Building Kubernetes based highly customizable environments on OpenStack with Kubespray

Posted on by
Reply

This talk was given on November 8 at the OpenStack Summit Sydney event.

Abstract

Kubespray (formerly Kargo) – is a project under Kubernetes community umbrella. From the technical side, it is a set of tools, that bring the possibility to deploy production-ready Kubernetes cluster easily.

Kubespray supports multiple Linux distributions to host the Kubernetes clusters (including Ubuntu, Debian, CentOS/RHEL and Container Linux by CoreOS), multiple cloud providers to be used as an underlay for the cluster deployment (AWS, DigitalOcean, GCE, Azure and OpenStack), together with the ability to use Bare Metal installations. It may consume Docker and rkt as the container runtimes for the containerized workloads, as well as a wide variety of networking plugins (Flannel, Weave, Calico and Canal); or built-in cloud provider networking instead.

In this talk we will describe the options of using Kubespray for building Kubernetes environments on OpenStack and how can you benefit from it.

What can I expect to learn?

Active Kubernetes community members, Ihor Dvoretskyi and Rob Hirschfeld, will highlight the benefits of running Kubernetes on top of OpenStack, and will describe how Kubespray may simplify the cluster building and management options for these use-cases.

Complete presentation

Slides
https://www.slideshare.net/RackN/slideshelf

Speakers

Ihor Dvoretskyi

Ihor is a Developer Advocate at Cloud Native Computing Foundation (CNCF), focused on the upstream Kubernetes-related efforts. He acts as a Product Manager at Kubernetes community, leading Product Management Special Interest Group with the goals of growing Kubernetes as a #1 open source container orchestration platform.

Rob Hirschfeld

Rob Hirschfeld has been involved in OpenStack since the earliest days with a focus on ops and building the infrastructure that powers cloud and storage.  He’s also co-Chair of the Kubernetes Cluster Ops SIG and a four term OpenStack board member.

 

Breaking the Silicon Floor – Digital Rebar v3.2 unlocks full life-cycle control for hardware provisioning

Posted on by
Reply

The difficulty in fully automating physical infrastructure environments, especially for distributed edge, adds significant cost, complexity and delay when building IT infrastructure. We’ve called this “underlay” or “ready state” in the past but “last mile” may be just as apt. The simple fact is that underlay is the foundation for everything you build above it so mistakes there are amplified.

Historically, simple systems still required manual or custom steps while complex systems where fragile and hard to learn. This dichotomy drives operators to add a cloud abstraction layer as a compromise because the cloud adds simple provisioning APIs at the prices of hidden operational complexity.

What if we had those simple APIs directly against the metal? Without the operational complexity?

That’s exactly what we’ve achieved in the latest Digital Rebar release. In this release, the RackN team refined the Digital Rebar control flows introduced in v3.1 based on customer and field experience. These flow are simple to understand, composable to build and amazingly fast in execution.

For example, you can build workflows that handle discovering machines with burn-in and inventory stages that install ssh keys that automatically register themselves for Terraform consumption. Our Terraform provider can then take those machines and make new workflow requests like “install CentOS” and tell me when it’s ready. When you’re finished, another workflow will teardown the system and scrub the data. That’s very cloud like behavior but directly on metal.

These workflows are designed to drive automatic behavior (like joining a Kubernetes cluster), simplify API requests (like target state for Terraform), or prepare environments for orchestration (like dynamic inventory for Ansible). They reflect our design goal to ensure that Digital Rebar integrates upstack easily.

Our point with Digital Rebar is to drive full automation down into the physical layer. By fixing the underlay, our approach accelerates and simplifies orchestration and platform layers above. We’re excited about the progress and invite you take 5 minutes to try our quick start.

Follow the Digital Rebar Community:

Digital Rebar Releases V3.2 – Stage Workflow

Posted on by
Reply

In v3.2, Digital Rebar continues to refine the groundbreaking provisioning workflow introduced in v3.1. Updates to the workflow make it easier to consume by external systems like Terraform. We’ve also improved the consistency and performance of both the content and service.

Note: we are accelerating the release schedule for Digital Rebar with a target of 4 to 6 weeks per release. The goal is to incrementally capture new features in stable releases so there is not a lengthy delay before fixes and features are available.

Here’s a list of features for the v3.2 release.

  • Promoted stage automation to release status in open source – these were RackN content during beta
  • Plugins now include content layers – they don’t require separate content and versioning is easier
  • Feature flags on endpoint and content – allows automation to detect if needed requirements are in place before attempting to use them
  • Improve exit codes from jobs – improves coordination and consistency in jobs
  • Allow runner to continue processing into new installed OS – helps with Terraform handoff and direct disk imaging
  • Add tooling for direct image deploy to sledgehammer – self explanatory
  • Change CLI to use Server models instead of swagger generated code – improves consistency and maintainability of the CLI
  • Machine Inventory (gohai utility) – collects machine information (in Golang!) so that automation can make decisions based on configuration
  • General bug fixes and performance enhancements – this was a release theme
  • Make it easier to export content from an endpoint – user requested feature
  • Improve how tokens and secrets are handed by the server – based on audit

The release of workflow and the addition of inventory means that Digital Rebar v3 effectively replaces all key functions of v2 with a significantly smaller footprint, minimal learning curve and improved performance. One v2 major feature, multi-node coordination, is not on any roadmap for v3 because we believe those use case are well serviced by upstack integrations like Terraform and Ansible.

Follow the Digital Rebar Community:

Podcast with Zach Smith talking Bare Metal and AWS Training Wheels

Posted on by
Reply

Joining this week’s L8ist Sh9y Podcast is Zach Smith, CEO of Packet and long-time champion of bare metal hardware. Rob Hirschfeld and Zach discuss the trends in bare metal, the impact of AWS changing the way developers view infrastructure, and issues between networking and server groups in IT organizations.

Topic                                                            Time (Minutes.Seconds)

Introduction                                                       0.0 – 0.43
History of Packet                                               0.43 – 1:38
Why Public Cloud Bare Metal                         1.38 – 2.10
Price Points Metal vs VM                                 2.10 – 3.08
Intro Compute to Non-Data Center People 3.08 – 4:27
RackN early Customer                                      4.27 – 5.41
Managing non-Enterprise Hardware             5.41 – 7.45
Cloud has forever changed IT Ops                 7.45 – 10.20
Making Hardware Easier                                 10.20 – 12.35
Continuous Integration (CI)                            12.35 – 14.37
Customer Story w/ Terraform                        14.47 – 16.08
SRE, DevOps and Engineering Thinking     16.08 – 16:49
Most extreme Metal Pipelines                        16.49 – 18.02
Coolest New Hardware in Use                        18.02 – 19.28
How order metal and add to data center     19.28 – 22.47
RackN and the Switch                                       22.47 – 24.39
Edge Computing Break Enterprise IT           24.39 – 25.16
DevOps Highlights for Today                          25.16 – 27.01
Post Provision Control in Open Source          27.01 – 30.03
Data Centers in early 2000’s                            30.03 – 31.27
Nov 1 in NYC: Cloud Native in DataCenter   31.27 –  END

Podcast Guest: Zach Smith, CEO Packet

Zachary has spent his last 16 years building, running and fixing public cloud infrastructure platforms.  As the CEO of Packet, Zachary is responsible for the company’s strategic product roadmap and is most passionate about helping customers and partners take advantage of fundamental compute and avoid vendor lockin.  Prior to founding Packet, Zachary was an early member of the management team at Voxel, a NY-based cloud hosting company sold to Internap in 2011, that built software to automate all aspects of hosting datacenters.  He lives in New York City with his wife and 2 young children. Twitter @zsmithnyc

Nov 3 – Weekly Recap of All Things Digital Rebar and RackN

Posted on by
Reply

Welcome to the weekly post of the RackN blog recap of all things Digital Rebar, RackN, SRE, and DevOps. If you have any ideas for this recap or would like to include content please contact us at info@rackn.com or tweet Rob (@zehicle) or RackN (@rackngo)

Items of the Week

Digital Rebar

Join us Tuesday November 7th at 11am PST for our next Digital Rebar Online Community Meetup #4.

Long-time community member going back to the original Project Crowbar days Will Dennis talks with Rob Hirschfeld in in this week’s Podcast about the value of Digital Rebar technology as an operator for a complex lab environment.

Stay in Touch with the Community:

RackN

We released our 2nd White Paper this week: The New Economics for Data Center Infrastructure: RackN Automation Improves Speed and Agility by Reducing Cost and Risk.

Executive Summary

RackN’s mission is to fix the current lack of fast, simple and standard ways to manage fundamental data center infrastructure activities. These include updating server firmware, operating systems and integrating provisioning into application life-cycles. RackN on-premises software integrates easily with existing processes while providing a clear path from home-grown scripting to common best-practices. RackN customers achieve a 10x performance improvement by automating provisioning and orchestration. Like any building activity, a solid foundation makes the entire stack more robust and secure.

Podcast with Bernard Golden

We spoke to Bernard Golden about his recent blog post Edge Computing and the Death of Cloud: Nonsense.

For those of you who prefer to access Podcasts via YouTube, all L8ist Sh9y podcasts are now available at this Playlist.

UPCOMING EVENTS

Rob Hirschfeld and Greg Althaus are preparing for a series of upcoming events where they are speaking or just attending. If you are interested in meeting with them at these events please email info@rackn.com

If you are attending any of these events please reach out to Rob Hirschfeld to setup time to learn more about our solutions or discuss the latest industry trends.

OTHER NEWSLETTERS

Podcast with Bernard Golden talking Edge Computing and the Container Hotel

Posted on by
Reply

Joining this week’s L8ist Sh9y Podcast is Bernard Golden, a long-time tech innovator and visionary and one of the ten most influential people in cloud computing according to Wired.com. Bernard and Rob Hirschfeld discuss the latest blog from Bernard and the impact of Edge Computing and the reality of implementing this concept. We are also introduced to the Container Hotel.

Topic                                                                              Time (Minutes.Seconds)

Introduction                                                                               0.0 – 0.39
Edge Computing Blog                                                             0.39 – 3:35    (Bernard Blog)
Other Non-Control Loop Use Cases                                     3.35 –  7:10
Environmental Computing / IOT                                           7:10 – 9:05
Fallacy of Vendor-based Solutions                                       9:05 – 13:25
How Manage Edge Hardware                                                13:25 – 16:00
Container Hotel                                                                         16:00 – 16:50
No One Cares about Hardware                                              16:50 – 23:40
Cloud Extensions – Not Mini Clouds                                     23:40 – 27:05
Like Cloud but Own Data-Center Can’t Do What I Want   27:05 – 29:55
Wrap-Up                                                                                     29:55 – END

Podcast Guest: Bernard Golden

Bernard Golden is a long-time tech innovator and visionary. Wired.com named him one of the ten most influential people in cloud computing, and his blog has been listed in over a dozen “best of” lists. He is the author/co-author of five books, including Amazon Web Services for Dummies, the best selling cloud computing book ever.

From 2012 to 2015 Bernard served as an executive at two cloud computing software startups: Enstratius (acquired by Dell, 2013) and ActiveState Software (cloud product line acquired by HPE, 2015).

After leaving ActiveState, Bernard began researching and consulting across a number of new technologies, including machine learning, drones, genomics, and 3D printing. One, however, stood out as the next innovation platform that will transform our society: blockchain.

RackN Automation Improves Speed and Agility by Reducing Cost and Risk

Posted on by
Reply

Today, we released our second white paper, The New Economics for Data Center Infrastructure: RackN Automation Improves Speed and Agility by Reducing Cost and Risk. This blog highlights that white paper and provides links for additional information.

Executive Summary

RackN’s mission is to fix the current lack of fast, simple and standard ways to manage fundamental data center infrastructure activities. These include updating server firmware, operating systems and integrating provisioning into application life-cycles. RackN on-premises software integrates easily with existing processes while providing a clear path from home-grown scripting to common best-practices. RackN customers achieve a 10x performance improvement by automating provisioning and orchestration. Like any building activity, a solid foundation makes the entire stack more robust and secure.

Introduction

We believe that scale commodity and edge infrastructure can be fully automated without creating a matching dedicated support staff.

At RackN, our mission is to redefine physical infrastructure automation to make it highly repeatable and widely consumable in the same way that cloud has changed infrastructure.

Simplicity of use, more than any other benefit, is the key operational requirement to achieve our mission. Data centers are necessarily complex, evolving and heterogeneous; consequently, the foundation of all efforts must be simple, fast and flexible. These benefits translate directly into open and reusable best practices because operators can easily understand and share automation. Finding this balance represents a significant engineering investment by the RackN team.

Read the Complete White Paper:  LINK

Get Started with Digital Rebar Provision and RackN today:

Podcast with Will Dennis talking Crowbar to Digital Rebar and BarClamps

Posted on by
Reply

Joining this week’s L8ist Sh9y Podcast is Will Dennis long-time member of the Crowbar community who continues to engage in helping drive Digital Rebar forward. Will is an excellent resource who takes us through the history from Crowbar to Digital Rebar Provision in a way that highlights how the project has changed and why the community scaled back from V2 to the new V3.1.

Topic                                                            Time (Minutes.Seconds)

Introduction                                                   0.0 – 1:12
What drew you to Crowbar?                       1:12 – 4:29
Secret Language                                          3:05 – 3:39
Ansible Add-On                                            4:29 – 5:08
Crowbar v2                                                     5:08 – 6:03
Heterogeneous Infra                                    6:03 – 8:25
v3 – What had to go?                                   8:25 – 11:12
Building Infra White Paper                         11:12 – 12:07
Cobbler Must Die                                         12:07 – 12:34
UNIX Concept                                              12:34 – 13:00
Cobbler Community                                   13:00 – 16:53
DR – Service in a Workflow                       16:53 – 18:42
HashiCorp & Linux Tool Model                 18:42 – 19:28
Upgrades                                                      19:28 – 20:09
Immutability                                                 20:09 – 26:35
Compromise for Immutable                     26:35 – 32:09
Perfect Fit for Digital Rebar                      32:09 – 33:20
3 Requests for DR Project                         33:20 – END

Podcast Guest: Will Dennis

Will Dennis is currently employed as a Senior Systems Administrator at NEC Laboratories America, and has over 25 years of experience in managing, installing, and troubleshooting enterprise computing systems, networks, and software. A lifelong learner, Will enjoys keeping current with both tech and culture in the field of Information Technology. Will can be found online on Twitter as @willarddennis, and thru LinkedIn at https://www.linkedin.com/in/willdennis/

October 27 – Weekly Recap of All Things Digital Rebar and RackN

Posted on by
Reply

Welcome to the weekly post of the RackN blog recap of all things Digital Rebar, RackN, SRE, and DevOps. If you have any ideas for this recap or would like to include content please contact us at info@rackn.com or tweet Rob (@zehicle) or RackN (@rackngo)

Items of the Week

Digital Rebar

Digital Rebar Online Community Meetup #3

Meetup Content:

  • Digital Rebar Provision 3.2 Update
  • Feature Tags
  • Endpoint + UX
  • Demo w/ Virtual Box
  • Community Roundtable

Stay in Touch with the Community:

RackN

This week’s Podcast with David Linthicum, SVP Cloud Technology Partners on a variety of cloud related topics including DevOps, Containers, Edge Computing, etc.

For those interested in Podcasts but prefer to listen via YouTube, we have a new Playlist of all the Podcasts available.

Rishidot Research recently published a profile of the new RackN Beta program, Briefing Notes: RackN Launches in Beta. This document contains a Market Overview, RackN Offering, SWOT Analysis, and Conclusions.

Rishidot provided several key messages in their briefing notes that are worth highlighting:

  • Bare Metal as a Service– offers a better fit for running containers in the enterprise without the overhead of virtualization.
  • Simplification and Choice– by decoupling provisioning, management, and orchestration into distinct layers, RackN allows customers flexibility in choosing orchestration tools already in use
  • Data Center vs Cloud – RackN automation to underlying infrastructure makes datacenter provisioning competitive in a cloud world

Read the Complete Briefing Notes

Disclosure: RackN has hired Rishidot in the past.

UPCOMING EVENTS

Rob Hirschfeld and Greg Althaus are preparing for a series of upcoming events where they are speaking or just attending. If you are interested in meeting with them at these events please email info@rackn.com

If you are attending any of these events please reach out to Rob Hirschfeld to setup time to learn more about our solutions or discuss the latest industry trends.

OTHER NEWSLETTERS

Five ways I’m Sad, Mad and Scared: the new critical security flaw in firmware no one will patch.

Posted on by
Reply

There is new security vulnerability that should be triggering a massive server fleet wide upgrade and patch for data center operators everywhere.  This one undermines fundamental encryption features embedded into servers’ trusted platform module (TPM).   According to Sophos.com, “this one’s a biggie.”

Yet, it’s unlikely anyone will actually patch their firmware to fix this serious issue.

Why?  A lack of automation.  Even if you agree with the urgency of this issue,

  1. It’s unlikely that you can perform a system wide software patch or system re-image without significant manual effort or operational risk
  2. It’s unlikely that you are actually using TPM because they are tricky to setup and maintain
  3. It’s unlikely that you have any tooling that automates firmware updates across your fleet
  4. It’s unlikely that you have automation to gracefully roll out an update that can coordinate BIOS and operating system updates
  5. Even if you can do the above (IF YOU CAN, PLEASE CALL ME), it’s unlikely that you can coordinate updating both patching the BIOS and re-encrypting/rotating the data signed by the keys in the TPM

Being able to perform actions should be foundational; however, I know from talking to many operators that there are serious automation and process gaps at this layer.  These gaps weaken the whole system because we neither turn on security features embedded in our infrastructure nor automate ways to systematically maintain them.

This type of work is hard to do.  So we don’t do it, we don’t demand it and we don’t budget for it.

Our systems are way too complex to expect issues like this to be improved away by the next wave of technology.  In fact, we see the exact opposite.  The faster we move, the more flaws are injected into the system.  This is not security problem alone.  Bugs, patches and dependencies cause even more system churn and risk.

I have not given up hoping that our industry will prioritize infrastructure automation so that we can improve our posture.  I’ve seen that fixing the bottom layers of the stack makes a meaningful difference in the layers above.  If you’ve been following our work, then you already know that is the core of our mission at RackN.

It’s up to each of us individually to start fixing the problem.  It won’t be easy but you don’t have to do it alone.  We have to do this together.