Technology Short Take #59

 Published on 15 Jan 2016 ·  Filed in Information ·  1145 words (estimated 6 minutes to read)

Welcome to Technology Short Take #59, the first Technology Short Take of 2016. As we start a new year, here’s a collection of links and articles from around the web. Here’s hoping you find something useful to you!

Networking

• Nir Yechiel posted an article on using the Cumulus VX QCOW2 image with Fedora and KVM. Cumulus VX, if you aren’t aware, is a community-supported virtual appliance version of Cumulus Linux aimed at helping folks preview and test “full-blown” Cumulus Linux (which, of course, requires compatible hardware).
• NAPALM (Network Automation and Programmability Layer with Multivendor support) looks like a really cool tool. I haven’t yet had the opportunity to work with it, but it is definitely something I’d like to explore in more detail. Here’s an article on an effort to add Cisco IOS support to NAPALM. Gabriele (the author of that post) also has a nice article on some resources to get you started with network automation.
• Using Python and Netmiko for network automation is the topic of this post by Colin McAlister. This is a good introductory post, and one that I plan to leverage as I dive deeper into these tools.
• Kuryr (the OpenStack project to allow Docker Networking to leverage OpenStack Neutron) is coming along. Stuff in this space is moving so quickly at times that it can be difficult to keep up. Fortunately, Gal Sagie is sharing information via his blog; for example, here’s a post on Kuryr support for Docker Networking’s pluggable IPAM (IP address management).
• Steve Flanders has a good article explaining how to configure NSX to log to Log Insight (a task which, in my humble opinion, is far too complicated and needs to be simplified).

Servers/Hardware

• This is a fascinating (to me, at least) paper on the implications of non-volatile storage on today’s data centers (and data center hardware). It seems clear to me that distributed storage systems are going to be the de facto way to build storage systems moving forward, which obviously has significant implications for networking, compute, power, and environmental factors. Good stuff here—I highly recommend reading this paper.

Security

• Dwayne Sinclair (an NSX SE at VMware) has a write-up on what micro-segmentation is not. Micro-segmentation is one of those terms (like SDN, cloud, DevOps, etc.) that is getting co-opted to mean a lot of different things, and in this post Dwayne talks about why private VLANs aren’t actually micro-segmentation.
• You may recall that last year (like that was so long ago!) VMware open-sourced an identity and access management service called Lightwave (project web site, GitHub repo). Juan Manuel Rey has taken some time to get Lightwave running in his home lab and has a couple of blog posts that may be worth reading if you’re interested in Lightwave. First, he has a post on setting up a multi-node Lightwave domain; once you have a Lightwave domain running, his post on enabling SSH to authenticate against Lightwave may be useful. Good stuff Juan!
• This post has some pretty in-depth information on the Juniper backdoor that was recently uncovered. If I’m understanding it correctly, it was actually a backdoor of an existing vulnerability.
• A moderate security bug in OpenSSH (all releases between 5.4 and 7.1p2) was discovered. I say “moderate” because the impact of the vulnerability is mitigated easily and limited by a number of other factors. This post by Qualys has some great information.

Cloud Computing/Cloud Management

• Erez Rabih shared some useful information comparing Kubernetes and ECS, and why Kubernetes was the right choice for his particular project.
• Here’s a handy “how to” on assigning a specific floating IP address to an OpenStack instance.
• If you’re familiar with AWS, here’s an article to help you transition to and/or understand matching Google Cloud concepts.

Operating Systems/Applications

• Grant Taylor has a brief article on SSH canonicalization and why it might be beneficial to allow SSH to handle canonicalization (instead of allowing the system resolver to do it). (By the way, if you’re wondering what canonicalization is, see this. In this case, we are referring to converting a hostname, like foo, into a completely unique representation like the fully-qualified domain name [FQDN] foo.example.com.)
• Perhaps you feel a little bit like Kev Gorman, and are wondering what in the heck is CNA (cloud-native applications), anyway? If so, have a look at Kev’s post that attempts to help answer that question.
• Julian Dunn’s article on the oncoming train of enterprise container deployments is a good read.
• Early in a new year is a great time for predictions. Here are some OpenStack and Docker predictions for 2016.

Storage

• In case you’re interested, here’s a collection of storage trends and predictions for 2016.

Virtualization

• Most people are unaware that OS X 10.10 (“Yosemite”) introduced some limited hypervisor functionality based on xhyve and Hypervisor.framework. Maish Saidel-Keesing recently talked about this in a post about a product named Veertu, and I also saw this post about running CoreOS on OS X. This virtualization functionality is bare bones in comparison to more full-featured products like VMware Fusion, Parallels, or VirtualBox, but it’s still interesting to see how it can be utilized.
• Have I mentioned the ESXi Virtual Appliance?
• William Lam has a walkthrough on updating the default Photon OS VM template used by AppCatalyst.

Career/Soft Skills/Productivity

• A while back, in an earlier Technology Short Take, I mentioned an article on running an effective IRC meeting. The subject of IRC—and its appropriate use—is getting some more attention. First, I read this article by Chris Dent on his viewpoint that persistent IRC connectivity/use is actually harmful to open source communities. (This is a counterpoint to the recommendation for persistent IRC found in this article.) I agree with what Chris Dent has to see, and was also pleased to find this article by Stefano Maffuli also calling for a more moderated approach to the use of IRC and a “sane balance of sync-async communication”. Well said!
• “DevOps” is one of those terms that I think gets thrown around too much, and so I was thankful to find this article by Matthew Skelton that lays out some potential team structures that address the reality of DevOps as an effort to (Matthew’s words) “improve the delivery of value for customers and the business.” Many of Matthew’s DevOps team topologies could, I think, be equally applied to other IT disciplines as well (who’d like to see the Smooth Collaboration model between the Server and Network teams?).
• If you’re thinking about building a home lab, read this post by Eric Shanks first. Home labs are great—but there is a cost associated with building and maintaining a home lab, and you’ll want to go into this knowing the investment up front.

That’s it for this time around. If you have any questions or comments about any of the information included here, feel free to hit me up on Twitter. Thanks for reading!

Metadata and Navigation

 Networking  Hardware  Security  Storage  Virtualization  Linux  KVM  Docker  NSX  OpenStack  SSH  macOS  VMware  vSphere
Previous Post: An Improved Way to use YAML with Vagrant
Next Post: Multi-Machine Vagrant Environments with JSON

Be social and share this post!