Friday, February 16, 2018

Xen Orchestra 5.16



----
Xen Orchestra 5.16
// Xen Orchestra

Xen Orchestra 5.16

First release of the year. And it's already awesome!

Side news: guess what? XCP-ng, the free/libre alternative to XenServer is now on Kickstarter! Read more on the XCP-ng blog post.

Performance alert plugin

Keep an eye on your infrastructure usage: set CPU or memory limits for your hosts or your VMs, and never stay in the dark on what's happening.

And as usual, it's pretty easy to configure!

Xen Orchestra 5.16

Read more about this feature in our dedicated blog post: monitor your XenServer with performance alert plugin!

Self-service usage

A user of a self-service is now able to see more data on its own usage. Very useful for your dev teams, or your customers!

Quotas

The user is able to see it's quota more easily: no need to create a new VM to see it, the use just has to be into "Dashboard" view to see it:

Xen Orchestra 5.16

Visualizations

But this is also the opportunity to let your users explore their resource usage in depth. Indeed, we added visualizations and stats tabs:

Xen Orchestra 5.16

Add virtual interface

A self-user can add a new network interface itself, only on the authorized networks:

Xen Orchestra 5.16

Add an existing VM into a self

It's been a while people asked for that :) An admin can add an existing VM into a self-service, refreshing the quota to reflect the new usage resources!

Xen Orchestra 5.16

Health view per pool

As an admin, your whole XenServer health infrastructure is displayed, in the current dashboard/health view. We added a select if you want to narrow numbers on one specific pool. Or even on multiple pools at once (excluding maybe dev infrastructure!). Here is a result for a specific test pool:

Xen Orchestra 5.16

Ghost tasks fixed

This one is really a GREAT step forward in XO: for a long time ago, we had an issue of ghost tasks. Basically, this is an issue on how XenServer API is handling task object. If you restart the toolstack, we never get the message that tasks were destroyed. So we kept them, despite they aren't here anymore.

Frankly, we aren't able to find a net solution for this. Until we had a discussion with a XAPI engineer (thank you Jon Ludlam ;) ) about a undocumented field, giving the number of objects of each class everytime. This allowed us to make cache invalidation: if you task number is not the same than XenServer pool, we'll decide to remove our "local" tasks and re-fecth the remote ones.

And that's it! Say goodbye to ghost tasks!

Xen Orchestra 5.16

Autopatching skips 7.3

You probably know that XenServer 7.3 removed a lot of free features. And this latest XS release is also distributed as a patch. Because we recommend to patch from the pool view of XO, this also installed the 7.3 "patch", finally updating your 7.2 to 7.3.

And this is probably something you didn't want. Right now, you can install all pool patches without fear of being udate to 7.3, because we simple skip the patch!

Xen Orchestra 5.16

News on backup front

We are still improving multiple things related to backup:

  • better concurrency
  • more live reports on what's going on
  • enhanced capabilities (multi-remote…)
  • and so on (more details here)

If you want to test our improved concurrency algorithm, please comment, we'll give you a version of xo-server with it!


----

Read in my feedly


Sent from my iPhone

XCP-ng on tracks



----
XCP-ng on tracks
// Xen Orchestra

XCP-ng on tracks

The first XCP-ng proof-of-concept is working. The future is open.

You can read more about it here: https://xcp-ng.github.io/news/2018/01/22/xcp-ng-on-tracks.html

In short: we managed to validate the feature check removal, but also added a RPM repo to get the packages without using any supplemental pack install. The road to the first XCP-ng release is open!

Don't forget to register here to get latest news about XCP-ng project into your inbox!

What's next?

A crowdfunding campaign will be opened soon, giving the opportunity for everyone to contribute :) 2018 will be the year of Open Source and community backed version of XenServer!

XCP-ng on tracks


----

Read in my feedly


Sent from my iPhone

Introducing the XG-7100 1U pfSense Security Gateway Appliance



----
Introducing the XG-7100 1U pfSense Security Gateway Appliance
// Netgate Blog

You might have heard about our new XG-7100 1U pfSense® Security Gateway Appliance. It was mentioned in our February newsletter. For a quick synopsis, read on…


----

Read in my feedly


Sent from my iPhone

What’s new in CloudStack 4.11?



----
What's new in CloudStack 4.11?
// CloudStack Consultancy & CloudStack...

Version 4.11 of Apache CloudStack has been released with some exciting new features and a long list of improvements and fixes. It includes more than 400 commits, 220 pull requests, and fixes more than 250 issues.  This version has been worked on for 8 months and is the first release of the 4.11 LTS releases, which will be supported until  1 July 2019.

We've been heavily involved in this release at ShapeBlue; our engineering team has contributed a number of the major new features and our own Rohit Yadav has been the 4.11 Release Manager.

As well as some really interesting new features, CloudStack 4.11 has significant performance and reliability improvements to the Virtual Router.

This is far from an exhaustive list, but here are the headline items that we think are most significant.

New Features and Improvements

  • Support for XenServer 7.1 and 7.2, and improved support for VMware 6.5.
  • Host-HA framework and HA-provider for KVM hosts with and NFS as primary storage, and a new background polling task manager.
  • Secure agents communication: new certificate authority framework and a default built-in root CA provider.
  • New network type – L2.
  • CloudStack metrics exporter for Prometheus.
  • Cloudian Hyperstore connector for CloudStack.
  • Annotation feature for CloudStack entities such as hosts.
  • Separation of volume snapshot creation on primary storage and backing operation on secondary storage.
  • Limit admin access from specified CIDRs.
  • Expansion of Management IP Range.
  • Dedication of public IPs to SSVM and CPVM.
  • Support for separate subnet for SSVM and CPVM.
  • Bypass secondary storage template copy/transfer for KVM.
  • Support for multi-disk OVA template for VMware.
  • Storage overprovisioning for local storage.
  • LDAP mapping with domain scope, and mapping of LDAP group to an account.
  • Move user across accounts.
  • Support for "VSD managed" networks with Nuage Networks.
  • Extend config drive support for user data, metadata, and password (Nuage networks).
  • Nuage domain template selection per VPC and support for network migration.
  • Managed storage enhancements.
  • Support for watchdog timer to KVM Instances.
  • Support for Secondary IPv6 Addresses and Subnets.
  • IPv6 Prefix Delegation support in basic networking.
  • Ability to specific MAC address while deploying VM or adding a NIC to a VM.
  • VMware dvSwitch security policies configuration in network offering
  • Allow more than 7 NICs to be added to a VMware VM.
  • Network rate usage for guest offering for VRs.
  • Usage metrics for VM snapshot on primary storage.
  • Enable Netscaler inline mode.
  • NCC integration in CloudStack.
  • The retirement of the Midonet network plugin.

UI Improvements

  • High precision of metrics percentage in the dashboard:
  • Event timeline – filter related events:

  • Navigation improvements between related entities:
  • Bulk operation support for stopping and destroying VMs (note: minor known issue where manual refresh required afterwards):
  • List view improvements and additional columns with state icon:






Structural Improvements

  • Embedded Jetty and improved CloudStack management server configuration.
  • Improved support for Java 8 for building artifacts/modules, packaging, and in the systemvm template.
  • New Debian 9 based systemvm template:
    • Patches system VM without reboot, reduces VR/system VM startup time to few tens of seconds.
    • Faster console proxy startup and service availability.
    • Improved support for redundant virtual routers, conntrackd and keepalived.
    • Improved strongswan provided VPN (s2s and remote access).
    • Packer based systemvm template generation and reduced disk size.
    • Several optimization and improvements.

Documentation and Downloads

The official installation, administration and API documentation can be found below:
http://docs.cloudstack.apache.org 

The 4.11.0.0 release notes can be found at:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.11.0.0 

The instruction and links to use ShapeBlue provided (noredist) packages repository can be found at:
http://www.shapeblue.com/packages 

The post What's new in CloudStack 4.11? appeared first on The CloudStack Company.


----

Read in my feedly


Sent from my iPhone

A Practical Example of Using Cloud Storage with XenServer in the Citrix Demo Center: Chapter 3



----
A Practical Example of Using Cloud Storage with XenServer in the Citrix Demo Center: Chapter 3
// Citrix Blogs

In this chapter, I'll be discussing the methods I use to authenticate against SoftLayer's Object Storage regions, and how I developed my own local cache of the authentication token that's used when uploading and download Object Storage objects.

South Curl

  

Related Stories


----

Read in my feedly


Sent from my iPhone

A Practical Example of Using Cloud Storage with XenServer in the Citrix Demo Center: Chapter 2



----
A Practical Example of Using Cloud Storage with XenServer in the Citrix Demo Center: Chapter 2
// Citrix Blogs

In this second installment, I'll discuss why I chose a shell (Bash) to script the Object Storage libraries, and I'll discuss some of the more complex issues when handling errors in Bash.

Language wars: Some may say that Python would …

  

Related Stories


----

Read in my feedly


Sent from my iPhone

Preparing for Chef 14 release and Chef 12 End-of-Life



----
Preparing for Chef 14 release and Chef 12 End-of-Life
// Chef Blog

As we previously announced, April 2018 will mark two important milestones for Chef Client and ChefDK:

  • Chef Client 14 and ChefDK 3 will be released near the beginning of April. This represent the fastest and easiest-to-use versions of Chef to date.
  • Chef Client 12 and ChefDK 1 will become end-of-life on April 30, 2018. This means that no future feature or security updates will be issued after that date.

Live Demos and Q&A with Chef Experts

To help you prepare to migrate and discover what's new in the latest releases we're opening registration for two upcoming live webinars:

  • Getting Ready for Chef 14 – Discover tips, tools, and examples for migrating from Chef Client 12. Register to attend live on Wednesday, March 7th at 10:00 AM PT.
  • What's new in Chef 14 and ChefDK 3 – Join us for a deep-dive on the newest features in Chef 14 and ChefDK 3, with hands-on examples and a demo of the functionality. Register to attend live on Wednesday, April 4th at 10:00 AM PT.

Hands-on Tutorials

We are also announcing two new Learn Chef Rally modules. These hands-on tutorials will not only help you with your migration away from Chef Client 12 but also to keep your cookbooks and Chef Client installations healthy in the future:

  • The Keep Your Cookbooks Up-To-Date module teaches you how to use tools like Test Kitchen, Foodcritic, and InSpec to identify and remediate Chef language deprecations in your cookbooks. If you haven't touched older cookbooks for a few years, going through this track is a great way for you to accelerate your migration process.
  • The Upgrade Your Chef Client module teaches you how to use the Chef Client Updater cookbook to keep the Chef client on your nodes up-to-date. This module contains an example of how to use this cookbook on AWS OpsWorks for Chef Automate. Over time, we will add more modules for a variety of Chef Automate setups, including the AWS and Azure marketplace images, as well as self-hosted Chef Automate servers.

As always, if you have questions or concerns about our new releases, or the sunsetting of support for Chef Client 12 and ChefDK 1, please reach out to your Chef account team. Thanks for using Chef!

The post Preparing for Chef 14 release and Chef 12 End-of-Life appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone

Chef at CfgMgmtCamp 2018



----
Chef at CfgMgmtCamp 2018
// Chef Blog

2018 marked the fifth anniversary of the CfgMgmtCamp conference, and for this milestone, the organizers decided to invite the luminaries of configuration management back to Gent, Belgium for a reunion. Attendees heard from Mark Burgess (inventor of promise theory and CFEngine), Luke Kanies (founder of Puppet) as well Chef's own CTO and co-founder, Adam Jacob, in addition to many other talks across the conference's ten tracks.

Adam Jacob's keynote focused on the future of configuration management. What is the future, though, but the things that we ourselves have not yet invented and will? Adam cites Alan Kay, ex-of Xerox PARC, and his famous quote that "the best way to predict the future is to invent it." The call to action for those of us working in this field is to do that. Adam left attendees with a few ideas about where to start and what to disrupt next. You can watch his reflective and inspiring keynote below.

As in years past, Chef convened a track about Chef, InSpec and Habitat as well as hosting a hack day. Some of the highlights from the room included:

  • Heike Hallenberger from DB Systel (the IT arm of Deutsche Bahn, Germany's railway system) gave a talk about managing IT infrastructure on high-speed trains using Chef
  • Tim Smith speaking about what's coming up in Chef 14, material that will be covered in an upcoming webinar
  • Salim Afiune, one of the engineers on Chef Automate, with a talk about how Chef's own engineering team is using Habitat to ensure a consistent environment and deployment all the way from the laptop to production.

Finally, Chef's VP of Community Development, Nathen Harvey, gave a talk in the Ansible room about how to use InSpec to test Ansible playbooks.

We very much enjoyed attending CfgMgmtCamp for another year and meeting you all. Though tired, the team capped off the week by flying to Germany for our inaugural Chef Community Summit in Berlin, which we will recap in another blog post.

The post Chef at CfgMgmtCamp 2018 appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone

Chef Automate Release – February 2018



----
Chef Automate Release – February 2018
// Chef Blog

Last week Chef announced the February release of Chef Automate. This marks the GA release of the compliance scanner with job scheduling, and adds features to make analysis easier, such as date-range search. Chef Automate now provides compliance scanning capabilities for a full range of enterprise needs: agent-based scans to provide continuous visibility into status; remote, agentless scans for on-demand checks; and scheduled scans to deliver regular insights with minimum disruption.

Chef Automate ships with a library of InSpec profiles that provide a baseline against which organizations can test for compliance. Profiles express policy as code, and organizations can create and extend profiles to test for compliance against a range of policies such as security requirements, corporate guidelines, or government regulations. The complete scanning capabilities in Chef Automate help organizations stay compliant with diverse requirements across large, heterogeneous IT environments.

Moving faster, with less risk

Chef customers use Chef Automate to detect non-compliance with policy, correct priority issues, and automate the detect-and-correct cycle to achieve continuous compliance. A common use case is to gain visibility into compliance status across the fleet and maintain an up-to-date view to support ongoing audit readiness. For many organizations, audits require significant effort and are therefore done periodically, leaving long windows of time with little visibility into compliance status. Maintaining ongoing visibility decreases risk while making audits simple and efficient. Furthermore, Chef Automate provides a means to correct any compliance issues that are detected, helping organizations stay compliant on an ongoing basis.

Another common use case is moving compliance checks into the development process. By testing against policy as code is developed, fixes can happen quickly and application delivery speeds up. Most organizations scan for compliance and security issues prior to deployment. This step can bring deployments to a halt and kick off an expensive, time-consuming remediation process. When compliance checks are done earlier in the process, however, the security review becomes a non-event, as potential issues were detected and corrected during development.

Everybody wins   

Using Chef Automate to apply a detect-correct-automate approach to compliance provides benefits across teams. Developers move their applications into production faster, with less rework. Operations teams maintain a compliant infrastructure that is always audit-ready. Security teams eliminate risk without slowing things down. And compliance teams can be sure policies are being implemented as intended, via profiles written in code that is not subject to misinterpretation.

Learn more

  • For more information about our February Chef Automate release, be sure to check out our release announcement.
  • Explore what Chef Automate can do. In this Learn Chef module, you'll get Chef Automate running in 3 steps.

The post Chef Automate Release – February 2018 appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone

Chef Certification and Workshops at ChefConf 2018



----
Chef Certification and Workshops at ChefConf 2018
// Chef Blog

At ChefConf 2018 there will be many opportunities to improve your knowledge of Chef, Habitat, and InSpec. In addition to more than 30 breakout sessions, we're offering 10 full-day workshops with topics for all experience levels. You'll also have an opportunity to prove your skills through certification exams.

Workshops presented by Chef experts

To get the most out of ChefConf, I encourage you to attend a technical workshop on the first day of the conference. These workshops emphasize hands-on learning and are taught by Chef experts and IT thought leaders from around the world.

Here is a list of workshops available for each skill level. You can find detailed descriptions of each workshop here.

Beginner

Designed to help those new to Chef and new to DevOps. The primary prerequisite is a willingness to learn.

  • Intro to Continuous Automation
  • Chef Jumpstart
  • Managing a DevOps Transformation

Intermediate

Designed to support the continued learning of Chefs who have a year or more experience.

  • InSpec Jumpstart
  • Habitat Jumpstart
  • Continuous Compliance on AWS with Chef Automate
  • Let's use Google Cloud Platform (GCP) and Chef
  • Operating Chef Automate v 2.0

Advanced

Designed for those with an expert level knowledge of Chef and infrastructure automation.

  • Running with scissors – Detect and Correct with Franklin
  • Recipe for Success: Automating with Chef on the Microsoft Platform

Chef Certification

This year we are offering one free certification exam to all registered conference attendees at ChefConf 2018. Take this opportunity to join an elite group of Certified Chefs. Showcase your knowledge and proficiency as a Chef user and advance your career! Here are additional reasons to get certified:

  • By demonstrating Chef proficiency you are paving the way to a growing career focused on automation and DevOps.
  • With the growing need for Chef practitioners, you put yourself in line for a promotion or a new career opportunity.
  • Achieving Chef Certification is an inexpensive way to show proof that your expertise is staying current with the needs of the industry.

Those taking an exam at the conference will also receive a voucher to take one additional exam at no cost after the conference.

Exam Preparation Tools

To help you prepare, I encourage you to visit the Chef Certification site to review badge scope details for each of the available badge exams and our list of recommended skill building and learning resources.

Next Steps

  • Register for ChefConf by April 20 to receive the Early Bird rate of $675
  • Add a full-day, technical workshop to you registration  for only $275
  • Check the box during registration indicating interest in certification exams

The post Chef Certification and Workshops at ChefConf 2018 appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone

Supporting your Journey to Continuous Automation on Learn Chef Rally



----
Supporting your Journey to Continuous Automation on Learn Chef Rally
// Chef Blog

Most successful organizations pursue continuous automation in three stages: detect, correct, and automate. Our very own Nick Rycar recently covered this framework at length in both a blog post and webinar.

In case you missed it, adopting the DCA frameworks means:

  • Detecting where your systems deviate from your standards.
  • Correcting any deviations to meet your standards.
  • Automating both processes to improve speed and efficiency.

Compliance Track Updates

To support this journey and build your DCA knowledge and skills, we've released updates to the following Learn Chef Rally tracks.

Compliance Automation with InSpec

This track is all about detecting where your systems deviate from your standards. It's a great place to get started with InSpec, whether you use Chef or another automation framework to configure your systems.

 

Integrated Compliance with Chef

This track combines InSpec, Chef, and Chef Automate to teach you the complete Detect, Correct, Automate process through working examples. It's a great way to continue your DCA journey, especially if you're interested in using Chef to configure your systems and correct potential issues.

This release features easy-to-use training environments that are based on Docker containers. These environments include:

  • A workstation that contains all the tools you need to get started.
  • Target systems for you to practice the detect and correct process.
  • Chef Automate Pilot, a trial version of Chef Automate that runs on your laptop.

These environments are based on Linux, but the concepts apply equally to Windows.

What's included?

Here's a quick summary of what you'll learn.

Both tracks start with Try InSpec. Here, you get set up with your environment and see what InSpec can do. This module also appears in the Demos and Quickstarts track.

Compliance Automation with InSpec also includes:

Integrated Compliance with Chef also includes:

  • Try Chef Automate – Get set up with Chef Automate Pilot. You scan a few systems for compliance and see the results in the web interface.
  • Detect and correct with Test Kitchen – Learn how to run InSpec on local test infrastructure and generate a report. You write a Chef cookbook that corrects one of the reported issues.
  • Detect and correct with Chef Automate – See how to run InSpec profiles on your systems and send the data back to Chef Automate. You correct an issue and see the results through the web interface.
  • Create a custom InSpec profile – Learn how to customize an existing InSpec profile to meet your specific needs.
  • Compliance in action – Learn how Cloudticity's HIPAA Compliance as a Service uses Chef's automated compliance capabilities on AWS.

Get started and track your progress

These updated tracks await you on Learn Chef Rally. Be sure to take a moment to create your profile so that you can track your progress and earn badges for your completed tracks.

In the coming weeks, we'll have more in store for you, including how InSpec can help you verify your cloud infrastructure running on AWS and Microsoft Azure. We'd also love to hear your feedback and suggestions. Reach out to us at training@chef.io.

The post Supporting your Journey to Continuous Automation on Learn Chef Rally appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone

Applying Compliance on Azure Government with InSpec



----
Applying Compliance on Azure Government with InSpec
// Chef Blog

In government, compliance and security are a critical component of our job function. The current state of compliance frameworks are bulky and unwieldy for those inexperienced with OpenSCAP/XML. Microsoft Azure Government cloud and InSpec are designed to provide a common language for security, compliance, and automation teams to converge around.

Azure Government is designed to solve your compliance needs all the way up to the systems you manage. That's where Chef Automate and InSpec take over for that 'last mile'. Chef Automate and InSpec allow us to view compliance controls in a human-readable, easily digestible format.

title 'RHEL-06-000227: The SSH daemon must be configured to use only the SSHv2 protocol.'    control 'RHEL-06-000227' do   impact 1.0   title 'The SSH daemon must be configured to use only the SSHv2 protocol.'   desc 'SSH protocol version 1 suffers from design flaws that result in security vulnerabilities and should not be used.'   tag group: 'SRG-OS-000112'   tag vulid: 'V-38607'   tag ruleid: 'SV-50408r1_rule'   tag severity: 'CAT I'   tag stigid: 'RHEL-06-000227'   tag cci: 'CCI-000774'   tag fixtext: 'Only SSH protocol version 2 connections should be permitted. The default setting in "/etc/ssh/sshd_config" is correct, and can be verified by ensuring that the following line appears: Protocol 2'   tag checkcontent: 'To check which SSH protocol version is allowed, run the following command: # grep Protocol /etc/ssh/sshd_config If configured properly, output should be Protocol 2 If it is not, this is a finding.'   tag remediation: ''   ref 'http://iasecontent.disa.mil/stigs/zip/U_RedHat_6_V1R15_STIG.zip'     describe sshd_config do     its('Protocol') { should eq('2') }   end  end

The above control is the DISA STIG RHEL6 Control pertaining to which protocol version of SSH your system runs. This is just one of hundreds of controls published by DISA for managing RedHat systems. The value of InSpec over traditional testing and compliance frameworks is that InSpec includes all the context we need to understand not just the actual code check itself, but all of the other information we need to understand why we're checking for this setting. Chef Automate includes profiles for DISA STIGs and CIS Benchmarks out of the box.

By using these InSpec profiles in conjunction with Azure Government, we can simplify and reduce the effort it takes to prove compliance in our environment. Recently, I presented a live webinar on this topic with Microsoft's Technical Solutions Specialist, Derrick Schwartz, to show how our technologies work together to achieve this goal. You can watch a recording of the webinar below.

Learn More

The post Applying Compliance on Azure Government with InSpec appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone

Join Us at ChefConf 2018



----
Join Us at ChefConf 2018
// Chef Blog

Tickets are on sale now for ChefConf 2018 in Chicago May 22-25.

ChefConf is the must-attend DevOps conference that brings together the best voices in the industry for a week of insightful, disruptive, and thought-provoking conversations driving digital change in IT. Learn about the state of the art and the state of the future from the minds shaping the direction of modern apps and teams. Return with key insights to help you build, deploy, and manage applications at velocity, and stronger connections to a vibrant worldwide DevOps community.

Week at a Glance

ChefConf includes technical sessions, workshops, certification exams, social activities, and more. Here is a quick overview of what you can expect, and when!

 

Convince Your Boss

Nobody should fly solo at the conference. This justification letter has what you need to convince your boss to send your entire team to ChefConf in Chicago. 

Early Bird Pricing

Speed matters! Join us in congratulating Aaron Kulbe (@longviewbits) for being the first to purchase a ticket for ChefConf!

Take advantage of early bird pricing before April 20th to experience all that ChefConf offers for less than $1000. Join Aaron and all of your other #cheffriends in Chicago this May! Register today

The post Join Us at ChefConf 2018 appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone

Icinga 2 Cookbooks: Breaking up the All-In-One Cookbook



----
Icinga 2 Cookbooks: Breaking up the All-In-One Cookbook
// Chef Blog

For vendors, configuration management has become as important as the software itself. As a vendor you should take responsibility and provide proper cookbooks for your software that fulfill the requirements for as many users as possible. The Icinga 2 cookbook used to manage all of the components you need to get your monitoring servers and agents up and running. Additionally, it allows users to automate the whole monitoring lifecycle, from freshly occurring hosts and services up to the deletion of those. Recently, we decided that it's better to split the single cookbook, instead of maintaining an "all-in-one" solution.

What is Icinga 2

Icinga is an open source monitoring software that monitors your hosts, applications and services. The results include the current state and metrics, both can be saved for long term. Instead of configuring everything statically, Icinga 2 allows you to create apply rules which generate your monitoring objects dynamically. With the RESTful API changes can be made automatically and from remote. Icinga has a built in clustering mechanism to create high available and distributed setups.

Icinga 2 works very well in combination with Chef to create an automated monitoring environment. Since Chef knows everything about your infrastructure, you can use this knowledge to create your monitoring configuration out of it.

Breaking up the Cookbooks

The Icinga Stack consists of multiple components. Depending on your setup and feature requirements, you will have to set up more or less of the available tools. The Icinga 2 cookbook could handle all of those requirements and with each new aspect of the stack the cookbook grew as well. We reached a point where we wanted to make it easier for our users to pick the exact parts they needed for their very own monitoring setup. The web interface may run on a different host than the master. An agent has less requirements than a master, it just needs to be installed and connected.

To make this easier to handle and to prevent a big and monolithic cookbook, we decided to break up the Icinga 2 cookbook. Eventually, smaller cookbooks allow us easier maintenance and independent releases. All cookbooks are part of the Chef partner program and available for many platforms and multiple Chef versions.

Icinga 2 Repository

All Icinga related packages are available on packages.icinga.com. This cookbook adds and enables the repository on your node. Repository management has been separated as it is required by multiple cookbooks and we wanted to prevent maintenance of duplicated code.

Download: https://supermarket.chef.io/cookbooks/icinga2repo

Icinga 2

The Icinga 2 Cookbook manages Icinga 2 servers. This includes the management of all features, configurations and Icinga objects. With this cookbook you can set up your master and add satellites to it to distribute the load.

Download: https://supermarket.chef.io/cookbooks/icinga2

Icinga 2 Client

The Icinga 2 client cookbook manages Icinga 2 on your agents and connects them to a master or satellite.

Download: https://supermarket.chef.io/cookbooks/icinga2client

Icinga Web 2

This cookbook manages everything related to the web interface for Icinga 2.

Download:  https://supermarket.chef.io/cookbooks/icingaweb2

The post Icinga 2 Cookbooks: Breaking up the All-In-One Cookbook appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone

Sunday, December 17, 2017

Upgrade to XenServer 7.3



----
Upgrade to XenServer 7.3
// Xen Orchestra

Upgrade to XenServer 7.3

XenServer 7.3 is now available. Let's see how to upgrade (or update!) it.

Some free features are removed in 7.3. Please read this before upgrading.

Xen Orchestra is 100% compatible with XenServer 7.3.

From XenServer 7.2

If you are running XenServer 7.2, the process will be only an update, not an upgrade.

You need to download the update "pack". You can do it directly from your pool master:

$ wget http://downloadns.citrix.com.edgesuite.net/13372/XenServer-7.3.0-update.iso  

Then, still on your pool master, you can deploy the update:

$ xe-install-supplemental-pack XenServer-7.3.0-update.iso  

From older XenServer

This is the standard upgrade procedure. You can upgrade your previous XenServer version directly to 7.3 since XenServer 6.2, 6.5, 7.0 and 7.1.

If you are using XenServer 7.2, please read the previous section.

ISO download

You can fetch the ISO here: http://downloadns.citrix.com.edgesuite.net/13371/XenServer-7.3.0-install-cd.iso

The ISO can be burn to a CD but see the next section for USB install.

Install from USB

From any Unix/Linux:

dd if=XenServer-7.3.0-install-cd.iso of=/dev/sdX bs=8M status=progress oflag=direct  

Replace sdX with the name of your USB key.

On Windows, use a dedicated program that can write ISO to USB drives.

Partitioning

It's exactly the same as all previous XenServer 7.x version (see our previous blog post: upgrade to XenServer 7.1):

  • / (root) 18GB
  • /boot/efi 512M
  • /var/log 4GB
  • Swap 1GB

Are you upgrading from an older version than XenServer 7.0? Or do you have the old partition scheme? Please follow instructions in our previous blog post to switch to the new one.

Rolling pool upgrade

If you have a pool with multiple hosts, there is some basic rules to follow:

Always upgrade the pool master first:

  1. Migrate VMs from your pool master to slaves
  2. Upgrade the pool master
  3. Migrate VMs from one slave to the pool master
  4. Migrate this slave
  5. Etc.

You can always live migrate VMs from an older XenServer to a newer. The opposite IS NOT POSSIBLE.

Also, always check to empty your VM CD drives and disable HA during the operation.


----

Read in my feedly


Sent from my iPhone

XenServer 7.3



----
XenServer 7.3
// Xen Orchestra

XenServer 7.3

It's out! Latest CR version of XenServer is available. So what's new there?

What's new?

XenServer 7.3

Removed features

If you don't have a licensed version of XenServer, upgrading/udpating to this version will remove those features:

  • Xen storage motion
  • Dynamic Memory Control
  • Basic GPU Passthrough
  • Pool size limited to 3 hosts max
  • and more, details here

If you need a license, you can contact us (live chat of our website), as we are a Citrix partner and reseller. We'll help you about licensing.

Added features

If you have an Enterprise license for XenServer, you'll have:

  • Efficient multicast support via IGMP snooping
  • Support for NVIDIA Pascal graphics cards
  • Nested virtualization for Bromium Secure Platform
  • Changed Block Tracking

We reviewed the CBT features: in short, the only advantage vs current Delta backup, is that you can remove the reference snapshot (and leave only the metadata). But it doesn't solve the main problem about block based storage that aren't thin-provisioned anyway. Because you still need to create the snapshot at the first place.

However, there is interesting features hunder the hood of CBT: nbd protocol, which will be probably useful for Xen Orchestra in the future, to have more flexible fetch of VM content.

Right now, it doesn't change anything: Xen Orchestra is fully compatible with XenServer 7.3!

Should I upgrade?

Depends:

  • If you are on 7.1 LTS, and happy with it, stay.
  • If you are on 7.2 without license, you'll lose some features.
    • If those are too important for you, you can stay in 7.2
    • Or buy a license

----

Read in my feedly


Sent from my iPhone

phpIPAM version 1.3.1 released



----
phpIPAM version 1.3.1 released
// phpIPAM IP address management

New version of phpipam (1.3.1) released.
----

Read in my feedly


Sent from my iPhone

pfSense 2.4.2-RELEASE-p1 and 2.3.5-RELEASE-p1 now available



----
pfSense 2.4.2-RELEASE-p1 and 2.3.5-RELEASE-p1 now available
// Netgate Blog

We are excited to announce the release of pfSense® software versions 2.4.2-p1 and 2.3.5-p1, now available for upgrades!


----

Read in my feedly


Sent from my iPhone

Habitat Updates



----
Habitat Updates
// Food Fight

Nell Shamrell-Harrington, Tasha Drew, and Jamie Winsor discuss the latest updates to Habitat!

Panel

Show Notes

Picks

Nell

Tasha

Jamie

Download


The Food Fight Show is brought to you by Nathen Harvey and Nell Shamrell with help from other hosts and the awesome community of Chefs.

The show is sponsored, in part, by Chef.

Feedback, suggestions, and questions: info@foodfightshow.com or http://github.com/foodfight/showz.


----

Read in my feedly


Sent from my iPhone

ChefConf 2018 CFP: Application Automation Track



----
ChefConf 2018 CFP: Application Automation Track
// Chef Blog

ChefConf is the largest Chef community reunion and educational event for teams on the journey to becoming fast, efficient, and innovative software-driven organizations. In other words, you and your team!

ChefConf 2018 will take place May 23-26 in Chicago, Illinois and we want you to present! The ChefConf call for presenters (CFP) is now open.

One of the tracks you might consider proposing a session for is the Application Automation track.

Application Automation

The cries for digital and cultural transformation can be heard from every corner of the business world. Everyday technologists are becoming more concerned with delivering customer and business value. How are your teams empowered to deliver this value to production? Teams are adopting the tooling and practices necessary embrace cloud-native technologies, move into the brave new world of containers, orchestrations, cloud infrastructure, and serverless solutions. In the meantime, some legacy applications are being lifted out of the data center and shifted to the cloud. Habitat is a simple, flexible way to build, deploy, and manage modern distributed applications.

Application automation is the term we use to describe the processes used to build, deploy, and manage these applications.

Share your story of using Habitat and related technologies to manage the lifecycle of your team's applications. Below are some ideas and questions to consider.

Understanding distributed systems

Topologies, service discovery, consistency, availability, partitioning, and more! Working with distributed systems means learning about new concepts and terms. The Habitat ecosystem addresses many of these concerns making it easier to implement and leverage them within applications.

  • What does everyone getting started with distributed systems need to know?
  • How does Habitat address and enable each of these concepts?
  • Can you demonstrate how your application uses one or more of these?

Containers, containers, containers!

Containers provide many benefits to modern application teams. Being able to run the same artifact in many different environments simplifies delivery pipelines, increases confidence, and allows teams to deliver value faster. But containers alone may not be enough. Scaling out containers and running production workloads often requires additional technologies like a container scheduler or platform as a service. Habitat provides the capability to export artifacts into a number of different formats including Docker images, Cloud Foundry images, and more. Using the Habitat builder service, you can automatically publish these containers to Docker Hub or Amazon's Container Registry.

  • How has Habitat's application-first approach changed your container build process? The size and shape of your container?
  • How are you understanding the provenance and lineage of your containers? In other words, "what's in the container?"
  • Which export formats are you utilizing for Habitat? Why and how?
  • What container orchestrators, schedulers, or platforms are you utilizing? Why and how?
  • Have you considered building a custom export format? What formats would you add? How would you approach building that?

A better habitat for …

Many applications frameworks have mature notions of packaging applications. Java applications, for example, are often packaged as .jar or .war files that are ready to be run inside of a java runtime. In other frameworks, such as Ruby on Rails, the idea of building an artifact is foreign to most of the community. Habitat allows you to create packages and simplify the deployment and management of any application framework. Not everything we build or run is an application framework, either. What about persistent data stores or other services?

  • Share your story of packing specific application frameworks with Habitat (Java, Rails, Node, PHP, Python, etc).
  • Share your story of packaging and running distributed databases with Habitat (PostgreSQL, MySQL, MongoDB, etc).
  • How has a common packaging format impacted your delivery platforms across various application frameworks?

Putting the "Dev" in DevOps

The word "DevOps" has always started with "Dev" yet many participants in the community have a deep background in operations.  Habitat aims to bring better automation capabilities to developers and make the DevOps tent larger so that everyone has a place. This also means more and closer collaboration between teams!

  • How is Habitat impacting your development process?
  • How has Habitat improved collaboration between dev and ops?
  • As a developer, what are the things you love, or hate, about Habitat?

Getting Started

Application automation with Habitat is a relatively new practice and the tools available are quickly evolving. How are you getting started with Habitat? Have you started with core packages or are you building your own? You do not need to be an expert to help others get started. Your experiences getting started with Habitat are worth sharing, even if as cautionary tales. ChefConf is a great place to help fellow community members get started on the right foot.

  • What do you wish you knew when you first got started?
  • How are you helping people across your organization get started with application automation?
  • Which use cases are well-suited for getting started with application automation?

Other Tracks

The ChefConf CFP is open for the following tracks:

Share Your Story

Your story and experiences are worth sharing with the community. Help others learn and further your own knowledge through sharing. The ChefConf CFP is open now. Use some of the questions posed here to help form a talk proposal for the application automation track.

Submit your talk proposal now! The deadline is Wednesday, January 10, 2018 at 11:59 PM Pacific time.

The post ChefConf 2018 CFP: Application Automation Track appeared first on Chef Blog.


----

Read in my feedly


Sent from my iPhone