Using Docker with Vagrant

As part of my ongoing effort to create tools to assist others in learning some of the new technologies out there, I spent a bit of time today working through the use of Docker with Vagrant. Neither of these technologies should be new to my readers; I’ve already provided quick introductory posts to both (see here and here). However, using these two together may provide a real benefit for users who are new to either technology, so I’d like to take a bit and show you how to use Docker with Vagrant.

Background

Vagrant first started shipping with a Docker provider as part of the core product in version 1.6 (recall that Vagrant uses the concept of providers to support multiple backend virtualization solutions). Therefore, if you’ve installed any recent version of Vagrant, you already have the Docker provider as part of your Vagrant installation.

However, while you may have the Docker provider as part of Vagrant, you still need Docker itself (just like if you have the VMware provider for Vagrant, you still need the appropriate VMware product—VMware Fusion on the Mac or VMware Workstation on Windows/Linux) in order to provide the functionality Vagrant will consume. Continue reading

The meaning of Cloud

Microsoft fixes IE memory problems

Internet Explorer is getting major repairs, as Microsoft has issued 41 patches to fix memory vulnerabilities in its browser.The Internet Explorer patches are part of the company's routine monthly release of security and bug fixes for its software products, called "Patch Tuesday." Microsoft Office and both the desktop and server editions of Windows are also getting fixes in this batch.Overall, Microsoft issued patches to cover 56 different vulnerabilities, which are bundled into nine separate security bulletins.Three of the bulletins are marked as critical, meaning they fix vulnerabilities that could be exploited by malicious attackers without user intervention. System administrators should tend to critical vulnerabilities as quickly as possible. These bulletins cover Internet Explorer and both the server and desktop editions of Windows.To read this article in full or to leave a comment, please click here

Docker 1.5: IPv6 support, read-only containers, stats, “named Dockerfiles” and more

File storage service Rapidshare to shutter in wake of legal woes

After years of legal trouble, the once-popular online file storage and sharing company Rapidshare is closing up shop.In a message posted to its website Tuesday, Rapidshare said it will stop active service on March 31. "We strongly recommend all customers to secure their data. After March 31st, 2015 all accounts will no longer be accessible and will be deleted automatically," the message said.MORE ON NETWORK WORLD: 12 Free Cloud Storage options It did not say why it is shutting down. However, legal troubles related to copyright infringement have plagued the company for years.To read this article in full or to leave a comment, please click here

Google hands out free Drive space for running quick security checklist

Google today said it would give users of its Google Drive cloud storage service an additional 2GB if they ran a three-step security checkup.The offer was in honor of "Safer Internet Day," a project begun in 1999 and co-funded by the European Union."As our way of saying thanks for completing the checkup by February 17, we'll give you a permanent 2 gigabyte bump in your Google Drive storage plan," wrote Alex Vogenthaler, group product manager of Google Drive, in a blog post Tuesday.Users of Google Apps for Work and Google Apps for Education are not eligible for the extra 2GB.To read this article in full or to leave a comment, please click here

FCC commish knocks Net neutrality plan, warns of stealthy regulations

The chairman of the U.S. Federal Communications Commission has undersold the amount of intrusive new regulations his net neutrality proposal will bring to the Internet and to broadband providers, a Republican commissioner said Tuesday.The net neutrality proposal from FCC Chairman Tom Wheeler would bring “adverse consequences to entire Internet economy,” Commissioner Ajit Pai said during a press conference. “The imposition of these heavy-handed ... regulations is going to present onerous burdens on everybody, across the entire landscape.”The proposal would allow the FCC to define just and reasonable prices for broadband service and to impose in the future common-carrier telecom regulations, like requiring providers to share their networks with competitors, the commissioner said.To read this article in full or to leave a comment, please click here

Rolling out Change

We all know that “Change is Hard.” But often we, as engineers, focus on the technical aspects of that change. How do I minimise customer impact while upgrading those routers? How can I migrate customer data safely to the new system? But we can forget about the wider implications of what we’re doing. If we do, we may struggle to get our changes implemented, or see poor take-up of new systems.

Why Can’t I Make That Change?

I was talking to an engineer who had planned a huge configuration management implementation. Everything had been manually configured in the past, but this was hitting scale issues. So he had worked for months on a fully automated process. It was going to be amazing. It would configure everything, across all systems and applications. Standards enforced, apps deployments done in a repeatable way, etc. It was going to be a thing of beauty. No-one would ever need to login to a server again. Total automation.

It was all tested, and was just waiting for approval to put it into production. But for some reason, no-one was willing to give the go-ahead to roll it out. Weeks were dragging by, and things were going Continue reading

Relevance of SDN in Cloud Networking

SDN (Software Defined Networking) is finally becoming clearer. It is not “Still Don’t Know” nor is it a specific overlay controller. Simply put, it is an open and programmable way to build networks for customers looking at utilizing hybrid combinations of public and private cloud access.

We are witnessing a shift from multi-tier oversubscribed legacy enterprise networks to two-tier leaf-spine or single-tier Spline™ cloud networks with east- west traffic patterns scaling across thousands of servers. Arista was the first to introduce this new architectural “leaf-spine” approach for cloud-based networks and five years later others are still attempting to mimic. Lets review some practical examples.

Facebook: Take an important and familiar social networking application, Facebook. Their public information shows that they deploy a memcache architecture, which allowed them to reduce the user access time to half a millisecond by using fewer network tiers, resulting in lower application latency. As we log into Facebook, the single login request triggers thousands of look-ups on databases and memcache servers. Legacy enterprise multi-tiered networks would result in delayed look-ups and would negatively impact the user experience and interest in a significant way.

Amazon: Shopping couldn’t be easier than online on your favorite site. Have you Continue reading

Arista says it can route VXLAN too, just like Cisco

Cisco’s claim that its Nexus 9000 leaf switches have a VXLAN routing advantage over those based on Broadcom Trident II silicon is meeting some resistance. In announcing support for the BGP EVPN control plane for VXLAN on its Nexus 9000 switches, Cisco said its Nexus 9300 leaf switches, equipped with Cisco’s custom ALE ASIC, can route VXLAN overlay traffic, which the company touts as a benefit over Broadcom Trident II-based platforms from competitors.To read this article in full or to leave a comment, please click here

Scaling Overlay Networks: Distributed Data Plane

“Thou Shalt Have No Chokepoints” is one of those simple scalability rules that are pretty hard to implement in real-life products. In the Distributed Data Plane part of Scaling Overlay Networks webinar I listed data plane components that can be easily distributed (layer-2 and layer-3 switching), some that are harder to implement but still doable (firewalling) and a few that are close to mission-impossible (NAT and load balancing).

How an outsourcing contract can boost IT service provider performance

IT outsourcing customers are increasingly looking for their service providers not just to cut technology costs or improve process efficiency, but to deliver business results. But getting that kind of business value from IT suppliers has proven to be a challenge.The secret getting technology providers on board with delivering innovation may actually be the terms of the IT outsourcing deals. “Most IT services buyers seek compliance, not improved supplier performance” from their contracts, says Brad Peterson, partner in the Chicago office of law firm Mayer Brown. “That’s all that’s necessary for most it services categories. However, IT buyers can create substantially more value by using incentives to deliver innovation, analytics, data security, mobility, cloud and other fast-changing it services categories.”To read this article in full or to leave a comment, please click here

Technology Short Take #48

Welcome to Technology Short Take #48, another installation in my irregularly-published series that collects links, articles, and thoughts from around the web. This time around, the content is a bit heavier on cloud management and applications/operating systems, but still lots of good content all the way around (I hope, anyway).

Networking

• Matt Oswalt recently wrapped up his 3-part “DevOps for Networking” series. I referenced part 1 of the series back in TST #46, and parts 2 and 3 are just as good as the first one. Part 2 talks about source-driven configuration for NetOps (which discusses the use of Git and Gerrit to manage network device configurations), while Part 3 walks through a continuous integration pipeline for networking (which adds Jenkins to the mix described in part 2). Helpful and informative content, no question about it.
• The NFV discussion seems to be heating up a bit, particularly the “networking” part of NFV. Craig Matsumoto of SDxCentral recently published a piece on NFV performance; that article was based largely on a blog post by Martin Taylor of Metaswitch found here. The key takeaway is that NFV networking performance requirements are something that projects like OpenStack and Open vSwitch (OVS) Continue reading

Cumulus Networks CEO JR Rivers on what’s hot for Open Computing in 2015

Over the past few years of blogging, many of my most popular posts have been interviews with industry thought leaders. To that end, I have started a new interview series I call 'the catch-up,’ where I will catch up with interesting thought leaders in the industry.This is the first interview in the series, featuring Cumulus Networks CEO JR Rivers. Over the next few weeks, I will post interviews with Martin Casado, David Meyer, Rob Hirschfeld, Dan Pitt, and many more. In the past I have only posted the text from interviews; now I have also started recording the interviews and will post them on my YouTube channel, OpenNetworking.TV.To read this article in full or to leave a comment, please click here

Would you buy a smartwatch from a watch company?

It's becoming the biggest question in wearable computing – will the future of smartwatches be determined by tech companies making watches or by watchmakers adding technology?Last week, Swiss watch giant Swatch revealed that it's planning to release its own smartwatch within the next few months. Known for cheap, colorful designs, Swatch is hardly a high-end luxury brand, though it owns a few of those (including Tissot, which has some smart-ish watches in its line).According to what Swatch CEO Nick Hayek said to Bloomberg, the device will communicate via NFC and won't have to be charged (most likely powered by a replaceable watch battery). It will also support mobile payments and work with Windows and Android smartphones (no word on iOS).To read this article in full or to leave a comment, please click here

BGP Communities

BGP Communities has to be one of my favorite features added to the BGP protocol.  As you should know by now, BGP passes several attributes between peers that help influence the BGP best path selection algorithm. One of these is the BGP Community attribute. Think of this as another tag placed on the route advertisement that can give us additional information.

This tag is formatted as 32bit value that is typically displayed in two 16 bit parts. The most typical, and most widely accepted best practices treat these as your Autonomous System Number (ASN), followed by a 16 bit attribute. For example, if your ASN was 65248 and you wanted to tag this route with the number 666, you would set something like 65248:666.

As for the second half of our tag, this number is arbitrary. BGP Communities are a transitive attribute that is completely optional. This means that BGP treats these tags as purely information, and that it is up to the network engineer to decide what these values mean, and what to do with them.

RFC 1997 defines some well known communities that have global significance. These values and their operations should be respected by any community Continue reading

The security implications of IoT: A roundtable discussion with four experts

The Internet of Things (IoT) will usher in a new era of network intelligence and automation, but its arrival raises a host of serious security questions. Network World Editor in Chief John Dix explores the topic in depth with four experts: * Marc Blackmer,
 Product Marketing Manager, Industry Solutions, Cisco * Ari Juels, Professor in the Jacobs Institute at Cornell Tech (formerly Chief Scientist at RSA) * Patrick Tague, Associate Research Professor, Electrical and Computer Engineering, and Information Networking Institute, and Associate Director, Information Networking Institute Carnegie MellonTo read this article in full or to leave a comment, please click here

My First Week at Cumulus Networks

From the first time I spoke with someone at Cumulus Networks, I realized I’d come across something spectacular. My interviews started with a “screening” call from Nat Morris, but it didn’t start with any of those awkward “tell me about yourself” ice-breaker questions. Nat immediately began the conversation with a detailed description of the Cumulus Workbench, his plans for where to take it, and what I thought about them. For someone like me, being able to talk candidly about a concrete project made it easy for me to see myself in the position, and I felt like I was being treated as if I were already a part of the company. This conversation left such a powerful impression that it literally carried me through the entire interview process.

I started on the day before the RDU team moved from the Apex office to the new office in Cary. All of the furniture was gone, everyone was huddled at folding card tables, and I ended up sitting on the floor in another room since we didn’t have enough chairs even after borrowing some from the restaurant next door! The team assured me that it wasn’t a bait-and-switch by showing me Continue reading

The Packet Flow Duality

Quantum physics is a funny thing. It seeks to solve all the problems in the physical world by breaking everything down into the most basic unit possible. That works for a lot of the observable universe. But when it comes to light, quantum physics has issues. Thanks to experiments and observations, most scientists understand that light isn’t just a wave and it’s not just a collection of particles either. It’s both. This concept is fundamental to understanding how light behaves. But can it also explain how data behaves?

Moving Things Around

We tend to think about data as a series of discrete data units being pushed along a path. While these units might be frames, packets, or datagrams depending on the layer of the OSI model that you are operating at, the result is still the same. A single unit is evaluated for transmission. A brilliant post from Greg Ferro (@EtherealMind) sums up the forwarding thusly:

• Frames being forwarded by MAC address lookup occur at layer 2 (switching)
• Packets being forwarded by IP address lookup occur at layer 3 (routing)
• Data being forwarded at higher levels is a stream of packets (flow forwarding)

It’s simple when you think Continue reading

Verizon, T-Mobile and SK Telecom have the hots for LTE on Wi-Fi spectrum

In the hunt for ways to improve coverage and increase cellular speeds, Verizon Wireless and T-Mobile in the U.S., and SK Telecom of South Korea, are considering using LTE over 5GHz, which today is used by Wi-Fi networks.The operators have all taken part in tests conducted by telecommunications equipment vendor Ericsson in Canada and Sweden, Ericsson said on Tuesday. The underlying technology is still under development and hasn’t been standardized, but Ericsson is able to reach 450Mbps while at the same time playing nice with Wi-Fi devices in its labs.Of the three operators, T-Mobile in the U.S. has been most vocal in its support for the technology. It increases peak and average data speeds to smartphones and other devices with reduced packet latencies, CTO Neville Ray said in a blog post last month.To read this article in full or to leave a comment, please click here