Why I’m Now Using VirtualBox with Vagrant

One of the things I often tell people is, “Use the right tool for the job.” As technologists, we shouldn’t get so locked onto any one technology or product that we can’t see when other technologies or products might solve a particular problem more effectively. It’s for this reason that I recently made VirtualBox—not VMware Fusion—my primary virtualization provider for Vagrant environments.

I know it seems odd for a VMware employee to use/prefer a non-VMware product over a competing VMware product. I’ve been a long-time Fusion user (since 2006 when I was part of the original “friends and family” early release). Since I started working with Vagrant about two years ago, I really tried to stick it out with VMware Fusion as my primary virtualization provider. I had a ton of experience with Fusion, and—honestly—it seemed like the right thing to do. After a couple of years, though, I’ve decided to switch to using VirtualBox as my primary provider for Vagrant.

Why? There’s a few different reasons:

1. Greater manageability: VirtualBox comes with a really powerful CLI tool, vboxmanage, that lets me do just about anything from the command line. In fact, the VirtualBox documentation refers to Continue reading

Installing a Specific Version of Docker Engine

In this post, I’m going to show you how to install a specific version of the Docker Engine package on Ubuntu. While working on a side project (one that will hopefully bear fruit soon), I found myself in need of installing a slightly older version of Docker Engine (1.11 instead of 1.12, to be specific). While this task isn’t hard, it also wasn’t clearly spelled out anywhere, and this post aims to help address that shortcoming.

If you’ve followed the instructions to add the Docker Apt repos to your system as outlined here, then installing the Docker Engine (latest version) would be done something like this:

apt-get install docker-engine

If you do an apt-cache search docker-engine, though, you’ll find that the “docker-engine” package is a metapackage that refers to a variety of different versions of the Docker Engine. To install a specific version of the Docker Engine, then, simply append the version (as described by the results of the apt-cache search docker-engine command) to the end, like this:

apt-get install docker-engine=1.11.2-0~trusty

This will install version 1.11.2 of the Docker Engine.

You’ll use the same syntax when you need to install a specific Continue reading

Spousetivities in Barcelona

If you’re going to be in Barcelona for either VMworld EMEA (running the week of October 17) or the fall 2016 OpenStack Summit (running the week of October 24), then I recommend you plan for your spouse/partner/girlfriend/boyfriend/whatever to join you for what I believe are some pretty spectacular Spousetivities.

VMworld EMEA

First, let’s have a quick look at the activities planned around VMworld EMEA. What’s in store? Here’s a quick sneak peek (check out the registration page for full details):

• Sailing the Mediterranean off the coast of Barcelona
• A casual 3-hour bike tour of Barcelona with tapas
• Walking tour of Barcelona with wine and food tastings
• A visit to Montserrat, with an opportunity to hear the famed Boys’ Choir and see one of the black Madonnas of Europe
• A full-day trip to the French Pyrenees for a mix of Catalan, Spanish, and French culture
• A full-day tour of Roman Tarragona and a visit to the Cistercian monastery of El Poblet

Tickets for all these events are available now. These events were sponsored by VMware NSX, Veeam, VMUG, and TVP Strategy.

OpenStack Summit Barcelona

If you’re coming to Barcelona for the OpenStack Summit instead (or perhaps staying over Continue reading

Using Vagrant with AWS

In this post, I’d like to describe how to use Vagrant with AWS, as well as provide a brief description of why this combination of technologies may make sense for some use cases. In some respects, this post is similar to my posts on using Docker Machine with OpenStack and using Vagrant with OpenStack in that combining Vagrant with AWS creates another clean “provider/consumer” model that makes it easy for users to consume infrastructure.

If you aren’t already familiar with Vagrant, I’d highly recommend first taking a look at my introduction to Vagrant, which provides an overview of the tool and how it’s used.

Prerequisites

Naturally, you’ll need to first ensure that you have Vagrant installed. This is really well-documented already, so I won’t go over it here. Next, you’ll need to install the AWS provider for Vagrant, which you can handle using this command:

vagrant plugin install vagrant-aws

Once you’ve installed the vagrant-aws plugin, you’ll next need to install a box that Vagrant can use. Here, the use of Vagrant with AWS is a bit different than the use of Vagrant with a provider like VirtualBox or VMware Fusion/VMware Workstation. In those cases, the box Continue reading

A Follow Up on SSH Bastion Hosts

This post is a follow-up on my earlier post on using an SSH bastion host. Since that article was published, I’ve gotten some additional information that I wanted to be sure to share with my readers. It’s possible that this additional information may not affect you, but I’ll allow you to make that determination based on your use case and your specific environment.

Agent Forwarding

You may recall that my original article said that you needed to enable agent forwarding, either via the -A command-line switch or via a ForwardAgent line in your SSH configuration file. This is unnecessary. (Thank you to several readers who contacted me about this issue.) I tested this several times using AWS instances, and was able to transparently connect to private instances (instances without a public IP address) via a bastion host without enabling agent forwarding. This is odd because almost every other tutorial I’ve seen or read instructs readers to enable agent forwarding. I’ve not yet determined why this is the case, but I’m going to do some additional testing and I’ll keep readers posted as I learn more.

Note that I’ve updated the original article accordingly.

The “-W” Parameter vs. Netcat

The Continue reading

Technology Short Take #71

Welcome to Technology Short Take #71! As always, I have a list of links related to various data center technologies found below; hopefully something here proves useful.

Networking

• Dmitri Kalintsev is back with another article in a series of articles on using hardware VXLAN tunnel endpoints (VTEPs) with VMware NSX. In this case, it’s on validating HW VTEP deployment for integration with NSX. In particular, Dmitri points out that you need connectivity both on the management plane as well as on the data plane.
• Here’s a handy post by Dale Coghlan on how to find object IDs for just about anything in a VMware NSX environment.

Servers/Hardware

• Intel has finally started shipping silicon photonics gear, according to this report from El Reg (news coming out of IDF16). A more detailed analysis of silicon photonics can be had over at The Next Platform.

Security

• The use of VMware NSX for microsegmentation is a really popular use case, and so the topic of scripting distributed firewall (DFW) rules often comes up. Dale Coghlan has an article on bulk DFW rule creation that might be helpful in such instances.
• This blog post on shielded VMs in Windows Server 2016 is a bit light Continue reading

VMworld 2016 Day 2 Keynote

This is a liveblog of the day 2 general session here at VMworld 2016 at Mandalay Bay in Las Vegas, NV. Today, VMware is expected to talk more about containers, end-user computing, and other topics not covered in yesterday’s general session (which focused heavily on Cross-Cloud Services, VMware’s new set of SaaS-based offerings for multi-cloud management).

The general session kicks off with Sanjay Poonen taking the stage. Poonen is an energetic speaker who’s generally very entertaining and lively. He starts his discussion with a nod to VMware’s strong customer loyalty and community, which fosters lifelong learning. That quickly transitions into a discussion of “digital transforamtion”—how technology is affecting many different areas of our lives and our society.

VMware’s proposition in digital transformation is two-fold:

1. Transform the data center to make it cloud-ready.
2. Preparing the end-user for the mobile-cloud era.

Poonen re-iterates VMware’s vision of “any cloud, any device, any application,” focusing primarily on Workspace ONE and the broad ecosystem that has formed/is forming around Workspace ONE. Poonen’s discussion of Workspace ONE will focus on three layers:

1. How apps and identity work together; identity management is key.
2. Unified management for desktops and mobile.
3. Wrapping management and security around the entire solution.

Continue reading

VMworld 2016 Day 1 Keynote

This is a liveblog of the day 1 keynote at VMworld 2016 in Las Vegas, NV. I managed to snag a somewhat decent seat in the massive bloggers/press/analysts area, though it filled up really quickly. Based on the announcements made this morning, it should be a great general session, and I’m really interested to see how its received by the community.

The keynote starts with a high-energy percussion/DJ session, followed by a talk about tomorrow—from where tomorrow will emerge, what tomorrow will look like, and what tomorrow will care about. Don’t stand in line for tomorrow; you are tomorrow, because tomorrow is about people. Which way will you face? What will you do to bring about tomorrow? All of this lines up, naturally, with VMworld’s “be_Tomorrow” theme.

After that talk Pat Gelsinger, CEO of VMware, takes the stage. He talks briefly about his foot injury, then thanks the 21 “Alumni Elite” who have attended every single VMworld. Gelsinger then moves into a discussion of buzzwords and “digital transformation,” claiming that all businesses are digital businesses, and therefore all businesses need to worry about the challenges that face digital businesses. Gelsinger talks about a couple companies that have Continue reading

Meet Me at VMworld 2016?

VMworld is upon us, and if you’ve been to the conference before you know it can sometimes be challenging to catch up with folks. (If this is your first time, now you know it can sometimes be challenging to catch up with folks.) This post is an effort to help make it a bit easier if you’re interested in meeting up with me at VMworld.

In years past, I published my schedule so that others could see what sessions I was attending, find times we could meet, etc. Now that I’m a VMware employee, registering for sessions is not permitted (customers first, as it should be!). However, it may still be helpful to show my schedule, so I’m listing it below. You can also view a read-only version of my calendar here.

Saturday, August 27, 2016

6:00 pm to sometime - vBeers at Ri Ra Irish Pub

Sunday, August 28, 2016

1:30 pm to 3:15 pm - VMworld TAM Day Ask the Experts
5:00 pm to 7:30 pm - Welcome reception in the Solutions Exchange
7:30 pm to sometime - VMUG member party

Monday, August 29, 2016

7:45 am - Prayer time (see here)
9:00 am to Continue reading

VMworld 2016 Prayer Time

For the last couple of years, I’ve helped organize a gathering of Christians for a brief time of prayer while at VMworld. This year, I’d like to again offer fellow believers attending VMworld 2016 the same opportunity to gather together for a time of prayer before starting the day. If you’re interested in attending, here are the details.

What: A brief time of prayer

Where: Mandalay Bay Convention Center, level 1 (same level as the food court), at the bottom of the escalators heading upstairs

When: Monday 8/29 through Thursday 9/1 at 7:45am (this should give everyone enough time to grab breakfast before the keynotes start at 9am)

Who: All courteous attendees are welcome, but please note that this will be a distinctly Christian-focused and Christ-centric activity. (I encourage believers of other faiths/religions to organize equivalent activities.)

Why: To spend a few minutes in prayer over the day, the conference, and the attendees

As in previous years, there’s no need to RSVP or let me know that you’ll be there, although you’re welcome to do so if you’d like. There’s also no need to bring anything except an open heart and a willingness to display your faith in front Continue reading

Technology Short Take #70

Welcome to Technology Short Take #70! In this post you’ll find a collection of links to articles discussing the major data center technologies—networking, hardware, security, cloud computing, applications, virtualization…you name it! (If there’s a topic you think I’m missing, I’d love to hear from you.)

Networking

• MTU in OpenStack Neutron has been, as this article by Sam Yaple points out, a bit of a touchy subject. Fortunately, it looks like progress has been made on that front, so check out Sam’s post for more details.
• Jason Edelman has an article from back in January that describes the use of Big Switch’s Big Cloud Fabric (BCF) and Big Monitoring Fabric (BMF) in conjunction with Ansible (via some Ansible modules that Jason himself developed).
• Dwayne Sinclair covers the basics of SpoofGuard in NSX, and how to interact with SpoofGuard via API, in this article.
• This article is a bit more OpenStack-focused, but given that it focuses pretty heavily on Neutron I thought it’d fit better here in the “Networking” section. The article talks about how to use the --allowed_address_pairs extension to build a highly-available proxy server instead of using LBaaS.
• Numan Siddique describes the native DHCP support available in OVN (Open Continue reading

Open vSwitch Now a Linux Foundation Project

News emerged today that Open vSwitch (OVS) has formally moved over to the Linux Foundation. This is something that has been discussed within the OVS community for a while, and I for one am glad to see it happen.

Why am I glad to see it happen? The project can finally shed itself of the (unfair) claims that the governance under Nicira (and later VMware) wasn’t “open enough.” These accusations persisted despite numerous indications otherwise. Thomas Graf, an OVS committer—who does not work for VMware, for the record—came to this conclusion in his OVSCon 2015 presentation:

OVS is one of the most effective and well governed open source projects I’ve worked on.

Moving to the Linux Foundation allows OVS to continue to grow and flourish without continued accusations of unfair governance. The project intends to continue to use its existing governance model, in which technical leadership of the project is determined by the committers, and committer status is determined by your involvement in the project via code contributions and code reviews.

For more information, refer to the official Linux Foundation press release.

Spousetivities at VMworld 2016

Many of you have asked, and here’s the answer: Yes, there will be Spousetivities at VMworld 2016 in Las Vegas, NV! For those of you who may be new to the VMworld scene, Spousetivities started in 2008 when my wife got together with a small group of spouses and partners traveling with the conference attendees. From there, it’s become a staple of the VMworld community events. Read on for more details on what’s planned this year at VMworld 2016!

• First up is the famous “Getting to Know You” breakfast, but with a slightly different approach. This year you’ll be cooking breakfast with Chef Phillip Dell, winner of season 9 of “Chopped”. How cool is that?
• There will be a walking tour of the Las Vegas Strip, in case there are folks that are new to Vegas.
• A trip to the Grand Canyon is available. If you haven’t yet been to the Grand Canyon, this is a great way to go—private bus, meals along the way, etc. Much easier than planning such a trip yourself!
• Of course, you’ll have the opportunity to see the Hoover Dam and Lake Mead.
• Here’s a new one: a 2-4 mile easy hike up Mount Continue reading

Technology Short Take #69

Welcome to Technology Short Take #69! In this post, I’ve collected a variety of links related to major data center technology areas. This episode is a bit long; sorry about that!

Networking

• Lindsay Hill recently noted that he’s been working to add support to netmiko for the Brocade ICX and MLXe, and is looking into support for VDX. Netmiko, if you haven’t heard, is a fantastic Python library that’s really useful when writing Python-based network automation scripts.
• I mentioned a while back that I was taking a deeper look at MPLS (to which my colleague Bruce Davie—one of the creators of MPLS—jokingly quipped, “Why are you looking at legacy tech?”). Honestly, I haven’t had a great deal of time to make much progress, but I did come across this article by Sudeep Goyal which helped reinforce some of the basics I already knew. It may prove useful to others who are also seeking to improve their knowledge of MPLS.
• Peter Phaal has been writing some really interesting stuff (interesting to me, at least). First up, there’s a great article on using IPVLAN with Docker and Cumulus Linux (with a tie back to sFlow, naturally!). I’m really eager to Continue reading

Technology Short Take #68

Welcome to Technology Short Take #68, my erratically-published collection of links, articles, and posts from around the web—all focused on today’s major data center technologies. I’ve been trying to stick to a schedule that has these posts published on a Friday, but given the pending holiday weekend I wanted to get this out a bit early. As always, I hope that something I’ve included here proves useful to you.

Networking

• Brent Salisbury retweeted a ton of MACVLAN- and IPVLAN-related posts right after I published the last Technology Short Take, so they had to get bumped to this one. First, we have this post on HiCube, which covers MACVLAN vs. IPVLAN. Next, we have a pair of articles by Sreenivas Makam; the first covers MACVLAN and IPVLAN basics, while the second tackles the Docker MACVLAN and IPVLAN network plugins. Both articles are useful, IMHO, especially considering that MACVLAN is no longer experimental as of the Docker 1.12 release.
• I recently came across this mention of in-band network telemetry (INT), which looks really powerful. I think this will be something worth watching.
• Oh, and while we’re discussing P4: Diego Dompe has an article talking about OpenSwitch and P4 that Continue reading

OVS Integration with Debian Network Scripts

I had a reader contact me recently with some questions regarding the use of Open vSwitch (OVS) on Debian “Jessie” 8.5 and using the OVS integration with the Debian network scripts. For those of you that might be unfamiliar with this functionality, it’s the ability to configure OVS via instructions and directives found in the /etc/network/interfaces file. As I was helping this reader, I came across a couple potential “gotchas” that I wanted to point out here.

First, I’ll point you to the documentation for the Debian network scripts integration, which is found in this file in the “Debian network scripts integration” section. This documentation provides the complete breakdown of the various commands that can be used in /etc/network/interfaces to configure OVS.

Based on that documentation, you could create an OVS bridge and add a physical port to that bridge by including the following stanzas in /etc/network/interfaces:

allow-ovs ovsbr0
iface ovsbr0 inet manual
  ovs_type OVSBridge
  ovs_ports eth1

allow-ovsbr0 eth1
iface eth1 inet manual
  ovs_bridge ovsbr0
  ovs_type OVSPort

Now for the gotchas…

The Debian “Jessie” repos include version 2.3.0 of OVS; the latest release in the 2.3.x train is 2.3.3. As it turns Continue reading

DockerCon 2016 Vendor Meetings

While at DockerCon 2016 in Seattle today, I took some time on the expo floor to talk to a number of different vendors, mostly focused on networking solutions. Here are some notes from these discussions. I may follow up with additional posts on some of these technologies; it will largely depend on time and the ease by which the technologies/products may be consumed.

Plumgrid

My first stop was the Plumgrid booth. I’d heard of Plumgrid, but wanted to take this time to better understand their architecture. As it turns out, their architecture is quite interesting. Plumgrid is one of the primary commercial sponsors behind the IO Visor project, a Linux Foundation project, which leverages the extended Berkeley Packet Filter (eBPF) subsystem in the Linux kernel. Using eBPF, Plumgrid has created in-kernel virtual network functions (VNFs) that do things like bridging, routing, network address translation (NAT), and firewalling. Combined with a scale-out central control plane and leveraging the Linux kernel’s built-in support for VXLAN, this enables Plumgrid to create overlay networks and apply very granular security policies to attached workloads (which could be VMs or containers).

Project Calico

Next, I stopped by the Calico booth. Unlike many of the networking Continue reading

DockerCon 2016 Day 2 Keynote

This is a liveblog for the day 2 keynote of DockerCon 2016, which wraps up today in Seattle, WA. While today’s pre-keynote warm-up doesn’t include laser-equipped kittens, the music is much more upbeat and energetic (as opposed to yesterday’s more somber, dramatic music). If the number of laptops on the podium is any indicator (yesterday it was a cue to the number of demos planned), then today’s keynote will include a few demos as well.

Ben Golub kicks off the day 2 keynote—with the requisite coffee shot that is a sacrifice to the “demo gods”—and offers up some thanks to the supporters of last night’s party at the Space Needle. Golub quick reviews the key announcements and demos from the day 1 keynote (see my liveblog here). Today, though, will be focused on democratizing Docker in the enterprise. In referring to Docker’s adoption in the enterprise, Golub shares some numbers that vary widely, and admits that it’s really difficult to know what the real adoption rate is. He points to multiple “critical transformations” occurring within the enterprise: application modernization, cloud adoption, and DevOps (process/procedure/culture changes).

This leads Golub into a discussion of anti-patterns, or fallacies. The first fallacy he Continue reading

DockerCon 2016 Day 1 Keynote

This is a liveblog for the day 1 keynote of DockerCon 2016, taking place over the next couple of days in Seattle, WA. Before the keynote starts in earnest, Gordon the Turtle entertains attendees with some “special” Docker containers that affect the display on the main stage: showing butterflies, playing sounds, launching a Docker-customized version of Pac-Man, or initiating a full-out battle of laser-shooting kittens.

The keynote starts with Ben Golub taking the stage to kick things off. Golub begins his portion with a quick “look back” at milestones from previous Docker events and the history of Docker (the open source project). Golub calls out a few particular sessions—protein folding, data analysis in sports, and extending a video game—and then unveils that these sessions are being presented by kids under the age of 13.

This leads Golub into a review of the efforts of Docker (the company) to democratize containers:

• Increasing usability
• Enhancing portability
• Extending community

Golub gives a “shout out” to the technologies underpinning modern Linux containers (namespaces, cgroups, etc., and their predecessors) and calls out the 2,900+ contributors to the open source Docker project. He then spends the next several minutes talking about various metrics—pull requests, containers Continue reading

DockerCon 2016 Day 2 Keynote

This is a liveblog for the day 2 keynote of DockerCon 2016, which wraps up today in Seattle, WA. While today’s pre-keynote warm-up doesn’t include laser-equipped kittens, the music is much more upbeat and energetic (as opposed to yesterday’s more somber, dramatic music). If the number of laptops on the podium is any indicator (yesterday it was a cue to the number of demos planned), then today’s keynote will include a few demos as well.

Ben Golub kicks off the day 2 keynote—with the requisite coffee shot that is a sacrifice to the “demo gods”—and offers up some thanks to the supporters of last night’s party at the Space Needle. Golub quick reviews the key announcements and demos from the day 1 keynote (see my liveblog here). Today, though, will be focused on democratizing Docker in the enterprise. In referring to Docker’s adoption in the enterprise, Golub shares some numbers that vary widely, and admits that it’s really difficult to know what the real adoption rate is. He points to multiple “critical transformations” occurring within the enterprise: application modernization, cloud adoption, and DevOps (process/procedure/culture changes).

This leads Golub into a discussion of anti-patterns, or fallacies. The first fallacy he Continue reading