IT Infrastructure *

Infocenters + databases + communication systems

ArticlesPostsNewsAuthors

dokshina Dec 16 2019 at 09:41

Deploying Tarantool Cartridge applications with zero effort (Part 1)

8 min

2.1K

VK corporate blogIT Infrastructure * Database Administration * High performance * Distributed systems *

We have already presented Tarantool Cartridge that allows you to develop and pack distributed applications. Now let's learn how to deploy and control these applications. No panic, it's all under control! We have brought together all the best practices of working with Tarantool Cartridge and wrote an Ansible role, which will deploy the package to servers, start and join instances into replica sets, configure authorization, bootstrap vshard, enable automatic failover and patch cluster configuration.

Interesting, huh? Dive in, check details under the cut.

+26

emirochnik Nov 1 2019 at 02:56

Optimising server distribution across the racks

5 min

IT Infrastructure * Systems engineering * Computer hardwareServer optimization *

Recently, a colleague asked me in a chat:

— Is there an article how to pack servers into the racks properly?

I realised that I'm unaware of it. So, I decided to write my text.

Firstly, this is an article about bare metal servers in the data centre (DC) facilities. Secondly, we estimate that there are a lot of servers (hundreds or thousands); the article doesn't make sense for fewer quantities. Thirdly, we consider that there are three constraints in the racks: physical space, electric power per each one, and cabinets stay in the rows adjacent to each other, so we can use a single ToR switch to connect servers in them.

The answer to the original question depends significantly...

ultral Sep 12 2019 at 13:05

Lessons learned from testing Over 200,000 lines of Infrastructure Code

11 min

3.3K

Configuring Linux * DevOps * IT Infrastructure * IT systems testing *

IaC (Infrastructure as Code) is a modern approach and I believe that infrastructure is code. It means that we should use the same philosophy for infrastructure as for software development. If we are talking that infrastructure is code, then we should reuse practices from development for infrastructure, i.e. unit testing, pair programming, code review. Please, keep in mind this idea while reading the article.

Russian Version

ValeryKomarov Sep 11 2019 at 07:04

Configuration of the Warnings Next Generation plugin for integration with PVS-Studio

3 min

1.7K

PVS-Studio corporate blogIT systems testing * IT Infrastructure * Development Management * DevOps *

The PVS-Studio 7.04 release coincided with the release of the Warnings Next Generation 6.0.0 plugin for Jenkins. Right in this release Warnings NG Plugin added support of the PVS-Studio static code analyzer. This plugin visualizes data related to compiler warnings or other analysis tools in Jenkins. This article will cover in detail how to install and configure this plugin to use it with PVS-Studio, and will describe most of its features.

+29

sashalisik Sep 6 2019 at 10:27

How we created IoT system for managing solar energy usage

5 min

1.3K

Big Data * IT Infrastructure * System Analysis and Design * IOTSmart House

If you have no idea about the development architecture and mechanical/electrical design behind IoT solutions, they could seem like "having seemingly supernatural qualities or powers". For example, if you show a working IoT system to 18th century people, they'd think it's magic.This article is sort of busting such myth. Or, to put it more technically, about hints for fine-tuning the IoT development for an awesome project in solar energy management area.

Shapelez Sep 5 2019 at 07:27

2019 National Internet Segments Reliability Research & Report

9 min

3.7K

Qrator Labs corporate blogDecentralized networks * IPv6 * IT Infrastructure * Network technologies *

This report explains how the outage of a single AS can affect the connectivity of the impacted region with the rest of the world, especially when it is the dominant ISP on the market. Internet connectivity at the network level is driven by interaction between autonomous systems (AS’s). As the number of alternate routes between AS’s increases, so goes the fault-resistance and stability of the internet across the network. Although some paths inevitably become more important than others, establishing as many alternate routes as possible is the only viable way to ensure an adequately robust system.

The global connectivity of any AS, regardless of whether it is a minor provider or an international giant, depends on the quantity and quality of its paths to Tier-1 ISPs. Usually, Tier-1 implies an international company offering global IP transit service over connections to other Tier-1 providers. But there is no guarantee that such connectivity will be maintained. Only the market can motivate them to peer with other Tier-1’s to deliver the highest quality service. Is that enough? We explore this question in the IPv6 section below. For many ISPs at all levels, losing connection to just one Tier-1 peer would likely render them unreachable in some parts of the world.

Measuring Internet Reliability

Let’s examine a case where an AS experiences significant network degradation. We want to answer the following question: “How many AS’s in the region would lose connectivity with Tier-1 operators and their global availability along with it?”

+32

Marger1 Aug 29 2019 at 08:15

Smart Manufacturing and Industry 4.0: Three Main Technological Trends

2 min

1.1K

IT Infrastructure *

In recent years we've witnessed massive technological improvements and innovations that re-shaped how industrial objects look like and work. This shift was called an Industry 4.0, i.e., a new phase in the Industrial Revolution that focuses heavily on connectivity, automation, machine learning, and real-time data, all for increasing the productivity, fueling effectiveness of business processes and lifting up the level of security.

Shapelez Aug 14 2019 at 21:22

Qrator filtering network configuration delivery system

6 min

1.5K

Qrator Labs corporate blogIT Infrastructure * System Analysis and Design * Distributed systems * Network technologies *

TL;DR: Client-server architecture of our internal configuration management tool, QControl.
At its basement, there’s a two-layered transport protocol working with gzip-compressed messages without decompression between endpoints. Distributed routers and endpoints receive the configuration updates, and the protocol itself makes it possible to install intermediary localized relays. It is based on a differential backup (“recent-stable,” explained further) design and employs JMESpath query language and Jinja templating for configuration rendering.

Qrator Labs operates on and maintains a globally distributed mitigation network. Our network is anycast, based on announcing our subnets via BGP. Being a BGP anycast network physically located in several regions across the Earth makes it possible for us to process and filter illegitimate traffic closer to the Internet backbone — Tier-1 operators.

On the other hand, being a geographically distributed network bears its difficulties. Communication between the network points-of-presence (PoP) is essential for a security provider to have a coherent configuration for all network nodes and update it in a timely and cohesive manner. So to provide the best possible service for customers, we had to find a way to synchronize the configuration data between different continents reliably.

In the beginning, there was the Word… which quickly became communication protocol in need of an upgrade.

+19

ximaera May 21 2019 at 18:34

What is going to happen on February 1, 2020?

4 min

8.3K

Qrator Labs corporate blogDNS * Domain names administrating * IT Infrastructure * Information Security *

TL;DR: starting February 2020, DNS servers that don’t support DNS both over UDP and TCP may stop working.

Bangkok, in general, is a strange place to stay. Of course, it is warm there, rather cheap and some might find the cuisine interesting, along with the fact that about half of the world’s population does not need to apply for a visa in advance to get there. However, you still need to get acquainted with the smells, and the city streets are casting cyberpunk scenes more than anything else.

In particular, a photo to the left has been taken not far from the center of Thailand’ capital city, one street away from the Shangri-La hotel, where the 30th DNS-OARC organization meeting took place on May 12 and 13. It is a non-profit organization dedicated to security, stability, and overall development of the DNS — the Domain Name System.

Slides from the DNS-OARC 30 meeting are recommended for everyone interested in how the DNS works, though perhaps the most interesting is what is absent in those slides. Namely, a 45-minute round table with a discussion around the results of DNS Flag Day 2019, which occurred on February, 1, 2019.

And, the most impressive result of a round table is the decision to repeat DNS Flag Day once again.

+20

lol_wat Apr 25 2019 at 13:13

Thoughts On Elixir: Pros And Cons Of The Most Popular Tool For High-Load Dev

4 min

12K

Elixir/Phoenix * Erlang/OTP * IT Infrastructure * Interview

Why is Elixir/Phoenix achieving such a high rate of adoption in the software development industry? What are the best use cases of this language? Are there any drawbacks when using it? We talked to Sergiy Kukunin, a full-stack developer at Spotlight and an Elixir expert, to find answers to these and other questions.

pprometey Apr 24 2019 at 04:49

Free Wireguard VPN service on AWS

9 min

68K

IT Infrastructure * Open source * Information Security * Network technologies * System administration *

Tutorial

Translation

Free Wireguard VPN service on AWS

The reasoning

The increase of Internet censorship by authoritarian regimes expands the blockage of useful internet resources making impossible the use of the WEB and in essence violates the fundamental right to freedom of opinion and expression enshrined in the Universal Declaration of Human Rights.

Article 19
Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.

The following is the detailed 6 steps instruction for non-IT people to deploy free* VPN service upon Wireguard technology in Amazon Web Services (AWS) cloud infrastructure, using a 12 months free account, on an Instance (virtual machine) run by Ubuntu Server 18.04 LTS.

I tried to make this walkthrough as friendly as possible to people far from IT. The only thing required is assiduity in repeating the steps described below.

Homas Mar 1 2019 at 16:59

DoT for RPZ distribution

2 min

1.5K

Network technologies * Information Security * IT Infrastructure * DNS *

Just a few months ago there were a lot of buzz because IETF in expedited time frame (about one year) accepted DNS over HTTPS (DoH) as a standard (RFC-8484). The discussions about that are still going on because of its controversy. My personal opinion is that DoH is good for personal privacy (if you know how to use it and trust your DNS provider) but it is a security risk for enterprises. DNS over TLS (DoT) is a better alternative for enterprise customers only because it uses a well-defined TCP port but for personal privacy it is not good because of the same reason (easy to block).

+11

amarao Mar 1 2019 at 15:58

How to vendor a git into another git

4 min

4.2K

DevOps * Git * IT Infrastructure * Programming *

Discovering git vendor extension.

Cross-post from my medium blog: https://medium.com/opsops/git-vendor-295db4bcec3a

I would like to introduce the proper way to handle vendoring of git repositories.

What is is ‘vendoring’?

Vendoring is a way to integrate other’s work into your own. It’s the opposite of ‘linking’ against third-party library. Instead of having that library as a dependency, application uses this library as a part of own source code and keep that code ‘inside’ itself.

Normally, vendoring is done by language tooling: bundler, cargo, pip, etc. But sometimes you need to vendor something not covered by any existing toolset, or something multi-language, that it’s impossible to find the ‘core’ language tool for that.

The solution for this situation is vendoring on a git level. You have your own git repository (I call it ‘destination repo’), and you want to incorporate some other repository (I call it ‘source repo’) as a directory into your (destination repo).

The things you expect from a well-designed vendoring system (regardless of Git it is or not):

Visibility. You want to know that some code is vendored, means it wasn’t written by committer.

+14

ultral Feb 27 2019 at 09:04

Let's deploy to Openshift

5 min

6.9K

DevOps * IT Infrastructure * Kubernetes * Openshift *

This is fine

I'd like to share my story about migration an application to Openshift. Also, as a result, I will compare some of the most popular solutions and tools for managing your application inside Openshift. It is the transcription of my presentation at kubernetes SPB meetup #3.

+11

Tzimie Jan 28 2019 at 14:52

Monitoring System for Windows servers on pure SQL, and how I had secretly dragged it into the Production

5 min

1.4K

IT Infrastructure * Microsoft SQL Server *

A long time ago in a galaxy far, far away there was a company grown from a startup to something much bigger, but for a while the IT department was still compact and very efficient. That company hosted on prem hundreds of virtual Windows servers, and of course these servers were monitored. Even before I joined the company, NetIQ had been chosen as a monitoring solution.

One of my new tasks was to support NetIQ. The person, who worked with NetIQ before, said a lot about his experience with NetIQ, unfortunately, if I try to put it here it would be just a long line of ‘****’ characters. Soon I realized why. Steve Jobs is probably spinning in his grave looking at the interface like this:

+17

1 2 3