Kubernetes – Notable changes since my first build

During my latest Kubernetes lab rebuild, I noticed some significant differences in the some functions of Kubernetes cluster.  I’ve done my best to go back and update the previous blog posts with notes and pointers to make this clear.  However – going forward please consider my GitHub Salt repo as the ‘source of truth’ for the Kubernetes configuration files and current build process.   I’ll be updating that regularly as I continue to optimize the Salt config and add onto the Kubernetes configuration.  A couple of big hitters I want to call out as differences between my initial build and this one…

cAdvisor is now part of kubelet
That’s right!  We no longer need to have a separate manifest and container for cAdvisor.  We can see that any host running the kubelet process is exposing port 4194…

image 
And sure enough…

image

kube-proxy and kubelet no longer use etcd
In my first build, both the kubelet and kube-proxy service relied on talking directly to etcd to interact with the cluster.  The associated configs looked like…

image 
The newest systemd service configuration looks like this…

image

So what’s happened here is the cluster communication has moved to Continue reading

x86 is a high-level language

Just so you know, x86 machine-code is now a "high-level" language. What instructions say, and what they do, are very different things.

I mention this because of those commenting on this post on OpenSSL's "constant-time" calculations, designed to avoid revealing secrets due to variations in compute time. The major comment is that it's hard to do this perfectly in C. My response is that it's hard to do this even in x86 machine code.

Consider registers, for example. Everyone knows that the 32-bit x86 was limited to 8 registers, while 64-bit expanded that to 16 registers. This isn't actually true. The latest Intel processors have 168 registers. The name of the register in x86 code is really just a variable name, similar to how variables work in high-level languages.

So many registers are needed because the processor has 300 instructions "in flight" at any point in time in various stages of execution. It rearranges these instructions, executing them out-of-order. Everyone knows that processors can execute things slightly out-of-order, but that's understated. Today's processors are massively out-of-order.

Consider the traditional branch pair of a CMP (compare) followed by a JMPcc (conditional jump). While this is defined as two separate instructions as Continue reading

How to update a GitHub pull request (PR)

So what happens when you submit a PR, but then you want to change it?  After reviewing my proposed changes from my last post, it was decided that I should take a different approach.  The changes I needed to make weren’t substantial, and were in the same spirit as the initial PR, so I decided that updating made more sense then starting over.  All you have to do is update the code and push another commit to the branch.  Let’s assume we’ve made the changes we want to our code again.  Let’s verify that Git sees these updates…

image 
Yep – Looks good so far.  Now we need to add these files to the commit just like last time…

git add .

image 
So now the files are ready to be committed, let’s go ahead and make a commit…

git commit -m "Updated the ENV variables and the way they are set"

image 
Perfect – So now let’s check and see if our remote (GitHub) is still defined…

image 
All looking good – So now all we need to do is push the commit…

git push -u origin fluentd-elasticsearch-kibanafix

image

Let’s go check out our PR Continue reading

Android flaw puts personal data at risk for millions

Nearly half of Android devices are vulnerable to an attack that could replace a legitimate app with malicious software that can collect sensitive data from a phone.Google, Samsung and Amazon have released patches for their devices, but 49.5 percent of Android users are still vulnerable, according to Palo Alto Networks, which discovered the problem. Google said it has not detected attempts to exploit the flaw.A malicious application installed using the vulnerability, called “Android Installer Hijacking,” would have full access to a device, including data such as usernames and passwords, wrote Zhi Xu, a senior staff engineer with Palo Alto.To read this article in full or to leave a comment, please click here

Stanford breakthrough could make better chips cheaper

Researchers at Stanford University have come up with a new way to make chips and solar panels using gallium arsenide, a semiconductor that beats silicon in several important areas but is typically too expensive for widespread use.For several decades, silicon has been the go-to semiconductor for electronics. It’s abundant and cheap, and manufacturing processes are well understood, but it’s not always the best choice.Electrons move faster through gallium arsenide than through silicon, which makes it better suited for chips handling data at very high speeds or high-frequency radio signals. Solar panels based on gallium arsenide are more efficient than silicon panels at converting light to electricity.To read this article in full or to leave a comment, please click here

Google said to prep billing payment service for Gmail

Google reportedly is creating a service to let people pay their bills from their Gmail accounts.The service, currently dubbed Pony Express, would ask users to provide personal information, including credit card and Social Security numbers, to a third-party company that would verify their identity, according to a Re/code report on Tuesday.Google also would work with vendors that distribute bills on behalf of service providers like insurance companies, telecom carriers and utilities, according to the article, which was based on a document seen by Re/code that describes the service.To read this article in full or to leave a comment, please click here

Hutchison to buy U.K. carrier O2 for up to US$15 billion

Hutchison Whampoa has agreed to acquire U.K. mobile operator O2 for a price that could top US$15 billion, giving a company that already owns one major carrier an even bigger share of the British market.The deal, which has been in the works at least since January, continues a trend of consolidation among European service providers. Hutchison already owns Three, one of the U.K.’s biggest carriers. Together, Three and O2 would form the country’s number one mobile operator by subscribers, according to news reports.To read this article in full or to leave a comment, please click here

Hutchison to buy U.K. carrier O2 for up to US$15 billion

Hutchison Whampoa has agreed to acquire U.K. mobile operator O2 for a price that could top US$15 billion, giving a company that already owns one major carrier an even bigger share of the British market.The deal, which has been in the works at least since January, continues a trend of consolidation among European service providers. Hutchison already owns Three, one of the U.K.’s biggest carriers. Together, Three and O2 would form the country’s number one mobile operator by subscribers, according to news reports.To read this article in full or to leave a comment, please click here

Hutchison to buy U.K. carrier O2 for up to US$15 billion

Hutchison Whampoa has agreed to acquire U.K. mobile operator O2 for a price that could top US$15 billion, giving a company that already owns one major carrier an even bigger share of the British market.The deal, which has been in the works at least since January, continues a trend of consolidation among European service providers. Hutchison already owns Three, one of the U.K.’s biggest carriers. Together, Three and O2 would form the country’s number one mobile operator by subscribers, according to news reports.To read this article in full or to leave a comment, please click here

Network World: 2015 State of the Network survey

The transformation of Network IT into a collaborative and agile team that is positioned to respond to rapid changes in technology is underway, according to Network World’s 2015 State of the Network survey. And IT decision-makers are optimistic that adopting advanced networking technologies will have a positive impact on IT operations.To read this article in full or to leave a comment, please click here(Insider Story)

Dell support tool put PCs at risk of malware infection

Attackers could have remotely installed malware on systems running a flawed Dell support tool used to detect customers’ products.A security researcher discovered the flaw in November and reported it to the PC manufacturer, which patched it in January. However, it’s not clear if the fix closed all avenues for abuse.The application, called Dell System Detect, is offered for download when users click the “Detect Product” button on Dell’s support site for the first time. It is meant to help the website automatically detect the user’s product—more specifically its Service Tag—so that it can offer the corresponding drivers and resources.Last year, a security researcher named Tom Forbes reverse engineered the program to see how it communicated with the Dell website. He found that the application installs a Web server on the local machine that listens on port 8884. The Dell site then uses JavaScript to send requests to the local server through the user’s browser.To read this article in full or to leave a comment, please click here

IDG Contributor Network: DSL reaches speeds of 170 Mbps

While those of us interested in obtaining the fastest download speeds possible closely watch, and then seize on, fiber and upgraded cable rollouts, salivating over speeds of 100 Mbps and up, it's easy to forget the many people still can't get cable and rely on lowly, twisted-pair DSL. DSL download speeds at common ISPs range from 14 to 43 Mbps, according to Ookla's Speedtest.net. Crosstalk between lines has restricted bandwidth, for one thing.However, things might be about to change, particularly in Europe.G.fast technologyG.fast is a fiber-to-the node (FTTN) DSL technology that has obtained accelerated speeds of 170 Mbps over a quarter mile in the lab, and 1 Gbps over a less-usable 100 yards in the same setting. It works best over short distances.To read this article in full or to leave a comment, please click here

Verizon bumps up its 100G metro fiber-optic network

Verizon on Tuesday announced new technology to bolster its super-fast 100 Gbps fiber-optic network serving metro areas, but didn't reveal where the work will be done or other details.The vague announcement raised the question of whether Verizon is simply trying to show its competitive value against Google and AT&T, which have both announced fiber Internet services in a number of cities.MORE ON NETWORK WORLD: 5 free Ethernet tools you should check out "I think Verizon is trying to play catch up to the others without saying it that way," said independent analyst Jeff Kagan. "The only question I still have is will Verizon be a real competitor or is this mostly just talk to cover their butts in the rapidly changing marketplace?"To read this article in full or to leave a comment, please click here

Startup Rubrik goes all-in-one with backup appliance

All-in-one boxes are hot in data centers, and the concept is starting to expand into backup and recovery.A Silicon Valley startup called Rubrik will start shipping a system later this year that combines software for backup, recovery and deduplication with commodity hardware for storage capacity and networking. Rubrik will sell the appliance in standard configurations so customers can just add more boxes as their needs grow.It’s an alternative to the way backup and recovery systems are typically built today, with specialized backup software from one vendor combined with deduplication from another provider and installed on storage hardware from yet another company, said Rubrik co-founder and CEO Bipul Sinha. Like makers of so-called hyperconverged computing, storage and networking platforms, Rubrik can make life easier for IT shops, Sinha said.To read this article in full or to leave a comment, please click here

HP boxes up the cloud for the enterprise

Enterprises that wish to enjoy the benefits of cloud computing but still prefer to keep computational resources in-house should take a look at a new cloud system offered by Hewlett-Packard.A preconfigured package of hardware and software, the HP Helion Rack “is designed to help enterprises deploy private clouds much faster,” said Ken Won, director of HP Helion marketing.A private cloud allows an organization to offer cloud services, such as virtual machines, on internal networks. For example, employees could use a private cloud to provision their own IT resources. Or, a company may want to set up a cloud computing infrastructure itself to run cloud services on behalf of their customers.To read this article in full or to leave a comment, please click here

Despite its design, One M9 unlikely to be HTC’s knight in shining armor

The One M9 may be a knockout, but it’s not likely to save HTC. The device looks similar to its predecessor at a time when competitors have multiplied and stepped up their game, making it even harder for the struggling company to make a mark in the high-end segment.Design has, since the launch of the first One model, been HTC’s biggest strength. The One M9, however, doesn’t have the same wow factor as its predecessors since the design is no longer as groundbreaking.“To most consumers the One M9 will look almost identical to the One M8, which preceded it, and that’s a big challenge for HTC,” said Ben Wood, chief of research at CCS Insight.To read this article in full or to leave a comment, please click here

NFV and SDNs will make up the cloud

If McLuhan was right, what we know today as "The Cloud" will be resources linked through massively and continuously variable software-designed networks using largely software-defined linking. Your compute might be in Dallas, but let's store the data in Germany where the privacy laws suit our regulatory/compliance needs.In the bad old days, huge racks filled with "datacomm" equipment and -48v racks of batteries to back them up were anchors in data communications. A big logo sat on the cabinets, claiming space for a carrier. Inside, lots of CSUs/DSUs lived, circuits and monitoring equipment running furiously, and hopefully, 24/7/365.25. The AT&T Cabinet wasn't much different than the Sprint or Verizon cabinet, and Level 3 seemed newer, at least judging by the age of the paint on the rack. Somewhere in that rack was a jack, your jack, fiber, Ethernet, SONET, ATM, and with the jack you were connected to: someplace else.To read this article in full or to leave a comment, please click here

1 3,581 3,582 3,583 3,584 3,585 3,853