Announcing: A Completely New and Updated Version of Explain the Cloud Like I’m 10

I've been working hard on a completely updated version of Explain the Cloud Like I'm 10 and I'm happy to announce it's ready!

You can buy version 2.0 at: https://www.amazon.com/Explain-Cloud-Like-Im-10-ebook/dp/B0765C4SNR.

 

If you've already bought, Explain the Cloud Like I'm 10, then you should just be able to update to the new version for free.

What's new? This version has about 2x the material. I go in-depth on:

  • The major cloud providers and all the different platforms for deploying workloads.
  • How to decide between cloud providers.
  • How to switch to the cloud.
  • How to decide if you should switch to the cloud.
  • Cloud economics and how to save money in the cloud.
  • How you can learn more and take your cloud adventure to the next step.
  • And lots more. So much more. 

In version 1 of the book, I didn't cover cloud providers in any detail. Almost all the new content is platform related, so that's fixed. And I say platform rather than cloud provider on purpose.

The biggest change in the book is it is now oriented around the "cloud model" as the ultimate goal for software development, deployment, and use, not just the Continue reading

Cloudflare Pages gets even faster with Early Hints

Cloudflare Pages gets even faster with Early Hints
Cloudflare Pages gets even faster with Early Hints

Last year, we demonstrated what we meant by “lightning fast”, showing Pages' first-class performance in all parts of the world, and today, we’re thrilled to announce an integration that takes this commitment to speed even further – introducing Pages support for Early Hints! Early Hints allow you to unblock the loading of page critical resources, ahead of any slow-to-deliver HTML pages. Early Hints can be used to improve the loading experience for your visitors by significantly reducing key performance metrics such as the largest contentful paint (LCP).

What is Early Hints?

Early Hints is a new feature of the Internet which is supported in Chrome since version 103, and that Cloudflare made generally available for websites using our network. Early Hints supersedes Server Push as a mechanism to "hint" to a browser about critical resources on your page (e.g. fonts, CSS, and above-the-fold images). The browser can immediately start loading these resources before waiting for a full HTML response. This uses time that was otherwise previously wasted! Before Early Hints, no work could be started until the browser received the first byte of the response. Now, the browser can fill this time usefully when it was previously sat Continue reading

Parsing Text using TTP

Parsing Text using TTP

Before we dive into TTP (Template Text Parser), let us first address why we need a text scraping tool in the modern world of APIs and structured data. Here is my opinion:

  1. Many organisations still use legacy devices that do not have APIs or structured data formats embedded in their CLI.
  2. Network devices are still evolving and not all devices have APIs that are easy to work with.
  3. There is more information in the output of a command than what is available through the API.
  4. Network Engineers are used to working with CLI and screen scraping is a natural extension of this workflow.
  5. Sometimes you just need to get some data quickly and writing a full-fledged API client is not worth the effort.

You would be surprised to know that many commercial tools that do network observability use screen scraping under the hood. So, it is not a bad idea to learn how to do it yourself.

What are our options?

From a network engineer's perspective, there are two popular tools that can be used for screen scraping:

  1. TextFSM - TextFSM is a mature tool that has been around for a long time with huge community support and a large Continue reading

Walking the Policy Tightrope

In policy work nothing is ever truly simply black and white. The means to achieve one outcome may well act to impair the work to achieve different outcomes, and the resultant effort often requires some difficult decisions to balance what appears to be some fundamental tensions between various policy objectives. Even a topic like online safety, which should be very straightforward, has some challenges.

Streamlining the User Experience for Accessing AKS Clusters

Lately I’ve been spending a little bit of time building Pulumi programs to assist with standing up Azure Kubernetes Service (AKS) clusters. I’ve learned a pretty fair amount about Azure and AKS along the way, as expected, but I was taken aback by the poor user experience (in my opinion) when it came to accessing the AKS clusters once they’d been established. In this post, I’ll share a small tweak you can make that will, in most cases, make accessing your AKS clusters a great deal smoother.

What do I mean by “poor user experience”? In the same vein as comparable offerings from AWS (EKS) and Google Cloud (GKE), AKS leverages Azure’s identity and access management (IAM) functionality, so that users have a single place to manage user and group entities. This makes perfect sense! What doesn’t make sense to me, though, is the requirement that users must perform a separate login process to gain access to the cluster, even if the user is already authenticated via the Azure CLI. This is very counter to both EKS and GKE, where—if you are already authenticated via their CLI tools—no additional steps are necessary to access appropriately-configured managed Kubernetes clusters on their Continue reading

Kyndryl, Microsoft tie mainframe to Azure cloud resources

Kyndryl and Microsoft have extended their existing partnership to include mainframe connectivity to cloud applications and workloads.The extension ties together Kyndryl’s zCloud mainframe service with Microsoft’s Power Platform, a low-code application and workflow-automation package that brings access to cloud services including  Microsoft Azure, Office 365 and Teams.The aim is making it easier for organizations to access and integrate mainframe-based data with cloud-based resources and combine that data with other information to build new applications.Available now, the service is a way to access decades of data sitting on  mainframes, said Harish Grama, Kyndryl’s global practice leader for cloud. “The idea is to unleash data sitting on the mainframe, mine it, modernize it, and write new business applications on it," he said. "That data shouldn’t be trapped in legacy backends.”To read this article in full, please click here

Total TLS: one-click TLS for every hostname you have

Total TLS: one-click TLS for every hostname you have
Total TLS: one-click TLS for every hostname you have

Today, we’re excited to announce Total TLS — a one-click feature that will issue individual TLS certificates for every subdomain in our customer’s domains.

By default, all Cloudflare customers get a free, TLS certificate that covers the apex and wildcard (example.com, *.example.com) of their domain. Now, with Total TLS, customers can get additional coverage for all of their subdomains with just one-click! Once enabled, customers will no longer have to worry about insecure connection errors to subdomains not covered by their default TLS certificate because Total TLS will keep all the traffic bound to the subdomains encrypted.

A primer on Cloudflare’s TLS certificate offerings

Universal SSL — the “easy” option

In 2014, we announced Universal SSL — a free TLS certificate for every Cloudflare customer. Universal SSL was built to be a simple “one-size-fits-all” solution. For customers that use Cloudflare as their authoritative DNS provider, this certificate covers the apex and a wildcard e.g. example.com and *.example.com. While a Universal SSL certificate provides sufficient coverage for most, some customers have deeper subdomains like a.b.example.com for which they’d like TLS coverage. For those customers, we built Advanced Certificate Manager — a Continue reading

IPv6 Buzz 111: IPv6 And The Public Cloud

What's the state of IPv6 in the public cloud? What support is available in which of the major providers? What are the cloud challenges of v6? How does v6 affect multi-cloud architectures? The latest episode of the IPv6 Buzz podcast examines these and other v6 questions for public cloud.

How to Reduce Varicose Veins from a Sedentary Lifestyle

Varicose veins are a common condition that occurs when the valves in the veins become damaged and allow blood to flow backwards. This can cause the veins to become enlarged and twisted. Although varicose veins can occur at any age, they are more common in people over the age of 50 and in women who have been pregnant. People who have a sedentary lifestyle are also at increased risk for developing varicose veins. The good news is that there are several things you can do to reduce your risk of developing varicose veins.

Ways to Reduce Varicose Veins from a Sedentary Lifestyle

Exercise regularly

Doing regular physical activity helps keep the blood flowing throughout your body. Aim for 30 minutes of aerobic exercise at least five days a week. Walking, jogging and swimming are all good activities to help reduce your risk of developing varicose veins.

Wear compression stockings

Compression stockings are tight-fitting stockings that help reduce the pressure in your veins, which can help prevent varicose veins from developing. Your doctor can recommend the best type of stocking for you.

Elevate your legs

Lying down and propping your legs up above your heart can help reduce the pressure in Continue reading

More Arista EOS BGP Route Reflector Woes

Most BGP implementations I’ve worked with split the neighbor BGP configuration into two parts:

  • Global configuration that creates the transport session
  • Address family configuration that activates the address family across a configured transport session and changes the parameters that affect BGP updates

AS numbers, source interfaces, peer IPv4/IPv6 addresses, and passwords clearly belong to the global neighbor configuration.

Starting with EOS release 4.29.0F, you can configure the neighbor next-hop-self option within IPv4 and IPv6 address families. Great job! Hopefully, we can consider this blog post a historical curiosity.
Read more …

More Arista EOS BGP Route Reflector Woes

Most BGP implementations I’ve worked with split the neighbor BGP configuration into two parts:

  • Global configuration that creates the transport session
  • Address family configuration that activates the address family across a configured transport session, and changes the parameters that affect BGP updates

AS numbers, source interfaces, peer IPv4/IPv6 addresses, and passwords clearly belong to the global neighbor configuration.

Read more …

Aryaka Adds Secure Web Gateway, Firewall Service To Its SD-WAN And Security Capabilities

Aryaka is introducing both a Secure Web Gateway (SWG) and a Firewall-as-a-Service (FWaaS) offering to complement its SD-WAN capabilities. Many vendors, including Aryaka, are extending their SD-WAN offering to include security functions delivered as-a-service via Points of Presence (PoPs) or public clouds. This as-a-service approach makes it easier for customers to consume security services because […]

The post Aryaka Adds Secure Web Gateway, Firewall Service To Its SD-WAN And Security Capabilities appeared first on Packet Pushers.

1 423 424 425 426 427 3,841