Archive

Category Archives for "Systems"

Technology Short Take #57

Welcome to Technology Short Take #57. I hope you find something useful here!

Networking

Using SSH Multiplexing

In this post, I’m going to discuss how to configure and use SSH multiplexing. This is yet another aspect of Secure Shell (SSH), the “Swiss Army knife” for administering and managing Linux (and other UNIX-like) workloads.

Generally speaking, multiplexing is the ability to carry multiple signals over a single connection (see this Wikipedia article for a more in-depth discussion). Similarly, SSH multiplexing is the ability to carry multiple SSH sessions over a single TCP connection. This Wikibook article goes into more detail on SSH multiplexing; in particular, I would call your attention to the table under the “Advantages of Multiplexing” to better understand the idea of multiple SSH sessions with a single TCP connection.

One of the primary advantages of using SSH multiplexing is that it speeds up certain operations that rely on or occur over SSH. For example, let’s say that you’re using SSH to regularly execute a command on a remote host. Without multiplexing, every time that command is executed your SSH client must establish a new TCP connection and a new SSH session with the remote host. With multiplexing, you can configure SSH to establish a single TCP connection that is kept alive for a specific period Continue reading

ansible + ec2 + tags

This post is a direct result of the insightful questions asked by attendees during Ansible Fest 2015 San Francisco during the "Ask an Expert". This was a great opportunity for the Ansible Tower team to engage with customers of both Ansible and Tower and to understand their use cases, frustration, and love when working with our products.

Ansible Fest 2015 San Francisco

*The "Ask an Expert" allowed attendees to sign-up for 15 minute slots to talk with Ansible employees about particular problems or use cases. This resulted in over 50 customer questions! Two Ansible employees were stationed at a heavy traffic area to engage attendees and listen to their initial questions or concerns to help choose from more than 15 experts to best engage with. Attendees then engaged with the expert, identifiable by the "Ask an Expert" picture included in their check-in packet, during their registered time.

* The "Ask an Expert" interaction was much more organic than the above description. Times often ran over when in-depth conversations were had and empty time slots were often filled with discussion from attendees in a more ad-hoc manor.

The feedback from the "Ask an Expert" from the attendees was overwhelmingly positive. I can say that the feeling Continue reading

ansible + ec2 + tags

ansible-amazon-blog-header.png

"How do I spin up multiple ec2 instances, all with differing tags?"

This question is one of the many insightful questions asked by attendees during AnsibleFest 2015 San Francisco at our "Ask an Expert" tables. AnsibleFest was a great opportunity for the Ansible team to engage with customers of both Ansible and Tower and to understand their use cases, frustration, and love when working with our products.

The "Ask an Expert" program allowed attendees to sign-up for 15 minute slots to talk with more than 15 Ansible experts, resulting in over 50 customer questions! 

Feedback from the attendees was overwhelmingly positive. I can say that the feeling is mutual from the Ansible team side! It was a joy to hear from so many users of Ansible and Tower.

 

Example AnsibleFest "Ask an Expert" sign-up sheet:

blog-ask-expert-sf15

 


Onto the Playbook

Now that we have the back story out of the way, let's get into the playbooks. Several attendees asked how to spin up multiple ec2 instances, all with differing tags.

Extrapolating from that question the user wants/concerns are:

  • The ec2 doesn't "count" (spins up multiple identical instances)
  • Run tasks/plays against spun up instances (obviously)
  • Assign different properties to each instance (i.e. tags)

From the above requirements I will demonstrate a general Continue reading

A Use Case for an SSH Bastion Host

In this post, I’m going to explore one specific use case for using an SSH bastion host. I described this configuration and how to set it up in a previous post; in this post, though, I’d like to focus on one practical use case.

This use case is actually one I depicted graphically in my earlier post:

SSH bastion host diagram

This diagram could represent a couple different examples. For example, perhaps this is an AWS VPC. Security best practices suggest that you should limit access from the Internet to your instances as much as possible; unless an instance needs to accept traffic from the Internet, don’t assign a public IP address (or an Elastic IP address). However, without a publicly-accessible IP address, how does one connect to and manage the instance? You can’t SSH to it without a publicly-accessible IP address—unless you use an SSH bastion host.

Or perhaps this diagram represents an OpenStack private cloud, where users can deploy instances in a private tenant network. In order for those instances to be accessible externally (where “externally” means external to the OpenStack cloud), the tenant must assign each instance a floating IP address. Security may not be as much of a concern Continue reading

The Ansible Support Mailbox

genericblog

Hi, I'm David Federlein and you may know me from such tickets to the Customer Success Team as “How does Tower’s Dynamic Inventory use Private IPs?" and “How do I import my Ansible inventory to Tower?" Or perhaps you just knew me from grade school. If that’s the case I’d like to apologize for that incident with the fake perfume that smelled like farts and further reassure you that I never again ordered any novelty items from the back of comic books.

In regards to Tower and Ansible, I am here today to share some tips that may be of help in your endeavor for automated nirvana. Perhaps after I’ve shared some of this with you I can one day have someone call me “Sir” without adding “you’re making a scene.” Let’s get down to business.

By now you should be familiar with our love of cowsay, but cows can be dangerous! Don't kid yourself: If a cow ever got the chance, he'd eat you and everyone you care about! So if you’d like to turn off the bovines throwing taunting barbs as you run your playbook, remember two things:

1) That cow is judging Continue reading

The Ansible Support Mailbox

support header

Hi, I'm David Federlein and you may know me from such tickets to the Customer Success Team as “How does Tower’s Dynamic Inventory use Private IPs?" and “How do I import my Ansible inventory to Tower?" Or perhaps you just knew me from grade school. If that’s the case I’d like to apologize for that incident with the fake perfume that smelled like farts and further reassure you that I never again ordered any novelty items from the back of comic books.

In regards to Tower and Ansible, I am here today to share some tips that may be of help in your endeavor for automated nirvana. Perhaps after I’ve shared some of this with you I can one day have someone call me “Sir” without adding “you’re making a scene.” Let’s get down to business.

By now you should be familiar with our love of cowsay, but cows can be dangerous! Don't kid yourself: If a cow ever got the chance, he'd eat you and everyone you care about! So if you’d like to turn off the bovines throwing taunting barbs as you run your playbook, remember two things:

1) That cow is judging Continue reading

Docker at Connect(); // 2015

Connect(); //2015, Microsoft’s virtual event devoted to developers, happened one day after DockerCon EU 2015, and started with an epic demo where Scott Hanselman deployed an ASP.NET 5 app from Visual Studio to a Docker container on Azure on Linux. … Continued

An Introduction to Terraform

In this post, I’m going to provide a quick introduction to Terraform, a tool that is used to provision and configure infrastructure. Terraform allows you to define infrastructure configurations and then have those configurations implemented/created by Terraform automatically. In this respect, you could compare Terraform to similar solutions like OpenStack Heat, AWS CloudFormation, and others.

Before I continue, though, allow me to first address this question: why Terraform?

Why Terraform?

This is a fair question, and one that you should be asking. After all, if Terraform is considered similar to OpenStack Heat or AWS CloudFormation, then why use Terraform instead of one of the comparable solutions? I believe there are a couple (related) reasons why you might consider Terraform over a similar solution:

  1. Within a single Terraform definition, you can orchestrate across multiple cloud services. For example, you could create instances with a cloud provider (AWS, DigitalOcean, etc.), create DNS records with a DNS provider, and register key/value entries in Consul. Heat and CloudFormation are, quite naturally, designed to work almost exclusively with OpenStack and AWS, respectively. (Astute readers will know that Heat supports CloudFormation templates, but you get the idea.) Therefore, one reason to use Terraform Continue reading

1 98 99 100 101 102 125