On today’s program we talk AI chip innovations with Graphcore co-founder and CEO, Nigel Toon, tap into the Barcelona Supercomputing Center to talk Arm server performance, check in with Sandia for brain-inspired computing advances; talk HDD technologies that keep disk relevant, and also discuss RISC-V with the foundation’s CEO. …
Next Platform TV for July 16, 2020 was written by Nicole Hemsoth at The Next Platform.
pp@ubuntu20:~$ sudo dropwatch
Initializing null lookup method
dropwatch> set alertmode packet
Setting alert mode
Alert mode successfully set
dropwatch> start
Enabling monitoring...
Kernel monitoring activated.
Issue Ctrl-C to stop monitoring
drop at: __udp4_lib_rcv+0xae5/0xbb0 (0xffffffffb05ead95)
origin: software
input port ifindex: 2
timestamp: Wed Jul 15 23:57:36 2020 223253465 nsec
protocol: 0x800
length: 128
original Continue reading
Last week we announced Docker and AWS created an integrated and frictionless experience for developers to leverage Docker Compose, Docker Desktop, and Docker Hub to deploy their apps on Amazon Elastic Container Service (Amazon ECS) and Amazon ECS on AWS Fargate. On the heels of that announcement, we continue the latest series of blog articles focusing on developer content that we are curating from DockerCon LIVE 2020, this time with a focus on AWS. If you are running your apps on AWS, bookmark this post for relevant insights for easy access in one place.
As more developers adopt and learn Docker, and as more organizations are jumping head-first into containerizing their applications, AWS continues to be the cloud of choice for deployment. Earlier this year Docker and AWS collaborated on Compose-spec.io open specification and as mentioned on the Docker blog by my colleague Chad Metcalf, deploying straight from Docker to AWS has never been easier. It’s just another step to constantly put ourselves in the shoes of you, our customer, the developer.
The replay of these three sessions on AWS is where you can learn more about container trends for developers, adopting microservices and building and deploying multi-container Continue reading
Running IT environments means facing many challenges at the same time: security, performance, availability and stability are critical for the successful operation of today’s data centers. IT managers and their teams of administrators, operators and architects are well advised to move from a reactive, “fire-fighting” mode to a proactive approach where systems are continuously scanned and improvements are applied before critical situations come up. Red Hat Insights routinely analyzes Red Hat Enterprise Linux systems for security/vulnerability, compliance, performance, availability and stability threats, and based on the results, can provide guidance on how to improve daily operations. Insights is included with your Red Hat Enterprise Linux subscription and located at cloud.redhat.com.
We recently announced a new Red Hat Ansible Content Collection for Insights, an integration designed to make it easier for Insights users to manage Red Hat Enterprise Linux and to automate tasks on those systems using Ansible. The Ansible Content Collection for Insights is ideal for customers that have large Red Hat Enterprise Linux estates that require initial deployment and ongoing management of the Insights client.
In this blog, we will look at how this integration with Ansible takes care of key tasks via included Ansible Continue reading
A year ago I wrote about the opening of Cloudflare’s office in Lisbon, it’s hard to believe that a year has flown by. At the time I wrote:
Lisbon’s combination of a large and growing existing tech ecosystem, attractive immigration policy, political stability, high standard of living, as well as logistical factors like time zone (the same as the UK) and direct flights to San Francisco made it the clear winner.
We landed in Lisbon with a small team of transplants from other Cloudflare offices. Twelve of us moved from the UK, US and Singapore to bootstrap here. Today we are 35 people with another 10 having accepted offers; we’ve almost quadrupled in a year and we intend to keep growing to around 80 by the end of 2020.
If you read back to my description of why we chose Lisbon only one item hasn’t turned out quite as we expected. Sure enough TAP Portugal does have direct flights to San Francisco but the pandemic put an end to all business flying worldwide for Cloudflare. We all look forward to getting back to being able to visit our colleagues in other locations.
The pandemic also put us in the Continue reading
Wow! I can’t believe it. I’ve been blogging for 10 years! Where did time go? July 16th 2010 is when I posted the first time to this blog. It was a post saying “I’m game” and I included Radia Perlman’s Algorhyme.
August 27th 2010, I wrote that I wanted to pass the CCIE lab within two years. Turns out I wasn’t too far from the truth. I passed late October 2012. Greg Ferro himself popped in to wish me good luck:
January 2011, I passed the written. I had a little different approach to many where I spent a considerate amount of time, around 200h if I remember correctly, to build a strong foundation before moving on to labbing. Today you would take the ENCOR exams, of course. But I still think this is a valid strategy.
It took me a little more than 6 months to get my first 5000 views. It’s good to remember that. Especially for those of you just starting out. This site has now had more than a million views but it took some time to get there. It doesn’t get as many views as you probably think, either.
I took my first stab at Continue reading
Calico was designed from the ground up with a pluggable dataplane architecture. The Calico 3.13 release introduced an exciting new eBPF (extended Berkeley Packet Filter) dataplane targeted at those ready to adopt newer kernel versions and wanting to push the Linux kernel’s latest networking capabilities to the limit. In addition to improved throughput and latency performance compared to the standard Linux networking data plane, Calico’s eBPF data plane also includes native support for Kubernetes services without the need to run kube-proxy. One of the ways Calico’s eBPF dataplane realizes these improvements is through source IP preservation and Direct Server Return (DSR)
Kube-proxy and Source IP
The application of Network Address Translation (NAT) by kube-proxy to incoming network connections to Kubernetes services (e.g. via a service node port) is a frequently encountered friction point with Kubernetes networking. NAT has the unfortunate side effect of removing the original client source IP address from incoming traffic. When this occurs, Kubernetes network policies can’t restrict incoming traffic from specific external clients. By the time the traffic reaches the pod it no longer has the original client IP address. For some applications, knowing the source IP address is desirable or required. For example, Continue reading
Obvious really
The post Dictionary: TANSTAAFL: There Ain’t No Such Thing As A Free Lunch appeared first on EtherealMind.
On June 30, 2020, a security vulnerability affecting multiple BIG-IP platforms from F5 Networks was made public with a CVSS score of 10 (Critical). Due to the significance of the vulnerability, network administrators are advised to mitigate this issue in a timely manner. Doing so manually is tricky, especially if many devices are involved. Because F5 BIG-IP and BIG-IQ are certified with the Red Hat Ansible Automation Platform, we can use it to tackle the issue.
This post provides one way of temporarily mitigating CVE-2020-5902 via Ansible Tower without upgrading the BIG-IP platform. However, larger customers like service providers might struggle to upgrade on a short notice, as they may have to go through a lengthy internal validation process. For those situations, an automated mitigation may be a reasonable workaround until such time to perform an upgrade.
The vulnerability is described in K52145254 of the F5 Networks support knowledgebase:
The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
And describes the impact is serious:
This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the Configuration Continue reading
Open source software is everywhere, it seems—and yet it’s nowhere at the same time. Everyone is talking about it, but how many people and organizations are actually using it? Pete Lumbis at NVIDIA joins Tom Ammon and Russ White to discuss the many uses and meanings of open source software in the networking world.
The COVID-19 pandemic has changed the way humans interact with one another. With an emphasis on less physical interaction and more social distancing, institutions and organizations are moving their work and meetings online.
The Internet Society Accessibility Special Interest Group (Accessibility SIG) aims to make the Internet and its attendant technologies accessible to the largest audience possible, regardless of disabilities. The digital divide is not just about having the access to digital technology, it could also be about having the access to technology and not being able to use it. Our digital products must be usable by all. Many laws and the Internet Society’s vision – the Internet is for everyone – demand that we provide everyone with an equal experience.
The Accessibility SIG is planning a series of seven webinars discussing this very topic. Our first one was titled When Rhetoric Meets Reality: Digital Accessibility, Persons With Disabilities and COVID-19 and was held on May 28.
The way we design and build can make it hard – and sometimes impossible – for people with disabilities to access Continue reading
June seems like a lifetime ago but there was so much content we wanted to make sure was on your radar. We know you may be thinking but wait, didn’t something big happen to Cumulus Networks in June? You would be right! We’re excited to share that we are now officially NVIDIA®. Along with the news, we kept very busy with fresh podcast episodes, informative blog posts and much more so take a minute to dive on in and catch up on it all here.
Cumulus Networks’ President and Chief Product Officer, Partho Mishra, on the NVIDIA-Cumulus acquisition.: Partho Mishra answers your questions regarding the strategic focus of the new networking business unit at NVIDIA & the future of open networking.
Open source — the great equalizer.: Technology is a great equalizer and the open source movement has played a huge role in making this true and accelerating the process.
Remote work makes network visibility more critical than ever: We’re living through a major shift in the way employees work, extending the boundaries of what was once a tightly controlled environment.
Kernel of Truth season 3 episode 8: Cumulus Linux in action Continue reading
Developing Python projects in local environments can get pretty challenging if more than one project is being developed at the same time. Bootstrapping a project may take time as we need to manage versions, set up dependencies and configurations for it. Before, we used to install all project requirements directly in our local environment and then focus on writing the code. But having several projects in progress in the same environment becomes quickly a problem as we may get into configuration or dependency conflicts. Moreover, when sharing a project with teammates we would need to also coordinate our environments. For this we have to define our project environment in such a way that makes it easily shareable.
A good way to do this is to create isolated development environments for each project. This can be easily done by using containers and Docker Compose to manage them. We cover this in a series of blog posts, each one with a specific focus.
This first part covers how to containerize a Python service/tool and the best practices for it.
Requirements
To easily exercise what we discuss in this blog post series, we need to install a minimal set Continue reading
2020 has been a historic year that will forever be associated with the COVID-19 pandemic. Over the past six months, we have seen societies, businesses, and entire industries unsettled. The situation at Cloudflare has been no different. And while this pandemic has affected each and every one of us, we here at Cloudflare have not forgotten what our mission is: to help build a better Internet.
We have expanded our global network to 206 cities across more than 100 countries. This is in addition to completing 40+ datacenter expansion projects and adding over 1Tbps in dedicated “backbone” (transport) capacity connecting our major data centers so far this year.
There was zero chance that 2020 would mean business as usual within the Infrastructure department. We were thrown a curve-ball as the pandemic began affecting our supply chains and operations. By April, the vast majority of the world’s passenger flights were grounded. The majority of bulk air freight ships within the lower deck (“belly”) of these flights, which saw an imbalance between supply and demand with the sudden 74% decrease in passenger belly cargo capacity relative to the same period last year.
We were fortunate to have Continue reading
Day Two Cloud gets into data visualization with the open-source Grafana project. Grafana helps you visualize, alert on, and query all kinds of data and metrics. We look at how Grafana works, how it manipulates and stores data, and common use cases. Our guest is Ryan McKinley, VP of Applications at Grafana.
The post Day Two Cloud 057: See Your Data With Grafana appeared first on Packet Pushers.
Jeff Tantsura and Nick Buraglio bring a wealth of knowledge to this Network Collective Introduction to Segment Routing webinar. In this webinar we cover the fundamental SR technologies and how they work, as well as some of the practical implementation details that can only be learned by working with the technology directly.
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post Introduction to Segment Routing appeared first on Network Collective.