What Chip Startups Can Learn from Google’s TPU Design Team
The inception of Google’s effort to build its own AI chips is quite well known by now but in the interests of review, we’ll note that as early 2013 the company envisioned machine learning could consume the majority of its compute time. …
What Chip Startups Can Learn from Google’s TPU Design Team was written by Nicole Hemsoth at The Next Platform.
Living on the Edge
Having enjoyed the benefits of an increasingly digital existence, most consumers are not only willing but demand to continue living on the edge.Industry-First Pay-as-you-go SaaS Platform for Kubernetes Security and Observability
We are excited to introduce Calico Cloud, a pay-as-you-go SaaS platform for Kubernetes security and observability. With Calico Cloud, users only pay for services consumed and are billed monthly, getting immediate value without upfront investment.
Introduction
Calico Cloud gives DevOps, DevSecOps, and Site Reliability Engineering (SRE) teams a single pane of glass across multi-cluster and multi-cloud Kubernetes environments to deploy a standard set of egress access controls, enforce security policies, ensure compliance, get end-to-end visibility, and troubleshoot applications. Calico Cloud is Kubernetes-native and provides native extensions to enable security and observability as code for easy and consistent enforcement across Kubernetes distributions, multi-cloud and hybrid environments. It scales automatically with the managed clusters according to the user requirements to ensure uninterrupted real-time visibility at any scale.
Security and Observability Challenges
- North-South Controls: Often microservices need to communicate with services or API endpoints running outside the Kubernetes cluster. Implementing access control from Kubernetes pods to external endpoints is hard. Most traditional or cloud provider’s firewalls do not understand the Kubernetes context which forces the ops team to allow traffic from the entire cluster or a set of worker nodes.
- East-West Controls: Even after effective perimeter-based north-south controls, the organizations face challenges to Continue reading
How to Deploy GPU-Accelerated Applications on Amazon ECS with Docker Compose
Many applications can take advantage of GPU acceleration, in particular resource-intensive Machine Learning (ML) applications. The development time of such applications may vary based on the hardware of the machine we use for development. Containerization will facilitate development due to reproducibility and will make the setup easily transferable to other machines. Most importantly, a containerized application is easily deployable to platforms such as Amazon ECS, where it can take advantage of different hardware configurations.
In this tutorial, we discuss how to develop GPU-accelerated applications in containers locally and how to use Docker Compose to easily deploy them to the cloud (the Amazon ECS platform). We make the transition from the local environment to a cloud effortless, the GPU-accelerated application being packaged with all its dependencies in a Docker image, and deployed in the same way regardless of the target environment.
Requirements
In order to follow this tutorial, we need the following tools installed locally:
- Windows and MacOS: install Docker Desktop
- Linux: install Docker Engine and Compose CLI
- To deploy to Amazon ECS: an AWS account
For deploying to a cloud platform, we rely on the new Docker Compose implementation embedded into the Docker CLI binary. Therefore, when targeting a cloud Continue reading
Network Break 320: Juniper Rebrands Service Provider Automation Offerings; Fortinet Gets SASE With Latest OS
This week's Network Break dives into Juniper reorganizing and rebranding automation products as the Paragon portfolio, new SASE and ZTNA capabilities from Fortinet, the rise of cyber-insurance premiums, an HPE server getting launched into space, and more tech news.Network Break 320: Juniper Rebrands Service Provider Automation Offerings; Fortinet Gets SASE With Latest OS
This week's Network Break dives into Juniper reorganizing and rebranding automation products as the Paragon portfolio, new SASE and ZTNA capabilities from Fortinet, the rise of cyber-insurance premiums, an HPE server getting launched into space, and more tech news.
The post Network Break 320: Juniper Rebrands Service Provider Automation Offerings; Fortinet Gets SASE With Latest OS appeared first on Packet Pushers.
Anthos developer sandbox demo
Anthos developer sandbox is pretty cool as it allows developers to experience Kubernetes/GKE/Anthos from right inside their favorite IDE. I made the following demo to showcase how you can use Anthos developer sandbox.A Simultaneous Boost for AI, Traditional HPC
In our first article in this short series we explored SambaNova Systems’ thesis that future advances in AI require a new architecture to handle new and highly demanding workloads. …
A Simultaneous Boost for AI, Traditional HPC was written by Daniel Robinson at The Next Platform.
IBM Gathers Energy Giants for Quantum Network
The quantum computing race is on to collect as many Fortune 500 companies to sign onto broad research agreements that send a clear message: quantum may still be on the horizon, but leading enterprises are already taking it seriously. …
IBM Gathers Energy Giants for Quantum Network was written by Nicole Hemsoth at The Next Platform.
Availability Zones and Regions in AWS, Azure and GCP
My friend Daniel Dib sent me this interesting question:
As I understand it, subnets in Azure span availability zones. Do you see any drawback to this? Does subnet matter if your VMs are in different AZs?
I’m positive I don’t have to tell you what networks, subnets, and VRFs are, but you might not have worked with public cloud availability zones before. Before going into the details of Daniel’s question (and it will take us three blog posts to get to the end), let’s introduce regions and availability zones (you’ll find more details in AWS Networking and Azure Networking webinars).
Availability Zones and Regions in AWS, Azure and GCP
My friend Daniel Dib sent me this interesting question:
As I understand it, subnets in Azure span availability zones. Do you see any drawback to this? Does subnet matter if your VMs are in different AZs?
I’m positive I don’t have to tell you what networks, subnets, and VRFs are, but you might not have worked with public cloud availability zones before. Before going into the details of Daniel’s question (and it will take us three blog posts to get to the end), let’s introduce regions and availability zones (you’ll find more details in AWS Networking and Azure Networking webinars).
Farewell to Northbound Networks
Digging through my office looking for some other technology which I had misplaced, I stumbled across a small box containing a Northbound Networks Zodiac-FX, a small 4-port FastEthernet OpenFlow SDN switch which I had picked up after backing a 2015 kickstarter campaign.
These were a pretty cool idea, and at the time OpenFlow (OF) was the hottest thing around, everything was being SDN-washed, and the idea that a regular user like myself could afford actual hardware with OF capabilities to toy with in the home lab was beyond belief. Of course, it was possible to virtualize OF with Mininet, but there’s something about using a real switch that goes beyond that. Even though, as you’ll in a future post, I ended up wasting that opportunity, I am still honored to have backed it, and my hat is off to Northbound Networks’ founder Paul Zanna for what he has accomplished.
Paying My Respects
With that in mind, I’m sad to note that when I went to the Northbound Networks website, I discovered that some time around August 2020 the company stopped manufacturing SDN hardware.
Since the original Zodiac FX campaign, Paul had expanded the available products to include an 802. Continue reading
Rethinking BGP on the DC Fabric (part 3)
The fist post on this topic considered some basic definitions and the reasons why I am writing this series of posts. The second considered the convergence speed of BGP on a dense topology such as a DC fabric, and what mechanisms we normally use to improve BGP’s convergence speed. This post considers some of the objections to slow convergence speed—convergence speed is not important, and ECMP with high fanouts will take care of any convergence speed issues. The network below will be used for this discussion.
Two servers are connected to this five-stage butterfly: S1 and S2 Assume, for a moment, that some service is running on both S1 and S2. This service is configured in active-active mode, with all data synchronized between the servers. If some fabric device, such as C7, fails, traffic destined to either S1 or S2 across that device will be very quickly (within tens of milliseconds) rerouted through some other device, probably C6, to reach the same destination. This will happen no matter what routing protocol is being used in the underlay control plane—so why does BGP’s convergence speed matter? Further, if these services are running in the overlay, or they are designed to discover Continue reading
Negotiating your maximum salary
If you are not negotiating your salary, you are almost certainly leaving money on the table. Negotiation is an important career skill and activity because it provides a very nice upside in overall career earnings. Preparation is important because the person you are negotiating with probably has a lot more experience in salary negotiations than […]
The post Negotiating your maximum salary appeared first on Packet Pushers.
How CFOs Accelerate Modernization with Cloud Economics
It's important to choose a cloud infrastructure that can evolve to support the workloads and the associated SLAs while at a price point that resonates with CFOs.The Week in Internet News: No Internet, No Vaccine
Unhealthy access: People lacking Internet access in the U.S., including some racial minorities, may be missing out on COVID-19 vaccines, The Conversation suggests. Signing up for the vaccine in the U.S. has largely happened online, meaning fewer seniors from underserved minority communities have been able to make appointments. In addition, people without Internet access have missed out on other health resources during the pandemic, as the use of telehealth services has skyrocketed during the pandemic.
Permission to be social: Mexican Senator Ricardo Monreal has proposed regulations for social media companies that would require them to “request authorization” from the country’s telecom regulator in order to continue operating in the country, Reuters reports. The Latin American Internet Association is protesting against the proposal, saying it would violate the United States-Mexico-Canada Agreement and create unjustified trade barriers.
No sale: U.S. President Joe Biden has paused the proposed sale of TikTok from Chinese owner ByteDance to Oracle and Walmart after former President Donald Trump raised security concerns about the app, NPR reports. Trump had threated to ban the video sharing app unless it was sold, but the Biden administration will undertake “a wide-ranging probe into how Chinese-owned technology companies could Continue reading
Fast vs Easy: Benchmarking Ansible Operators for Kubernetes
With Kubernetes, you get a lot of powerful functionality that makes it relatively easy to manage and scale simple applications and API services right out of the box. These simple apps are generally stateless, so the Kubernetes can deploy, scale and recover from failures without any specific knowledge. But what if Kubernetes native capabilities are not enough?
Operators in Kubernetes and Red Hat OpenShift clusters are a common means for controlling the complete application lifecycle (deployment, updates, and integrations) for complex container-native deployments.
Initially, building and maintaining an Operator required deep knowledge of Kubernetes' internals. They were usually written in Go, the same language as Kubernetes itself.
The Operator SDK, which is a Cloud Native Computing Foundation (CNCF) incubator project, makes managing Operators much easier by providing the tools to build, test, and package Operators. The SDK currently incorporates three options for building an Operator:
- Go
- Ansible
- Helm
Go-based Operators are the most customizable, since you're working close to the underlying Kubernetes APIs with a full programming language. But they are also the most complex, because the plumbing is directly exposed. You have to know the Go language and Kubernetes internals to be able to maintain these operators.