0

Day Two Cloud 083: Should Cloud Be A Public Utility?

Computing power is a vital part of modern life. Should access to that power be more equitably distributed? Is there a role for a public-utility-style cloud that could make computing more cost-effective and accessible to a broader number of constituencies? These are the starting questions for today's episode of Day Two Cloud. Our guest is Dwayne Monroe, a cloud architect, consultant, and author.

0

Day Two Cloud 083: Should Cloud Be A Public Utility?

Computing power is a vital part of modern life. Should access to that power be more equitably distributed? Is there a role for a public-utility-style cloud that could make computing more cost-effective and accessible to a broader number of constituencies? These are the starting questions for today's episode of Day Two Cloud. Our guest is Dwayne Monroe, a cloud architect, consultant, and author.

The post Day Two Cloud 083: Should Cloud Be A Public Utility? appeared first on Packet Pushers.

0

Using Traefik Ingress Controller with Istio Service Mesh

Tetrate sponsored this post. Petr McAllister Petr is an IT Professional with more than 20+ years of international experience and Master’s Degree in Computer Science. He is a technologist at Tetrate. The Istio service mesh comes with its own ingress, but we see customers with requirements to use a non-Istio ingress all the time. Previously, we’ve covered Traefik ingress. With some slight adjustments to the approach we suggested previously, we at Tetrate learned how to implement Traefik as the ingress gateway to your Istio Service Mesh. This article will show you how. The flow of traffic is shown on the diagram below. As soon as requests arrive at the service mesh from the Traefik ingress, Istio has the ability to apply security, observability and traffic steering rules to the request: Incoming traffic bypasses the Istio sidecar and arrives directly at Traefik, so the requests terminate at the Traefik ingress. Traefik uses the IngressRoute config to rewrite the “Host” header to match the destination, and forwards the request to the targeted service, which is a several step process: Requests exiting Traefik Ingress are redirected to the Istio sidecar Continue reading

0

The effect of switching to TCMalloc on RocksDB memory use

In previous posts we wrote about our configuration distribution system Quicksilver and the story of migrating its storage engine to RocksDB. This solution proved to be fast, resilient and stable. During the migration process, we noticed that Quicksilver memory consumption was unexpectedly high. After our investigation we found out that the root cause was a default memory allocator that we used. Switching memory allocator improved service memory consumption by almost three times.

Unexpected memory growth

After migrating to RocksDB, the memory used by the application increased significantly. Also, the way memory was growing over time looked suspicious. It was around 15GB immediately after start and then was steadily growing for multiple days, until stabilizing at around 30GB.  Below, you can see a memory consumption increase after migrating one of our test instances to RocksDB.

We started our investigation with heap profiling with the assumption that we had a memory leak somewhere and found that heap size was almost three times less than the RSS value reported by the operating system. So, if our application does not actually use all this memory, it means that memory is ‘lost’ somewhere between the system and our application, which points to possible problems with Continue reading

0

Data-center staffing shortage to spike in coming years

With the predicted growth in the data-center market comes a concurrent need for more staff. According to a report from the Uptime Institute, the number of staff needed to run the world's data centers will grow from around two million in 2019 to nearly 2.3 million by 2025.This estimate covers more than 230 specialist job roles for different types and sizes of data centers, with varying criticality requirements, from design through operation, and across all global regions.Already the industry is bedeviled by staffing shortages. Fifty percent of those surveyed by Uptime Institute said they were currently experiencing difficulties finding candidates for open positions, up from 38% in 2018.To read this article in full, please click here

0

Impact of Centralized Control Plane Partitioning

A long-time reader sent me a series of questions about the impact of WAN partitioning in case of an SDN-based network spanning multiple locations after watching the Architectures part of Data Center Fabrics webinar. He therefore focused on the specific case of centralized control plane (read: an equivalent of a stackable switch) with distributed controller cluster (read: switch stack spread across multiple locations).

0

Impact of Centralized Control Plane Partitioning

A long-time reader sent me a series of questions about the impact of WAN partitioning in case of an SDN-based network spanning multiple locations after watching the Architectures part of Data Center Fabrics webinar. He therefore focused on the specific case of centralized control plane (read: an equivalent of a stackable switch) with distributed controller cluster (read: switch stack spread across multiple locations).

0

Even The World’s Largest Multiuser System Has Its Financial Limits

Watching Amazon Web Services explode on the scene and grow to ginormous size has been a thing to behold. …

Even The World’s Largest Multiuser System Has Its Financial Limits was written by Timothy Prickett Morgan at The Next Platform.

0

Missing Cron Email When Restarting smtpd

I have a cron job that renews an SSL certificate from Let's Encrypt, and then restarts the smtpd daemon so that the new certificate is picked up. This all works fine--as proven by both the presence of a new, valid cert on disk, and smtpd successfully restarting--but cron never sends an email with the output of the job. What gives?

0

The Internet of Trash

It's often a clear signal that we’re in in deep trouble when politicians believe that they need to lend a hand and help out with regulations. Either the actions of the market have failed consumers and some form of public action is necessary to address aspects of this failure, or the situation is so desperately broken and beyond help that the legislature is performing a largely ineffectual action that serves more to disclaim any residual responsibility on the part of the public sector for the mess that we’ve created.

0

azruntime: Manage Azure Infrastructure with Python

I wrote a new Python script called azruntime. It helps me manage my Azure VMs. The script is open-source and should work for anyone who also uses the Azure CLI. azruntime is available on my azure-scripts GitHub repository.

I learned a lot about the Azure Python SDK while working on the azruntime project. In this post, I share what I learned and highlight the more interesting topics like how to find information faster in the Azure Python SDK documentation, Azure authorization, and sorting nested lists by key.

Learning the Azure Python SDK and API

Microsoft offers excellent documentation of all its Azure services, including detailed documentation for the Azure Python SDK. The problem may be that there is so much documentation it is hard to know where to start.

In my opinion, the best place to start is to look at the Azure sample scripts available at the following URL:

• https://docs.microsoft.com/en-ca/samples/browse/

Search by keyword or category. When you find a script that appears to display some of the functionality you want to implement, use a search engine to search for the Azure Python SDK classes and functions you see used in the sample scripts.

This is a faster Continue reading

0

AWS chief Andy Jassy gets top job at Amazon as CEO Bezos steps down

The surprise announcement that Jeff Bezos will leave later this year and hand over the reins to AWS leader Andy Jassy marks a remarkable rise for Jassy. He began as a marketing manager in 1997 and started AWS in 2003.

0

Why Future Advances In AI Need A New Architecture

Businesses will need to adopt AI technologies not just because they can, but because they must – AI is the technology that will help businesses to be agile, innovate, and scale. …

Why Future Advances In AI Need A New Architecture was written by Daniel Robinson at The Next Platform.

0

Arista embraces segmentation as part of its zero-trust security

Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.The new software, Macro-Segmentation Service (MSS)-Group, expands the company’s MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company’s MSS Host focuses on data-center security policies.See how AI can boost data-center availability and efficiency MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision’s network information can be utilized by Arista networking partners including VMware, Microsoft and IBM’s Red Hat.To read this article in full, please click here

0

Arista embraces segmentation as part of its zero-trust security

Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.The new software, Macro-Segmentation Service (MSS)-Group, expands the company’s MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company’s MSS Host focuses on data-center security policies.See how AI can boost data-center availability and efficiency MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision’s network information can be utilized by Arista networking partners including VMware, Microsoft and IBM’s Red Hat.To read this article in full, please click here

0

Arista embraces segmentation as part of its zero-trust security

Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.The new software, Macro-Segmentation Service (MSS)-Group, expands the company’s MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company’s MSS Host focuses on data-center security policies.See how AI can boost data-center availability and efficiency MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision’s network information can be utilized by Arista networking partners including VMware, Microsoft and IBM’s Red Hat.To read this article in full, please click here

0

Internet Society Foundation Awards $1M in Research Grants Studying the Future of the Internet

From the environment to the economy, the Internet is reshaping and disrupting several sectors of our society. What might future patterns of disruption look like? How will these changes affect all of us, particularly those on the margins of society? What new solutions can we generate today, to address the challenges of tomorrow?

At the Internet Society Foundation, we believe the answers to these questions and many others can be found in research. That’s why in September 2020 we announced $1M in grants to support researchers worldwide studying the future and sustainability of the Internet.

Today we’re thrilled to announce the seven awardees. Their projects explore important questions around the Internet’s relationship to society, such as the economic cost of the digital gender gap, the impact of digital labor platforms on worker’s rights, what climate solutions might help decarbonize the subsea cable network, and more.

Learn more about the awardees!

The Research programme is open to independent researchers and research institutions worldwide and is currently accepting statements of interest, to be reviewed on a rolling basis. Grants of up to US$200,000 will be awarded for research lasting up to two years.

---

The Internet Society Foundation was established in 2019 to Continue reading

0

Sponsored Post: 3T, Bridgecrew, Toptal, IP2Location, Ipdata, StackHawk, InterviewCamp.io, Educative, Triplebyte, Stream, Fauna

Who's Hiring? 

• Looking to rapidly hire Top Software Developers? Get Started with Toptal. Toptal will match you with top-quality, pre-screened freelance software developers that meet your project requirements. All in under 48 hours. Get started right away with a no risk trial.


• InterviewCamp.io has hours of system design content. They also do live system design discussions every week. They break down interview prep into fundamental building blocks. Try out their platform.


• Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.


• Need excellent people? Advertise your job here! 

Cool Products and Services

• Discover the MongoDB data masking tool in Studio 3T Enterprise. Enable data compliance and bolster security with powerful field-level data obfuscation. Try for free!


• Bridgecrew is the cloud security platform for developers. By leveraging automation and delivering security-as-code, Bridgecrew empowers teams to find, fix, and prevent misconfigurations in deployed cloud resources and in infrastructure as code. Get started for free!


• IP2Location is IP address geolocation service provider since 2002. The geolocation database or API detects location, proxy and other >20 parameters. Continue reading

0

The Time for Zero Trust Networking is Now

Arista is trusted and powers the world’s largest data centers and cloud providers based on the quality, support and performance of its products. The experience gained from working with over 7000 customers has helped redefine software defined networking and many of our customers have asked us how we plan to address security. To us, security must be a holistic and inherent part of the network. Our customers have been subjected to the fatigue of point products, reactive solutions, proprietary vendor lock-ins and most of all, operational silos created between CloudOps, NetOps, DevOps and SecOps. By leveraging cloud principles, Arista’s cloud network architectures bring disparate operations together to secure all digital assets across client to IoT, campus, data center and cloud protecting them from threats, thefts and compromises.

0

The Time for Zero Trust Networking is Now

Arista is trusted and powers the world’s largest data centers and cloud providers based on the quality, support and performance of its products. The experience gained from working with over 7000 customers has helped redefine software defined networking and many of our customers have asked us how we plan to address security. To us, security must be a holistic and inherent part of the network. Our customers have been subjected to the fatigue of point products, reactive solutions, proprietary vendor lock-ins and most of all, operational silos created between CloudOps, NetOps, DevOps and SecOps. By leveraging cloud principles, Arista’s cloud network architectures bring disparate operations together to secure all digital assets across client to IoT, campus, data center and cloud protecting them from threats, thefts and compromises.