Technology Short Take #77

 Published on 3 Feb 2017 ·  Filed in Information ·  1041 words (estimated 5 minutes to read)

Welcome to Technology Short Take #77. I’ve got a new collection of links and articles from around the Web on various data center-focused technologies.

Networking

• Mark Brookfield takes a moment to remind everyone that you shouldn’t use the (deprecated) C# vSphere Client to manage NSX environments. Good advice.
• Michael Kashin has a great article on how Open Virtual Network (OVN, part of the Open vSwitch project) implements virtual networks in OpenStack. Yes, the article is slightly OpenStack-centric, but it still remains a very informative look at the different components of OVN and how OVN works. (You might also be interested in an earlier article that outlines how to build and install OVN with OpenStack.)
• In a bit of an older post from late summer 2016, Matt Oswalt outlines why network engineers should care about the network software supply chain. I won’t steal Matt’s thunder; go have a look at the post yourself to see if you agree with his assessment.
• Simon Leinen (from SWITCHengines) explains their use of IPv6 with OpenStack.
• John Kozej has a write-up on an NSX logical switch packet walk.
• Sam McGeown discusses deploying ECMP with NSX for a provider logical router.
• Thanks to Ivan Pepelnjak, I saw this network diagnostic tool.

Servers/Hardware

• There was a fair amount of wailing and gnashing of teeth when Apple updated the MacBook Pro line with the Touch Bar. Some people love it, others absolutely hate it. Jeff Geerling has a great article on why he returned his 2016 MacBook Pro with Touch Bar; it’s definitely worth a read, in my opinion.

Security

• Vivek Gite over at nixCraft explains how to use ufw (Uncomplicated Firewall) on Ubuntu to limit SSH connections.
• If you’re interested in learning more about some of the new security features in vSphere 6.5, check out this post by Mike Foley—he has pointers to more details on VM Encryption, Secure Boot, and Encrypted vMotion.
• Eddie Cranklin Kim shares how to create a virus using assembly language. (I’m assuming Eddie isn’t actually advocating the creation of viruses, but using this as a means of teaching assembly language programming techniques.)
• Lennart Poettering, the creator of systemd, shares how to avoid CVE-2016-8655 using systemd.
• Check out this list of command-line basics that Robert Graham feels every cybersecurity professional should know/learn.

Cloud Computing/Cloud Management

• If you’ve deployed the vRealize Operations Management Pack for NSX, there’s an option to enable Log Insight integration as well. When this option is checked, NSX will be configured to log to Log Insight as described in this post by Steve Flanders. Normally, that’s not an issue, but be aware that this prevents you from changing the log destinations as they’ll just be changed right back shortly afterward.
• Sayli Karmarkar and Vinay Shah of Netflix describe Winston, “an event-driven diagnostic and remediation platform.” What does that mean? Basically, in a nutshell, Winston executes runbooks of automation code in response to events. Have a look at the article for more details.
• Steve Schofield shares how to change the Docker default network to persist across reboots with vRealize 7.2.

Operating Systems/Applications

• Ben Corrie shares some of his thoughts about the recent GA of vSphere Integrated Containers (VIC).
• Flatpak is a (relatively) new application packaging/sandboxing mechanism for Linux applications. This looks really promising, IMHO—I’m excited to see it continue to develop.
• Nicolas Malaval has a post describing how to record SSH sessions established through a bastion host. The post is a bit geeky but quite informative, and worth reading if SSH bastion hosts are a key part of your architecture. (Not sure what a bastion host is? Read this post.) Thanks to Maish Saidel-Keesing for pointing out this article.
• Who would have thought that one day you’d refer to a Microsoft web site for instructions on configuring something in Linux? That’s exactly what we have here: a Microsoft Azure page with instructions on configuring DHCPv6 for Linux VMs (covering various Linux distributions).
• This next post is more than a year old; it’s been sitting in my “folder of articles that I’m going to discuss but haven’t gotten around to yet”. In any case, I think the time is right. The article is by Kelsey Hightower, and in it he discusses how building twelve-factor apps incorrectly can lead to “12 fractured apps” (the title of the article). As I understand it, the basic idea behind Kelsey’s article is that if you’re going to go down the route of containerizing your applications, then you should do it right instead of jimmy-rigging shell scripts and configuration management tools.
• Courtesy of Cody Bunch, I found this article on defensive BASH programming, which contains some very useful tips of which I was not aware.
• Looks like I’m not the only one making the leap from macOS to Linux—check out this pair of articles on Wesley Moore’s switch (part 1 and part 2). Part 2 is especially helpful for others who might be switching, as it contains a list of Linux apps to replace the macOS equivalents.

Storage

• A new, Docker-specific filesystem and graph driver have emerged to address the shortcomings of existing implementations. The new filesystem is called LCFS, or Layer Cloning File System, and you can get more details on LCFS via its GitHub repository.

Virtualization

• This post outlines how to install the VirtualBox Guest Additions on recent versions of Fedora/CentOS/RHEL.
• William Lam shares his adventure(s) in testing a USB-C/Thunderbolt 3 adapter for ESXi.
• Adam Eckerle (along with some help from Mike Foley) discusses the VMCA and a “hybrid” approach to managing SSL certificates in a vSphere 6.x environment.
• Eric Gray published this article on creating an Auto Deploy reverse proxy cache using Nginx.
• In this post, Massimo Re Ferre talks about a script he wrote to automate vSphere Integrated Containers (the script itself is on GitHub).

Career/Soft Skills

• John Cook shares a very important aspect of using automation: it’s not necessarily about saving time, but also about saving mental energy.
• I often recommend that IT professionals try to improve their understanding of the business side of things. This article on the failure of RethinkDB is a good read that helps, in my opinion, shed some light on the non-technical aspects of a technology business.

That’s all this time around. Here’s hoping you found something useful!

Metadata and Navigation

 Networking  Hardware  Security  Storage  Virtualization  NSX  VMware  OVN  OpenStack  Apple  macOS  vSphere  Linux  CLI  Microsoft  SSH  Docker  VirtualBox  SSL
Previous Post: The Linux Migration: Final Linux Distro Selection
Next Post: Spousetivities at DockerCon 2017

Be social and share this post!