Last week the cloud native, containers and Kubernetes communities converged on Berlin, Germany for OpenShift Commons Gathering, CloudNativeCon and KubeCon. Berlin was the perfect location for this intersection of events because it is historically defined by its transition from the past to the present, and culturally by its diversity of activities and fields of knowledge. Berlin sits at […]
Quelle: OpenShift
Apple hat mit iOS 10.3.1 ein Sicherheitsupdate für iPhones und iPads veröffentlicht, das auch für iOS-Geräte mit 32-Bit-Prozessor geeignet ist. Es soll eine WLAN-Schwachstelle beheben, die von Googles Project Zero entdeckt wurde. (iOS 10, Apple)
Quelle: Golem
At Microsoft, we’re focused on enabling our customers by supporting all the technologies they depend on, and collaborating across organizational and industrial boundaries to bring the best possible experience to the cloud. Microsoft embraces open source and partner ecosystems to scale our own development efforts and accelerate innovation. Products that include Visual Studio Code, .NET, and ASP.NET are being publicly developed on GitHub with contributions from both Microsoft and non-Microsoft developers. These products are targeting Windows, Mac, and Linux. Microsoft is a contributing member of open source communities, including the Apache Software Foundation, Linux Foundation, R Consortium, and Node.js Foundation.
For the Azure cloud platform, we serve customers on a vast worldwide scale, and they bring a wide range of technology needs with them. We must provide solutions with the unique flexibility to operate seamlessly across on-premises, hybrid, and cloud infrastructure, in an operating system–agnostic environment. Today, Linux virtual machines (VMs) comprise over 33 percent of all VMs running in Azure. Many partners in the Azure Marketplace run their workloads in Linux. Our HDInsight MapReduce service is built on Apache Hadoop and supports Spark, Hive, Apache Kafka, and Apache Storm. Meanwhile, the Azure Container Service (ACS) adopts open source container technologies like Docker, Apache Mesos, and Kubernetes to run both Linux and Windows containers. By doing this, ACS provides container orchestration that’s completely portable, while also being optimized for Azure.
In this blog, I will talk about how Azure network services is extending this commitment to open technologies in containers, switching, and partner ecosystems.
Open source software in Azure Network Services
Azure network services actively look for opportunities to contribute to existing open source projects, as well as open source Azure Networking services. Considering the importance of networking to fully realize the potential of containers, we just announced Microsoft Azure VNet for Containers.
Azure VNet for Containers
Azure VNet for Containers provides the best networking experience for containers that are running in Azure. It‘s an open source project in GitHub that links together open source container orchestrator engines and the Azure network services platform. The code, written in the Go programming language, works for both Linux and Windows. We’re eager to collaborate with developers across the world to improve and advance its capabilities.
Azure VNet for Containers connects the container to your Azure Virtual Network (VNet), thereby making available the rich Azure SDN stack to containers enabling direct connectivity between containers, VMs and other resources in the VNet. Azure networking features such as Network Security Groups, route tables, load balancing, on-premises connectivity etc. are now available to containers. The solution can be plugged into the Azure Container Service for a single click use or deployed manually in individual virtual machines.
The Azure VNet for Containers is composed of a network plug-in that provides the network interface for the containers and an IPAM (IP address management) plug-in that manages the IP addresses from the VNet. There are currently two popular plug-in models for containers: the Container Network Interface (CNI) model, adopted by Kubernetes, Apache Mesos, and others, and the Container Network Model (CNM) model, used by Docker and others. The Azure container network plug-in is implemented for both models. This is also designed to be integrated directly into the open source acs-engine.
Figure 1. Azure network services support for containers
With the availability of this plug-in, the power and features of Azure network services are natively available to all the major container platforms in an open and portable fashion.
SONiC
Software for Open Networking in the Cloud (SONiC) and Switch Abstraction Interface (SAI) are two contributions that we made to the Open Compute Project (OCP) that focuses on open source datacenter technologies. Like Azure VNet for Containers, SONiC also uses containerization for fast evolution.
SONiC source code, test cases, test bed setup, and builds are fully available on GitHub. SONiC consists of core services developed by Microsoft and the community. It builds on existing open source technologies such as Docker for containers, Redis for key-value database, protocols like Quagga BGP and LLDPD, and Ansible for deployment. We used the best work in the industry to build SONiC. It evolves quickly because we’re building it with existing open source projects. We contributed SONiC back to the community to propel the advance of open networking software in a wonderful, virtuous cycle.
Figure 2. SONiC is open sourced and is built on open source technologies
SAI provides a simple, consistent, and salable interface across different ASIC chips. With the support from major silicon vendors, the SAI community grew to 77 contributors from 9 companies. Community members actively engage in weekly discussions and workshops. In two years, we had seven releases. Six switch networking stacks(network operating systems), including SONiC, OS10, OPX, FlexSwitch and others, are built on top of SAI, which is starting to become the ASIC API standard.
Learn more by viewing our OCP Summit 2017 talks about SONiC and SAI. You also can learn more about our SAI and SONiC innovations in an earlier blog in this series, SONiC: The networking switch software that powers the Microsoft Global Cloud.
Rich partner ecosystem
Network virtual appliances (NVAs) in Azure support network functionality and services in the form of VMs. NVAs include web application firewall (WAF), firewalls, gateways/routers, application delivery controllers, IDS/IPS, WAN optimizers, SD-WAN solutions, and other network functions. Customers can deploy these NVAs through the Azure Marketplace into their VNets and deployments. Examples of open sourced NVAs include NGINX and pfSense. Over 90 percent of NVAs are based on Linux or FreeBSD.
We also use open source technologies in our own NVAs. We just announced the general availability of Azure Application Gateway WAF to protect applications from the most common web vulnerabilities, as identified by Open Web Application Security Project (OWASP) Top 10 vulnerabilities. Application Gateway WAF uses the OWASP ModSecurity Core Rule Set. These rules, managed and maintained by the open source community, conform to rigorous standards.
Optics
Typically, you don’t think of optical technologies in the context of openness. However, we’ve also innovated at the optical network layer. Microsoft has incorporated new optical technologies into the Azure network. Findings from ACG Research show that the Microsoft metro network solution will result in over 65 percent reduction in total cost of ownership and power savings of over 70 percent over five years. We’ve worked with several of our partners to make available to everyone the building blocks of the Microsoft implementation of open optical systems. Microsoft is working with our partners to bring even more integration, miniaturization, and power savings into future 400 Gbps interconnects that will power our network and benefit the entire industry.
Academic publications
Many of the underlying technical innovations in Azure Networking have their roots in Microsoft Research. We published in top peer reviewed academic forums the internal designs and algorithms of the Azure Networking SDN stack (SIGCOMM 2015), programmable virtual switching (NSDI 2017) , software load balancing (SIGCOMM 2013), network virtualization (SIGCOMM 2009), and innovative diagnostics and monitoring mechanisms. Our Azure networking services team has a deep passion for tackling the hardest networking scale problems in the world. We will continue to share our innovations in academic papers to receive critical feedback about our ideas, as well as to help the network community further advance, which in turn pushes us to be better.
Summary
Over the past few years, Microsoft has embraced, and is fully committed to, open source. Our motivation is simple. We want the best technologies in the world to be available and performant in Azure. We cherish opportunities to contribute to the open source community and to incorporate the communities’ advancements into our services. Considering the scale of the issues that we face daily running one of the world’s largest networks, we are very passionate about advancing state-of-the-art networking. By sharing code via open source projects and ideas via academic forums, we accelerate innovation. We’re a different Microsoft from years past. The cloud and open source are changing the world. This is an exciting time for all of us in networking as we all strive to help customers adapt and take full advantage of the cloud.
Read more
To read more posts from this series please visit:
Networking innovations that drive the cloud disruption
SONiC: The networking switch software that powers the Microsoft Global Cloud
How Microsoft builds its fast and reliable global network
Lighting up network innovation
Azure Network Security
Quelle: Azure
AWS is pleased to release a major update to the Quick Start reference deployment for Linux bastion hosts.
Quelle: aws.amazon.com
The government will be cracking down on employers that fraudulently use visas to hire cheap labor, according to an announcement Monday morning from U.S. Citizen and Immigration Services (USCIS).
Monday was also the first day people could start applying for H-1B, or “skilled” US visas, which large tech companies including Google, Microsoft,, and Facebook rely on to hire engineering talent from overseas.
“The Trump administration will be enforcing laws protecting American workers from discriminating hiring practices,” said Sean Spicer regarding the H-1B program during a press briefing on Monday.
According to the announcement, USCIS will target its crackdown on companies that are hard to find public information on, that apply for visas for employees who work at an offsite location, and/or that are H-1B visa dependent.
Being H-1B dependent means 15% or more of your workforce is on a high-skilled work visa; Facebook, for example, is H-1B visa dependent. A spokesperson for the company didn’t immediately respond to request for comment.
In tech, the vast majority of H-1B visas go to consulting firms like Wipro, Tata and Infosys, which would be the most heavily impacted by a crackdown on the visa program. Representatives of those firms did not immediately respond to a BuzzFeed News request for comment.
During his presidential campaign, Donald Trump threatened to get rid of the skilled visa program entirely. Since then, his view on the issue seems to have tempered. (He’s also met with tech executives, some of whom are now his advisors.) More recently, the administration has said it wants to stop H-1B visa fraud — when companies use visas to access cheap foreign labor rather than to fill jobs they can’t find qualified American workers to do — while continuing to allow the highest skilled workers from other countries into the U.S.
But Trump ultimately didn’t reduce the maximum number of visas made available to employers this year.
“The H-1B visa program should help U.S. companies recruit highly-skilled foreign nationals when there is a shortage of qualified workers in the country,” Monday’s news release reads. “Yet, too many American workers who are as qualified, willing, and deserving to work in these fields have been ignored or unfairly disadvantaged. Protecting American workers by combating fraud in our employment-based immigration programs is a priority for USCIS.”
Meanwhile, on Friday, USCIS published a memo that will require employers to provide extra proof that computer programmers are, in fact, high-skilled workers deserving of jobs in the US, Bloomberg reported Monday. (A spokesperson for USCIS told Bloomberg that the memo does not reflect “a change in policy.”)
A vocal subset of American computer programmers argue that the H-1B visa program, which was started in 1990, made it possible for companies to lay off American workers and replace them with lower-paid immigrants. There’s evidence this has occurred at Disney and UCSF, and smaller employers found to be engaging in such activities have recently been indicted.
To accomplish its goal, USCIS set up an email address, REPORTH1BABUSE@USCIS.DHS.GOV, where US workers who observe fraud — as well as immigrants who believe they’re being exploited — can report abuse. The immigration agency will also “continue random and unannounced visits” to workplaces where H-1B holders are employed across the country.
“This may weed out some shady employers” who were in the process of filing H-1B petitions this week, immigration lawyer Emily Lopez Neumann told BuzzFeed News in an email. “It may also make it more difficult for legitimate employers to get the workers they need.”
Most high-skilled immigrants working in the U.S. come from China and India, and many have been waiting anxiously for news on how the Trump administration would deal with the high-skilled visa program. Earlier this year, talk of congressional H-1B visa reform caused Indian tech firms to lose more than $7 billion in value in a single hour.
Quelle: <a href="The Trump Administration Is Cracking Down On Employers Of High-Skilled Immigrants“>BuzzFeed
For Microsoft Azure, we have a long standing promise of making our prices comparable with AWS on commodity services such as compute, storage, and bandwidth. In keeping with this commitment, we are happy to announce price reductions of up to 69% on our storage-optimized virtual machines, L Series. We are also excited to share more about our next generation of Hyper-Threaded virtual machines for general purpose and memory optimized workloads that are up to 28% lower in prices than the current generation.
Price reductions on L Series
We are reducing prices by 60% to 69% on our newly-launched L Series virtual machines, effective April 1st to match recent price changes from AWS. These VMs are storage optimized sizes, best suited for low latency workloads such as NoSQL databases including Cassandra and MongoDB. L Series offers virtual machines from 4 to 32 vCPUs, based on Intel® Xeon® processor E5 v3 family with 32 to 256 GiB memory, and from 678 GB to 5.6TB of SSD disk.
New Hyper-Threaded VMs and Dv2 limited time promotion
In the next few months, Microsoft will be introducing a new generation of Hyper-Threading Technology virtual machines for general purpose workloads, Dv3, and a new family for memory optimized workloads, Ev3. This shift from physical cores to virtual cores is a key architectural change in our VMs that enables us to unlock the full potential of the latest processors. This new generation will introduce sizes with 64 vCPUs on Intel® Broadwell E5-2673 v4 2.3 processor and with 432 GiB of memory on the largest Ev3 sizes. By unlocking more power from the underlying hardware, we are able to harness better performance and efficiency, resulting in cost savings that we are passing on to our customers.
As our new Hyper-Threaded VMs become generally available in the coming months, we would like to give our customers the opportunity to take advantage of these savings early. These new Hyper-Threaded VMs will be priced up to 28% lower than Dv2 Series VMs, matching the comparable AWS instance prices. Starting today, you can provision a Dv2 Promo VM on our current generation hardware at the lower Dv3 and Ev3 VM prices, allowing you to take advantage of these cost savings now.
This promotion will be available until the launch of the Dv3 and Ev3 VMs later this year. We encourage you to deploy the Dv2 Promo VMs using Azure Resource Manager to simplify migration to the new VMs in the future.
Quelle: Azure
What is the Access Control Service?
The Microsoft Azure Access Control Service (or ACS) is a cloud-based service that provides a way of authenticating and authorizing users to gain access to web applications and services.
Changes to How Access Control Service Namespaces are Created
New ACS namespace creation will be restricted starting June 30th, 2017. If you need to create an ACS namespace beyond this date, you will need to call Azure customer support.
Azure Active Directory (Azure AD) and Azure AD B2C
ACS functionality is fully supported for existing namespaces. However, the future of ACS is Azure Active Directory. We are committed to improving and updating Azure Active Directory to natively support many of the scenarios enabled by ACS. We encourage you to explore the offerings that Azure AD B2C can provide today.
Contact Us
If you have questions or feedback about these changes or ACS in general, please do not hesitate to contact us at acsfeedback@microsoft.com.
Quelle: Azure
Falschnachrichten, Halbwahrheiten und Hetze verbreiten sich schnell über soziale Netzwerke. Die ARD will auf einem neuen Portal solche Geschichten entlarven.
Quelle: Heise Tech News
The Amazon EC2 Container Service Command Line Interface (ECS CLI) has been updated to version 0.5.0. This update includes support for managing images in the Amazon EC2 Container Registry (ECR), support for existing ELB/ALBs using the CreateService command, as well as supporting the use of R4 EC2 instance types for container clusters.
Quelle: aws.amazon.com
Der Online-Handelsriese lockt ausgewählte Blogger und Social-Media-Sternchen auf einer Beta-Plattform mit exklusiver Veraufsprovision.
Quelle: Heise Tech News
