0

Using Docker Machine with KVM and Libvirt

Docker Machine is, in my opinion, a useful and underrated tool. I’ve written before about using Docker Machine with various services/providers; for example, see this article on using Docker Machine with AWS, or this article on using Docker Machine with OpenStack. Docker Machine also supports local hypervisors, such as VMware Fusion or VirtualBox. In this post, I’ll show you how to use Docker Machine with KVM and Libvirt on a Linux host (I’m using Fedora 27 as an example).

Docker Machine ships with a bunch of different providers, but the KVM/Libvirt provider must be obtained separately (you can find it here on GitHub). Download a binary release (make sure it is named docker-machine-driver-kvm), mark it as executable, and place it somewhere in your PATH. Fedora 27 comes with KVM and the Libvirt daemon installed by default (in order to support the Boxes GUI virtualization app), but I found it helpful to also install the client-side tools:

sudo dnf install libvirt-client

This will make the virsh tool available, which is useful for viewing Libvirt-related resources. Once you have both the KVM/Libvirt driver and the Libvirt client tools installed, you can launch a VM:

docker-machine create -d kvm --kvm-network  Continue reading

0

Using Telegraf, InfluxDB and Grafana to Monitor Network Statistics

Two years ago I wrote about how to use InfluxDB & Grafana for better visualization of network statistics. I still loathe MRTG graphs, but configuring InfluxSNMP was a bit of a pain. Luckily it’s now much easier to collect SNMP data using Telegraf. InfluxDB and Grafana have also improved a lot. Read on for details about to monitor network interface statistics using Telegraf, InfluxDB and Grafana.

Background - Telegraf, InfluxDB + Grafana

There’s three parts to this:

• Grafana: Grafana is “The open platform for beautiful analytics and monitoring.” It makes it easy to create dashboards for displaying data from many sources, particularly time-series data. It works with several different data sources such as Graphite, Elasticsearch, InfluxDB, and OpenTSDB. We’re going to use this as our main front end for visualising our network statistics.

• InfluxDB: InfluxDB is “…a data store for any use case involving large amounts of timestamped data.” This is where we we’re going to store our network statistics. It is designed for exactly this use-case, where metrics are collected over time.

• Telegraf: Telegraf is “…a plugin-driven server agent for collecting and reporting metrics.” This can collect data from a wide variety of sources, Continue reading

0

Complexity Isn’t Always Bad

I was reading a great post this week from Gian Paolo Boarina (@GP_Ifconfig) about complexity in networking. He raises some great points about the overall complexity of systems and how we can never really reduce it, just move or hide it. And it made me think about complexity in general. Why are we against complex systems?

Confusion and Delay

Complexity is difficult. The more complicated we make something the more likely we are to have issues with it. Reducing complexity makes everything easier, or at least appears to do so. My favorite non-tech example of this is the carburetor of an internal combustion engine.

Carburetors are wonderful devices that are necessary for the operation of the engine. And they are very complicated indeed. A minor mistake in configuring the spray pattern of the jets or the alignment of them can cause your engine to fail to work at all. However, when you spend the time to learn how to work with one properly, you can make the engine perform even above the normal specifications.

Carburetors have been largely replaced in modern engines by computerized fuel injectors. These systems accomplish the same goal of injecting the fuel-air mixture into Continue reading

0

Shifting Legacy WebLogic Apps to Docker Enterprise Edition for Improved Operations

Founded in 1792, Alm. Brand is a Danish insurance and banking company headquartered in Copenhagen, Denmark and one of the oldest companies to have ever presented at any DockerCon. Sune Keller, an IT architect, and Loke Johannessen, Systems Specialist, rode their bikes to DockerCon Europe 2017 to demonstrate how they helped lift and shift their legacy WebLogic applications to Docker Enterprise Edition (Docker EE).  You can watch their entire talk here:

Seeking Operational Stability for Legacy Apps

Alm. Brand started working with Docker EE after hearing about it at DockerCon 2015 (known as Docker Datacenter back then). After successfully deploying the first set of new greenfield apps in their Docker EE environment, Alm. Brand wanted to tackle their existing WebLogic applications which were causing the operations team the biggest headaches. The team operated the WebLogic applications in a large cluster, all running on the same JVM. When an app crashed, it would often crash the entire JVM or hang the entire cluster, making it hard to identify which application was the root cause. The setup was also very brittle and slow as they could only deploy one app at a time to the cluster.

With the skills Continue reading

0

Green500 Drives Power Efficiency For Exascale

Each year, at the ISC and SC supercomputing conference shows every year, a central focus tends to be the release of the Top500 list of the world’s most powerful supercomputers. As we’ve noted in The Next Platform, the 25-year-old list may have some issues with it, but it still captures the imagination, with lineups of ever-more powerful systems that reflect the trend toward heterogeneity and accelerators and illustrate the growing competition between the United States and China for dominance in the HPC field, the continued strength of Japan’s supercomputing industry and the desire of European Union countries to …

Green500 Drives Power Efficiency For Exascale was written by Jeffrey Burt at The Next Platform.

0

Show 367: Silver Peak & The Maturing Of SD-WAN (Sponsored)

In today s sponsored show with Silver Peak, we talk about lessons they've learned from more than 500 customer deployments, the role of routing, the necessity of Internet breakouts, and more. Our guest is David Hughes, founder and CEO. The post Show 367: Silver Peak & The Maturing Of SD-WAN (Sponsored) appeared first on Packet Pushers.

0

When It Comes to Smart Toys, It Pays to Shop Smart

When your in-laws give your child a loud toy for the holidays, you know you are going to have to hear it for the next few months. But when that toy connects to the Internet, how can you be sure that you’re the only ones listening?

This holiday season, “smart toys” (Internet or Bluetooth-enabled toys) are some of the most popular toys on the market. A lot of these toys look awesome, including:

• remote control cars that connect with an app and allow you to race against AI controlled cars;
• stuffed animals that play back messages sent from loved one’s smartphones; and
• soccer balls that track your form when you kick them.

Smart toys come with fantastic features, but if left unsecured, smart toys can present a serious privacy risk to those who use them. For instance:

• Hackers could gather the personal messages recorded to play through a grandchild’s teddy bear;
• Strangers could send messages to nearby children by using a toy robot’s Bluetooth feature – putting their safety at risk; and
• Toy companies could use a toy’s microphones not only for voice commands, but to also collect personal information to sell to third parties.

Unsecured smart toys present Continue reading

0

The Symmetry Of Putting Fluid Dynamics In The Cloud

There has been a lot of talk about taking HPC technologies mainstream, taking them out of realm of research, education and government institutions and making them available to enterprises that are being challenged by the need to manage and process the huge amounts of data being generated through the use of such compute- and storage-intensive workloads such as analytics, artificial intelligence and machine learning.

At The Next Platform, we have written about the efforts by systems OEMs likes IBM, Dell EMC, and Hewlett Packard Enterprise and software makers like Microsoft and SAP to develop offerings that are cost-efficient and …

The Symmetry Of Putting Fluid Dynamics In The Cloud was written by Jeffrey Burt at The Next Platform.

0

A Thanksgiving Carol: How Those Smart Engineers at Twitter Screwed Me

Thanksgiving Holiday is a time for family and cheer. Well, a time for family. It's the holiday where we ask our doctor relatives to look at that weird skin growth, and for our geek relatives to fix our computers. This tale is of such computer support, and how the "smart" engineers at Twitter have ruined this for life.

My mom is smart, but not a good computer user. I get my enthusiasm for science and math from my mother, and she has no problem understanding the science of computers. She keeps up when I explain Bitcoin. But she has difficulty using computers. She has this emotional, irrational belief that computers are out to get her.

This makes helping her difficult. Every problem is described in terms of what the computer did to her, not what she did to her computer. It's the computer that needs to be fixed, instead of the user. When I showed her the "haveibeenpwned.com" website (part of my tips for securing computers), it showed her Tumblr password had been hacked. She swore she never created a Tumblr account -- that somebody or something must have done it for her. Except, I was Continue reading

0

Introduction to OSPF NSSA Area

0

5 Reasons Why We’re Thankful for the Docker Community

As the weather gets colder and the days get shorter, we wanted to take some time to give a warm “thank you” to the Docker Community. With an ever-growing community and active community leaders, there’s a lot that Docker has to be thankful for this year! Here’s our top five:

Docker Community Gives Back

1. Docker Community Gives Back

Members of  the Docker and Moby  Community work with unbelievable amounts of dedication and passion on some of the best open source projects around. Their hardwork never goes unnoticed, and the Moby Project is better because of it’s community of awesome contributors.  

Interested in getting started on the Moby Project? Get more info on how you can get involved here.

 

2. Our Community Knows how to Take Action

With over 500 Community Leaders and locations in 81 countries, we’re continually impressed by the initiative our community takes in mentoring and teaching one another – even when you’re on different parts of the globe. We’ve seen you collaborate and create, and we couldn’t be more thankful for all of the impressive tips, tricks and knowledge that you share with us and the community.

 

 

3. All Roads Lead to Continue reading

0

Using Mininet to test OpenStack Firewall drivers

OpenStack FWaaS project will be supporting a Layer 2 firewall based on OVS flow rules. While working on the OVS driver, I felt the need to do some quick tests to check if the flow rules are programmed correctly on the OVS bridge. Although we can run a complete devstack system within a VM, to … Continue reading Using Mininet to test OpenStack Firewall drivers

0

Happy Thanksgiving 2017

In the US, today (Thursday, November 23) is Thanksgiving. I’d like to take a moment to reflect on the meaning of Thanksgiving.

Thanksgiving means different things to different people:

• To folks outside the US, it often just a day with drastically reduced email volume and no interruptions from US-based coworkers. (Enjoy!)
• To folks in the US, it’s a holiday filled with food (turkey, anyone?). There may also be family gatherings, football (American football, of course), and possibly some shopping. (There will most certainly be shopping tomorrow.)
• To many people, it’s also a time to be thankful or grateful for the good things in their lives.
• To Christians, like myself, it’s often a time to reflect on the blessings that God placed in your life. I know that I am quite blessed—blessed with a great family, an amazing wife, and the opportunity to work in a fast-paced industry (among many many other blessings).

Whatever Thanksgiving means to you, I hope that you enjoy the holiday. Happy Thanksgiving!

0

Promoting the African Internet Economy, an opportunity that cannot be missed

Some time ago, a European who visited my country and saw all the potential it possesses asked me “why is your country poor?”. It was a compelling question that made me think for years. It is true that there are external reasons such as the acts of colonial and other powers who have done everything to block economic progress. But, I have to admit, there is at least one major internal reason: we missed many opportunities for development.

We missed the industrial revolution of the 19th century that propelled Japan and many European countries to development. We missed the development opportunity that many South East Asian countries grabbed since the 1960s. We missed many other opportunities, simply because we didn’t realize they were there or we just could not agree on how to make the best out of them.

The African Union has a very clear vision to transform the socio-economic condition of the continent by 2063; by this year, the Union will be celebrating its hundredth anniversary (see Agenda 2063). This is a great vision. But, is Africa ready to use the opportunities that exist today and can enable it to arrive to its aspirations enshrined in Continue reading

0

Worth Reading: Designing Container Networking

Diane Patton (Cumulus Networks) published a short overview of container networking design options, from traditional MLAG to running Quagga on Docker host.

If you want to learn more about individual designs described in that blog post, watch the Leaf-and-Spine Fabric Architectures and Docker Networking webinars, or join one of the data center online courses.

0

Don Jr.: I’ll bite

So Don Jr. tweets the following, which is an excellent troll. So I thought I'd bite. The reason is I just got through debunk Democrat claims about NetNeutrality, so it seems like a good time to balance things out and debunk Trump nonsense.

The issue here is not which side is right. The issue here is whether you stand for truth, or whether you'll seize any factoid that appears to support your side, regardless of the truthfulness of it. The ACLU obviously chose falsehoods, as I documented. In the following tweet, Don Jr. does the same.

It's a preview of the hyperpartisan debates are you are likely to have across the dinner table tomorrow, which each side trying to outdo the other in the false-hoods they'll claim.

Need something to discuss over #Thanksgiving dinner? Try this

Stock markets at all time highs
Lowest jobless claims since 73
6 TRILLION added to economy since Election
1.5M fewer people on food stamps
Consumer confidence through roof
Lowest Unemployment rate in 17 years #maga

— Donald Trump Jr. (@DonaldJTrumpJr) November 23, 2017

What we see in this number is a steady trend of these statistics since the Great Recession, with no evidence Continue reading

0

Basic Configuration for Cisco ASA 5505 Interfaces- Trunk Port

0

Basic Configuration for Cisco ASA 5505 Interfaces- Access Ports

0

The New DDoS Landscape

News outlets and blogs will frequently compare DDoS attacks by the volume of traffic that a victim receives. Surely this makes some sense, right? The greater the volume of traffic a victim receives, the harder to mitigate an attack - right?

At least, this is how things used to work. An attacker would gain capacity and then use that capacity to launch an attack. With enough capacity, an attack would overwhelm the victim's network hardware with junk traffic such that they can no longer serve legitimate requests. If your web traffic is served by a server with a 100 Gbps port and someone sends you 200 Gbps, your network will be saturated and the website will be unavailable.

Recently, this dynamic has shifted as attackers have gotten far more sophisticated. The practical realities of the modern Internet have increased the amount of effort required to clog up the network capacity of a DDoS victim - attackers have noticed this and are now choosing to perform attacks higher up the network stack.

In recent months, Cloudflare has seen a dramatic reduction in simple attempts to flood our network with junk traffic. Whilst we continue to see large network level attacks, in Continue reading

0

Want to try Warp? We just enabled the beta for you

Tomorrow is Thanksgiving in the United States. It’s a holiday for getting together with family characterized by turkey dinner and whatever it is that happens in American football. While celebrating with family is great, if you use a computer for your main line of work, sometimes the conversation turns to how to setup the home wifi or can Russia really use Facebook to hack the US election. Just in case you’re a geek who finds yourself in that position this week, we wanted to give you something to play with. To that end, we’re opening the Warp beta to all Cloudflare users. Feel free to tell your family there’s been an important technical development you need to attend to immediately and enjoy!

Hello Warp! Getting Started

Warp allows you to expose a locally running web server to the internet without having to open up ports in the firewall or even needing a public IP address. Warp connects a web server directly to the Cloudflare network where Cloudflare acts as your web server’s network gateway. Every request reaching your origin must travel to the Cloudflare network where you can apply rate limits, access policies and authentication before the request hits your Continue reading