Developers, Developers, Developers: Welcome to Developer Week 2021

Developers, Developers, Developers: Welcome to Developer Week 2021
Developers, Developers, Developers: Welcome to Developer Week 2021

Runtimes, serverless, edge compute, containers, virtual machines, functions, pods, virtualenv. All names for things developers need to go from writing code to running code. It’s a painful reality that for most developers going from code they’ve written to code that actually runs can be hard.

Excruciatingly, software development is made hard by dependencies on modules, by scaling, by security, by cost, by availability, by deployment, by builds, and on and on. All the ugly reality of crystallizing thoughts into lines of code that actually run, successfully, somewhere, more than once, non-stop, and at scale.

And so… Welcome to Developer Week 2021!

Like we have done in previous Innovation Weeks (such as Security Week or Privacy Week), we will be making many (about 20) announcements of products and features to make developers’ lives easier. And by easy I mean removing the obstacles that stop you, dear developer, from writing code and deploying it so it scales to Internet size.

And Cloudflare Workers, our platform for software developers who want to deploy Internet-facing applications that start instantly and scale Internetly, has been around since 2017 (or to put it in perspective, since iPhone 8) and helping developers code and deploy in seconds Continue reading

AWS Cloud Development Kit: Now I Get It

The AWS Cloud Development Kit (CDK) is an "open source software development framework to define your cloud application resources using familiar programming languages". When CDK launched in 2019, I remember reading the announcement and thinking, "Ok, AWS wants their own Terraform-esque tool. No surprise given how popular Terraform is." Months later, my friend and colleague Matt M. was telling me how he was using CDK in a project he was working on and how crazy cool it was.

I finally decided to give CDK a go for one of my projects. Here is what I discovered.

A Near 2 year Part Time Project Done – A sustaining Model!

Ever since I got interested in plants getting some sort of metrics has been a part time obsession.

Iteration 1 – No wireless and no outdoor model with always on usb power.

Iteration 2 – Learnt about ESP8266 microcontroller and deep sleep feature

Iteration 3 – Saving battery through deep sleep and battery power instead of usb mains, Adding ESP32 Microcontroller.

Iteration 4 – Study about Lithium Ion batteries

Iteration 5 – Making model wireless and usb free power, running on batteries

Iteration 6 – Containerising the entire software and integration with AWS and Telnyx

Iteration 7 – Making the model sustaining on itself through solar power and making it weather resistant

This completes an End to End IOT Model with a micro controller , a moisture sensor and two lithium ION batteries which get charged based on a small solar panel. Am going to extend this to LoRa Wan and will try to achieve ultra low power long distance.

The idea is that there is an allotment 6 kms from the place I live and I will see if AWS and LoRa Wan Supports me for protocol needs.

Docker containers associated with this project

Grafana Dashboard – Retrieving data Continue reading

For CPU Makers and OEMs Alike, It’s A Platform View

Dell took a look at the two weeks between the rollouts by AMD and Intel of their latest server processors and, after some debate, decided to unveil its entire portfolio of new and enhanced systems – featuring the new chips from both vendors – at the launch of AMD’s latest Epyc silicon rather than announce servers in line with the chip makers’ timing.

For CPU Makers and OEMs Alike, It’s A Platform View was written by Jeffrey Burt at The Next Platform.

Notes on Aviatrix

Miscellaneous notes on Aviatrix.
Usually updated on Fridays.
New and updated notes are placed at the top.

Updating the Aviatrix Controller IAM Policy:
When deploying the Aviatrix controller in AWS for the first time, the AWS CloudFormation template that launched your controller may not have the most current IAM policy definitions for the IAM roles it creates for the controller to use. To remedy this, right after your controller is launched and you’ve logged on for the first time, do the following:

  1. Define your Primary access account. Go to Onboarding > AWS > Create Primary Access Account. This is the AWS account that your controller lives in.
  2. Now go to Accounts > Access Accounts. Highlight the Primary access account you just created and click “Update Policy”. This will update the IAM policy applied to the IAM roles your controller will be using to the latest and greatest.

How to use an AWS ACM Certificate with your Aviatrix controller:
To apply an ACM public certificate to your UI sessions with the Aviatrix controller you’ll need to use a Load Balancer and attach your certificate to it. Here’s what I did:

  1. Create a Network Load Balancer (NLB)
  2. Create a TLS:443 listener on Continue reading

After Two Decades, the Party Is Ready for the IXP in El Salvador

The history of El Salvador’s Internet exchange point (IXSal) is perhaps the longest and most complex, beginning at the end of the last century, in 1999, explains its founder, Lito Ibarra, with a smile. “It started out as a utopia after I started hearing about the experiences of other countries.” Ibarra wrote proposals and received […]

The post After Two Decades, the Party Is Ready for the IXP in El Salvador appeared first on Internet Society.

When Stretching Layer Two, Separate Your Fate

On the Packet Pushers YouTube channel, Jorge asks in response to Using VXLAN To Span One Data Center Across Two Locations

if stretching the layer 2 is not recommended, then what is the recommendation if you need to fault over to a different physical location and still got to keep the same IP addresses for mission critical applications?

TL;DR

That video is a couple of years old at this point, and I don’t recall the entire discussion. Here’s my answer at this moment in time. If DCI is required (and I argue that it shouldn’t be in most cases), look at VXLAN/EVPN. EVPN is supported by several vendors. If you are a multi-vendor shop, watch for EVPN inter-vendor compatibility problems. Also look for vendor EVPN guides discussing the use case of data center interconnect (DCI).

Also be aware (and beware) of vendor-proprietary DCI technologies like Cisco’s OTV. I recommend against investing in OTV and similar tech unless you already have hardware that can do it and can turn the feature on for free. Otherwise, my opinion, for what it’s worth, is to stick with an EVPN solution. EVPN is a standard that’s been running in production environments for Continue reading

Weekend Reads 040921


The Resource Public Key Infrastructure (RPKI) is a specialized PKI designed and deployed to improve the security of the Internet BGP routing system. Some of the ‘resources’ that make up the RPKI include IP address prefixes and Autonomous System numbers (ASNs).


The concept of a “hardware-based root of trust” takes aim at issues like this; it ensures that a computer always boots with legitimate code.


The server immersion technology that has cooled extreme density bitcoin hardware for The Bitfury Group is coming to the data center.


New research into 5G architecture has uncovered a security flaw in its network slicing and virtualized network functions that could be exploited to allow data access and denial of service attacks between different network slices on a mobile operator’s 5G network.


The “Milan” Epyc 7003 processors, the third generation of AMD’s revitalized server CPUs, is now in the field, and we await the entry of the “Ice Lake” Xeon SPs from Intel for the next jousting match in the datacenter to begin.


And just as these bad actors know that a highly successful way to weaken a business is to disrupt its supply chain, the same goes for cybercrime. It’s time to turn the Continue reading

Heavy Networking 572: How First Bank Leverages Aruba SD-WAN For Network And Security Transformation (Sponsored)

Today's Heavy Networking explores how First Bank uses Aruba’s SD-WAN to advance its cloud migration, support remote workers, and provide secure segmentation for IoT devices. We also discuss the growing trend of SASE and First Bank’s strategy around cloud-delivered security services. Our guests are Marc Ashworth, CISO at First Bank; and Damon Ennis, VP of Engineering at Aruba Networks.

Heavy Networking 572: How First Bank Leverages Aruba SD-WAN For Network And Security Transformation (Sponsored)

Today's Heavy Networking explores how First Bank uses Aruba’s SD-WAN to advance its cloud migration, support remote workers, and provide secure segmentation for IoT devices. We also discuss the growing trend of SASE and First Bank’s strategy around cloud-delivered security services. Our guests are Marc Ashworth, CISO at First Bank; and Damon Ennis, VP of Engineering at Aruba Networks.

The post Heavy Networking 572: How First Bank Leverages Aruba SD-WAN For Network And Security Transformation (Sponsored) appeared first on Packet Pushers.

Debunk the Junk- The case for App Acceleration with SD-WAN

In this episode we will discuss the idea of SD-WAN vs. Application Acceleration and WANop.  With the proliferation of SD-WAN we’ve heard a lot of people say that SD-WAN gives you the traffic control, but does it negate the need for application acceleration or WAN optimization tools?  We attack this common misconception and discuss our stance on the matter in this episode.

Reference Links:

Phil Gervasi
Host
Brandon Carroll
Host
John Pittle
Guest

The post Debunk the Junk- The case for App Acceleration with SD-WAN appeared first on Network Collective.

Per Origin Host Header Override

Per Origin Host Header Override

Load Balancing as a concept is pretty straightforward. Take an existing infrastructure and route requests to the available origin servers so no single server is overwhelmed. Add in some health monitoring to ensure each server has a heartbeat/pulse so proactive decisions can be made. With two steps, you get more effective utilization of your existing resources… simple enough!

As your application grows, however, load balancing becomes more complicated. An example of this — and the subject of this blog post — is how load balancing interacts with the Host header in an HTTP request.

Host headers and load balancing

Every request to a website contains a unique piece of identifying information called the Host header. The Host header helps route each request to the correct origin server so the end user is sent the information they requested from the start.

For example, say that you enter example.com into my URL bar in my browser. You are sending a request to ‘example.com’ to send you back the homepage located within that application. To make sure you actually get resources from example.com, your browser includes a Host header of example.com. When that request reaches the back-end infrastructure, Continue reading

Cisco SD-WAN – Part III: Overlay Management Protocol

 

Introduction

 

This chapter introduces the operation of the Overlay Management Protocol (OMP). It starts by introducing TLOC Routes which are used for establishing tunnels between vEdges. Next, it explains OMP Routes which in turn are used for advertising client VPN-specific networks reachability information. I am also going to show the data plane encapsulation when data is sent between the hosts in site 10 and site 30. The purpose of the data plane section is to show how the label attribute advertised within OMP routing advertisements is used to identify customer VPN. In order to see inside captured packets, I am using GRE tunnels instead of IPSec. Figure 3-1 illustrates the example topology used in this chapter. The customer VPN 10 is used on both sites. Site 10 subnet is 172.16.10.0/24 and site 30 subnet is 172.16.30.0/24. Interface ge0/­0 in both vEdges is connected to the Public-Internet, and interface ge0/1 is the connected to MPLS transport network where the customer has its dedicated MPLS VPN.



Figure 3-1: SD-WAN Example Topology.

Bringing New Engineers into Networking on Software Gone Wild

As I started Software Gone Wild podcast in June 2014, I wanted to help networking engineers grow beyond the traditional networking technologies. It’s only fitting to conclude this project almost seven years and 116 episodes later with a similar theme Avi Freedman proposed when we started discussing podcast topics in late 2020: how do we make networking attractive to young engineers.

Elisa Jasinska and Roopa Prabhu joined Avi and me, and we had a lively discussion that I hope you’ll find interesting.

Listen to the podcast
1 731 732 733 734 735 3,819