DockerCon Live 2021: A Look Back at What’s New

Nearly 80,000 participants registered for DockerCon Live 2021! There were fantastic keynotes, compelling sessions, thousands of interactions and everything in-between that a developer and development teams need to help solve their day-to-day application development challenges.

In all that excitement, you might have missed the new innovations that Docker announced to make it easier for developers to build, share and run your applications from code to cloud. These enhancements are a result of Docker’s continued investment and commitment to make sure developers have the best experience possible while making app development more efficient and secure.

Application security is directly tied to the software supply chain. Developers are realizing the importance of integrating security as early as possible in the development process. They  must now consider the security directives of their organization and associated compliance rules while also enabling their teams to work in the most secure, efficient way possible.

These new product enhancements bolster security in a number of dimensions including scanning for vulnerabilities during different development stages and increasing team security by offering tools such as audit logs and scoped access tokens.  

Take a look at what we announced:

Verified Publisher Program
Docker launched the Docker Verified Publisher program Continue reading

Our journey from office-centric to remote-first

Docker Inc. started like many startups with engineers working from a single location. For us, this was in the Bay Area in the US. We were very office-centric, so the natural way to increase diversity and to get engineers from different cultures to work together was to open new offices in diverse locations. Right from the start, our goal was to mix American and European ways of producing software, giving us the best of both cultures.

Step 1 – Opening European offices

In 2015, Docker started to open offices in Europe, starting with Cambridge in the United Kingdom and followed by Paris in France. With these two locations, the long road to gaining experience working with remote employees began.

Having multiple offices scattered around the world is different from being fully remote. But you still start experiencing some of the challenges of not having everybody in the same location simultaneously. We spent a great deal of our time on planes or trains visiting each other.

Despite the robust open-source culture of the company, which shows that you can build great software while not having everybody in the same room, we still had a very office-centric culture. A lot of the Continue reading

Routing Protocols: Use the Best Tool for the Job

When I wrote about my sample OSPF+BGP hands-on lab on LinkedIn, someone couldn’t resist asking:

I’m still wondering why people use two routing protocols and do not have clean redistribution points or tunnels.

Ignoring for the moment the fact that he missed the point of the blog post (completely), the idea of “using tunnels or redistribution points instead of two routing protocols” hints at the potential applicability of RFC 1925 rule 4.

Routing Protocols: Use the Best Tool for the Job

When I wrote about my sample katacoda hands-on lab on LinkedIn (mentioning how easy it is to set up an OSPF+BGP network), someone couldn’t resist asking:

I’m still wondering why people use two routing protocols and do not have clean redistribution points or tunnels.

Ignoring for the moment the fact that he missed the point of the blog post (completely), the idea of “using tunnels or redistribution points instead of two routing protocols” hints at the potential applicability of RFC 1925 rule 4.

A Tale Of Two Enterprise IT Beasties

The so-called “Magnificent 7” or “Super 8” hyperscalers and cloud builders of the world may comprise a substantial slice of worldwide sales of servers, storage, and networking, and the cloud capacity and hyperscale services they provide may in turn represent a significant – but nowhere near dominant – chunk of overall IT spending.

A Tale Of Two Enterprise IT Beasties was written by Timothy Prickett Morgan at The Next Platform.

Dr. Kanchana Kanchanasut: On Connecting with Communities

Dr. Kanchana Kanchanasut is defined by many firsts. She is well known for being the first Thai to establish email connection to the world. She was among the pioneers to establish Thailand’s research and education network. She registered the .th domain name, conducted Thailand’s first TV White Spaces trial, and started the first open and […]

The post Dr. Kanchana Kanchanasut: On Connecting with Communities appeared first on Internet Society.

Review: 2020 M1-Based MacBook Pro

I hadn’t done a personal hardware refresh in a while; my laptop was a 2017-era MacBook Pro (with the much-disliked butterfly keyboard) and my tablet was a 2014-era iPad Air 2. Both were serviceable but starting to show their age, especially with regard to battery life. So, a little under a month ago, I placed an order for some new Apple equipment. Included in that order was a new 2020 13" MacBook Pro with the Apple-designed M1 CPU. In this post, I’d like to provide a brief review of the 2020 M1-based MacBook Pro based on the past month of usage.

The “TL;DR” of my review is this: the new M1-based MacBook Pro offers impressive performance and even more impressive battery life. While the raw performance may not “blow away” its 2020 Intel-based counterpart—at least, it didn’t in my real-world usage—the M1-based MacBook Pro offered consistently responsive performance with a battery life that easily blew past any other laptop I’ve ever used, bar none.

Read on for more details.

Hardware

The build quality is really good, with a significant improvement in keyboard quality relative to the earlier butterfly keyboard models (such as my 2017-era MacBook Pro). However, the overall design Continue reading

Day Two Cloud 100: Get To Know Crossplane: An Infrastructure Control Plane For K8s

Crossplane is an open-source project that plugs into Kubernetes to serve as a control plane that can run across multiple private and public clouds. It allows infrastructure teams to compose infrastructure with all the required policies, permissions, and guardrails, while also providing APIs for developer self-service. Today's Day Two Cloud podcast dives into Crossplane and how it works with maintainer Daniel Mangum.

Day Two Cloud 100: Get To Know Crossplane: An Infrastructure Control Plane For K8s

Crossplane is an open-source project that plugs into Kubernetes to serve as a control plane that can run across multiple private and public clouds. It allows infrastructure teams to compose infrastructure with all the required policies, permissions, and guardrails, while also providing APIs for developer self-service. Today's Day Two Cloud podcast dives into Crossplane and how it works with maintainer Daniel Mangum.

The post Day Two Cloud 100: Get To Know Crossplane: An Infrastructure Control Plane For K8s appeared first on Packet Pushers.

Could antiferromagnetic chips replace silicon?

We probably wouldn’t have a Digital Age without silicon.The second most abundant element in the Earth’s crust (oxygen is No. 1), silicon is cheap and has the ability to conduct electricity and/or act as an insulator. Converted into silicon wafers, it powers the computers, smartphones and other electronic devices we use to work and, importantly, to avoid work. So clearly silicon is indispensable.Or maybe not. Our insatiable demand for more and more data, along with the need to store it, is pushing the limits of what silicon can deliver in terms of speed, density, and security. In a bid to find a worthy successor to silicon-based memory devices, MIT physicists are zeroing in something called antiferromagnets.To read this article in full, please click here

Could antiferromagnetic chips replace silicon?

We probably wouldn’t have a Digital Age without silicon.The second most abundant element in the Earth’s crust (oxygen is No. 1), silicon is cheap and has the ability to conduct electricity and/or act as an insulator. Converted into silicon wafers, it powers the computers, smartphones and other electronic devices we use to work and, importantly, to avoid work. So clearly silicon is indispensable.Or maybe not. Our insatiable demand for more and more data, along with the need to store it, is pushing the limits of what silicon can deliver in terms of speed, density, and security. In a bid to find a worthy successor to silicon-based memory devices, MIT physicists are zeroing in something called antiferromagnets.To read this article in full, please click here

The Opportunity Your Future Needs: How I Helped Build the Internet and My Career

A group of 40-50 youth waving at camera

Have you ever wondered how you can change the course of the Internet? Do you want to share your ideas about how to keep the Internet secure, trusted, and a force for good with leading technology companies, government officials, and expert leaders? Are you ready to transform your career and master your leadership skills through […]

The post The Opportunity Your Future Needs: How I Helped Build the Internet and My Career appeared first on Internet Society.

Unnumbered Ethernet Interfaces

Imagine an Internet Service Provider offering Ethernet-based Internet access (aka everyone using fiber access, excluding people believing in Russian dolls). If they know how to spell security, they might be nervous about connecting numerous customers to the same multi-access network, but it seems they have only two ways to solve this challenge:

  • Use private VLANs with proxy ARP on the head-end router, forcing the customer-to-customer traffic to pass through layer-3 forwarding on the head-end router.
  • Use a separate routed interface with each customer, wasting three-quarters of their available IPv4 address space.

Is there a third option? Can’t we pretend Ethernet works in almost the same way as dialup and use unnumbered IPv4 interfaces?

Unnumbered Ethernet Interfaces

Imagine an Internet Service Provider offering Ethernet-based Internet access (aka everyone using fiber access, excluding people believing in Russian dolls). If they know how to spell security, they might be nervous about connecting numerous customers to the same multi-access network, but it seems they have only two ways to solve this challenge:

  • Use private VLANs with proxy ARP on the head-end router, forcing the customer-to-customer traffic to pass through layer-3 forwarding on the head-end router.
  • Use a separate routed interface with each customer, wasting three-quarters of their available IPv4 address space.

Is there a third option? Can’t we pretend Ethernet works in almost the same way as dialup and use unnumbered IPv4 interfaces?

Calico Integration with WireGuard Using kOps

Reza Ramezanpour Reza is a developer advocate at Tigera, working to promote adoption of Project Calico. Before joining Tigera, Reza worked as a systems engineer and network administrator. It has been a while since I have been excited to write about encrypted tunnels. It might be the sheer pain of troubleshooting old technologies or countless hours of falling down the rabbit hole of a project’s source code that always motivated me to pursue a better alternative — without much luck. However, I believe luck is finally on my side. In this blog post, we will explore using open source Tigera announced a tech preview of its TLS were available to encrypt workloads’ traffic at higher TCP/IP layers, in this case, the application layer. However, WireGuard targets traffic at a lower layer, the transport layer, which makes it effective for a wider range Continue reading