Running a Small Docker Swarm Cluster

In this post, I’m going to show you how to set up and run your own Docker Swarm cluster. Docker Swarm is a relatively new orchestration tool from Docker (the company) that allows you to create a cluster of hosts running Docker (the open source project) and schedule containers across the cluster. However, just scheduling and running containers across a cluster isn’t enough, so I’ll show you how to add service registration and service discovery to this environment using Consul.

In the event you’re interested in following along, I’ve created a set of files that will allow you to use Vagrant to run this Docker Swarm cluster (on your laptop, if so desired). You can find all these files in the “docker-swarm” folder of my GitHub learning-tools repository.

The Docker Swarm cluster I’m going to show you how to build has 3 major components:

  • A cluster of systems running Consul. In this case, Consul serves a dual purpose. First, it’s used as the discovery service for the Docker Swarm cluster itself. Second, it provides service registration and service discovery functionality for the Docker containers launched on the Swarm cluster.
  • A set of hosts running the Docker daemon (version 1.4. Continue reading

Network Break 30

Over-opinionated analysis on data network and IT Infrastructure. And virtual doughnuts.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+LinkedIn

The post Network Break 30 appeared first on Packet Pushers Podcast and was written by Greg Ferro.

iPexpert’s Newest “CCIE Wall of Fame” Additions 3/6/2015

Please join us in congratulating the following iPexpert client’s who have passed their CCIE lab!

This Week’s CCIE Success Stories

  • Valentin Zamy, CCIE #47202 (Routing & Switching)
  • Freddy Morales, CCIE #47273 (Routing & Switching)
  • Joel Knight, CCIE #47321 (Routing & Switching)
  • Shahid Ansari, CCIE #20017 (Data Center)
  • George Milad Elhamy, CCIE #45875 (Collaboration)
  • Earl Granger, CCIE #45875 (Routing & Switching)

This Week’s CCIE Testimonials

Freddy Morales, CCIE #47273
“I wanted to share my success in obtaining the CCIE Routing and Switching certification. I took the exam in RTP and at approximately 8 pm I received the good news, I am now CCIE #47273.

I want to thank iPexpert because they’ve been my best friend in the past year; when it comes to my studies with their videos and Proctor Labs. With the ups and downs there may have been along the way, I definitively recommend iPexpert to anyone that is serious about becoming an expert. I know that if I decide to go for a different track, iPexpert will be my main resource.”

Shahid Ansari, CCIE #20017
“I have successfully passed my CCIE (DATA CENTER) exam on 25th FEB by using iPexpert training material. Continue reading

Police arrest man in UK over US Defense Department network intrusion

British law enforcement agencies arrested a 23-year-old man suspected of being involved in a hacking attack last year against a satellite communications system operated by the U.S. Department of Defense.The network intrusion occurred on June 15 and resulted in data being stolen from Enhanced Mobile Satellite Services (EMSS), a system operated by the U.S. Defense Information Systems Agency (DISA) that provides U.S. troops and other DoD employees with global communication capabilities, including data transfers and voice calls.The stolen data included contact information for about 800 people, like names, titles, email addresses and phone numbers, as well as the identifying numbers (IMEIs) for 34,400 devices, the U.K. National Crime Agency (NCA) said Friday in a press release.To read this article in full or to leave a comment, please click here

Deprecating the DNS ANY meta-query type

DNS, one of the oldest technologies running the Internet, keeps evolving. There is a constant stream of new developments, from DNSSEC, through DNS-over-TLS, to a plentiful supply of fresh EDNS extensions.

penguins

CC BY-ND 2.0 image by Antarctica Bound

New DNS Resource Records types are being added all the time. As the Internet evolves, new RR’s gain traction while the usage of some old record types decreases. Did you know you can use DNS to express the location of your server on the planet's surface?

Today, we are announcing that we are deprecating the DNS ANY meta-query. In a few weeks we'll be responding to those queries with rcode 4 / Not Implemented.

“ANY” is one of the special “magic” types in DNS. Instead of being a query for a single type like A , AAAA or MX, ANY retrieves all the available types for a given name. Over the years there have been many arguments over the semantics of ANY with some people arguing it really means ALL. Answers to ANY queries are among the biggest that DNS servers give out. The original reason for adding the ANY to DNS was to aid in debugging and testing Continue reading

Windows systems are also vulnerable to FREAK attacks

A cryptographic library used in all Windows versions is affected by a recently disclosed vulnerability in SSL/TLS implementations that allows man-in-the-middle attackers to force clients and servers to use weak encryption. Internet Explorer and other programs using the library are affected.The FREAK (Factoring Attack on RSA-EXPORT Keys) vulnerability stems from a decision made in the 1990s to limit the strength of RSA encryption keys to 512 bits in SSL (Secure Sockets Layer) implementations intended for export in order to meet U.S. government rules on exports of encryption systems.Those “export” cipher suites are no longer used today, but a team of researchers recently discovered that many servers still support them and some SSL/TLS clients, including Web browsers, can be forced to accept them because of bugs in the crypto libraries they rely on.To read this article in full or to leave a comment, please click here

Uber suspends ride-sharing platform in Seoul

Uber Technologies suspended its ride-sharing service in Seoul on Friday, bowing to local authorities after more than a year of struggle over its ride-hailing services.The decision comes only nine days after Uber made uberX free for riders there in response to a crackdown by city authorities, who offered a reward of up to 1 million won (US$910) to residents who reported drivers accepting payments for rides without a permit.“This is the strongest show of our willingness to change the Uber business model in order to create a regulated solution, as we believe that changing our business model is the right thing to do,” Uber said in a statement. The suspension takes effect Friday, it said.To read this article in full or to leave a comment, please click here

VMware NSX Webcast – Creating Agile Networks

You may have seen Joey Logano speed to his first Daytona 500 win this week. Keeping your network in racing shape takes a similar level of NSX: Wanna Go Fastpatience, stamina, and quick reflexes.

Using VMware NSX network virtualization means that you can unlock the full potential of a Software-Defined Data Center, to create and run entire networks on top of existing network hardware, resulting in faster deployment of workloads, as well as greater agility in the face of increasingly dynamic data centers. Watch this overview to learn how VMware NSX reduces the time to provision multi-tier networking and security services from weeks to seconds to win your race.

This one-hour overview of VMware NSX outlines how you can bring virtualization to your existing network, transforming both its operations and economics. You’ll learn how several of the largest service providers, global financial, and enterprise data centers in the world are using NSX to reduce costs and provisioning times to improve agility and establish a new model of network security.

Click here to watch this webcast and find out:

  • What the NSX architecture looks like
  • How switching, routing, firewalling, load-balancing and other services are managed with NSX
  • How overlay networks and logical networks all Continue reading

Mandarin Oriental removes malware after payment card breach

Luxury hotelier Mandarin Oriental has removed malicious software that was used to steal credit card data from some of its hotels in the U.S. and Europe, the company said Thursday.The security codes for the cards were not compromised, it said, although it wasn't clear if that referred to the cards' PIN (personal identification number) or the three-digit CVV code on the back. No other personal information was taken, the company said in a statement.An investigation is underway by law enforcement and forensic specialists. An "isolated number of hotels in the U.S. and Europe were affected," but none in Asia, the company said.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Friday, March 6

Bill targeting data brokers rises from the deadTheir last try failed to pass in 2014, but four U.S. senators have brought back legislation to rein in the data broker business. The law would allow consumers to see and correct personal information held by data brokers, and let them put a halt to having their information shared or sold for marketing purposes. The Data Broker Accountability and Transparency Act, introduced Thursday, is needed because data brokers are a “shadow industry of surreptitious data collection that has amassed covert dossiers on hundreds of millions of Americans,” Sen. Edward Markey said.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Friday, March 6

Bill targeting data brokers rises from the deadTheir last try failed to pass in 2014, but four U.S. senators have brought back legislation to rein in the data broker business. The law would allow consumers to see and correct personal information held by data brokers, and let them put a halt to having their information shared or sold for marketing purposes. The Data Broker Accountability and Transparency Act, introduced Thursday, is needed because data brokers are a “shadow industry of surreptitious data collection that has amassed covert dossiers on hundreds of millions of Americans,” Sen. Edward Markey said.To read this article in full or to leave a comment, please click here

Scalable Load Balancing with Avi Networks on Software Gone Wild

How many times have you received exact specifications of the traffic the e-commerce platform you have to deploy will generate? How do you buy a load balancer (application delivery controller in marketese) to support that (somewhat unknown) amount of traffic? In most cases, you buy a box that’s several times too big for the traffic the site is receiving most of the time, and still crashes under peak load.

Read more ...

SAP to cut 2,200 jobs, plans to recreate them in other parts of the company

SAP will cut over 2,200 jobs this year in activities where it sees no future, but plans to create others around cloud services and its HANA in-memory database offering, where it sees more potential.“There won’t be any impact on customers. We will ensure that we have sufficient hand-over time between colleagues who might be leaving and others taking over,” a company spokeswoman said Friday.The restructuring will affect about 3 percent of SAP’s 74,400 employees. Workers in Germany, France, the U.K. and the U.S. will be offered early retirement, or the opportunity to switch jobs and work for other divisions of the company. Staff in Europe won’t be forced to leave, but lay-offs can’t be avoided elsewhere, said the spokeswoman.To read this article in full or to leave a comment, please click here

5900/5930 R2416 Released!

5900 and 5930 have now updated firmware: R2416. This is a major new release for both platforms. Take a look at the release notes, since there are many enhancements for both platforms. 5900: https://h10145.www1.hp.com/downloads/SoftwareReleases.aspx?ProductNumber=JC772A&lang=&cc=&prodSeriesId= 5930: https://h10145.www1.hp.com/downloads/SoftwareReleases.aspx?ProductNumber=JG726A&lang=&cc=&prodSeriesId= For the 5900, this … Continue reading

Fujitsu tech can track heavily blurred people in security videos

Fujitsu has developed image-processing technology that can be used to track people in security camera footage, even when the images are heavily blurred to protect their privacy.Fujitsu Laboratories said its technology is the first of its kind that can detect people from low-resolution imagery in which faces are indistinguishable.Detecting the movements of people could be useful for retail design, reducing pedestrian congestion in crowded urban areas or improving evacuation routes for emergencies, it said.Fujitsu used computer-vision algorithms to analyze the imagery and identify the rough shapes, such as heads and torsos, that remain even if the image is heavily pixelated. The system can pick out multiple people in a frame, even if they overlap.To read this article in full or to leave a comment, please click here

Amazon opens store on Alibaba to sell imported goods in China

To reach more Chinese consumers, Amazon.com has opened an imported goods store on an Alibaba Group site.The new store will officially launch next month on Alibaba’s Tmall.com site, and will function as a pilot project, Amazon said Friday.Amazon already has its own e-commerce site geared for the country, but its share of China’s online retail market is only 0.8 percent, according to Beijing-based research firm Analysys International.Alibaba, in contrast, controls three quarters of the market through its Tmall and Taobao Marketplace sites, and has 265 million monthly active users.The Chinese market is fiercely competitive, as Amazon is not only competing against Alibaba, but also scores of other smaller e-commerce providers routinely offering promotional deals on products.To read this article in full or to leave a comment, please click here

Hello, I’m 47321

And now the big reveal. The reason I haven’t been blogging or doing much of anything for some time now is because I’ve had a teeny tiny side project going on:

ccie_routeswitch_large

And this week I passed the lab exam! I am CCIE 47321 (Routing and Switching).

Copyright Joel Knight. All Rights Reserved.
www.packetmischief.ca
1 3,597 3,598 3,599 3,600 3,601 3,843