Scott's Weblog The weblog of an IT pro specializing in cloud computing, virtualization, and networking, all with an open source view

Technology Short Take #53

Welcome to Technology Short Take #53. In this post, I’ve gathered links to posts about networking, virtualization, Docker, containers, Linux, configuration management, and all kinds of other cool stuff. Here’s hoping you find something useful!

Networking

  • Anthony Spiteri, who works at an Australian service provider running NSX, has some in-depth articles discussing vShield Edge and NSX Edge (part 1, part 2, part 3, and part 4). Anthony discusses features supported by both, how they handle high availability, how VPN services work, and how to handle certificates. It looks like very useful information for anyone supporting NSX in their environment.
  • Here’s a nice article on using Ansible with Arista EOS. This isn’t something I’ve had the chance to do just yet (currently needing to focus my efforts on Ansible with Linux/Cumulus Linux), but it certainly seems relatively straightforward. Without having done this myself, it seems like I’d prefer to run pyeapi on the switches directly, so the Ansible configuration remains clean (instead of having to use a local connection for the switches but SSH for everything else). Of course, I’m sure there are trade-offs each way.
  • I think I’ve mentioned this before (it’s really hard to keep track of which articles you’ve included in a Technology Short Take already, so apologies if this is a duplicate), but this article provides a good overview of the VXLAN control plane modes in VMware NSX.
  • I think Brent Salisbury is going to be the “star” of this Technology Short Take, since I’ve got several articles of his that I want to reference. (Keep up the great work, Brent!) If you haven’t read Brent’s article on building network tools with Docker, I highly recommend it. The first part of this article does a great job of describing some of the key forces that are shaping the networking industry. Brent is one of the folks who clearly sees that the role of a networking professional is changing, and is working to help others through the transition.

Servers/Hardware

Nothing this time around, but I’ll keep my eyes peeled for content to include in future posts.

Security

Cloud Computing/Cloud Management

  • Here’s a very practical post from Maish Saidel-Keesing (not that his other posts aren’t practical!) on downloading the videos from the OpenStack Summit. Very useful if you (like me) couldn’t make it to the last Summit in Vancouver.
  • Having spent a bit of time using Docker Machine, I find it to be a very interesting tool. I don’t see it replacing other tools (just like I don’t necessarily see Linux containers replacing virtualization or bare metal), but I do think it’s a nice complement to existing tools. If you’re interested in learning more about Docker Machine, here’s a couple of posts you might find useful. First, Nathan LeClaire has a Docker Machine 0.3.0 (latest version) deep dive that is useful. Second, Brent Salisbury has a write-up on using Docker Machine with AWS that provides a useful real-world example of how it might be used.
  • Cody Bunch has a short (but sweet) post on how using depends_on in OpenStack Heat templates allows you to specify the start-up order of instances created by that template. Simple, but effective.

Operating Systems/Applications

  • This is probably more “just for fun” than for anything else, but it’s worth including as well. Jessie Frazelle has done some pretty amazing things with Docker containers (she did a session—which I unfortunately missed—on using Docker containers for desktop Linux apps that I heard was fabulous), and in this post she talks about how to route traffic through a Tor Docker container.
  • For an alternative to the “Rah rah Docker is the best tool EVAR” mentality, I invite you to peruse this article on why Docker is not yet succeeding widely in production. Simon’s article is, I think, a well-balanced view of the positives and the negatives that coming from using Docker at scale in production.
  • Jason Anderson has a nice post on using SR-IOV (Single Root I/O Virtualization) to expose Docker containers. The gist is that you can use SR-IOV to supply each Docker container with its own “dedicated” NIC (which is really just a virtual function on the actual physical NIC). This is pretty cool, but does have some limitations; specifically, the number of virtual functions supported on the physical NIC (in Jason’s article, the limit was 63). Thus, this approach may only be viable for a limited number of Docker containers on a container host. It’s also worth noting that you have to “wrap” the Docker command using a tool like pipework in order to make this work. (It would be interesting to see/know if the upcoming Docker Network will address this sort of use case.)
  • Cloud Foundry is undergoing some changes to evolve along with the rapid rise of containerization; this post on Garden (CF’s containerization layer) and runC (the new container runtime from the Open Container Initiative) provides some details on the direction the project is headed.
  • CenturyLink Labs has a good article on effectively using docker inspect to gather information about Docker images and running containers.
  • Check out this packaging of the vCloud Air CLI as a Docker container. Handy.
  • This article by Michael Gugino provides some details on getting GRE tunnels over IPv6 with Open vSwitch running on CentOS 7. Thanks Mike!
  • Neowin has a quick recap of what’s new in Windows Server 2016 Technical Preview 3, if you’re interested in seeing what’s happening on that front.

Storage

Virtualization

That’s it for this time around. As always, I’d love to hear from you. Feel free to hit me up on Twitter. Thanks for reading!

Metadata and Navigation

Be social and share this post!