CloudPro #18: How Google stopped the largest ever DDoS attack(398 million rps)
Bite-sized actionable content, practical tutorials, and resources for cloud professionals.
Welcome to a brand new edition of the CloudPro! In this issue, we’ll talk about:
Masterclass:
How Google stopped the largest ever DDoS attack(398 million rps)
See your risk and compliance status without sifting through spreadsheets
Secret Knowledge:
Techwave:
From the Cloud World:
Cloud Native Computing Foundation has announced the graduation of Cilium
NexGen Cloud is investing $1 billion in an AI Supercloud in Europe
Amazon SageMaker Feature Store in-memory online store for low latency feature retrieval
HackHub:
Cheers,
Shreyans Singh
Editor-in-Chief
PS: I hope you will enjoy today's newsletter! I’m all ears for your thoughts – the good, the great, and the "meh." Share your feedback and snag a free Packt eBook. It's a win-win. Can't wait to hear what you think!
Share your feedback and get a free Packt eBook!
See your risk and compliance status without sifting through spreadsheets
Eliminate manual control testing and see your compliance status at all times—giving you peace of mind and saving you time. With 525+ 5-star G2 reviews, you’ll see why 3,500+ customers choose Drata to automate compliance for SOC 2, ISO 27001, and more.
Want to see automation in action? Book a demo and get 10% off and waived implementation fees.
⭐ MasterClass: Tutorials & Guides
⭐How Google stopped the largest ever DDoS attack(398 million rps): Google successfully defended against one of the largest DDoS attacks ever recorded, peaking at an astounding 398 million requests per second. This attack employed a novel HTTP/2 "Rapid Reset" technique based on stream multiplexing. The attack works by opening multiple streams and rapidly canceling requests, overwhelming the server while incurring minimal cost to the attacker. The susceptibility to this attack has been designated as CVE-2023-44487 and is considered a high-severity vulnerability.
⭐My journey to the AWS Golden Jacket: The author shares their journey to achieve 12 AWS certifications and the quest for the coveted "AWS Golden Jacket," highlighting the significance of certifications in the IT field and the various challenges faced during their journey. They also provide insights into exam preparation and tips for success while reflecting on the accomplishment of joining a select group of individuals with all 12 certifications.
⭐Myths about Deduplication and Compression in Storage: This article debunks myths surrounding data deduplication and compression in storage solutions. It explains how compression reduces data size and highlights the challenges, particularly related to speed and seeking. It advocates application-level deduplication when it makes sense. The overall message is to prioritize hardware performance and transparency over theoretical storage gains from deduplication and compression.
⭐Handle Traffic Bursts with Ephemeral OpenShift Clusters: This article outlines a solution for handling unexpected spikes in network traffic using ephemeral OpenShift clusters in the public cloud. Key steps involve creating a management cluster, defining ClusterPools, and using Kyverno to automatically resume hibernated clusters when scaling events occur. Red Hat Service Interconnect (Skupper) is set up to connect apps across clusters. This automated approach helps manage resources efficiently and reduce costs during traffic bursts.
⭐Build Your Own Network with Linux and Wireguard: The article delves into building a private network with Wireguard, complete with two subnets for IPv4 and IPv6. It explains the routing of traffic through a VPS and how to configure packet forwarding and filtering using nftables. The author outlines the steps to establish the network and discusses different methods for expanding it, whether by connecting new machines to the VPS or creating a full mesh VPN.
🔍Secret Knowledge: Learning Resources
🔍Using Amazon CodeGuru Reviewer and Bedrock with Generative AI, developers can improve code quality and security by gaining insights into code issues, understanding recommendations, and generating refactored code based on recommendations. This process involves pushing code to a CodeCommit repository, associating it with CodeGuru Reviewer for automated analysis, and then using Bedrock to create prompts and generate code improvements.
🔍How to expose custom TCP/UDP port with Traefik Ingress on GKE? You need to configure Traefik using a values.yaml file, set up a LoadBalancer service with specific port configurations for TCP and UDP, and ensure the Traefik Helm chart is deployed as a DaemonSet on your Kubernetes cluster with resource and configuration settings as specified in the provided YAML file.
🔍Spotlight on SIG Architecture: Conformance: The article focuses on the SIG Architecture in Kubernetes, with a specific emphasis on the Conformance sub-project, highlighting the importance of conformance testing and the ongoing work to maintain and improve it, primarily requiring collaboration among SIGs and a strong understanding of Kubernetes.
🔍How Event-Driven Architectures Drive Real-Time Operations: Event-driven architectures (EDA) are transforming businesses by enabling real-time operations, with 93% of surveyed companies reporting that EDA met or exceeded their expectations, offering benefits like increased productivity and revenue growth, while top priorities include securing support from leadership, addressing IT complexities, adapting success benchmarks, maintaining clear communication.
🔍How to use AI for Kubernetes troubleshooting: To troubleshoot your Kubernetes cluster using AI, you can use K8sGPT, an open-source tool that leverages artificial intelligence to simplify cluster analysis and provide actionable suggestions. Install and set up K8sGPT, then analyze your cluster to quickly identify and resolve issues, saving time and improving cluster performance.
⚡ TechWave: Cloud News & Analysis
⚡Announcing Microsoft Playwright Testing: Microsoft has launched a new service that helps you test modern web applications at scale. It’s called Microsoft Playwright Testing. It leverages the Playwright framework, which is open-source and excellent for end-to-end testing and automation of web apps. You can run tests at scale in the cloud, speeding up test execution. It addresses the challenge of longer test suite completion times as web apps become more complex. The service allows you to run tests on different operating system-browser combinations simultaneously.
⚡Google Kubernetes Engine ongoing incident for the past 11 days: Customers are experiencing failed nodepool upgrades in Google Kubernetes Engine, leading to "Internal error" in Google Cloud Console. Retrying is suggested but may not always work. This issue started on October 2, 2023. A mitigation is being rolled out, and customers can re-create nodepools at the new version instead of upgrading in-place.
⚡Google Cloud's Enhanced ABAP SDK for SAP Developers: SAP developers now have an enhanced ABAP SDK for Google Cloud that supports over 40 additional APIs, an OAuth 2.0 authentication mechanism, and improved code sample accessibility, making it easier to integrate SAP applications with Google Cloud services.
🌐From the Cloud World:
🌐Mistral 7B now available in Amazon SageMaker JumpStart: You can now access Mistral AI's Mistral 7B foundation models via Amazon SageMaker JumpStart for effortless deployment with 7 billion parameters, offering customization for text-related tasks like summarization, coding, and math problems.
🌐The Cloud Native Computing Foundation (CNCF) has announced the graduation of Cilium, an eBPF-powered open-source solution for enhancing, securing, and monitoring network connectivity between workloads, which is now supported by over 100 organizations.
🌐CRI-O is the newest member of Kubernetes family: CRI-O, a tool used in Kubernetes, is switching its package repository to be part of the officially supported Kubernetes infrastructure hosted on pkgs.k8s.io, simplifying how packages are managed for users. This change is part of an effort to make the process smoother and more efficient.
🌐NexGen Cloud is investing $1 billion in an AI Supercloud in Europe to support AI enterprises: This cloud platform will feature over 20,000 NVIDIA GPUs and will help European businesses execute sensitive AI applications within European jurisdiction and privacy laws while providing access to high-end GPU computing for innovation and efficiency.
🌐Amazon SageMaker Feature Store in-memory online store for low latency feature retrieval: Amazon SageMaker Feature Store has introduced a managed in-memory online store for real-time access to features in high-throughput machine learning applications, powered by ElastiCache for Redis, offering convenient management and monitoring features across 18 global regions.
🛠️HackHub: Trending Tools
🛠️kubewharf/kelemetry: Global control plane tracing for Kubernetes
🛠️luraproject/lura: Ultra performant API Gateway with middlewares. A project hosted at The Linux Foundation
🛠️jenkinsci/jenkins: Jenkins automation server
🛠️etcd-io/etcd: Distributed reliable key-value store for the most critical data of a distributed system
🛠️falcosecurity/falco: Cloud Native Runtime Security
Rate today’s newsletter
lowest 1 2 3 4 5 6 7 8 9 10 highest
📢 If your company is interested in reaching an audience of developers and, technical professionals, and decision makers, you may want to advertise with us.
If you have any comments or feedback, just reply back to this email.
Thanks for reading and have a great day!