Calico Whisker, Your New Ally in Network Observability

With the upcoming release of Calico v3.30 on the horizon, we are excited to introduce Calico Whisker, a simple yet powerful User Interface (UI) designed to enhance network observability and policy debugging. If you’ve ever struggled to make sense of network flow logs or troubleshoot policies in a complex Kubernetes cluster, Whisker is your friend!

Whisker is a three part deployment that holds a UI, backend and a gRPC channel to communicate with the Felix brain of Calico to gather live flow information and present it in a human readable, easy to understand way. But before we get started let’s dive into why Whisker is a must-have for your Kubernetes environment, what problems it solves, and how it can streamline your policy management.

Navigating Network Flows is Difficult

In Kubernetes environments, network flows are the backbone of communication between workloads. As clusters scale, so does the complexity of managing these flows and their security. Without clear visibility and effective observability tools, teams often struggle with:

  • Diagnosing unexplained workload behavior and determining why certain applications aren’t working as expected.
  • Identifying the real reason why certain workload communications are permitted or denied, which stems from understanding which policies are affecting specific Continue reading

A steam locomotive from 1993 broke my yarn test

So the story begins with a pair programming session I had with my colleague, which I desperately needed because my node skill tree is still at level 1, and I needed to get started with React because I'll be working on our internal backstage instance.

We worked together on a small feature, tested it locally, and it worked. Great. Now it's time to make My Very First React Commit. So I ran the usual git add and git commit, which hooked into yarn test, to automatically run unit tests for backstage, and that's when everything got derailed. For all the React tutorials I have followed, I have never actually run a yarn test on my machine. And the first time I tried yarn test, it hung, and after a long time, the command eventually failed:

Determining test suites to run...

  ● Test suite failed to run

thrown: [Error]

error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
🌈  backstage  ⚡

I could tell it was obviously unhappy about something, and then it threw some [Error]. I have very little actual JavaScript experience, but this looks suspiciously like someone had neglected to Continue reading

Comparing IP and CLNP: Local (Node) Multihoming

Another area where CLNP is a clear winner when compared to the TCP/IP stack is multi-homed nodes (nodes with multiple interfaces, not site multi-homing, where whole networks are connected to two upstream providers).

Multi-homed TCP/IP nodes must have multiple IP addresses because IP uses address interfaces. There is no well-defined procedure in TCP/IP for how a multi-homed node should behave. In the early days of TCP/IP, they tried to address that in RFC 1122 (Host Requirements RFC), but even then, there were two ideas about dealing with multiple interfaces: the strong and weak end system models (more details).

Read more …

The Team That Will Implement Intel’s New Vision

Intel is hosting its Vision 2025 annual event in Las Vegas this week, what we old hands used to call Intel Developer Forum back in the days when the chip maker was taking over more and more of the datacenter and had give the world a relatively inexpensive and uniform substrate on which to build hyperscale infrastructure.

The Team That Will Implement Intel’s New Vision was written by Timothy Prickett Morgan at The Next Platform.

HS099: From CLI to CFO: Translating Complex Network Data into Clear Strategic and Financial Insights (Sponsored)

IT and network leaders need more than uptime—they need to know what their networks cost, what they deliver, and how future changes will impact the business. That’s where Netos comes in. CEO and founder Richard Foster joins Johna and John in a lively discussion to explore how Netos turns complex operational data into clear financial... Read more »

Comparing AI / ML activity from two production networks

AI Metrics describes how to deploy the open source ai-metrics application. The application provides performance metrics for AI/ML RoCEv2 network traffic, for example, large scale CUDA compute tasks using NVIDIA Collective Communication Library (NCCL) operations for inter-GPU communications: AllReduce, Broadcast, Reduce, AllGather, and ReduceScatter. The screen capture from the article (above) shows results from a simulated 48,000 GPU cluster.

This article goes beyond simulation to demonstrate the AI Metrics dashboard by comparing live traffic seen in two production AI clusters.

Cluster 1

This cluster consists of 250 GPUs connected via 100G ports to single large switch. The results are pretty consistent with simulation from the original article. In this case there is no Core Link Traffic because the cluster consists of a single switch. The Discards chart shows a burst of Out (egress) discards and the Drop Reasons chart gives the reason as ingress_vlan_filter. The Total Traffic, Operations, Edge Link Traffic, and RDMA Operations charts all show a transient drop in throughput coincident with the discard spike. Further details of the dropped packets, such as source/destination address, operation, ingress / egress port, QP pair, etc. can be extracted from the sFlow Dropped Packet Notifications that are populating Continue reading

“You get Instant Purge, and you get Instant Purge!” — all purge methods now available to all customers

There's a tradition at Cloudflare of launching real products on April 1, instead of the usual joke product announcements circulating online today. In previous years, we've introduced impactful products like 1.1.1.1 and 1.1.1.1 for Families. Today, we're excited to continue this tradition by making every purge method available to all customers, regardless of plan type.

During Birthday Week 2024, we announced our intention to bring the full suite of purge methods — including purge by URL, purge by hostname, purge by tag, purge by prefix, and purge everything — to all Cloudflare plans. Historically, methods other than "purge by URL" and "purge everything" were exclusive to Enterprise customers. However, we've been openly rebuilding our purge pipeline over the past few years (hopefully you’ve read some of our blog series), and we're thrilled to share the results more broadly. We've spent recent months ensuring the new Instant Purge pipeline performs consistently under 150 ms, even during increased load scenarios, making it ready for every customer.  

But that's not all — we're also significantly raising the default purge rate limits for Enterprise customers, allowing even greater purge throughput thanks to the efficiency of our Continue reading

Pure Storage FlashBlade//EXA Boosts AI Performance, Scalability

The injection of generative AI into the bloodstream of the tech titans and now businesses of all sizes and stripes over the past two years has forced IT vendors, from hardware makers to component providers to enterprise application developers, to quickly rework their roadmaps to address the particular demands of and opportunities presented by this emerging technology.

Pure Storage FlashBlade//EXA Boosts AI Performance, Scalability was written by Jeffrey Burt at The Next Platform.

D-Wave Pushes Back At Critics, Shows Off Aggressive Quantum Roadmap

In a panel discussion during GPU Technical Conference a few weeks ago, Nvidia co-founder and chief executive officer Jensen Huang suggested to executives of several quantum computing companies that are calling their systems “computers” may be a misnomer and that a better tag might be “instruments.”

D-Wave Pushes Back At Critics, Shows Off Aggressive Quantum Roadmap was written by Jeffrey Burt at The Next Platform.

NB520: When Good LLMs Do Bad Things, Dell’s Workforce Downsizes and Quantum Key Distribution From Space

Grab a virtual doughnut to blaze through this week’s IT news with Johna Johnson and John Burke as Drew Conry-Murray is enjoying his glazed, filled and sprinkled vacation donuts.  Today, we’re going to talk about getting good LLMs to do bad things, Dell’s workforce downsizing, Cloudflare’s recent outage, some developments in space networking, and more.... Read more »

Nvidia Research: The Real Reason Big Green Commands Big Profits

It is safe to say in 2025 that the best job in the world is the chief executive officer of Nvidia, and that the company’s co-founder, Jensen Huang, has steered the company to great heights as much as fellow co-founders Thomas Watson ever did with International Business Machines, Larry Ellison ever did with Oracle, and Steve Jobs ever did with Apple Computer.

Nvidia Research: The Real Reason Big Green Commands Big Profits was written by Timothy Prickett Morgan at The Next Platform.

TNO022: Secure Automation at Enterprise Scale for the Public Sector with Red Hat Ansible (Sponsored)

There are both benefits and challenges when adopting automation in the public sector, but Red Hat Ansible enhances efficiency, security and service delivery. With the right tooling, network operators can integrate automation into existing environments and improve network security.  Providing insights into adopting automation in the public sector are Tony Dubiel, Principal Specialist Solution Architect... Read more »

HN774: Who Put These OT Risks In My IT Ops? Fortinet Has Answers (Sponsored)

IT and infosec professionals are used to operating and protecting mission-critical infrastructure; servers, databases, load balancers, and so on. But what about valves that control the flow of gas or oil in a refinery? Temperature and vibration sensors that monitor industrial manufacturing processes? If you’re thinking “That’s not my problem” think again. There’s a whole... Read more »

Weekend Reads 032825


With global Route Origin Authorization (ROA) coverage surpassing 50% for both IPv4 and IPv6, implementing Route Origin Validation (ROV) has become increasingly critical for securing network operations


One of the mysteries for me in IP networks was the Path MTU Discovery (PMTUD) process. I’ve seldom seen any problems with the MTU at all.


It is arguable, however, that Xsight Labs is trying to push programmability to the extreme, eventually allowing customers to use P4, Python, C/C++, Rust, Go, or what have you (maybe even NPL) to hack the data plane inside switches using its X1 and now X2 ASICs.


With phpIPAM, it became possible to establish a structured, easily searchable database. This structured data now serves as the network’s SoT — a reliable foundation for network automation.


On Wednesday, web infrastructure provider Cloudflare announced a new feature called “AI Labyrinth” that aims to combat unauthorized AI data scraping by serving fake AI-generated content to bots.

1 59 60 61 62 63 3,837