Archive

Category Archives for "Systems"

DockerCon 2015 CFP Extended

Thank you to all who have submitted a session for DockerCon so far. We are very excited by the nearly 342 fantastic submissions we’ve received. After our initial call for papers closed on Monday, we received an overwhelming response and … Continued

Ansible Fundamentals Webinar

If you missed our Ansible Training webinar today, or were not able to sign-up before it filled up, we were able to record the session. If you were able to attend, we hope you enjoyed it and learned about how to use Ansible.

We'll be announcing the next session soon, so follow us on Twitter for updates.

Skip ahead to 11:24 to view the training.

We also have an Ansible Tower webinar scheduled for later this month.

Ansible Tower Webinar March 26 - 2PM EST

 

Ansible and MindPoint Group Deliver Automation for Government STIG Compliance

Ansible has teamed with security consultancy MindPoint Group to develop, release, and support a set of Ansible Roles that will save IT organizations considerable amounts of time when applying and maintaining security baselines such as the DISA STIG or CIS benchmark to IT environments.

Why MindPoint Group? That answer is simple. MindPoint Group has a singular focus which has led to an excellent reputation for delivering end-to-end security solutions to commercial and government clients alike.  This focus, coupled with their love of Ansible, made MindPoint Group a natural choice for partnering on the development of free-and-open security baseline roles and playbooks.

The best part? This relationship is already helping Ansible users.

STIG


The first Role is for the DISA STIG on RHEL 6 (and variant systems) and is now available in Ansible Galaxy. This Role enables customers to automate the application and management of STIG-compliant systems in their environments, all the while leveraging Ansible’s agentless management framework.  When applied using Ansible, the RHEL 6 STIG Role automates a significant amount of the manual and redundant scripting and remediation that IT organizations often rely on to ensure they meet the STIG OS requirements.

Releasing this important Role is just the beginning. Continue reading

A Quick Update on OpenStack Congress

OpenStack Congress, a project aimed at providing “policy as a service” for OpenStack clouds, is a project I’ve had the privilege of being involved in from very early days. I first mentioned Congress almost a year ago, and since then the developers have been hard at work on the project. Recently, one of the lead developers posted a summary of some pretty impressive performance improvements that have been made with Congress.

I won’t repeat all the sordid details here; for all the details, I encourage you to go read the full post over at ruleyourcloud.com. Just to give you a quick highlight of some of the performance gains they’ve been able to realize, consider these numbers:

  • A 500x improvement in query performance
  • A 20,000x increase in data import speed
  • A 6x reduction in memory overhead

Given the nature of Congress—that it must, by its very definition, import data from multiple cloud services and perform queries across that data to determine policy violations—the performance improvements seen in query performance and data import speeds are quite significant.

For the detailed explanation of how the developers were able to see such incredible performance improvements, see the full post. If you’re interested in Continue reading

Technology Short Take #49

Welcome to Technology Short Take #49 (also known as Distraction-as-a-Service)! I have here for your reading pleasure an eclectic collection of links and articles from around the web, focusing on data center-related technologies. Here’s hoping you find something useful. Bring on the content!

Networking

  • I love this post from Matt Oswalt on five next-gen skills for networking pros. I highly recommend you read the entire post, but in short the five skills Matt recommends are software skills (which includes configuration management and software development tools like Git), Linux, deep protocol knowledge, hypervisor and container networking, and IPv6. What’s really interesting to me is the (completely uncoordinated) alignment between Matt’s list of skills for networking pros and the list I provided to virtualization pros in a series of recent VMUG presentations (refer to slide 15, but the list is software development basics, Linux, automation/orchestration, and public cloud services). What does this mean? It tells me that some skills—specifically, Linux, automation/configuration management, software development concepts—are going to be essential for all new IT pros in the near future. If you want to stay relevant, regardless of your current “silo,” it’s time to evolve.
  • Carl Niger has a write-up on the introduction Continue reading

Cup of Joe with Jon and James

Cup of Joe with Jon and James

Two of Ansible’s very own Solutions architects, James Martin and Jonathan Davilla, will be hanging out at various coffee shops in the Washington, DC metro region in the upcoming weeks.   Stop by during your lunch hour and ask them about automation, DevOps culture, Ansible, and the difference between a latte and a machiatto.  Follow them on twitter for last minute updates @grepless and @defionscode.

3/13 , 11am-2pm   -  Swing’s Coffee 1702 G Street NW

3/27, 11am-2pm  - Chinatown Coffee 475 H St. NW

AnsibleFest New York City SUPER Early Bird Tickets Now Available

We are excited to announce that the next AnsibleFest will be held in New York City!

We are still working out the details, but we wanted to make some tickets available at a huge discount. AnsibleFest NYC is currently being planned for early June and will be at a great venue in New York City. If you are flexible and can plan ahead as well as make changes to your schedule, these tickets are for you!

The SUPER Early Bird price is just $179 (over 30% off the standard price) and is only available until March 23, 2015.

Purchase Super Early Bird AnsibleFest tickets here

We'll be announcing the exact date and location soon!

Choosing CoreOS over Project Atomic

Upon hearing the news that Red Hat had released the Atomic Host variant of Red Hat Enterprise Linux, I decided that it would be a good idea for me to take a look at the CentOS flavor of the Atomic Host variant. In case you’re unfamiliar, the Atomic Host variant is the result of Project Atomic, which aimed to provide a container-optimized flavor of RHEL/CentOS/Fedora. This container-optimized flavor would leverage rpm-ostree for atomic system updates (hence the name) and come with Docker preinstalled. What I found, frankly, disappointed me.

Before I continue, I will make two very important disclaimers:

  1. Note that there has been no official announcement of the release of final builds of an Atomic Host variant for CentOS 7. So, it’s entirely possible that all the issues I mention here are known issues that will be addressed. That being said, I did find CentOS 7 Atomic Host builds dated March 5, 2015; this is the same date as the Red Hat announcement. It’s reasonable, therefore, to believe that these builds are very close to final builds.

  2. It’s entirely possible these issues are the result of errors on my part. I’ve spent most of my time with Continue reading

Running a Small Docker Swarm Cluster

In this post, I’m going to show you how to set up and run your own Docker Swarm cluster. Docker Swarm is a relatively new orchestration tool from Docker (the company) that allows you to create a cluster of hosts running Docker (the open source project) and schedule containers across the cluster. However, just scheduling and running containers across a cluster isn’t enough, so I’ll show you how to add service registration and service discovery to this environment using Consul.

In the event you’re interested in following along, I’ve created a set of files that will allow you to use Vagrant to run this Docker Swarm cluster (on your laptop, if so desired). You can find all these files in the “docker-swarm” folder of my GitHub learning-tools repository.

The Docker Swarm cluster I’m going to show you how to build has 3 major components:

  • A cluster of systems running Consul. In this case, Consul serves a dual purpose. First, it’s used as the discovery service for the Docker Swarm cluster itself. Second, it provides service registration and service discovery functionality for the Docker containers launched on the Swarm cluster.
  • A set of hosts running the Docker daemon (version 1.4. Continue reading