Technology Short Take #53
Published on 25 Aug 2015 · Filed in Information · 1331 words (estimated 7 minutes to read)Welcome to Technology Short Take #53. In this post, I’ve gathered links to posts about networking, virtualization, Docker, containers, Linux, configuration management, and all kinds of other cool stuff. Here’s hoping you find something useful!
Networking
- Anthony Spiteri, who works at an Australian service provider running NSX, has some in-depth articles discussing vShield Edge and NSX Edge (part 1, part 2, part 3, and part 4). Anthony discusses features supported by both, how they handle high availability, how VPN services work, and how to handle certificates. It looks like very useful information for anyone supporting NSX in their environment.
- Here’s a nice article on using Ansible with Arista EOS. This isn’t something I’ve had the chance to do just yet (currently needing to focus my efforts on Ansible with Linux/Cumulus Linux), but it certainly seems relatively straightforward. Without having done this myself, it seems like I’d prefer to run
pyeapion the switches directly, so the Ansible configuration remains clean (instead of having to use a local connection for the switches but SSH for everything else). Of course, I’m sure there are trade-offs each way. - I think I’ve mentioned this before (it’s really hard to keep track of which articles you’ve included in a Technology Short Take already, so apologies if this is a duplicate), but this article provides a good overview of the VXLAN control plane modes in VMware NSX.
- I think Brent Salisbury is going to be the “star” of this Technology Short Take, since I’ve got several articles of his that I want to reference. (Keep up the great work, Brent!) If you haven’t read Brent’s article on building network tools with Docker, I highly recommend it. The first part of this article does a great job of describing some of the key forces that are shaping the networking industry. Brent is one of the folks who clearly sees that the role of a networking professional is changing, and is working to help others through the transition.
Servers/Hardware
Nothing this time around, but I’ll keep my eyes peeled for content to include in future posts.
Security
- Josh Townsend discusses the use of vShield Endpoint with vSphere 6.0, including addressing some questions around how the vCNS End of Availability/End of Support announcements.
- Roie Ben Haim, who works in professional services at VMware, has a deep dive on the NSX distributed firewall (DFW). I haven’t had a chance to read it all, but it seems pretty comprehensive.
Cloud Computing/Cloud Management
- Here’s a very practical post from Maish Saidel-Keesing (not that his other posts aren’t practical!) on downloading the videos from the OpenStack Summit. Very useful if you (like me) couldn’t make it to the last Summit in Vancouver.
- Having spent a bit of time using Docker Machine, I find it to be a very interesting tool. I don’t see it replacing other tools (just like I don’t necessarily see Linux containers replacing virtualization or bare metal), but I do think it’s a nice complement to existing tools. If you’re interested in learning more about Docker Machine, here’s a couple of posts you might find useful. First, Nathan LeClaire has a Docker Machine 0.3.0 (latest version) deep dive that is useful. Second, Brent Salisbury has a write-up on using Docker Machine with AWS that provides a useful real-world example of how it might be used.
- Cody Bunch has a short (but sweet) post on how using
depends_onin OpenStack Heat templates allows you to specify the start-up order of instances created by that template. Simple, but effective.
Operating Systems/Applications
- This is probably more “just for fun” than for anything else, but it’s worth including as well. Jessie Frazelle has done some pretty amazing things with Docker containers (she did a session—which I unfortunately missed—on using Docker containers for desktop Linux apps that I heard was fabulous), and in this post she talks about how to route traffic through a Tor Docker container.
- For an alternative to the “Rah rah Docker is the best tool EVAR” mentality, I invite you to peruse this article on why Docker is not yet succeeding widely in production. Simon’s article is, I think, a well-balanced view of the positives and the negatives that coming from using Docker at scale in production.
- Jason Anderson has a nice post on using SR-IOV (Single Root I/O Virtualization) to expose Docker containers. The gist is that you can use SR-IOV to supply each Docker container with its own “dedicated” NIC (which is really just a virtual function on the actual physical NIC). This is pretty cool, but does have some limitations; specifically, the number of virtual functions supported on the physical NIC (in Jason’s article, the limit was 63). Thus, this approach may only be viable for a limited number of Docker containers on a container host. It’s also worth noting that you have to “wrap” the Docker command using a tool like
pipeworkin order to make this work. (It would be interesting to see/know if the upcoming Docker Network will address this sort of use case.) - Cloud Foundry is undergoing some changes to evolve along with the rapid rise of containerization; this post on Garden (CF’s containerization layer) and runC (the new container runtime from the Open Container Initiative) provides some details on the direction the project is headed.
- CenturyLink Labs has a good article on effectively using
docker inspectto gather information about Docker images and running containers. - Check out this packaging of the vCloud Air CLI as a Docker container. Handy.
- This article by Michael Gugino provides some details on getting GRE tunnels over IPv6 with Open vSwitch running on CentOS 7. Thanks Mike!
- Neowin has a quick recap of what’s new in Windows Server 2016 Technical Preview 3, if you’re interested in seeing what’s happening on that front.
Storage
- John Griffith has a blog post (slightly older, from December 2014) on using OpenStack live migration with Cinder-backed instances.
Virtualization
- VMware unveiled AppCatalyst at DockerCon 2015, and some AppCatalyst materials have started to pop up here and there. First, here’s a “first impressions” post on AppCatalyst that also provides a few additional links to other AppCatalyst posts. Once you’re done reading that, have a look at this post on running lattice.cf on AppCatalyst for a more in-depth look at using AppCatalyst.
- Ryan Kelly has a great article on using VMware vSphere, Vagrant with the vSphere provider, and VMware Photon together to enable developers to leverage the infrastructure you already have in place. This is, IMHO, a great way to start enabling developers to use tools that may feel comfortable to them while still taking advantage of the investments your organization has already made in a VMware vSphere-based environment. The only thing I’d like to see on top of this is using Docker Machine and/or Docker Compose along with this setup…hmmm…might be something I need to explore!
- Mark Russinovich, CTO for Microsoft Azure, has a long but informative article on the union of Docker containers, Windows Server, and Hyper-V. The article provides a good overview of containers, reminds folks that although Windows Server will support the Docker APIs and the Docker client you won’t be able to run Linux containers directly on Windows (or vice versa), and reiterates the importance of a hypervisor with containers in mixed trust zones.
- Seems like William Lam has been rocking-and-rolling on generating content. (Kudos to you, William!) Here’s an update on the nested ESXi VMware Tools Fling, a post on the new HTML5 Embedded Host Client, and a list of some best practices/troubleshooting tips for the new Instant Clone PowerCLI cmdlets. Very useful stuff!
- Ben Armstrong, aka “Virtual PC Guy,” has decided to start sharing some of his scripts and code samples on GitHub (published with the MIT license). Nice! You can read about the move to GitHub and get more details in his post here.
That’s it for this time around. As always, I’d love to hear from you. Feel free to hit me up on Twitter. Thanks for reading!