Skip to content →

Month: November 2017

Are you exhausted? IPv4 almost is — let’s setup an IPv6 lab for Kubernetes

It’s no secret that there’s the inevitability that IPv4 is becoming exhausted. And it’s not just tired (ba-dum-ching!). Since we’re a bunch of Kubernetes fans, and we’re networking fans – we really want to check out what we can do with IPv6 with Kubernetes. Thanks to some slinky automation by my colleague, Feng Pan, contributed to kube-centos-ansible, he was able to implement some creative work by leblancd. In this simple setup today, we’re going to deploy Kubernetes with custom binaries from leblancd and have two pods (ideally on different nodes) ping one another with ping6 and declare victory! In the future let’s hope to iterate on what’s necessary to get IPv6 functionality in Kubernetes.

Comments closed

Automated TripleO upgrades

Upgrading TripleO can be a hard task. While there are instructions on how to do it manually, having a set of playbooks that automate this task can help.With this purpose, I’ve created the TripleO upgrade automation playbooks (https://github.com/redhat-nfvpe/tripleo-upgrade-automation).Those are a set of playbooks that allow to upgrade an existing TripleO deployment, specially focused on versions from 8 to 10, and integrated with local mirrors (https://github.com/redhat-nfvpe/rhel-local-mirrors) In case you want to know more, please visit the tripleo-upgrade-automation project on github, and you’ll get instructions on how to properly use this repo to automate your upgrades.

Comments closed

AWX: The Poor Man’s CI?

I’m just going to go ahead and blame @dougbtv
for all my awesome and terrible ideas. We’ve been working on several
Ansible playbooks to spin up development
environments; like
kucean.

Due to the rapid development nature of things like Kubernetes, Heketi,
GlusterFS, and other tools, it’s both possible and probable that our playbooks
could become broken at any given time. We’ve been wanting to get some continous
integration spun up to test this with Zuul v3
but the learning curve for that is a bit more than we’d prefer to
tackle for some simple periodic runs. Same goes for Jenkins
or any other number of continous integration software bits.

Enter the brilliantly mad mind of @dougbtv. He wondered if AWX (Ansible Tower)
could be turned into a sort of “Poor Man’s CI”? Hold my beer. Challenge
accepted!

Comments closed

Deploying AWX to OpenStack RDO Cloud

Recently I’ve been playing around with AWX (the upstream, open source code base
of Ansible Tower), and wanted to make it easy to deploy. Standing on the
shoulders of giants (namely @geerlingguy)
I built out a wrapper playbook that would let me easily deploy AWX into a VM on
an OpenStack cloud (in my case, the RDO Cloud). In this blog post, I’ll show
you the wrapper playbook I built, and how to consume it to deploy a development
AWX environment.

Comments closed

Security hardened images with volumes

Starting to apply since Queens This article is a continuation of http://teknoarticles.blogspot.com.es/2017/07/build-and-use-security-hardened-images.html How to build the security hardened image with volumes Starting since Queens, security hardened images can be built using volumes. This will have the advantage of more flexibility when resizing the different filesystems. The process of building the security hardened image is the same as in the previous blogpost. But there have been a change in how the partitions, volumes and filesystems are defined. Now there is a pre-defined partition of 20G, and then volumes are created under it. Volume sizes are created on percentages, not in absolute…

Comments closed