VisionFive 2 quickstart

RISC-V small computer

For a long time I’ve wanted something Raspberry-pi-like but with RISC-V. And finally there is one, and a defensible price! Especially with the Raspberry Pi 4 shortage this seemed like a good idea.

This post is my first impressions and setup steps.

It’s just like when I was a kid!

When I was in my late teens I was playing with different architectures, mostly using discarded university computers. It was fun to have such different types of computers. Back then it was SPARC (And UltraSparc), Alpha, and x86. Maybe access to some HPPA. I even had a MIPS (SGI Indigo 2).

Nowadays instead of SPARC, Alpha, and x86 it’s ARM, RISC-V, and x64.

Luckily they can be smaller nowadays. Before I left home my room had more towers of computers than it had furniture. In my first flat I had a full size rack!

Write SD card

pv starfive-jh7110-VF2_515_v2.5.0-69-minimal-desktop.img \
   | sudo dd of=/dev/sda

Repartition SD card

We need to repartition, because the boot partition is way too small. It only fits one kernel/initrd, which became a problem I ran into.

Unfortunately gparted doesn’t seem to work on disk images. It Continue reading

Kubernetes Security And Networking 2: Getting Started With Role-Based Access Control (RBAC) – Video

Role-Based Access Control, or RBAC, lets you set permissions around who can access a system and at what level. RBAC is basic, but essential, security function. This video looks at RBAC for Kubernetes from two perspectives: in native Kubernetes and in platforms such as Azure Active Directory. Host Michael Levan brings his background in system […]

The post Kubernetes Security And Networking 2: Getting Started With Role-Based Access Control (RBAC) – Video appeared first on Packet Pushers.

Azure Networking Fundamentals: Network Security Group (NSG)

Comment: Here is a part of the introduction section of the second chapter of my Azure Networking Fundamentals book. I will also publish other chapters' introduction sections soon so you can see if the book is for you. The book is available at Leanpub and Amazon (links on the right pane). 

This chapter introduces three NSG scenarios. The first example explains the NSG-NIC association. In this section, we create a VM that acts as a Bastion host*). Instead of using the Azure Bastion service, we deploy a custom-made vm-Bastion to snet-dmz and allow SSH connection from the external network. The second example describes the NSG-Subnet association. In this section, we launch vm-Front-1 in the front-end subnet. Then we deploy an NSG that allows SSH connection from the Bastion host IP address. The last part of the chapter introduces an Application Security Group (ASG), which we are using to form a logical VM group. We can then use the ASG as a destination in the security rule in NSG. There are two ASGs in figure 2-1. We can create a logical group of VMs by associating them with the same Application Security Group (ASG). The ASG can then be used Continue reading

Accelerating cloud-native development brings opportunities and challenges for enterprises

By 2025, Gartner estimates that over 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021. This momentum of these workloads and solutions presents a significant opportunity for companies that can meet the challenges of the burgeoning industry.

As digitalization continues pushing applications and services to the cloud, many companies discover that traditional security, compliance, and observability approaches do not transfer directly to cloud-native architectures. This is the primary takeaway from Tigera’s recent The State of Cloud-Native Security report. As 75% of companies surveyed are focusing on cloud-native application development, it is imperative that leaders understand the differences, challenges, and opportunities of cloud-native environments to ensure they reap the efficiency, flexibility, and speed that these architectures offer.

Containers: Rethinking security

The flexibility container workloads provide makes the traditional ‘castle and moat’ approach to security obsolete. Cloud-native architectures do not have a single vulnerable entry point but many potential attack vectors because of the increased attack surface. Sixty-seven percent of companies named security as the top challenge regarding the speed of deployment cycles. Further, 69% of companies identified container-level firewall capabilities, such as intrusion detection and prevention, web application firewall, protection from “Denial of Service” Continue reading

BrandPost: Three Ways SD-WAN and Networking-as-a-Service Benefit Sustainability and ESG

By: Gabriel Gomane, Senior Product Marketing Manager, Aruba, a Hewlett Packard Enterprise company.Environment, social, and governance, or ESG, has become a hot topic in corporate strategy as a key component to driving shareholder value and interest. Sustainability, in particular, is often considered the main focus to attain ESG goals due to growing climate change concerns. That strategy, however, must look beyond traditional methods and expand to encompass IT and corporate computing practices, which in turn can drive a significant chunk of an organization’s carbon footprint through its vast energy needs.In a recent Gartner survey, CEOs considered environmental sustainability as a key differentiator and placed environmental sustainability in the top 10 strategic business priorities. Additionally, 74% of CEOs agreed that increasing Environmental, Social and Governance (ESG) efforts attract investors toward their companies[1].To read this article in full, please click here

Fundamentals of Network Automation with Ansible Validated Content using the network.base collection

Fundamentals of Network Automation blog

We introduced resource modules in Ansible 2.9, which provided a path for users to ease network management, especially across multiple different product vendors. This announcement was significant because these resource modules added a well structured representation of device configurations and made it easy to manage common network configurations.

At AnsibleFest 2022, we announced a new addition to the content ecosystem offered through the platform: Ansible validated content. Ansible validated content is use cases-focused automation that is packaged as Collections. They contain Ansible plugins, roles and playbooks that you can use as an automation job through Red Hat Ansible Automation Platform.

The Ansible validated content for network base focuses on abstract platform-agnostic network automation and enhances the experience of resource module consumption by providing production-ready content. This network base content acts as the core to the other network validated content, which I will explain more about in the examples below.

 

Network base use cases

The network.base Collection acts as a core for other Ansible validated content, as it provides the platform agnostic role called Resource Manager, which is the platform-agnostic entry point for managing all of the resources supported for a given network OS. It includes the Continue reading

Intelligent, automatic restarts for unhealthy Kafka consumers

Intelligent, automatic restarts for unhealthy Kafka consumers
Intelligent, automatic restarts for unhealthy Kafka consumers

At Cloudflare, we take steps to ensure we are resilient against failure at all levels of our infrastructure. This includes Kafka, which we use for critical workflows such as sending time-sensitive emails and alerts.

We learned a lot about keeping our applications that leverage Kafka healthy, so they can always be operational. Application health checks are notoriously hard to implement: What determines an application as healthy? How can we keep services operational at all times?

These can be implemented in many ways. We’ll talk about an approach that allows us to considerably reduce incidents with unhealthy applications while requiring less manual intervention.

Kafka at Cloudflare

Cloudflare is a big adopter of Kafka. We use Kafka as a way to decouple services due to its asynchronous nature and reliability. It allows different teams to work effectively without creating dependencies on one another. You can also read more about how other teams at Cloudflare use Kafka in this post.

Kafka is used to send and receive messages. Messages represent some kind of event like a credit card payment or details of a new user created in your platform. These messages can be represented in multiple ways: JSON, Protobuf, Avro and so on.

Continue reading

Will DPUs Change the Network?

It’s easy to get excited about what seems to be a new technology and conclude that it will forever change the way we do things. For example, I’ve seen claims that SmartNICs (also known as Data Processing Units – DPU) will forever change the network.

TL&DR: Of course they won’t.

Before we start discussing the details, it’s worth remembering what a DPU is: it’s another server with its own CPU, memory, and network interface card (NIC) that happens to have PCI hardware that emulates the host interface cards. It might also have dedicated FPGA or ASICs.

Read more …

Will DPUs Change the Network?

It’s easy to get excited about what seems to be a new technology and conclude that it will forever change the way we do things. For example, I’ve seen claims that SmartNICs (also known as Data Processing Units – DPU) will forever change the network.

TL&DR: Of course they won’t.

Before we start discussing the details, it’s worth remembering what a DPU is: it’s another server with its own CPU, memory, and network interface card (NIC) that happens to have PCI hardware that emulates the host interface cards. It might also have dedicated FPGA or ASICs.

Read more …

Melbourne home to AWS’ second region in Australia

Amazon Web Services (AWS) on Tuesday said its second infrastructure region in Australia has been made available for customers.The new region in Melbourne (codenamed: ap-southeast-4), which was first announced in December 2020, will consist of three availability zones.Availability zones are the building blocks of an AWS region that place infrastructure in separate and distinct geographic locations.AWS had launched its first infrastructure region in Sydney in 2012, which also has three availability zones.Other than the two regions, Australia is home to seven Amazon CloudFront Edge locations in Australia, backed by a Regional Edge cache in Sydney. The company had launched an additional CloudFront point of presence (PoP) in Perth in 2018.To read this article in full, please click here

Melbourne home to AWS’ second region in Australia

Amazon Web Services (AWS) on Tuesday said its second infrastructure region in Australia has been made available for customers.The new region in Melbourne (codenamed: ap-southeast-4), which was first announced in December 2020, will consist of three availability zones.Availability zones are the building blocks of an AWS region that place infrastructure in separate and distinct geographic locations.AWS had launched its first infrastructure region in Sydney in 2012, which also has three availability zones.Other than the two regions, Australia is home to seven Amazon CloudFront Edge locations in Australia, backed by a Regional Edge cache in Sydney. The company had launched an additional CloudFront point of presence (PoP) in Perth in 2018.To read this article in full, please click here

Network Break 414: 230 Juniper Vulnerabilities, Should Cisco Patch An EOL Router, T-Mobile Takes Weeks To Spot Breach

On today's Network Break podcast we cover a raft of Juniper vulnerabilities, whether Cisco should patch serious vulnerabilities in end-of-life products, a big T-Mobile breach, Avaya dealing with significant debt, sweeping rounds of layoffs, and more IT news.

The post Network Break 414: 230 Juniper Vulnerabilities, Should Cisco Patch An EOL Router, T-Mobile Takes Weeks To Spot Breach appeared first on Packet Pushers.

IDC: With possible recession looming, IT pros plan spending adjustments

Facing what they perceive as an inevitable recession, IT planners are moving ahead with infrastructure investment but also calculating how to shift priorities if spending cuts become unavoidable, according to monthly surveys by IDC.Roughly 81% of respondents expect their spending to stay the same or increase for 2023, despite anticipating economic “storms of disruption." The results are based on surveys conducted in November and December 2022 of more than 800 IT decision makers in North America, Asia/Pacific, and Europe.Cloud spending is increasing, and an IDC Quick poll of 69 CIOs from its global CIO Executive Council conducted in December found two-thirds of them are already spending more on cloud services than they budgeted. The two studies are cited in the IDC report “Early 2023 Cloud Budget Outlook: Aligning IT Spending with the Business Conditions” published this month.To read this article in full, please click here

Working with image files on the Linux command line

While the best way to view or manipulate image files on Linux is to open them on your desktop for viewing or manipulating with tools like Gimp, there are quite a few ways to get important details on the command line.Identifying image type by file extension In general, image files can be identified on the command line by listing their names. Clearly ".jpg" represents a jpeg file, ".png" a portable network graphics file, ".gif" a graphics interchange format file, ".tiff" a tagged image file and so on.$ ls -l images -rw-rw-r--. 1 shs shs 256093 Jul 15 2018 mycats.jpg -rw-r-----. 1 shs shs 784238 Jul 15 2018 mycats.png -rw-rw-r--. 1 shs shs 6760 Jul 15 2018 arrow.jpg -rw-r-----. 1 shs shs 8853 Jul 15 2018 arrow.png Nearly all of the time you can rely on file extensions accurately reporting the file type, but there's more you can do with additional commands.To read this article in full, please click here

1 363 364 365 366 367 3,841