Use Satellite 6 as an Inventory Source in Ansible Tower
Welcome to another entry in the Getting Started series! In this post we’ll talk about how to use Red Hat Satellite 6 as an inventory source within Ansible Tower. A common scenario we see is the use of Satellite 6.3 to manage Red Hat Enterprise Linux infrastructure, which makes adding Red Hat Ansible Tower to the existing environment a snap.
First, Create a User in Satellite
Ansible Tower will need to authenticate to Satellite, so create a user with an integration role that has the permissions needed to manage inventory. The permissions needed are:
| Resource | Permission | Access Type |
| Fact value | view_facts | Read Satellite Server facts. |
| Host | view_hosts | Read Satellite Server hosts. |
| Host group | view_hostgroups | View Satellite Server host groups. |
Once you’ve created your user, log in to the Tower host.
Create Credential in Tower With the Satellite User
Navigate to Settings >> Credentials in Tower and create a new credential.
The credential type can be found in the credential type list:
Once you select ‘Red Hat Satellite 6’, the field to add the Satellite URL will be available:
Add New Inventory
With the Satellite server prepared and the credential in place within Tower, all that’s left Continue reading
A Quadruple-Provider Vagrant Environment
In October 2016 I wrote about a triple-provider Vagrant environment I’d created that worked with VirtualBox, AWS, and the VMware provider (tested with VMware Fusion). Since that time, I’ve incorporated Linux (Fedora, specifically) into my computing landscape, and I started using the Libvirt provider for Vagrant (see my write-up here). With that in mind, I updated the triple-provider environment to add support for Libvirt and make it a quadruple-provider environment.
To set expectations, I’ll start out by saying there isn’t a whole lot here that is dramatically different than the triple-provider setup that I shared back in October 2016. Obviously, it supports more providers, and I’ve improved the setup so that no changes to the Vagrantfile are needed (everything is parameterized).
With that in mind, let’s take a closer look. First, let’s look at the Vagrantfile itself:
# Specify minimum Vagrant version and Vagrant API version
Vagrant.require_version '>= 1.6.0'
VAGRANTFILE_API_VERSION = '2'
# Require 'yaml' module
require 'yaml'
# Read YAML file with VM details (box, CPU, and RAM)
machines = YAML.load_file(File.join(File.dirname(__FILE__), 'machines.yml'))
# Create and configure the VMs
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# Always use Vagrant's Continue readingTechnology Short Take 101
Welcome to Technology Short Take #101! I have (hopefully) crafted an interesting and varied collection of links for you today, spanning all the major areas of modern data center technology. Now you have some reading material for this weekend!
Networking
- Kirk Byers discusses the direct TextFSM integration he added to the 2.0 release of Netmiko.
- David Gee provides a walkthrough on creating a self-signed root certificate for use with mutual SSL for gRPC on JunOS. (How’s that for a mouthful!) If you’re a networking pro and didn’t understand most of that last sentence, I’d content that you’ve got some learning to do. The networking industry is changing, don’t get left behind!
- Here’s another one from David: running Juniper vQFX10K on ESXi 6.5. (Personally, I’d love to see the KVM option explained.)
- Kamal Kyrala discusses a method for accessing Kubernetes Services without Ingress, NodePort, or load balancers. Why is this in the networking section? Because it involves IP routing and ECMP!
- On the Ansible web site, Sean Cavanaugh provides a deep dive into the
commandmodules for network devices.
Servers/Hardware
- AWS adds local NVMe storage to the M5 instance family; more details here. What I found interesting Continue reading
Register for the DockerCon San Francisco 2018 Livestream
For those of you who can’t make it to DockerCon 2018 in San Francisco, June 12-15, you don’t have to miss out on the exciting news coming live at the event. We are happy to share that the General Sessions on both Day 1 and Day 2, as well as Moby’s Cool Hacks on Day 2 at DockerCon will be live streamed from San Francisco. For those looking to attend DockerCon SF Live there are a few tickets left. Don’t miss your last chance to register.
Find out about the latest Docker announcements live from Steve Singh (CEO) and Scott Johnston (Chief Product Officer) and enjoy the highly technical demos the Docker team has prepared for you!
Livestream schedule:
- General Session Day 1 – 6/13 – 9 to 10:30am PDT
- General Session Day 2 – 6/14 – 9 to 10:30am PDT
- Moby’s Cool Hack on Day 2 – 6/14 – 4 to 5pm PDT
The livestream player will be embedded on the DockerCon site a few hours prior to the event. Be sure to sign up here to receive an email with the link to the livestream before the general session starts!
Sign up for the DockerCon Livestream
Command Module Deep Dive for Networks
Enterprise customers often ask the Ansible Network team about the most common use cases for network automation. For this blog post I want to talk about one of the most used (and most versatile) set of network modules: the command modules. The command modules let you run networking commands with Ansible, the same way a network engineer would type them on the command line. With Ansible, though, the output doesn’t just fly by the terminal window to be lost forever; it can be stored and used in subsequent tasks. It can also be captured in variables, parsed for use by other tasks, and stored in host variables for future reference.
Today we’re going to cover basic use of the network command modules, including retaining command output with the register parameter. We’ll also cover scaling to multiple network devices with hostvars and adding conditional requirements with the wait_for parameter and three related parameters: interval, retries, and match. The takeaway from this blog post is that any repeatable network operations task can be automated. Ansible is more than configuration management, it allows network operators the freedom to decouple themselves from routine tasks and save themselves time.
There are command modules Continue reading
Exploring Kubernetes with Kubeadm, Part 1: Introduction
I recently started using kubeadm more extensively than I had in the past to serve as the primary tool by which I stand up Kubernetes clusters. As part of this process, I also discovered the kubeadm alpha phase subcommand, which exposes different sections (phases) of the process that kubeadm init follows when bootstrapping a cluster. In this blog post, I’d like to kick off a series of posts that explore how one could use the kubeadm alpha phase command to better understand the different components within Kubernetes, the relationships between components, and some of the configuration items involved.
Before I go any further, I’d like to point readers to this URL that provides an overview of kubeadm and using it to bootstrap a cluster. If you’re new to kubeadm, go read that before continuing on here.
<aside>Quick side note: it’s my understanding that at some point the intent is to move kubeadm alpha phase out of alpha, at which point the command might look more like kubeadm phase or similar (that hasn’t been fully determined yet as far as I know). If you’re reading this at some point in the future, just make note that this was written back Continue reading
Docker Enterprise Edition in Production: Stories from 9 Enterprise Organizations at DockerCon — Plus a Bonus!
One of the best things about conferences is meeting people and hearing their stories. I’ve been fortunate to work with several Docker customers this year on their DockerCon sessions. You’ll want to catch at least a few of these while you’re there next week. Make sure to add them to your schedule.
Here are the highlights from 9 amazing stories from Docker commercial customers that will be told at DockerCon, many from the world’s largest companies. There’s a bonus session, too!
Read on to learn more.
How Bosch built a “Container as a Service” platform. Till Schenk, IT Infrastructure Architect, will talk about building a centralized service based on Docker Enterprise Edition to serve a 62,000+ employee R&D organization. Hear about the architectural and operational decisions, the challenges Bosch faced, and how they’ve scaled up to 1,000 image repositories. 12:00 pm on Wednesday, June 13.
MetLife’s “ModSquad” talks about their production NoSQL DB on Docker. Jonell Taylor, a Platform Engineer on the MetLife internal innovation will explain the process they went through moving from traditional RDBMS to NoSQL on Docker Enterprise Edition. You’ll hear about the decisions they made impacting orchestration, availability, database replication, and disaster recovery. 1:50 pm on Continue reading
What’s on your DockerCon 2018 Agenda?
DockerCon is quickly approaching, taking place next week from June 12th – 15th at the Moscone Center in San Francisco. The conference will welcome 6,000+ developers, sysadmins, architects, VP of Apps and other IT leaders to get hands-on with the latest innovations in the container ecosystem at DockerCon 2018.
Have you scheduled your DockerCon Agenda or RSVP’d for sessions?
Check out the DockerCon Agenda Builder to browse and search the sessions. As an attendee log in using the information and create your DockerCon schedule.
We’ve brought back some of your favorite from past DockerCon events and are also thrilled to welcome many first-time DockerCon speakers to the stage. Here is a first look at some of our favorites sessions:
Customers in Production
Use case sessions highlight how companies are using Docker to modernize their infrastructure and build, manage and secure distributed applications. These sessions are heavy on business value, ROI and production implementation advice, and learnings.
- Building your NoSQL ship: How an Enterprise transitioned from a RDBMS to NoSQL DB using Agile and Docker by Jonell Taylor, Metlife
- Black Friday and 100K Deployments Per Year by Srikanth Bulusu & Sanjoy Mukherjee, JCPenney
- Packaging Software for Distribution on the Continue reading
Connect Ansible Tower and Jenkins in under 5 minutes
We often hear from customers that they are using Jenkins in some capacity or another. And since I'm a consultant, I'm lucky to hear first hand what our customers are using and how they need to integrate Ansible Tower. There has always been a way to integrate the Ansible Tower and Jenkins using tower-cli, but I thought there could be a neater, closer to native, way of doing it.
So here we go. I've recorded this short screencast to show you just how easy it is:
Below you will find a few links from the video and a link to how to try Ansible Tower.
plugins.jenkins.io/ansible-tower
wiki.jenkins.io/display/JENKINS/Ansible+Tower+Plugin
See How Docker Accelerates Digital Transformation in the Enterprise at DockerCon 2018
DockerCon has everything you and your company need in order to understand how to accelerate digital and multi-cloud initiatives with containerization. Come to network and learn from your peers, as well as gain access to leaders and innovators in the container industry.
DockerCon isn’t just for developers and this year we have unique experiences that cater to a variety of tech professionals, from developers to sys admins to enterprise architects and technical executives.
Join us in San Francisco this June to hear how industry leading organization are transforming business and IT with Docker’s container platform, Docker Enterprise Edition. To help with planning, here are our top four recommendations:
- Keynotes with the latest announcements from Docker and spotlight feature of how Liberty Mutual transformed their enterprise
- Breakout sessions for business executives including How to Build Your Containerization Strategy, Modernizing Traditional Applications with Docker, and Building a Docker Center of Excellence: Panel Discussion with MetLife, PayPal, and Splunk
- Networking with technical leaders who have already partnered with Docker, including Lockheed Martin, JCPenney and GE, Bosch, McKesson, MetLife, and more.
- Schedule time with a Docker specialist for a container maturity assessment
Containerization is one of the fastest growing cloud enabling technologies and Continue reading
Book Review: Infrastructure as Code
As part of my 2018 projects, I committed to reading and reviewing more technical books this year. As part of that effort, I recently finished reading Infrastructure as Code, authored by Kief Morris and published in September 2015 by O’Reilly (more details here). Infrastructure as code is very relevant to my current job function and is an area of great personal interest, and I’d been half-heartedly working my way through the book for some time. Now that I’ve completed it, here are my thoughts.
Overall, Morris does a great job of crisply defining infrastructure as code (a somewhat vague and amorphous term at times) and outlining the key principles that are involved. Morris also does a really good job of staying high-level as he works through the various aspects of infrastructure as code and discusses some of the considerations, patterns (and anti-patterns), and recommended practices in each aspect.
The book’s high-level focus is, however, both its greatest strength as well as its greatest weakness. Because infrastructure as code can be implemented in a variety of ways with a variety of tools, the book must necessarily be high-level and somewhat abstract. As I mentioned, Morris does a really Continue reading
How to Fully Uninstall Kaspersky’s NDIS Filter
I like Kaspersky anti-virus, and I use it regularly… (Not on my own PC mind you, but on the clients)
While I do believe they provide the best anti-virus in the market, I am not a fan of most of their other products. That goes for the Firewall, Safe Browsing, SSL Hijacking, and of course their newest addition, Secure Connection…
In a previous post, I talked about how to optimize OpenVPN by adjusting the MTU to your links. That however, is likely not going work on windows clients running Kaspersky products.
On these clients, once a packet reaches the MTU, further packets could be dropped. Furthermore, OpenVPN process and the whole tunnel could come to a halt.
Investigating further, it turned out the so called Kaspersky Anti-Virus NDIS 6 Filter is to blame. This NDIS driver seems to be incompatible with any MTU other than 1500.
The solution
The solution is to either disable the NDIS filter for the affecting interfaces (e.g. TAP interface), or completely uninstall it as a whole. Kaspersky’s support page seems to be against disabling the filter and recommends uninstalling it instead:
“It is not recommended to use Kaspersky Anti-Virus NDIS Filter by disabling Continue reading
New Features of Docker Enterprise Edition 2.0 – Top 12 Questions from the Docker Virtual Event
In the recent Docker Virtual Event, Unveiling Docker Enterprise Edition 2.0, we demonstrated some of the key new capabilities of the Docker Enterprise Edition – the enterprise-ready container platform that enables IT leaders to choose how to cost-effectively build and manage their entire application portfolio at their own pace, without fear of architecture and infrastructure lock-in. Designed to address enterprise customers’ needs, these net-new features extend across both Swarm and Kubernetes (Part 1 of this blog) and across Windows and Linux applications (Part 2 of this blog).
In this blog post, we’ll go over some of the most common questions about these new features as well as some of the common questions that were asked about how Docker Enterprise Edition is packaged and deployed.
If you missed the live event, don’t worry! You can still catch the recording on-demand here.
Docker Enterprise Edition 2.0 Features
Q: Can I connect my corporate directory to permissions inside Docker Enterprise Edition?
A: Yes! You can integrate your corporate LDAP or Active Directory to Docker Enterprise Edition. Permissions can be mapped to one of the 5 built-in roles or administrators can create very granular and flexible Continue reading
Windows Updates and Ansible
Welcome to the fourth installment of our Windows-centric Getting Started Series!
One of the duties of most IT departments is keeping systems up to date. In this post we’re taking a quick look at using Ansible to manage updates on your Windows nodes. Starting with a small example of six Windows machines, we’ll show an example of a play against those hosts. We’ll share the full example at the end.
Updates, Updates, Updates...
Managing Windows updates is something that can be understood and customized quickly with Ansible. Below is a small-scale example of running updates on hosts with some flexibility in what gets updated in the process. The example here is assuming a domain exists and the hosts are being passed domain credentials. If you’re looking to test this example, be sure to read Bianca’s earlier Getting Started post on connecting to a Windows host.
Because this example is running against exclusively Windows machines, the information needed to connect can be included in the inventory file:
[all:vars]
ansible_connection: winrm
ansible_user: administrator
ansible_password: This-Should-Be-a-Password!
For Example
The example hosts include three groups of servers, two in each group. There are terminal servers, application servers, and directory servers. For the purposes of Continue reading
Announcing DockerCon 2018 Session: Cool Hacks
One of the most anticipated sessions at DockerCon is Cool Hacks, where we showcase a few members of the Docker community pushing the envelope on what you can achieve with Docker, in a demo heavy session, showing trends of what innovators are building on top of the Docker platform. This year, we’ll talk about Space, AI and Serverless!
Past Cool Hacks have gone to be widely used: last year Marcos Nils and Jonathan Leibiusky showed Play with Docker, a Docker playground that you can run in your browser that is now used by tens of thousands of developers and system administrators monthly to learn the basics on Docker and was applied to learning Kubernetes with Play with Kubernetes; And Alex Ellis demoed a FaaS, a portable serverless platform running on top of Swarm, that grew into the OpenFaaS project, one of the 12 installable serverless platforms mentioned in the Cloud Native Foundation Serverless Working Group serverless landscape.
This post should whet your appetite for what to expect in Dockercon 2018 Cool Hacks session.
Docker for Space, software devops in a hardware world, and how we build software to hit an asteroid
Christopher Heistand, Flight Software Lead at Johns Hopkins University Continue reading
Create Your Own Unique Developer Experience for DockerCon 2018
DockerCon is back and better than ever as we welcome our developer community to this year’s DockerCon in San Francisco (June 12-15, 2018)! It doesn’t matter if you’re new to Docker, or an old hand at Dockerizing your applications. For developers, DockerCon is the best place to learn about bringing Docker to your applications.
This year at DockerCon, you have the opportunity to choose the content and create an agenda that is based on your role and where you’re at in your containerization journey. We know you’ll want to choose carefully, so here’s some things to consider.
Whether you’re developing modern microservices applications or are looking for ways to modernize your existing applications, DockerCon will teach you about new features and capabilities, container best practices, containerization strategies and innovative ways to use containers such as serverless apps, using a service mesh, and incorporating machine learning.
For many developers, the best way to learn is hands-on. Our Hands-On Labs and workshops will give you practical knowledge. And our breakout sessions will introduce you to new concepts and ideas on how to incorporate Docker into your enterprise workflow.
DockerCon can show you how Docker can solve the most pressing problems, both for Continue reading
Technology Short Take 100
Wow! This marks 100 posts in the Technology Short Take series! For almost eight years (Technology Short Take #1 was published in August 2010), I’ve been collecting and sharing links and articles from around the web related to major data center technologies. Time really flies when you’re having fun! Anyway, here is Technology Short Take 100…I hope you enjoy!
Also, a quick note that I removed the “Servers/Hardware” and “Storage” sections this time around, as I didn’t have any useful content to share. I’ll continue to evaluate whether I will/should include those sections moving forward (your feedback is welcome; hit me up on Twitter).
Networking
- Will Robinson walks readers through installing NTC Ansible.
- Battleship over BGP? Interesting (saw this via Rob Markovic on Twitter).
- Ben Piper shares an example of automating Cumulus Linux with Ansible.
Security
- Container wizard Jessie Frazelle shares a proposal for hard multi-tenancy in Kubernetes. Along the way, she also provides some additional (useful) information about existing isolation mechanisms.
Cloud Computing/Cloud Management
- This article on how proportional CPU allocation works with AWS Lambda shows that there’s more to architecting and supporting Lambda for maximum efficiency than a lot of folks realize. (I could be wrong, though. Continue reading
Top 5 Recommendations for the IT Professional at DockerCon 2018
DockerCon 2018 is right around the corner and it’s not just a conference for developers! We’ve created experiences and activities designed with the IT professional in mind.
Registration is open so secure your spot and begin planning your conference experience.
“What gets me excited about Docker is how liberating their platform is for technologists. As a technologist, Docker gives me the freedom, flexibility, and makes it extremely easy to run and deploy apps on modern infrastructure.” – Arjuna Rivera, I2 Labs Leader, Lockheed Martin
DockerCon is the premier container industry event, where you’ll see examples of Docker best practices that you can implement within your company, gain hands-on experience of the Docker container platform, including Kubernetes, security, networking and storage, plus 
learn how to bring the Docker container platform in to your organization to modernize applications and streamline your deployment and maintenance operations.
Networking is key benefit to a conference and at DockerCon we’ve made it easy to find peers in our Hallway Track. Whether you’re looking for somebody to help answer your questions, or you have wisdom to share with others, the Hallway Track is like your own custom breakout session.
Here are our top 5 recommendations for Continue reading
Quick Post: Parsing AWS Instance Data with JQ
I recently had a need to get a specific subset of information about some AWS instances. Naturally, I turned to the CLI and some CLI tools to help. In this post, I’ll share the command I used to parse the AWS instance data down using the ever-so-handy jq tool.
What I needed, specifically, was the public IP address and the private IP address for each instance. That information is readily accessible using the aws ec2 describe-instances command, but that command provides a ton more information than I needed. So, I decided to try to use jq to parse the JSON output from the AWS CLI. If you’re not familiar with jq, I recommend you take a look at this brief introductory post I wrote back in 2015.
After some trial and error, here’s the final command I used:
aws ec2 describe-instances | jq '.Reservations[] | .Instances[] | \
{Id: .InstanceId, PublicAddress: .PublicIpAddress, \
PrivateAddress: .PrivateIpAddress}'
I’ll refer you to the jq manual for details on breaking down how this filter works. I’ll also point out that there’s nothing terribly groundbreaking or revolutionary about this command; I wanted to share it here just in case it may save someone Continue reading
Introducing Play With Kubernetes
Every month for the last year, thousands of people have used Play with Docker and the accompanying hands-on Play with Docker Classroom training site. These sites allow you to use and learn Docker entirely within your own browser, without installing anything. Last summer, we quietly launched the companion site Play with Kubernetes, to give people a full command line while learning Kubernetes. And today we’re launching a new Kubernetes training site, the Play with Kubernetes Classroom.
The Play with Kubernetes Classroom is a workshop environment just like the Play with Docker Classroom. We currently have an extensive Kubernetes workshop originally based on Jérôme Petazzoni’s Container Training Kubernetes workshop. But instead of doing it all locally or setting up VMs in the cloud, you can now run through the workshop entirely in the browser.
Like the Play with Docker Classroom, we’ll be curating contributions of additional labs from the community. So give Kubernetes in your browser a try, and then come on over to the Play with Kubernetes repository to share your own tutorials with the community.
Check out the Play with Kubernetes Classroom
Try Kubernetes in Docker Enterprise Edition
Try Kubernetes in the browser with https://training.play-with-kubernetes.com
Click To Continue reading