Archive

Category Archives for "Systems"

A Quick Look at Carina

Today at the OpenStack Summit in Tokyo, Rackspace announced Carina, a new containers-as-a-service offering that is currently in beta. I took a few minutes to sign up for Carina today and work with it for a little while, and here is a quick introduction.

First, if you’re at all unfamiliar with Docker and/or Docker Swarm, have a look at some of these articles off my site. They’ll help provide some baseline knowledge:

A Quick Introduction to Docker
Running a Small Docker Swarm Cluster

I point out these articles because Carina essentially implements hosted Docker Swarm clusters. You can use the Carina CLI tool (as I will in this article) to create one or more clusters, each of which will expose a Docker API endpoint (just like your own homegrown Docker Swarm cluster) against which you can run the Docker client.

Let’s take a quick look. These instructions assume that you’ve already created an account and downloaded the CLI tool from GitHub. I’m assuming you’re running Linux or OS X; the commands for Windows would be quite different than what I’ll show below.

First, you’ll need to set some environmental variables. I prefer to do this in a file that Continue reading

OpenStack Summit 2015 Day 2 Keynote

Mark Collier, COO of the OpenStack Foundation, takes the stage to kick things off. He starts with a story about meeting new people, learning new things, and sharing OpenStack stories, and encourages attendees to participate in all of these things while they are here at the Summit.

Mark then transitions into a discussion of Liberty (the latest release), and revisits Jonathan Bryce’s discussion of the new organizational model (“the Big Tent”). He specifically calls out Astara and Kuryr as new projects in the Big Tent model. Out of curiosity, he looked at development activity for all the various projects to see which project was the “most active”. It turns out that Neutron was the most active project across all of the various OpenStack projects. According to the user survey last year, 68% were running Neutron. In the most recent user survey, that number climbed to 89%—meaning the vast majority of OpenStack clouds in production are now running Neutron.

So why is networking (and Neutron) so hot right now? Mark believes that this is due to the increasing maturity of software-defined networking and network virtualization. Mark shows data from Crehan Research that states SDN is growing twice as fast as server Continue reading

OpenStack Summit 2015 Day 1 Keynote

This is a liveblog of the Day 1 keynote at the OpenStack Summit here in Tokyo, Japan. As is quite often the case at conferences like this, the wireless network is strained to its limits, so I may not be able to publish this liveblog until well after the keynote ends (possibly even later in the day).

After a brief introduction by one of the leaders of the OpenStack Japan User Group (I couldn’t catch his name), Jonathan Bryce takes the stage. Jonathan takes a few minutes to welcome the attendees, thank the conference sponsors, and go over some logistics (different hotels, meals, getting help, etc.). Jonathan announces the first individual certification for OpenStack—the Certified OpenStack Administrator. The certification test will be available starting in 2016. Not many details are given; I assume that more details will be released in the coming days and weeks.

Jonathan also takes a moment to talk about Liberty, the 12th release of OpenStack. Based on the features added, he feels that manageability, scalability, and extensibility were the key themes for Liberty. This leads Jonathan into a discussion of users and developers, sometimes (not beneficially) separated by sales and product management. Jonathan feels that Continue reading

Securing OpenStack Hosts with Ansible

Openstack-Tokyo

Deploying OpenStack can be a challenging process, and securing it can be even more daunting. Fortunately, there's a new project in the OpenStack big tent that wants to make this process easier: openstack-ansible-security.

Start Standardizing With the STIG

Securing an OpenStack deployment involves multiple levels of configuration:

  1. Securing the network
  2. Securing the host
  3. Securing the interconnected services

The goal of openstack-ansible-security is to tackle the second level -- securing the host.  A spec was proposed for the Mitaka release of OpenStack to secure OpenStack infrastructure hosts using the Red Hat Enterprise Linux 6 Security Technical Implementation Guide (STIG).

The STIG is a collection of best practices for securing a host and its services against common attacks.  The collection is broken up into multiple sections, called categories.  The STIG Viewer service makes these categories easier to review.  The categories include:

  • Cat 1: For highly sensitive systems
  • Cat 2: For medium sensitivity systems
  • Cat 3: For low sensitivity systems

These are meant to be stackable, so an extremely sensitive system would require categories 1, 2 and 3.  Each STIG item provides a description of what needs to be changed, why it should be changed, how to change it, and Continue reading

Red Hat and the Ansible Community

RH_-_blog-logo-header

Now that Ansible is a part of Red Hat, some people may wonder about the future of the Ansible project. Specifically, a few people have expressed concerns that Ansible may become more Red Hat-centric at the expense of other platforms or open source projects.  Here is the good news: the Ansible community strategy has not changed.

As always, we want to make it as easy as possible to work with any projects and communities who want to work with Ansible. Now that we have the resources of Red Hat behind us, we plan to accelerate these efforts. We want to do more integrations with more open source communities and more technologies.

One of the reasons that Red Hat purchased Ansible in the first place was because Red Hat understands the importance of a broad and diverse community. Google “Ansible plus <open source project>” for nearly any project and you will find Ansible playbooks and modules and blog posts and videos and slide decks and all kinds of other information, all intended to make working with that project easier.  We have thousands of people attending Ansible meetups and events all over the world.  We have millions of users.  We Continue reading

Technology Short Take #55

Welcome to Technology Short Take #55! Here’s hoping I’ve managed to find something of value and interest to you in this latest collection of links and articles from around the web on networking, storage, virtualization, security, and other data center-related technologies. Enjoy!

Networking

  • I recently came across Kuryr, an OpenStack project aimed at connecting Docker’s libnetwork efforts to OpenStack Neutron. The end result, as I understand it, would be to allow any Neutron plugin to be able to provide container networking functionality to Docker via libnetwork. This makes sense to me, although I think that network virtualization products are still going to need to integrate directly with libnetwork so that they can be used in environments outside of OpenStack. If you’re interested in getting more information on Kuryr, check out Gal Sagie’s post here or read this follow-up post on using Kuryr and OVN (Open Virtual Network) together.
  • Drew Conry-Murray has a post up on the Packet Pushers blog talking about the benefits and challenges of a single OS; specifically, the benefits and challenges pertaining to Arista and EOS. Lots of companies like to tout the “single OS” banner, but there can be value in having specialized OSes custom-built Continue reading

Appformix and Ansible: Product Deployments Made Simple

We began by searching for an orchestration and configuration management tool for our test lab, and we ended up with Ansible playbooks that we ship with our product.

Automation is a key tenet of our engineering team at AppFormix. Repetitive tasks are automated, such as those surrounding continuous integration, host configuration, maintenance, and backups. This saves time and allows us to document a task, which in turn enables others to understand, contribute, and use the automation. Our engineers spend their time creating our product that provides infrastructure performance optimization for cloud-based datacenters, leaving the mundane work to computers.

We began our automation with Python and Bourne shell scripts, since we were familiar with these languages. Such scripts worked great for a set of steps to perform on a single host, but become very complex when managing several hosts (like in a cloud). We used ssh, scp, and Fabric, but found it challenging to maintain configuration about every host and handle errors robustly.

As our engineering team and deployments grew in size, we needed a sustainable tool to configure our testbeds and deploy our software. We chose Ansible for a number of reasons, including:

Finding a Needle in a Galaxy of Roles

We are really excited to announce the release of Galaxy 1.1. It’s only been a few short weeks since Galaxy 1.0 debuted, and here we are again!

This time we added some powerful enhancements to make searching Ansible roles a much better experience. With over 3,500 roles in Galaxy and more being added every day, it can be a real challenge to sift through platforms, categories and descriptions to find exactly what you need. In Galaxy 1.1 we solved this problem.

Galaxy Tags

As the author of a role, you know better than we do how to describe the role and what terms users will search to discover the role. So to make describing roles better for authors and users, we replaced our limited set a categories with Galaxy Tags, allowing the author to add a list of free-form search terms to a role.

Let’s take a quick look at creating a role with Galaxy and using the new Galaxy Tags feature. We start by creating a role using the ansible-galaxy command line utility that comes installed with Ansible:

ansible-galaxy init ansible-role-myrole

 This creates the following directory structure and some supporting files for the new role:

ansible-role-myrole/
 Continue reading

Adding an Interface to an OpenStack Instance After Creation

In this post I’ll share a few commands I found for adding a network interface to an OpenStack instance after launching the instance. You could, of course, simply launch the instance with multiple network interfaces from the very beginning, but these commands are handy in case you messed up or in case the requirements for the instance changed after it was launched. Please note there’s nothing revolutionary or ground-breaking in the commands listed here; I’m simply trying to help share information in the event others will find it useful.

I tested these commands using OpenStack “Juno” with VMware NSX providing the networking functionality for Neutron, but (as you can tell if you check the articles in the “References” section) this functionality has been around for a while. These commands should work with any supported Neutron plug-in.

First, create the Neutron network port:

neutron port-create <Neutron network name>

If you want to attach a security group to the port (probably a good idea), then modify the command to look like this:

neutron port-create --security-group <Security group name> 
<Neutron network name>

Note that you can add multiple --security-group parameters to the command in order to specify multiple security groups on the Continue reading

Prayer Time at Tokyo Summit

This is something I’ve had the pleasure of organizing at VMworld over the last couple of years, and I’d like to start doing it at the OpenStack Summits as well. So, next week in Tokyo, I’d like to offer Christians attending the Summit the opportunity to gather together for a brief time of prayer before the day’s activities get started.

If you’re interested in attending, here are the details.

What: A brief time of prayer

Where: The pool outside the Grand Prince Hotel New Takanawa (the pool outside the red building on this map of the Summit campus)

When: Tuesday, October 27 through Thursday, October 29, at 8:00 am each day (this should give you time to grab some breakfast before the keynotes and sessions start at 9:00 am)

Who: All courteous attendees are welcome, but please note that this will be a distinctly Christian-focused and Christ-centric activity. This is not to exclude anyone, but rather to focus on like-minded individuals. (I encourage believers of other faiths/religions to organize equivalent activities.)

Why: To spend a few minutes in prayer over the day, the Summit, and the other attendees gathered there

You don’t need to RSVP to let me know Continue reading

Spousetivities in Tokyo

Regular readers of this site know that my wife, Crystal, organizes spouse activities (aka “Spousetivities”, like the combination of “spouse” and “activities”) at conferences. This year she’s adding activities in Tokyo, Japan, in conjunction with the Fall OpenStack Summit!

Here’s a quick look at what is planned:

  • Tokyo city tour w/ tea ceremony (very cool!)
  • Tour of Tokyo Tower, Meiji Jingu, and Odaiba
  • A visit to Mt. Fuji and Hakone
  • Nikko tour

More details on these activities is available on the Spousetivities site.

The activities are funded in part by VMware NSX and Blue Box (their sponsorship helps reduce the cost of activities for participants). If you have a loved one (spouse, domestic partner, family member, friend, whatever!) traveling with you to Tokyo, head on over to the registration page to get them signed up for some great activities while you’re at the Summit.

Red Hat acquires Ansible, the open source IT automation company.

The title should come as no surprise, as many have predicted such an acquisition in the past. The similar open source ideologies, the technology fit, the executive team's open source background and the rapid adoption of Ansible in the enterprise certainly draw parallels to the world's leader in open source technology. What was once a prediction is now reality, in just a little more than two years since Ansible, Inc., opened its doors, and we are thrilled!

Ansible made its name in IT automation, and our agile, simple and agent­less model allowed us to reach beyond just configuration management and into application deployment and multi­tier orchestration. This helped to establish a strong lead in DevOps with CI/CD, while latching on to fast growing areas such as cloud, network and container management. Our open source project boomed, becoming one of the most successful projects on GitHub (#1 follower presence in IT automation) with more than 1,200 contributors. Ultimately, this success led to the Ansible project being named as one of 2014's top 10 open source projects, and a place in Gartner's ‘Cool DevOps Vendor’ report in 2015.

Our customer adoption has also rapidly grown since inception, with more than Continue reading

Getting to Know Peter Sprygada, Director of Engineering

Knowing the members of our Ansible community is important to us, and we want you to get to know the members of our team in (and outside of!) the Ansible office. Stay tuned to the blog to learn more about the people who are helping to bring Ansible to life.

ansible-team-peter-sprygada This week we're happy to introduce you to Peter Sprygada, who recently joined Ansible to tackle all things networking. Prior to joining us at Ansible, Peter built a long career building and operating next generation network infrastructures and most recently ran the EOS+ CS team at Arista focusing on the integration of network operations with DevOps methodologies.

 

What’s your role at Ansible?

Mostly my days revolve around working closely with customers, partners and the fantastic Ansible community to bring more robust support for networking devices into Ansible and Ansible Tower. This includes applying Ansible to help evolve DevOps methodologies to solve problems associated with running network operations teams.

What exciting Ansible networking projects can you tell us about?

To start, we have been working closely with our network partners to transition many of the great modules that have been available in the wild and make them available to Continue reading

1 101 102 103 104 105 125