DockerCon 2016 Day 2 Keynote
This is a liveblog for the day 2 keynote of DockerCon 2016, which wraps up today in Seattle, WA. While today’s pre-keynote warm-up doesn’t include laser-equipped kittens, the music is much more upbeat and energetic (as opposed to yesterday’s more somber, dramatic music). If the number of laptops on the podium is any indicator (yesterday it was a cue to the number of demos planned), then today’s keynote will include a few demos as well.
Ben Golub kicks off the day 2 keynote—with the requisite coffee shot that is a sacrifice to the “demo gods”—and offers up some thanks to the supporters of last night’s party at the Space Needle. Golub quick reviews the key announcements and demos from the day 1 keynote (see my liveblog here). Today, though, will be focused on democratizing Docker in the enterprise. In referring to Docker’s adoption in the enterprise, Golub shares some numbers that vary widely, and admits that it’s really difficult to know what the real adoption rate is. He points to multiple “critical transformations” occurring within the enterprise: application modernization, cloud adoption, and DevOps (process/procedure/culture changes).
This leads Golub into a discussion of anti-patterns, or fallacies. The first fallacy he Continue reading
DockerCon 2016 Day 1 Keynote
This is a liveblog for the day 1 keynote of DockerCon 2016, taking place over the next couple of days in Seattle, WA. Before the keynote starts in earnest, Gordon the Turtle entertains attendees with some “special” Docker containers that affect the display on the main stage: showing butterflies, playing sounds, launching a Docker-customized version of Pac-Man, or initiating a full-out battle of laser-shooting kittens.
The keynote starts with Ben Golub taking the stage to kick things off. Golub begins his portion with a quick “look back” at milestones from previous Docker events and the history of Docker (the open source project). Golub calls out a few particular sessions—protein folding, data analysis in sports, and extending a video game—and then unveils that these sessions are being presented by kids under the age of 13.
This leads Golub into a review of the efforts of Docker (the company) to democratize containers:
- Increasing usability
- Enhancing portability
- Extending community
Golub gives a “shout out” to the technologies underpinning modern Linux containers (namespaces, cgroups, etc., and their predecessors) and calls out the 2,900+ contributors to the open source Docker project. He then spends the next several minutes talking about various metrics—pull requests, containers Continue reading
DockerCon 2016 Day 2 Keynote
This is a liveblog for the day 2 keynote of DockerCon 2016, which wraps up today in Seattle, WA. While today’s pre-keynote warm-up doesn’t include laser-equipped kittens, the music is much more upbeat and energetic (as opposed to yesterday’s more somber, dramatic music). If the number of laptops on the podium is any indicator (yesterday it was a cue to the number of demos planned), then today’s keynote will include a few demos as well.
Ben Golub kicks off the day 2 keynote—with the requisite coffee shot that is a sacrifice to the “demo gods”—and offers up some thanks to the supporters of last night’s party at the Space Needle. Golub quick reviews the key announcements and demos from the day 1 keynote (see my liveblog here). Today, though, will be focused on democratizing Docker in the enterprise. In referring to Docker’s adoption in the enterprise, Golub shares some numbers that vary widely, and admits that it’s really difficult to know what the real adoption rate is. He points to multiple “critical transformations” occurring within the enterprise: application modernization, cloud adoption, and DevOps (process/procedure/culture changes).
This leads Golub into a discussion of anti-patterns, or fallacies. The first fallacy he Continue reading
Configuring Linux Policy Routing using Ansible
In this post, I’m going to talk about using Ansible to configure policy routing on Linux. If you’re not familiar with Linux policy routing, have a look at this post, and also review this post for one potential use case (I’m sure there are a number of other quite valuable use cases).
As you may recall from the policy routing introductory post, there are three steps involved in configuring policy routing:
- You must define the new routing table in
/etc/iproute2/rt_tables - You must add routes to the new routing tables
- You must define rules for when the new routing table is consulted
All three of these tasks can be handled via Ansible.
To address step #1, you can use Ansible’s “lineinfile” module to add a reference to the new routing table in /etc/iproute2/rt_tables. For example, consider this Ansible task:
- lineinfile: dest=/etc/iproute2/rt_tables line="200 eth1"
This snippet of Ansible code would add the line “200 eth1” to the end of the etc/iproute2/rt_tables file (if the line does not already exist). This takes care of task #1.
For tasks #2 and #3, you can use a Jinja2 template. Because the creation of the policy routing rule and the routing table entries can Continue reading
Technology Short Take #67
Welcome to Technology Short Take #67. Here’s hoping something I’ve collected for you here proves useful!
Networking
- Anthony Burke has written a script that uses VMware NSX to protect VMware Log Insight instances. More information on the script is in his blog post.
- Russ White tackles the issue of networking engineers needing to learn to code. Is it necessary? Russ thinks so—but probably not for the reasons you might think. I tend to agree with Russ’ line of thinking.
- This article from Marcos Hernandez shows one way to do dynamic routing in OpenStack. It’s a bit of a hack, to be honest, but it gets the job done until dynamic routing makes its way into OpenStack Neutron (which looks like it may have landed in the Mitaka release—can anyone confirm?).
- Jason Messer has an article describing how networking works with Windows containers.
- Tom Hollingsworth discusses how the rise of overlay networks killed large layer 2 networks and tools for building large layer 2 networks, like TRILL.
- Dmitri Kalintsev examines some options for addressing storage-related connectivity in NSX environments.
Servers/Hardware
- Drew Conry-Murray shines a light on Intel’s network ambitions. This is something I’ve been watching for a couple of years, Continue reading
Spousetivities at DockerCon 2016
Long-time readers of my site know that my wife, Crystal, launched what is now known as Spousetivities at VMworld 2008. Since that time, she’s been able to organize activities for hundreds of companions at dozens of events around the world. This year she’s adding another event to the roster: DockerCon 2016 in Seattle!
That’s right, Crystal and Spousetivities will be available at DockerCon in Seattle. Here’s a quick look at some of the things she’s got planned:
- Morning yoga on both Monday and Tuesday (both days of the conference), led by a Docker employee
- Food tour plus a visit to Woodland Park Zoo (great option for attendees traveling with kids)
- Tours of Seattle on both Monday and Tuesday, including stops at the Space Needle, Pioneer Square, Pike Place Market, and the Kerry Park scenic overlook.
- Wine and chocolate tastings plus a visit to Sqonalmie Falls
All in all, it sounds like a great set of activities. Also, I’m very impressed that DockerCon is also offering childcare during the event. Between Spousetivities offering kid-friendly events both days and DockerCon providing childcare, there’s no reason not to bring the family with you to Seattle.
If you’re interested in signing up for any Continue reading
Podcast Update
As many of you probably know, I launched a new podcast, called the Full Stack Journey Podcast, back in January. (Here’s the blog post announcing the new podcast.) In this post, I wanted to provide a quick update on the podcast.
Dedicated Website Now Up
First, the podcast now has its own website! Like this site, the Full Stack Journey site is a Jekyll-powered site hosted on GitHub (here’s the site’s repository). I find the Jekyll+GitHub Pages workflow works really well for me, so leveraging the same workflow for the Full Stack Journey site—as opposed to using WordPress or some other CMS—will (hopefully) help make it easier to continue to produce and publish the podcast.
Late Episodes Available
The effort involved in getting the dedicated site up took up a fair amount of time over the last few weeks. This leads me to the second point, which is that I’ve published episode #4 with Brent Salisbury, and will soon (in the next few days) be publishing episode #5 with Patrick Kelso. These episodes are very late (sorry!). June’s episode shouldn’t be as late, and I’m aiming to be back on track with an early July Continue reading
Thoughts on Luminus Networks
Late last week, Cyrus Durgin from Luminus Networks published an article on SDx Central titled “The (R)evolution of Network Operations.” You may notice that my name is mentioned at the bottom of the article as someone who provided feedback. In this post, I’d like to share some thoughts—high-level and conceptual in nature—on network operations and Luminus Networks.
I was first introduced to Luminus Networks when I met its CEO, Kelly Wanser, at the Open Networking User Group (ONUG) meeting in New York City last November. We met again in the Denver area in late December, and Kelly gave me a preview of what Luminus was building. I must confess that I was immediately intrigued by what Kelly was describing. One key thing really jumped out at me: we need to treat the network as a system, not as a bunch of individual elements.
When it comes to network monitoring/management/operations, so many of the tools are focused on the individual elements that comprise a network: provisioning a switch, pushing configuration changes to a router or group of routers, polling counters from interfaces on switches, etc. While there’s nothing wrong with any of these things, it seems to me that there’s Continue reading
Technology Short Take #66
Welcome to Technology Short Take #66! In this post you’ll find a collection of links to articles about the major data center technologies. Hopefully something I’ve included here will be useful to you. Enjoy!
Networking
- I recently spoke at Interop 2016 in Las Vegas, and while I was there I scribbled down some notes pertaining to how decomposing applications into microservices-based architectures was similar in some respects to decomposing networks into an overlay network and an underlay (physical) network. It’s still something I’m exploring, but I hope to get something written up soon. In the meantime, I’d love to hear your thoughts about it. Feel free to hit me up on Twitter or drop me an e-mail.
- While I’m talking about the overlay/underlay model, I found this article by Tom Nolle discussing how using the overlay/underlay model could enable agile infrastructure. It’s a good post, well worth reading (in my opinion).
Servers/Hardware
Nothing this time around. Maybe next time?
Security
- In the event you’re interested in an idea of how much latency the use of in-kernel hypervisor firewalling (such as that offered by VMware NSX) adds, have a look at this article by Sean Howard.
Cloud Computing/Cloud Management
- Michael Wittig Continue reading
Using Terraform to Build an etcd2 Cluster on OpenStack
In this post I’ll build on my earlier introduction to Terraform to show a practical example of using Terraform to build a CoreOS-based etcd2 cluster on OpenStack. This information is based upon a demo that I created for a session at the Austin OpenStack Summit in late April, so all the files I reference in this post are available in the GitHub repo for that session.
You may recall that Terraform is a platform-independent orchestration tool that allows you to create configurations (in either Terraform format or JSON format) specifying resources to be created/modified/deleted. This allows users to take an “infrastructure as code” approach where infrastructure configuration can be declaratively defined and managed via well-known version control mechanisms. In my previous post, I used JSON for the Terraform configurations; in this post, I’ll use the “standard” Terraform format.
As in the intro to Terraform post, I’ll use three different files:
- The
vars.tffile, which contains variables we’ll reference later - The
main.tffile, which has the actual resource definitions - The
output.tffile, which will provide some feedback to the user on the resources being created by Terraform (in this case, IP addresses)
Note that there’s no Continue reading
Building a VMware-Formatted Cumulus VX Vagrant Box
In this post, I’m going to walk you through the process I used to build a Vagrant box for Cumulus VX that will work with VMware desktop hypervisors (like VMware Fusion or VMware Workstation). Although Cumulus Networks offers several different versions of Cumulus VX to download, they do not (strangely enough) offer a Vagrant box that will work with VMware’s desktop hypervisors.
If you’re not familiar with Cumulus VX, it’s a virtual appliance version of Cumulus Linux. This allows you to test Cumulus Linux without needing compatible network hardware. This is really handy for testing configuration management tools against Cumulus Linux, for testing complex topologies before you implement them in production, or just for getting a feel for how Cumulus Linux works.
Naturally, this sounds like a perfect fit to use with Vagrant, so if you’re interested—as I am/was—in running Cumulus VX with Vagrant using a VMware desktop hypervisor, then the process described below should get you all fixed up.
First, you’ll want to get a hold of the VMware version of Cumulus VX. Navigate over to the Cumulus VX download page (a free registration is required), and download the VMware version. This will download an OVA file. Don’t Continue reading
Installing Ansible 2.x in a Python Virtualenv on OS X
In this post, I’m going to walk you through the steps to install Ansible 2.x into a Python virtual environment (virtualenv) on OS X. There’s nothing terribly hard or unusual about this process, but I wanted to document it here for folks who might be new to the process (or who might be interested in why using this approach could be beneficial).
I’m stumbled into this process because I had been using Ansible 1.9.x and wanted to upgrade to Ansible 2.x so that I could use some of the new OpenStack-related modules. (These are modules that allow you to manipulate OpenStack-based resources, like instances or networks, using Ansible playbooks, and they were introduced with the release of Ansible 2.x.) The new modules had some additional Python dependencies, and installing these Python dependencies on OS X can be challenging at times (due to System Integrity Protection [SIP]). For example, installing the shade module on my OS X El Capitan system ran afoul of SIP.
The answer is to use Python virtual environments (aka “virtualenvs”). Virtualenvs provide a mechanism whereby you can isolate Python dependencies between different Python-based projects. You create a Python virtualenv, then Continue reading
Prayer Time at the Austin Summit
A large portion of the OpenStack community is gathered in Austin this week for the Spring 2016 OpenStack Summit. As I’ve done at previous Summits (and other events), I’m offering to gather with other Christian believers for a brief time of prayer in the mornings before the sessions kick off each day.
Normally I get these arranged much earlier, so I apologize for not getting this out there sooner. That being said, if you’re a Christian and interested in gathering for a brief time of prayer, we will be meeting outside the Austin Convention Center at 8:30 am. We’ll meet along East 4th Street, on the convention center side of the Downtown Station.
Anyone is welcome to join us, but please note that this will be a distinctly Christian-focused and Christ-centered event.
You don’t need to RSVP or let me know you’ll be there; just feel free to stop by. I hope to see you there!
Technology Short Take #65
Welcome to Technology Short Take #65! As usual, I gathered an odd collection of links and articles from around the web on key data center technologies and trends. I hope you find something useful!
Networking
- Michael Ryom has a nice (but short) article on using Log Insight along with a NetFlow proxy to help provide more detailed visibility into traffic flows between VMs on NSX logical networks.
- Brent Salisbury has an article on GoBGP, a Go-based BGP implementation. BGP seems to be emerging as an early front-runner for a standards-based control plane for software networking. Couple something like GoBGP with IPVLAN L3 (see Brent’s article) and you’ve got a new model for your data center network.
- Andy Hill has an article on doing rolling F5 upgrades using Ansible.
- Filip Verloy has an article that discusses the integration between Nuage Networks and Fortinet.
- This should probably go in the “Cloud Computing/Cloud Management” section, but the boundaries between areas are getting more and more blurry every day. (Thankfully, due to LASIK my vision is sharper than ever.) In any case, here’s a post by Marcos Hernandex on the use of subnet pools in OpenStack. Although Marcos’ post discusses them Continue reading
Technology Short Take #64
Welcome to Technology Short Take #64. Normally, I try to publish Short Takes on Friday, but this past Friday was April Fools’ Day. Given the propensity for “real” information to get lost among all the pranks, I decided to push this article back to today. Unlike most of what is published around April Fools’ Day, hopefully everything here is helpful, informative, and useful!
Networking
- Phil Gervasi has an article on fate sharing in the network core, where he discusses some of the advantages—and disadvantages—of centralizing the control plane in network designs. The examples Phil uses include StackWise, Virtual Switching System, and Virtual Port Channels.
- Alban Crequy has a post on using Linux queueing disciplines (qdiscs, for short) to help with testing application behavior under degraded network conditions. This is really interesting and something that I want to explore in more detail.
- Cumulus Networks has added another hardware partner to its list of supported hardware partners; this time it’s Mellanox, as outlined in this SDx Central article.
- Carlos Cardenas has a great post that does a great job of explaining SAI (Switch Abstraction Interface) and switchdev, two key abstraction layers involved in building Linux-based network operating systems (NOSes). Carlos Continue reading
Docker Machine, OpenStack, and SSH Keys
I wanted to provide readers a quick “heads up” about some unexpected behavior regarding Docker Machine and OpenStack. It’s not a huge deal, but it could catch someone off-guard if they aren’t aware of what’s happening.
This post builds on the earlier post I published on using Docker Machine with OpenStack; specifically, the section about using Docker Machine’s native OpenStack driver to provision instances on an OpenStack cloud. As a quick recap, recall that you can provision instances on an OpenStack cloud (and have Docker Engine installed and configured on those instances) with a command like this:
docker-machine create -d openstack
--openstack-flavor-id 3
--openstack-image-name "Ubuntu 14.04.3 LTS x64"
--openstack-net-name lab-net-5
--openstack-floatingip-pool ext-net-5
--openstack-sec-groups docker,basic-services
instance-name
(Note that I didn’t include all of the optional parameters; refer to either my earlier blog post or the Docker Machine OpenStack driver reference for more details).
One of the optional parameters for Docker Machine’s OpenStack driver is the --openstack-keypair-name parameter, which allows you to specify the name of an existing keypair to use with instances created by Docker Machine. If you omit this parameter, as I have above, then Docker Machine will auto-generate a new SSH Continue reading
Spousetivities at OpenStack Summit in Austin
Long-time readers know that my wife, Crystal, has been running this thing called Spousetivities for a few (OK, eight) years now. While Spousetivities originally started out as a VMworld thing, it rapidly expanded, and this year Spousetivities will be at a number of events. That includes the spring OpenStack Summit in Austin, TX!
If you’re planning to attend the Summit in Austin, why not bring your spouse/fiancé/partner/significant other with you? I can tell you from personal experience that having him or her there with you makes the conference experience more pleasant. In this particular case, Austin is a great place to visit in April and it is very affordable. Besides, Spousetivities has a great set of activities planned to keep your traveling companion(s) entertained while you’re at the conference.
Here’s a quick look at some of what’s planned for that week:
- Explore Austin via a unique scavenger hunt experience, complete with prizes
- Cruise the lake on private, luxury paddle-wheel boat while enjoying a delicious catered lunch
- BBQ galore—after all, this is the BBQ capital and Spousetivities will make sure you get to try the famous BBQ of the Salt Lick
- Quaint and relaxing tour of historic Fredericksburg
On the Spousetivities Continue reading
Adding Git and Docker Machine Awareness to OS X
In this post I’m going to share how to add some Git and Docker Machine “awareness” to your OS X Bash prompt. This isn’t anything new; these tricks are things that Bash users have been employing for years, especially on Linux. For most OS X users, though, I think these are tricks/tools that aren’t particularly well-known so I wanted to share them here.
I’ll divide this post into two sections:
- Adding Git awareness to your Bash prompt
- Adding Docker Machine awareness to your Bash prompt
Please note that I’ve only tested these on El Capitan (OS X 10.11), but it should work similarly for most recent versions of OS X.
Before I get started, allow me to explain what I mean by “awareness”:
- For Git, it’s the ability to show the currently checked-out Git branch in your Bash prompt as well as tab completion for Git commands, branches, and remotes.
- For Docker Machine, it’s the ability to show the currently-active machine (made active via
eval $(docker-machine env <name>)) in your Bash prompt as well as tab completion for most Docker Machine commands and machines.
Ready? Let’s get started!
Adding Git Awareness to your Bash Prompt
To add some Continue reading
Docker Swarm on AWS using Docker Machine
In this post I’m going to talk about how to use Docker Machine to build a Docker Swarm cluster on Amazon Web Services (AWS). This post is an adaptation of this Docker documentation post that shows how to build a Swarm cluster using VirtualBox.
This post builds on the earlier post I wrote on using Docker Machine with AWS, so feel free to refer back to that post for more information or more details anywhere along the way.
At a high level, the process looks like this:
- Obtain a Swarm cluster token.
- Provision the Swarm master.
- Provision the Swarm nodes.
Let’s take a look at these steps in a bit more detail.
Obtain a Swarm Cluster Token
There’s at least a couple ways to do this, but they pretty much all involve a Linux VM using the Swarm Docker image. It’s up to you exactly how you want to do this—you can use a local VM, or you can use an AWS instance. The Docker documentation tutorial uses a local VM with the VirtualBox driver:
docker-machine create -d virtualbox local
env $(docker-machine env local)
docker run swarm create
The first command above creates a VirtualBox VM (named “local”) and Continue reading
Learning Tools Updates
One of the projects that I started last year was my GitHub “learning-tools” repository, in which I store tools (of various sorts) to help with learning new technologies. Many of these tools are Vagrant environments, but some are sample templates for other tools like Terraform. I recently made some updates to a couple of the tools in this repo, so I wanted to briefly update my readers.
Docker with IPVLAN L2 Interfaces
This area of the repository was already present, but I had a note in the repo’s main README.md noting that it wasn’t fully functional. After having to work through some other issues (issues that resulted in this blog post), I was finally able to create the tools and assets to make this environment easily repeatable. So, if you’d like to work with Docker using IPVLAN interfaces in L2 mode, then have a look in the docker-ipvlan folder of the repository. The folder-specific README.md is pretty self-explanatory, but if you run into any problems or issues feel free to open a GitHub issue.
Docker with IPVLAN L3 Interfaces
This is an entirely new area of the repo. Thanks in part to being able to complete Continue reading