NTC – A Conversation With Daren Fulwell
In this podcast, we sit down with Daren Fulwell. Daren is a long-time network engineer, CCIE and CCDE, and is now a network automation evangelist. Tune in to hear about not only Daren’s journey, but a great discussion dissecting the intersection of SDN, intent-based networking, and how we need more focus on understanding operational processes and workflows to really make a dent within a network automation journey.
Reference Links:
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post NTC – A Conversation With Daren Fulwell appeared first on Network Collective.
Taking Your App Live with Docker and the Uffizzi App Platform
Tune in December 10th 1pm EST for our
Live DockTalk: Simplify Hosting Your App in the Cloud with Uffizzi and Docker
We’re excited to be working with Uffizzi on this joint blog. Docker and Uffizzi have very similar missions that naturally complement one another. Docker helps you bring your ideas to life by reducing the complexity of application development and Uffizzi helps you bring your ideas to life by reducing the complexity of cloud application hosting.
This blog is a step-by-step guide to setting up automated builds from your Github repo via Docker Hub and enabling Continuous Deployment to your Uffizzi app hosting environment.
Prerequisites
To complete this tutorial, you will need the following:
- Free Docker Account
- You can sign-up for a free Docker account and receive free unlimited public repositories
- An IDE or text editor to use for editing files. I would recommend VSCode
- Free Uffizzi App Platform Account
- Free Github Account
Docker Overview
Docker is an open platform for developing, shipping, and running applications. Docker containers separate your applications from your infrastructure so you can deliver software quickly.
With Docker, you can manage your infrastructure in the same ways you manage your applications. By Continue reading
Automated Origin CA for Kubernetes
In 2016, we launched the Cloudflare Origin CA, a certificate authority optimized for making it easy to secure the connection between Cloudflare and an origin server. Running our own CA has allowed us to support fast issuance and renewal, simple and effective revocation, and wildcard certificates for our users.
Out of the box, managing TLS certificates and keys within Kubernetes can be challenging and error prone. The secret resources have to be constructed correctly, as components expect secrets with specific fields. Some forms of domain verification require manually rotating secrets to pass. Once you're successful, don't forget to renew before the certificate expires!
cert-manager is a project to fill this operational gap, providing Kubernetes resources that manage the lifecycle of a certificate. Today we're releasing origin-ca-issuer, an extension to cert-manager integrating with Cloudflare Origin CA to easily create and renew certificates for your account's domains.
Origin CA Integration
Creating an Issuer
After installing cert-manager and origin-ca-issuer, you can create an OriginIssuer resource. This resource creates a binding between cert-manager and the Cloudflare API for an account. Different issuers may be connected to different Cloudflare accounts in the same Kubernetes cluster.
apiVersion: cert-manager.k8s.cloudflare.com/v1
kind: OriginIssuer
metadata:
Continue readingVideo: Getting a Packet Across a Network
After (hopefully) agreeing on what routing, bridging, and switching are, let’s focus on the first important topic in this area: how do we get a packet across the network? Yet again, there are three fundamentally different technologies:
- Source node knows the full path (source routing)
- Source node opens a path (virtual circuit) to the destination node and uses that path to send traffic
- The network performs hop-by-hop destination-address-based packet forwarding.
More details in the Getting Packets Across the Network video.
Video: Getting a Packet Across a Network
After (hopefully) agreeing on what routing, bridging, and switching are, let’s focus on the first important topic in this area: how do we get a packet across the network? Yet again, there are three fundamentally different technologies:
- Source node knows the full path (source routing)
- Source node opened a path (virtual circuit) to the destination node and uses that path to send traffic
- The network performs hop-by-hop destination-address-based packet forwarding.
More details in the Getting Packets Across the Network video.
How Better Network Visibility Can Reduce Customer Churn
By instrumenting the network and using additional data sources, IT can maintain high-quality access to critical applications and create a positive end-user experience.What Put LLNL at the Center of U.S. Supercomputing in 2020?
The HPC world, particularly in the U.S. is waiting for the next series of transitions to far larger machines with exascale capabilities. …
What Put LLNL at the Center of U.S. Supercomputing in 2020? was written by Nicole Hemsoth at The Next Platform.
IPv6 Buzz 064: The Ghosts Of IPv6
Today's IPv6 Buzz explores some of the RFCs and vendor technologies that didn't quite make it as IPv6 evolved.IPv6 Buzz 064: The Ghosts Of IPv6
Today's IPv6 Buzz explores some of the RFCs and vendor technologies that didn't quite make it as IPv6 evolved.
The post IPv6 Buzz 064: The Ghosts Of IPv6 appeared first on Packet Pushers.
Intel’s First Discrete Xe Server GPU Aimed At Hyperscalers
We have been waiting for years to see the first discrete Xe GPU from Intel that is aimed at the datacenter, and as it turns out, the first one is not the heavy compute engine we have been anticipating, but rather a souped up version of the Iris Xe LP and Iris Max Xe LP graphics cards that were launch at the end of October, which themselves are essentially the GPU extracted from the hybrid CPU-GPU “Tiger Lake” Core i9 processors for PC clients. …
Intel’s First Discrete Xe Server GPU Aimed At Hyperscalers was written by Timothy Prickett Morgan at The Next Platform.
Rate Limiting Questions? We have answers
As we have been implementing rate limiting on Docker Hub for free anonymous and authenticated image pulls, we’ve heard a lot of questions from our users about how this will affect them. And we’ve also heard a number of statements that are inaccurate or misleading about the potential impacts of the change. We want to provide some answers here to help Docker users clearly understand the changes, quantify what is involved, and help developers choose the right Docker subscription for their needs.
First let’s look at the realities of what rate limiting looks like, and quantify what is still available for free to authenticated Docker users. Anyone can use a meaningful number of Docker Hub images for free. Anonymous, unauthenticated Docker users get 100 container pull requests per six hours. And when a user signs up for a free Docker ID, they get 2X the quantity of pulls. At 200 pulls per six hours, that is approximately 24,000 container image pulls per month per free Docker ID. This egress level is adequate for the bulk of the most common Docker Hub usage by developers. (Docker users can check their usage levels at any time through the command line. Docker developer Continue reading
Real-time network telemetry for automation
The video discusses telemetry and requirements for network automation, providing an overview of sFlow measurement architecture and a discussion of recently added packet drop monitoring functionality, and ending with a live demonstration of GPU compute cluster analytics. The slides from the video are available here.
New Features in MANRS Observatory: More Informative, Intuitive, and Easy to Use
In August 2019, the Internet Society supported the Mutually Agreed Norms for Routing Security (MANRS) initiative by creating a platform to visualize its members’ routing security data from around the globe. The MANRS Observatory’s interactive dashboard allows networks to check their progress in improving their routing security.
Last week, we updated some key features of the MANRS Observatory guided by member feedback. Below we share a summary of those changes.
Please note, detailed statistics and reports for specific networks are only available to MANRS participants. Your organization can become an MANRS member for free, and join a global group of people committed to making the Internet safer for us all. Find out how.
MANRS Observatory 3.0.1: Latest updates
- Shorter reporting cycle
- Improved favorite functionality
- Access to RIPEstat widget
- Change to how we round numbers
1. Shorter reporting cycle
Previously the MANRS Observatory provided status report updates up to 31 days after members’ had added their latest figures. While this wasn’t a real problem when looking at general trends, it was an issue for network operators who use the platform to check their network conformance. It was also an issue for the MANRS team, as we Continue reading
Network Automation Can Relieve Network Engineers Stretched Thin by Covid-19
The network has never been more vulnerable. Covid-19 has flung users out from the data center to home offices—where they are accessing critical systems, applications, and other users from unsecured devices and WiFi connections. As a result, it’s all hands on deck for IT, with network engineers deputized as IT support staff in a mad rush to give remote users fast and reliable, yet secure, access to the tools and information they need.
But what of the regular duties of these engineers? They are being pushed back in favor of new priorities—stretching network engineering resources, already spread thin, to the breaking point.
Enter network automation. VMware NSX-T allows organizations to automate and simplify operations in the age of Covid. Tasks that were once performed manually through the UI or CLI can now be automated with the NSX API—creating the foundation for dynamic, flexible and responsive network architectures that can support a world where users, devices, applications and data connect across private, public and hybrid cloud environments.
Networking professionals who want to learn more about how to automate operations should check out the following on-demand sessions from VMworld:
NSX-T Network Automation: What To Do When You Have Continue reading
Spack Packs Deployment Boost for Top Supercomputers
Although hardware gets all the attention during Supercomputing week, much has been happening behind the scenes to make all the software run on the latest, fastest systems. …
Spack Packs Deployment Boost for Top Supercomputers was written by Nicole Hemsoth at The Next Platform.
UK Black History Month at Cloudflare
In February 2019, I started my journey at Cloudflare. Back then, we lived in a COVID-19 free world and I was lucky enough, as part of the employee onboarding program, to visit our San Francisco HQ. As I took my first steps into the office, I was greeted by a beautiful bouquet of Protea flowers at the reception desk. Being from South Africa, seeing our national flower instantly made me feel at home and welcomed to the Cloudflare family - this memory will always be with me.
Later that day, I learnt it was Black History Month in the US. This celebration included African food for lunch, highlights of Black History icons on Cloudflare’s TV screens, and African drummers. At Cloudflare, Black History Month is coordinated and run by Afroflare, one of many Employee Resource Groups (ERGs) that celebrates diversity and inclusion. The excellent delivery of Black History Month demonstrated to me how seriously Cloudflare takes Black History Month and ERGs.
Today, I am one of the Afroflare leads in the London office and led this year’s UK Black History Month celebration. 2020 has been a year of historical events, which made this celebration uniquely significant. George Floyd’s murder Continue reading