Faster troubleshooting of microservices, containers, and Kubernetes with Dynamic Packet Capture

Troubleshooting container connectivity issues and performance hotspots in Kubernetes clusters can be a frustrating exercise in a dynamic environment where hundreds, possibly thousands of pods are continually being created and destroyed. If you are a DevOps or platform engineer and need to troubleshoot microservices and application connectivity issues, or figure out why a service or application is performing slowly, you might use traditional packet capture methods like executing tcpdump against a container in a pod. This might allow you to achieve your task in a siloed single-developer environment, but enterprise-level troubleshooting comes with its own set of mandatory requirements and scale. You don’t want to be slowed down by these requirements, but rather address them in order to shorten the time to resolution.

Dynamic Packet Capture is a Kubernetes-native way that helps you to troubleshoot your microservices and applications quickly and efficiently without granting extra permissions. Let’s look at a specific use case to see some challenges and best practices for live troubleshooting with packet capture in a Kubernetes environment.

Use case: CoreDNS service degradation

Let’s talk about this use case in the context of a hypothetical situation.

Scenario

Your organization’s DevOps and platform teams are trying to figure out Continue reading

Automation 8. Overview and Getting Started with Model-Driven Automation in Cumulus Linux 5.0

Hello my friend,

yes, we are nerds. Despite the Christmas holidays we continue working and delivering value. After all, Guido von Rossum has created Python over Christmas holidays. We find that very inspiring to be honest and, therefore, decided to look into something appealing as well.



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

How to automate the automation?

Is that even a right term “automating the automation”? It is quite right, yes. It ultimately means the capability to be able to invoke automation workflows not only manually by the automation operator, but also in an automated way: via API request (e.g., called from a customer self-service portal or web hook from some other application) or certain event or condition (e.g., based on syslog, SNMP streaming telemetry). For various types of the application (Ansible or Python) there are different automation platforms (AWX, Apache Airflow, StackStorm) existing, which ultimately fulfil that task.

And in our trainings you will get an exposure Continue reading

Enhanced Networking – 1. SRIOV – AWS

In preparation for AWS Advanced Networking Speciality Track, I have come across Enhanced Networking and application in various scenarios. I am going to cover this in a few different parts in the blog posts.

Enhanced Networking

Enhanced Networking – boils down to speeds (100Gbps vs 10Gbps) , from the picture below you can use enable Enhanced Networking either by choosing ENA stands for Elastic Network Adapter (which is supported by most of current gen instances) or by using Intel 82599 Virtual Function Interface which supports speeds upto 10Gbps with specific Instances.

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking.html

I have heard about SR-IOV but never did a deep dive into what exactly it does, to be honest. While going through Enhanced Networking documentation on AWS documentation, I have seen mention of SR-IOV at several places.

What is SR-IOV ?

More on SR-IOV is written in this blog-post, but in short SR-IOV which stands for Single Root I/O Virtualisation provides device virtualisation by using virtual-functions/DMA(Direct memory access)/virtual function devices (VFD’s) and lowering CPU interrupts.

So, the first question is if this enabled by default ? No. you have to manually enable it, per Amazon website https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#current-gen-instances , all current generation instances Continue reading

Holiday Networking Thoughts from 2021

It’s the Christmas break for 2021, which means lots of time spent doing very little work-related stuff. I’m currently putting together a Lego set, playing Metroid Dread and working on beating Ocarina of Time again.

As I waited for updates to download on Christmas morning I remembered how many packets must be flying across the wire to update software and operating systems for consoles. Even having done a few of the updates the night before I could see the traffic to those servers started to get a bit congested. It’s like Black Friday but for the latest patches to keep your games running. Add in the content that needs to be installed now in order to make that game disc work, or the download-only consoles for sale, and you can see that network engineers aren’t going to be a dying profession any time soon.

I’m a bit jaded because I come from a time when you didn’t need to be constantly connected to use software or need to download an update every few days. Heck, some of the bugs in Ocarina of Time have been there for over twenty years because those cartridges are not designed to be patched, Continue reading

Make The Most Of 5G/LTE SD-WAN Links With Fortinet Wireless WAN Gateways

Fortinet's FortiExtender cellular gateways support multiple LTE or 5G connections. The FortiExtender can be placed in the best physical location to get a mobile signal, and then tied back into an SD-WAN appliance to provide an active link or failover option in an SD-WAN deployment.

The post Make The Most Of 5G/LTE SD-WAN Links With Fortinet Wireless WAN Gateways appeared first on Packet Pushers.

1 590 591 592 593 594 3,832