0

Kustomize Transformer Configurations for Cluster API v1beta1

The topic of combining kustomize with Cluster API (CAPI) is a topic I’ve touched on several times over the last 18-24 months. I first touched on this topic in November 2019 with a post on using kustomize with CAPI manifests. A short while later, I discovered a way to change the configurations for the kustomize transformers to make it easier to use it with CAPI. That resulted in two posts on changing the kustomize transformers: one for v1alpha2 and one for v1alpha3 (since there were changes to the API between versions). In this post, I’ll revisit kustomize transformer configurations again, this time for CAPI v1beta1 (the API version corresponding to the CAPI 1.0 release).

In the v1alpha2 post (the first post on modifying kustomize transformer configurations), I mentioned that changes were needed to the NameReference and CommonLabel transformers. In the v1alpha3 post, I mentioned that the changes to the CommonLabel transformer became largely optional; if you are planning on adding additional labels to MachineDeployments, then the change to the CommonLabels transformer is required, but otherwise you could probably get by without it.

For v1beta1, the necessary changes are very similar to v1alpha3, and (for the most part) are Continue reading

0

Raytheon, IBM Partner for Quantum in Defense, Aerospace

In the history of defense technology contracting, two companies continue to loom large: IBM and Raytheon.

…

Raytheon, IBM Partner for Quantum in Defense, Aerospace was written by Nicole Hemsoth at The Next Platform.

0

Live Stream: The Journey to Architect

On Thursday the 19th of October at 1PM ET, I’ll be joining Keith Bogart for the em>INE Live live stream. You can find the details on their web site.

In this session, Keith Bogart will interview prolific author and Network Architect, Russ White Ph.D. One of only a handful of people who have attained CCAr status, Russ White has authored several books such as “Practical BGP”, “The Art of Network Architecture” and “Computer Networking Problems And Solutions”. During this session we’ll find out about his journey to becoming a Network Architect and how his passion for technology can inspire you!

0

Scaling indexing and search – Algolia New Search Architecture Part 2

What would a totally new search engine architecture look like? Who better than Julien Lemoine, Co-founder & CTO of Algolia, to describe what the future of search will look like. This is the second article in a series. Here's Part 1.

Search engines need to support fast scaling for both Read and Write operations. Rapid scaling is essential in most use cases. For example, adding a vendor in a marketplace generates a spike of indexing operations (Write), and a marketing campaign generates a spike of queries (Read). In most use cases, both Read and Write operations scale but not at the exact same moment. The architecture needs to handle efficiently all these situations as the scaling of Read and Write operations varies over time in most use cases.

Until now, search engines were scaling with Read and Write operations colocated on the same VMs. This scaling method brings drawbacks, such asWrite operations unnecessarily hurting the Read performance and using a significant amount of duplicated CPU at indexing. This article explains those drawbacks and introduces a new way to scale more quickly and efficiently by splitting Read and Write operations.

1. Anatomy of an index

0

Between 0x2 Nerds on Network Complexity

On the 14th (this Thursday), I’ll once again be a guest on a live stream with Jeff T and Jeff D on Between -x2 Nerds.. I think this is the URL, but you can check on their web page later to make certain.

0

AWS Networking – Part X: VPC Internet Gateway Service – Part Two

 

Associate SG and Elastic-IP with EC2

In the previous section, we create an Internet Gateway for our VPC. We also add a static route towards IGW into the Route Table of Subnet 10.10.0.0/24. In this section, we first create a Security Group (SG).  The SG allows SSH connection to the EC2 instance and ICMP from the EC2. Then we launch an EC2 and attach the previously configure SG to it. As the last step, we allocate an Elastic IP address (EIP) from the AWS Ipv4 address pool and associate it with the EC instance. When we are done with all the previous steps, we will test the connection. First, we take ssh connection from MyPC to EC2. Then, we ping MyPC from the EC2. We also use AWS Reachability Analyzer to validate the path from IGE to EC2 instance. The last section introduces AWS billing related to this chapter.

Figure 3-20: EC2 Instance, Elastic IP, and Security Group.

 

Continue reading

0

Announcing Cloudflare Research Hub

As highlighted yesterday, research efforts at Cloudflare have been growing over the years as well as their scope. Cloudflare Research is proud to support computer science research to help build a better Internet, and we want to tell you where you can learn more about our efforts and how to get in touch.

Why are we announcing a website for Cloudflare Research?

Cloudflare is built on a foundation of open standards which are the result of community consensus and research. Research is integral to Cloudflare’s mission as is the commitment to contribute back to the research and standards communities by establishing and maintaining a growing number of collaborations.

Throughout the years we have cherished many collaborations and one-on-one relationships, but we have probably been missing a lot of interesting work happening elsewhere. This is our main motivation for this Research hub of information: to help us build further collaborations with industrial and academic research groups, and individuals across the world. We are eager to interface more effectively with the wider research and standards communities: practitioners, researchers and educators. And as for you, dear reader, we encourage you to recognize that you are our audience too: we often hear that Continue reading

0

Internship Experience: Research Engineer

I spent my summer of 2020 as an intern at Cloudflare working with the incredible research team. I had recently started my time as a PhD student at the University of Washington’s Paul G Allen School of Computer Science and Engineering working on decentralizing and securing cellular network infrastructure, and measuring the adoption of HTTPS by government websites worldwide. Here's the story of how I ended up on Cloudflare TV talking about my award-winning research on a project I wasn't even aware of when the pandemic hit.

Prior to the Internship

It all started before the pandemic, when I came across a job posting over LinkedIn for an internship with the research team at Cloudflare. I had been a happy user of Cloudflare’s products and services and this seemed like a very exciting opportunity to really work with them towards their mission to help build a better Internet. While working on research at UW, I came across a lot of prior research work published by the researchers at Cloudflare, and was excited to possibly be a part of the research team and interact with them. Without second thoughts, I submitted an application through LinkedIn and waited to hear back from Continue reading

0

Cloudflare invites visiting researchers!

As part of Cloudflare’s effort to build collaborations with academia, we host research focused internships all year long. Interns collaborate cross-functionally in research projects and are encouraged to ship code and write a blog post and a peer-reviewed publication at the end of their internship. Post-internship, many of our interns have joined Cloudflare to continue their work and often connect back with their alma mater strengthening idea sharing and collaborative initiatives.

Last year, we extended the intern experience by hosting Thomas Ristenpart, Associate Professor at Cornell Tech. Thomas collaborated for half a year on a project related to password breach alerting. Based on the success of this experience we are taking a further step in creating a structured Visiting Researcher program, to broaden our capabilities and invest further on a shared motivation with academics.

Foster engagement and closer partnerships

Our current research focuses on applied cryptography, privacy, network protocols and architecture, measurement and performance evaluation, and, increasingly, distributed systems. With the Visiting Researcher program, Cloudflare aims to foster a shared motivation with academia and engage together in seeking innovative solutions to help build a better Internet in the mentioned domains.

We expect to support the operationalization of ideas that emerge Continue reading

0

Why Packet Data is the Secret to a Successful Cloud Migration

The cloud migration is the beginning of a process, not the end. Once applications have been lifted and shifted to the cloud, packet data still serves a vital role.

0

Installing packages on Linux and Mac with Homebrew

Ever heard of Homebrew? It’s a package manager with a very unusual feature. It allows ordinary users to install packages without using sudo, and it’s available for both macOS and Linux. While the tool on each of these systems is referred to as Homebrew, the Linux version installs as linuxbrew.Once installed, users can use Homebrew via the brew command to install packages very easily. Installation of Homebrew itself, however, does generally require sudo privileges and installs in /home/linuxbrew.The man page for the brew command calls it “The Missing Package Manager for macOS (or Linux)”.To read this article in full, please click here

0

Installing packages on Linux and Mac with Homebrew

Ever heard of Homebrew? It’s a package manager with a very unusual feature. It allows ordinary users to install packages without using sudo, and it’s available for both macOS and Linux. While the tool on each of these systems is referred to as Homebrew, the Linux version installs as linuxbrew.Once installed, users can use Homebrew via the brew command to install packages very easily. Installation of Homebrew itself, however, does generally require sudo privileges and installs in /home/linuxbrew.The man page for the brew command calls it “The Missing Package Manager for macOS (or Linux)”.To read this article in full, please click here

0

4 questions that get the answers you need from IT vendors

It’s the time of year when most enterprises are involved in a more-or-less-formal technology review cycle, as a preparatory step for next year’s budgeting. They’ve done this for decades, and it’s interesting to me that in any given year, enterprises share roughly three of their top five priorities. It’s more interesting that over three-quarters of enterprises carry over at least two of their top five priorities for multiple years. Why aren’t they getting addressed? They say their top problem is an “information gap.”Buyers adopt network technologies that improve their business, not just their network. They have to justify spending, particularly spending on some new technology that someone inside or outside has suggested. That means that they have to understand how it will improve operations, how they’ll deploy it, and what the cost will be. To do this for a new technology, they need information on how that improvement would happen—and they say they’re not getting it.To read this article in full, please click here

0

4 questions that get the answers you need from IT vendors

It’s the time of year when most enterprises are involved in a more-or-less-formal technology review cycle, as a preparatory step for next year’s budgeting. They’ve done this for decades, and it’s interesting to me that in any given year, enterprises share roughly three of their top five priorities. It’s more interesting that over three-quarters of enterprises carry over at least two of their top five priorities for multiple years. Why aren’t they getting addressed? They say their top problem is an “information gap.”Buyers adopt network technologies that improve their business, not just their network. They have to justify spending, particularly spending on some new technology that someone inside or outside has suggested. That means that they have to understand how it will improve operations, how they’ll deploy it, and what the cost will be. To do this for a new technology, they need information on how that improvement would happen—and they say they’re not getting it.To read this article in full, please click here

0

4 questions that get the answers you need from IT vendors

It’s the time of year when most enterprises are involved in a more-or-less-formal technology review cycle, as a preparatory step for next year’s budgeting. They’ve done this for decades, and it’s interesting to me that in any given year, enterprises share roughly three of their top five priorities. It’s more interesting that over three-quarters of enterprises carry over at least two of their top five priorities for multiple years. Why aren’t they getting addressed? They say their top problem is an “information gap.”Buyers adopt network technologies that improve their business, not just their network. They have to justify spending, particularly spending on some new technology that someone inside or outside has suggested. That means that they have to understand how it will improve operations, how they’ll deploy it, and what the cost will be. To do this for a new technology, they need information on how that improvement would happen—and they say they’re not getting it.To read this article in full, please click here

0

New Content in AWS Networking Webinar

Last week’s update session of the AWS Networking webinar covered two hours worth of new (or not-yet-covered) features, including:

• Transit Gateway Connect functionality (GRE tunnel+BGP between Transit Gateway and in-cloud SD-WAN appliances)
• AWS Private Link
• Intra-VPC static routes that you can use to send inter-subnet traffic to a BYOD security appliance
• IGMPv2 support
• Custom global accelerators
• Assigning whole IP prefixes to VM interfaces

The recordings have already been published, either as independent videos or integrated with the existing materials. Enjoy ;)

0

New Content in AWS Networking Webinar

Last week’s update session of the AWS Networking webinar covered two hours worth of new (or not-yet-covered) features, including:

• Transit Gateway Connect functionality (GRE tunnel+BGP between Transit Gateway and in-cloud SD-WAN appliances)
• AWS Private Link
• Intra-VPC static routes that you can use to send inter-subnet traffic to a BYOD security appliance
• IGMPv2 support
• Custom global accelerators
• Assigning whole IP prefixes to VM interfaces

The recordings have already been published, either as independent videos or integrated with the existing materials. Enjoy ;)

0

100 terabyte home NAS

So, as a nerd, let's say you need 100 terabytes of home storage. What do you do?

My solution would be a commercial NAS RAID, like from Synology, QNAP, or Asustor. I'm a nerd, and I have setup my own Linux systems with RAID, but I'd rather get a commercial product. When a disk fails, and a disk will always eventually fail, then I want something that will loudly beep at me and make it easy to replace the drive and repair the RAID.

Some choices you have are:

• vendor (Synology, QNAP, and Asustor are the vendors I know and trust the most)
• number of bays (you want 8 to 12)
• redundancy (you want at least 2 if not 3 disks)
• filesystem (btrfs or ZFS) [not btrfs-raid builtin, but btrfs on top of RAID]
• drives (NAS optimized between $20/tb and $30/tb)
• networking (at least 2-gbps bonded, but box probably can't use all of 10gbps)
• backup (big external USB drives)

The products I link above all have at least 8 drive bays. When you google "NAS", you'll get a list of smaller products. You don't want them. You want somewhere between 8 and 12 drives.

The reason is that Continue reading

0

How to Not Cut Off The Branch You’re Sitting On

This is a joint post with David Sinn, who’s worked on some of the biggest networks in the world This past week saw a major outage of Facebook. In this post, we tackle the question of updating a fleet of devices without running into the problems that Facebook ran into,...

0

Automation 2. Exploring Nokia SR OS configuration in a programmable way with pySROS

Hello my friend,

Thanks a lot for all your interactions over our last post, it was very good feeling. As it attracted your attention, we decided to explore this topic further. Today we’ll focus on two main aspects: how you can figure out from Nokia SR OS CLI, what is your path to use in pySROS and how you visualise a configuration tree following YANG module.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

I Have Heard, Facebook Automation Caught It, Isn’t It?

Facebook outage happened the last week caused a lot of discussions, how reliable automation is in general and if there are too much automatons these days already in the infrastructure systems. Really, if Facebook with their smartest network and automation engineers failed, should I stay far away from automation? We believe, everyone will find his or her answer. From our perspective, we know that Facebook will make their systems after failure more robust and working. By the way, in our training Continue reading