A few months ago, on this blog, we talked about MACsec. In this post, I want to introduce the work we’ve done since then. Since that work revolves around methods to configure MACsec, this will also act as a guide to configure it by two methods: wpa_supplicant alone, or NetworkManager with wpa_supplicant.
If you read the previous MACsec post, you probably thought that this whole business of generating keys and creating “secure associations” isn’t very convenient, especially given that you then have to monitor your associations and generate new keys manually. And you’re right: it’s not.
Besides, if you run RHEL or Fedora, you’re probably used to configuring your network with NetworkManager, so you would expect to be able to configure MACsec with NetworkManager as well. We’re going to describe this below. First, let’s go a little bit behind the scenes.
Continue reading “What’s new in MACsec: setting up MACsec using wpa_supplicant and (optionally) NetworkManager”
In this article, I want to provide some background details about our recently developed demonstration video – “Running Game of Life across multiple architectures with Red Hat Enterprise Linux“.
This video shows the Game of Life running in a heterogeneous environment using three 64-bit hardware architectures: aarch64 (ARM v8-A), ppc64le (IBM Power little endian) and x86_64 (Intel Xeon). If you are not familiar with the rules of this cellular automaton, they are worth checking out via the reference above.
Continue reading “Running HPC workloads across multiple architectures with Red Hat Enterprise Linux”
Networking hardware is becoming crazily fast, 10Gbs NICs are entry-level for server h/w, 100Gbs cards are increasingly popular and 200Gbs are already surfacing. While the Linux kernel is striving to cope with such speeds with large packets and all kind of aggregation, ISPs are requesting much more demanding workload with NFV and line rate packet processing even for 64 bytes packets.
Is everything lost and are we all doomed to rely on some kernel bypass solution? Possibly, but let’s first inspect what is really the current status for packet processing in the kernel data path, with a perspective look at the relevant history and the recent improvements.
We will focus on UDP packets reception: UDP flood is a common tool to stress the networking stack allowing arbitrary small packets and defeating packet aggregation (GRO), in place for other protocols.
Continue reading “The need for speed and the kernel datapath – recent improvements in UDP packets processing”
Within Red Hat knowledge sharing and collaboration are important. As a part of that many Red Hatters write books and we get the honor of sharing their knowledge with other developers. We have 7 more books in queue for the coming year and thought we would share the books you can currently download.
Continue reading Technical How-to Books for Developers – Microservices, Design Patterns, .NET, Reactive, Databases
There are infinite ways to test Virtual Switches, all tailored to expose (or hide) a specific characteristic. The goal of our test is to measure performance under stress and be able to compare versions, which may or may not have hardware offload.
Continue reading “Measuring and comparing Open vSwitch performance”
A few years back (2013-2016) in I was working as a C++ Software Development Engineer at Intel on a monolithic product with a backend written in C++ and a web frontend written in Java. The product was shipped complete with hardware and as a VMware image.
Continue reading “Why I started using containers”
When looking for installation instructions of Ansible under RHEL, I have always have found two ways:
- With epel-release (Which I don’t like just because I want to keep my system clean).
- From source code (Which I don’t like either for the same reason).
Continue reading “Managing Windows Updates with Ansible in Red Hat Enterprise Linux”