Welcome!

Linux Containers Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Pat Romanski, Zakia Bouachraoui

Related Topics: @DevOpsSummit, Java IoT, Linux Containers, Containers Expo Blog, @CloudExpo, SDN Journal

@DevOpsSummit: Blog Feed Post

Minimal (Network) Exposure

A lesson from object-oriented principles that should be applied to the network

One of the primary principles of object-oriented programming (OOP) is encapsulation. Encapsulation is the way in which the state of an object is protected from manipulation in a way that is not consistent with the way the variable is intended to be manipulated. The variable (state) is made private, that is to say only the object itself can change it directly. Think of it as the difference between an automatic transmission and a standard (stick). With the latter, I can change gears whenever I see fit. The problem is that when I see fit may not be appropriate to the way in which the gears should be shifted. Which is how engines end up being redlined.

An automatic transmission, on the other hand, encapsulates the process of shifting gears (changing the state of the engine) and only major transitions - reverse, park, drive, neutral - are accessible by the driver.

In an object-oriented paradigm, this is how the state of an object is isolated and protected from manipulation in a way that may introduce instability or cause other logical errors in processing. If we modeled a car using an OOP object it might look like this:

car-modeledThe actual code within each of the OPERATIONS can manipulate the STATE of the car, but it does so using well-defined rules. You can't just reach in and change the state without going through the OPERATORS. Period.

What this provides is the means to do logic and error checking, ensures consistency, and means that every other part of the system that might touch that object can be assured of the integrity of its state.

So, what does all that have to do with networking and infrastructure and DevOps and SDN and... ?

Quite a bit, actually.

One of the reasons SDN and DevOps, for that matter, is so critical to the next generation of data center architectures is its ability to centralize the state of the network. Right now it's all over the place. Literally. The state of any given network is not well known because it's distributed across every router, switch and layer 4-7 service that comprises "the network." It makes troubleshooting difficult, to say the least, and there's no good way to predict how a change in the state of the network will impact, well, the network.

An object oriented approach to the network, in general, says "let's centralize state, and provide a single interface through which it can be modified." In other words, there is a single authoritative source for the state of a network.

This is the approach that Cisco has taken with its Application Centric Infrastructure (ACI). It's the approach that OpenFlow-based SDN takes, and it's generally the approach that devops is taking to treating infrastructure as code. That's the theory. To realize this in practice requires that "the network" be API-enabled, to allow the dissemination of state and telemetry necessary for the authoritative source to maintain an accurate view of the state of the network.

The danger, however, is that we end up with a bunch of infrastructure and network devices that expose state via APIs through which operators and engineers end up directly manipulating configurations. Unfortunately, it is often the case that changing one single variable on a network device can be as devastating as opening Pandora's Box. Because of the way in which different devices relate policies and ACLs and routing tables to different objects - IP addresses, VLANs, etc... - a single change can have significant repercussions.

Similarly, the order in which various objects are configured can impact the overall stability and success of a configuration. By offering up a highly granular API and leaving consumers to their own devices (ha! pun not intended, but not regretted, either) they can easily shoot themselves (or their network) in the foot.

Providing a more policy, application-focused approach to provisioning and configuration reduces the possibility of these incidents and improves the stability and therefore reliability of the network services upon which applications rely. Encouraging engineers and operators to leverage application-driven provisioning and management rather than a line by line, API call by API call functional approach reduces the API surface area required and returns to exploiting encapsulation to preserve and protect network state by ensuring consistency in how that state is changed.

This software-defined, API-driven approach is a whole new world for networking and operations because it deviates from the direct touch world in more ways than just moving from CLIs to APIs.  It's also about encapsulation; about moving from standard transmissions to automatics and trusting that the manufacturer of the car does indeed know best how and when to shift from one gear to another.

hat_tip

H/T: This article on encapsulation in code is a good read that doesn't require a lot of understanding of development that may be of interest (and helpful) to operators and network engineers http://java.dzone.com/articles/evil-getters-and-setters-where

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

IoT & Smart Cities Stories
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER gives detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPOalso offers sp...
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...