Openstack Docker Networking – Issues Roadmap & Resolution steps

In this blog we are going to see common issues with docker networking and steps to consider for configuration and troubleshooting ways.

Common Issues discussed in stackoverflow, docker forum and ask.openstack

  • Openstack Networking is a complex topic and Docker networking is continuously evolving in every release and this makes it difficult for folks to figure out the right feature to use for their use-case
  • When applications are taken from development to production, networking needs change and the typical approaches don’t always help.
  • Enterprise customers have lot of legacy applications and the networking needs to satisfy connecting legacy non-containerized applications with the new container based micro services.

Resolution Methods & Considerations with docker infra management

  • Docker Networking Components, Docker Daemon includes accessing remotely & securely, Corporate Firewall considerations, preventing IP table modification, Container networking, Swarm/Service networking includes Routing Mesh vs HRM & Troubleshooting methods for resolving docker networking issues.

 

 

Here link to my slides, Please add input corrections need to changes .

 

References:

https://wiki.openstack.org/wiki/Docker

https://www.docker.com/docker-community

Dockercon videos around networking topics

Terraform – Install and Orchestrate Part-1

Introduction

The primitives of terraform used to define infrastructure as a code (IaaC). You can build, change and version your infrastructure in AWS, Digital Ocean, Google Cloud, Heroku, Microsoft Azure etc. using the same tool. Describe components of your single application or entire data center using terraform. In this tutorial, we will create an infrastructure using terraform and provision AWS EC2 instance.

Install Terraform

To install Terraform, find the appropriate package for your system and download it. Terraform is packaged as a zip archive.

After downloading Terraform, unzip the package. Terraform runs as a single binary named terraform. Any other files in the package can be safely removed and Terraform will still function.

The final step is to make sure that the terraform binary is available on the PATH. See this page for instructions on setting the PATH on Linux and Mac. This page contains instructions for setting the PATH on Windows.

[pandy@maestropandy ~]$ cd /usr/local/src
[root@maestropandy]# wget https://releases.hashicorp.com/terraform/0.9.11/terraform_0.9.11_linux_amd64.zip?_ga=2.158618490.1572651985.1499345696-1866648534.1499345696

[root@maestropandy]# unzip terraform_0.9.11_linux_amd64.zip\?_ga\=2.158618490.1572651985.1499345696-1866648534.1499345696

[root@maestropandy]# mv terraform /usr/local/bin/

Now add the following line to add terraform in PATH location.

export PATH=$PATH:/terraform-path/

Verify Installation

[root@maestropandy]# terraform
Usage: terraform [–version] [–help] <command> [args]

The available commands for execution are listed below.
The most common, useful commands are shown first, followed by
less common or more advanced commands. If you’re just getting
started with Terraform, stick with the common commands. For the
other commands, please read the help and docs before usage.

Common commands:
apply Builds or changes infrastructure
console Interactive console for Terraform interpolations
destroy Destroy Terraform-managed infrastructure
env Environment management
fmt Rewrites config files to canonical format
get Download and install modules for the configuration
graph Create a visual graph of Terraform resources
import Import existing infrastructure into Terraform
init Initialize a new or existing Terraform configuration
output Read an output from a state file
plan Generate and show an execution plan
push Upload this Terraform module to Atlas to run
refresh Update local state file against real resources
show Inspect Terraform state or plan
taint Manually mark a resource for recreation
untaint Manually unmark a resource as tainted
validate Validates the Terraform files
version Prints the Terraform version

All other commands:
debug Debug output management (experimental)
force-unlock Manually unlock the terraform state
state Advanced state management

 

Now succesfully Terraform installed on ubuntu machine, lets create AWS user account, and download keys.

  1. Click Users from IAM dashboard.
  1. Click “Add user”
  1. Provide an user name and click only “Programmatic access”. We have provided user name as “terraformuser”. Click “Next:Permission”
  1. Next click “Create Group”. Provide a group name and in the policy type, filter by AmazonEC2. Select the first row which which gives Amazon EC2 full access.
  1. Click “Next: Review”
  1. Click “Create user”

Download the newly created users Access key ID and Secret key by clicking “Download .csv’. These credentials are needed to connect to Amazon EC2 service through terraform.

Convert .pem key into .ppk format your use.

Terraform file

As we are already aware that terraform is a command line tool for creating, updating and versioning infrastructure in the cloud then obviously we want to know how does it do so? Terraform describes infrastructure in a file using the language called Hashicorp Configuration Language (HCL) with the extension of .tf It is a declarative language that describes infrastructure in the cloud. When we write our infrastructure using HCL in .tf file, terraform generates an execution plan that describes what it will do to reach the desired state. Once execution plan is ready, terraform executes the plan and generates a state file by the name terraform.tfstate by default. This file maps resource meta data to the actual resource ID and lets terraform knows what it is managing in the cloud.

Terraform and provision AWS

To deploy an EC2 instance through terraform create a file with extension .tf This file contains namely two section. The first section declares the provider (in our case it is AWS). In provider section we will specify the access key and secret key that is written in the CSV file which we have downloaded earlier while creating EC2 user. Also choose the region of your choice. The resource block defines what resources we want to create. Since we want to create EC2 instance therefore we specified with “aws_instance” and the instance attributes inside it like ami, instance_type and tags. To find the EC2 images browse ubuntu cloud image.

[root@maestropandy]# cd
[root@maestropandy ~]# mkdir terraform
[root@maestropandy ~]# cd terraform/
[root@maestropandy terraform]# vi aws.tf

provider “aws” {
access_key = “ZKIAITH7YUGAZZIYYSZA”
secret_key = “UlNapYqUCg2m4MDPT9Tlq+64BWnITspR93fMNc0Y”
region = “ap-southeast-1”
}

resource “aws_instance” “example” {
ami = “ami-83a713e0”
instance_type = “t2.micro”
tags {
Name = “your-instance”
}
}

Apply terraform plan first to find out what terraform will do. The terraform plan will let us know what changes, additions and deletions will be done to the infrastructure before actually applying it. The resources with ‘+’ sign are going to be created, resources with ‘-‘ sign are going to be deleted and resources with ‘~’ sign are going to be modified.

[root@maestropandy terraform]# terraform plan

Now to create the instance, execute terraform apply

 

[root@maestropandy terraform]# terraform apply

aws_instance.example: Creating…
ami:                                                   “” => “ami-83a713e0”
associate_public_ip_address:             “” => “<computed>”
availability_zone:                                “” => “<computed>”
ebs_block_device.#:                          “” => “<computed>”
ephemeral_block_device.#:                “” => “<computed>”
instance_state:                                    “” => “<computed>”
instance_type:                                     “” => “t2.micro”
key_name:                                          “” => “<computed>”
network_interface_id:                         “” => “<computed>”
placement_group:                               “” => “<computed>”
private_dns:                                        “” => “<computed>”
private_ip:                                          “” => “<computed>”
public_dns:                                         “” => “<computed>”
public_ip:                                           “” => “<computed>”
root_block_device.#:                          “” => “<computed>”
security_groups.#:                              “” => “<computed>”
source_dest_check:                           “” => “true”
subnet_id:                                          “” => “<computed>”
tags.%:                                              “” => “1”
tags.Name:                                        “” => “your-instance”
tenancy:                                             “” => “<computed>”
vpc_security_group_ids.#:                 “” => “<computed>”
aws_instance.example: Still creating… (10s elapsed)
aws_instance.example: Still creating… (20s elapsed)
aws_instance.example: Creation complete

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

The state of your infrastructure has been saved to the path
below. This state is required to modify and destroy your
infrastructure, so keep it safe. To inspect the complete state
use the `terraform show` command.

Next  we head over to EC2 dashboard, we will find that the new instance being initializing.

 

terraform instance

Now we have successfully created AWS EC2 Instance using Terraform, say cheers to yourself 🙂

 

Reference

https://www.terraform.io/intro/getting-started/install.html