Archive

Category Archives for "Systems"

Answering Your Questions at DockerCon LIVE 2021

 Guest post by Docker Captain Bret Fisher, a DevOps consultant and the creator of the popular Docker Mastery Udemy course. Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE for a free, one day virtual event at https://dockr.ly/2PSJ7vn

I have the pleasure of hosting many of the live events at DockerCon this year. You may remember my 7+ hour non-stop live stream from last year’s DockerCon LIVE 2020 with nearly 20 guests:

We’re back!

This year we’re calling them Live Panels. You’ll find them in their own track in the schedule.

If you’ve never visited one of my live streams before, they tend to be DevOps focused, and as practical and real-world as we can be. Come ready to ask my guests questions in chat on our selected topics, and we’ll do our best to answer as many as we can! You get to guide the conversation with the live stream chat Q&A.

I’m hosting three live panels on three topics. I wanted to discuss the top three things that I think are the hottest topics in Docker and Cloud Native container tech today for developers and DevOps professionals, so be sure to stop Continue reading

Fun with private Automation Hub – Part 1

With the introduction of Ansible Automation Platform 1.2 at AnsibleFest 2020, Ansible released private Automation Hub. This enables a means to deliver, manage and curate Ansible Automation Platform Certified Content via a central on-premises, self-hosted solution for use by internal automation communities.

This sparked my interest in digging deeper into what private Automation Hub is and how I could leverage it. My initial perception went from a mysterious black box to viewing it as the perfect Ansible Automation Platform sidecar.

I learned quite a bit on how I could optimize it for my environments and wanted to share my findings. Before we start, a brief history of Ansible content and Ansible Content Collections may be helpful.

"Following the light of the sun, we left the Old World." - Christopher Columbus on Ansible Collections

During 2017, the number of modules, roles and content under Ansible's GitHub repository surged. The backlog of issues started to increase as the inflow of new content for different platforms and network appliances/devices outpaced the growth of the Ansible Core team. Various YouTube videos and blog posts provided commentary and insights from the Ansible community. The rapid growth of Ansible content led to the birth Continue reading

The Next Step

The Greek philosopher Heraclitus is typically attributed as the creator of the well-known phrase “Change is the only constant.” Since I left VMware in 2018 to join Heptio, change has been my companion. First, there was the change of focus, moving to a focus on Kubernetes and related technologies. Then there was the acquisition of Heptio by VMware, and all the change that comes with an acquisition. Just when things were starting to settle down, along came the acquisition of Pivotal by VMware and several more rounds of changes as a result. Today, I mark the start of another change, as I begin a new role and take the next step in my career journey.

Last week, I announced via Twitter that I was leaving VMware to explore a new opportunity. Today, I start at Kong, Inc., as a Principal Field Engineer. Kong, if you aren’t already familiar, is a company focused on service connectivity for modern architectures, with products like their eponymous API gateway and the Envoy-powered Kuma service mesh. I’m really looking forward to getting much more familiar with Envoy, the Kong API gateway, Kuma, and related projects and technologies. I still get to be Continue reading

Getting started with Route Maps Resource Modules

Red Hat Ansible Engine v2.9 introduced the first set of Resource Modules that make network automation easier and more consistent, especially in multi-vendor environments. These network resource specific and opinionated Ansible modules help us avoid creating overly complex Jinja2 templates to render and push network configurations, thereby easing the adoption of network automation both in green and brownfield environments. The resource modules, along with the tools provided in ansible.utils, are highly focused on allowing the end user to manipulate network configuration as “structured data” and not have to worry about network platform specific details.

In the past, we have gone through resource modules that facilitate managing BGP, OSPFv2, ACLs and VLANS configurations on network devices. In this blog post, we’ll cover the newly added route maps resource modules using cisco.nxos.nxos_route_maps as an example.

Route maps are used to define which routes from a source routing protocol are to be distributed to a target routing protocol. It also allows filtering routes that are sent or received between BGP peers. Every route map can have multiple entries, with each entry having a sequence number and an action (the “permit” or “deny” clause) associated with it. Continue reading

Video: Docker Build – Working with Docker and VSCode

Tune in as host Peter McKee turns over the controls to Brandon Waterloo for a show-and-tell of how to work with Docker and Visual Studio Code (VSCode). A senior software engineer at Microsoft, Waterloo is the lead developer of the Docker extension and works mainly on the Docker extension for VSCode.

VSCode is a streamlined source-code editor made by Microsoft for Windows, Linux and macOS that’s fine-tuned for building and debugging modern web and cloud applications. The Docker extension makes it easier to build apps that leverage Docker containers, helps scaffold needed files, build Docker images, debug your app inside a container and more.

Follow along as Waterloo builds a basic Python FastAPI app with a Redis backend and a simple hit counter, adding Docker files in order to containerize it. Along the way, he and McKee talk scaffolding, running, debugging, syntax highlighting, intelligent code completion, snippets and the climate benefits of living in Texas (McKee) versus Michigan (Waterloo).

Watch the video here:

 Join Us for DockerCon LIVE 2021  

Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE is a free, one day virtual event that is a unique experience for developers and development teams who Continue reading

Docker Hub Incident Reviews – April 3rd and 15th 2021

In line with our promise last year to continue publishing incident reviews for Docker Hub, we have two to discuss from April. While many users were unaffected, it is important for us to be transparent with our community, and we hope it is both informative and instructive.

April 3rd 2021

Starting at about 07:30 UTC, a small proportion of registry requests (under 3%) against Docker Hub began failing. Initial investigation pointed towards several causes, including overloaded internal DNS services and significant and unusual load from several users and IPs. Changes were made to address all of these (scaling, blocking, etc), and while the issue seemed to resolve for several hours at a time, it continued coming back.

The issue re-occurred intermittently into the next day, at which point the actual root cause was determined to be under-scaled load balancers doing service discovery and routing for our applications. 

In the past, the bottleneck for the load balancing system was network bandwidth on the nodes, and auto scaling rules were thus tied to bandwidth metrics. Over time and across some significant changes to this system, the load balancing application had become more CPU intensive, and thus the current auto scaling setup Continue reading

DockerCon LIVE 2021 Keynotes

Join us for DockerCon LIVE 2021 on Thursday, May 27. DockerCon LIVE is a free, one day virtual event that is a unique experience for developers and development teams who are building the next generation of modern applications. If you want to learn about how to go from code to cloud fast and how to solve your development challenges, DockerCon LIVE 2021 offers engaging live content to help you build, share and run your applications. Register today at https://dockr.ly/2PSJ7vn

With DockerCon just around the corner, we’re pleased to announce our outstanding keynote speaker line-up.

Among the Docker luminaries taking the virtual stage May 27 will be CEO Scott Johnston, CTO Justin Cormack and VP of Products Donnie Berkholz. Look for keynotes, too, from special guests Dana Lawson, GitHub VP of Engineering, and Matt Falk, VP of Engineering, Data Science and Computer Vision at Orbital Insight.

Picking up hosting duties will be Docker’s Peter McKee and William Quiviger, along with DevOps consultant and Docker Captain Bret Fisher.

They’re just part of the one-day event packed with demonstrations, product announcements, company updates and more — all of it focused on modern application delivery in a cloud-native world.

Last year 78,000 registrants Continue reading

Ansible Network Resource Purge parameter

Red Hat Ansible Network Automation continues to be a popular domain for Red Hat Ansible Automation Platform. We have continually developed additional resource modules to make automating network appliances easier, and more approachable, for novices and experts alike. These resource modules provide a consistent experience across multiple network vendors. There are seven main state parameters for resource modules: merged, replaced, overridden, deleted, gathered, rendered and parsed. The Ansible network team is adding one more parameter, purged, to this tool chest for resource modules. This blog will cover the purged parameter and show use-cases through a practical example.

network purge blog

For this example, we will be using two BGP resource modules to configure a Cisco network device. We will be using the bgp_global module, which was covered in Rohit’s blog post, and the bgp_address_family module. The BGP configuration is split between these two separate modules to simplify configuration and data models associated with them.

Let’s start with a data model:

bgp_global:
    as_number: '65000'
    bgp:
        log_neighbor_changes: true
        router_id:
            address: 192.168.1.1
    neighbor:
    -   activate: true
        address: 10.200.200.2
        remote_as: 65001
bgp_address_family:
    address_family:
    -   afi: ipv4
        neighbor:
        -   activate: true
            address: 10.200.200.2
        network:
        -   address: 10.25. Continue reading

Technology Short Take 140

Welcome to Technology Short Take #140! It’s hard to believe it’s already the start of May 2021—my how time flies! In this Technology Short Take, I’ve gathered some links for you covering topics like Azure and AWS networking, moving from macOS to Linux (and back again), and more. Let’s jump right into the content!

Networking

Servers/Hardware

Security

Video: How to Dockerize a Python App with FastAPI

Join host Peter McKee and Python wizard Michael Kennedy for a warts-and-all demo of how to Dockerize a Python app using FastAPI, a popular Python framework. Kennedy is a developer and entrepreneur, and the founder and host of two successful Python podcasts — Talk Python To Me and Python Bytes. He’s also a Python Software Foundation Fellow.

With some skillful back-seat driving by McKee, Kennedy shows how to build a bare-bones web API — in this case one that allows you to ask questions and get answers about movies (director, release date, etc.) — by mashing together a movie service and FastAPI. Next, he shows how to put it into a Docker container, create an app and run it, finally sharing the image on GitHub.

If you’re looking for a scripted, flawless, pre-recorded demo, this is not the one for you! McKee and Kennedy iterate and troubleshoot their way through the process — which makes this a great place to start if you’re new to Dockerizing Python apps. Install scripts, libraries, automation, security, best practices, and a pinch of Python zen — it’s all here. (Duration 1 hour, 10 mins.)

Join Us for DockerCon LIVE 2021  

Join us Continue reading

Monitoring as code with Sensu + Ansible

A comprehensive infrastructure as code (IaC) initiative should include monitoring and observability. Incorporating the active monitoring of the infrastructure under management results in a symbiotic relationship in which failures are detected automatically, enabling event-driven code changes and new deployments.

In this post, I’ll recap a webinar I hosted with Tadej Borovšak, Ansible Evangelist at XLAB Steampunk (who we collaborated with on our certified Ansible Content Collection for Sensu Go). You’ll learn how monitoring as code can serve as a feedback loop for IaC workflows, improving the overall automation solution and how to automate your monitoring with the certified Ansible Content Collection for Sensu Go (with demos!).

Before we dive in, here’s a brief overview of Sensu.

 

About Sensu

Sensu is the turn-key observability pipeline that delivers monitoring as code on any cloud — from bare metal to cloud native. Sensu provides a flexible observability platform for DevOps and SRE teams, allowing them to reuse their existing monitoring and observability tools, and integrates with best-of-breed solutions — like Red Hat Ansible Automation Platform. 

With Sensu, you can reuse existing tooling, like Nagios plugins, as well as monitor ephemeral, cloud-based infrastructure, like Red Hat OpenShift. Sensu helps you Continue reading

Community Rooms at DockerCon LIVE 2021

The Docker community spans the four corners of the world. To celebrate the global nature of our community at DockerCon this year, we’ve created something new: Community Rooms.

Building on the learnings of our “regional rooms experiment” during our last Community All-Hands, Community Rooms are virtual spaces that DockerCon attendees will be able to join to discuss, share and learn about Docker in their own language and/or around a specific topic area. 

100% LIVE

The main focus of these Community Rooms is to bring people together and encourage interaction so we have set them up to be 100% live. Yep, that’s right, all the content you’ll find in these rooms, whether they’re talks, demos, workshops, panel discussions etc. will be in real-time, all broadcast over a live Zoom link. 

Hosted by the Community for the Community

Each Community Room will be overseen by Docker Captains and Community Leaders. They will be responsible for every aspect of the room, from the curation of content, to the management of the schedule, to the recruitment of the speakers, to the moderation of their room’s live chat. 

There will be seven community rooms to choose from, each with one or Continue reading

Handling OOB Network Changes

In this blog I would like to showcase the power of Ansible Content Collections to build powerful abstractions. Collections are a distribution format for Ansible content that can include playbooks, roles, modules and plugins. For this blog post, let us address an Infrastructure as Code(IaC) use case for network configuration management of BGP. We will walk through examples for both Cisco IOS and Arista EOS devices.

First, let us define a data-model that encapsulates the vendor-agnostic configuration.

bgp_global:
    as_number: '65000'
    bgp:
        log_neighbor_changes: true
        router_id:
            address: 192.168.1.1
    neighbor:
    -   activate: true
        address: 10.200.200.2
        remote_as: 65001
bgp_address_family:
    address_family:
    -   afi: ipv4
        neighbor:
        -   activate: true
            address: 10.200.200.2
        network:
        -   address: 10.25.25.0
            mask: 255.255.255.0
        -   address: 10.25.26.0
            mask: 255.255.255.0
        -   address: 10.100.100.0
            mask: 255.255.255.0
        -   address: 10.200.200.0
            mask: 255.255.255.0
        -   address: 172.16.0.0
        -   address: 192.168.1.1
            mask: 255.255.255.255

As you might have observed, this data-model matches exactly the input expected by the <vendor>.bgp_global and  bgp_address_family modules within the IOS and EOS Continue reading

10 Reasons to Attend DockerCon LIVE 2021

DockerCon Live 2021 is almost here and it’s going to be one to remember. Our one-day, all-digital event on May 27 will be jam-packed with the application development technology, skills, tools and people you need to help solve the problems you face day to day — all for free.

Designed for developers by developers, this year’s event is all about modern application delivery in a cloud-native world. At DockerCon, you’ll learn how Docker helps you grow your development capacity and community connections so you can accelerate how you build, share and run your applications, and spend more of your time actually coding the next great application.

Ten Reasons to Attend

  1. Get the scoop. Be the first to see the latest Docker innovations, features and technology updates.
  2. Hear from industry leaders. In addition to Docker’s executive team, the speaker lineup includes AWS, Cockroach Labs, Instana, Mirantis, Accurics, Snyk and other companies that will share how Docker is an integral part of their software supply chain.
  3. Get up close. See live, on-demand technical demos.
  4. Connect. Network with peers and a vibrant community of developers, and connect with Docker Captains and Community Leaders.
  5. Learn. Attend tutorials on how to get started with containers Continue reading

Network MOP’s as automated workflows

What does successful network automation look like? What are the metrics that can measure the effectiveness of this practice and its business value?

Some will say we should look at time and cost savings, but we should not forget about driving consistency and a simpler operation to reduce risk. In this context, what are the use-cases that will get us there?

Network MOP blog 1

https://pixabay.com/illustrations/bot-cyborg-automation-helper-robot-4877977/

 

While there are generic use-cases, the real value of automation is truly uncovered when you are able to translate your existing processes into automated workflows that need no human intervention in order to be executed.

If your current processes are too complex, you can start by breaking them down into smaller chunks of work that will become the building blocks of your workflows. The simpler these units of work are, the more reliable/reusable they become.  This blog post will walk through several use-cases for network automation, and show examples of data validation and functional testing to automate Methods of Procedure (MOP).  We can then combine these building blocks into an overall workflow to gradually increase our time savings and reap more benefits from our automation as we add more building blocks.

Do something Continue reading

DockerCon LIVE 2021: One Month Before Lift Off

WIth exactly one month before lift off, here’s a quick update on all the goodness that awaits you at this year’s DockerCon LIVE 2021. Like last year, we’ll have one full day of keynotes, breakout sessions across several tracks and live panels and interviews. The current agenda and full list of speakers is available on our website.  

Engaging in real-time

A big focus is live content and interaction between speakers and attendees. Our partners at The Cube have worked hard on improving their conference platform and expanding on functionality, so get ready for more real-time content and awesome new features to help speakers and attendees connect, meet, greet, share and learn from each other. 

Keynotes

To help set the stage, that day kick’s with must-see keynotes from Docker leadership and compelling guest speakers. We’ll have a special post about our keynote line-up on our blog soon.

Breakout sessions

We’re still building out the schedule (yes, that’s what happens when you have so much awesome content to work with!) but we anticipate that we’ll have at least 40 breakout sessions with an absolutely stellar line-up of speakers. You can find the current list of speakers here and the Continue reading

Deep dive into Trend Micro Deep Security integration modules

At AnsibleFest 2020, we announced the extension of our security automation initiative to support endpoint protection use cases. If you have missed it, check out the recording of the talk “Automate your endpoint protection using Ansible” on the AnsibleFest page.

Today, following this announcement we release the supported Ansible Content Collection for Trend Micro Deep Security. We will walk through several examples and describe the use cases and how we envision the Collection being used in real world scenarios.

If you want to refresh your memory about our endpoint protection support with Ansible in general, head over to the the introducing blog post Automating Endpoint Protection with Ansible.

 

About Trend Micro Deep Security

Trend Micro Deep Security is one of the latest additions to the Ansible security automation initiative. As an endpoint protection solution it secures services and applications in virtual, cloud and container environments. It provides automated security policies and consolidates the security aspects across different environments in a single platform.

 

How to install the Certified Ansible Content Collection for Trend Micro Deep Security

The Trend Micro Deep Security Collection is available to Red Hat Ansible Automation Platform customers at Automation Hub, our software-as-a-service offering on Continue reading

LinuxKit as a Commodity for Building Linux Distributions

Guest post by Docker Captain Gianluca Arbezzano

Recently Corey Quinn from LastWeekInAWS wrote an article that made me think “Nobody Cares About the Operating System Anymore”. Please have a look at it! I like the idea that nobody cares about where their application runs. Developers only want them running.

A bit of context about Tinkerbell

I am one of the maintainers for the Tinkerbell project. A bare metal workflows engine that heavily relies on containers and Docker to get its work done. It tries to find an answer for a reasonable question: how do we manage rooms of pieces of hardware? More in practice, how can we bring an API on top of everybody’s data centers?

Containers are the abstraction we decided to use when running reusable code (that we call actions) in somebody else’s hardware. Mainly because distribution, packaging, and runtime are solved issues. Everyone knows how to build, push and run a container.

I think this scenario compares well with the story Corey highlighted. Operating systems are an established, well-known abstraction for the majority of the use cases.

The special operating system for bare metal provisioning

The lifecycle of a bare metal server can be summarised as follows:

  1. Continue reading

The Stars Are Aligning: Announcing our first round of speakers at DockerCon LIVE 2021

With just over a month to go before DockerCon LIVE 2021, we’re thrilled to announce our first round of speakers. We have returning favorites and compelling new first time speakers to round out your DockerCon experience. 

We received hundreds of amazing speaker proposals which made it difficult to select just a few. We set up a small team this year composed of seven Docker staff members and three Docker Captains to diligently review each proposal and deliberate once a week. We have more speakers and sessions to announce so stay tuned. 

Remember, if you haven’t registered for DockerCon, please make sure to do so now to get an early peak at the conference website.

Melissa McKay – Developer Advocate @ JFrog
The Docker and Container Ecosystem 101

Lukonde Mwila – Senior Software Engineer @ Entelect
Docker Swarm: A Journey to the AWS Cloud

Peter Mckee – Head of Developer Relations @ Docker
Event Emcee and Panel Moderator

Bret Fisher – DevOps Consultant and Docker Captain
Panel Moderator


Julie Lerman – Software Coach and Docker Captain
Panel Member

Nick Janetakis – Full-Stack Developer and Docker Captain
Best Practices around Creating a Production Ready Web App with Docker Continue reading

Automating Endpoint Protection with Ansible

Screenshot from 2021-04-30 16-08-39

Enterprise security isn’t a homogeneous entity; it’s a portfolio of multi-vendor solutions run by disparate and often siloed teams. With so many different layers, automation proved to be effective in helping security operations teams to integrate and share accountability.

Automated processes and workflows simplify and accelerate shared processes, like investigation & response and, if enabled with a platform with the right characteristics, encourage a more open culture of collaboration.

Red Hat Ansible Automation Platform caters to this growing importance of security with Ansible security automation: our answer to the lack of integration across the IT security industry. If you are new to the topic, a good place to start is our investigation enrichment blog. A good follow up is our blog post about threat hunting, extending the application of Ansible security automation to multiple teams across the IT department.

The Ansible security automation initiative grew significantly over the last two years, adding more partners and covering additional domains and use cases. If you want to know more about what is available, have a look at the supported Collections that can be accessed via cloud.redhat.com for more details. The most recent addition to our security automation initiative was Continue reading

1 15 16 17 18 19 125