passed through CloudFlare will be dropped (as they will not have our certificate). This means that attackers cannot circumvent CloudFlare features such as our WAF Continue reading

Personal data on 50,000 Uber drivers exposed in breach

The names and license plate numbers of about 50,000 Uber drivers were compromised in a security breach last year, the company revealed Friday.Uber discovered a possible breach of its systems in September, and a subsequent investigation revealed an unauthorized third party had accessed one of its databases four months earlier, the company said.The files accessed held the names and license plate numbers of about 50,000 current and former drivers, which Uber described as a “small percentage” of the total. About 21,000 of the affected drivers are in California. The company has several hundred thousand drivers altogether.To read this article in full or to leave a comment, please click here

Personal data on 50,000 Uber drivers exposed in breach

The names and license plate numbers of about 50,000 Uber drivers were compromised in a security breach last year, the company revealed Friday.Uber discovered a possible breach of its systems in September, and a subsequent investigation revealed an unauthorized third party had accessed one of its databases four months earlier, the company said.The files accessed held the names and license plate numbers of about 50,000 current and former drivers, which Uber described as a “small percentage” of the total. About 21,000 of the affected drivers are in California. The company has several hundred thousand drivers altogether.To read this article in full or to leave a comment, please click here

iPexpert’s Newest “CCIE Wall of Fame” Additions 2/27/2015

Please join us in congratulating the following iPexpert client’s who have passed their CCIE lab!

This Week’s CCIE Success Stories

  • Haroon Raees, CCIE #46529 (Collaboration)
  • Evariste Happi, CCIE #46452 (Collaboration)
  • Daniel Flieth, CCIE #46067 (Collaboration)
  • Majid, CCIE #45866 (Collaboration)
  • Rob Lacrosse, CCIE #45283 (Collaboration)
  • Devan Lim, CCIE #45991 (Collaboration)
  • Clay Ostlund, CCIE #45770 (Collaboration)

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

As tech and recording industries seek harmony, Google invests in music publisher Kobalt

Google’s venture arm has invested in Kobalt, a music publishing firm that counts Beck, Paul McCartney and the Foo Fighters among its clients.The US$60 million venture round also includes funding from the personal investment firm of Michael Dell, founder and CEO of Dell.Kobalt handles payment of royalties to singers and songwriters from streaming services like Spotify and video sharing sites like YouTube.Artists are concerned about how they’re compensated when people consume music via streaming services, Google Ventures managing partner Bill Maris told the Guardian newspaper. Kobalt’s technology can lessen musicians’ concerns about how they’ll get paid, he said.To read this article in full or to leave a comment, please click here

White House privacy proposal aims to give consumers control over data

U.S. businesses that collect personal data would be required to describe their privacy and security practices and give consumers control over their personal information under a proposed privacy bill of rights released Friday by President Barack Obama’s administration.The proposal would also require companies and nonprofit groups to collect and retain only the personal data they need to operate.However, the proposal allows industry groups to submit their own codes of conduct to the Federal Trade Commission and shields companies that follow those codes from FTC enforcement actions.To read this article in full or to leave a comment, please click here

White House privacy proposal aims to give consumers control over data

U.S. businesses that collect personal data would be required to describe their privacy and security practices and give consumers control over their personal information under a proposed privacy bill of rights released Friday by President Barack Obama’s administration.The proposal would also require companies and nonprofit groups to collect and retain only the personal data they need to operate.However, the proposal allows industry groups to submit their own codes of conduct to the Federal Trade Commission and shields companies that follow those codes from FTC enforcement actions.To read this article in full or to leave a comment, please click here

8 great ways to celebrate Raspberry Pi’s 3rd birthday

Happy Pi Day!Image by Shutterstock/Stephen SauerHas it really been three years? The Raspberry Pi has been through several updates, new models and sold more than 5 million units since its launch in February 2012 – sounds like a good excuse for a party to us! Here are some suggestions for a fun Pi Day.Play EliteOne of the major early backers of the Raspberry Pi project was David Braben, PC gaming pioneer and creator of the classic spaceship title Elite. An open-source version, Oolite, is still available to play for free, but if you’ve got money and a modern computer, you might try the swanky, impressive new reboot, Elite: Dangerous.To read this article in full or to leave a comment, please click here

PlexxiPulse—Demonstrating Big Data Fabrics

If you’ve been following us on the blog or on social media, you know that we announced our partnership with Big Data platform provider Cloudera last month. And, that a few months ago, our own Ed Henry demonstrated how to construct Big Data fabrics that easily integrate with systems like OpenStack and Cloudera during an installation of SDxCentral’s DemoFriday series. That webinar was recently published on SDxCentral’s website. You can watch the full presentation here to see the next generation of data fabrics in action. Enjoy!

Below please find a few of our top picks for our favorite news articles of the week. Have a great weekend!

Enterprise Networking Planet: The Future of White Box Networking in the Enterprise
By Arthur Cole
It seems that the farther along we get on the road to SDx, the more pertinent question is, what role will white box play in an increasingly distributed network environment? To be sure, white box hardware will see a dramatic rise in web-facing hyperscale operations in the years to come, but the advantages the technology brings to the table start to erode as scale drops. This means the traditional enterprise facility, which still has a vital role to Continue reading

With expansion into West Africa, VMK ignites Africa-designed brands competition

By opening its first store in the Ivory Coast, VMK, based in the Republic of the Congo, is taking a big step in its expansion plans and potentially setting up a designed-in-Africa brand competition with RLG.VMK has up to now offered products manufactured in China but has plans to start making phones in Africa. RLG, which has global headquarters in Dubai, runs its West African phone-assembling operation from Ghana.VMK’s move into West Africa from its Central Africa base in Brazzaville coincided with the Ivory Coast’s launch of a project aimed at equipping 500,000 families with a computer or a tablet, plus an Internet broadband connection.To read this article in full or to leave a comment, please click here

With expansion into West Africa, VMK ignites Africa-designed brands competition

By opening its first store in the Ivory Coast, VMK, based in the Republic of the Congo, is taking a big step in its expansion plans and potentially setting up a designed-in-Africa brand competition with RLG.VMK has up to now offered products manufactured in China but has plans to start making phones in Africa. RLG, which has global headquarters in Dubai, runs its West African phone-assembling operation from Ghana.VMK’s move into West Africa from its Central Africa base in Brazzaville coincided with the Ivory Coast’s launch of a project aimed at equipping 500,000 families with a computer or a tablet, plus an Internet broadband connection.To read this article in full or to leave a comment, please click here

Google reverses decision to limit sexually explicit content on Blogger

Google will continue to permit sexually explicit content to be publicly shared on Blogger, reversing a policy change it announced earlier this week.Instead of making blogs with adult content private, the search giant will “step up enforcement around our existing policy prohibiting commercial porn,” Google said Friday in a post on its product support page.On Tuesday, Google said it was adopting a more stringent stance in how adult content was shared on its blogging platform. According to the new policy, after March 23, blogs that displayed either sexually explicit images and videos or graphic nudity would be changed to private blogs. Access to these sites would be restricted to people who received an invitation from the owners. The content, however, would not be deleted. To keep their blogs in the public realm, owners had to delete the explicit videos and images.To read this article in full or to leave a comment, please click here

Thoughts on Building Tools versus “Programming”

A couple weeks ago at Networking Field Day 9, Brocade presented with their usual A-list of networking gurus. One of the presenters was Jon Hudson, a very engaging, visionary speaker. His talk, shown below, was about the state of network programmability.

During the conversation (which is well worth watching), discussion turned to the question of “will network engineers become programmers?” posed by John Herbert of MovingPackets.net. Jon Hudson’s response elicited applause from the room. He said:

“The trouble I have with that statement is, most network engineers I know, like myself, we know how how to code. We went to school for it, and we chose not to.” – Jon Hudson

The conversation went on to discuss the value of programmability for the sake of consistency in the management and configuration of large-scale network fabrics (which I don’t think anyone would really debate as a “Good Thing”), but Jon’s quote about being a programmer and some of the sidebar that flowed from it created a fair bit of activity in the Twitter stream. Following the presentation, my attention was called to a mailing list on which a question was asked about networking engineerings being “given a Continue reading

Apple Watch will start your car one day, Tim Cook says

While we count down the days until the Apple Watch is (presumably) revealed at Apple’s “Spring forward” event March 9, more details about the much-anticipated wearable continue to dribble out. For instance, the smartwatch was designed to be able to replace your car keys—though it’s unlikely that functionality will be turned on at launch. Apple CEO Tim Cook told The Telegraph that when it ships, Apple Watch will let you filter messages, give you credits for meeting exercise goals, and accompany you in the shower. Cook also said the battery life will last all day and will take less time to charge than the iPhone using the new MagSafe-style wireless inductive charger. It’s unclear exactly how long the battery will last—recent reports indicate Apple is aiming for 19 hours of combined active and passive usage—or how long it will take to charge, but we’ll find out soon.To read this article in full or to leave a comment, please click here