Introducing Deploy Hooks for Cloudflare Pages

Introducing Deploy Hooks for Cloudflare Pages
Introducing Deploy Hooks for Cloudflare Pages

With Cloudflare Pages, deploying your Jamstack applications is easier than ever — integrate with GitHub and a simple git push deploys your site within minutes. However, one of the limitations of Pages was that triggering deployments to your site only happens within the confines of committing to GitHub. We started thinking about how users who author content consistently on their site — our bloggers and writers — may not always be editing their copy directly via the code but perhaps through a different service. Headless content management systems (CMSs) are a simple solution to solve this problem, allowing users to store their backend content through an editing interface as a service for an application like Pages.

It made us wonder: what if we could trigger deployments based on updates made in other places rather than just via GitHub? Today, we are proud to announce a new way to connect your Pages application with your headless CMSs and databases: introducing Deploy Hooks for Pages.

What’s a headless CMS?

Headless CMSs such as Contentful, Ghost and Sanity.io allow optimization of content formatting for any type of interface. With tools like these, you can leverage a “decoupled” content management model where all Continue reading

LISP – OMP – BGP EVPN Interoperability – Part VI: LISP Control-Plane – Registering External IP Prefixes

 

Introduction

 

This chapter introduces how Border-PxTR-13 registers the external IP prefix 172.16.30.0/24 received as a BGP update from vEdge-1 to MapSrv-22 using LISP Map-register messages. Chapter 2 explains the LISP RLOC-to-EID mapping process in detail so this chapter just briefly recaps the operation. Figure 5-1 illustrates the overall process. vEdge-1 sends a BGP Update message where it describes the NLRI for prefix 172.16.30.0/24. Border-PxTR-13 first imports the information into the LISP processes. Next, it sends a LISP Map-Register message to MapSrv-22. In addition to IP prefix information, the Map-Register message carries Locator Record information that describes the destination IP address used in the outer IP header (tunnel header) when devices route IP packets towards the advertised subnet.  



Figure 5-1:Overall Control-Plane Operation: OMP to LISP

Continue reading

How to deploy a BGP route generator? | Containerlab | ExaBGP

Hi all!

The blog post is sort of "How to ...?"

Introduction

Some time ago I needed to prepare a lab environment where I should have to simulate a huge amount of BGP updates between routers.  How can we arrange that? The main thing is how to generate a lot of BGP updates? As I see we have two ways:

  • VM with network OS from classic vendors (Cisco, Juniper, Nokia);
  • Linux BGP daemon
Sure, BGP daemons are more scalable and suitable for lab purposes. And a lot of companies use them in production (in most cases as BGP RR). Of course, I knew about different Linux BGP demons but didn't have experience with them. This time I followed the next simple workflow in the tech world - don't know something? Let's Googling! (don't use this way in the production environment - firstly, read tech books, user guides, RFC, etc :) )

This way I've found all that I need:

1) BGP daemon. I decided to use ExaBGP
2) Route generator. It's a simple python script route-smash that uses ExaBGP API.

As a lab environment, I'm using Containerlab. Don't know what more I can add about Containerlab. If you don't Continue reading

Some not-DNS Topics at IETF 111

It may be surprising to the DNSphiles out there but there really are other topics that are discussed at IETF meetings not directly related to the DNS! These are some notes I took on the topic of current activities in some of the active IETF areas that are not DNS topics.

DNS at IETF 111

IETF 111 was held virtually in July 2020. These are some notes I took on the topic of current activities in the area of the Domain Name System and its continuing refinement at IETF 111.

Chip shortage has networking vendors scrambling

High-tech vendors continue to battle supply-chain problems and higher costs brought on by the current semiconductor shortage, according to statements made in the most recent round of earnings calls.As Network World reported in May, COVID-19 triggered an explosion of the global remote workforce, which created extraordinary demand for new tech gear. It also forced the shutdown of processor plants. Restarting those plants and renewing supply chains to their pre-pandemic state will be a lengthy process, industry leaders warn.To read this article in full, please click here

Ransomware recovery: Cloud is the way to go

If you’ve been attacked by ransomware, a fully automated, high-speed disaster recovery is the way to successfully avoid paying the ransom. Recovery is the second step in the two-step process after getting rid of the malware as described here.There are three ways to affect a disaster recovery after a ransomware attack: a traditional recovery, an image-based recovery, or a cloud-based recovery. But the only way for most environments to afford automating a large-scale recovery is to recover in the cloud.How to protect backups from ransomware Traditional disaster recovery A traditional disaster recovery is one where you begin a traditional restore after you have suffered a loss—in this case, after you receive a ransom demand. It is still a traditional restore if you are restoring virtual machine images to a hypervisor platform such as VMware, Hyper-V, or KVM, or a hyperscaler such as AWS, Azure, or GCP. What makes it traditional is that you are waiting until the event happens to begin the restore. (As you will see later in this article, there are ways to restore the data before you need it.)To read this article in full, please click here

Cloudflare Helps K-12s Go Back to School

Cloudflare Helps K-12s Go Back to School
Cloudflare Helps K-12s Go Back to School

While Federal funding programs focus on providing connectivity to students and staff, security is often an afterthought and reallocating funds to protect the network can become a challenge. We are excited to announce our Back to School initiative to further support our mission to provide performance and security with no trade-offs.

From start to finish, education customers will work with our dedicated Public Sector team, well-versed in the specific technical environments and business needs for K-12 districts. Your IT team will have access to 24/7/365 technical support, emergency response and support during under attack situations, and ongoing training to continuously help improve your security posture and business continuity plans.

Attacks Against K-12 Schools On The Rise

Public schools in the United States, especially K-12s, saw a record-breaking increase in cybersecurity attacks. The K-12 Cyber Incident Map cataloged 408 publicly-disclosed school incidents, including a wide range of cyber attacks; from data breaches to ransomware, phishing attacks, and denial-of-service attacks. This is an 18 percent increase over 2019 and continues the upward trend in attacks since the K-12 Cyber Incident Map started tracking incidents in 2016. To support our public education partners, Cloudflare has created a tailored onboarding experience to help education Continue reading

Kubernetes security issues: An examination of major attacks

In a never-ending game of cat and mouse, threat actors are exploiting, controlling and maintaining persistent access in compromised cloud infrastructure. While cloud practitioners are armed with best-in-class knowledge, support, and security practices, it is statistically impossible to have a common security posture for all cloud instances worldwide. Attackers know this, and use it to their advantage. By applying evolved tactics, techniques and procedures (TTPs), attackers are exploiting edge cases. As a result, organizations like Capital One, Jenkins, Docker and many others have experienced high-profile breaches.

TTPs are defined as “patterns of activities or methods associated with a specific threat actor or group of threat actors.” TTPs describe how threat actors (the bad guys) orchestrate, execute, and manage their operations attacks. Analysis of TTPs can benefit security operations by providing a description of how threat actors performed their attacks. Kubernetes is not immune to TTPs. Let’s examine some recent cases within the Kubernetes ecosystem.

 

Case #1: Misconfigured Docker

If you’re an attacker looking for misconfigured Docker instances to exploit, it’s as easy as probing open ports 2375, 2376, 2377, 4243, and 4244 on the internet. Vulnerable instances can also be located using search engines like Continue reading

What’s New in Calico v3.20

We’re excited to announce Calico v3.20! Thank you to everyone who contributed to this release! For detailed release notes, please go here. Below are some highlights from the release.

Service-based egress rules

Calico NetworkPolicy and GlobalNetworkPolicy now support egress rules that match on Kubernetes service names. Service matches in egress rules can be used to allow or deny access to in-cluster services, as well as services typically not backed by pods (for example, the Kubernetes API). Address and port information is learned from the individual endpoints within the service, making it easier to keep your network policy in sync with your workloads.

Check out the docs for more!

Golang API

In Calico v3.19, we introduced a tech-preview API server that allows management of Calico resources directly with kubectl. In v3.20, we’re building upon that with a new Golang API for Calico!

Install the API server and import the Golang API to manage Calico network policies and more, in your own applications! See the projectcalico/api repository, which includes an example, and the Go documentation page.

Configurable BGP graceful restart timer

If you’re using BGP in your cluster, the graceful restart timer is used during rolling updates to ensure Continue reading

Marvell Adds Hyperscale Ethernet With Innovium Acquisition

Cash used to be king, and now market capitalization is. That’s one of the reasons that the biggest players in the semiconductor arena are snapping up competitors, startups, and suppliers in adjacent chip markets at an increasing pace and with very large bags of “money.”

Marvell Adds Hyperscale Ethernet With Innovium Acquisition was written by Timothy Prickett Morgan at The Next Platform.

Hedge 94: Josh Slater and Quantum Networking

If you’re like me, you’ve heard a lot of hype about quantum—but you’ve never really been able to understand what quantum networking might be useful for. On this episode of the Hedge, Josh Slater, who works in the field of quantum networking, Ethan Banks, and Russ White discuss the current state of quantum networking and potential use cases for the technology. Things are farther along than you might think.

download

How OpenInfra Can Solve the Global Connectivity Crisis

Jonathan Bryce Jonathan Bryce, who has spent his career building the cloud, is Executive Director of the Open Infrastructure Foundation. Previously he was a founder of The Rackspace Cloud. He started his career working as a web developer for Rackspace, and during his tenure, he and co-worker Todd Morey had a vision to build a sophisticated web hosting environment where users and businesses alike could turn to design, develop and deploy their ideal website — all without being responsible for procuring the technology, installing it or making sure it is built to be always available. This vision became The Rackspace Cloud. Since then he has been a major driver of OpenStack, the open source cloud software initiative. When the internet began as Arapanet in 1969, it connected one computer at each of four universities. Today, it’s an estimated 50 billion devices, with that number growing each second. The computing architecture originally designed to connect four hard-wired laboratories in the southwest now connects billions of wired and wireless devices globally. On a recent episode of Martin Casado Continue reading

Day Two Cloud 109: PacketFabric Wants To Make Networking As Easy As Cloud (Sponsored)

Today's sponsored Day Two Cloud episode talks WAN networking with PacketFabric. PacketFabric lets you provision point-to-point and hybrid cloud connectivity as a service. Built on a private fiber network, the company's goal is to let you set up networking as if it was software. Our guest is Anna Claiborne, Co-Founder, CTO and CPO.

The post Day Two Cloud 109: PacketFabric Wants To Make Networking As Easy As Cloud (Sponsored) appeared first on Packet Pushers.

Modernizing a familiar approach to REST APIs, with PostgreSQL and Cloudflare Workers

Modernizing a familiar approach to REST APIs, with PostgreSQL and Cloudflare Workers

Postgres is a ubiquitous open-source database technology. It contains a vast number of features and offers rock-solid reliability. It's also one of the most popular SQL database tools in the industry. As the industry builds “modern” developer experience tools—real-time and highly interactive—Postgres has also served as a great foundation. Projects like Hasura, which offers a real-time GraphQL engine, and Supabase, an open-source Firebase alternative, use Postgres under the hood. This makes Postgres a technology that every developer should know, and consider using in their applications.

For many developers, REST APIs serve as the primary way we interact with our data. Language-specific libraries like pg allow developers to connect with Postgres in their code, and directly interact with their databases. Yet in almost every case, developers reinvent the wheel, building the same connection logic on an app-by-app basis.

Many developers building applications with Cloudflare Workers, our serverless functions platform, have asked how they can use Postgres in Workers functions. Today, we're releasing a new tutorial for Workers that shows how to connect to Postgres inside Workers functions. Built on PostgREST, you'll write a REST API that communicates directly with your database, on the edge.

This means that Continue reading

1 725 726 727 728 729 3,882