Technology Short Take #71

 Published on 9 Sep 2016 ·  Filed in Information ·  1216 words (estimated 6 minutes to read)

Welcome to Technology Short Take #71! As always, I have a list of links related to various data center technologies found below; hopefully something here proves useful.

Networking

• Dmitri Kalintsev is back with another article in a series of articles on using hardware VXLAN tunnel endpoints (VTEPs) with VMware NSX. In this case, it’s on validating HW VTEP deployment for integration with NSX. In particular, Dmitri points out that you need connectivity both on the management plane as well as on the data plane.
• Here’s a handy post by Dale Coghlan on how to find object IDs for just about anything in a VMware NSX environment.

Servers/Hardware

• Intel has finally started shipping silicon photonics gear, according to this report from El Reg (news coming out of IDF16). A more detailed analysis of silicon photonics can be had over at The Next Platform.

Security

• The use of VMware NSX for microsegmentation is a really popular use case, and so the topic of scripting distributed firewall (DFW) rules often comes up. Dale Coghlan has an article on bulk DFW rule creation that might be helpful in such instances.
• This blog post on shielded VMs in Windows Server 2016 is a bit light on details, but the embedded video may be more informative (I didn’t watch it).
• I predicted a couple of years ago that Intel SGX (Software Guard Extensions) was going to be HUGE (see here). I recently saw that at Intel Developer Forum (IDF) Bromium showed off an SGX-enabled prototype that uses SGX to protect sensitive data. This is just the beginning—it’s going to end up going a lot farther, I believe. See this blog post by Simon Crosby for more details.

Cloud Computing/Cloud Management

• Dmitri Kalintsev tackles the subject of infrastructure as code and why you should care. It’s a good intro to the topic of infrastructure as code (if this is new to you), and I appreciate the fact that Dmitri also took the time to provide reasons why it’s valuable/important to IT professionals. So many times you’ll see various technologies or trends discussed, but the author won’t take the time to explain why it is being discussed.
• Pradipta Kumar Banerjee has an article on using local storage for instances in OpenStack. Specifically, the article discusses the use of Cinder volumes provided by disks in the compute nodes, so a compute node is both a compute node as well as a Cinder volume node.
• Chris Smart has a thorough article on setting up OpenStack Ansible all-in-one behind a proxy.
• While a user of a private cloud shouldn’t have to worry about the details on how the cloud operates or is built, that’s not true for the architect of a private cloud. This seems obvious, I know, but I do believe that this fact is often overlooked in the all-too-common refrains of “OpenStack is too complicated!” (This is not to say that sentiment isn’t true in some areas, by the way.) In any case, have a look at this article by Julio Villareal Pelegrino on architecting an OpenStack cloud.
• Speaking of OpenStack complexity…I came across this article on YAQL expressions (thanks to the kind folks at Mirantis for the link in their “OpenStack Unlocked” newsletter). Now, I’m likely to take some heat (Ha! No pun intended!) for this, but I have to ask—is this really the sort of thing that should be exposed to cloud consumers? Maybe it’s just me, but it seems that we (the OpenStack community) should be a bit more focused on usability than on adding more nerd knobs. Then again, what do I know?

Operating Systems/Applications

• Red Hat Enterprise Linux Atomic Host (how’s that for a mouthful?) recently announced version 7.2.6, and it includes the ability to add packages directly to Atomic Host. This is a fairly significant departure from a lot of other container-optimized Linux hosts, which require you to leverage containers for anything not included in the base distribution. See this Red Hat blog has more details on the new “package layering” functionality.
• VMware vRealize Log Insight (known as vRLI by its friends) now has a MongoDB content pack.
• CoreOS has extended their online validator to validate both Ignition configurations (Ignition is their tool aimed at machine provisioning) as well as cloud-config configurations.
• Commenting on the ruckus that arose out of a Twitter conversation between Kelsey Hightower and Solomon Hykes, Matt Asay strikes a bit of a different approach on the topic of container standardization in this InfoWorld article. On the face of it, I agree with Matt’s statement that “design by committee” tends not to work well; however, I also believe that there needs to be some reasonable counterbalance to a single (commercial) entity’s control over an open source project.
• Is a simple DOCKERFILE a myth, a figment of the imagination? The more I read about creating highly-optimized Docker images, the more I believe this is the case. The latest example is from this article by Denny Zhang.
• Ajeet Singh Raina has a simple example of how service discovery works in Docker 1.12. (Nice use of Docker Compose in helping illustrate how everything works.)
• Ryan Brown disputes the Docker claim (from DockerCon) that “Docker is serverless” in this article. While I agree with some of Ryan’s points, I have to wonder if the disagreement isn’t just a matter of different perspectives. I mean, any Function-as-a-Service (FaaS) offering has to have some sort of runtime underneath; who’s to say it isn’t some form of Linux containers? (See the introductory text here.) At the same time, exposing the “plumbing” behind a FaaS offering does “violate” the fundamental concepts of FaaS. Hence, it’s really a matter of just different perspectives.
• DVM looks handy.

Storage

• A “seething cauldron of technology development” is how this article by Chris Mellor at The Register described the space around NVDIMM, NVMe, XPoint, ReRAM, and DRAM-SSD. (So many new terms! It’s obvious I haven’t paid a great deal of attention to the storage space recently.)
• If you’re seeking resources related to NVMe, this NVMe bibliography (by J Metz) is a great resource. Not sure where to start? No problem—J has you covered with this NVMe program of study, too.

Virtualization

• Steve Flanders has made available an ESXi importer manifest for Log Insight.
• Dale Carter outlines new clustering requirements for VMware Identity Manager in version 2.7.
• VMworld recently happened (in case you hadn’t noticed), and this year VMware is opening up access to all the VMworld content, even if you didn’t attend the show. (It’s about time.) William Lam has a list of direct playback URLs to make the process of accessing the content easier. Read William’s post here (and get the URLs here).

Career/Soft Skills

• While reading his article on remote site replicated Docker registries, I was intrigued by Ryan Kelly’s guide on how to find a quiet place where you will not be interrupted. In today’s society, multi-tasking is praised; however, I find that it’s far more effective to manage my focus and my time instead of jumping from task to task. (Your mileage may vary, of course.)

I’d love to keep going, but I suppose I’d better wrap it up before this post gets too long! Don’t worry—if this post wasn’t enough, I’ll have another Technology Short Take up for you in just a couple weeks.

Metadata and Navigation

 Networking  Hardware  Security  Storage  Virtualization  NSX  VXLAN  Intel  Windows  Microsoft  HyperV  OpenStack  Ansible  Docker  Linux  CoreOS  RedHat  VMware
Previous Post: VMworld 2016 Day 2 Keynote
Next Post: A Follow Up on SSH Bastion Hosts

Be social and share this post!