Learning NSX, Part 18: Routing Without Network Address Translation
This is part 18 of the Learning NSX blog series, in which I talk about using layer 3 (L3) routing with VMware NSX but without network address translation (NAT). This post describes a configuration that offers yet another connectivity option for OpenStack cloud administrators and operators.
In part 6, I showed you how to add a gateway appliance to your NSX installation. Part 9 leveraged the gateway appliances to create a L3 gateway service, which—as I explained in part 15—provides the functionality for logical routers in OpenStack. (Logical routing was covered in part 14.) Part 16 expanded the routing configuration to support multiple external networks. This post expands the options again by showing you how to do logical routing without using network address translation (NAT). Of course, it would probably be helpful to read the entire series; links to all posts can be found on the Learning NVP/NSX page.
As I mentioned, so far you’ve seen three different external connectivity options:
-
Routing (layer 3 connectivity) to a single external network
-
Routing (layer 3 connectivity) to multiple external networks using VLANs
-
Bridging (layer 2 connectivity) between a logical network and a physical broadcast domain
Both of the routed Continue reading
Case Study: Tradesy and Ansible
We've just completed another new Ansible case study; Tradesy. Tradesy is an online consignment store where people can offer their fashion and accessories for resale.
Tradesy had been doing everything by hand until making a move to use Ansible Tower in an effort to automate as many things as they could.
Continue reading
Learning NSX, Part 17: Adding External L2 Connectivity
This is part 17 of the Learning NSX blog series. In this post, I’ll show you how to add layer 2 (L2) connectivity to your NSX environment, and how to leverage that L2 connectivity in an NSX-powered OpenStack implementation. This will allow you, as an operator of an NSX-powered OpenStack cloud, to offer L2/bridged connectivity to your tenants as an additional option.
As you might expect, this post does build on content from previous posts in the series. Links to all the posts in the series are available on the Learning NVP/NSX page; in particular, this post will leverage content from part 6. Additionally, I’ll be discussing using NSX in the context of OpenStack, so reviewing part 11 and part 12 might also be helpful.
There are 4 basic steps to adding L2 connectivity to your NSX-powered OpenStack environment:
- Add at least one NSX gateway appliance to your NSX implementation. (Ideally, you would add two NSX gateway appliances for redundancy.)
- Create an NSX L2 gateway service.
- Configure OpenStack for L2 connectivity by configuring Neutron to use the L2 gateway service you just created.
- Add L2 connectivity to a Neutron logical network by attaching to the L2 gateway service.
Learning NSX, Part 17: Adding External L2 Connectivity
This is part 17 of the Learning NSX blog series. In this post, I’ll show you how to add layer 2 (L2) connectivity to your NSX environment, and how to leverage that L2 connectivity in an NSX-powered OpenStack implementation. This will allow you, as an operator of an NSX-powered OpenStack cloud, to offer L2/bridged connectivity to your tenants as an additional option.
As you might expect, this post does build on content from previous posts in the series. Links to all the posts in the series are available on the Learning NVP/NSX page; in particular, this post will leverage content from part 6. Additionally, I’ll be discussing using NSX in the context of OpenStack, so reviewing part 11 and part 12 might also be helpful.
There are 4 basic steps to adding L2 connectivity to your NSX-powered OpenStack environment:
-
Add at least one NSX gateway appliance to your NSX implementation. (Ideally, you would add two NSX gateway appliances for redundancy.)
-
Create an NSX L2 gateway service.
-
Configure OpenStack for L2 connectivity by configuring Neutron to use the L2 gateway service you just created.
-
Add L2 connectivity to a Neutron logical network by attaching to the L2 gateway service.
Want to speak at or sponsor AnsibleFest London?
Are you interested in speaking or sponsoring AnsibleFest London? Simply visit our AnsibleFest London page to learn how you can do both.
Speakers and sponsors of previous AnsibleFests have included Google, Linode, Cisco, Big Panda, Rackspace, Cumulus Networks, Twitter, Telescope, and others. AnsibleFest London will be scheduled for early 2015. We'll announce more details soon.
Continue readingMulti-Machine Vagrant with YAML
In this post, I’ll describe a technique I found for simplifying the use of multi-machine Vagrantfiles by extracting configuration data into a separate YAML file. This technique is by no means something that I invented or created, so I can’t take any credit whatsoever; this is an idea I first saw here. I wanted to share it here in the hopes that it might prove useful to a larger audience.
If you aren’t familiar with Vagrant and Vagrantfiles, you might start with my quick introduction to Vagrant.
I found this technique after trying to find a way to simplify the creation of multiple machines using Vagrant. Specifically, I was trying to create multiple instances of CoreOS along with an Ubuntu instance for testing things like etcd, fleet, Docker, etc. The Vagrantfile was getting more and more complex, and making changes (to add another CoreOS node, for example) wasn’t as straightforward as I would have liked.
So what’s the fix? As with other DSLs (domain-specific languages) such as Puppet, the fix was found in separating the data from the code. In Puppet, that means parameterizing the module or class, and I needed to use a similar technique here with Vagrant. So, Continue reading
Multi-Machine Vagrant with YAML
In this post, I’ll describe a technique I found for simplifying the use of multi-machine Vagrantfiles by extracting configuration data into a separate YAML file. This technique is by no means something that I invented or created, so I can’t take any credit whatsoever; this is an idea I first saw here. I wanted to share it here in the hopes that it might prove useful to a larger audience.
If you aren’t familiar with Vagrant and Vagrantfiles, you might start with my quick introduction to Vagrant.
I found this technique after trying to find a way to simplify the creation of multiple machines using Vagrant. Specifically, I was trying to create multiple instances of CoreOS along with an Ubuntu instance for testing things like etcd, fleet, Docker, etc. The Vagrantfile was getting more and more complex, and making changes (to add another CoreOS node, for example) wasn’t as straightforward as I would have liked.
So what’s the fix? As with other DSLs (domain-specific languages) such as Puppet, the fix was found in separating the data from the code. In Puppet, that means parameterizing the module or class, and I needed to use a similar technique here with Vagrant. So, Continue reading
Questions for Photography Enthusiasts
It’s no secret that I’m something of a photography enthusiast. To me, photography is a relaxing puzzle of how to assemble all the various pieces—setting, lighting, exposure, composition, etc.—to create just the right image. I’m not an expert, but that’s OK; I just do this for fun and to relax. If you’d like to see a small sampling of some of the photos I’ve taken, I publish some of them here on 500px.com.
I know that a fair number of folks in the IT industry are also photo enthusiasts, and so I was curious to hear some feedback from fellow enthusiasts about their photography workflows. In particular, I’m curious to know about how others answer these questions:
- What formats do you use with your photos? (I’ve been shooting in RAW—NEF, specifically, since I’m a Nikon guy—then converting to Adobe DNG for use with Lightroom.)
- How do you handle long-term storage of your photos? (Once I have the photos in DNG in Lightroom, then I’ve been archiving the RAW files on my Synology NAS.)
- What pictures do you keep—all of them, or only the best ones? (So far, I’ve been keeping all the RAW files, archiving when Continue reading
Questions for Photography Enthusiasts
It’s no secret that I’m something of a photography enthusiast. To me, photography is a relaxing puzzle of how to assemble all the various pieces—setting, lighting, exposure, composition, etc.—to create just the right image. I’m not an expert, but that’s OK; I just do this for fun and to relax. If you’d like to see a small sampling of some of the photos I’ve taken, I publish some of them here on 500px.com.
I know that a fair number of folks in the IT industry are also photo enthusiasts, and so I was curious to hear some feedback from fellow enthusiasts about their photography workflows. In particular, I’m curious to know about how others answer these questions:
-
What formats do you use with your photos? (I’ve been shooting in RAW—NEF, specifically, since I’m a Nikon guy—then converting to Adobe DNG for use with Lightroom.)
-
How do you handle long-term storage of your photos? (Once I have the photos in DNG in Lightroom, then I’ve been archiving the RAW files on my Synology NAS.)
-
What pictures do you keep—all of them, or only the best ones? (So far, I’ve been keeping all the RAW files, archiving when Continue reading
AnsibleFest San Francisco 2014 Recap
For those unable to attend AnsibleFest San Francisco, or those just looking for a copy of presentations, below you'll find links to most of them:
Continue reading“Range of fields” in awk
This is asked very often, and the solution isn't always obvious (if at all).Learning NSX, Part 16: Routing to Multiple External VLANs
This is part 16 of the Learning NSX series, in which I will show you how to configure VMware NSX to route to multiple external VLANs. This configuration will allow you to have logical routers that could be uplinked to any of the external VLANs, providing additional flexibility for consumers of NSX logical networks.
Naturally, this post builds on all the previous entries in this series, so I encourage you to visit the Learning NVP/NSX page for links to previous posts. Because I’ll specifically be discussing NSX gateways and routing, there are some posts that are more applicable than others; specifically, I strongly recommend reviewing part 6, part 9, part 14, and part 15. Additionally, I’ll assume you’re using VMware NSX with OpenStack, so reviewing part 11 and part 12 might also be helpful.
Ready? Let’s start with a very quick review.
Review of NSX Gateway Connectivity
You may recall from part 6 that the NSX gateway appliance is the piece of VMware NSX that handles traffic into or out of logical networks. As such, the NSX gateway appliance is something of a “three-legged” appliance:
- One “leg” (network interface) provides management connectivity among the gateway appliance and Continue reading
Learning NSX, Part 16: Routing to Multiple External VLANs
This is part 16 of the Learning NSX series, in which I will show you how to configure VMware NSX to route to multiple external VLANs. This configuration will allow you to have logical routers that could be uplinked to any of the external VLANs, providing additional flexibility for consumers of NSX logical networks.
Naturally, this post builds on all the previous entries in this series, so I encourage you to visit the Learning NVP/NSX page for links to previous posts. Because I’ll specifically be discussing NSX gateways and routing, there are some posts that are more applicable than others; specifically, I strongly recommend reviewing part 6, part 9, part 14, and part 15. Additionally, I’ll assume you’re using VMware NSX with OpenStack, so reviewing part 11 and part 12 might also be helpful.
Ready? Let’s start with a very quick review.
Review of NSX Gateway Connectivity
You may recall from part 6 that the NSX gateway appliance is the piece of VMware NSX that handles traffic into or out of logical networks. As such, the NSX gateway appliance is something of a “three-legged” appliance:
-
One “leg” (network interface) provides management connectivity among the gateway appliance and Continue reading
Ansible and using Automation to Assert IT Compliance
Like “orchestration”, compliance is a frequently overloaded phrase in IT -- it means very different things to different people. Ansible is frequently used in all sorts of compliance use cases, which we’ll expand on below.
Compliance can mean checking to see if a system has “drifted” from a known state, pushing a system back into line from a different state, or making it conform with a very specific set of (often security related) standards.
Too Fast, Too Furious
Continue reading
Case Study: Hootsuite
Hootsuite, the excellent social media management platform used by over 75% of the Fortune 500, is a big fan of Ansible and uses it for app deployment. Beier Cai, the Director of Technology at Hootsuite was kind enough to speak to us about how Hootsuite uses Asnible to overcome their business challenges.
“Our infrastructure is not scripted, repeatable or immutable. Rebuilding a server relies on limited documentation and mostly memory. Lack of repeatability makes automating our infrastructure and application deployment difficult.
Read the full case study amd learn how Ansible solves their problems here.
Read more about Ansible and App Deployment.
Technology Short Take #45
Welcome to Technology Short Take #45. As usual, I’ve gathered a collection of links to various articles pertaining to data center-related technologies for your enjoyment. Here’s hoping you find something useful!
Networking
- Cormac Hogan has a list of a few useful NSX troubleshooting tips.
- If you’re not really a networking pro and need a “gentle” introduction to VXLAN, this post might be a good place to start.
- Also along those lines—perhaps you’re a VMware administrator who wants to branch into networking with NSX, or you’re a networking guru who needs to learn more about how this NSX stuff works. vBrownBag has been running a VCP-NV series covering various objectives from the VCP-NV exam. Check them out—objective 1, objective 2, objective 3, and objective 4 have been posted so far.
Servers/Hardware
- I’m going to go out on a limb and make a prediction: In a few years time (let’s say 3–5 years), Intel SGX (Software Guard Extensions) will be regarded as important if not more important than the virtualization extensions. What is Intel SGX, you ask? See here, here, and here for a breakdown of the SGX design objectives. Let’s be real—the ability for an Continue reading
Technology Short Take #45
Welcome to Technology Short Take #45. As usual, I’ve gathered a collection of links to various articles pertaining to data center-related technologies for your enjoyment. Here’s hoping you find something useful!
Networking
-
Cormac Hogan has a list of a few useful NSX troubleshooting tips.
-
If you’re not really a networking pro and need a “gentle” introduction to VXLAN, this post might be a good place to start.
-
Also along those lines—perhaps you’re a VMware administrator who wants to branch into networking with NSX, or you’re a networking guru who needs to learn more about how this NSX stuff works. vBrownBag has been running a VCP-NV series covering various objectives from the VCP-NV exam. Check them out–objective 1, objective 2, objective 3, and objective 4 have been posted so far.
Servers/Hardware
- I’m going to go out on a limb and make a prediction: In a few years time (let’s say 3-5 years), Intel SGX (Software Guard Extensions) will be regarded as important if not more important than the virtualization extensions. What is Intel SGX, you ask? See here, here, and here for a breakdown of the SGX design objectives. Let’s be real—the ability for an Continue reading
Good Ansible News, Everyone
There are lots of great things happening at Ansible (and we aren't just talking about the new coffee in the breakroom). We've had a great summer with the hiring a bunch of new Ansible team members, the release of Ansible 1.7.2 and Ansible Tower 2.0. Fall is shaping up to be even better.
-- Inforworld names Ansible one of The best open source data center and cloud software companies.
Continue reading