slowe

Author Archives: slowe

Liveblog: AT&T’s Container Strategy and OpenStack’s Role in it

This is a liveblog of the OpenStack Summit session titled “AT&T’s Container Strategy and OpenStack’s Role in it”. The speakers are Kandan Kathirvel and Amit Tank, both from AT&T. I really wanted to sit in on Martin Casado’s presentation next door (happening at the same time), but as much as I love watching/hearing Martin speak, I felt this like presentation might expose me to some new information.

Kathirvel kicks off the session with some quick introductions, then sets the stage for the session. Naturally, Kathirvel starts out by describing AT&T’s cloud deployment. (I say “naturally” because it seems that every presentation starts out with describing how great and how awesome the presenter’s company’s OpenStack cloud is.)

Following the discussion of AT&T’s cloud, Kathirvel launches into a discussion of container trends and demands. He indicates that he believes container usage (or demand?) for enterprise IT applications is huge (and will continue to be large), but doesn’t believe that will hold true for virtual network functions (VNFs) in telco clouds.

As for how containers and OpenStack may be coming together, Kathirvel describes three different use cases:

  1. The first use case has OpenStack managing the infrastructure, with Kubernetes (or another container Continue reading

Liveblog: OpenStack Summit Keynote, Day 2

This is a liveblog of the day 2 keynote of the OpenStack Summit in Boston, MA. (I wasn’t able to liveblog yesterday’s keynote due to a schedule conflict.) It looks as if today’s keynote will have an impressive collection of speakers from a variety of companies, and—judging from the number of laptops on the stage—should feature a number of demos (hopefully all live).

The keynote starts with the typical high-energy video that’s intended to “pump up” the audience, and Mark Collier (COO, OpenStack Foundation) takes the stage promptly at 9am. Collier re-iterates a few statistics from yesterday’s keynote (attendees from 63 countries, for example). Collier shares that he believes that all major challenges humanity is trying to solve counts on computing. “All science is computer science,” according to Collier, which is both great but also represents a huge responsibility. He leads this discussion by pointing out what he believes to be the fundamental role of open source in machine learning and artificial intelligence (ML/AI). Collier also mentions a collection of “composable” open source projects that are leading the way toward a “cloud-native” future. All of these projects are designed in a way to be combined together in a “mix-and-match” Continue reading

Using a Makefile with Markdown Documents

It’s no secret that I’m a big fan of using Markdown (specifically, MultiMarkdown) for the vast majority of all the text-based content that I create. Over the last few years, I’ve created used various tools and created scripts to help “reduce the friction” involved with outputting Markdown source files into a variety of destination formats (HTML, RTF, or DOCX, for example). Recently, thanks to Cody Bunch, I was pointed toward the use of a Makefile to assist in this area. After a short period of experimentation, I’m finding that I really like this workflow, and I wanted to share some details here with my readers.

First, if you’re not familiar with make and its use of a Makefile, check out this introduction. There’s a ton of power and flexibility here, of which I’ve only scratched the surface so far. The basic gist behind a Makefile is that it provides a set of instructions to the make command. Each set of instructions is tied to a target, which has one or more dependencies. In the “traditional” use cases for make, this is to allow programmers to define how a set of files should be compiled as well Continue reading

Technology Short Take #82

Welcome to Technology Short Take #82! This issue is a bit behind schedule; I’ve been pretty heads-down on some projects. That work will come to fruition in a couple weeks, so I should be able to come up for some air soon. In the meantime, here’s a few links and articles for your reading pleasure.

Networking

  • Kristian Larsson shows how to validate data using YANG. Practical examples like this have really helped me better understand YANG and its relationship to structured data you might exchange with a device or service.
  • There’s lots of talk about applying test-driven development (TDD) principles in various automation contexts, but I like the fact that Ajay Chenampara provides some practical examples in his blog post on applying TDD in network automation using Ansible.
  • Matt Oswalt talks about how the combination of NAPALM and StackStorm enables some interesting results, including the ability to verify configuration consistency. StackStorm isn’t something I’ve had the opportunity to learn/use at all, but it’s on my (ever-growing) list of things to check out.
  • Aaron Conole provides an overview of using the ovs-dpctl command to “program” the Open vSwitch (OVS) kernel module. It’s a bit geeky, but does provide some insight into Continue reading

Big News About the Full Stack Journey Podcast

If you’ve been following the Full Stack Journey podcast, you know that the podcast has been silent for a few months. Some of that was due to some adverse situations in life (it happens to all of us from time to time), but some of it was due to the coordination of a major transition in the podcast. And that’s the big news I’m here to share—read on for the full details!

If you’ve been in the IT industry for any reasonable length of time, especially in the networking space, you’ve probably heard of the Packet Pushers Podcast. It’s a hugely popular podcast created by Greg Ferro and Ethan Banks. In recent years, Packet Pushers has expanded from the “main show” to include other shows, including the Datanauts podcast (led by Chris Wahl and Ethan Banks). They’ve also been looking to expand their stable of podcasts to include additional relevant content.

This brings me to the big news: the Full Stack Journey podcast is joining the Packet Pushers network of podcasts! That’s right—the Full Stack Journey will be part of Packet Pushers’ growing network of podcasts. In talking with Greg and Ethan and the rest of the Packet Pushers team, Continue reading

Revisiting CentOS Atomic Host

A couple years ago, I wrote an article about how I was choosing CoreOS over Project Atomic based on some initial testing with CentOS Atomic Host builds. As it turns out—and as I pointed out in the “Update” section of that article—the Atomic Host builds I was using were pre-release builds, and therefore it wasn’t really appropriate to form an assessment based on pre-release builds. Now that both CentOS Atomic Host and CoreOS Container Linux have both grown and matured, I thought I’d revisit the topic and see how—if at all—things have changed.

In my original post, there were 4 major issues I identified (not necessarily in the same order as the original post):

  • Lack of container-specific cloud-init extensions
  • Difficulty customizing Docker daemon
  • Odd issues with cloud-init
  • Stability of the distribution

So how do these areas look now, 2 years later?

  • Container-specific cloud-init extensions: Upon a closer examination of this issue, I realized that the cloud-init extensions were actually specific to CoreOS projects, like etcd and fleet. Thus, it wouldn’t make sense for these sorts of cloud-init extensions to exist on Atomic Hosts. What would make sense would be extensions that help configure Atomic Host-specific functionality, though (to be honest) Continue reading

Liveblog: DockerCon 2017 Day 2 Keynote

This is a liveblog of the day 2 keynote (general session) of DockerCon 2017 in Austin, TX. For a look at what was announced or discussed in the day 1 keynote yesterday, see this liveblog. You can also see all DockerCon 2017-related posts by browsing the posts tagged with “DockerCon2017” (see the links at the bottom of this page). Before the keynote starts, there’s some nice live music playing; a welcome change (in my opinion) from yesterday’s video game.

At 9:03am, Ben Golub takes the stage to kick off the day 2 general session. He starts off by reviewing some proposed Docker logos, with a hint toward an announcement at the end of the session (presumably around changing Docker’s logo).

Golub then transitions into the meat of the general session presentation, which (understandably) is focused on Docker in the enterprise. He reviews the usual slide with notable logos from Docker customers. He also discusses some results from a company called ETR, which (apparently) shows Docker is “off the charts” in terms of adoption and market penetration within the enterprise. Golub also debunks the bi-modal IT structure model, saying that Docker’s customers only want one thing: speed (as in moving faster, Continue reading

DockerCon 2017 Day 1 Keynote

This is a liveblog of the day 1 keynote (general session) of DockerCon 2017 in Austin, TX.

At 9:05am, Ben Golub, CEO of Docker, Inc., takes the stage to kick off the general session and the conference. Golub starts the presentation by reviewing Docker’s four-year history and all the things that have changed over the last three years since the very first DockerCon—from the size of Gordon (Docker’s tortoise mascot) to the amount of growth in Docker usage (via statistics in the number of Docker hosts, the number of Docker-ized apps, the number of image pulls from Docker Hub, and so forth).

Golub continues by mentioning some of the various use cases for Docker. One use case mentioned is Intuit’s use of Docker, and Golub points out that the person responsible for running Intuit’s systems is confident enough in their systems that they’re attending DockerCon on Tax Day (when as many as 25 million tax returns are expected to be processed).

Shifting gears a bit, Golub talks a bit more about the changes over the last 3 years in regards to Docker (the open source project) itself. Stakeholders have changed, and the nature of the project (now projects) has Continue reading

DockerCon 2017 Black Belt Session: Cilium for Network and Application Security

This is a liveblog of the DockerCon 2017 Black Belt session led by Thomas Graf on Cilium, a new startup that focuses on using eBPF and XDP for network and application security.

Graf starts by talking about how BPF (specifically, extended BPF or eBPF) can be used to rethink how the Linux kernel handles network traffic. Graf points out that there is another session by Brendan Gregg on using BPF to do analysis performance and profiling.

Why is it necessary to rethink how networking and security is handled? A lot of it has not evolved as application deployments have evolved from low complexity/low deployment frequency to high complexity/high deployment frequency. Further, the age of unique protocol ports (like SMTP on port 25 or SSH on port 22) is coming to a close, as now many different applications or services simply run over HTTP. This leads to “overloading” the HTTP port and a loss of visibility into which applications are talking over that port. Opening TCP port 80 in a situation like this means potentially exposing more privileges than desired (the example to use other HTTP verbs, like PUT or POST instead of just GET).

Graf quickly moves into a Continue reading

Liveblog: Creating Effective Images

This is a liveblog for the DockerCon 2017 session titled “Creating Effective Images.” The speaker is Abby Fuller, a Senior Technical Evangelist with Amazon Web Services. Abby is a former operations engineer who was an early consumer of Amazon’s Elastic Container Service (ECS), and some of her learnings came about the “hard way.” This session is from the “Using Docker” track.

Fuller starts with reviewing the agenda, and shares that she’s intent on providing some practical tips that attendees can put to work immediately.

The first topic that Fuller tackles is the topic of container layers. A Docker container is made up of the read-only layers from the image itself, and a read/write layer at “the top” of the layers. Why do we care? Fewer layers means a smaller image, and smaller images means faster builds and faster deploys. (You may also see a reduced attack surface.)

The differences in making smaller images is important, Fuller explains, because the frequency of deployments is increasing (more deployments happening more quickly), and more containers are being deployed (sometimes at the behest of a CI/CD pipeline). This can result in significant amounts of disk space being consumed unnecessarily.

Some high-level Continue reading

The Linux Migration: April 2017 Progress Report

In December 2016, I kicked off a migration to Linux (from OS X) as my primary laptop OS. In the nearly 4 months since the initial progress report, I’ve published a series of articles providing updates on things like which Linux distribution I selected, how I’m handling running VMs on my Linux laptop, and integration with corporate collaboration systems (here, here, and here). I thought that these “along the way” posts would be sufficient to keep readers informed, but I’ve had a couple of requests in the last week about how the migration is going. This post will help answer that question by summarizing what’s happened so far.

Let me start by saying that I am actively using a Linux-powered laptop as my primary laptop right now, and I have been doing so since early February. All the posts I’ve published so far have been updates of how things are going “in production,” so to speak. The following sections describe my current, active environment.

Linux Distribution

In my initial progress report, I’d tentatively chosen to use Ubuntu 16.04 LTS (“Xenial Xerus”). However, a short while later I switched to Fedora 25, and have settled Continue reading

Technology Short Take #81

Welcome to Technology Short Take #81! I have another collection of links, articles, and thoughts about key data center technologies, and hopefully I’ve managed to include something here that will prove useful or thought-provoking. Enjoy!

Networking

The Linux Migration: Corporate Collaboration, Part 3

In discussing support for corporate communication and collaboration systems as part of my Linux migration, I’ve so far covered e-mail in part 1 and calendaring in part 2. In this post, I’m going to discuss the last few remaining aspects of corporate collaboration: instant messaging/chat, meetings and teleconferences, and document sharing.

Teleconferences and meetings

The topic of teleconferences and meetings is closely related to calendaring—it’s often necessary to access your calendar or others’ calendars when coordinating meetings or teleconferences—so I encourage you to read part 2 to get a better feel for the challenges around calendaring/scheduling. All the same challenges from that post apply here. GNOME Calendar, although it offers basic Exchange Web Services (EWS) support, does not support meeting invitations, looking up attendees, free/busy information, etc. This makes it completely unusable for setting up meetings. Evolution provides the backend support that GNOME Calendar uses but may be better suited as a frontend; I haven’t tested this functionality so I don’t know. This EWS provider for Lightning does support free/busy information, inviting attendees, etc., so it may be a good option (I’m still testing it).

The second aspect of teleconferences/meetings is the actual conduct of the meeting itself. Hosting Continue reading

Easily Finding the Latest CoreOS AMI ID

It seems as if finding the right Amazon Machine Image (AMI) ID for the workload you’d like to deploy can sometimes be a bit of a challenge. Each combination of region and AMI produces a unique ID, so you have to look up the AMI for the particular region where you’re going to deploy the workload. This in and of itself wouldn’t be so bad, but then you have to wade through multiple versions of the same AMI in each region. Fortunately, if you’re using CoreOS Container Linux on AWS, there’s an easy way to find the right AMI ID. Here’s how it works.

CoreOS publishes a JSON feed of the latest AMI for each of their channels (stable, beta, and alpha). You can find links to these JSON feeds on this page. This is powerful for 2 reasons:

  1. Because it’s available via HTTP, you can use curl to retrieve it anytime you need it.

  2. Because it’s in JSON, you can use jq (see my post on jq for more information) to easily parse it to find the information you need. (Not super comfortable with JSON? Check out my introductory post.)

Putting these two reasons together, you end up Continue reading

Canceling the OVS Cookbook Project

In my list of proposed 2017 projects, I mentioned that I wanted to launch an open source book project. In late February, I launched The Open vSwitch Cookbook, an unofficial—as in not formally affiliated with the Open vSwitch (OVS) project—effort to gather together OVS “recipes” into an open source book. Today, I’m shutting down that project, and here’s why.

It really comes down to wanting to be a better member of the OVS community. I honestly hadn’t anticipated that the OVS community might prefer that the information I was going to gather in these “recipes” be collected in the OVS documentation (which has undergone a tremendous transformation). Instead of creating yet another source of information for OVS, I’ll focus my efforts on expanding the upstream documentation. This will take some effort on my part—I’ll need to learn reStructuredText and spend some time understanding how the docs are organized now—but I think that it’s the better long-term option for the OVS community as a whole.

And what about my goal for launching an open source book project? I’ll continue to evaluate options on that front to see if it makes sense, and I’ll post here if and when something happens.

The Linux Migration: Corporate Collaboration, Part 2

This post is part 2 in a series of posts describing how I’ve integrated my Fedora Linux laptop into my employer’s corporate communication and collaboration systems. Part 1 tackled e-mail; this post tackles the topic of calendaring and scheduling. Unlike e-mail, which was solved relatively easily, this issue is one that I don’t consider fully solved.

As I mentioned in part 1, my employer uses Office 365 (O365). While O365 supports standard protocols like IMAP and STMP for mail, it does not support standard protocols like CalDAV for calendaring. This means that Linux users like me are left with only a few options:

  1. You can use Mozilla Thunderbird with the Lightning add-on, but you’ll also need an Exchange provider. (The paid Exquilla add-on only handles mail and contacts, not calendaring. There’s a Lightning provider available here, but I haven’t tested it.)
  2. You can use Evolution.
  3. You can use GNOME Calendar (which leverages the Evolution back-end along with Evolution’s support for Exchange Web Services [EWS]).
  4. You can use Microsoft Outlook, either via a VM (or possibly via WINE, though I haven’t tested the latter approach).

I’d already ruled out Evolution for e-mail, so it didn’t make a Continue reading

Technology Short Take #80

Welcome to Technology Short Take #80! This post is a week late (I try to publish these every other Friday), so my apologies for the delay. However, hopefully I’ve managed to gather together some articles with useful information for you. Enjoy!

Networking

  • Biruk Mekonnen has an introductory article on using Netmiko for network automation. It’s short and light on details, but it does provide an example snippet of Python code to illustrate what can be done with Netmiko.
  • Gabriele Gerbino has a nice write-up about Cisco’s efforts with APIs; his article includes a brief description of YANG data models and a comparison of working with network devices via SSH or via API.
  • Giuliano Bertello shares why it’s important to RTFM; or, how he fixed an issue with a Cross-vCenter NSX 6.2 installation caused by duplicate NSX Manager UUIDs.
  • Andrius Benokraitis provides a preview of some of the networking features coming soon in Ansible 2.3. From my perspective, Ansible has jumped out in front in the race among tools for network automation; I’m seeing more coverage and more interest in using Ansible for network automation.
  • Need to locate duplicate MAC addresses in your environment, possibly caused by cloning Continue reading

The Linux Migration: Other Users’ Stories, Part 4

This post is part of a series of posts sharing other users’ stories about their migration to Linux as their primary desktop OS. As I mentioned in part 1 of the series, there seemed to be quite a bit of pent-up interest in using Linux as your primary desktop OS. I thought it might be helpful to readers to hear not just about my migration, but also about others’ migrations. You may also find it interesting/helpful to read part 2 and part 3 of this series for more migration stories.

This time around I’ll share with you some information from Ajay Chenampara about his Linux migration. Note that although these stories are all structured in a “question-and-answer” format, the information is unique—just as each person’s migration and the reasons for the migration are unique.

Q: Why did you switch to Linux?

I have been a long-time Linux user, but I have only really used it as a media server or for casual browsing. Recently, I inherited a 7 year old laptop from my wife, and decided to focus on making it my primary system for writing my blog and for OSS efforts. Plus, I kept hearing about Debian “Jessie” Continue reading

The Linux Migration: Corporate Collaboration, Part 1

One major aspect of my migration to Linux as my primary desktop OS is how well it integrates with corporate communication and collaboration systems. Based on the feedback I’ve gotten from others on Twitter, this is a major concern for a lot of folks out there. In fact, a number of folks have indicated that this is the only thing keeping them from migrating to Linux. There are a number of different aspects to “corporate communication and collaboration,” so I’m breaking this down into multiple posts (each post will discuss one particular aspect). In this post, I’ll discuss integration with corporate e-mail.

Because corporate e-mail is such an important part of how people communicate these days, it’s a fairly significant concern when thinking of migrating to Linux. Fortunately, it’s actually pretty easy to solve.

My employer, like many companies out there, uses Office 365 for corporate e-mail. Many people think that this locks them into Outlook on the desktop side, but that’s not accurate. (Now, you may be locked into Outlook for other reasons, like calendaring—a topic I’ll touch on in part 2 of this series.) For Office 365 users, there are three paths open for accessing corporate e-mail:

  1. Continue reading

The Linux Migration: Other Users’ Stories, Part 3

Over the last few weeks, I’ve been sharing various users’ stories about their own personal migration to Linux. If you’ve not read them already, I encourage you to check out part 1 and part 2 of this multi-part series to get a feel for why folks are deciding to switch to Linux, the challenges they faced, and the benefits they’ve seen (so far). Obviously, Linux isn’t the right fit for everyone, but at least by sharing these stories you’ll get a better feel whether it’s a right fit for you.

This is Brian Hall’s story of switching to Linux.

Q: Why did you switch to Linux?

I’ve been an OS X user since 2010. It was a huge change coming from Windows, especially since the laptop I bought had the first SSD that I’ve had in my primary machine. I didn’t think it could get any better. Over the years that feeling started to wear off.

OS X started to feel bloated. It seemed like OS X started to get in my way more and more often. I ended up formatting and reinstalling OSX like I used to do with Windows (maybe not quite as often). Setting up Mail to Continue reading

1 2 3 4 8