0

Ansible + Networking Webinar Q&A

The Ansible Ask an Expert webinar series continues to be one of the most popular series we’ve ever hosted. During these Q&A style webinars, our Ansible experts take questions from the audience about specific topics.

In March, we covered Ansible + Networking. We’ve compiled the questions and answers below for your reference.

Interested in more? Our next Ask an Expert: Networking webinar is scheduled for July 19 at 11AM EDT. Register here.

Q: Persistent connection optimization really applies to devices that do not use a REST API with support for long-lived access tokens (as opposed to cookies)?

A: That's correct. The persistent connection framework is designed to work with SSH based connections, which include CLI and NETCONF connection methods.

Q: Do you know if it's in the roadmap to ship Ansible Tower with jobs out-of-the-box for the most common tasks performed with Red Hat products? For example, deploy a jboss EAP, install OS packages, and stuff like that?

A: Assuming you are talking about "canned" Playbooks here. In most cases, each of the individual products would curate and maintain Playbooks for use and are distributed by the individual products (since there are support implications). The Ansible distribution does not include Continue reading

0

WEBINAR Q&A: Modernize Traditional Applications with Docker Enterprise Edition

This week at DockerCon, we announced the Modernize Traditional Applications (MTA) Program to help enterprises make their existing legacy apps more secure, more efficient and portable to hybrid cloud infrastructure. This webinar covers the importance of “WHY NOW and HOW” to start modernizing traditional applications with Docker Enterprise Edition. Legacy applications often serve critical business needs and have to be maintained for a long time. The maintenance of these applications can become expensive and very time consuming. Some applications may have been written decades ago, grown to millions of lines of code  and the team that built and deployed the app may no longer be at your company. That can pose a challenge for app maintenance, security and support. Docker Enterprise Edition and the Image2Docker Tool presents a unique opportunity to modernize these apps into containers to make them portable, more secure and cost efficient to operate.

View the recorded session below and read through some of the most popular questions

.

Q: Do I need to follow all the steps in the exact sequential manner or do all of them to qualify as modernizing traditional applications?

A:  Outside of the first step of taking the existing app and converting it to a Continue reading

0

The Linux Migration: April 2017 Progress Report

In December 2016, I kicked off a migration to Linux (from OS X) as my primary laptop OS. In the nearly 4 months since the initial progress report, I’ve published a series of articles providing updates on things like which Linux distribution I selected, how I’m handling running VMs on my Linux laptop, and integration with corporate collaboration systems (here, here, and here). I thought that these “along the way” posts would be sufficient to keep readers informed, but I’ve had a couple of requests in the last week about how the migration is going. This post will help answer that question by summarizing what’s happened so far.

Let me start by saying that I am actively using a Linux-powered laptop as my primary laptop right now, and I have been doing so since early February. All the posts I’ve published so far have been updates of how things are going “in production,” so to speak. The following sections describe my current, active environment.

Linux Distribution

In my initial progress report, I’d tentatively chosen to use Ubuntu 16.04 LTS (“Xenial Xerus”). However, a short while later I switched to Fedora 25, and have settled Continue reading

0

DockerCon Agenda, Mobile App and DockerCon Slack

From Docker use cases at large corporations, to advanced technical talks and hands-­on lab tutorials, the DockerCon Agenda includes sessions adapted to every attendee profile, expertise level and domain of interest.

If you’re a registered attendee, login on the DockerCon portal using the information you set up during the registration process. You can use the keyword search bar or filter by topics, days, tracks, experience level or target audience.

Once logged in, you can “star” your interests and create your DockerCon schedule. Your saved interests and schedule will be available on the DockerCon mobile app you can download here.

Below are some useful tips and tricks for getting the most out of the DockerCon App.

Add More Sessions in the App

If you have not started already, we encourage you to review DockerCon sessions and build your agenda for next week. The process is very simple and will help you organize sessions and activities by the topics that you are interested in. Just click the “Schedule” widget and explore sessions by day or track. When you add  to “My Agenda”, you’ll be able to it find later in “My Event”.

You can use the DockerCon App to take notes and rate Continue reading

0

Docker Docs Hackathon: April 17-21, 2017

During DockerCon 2017, Docker’s docs team will be running the first-ever Docker Docs hackathon, and you’re invited to participate and win prizes – whether you attend DockerCon or are just watching the proceedings online.

Essentially, it’s a bug-bash! We have a number of bugs filed against our docs up on GitHub for you to grab.

You can participate in one of two ways:

• With the docs team’s help in the fourth floor hack room at DockerCon on Tuesday, April 18th and Wednesday, April 19th, from 1-6pm.
• Online! Right here! During the whole week of DockerCon (April 17th – 21st).

Or, both – if you want to have the best shot. After all, we won’t be in the hack room 24/7 that whole week.

All participants who show up in the 4th floor hack room at DockerCon will get this way-cool magnet just for stopping by.

Quick links

• Official hackathon page on Docs site
• Event page on DockerCon website
• View hackathon bugs on GitHub
• Report your hackathon work
• Browse prizes
• #docs on Slack, if you have questions

How it works

We have a number of bugs that have built up in our docs queue on GitHub, and we have labeled a Continue reading

0

OpenVPN – TCP or UDP tunneling?

Spoiler alert: You most likely would want to use UDP tunneling!

An OpenVPN tunnel runs over IP and can encapsulates VPN traffic into either a UDP or a TCP connection. To understand the pros and cons of each, we first need to have an understanding of them both.

TCP

Transmission Control Protocol is the dominant protocol there is for most daily stuff happening on a network. It has some very interesting features built-in which makes it very resistant to network packet loss, packet reordering, packet duplication, unintentional packet corruption and even link congestion. Despite it being not perfect¹, it’s survived the test of time and it’s not going anywhere in near future.

All those features however come at a price. A typical TCP packet has a header size of 20 bytes. Assuming you’re using IPv4, You also get a 20 bytes IP header added on top of it. So at least 40 bytes in each TCP packet is the header data that comes before the actual payload.

UDP

Unlike TCP, User Datagram Protocol does not come with much features. It comes with a checksum header for packet integrity but connection reliably as a whole is not guaranteed. In Continue reading

0

Introducing Moby Mingle at DockerCon 2017

If you’re pumped about all the things you learn and all the people you meet at Docker events, you’re going to love what we have planned for you at this year’s DockerCon! With more than 5000 attendees, there will be a wealth of knowledge in the room, ready to be shared, explored and cultivated. This year we’re going to draw on the power of the DockerCon crowd to open-source the attendee experience and bring the focus of the conference back to our users. Every attendee has different experiences, backgrounds, and interests to share. The trick becomes finding the right individual, with the specific knowledge you’re looking for.

So we’re excited to give everyone at DockerCon access to a tool called #MobyMingle to connect with people who share the same Docker use cases, topic of interests or hack ideas, or even your favorite TV shows. So no matter where you’re traveling from or how many people you know before the conference, we will make sure you end up feeling at home!

Using a web based platform, you’re able to build a profile, set goals around what you want to get out of Dockercon, and then make Offers and Requests to help Continue reading

0

Technology Short Take #81

Welcome to Technology Short Take #81! I have another collection of links, articles, and thoughts about key data center technologies, and hopefully I’ve managed to include something here that will prove useful or thought-provoking. Enjoy!

Networking

• Matt Oswalt has a great post on the need for networking professionals to learn basic scripting skills—something he (rightfully) distinguishes from programming as a full-time occupation. This is a post well worth spending a few minutes to read, and I wholeheartedly agree with Matt’s position here. Further, he follows that up with a post on how automation is more than just configuration management; it’s about network services. (This is a view shared by Ivan Pepelnjak.) Excellent stuff!
• Speaking of Ivan, he pointed out this post with 45 Wireshark challenges to help you improve your network analysis skills. Thanks to Ivan for the tip, and thanks to Johannes Weber for the challenges.
• Jason Edelman also jumps into this discussion on the need for automation/programming/scripting skills with a post that advocates the position of “automate when you can, program when you must”. Jason’s position aligns well with the viewpoints of both Matt and Ivan. I must say—if three well-known networking professionals who are also Continue reading

0

Enterprise Ready Software from Docker Store

Docker Store is the place to discover and procure trusted, enterprise-ready containerized software – free, open source and commercial.

Docker Store is the evolution of the Docker Hub, which is the world’s largest container registry, catering to millions of users. As of March 1, 2017, we crossed 11 billion pulls from the public registry!  Docker Store leverages the public registry’s massive user base and ensures our customers – developers, operators and enterprise Docker users get what they ask for. The Official Images program was developed to create a set of curated and trusted content that developers could use as a foundation for building containerized software. From the lessons learned and best practices, Docker recently launched a certification program that  enables ISVs, around the world to take advantage of Store in offering great software, packaged to operate optimally on the Docker platform.

The Docker Store is designed to bring Docker users and ecosystem partners together with

• Certified Containers with ISV apps that have been validated against Docker Enterprise Edition, and comes with cooperative support from Docker and the ISV
• Enhanced search and discovery capabilities of containers, including filtering support for platforms, categories and OS.
• Self service publisher workflow and interface to facilitate Continue reading

0

Docker Gives Back at DockerCon

Docker is actively working to improve opportunities for women and underrepresented minorities throughout the global ecosystem and promote diversity and inclusion in the larger tech community.

For instance, at DockerCon 2016, attendees contributed to a scholarship program through the Bump Up Challenge unlocking funds towards full-tuition scholarships for three applicants to attend Hack Reactor. We selected two recipients in 2016 and are excited to announce our third recipient, Tabitha Hsia, who is already in her first week of the program.

In her own words:

“My name is Tabitha Hsia. I grew up in the East Bay. I come from an art-focused family with my sister being a professional cellist, my mother being a professional pianist, and my great grandfather being a famous Taiwanese painter. I chose Hack Reactor because of their impressive student outcomes and their weekly schedule. Already in my first week, I have learned a ton of information from lectures and their wealth of resources. I have enjoyed pair programming the most so far. While the lectures expose me to new topics, applying the topics to actual problems has deepened my understanding the most. After graduation, my long-term goal is to become a virtual reality developer. Seeing Continue reading

0

What’s New in Ansible Tower 3.1

Ansible Tower 3.1 adds a variety of new features that make it easier than ever to share and scale IT automation. Tower now includes multi-Playbook workflows to streamline jobs, clustering to easily scale-out Tower instances, enhanced search and more.

For this post, we asked members of the Tower engineering team to highlight what’s new with the latest release and share what they're most excited about.

Engineered for the enterprise

Tim Cramer, Senior Director of Engineering, shares a quick overview of the Tower 3.1 enhancements designed to help teams harness the power of Ansible automation across servers, applications, environments and networks:

 

Scale-out clustering

Matt Jones, Principal Software Engineer, explains how scale-out clustering enables you to support a larger number of Tower jobs:

 

Multi-Playbook workflows

Chris Meyers, Senior Software Engineer, describes how Tower's new multi-Playbook workflows promote greater re-use of existing job templates and allow you to build a CI/CD testing workflow:

 

And more...

0

The Linux Migration: Corporate Collaboration, Part 3

In discussing support for corporate communication and collaboration systems as part of my Linux migration, I’ve so far covered e-mail in part 1 and calendaring in part 2. In this post, I’m going to discuss the last few remaining aspects of corporate collaboration: instant messaging/chat, meetings and teleconferences, and document sharing.

Teleconferences and meetings

The topic of teleconferences and meetings is closely related to calendaring—it’s often necessary to access your calendar or others’ calendars when coordinating meetings or teleconferences—so I encourage you to read part 2 to get a better feel for the challenges around calendaring/scheduling. All the same challenges from that post apply here. GNOME Calendar, although it offers basic Exchange Web Services (EWS) support, does not support meeting invitations, looking up attendees, free/busy information, etc. This makes it completely unusable for setting up meetings. Evolution provides the backend support that GNOME Calendar uses but may be better suited as a frontend; I haven’t tested this functionality so I don’t know. This EWS provider for Lightning does support free/busy information, inviting attendees, etc., so it may be a good option (I’m still testing it).

The second aspect of teleconferences/meetings is the actual conduct of the meeting itself. Hosting Continue reading

0

Network Device Authentication with Ansible 2.3

In a recent post, Coming Soon: Networking Features in Ansible 2.3, one of the key features to be introduced is a new connection framework. This new connection framework supports persistent SSH connections for modules that communicate with network devices via two methods:

1) the tried and true CLI method
2) the newly included NETCONF method

With the new connection framework, the network modules are currently undergoing a transformation with regards to how credentials are supplied. In Ansible versions 2.0 to 2.2, network modules support providing connection credentials as top-level arguments in the module.

If you want to build a task using the ios_command Ansible module the credentials used to authenticate to the device could be provided as top level arguments. The following example demonstrates the simplest form of passing credentials to modules in order to authenticate to the remote device:

ios_command:
  commands: show version
  host: “{{ inventory_hostname }}”
  username: cisco
  password: cisco
  

In some cases, such as with configuration modules, additional authentication details are required. In order to enter configuration mode, the Playbook tasks must first enter “enable” mode and, in some cases, supply an enable-mode password. Notice the additional two arguments (authorize and auth_pass) added to Continue reading

0

containerd joins the Cloud Native Computing Foundation

Today, we’re excited to announce that containerd – Docker’s core container runtime – has been accepted by the Technical Oversight Committee (TOC) as an incubating project in the Cloud Native Computing Foundation (CNCF). containerd’s acceptance into the CNCF alongside projects such as Kubernetes, gRPC and Prometheus comes three months after Docker, with support from the five largest cloud providers, announced its intent to contribute the project to a neutral foundation in the first quarter of this year.

In the process of spinning containerd out of Docker and contributing it to CNCF there are a few changes that come along with it.  For starters, containerd now has a logo; see below. In addition, we have a new @containerd twitter handle. In the next few days, we’ll be moving the containerd GitHub repository to a separate GitHub organization. Similarly, the containerd slack channel will be moved to separate slack team which will soon available at containerd.slack.com

containerd has been extracted from Docker’s container platform and includes methods for transferring container images, container execution and supervision and low-level local storage, across both Linux and Windows. containerd is an essential upstream component of the Docker platform used by millions of end users that  also provides the industry with an open, Continue reading

0

Easily Finding the Latest CoreOS AMI ID

It seems as if finding the right Amazon Machine Image (AMI) ID for the workload you’d like to deploy can sometimes be a bit of a challenge. Each combination of region and AMI produces a unique ID, so you have to look up the AMI for the particular region where you’re going to deploy the workload. This in and of itself wouldn’t be so bad, but then you have to wade through multiple versions of the same AMI in each region. Fortunately, if you’re using CoreOS Container Linux on AWS, there’s an easy way to find the right AMI ID. Here’s how it works.

CoreOS publishes a JSON feed of the latest AMI for each of their channels (stable, beta, and alpha). You can find links to these JSON feeds on this page. This is powerful for 2 reasons:

1. Because it’s available via HTTP, you can use curl to retrieve it anytime you need it.

2. Because it’s in JSON, you can use jq (see my post on jq for more information) to easily parse it to find the information you need. (Not super comfortable with JSON? Check out my introductory post.)

Putting these two reasons together, you end up Continue reading

0

Docker Birthday #4: Thank you Docker Community!

Pақмет сізге, tak, धन्यवाद, cảm ơn bạn, شكرا, mulțumesc, gracias, merci, danke, obrigado, ευχαριστώ, köszönöm, thank you Docker community! From Des Moines to Santiago de Cuba, Budapest to Tel Aviv and Sydney to Cairo, it was so awesome to see the energy from the community coming together to celebrate and learn about Docker!

We originally planned for 50 Docker Birthday #4 celebrations worldwide with 2,500 attendees. But over 9,000 people registered to attend one of the 152 celebrations across 5 continents! A huge thank you to all the Docker meetup organizers who worked hard to make these celebrations happen and offered Docker beginners the  opportunity to participate in hands on Docker labs.

Join in on the fun!

In case you missed it last week, check out the pics from all of the #DockerBday celebrations including the awesome birthday cakes! Check out the Facebook photo album too! Up for a little more reading? Check out these blog posts from Docker Captains Jonas Rosland and Alex Ellis about their experience mentoring at their local event.

None of this would have been possible without the support (and expertise!) of the 500+ advanced Docker users who signed up as mentors to help attendees learn about Docker by Continue reading

0

Canceling the OVS Cookbook Project

In my list of proposed 2017 projects, I mentioned that I wanted to launch an open source book project. In late February, I launched The Open vSwitch Cookbook, an unofficial—as in not formally affiliated with the Open vSwitch (OVS) project—effort to gather together OVS “recipes” into an open source book. Today, I’m shutting down that project, and here’s why.

It really comes down to wanting to be a better member of the OVS community. I honestly hadn’t anticipated that the OVS community might prefer that the information I was going to gather in these “recipes” be collected in the OVS documentation (which has undergone a tremendous transformation). Instead of creating yet another source of information for OVS, I’ll focus my efforts on expanding the upstream documentation. This will take some effort on my part—I’ll need to learn reStructuredText and spend some time understanding how the docs are organized now—but I think that it’s the better long-term option for the OVS community as a whole.

And what about my goal for launching an open source book project? I’ll continue to evaluate options on that front to see if it makes sense, and I’ll post here if and when something happens.

0

Webinar recap: Docker 101 for federal government

Docker is driving a movement for IT teams across all industries to modernize their applications with container technology. Government agencies, like private sector companies face similar pressures to accelerate software development while reduce overall IT costs and adopting new technologies and practices like cloud, DevOps and more.

This webinar titled “Docker 101 for the Federal Government” features Andrew Weiss, Docker Federal Sales Engineer and breaks down the core concepts of Docker and how it applies to government IT environments and unique regulatory compliance requirements. The presentation highlights how Docker Enterprise Edition can help agencies build a secure cloud-first government.

Watch the on-demand webinar to learn how Docker is transforming the way government agencies deliver secure, reliable, and scalable services to organizations and citizens.

Here are the questions from the live session:

Q: Is Docker Datacenter available both hosted and as a cloud offering?

A: Docker Datacenter is now a part of Docker Enterprise Edition (EE) – providing integrated container management and security from development to production. Docker EE provides a unified software supply chain for all apps—commercial off the shelf, homegrown monoliths to modern microservices written for Windows or Linux environments on any server, VM or cloud. Docker EE Continue reading

0

The Linux Migration: Corporate Collaboration, Part 2

This post is part 2 in a series of posts describing how I’ve integrated my Fedora Linux laptop into my employer’s corporate communication and collaboration systems. Part 1 tackled e-mail; this post tackles the topic of calendaring and scheduling. Unlike e-mail, which was solved relatively easily, this issue is one that I don’t consider fully solved.

As I mentioned in part 1, my employer uses Office 365 (O365). While O365 supports standard protocols like IMAP and STMP for mail, it does not support standard protocols like CalDAV for calendaring. This means that Linux users like me are left with only a few options:

1. You can use Mozilla Thunderbird with the Lightning add-on, but you’ll also need an Exchange provider. (The paid Exquilla add-on only handles mail and contacts, not calendaring. There’s a Lightning provider available here, but I haven’t tested it.)
2. You can use Evolution.
3. You can use GNOME Calendar (which leverages the Evolution back-end along with Evolution’s support for Exchange Web Services [EWS]).
4. You can use Microsoft Outlook, either via a VM (or possibly via WINE, though I haven’t tested the latter approach).

I’d already ruled out Evolution for e-mail, so it didn’t make a Continue reading

0

Technology Short Take #80

Welcome to Technology Short Take #80! This post is a week late (I try to publish these every other Friday), so my apologies for the delay. However, hopefully I’ve managed to gather together some articles with useful information for you. Enjoy!

Networking

• Biruk Mekonnen has an introductory article on using Netmiko for network automation. It’s short and light on details, but it does provide an example snippet of Python code to illustrate what can be done with Netmiko.
• Gabriele Gerbino has a nice write-up about Cisco’s efforts with APIs; his article includes a brief description of YANG data models and a comparison of working with network devices via SSH or via API.
• Giuliano Bertello shares why it’s important to RTFM; or, how he fixed an issue with a Cross-vCenter NSX 6.2 installation caused by duplicate NSX Manager UUIDs.
• Andrius Benokraitis provides a preview of some of the networking features coming soon in Ansible 2.3. From my perspective, Ansible has jumped out in front in the race among tools for network automation; I’m seeing more coverage and more interest in using Ansible for network automation.
• Need to locate duplicate MAC addresses in your environment, possibly caused by cloning Continue reading