Build oVirt Reports Using Grafana

Grafana, The open platform for beautiful analytics and monitoring, recently added support for PostgreSQL.

It in now possible to connect Grafana to oVirt DWH, in order to visualize and monitor the oVirt environment.

Grafana dashboard example

Adding a Read-Only User to the History Database

You may want to add a read only user to connect the history database :

Note: In oVirt 4.2 we ship postgres 9.5 through the Software Collection.

  1. In order to run psql you will need to run:

    # su - postgres 
$ scl enable rh-postgresql95 -- psql ovirt_engine_history

  2. Create the user to be granted read-only access to the history database:

    ovirt_engine_history=# CREATE ROLE [user name] WITH LOGIN ENCRYPTED PASSWORD '[password]';

  3. Grant the newly created user permission to connect to the history database:

    ovirt_engine_history=# GRANT CONNECT ON DATABASE ovirt_engine_history TO [user name];

  4. Grant the newly created user usage of the public schema:

    ovirt_engine_history=# GRANT USAGE ON SCHEMA public TO [user name];

  5. Exit the database

    ovirt_engine_history=# \q

  6. Generate the rest of the permissions that will be granted to the newly created user and save them to a file:

    $ scl enable rh-postgresql95 -- psql -U postgres -c "SELECT 'GRANT SELECT ON ' || relname  Continue reading

Build oVirt Reports Using Grafana

Grafana, The open platform for beautiful analytics and monitoring, recently added support for PostgreSQL.

It in now possible to connect Grafana to oVirt DWH, in order to visualize and monitor the oVirt environment.

Grafana dashboard example

Adding a Read-Only User to the History Database

You may want to add a read only user to connect the history database :

Note: In oVirt 4.2 we ship postgres 9.5 through the Software Collection.

  1. In order to run psql you will need to run:

    # su - postgres 
$ scl enable rh-postgresql95 -- psql ovirt_engine_history

  2. Create the user to be granted read-only access to the history database:

    ovirt_engine_history=# CREATE ROLE [user name] WITH LOGIN ENCRYPTED PASSWORD '[password]';

  3. Grant the newly created user permission to connect to the history database:

    ovirt_engine_history=# GRANT CONNECT ON DATABASE ovirt_engine_history TO [user name];

  4. Grant the newly created user usage of the public schema:

    ovirt_engine_history=# GRANT USAGE ON SCHEMA public TO [user name];

  5. Exit the database

    ovirt_engine_history=# \q

  6. Generate the rest of the permissions that will be granted to the newly created user and save them to a file:

    $ scl enable rh-postgresql95 -- psql -U postgres -c "SELECT 'GRANT SELECT ON ' || relname  Continue reading

Routing Loop, Failure by Design

I have spent some time studying the CCDE materials. One broken design example that has come up involves route reflector clients that don’t align with the physical topology. This article examines that example and some solutions to the problem.

To illustrate this example we have built the topology below. I used loopback addresses 1.1.1.1 through 6.6.6.6 (based on csr1000v-x). The router on the top is a eBGP neighbor with csr1000v-1 and csr1000v-2. The four routers forming a square in the center have an initial configuration of OSFP and BGP (iBGP as shown). Both Route Reflectors are peered with both clients.

Route Reflector Initial Configuration

//csr1000v-2 shown, csr1000v-3 similar

router ospf 1
router-id 2.2.2.2
passive-interface GigabitEthernet2
network 2.2.2.2 0.0.0.0 area 0
network 10.0.0.0 0.255.255.255 area 0

router bgp 64513
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 64513
neighbor 3.3.3.3 update-source Loopback0
neighbor 4.4.4.4 remote-as 64513
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 5.5.5.5 remote-as 64513
 Continue reading

Routing Loop, Failure by Design

I have spent some time studying the CCDE materials. One broken design example that has come up involves route reflector clients that don’t align with the physical topology. This article examines that example and some solutions to the problem.

To illustrate this example we have built the topology below. I used loopback addresses 1.1.1.1 through 6.6.6.6 (based on csr1000v-x). The router on the top is a eBGP neighbor with csr1000v-1 and csr1000v-2. The four routers forming a square in the center have an initial configuration of OSFP and BGP (iBGP as shown). Both Route Reflectors are peered with both clients.

Route Reflector Initial Configuration

//csr1000v-2 shown, csr1000v-3 similar

router ospf 1
router-id 2.2.2.2
passive-interface GigabitEthernet2
network 2.2.2.2 0.0.0.0 area 0
network 10.0.0.0 0.255.255.255 area 0

router bgp 64513
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 64513
neighbor 3.3.3.3 update-source Loopback0
neighbor 4.4.4.4 remote-as 64513
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 5.5.5.5 remote-as 64513
 Continue reading

Routing Loop, Failure by Design

I have spent some time studying the CCDE materials. One broken design example that has come up involves route reflector clients that don’t align with the physical topology. This article examines that example and some solutions to the problem.

To illustrate this example we have built the topology below. I used loopback addresses 1.1.1.1 through 6.6.6.6 (based on csr1000v-x). The router on the top is a eBGP neighbor with csr1000v-1 and csr1000v-2. The four routers forming a square in the center have an initial configuration of OSFP and BGP (iBGP as shown). Both Route Reflectors are peered with both clients.

Route Reflector Initial Configuration

//csr1000v-2 shown, csr1000v-3 similar

router ospf 1
router-id 2.2.2.2
passive-interface GigabitEthernet2
network 2.2.2.2 0.0.0.0 area 0
network 10.0.0.0 0.255.255.255 area 0

router bgp 64513
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 64513
neighbor 3.3.3.3 update-source Loopback0
neighbor 4.4.4.4 remote-as 64513
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 5.5.5.5 remote-as 64513
 Continue reading

BrandPost: Growing Reliance On Multi-Cloud Boosts Need For Smart Data

As the cloud computing market has soared, businesses have begun incorporating a mix of cloud services to meet their Digital Transformation (DX) objectives. Multi-cloud and hybrid cloud environments are fast becoming the option of choice. In fact, according to a recent Information Age article, 451 Research determined that the future of IT is multi-cloud and hybrid with 69 percent of survey respondents planning to incorporate some form of multi-cloud environment by 2019.To read this article in full, please click here

Watch Live On Monday, 25 June – DNSSEC Workshop at ICANN 62 in Panama

With the DNSSEC Root Key Rollover coming up on October 11, how prepared are we as an industry? What kind of data can we collect in preparation? What is the cost benefit (or not) of implementing DANE? What can we learn from an existing rollover of a cryptographic algorithm?

All those questions and more will be discussed at the DNSSEC Workshop at the ICANN 62 meeting in Panama City, Panama, on Monday, June 25, 2018. The session will begin at 9:00 and conclude at 12:15 EST (UTC-5). [Note: this is one hour different than current US Eastern Daylight Time – Panama does not change to daylight savings time – and so this will begin at 10:00 EDT (UTC-4).]

The agenda includes:

  • DNSSEC Workshop Introduction, Program, Deployment Around the World – Counts, Counts, Counts
  • Panel: DNSSEC Activities and Post Key Signing Key Rollover Preparation
  • DANE: Status, Cost Benefits, Impact from KSK Rollover
  • An Algorithm Rollover  (case study from CZ.NIC)
  • Panel: KSK Rollover Data Collection and Analysis
  • DNSSEC – How Can I Help?
  • The Great DNSSEC/DNS Quiz

It should be an outstanding session!  For those onsite, the workshop will be in Salon 4, the ccNSO room.

Weekend Reads 062218: Bitcoin and Security Flaws

But, as with all new technology, security risks can be found beneath the hype. Indeed, threat actors are finding new targets amid the rise of blockchain as they serve up social-engineering attacks, malware, and exploits to businesses and consumers, according to a recently published report by McAfee’s Advanced Threat Research Team. —Kelly Sheridan @Dark Reading

After last Thursday’s regulatory news that bitcoin and ether were not considered securities, which was widely considered a win for crypto enthusiasts, digital currencies had failed to hold on to gains, a sign the bear market is firmly intact. However, investors were hoping Monday’s move above the post-SEC-statement high will be the start of a more fruitful period for digital currency owners. —Aaron Hankin @MarketWatch

Dubbed Lazy FP State Restore, the vulnerability (CVE-2018-3665) within Intel Core and Xeon processors has just been confirmed by Intel, and vendors are now rushing to roll out security updates in order to fix the flaw and keep their customers protected. The company has not yet released technical details about the vulnerability, but since the vulnerability resides in the CPU, the flaw affects all devices running Intel Core-based microprocessors regardless of the installed operating systems, except some modern versions of Continue reading

DockerCon 2018: Top 5 Rated Sessions

We are happy to share the videos from the top 5 rated sessions from last week’s DockerCon 2018 in San Francisco. The DockerCon on-demand sessions videos are ready for you to explore.

Note: The Ecosystem sessions will not be available.

Demystifying Container Connectivity with Kubernetes in Docker

by Nicola Kabar & Karthik Prabhakar

Message-Based Microservices Architectures Driven with Docker

by Michele Leroux Bustamante

Docker Storage: Designing a Platform for Persistent Data

by Dan Finneran

Istio: Managing, Securing, and Observing Microservices

by Lin Sun & Zack Butcher 

Tips and Tricks of the Docker Captains

by Adrian Mouat

Watch the past videos from DockerCon SF:

Pre-registration open for:

 

Missed @DockerCon SF? Here are the top 5 rated sessions.
Click To Tweet

The post DockerCon 2018: Top 5 Rated Sessions appeared first on Docker Blog.

Show 395: The Nature Of Optical Networking

In this episode, the Packet Pushers dive into optical networking. Optical networking tends to be a specialized area of networking. It’s much less about packets and paths and more about physical properties of fiber optic cables, signal propagation, and remote operations.

In recent times, optical companies have been moving into Data Center Interconnect (DCI) and selling direct to enterprises using dark fiber as well as offering DCI services via infrastructure suppliers.

Joining us today to offer their expertise on optical are Scott Wilkinson, Senior Director, Portfolio Marketing at ECI Telecom; and Andrew Schmitt, founder of Cignal AI.

We discuss the basics of silicon photonics and how it impacts optical networking, particularly for DCI. We also examine the open optical movement being driven by the Facebook-backed Telecom Infrastructure Project.

Show Links:

Cignal AI Newsletter sign-up – Cignal AI

IP and Optical integration white paper – ECI Telecom (PDF)

ONF s ODTN Project Brings Disaggregation and Open Source to Optical Networking – Open Networking.org

Infinera – Following the Open Road(map) – YouTube

Download an overview of latest news from last big optical conference – OFC2018

Pulse-amplitude modulation – Wikipedia

Quadrature amplitude modulation – Wikipedia

Facebook Voyager, an initiative of Continue reading

Stuff The Internet Says On Scalability For June 22nd, 2018

Hey, it's HighScalability time:

 

4th of July may never be the same. China creates stunning non-polluting drone swarm firework displays. Each drone is rated with a game mechanic and gets special privileges based on performance (just kidding). (TicToc)

Do you like this sort of Stuff? Please lend me your support on Patreon. It would mean a great deal to me. And if you know anyone looking for a simple book that uses lots of pictures and lots of examples to explain the cloud, then please recommend my new book: Explain the Cloud Like I'm 10. They'll love you even more.

  • $40 million: Netflix monthly spend on cloud services; 5%: retention increase can increase profits 25%; 50+%: Facebook's IPv6 traffic from the U.S, for mobile it’s over 75 percent; 1 billion: monthly Facebook, err, Instagram users; 409 million: websites use NGINX; 847 Tbps: global average IP traffic in 2021; 200 million: Netflix subscribers by 2020; $30bn: market for artificial-intelligence chips by 2022;

  • Quotable Quotes:

    • @evacide: Just yelled “Encryption of data in transit is not the same as encryption of data at rest!” at Continue reading

1 1,552 1,553 1,554 1,555 1,556 3,836