馬嘶的網路大道

 Cloud Network Architect. Nico Vibert @nic972 The Tech industry is slow to recognize the need for an entire new profession: the Cloud Network Architect. It's somehow expected that Infrastructure engineers become Cloud Architects and somehow learn all aspects of cloud networking - it's not fair on them, just like it wouldn't be fair on me to learn intricacies of storage or database.  Cloud Networking should be a dedicated role. Here are some of the skillsets I expect in a cloud network architect: Understanding of connectivity options to the Cloud or between Clouds (an app created in the cloud (or migrated to the cloud) does not exist in a vacuum) - including VPN, Direct Connect or similar, BGP, etc. Deep expertise on Internet connectivity. By this mean: Internet peering points, content distribution, DNS, global load-balancing, SSL VPN, about CASB platforms like  @zscaler, DMZ, etc... - in summary: accessing the Internet securely and quickly or providing web-facing servic

 https://mp.weixin.qq.com/s?__biz=MzAxMDA1NjMwMQ==&mid=2651770472&idx=1&sn=f1b7dd6569d73f4fb406f697feff94a0&chksm=80ac496ab7dbc07c45ed72cc68a957b5f7f51a365f6cad08f4e8b60cf644f6a2a8c51636e33b&mpshare=1&scene=24&srcid=03233EphjRaVDvTXUPxWh7jL&sharer_sharetime=1616485786092&sharer_shareid=4f0b69694a7991d2da3888a0b82ca43e&key=d8268f3a96f14b5e8e823529ca0c627d7b8f3f33f6d6a8013c2479559e7aa0cb92feb3caeeefb878d4d9a1339e391659083a3327b2ae57df35254bffdafff670351f2d3573102720205a96a1dd93ef3c3ce0fc62bd09f67ba69cd3a0ee59e026bfb096576061305acd5ff9f463534a3c97e49ebdba68b9c9a4eed7de7c3fae16&ascene=14&uin=MTE2MzIwMzY1Ng%3D%3D&devicetype=Windows+10&version=62080079&lang=en&exportkey=CVEmcRnZ%2BBBX8%2FnPVfJngps%3D&pass_ticket=PafrHeFs%2B6JslC0mSG5fIgWaBLy4iX0l%2FIOVyoRIc9pQ6UirsEaJkOez8AdmonIv&wx_header=0 check  SR IS SDN DONE RIGHT! OPENFLOW VS SEGMENT ROUTIN G 》 SR vs Openflow 传统网络出身的我迫于生计跑到网络安全界溜达了一圈 Packet-In 模式的首包延迟、脏 flow 、DDoS、

 https://systemsapproach.substack.com/p/service-mesh-sdn-for-layer-7 所以service mesh也可能有SDN一樣的命運 webscale才玩得動

 https://datacenteroverlords.com/2021/04/14/cut-through-switching-isnt-a-thing-anymore/amp/

 https://packetpushers.net/complexity-of-networking-architecture-in-2020s/

 https://medium.com/polymatic-systems/service-mesh-wars-goodbye-istio-b047d9e533c7 service meshes only reliably support http traffic right now I try to avoid CRDs as they create vendor lock in Istio deprecated Helm deployments in favor of their istioctl command line utilit y <init containers and cronjobs cannot use the service mesh Why? The service mesh proxy container never exits. If it never exits, then the init containers and cronjobs never really “finish”. In the former, your application container will never spin up and in the latter, your cronjob will timeout and be marked as a failure.> ??? your application container’s network calls will fail until the sidecar proxy is running Anyways, there are hacks to get around this, but it means that successfully implementing a service mesh is no longer transparent to the developer as they will need to make some code or deployment modifications.

 https://blog.teliacarrier.com/2021/04/29/rethinking-internet-backbone-architectures/amp/ Radical simplification to make use of routing silicon with very different design trade-offs and implications on operations and forward-looking performance evolutions Partially disaggregate Optical Networks to drive vendor competition and standardize alien wavelengths as the default deployment paradigm – at an acceptable OPEX overhead Convergence of IP and Optical, starting with short-range, point-to-point, deployments covering the full range of operational, organizational, cultural, and technology scope