Learning Environments for OVN

Over the last few days, I’ve added two new Vagrant-based learning environments to my GitHub “learning-tools” repository, both of them focused on Open Virtual Network (OVN). OVN, if you aren’t aware, is part of the Open vSwitch (OVS) project aimed at adding open source network virtualization functionality to OVS. If you’re interested in learning more about OVN, you may want to check out these new learning environments.

Here’s more details on the two new learning environments:

1. The first one, found in the “ovn” folder of the repository, just builds out a simple three-node OVN 2.6.0 environment running Ubuntu 16.04. This would allow you to run OVN commands like ovn-nbctl, ovn-sbctl, ovs-vsctl, and other related commands to better understand how the components interact with each other and how OVN works.

2. The second environment, found in the “ovn-docker-ansible” folder, builds on the first one by adding Docker Engine to each node in the environment and adding the OVN driver for Docker networking. In addition to being able to run various OVS and OVN commands, this environment allows you to build OVN-backed overlay networks between Docker containers running on any node in the environment. Continue reading

Security is Hard. Why Not Automate It?

Security automation doesn't get a lot of time in the spotlight, but it's something that deserves more thought and attention. The almost constant stream of headlines about the latest data breach or large scale hack make these seem like inevitable events that can't be prevented. Nothing could be further from the truth.

In reality, most data breaches are easily prevented by applying basic security standards and fixing known vulnerabilities in a timely manner. Covering the basics frees information security teams to monitor, detect, and stop more advanced attacks. Hardened systems also make life difficult for attackers, which is always a good thing.

But where does Ansible fit into all this? Ansible is great for configuration management, continuous integration and delivery, orchestration, application deployment and even infrastructure provision. But “I solved a security problem with Ansible” might not be what you’re accustomed to hearing at the water cooler from your average information security or operations person.

Information security is a multifaceted problem

Keeping information secure isn’t easy. We all know what needs to be Continue reading

Docker acquires Infinit: a new data layer for distributed applications

The short version: Docker acquired a fantastic company called Infinit. Using their technology, we will provide secure distributed storage out of the box, making it much easier to deploy stateful services and legacy enterprise applications on Docker. This will be delivered in a very open and modular design, so operators can easily integrate their existing storage systems, tune advanced settings, or simply disable the feature altogether. Oh, and we’re going to open-source the whole thing.

The slightly longer version:

At Docker we believe that tools should adapt to the people using them, not the other way around. So we spend a lot of time searching for the most exciting and powerful software technology out there, then integrating it into simple and powerful tools. That is how we discovered a small team of distributed systems engineers based out of Paris, who were working on a next-generation distributed filesystem called Infinit. From the very first demo two things were immediately clear. First, Infinit is an incredible piece of technology with the potential to change how applications consume and produce data; Second, the Infinit and Docker teams were almost comically similar: same obsession with decentralized systems; same empathy for the needs of both Continue reading

Global Mentor Week: Thank you Docker Community!

Danke, рақмет сізге, tak, धन्यवाद, cảm ơn bạn, شكرا, mulțumesc, Gracias, merci, asante, ευχαριστώ, thank you Docker community for an incredible Docker Global Mentor Week! From Tokyo to Sao Paulo, Kisimu to Copenhagen and Ottowa to Manila, it was so awesome to see the energy from the community coming together to celebrate and learn about Docker!

Over 7,500 people registered to attend one of the 110 mentor week events across 5 continents! A huge thank you to all the Docker meetup organizers who worked hard to make these special events happen and offer Docker beginners and intermediate users an opportunity to participate in Docker courses.

None of this would have been possible without the support (and expertise!) of the 500+ advanced Docker users who signed up as mentors to help newcomers #LearnDocker.

Whether it was mentors helping attendees, newcomers pushing their first image to Docker Hub or attendees mingling and having a good time, everyone came together to make mentor week a success as you can see on social media and the Facebook photo album.

Here are some of our favorite tweets from the meetups:

@Docker #LearnDocker #DevOps #Containers #DockerDatacenter #WomenInTech #dockermeetup at #HPE Grenoble France 17Nov2016 @HPE_FR Continue reading

Your Docker Agenda for December 2016

Thank you Docker community for your amazing Global Mentor Week Events last month! In November, the community organized over 110 Docker Global Mentor Week events and more than 8,000 people enrolled in at least one of the courses for 1000+ course completions and counting! The five self-paced courses are now available for everyone free online. Check them out here!

As you gear up for the holidays, make sure to check out all the great events that are scheduled this month in Docker communities all over the world! From webinars to workshops, meetups to conference talks, check out our list of events that are coming up in December.

Official Docker Training Courses

View the full schedule of instructor led training courses here!

Introduction to Docker:

This is a two-day, on-site or classroom-based training course which introduces you to the Docker platform and takes you through installing, integrating, and running it in your working environment.

Dec 7-8: Introduction to Docker with AKRA Hamburg City, Germany

Docker Administration and Operations:

The Docker Administration and Operations course consists of both the Introduction to Docker course, followed by the Advanced Docker Topics course, held over four consecutive days.

Dec 5-8 Docker Administration Continue reading

IT Automation is in the Spotlight at AWS Re:Invent (and OpsWorks Configuration Management is Just Part of the Story)

Configuration management is just the start

Automation is getting a lot of attention at AWS:ReInvent this year, as people are noticing that automation is drastically accelerating the pace of innovation within IT organizations. Whether they’re part of a DevOps initiative, attempting to modernize their existing processes, or migrating systems and applications to the cloud, infrastructure-as-code style automation is playing an increasingly bigger part in these efforts - and ‘configuration management’ is getting most of the attention.

In a recent study, IDC’s Melinda-Carol Ballou predicts that the configuration management portion of I&O spending will grow at 8% over the next several years… but the predicted growth of configuration management in public clouds is north of 31%. Similarly, in a separate report, Mary Johnston Turner and David Laing forecast the Automation component of Infrastructure spending in the public cloud to grow at almost 35% - compared to just 12% overall.

The trend is clear: configuration management is seen as critical to cloud adoption and migration. So it’s not surprising that Amazon Web Services announced that it is updating its Opsworks service offering. As environments grow in size, scope, and complexity (which is the new normal in the era of the cloud), the Continue reading

AWS re:Invent 2016 Keynote with Werner Vogels

This is a liveblog of the Thursday keynote at AWS re:Invent 2016. Today’s keynote is led by Werner Vogels, CTO of Amazon Web Services. Unlike yesterday, today I opted not to attend the keynote in the main hall, viewing the keynote instead from an “overflow” area. Turns out the “overflow” area has drinks, tables, and power! That’s a far better option that being crammed in the main hall, though in the past I’ve found it more difficult to liveblog when not viewing the keynote directly. We’ll see if that continues to hold true.

After an entertaining “remix” of Werner quotes in the pre-keynote music mix, Vogels takes the stage at 9:30. The remote viewing is, unfortunately, off-sync; the video doesn’t match up to the audio. Vogels starts his keynote by looking back at the last 10 years, and seeing the sorts of transformations have occurred. He rails against the vendors, and how AWS vowed to be “the Earth’s most customer-centric IT company.” Vogels says customers should be in charge, not vendors, and that includes AWS.

How does AWS be a customer-centric IT company?

1. Listen closely to customers and act.
2. Give customers choice.
3. Work backwards from the customer.
4. Help customers Continue reading

Liveblog: Introduction to Managed Database Services on AWS

This is a liveblog of the AWS re:Invent session titled “Introduction to Managed Database Services on AWS” (DAT307). The speakers for the session are Steve Hunt, Alan Murray, and Robin Spira, all of FanDuel; and Darin Briskman, from AWS Database Services.

Briskman kicks off the session with a quick review of AWS’ managed database offerings. These fall into four categories, which Briskman reviewed so quickly I couldn’t capture. I think they were SQL, NoSQL, data warehousing, and something else. Why use managed databases? Because this allows AWS to take over the responsibility for OS maintenance, DB maintenance, high availability, scalability, etc. All you have to worry about it is the application that runs on the database.

What are the managed relational database services that AWS offers?

• Amazon RDS (Relational Database Service): The oldest service, now supporting MySQL, MariaDB, PostgreSQL, Microsoft SQL Server, and Oracle
• Amazon Aurora: MySQL-compatible (and now PostgreSQL-compatible per the announcement today) with greater scalability, better performance, transparent encryption, high availability, and integration with AWS Lambda

Relational databases are really helpful in many cases, but sometimes NoSQL databases would be more helpful. AWS also offers DynamoDB, which is a managed NoSQL database service. DynamoDB is always clustered, and Continue reading

Liveblog: How News UK Centralized Cloud Governance

This is a liveblog of the AWS re:Invent session titled “How News UK Centralized Cloud Governance Using Policy Management” (DEV306). The speakers for the session are Joe Kinsella from CloudHealth Technologies and Iain Caldwell of News UK/News Corp EMEA.

Kinsella kicks things off by indicating that the session will attempt to tackle the burning question: how does one maintain the agility that brought you to the cloud in the beginning, but enforce the proper level of governance and control? Kinsella and Caldwell then spend a few minutes on introductions before diving into the content of the session.

Caldwell starts off the session content with a review of News Corp’s use of AWS. News UK is currently running 69% of their workloads in the public cloud, with an aim to hit 75% by July 2017. Before they started their journey to the public cloud, News Corp ran a “global application assessment”—and Caldwell believes that this was critical to the success News Corp/News UK has seen so far. News is using a wide variety of AWS services: EC2, S3, VPC, Direct Connect, Route 53, CloudFront, CloudFormation, CloudWatch, RDS, WorkSpaces, Storage Gateway.

When prompted by Kinsella, Caldwell indicates that EC2 instances were the Continue reading

Liveblog: Automating Cloud Mgmt and Deployment

This is a liveblog of the AWS re:Invent session titled “Automating Cloud Management and Deployment for a Diverse Enterprise Application Portfolio” (DEV319). The speakers for the session are David Lowry and Amul Merchant, both from Infor Global.

Merchant kicks the session off with a brief overview of Infor and its cloud strategy. Infor’s CEO, Charles Phillips, was quoted from AWS re:Invent 2014 as having said, “Friends don’t let friends build data centers.” Merchant spends a pretty fair amount of time (too much time, in my opinion) explaining Infor and Infor’s offerings, with only minimal references to how this affects or is affected by the core topic of the presentation. He makes numerous references to “the DevOps toolset” that Infor uses, but does not provide any details or information on said toolset. Instead, the information shared is far too basic for a 300-level session.

After 15 minutes, Lowry takes the stage to talk about the DevOps toolset. The key principles Infor used in building/selecting tools were:

• Automate end-to-end
• Use AWS services wherever possible (this ties the tools closely to AWS)
• Minimally Viable Product (MVP) first, then expand

Some of the tools Infor uses:

• Faro (more information on that in a Continue reading

AWS re:Invent 2016 Keynote with Andy Jassy

This is a liveblog of the Wednesday keynote at AWS re:Invent 2016. Today’s keynote is led by Andy Jassy, CEO of Amazon Web Services. The crowd gathered for the keynote is pretty immense, despite the availability of numerous overflow locations spread across the multiple re:Invent venues.

At precisely 9am, the DJ rocking the pre-keynote music leaves the stage and AWS welcomes Andy Jassy, CEO, to the stage. This is only the 5th re:Invent conference, and Jassy confirms that this year’s attendance is 32,000 with another 50,000 listening in via the live stream.

Jassy starts with an update on the AWS business. As of Q3, AWS is a nearly $13B run-rate business with millions of active customers. Jassy says that nearly every industry segment is using AWS in a “meaningful way,” as is the public sector. He also calls out all the various AWS partners and systems integrators that have built practices on top of AWS, and the “thousands” of ISVs that have built (or rebuilt) products to run on AWS. AWS is, according to some statistics provided by Jassy, the fastest-growing enterprise IT technology company.

In 2014, AWS said the cloud was the “new normal.” In 2015, AWS said Continue reading

Thoughts on AWS re:Invent Day 1

As I wrap up Day 1 of AWS re:Invent 2016 in Las Vegas (can I consider today to be day 1?), I wanted to capture a quick summary of thoughts about the sessions, the content, the attendees, and the event (not necessarily in that order).

First, here are some links to the liveblogs I posted from today’s sessions:

Liveblog: Scaling to Your First 10 Million Users
Liveblog: Hybrid Architectures, Bridging the Gap to the Cloud
Liveblog: Getting the Most Bang for Your Buck with EC2

Overall, the sessions have been pretty decent so far. Some portions of some of the sessions feel more like a sales pitch than an educational session, but I’m sure that’s the case at other events as well (yes, I’m talking about VMworld). I’m not yet sure if the nature of what AWS does/offers lends itself to subjectively feel more like a sales pitch or not. Case in point: how does a presenter suggest to attendees—for solid technical reasons—that they should consider using a service like Route 53 or DynamoDB or SQS (or any one of a dozen other services) without it also sounding like a sales pitch?

From an attendee perspective, I’ve been “badge Continue reading

Docker for AWS Public Beta

Today, we’re announcing that Docker for AWS is graduating to public beta, just in time for AWS re:Invent. Docker for AWS is a great way for ops to setup and maintain secure and scalable Docker deployments on AWS. With Docker for AWS, IT ops teams can:

• Deploy a standard Docker platform to ensure teams can seamlessly move apps from developer laptops to Dockerized staging and production environments, without risk of incompatibilities or lock-in.
• Integrate deeply with underlying infrastructure to ensure Docker takes advantage of the host environment’s native capabilities and exposes a familiar interface to administrators.
• Deploy the platform to all the places where you want to run Dockerized apps, simply and efficiently
• Make sure the latest and greatest Docker versions are available for the hardware, OSs, and infrastructure you love, and provide solid upgrade paths from one Docker version to the next.

To try the latest Docker for AWS beta based on the latest Docker Engine betas, click the button below:

Docker for AWS works fully within AWS free tier, giving you the ability to try it out at no cost (just create a 1-manager, 1-worker swarm). Installation takes a few minutes, and will give you a fully functioning swarm, Continue reading

Liveblog: Getting the Most Bang for Your Buck with EC2

This is a liveblog of the AWS re:Invent session titled “Getting the Most Bang for Your Buck With #EC2 #Winning” (CMP202). The speaker for the session is Joshua Bergin, General Manager, EC2 Spot Business. According to the abstract, this session is supposed to focus on effectively using on-demand instances versus spot instances and reserved instances.

As a matter of quick introduction, there are three purchasing options for EC2:

• On-demand: “pay as you go”; no long-term commitments
• Reserved: good for steady-state workloads, used with 1 yr or 3 yr commitment
• Spot: pay market price for unused compute capacity

How do you choose which one to use? Bergin shares the “four pillars of performance and cost optimization”:

1. Right-sizing: choosing the cheapest instance available while meeting performance requirements
2. Purchasing options: Bergin will discuss this in more detail; this is the primary focus of the discussion
3. Increase elasticity: turning off (“scaling down”) instances that don’t need to be running (example: turn off development workloads when the developers aren’t working)
4. Measure, monitor, and improve: tagging resources; identitying always-on instances; identifying instances that can be downsized; recommending Reserved Instances (RIs) where it makes sense; dashboards and reports

Bergin points out the key AWS pricing principles (no Continue reading

Liveblog: Scaling to Your First 10 Million Users

This is a liveblog of the AWS re:Invent session titled “Scaling to Your First 10 Million Users.” It’s my first session of the week here at re:Invent; yesterday’s sessions were full and I couldn’t get into anything. (The crowds here at the event are pretty significant; I think I heard 32K attendees total.) The speaker for the session is Joel Williams, an AWS Solutions Architect.

Williams starts out with a brief blurb about how this session is a perennial favorite at re:Invent, and how the principles are fundamental to working in building solutions in/on AWS. Even if attendees don’t have the sort of immediate scaling needs that Williams may be describing in this session, he believes that the lessons/fundamentals he discusses are applicable to lots of customers, lots of applications, and lots of use cases.

Williams starts out by saying that while Auto-Scaling is a destination on customers’ scaling journey, it’s not where you want to start. It’s not a “magic button” that fixes all problems. Williams puts up a map that shows AWS’ 14 global regions, encompassing 38 different availability zones, and points out that availability zones are a fundamental building block for highly-available applications. The next Continue reading

Liveblog: Hybrid Architectures, Bridging the Gap to the Cloud

This is a liveblog of the AWS re:Invent session titled “Hybrid Architectures: Bridging the Gap to the Cloud” (ARC208). The line to get into this session, as with the previous session, was quite long—and that was for attendees who’d already registered for the session. Feedback I’ve heard from folks who weren’t registered for sessions was that they weren’t getting in, period. The speaker for the session is Jamie Butler, Manager of Solutions Architecture at AWS (focused on state/local government).

Butler starts out by establishing some expectations—attendees should be familiar with regions, AZs (this is a 200-level talk), and will focus on hybrid use cases. Butler says there will be some demos along the way. This session will not focus on the VMware announcement regarding VMware Cloud on AWS.

Butler then quotes Werner Vogels in saying that adopting cloud is not an all-or-nothing proposition. With that in mind, Butler transitions into a discussion of a particular customer example. In this case, the customer had Active Directory, a file server, and a bunch of Windows-based desktops connecting back to the file server for data access.

The first thing to tackle in a scenario like this is identity. Butler says you don’t want Continue reading

Installing Ansible 2.2 on Fedora 25

As part of my ongoing investigation of the usability of various Linux distributions and desktop environments, I’ve been working with Fedora 25. As part of the investigation I need to see how to perform certain tasks, one of which is working with Ansible. As a result, I needed to install Ansible 2.2 on Fedora 25, and it turns out it wasn’t as simple as pip install ansible.

I generally prefer to run Ansible in a Python virtualenv, but I don’t believe that it will make any difference to this procedure. However, I’m happy to be corrected if someone knows otherwise.

To create a Python virtualenv, you’ll first need virtualenv installed. I prefer to install virtualenv globally for all users using this command:

sudo -H pip install virtualenv

Once virtualenv is installed, then create a virtualenv for Ansible:

virtualenv ~/Envs ansible

Then activate the virtualenv:

source ~/Envs/ansible/bin/activate

At this point, you can try a pip install ansible, but it will fail. First, you need to install some additional development libraries that are required in order to install Ansible:

sudo dnf install libffi-devel redhat-rpm-config python-devel openssl-devel

Once those packages are installed, then you’re finally ready to install Ansible into Continue reading

What To Expect from Docker at AWS re:Invent 2016

It’s the age of IT transformation. Spurred on by developers, adoption of Docker containers has empowered application teams to transform the way they build, ship and run applications, allowing for faster and more frequent delivery. Initially seen as a tool mainly for developers, Docker is now at the center of key enterprise initiatives, and has attracted the attention of IT operations teams. Enterprise IT ops teams use Docker to maintain control over their environment and boost security as they embrace cloud strategies like hybrid cloud and multi-cloud.

Docker at AWS re:Invent 2016

This adoption of Docker within the cloud is why we are excited to be at AWS re:Invent 2016. If you’re going to be at the show, we hope you stop by booth #622. Docker employees will be showing live demos, and will be on hand to answer questions. We’ll of course be passing out free Docker swag as well.

This year we’ll be showing two types of demos at the booth:

1.     Docker Datacenter (DDC)  demo – In this demo attendees will learn about Docker Datacenter, our commercial solution that delivers an enterprise container management platform. The platform is supported by Docker Continue reading

Your Agenda for HPE Discover London 2016

Next week HPE will host more than 10,000 top IT executives, architects, engineers, partners and thought-leaders from across Europe at Discover 2016 London, November 29th – December 1st in London.

Come visit Docker in Booth #208 to learn how Docker’s Containers-as-a-Service platform is transforming modern application infrastructures, allowing business to benefit from a more agile development environment.

Docker experts will be on-hand to for in-booth demos, hands-on-labs, breakout sessions and Transformation Zone sessions to demonstrate how Docker’s infrastructure platform, provides businesses with a unifying framework to embrace hybrid infrastructures and optimize resource utilization across legacy and modern Linux and Windows applications.

Not attending Discover London? Don’t miss a thing and “Save the Date” for the live streaming of keynotes and top sessions beginning November 29th at 11:00 GMT and through the duration of the event.

• Save the date – General Session Day 1
• Save the date – General Session Day 2

Be sure to add these key Docker sessions to your HPE Discover London agenda:

Ongoing: Transformation Zone Hours Show Floor

DEMO315: HPE IT Docker success stories

Supercharge your container deployments on bare metal and VMs by orchestrating large workloads using simple Docker mechanisms. See how the HPE team automated Continue reading

Security and Delegation with Ansible Tower, Part 2

When we talk about Ansible Tower, we talk about control, knowledge and delegation. But what does that mean?

In previous posts in this series, we've talked about the concept of 'control' for your automation and your inventory, and about the basics of security and delegation. Today we're going to show how Tower's security and delegation allows for simple self-service deployments for your users.

THE PROBLEM - SERVICE REQUESTS

THE SOLUTION - ANSIBLE, TOWER AND TOWER SURVEYS