Archive

Category Archives for "Virtualization"

Technology Short Take #80

Welcome to Technology Short Take #80! This post is a week late (I try to publish these every other Friday), so my apologies for the delay. However, hopefully I’ve managed to gather together some articles with useful information for you. Enjoy!

Networking

  • Biruk Mekonnen has an introductory article on using Netmiko for network automation. It’s short and light on details, but it does provide an example snippet of Python code to illustrate what can be done with Netmiko.
  • Gabriele Gerbino has a nice write-up about Cisco’s efforts with APIs; his article includes a brief description of YANG data models and a comparison of working with network devices via SSH or via API.
  • Giuliano Bertello shares why it’s important to RTFM; or, how he fixed an issue with a Cross-vCenter NSX 6.2 installation caused by duplicate NSX Manager UUIDs.
  • Andrius Benokraitis provides a preview of some of the networking features coming soon in Ansible 2.3. From my perspective, Ansible has jumped out in front in the race among tools for network automation; I’m seeing more coverage and more interest in using Ansible for network automation.
  • Need to locate duplicate MAC addresses in your environment, possibly caused by cloning Continue reading

Container Namespaces – How to add networking to a docker container

I've discussed how we can network a docker container directly with the host's networking stack bypassing docker0, the default bridge docker creates for you. That method involves asking docker to create a port on a user defined bridge and from the inside configuring the container to ask for an IP by DHCP. A more advanced way of achieving this is to bring up a docker container without networking and later configure the stack out-of-band of docker. This approach is one of the methods used by Calico for example to network containers and I've spoken about that here.

Today, lets deep dive into adding interfaces to a container manually and in-turn gain some insight into how all of this works. Since this discussion is going to revolve around network namespaces I assume you have some background in that area. If you are new to the concept of namespaces and network namespaces,  I recommend reading this.


Step 1: We will first bring up a docker container without networking. From docker docs, using the --network none when running a docker container leaves out container interface creation for that docker instance. Although docker skips network interface creation it brings up the container with Continue reading

Nutanix

Maximum Performance from Acropolis Hypervisor and Open vSwitch describes the network architecture within a Nutanix converged infrastructure appliance - see diagram above. This article will explore how the Host sFlow agent can be deployed to enable sFlow instrumentation in the Open vSwitch (OVS)  and deliver streaming network and system telemetry from nodes in a Nutanix cluster.
This article is based on a single hardware node running Nutanix Community Edition (CE), built following the instruction in Part I: How to setup a three-node NUC Nutanix CE cluster. If you don't have hardware readily available, the article, 6 Nested Virtualization Resources To Get You Started With Community Edition, describes how to run Nutanix CE as a virtual machine.
The sFlow standard is widely supported by network equipment vendors, which combined with sFlow from each Nutanix appliance, delivers end to end visibility in the Nutanix cluster. The following screen captures from the free sFlowTrend tool are representative examples of the data available from the Nutanix appliance.
The Network > Top N chart displays the top flows traversing OVS. In this case an HTTP connection is responsible for most of the traffic. Inter-VM and external traffic flows traverse OVS and are efficiently Continue reading

RHV 4.1, Hosted Engine, Red Hat Summit

Hi folks, I’m still heads down on a lot of different things. The release of RHV 4.1 is right around the corner, as is a new product that involves RHV 4.1. I’ve also cut some new demo’s on Hosted Engine using RHVH – just like I promised I would several weeks ago. Ok, a couple months ago. You’ll just have to come see me at Red Hat Summit to see them…Or wait until just after Red Hat Summit. I still don’t have my “new” lab, but I did get my hands on some good gear that allows me show you the goodness that is Hosted Engine, especially with RHVH (Red Hat Virtualization Host). Hopefully I’ll have the new lab soon…..

As I mentioned in my last post, I’m presenting at Red Hat Summit again this year, focusing on providing HA for RHV – by way of Hosted Engine. Here are the session details if you’re going to be there:

Thursday, May 4, 3:30 PM – 4:15 PM – Room 152
Red Hat Summit, May 2-4, Boston, MA

I promise to give the full write-up and share the demo’s post Summit.

Captain KVM

The post RHV 4.1, Continue reading

Container networking: What is it and how can it help your data center?

There has been a lot of buzz in the industry about containers and how they are streamlining organizational processes. In short, containers are a modern application sandboxing mechanism that are gaining popularity in all aspects of computing from the home desktop to web-scale enterprises. In this post we’ll cover the basics: what is container networking and how can it help your data center? In the future, we’ll cover how you can optimize a web-scale network using Cumulus Linux and containers.

What is a container?

A container is an isolated execution environment on a Linux host that behaves much like a full-featured Linux installation with its own users, file system, processes and network stack. Running an application inside of a container isolates it from the host and other containers, meaning that even when the applications inside of them are running as root, they can not access or modify the files, processes, users, or other resources of the host or other containers.

Containers have become popular due to the way they simplify the process of installing and running an application on a Linux server. Applications can have a complicated web of dependencies. The newest version of an application may require a newer Continue reading

Technology Short Take #79

Welcome to Technology Short Take #79! There’s lots of interesting links for you this time around.

Networking

  • I was sure I had mentioned Skydive before, but apparently not (a grep of all my blog posts found nothing), so let me rectify that first. Skydive is (in the project’s own words) an “open source real-time network topology and protocols analyzer.” The project’s GitHub repository is here, and documentation for Skydive is here.
  • OK, now that I’ve mentioned Skydive, I can talk about this article that provides an example of functional SDN testing with Terraform and Skydive. Terraform is used to turn up OpenStack infrastructure, and Skydive (via connections into Neutron and OpenContrail, in this example) is used to validate SDN functionality.
  • Tony Sangha took PowerNSX (a set of PowerShell cmdlets for interacting with NSX) and created a tool to help document the NSX Distributed Firewall configuration. This tool exports the DFW configuration and then converts it into Excel format, and is available on GitHub. (What’s that? You haven’t heard of PowerNSX before? See here.)

Servers/Hardware

Nothing this time around. Should I keep this section, or ditch it? Feel free to give me your feedback on Twitter.

Security

oVirt Gamification–The oVirt Game You Didn’t Know you Were Playing

Gamification is the concept of applying game mechanics and game design techniques to engage and motivate people to achieve their goals.

It taps into the basic desires and needs of the users impulses which revolve around the idea of Status and Achievement.

To put it in other words, it is turning day-to-day tasks, the kind you might do at home or work, into a game which you can earn points, badges and compete with other people that are doing the same things.

oVirt & Gamification

You probably didn't know, but this isn't the first time oVirt gamification is being used. A few years ago there was an initiative to use oVirt UI plugins system to add Gamification to the project, there was even a "space invaders" game written and available to play inside oVirt!

So What is New?

The oVirt infra team recently reached out to 'GetBadges', a company which provides 'Gamification as a Service'. Luckily for us, open source projects get to have a free game! So oVirt was rewarded with its own oVirt Open Source Game.

The game works automagically every time you contribute to the project. Current integrations are only active on specific projects like 'ovirt-engine' and Continue reading

Adding Metadata to the Arista vEOS Vagrant Box

This post addresses a (mostly) cosmetic issue with the current way that Arista distributes its Vagrant box for vEOS. I say “mostly cosmetic” because while the Vagrant box for vEOS is perfectly functional if you use it via Arista’s instructions, adding metadata as I explain here provides a small bit of additional flexibility should you need multiple versions of the vEOS box on your system.

If you follow Arista’s instructions, then you’ll end up with something like this when you run vagrant box list:

arista-veos-4.18.0    (virtualbox, 0)
bento/ubuntu-16.04    (virtualbox, 2.3.1)
centos/6              (virtualbox, 1611.01)
centos/7              (virtualbox, 1611.01)
centos/atomic-host    (virtualbox, 7.20170131)
coreos-stable         (virtualbox, 1235.9.0)
debian/jessie64       (virtualbox, 8.7.0)

Note that the version of the vEOS box is embedded in the name. Now, you could not put the version in the name, but because there’s no metadata—which is why it shows (virtualbox, 0) on that line—you wouldn’t have any way of knowing which version you had. Further, what happens when you want to have multiple versions of the vEOS box?

Fortunately, there’s an easy fix (inspired by the way CoreOS distributes their Vagrant box). Just create a file with the Continue reading

Test driving App Firewall with IPTables

With more and more application moving to the cloud, web based applications have become ubiquitous. They are ideal for providing access to applications sitting on the cloud (over HTTP through a standard web browser). This has removed the need to install specialized application on the client system, the client just needs to install is a … Continue reading Test driving App Firewall with IPTables

Technology Short Take #78

Welcome to Technology Short Take #78! Here’s another collection of links and articles from around the Internet discussing various data center-focused technologies.

Networking

Servers/Hardware

Nothing this time around, sorry!

Security

Using oVirt and Vagrant

Introducing oVirt virtual machine management via Vagrant.

In this short tutorial I'm going to give a brief introduction on how to use vagrant to manage oVirt with the new community developed oVirt v4 Vagrant provider.

Background

Vagrant is a way to tool to create portable and reproducible environments. We can use it to provision and manage virtual machines in oVirt by managing a base box (small enough to fit in github as an artifact) and a Vagrantfile. The Vagrantfile is the piece of configuration that defines everything about the virtual machines: memory, cpu, base image, and any other configuration that is specific to the hosting environment.

Prerequisites

  • A fully working and configured oVirt cluster of any size
  • A system capable of compiling and running the oVirt ruby SDK gem
  • Vagrant 1.8 or later
  • The oVirt vagrant plugin installed via $ vagrant plugin install vagrant-ovirt4

The Vagrantfile

To start off, I'm going to use this Vagrantfile:

Vagrant.configure("2") do |config|
  config.vm.box = 'ovirt4'
  config.vm.hostname = "test-vm"
  config.vm.box_url = 'https://github.com/myoung34/vagrant-ovirt4/blob/master/example_box/dummy.box?raw=true'

  config.vm.network :private_network,
    :ip => '192.168.56.100', :nictype => 'virtio', :netmask  Continue reading

Speaking at Red Hat Summit 2017

Hi Folks, I know it’s been a few weeks but I assure you I’ve been heads down on good stuff. You’ll get to see much of it on the blog, but also at Red Hat Summit 2017 in Boston, MA if you’re so inclined.

So what will I (and my colleagues) be talking about at “Summit” this year?Well, there are several RHV & KVM specific activities at Summit that I’ll have something to do with, 2 directly and multiple indirectly:

Breakout Session – High Availability for Red Hat Virtualization Manager 
This will be my primary presentation on RHV, where I talk about and provide demo’s on RHV Hosted Engine, mostly in the context of HA (why and how), but also in the context of how it’s used in a new Red Hat product… (cue dramatic music..)

Breakout Session – Red Hat Virtualization and KVM Roadmaps
This is my colleagues’ session, and typically standing room only. I may help organize, but the Product Managers (Moran & Yaniv) will knock this out. It lays out the future of both Red Hat Virtualization and the core technology, KVM.

Lightning Talk – Reporting and Metrics Update
Again, my colleague’s session (Yaniv), but Continue reading

The Linux Migration: Virtualization Provider

As part of my migration to Linux as my primary laptop OS, I needed to revisit my choice of virtualization provider. Long-time readers probably know that I was an early adopter of VMware Fusion, starting way back in 2006 with the very first “friends and family” release (before it was even publicly available). Obviously I can’t use Fusion on Linux, but do I use VMware Workstation for Linux? VirtualBox? Or something else? That’s what I set out to determine, and in this post I’ll share what I selected and the reasoning behind my selection.

So what were the options to consider? While there may be some other solutions, these are the three I primarily assessed:

  • VMware Workstation for Linux 12.5.2
  • VirtualBox 5.1.14
  • “Native” Linux KVM, supplemented by Libvirt and a GUI like GNOME Boxes (installed by default in Fedora 25)

Since I have been using Vagrant quite a bit over the last few years, whatever solution I selected needed to work reasonably well with Vagrant.

I’m pretty familiar with KVM and Libvirt, so I started there. Given that KVM and Libvirt are “native” to Linux, it felt like it would be a clean solution. While Continue reading

Installing VirtualBox 5.1 on Fedora 25

Last fall, I wrote a piece about why I had switched to VirtualBox (from VMware Fusion) for my Vagrant needs. As part of my switch to Fedora Linux as my primary laptop OS, I revisited my choice of virtualization provider. I’ll describe that re-assessment in a separate post; the “TL;DR” for this post is that I settled on VirtualBox. As it turns out, though, installing VirtualBox 5.1 on Fedora 25 isn’t as straightforward as one might expect.

After a number of attempts (using a test VM to iron out the “best” procedure), here’s the process I found to be the most straightforward:

  1. Run dnf check-update and dnf upgrade to pick up the latest packages. If a new kernel version is installed, reboot. (I know this sounds contrived, but I’ve run into issues where some kernel-related packages aren’t available for the kernel version you’re actually running.)

  2. Install the RPMFusion repos. You only really need the “free” repository, but you can install the “nonfree” as well if you like (it won’t affect this process). I won’t go through the process for how to do this; it’s really well-documented on the RPMFusion web site and is pretty straightforward.

  3. Next, use Continue reading

How To: Setting up a GRE or VXLAN tunnel on Linux


This is a guide to setting up VXLAN/GRE tunnels between two linux machines, be it virtual or physical. There are so many guides and reference pages on the internet but I couldn't find one that is comprehensive yet simple. Most popular method of setting up tunnels in linux seems to be using OpenvSwitch. There are a few interesting posts [redhat][Brent Sailsbury's blog][David Mahler - Youtube] out there that describe tunnel setup using OVS but few that leverages linux network stack directly. The closest I could find were a kernel reference page for VXLAN and a presentation from LinuxCon2013.

In this post both methods - OpenvSwitch & only linux networking will be discussed. When we speak about VXLAN we normally discuss multicast groups and how endpoints (VTEP) learn and populate both the fdb (forwarding database entry) and the mdb (multicast group database entry). This article describes "not using" a multicast group and dynamic learning when setting the tunnel up natively, i.e. without OVS. Both methods require a fairly newer kernel (3.7 and greater) and needs the "vxlan" kernel module to be loaded. lsmod can be used to check if this Continue reading

Technology Short Take #77

Welcome to Technology Short Take #77. I’ve got a new collection of links and articles from around the Web on various data center-focused technologies.

Networking

1 8 9 10 11 12 15