Scott's Weblog The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking

Technology Short Take #58

Welcome to Technology Short Take #58. This will be the last Technology Short Take of 2015, as next week is Christmas and the following week is the New Year’s holiday. Before I present this episode’s collection of links, articles, and thoughts on various data center technologies, allow me to first wish all of my readers a very merry and very festive holiday season. Now, on to the content!



  • Normally the hardware space is pretty boring (in fact, I’ve been considering removing it from the Technology Short Take series), but HPE decided to shake things up recently with its Synergy servers and “composable architecture”. Most of the articles I found on the Synergy servers and “composable architecture” were more “market-techture” than anything substantive (see the list of links at the end of this Mirantis blog post), but as far as I’m able to glean this sounds a lot like Intel’s Rack-Scale Architecture. (See here for some of my thoughts on Intel’s RSA following IDF 2014.) If HPE’s Synergy takes the approach of enabling higher-level software to be more insightful and more effective, then great; if, on the other hand, HPE takes the approach of trying to replicate higher-level software functionality in hardware (as it seems they’re trying to do), I’m not a fan of the added complexity.


  • This article listing 20 Linux server hardening tips contains some basic tips but is nevertheless a very good resource for someone looking for Linux security recommendations.

Cloud Computing/Cloud Management

  • Microsoft recently announced a preview of Azure Container Service (ACS). ACS offers multiple “endpoints,” each of which enables you to use a particular open source container/orchestration tool. For example, there is a Docker Swarm endpoint, against which you could use standard Docker tools (like Docker Compose, for example).
  • Rackspace and VMware have a pair of articles discussing their interoperable OpenStack cloud architecture (here’s the post from Rackspace, and here’s the post from VMware). In my opinion, this is the sort of interoperability across providers and implementations that OpenStack really needs, so it’s good to see two well-known names stepping up to make this happen. It would be great to see this expand to even more OpenStack providers, but it has to start somewhere, right?
  • Trevor Roberts Jr. has a three-part series on using Vagrant with OpenStack, something I’ve tackled on my site as well. Check out Trevor’s posts (part 1, part 2, and part 3).
  • I’ve been reviewing AWS VPC design recommendations recently, and one of the suggestions that comes up is using a VPC with a private subnet so that the instances on that VPC are not reachable from the Internet. Makes sense; if an instance isn’t serving traffic from the Internet, then it shouldn’t be reachable from the Internet. This, however, presents an issue; how do you provide outbound Internet access to these instances? You can use a pair of NAT instances (this has scale limitations and adds complexity), you can use the new Managed NAT Gateway, or you can leverage a Squid proxy (or even an AutoScaling Group of Squid proxies, if you’re ambitious enough).
  • This is an older post on OpenStack availability zones and host aggregates, but useful nevertheless (for me, at least).

Operating Systems/Applications

  • Want to run Docker Swarm on Azure? Look here.
  • There’s been a fair amount of noise regarding the Open Container Initiative recently, including a pair of blog posts from (somewhat) opposing viewpoints (a post from Docker and a post from CoreOS). Depending on your viewpoint, OCI is either the greatest thing since sliced bread, or it’s a work in progress with a lot of potential. Time will tell which viewpoint was the most accurate.
  • Splunk recently announced their Splunk Logging Driver for Docker, which allows Docker containers to send log data directly to Splunk. This comes on the heels of the Docker announcement around their Ecosystem Technology Partner (ETP) program, which initially includes a whole list of logging-related partners (but didn’t include Splunk, oddly enough). If you’re interested in trying the Splunk driver, you’ll need to use the Docker experimental build.
  • This looks handy. (CLI tricks are so much fun.)
  • I really appreciated Kelsey Hightower’s recent “12 Fractured Apps” article, in which he tackles some less-than-ideal application patterns with Docker containers. I’m not an application developer, but some of the suggestions Kelsey makes—like creating any directories the application needs if they don’t exist—seem like ordinary common sense, and so part of me is surprised (although I shouldn’t be) that this apparently isn’t common practice.
  • The recent release of CentOS 7.2 has caused some issues building Docker containers; see this article for a fix. (Thanks to Shannon McFarland for posting this on Twitter.)
  • Kubernetes cheat sheet? Why, yes, thanks.


  • Joseph Griffiths has an article talking about an error condition he experienced where his VMware hosts lost access to a volume when connected via Brocade SAN switches. The fix, as Joseph describes it, is to be sure to use the correct fillword setting. It’s been ages (OK, a few years) since I worked with Fibre Channel SAN switches, so this doesn’t mean a whole lot to me—but hopefully it’s helpful to someone out there.


Career/Soft Skills/Productivity

  • Tom Hollingsworth recently weighed in on the topic of full-stack engineers in his post titled “A Stack Full of It”. I was in part of the discussion at ONUG that (apparently) triggered Tom’s post. Tom makes some valid points, but I do respectfully disagree. I think full-stack engineers—folks that can work within and across multiple silos and layers of the data center—are a step in the right direction. I’ll have more to say on this topic very soon, so stay tuned.

I had more stuff to share with you, but I constrained myself to publish this last Short Take of 2015 no later than today, so I’ll stop here. I hope that you found something useful!

Metadata and Navigation

Be social and share this post!