0

Answering Your Questions at DockerCon LIVE 2021

 Guest post by Docker Captain Bret Fisher, a DevOps consultant and the creator of the popular Docker Mastery Udemy course. Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE for a free, one day virtual event at https://dockr.ly/2PSJ7vn

I have the pleasure of hosting many of the live events at DockerCon this year. You may remember my 7+ hour non-stop live stream from last year’s DockerCon LIVE 2020 with nearly 20 guests:

We’re back!

This year we’re calling them Live Panels. You’ll find them in their own track in the schedule.

If you’ve never visited one of my live streams before, they tend to be DevOps focused, and as practical and real-world as we can be. Come ready to ask my guests questions in chat on our selected topics, and we’ll do our best to answer as many as we can! You get to guide the conversation with the live stream chat Q&A.

I’m hosting three live panels on three topics. I wanted to discuss the top three things that I think are the hottest topics in Docker and Cloud Native container tech today for developers and DevOps professionals, so be sure to stop Continue reading

0

How Upgrading PHP On WordPress Became *It Was DNS*-An IT Operations Tale

The server needed a PHP update. WordPress told me so with a severe-sounding notification adorned with red coloration, a security warning, boldface type, and a link explaining how to change the PHP version. I sighed. Security issues never end, and I have a recurring reminder in my todo list to patch the Virtual Private Server (VPS) boxes I shepherd.

But this PHP issue…hmm. This felt like a bigger deal, and many sites I support lean heavily into WordPress. Rather than wait for the next regular patching session, I decided to get on it. I did a process test on one server, a lower profile machine that wouldn’t hurt too much if things went awry. The goal was to move from PHP 7.2.insecure to PHP 7.4.secure. How hard could it be?

Most of the search engine hits for “upgrade PHP on WordPress” told me to go into CPanel or a similar tool my hosting provider might offer to abstract what’s going on with the server itself. That’s not what I was looking for, because I manage my own hosts. I needed to know how to reconfigure the host itself. The OS packages to install. The conf files Continue reading

0

Near Real-Time Kubernetes at Scale: Increasing App Throughput with Linkerd

Stephen Reardon The one-man band that keeps the show running, Stephen Reardon is the DevOps engineer in the Entain Trading Solutions team, operating hundreds of Kubernetes nodes in the cloud using IaC tooling, chaos engineering testing tools and end to end monitoring. His main responsibility is operational reliability, keeping the platform resilient and available, and above all developer-proof.

0

Day Two Cloud 098: Cloud Centers Of Excellence – Should You Have One?

A fractured cloud strategy causes headaches such as duplicated services, unnecessary costs, poor security controls, and other problems. A cloud center of excellence can reduce the pain by developing and championing best practices, socializing adoption, and addressing inevitable exceptions. Fred Chagnon visits the Day Two Cloud podcast to advocate for building a cloud center of excellence in your org.

0

Day Two Cloud 098: Cloud Centers Of Excellence – Should You Have One?

A fractured cloud strategy causes headaches such as duplicated services, unnecessary costs, poor security controls, and other problems. A cloud center of excellence can reduce the pain by developing and championing best practices, socializing adoption, and addressing inevitable exceptions. Fred Chagnon visits the Day Two Cloud podcast to advocate for building a cloud center of excellence in your org.

The post Day Two Cloud 098: Cloud Centers Of Excellence – Should You Have One? appeared first on Packet Pushers.

0

Why you don’t want to miss the upcoming Kubernetes Security and Observability Summit

The inaugural Kubernetes Security and Observability Summit will be a free, live, online experience full of Kubernetes-related security and observability content. On June 3, 2021, industry experts will gather under one virtual roof to discuss trends, strategies, and technologies for Kubernetes security and observability, to help you understand and navigate today’s pressing issues in the world of cloud-native applications.

Why attend?

The Summit is a great opportunity to:

• Network with the industry’s best security, DevOps, and site reliability engineer (SRE) teams for cloud-native platforms
• Learn how to secure, observe, and troubleshoot Kubernetes environments
• Explore real-world Kubernetes security and observability use cases presented by experts from industry-leading companies like Amazon, Box, Citi, EY, Mirantis, Morgan Stanley, PayPal, Salesforce, and of course, Tigera

Who should attend?

SREs, platform architects, and DevOps and security teams will all find value in attending the Summit.

• DevOps teams and SREs – Learn how to include security and observability in your CI/CD to enable security, observability, and troubleshooting
• Platform architects – Learn architecture patterns and best practices to secure and troubleshoot cloud-native applications
• Security teams – Learn how to holistically secure your cloud-native applications following today’s best practices

Speakers & sessions

An opening keynote address from Continue reading

0

The Hedge 84: David Brown and the Root of Trust

Many engineers just assume that secure hardware boot is, in fact, secure. How does this security work, and just how secure is it, though? David Brown joins Tom Ammon, Eyvonne Sharp, and Russ White on this episode of the Hedge to discuss the secure boot loader in some detail. For more information on the secure boot loader and IoT, see David’s presentation at the Open Source Summit.

download

0

Palo Alto Networks pushes enterprise zero trust

Palo Alto Networks bolstered its security portfolio with products that target enterprise network users looking to make the move to a zero-trust environment.The new capabilities focus on a number of zero trust mechanisms—including  SaaS, cloud and DNS that will be available in June—and will make it significantly easier for organizations to adopt zero-trust security across the enterprise, according to Anand Oswal, senior vice president and general manager with Palo Alto. More about DNS: DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key As more people are working from anywhere, they require fast and always-on access to data and applications in the distributed cloud, regardless of location, Oswal said. “An all-encompassing zero-trust approach to network security is critical for safeguarding productivity in the new reality of remote, mobile, and hybrid work,” he said.To read this article in full, please click here

0

Palo Alto Networks pushes enterprise zero trust

Palo Alto Networks bolstered its security portfolio with products that target enterprise network users looking to make the move to a zero-trust environment.The new capabilities focus on a number of zero trust mechanisms—including  SaaS, cloud and DNS that will be available in June—and will make it significantly easier for organizations to adopt zero-trust security across the enterprise, according to Anand Oswal, senior vice president and general manager with Palo Alto. More about DNS: DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key As more people are working from anywhere, they require fast and always-on access to data and applications in the distributed cloud, regardless of location, Oswal said. “An all-encompassing zero-trust approach to network security is critical for safeguarding productivity in the new reality of remote, mobile, and hybrid work,” he said.To read this article in full, please click here

0

Talking Chip With Ampere Computing CEO Renee James

Outside of the HPC market where there are a number of companies that have delivered or are working on Arm-based server processors, Ampere Computing is the main independent supplier of Arm-based server chips with its current 80-core Altra chips and its impending 128-core Altra Max chips, which are sampling now and will start shipping in the third quarter. …

Talking Chip With Ampere Computing CEO Renee James was written by Timothy Prickett Morgan at The Next Platform.

0

Fun with private Automation Hub – Part 1

With the introduction of Ansible Automation Platform 1.2 at AnsibleFest 2020, Ansible released private Automation Hub. This enables a means to deliver, manage and curate Ansible Automation Platform Certified Content via a central on-premises, self-hosted solution for use by internal automation communities.

This sparked my interest in digging deeper into what private Automation Hub is and how I could leverage it. My initial perception went from a mysterious black box to viewing it as the perfect Ansible Automation Platform sidecar.

I learned quite a bit on how I could optimize it for my environments and wanted to share my findings. Before we start, a brief history of Ansible content and Ansible Content Collections may be helpful.

"Following the light of the sun, we left the Old World." - Christopher Columbus on Ansible Collections

During 2017, the number of modules, roles and content under Ansible's GitHub repository surged. The backlog of issues started to increase as the inflow of new content for different platforms and network appliances/devices outpaced the growth of the Ansible Core team. Various YouTube videos and blog posts provided commentary and insights from the Ansible community. The rapid growth of Ansible content led to the birth Continue reading

0

Back to Basics: Unnumbered IPv4 Interfaces

In the previous blog post in this series, we explored some of the reasons IP uses per-interface (and not per-node) IP addresses. That model worked well when routers had few interfaces and mostly routed between a few LAN segments (often large subnets of a Class A network assigned to an academic institution) and a few WAN uplinks. In those days, the WAN networks were frequently implemented with non-IP technologies like Frame Relay or ATM (with an occasional pinch of X.25).

The first sign of troubles in paradise probably occurred when someone wanted to use a dial-up modem to connect to a LAN segment. What subnet (and IP address) do you assign to the dial-up connection, and how do you tell the other end what to use? Also, what do you do when you want to have a bank of modems and dozens of people dialing in?

0

Back to Basics: Unnumbered IPv4 Interfaces

In the previous blog post in this series, we explored some of the reasons IP uses per-interface (and not per-node) IP addresses. That model worked well when routers had few interfaces and mostly routed between a few LAN segments (often large subnets of a Class A network assigned to an academic institution) and a few WAN uplinks. In those days, the WAN networks were often implemented with non-IP technologies like Frame Relay or ATM (with an occasional pinch of X.25).

The first sign of troubles in paradise probably occurred when someone wanted to use a dial-up modem to connect to a LAN segment. What subnet (and IP address) do you assign to the dial-up connection, and how do you tell the other end what to use? Also, what do you do when you want to have a bank of modems and dozens of people dialing in?

0

The Time is Now for Remote Browser Isolation

By preventing the enemy from gaining a foothold in your organization from which they can move laterally within your network, RBI lets you take the high ground and gain control of the cyber battlefield.

0

Cisco CEO: There’s no enterprise perimeter to defend anymore

Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.Backup lessons from a cloud-storage disaster Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.To read this article in full, please click here

0

Cisco CEO: There’s no enterprise perimeter to defend anymore

Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.Backup lessons from a cloud-storage disaster Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.To read this article in full, please click here

0

Cisco CEO on security: “There is really no perimeter in the enterprise to defend anymore.”

Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.Backup lessons from a cloud-storage disaster Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.To read this article in full, please click here

0

Cisco CEO on security: “There is really no perimeter in the enterprise to defend anymore.”

Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.Backup lessons from a cloud-storage disaster Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.To read this article in full, please click here

0

Sponsored Post: Failover Conf!, Kinsta, Bridgecrew, IP2Location, StackHawk, InterviewCamp.io, Educative, Stream, Fauna, Triplebyte

Fun and Interesting Events

• Since we’re all feeling the fatigue of staring at screens all year, we’re switching things up at this year’s Failover Conf! This one-day conference will be featuring LIVE fireside chats and keynotes where you’ll be able to get your questions answered in real time. You’ll also hear from a variety of industry experts in our two panel discussions. And when you need a break, take a load off and watch some cartoons or listen to music in the breakout rooms where you can jump in and chat with other attendees or just sit back and relax. Join your peers for this virtual experience on April 27 from 9am - 3:30pm PDT. Register now!

Who's Hiring? 

• DevOps Engineer: At Kinsta, we set out to create the best managed hosting platform in the world. If you are an experienced DevOps Engineer who is constantly looking for ways to innovate and improve, we might just be the place for you! As Kinsta’s DevOps Engineer, you will be instrumental in making sure that our infrastructure is always on the bleeding edge of technology, remaining stable and high-performing at all times. If you love working with Linux, have Continue reading

0

The Next Step

The Greek philosopher Heraclitus is typically attributed as the creator of the well-known phrase “Change is the only constant.” Since I left VMware in 2018 to join Heptio, change has been my companion. First, there was the change of focus, moving to a focus on Kubernetes and related technologies. Then there was the acquisition of Heptio by VMware, and all the change that comes with an acquisition. Just when things were starting to settle down, along came the acquisition of Pivotal by VMware and several more rounds of changes as a result. Today, I mark the start of another change, as I begin a new role and take the next step in my career journey.

Last week, I announced via Twitter that I was leaving VMware to explore a new opportunity. Today, I start at Kong, Inc., as a Principal Field Engineer. Kong, if you aren’t already familiar, is a company focused on service connectivity for modern architectures, with products like their eponymous API gateway and the Envoy-powered Kuma service mesh. I’m really looking forward to getting much more familiar with Envoy, the Kong API gateway, Kuma, and related projects and technologies. I still get to be Continue reading