Scott's Weblog The weblog of an IT pro specializing in virtualization, networking, open source, and cloud computing

Technology Short Take #55

Welcome to Technology Short Take #55! Here’s hoping I’ve managed to find something of value and interest to you in this latest collection of links and articles from around the web on networking, storage, virtualization, security, and other data center-related technologies. Enjoy!

Networking

  • I recently came across Kuryr, an OpenStack project aimed at connecting Docker’s libnetwork efforts to OpenStack Neutron. The end result, as I understand it, would be to allow any Neutron plugin to be able to provide container networking functionality to Docker via libnetwork. This makes sense to me, although I think that network virtualization products are still going to need to integrate directly with libnetwork so that they can be used in environments outside of OpenStack. If you’re interested in getting more information on Kuryr, check out Gal Sagie’s post here or read this follow-up post on using Kuryr and OVN (Open Virtual Network) together.
  • Drew Conry-Murray has a post up on the Packet Pushers blog talking about the benefits and challenges of a single OS; specifically, the benefits and challenges pertaining to Arista and EOS. Lots of companies like to tout the “single OS” banner, but there can be value in having specialized OSes custom-built for specific purposes.
  • Here’s an article that combines two of my favorite companies: Cumulus Networks and Ravello Systems. How so? The article shows you how to build a Cumulus VX lab on Ravello Systems. Very nifty stuff.
  • CloudBase Solutions recently announced the beta availability of Open vSwitch (OVS) 2.4 on Hyper-V—bringing VXLAN and STT support to Hyper-V and enabling interoperable tunneling between Hyper-V hosts and KVM hosts running OVS. A follow-up blog post talks about how to use OVS on Hyper-V outside of an OpenStack context.
  • Lim Wei Chiang has a nice write-up on using ERSPAN with the vSphere Distributed Switch to do packet analysis.
  • Anthony Burke has an article on a method for performing ingress optimization with NSX for vSphere that leverages information from the hypervisor to help NSX make smarter routing decisions/updates. This is pretty cool and underscores the power of pooling data from compute, storage, and networking in a software-defined data center environment.
  • Matt Oswalt is one of a number of forward-thinking networking pros who’s helping to lead the charge in transforming what it means to be a “networking professional.” In this post on network automation, he encourages folks to “be bold” and really pursue network automation instead of “settling” for templating configurations.
  • If you’re running some Juniper equipment and are interested in getting started with network automation on that equipment, this article by Jason Edelman on Juniper vSRX automation with Ansible is a good resource.

Servers/Hardware

  • Dell is buying EMC. What—you hadn’t heard? There are tons of articles discussing the acquisition; check out this pair of articles from Chris Evans (part 1, part 2).

Security

  • I’m no cryptographer, but I found this article on the NSA’s move away from Suite B an interesting read. The author, Matthew Green, also has an in-depth critique of PGP that took up a fair amount of my time (be sure to read the comments).

Cloud Computing/Cloud Management

  • VMware recently announced some integrations between Ansible and vCloud Air that will allow customers to use Ansible playbooks to create resources in vCloud Air. See this blog post for more details and some example Ansible code.
  • Mark Voelker has two posts (so far) on OpenStack DefCore misconceptions that I’ve personally found quite helpful. The first post explains the 12 criteria that are evaluated to determine whether a capability should be required in its guidelines. As Mark explains, these criteria are mostly trailing indicators, meaning they mostly reflect what is already happening with the adoption of OpenStack features/capabilities. The second post explains the “advisory” status of a capability in a guideline, and how this status is intended to help trigger discussion and feedback around whether that capability should move to required, or dropped from the guideline entirely.
  • This post on hacking Neutron to add more IP addresses to a subnet is useful for helping to understand some of the Neutron internals.
  • Rancher—the company behind RancherOS (Linux distro that uses Docker for system services as well as user applications) and Rancher (a management platform for containerized infrastructure)—recently announced a container metadata service they’re saying is analogous to Amazon’s Instance Metadata service. I like the idea, but I’d like it even more if Rancher (the company) pushed this beyond only Rancher’s products.
  • Speaking of metadata services, have a look at this comparison of metadata services (which compares DigitalOcean, Amazon, and Google, but not OpenStack). (Warning: the author’s site seemed a bit flakey the last time I visited it to verify the link, so be warned.)
  • Juan Manuel Rey has a write-up on how easy it is to upgrade VIO (VMware Integrated OpenStack).

Operating Systems/Applications

  • Recently I saw mention of ScyllaDB, a drop-in replacement for Cassandra that claims to be 10x faster. It might be worth investigating if your organization uses Cassandra and is having a hard time with performance and scaling.
  • Juan Manuel Rey has a write-up on taking your first steps with Pivotal’s Lattice. I believe that platforms like Lattice are a rich opportunity for infrastructure folks who are seeking to “move up the stack” a bit, and so I’m glad to see resources such as this article emerging.
  • I’m assuming everyone saw the news that Red Hat is acquiring Ansible.

Storage

  • I recently posted an article about LVM (it was more for me than anything else; I so very rarely run those commands that it’s hard to remember them), but for those who want to automate everything, here’s an article that describes how to work with LVM using Ansible.
  • Want to play with VSAN, but don’t have the requisite equipment? No worries, Ravello Systems has you covered. This isn’t going to cut it for a production environment, but as the title says it’s handy for proof-of-concept, testing, and self-development.
  • Peter Keilty (a former vSpecialist teammate now at VMware) has a write-up on options for using data-at-rest encryption with VMware VSAN. If data-at-rest encryption is something you’re exploring, this post might be worth a few minutes of your time.

Virtualization

  • William Lam points out a new feature in the vSphere Web Client as of vSphere 6.0 Update 1: the ability to erase existing disk partitions. Read his post for all the gory details.
  • This is an interesting experiment, although I confess that I don’t see the value in this process. Feel free to drop me an e-mail or contact me via Twitter if you can enlighten me.
  • If you weren’t at VMworld 2015 and/or haven’t had the chance to catch up on vSphere Integrated Containers, formerly “Project Bonneville,” see this VMware blog post for more information.
  • From the Department of No Surprises comes this study that shows virtualization offers dramatic cost savings and helps reduce energy consumption. (I applaud Experts Exchange for help to spread the word about the benefits of virtualization, even if they are a few years behind the times.)
  • VMware recently released a “standalone” version of VMware Tools (version 10.0, see here for the announcement), but as Andreas Peetz points out there are still some issues that VMware needs to fix around VMware Tools.
  • Looks like Microsoft is jumping in the nested virtualization ring. Microsoft is also catching up on the ability to create VMs with different versions (think Virtual HW versions from the vSphere world, if that’s your background).

Career/Soft Skills/Productivity

OK, I’d better stop before this gets any longer! Whew…so much good stuff out there, it’s really hard to choose what’s included and what’s omitted. In any case, I hope something here was helpful to you. Thanks for reading!

Be social and share this post!