Technology Short Take 147
Published on 29 Oct 2021 · Filed in Information · 820 words (estimated 4 minutes to read)Welcome to Technology Short Take #147! The list of articles is a bit shorter than usual this time around, but I’ve still got a good collection of articles and posts covering topics in networking, hardware (mostly focused on Apple’s processors), cloud computing, and virtualization. There’s bound to be something in here for most everyone! (At least, I hope so.) Enjoy your weekend reading!
Networking
- Chris Parker shares the reason why 65535 is not part of the private autonomous system range. It’s an interesting history lesson and explanation, even if you aren’t a networking nerd.
- Dmytro Shypovalov discusses ARP problems in EVPN. I laughed at his comment regarding people stepping on rakes (read the post).
- Evgeny Khabarov’s part 4 in a series on using Envoy as an API gateway talks about authentication and authorization (aka AuthN/AuthZ). In particular, Khabarov focuses on Envoy’s
ext_authzfilter, which is what allows Envoy to check with an authorization service to see if a request is permitted or denied. - I was having a bit of difficulty fully grokking the Original Destination feature in Envoy, and I found this article to be helpful in understanding how it works and is configured. Another very helpful resource on this topic is this masterpiece by Jimmy Song.
- Julia Evans shares some tools to explore BGP.
Servers/Hardware
- David Sparks shares the specs for his new 16" MacBook Pro as well as the rationale for how he arrived at that configuration. I must confess that I am intrigued by the M1 Pro and M1 Max, but having just bought a “regular” M1 a few months ago I’m not sure I can justify the purchase. And, to be honest, my “regular” M1 is plenty snappy for what I do.
- AnandTech takes a closer look at Apple’s A15 SoC (system on a chip), which debuted in the iPhone 13.
Security
- Senthil Raja Chermapandian asks the question, “Are Kubernetes Network Policies really useful?” I see their utility as being less useful now with the rising adoption of service meshes and L7-aware CNI plugins like Cilium, but I do still believe there are valid use cases for them.
- Thomas Reed with Malwarebytes Labs has a lengthy post on how macOS attacks are evolving.
Cloud Computing/Cloud Management
- Now that Cluster API has hit 1.0 (and v1beta1 status, indicating pretty stable APIs), the Cluster API community moves on to addressing how to manage the lifecycle of groups of Kubernetes clusters. See this blog post from Fabrizio Pandini for more details.
- Want to use the Kong API Gateway with Knative? Fear not, the folks from Direktiv share their knowledge on running services with Knative and Kong.
- William Lam shares some information on using
kube-vipwith VMware’s new Tanzu Community Edition (TCE). - Jacob Schulz brought this article on Terraform modules to my attention; if you aren’t already familiar with Terraform modules, you may find it helpful.
- In this article, Alex Feiszli lays out the argument for a “wide” cluster over multiple clusters, and advocates for potentially spreading that “wide” cluster over multiple cloud providers. I have to say that, in general, I disagree with this architecture. There are a number of reasons (and I won’t go into great detail), but some of them include blast radius (if your one control plane goes down, you’re in for a world of hurt), lack of support for multiple cloud provider integrations (you’ll have to give up most, if not all, cloud provider integrations), and increased complexity (among other things, having to add and maintain additional node labels and node selectors is additional work).
- Speaking of labels, Aviad Shikloshi wrote an article on best practices for Kubernetes labels and annotations.
- Chris Evans attempts to define hybrid cloud and multi-cloud.
Operating Systems/Applications
- Kevin Alvarez shares how to potentially speed up ARM64 build times using Docker BuildX and AWS Graviton2 instances.
Virtualization
- Chris Evans shares his take on VMware’s Project Capitola.
- Frank Denneman discusses a potential gotcha in the user interface for configuring DRS in vSphere 7.
- Jason Boche walks through deploying EKS Anywhere on vSphere.
- William Lam reviews the minimum vSphere editions and features that are required for Tanzu Community Edition (TCE).
Career/Soft Skills
- I loved this article about the “follow your feet” saying. I’d never heard it before, but I like the idea of applying this to your IT career. Ask the questions you think are stupid questions. Chase down the ideas that seem like they have promise, even if they aren’t fully fleshed out yet. Try that new combination of technologies that you think may hold promise for your team or your company. In other words, follow your feet.
- I really enjoyed this article on rent vs. buy in one’s career.
That’s all, folks! (Bonus points if you get this reference.) If you have any questions, comments, or feedback, I’d love to hear from you! Feel free to contact me on Twitter, or find me in any of a variety of Slack communities.