Create a folder called “bin” in %USERPROFILE%

Start–>Run–>%USERPROFILE%–>create a folder called “bin”

Download Terraform

https://www.terraform.io/downloads.html
Save the .exe in the “bin” folder you created

Set Windows “PATH” Variable

System Properties–>Environment Variables
Highight PATH
Click “Edit”
Click “New”
Add %USERPROFILE%\bin

Create a user in AWS for Terraform

In AWS, go to IAM
Create a user called “terraform”
programmatic access only
Attach existing policies directly
Administrator access (proceed with caution!)
Copy the Access Key ID (save to credentials store like KeePass or an excel spreadsheet for now)
Copy the Secret Access Key (save to credentials store)
Or download the .CSV and grab the values

Create a folder called .aws on your PC

Make sure to add a “.” at the end of the folder name or it will throw an error

Create a credentials file

Create a new file called “credentials” in the .aws directory (remove the extension)
Using the ID and Key from above, make it look like this:
Line 1: [default]
Line 2: aws_access_key_id=your_key_id_here
Line 3: aws_secret_access_key=your_access_key_here
Save the file (again, make sure to remove the .txt extension or it wont work)

Download and install Git for Windows

https://gitforwindows.org

Create a folder called TF_Code for your working files

I created mine on my desktop

Open Git Bash, navigate to your working directory

cd desktop
cd TF_Code

Make the directory a Git repository

git init

Create a new file with VI

vi first_code.tf
Line 1: provider “aws” {
Line 2: profile = “default”
Line 3: region = “us-west-2”
Line 4: }
Line 6: resource “aws_s3_bucket” “tf_course” {
Line 7: bucket = “tf-course-uniqueID”
Line 8: acl = “private”
Line 9: }

Commit the code

git add first_code.tf
git commit -m “some commit message”

Try Terraform! (in Git Bash)

terraform init
Downloads and Initializes plugins

Apply the code

terraform apply
yes (to perform the actions)

Check your AWS account (S3), you should see a new S3 bucket!

Delete the bucket

terraform plan -destroy -out=example.plan
terraform apply example.plan

Your bucket will now be deleted!

To recreate the bucket, just run the ‘terraform apply’ command again, say yes, and…BOOM, your bucket is created again!

Hope that helps. Good luck and happy computing!

First off, if you are trying to securely connect to your enterprise production network and instances, there are better (safer) methods (architectures) to do this. OSLogin or federating your Azure AD for instance, might be more secure and scalable. I run a pointless website (this one) with nothing to really lose across a handful of instances. This is a hobby.

Second, I recently got a dose of humble pie when trying to use PuTTY on Windows to connect to a Ubuntu instance in GCP. I was generally using gCloud command-line for getting my app running but I got a wild hair up my ass this morning to try and just use PuTTY to avoid the step of logging into Google Cloud (via Chrome) for administration. I am fairly use to AWS where I just create an instance, download the .pem file, convert it to a ppk with PuTTYgen, and then use that along with the default login (ec2-user or ubuntu) to connect to my minecraft and web servers. GCP was a little different.

Once I read a few docs from Google searches, it became much more apparent vs reading the GCP docs. Here is how I did it.

Download PuTTYgen if you dont have it already.

Launch PuTTYgen.

Click on “Generate“. I used a 2048 bit RSA key.

Move your mouse around the box to generate a key.

In the “Key comment” field, replace the data there with a username you want to use to connect to your Compute Engine instance (highlighted)

Copy the ENTIRE contents of the public key (the data in the “public key for pasting…”) box. It should end with the username you want to connect with if you scroll down.

Click on “Save Private Key” and select a location/path that is secure (and one that you will remember!).

Create a new Compute Engine instance or go to an existing instance. From the VM instances page, click on the instance name. In my case it was “minecraft001”.

At the top of the page, click on “Edit“.

Scroll almost all the way to the bottom and you will see an “SSH Keys” section.

Click on “show and edit“

Click on “+ Add Item“

Paste in the key data you copied from PuTTYgen from the step above.

• You will notice that it extracts the username from your key on the left. This is the username you will use from PuTTY.

On the same page, click on “Save” at the bottom of the page.

On the VM instance details page, find the “External IP” section and copy the IP address (the cascaded window icon will add it to your buffer).

Now open or go back to your PuTTY client (not PuTTYgen).

Paste the IP address into your PuTTY client.

On the left side of the PuTTY client, scroll down to the “Connection” section and click the “+” to expand it

Click the “+” next to the “SSH” section

HIGHLIGHT the “Auth” section. Dont expand it.

Click on “Browse…“

Find the Private Key file you saved from earlier (should have a .ppk file extension). Double click to select and use it.

Scroll back up and highlight the Session category.

From here you can either name your connection and Save it under “saved sessions“…or just click the “Open” button.

It should make a connection to your Compute Instance and ask for a username. Supply the username you specified in the step above and voila! I used “jonny” in my example.

That’s it! Happy computing!

I recently went through the process of building a dockerfile from scratch. I wont get into the details of that process but I did come across an error when trying to publish my package to GitHub Packages.

I tried to do a sudo docker push docker.pkg.github.com/mookyd/mymooky/mymooky:latest (my repo) and was thrown the error:

unauthorized: Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.

Its pretty clear what needed to happen but I thought my credentials would be enough since I wasnt using a script per se. I used docker login and provided my username and password and tried the command again. Same error.

After doing some reading, I discovered that you need to pass a “Personal Access Token” as a password. I generated a PAT under Settings–> Developer Settings –> Personal Access Tokens. I gave the token the access to the repo and to read and write packages. I then used docker login and passed the token string to login. After that, I was able to use docker push to upload my image.

Intro to Hyper-Convergence

Started out with local storage

Couldn’t expand

Moved to centralized storage

Server availability issues

Moved to virt and converged for clusters

FlexPods, VersaStacks…chassis had limitations

Back to local storage

Scales similar to cloud

No limits

Intro to HX platform

Based on C-series

Wizard-based installer

Converged Nodes – Disk, network, cpu, memory

Data Platform

StorFS – Distributed File System

Springpath is underlying backbone

Ensures copy data is always there

High performance networking is used by StorFS log structured FS

Communication channel for VMs and management etc

FIs are hardware management platform

HX Software is not supported on C-Series

HX Installer is a VM (OVA) – requires existing vCenter

Expansion is easy and non-disruptive

Cloud Center

Intersight

Cisco Container Platform

HX Flavors and use cases

HX Edge

2-4 Nodes (ROBO) – No FI needed

HX

Converged

Compute-Only

Up to 32 converged nodes with up to an additional 32 compute only nodes

SFF Drives

Either all flash or 2.5 spinning drives

LFF Spinning – 6 or 8TB

HX240 M5

6-12 of LFF in one server

Caching and housekeeping drives are still SFF Flash in back

HK – 240GB Flash

Caching – 3.2 TB SSD

HX 3.5 introduced stretch cluster for LFF drives

HX Edge 3 node HX 220 based connected directly to ToR switches with no FI

Managed through a centralized vCenter

Central backup site (LFF Cluster) with Veeam

3.0 introduced Hyper-V support

3.5 introduced LFF Drives support but no stretch or edge for Hyper-V

Scaling and Expanding a Deployment

Scales from 3 – 64 nodes

Node – Additional memory and compute

Converged Node – includes storage

3.5 added Hyper-V supprt and stretch clusters

Node must be compatible

Storage type

Size

Generation

Chassis size

Similar in ram and compute

You can introduce M5 to M4 but not vice versa

Use HX Installer to expand

Use config file

Provide creds

UCSM/Hypervisor/vCetner

Select cluster to expand

Select unassociated server from list

Provide IP info

Provide Name

Add VLANs

Start install

Go to HX Connect

View added node

Data is automatically distributed to new disks on new nodes

You can leverage numerous platforms for compute only node

Must be connected to same domain

Must have HX Data Platform installed via Installer

Mounts HX storage via NFS

Disks are not added to shared pool (for datastore creation)

CVM on compute only require

1 vcpu

512 MB RAM

Software Components Overview

StorFS – Distributed Log-structured file system

Writes sequentially, uses pointers – increases performance

Index has references to blocks for files across the distributed log

New blocks are written, old are deleted and housekeeping occurs.

File system index is stored in memory of  a controller VM.

Runs on every node in HX cluster

Logs caching compression duplication

Disks are passed through to CVM

Space is presented as NFS

HX220

CVM needs 48 GB RAM and 10.8 GHz

HX240

CVM needs 72 GB RAM and 10.8 GHz

HX 240 LFF 78 GB RAM and 10.8 GHz

CVM is doing cluster management

HX management

HX Connect management interface

HTML 5 GUI

Monitoring capability/Utilization monitoring

Replication

Clone

Upgrades

CVM CLI – not all commands are supported through GUI

CVM CLI is ubuntu VM – connect via SSH

stcli command

IOvisor (vib) – responsible for data distro

captures data and sends to any available node for caching

Not dependent on CVM so if CVM fails, fs ops will be directed to appropriate node

VAAI is used in CVM and Hypervisor

Allows direct FS ops on a Datastore (StorFS ops)

Allows for snaps and clones (much faster) using FS

Distributed File System

StorFS

When deploying

Select RF2 or RF3

Caching Tier

In all-flash systems

Not used for read cache

In all systems

Write cache works the same way

All flash

Hybrid

Caches writes as it gets distributed

De-stages writes

Split between active and passive

Active – caches fata

Passive – moves data to capacity drives

Number of cache level segments depends on RF factor

2 for RF 2

3 for RF 3

Hybrid systems

Write cache still works the same

Caching drive is ALSO use for read caching

Frequently used

Recently used

VDI mode

Only caches most frequently accessed

Not most recently accessed

Hardware component Overview

3 tier storage

Memory Cache – volatile

Controller VM, File system metadata

Cache Drive

SAS SSD, NVMe SSD or Optane

Capacity tier

All spinning or all flash

Hybrid (blue bezel) or all flash (orange bezel)

2 chassis types

HX220 (1U) M5 (Dual Intel Skylake Platinum’s)

10 Drives

Min6 max 8 capacity

Cache drive is front mounted

M.2 drive installs esx (internal)

Housekeeping (logs, storage)

HX240 (2U) M5 (Dual Intel Skylake Platinum’s)

Cache is on back

Capacity and housekeeping on front

Min 6 up to 23 capacity drives

Up to 2 graphics cards

Memory channels

6 per proc

2 sticks per channel

Max 128 per stick

16, 32, 64, 128

6 or 12 sticks per CPU for optimal performance

If M type procs, 1.5TB per CPU (total 3TB)

1.2TB

1.8 TB for hybrid

(cost effective)

960 and 3.8 TB for all flash (performance/density)

Network:

VIC1227

Dual 10G

VIC 1387

Dual 40G

Fis

6248s, 6296, 6332, 6332-16UP

UCSM

Other Notes:

Can you install HX without network?

No

Can you use install software as NTP server?

No. 2.0 and 2.1 disables it after 15 mins

Can I install vCenter on HX?

Yes. With 4 nodes with earlier versions.

Should storage VLAN be layer 3?

No

Can you setup multiple VLANs in UCSM during install?

Yes but you have to rename them

Are jumbo frames required?

No but enable them

HX Tech Brief – An App, Any Cloud, Any Scale

ROBO – HX Edge/Nexus

Private – HX/ACI (private cloud)

Intersite federates management

Edge leverages Intersite as cloud witness

Public – Cisco Container Platform on top of HX for Kubernetes aaS with HX in Prem

Cloud center – model apps/deploy consistently

App dynamics – performance/application transaction visibility

CWOM – optimizes resource utilization for underlying infra

Tetration – workload protection – enforce versions at the host level

HX Edge 2-4 nodes (up to 2000 sites) – Intersight can deploy in parallel to multiple sites

HX – 32nodes –> 32 more compute nodes

Installation Notes:

Deploy/Launch Data platform installer – OVA – can be on a SE laptop

Root:Cisco123

Create new:

Customize your workflow

Run UCSM config (unless you have edge (no Fis)

Check everything else

Create cluster

Cluster expansion:

In UCSM, validate PID and make sure its unassociated/no profile

In installer:

Supply UCSM name/creds

vCenter creds

Hypervisor creds

Select cluster to expand

Select server

Provide VLAN configs

Use ; for multiple VLANs

Enable iSCSI/FC if needed

For mgt VLAN and Data VLAN

Provide IP for esxi host

Provide IP for storage controller