rkt - yet emerging container runtime

Containers are taking the IT world by storm, instead of re-inventing the wheel, CoreOS wants to offer the next-generation open source app container runtime, designed for security, simplicity and composability. But above all, they want to play fair with the ecosystem by ensuring it is built on common open standards and use what’s readily available like systemd and Kubernetes. rkt is written in Go, it compile to a single static binary, so it is easily portable to any modern system, for the rest read on.

MCP Cookbook - Ceph

In the last few articles, I’ve detailed the workflow to deploy Mirantis Cloud Platform (aka MK now MCP) based on Mirantis OpenStack and a Reclass Model Driven Architecture (MDA). But you may want to use a different backend for storage then our standard MCP one, the reference Cinder LVM ISCSI Driver. In this MCP cookbook article, I’ll guide you step by step, to use Ceph as your storage backend for Glance (Images), Cinder (Volumes) and Nova (Guest Disks). You can use any of these options alone or combined.

Using Salt with reclass

Now that data center are software driven, it is crucial to have a single source of truth, a kind of know all inventory about your resources, your nodes, their functions and their associated parameters, which describe everything and store it in a single location. Welcome reclass which use Class inheritance to define nodes roles and avoid duplication by gathering all important datacenter parameters in a central location. All of this will then be used by your automation tools like Salt, Ansible or Puppet to bootstrap your infrastructure as a software. In other words, reclass can be classified as a hierarchical inventory management solution. Let see how we could use it with Salt.

Salt Formulas

Always reinventing the wheel doesn’t pay off most of the time, so telling Salt what to do by creating Salt States again and again to install application components isn’t really efficient. Instead Salt Formulas brings convention and a bit of magic, and offer reusable bundles which package altogether all the necessary piece to automate a specific task, like deploying etcd, a distributed key value store cluster, which we will take as an example in this article.

About SaltStack

The amazing world of configuration management software is really well populated these days. You may already have looked at Puppet, Chef or Ansible but that’s not all of it, today we focus on SaltStack. Simpicity is at its core without any compromise on speed or scalability. Some users have up to 10.000 minions or more. Salt remote execution is built on top of an event bus which makes Salt unique.

Kubernetes by Ansible

Kargo (a.k.a Kubespray) is an initiative to deploy a Kubernetes cluster using Ansible. It will contrast with our previous Step by Step article by showing that we can deploy a cluster with a single command, a bit like the newly integrated SwarmKit feature announced in Docker 1.12 docker swarm init.

Kubernetes step by step

Tectonic from CoreOS is an enterprise-grade Kubernetes solution which simplifies management operation of a k8s environment by leveraging CoreOS, fleet, Rkt and Flannel. In this article we’ll manually build a cluster of three CoreOS nodes on top of VMware Fusion to see how all of this fits together.

About Kubernetes

For years Google is driving its infrastructure using containers with a system named Borg, they are now sharing their expertise with an Open Source container cluster manager named Kubernetes (or helmsmen in ancient greek) abreviated k8s. Briefly said Kubernetes is a framework for building distributed systems.

Release 1.0 went public in July 2015 and Google created at the same time, in partnership with the Linux Foundation, the Cloud Native Computing Foundation (CNCF).

If you want to know more, read on.

Mirantis OpenStack 7.0 - Contrail 3.0 Fuel Plugin

Software Defined Networking (SDN) is often qualified as immature and tagged as complicated. Amongst the many solution available on the market, some of them can do a tremendous job of decoupling physical networking from logical networks used by cloud consumers. It then empower end users to deploy whatever architecture they need on their own. So deploying OpenStack without making sure to tackle the networking requirements of your team could be a recipe for failure.

In this article we’ll show you one way to address such a SDN requirement by showing you, step by step, the way to deploy Juniper Contrail 3.0 on top of Mirantis OpenStack 7.0 (Kilo).

Mirantis OpenStack 7.0 - LDAP Fuel Plugin

In the Enterprise world, user authenticates over an Lightweight Directory Access Protocol (LDAP) most of the time. Openstack Keystone, the identity service, integrates natively with LDAP directories for authentication and authorization services. The configuration of Keystone can be automated using Mirantis LDAP Fuel Plugin.

This article is a step by step guide to integrate Keystone to OpenLDAP but any other LDAP directory including Active Directory could do a perfect job too.

Mirantis OpenStack 7.0 - Node Groups

In large datacenters it’s common for each rack to live in its own broadcast domain. Fuel allows to deploy nodes on different networks by leveraging its Node Groups functionnality. In this article we’ll details the required steps to make this possible using Mirantis OpenStack 7.0 and we’ll also review Node Groups support improvements coming in MOS 8.0.

Mirantis OpenStack 7.0 - Reduced Footprint

Mirantis OpenStack 7.0 got released few days ago and brings OpenStack Kilo and lots of innovation. I’m happy to share with you today a really nice feature, Reduced Footprint offers a way to deploy OpenStack on a small footprint as its name implies, two servers would be a good start. But three servers are still the bare minimum to achieve control plane HA.

Fuel will start by deploying a KVM node and then instantiate VMs to deploy OpenStack Controller within it. Fuel can also move itself to the same KVM hypervisor to free up one more physical node. In the end you’ll have a controller and fuel running on one machine, and the other bare metal server will be used as a compute node. That’s exactly the objective of this article so lets get started.

OpenStack Load Balancing as a Service (LBaaS)

Imagine if you could easily get a virtual load balanced IP address for your fleet of web servers hosted on OpenStack as soon as you need it without having to wait for the networking team who’s managing the hardware load balancer to handle your request ?

That’s exactly what OpenStack Neutron is offering with its Load Balancing as a Service (LBaaS) technnology which first appeared as an experimental feature in the Grizzly release. It’s built on the same model as the Network as a Service solution, an OpenStack operator can choose whatever load balancing technology which provides an OpenStack Neutron driver. Major load Balancing players like F5 or Citrix offers or will offer LBaaS Neutron drivers. I don’t have such devices in my backyard, so I’ll use the Open Source reference implementation instead (HAproxyNSDriver), based on HAProxy and supported by a french company headquartered in Jouy-en-Josas by the way ! To make things even simpler, I’ll also leverage the Mirantis OpenStack Fuel Plugin for LBaaS which makes installing and configuring LBaaS a breeze.

NSX vSphere 6.1.3 on vSphere 6

VMware released on march 23rd NSX-v 6.1.3 which now support vSphere 6.0. I was waiting for this release to upgrade my Bulb lab to the latest and greatest, so here am I. In this article, I’ll describe the upgrade process. I’ll start by upgrading NSX to 6.1.3 and continue on by upgrading vCenter Appliance to 6.0. I’m eager to get the latest improvement that both vSphere 6.0 and NSX 6.1.3 offers.

Ubuntu Core (Snappy) on OpenStack / vSphere

For years a big gap existed between embedded OS for smartphone and server operating system. Mark Shuttleworth and his team have been working for quite some time on optimizing their Ubuntu operating system for the smartphone world. Beginning of december, they’ve announced a new transactionnally updated version of Ubuntu optimized for the cloud, the result of their years of working for the embedded world. Snappy is a minimal server image where applications can be upgraded and rolled back atomically. It’s not the only similar initiative, it started with CoreOS, a reachitected Linux OS to run modern infrastructure stacks, but RedHat is also trying to keep up with project Atomic. Snappy can be used to run Docker containers but not only, it’s one of the main differentiator of Canonical solution.

Unfortunately Canonical doesn’t offer a VMDK version of their Snappy technology, which we need to deploy it on our OpenStack vSphere environment. This article we’ll show you how to proceed then.

Python 3.4 and pyvenv

As you’ll see in the following Python Enhancement Proposal (PEP–0453) article, Python 3.4 brings pip and pyvenv by default which is a great move to simplify Python dependencies management by offering a pre-built standard to download and install Python Modules and easily build virtual Python environments. In this article I’ll details how to install Python 3.4.2 from source and I’ll show you how to use pyvenv and pip.

Bulb lab

For quite some time, I’ve been using a lab based on 1U rackable servers, it was ok but far from perfect. First of all, it consume a fair share of power, generate lots of heat, so it’s really really noisy. Maximum amount of RAM is also an issue with only 16GB supported. So beginning of this year I started the buildout of a new lab with the objective of reducing noise level to around 40 dB, support up to 64 GB RAM per node and simplify things even further by using VMware distributed storage (vSAN) technology. So let me introduce to my newly built Bulb Lab.

Bulb lab

ISC DHCP server deployment with Ansible

Over the last few weeks I built a new home lab based on the Supermicro A1SAi–2750F motherboard. Instead of manually configuring the required infrastructure services like DNS, NTP, OpenVPN and DHCP, I’m using Ansible to do all of it, in an easy and repeatable fashion. As a reminder Ansible is a YAML based configuration management tool, it’s agentless, use SSH as a communication medium. It’s simple and efficient. Read our intro article for more details. In this article I’ll details how to install a ISC DHCP server using Ansible. ISC DHCP is production-grade software that offers a complete solution for implementing DHCP servers, relay agents, and clients for small local networks to large enterprises.

NSX vSphere troubleshooting

Last week we reviewed all the tips & tricks to troubleshoot Open vSwitch and OpenStack Neutron. NSX vSphere (NSX-v) is a different beast, mostly because it leverage VMware Distributed Switch (VDS) instead of Open vSwitch. As a cheatsheet, I’m gathering all the CLI to troubleshoot it over here, for easy cut & past, some commands are damn long. But wait don’t forget the tab completion on our NSX CLI, it’s pretty nice ;) But you have to know where to start, hope this helps.

VMware NSX 4.x on RHEL OpenStack Platform 5.0

Redhat announced a month ago OpenStack Platform 5.0 which officially support VMware NSX 6.0 and vSphere 5.5. In our lab today, we’ll deploy this OpenStack distribution and connect it to NSX and vSphere to see how easy it is and if everything works as expected. By the way it’s not, so beware, this article is just a preview of what’s coming. If you want to reproduce the same setup, you’ll have to wait until VMware officially support RedHat 7.0. This article will be updated accordingly when it will be publicly available.


Summer is a great period to find ways to improve your workflow a bit. One great little tool in this category is Byobu from Dustin Kirkland, it’s a light, text-based window manager which allow you to detach/reattach to session and quickly create and move between different windows over a single SSH connection. It improve on the idea of previous tools like Tmux or GNU Screen but with a simpler approach.


I’ve been playing with cheatsheets for years, it all started when I studied mathematics. I still have few booklets back from university. I love cheatsheet to tell you the truth, the one thing I love the most is to reduce as much as possible the paper estate taken by information. I have the impression to memorize everything easily when I shrink it. Computers have changed that radically, back when the first programmable calculators appeared on the market, the first digital cheatsheet appeared. It was the beginning of a long story which bring us today to Cheat . A small Python command line program that will be on your side when for god sake you completely forgot the options to block a port using iptables or how to quickly share a file thru HTTP using Python, etc…


Ansible seems to be the simplest tool to centrally manage systems of any kind, Docker containers, AWS, Google Compute, Rackspace, OpenStack instances, VMware VMs, etc… There isn’t any dependencies on the managed system apart from Python 2.6. Ansible isn’t using any database or daemon and won’t install anything on the managed system, all operations are executed using SSH.

In this article, I’ll details how to install it will introduce the main concepts and terminologies. You’ll then understand why companies like Evernote, Twitter, Nasa, Rackspace or Atlassian are all using this Configuration Management, deployment and orchestration tool Compared to other solutions like Chef, Puppet or SaltStack, Ansible is designed to be minimal in nature with low learning curve.

Last but not least, Ansible seems to be inspired by Ursula K. Le Guin communication device capable of instantaneous or superluminal communication.

VMware NSX 4.0 - components intallation and KVM lab

In this article we will review all the steps required to deploy NSX 4.0 a Network Virtualisation offering from VMware. We will nest this lab within an OpenStack cloud but you can run the lab anywhere else where you can launch VMs, including vSphere, Virtual Box or VMware Fusion.

chruby on Mac OS X

Ruby is an important tool to have around, Mac OS X already comes bundled with it, but sometimes you need a different version. Mavericks now comes with Ruby 2.0.0-p195, any previous ones comes with 1.8.7 which is very close to end of life. There are lots of alternative to install multiple version of Ruby on your workstation, rvm or rbenv works well for this job but Postmodern have another angle to this problem. Quite similar to the Arch Linux Kiss (Keep It Simple, Stupid) philosophy, chruby is a deadly simple tool to do just that by updating the environment variables: $RUBY_ROOT, $RUBY_ENGINE, $RUBY_VERSION, $GEM_ROOT, $GEM_HOME, $GEM_PATH and $RUBYOPT in just 90 lines of codes. Let’s details how you can install it on your Mac.

Chef for OpenStack

Matt Ray is the community manager of a project at Chef (formerly Opscode) to unify all efforts around building up Chef Cookbooks for OpenStack deployment. For quite some time lots of people were forking the repository from Rackspace, it created a lot of fragmentation, so Matt is now gathering all around the StackForge repository where everyone can contribute. AT&T, Dell, Dreamhost, Gap, HP, HubSpot, IBM, Korea Telecom, Rackspace, SUSE amongst others are already contributing to this project. In this article we will detail how you can use them to deploy OpenStack on your environment.

Deploying Ceph using Crowbar 2.0

For quite some time now the Crowbar team have been refactoring their cloud unboxer solution. It is is not yet ready for public consumption, but if you want to see what they’ve got, it’s already possible. Victor Lowther have just released the first CB20 compatible workload which is Ceph, a distributed storage solution from Inktank. This article will build up on the previous one which details the process of building a Crowbar ISO, let see how it differs if you want to see the latest and greatest of Crowbar 2.0. If you really don’t know what we are talking about, just start from the beginning.

Building your own Crowbar ISO for OpenStack Havana

Crowbar, a great cloud unboxer, is currently evolving at a rapid pace, if you want to see the latest and greatest thing without waiting any longer, you can build your own Crowbar ISO. In this article we’ll show you how to do just that using the Roxy branch which is supposed to support OpenStack Havanna. We will suppose you aren’t planning to contribute to the code, so we won’t use our any personalized Git repository. If you don’t know what’s Crowbar, it’s platform for server provisioning and deployment from bare metal. But if you want to see how it could be used to deploy OpenStack, read our previous article.

Opscode Chef 101

Chef is an outstanding Ruby based configuration management system. It’s main reason for existance is to automate your infrastructure. It will help you bring your application to life, including all the dependencies like web and app servers, load balancers, dns, ntp, just to name a few. You’ll find hundreds of pre-built cookbooks on the Community web site. If you want to learn Chef the best starting point is the LearnChef web site. Today, we will show you how to quickly setup a Chef infrastructure easily step by step.

Deploying OpenStack Grizzly using Fuel 3.0

If you tried to deploy OpenStack by yourself there a huge probability it failed and you may have given up after multiple unsuccessful tries. Some Linux distribution like Redhat or Suse are packaging everything for you to make things easy but today we’ll look at another alternative from Mirantis a company that just got a new round of financing from Redhat, SAP Ventures and Ericsson. This company offers an easy way to build up an OpenStack cloud environment, Fuel 3.0.

VMware Infrastructure Navigator-2.0

VMware Infrastructure Navigator is a component of vCenter Operations Suite, it’s an application awareness plug-in to the vCenter Server that provides continuous dependency mapping of applications. Infrastructure Navigator offers application context to the virtual infrastructure administrators to monitor and manage the virtual infrastructure inventory objects and actions. Administrators can use Infrastructure Navigator to understand the impact of the change on the virtual environment in their application infrastructure. This article is a condensed howto about installing and configuring VIN version 5.6, released November 29, 2012.

VMware Single Sign-On and vCenter 5.1 Deployment Deep Dive

When VMware released version 5.1 of their cloud infrastructure suite namely vCloud Suite, end of August 2012, vCenter 5.1 integrated an advanced Single Sign-On mechanism to easily login to most components of the suite, let’s review the technical background involved. Justin King is part of VMware technical marketing team, he presented the latest innovations with a particular focus on SSO.

Oh My Zsh!

It’s for sure not the first or the last cooking article about Oh My Zsh!, but if you don’t know it, just try it, you’ll understand why so much people are blogging about it. So let’s start by the official description. It’s a community-driven framework initiated by Robby Russel for managing your zsh configuration. It includes 40+ optional plugins (rails, git,OSX, hub, capistrano, brew, ant, macports, etc), over 80 terminal themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community. Looks great isn’t it ? So let’s digging it !


vCenter Operations Management Suite is a solution to easily get an high level overview of the Health, Risk and Efficience of a virtual datacenter. This latest release integrates with VMware Infrastructure Navigator which will give you an insight of all the applications deployed within your VMs as well as their inter-dependencies. vCops now also integrates with vCenter Configuration Manager with a fourth supermetric called Compliance. This is a condensed howto about installing and configuring vCops version 5.6, released November 29, 2012.


nanoc is a tool that runs on your local computer and compiles documents written in formats such as Markdown, Textile, Haml,… into a static web site consisting of simple HTML files, ready for uploading to any web server.