While debugging an Ansible playbook, I tweeted about variable precedence: https://twitter.com/andyhky/status/734859666337861633 Through that tweet I learned how to spell mnemonic AND I got a recommendation to buy Mastering Ansible. This blog post is a quick review of Mastering Ansible. Overall, I enjoyed the book’s format more than anything else. The flow of objective/code/screenshot really made the concepts gel (using herp/derp in examples is a close second!). I’m an advanced Ansible user (over 3 years), and this book still showed me new parts of Ansible....

Rolling deployments is well covered in the Ansible Docs. This post is about using those rolling deployments patterns but with F5 Load Balancers. These techniques use the F5 modules require BIG-IP software version >= 11 and have been tested with Ansible 1.9.4. There are a couple of things to examine before doing one of these deployments: Preflight Checks Ansible’s pre_tasks / post_tasks Preflight Checks If you’re using a pair of F5s for High Availability, consider having a preflight check play to ensure your configurations are in sync and determine your primary F5:...

FlowBAT is a graphical flow based analysis tool. FlowBAT is a very snappy UI which wraps flow collection software called SiLK. My interests with FlowBAT and SiLK are around using Open vSwitch to push sFlow data to SiLK and FlowBAT to quickly query that data. Hopefully I’ll get around to posting about OVS, sFlow, SiLK and FlowBAT. While I was getting started with FlowBAT (and SiLK) I saw there weren’t any ansible roles for either component....

I’ve seen a couple of automated remediation tools get some coverage lately: FBAR Stack Storm And both have received interesting threads on Hacker News. One HN commenter that stood out (bigdubs): I don’t like being the voice of the purist in this, but this seems like a bandaid on a bullet wound. For most of the cases where this would seem to be useful there is probably a failure upstream of that usage that should really be fixed....

Over a year ago, I left San Antonio and started working from home in Lexington, KY. ( previously) AV Tools Microphone: Still very happy with the Meteor microphone. Camera: Purchased a Logitech HD Portable 1080p Webcam C615 with Autofocus. Works with OSX 10.9.4 well enough. The only pains were reconfiguring various VC software to use the new camera. Hangouts users, beware: every Flash update you must to set your non-default video/mic....

LLDP is a wonderful protocol which paints a picture of datacenter topology. lldpd is a daemon to run on your servers to receive LLDP frames outputs network location and more. There’s also a recently patched lldp Ansible module. Like all tools, using LLDP/lldpd has had some issues. Here’s the ones I’ve seen in practice, with diagnosis and resolution: Switch isn’t configured to send LLDP frames Diagnosing: [code] tcpdump -i eth0 -s 1500 -XX -c 1 ’ether proto 0x88cc' [/code]...

Recently, I began a deep dive into more SDN and OpenFlow. Overall I was very happy with the process and quality of the material out there for newcomers. However, I noticed a gap when I hit my first stumbling block. I set up a mininet instance, noticed it was running Open vSwitch (OVS) v2.0. I needed a newer version of OVS, and turfed the mininet instance while the upgrading OVS. It quickly became apparent that I needed a repeatable development environment setup....

There’s a few good posts out there about Graphite Events with how and why to use them. Earlier I was trying to add events to Graphite but ran into an issue: my events used a timestamp in the past. The examples I found only showed publishing events with a ’now’ timestamp. I went digging and found the extension of Graphite to add events - the functionality exists. Just add a ‘when’ to your payload with a Unix timestamp....

Capacity Management/Provisioning (Cloud’s full, Can’t build here) - Video, Slides As a service provider, Rackspace is constantly bringing new OpenStack capacity online. In this session, we will detail a myriad of challenges around adding new compute capacity. These include: planning, automation, organizational, quality assurance, monitoring, security, networking, integration, and more. Managing Open vSwitch Across a Large Heterogenous Fleet - Video, Slides Open vSwitch (OVS) is one of the more popular ways to provide VM connectivity in OpenStack....

Recently I got to work with the NSX API and write a tool to do a quick health check of NSX networks. nsxchecker is a valuable operational tool to quickly report a NSX network’s health. One of the promises of SDN is automated tooling for operational teams and with the NSX API I was quickly able to deliver. nsxchecker accepts a NSX lswitch UUID or a neutron_net_id. Rackspace’s Neutron plugin, quark, tags created lports with a neutron_net_id....