Scott's Weblog The weblog of an IT pro specializing in cloud computing, virtualization, and networking, all with an open source view

Technology Short Take #79

Welcome to Technology Short Take #79! There’s lots of interesting links for you this time around.

Networking

  • I was sure I had mentioned Skydive before, but apparently not (a grep of all my blog posts found nothing), so let me rectify that first. Skydive is (in the project’s own words) an “open source real-time network topology and protocols analyzer.” The project’s GitHub repository is here, and documentation for Skydive is here.
  • OK, now that I’ve mentioned Skydive, I can talk about this article that provides an example of functional SDN testing with Terraform and Skydive. Terraform is used to turn up OpenStack infrastructure, and Skydive (via connections into Neutron and OpenContrail, in this example) is used to validate SDN functionality.
  • Tony Sangha took PowerNSX (a set of PowerShell cmdlets for interacting with NSX) and created a tool to help document the NSX Distributed Firewall configuration. This tool exports the DFW configuration and then converts it into Excel format, and is available on GitHub. (What’s that? You haven’t heard of PowerNSX before? See here.)

Servers/Hardware

Nothing this time around. Should I keep this section, or ditch it? Feel free to give me your feedback on Twitter.

Security

  • I found this article on SELinux concepts for humans to be quite helpful. SELinux has been something that I’ve avoided—yes, avoided—learning because it just seemed too complex. Instead, I should have followed my own advice and started with the vocabulary (which is what this article helps provide).
  • The first practical way of generating SHA1 collisions has been discovered and revealed; more details are available here. Lots of things are potentially impacted.
  • Here’s a great article highlighting some of the risks involved in relying only on HTTPS certificates to denote the “security” or “validity” of a site. My takeaway: double-check the address bar and look at the certificate!

Cloud Computing/Cloud Management

  • Massimo Re Ferre pointed me to an article by “Cloud Opinion” that discusses the upcoming SaaSocalypse that will be created by the next generation of SaaS vendors leveraging FaaS (Function-as-a-Service, as typified by AWS Lambda) and other “serverless” features. The efficiency described by Cloud Opinion is similar to what James Watters discussed in this post from 2013 (also thanks to Massimo), which extols the benefits of using Cloud Foundry on top of “plain” IaaS offerings in order to increase utilization/efficiency.
  • Check out this article that discusses using AWS Spot Instances and spotinst to run low-cost Kubernetes clusters.
  • Brendan Burns, co-founder of Kubernetes and now an architect at Microsoft Azure, has a blog post about how Kubernetes enables containers-as-a-service (CaaS), which in turn is the foundation for the next generation of Platform-as-a-Service (PaaS).
  • You know an effort/project is starting to be “real” when a logo gets designed. Such is the case with CRI-O (the Kubernetes Container Runtime Interface for OCI).
  • I recently started experimenting with awless, a CLI tool for working with Amazon Web Services (AWS). So far, I really like it. Not sure if it will replace my use of the AWS CLI, but it may become a useful tool in my toolbelt. Check it out on GitHub.
  • Sebastian Goasguen has a good overview of federating Kubernetes clusters.
  • I just noticed this article about using Nova flavor extra-specs to pass QoS data down to the virtualization layer. That’s handy.
  • This is a good article on refactoring Terraform against existing infrastructure using terraform state commands.

Operating Systems/Applications

  • Gojko Adzic has a great article describing his organization’s transition to serverless and lessons learned as a result of that transition. For me, the key takeaway was that you need to carefully examine the architecture of your application(s) in order to understand where serverless (function-as-a-service) is the best fit.
  • Here’s a walkthrough to install Arch Linux on VirtualBox.
  • I like the idea of using Docker labels to include a reference to a commit in a version control system as suggested in this article, but as I was thinking about it this morning I had a question. If you are storing your Dockerfile in version control (which is a good idea, I would think), then changing the Dockerfile to add the commit reference is itself a change that needs to be committed, so any commit reference you add to the Dockerfile will be, at best, 1 commit behind (becuase you’ll have to make a commit to record the reference in the Dockerfile). I suppose it doesn’t really matter, it’s just something about which my weird brain was thinking.
  • I came across this article on using SystemTap to help with containerization by identifying the capabilities that a particular executable (or container) needs.
  • Here’s a list of some open source Docker-related tools that developers may find useful. There were a couple of projects there I hadn’t seen before, and a number of them that I fully expected to see listed.
  • “The HFT Guy” has returned with an update on Docker in production.
  • Distributed key-value stores—such as Zookeeper, Consul, and etcd—are an increasingly important part of application architectures (as well as an important part of the orchestration frameworks that manage applications). For that reason, this article comparing the performance of the three key-value stores I named earlier may be worth reading. Keep in mind that this article was written by the etcd team, so the fact that etcd performs favorably in most results must be weighed accordingly.
  • Tim Fairweather has a really useful article on using variables in loops in Jinja2 templates.

Storage

Virtualization

  • Thinking of virtualizing Linux on Hyper-V? Then you may find this list of tips for Linux performance on Hyper-V to be useful.
  • Frank Denneman and his partner in crime Niels Hagoort have launched a new book effort aimed at providing a deep-dive into host resources in vSphere 6.5 environments. Check out the details here.
  • Microsoft recently added an overlay network driver with support for Docker in Windows 10; check out this Microsoft blog post for more information.

Career/Soft Skills

  • I really enjoyed this article by Evgeny Zislis on DevOps transformation using Theory of Constraints. I’m including it here in the “Career/Soft Skills” section because I think the four questions listed in this article apply to all IT professionals, not just those in “DevOps” roles. (Of course, the idea of a “DevOps” role is a topic unto itself, but I’ll leave that for some future article.)
  • I also enjoyed this article by Tim Bray on geek career paths. This is something I’ve been contemplating for a few years now, wondering if it was time for me to make the move to a less technical and more managerial/leadership role (yes, I know those two are different). Tim’s article provided me with some useful food for thought.

That’s all for now—after all, I have to save some stuff for the next one (which you can expect in about 2 weeks). I hope you found something useful, and have a great weekend!

Metadata and Navigation

Be social and share this post!