1s & 0s-Current Trends in DC Networking - CoreOS

that1guy15 · May 17, 2017, 06:02:23 PM

Current Trends in DC Networking - CoreOS

Now that the network side of this series is complete we can move onto the servers. Containers and micro-services are all the rage these days and continuing to grow in popularity. When virtualization took over the data center we saw a shift in many aspects of data center server and application management. We even started to see a shift in how networks were designed and networking logic started
Source: Current Trends in DC Networking - CoreOS

From http://blog.movingonesandzeros.net/

that1guy15 · May 18, 2017, 10:55:41 AM

So with this part of the series, I am getting into stuff I dont know much about. Even though I have work with Linux and servers my whole career I have never been a full blown *nix server engineer.

Im gonna try to approach the rest of this series from a network standpoint but I will be jumping into server stuff. So if anyone has comments, corrections or insight I am missing please feel free to share.

This is a massive learning exercise for me.

deanwebb · May 18, 2017, 02:19:42 PM

Please do not forget to have security in there. Don't be *that* sysadmin.

that1guy15 · May 18, 2017, 02:23:15 PM

Quote from: deanwebb on May 18, 2017, 02:19:42 PM
Please do not forget to have security in there. Don't be *that* sysadmin.

oh dont worry. Security is built into it by default since its containers they are isolated and NAT is used to masquerade the actual IP of the container. What else could you need

but just to keep it simple login is root/password. Dont want to go overboard on security yah know. Gotta be able to "use" the boxes

deanwebb · May 18, 2017, 02:38:26 PM

Noted, you do want to use them, but in containers, the account used in the container will have rights outside of the container. Therefore, don't use root on a container.

I read that in an OReilly book on container security. Glad I did!

icecream-guy · May 19, 2017, 07:41:57 AM

nuthin' like jumping in neck deep to increase the learning curve exponentially.

icecream-guy · May 19, 2017, 07:42:45 AM

Quote from: ristau5741 on May 19, 2017, 07:41:57 AM
nuthin' like jumping in neck deep to increase the learning curve exponentially.

or is that decrease the learning curve?

wintermute000 · May 19, 2017, 08:35:02 AM

are you going to cover network onramp topologies with various container systems (docker, kub etc.) i.e. how to get into the docker containers and then how to get into whatever crazy overlay networks they setup amongst each other?

that1guy15 · May 19, 2017, 10:52:38 AM

Quote from: wintermute000 on May 19, 2017, 08:35:02 AM
are you going to cover network onramp topologies with various container systems (docker, kub etc.) i.e. how to get into the docker containers and then how to get into whatever crazy overlay networks they setup amongst each other?

Yes, maybe... should???

Its hard to say how this will play out as Im flying by the seat of my pants with this. Here is what Im thinking but I welcome feedback and suggestions.

-Get CoreOS up and running on the 3 servers in the topology.
-Intro and Install of Docker and swarm
- How swarm does network and VXLAN
-CoreOS ETCD cluster w/ Kubernetes setup
-Automate this with Ansible or something. not sure.
-Role automation in with the Ansible network stuff already built.

wintermute000 · May 19, 2017, 11:47:53 PM

that would be a nice primer for sure if you can manage all that!

Though really its no longer intro to CoreOS.... its intro to containers point blank :p

that1guy15 · May 20, 2017, 10:24:37 PM

Quote from: wintermute000 on May 19, 2017, 11:47:53 PM
that would be a nice primer for sure if you can manage all that!

Though really its no longer intro to CoreOS.... its intro to containers point blank :p

There is no gentle way into CoreOS. Just keep reinstalling until it works