Trailblazing a Development Environment for Workers

Trailblazing a Development Environment for Workers
Trailblazing a Development Environment for Workers

When I arrived at Cloudflare for an internship in the summer of 2018, I was taken on a tour, introduced to my mentor who took me out for coffee (shoutout to Preston), and given a quick whiteboard overview of how Cloudflare works. Each of the interns would work on a small project of their own and they’d try to finish them by the end of the summer. The description of the project I was given on my very first day read something along the lines of “implementing signed exchanges in a Cloudflare Worker to fix the AMP URL attribution problem,” which was a lot to take in at once. I asked so many questions those first couple of weeks. What are signed exchanges? Can I put these stickers on my laptop? What’s a Cloudflare Worker? Is there a limit to how much Topo Chico I can take from the fridge? What’s the AMP URL attribution problem? Where’s the bathroom?

I got the answers to all of those questions (and more!) and eventually landed a full-time job at Cloudflare. Here’s the story of my internship and working on the Workers Developer Experience team at Cloudflare.

Getting Started with Continue reading

Free ipSpace.net Content

Most of us are in some sort of lockdown (or quarantine or shelter-in-place or whatever it’s called) at the moment. Some have their hands full balancing work and homeschooling their kids (hang in there!), others are getting bored and looking for networking-related content (or you wouldn’t be reading this blog).

If you’re in the latter category you might want to browse some of the free ipSpace.net content: almost 3500 blog posts, dozens of articles, over a hundred podcast episodes, over 20 free webinars, and another 30+ webinars with sample videos that you can access with free subscription.

Need more? Standard subscription includes 260 hours of video content and if you go for Expert subscription and select the network automation course as part of the subscription, you’ll get another 60 hours of content plus hands-on exercises, support, access to Slack team… hopefully enough to last you way past the peak of the current pandemic.

Yaesu FT3D vs Kenwood D74

I’ve had a Kenwood TH-D74 for almost two years now, and was curious to get a sense of what the competition is like. Seems like everyone’s recommending the Yaesu FT3D. So I got one, and I think I’ve played around with it enough now to have an informed opinion.

Summarizing the feeling of them, while I have my complaints about the usability of the D74, the FT3D is like a time machine back to the 90s in how well the interface is though through.

I’m sneaking in some mentions of the AnyTone 878UV too. But I’ve not used it enough to have a solid opinion yet.

Programming

With the FT3D upgrading the firmware is a two step process, where you have to flip a little hidden switch first to “up”, to upgrade one firmware, then to “down”, to upgrade the other. And then flip it back to “middle” for normal mode.

The FT3D programming software costs $25 and comes with a special cable, but the software also seems downloadable from their website. The USB cable seems to require a special driver. I guess that’s what you’re paying for. At least you can download the software and put the data on Continue reading

Daily Roudup: IBM Taps AMD for Bare Metal Cloud

IBM tapped AMD for bare metal cloud; Do Coronavirus SOCs look Like Zoom war rooms?; and Canonical...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

T-Mobile to Slash $30M in Cloud Costs With Kubernetes

The work is based on the carrier's Conducktor internal Kubernetes platform.

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Do Coronavirus SOCs Look Like Zoom War Rooms?

When an incident occurs, enterprises typically rely on their on-site security operations centers to...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

IBM Cloud, AMD Debut EPYC Bare Metal

At the heart of the new offering is AMD’s 96-core EPYC 7642 processors that launched in...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Global IT Spending Falls Into Rapid Decline

The market, which includes hardware, software, and IT services, is now expected to decline at a...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Setting up etcd with Kubeadm, containerd Edition

In late 2018, I wrote a couple of blog posts on using kubeadm to set up an etcd cluster. The first one was this post, which used kubeadm only to generate the TLS certs but ran etcd as a systemd service. I followed up that up a couple months later with this post, which used kubeadm to run etcd as a static Pod on each system. It’s that latter post—running etcd as a static Pod on each system in the cluster—that I’ll be revisiting in this post, only this time using containerd as the container runtime instead of Docker.

This post assumes you’ve already created the VMs/instances on which etcd will run, that an appropriate version of Linux is installed (I’ll be using Ubuntu LTS 18.04.4), and that the appropriate packages have been installed. This post also assumes that you’ve already made sure that the correct etcd ports have been opened between the VMs/instances, so that etcd can communicate properly.

Finally, this post builds upon the official Kubernetes documentation on setting up an etcd cluster using kubeadm. The official guide assumes the use of Docker, whereas this post will focus on using containerd as the container Continue reading

Update from Docker on COVID-19 Actions

As the novel coronavirus causing COVID-19 continues to spread, Docker has been taking precautionary measures to support the health, well-being, and safety of our global team members and their families, as well as ensuring our customers and community at large can continue building and shipping apps using Docker. We are also following the World Health Organization (WHO) and the Center for Disease Control and Prevention (CDC) guidelines, as well as guidelines from local public health administrations. 

Docker has always been about community, and here are the steps we have taken to ensure employees are taken care of as well as to ensure business continuity for our users worldwide:

Protecting Employees

  • On March 2, 2020, we asked all global employees to cancel or postpone any non-essential, work-related travel. 
  • Additionally, on March 9, 2020, we closed all of our offices globally to employees and visitors. We are using all available technologies like our phones, Zoom, Slack, GitHub, and Confluence now that we have transitioned to a fully remote workforce. 
  • While Docker is a geographically distributed organization, we understand this is a big shift for many of our employees and, as such, we are encouraging as much flexibility around work Continue reading

In Times of Crisis, All Communities Need to Be Connected

Amid the global spread of COVID-19, the exceptional strict confinement to our homes offers important lessons about the urgency of bridging the digital divide.

Where I live, in Osona (rural ​​Catalonia, northern Spain), 15 years ago there was no Internet access. Commercial operators said it wasn’t profitable. So, we set up a community network, Guifi.net, initially with radio connections, and in 2009 we deployed fiber optics. Today, we have connected many small towns and have more than 200,000 estimated users.

According to the National Statistical Institute, Osona County leads with the percentage of households with a computer: 82.5%, exceeding the Spanish average of 69.8%.

Connectivity has broken rural social isolation, connected our schools and hospitals, and it is helping people face this emergency situation. People can access multiple interactive channels to inform themselves without leaving home. Without connectivity, our confinement would feel like prison.

Connectivity has been an economic savior for us. In our livestock-driven region, robots milk cows that wear pedometers to measure their steps and detect diseases. Farmers use connected cameras to monitor whether their pigs have complications during birth. Technology has saved time, money, and improved productivity.

Just 15 years ago, Osona trailed Continue reading

Using ACLs for security vs compliance

Compliance exists in many forms, with tenancy, traffic isolation and access restriction. Compliance is mostly due to regulatory needs, which really comes down to security needs. Compliance applies to networking, fundamentally ensuring that resources can only be accessed from allowed locations. The actual media and content normally isn’t pertinent, as they merely just influence the scope of access for the data.

As a result, this post doesn’t delve into more complex compliance requirements such as deep packet inspection or encryption. Rather, this is to discuss how networking engineers use their existing toolset to enforce compliance requirements.

The most fundamental of these requests is networking access permissions. Most customers will allocate subnets for functional sections of their network.

ACLs are some of the most classic and undemanding forms of permission. The greatest part of ACLs is that they can be applied on nearly every networking device, and provide somewhat of a base level of security. But there are hidden complexities with ACLs that may not make it the ideal choice for most compliance solutions:

1. Connection State Tracking

ACLs are unidirectional elements, examining packets one at a time and only blocking traffic in a single direction. This can create some logical Continue reading

Cloudflare Doubling Size of 2020 Summer Intern Class

Cloudflare Doubling Size of 2020 Summer Intern Class
Cloudflare Doubling Size of 2020 Summer Intern Class

We are living through extraordinary times. Around the world, the Coronavirus has caused disruptions to nearly everyone's work and personal lives. It's been especially hard to watch as friends and colleagues outside Cloudflare are losing jobs and businesses struggle through this crisis.

We have been extremely fortunate at Cloudflare. The super heroes of this crisis are clearly the medical professionals at the front lines saving people's lives and the scientists searching for a cure. But the faithful sidekick that's helping us get through this crisis — still connected to our friends, loved ones, and, for those of us fortunate enough to be able to continue work from home, our jobs — is the Internet. As we all need it more than ever, we're proud of our role in helping ensure that the Internet continues to work securely and reliably for all our customers.

We plan to invest through this crisis. We are continuing to hire across all teams at Cloudflare and do not foresee any need for layoffs. I appreciate the flexibility of our team and new hires to adapt what was our well-oiled, in-person orientation process to something virtual we're continuing to refine weekly as new people join us.

Continue reading

MUST READ: Using BGP RPKI for a Safer Internet

As I explained in How Networks Really Work and Upcoming Internet Challenges webinars, routing security, and BGP security in particular remain one of the unsolved challenges we’ve been facing for decades (see also: what makes BGP a hot mess).

Fortunately, due to enormous efforts of a few persistent individuals BGP RPKI is getting traction (NTT just went all-in), and Flavio Luciani and Tiziano Tofoni decided to do their part creating an excellent in-depth document describing BGP RPKI theory and configuration on Cisco- and Juniper routers.

There are only two things you have to do:

Thank you, the Internet will be grateful.

2020-04-02 16:00 UTC - Two interesting events happened on April 1st. This is why we badly need RPKI and this is why we might need another document describing “how to back up ROAs and have a recovery procedure that takes less than 20 hours

About them Zoom vulns…

Today a couple vulnerabilities were announced in Zoom, the popular work-from-home conferencing app. Hackers can possibly exploit these to do evil things to you, such as steal your password. Because of the COVID-19, these vulns have hit the mainstream media. This means my non-techy friends and relatives have been asking about it. I thought I'd write up a blogpost answering their questions.

The short answer is that you don't need to worry about it. Unless you do bad things, like using the same password everywhere, it's unlikely to affect you. You should worry more about wearing pants on your Zoom video conferences in case you forget and stand up.



Now is a good time to remind people to stop using the same password everywhere and to visit https://haveibeenpwned.com to view all the accounts where they've had their password stolen. Using the same password everywhere is the #1 vulnerability the average person is exposed to, and is a possible problem here. For critical accounts (Windows login, bank, email), use a different password for each. (Sure, for accounts you don't care about, use the same password everywhere, I use 'Foobar1234'). Write these passwords down on paper and put that paper in Continue reading

The Mistake that Caused 1.1.1.3 to Block LGBTQIA+ Sites Today

The Mistake that Caused 1.1.1.3 to Block LGBTQIA+ Sites Today

Today we made a mistake. The mistake caused a number of LGBTQIA+ sites to inadvertently be blocked by the new 1.1.1.1 for Families service. I wanted to walk through what happened, why, and what we've done to fix it.

As is our tradition for the last three years, we roll out new products for the general public that uses the Internet on April 1. This year, one of those products was a filtered DNS service, 1.1.1.1 for Families. The service allows anyone who chooses to use it to restrict certain categories of sites.

Filtered vs Unfiltered DNS

Nothing about our new filtered DNS service changes the unfiltered nature of our original 1.1.1.1 service. However, we recognized that some people want a way to control what content is in their home. For instance, I block social media sites from resolving while I am trying to get work done because it makes me more productive. The number one request from users of 1.1.1.1 was that we create a version of the service for home use to block certain categories of sites. And so, earlier today, we launched 1.1.1. Continue reading

1 980 981 982 983 984 3,833