Scott's Weblog The weblog of an IT pro specializing in cloud computing, virtualization, and networking, all with an open source view

Technology Short Take #47

Welcome to Technology Short Take #47! This is the first Technology Short Take for 2015 and the first to be published on the new blog platform. I have quite a bit of information to share this time around, so buckle up and let’s get started!

Networking

  • Michael Webster isn’t a name that normally pops up here in the Networking section of my Technology Short Takes, but he recently wrote an article on installing Cumulus Linux from a MacBook Pro that I thought might be handy. I’m particularly jealous that Michael was able to get his hands on a Cumulus-supported switch while here I am—with a full NSX installation just ready to integrate with Cumulus—not making any progress on that front.
  • Speaking of Cumulus Linux, here’s a write-up on using Cumulus Linux on Dell Networking switches; in particular, this article describes how to install Cumulus Linux on a Dell S6000-ON. I spoke to some folks at Dell a while ago about getting my hands on a Cumulus-compatible switch, but never heard back. Sure would be nice…(hint, hint).
  • The folks over at Weave (who are building a lightweight overlay networking solution for Docker containers) recently posted some thoughts on life and Docker networking. If you want to keep up on the various developments in Docker networking, there are some useful links in this post.
  • Jason Edelman has a great post on automated network diagrams with Schprokits and AutoNetkit. I love how Jason—among others—is really pushing forward with network automation. Good stuff.
  • OVS developers Ben Pfaff, Justin Pettit, and Ethan Jackson recently posted an article to Network Heresy talking about improvements in Open vSwitch (OVS) performance. This post is definitely worth reading if you’re interested in the improvements that have been made to OVS over the last several versions.
  • Interesting in giving OpenContrail a spin? Here’s an article on how to use Vagrant to spin up a single node test environment. It would be cool if VMware would/could do the same with VMware NSX.
  • Here’s a 2-D diagram of the Facebook Altoona network architecture created by Jason Edelman, who thought the 2-D diagram was more readable and easier to understand (for him, at least).
  • Open Network Linux (main website here; GitHub repo here) was recently brought to my attention. Big Switch’s web site confirms that Open Network Linux is the foundation for their Switch Light OS; does anyone know if Cumulus Linux is also based on Open Network Linux?

Servers/Hardware

  • Juniper recently announced the OCX1100-48SX, a new hardware switching platform built to the Open Compute Project (OCP) specifications (more information here). Normally, I’d put this in the Networking section, but I’m highlighting it here because not only does it support Juniper’s JunOS but also supports other ONIE-compatible network operating systems as well (Cumulus Linux, anyone?). The interesting part in this announcement is the hardware—does this mark the rise of “brite-box” (“brite-box” = branded whitebox) switching? How long before other major networking hardware vendors will have to follow suit? Or will this be a flash in the pan, with no lasting impact on the networking hardware industry? Time will tell. (I think it will make a difference.)

Security

  • Did you catch the news about HyTrust making DataControl (their data encryption product) available via the AWS Marketplace? This is a smart move, in my opinion—data security and data integrity are often cited as potential concerns for using public cloud services, and so HyTrust responds with a solution designed for that very purpose. I’m curious to see the uptake of this solution.
  • This news is a few weeks old now, but I wanted to be sure to include it here in order to ensure that it gets the broadest distribution possible. All versions of Docker prior to version 1.3.2 have a security vulnerability that could allow host privilege escalation; more details here. Be sure to upgrade to close this potential security hole.

Cloud Computing/Cloud Management

  • Did you see the big announcement from AWS re:Invent about EC2 Container Service? More details are available here. Also, Aaron Delp has a nice series of live blogs from re:Invent, so check out his site here.
  • Ben Kepes also has a nice write-up of some of the announcements from re:Invent.
  • Mark Shuttleworth (of Canonical) shares his thoughts here on what constitutes OpenStack “core.”
  • Puppet Labs recently announced a Puppet module to provision AWS infrastructure. The blog post announcing the module is here; the module’s GitHub page is here.
  • Although the title talks about deploying OpenStack with multiple hypervisors, this article focuses more on setting up VMware vSphere with OpenStack. Fortunately it does bring to light one thing that often gets overlooked—the need to manage multiple Glance images when using multiple hypervisors.
  • Congress—the policy framework project in which I’m involved—is starting to get more attention, which is definitely a good thing. I recently came across this post on Congress, which provides an overview of Congress and supplies some links to useful resources on Congress. Keep up the Congress coverage, Melissa!
  • Eran Gampel has a three-part series on the Neutron Distributed Virtual Router (DVR) functionality in OpenStack Juno that might be worth reading (part 1, part 2, and part 3). BTW, there’s plenty of other good content on Eran’s site as well, so feel free to check it out.

Operating Systems/Applications

  • Is Docker ready for production? Frederic de Villamil shares his thoughts after 2 weeks of hands-on time with Docker. The end result: in his view, Docker isn’t production-ready in a complex environment because it adds too much complexity. Some of the areas Frederic identifies as issues include logging, network management, and process monitoring. That’s not to say that Docker isn’t useful, just that it might not be the “be all end all” that some are claiming it is.
  • Maybe it’s just because I know Tom Howarth, but his post on “Containers: The Emperor’s New Clothes” comes across a bit like a crotchety old man yelling “Get off my lawn!” (No offense, Tom!) However, Tom does bring up some great points regarding the claimed benefits of containers over VMs. In the end, the onus is on the user to evaluate these solutions in the context of the underlying business need, and then pick the technology that provides the most effective and most efficient solution to the problem. On that point, I think Tom and I are in violent agreement.
  • CoreOS rocked (no pun intended) the container world recently with their announcement of Rocket, their own container runtime. Some say this split was predictable; others were caught off guard. It’s too early to tell what will become of the “Docker vs. Rocket” debate, but the open discussion that’s being generated by the announcement certainly doesn’t hurt anyone.

Storage

  • If you, like me, have been seeing “NVMe” around a lot but weren’t quite sure what the story was, this beginner’s guide to NVMe by J Metz is definitely worth reading.
  • Is optimizing storage traffic a “killer application” for OpenFlow? Matt Oswalt has a write-up on how Coho uses OpenFlow to intelligently steer traffic to and from various nodes in their storage array.
  • I’m not really sure of the purpose of running a file system as a set of Docker containers except to say “Look what I did,” but here’s a post on running XtreemFS in Docker containers.

Virtualization

It’s time to wrap up now; this post has already gotten too long. (What can I say? There’s just so much good information out there!) I hope you were able to find something useful here.

Metadata and Navigation

Be social and share this post!