Staging TLS Certificate: Make every deployment a safe deployment

Staging TLS Certificate: Make every deployment a safe deployment
Staging TLS Certificate: Make every deployment a safe deployment

We are excited to announce that Enterprise customers now have the ability to test custom uploaded certificates in a staging environment before pushing them to production.

With great power comes great responsibility

If you’re running a website or the API that’s behind a popular app, you know your users have high expectations: it can't just be up and running; it also has to be fast and secure. One of the easiest and most standardized ways to secure connections is with the TLS protocol. To do that, you need to acquire a TLS certificate for your domain.

One way to get a certificate is by using a CDN provider, like Cloudflare. We make the process really easy by issuing certificates on your behalf. Not just that, but when your certificate is getting closer to its expiration date, we are responsible for re-issuing it. But, if you don’t want Cloudflare to issue the certificate on your behalf and want to obtain the certificate yourself, you can do so. You can either keep control of your private key, or generate a Certificate Signing Request (CSR) through Cloudflare, so we maintain the private key, but you can still use the certificate authority (CA) of Continue reading

Worth Reading: Do We Need Segment Routing?

Etienne-Victor Depasquale sent me a pointer to an interesting NANOG discussion: why would we need Segment Routing. It’s well worth reading the whole thread (until it devolves into “that is not how MPLS works” arguments), which happens to be somewhat aligned with my thinking:

  • SR-MPLS makes perfect sense (excluding the migration-from-LDP fun)
  • SRv6 (in whatever incantation) is mostly a vendor ploy to sell new chipsets.

Enjoy!

Worth Reading: Do We Need Segment Routing?

Etienne-Victor Depasquale sent me a pointer to an interesting NANOG discussion: why would we need Segment Routing. It’s well worth reading the whole thread (until it devolves into “that is not how MPLS works” arguments), which happens to be somewhat aligned with my thinking:

  • SR-MPLS makes perfect sense (excluding the migration-from-LDP fun)
  • SRv6 (in whatever incantation) is mostly a vendor ploy to sell new chipsets.

Enjoy!

Globalfoundries IPO Shows Just How Tough The Chip Making Business Is

You would have to look far and wide to find a tougher business to be in than chip manufacturing, which is why the many dozens of server makers who used to make their own CPUs – often multiple types – no longer run their own foundries and, with the exception of IBM and now Amazon Web Services, no longer exist.

Globalfoundries IPO Shows Just How Tough The Chip Making Business Is was written by Timothy Prickett Morgan at The Next Platform.

Facebook outage was a series of unfortunate events

Facebook says the root cause of its outage Monday involved a routine maintenance job gone awry that resulted in rendering its DNS servers unavailable, but first the entire Facebook backbone network had crashed.To make matters worse, the loss of DNS made it impossible for Facebook engineers to remotely access the devices they needed to in order to bring the network back up, so they had to go into the data centers to manually restart systems.To read this article in full, please click here

Facebook outage was a series of unfortunate events

Facebook says the root cause of its outage Monday involved a routine maintenance job gone awry that resulted in rendering its DNS servers unavailable, but first the entire Facebook backbone network had crashed.To make matters worse, the loss of DNS made it impossible for Facebook engineers to remotely access the devices they needed to in order to bring the network back up, so they had to go into the data centers to manually restart systems.To read this article in full, please click here

VMware takes aim at multicloud services, security

VMware is heavily targeting the challenging multicloud universe with a raft of VMworld announcements.With its latest offerings – which include a new cross-cloud service, cloud management and bolstered security wares – VMware is positioning itself to manage the growing multicloud world and address the enterprise ecosphere of distributed applications and infrastructure. Read more: VMware gears up for a challenging futureTo read this article in full, please click here

Tips for Job Seekers In 2021

The year 2020 has been a rough ride. A lot of companies went out of business and a lot of people lost their jobs. However the job market is continuously evolving and it is still very competitive even after taking a hit during the pandemic. Technology is changing the way that employers find employees and employees find employers.

Employers are always looking for creative, efficient, innovative and empathetic individuals who are productive and can help in creating a better workplace for everyone. Employees will be looking for organizations who have a clear mission statement and are able to provide them with structure, clarity and meaning in their work.

Let’s take a look at some of the tips for job seekers in 2021.

You Need To Have a Portfolio

The first thing that a job seeker needs to do is have a portfolio of work that they can show off to potential employers. It’s no longer good enough just to have a CV, they need an online presence that reflects their personality and creativity.

Keep Your Online Profile Updated

Job seekers also need to make sure that they are on top of new developments in the industry and keep their LinkedIn Continue reading

Calico on EKS Anywhere

Amazon EKS Anywhere is an official Kubernetes distribution from AWS. It’s a new deployment option for Amazon EKS that allows the creation and operation of on-premises Kubernetes clusters on your existing infrastructure.

Since its general availability release, we’ve been working hard to ensure support for Calico on EKS Anywhere, and are happy to announce that users can now choose to use Calico for container networking and security. This gives organizations already using or planning to adopt EKS Anywhere the flexibility to choose the best container networking solution for their needs. Organizations currently using Calico can add EKS Anywhere clusters and use the same Calico solution for networking and security across on-premises and cloud platforms.

Let’s take a look at how you can get started with Calico on EKS Anywhere.

Notes:

  • This procedure is disruptive; it cannot be used to migrate a cluster with applications “in-service”
  • Be aware that, at present, Amazon is unlikely to be able to provide support for a cluster built in this way

 

Install EKS Anywhere

Install EKS Anywhere as normal on vSphere, by following this documentation.

 

Install the Cilium CLI and uninstall Cilium

Removing Cilium from a cluster requires using the Cilium CLI, so Continue reading

Network certification for Microsoft Azure

Microsoft recently (well, maybe a couple months ago at this point) released a new certification focusing on the networking aspect of Microsoft Azure. This provides a great primer to get familiar with the Microsoft cloud from a connectivity perspective especially for those out there who are responsible maintaining cloud connectivity for Azure. The exam is […]

VMware Achieves Industry-First AAA Rating for Network Detection & Response from SE Labs

In the first public test of is kind for Network Detection and Response, SE Labs awards the industry’s first NDR AAA rating to VMware NSX Network Detection and Response (NDR). The modern cyber battlefield is everywhere, and every attacker has to traverse multiple networks and in most cases many firewalls to achieve their goals. Internal to networks they look to move freely within the environment discovering valuable information they wish to exfiltrate. As attackers have continually innovated so must the industry and our testing. As a leader in the security industry, VMWare has gone through the industry’s first Network Detection and Response (NDR) test and received a AAA rating. It is well-known that attackers continually evolve and chain together an ever increasingly complex chain of events. These techniques, tactics and procedures occur across networks and often traverse and bypass traditional security tools like firewalls and antivirus. As our understanding of attacker’s behaviors evolve, so must our engineering and testing.

VMware customers can be assured that their data is better protected in this new arena as they continue to modernize their application and network infrastructure as part of their digital transformation initiatives.

According to the results from SE Labs, VMware NSX Continue reading

VMware reveals new software services for the edge

VMware is all in at the edge as the company has rolled out new software to help enterprises support and manage ever-more distributed applications and data.At its virtual VMworld conference this week the company took the wraps off VMware Edge, an amalgamation of new and existing software packages that together let enterprises run, manage, and secure what VMware calls “edge-native” apps across multiple clouds at local and far-flung edge locations.To read this article in full, please click here

VMware reveals new software services for the edge

VMware is all in at the edge as the company has rolled out new software to help enterprises support and manage ever-more distributed applications and data.At its virtual VMworld conference this week the company took the wraps off VMware Edge, an amalgamation of new and existing software packages that together let enterprises run, manage, and secure what VMware calls “edge-native” apps across multiple clouds at local and far-flung edge locations.To read this article in full, please click here

Reference Architectures and Experience Kits for Cloud Native

Dana Nehama Dana is product management director for Cloud Networks at Intel. She has deep technical experience in the wireless and telecom networking arenas and collaborates with communities on technology initiatives such as SDN/NFV, cloud native, LTE, WiMAX, VoIP, DOCSIS and more. With core network infrastructure on a rapid path to becoming fully virtualized with cloud native practices, it’s critical for systems developers to be able to efficiently design, produce and deploy reliable applications and services from myriad software, networking and hardware components. I’ve been developing networking products for the telecommunications sector for most of my career, starting in Israel and then immigrating to the United States two decades ago. I’ve always had a systems engineering perspective and a passion for helping service providers better understand how they can more easily consume the latest technologies to build their applications and services. In my most recent role, I was faced with the challenge of how to help communication service providers (CoSPs) accelerate the design and deployment of applications and services running on virtualized, multi-vendor solutions tailored for their unique operating environments. These service providers want to take advantage of the latest-generation platforms and open source software innovations. Collaborating with the CNCF Continue reading

What’s new in Ansible Automation Platform 2: automation controller

AAP 2 dark flying As

Red Hat Ansible Automation Platform 2 is the next generation automation platform from Red Hat’s trusted enterprise technology experts. We are excited to announce that the Ansible Automation Platform 2 release includes automation controller 4.0, the improved and renamed Red Hat Ansible Tower.

Automation controller continues to provide a standardized way to define, operate and delegate automation across the enterprise. It also introduces new, exciting technologies and an enhanced architecture that enables automation teams to scale and deliver automation rapidly to meet ever-growing business demand.

Why was Ansible Tower renamed to automation controller?

As Ansible Automation Platform 2 continues to evolve, certain functionality has been decoupled (and will continue to be decoupled in 2.1) from what was formerly known as Ansible Tower. The naming change better reflects these enhancements and the overall position within the Ansible Automation Platform suite.

Who uses automation controller?

All automation team members interact with or rely on automation controller, either directly or indirectly.

  • Automation creators develop Ansible Playbooks, roles and modules.
  • Automation architects elevate automation across teams to align with IT processes and streamline adoption.
  • Automation operators verify that the automation platform and framework are operational.

These roles are not necessarily dedicated to Continue reading

Measuring Hyper-Threading and Turbo Boost

Measuring Hyper-Threading and Turbo Boost
Measuring Hyper-Threading and Turbo Boost

We often put together experiments that measure hardware performance to improve our understanding and provide insights to our hardware partners. We recently wanted to know more about Hyper-Threading and Turbo Boost. The last time we assessed these two technologies was when we were still deploying the Intel Xeons (Skylake/Purley), but beginning with our Gen X servers we switched over to the AMD EPYC (Zen 2/Rome). This blog is about our latest attempt at quantifying the performance impact of Hyper-Threading and Turbo Boost on our AMD-based servers running our software stack.

Intel briefly introduced Hyper-Threading with NetBurst (Northwood) back in 2002, then reintroduced Hyper-Threading six years later with Nehalem along with Turbo Boost. AMD presented their own implementation of these technologies with Zen in 2017, but AMD’s version of Turbo Boost actually dates back to AMD K10 (Thuban), in 2010, when it used to be called Turbo Core. Since Zen, Hyper-Threading and Turbo Boost are known as simultaneous multithreading (SMT) and Core Performance Boost (CPB), respectively. The underlying implementation of Hyper-Threading and Turbo Boost differs between the two vendors, but the high-level concept remains the same.

Hyper-Threading or simultaneous multithreading creates a second hardware thread within a processor’s core, also known Continue reading

1 608 609 610 611 612 3,797