NetworkingNexus.net

Iron Chef: Certification Edition

My friend Joshua Williams (@802DotMe) texted me today with a great quote that I wanted to share with you that made me think about certifications:

You’ve probably already thought through this extensively, and maybe even written about it, but after sitting through another 8 hour practical exam yesterday I’m more convinced than ever that expert level exams from technical companies are more analogous to a gimmicky Food Network TV show than real world application of technical acumen. They don’t care so much about my skill level as they do about what kind of meal I can prepare in 30 minutes using Tialapia, grapes, and Dr. Pepper syrup with my salt shaker taken away halfway through.

I laughed because it’s true. And then I thought about it more and realized he’s way more than right. We know for a fact that companies love to increase the level of challenge in their exams from novice to expert. It’s a way to weed out the people that aren’t committed to learning about something. However, as the questions and tasks get harder it becomes much more difficult to get a good sense of how candidates are going to perform.

Boiling Water Isn’t Continue reading

Weekend Reads 082820

CENTR has published a white paper separating registry lock services into two standardized models. This categorization and the included recommendations can help top-level domain registries (re)design their registry lock services.

Simply stated: No matter how sophisticated your security software is, data cannot be simultaneously used and secured. But that may be changing soon.

Blockchain technology is going to change everything: the shipping industry, the financial system, government … in fact, what won’t it change? But enthusiasm for it mainly stems from a lack of knowledge and understanding. The blockchain is a solution in search of a problem.

Or you could reduce all of that complexity to a single roll of 25 dice into a plastic box.

Multitenancy is a common pattern in Kubernetes. Many organizations deploy Kubernetes-as-a-Service, where one cluster houses many tenants and workloads. This pattern might sound familiar, as cloud computing services like AWS, Azure, and GCP have enabled multiple customers (tenants) to run their business-critical workloads in a single cluster for years.

As gaming grows in stature in the lives of Americans during the pandemic, it has highlighted the extraordinary grip that two of the four tech companies under investigation have over the white-hot industry.

In general Continue reading

Asynchronous HTMLRewriter for Cloudflare Workers

Last year, we launched HTMLRewriter for Cloudflare Workers, which enables developers to make streaming changes to HTML on the edge. Unlike a traditional DOM parser that loads the entire HTML document into memory, we developed a streaming parser written in Rust. Today, we’re announcing support for asynchronous handlers in HTMLRewriter. Now you can perform asynchronous tasks based on the content of the HTML document: from prefetching fonts and image assets to fetching user-specific content from a CMS.

How can I use HTMLRewriter?

We designed HTMLRewriter to have a jQuery-like experience. First, you define a handler, then you assign it to a CSS selector; Workers does the rest for you. You can look at our new and improved documentation to see our supported list of selectors, which now include nth-child selectors. The example below changes the alternative text for every second image in a document.

async function editHtml(request) {
  return new HTMLRewriter()
     .on("img:nth-child(2)", new ElementHandler())
     .transform(await fetch(request))
}

class ElementHandler {
   element(e) {
      e.setAttribute("alt", "A very interesting image")
   }
}

Since these changes are applied using streams, we maintain a low TTFB (time to first byte) and users never know the HTML was transformed. If you’re interested in how we’re Continue reading

Video: Networks Are Not Homogenous

The last Fallacy of Distributed Computing I addressed in the introductory part of How Networks Really Work webinar was The Network Is Homogenous. No, it’s not and it never was… for more details watch this video.

You need Free ipSpace.net Subscription to watch the video.

Navigating the open network operating systems space

Subscribe to Kernel of Truth on iTunes, Google Play, Spotify, Cast Box and Sticher!

Click here for our previous episode.

Some of your favorites are back together on this episode of the Kernel of Truth podcast— specifically Roopa Prabhu, Brian O’Sullivan and Pete Lumbis. Things have changed a little around here since the last time the three of them were chatting together on the podcast but one thing hasn’t, how much they love to talk all things open networking. In this episode the group talks about how to navigate the open networking operating systems space. From figuring out how to choose an open network operating system, to understanding what works best for deployments, and even what resources and communities are out there for you to tap into. We have it all here for you to help you get started. All you have to do is sit back and enjoy the episode and don’t forget to also check out the links below with resources referenced in the podcast.

Guest Bios

Roopa Prabhu: Roopa is a Linux Architect at NVIDIA, formally Cumulus Networks. She and her team work on all things kernel networking and Linux system infrastructure areas. Her primary Continue reading

Pure Storage unveils an all-flash hybrid-storage killer

All-flash storage arrays are fairly common in the most mission-critical of environments, where response time is of the essence. But if you move a step down to where archival activity takes place, there are still plenty of hard-disk/flash hybrid storage arrays.That’s because hard-disk drives have retained one advantage over flash: capacity. HDDs from Seagate and Western Digital are pushing into the 20TB range for a whole lot less than a comparable flash drive.But Pure Storage thinks the second generation of its FlashArray//C storage platform will be a hybrid flash/disk storage killer because it has the capacity to match a hybrid array with an all-flash storage setup. The pitch is that with FlashArray//C’s capacity, enterprises can do away with hard-drive-based storage, which draws much more power than an SSD and generate far more heat.To read this article in full, please click here

Pure Storage unveils an all-flash hybrid-storage killer

Leveraging OpenStack to Orchestrate Distributed Cloud Deployments

The industry is seeing an increasing distribution of data centers, driven by a desire to improve the end user experiences,...

Announcing VMware Container Networking with Antrea for Kubernetes

By Cody McCain, Senior Product Manager and Susan Wu, Senior Product Marketing Manager, Networking and Security Business Unit

Enterprises benefit from collaborative engineering and receive the latest innovations from open source projects. However, it’s a challenge for enterprise to rely solely on community support to run their operations. This is because community support is best-effort and cannot provide a pre-defined SLA.

While Kubernetes itself is open source, and part of Cloud Native Computing Foundation (CNCF), it takes an ecosystem of surrounding technologies as curated by CNCF—from the container registry and storage engine to the container network plugin to run Kubernetes.

Announcing VMware Container Networking with Antrea

With the new release of VMware Container Networking with Antrea, enterprises get the best of both worlds – access to the latest innovation from Project Antrea and world-class support from VMware. Container Networking with Antrea is the commercial offering consisting of and 24/7 support for Project Antrea.

Container Networking with Antrea will package the latest release of Project Antrea version 0.9.1. Antrea is a purpose-built Kubernetes networking solution for public and private clouds building upon Open vSwitch, the open source technology optimized for distributed multi-layer switching performance. Antrea is designed to run anywhere Kubernetes Continue reading

Cisco: Making remote users feel at home on the new enterprise network

When Covid-19 reared its ugly head earlier this year it altered the way millions of corporate workers access enterprise resources. Now that it’s obvious those changes in many cases are going to be more permanent than originally thought, many customers and vendors are looking to support remote workers in ways not really expected in the past.“The Covid-19 pandemic brought about a huge experiment in widespread remote working,” said Gartner vice president Elisabeth Joyce, of a recent survey of 127 company leaders that found 47% said they intend to allow employees to work remotely full time going forward. “As business leaders plan and execute reopening of their workplaces, they are evaluating more permanent remote working arrangements as a way to meet employee expectations and to build more resilient business operations."To read this article in full, please click here

Getting Started With OSPFV2 Resource Modules

With the increasing size and complexity of modern enterprise networks, the demand on simplifying the networks management becomes more intense. The introduction of resources modules with Ansible 2.9 provide a path to users to ease the network management, especially across multiple different product vendors.

In the past, we’ve already covered resource modules for VLAN management and for ACLs. However, simplifying network management is not limited to rather local network setups: Open Shortest Path First ( OSPFv2) is a protocol used to distribute IP routing information throughout a single Autonomous System (AS). It is used in larger network setups, as the Wikipedia page so aptly observes:

OSPF is a widely used IGP in large enterprise networks. IS-IS, another LSR-based protocol, is more common in large service provider networks.

Managing OSPFv2 manually for a network device can be a very difficult and tedious task, and more often this needs to be performed carefully, as the manual process is more prone to human error.

This blog post goes through the OSPFV2 resource module for the VyOS network platform. We will walk through several examples and describe the use cases for each state parameter and how we envision these being used in Continue reading

How Argo Tunnel engineering uses Argo Tunnel

Whether you are managing a fleet of machines or sharing a private site from your localhost, Argo Tunnel is here to help. On the Argo Tunnel team we help make origins accessible from the Internet in a secure and seamless manner. We also care deeply about productivity and developer experience for the team, so naturally we want to make sure we have a development environment that is reliable, easy to set up and fast to iterate on.

A brief history of our development environment (dev-stack)

Docker compose

When our development team was still small, we used a docker-compose file to orchestrate the services needed to develop Argo Tunnel. There was no native support for hot reload, so every time an engineer made a change, they had to restart their dev-stack.

We could hack around it to hot reload with docker-compose, but when that failed, we had to waste time debugging the internals of Docker. As the team grew, we realized we needed to invest in improving our dev stack.

At the same time Cloudflare was in the process of migrating from Marathon to kubernetes (k8s). We set out to find a tool that could detect changes in source code and Continue reading

Information could be half the world’s mass by 2245, says researcher

Digital content should be considered a fifth state of matter, along with gas, liquid, plasma and solid, suggests one university scholar.Because of the energy and resources used to create, store and distribute data physically and digitally, data has evolved and should now be considered as mass, according to Melvin Vopson, a senior lecturer at the U.K.'s University of Portsmouth and author of an article, "The information catastrophe," published in the journal AIP Advances.Vopson also claims digital bits are on a course to overwhelm the planet and will eventually outnumber atoms.To read this article in full, please click here

Information could be half the world’s mass by 2245, says researcher

Review Questions: Switching, Bridging and Routing

One of the most annoying part in every training content development project was the ubiquitous question somewhere at the end of the process: “and now we’d need a few review questions”. I’m positive anyone ever involved in a similar project can feel the pain that question causes…

Writing good review questions requires a particularly devious state of mind, sometimes combined with “I would really like to get the answer to this one” (obviously you’d mark such questions as “needs further research”, and if you’re Donald Knuth the question would be “prove that P != NP").

Security Policy Self-Service for Developers and DevOps Teams

In today’s economy, digital assets (applications, data, and processes) determine business success. Cloud-native applications are designed to iterate rapidly, creating rapid time-to-value for businesses. Organizations that are able to rapidly build and deploy their applications have significant competitive advantage. To this end, more and more developers are creating and leading DevOps teams that not only drive application development, but also take on operational responsibilities formerly owned by platform and security teams.

What’s the Value of a Self-Service Approach?

Cloud-native applications are often designed and deployed as microservices. The development team that owns the microservice understands the behavior of the service, and is in the best position to define and manage the network security of their microservice. A self-service model enables developers to follow a simple workflow and generate network policies with minimal effort. When problems occur with. application connectivity, developers should be able to diagnose connectivity issues and resolve them quickly without having to depend on resources outside of the team.

Developers and DevOps teams can also take a leading role in managing security, which is an integral part of cloud-native applications. There are two aspects to security in the context of Kubernetes.

Cluster security – is a uniform set Continue reading

CBRS wireless yields $4.5B+ for licenses to support 5G

The Federal Communicatins Commission’s auction of priority access licenses (PAL) on Citizen’s Broadband Radio Service (CBRS) spectrum came to an end this week, raising more than $4.58 billion from bandwidth that could be used to support 5G wireless. 5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can’t Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises The 271 qualified bidders chased 22,631 individual licenses – seven for each county in the U.S., each license representing a 10MHz-wide piece of spectrum in the 3.5GHz band.To read this article in full, please click here

CBRS wireless yields more than $4.5 billion for licenses that could support 5G

Ansible Certified Content Collection for Chocolatey

It’s a constant battle to keep your Windows estate updated and secure. Using Red Hat Ansible Automation Platform and Chocolatey, you can easily keep your software up-to-date and react quickly to bug fixes, security issues and 0-days on dozens, hundreds or thousands of nodes.

We’re going to take you through three simple steps to show you how simple it is to deploy and update software using Chocolatey and Ansible.

Before We Start: Windows Prerequisites

Ansible uses Winrm by default to communicate with Windows machines. Therefore, we need to ensure we have that enabled by running `Enable-PSRemoting` on the remote Windows computer.

For production use, we recommend enabling HTTPS for WinRM .

The code examples shown below are all using the user ‘ansible’ as the default. If you are using a different username, make sure you change it!

Step 1: Configure Ansible to use Chocolatey.

We need to install the Chocolatey module so that Ansible can use. The Chocolatey Ansible Content Collection is called chocolatey:chocolatey and is maintained by the Chocolatey Team. To install the Collection, and therefore the win_chocolatey modules, on your Ansible server, run:

ansible-galaxy collection install chocolatey.chocolatey

That’s all there is to it! Ansible can Continue reading

What is DNS and how does it work?

The Domain Name System (DNS) is one of the foundations of the internet, working in the background to match the names of web sites that people type into a search box with the corresponding IP address, a long string of numbers that no one could be expected to remember.It's still possible for someone to type an IP address into a browser to reach a website, but most people want an internet address to consist of easy-to-remember words, called domain names. (For example, Network World.)To read this article in full, please click here

« Previous 1 … 893 894 895 896 897 … 3,834 Next »