Skydive With oVirt
Skydive network is an open source real-time network topology and protocols analyzer providing a comprehensive way of understanding what is happening in your network infrastructure. The common use cases will be, troubleshooting, monitoring, SDN integration and much more. It has features such as:
- Topology capturing - Captures network topology, interface, bridge and more
- Flow capture - Distributed probe, L2-L4 classifier, GRE, VXLAN, GENEVE, MPLS/GRE, MPLS/UDP tunnelling support
- Extendable - Support for external SDN Controllers or container based infrastructure, OpenStack. Supports extensions through API
Benefit to oVirt users
Skydive allows oVirt administrators to see the network configuration and topology of their oVirt cluster. Administrators can capture traffic from VM1 to VM2 or monitor the traffic between VMs or hosts. Skydive can generate traffic between 2 running VMs on different hosts and then analyze. Administrators can create alerts in Skydive UI to notify when traffic is disconnected or down.
Installation steps
git clone https://github.com/skydive-project/skydive.git-
Create inventory file
[skydive:children] analyzers agents [skydive:vars] skydive_listen_ip=0.0.0.0 skydive_fabric_default_interface=ovirtmgmt skydive_os_auth_url=https://<ovn_provider_FQDN>:35357/v2.0 skydive_os_service_username=<ovn_provider_username> skydive_os_service_password=<ovn_provider_password> skydive_os_service_tenant_name=service skydive_os_service_domain_name=Default skydive_os_service_region_name=RegionOne [analyzers] <analyzer_FQDN> ansible_ssh_user=root ansible_ssh_pass=<ssh_password> [agents] <agent_FQDN> ansible_ssh_user=root Continue reading
Upgraded DPDK support in oVirt
DPDK (Data Plane Development Kit) is a set of open-source high-performance packet processing libraries and user space drivers.
oVirt support for DPDK was introduced in 2017, and is now enhanced in terms of deployment via Ansible and usage via Open Virtual Network.
While still experimental, OVN-DPDK in oVirt is now available in version 4.2.
What's new?
Ansible DPDK host setup
Host configuration for DPDK usage is now automated using Ansible. This primarly includes:
- Hugepages configuration – hugepage size and quantity in the kernel.
- CPU partitioning.
- Binding NICs to userspace drivers.
- OVS-DPDK related configuration (initialization, socket memory, pmd thread core binding, etc).
The role is installed via Ansible galaxy:
# ansible-galaxy install oVirt.dpdk-setup
An example playbook:
- hosts: dpdk_host_0
vars:
pci_drivers:
"0000:02:00.1": "vfio-pci"
"0000:02:00.2": "igb"
"0000:02:00.3": ""
configure_kernel: true
bind_drivers: true
set_ovs_dpdk: false
roles:
- ovirt-ansible-dpdk-setup
The role is controlled by 3 boolean variables (all set to true by default) and a dictionary of devices and their drivers:
configure_kernel– determines whether the kernel should be configured for DPDK usage (hugepages, CPU partitioning). WARNING: When set totrueit is very likely to trigger a reboot of the host, unless all required configuration is already Continue reading
Upgraded DPDK support in oVirt
DPDK (Data Plane Development Kit) is a set of open-source high-performance packet processing libraries and user space drivers.
oVirt support for DPDK was introduced in 2017, and is now enhanced in terms of deployment via Ansible and usage via Open Virtual Network.
While still experimental, OVN-DPDK in oVirt is now available in version 4.2.
What's new?
Ansible DPDK host setup
Host configuration for DPDK usage is now automated using Ansible. This primarly includes:
- Hugepages configuration – hugepage size and quantity in the kernel.
- CPU partitioning.
- Binding NICs to userspace drivers.
- OVS-DPDK related configuration (initialization, socket memory, pmd thread core binding, etc).
The role is installed via Ansible galaxy:
# ansible-galaxy install oVirt.dpdk-setup
An example playbook:
- hosts: dpdk_host_0
vars:
pci_drivers:
"0000:02:00.1": "vfio-pci"
"0000:02:00.2": "igb"
"0000:02:00.3": ""
configure_kernel: true
bind_drivers: true
set_ovs_dpdk: false
roles:
- ovirt-ansible-dpdk-setup
The role is controlled by 3 boolean variables (all set to true by default) and a dictionary of devices and their drivers:
configure_kernel– determines whether the kernel should be configured for DPDK usage (hugepages, CPU partitioning). WARNING: When set totrueit is very likely to trigger a reboot of the host, unless all required configuration is already Continue reading
Where in the World is NSX?
VMware NSX is going worldwide! We’ll be out and about through the end of the year, spreading networking and security love across America, Asia Pacific, and Europe. Our goal is to help agile organizations move toward a Virtual Cloud Network with consistent connectivity, branch optimization, and security across all infrastructure.
Whether we’ll be at a booth, product demo, talk, or otherwise – we want to connect! Join us at any of the major conferences and NSX upcoming events listed below to chat with our product experts. And, if you think you’ll be in attendance, be sure to tweet at us to let us know!
NSX Upcoming Events
Checkpoint CPX – 2/4
When: February 2 – 4, 2019
Where: Las Vegas, NV
Click here to learn more
Networking Field Day – 2/13
When: February 13 – 15, 2019
Where: Palo Alto, CA
Click here to learn more
Mobile World Congress – 2/25
When: February 25 – 28, 2019
Where: Barcelona, Spain
Click here to learn more
RSAC – 3/4
When: March 4 – 8, 2019
Where: San Francisco, CA
Click here to learn more
Cisco Live APJ– 3/5
When: March 5 Continue reading
How to create your own Docker image
I mentioned in my previous post that I’ll explain how to create your own Docker image and customize it however you’d like. While is great to just use an image from Docker Hub, it can be that you need some customized image to fit your needs. As said before, is not hard at all to … Continue reading How to create your own Docker imageNew Ubuntu 18.04 Docker image – Python For Network Engineers
About one year ago I’ve created the Ubuntu 16.04 PFNE Docker image. It’s time for a new version of the Ubuntu PFNE Docker image to support Network engineers learn Python and test automation. Recently, Ubuntu announced that on the Ubuntu Docker Hub the 18.04 LTS version is using the minimal image. With this change when … Continue reading New Ubuntu 18.04 Docker image – Python For Network EngineersBuild oVirt Reports Using Grafana
Grafana, The open platform for beautiful analytics and monitoring, recently added support for PostgreSQL.
It in now possible to connect Grafana to oVirt DWH, in order to visualize and monitor the oVirt environment.
Grafana dashboard example
Adding a Read-Only User to the History Database
You may want to add a read only user to connect the history database :
Note: In oVirt 4.2 we ship postgres 9.5 through the Software Collection.
-
In order to run psql you will need to run:
# su - postgres $ scl enable rh-postgresql95 -- psql ovirt_engine_history -
Create the user to be granted read-only access to the history database:
ovirt_engine_history=# CREATE ROLE [user name] WITH LOGIN ENCRYPTED PASSWORD '[password]'; -
Grant the newly created user permission to connect to the history database:
ovirt_engine_history=# GRANT CONNECT ON DATABASE ovirt_engine_history TO [user name]; -
Grant the newly created user usage of the public schema:
ovirt_engine_history=# GRANT USAGE ON SCHEMA public TO [user name]; -
Exit the database
ovirt_engine_history=# \q -
Generate the rest of the permissions that will be granted to the newly created user and save them to a file:
$ scl enable rh-postgresql95 -- psql -U postgres -c "SELECT 'GRANT SELECT ON ' || relname Continue reading
Build oVirt Reports Using Grafana
Grafana, The open platform for beautiful analytics and monitoring, recently added support for PostgreSQL.
It in now possible to connect Grafana to oVirt DWH, in order to visualize and monitor the oVirt environment.
Grafana dashboard example
Adding a Read-Only User to the History Database
You may want to add a read only user to connect the history database :
Note: In oVirt 4.2 we ship postgres 9.5 through the Software Collection.
-
In order to run psql you will need to run:
# su - postgres $ scl enable rh-postgresql95 -- psql ovirt_engine_history -
Create the user to be granted read-only access to the history database:
ovirt_engine_history=# CREATE ROLE [user name] WITH LOGIN ENCRYPTED PASSWORD '[password]'; -
Grant the newly created user permission to connect to the history database:
ovirt_engine_history=# GRANT CONNECT ON DATABASE ovirt_engine_history TO [user name]; -
Grant the newly created user usage of the public schema:
ovirt_engine_history=# GRANT USAGE ON SCHEMA public TO [user name]; -
Exit the database
ovirt_engine_history=# \q -
Generate the rest of the permissions that will be granted to the newly created user and save them to a file:
$ scl enable rh-postgresql95 -- psql -U postgres -c "SELECT 'GRANT SELECT ON ' || relname Continue reading
Snabb Switch Update on Software Gone Wild
In 2014, we did a series of podcasts on Snabb Switch (Snabb Switch and OpenStack, Deep Dive), a software-only switch delivering 10-20 Gbps of forwarded bandwidth per x86 core. In the meantime, Snabb community slowly expanded, optimized the switching code, built a number of solutions on top of the packet forwarding core, and even forked a just-in-time Lua compiler to get better performance.
To find out the details, listen to Episode 91 of Software Gone Wild in which Luke Gorrie explained how far the Snabb project has progressed in the last four years.
Join NSX at RSA, Dell Technologies World, and Interop Conferences
Conference season is upon us, and the NSX team will be out in full effect. Join us at any of the following events to get a demo, ask us questions, and hear us wax poetic about all things security and network virtualization!
RSA Conference
April 16–20, 2018
Moscone Center
San Francisco, CA
Booth #4101, North Hall
NSX is delighted to attend everyone’s favorite security conference, RSA. This year’s theme is “Now Matters,” aptly named in time with the astounding number of threats to cybersecurity and data breaches we’ve collectively seen in the news this year. That said, don’t miss a great talk on how app architecture “now matters” when it comes to transforming security by Tomrn, Senior Vice President and General Manager, Security Products, VMware. His session will be on April 17 from 1:00pm–1:45pm. The team will also be doing demos at the VMware booth (#4101 in the North Hall) – so be sure to swing by and chat with us about our offerings.
VMware Speaking Sessions at RSA Conference:
NSX Mindset Reception:
Join us for a NSX Mindset reception with VMware Continue reading
Video: Automatic Diagramming with PowerNSX
Here's a trick question: how often do your Visio diagrams match what's really implemented in your network?
Wouldn't it be great to be able to create or modify them on-the-fly based on what's really configured in the network? That's exactly what Anthony Burke demonstrated in the PowerNSX part of PowerShell for Networking Engineers webinar (source code).
You’ll need at least free ipSpace.net subscription to watch the video.
VMware Cloud on AWS with Direct Connect: NSX Networking and vMotion to the Cloud with Demo
Check out my prior below blogs here on VMware Network Virtualization blog on how NSX is leveraged in VMware Cloud on AWS to provide all the networking and security features. These prior blogs provide a foundation that this blog post builds on. In this blog post I discuss how AWS Direct Connect can be leveraged with VMware Cloud on AWS to provide high bandwidth, low latency connectivity to a SDDC deployed in VMware Cloud on AWS. This is one of my favorite features as it provides high bandwidth, low latency connectivity from on-prem directly into the customer’s VMware Cloud on AWS VPC enabling better and consistent connectivity/performance while also enabling live migration/vMotion from on-prem to cloud! I want to to thank my colleague, Venky Deshpande, who helped with some of the details in this post. Continue reading
Stateful vs Stateless firewalls: Which one to use when?
Firewalls provide traffic filtering and protects the trusted environment for the untrusted. A firewall can be stateful or stateless A stateful firewall is capable of tracking connection states, it is better equipped to allow or deny traffic based on such knowledge. A TCP connection for example goes through the handshake (SYN-SYN+ACK-SYN), to EASTABLISHED state, and … Continue reading Stateful vs Stateless firewalls: Which one to use when?Meet Me at VMware NSX Deep Dive Event in Zurich
When VMware launched the first version of NSX for vSphere more than four years ago, the NSBU team reached out to me and asked me to create a sponsored webinar describing NSX fundamentals, its architecture, and high-level deployment guidelines.
In the meantime we discussed updating the materials, but nothing ever happened. Time to fix that, this time from a vendor-neutral perspective. We’ll start with a day-long event on April 19th 2018 in Zurich, Switzerland.
Read more ...Want to Learn More About SD-WAN? Register for Our SD-WAN 101 Webinar Series
No other technology in recent history has experienced the growth rate that SD-WAN currently possesses. The buzz is high, the benefits are numerous, and its strategic position in digital transformation is critical. Enterprises are changing their legacy networks and dramatically improving the way they do business, offering next-generation technology today because of SD-WAN.
You May Be Wondering:
- What makes SD-WAN different than a WAN?
- Why is it so important to the network fabric of today’s businesses?
- Why is it so transformative?
- How can it help me and my business?
If you’ve asked these questions and want to understand SD-WAN better and determine if it’s a good fit for your business, sign up for our VeloCloud SD-WAN 101 webinar. Choose the date that works best for you!
This webinar will provide you with the essential information you’ll need to understand SD-WAN. You’ll learn how to leverage SD-WAN to improve and optimize your existing network to meet your business needs. And, you’ll gain a clear understanding of next steps in determining your path forward with SD-WAN.
Register today: http://www.velocloud.com/sd-wan-resources/webinars/sd-wan-101
The post Want to Learn More About SD-WAN? Register for Our SD-WAN 101 Webinar Series appeared first on Network Virtualization.
Video: Create an NSX Logical Switch with PowerNSX
After introducing PowerNSX Anthony Burke illustrated how easy it is to use with a Hello, World equivalent: creating a logical switch (VXLAN segment).
You’ll need at least free ipSpace.net subscription to watch the video.
Want to know more about VMware NSX? We’ll run an NSX-focused event and a NSX Deep Dive workshop in Zurich on April 19th 2018, an overview webinar comparing NSX, ACI and EVPN on March 1st, and a deep dive in VMware NSX architecture later in 2018.
Ericsson CEO Says Cisco Partnership Isn’t Dead Yet
The companies are looking for new areas to work together.
Your Container Volumes Served By oVirt
Note: < 5 minutes read
When running a virtualization workload on oVirt, a VM disk is 'natively' a disk somewhere on your network-storage.
Entering containers world, on Kubernetes(k8s) or OpenShift, there are many options specifically because the workload can be totally stateless, i.e
they are stored on a host supplied disk and can be removed when the container is terminated. The more interesting case is stateful workloads i.e apps that persist data (think DBs, web servers/services, etc). k8s/OpenShift designed an API to dynamically provision the container storage (volume in k8s terminology).
See the resources section for more details.
In this post I want to cover how oVirt can provide volumes for containers running on k8s/OpenShift cluster.
Overview
Consider this: you want to deploy wikimedia as a container, with all its content served from /opt.
For that you will create a persistent volume for the container - when we have state to keep and server
creating a volume makes sense. It is persistent, it exists regardless the container state,
and you can choose which directory exactly you serve that volume, and that is the most important
part, k8s/OpenShift gives you an API to determine who will provide the volume Continue reading
Your Container Volumes Served By oVirt
Note: < 5 minutes read
When running a virtualization workload on oVirt, a VM disk is 'natively' a disk somewhere on your network-storage.
Entering containers world, on Kubernetes(k8s) or OpenShift, there are many options specifically because the workload can be totally stateless, i.e
they are stored on a host supplied disk and can be removed when the container is terminated. The more interesting case is stateful workloads i.e apps that persist data (think DBs, web servers/services, etc). k8s/OpenShift designed an API to dynamically provision the container storage (volume in k8s terminology).
See the resources section for more details.
In this post I want to cover how oVirt can provide volumes for containers running on k8s/OpenShift cluster.
Overview
Consider this: you want to deploy wikimedia as a container, with all its content served from /opt.
For that you will create a persistent volume for the container - when we have state to keep and server
creating a volume makes sense. It is persistent, it exists regardless the container state,
and you can choose which directory exactly you serve that volume, and that is the most important
part, k8s/OpenShift gives you an API to determine who will provide the volume Continue reading