0

What Not to Miss at DockerCon 2021

You’ll have no shortage of content to choose from at DockerCon 2021. The one-day virtual event on May 27 will offer a smorgasbord of demonstrations, product announcements, company updates and more — all of it focused on modern application delivery in a cloud-native world.

But if you need some help narrowing down what’s in the must-see category, allow us to recommend the following key sessions. They include hands-on coding using Docker’s new HTTP APIs, a dive into Docker Dev Environments, tips for navigating a multi-architecture world, and what to do if your container image has more vulnerabilities than you have Twitter followers.

Check them out. They’re all free! And if you can’t participate live, you can watch recordings at your own pace.

DockerCon LIVE 2021
Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon LIVE 2021 offers engaging live content to help you build, share and run your applications. Continue reading

0

Automation: Dealing with Vendor-Specific Configuration Keywords

One of the students in our Building Network Automation Solutions online course asked an interesting question:

I’m building an IPsec multi-vendor automation solution and am now facing the challenge of vendor-specific parameter names. For example, to select the AES-128 algorithm, Juniper uses ‌aes-128-cbc, Arista aes128, and Checkpoint AES-128.

I guess I need a kind of Rosetta stone to convert the IKE/IPSEC parameters from a standard parameter to a vendor-specific one. Should I do that directly in the Jinja2 template, or in the Ansible playbook calling the template?

Both options are awkward. It would be best to have a lookup table mapping parameter values from the data model into vendor-specific keywords, for example:

0

Automation: Dealing with Vendor-Specific Configuration Keywords

One of the students in our Building Network Automation Solutions online course asked an interesting question:

I’m building an IPsec multi-vendor automation solution and am now facing the challenge of vendor-specific parameter names. For example, to select the AES-128 algorithm, Juniper uses ‌aes-128-cbc, Arista aes128, and Checkpoint AES-128.

I guess I need a kind of Rosetta stone to convert the IKE/IPSEC parameters from a standard parameter to a vendor-specific one. Should I do that directly in the Jinja2 template, or in the Ansible playbook calling the template?

Both options are awkward. It would be best to have a lookup table mapping parameter values from the data model into vendor-specific keywords, for example:

0

Juniper i40e NVM Firmware Upgrade

Juniper Routing Engines with VM Host need an i40e NVM firmware upgrade. The procedure is a pain in the ass, and documentation is not great. But you can’t avoid the upgrade any more. New Junos versions need the firmware upgrade, and replacement REs will ship with it already installed. Here’s some tips on doing the upgrade.

Background

Newer Juniper Routing Engines use a Linux-based hypervisor, and Junos (still BSD-based) runs as a guest VM. This is mostly transparent for day to day operations. When you do a Junos upgrade, it will upgrade the underlying hypervisor if required.

Upcoming Junos versions ship with a new version of Wind River Linux that needs i40e firmware version 6.01. Older versions used v4.26. You need the new i40e firmware installed first, before you can install the latest Junos versions. You can’t put this upgrade off forever. Sooner or later you’ll want to ugprade to a Junos version that only supports the new firmware. Or you’ll get a replacement RE delivered with new firmware, and you can’t downgrade it.

For the last couple of years, Juniper has been shipping Junos versions that will work with both old & new firmware versions. You Continue reading

0

Why you don’t want to miss the upcoming Kubernetes Security and Observability Summit

The inaugural Kubernetes Security and Observability Summit will be a free, live, online experience full of Kubernetes-related security and observability content. On June 3, 2021, industry experts will gather under one virtual roof to discuss trends, strategies, and technologies for Kubernetes security and observability, to help you understand and navigate today’s pressing issues in the world of cloud-native applications.

Why attend?

The Summit is a great opportunity to:

• Network with the industry’s best security, DevOps, and site reliability engineer (SRE) teams for cloud-native platforms
• Learn how to secure, observe, and troubleshoot Kubernetes environments
• Explore real-world Kubernetes security and observability use cases presented by experts from industry-leading companies like Amazon, Box, Citi, EY, Mirantis, Morgan Stanley, PayPal, Salesforce, and of course, Tigera

Who should attend?

SREs, platform architects, and DevOps and security teams will all find value in attending the Summit.

• DevOps teams and SREs – Learn how to include security and observability in your CI/CD to enable security, observability, and troubleshooting
• Platform architects – Learn architecture patterns and best practices to secure and troubleshoot cloud-native applications
• Security teams – Learn how to holistically secure your cloud-native applications following today’s best practices

Speakers & sessions

An opening keynote address from Continue reading

0

Can OpenTelemetry Fix the Microservices Mess?

OpenTelemetry combined with analysis that produces actionable insights will go a long way toward making microservices more manageable.

0

Mythic AI gets funding to mass-produce edge chips

Just six months after unveiling its first AI inferencing processor, Mythic AI has announced a new round of funding for $70 million in Series C investment to begin mass production of its chips and to develop its next generation of hardware and software products.In November, the company announced the M1108 Analog Matrix Processor (AMP) aimed at edge AI deployments across a wide range of applications, including manufacturing, video surveillance, smart cities, smart homes, AR/VR, and drones.Now see "How to manage your power bill while adopting AI" For a company that is nine years old and has zero sales, it’s got some heavy hitters behind it. The new investment round was led by led by venture fund giant BlackRock and Hewlett Packard Enterprise (HPE). Other investors include Alumni Ventures Group and UDC Ventures.To read this article in full, please click here

0

Mythic AI gets funding to mass-produce edge chips

Just six months after unveiling its first AI inferencing processor, Mythic AI has announced a new round of funding for $70 million in Series C investment to begin mass production of its chips and to develop its next generation of hardware and software products.In November, the company announced the M1108 Analog Matrix Processor (AMP) aimed at edge AI deployments across a wide range of applications, including manufacturing, video surveillance, smart cities, smart homes, AR/VR, and drones.Now see "How to manage your power bill while adopting AI" For a company that is nine years old and has zero sales, it’s got some heavy hitters behind it. The new investment round was led by led by venture fund giant BlackRock and Hewlett Packard Enterprise (HPE). Other investors include Alumni Ventures Group and UDC Ventures.To read this article in full, please click here

0

Coiling Python Around Hybrid Quantum Systems

At this nascent stage of quantum computing, each of the limited hardware/device makers have their own software stacks. …

Coiling Python Around Hybrid Quantum Systems was written by Nicole Hemsoth at The Next Platform.

0

Answering Your Questions at DockerCon LIVE 2021

 Guest post by Docker Captain Bret Fisher, a DevOps consultant and the creator of the popular Docker Mastery Udemy course. Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE for a free, one day virtual event at https://dockr.ly/2PSJ7vn

I have the pleasure of hosting many of the live events at DockerCon this year. You may remember my 7+ hour non-stop live stream from last year’s DockerCon LIVE 2020 with nearly 20 guests:

We’re back!

This year we’re calling them Live Panels. You’ll find them in their own track in the schedule.

If you’ve never visited one of my live streams before, they tend to be DevOps focused, and as practical and real-world as we can be. Come ready to ask my guests questions in chat on our selected topics, and we’ll do our best to answer as many as we can! You get to guide the conversation with the live stream chat Q&A.

I’m hosting three live panels on three topics. I wanted to discuss the top three things that I think are the hottest topics in Docker and Cloud Native container tech today for developers and DevOps professionals, so be sure to stop Continue reading

0

How Upgrading PHP On WordPress Became *It Was DNS*-An IT Operations Tale

The server needed a PHP update. WordPress told me so with a severe-sounding notification adorned with red coloration, a security warning, boldface type, and a link explaining how to change the PHP version. I sighed. Security issues never end, and I have a recurring reminder in my todo list to patch the Virtual Private Server (VPS) boxes I shepherd.

But this PHP issue…hmm. This felt like a bigger deal, and many sites I support lean heavily into WordPress. Rather than wait for the next regular patching session, I decided to get on it. I did a process test on one server, a lower profile machine that wouldn’t hurt too much if things went awry. The goal was to move from PHP 7.2.insecure to PHP 7.4.secure. How hard could it be?

Most of the search engine hits for “upgrade PHP on WordPress” told me to go into CPanel or a similar tool my hosting provider might offer to abstract what’s going on with the server itself. That’s not what I was looking for, because I manage my own hosts. I needed to know how to reconfigure the host itself. The OS packages to install. The conf files Continue reading

0

Near Real-Time Kubernetes at Scale: Increasing App Throughput with Linkerd

Stephen Reardon The one-man band that keeps the show running, Stephen Reardon is the DevOps engineer in the Entain Trading Solutions team, operating hundreds of Kubernetes nodes in the cloud using IaC tooling, chaos engineering testing tools and end to end monitoring. His main responsibility is operational reliability, keeping the platform resilient and available, and above all developer-proof.

0

Day Two Cloud 098: Cloud Centers Of Excellence – Should You Have One?

A fractured cloud strategy causes headaches such as duplicated services, unnecessary costs, poor security controls, and other problems. A cloud center of excellence can reduce the pain by developing and championing best practices, socializing adoption, and addressing inevitable exceptions. Fred Chagnon visits the Day Two Cloud podcast to advocate for building a cloud center of excellence in your org.

0

Day Two Cloud 098: Cloud Centers Of Excellence – Should You Have One?

A fractured cloud strategy causes headaches such as duplicated services, unnecessary costs, poor security controls, and other problems. A cloud center of excellence can reduce the pain by developing and championing best practices, socializing adoption, and addressing inevitable exceptions. Fred Chagnon visits the Day Two Cloud podcast to advocate for building a cloud center of excellence in your org.

The post Day Two Cloud 098: Cloud Centers Of Excellence – Should You Have One? appeared first on Packet Pushers.

0

Why you don’t want to miss the upcoming Kubernetes Security and Observability Summit

The inaugural Kubernetes Security and Observability Summit will be a free, live, online experience full of Kubernetes-related security and observability content. On June 3, 2021, industry experts will gather under one virtual roof to discuss trends, strategies, and technologies for Kubernetes security and observability, to help you understand and navigate today’s pressing issues in the world of cloud-native applications.

Why attend?

The Summit is a great opportunity to:

• Network with the industry’s best security, DevOps, and site reliability engineer (SRE) teams for cloud-native platforms
• Learn how to secure, observe, and troubleshoot Kubernetes environments
• Explore real-world Kubernetes security and observability use cases presented by experts from industry-leading companies like Amazon, Box, Citi, EY, Mirantis, Morgan Stanley, PayPal, Salesforce, and of course, Tigera

Who should attend?

SREs, platform architects, and DevOps and security teams will all find value in attending the Summit.

• DevOps teams and SREs – Learn how to include security and observability in your CI/CD to enable security, observability, and troubleshooting
• Platform architects – Learn architecture patterns and best practices to secure and troubleshoot cloud-native applications
• Security teams – Learn how to holistically secure your cloud-native applications following today’s best practices

Speakers & sessions

An opening keynote address from Continue reading

0

The Hedge 84: David Brown and the Root of Trust

Many engineers just assume that secure hardware boot is, in fact, secure. How does this security work, and just how secure is it, though? David Brown joins Tom Ammon, Eyvonne Sharp, and Russ White on this episode of the Hedge to discuss the secure boot loader in some detail. For more information on the secure boot loader and IoT, see David’s presentation at the Open Source Summit.

download

0

Palo Alto Networks pushes enterprise zero trust

Palo Alto Networks bolstered its security portfolio with products that target enterprise network users looking to make the move to a zero-trust environment.The new capabilities focus on a number of zero trust mechanisms—including  SaaS, cloud and DNS that will be available in June—and will make it significantly easier for organizations to adopt zero-trust security across the enterprise, according to Anand Oswal, senior vice president and general manager with Palo Alto. More about DNS: DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key As more people are working from anywhere, they require fast and always-on access to data and applications in the distributed cloud, regardless of location, Oswal said. “An all-encompassing zero-trust approach to network security is critical for safeguarding productivity in the new reality of remote, mobile, and hybrid work,” he said.To read this article in full, please click here

0

Palo Alto Networks pushes enterprise zero trust

Palo Alto Networks bolstered its security portfolio with products that target enterprise network users looking to make the move to a zero-trust environment.The new capabilities focus on a number of zero trust mechanisms—including  SaaS, cloud and DNS that will be available in June—and will make it significantly easier for organizations to adopt zero-trust security across the enterprise, according to Anand Oswal, senior vice president and general manager with Palo Alto. More about DNS: DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key As more people are working from anywhere, they require fast and always-on access to data and applications in the distributed cloud, regardless of location, Oswal said. “An all-encompassing zero-trust approach to network security is critical for safeguarding productivity in the new reality of remote, mobile, and hybrid work,” he said.To read this article in full, please click here

0

Talking Chip With Ampere Computing CEO Renee James

Outside of the HPC market where there are a number of companies that have delivered or are working on Arm-based server processors, Ampere Computing is the main independent supplier of Arm-based server chips with its current 80-core Altra chips and its impending 128-core Altra Max chips, which are sampling now and will start shipping in the third quarter. …

Talking Chip With Ampere Computing CEO Renee James was written by Timothy Prickett Morgan at The Next Platform.

0

Fun with private Automation Hub – Part 1

With the introduction of Ansible Automation Platform 1.2 at AnsibleFest 2020, Ansible released private Automation Hub. This enables a means to deliver, manage and curate Ansible Automation Platform Certified Content via a central on-premises, self-hosted solution for use by internal automation communities.

This sparked my interest in digging deeper into what private Automation Hub is and how I could leverage it. My initial perception went from a mysterious black box to viewing it as the perfect Ansible Automation Platform sidecar.

I learned quite a bit on how I could optimize it for my environments and wanted to share my findings. Before we start, a brief history of Ansible content and Ansible Content Collections may be helpful.

"Following the light of the sun, we left the Old World." - Christopher Columbus on Ansible Collections

During 2017, the number of modules, roles and content under Ansible's GitHub repository surged. The backlog of issues started to increase as the inflow of new content for different platforms and network appliances/devices outpaced the growth of the Ansible Core team. Various YouTube videos and blog posts provided commentary and insights from the Ansible community. The rapid growth of Ansible content led to the birth Continue reading