Anthony Miloslavsky

Author Archives: Anthony Miloslavsky

Exploring Batfish with Cumulus – Part 2

In Part 1 of our look into navigating Batfish with Cumulus, we explored how to get started with communicating with the pybatfish SDK, as well as getting some basic actionable topology information back. With the introduction out of the way, we’re going to take a look at some of the more advanced use cases when it comes to parsing the information we get back in response to our queries. Finally, we’re going to reference an existing CI/CD pipeline, where templates are used to dynamically generate switch configuration files, and see exactly where and how Batfish can fit in and aid in our efforts to dynamically test changes.

For a look under the covers, the examples mentioned in this series of posts are tracked in “

Enforcing Policy

As you may remember, in Part 1 we gathered the expected BGP status of all our sessions via the bgpSessionStatus query and added some simple logic to tell us when any of those sessions would report back as anything but “Established”. Building on that type of policy expectation, we’re going to add a few more rules that we want to enforce in our topology.

For example:

Exploring Batfish with Cumulus – part one

The topic of testing in continuous integration pipelines, is something we at Cumulus discuss almost daily, whether it’s internally or with customers. While our approach mainly centers around doing this type of testing in a virtual simulated environment, the moment I heard about a project called Batfish taking a different approach to testing, it had my attention. Better yet, once Batfish announced initial support for Cumulus earlier this year, there were no excuses left to not start digging in and understanding how it can fit into pipelines and replace or complement existing testing strategies.

The Batfish Approach To Testing

While there are various testing frameworks out there that help in building and organizing an approach to testing changes, the ugly truth is that the majority of this process occurs after a change has actually been pushed to a device. Techniques like linting provide some level of aid in the mostly empty pre-change testing area, but the control and data plane validation checks are forced to occur after a change has been pushed, when its generally “too late”. Even though there’s no argument that some testing is better than none, the pre-change test area is desperate for any type of visibility Continue reading

Salt Use Cases for Cumulus Linux

A talking point I often lean on when speaking to customers is, “It’s Linux, so use whatever tool you like.” This approach can be especially paralyzing for customers that are just getting started with automating their network and compute infrastructure in a uniform way. In those particular situations, diving into the numerous articles that pit the various automation tools against each other can be counterproductive. Instead, I often find the most value in looking at a few examples of a particular tool in action that is addressing a use case which is relevant to me, while following along hands-on.

Salt frequently comes up as one of the options in the infrastructure configuration management conversation, however its main differentiator is the message bus architecture and the ability to react to events in real time. While that sounds a bit abstract, the main question we should be asking ourselves is how will this simplify the day to day management of my infrastructure? In this post, we’ll step through getting the configuration on a couple Cumulus switches under full management with Salt, and end with a practical event-based workflow for adding and replacing devices in our infrastructure.

Configuration Management

In a previous Continue reading

Is NRE The Evolution Of A Network Architect?

While the various concepts behind automation and programmability have trickled into the network space at an exponential rate, enterprises have been left scratching their heads regarding the most effective way to incorporate these ideas into their teams.  Do you send your entire team on a week long Python retreat and assume everyone can immediately start […]