Next Platform TV for September 15, 2020

On today’s program, some kickoff analysis of the Nvidia/Arm deal; a look at geospatial AI and what it requires in terms of future hardware and frameworks; physics-informed AI and what it means for future simulations and use cases; the Summit supercomputer and the “right” architecture for large-scale, multidisciplinary  COVID-19 research; the elements of a hyperconverged data platform; infrastructure as code; much more in today’s interview lineup.

Next Platform TV for September 15, 2020 was written by Nicole Hemsoth at The Next Platform.

Secure from the Start: Shift Vulnerability Scanning Left in Docker Desktop

Application delivery velocity can be tripped up when security vulnerabilities are discovered after an app is deployed into production. Nothing is more detrimental to shipping new features to customers than having to go back and address vulnerabilities discovered in an app or image you already released. At Docker, we believe the best way to balance the needs for speed and security is to shift security left in the app delivery cycle as an integral part of the development process. 

Integrating security checks into Docker Scan was the driver behind the partnership with Snyk, one of the leading app security scan providers in the industry. This partnership, announced in May of this year, creates a vision for a simple and streamlined approach for developers to build and deploy secure containers. And today, I’m excited to share that the latest Docker Desktop Edge release includes Snyk vulnerability scanning. This allows Docker users to trigger local Docker file and local image scans directly from the Docker Desktop CLI. With the combination of Docker Scan and Snyk, developers gain visibility into open source vulnerabilities that can have a negative impact on the security of container images. Now you can extend your Continue reading

Using bash’s shopt builtin to manage Linux shell behavior

If you haven’t tried it yet, you might be surprised by the many features of shopt. While it works like a Linux command, it’s actually a bash shell builtin that allows you to change many things about that shell’s behavior.One option, for example, allows the shell to fix minor typos when you type directory names. To demonstrate, in the first cd command shown below, the directory name, bin, is typed with an extra letter and the shell complains and gives up:$ cd binn -bash: cd: binn: No such file or directory This next command enables the cdspell option that gets bash to attempt to correct minor typos in directory names.To read this article in full, please click here

Three Ways Operationalizing NSX Will Transform Your IT Organization

By Kevin Lees and Devyani Pisolkar, authors of the ‘Operationalizing VMware NSX’ guide

Virtualized networking and security may appear to be a standard feature of today’s modern data center, but it wasn’t so long ago — what, seven years? — that network virtualization was a new concept, largely introduced and propelled by VMware. How time flies. Today, across industries, network virtualization, in the form of VMware NSX, is the go-to choice for delivery of software-based network and security services. Nowadays we spend less time discussing the novelty of the architecture and more time talking about how to maximize the value of NSX by fully operationalizing the platform to make it a critical driver in your digital transformation.

VMware NSX is utterly unlike legacy networking

VMware NSX delivers networking and security services entirely in software. That enables organizations to move myriad operational tasks into the software layer, but to leverage it fully requires a top-to-bottom rethink of network operation itself. Under NSX, the old paradigm of the network as a hardware silo is gone; instead, the virtualized NSX network is an integral component in the software-defined data center.

Which brings us to the key point: in order to fully realize Continue reading

Secondary DNS – Deep Dive

How Does Secondary DNS Work?

Secondary DNS - Deep Dive

If you already understand how Secondary DNS works, please feel free to skip this section. It does not provide any Cloudflare-specific information.

Secondary DNS has many use cases across the Internet; however, traditionally, it was used as a synchronized backup for when the primary DNS server was unable to respond to queries. A more modern approach involves focusing on redundancy across many different nameservers, which in many cases broadcast the same anycasted IP address.

Secondary DNS involves the unidirectional transfer of DNS zones from the primary to the Secondary DNS server(s). One primary can have any number of Secondary DNS servers that it must communicate with in order to keep track of any zone updates. A zone update is considered a change in the contents of a  zone, which ultimately leads to a Start of Authority (SOA) serial number increase. The zone’s SOA serial is one of the key elements of Secondary DNS; it is how primary and secondary servers synchronize zones. Below is an example of what an SOA record might look like during a dig query.

example.com	3600	IN	SOA	ashley.ns.cloudflare.com. dns.cloudflare.com. 
2034097105  // Serial
10000 //  Continue reading

Nvidia-Arm merger faces regulatory, political, legal hurdles

Nvidia’s planned $40 billion takeover of chip-architecture firm Arm Holdings is not your typical merger. Oftentimes in a merger it’s one company taking over a weaker competitor that it has vanquished, something Nvidia knows all too well. Over its history, Nvidia has purchased several competitor GPU makers, most notably 3DFX in 2000.But here, the situation is different. First, the two companies don’t compete. Nvidia was a licensee of Arm chip design with its Tegra processor aimed at smartphones and tablets—and a rare failure for Nvidia as it never really caught on.To read this article in full, please click here

Nvidia-Arm merger faces regulatory, political, legal hurdles

Nvidia’s planned $40 billion takeover of chip-architecture firm Arm Holdings is not your typical merger. Oftentimes in a merger it’s one company taking over a weaker competitor that it has vanquished, something Nvidia knows all too well. Over its history, Nvidia has purchased several competitor GPU makers, most notably 3DFX in 2000.But here, the situation is different. First, the two companies don’t compete. Nvidia was a licensee of Arm chip design with its Tegra processor aimed at smartphones and tablets—and a rare failure for Nvidia as it never really caught on.To read this article in full, please click here

Building a Multi-Cloud Network for less than $1 an Hour – Aviatrix Kickstart

This is the post I had been meaning to write for ages. How do you leverage Infrastructure as Code to build a multi-cloud network? It turns out you don’t have to write the code yourself. This is the beauty of Aviatrix Kickstart. For less than $1 an hour, I was able to build a multi-cloud … Continue reading Building a Multi-Cloud Network for less than $1 an Hour – Aviatrix Kickstart

Carriers, vendors work to promote 5G-network flexibility with open standards

The big wireless carriers and 5G equipment vendors are working together on standards to promote better interoperability among the gear needed to provide the high-speed wireless service.The ORAN (stands for open radio access networks) Alliance, founded in Germany in 2018, is working on open software interfaces between the different layers of the carrier-equipment stack to give providers more flexibility as they roll out 5G services that include support for IoT and ultra-low-latency applications. The group has more than 200 members ranging from carriers, to hardware and software vendors of all stripes.To read this article in full, please click here

Why I’m running for the NANOG Board of Directors?

This year I decided to run for the NANOG Board of Directors and I wanted to elaborate what I would like to accomplish if elected. The election for NANOG Board of Directors will be held October 19 -21, 2020. Please mark your calendar and see my full profile at https://www.nanog.org/participate/elections-nominations/2020-board-candidates/board-candidate-tom-kacprzynski/

Being in the industry for the last sixteen years, I have been involved in operating a number of network types such as enterprise, datacenter, private backbone and CDN networks. Throughout these years I’ve gained the technical and organizational knowledge at established and lean startup businesses. My roles ranged from technical network engineering/architecture to leadership as department head of network engineering and software development teams along with network sourcing. 

Since 2018, I was selected for the NANOG program committee and currently serving my second term. Additionally I serve as community organizer in creating a local Chicago/Midwest community of network operators. Since 2014 I have started the Chicago Network Operators Group, which is modeled after NANOG, as a vendor neutral organization. Producing nine successful conferences for the last six years has provided me with experience on working with vendors, navigating conference venue logistics, acquiring sponsors, curating content with the Continue reading

Tech Bytes: AppNeta And Performance Visibility Over The Last Mile (Sponsored)

Today’s Tech Bytes episode is sponsored by AppNeta, and we’re going to discuss how companies can get performance visibility for end users now that many people are working from home and connecting over last-mile networks that IT has little visibility into or control over. Our AppNeta guests are Seth Differ, Senior Manager, Solutions Consulting; and Alec Pinkham, Director of Product Marketing.

Tech Bytes: AppNeta And Performance Visibility Over The Last Mile (Sponsored)

Today’s Tech Bytes episode is sponsored by AppNeta, and we’re going to discuss how companies can get performance visibility for end users now that many people are working from home and connecting over last-mile networks that IT has little visibility into or control over. Our AppNeta guests are Seth Differ, Senior Manager, Solutions Consulting; and Alec Pinkham, Director of Product Marketing.

The post Tech Bytes: AppNeta And Performance Visibility Over The Last Mile (Sponsored) appeared first on Packet Pushers.

Announcing eBPF Mode GA

A few days ago, our team released Calico v3.16. As part of that release, we have marked the eBPF dataplane as “GA”, signalling that it is now stable and ready for wider use by the community. In this blog post I want to take you through the process of moving from tech-preview to GA. If you’re not already familiar with eBPF and the benefits of the Calico eBPF dataplane, or if you want to see throughput and latency graphs compared to the standard Linux dataplane, I recommend that you read our introductory blog post. To recap, when compared with the standard Linux dataplane (based on iptables), the eBPF dataplane:

  • Scales to higher throughput, using less CPU per GBit
  • Natively supports Kubernetes services (without kube-proxy) in a way that:
  • Reduces latency
  • Preserves external client source IP addresses
  • Supports DSR (Direct Server Return) for reduced latency (and CPU usage)
  • Uses less CPU than kube-proxy to keep the dataplane in sync

For the tech preview release, our focus was on covering a broad set of features and proving out the performance of the new dataplane. However to meet the bar for GA, we had to:

Everyone Must Learn to Code

The word on the street is that everyone—especially network engineers—must learn to code. A conversation with a friend and an article passing through my RSS reader brought this to mind once again—so once more into the breach. Part of the problem here is that we seem to have a knack for asking the wrong question. When we look at network engineer skill sets, we often think about the ability to configure a protocol or set of features, and then the ability to quickly troubleshoot those protocols or features using a set of commands or techniques.

This is, in some sense, what various certifications have taught us—we have reached the expert level when we can configure a network quickly, or when we can prove we understand a product line. There is, by the way, a point of truth in this. If you claim your expertise is with a particular vendor’s gear, then it is true that you must be able to configure and troubleshoot on that vendor’s gear to be an expert. There is also a problem of how to test for networking skills without actually implementing something, and how to implement things without actually configuring them. This is a Continue reading

Moving HPC to the Cloud: A Guide for 2020

 

This is a guest post by Limor Maayan-Wainstein, a senior technical writer with 10 years of experience writing about cybersecurity, big data, cloud computing, web development, and more.

High performance computing (HPC) enables you to solve complex problems which cannot be solved by regular computing. Traditionally, HPC solutions provided mainly supercomputers. Today, HPC is typically a mix of resources, including supercomputing and virtualized and bare metal servers, platforms for management, sharing and integration capabilities, and more. When coupled with the cloud, HPC is made more affordable, accessible, efficient and shareable.

What Is HPC?

Network Break 301: Samsung Dials Up A 5G Contract; Broadcom Announces Fast, Power-Efficient New Jericho Chip

Network Break analyzes Samsung's multi-billion 5G contract from Verizon, a new Jericho ASIC from Broadcom, the insiders driving Zoombombing, the persistence of DDoS attacks, and more tech news.

The post Network Break 301: Samsung Dials Up A 5G Contract; Broadcom Announces Fast, Power-Efficient New Jericho Chip appeared first on Packet Pushers.

At it again: The FCC rolls out plans to open up yet more spectrum

The Federal Communications Commission will take steps toward auctioning off two more frequency ranges in the 3.1GHz to 4.9GHz band for commercial use, following up on auctions that created more bandwidth for 5G and other wireless services. 5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can’t Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises The first frequency range sits between 3.3GHz and 3.5GHz, is 100MHz wide and would become available nationwide. The first step toward redistributing the band would be to remove allocations in that range that are now held by non-governmental entities and reassign them to bandwidth between 3.45GHz and 3.55GHz or between 2.9GHz and 3GHz, the commission said in an announcement.To read this article in full, please click here

1 899 900 901 902 903 3,849