Docker Captain Take 5 – Elton Stoneman

Docker Captains are select members of the community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “Docker Captains Take 5” is a regular blog series where we get a closer look at our Captains and ask them the same broad set of questions ranging from what their best Docker tip is to whether they prefer cats or dogs (personally, we like whales and turtles over here). Today, we’re interviewing Elton Stoneman who has been a Docker Captain since 2016. He is a Container Consultant and Trainer and is based in Gloucestershire, United Kingdom.

How/when did you first discover Docker?

I was consulting as an API Architect, building out the backend services for a new Android device. My role was all about .NET services running in Azure, but we worked as a single team – and the people working on the operating system were using Docker to simplify their build tools. 

I started looking into their setup and I was just stunned at how you could run complex software with a single Docker command – and have it run the same way on any machine. That was way back in 2014, Continue reading

Cloudflare Waiting Room

Cloudflare Waiting Room
Cloudflare Waiting Room

Today, we are excited to announce Cloudflare Waiting Room! It will first be available to select customers through a new program called Project Fair Shot which aims to help with the problem of overwhelming demand for COVID-19 vaccinations causing appointment registration websites to fail. General availability in our Business and Enterprise plans will be added in the near future.

Wait, you’re excited about a… Waiting Room?

Most of us are familiar with the concept of a waiting room, and rarely are we excited about the idea of being in one. Usually our first experience of one is at a doctor’s office — yes, you have an appointment, but sometimes the doctor is running late (or one of the patients was). Given the doctor can only see one person at a time… the waiting room was born, as a mechanism to queue up patients.

While servers can handle more concurrent requests than a doctor can, they too can be overwhelmed. If, in a pre-COVID world, you’ve ever tried buying tickets to a popular concert or event, you’ve probably encountered a waiting room online. It limits requests inbound to an application, and places these requests into a virtual queue. Once the number Continue reading

Network-layer DDoS attack trends for Q4 2020

Network-layer DDoS attack trends for Q4 2020
Network-layer DDoS attack trends for Q4 2020

DDoS attack trends in the final quarter of 2020 defied norms in many ways. For the first time in 2020, Cloudflare observed an increase in the number of large DDoS attacks. Specifically, the number of attacks over 500Mbps and 50K pps saw a massive uptick.

In addition, attack vectors continued to evolve, with protocol-based attacks seeing a 3-10x increase compared to the prior quarter. Attackers were also more persistent than ever — nearly 9% of all attacks observed between October and December lasted more than 24 hours.

Below are additional noteworthy observations from the fourth quarter of 2020, which the rest of this blog explores in greater detail.

  • Number of attacks: For the first time in 2020, the total number of attacks observed in Q4 decreased compared to the prior quarter.
  • Attack duration: 73% of all attacks observed lasted under an hour, a decrease from 88% in Q3.
  • Attack vectors: While SYN, ACK, and RST floods continued to be the dominant attack vectors deployed, attacks over NetBIOS saw a whopping 5400% increase, followed by those over ISAKMP and SPSS.
  • Global DDoS activity: Our data centers in Mauritius, Romania, and Brunei recorded the highest percentages of DDoS activity relative to non-attack Continue reading

Intel’s Datacenter Decline Not As Bad As Expected

Incoming chief executive officer and long-time Intel employee Pat Gelsinger is talking the helm of a chip company that has plenty of issues to sort out, but there is some good news as Intel reports its financial results for the fourth quarter of 2020 and Gelsinger gets ready to take over.

Intel’s Datacenter Decline Not As Bad As Expected was written by Timothy Prickett Morgan at The Next Platform.

How a Linux migration led to the creation of Amazon Web Services

Dan Rose, chairman of Coatue Ventures and Coatue Growth, posted a thread on Twitter the other day, 280 characters or less at a time, in which he chronicled how it came about that AWS infrastructure is built on Linux.Rose was at Amazon from 1999 to 2006, where he managed retail divisions and helped incubate the Kindle reader before moving to Facebook. So he was at Amazon in 2000 when the internet bubble popped,and one high-flying dot-com after another was shriveling up and dying, having burned through ridiculous amounts of capital on luxurious offices while often having nothing by way of a product to show for it.To read this article in full, please click here

Car Warranty vs Technology Service Contract

I’ve been struggling with the value of service contracts on IT equipment for some time now. As a rule of thumb, service contracts on IT infrastructure cost ~30% of the purchase price. This means that over three years of ownership you will pay the purchase price again. Which is quite a thing. I’m struggling to […]

Using New Ansible Utilities for Operational State Management and Remediation

Comparing the current operational state of your IT infrastructure to your desired state is a common use case for IT automation.  This allows automation users to identify drift or problem scenarios to take corrective actions and even proactively identify and solve problems.  This blog post will walk through the automation workflow for validation of operational state and even automatic remediation of issues.

We will demonstrate how the Red Hat supported and certified Ansible content can be used to:

  • Collect the current operational state from the remote host and convert it into normalised structure data.
  • Define the desired state criteria in a standard based format that can be used across enterprise infrastructure teams.
  • Validate the current state data against the pre-defined criteria to identify if there is any deviation.
  • Take corrective remediation action as required.
  • Validate input data as per the data model schema

 

Gathering state data from a remote host:

The recently released ansible.utils version 1.0.0 Collection has added support for ansible.utils.cli_parse module, which converts text data into structured JSON format.  The module has the capability to either execute the command on the remote endpoint and fetch the text response, or Continue reading

Using New Ansible Utilities for Operational State Management and Remediation

Comparing the current operational state of your IT infrastructure to your desired state is a common use case for IT automation.  This allows automation users to identify drift or problem scenarios to take corrective actions and even proactively identify and solve problems.  This blog post will walk through the automation workflow for validation of operational state and even automatic remediation of issues.

We will demonstrate how the Red Hat supported and certified Ansible content can be used to:

  • Collect the current operational state from the remote host and convert it into normalised structure data.
  • Define the desired state criteria in a standard based format that can be used across enterprise infrastructure teams.
  • Validate the current state data against the pre-defined criteria to identify if there is any deviation.
  • Take corrective remediation action as required.
  • Validate input data as per the data model schema

 

Gathering state data from a remote host:

The recently released ansible.utils version 1.0.0 Collection has added support for ansible.utils.cli_parse module, which converts text data into structured JSON format.  The module has the capability to either execute the command on the remote endpoint and fetch the text response, or Continue reading

VMware takes an executive talent hit but can handle it

The news that Pat Gelsinger is departing as CEO of VMware to take over at Intel generated a positive response for Intel and an equally negative response for VMware. Intel's stock jumped 7% on the day of the news, while VMware's stock fell 7%, and investment bank Piper Sandler slashed its VMware price target from $178 down to $157.Most of the discussion has been around Gelsinger and his return to Intel. VMware, meanwhile, has been overlooked in the process. So what's the outlook for VMware, which has lost more talent than just its CEO in recent months? To read this article in full, please click here

Wi-Fi 6E: When it’s coming and what it’s good for

This spring the FCC opened up a new swath of unlicensed wireless spectrum in the 6GHz band that’s intended for use with Wi-Fi and can provide lower latency and faster data rates. The new spectrum also has a shorter range and supports more channels than bands that were already dedicated to Wi-Fi, making it suitable for deployment in high-density areas like stadiums.To read this article in full, please click here(Insider Story)

Test and review of 4 Wi-Fi 6 routers: Who’s the fastest?

One of the most anticipated features of Wi-Fi 6 wireless routers is improved throughput over their Wi-Fi 5 predecessors, and we wanted to check whether they deliver. Wi-Fi resources How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it’s coming and what it’s good for Four vendors – Extreme, Cisco, EnGenius and Meraki (owned by Cisco) – provided access points (AP) for our test. Since the routers support both Wi-Fi 5 (802.11ac) and Wi-Fi 6 (802.11ax), we tested them against two Wi-Fi 5 and two Wi-Fi 6 clients and recorded the average throughput and the peak throughput during one-minute tests.To read this article in full, please click here

How-to measure enterprise Wi-Fi speeds

There are many ways to evaluate the speed of your wireless LAN (WLAN), whether you’re trying to troubleshoot issues, ensure bandwidth-intensive clients will work well, fine-tune the performance, or just curious about your Wi-Fi speeds. Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who’s the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it’s coming and what it’s good for The simple Internet-speed apps or websites can be useful, but sometimes you need to measure the actual Wi-Fi throughput. For this you usually need a testing platform with a server and clients.To read this article in full, please click here

VMware takes an executive talent hit but can handle it

The news that Pat Gelsinger is departing as CEO of VMware to take over at Intel generated a positive response for Intel and an equally negative response for VMware. Intel's stock jumped 7% on the day of the news, while VMware's stock fell 7%, and investment bank Piper Sandler slashed its VMware price target from $178 down to $157.Most of the discussion has been around Gelsinger and his return to Intel. VMware, meanwhile, has been overlooked in the process. So what's the outlook for VMware, which has lost more talent than just its CEO in recent months? To read this article in full, please click here

How Important is BGP RPKI?

Corey Quinn mentioned me in a tweet linking to AWS announcement that they are the biggest user of BGP RPKI (by the size of signed address space) worldwide. Good for them – I’m sure it got their marketing excited. It’s also trivial to do once you have the infrastructure in place. Just saying…

On a more serious front: how important is RPKI and what misuses can it stop?

If you’ve never heard of RPKI, the AWS blog post is not too bad, Nick Matthews wrote a “look grandma, this is how it works” version in 280-character installments, and you should definitely spend some time exploring MANRS resources. Here’s a short version for differently-attentive ;))

Read more …

How Important is BGP RPKI?

Corey Quinn mentioned me in a tweet linking to AWS announcement that they are the biggest user of BGP RPKI (by the size of signed address space) worldwide. Good for them – I’m sure it got their marketing excited. It’s also trivial to do once you have the infrastructure in place. Just saying…

On a more serious front: how important is RPKI and what misuses can it stop?

If you’ve never heard of RPKI, the AWS blog post is not too bad, Nick Matthews wrote a “look grandma, this is how it works” version in 280-character installments, and you should definitely spend some time exploring MANRS resources. Here’s a short version for differently-attentive ;))

Read more …

Cisco tags critical security holes in SD-WAN software

Cisco has noted and fixed two critical and a number of high-degree vulnerabilities in its SD-WAN software portfolio.Most of the vulnerabilities could let an authenticated attacker execute command injection attacks against an affected device, which could let the attacker utilize root privileges on the device.The first critical problem–with a Common Vulnerability Scoring System rating of 9.9 out of 10–is  vulnerability in the web-based management interface of Cisco SD-WAN vManage Software. “This vulnerability is due to improper input validation of user-supplied input to the device template configuration,” Cisco stated. “An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to gain root-level access to the affected system.”To read this article in full, please click here

Cisco tags critical security holes in SD-WAN software

Cisco has noted and fixed two critical and a number of high-degree vulnerabilities in its SD-WAN software portfolio.Most of the vulnerabilities could let an authenticated attacker execute command injection attacks against an affected device, which could let the attacker utilize root privileges on the device.The first critical problem–with a Common Vulnerability Scoring System rating of 9.9 out of 10–is  vulnerability in the web-based management interface of Cisco SD-WAN vManage Software. “This vulnerability is due to improper input validation of user-supplied input to the device template configuration,” Cisco stated. “An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to gain root-level access to the affected system.”To read this article in full, please click here

1 825 826 827 828 829 3,859