Twitter
Home Blog Page 439

Deployment Strategies Defined

By
Itay Shakury
-

Let’s talk about deployments. This topic used to be considered an uninteresting implementation detail, but is now becoming a fundamental element for modern systems. I feel like everyone understand its importance, and is working to build solutions around it, but we are missing some structure and definition. People use different terms for same meanings, or same terms for different meanings. This leads to other people reinventing the wheel trying to solve their problems. We need a common understanding of this topic in order to build better tools, make better decisions, and simplify communication with each other.

This post is my attempt to list and define those common deployment strategies, which I called:

  • Reckless Deployment
  • Rolling Upgrade
  • Blue/Green Deployment
  • Canary Deployment
  • Versioned Deployment

There are probably other names and terms you expected to see on this list. I’d argue that those “missing” terms can be seen as variants of these primary strategies.

And one final note before we begin: this post is about definitions, methodologies and approaches and not about how to implement them in any technology stack. A technical tutorial will follow in another post. Stay tuned!

Read more at Itay as a Service

Five Edge Data Center Myths

By
Data Center Knowledge
-

With mobile and last-mile bandwidth coming at a premium and modern applications needing low-latency connections, compute is moving from centralized data centers to the edge of the network. But there a lot of myths about edge data centers. Here’s what organizations are typically getting wrong, according to Uptime Institute’s CTO Chris Brown:

Myth 1: Edge computing is a way to make cheap servers good enough

The old branch office model of local servers won’t work for the edge; an edge data center isn’t just a local data center. “An edge data center is a collection of IT assets that has been moved closer to the end user that is ultimately served from a large data center somewhere.”

Read more at Data Center Knowledge

Linux Kernel Developer: Kees Cook

By
The Linux Foundation
-

Security is paramount these days for any computer system, including those running on Linux. Thus, part of the ongoing Linux development work involves hardening the kernel against attack, according to the recent Linux Kernel Development Report.

Here, Kees Cook, Software Engineer at Google, answers a few questions about his work on the kernel.

Linux Foundation: What role do you play in the community and what subsystem(s) do you work on?

Kees Cook: Recently, I organized the Kernel Self-Protection Project (KSPP), which has helped focus lots of other developers to work together to harden the kernel against attack. I’m also the maintainer of seccomp, pstore, LKDTM, and gcc-plugin subsystems, and a co-maintainer of sysctl.

Read more at The Linux Foundation

GDPR: 7 Steps to Compliance

By
Tech Native
-

The General Data Protection Regulation will come into effect on the May 25, 2018.

GDPR offers a groundbreaking overhaul of rules first implemented two decades earlier, when the impact on the internet was a mere fraction of what it is today. For consumers, these new rules promise greater data protection. For businesses, however, the rules will require significant overhauls, as the cost of running afoul of rules can be stiff. Here are a few steps to ensure your business is in compliance.

Find Help

Because any new set of regulations can be confusing and disrupt business, there are plenty of entities offering support. Consulting companies can provide the guidance businesses need to ensure they meet new demands. However, it’s important to seek out help early on, as demand might outstrip supply for compliance consultation. Furthermore, the sheer complexity of the GDPR means businesses might not be able to find a single entity for the entire process, so hiring multiple consultants might be essential.

Read more at TechNative

Growing Your Tech Stack: When to Say No

By
Codeship Blog
-

Someone on your team has an exciting suggestion, a new technology to introduce. But is it a good idea?

It is often easier to see the immediate benefits than the immediate risks or the long-term anything. This article looks at questions to ask and precautions to take when implementing new technologies in the development and running of software.

First, recognize that different technologies carry different risks. Ask yourself — what’s the worst that could happen? and what pain is inevitable? Also ask — what’s the best that could happen? And finally, how can I implement this with minimum danger?

The biggest distinguishing factor in the risk profile is where in the technology stack this new idea falls:

Read more at Codeship

7 Habits of Highly Successful Site Reliability Engineers

By
The New Relic
-

So we decided to look at some of the characteristics and habits common to highly successful SREs. As in most development and operations roles, first-class technical chops are obviously critical. For SREs, those specific skills might depend on how a particular organization defines or approaches the role: the Google approach to Site Reliability Engineering might require more software engineering and coding experience, whereas another organization might place a higher value on ops or QA skills. But as we found when we looked at what makes dev and ops practitioners successful, what sets the “great” apart from the “good enough” is often a combination of habits and traits that complement technical expertise.

Habit 1: You analyze every change in the context of the (much) bigger picture

Successful software developers understand how their code helps drive the overall business. SREs have their own version of this trait.

Read more at The New Relic

Kubernetes Node

By
Tech Target
-

A Kubernetes Node is a logical collection of IT resources that supports one or more containers. Nodes contain the necessary services to run Pods (which are Kubernetes’s units of containers), communicate with master components, configure networking and run assigned workloads. A Node can host one or multiple Pods. Each Kubernetes Node has services to create the runtime environment and support Pods. These components include Docker, kube-proxy and kubelet.

Kubernetes choreographs the deployment and scaling of applications in containers, rather than the deployment and scaling of necessary  hardware systems. Nodes are collections of resources defined by the hosting infrastructure, whether that is on a cloud provider or as physical or virtual machines (VMs). 

Read more at TechTarget

Buoyant’s New Open Source Service Mesh Is Designed with Kubernetes in Mind

By
The Linux Foundation
-

This article is part of the KubeCon + CloudNativeCon North America 2017 series.

The Linkerd service mesh for microservices was the first in its category and is the most widely used service mesh in production today. It has seen over a trillion requests and has enterprise customers that include Salesforce, FOX, Target, Paypal, Expedia, AOL, Monzo, and IBM.

Today, Buoyant has announced a new, next-gen open source service mesh called Conduit, which was designed to be incredibly fast and lightweight, highly performant, and secure, with real-world Kubernetes and gRPC use cases in mind.

Ahead of CloudNativeCon + KubeCon 2017 to be held this week in Austin, we spoke to George Miranda, Community Director at Buoyant, the maker of Linkerd. Be sure to catch Buoyant CEO William Morgan’s keynote on Conduit at CloudNativeCon. They’ll also be kicking off the conference with the New Stack’s Pancake Breakfast.  Make sure to catch all of Buoyant’s talks at the conference.

Linux.com: What makes managing services more challenging in a Cloud Native environment?

George Miranda: When you’re running monolithic applications on three-tier legacy infrastructure, you make relatively few service requests. It’s pretty obvious where they’re coming from and going to. If things go wrong, you can quickly understand where problems might be happening.

For example, you may be monitoring network performance for packet loss, transmission failures, and bandwidth utilization. You probably use a latency monitoring tool, like smokeping, to get closer to measuring service health, and an in-band tool, like tcpdump, to monitor service communication at the packet level. You triage those metrics along with your event logs and you can infer where things are likely going wrong.

If you’ve managed production applications before, you know this game well, and for the most part these tools did the trick. But they require you to know how the entire system operates in order to make that process work. As a platform operator with monolithic apps, you’ll typically have deep intrinsic knowledge of the services in use, how they interact, and how they operate at that layer for the entire system.

When you start building cloud-native applications, that holistic grasp of the entire system can quickly scale beyond any one platform operator’s reach. You could be managing hundreds or thousands of microservices in your infrastructure. Managing things like load balancing, automated deployments, encryption, cascading system failures, or troubleshooting outages can become incredibly complex without visibility into the service communication layer. That’s where the service mesh can help.

Linux.com: What are the advantages of a service mesh?

George Miranda: A service mesh adds visibility into requests that were once invisible. It turns service communication into a first-class citizen. Essentially, it provides the logic to monitor, manage, and control service requests by default, everywhere, and helps you make your microservices safe, fast, and reliable.

The service mesh is typically implemented as a set of network proxies that are deployed alongside your application code. Those proxies are transparent to your applications, so there are no code changes required to use them. That allows developers to decouple service communication logic from application code. So you can push that into a lower part of the stack where it can be more easily managed globally across your entire infrastructure. You can use that mesh to weave applications deployed between different infrastructure platforms, data centers, and cloud providers into a single fabric. We’ve had customers use the service mesh as a way of reducing lock-in risk and enabling hybrid multi-cloud deployments.

Linux.com: How does a service mesh work?

George Miranda: A service mesh consists of two main parts — a control plane, and a data plane. The data plane is the proxy layer, where service communication is happening. When you, as a user, interact with the service mesh, you interact with the control plane.

The control plane exposes new primitives you can use to control how your services communicate. Those primitives enable you to do tasks you couldn’t before — like having super granular control over managing specific service requests, setting rate limits, managing auth, setting up circuit-breaking logic, distributed tracing, and so forth. You use those primitives to compose service policies on a global or singular level inside the control plane. The data plane then reads policies from the control plane and alters its behavior accordingly.

Linux.com: What has the response to Linkerd been?

George Miranda: It’s been phenomenal. We’ve had trillions requests served by Linkerd by customers in production across a wide range of industries. We have an active community of contributors, open source users, and enterprise customers. We’ve seen the service mesh used in ways we couldn’t have imagined when we first created it.

For example, one of our customers used Linkerd to enable a move to the cloud. They make an ERP platform that obviously contains sensitive customer data. They started modernizing their application stack and made a move to microservices. As with most companies, that meant that their dev teams started to own different parts of what used to be one giant monolith. Some dev teams were great about managing sensitive data, while others did that inconsistently or not at all. When faced with the prospect of moving that data to the cloud, their Information Security team quickly put a stop to those ambitions.

Then they implemented Linkerd. They used the service mesh to decouple the need to manage secure service communication from their development teams. Instead, their dev teams could all configure their apps to make plain HTTP calls to remote services. At the wire level, Linkerd would then do a protocol upgrade to ensure all communication was happening with TLS by default. Suddenly, the platform team could then easily ensure consistency for encrypting data in transit no matter which application was in use. They were able to work with their Information Security team to find a public cloud vendor up to their standards and that’s where they’re running today. That never would have happened for them without Linkerd.

Linux.com: Are there things that catch new users off guard?

George Miranda: There are different ways to deploy the service mesh. Because it’s a series of interconnected proxies, you have options for how that’s set up. Some users prefer having one proxy deployed per physical host or VM that your containers run from. All containerized processes then route traffic through localhost and the service mesh takes it from there. But attaching the proxy to one physical or virtual host can make management more difficult if you’re not always sure where your containerized processes are running.

A common approach these days is to run the service mesh as a container sidecar and not worry about which proxy lives on each container host. The downside is that resource utilization can become a big concern in that pattern. If you have hundreds of containers on any one host, the footprint required for the service mesh suddenly begins to matter.

The service mesh needs to be remarkably small, lightweight, and incredibly fast. You don’t want to have to choose between having resilient services and sacrificing performance. You should barely be able to notice that the service mesh is even there. That’s been one of the drivers behind why we just released Conduit.

Linux.com: With all of the success behind Linkerd, why are you introducing Conduit now?

George Miranda: At Buoyant, we asked ourselves what it would take to build the ideal service mesh from the ground up, but with all the lessons we’d learned from the past 18 months of running a service mesh in production. The answer was Conduit.

Conduit’s rust-based data plane is crazy fast. With sub-millisecond latency and a tiny memory footprint it’s designed to give you the most frequently used benefits of the service mesh without getting in your way. Rust’s memory-safety benefits also help prevent introducing attack vectors that expose your services to additional risk. Conduit is incredibly fast, ultralight, and fundamentally secure. It’s easy to use, easy to get started with, and a great way to manage Kubernetes-based microservices.

Linux.com: Are there any talks in particular to watch out for at CloudNativeCon + KubeCon North America?

George Miranda: The service mesh is all over CloudNativeCon’s agenda. To me, that validates the need for the service mesh as a fundamental building block in the cloud-native stack. KubeCon + CloudNativeCon is a great place to learn more about how the service mesh can help you manage your stack.

We’ll be talking about both Linkerd and Conduit, starting with the Pancake Breakfast on Wednesday morning. For production-grade and multi-platform use cases requiring a feature-rich approach with deep integrations for modern tooling, check out Linkerd and the many customer talks around how it’s used in their stack. For a next gen and ultralight service mesh specific to Kubernetes, check out Conduit. You’ll hear about Conduit in the CNCF keynotes and we’ll dive deep with it in both our SIG and the Linkerd Salon. Check out our schedule and make sure to swing by our booth for demos.

One Month Left to Submit Your Talk to ELC + OpenIoT Summit NA 2018

By
The Linux Foundation
-

Embedded Linux Conference (ELC), happening March 12-14 in Portland, OR, gathers kernel and systems developers, and the technologists building the applications running on embedded Linux platforms, to learn about the newest and most interesting embedded technologies, gain access to leading experts, have fascinating discussions, collaborate with peers, and gain a competitive advantage with innovative embedded Linux solutions.

View Suggested Topics and Submit a Proposal to Speak

Co-located with ELC, the OpenIoT Summit serves the unique needs of system architects, firmware developers and software developers in the booming IoT ecosystem. Join experts from the world’s leading companies and open source projects and present the information needed to lead successful IoT developments and progress the development of IoT solutions.

View Suggested Topics and Submit a Proposal to Speak

Linux Foundation events are an excellent way to get to know the community and share your ideas and the work that you are doing. If you haven’t presented at ELC + OpenIoT Summit NA or other conferences before, we’d especially like to hear from you! In the instance that you aren’t sure about your abstract, reach out to us and we will be more than happy to work with you on your proposal.

Sign up for ELC/OpenIoT Summit updates to get the latest information:

Predictive Analytics in the Multicloud

By
HPE Blog
-

Cloud computing has plenty of complexities. And while many IT leaders would prefer a unified infrastructure, wherein the business standardizes on one or two cloud vendors, that is not going to happen in the real world.

The reason is simple: Applications the business depends on reside on a variety of clouds. Forcing users to stop using some applications and services in the interest of simplifying the company’s cloud mix is unreasonable. That means a multicloud strategy—managing multiple clouds simultaneously—is the only logical recourse.

Even so, managing the multicloud is a difficult task and fraught with often-unexpected obstacles. For example, abstracting the platform—simplifying the user interface by pushing complex details, such as computer code, to a lower level on the platform—is helpful for developers and users, but it can be more complicated for the IT operations staff. This sort of complexity increases management issues.

Read more at HPE 

1...438439440...10,742Page 439 of 10,742