0

Kubernetes 101 – The build

In this series of posts we’re going to tackle deploying a Kubernetes cluster.  Kubernetes is the open source container cluster manager that Google released some time ago.  In short, it’s a way to treat a large number of hosts as single compute instance that you can deploy containers against.  While the system itself is pretty straight forward to use, the install and initial configuration can be a little bit daunting if you’ve never done it before.  The other reason I’m writing this is because I had a hard time finding all of the pieces to build a bare metal kubernetes cluster.  Most of the other blogs you’ll read use some mix of an overlay (Weave or Flannel) so I wanted to document a build that used bare metal hosts along with non-overlay networking.

In this first post we’ll deal with getting things running.  This includes downloading the actual code from github, building it, deploying it to your machines, and configuring the services.  In the following posts we’ll actually start deploying pods (we’ll talk about what those are later on), discuss the deployment model, and dig into how Kubernetes handles container networking.  That Continue reading

0

February Network Topology Photo Challenge

Show us your best GNS3 Topology to win a $250 Amazon Gift Card + Pica8 Polo Shirt! Contest Closes on March 2nd   Over the past couple

0

New Product Release :: CCIE Data Center – Written Exam Video on Demand

We are happy to announce that we’ve recently completed a brand new CCIE Data Center Written Exam Video on Demand. In this coursework, you’ll immerse yourself in each technology your instructor, Jason Lunde CCIE #29431 x2 (R&S and Data Center) presents. Jason will also dissect each technology in a manner in which you will walk away with a complete understanding. Included in the coursework is close to 18 hours of lectures, white boards, and configuration topics!

Check out this Video on Demand course here.

Below, you will find the complete outline of our latest Video on Demand course! We’re quite confident that you won’t find a more thorough, up-to-date product on the market!

Outline

0

Migrating From One Old Mac To Another with Factory Reset & OS X Yosemite

Send to Kindle I had a need this past weekend to migrate from one old Mac running OS X Yosemite to another old Mac, also running OS X Yosemite. Apple’s Migration Assistant can get this done, but I was looking to zero out the target Mac first. You can google a few different ways to […]

0

Wireless Configuration Method Speed Test Shootout :: Part 3

This is the third and final article in a series focusing on seeing which configuration methods are fastest or slowest in the CCIE wireless lab.  The idea is to test each method under a variety of likely configuration scenarios that you would experience in the real lab and see how things stack up.

Check out the supporting Speed Test video playlist on our YouTube channel.

This article focuses on autonomous APs.  I set up 3 different scenarios, as listed below:

• Configuring WDS using local RADIUS and registering 2 APs
• Configuring two SSIDs with their associated VLANs
• Configuring a few settings under the radios

If you want to watch the actual configurations, you can check out the companion video to this article over in our YouTube channel.  It shows how I arrived at the configuration speeds and the methods that I used.  You may be able to pick up a few tips or tricks for faster configurations by watching how I do things.

WDS

For this test, had to configure local RADIUS with a network device and user account, then configure AAP1 as a WDS with associated authentication methods.  Finally, I registered both AAP1 and AAP2 Continue reading

0

Multigigabit Ethernet 2.5 / 5.0Gbps NBASE-T Alliance

Ethernet 2.0

The title above may seem a little odd given Ethernet’s long and healthy life. Keeping conversation to more recent Ethernet standards (10/100/1000/10000/40000/100000 Mbps) the transmission technology and encoding standards have come a very long way for Ethernet. I remember when 100Mbps ports were the absolute norm and when 1Gbps ports were spared for very special (high paying) customers often on a single line card on a router!!! A router!!!

Wind the clock forward about ten years and where are we? 10Gbps access ports to servers, 40Gbps uplink ports from top of rack switching and 1Gbps ports to wireless access points, vending machines and home devices such as printers and coffee machines. Wireless technology is flourishing and with the advent of 802.11ac (Gigabit wireless) the access layer is seeing rolling upgrades.

So if we imagine our access tier is formed of 1Gbps access ports to wireless access points, multiple 10Gbps uplinks often in a multi-chassis Ethernet LAG (MLAG/MEC/vPC/) bundle and core speeds at least at multiple 10Gbps if not 40Gbps speeds, what happens when wireless plays catch up? Introducing The 802.11ac Wave 2 standard which sees speeds that could exceed 6.8 Gbps. This unbelievable wireless speed Continue reading

0

Networking Basics: Spanning Tree Protocol

by Ethan Banks, originally published on the Auvik blog For new networkers, Spanning Tree Protocol (STP) can be an intimidating topic. Many

0

Untangle Comprehensive Feature Analysis [Continued]

In the preceding article Untangle Scrutinized : Deep Dive into Untangle’s Features, we scrutinized Untangle’s Web Filter, HTTPS

0

Response: Whats New in systemd, 2015 Edition

Summary of a presentation at FOSDEM about systemd is very interesting. Lots of improvements and practical changes from what I can see that would Linux more usable and viable. But this caught my eye about replacing syslog with HTTP: journald-remoting: the binary logger now has remote support (aka: remoting) via HTTP (instead of the syslog […]

The post Response: Whats New in systemd, 2015 Edition appeared first on EtherealMind.

0

text2pcap – How to convert ASCII packet dumps to .pcap files?

Nothing in my experince is better at telling the real story than a packet capture. They tell exactly what is really going on and whether the configuration or changes are working  as expected or not. Sometimes an engineer needs to look at packet captures taken from devices that don’t generate .pcap files directly. Although with [...] No related posts. Related posts brought to you by Yet Another Related Posts Plugin.

0

Eycalyptus – cloud introduction and auto-scaling tutorial

For best article visual quality, open Eycalyptus – cloud introduction and auto-scaling tutorial directly at NetworkGeekStuff.

In this article, I will show how to do a very simple auto-scaling system on eucalyptus cloud using the wonderful eucalyptus fast start image. Afterwards you will appreciate how easy and configurable the Eucalyptus cloud is in regards to configuring customization scripts on systems that are booted dynamically inside auto-scaling triggers (like low CPU, RAM, etc… ).

A little history, last year (2014), HP has requisitioned a company called Eucalyptus, what I must admit surprised me after spending so much time with OpenStack. So I tried to get an idea why this move has happened and what are the main differences that immediately come to mind to compare these two.

So let me went with you on the first example exposure to Eucalyptus.

… demo experience

Prerequisites:

1. Physical system with Intel-V or AMD-x virtualization on CPU
2. Virtual server running in hypervisor that supports nested virtualization (KVM or vmWare)

The target requirements

1)      Have a cloud system with capability to deploy a server quickly
2)      Test basic systems like load-balancing
3)      Check the network forwarding inside the cloud
4)      Demonstrate auto-scaling system of Eucalyptus on Continue reading

0

Big Cloud Fabric: Scaling OpenFlow Fabric

I’m still convinced that architectures with centralized control planes (and that includes solutions relying on OpenFlow controllers) cannot scale. On the other hand, Big Switch Networks is shipping Big Cloud Fabric, and they claim they solved the problem. Obviously I wanted to figure out what’s going on and Andy Shaw and Rob Sherwood were kind enough to explain the interesting details of their solution.

Long story short: Big Switch Networks significantly extended OpenFlow.

Read more ...

0

Containers – Docker, LXC and Rocket

This blog is part of my ongoing series on Docker containers. In my previous blog, I covered LXC. When I tried out LXC, I realized that there are lots of similarities between Docker and LXC. Also, I saw a recent announcement about Rocket which is another Container runtime technology. In this blog, I have tried … Continue reading Containers – Docker, LXC and Rocket →

0

LXC Containers

This blog is part of my ongoing series on Docker containers. In this blog, I will take a deviation from Docker and focus on LXC. LXC manages Containers like Docker, there are some differences, I will cover the differences in a later blog. LXC is an Opensource Linux container project from Linuxcontainers.org that provides an user space … Continue reading LXC Containers →

0

CCIE Renewed – Exam 400-101

The problem with obtaining certifications is that you need to renew them. CCIE is no different – I first passed the lab in September 2012, and I was overdue for renewing it. I’m pleased to report that I have now done that, and it is now current until September 2016. Here’s some of my impressions of the 400-101 exam.

I had planned on using the CCDE written exam to renew my R&S CCIE, and then decide if I would go on to attempt the CCDE practical exam. But it seems that the CCDE exam writers and I just don’t share the same mindset. I tried, but it wasn’t working for me, and I wasn’t making progress. So I went back to R&S for my re-cert.

New Blueprint

I originally passed version 4, exam number 350-101. This has been updated to version 5. The written exam is now 400-101. Of course, this doesn’t mean that everything changes. Core L2 & L3 protocols don’t change that much. BGP, OSPF and EIGRP and still BGP, OSPF and EIGRP.

There are some key changes though, such as:

• Frame relay gone, DMVPN in
• IS-IS back in – theory only
• New EIGRP features, such as named mode
• More MPLS Continue reading

0

Last Chapter of Data Center Design Case Studies Is Published

A few days ago I completed the last chapter in the Data Center Design Case Studies book: building disaster recovery and active-active data centers. It focuses on application behavior and business needs, not on the underlying technologies; the networking technology part tends to be way easier to solve than the oft-ignored application-level challenges.

0

PQ Show 45 – Talking About PR & Marketing

I was lucky enough to attend the Powering the Cloud Conference in October last year. While I was there I say down with  Federica Monsone from A3 Communications to talk about the role of PR, Marketing and Social media. While we poke fun at marketing it is a deadly serious business. We need our vendors […]

Author information

The post PQ Show 45 – Talking About PR & Marketing appeared first on Packet Pushers Podcast and was written by Greg Ferro.

0

Happy Birthday SR629007199!

It is with disappointment and frustration that I'm celebrating the 1st birthday of an unresolved Cisco support case. I'm not happy about it, plan to do some complaining in this post.

Now, don't get me wrong, I think the people at Cisco TAC are great. They're an absolutely first class support organization, the standard by which other vendors are judged, and they consistently give me great service.

In spite of their efforts, sometimes things just don't work out. This is one of those times.

I opened SR629007199 on January 31st 2014 after noticing a peculiar problem with an ISR G2 router: Servers couldn't receive packets intended for them because the router was screwing up their traffic. The Ethernet frames carrying these packets included the wrong destination MAC address, so the servers ignored them.

Specifically, the router was screwing up the IP->L2 address mapping required for IPv4 multicast packets. Instead of using 23 bits of the multicast group in the L2 header, that portion of the L2 header was all zeros. It looked like this:

Bogus dMAC on most of these frames

Those two HSRP packets originated by the router looked okay, and traffic from local sources was okay, but every Continue reading

0

Securing Your Connection Anywhere You Go

We all know that there are a lot of incomplete security models. Firesheep made this fact painfully obvious to those who regularly work from public hotspots. Although this issue extends beyond insecure wireless deployments, unencrypted hotspots are an easy target. When network traffic isn’t secured in the application layers AND that same traffic is not secured in the network or datalink layers, bad things can and do happen.

TLDR–This article solves this problem by utilizing a Meraki MX60 and the VPN client Native on OSX. To skip to the good stuff, click here.

One approach that some people decide to employ is utilizing a VPN connection for their Internet traffic when connected to untrusted networks. For years, enterprises have utilized these controls to allow secure access to corporate resources. A common trend to day includes utilizing “the cloud” for sensitive enterprise and personal data. While these systems *should* be appropriate resilient, we know that is not always the case. In addition to that, federated authentication schemes and password reuse can also pose additional risk to broken systems and less security conscious users.

Having easy access to some gear, I have been using a Meraki MX60 for a few months. This device makes the configuration Continue reading

0

Performance Enhancements with KVM on GNS3/Linux

I have been recently intrigued by the lack of performance enhancement brought by KVM to the ASA in GNS3 1.2.3 on Ubuntu 14.10 with Qemu