network

Kubernetes: retrieving services and pods network CIDR block from cluster

When configuring networks and loadbalancers, sometimes you need the network CIDR block used by Services of a Kubernetes cluster.  There are various ways to pull this information from different Kubernetes implementations, but one trick that works across implementations is looking at the error message from kubectl if you attempt to create a service at an Kubernetes: retrieving services and pods network CIDR block from cluster

GCP: Private GKE Cluster with Anthos Service Mesh exposing services

As opposed to public GKE clusters which have their IP addresses exposed, private GKE clusters use private internal IP addresses.  This provides an enhanced security stance, but also means we need a solution such as Anthos Service Mesh to explicitly expose our services. In our previous article, we built a private GKE cluster using Terraform.  GCP: Private GKE Cluster with Anthos Service Mesh exposing services

Linux: Introducing latency and packet loss into network for testing

Within current distributions of Linux, there is a kernel component called netem that can be used to test and simulate the type of issues one would see over a Wide Area Network.  This component is managed with a tool called traffic controller. This can be helpful during testing/troubleshooting to emulate the network latency or packet Linux: Introducing latency and packet loss into network for testing

Ubuntu: Using strace to get a view into file and network activity of a process

strace is a handy utility for tracing system, file, and network calls on a Linux system.  It can produce trace output for either an already running process, or it can create a new process. Some of the most common troubleshooting scenarios are needing to isolate either the network or file system activity of a process.  Ubuntu: Using strace to get a view into file and network activity of a process

Ubuntu: Using Fiddler to analyze Chrome/Firefox network capture

The prevalence of the long chains of firewall and reverse proxy solutions present in production infrastructure (and made even more popular with the dynamic routing introduced with containers) has made analysis of the end-user side of the network exchange a critical tool in troubleshooting. Fiddler has long been a solid tool for both proxy capture Ubuntu: Using Fiddler to analyze Chrome/Firefox network capture

Ubuntu: Pre-Validate Network ACL and Firewall Connectivity with Netcat

Although virtualization has pushed a self-service culture for infrastructure, it is still common in production environments to need your  Network Operations team to open the required ports necessary for any new application deployment. So, while you may be able to create the base virtualized host, you can’t go much further without the network connectivity.  And Ubuntu: Pre-Validate Network ACL and Firewall Connectivity with Netcat