0

Introducing Cloudflare Pages: the best way to build JAMstack websites

Across multiple cultures around the world, this time of year is a time of celebration and sharing of gifts with the people we care the most about. In that spirit, we thought we'd take this time to give back to the developer community that has been so supportive of Cloudflare for the last 10 years.

Today, we’re excited to announce Cloudflare Pages: a fast, secure and free way to build and host your JAMstack sites.

Today, the path from an idea to a website is paved with good intentions

Websites are the way we express ourselves on the web. It doesn’t matter if you’re a hobbyist with a blog, or the largest of corporations with millions of customers — if you want to reach people outside the confines of 140 280 characters, the web is the place to be.

As a frontend developer, it’s your responsibility to bring this expression to life. And make no mistake — with so many frontend frameworks, tooling, and static site generators at your disposal — it’s a great time to be in your line of work.

That is, of course, right up until the point when you’re ready to show your work off Continue reading

0

Migrating to Ansible Collections (Webinar Q&A)

Sean Cavanaugh, Anshul Behl and I recently hosted a webinar entitled “Migrating to Ansible Collections” (link to YouTube on-demand webinar replay and link to PDF slides download). This webinar was focused on enabling the Ansible Playbook writers, looking to move to the wonderful world of Ansible Collections in existing Ansible 2.9 environments and beyond.

 

The webinar was much more popular than we expected, so much so we didn’t have enough time to answer all the questions, so we took all the questions and put them in this blog to make them available to everyone.

 

I would like to use Ansible to automate an application using a REST API (for example creating a new bitbucket project). Should I be writing a role or a custom module? And should I then publish that as a Collection?    

It depends on how much investment you’d like to make into the module or role that you develop. For example, creating a role that references the built-in Ansible URI module can be evaluated versus creating an Ansible module written in Python. If you were to create a module, it can be utilized via a role developed by you or the playbook author. Continue reading

0

Build Your Virtual Lab Faster with netlab

I love my new Vagrant+Libvirt virtual lab environment – it creates virtual machines in parallel and builds labs much faster than my previous VirtualBox-based setup. Eight CPU cores and 32 GB of RAM in my Intel NUC don’t hurt either.

However, it’s still ridiculously boring to set up a new lab. Vagrantfiles describing the private networks I need for routing protocol focused network simulations are a mess to write, and it takes way too long to log into all the devices, configure common parameters, enable interfaces…

0

Build Your Virtual Lab Faster with My Network Simulation Tools

I love my new Vagrant+Libvirt virtual lab environment – it creates virtual machines in parallel and builds labs much faster than my previous VirtualBox-based setup. Eight CPU cores and 32 GB of RAM in my Intel NUC don’t hurt either.

However, it’s still ridiculously boring to set up a new lab. Vagrantfiles describing the private networks I need for routing protocol focused network simulations are a mess to write, and it takes way too long to log into all the devices, configure common parameters, enable interfaces…

0

Flask web app tutorial for network engineers

Most network engineers don’t need to create web sites but they may, like me, want to convert their existing Python command-line programs into web apps so others can use them more easily. This tutorial presents the minimum you need to know about Python, Flask, and the Bootstrap CSS framework to create a practical web app that looks professional.

This tutorial covers a different type of use-case than is usually demonstrated in Flask tutorials aimed at beginners. It shows you how to create a web app that “wraps up” another Python program’s functionality.

I will show you how to use the Flask framework to build a web app that re-uses code from my Usermapper program and enables users to run it on a website, instead of installing and running it locally on their PC. You will create a “usermapper-as-a-service” application, served as a responsive web app that looks good on computer screens, tablets, and mobile phones.

I wrote this tutorial while I was learning Flask and developing my usermapper-web Flask application. It was written by a beginner, for other beginners. It walks through topics in the order in which I learned them. I hope you find this approach to be readable Continue reading

0

Get Your Technology Teams Thinking Like the Customer

CIOs must bring customer metrics into their technology teams and wire the voice of the customer into the business processes that they design and automate.

0

Automated, Simplified DNS Troubleshooting for Kubernetes: Only in Calico Enterprise

The Domain Name System (DNS) is a naming system for computers, services, or other resources connected to the Internet or a private network. DNS translates domain names to the numerical IP addresses needed for locating and identifying computer services and devices. For decades It’s been an essential component of the Internet. It’s an essential part of Kubernetes as well, and is used to determine how workloads connect to Kubernetes services as well as resources outside the cluster.

DNS also happens to be a common source of outages and issues in Kubernetes clusters. When applications are not working as expected, the root cause is often DNS-related. However, debugging and troubleshooting DNS issues in Kubernetes environments is not a trivial task given the limited amount of information Kubernetes provides for DNS queries.

Lacking the necessary visibility into the cluster to correlate a DNS query or reply with a specific workload, for example, you are left in the dark. Without Kubernetes context, you are unable to capture even the most fundamental information needed for troubleshooting, such as the type of DNS query (or reply) or the source of the query.

Figure: The DNS Dashboard from Tigera helps Kubernetes teams more quickly confirm or Continue reading

0

Tech Bytes: Accelerating Cloud Applications With Riverbed’s Cloud SteelHead (Sponsored)

Today's Tech Bytes is a customer story with sponsor Riverbed. It’s a tale of latency and its impact on network performance when moving applications to cloud. Our guests from Riverbed are Aly Walowski, whose title is roughly “Cloud Goddess” at Riverbed; and Jack Sweeney, Major Account Manager.

0

Tech Bytes: Accelerating Cloud Applications With Riverbed’s Cloud SteelHead (Sponsored)

Today's Tech Bytes is a customer story with sponsor Riverbed. It’s a tale of latency and its impact on network performance when moving applications to cloud. Our guests from Riverbed are Aly Walowski, whose title is roughly “Cloud Goddess” at Riverbed; and Jack Sweeney, Major Account Manager.

The post Tech Bytes: Accelerating Cloud Applications With Riverbed’s Cloud SteelHead (Sponsored) appeared first on Packet Pushers.

0

Cisco takes additional steps to fight counterfeit network gear

Looking to counter the growing sophistication of counterfeit networking products, Cisco recently added new layers to protect customers.“Counterfeiting hardware and software is an illegal and lucrative trade which leads to an estimated $100B loss of revenue annually across IT industries. As one of the largest and most reputable brands in the world, Cisco is often a target of counterfeiters,” said Al Palladin, legal director and  head of Global Brand Protection at Cisco.Counterfeiting presents serious risks to network quality, performance, safety, and reliability. It is dangerous because counterfeit products are not designed or built to meet the same safety standard certifications that genuine Cisco products attain, he said.To read this article in full, please click here

0

The Hedge Podcast #64: Brian Keys and Burnout

Burnout stalks most network engineers—and most people in the world of information technology—striking at least once in every career, it seems, and often more than once. In this episode, Brian Keys joins Eyvonne Sharp, Tom Ammon, and Russ White to discuss his personal experience with burnout. The discussion then turns to general strategies and ideas for avoiding burnout on a day-to-day basis.

download

0

Download and Try the Tech Preview of Docker Desktop for M1

Last week, during the Docker Community All Hands, we announced the availability of a developer preview build of Docker Desktop for Macs running on M1 through the Docker Developer Preview Program. We already have more than 1,000 people testing these builds as of today. If you’re interested in joining the program for future releases you should do it today!

As I’m sure you know by now, Apple has recently shipped the first Macs based on the new Apple M1 chips. Last month my colleague Ben shared our roadmap for building a Docker Desktop that runs on this new hardware. And I’m delighted to tell you that today we have a public preview that you can download and try out.

Like many of you, we at Docker have been super excited to receive and code with these new computers: they just feel so fast! We also know that Docker Desktop is a key part of the development cycle for over 3M developers using Docker Desktop with over half of you on Macs. To support all our Mac users we’ve been working hard to get Docker Desktop ready to run on the new M1 hardware. It is not release quality yet, or Continue reading

0

Trend data on the SolarWinds Orion compromise

On Sunday, December 13, FireEye released a report on a sophisticated supply chain attack leveraging SolarWinds' Orion IT monitoring software. The malware was distributed as part of regular updates to Orion and had a valid digital signature.

One of the notable features of the malware is the way it hides its network traffic using a multi-staged approach. First, the malware determines its command and control (C2) server using a domain generation algorithm (DGA) to construct and resolve a subdomain of avsvmcloud[.]com.

These algorithmically generated strings are added as a subdomain of one of the following domain names to create a new fully-qualified domain name to resolve:

.appsync-api[.]eu-west-1[.]avsvmcloud[.]com
.appsync-api[.]us-west-2[.]avsvmcloud[.]com
.appsync-api[.]us-east-1[.]avsvmcloud[.]com
.appsync-api[.]us-east-2[.]avsvmcloud[.]com

An example of such a domain name might look like: hig4gcdkgjkrt24v6isue7ax09nksd[.]appsync-api[.]eu-west-1[.]avsvmcloud[.]com

The DNS query response to a subdomain of one of the above will return a CNAME record that points to another C2 domain, which is used for data exfiltration. The following subdomains were identified as the C2 domains used for data exfiltration:

freescanonline[.]com
deftsecurity[.]com
thedoccloud[.]com
websitetheme[.]com
highdatabase[.]com
incomeupdate[.]com
databasegalore[.]com
panhardware[.]com
zupertech[.]com
virtualdataserver[.]com
Continue reading

0

Day Two Cloud 079: Kubernetes Is Inevitable But Not Always Necessary

There's a lot of hype and fanfare around Kubernetes, but on today's Day Two Cloud episode we'll cut through the hype with a guest who has enterprise experience with Kubernetes and containers--including the pain and problems. Those pains revolve around complexity, the ignorance of the Kubernetes platform, and the disconnect between the designers of Kubernetes and the people trying to use it now. Our guest is Eric Wright, Technology Evangelist at Turbonomic and host of the DiscoPosse podcast.

0

Day Two Cloud 079: Kubernetes Is Inevitable But Not Always Necessary

There's a lot of hype and fanfare around Kubernetes, but on today's Day Two Cloud episode we'll cut through the hype with a guest who has enterprise experience with Kubernetes and containers--including the pain and problems. Those pains revolve around complexity, the ignorance of the Kubernetes platform, and the disconnect between the designers of Kubernetes and the people trying to use it now. Our guest is Eric Wright, Technology Evangelist at Turbonomic and host of the DiscoPosse podcast.

The post Day Two Cloud 079: Kubernetes Is Inevitable But Not Always Necessary appeared first on Packet Pushers.

0

Ode to Networking 0x00000011 – Did it Once

We’ve all done it once The old buggers say Powered down the data centre  by accident one day Today its a lot harder to do because people like me  have all done it once Now no one does it just once And no one remembers  Why the power system  Is done that way

0

EU Internet Society Chapters Call on European Commission to Follow the Path of Strong Encryption. Here’s Why You Should Too.

Internet Society Chapters in Europe are warning the European Commission that its recent plea for Member States to help find ways to access encrypted communications could make millions of citizens and countries more vulnerable to harm and terrorism online.

Representing digital security experts who share the Internet Society’s mission for a bigger and stronger Internet, several EU chapters issued statements expressing concern about the danger of the Commission’s request for backdoor access to encrypted communications in its Counter Terrorism Agenda. It was announced the same week the European Medicines Agency was victim to a major data breach when cyber attackers unlawfully accessed sensitive documents about COVID-19 vaccines.

End-to-end encryption is crucial to the security of European citizens, its economy, and the national security of its Member States. It is our strongest digital security tool online because it keeps data and communications private between the sender and receiver. Even the European Commission relies on Signal, an end-to-end encrypted messaging app, to secure its communications.

A recent report signed by over 50 leading cybersecurity experts shows how there is no way to give law enforcement access to end-to-end encrypted communications without putting all users at risk.

Encryption backdoors are dangerous because Continue reading

0

Lenovo unveils hybrid-cloud management tools

Lenovo Data Center Group has released new storage and data-management tools designed to boost performance and improve monitoring and analytic capabilities across enterprise systems that span the edge, data center and cloud.The enhancements include a new all-flash storage array with end-to-end NVMe support, an updated cloud-based management platform, and a new fibre channel switch. READ MORE: HP Enterprise expands GreenLake to cover HPC systems Lenovo ThinkSystem DM5100F The new Lenovo ThinkSystem DM5100F is high-performance, low-latency, all-NVMe storage at an affordable price point, designed to enhance analytics and AI deployments while accelerating applications' access to data. It's capable of delivering up to 45% improved performance compared to prior models, according to Lenovo.To read this article in full, please click here

0

Lenovo unveils hybrid-cloud management tools

Lenovo Data Center Group has released new storage and data-management tools designed to boost performance and improve monitoring and analytic capabilities across enterprise systems that span the edge, data center and cloud.The enhancements include a new all-flash storage array with end-to-end NVMe support, an updated cloud-based management platform, and a new fibre channel switch. READ MORE: HP Enterprise expands GreenLake to cover HPC systems Lenovo ThinkSystem DM5100F The new Lenovo ThinkSystem DM5100F is high-performance, low-latency, all-NVMe storage at an affordable price point, designed to enhance analytics and AI deployments while accelerating applications' access to data. It's capable of delivering up to 45% improved performance compared to prior models, according to Lenovo.To read this article in full, please click here

0

Making LLDP Work with Linux Bridge

Last week I described how I configured PVLAN on a Linux bridge. After checking the desired partial connectivity with ios_ping I wanted to verify it with LLDP neighbors. Ansible ios_facts module collects LLDP neighbor information, and it should be really easy using those facts to check whether port isolation works as expected.

---
- name: Display LLDP neighbors on selected interface
  hosts: all
  gather_facts: true
  vars:
    target_interface: GigabitEthernet0/1
  tasks:
  - name: Display neighbors gathered with ios_facts
    debug:
      var: ansible_net_neighbors[target_interface]

Alas, none of the routers saw any neighbors on the target interface.