Archive

Category Archives for "LINDSAY HILL"

CCIE Renewed Once More – Exam 400-101 v5.1

I’ve given in to the Sunk Cost Fallacy once more: I’ve renewed my CCIE. There was a lot of foot dragging this time around, and I only had four months to spare. But it’s done, for another year. Here’s some quick notes on my prep, and thoughts on the exam.

Preparation

I decided to sit the CCIE R&S Written Exam to renew. This was the easiest route for me. I don’t use Cisco products on a day to day basis, so certifying with a different track would be very hard for me.

The version hasn’t changed since the last time I sat it. It’s still 400-100, v5.1. The only difference is that the “Evolving Technologies” section has been tweaked a little. Think Automation toolsets, Cloud concepts, etc.

I used the study guide I purchased last time from “CCIE in 8 Weeks”. I also re-subscribed to their online practice exams. I meant to only subscribe for 3 months, but…I couldn’t get motivated to do this exam. I ended up paying for another 3 months access, before I finally knuckled down and did the study while I was on vacation. I flicked through my old CCIE flashcards a few times too.

Continue reading

CCIE Renewed Once More – Exam 400-101 v5.1

I’ve given in to the Sunk Cost Fallacy once more: I’ve renewed my CCIE. There was a lot of foot dragging this time around, and I only had four months to spare. But it’s done, for another year. Here’s some quick notes on my prep, and thoughts on the exam.

Preparation

I decided to sit the CCIE R&S Written Exam to renew. This was the easiest route for me. I don’t use Cisco products on a day to day basis, so certifying with a different track would be very hard for me.

The version hasn’t changed since the last time I sat it. It’s still 400-100, v5.1. The only difference is that the “Evolving Technologies” section has been tweaked a little. Think Automation toolsets, Cloud concepts, etc.

I used the study guide I purchased last time from “CCIE in 8 Weeks”. I also re-subscribed to their online practice exams. I meant to only subscribe for 3 months, but…I couldn’t get motivated to do this exam. I ended up paying for another 3 months access, before I finally knuckled down and did the study while I was on vacation. I flicked through my old CCIE flashcards a few times too.

Continue reading

CLI Still Sucks for Automation

Using network CLI for automation has always been fragile. But it keeps surprising me with the way it breaks. This time, it was a combination of Ansible, Arista, replace: config and terminal length used as a config command.

The Problem

I often hang out in the NTC Slack channel. A user reported they were having a problem with Ansible and EOS. Basic changes worked, but when they used eos_config with the replace: config option, it just timed out. We knew basic authentication & connectivity was fine, it had to be something else.

But it made no sense, because these modules are widely used. What’s going on?

Background #1: Pagination

Some commands produce more than one screen’s worth of output - for example, show run can be hundreds of lines long. Most screens don’t have hundreds of lines, so pagination is used. The network Continue reading

CLI Still Sucks for Automation

Using network CLI for automation has always been fragile. But it keeps surprising me with the way it breaks. This time, it was a combination of Ansible, Arista, replace: config and terminal length used as a config command.

The Problem

I often hang out in the NTC Slack channel. A user reported they were having a problem with Ansible and EOS. Basic changes worked, but when they used eos_config with the replace: config option, it just timed out. We knew basic authentication & connectivity was fine, it had to be something else.

But it made no sense, because these modules are widely used. What’s going on?

Background #1: Pagination

Some commands produce more than one screen’s worth of output - for example, show run can be hundreds of lines long. Most screens don’t have hundreds of lines, so pagination is used. The network Continue reading

Our Green Card Journey

We are now Lawful Permanent Residents of the United States - aka Green Card Holders. It took a few years to get to this point. Here’s our timeline, why we did it, what it means for us, and what next.

Timeline

I first moved to the US on an L-1B visa. This is an intra-company transfer visa, that let me move to the US to continue working for Brocade.

  • May 2015 - Began work for Brocade, based in New Zealand.
  • Jul 2016 - Received L-1B visa, allowing us to move to US.
  • Aug 2016 - Moved from New Zealand to US.
  • Nov 2016 - Broadcom announces intention to acquire Brocade
  • Nov 2016 - Green Card process initiated - Department of Labour certification filed.
  • Jul 2017 - PERM filed.
  • Oct 2017 - Extreme Network acquired my business unit. I remained employee of Broadcom.
  • Nov 2017 - PERM approved.
  • Jan 2018 - Received permission to transfer L-1 visa to Extreme Networks.
  • Feb 2018 - I-140 and I-485 submitted.
  • Sep 2018 - I-140 approved.
  • Feb 2019 - I-485 interview scheduled.
  • Mar 2019 - I-485 interview held. Lots of questions, confirming details & history, but all straightforward.
  • One week later: cards in hand

Total Continue reading

Our Green Card Journey

We are now Lawful Permanent Residents of the United States - aka Green Card Holders. It took a few years to get to this point. Here’s our timeline, why we did it, what it means for us, and what next.

Timeline

I first moved to the US on an L-1B visa. This is an intra-company transfer visa, that let me move to the US to continue working for Brocade.

  • May 2015 - Began work for Brocade, based in New Zealand.
  • Jul 2016 - Received L-1B visa, allowing us to move to US.
  • Aug 2016 - Moved from New Zealand to US.
  • Nov 2016 - Broadcom announces intention to acquire Brocade
  • Nov 2016 - Green Card process initiated - Department of Labour certification filed.
  • Jul 2017 - PERM filed.
  • Oct 2017 - Extreme Network acquired my business unit. I remained employee of Broadcom.
  • Nov 2017 - PERM approved.
  • Jan 2018 - Received permission to transfer L-1 visa to Extreme Networks.
  • Feb 2018 - I-140 and I-485 submitted.
  • Sep 2018 - I-140 approved.
  • Feb 2019 - I-485 interview scheduled.
  • Mar 2019 - I-485 interview held. Lots of questions, confirming details & history, but all straightforward.
  • One week later: cards in hand

Total Continue reading

Replacement Strips for Screen Privacy Filter

I use a Privacy Filter on my laptop screen when traveling. I’m doing a bit of time on planes these days, and it makes a big difference. Most of my code is Open Source, but other content is proprietary. High chance of competitors being on the same plane as me, so better to make it harder for others to see.

The only problem with these screens is that if you frequently take it off like I do, the adhesive strips collect dust, and stop sticking after a while. Recently someone asked me how to get them replaced.

3M does not sell replacement strips…but they do something even better: they give them away for free. Pretty cool ah?

Just go here, fill in the details, and they’ll send you some more. How good is that?

Replacement Strips for Screen Privacy Filter

I use a Privacy Filter on my laptop screen when traveling. I’m doing a bit of time on planes these days, and it makes a big difference. Most of my code is Open Source, but other content is proprietary. High chance of competitors being on the same plane as me, so better to make it harder for others to see.

The only problem with these screens is that if you frequently take it off like I do, the adhesive strips collect dust, and stop sticking after a while. Recently someone asked me how to get them replaced.

3M does not sell replacement strips…but they do something even better: they give them away for free. Pretty cool ah?

Just go here, fill in the details, and they’ll send you some more. How good is that?

New Year, New Home

We have left the Bay Area, and headed North. We have moved to the Greater Seattle area - specifically the Eastside, between Bellevue and Redmond. We’ve given up the old apartment in San Francisco for a larger, nicer house…for a lot less in rent. A lot fewer bars & restaurants, a lot more trees, parks and lakes.

But Why?

The typical Bay Areas response is: “But why??? It rains all the time in the Pacific Northwest!!!!”

A few things:

1. Yes, it rains more here than San Francisco, but not as much as people think. It’s not even in the top 10 cities in the US for annual rainfall. Boston, New York, Washington DC all receive more.

2. Rain is OK. In fact rain is good. You don’t get lush forests through irrigation. You also don’t get clean streets just from street sweepers. 

The main attractions for us are:

  • Much better lifestyle for us. It’s easy to go mountain biking, running, hiking, skiing here.

  • Much lower rent. Yes, rents have gone up a lot here, but it’s still much better value than San Francisco. I pay much less rent here, but I get a nice place, and the Continue reading

New Year, New Home

We have left the Bay Area, and headed North. We have moved to the Greater Seattle area - specifically the Eastside, between Bellevue and Redmond. We’ve given up the old apartment in San Francisco for a larger, nicer house…for a lot less in rent. A lot fewer bars & restaurants, a lot more trees, parks and lakes.

But Why?

The typical Bay Areas response is: “But why??? It rains all the time in the Pacific Northwest!!!!”

A few things:

1. Yes, it rains more here than San Francisco, but not as much as people think. It’s not even in the top 10 cities in the US for annual rainfall. Boston, New York, Washington DC all receive more.

2. Rain is OK. In fact rain is good. You don’t get lush forests through irrigation. You also don’t get clean streets just from street sweepers. 

The main attractions for us are:

  • Much better lifestyle for us. It’s easy to go mountain biking, running, hiking, skiing here.

  • Much lower rent. Yes, rents have gone up a lot here, but it’s still much better value than San Francisco. I pay much less rent here, but I get a nice place, and the Continue reading

CircleCI, Docker and Systemd

I have been battling to get the combination of CircleCI, Docker and systemd to play together. After much frustration, I have a workable solution. Machine Executor, privileged: true, cgroup passthrough, and disabling AppArmor.

Background: CircleCI for Ansible Linting & Checks

In the StackStorm team we use CircleCI with most of our repositories. We check things like code style checks, and run unit tests. With every Pull Request we trigger these checks, and checks must pass before merging. Some repos also use CircleCI for post-merge deployment steps.

We use Ansible and Terraform to manage some of our internal infrastructure. All configurations are stored in Git. All changes to that configuration must be submitted as a Pull Request. All PRs need approval, and all commit checks must pass. We use CircleCI to run these commit checks.

We run multiple checks, but for Ansible playbooks, they include using ansible-lint, and ansible-playbook --syntax-check. We then spin up a Docker container using CircleCI and run some of our playbooks twice, checking that it passes both times, and that the second run records no changes.

Here’s a snippet of some of our CircleCI configuration:

version: 2
jobs:
  build:
    working_directory:  Continue reading

CircleCI, Docker and Systemd

I have been battling to get the combination of CircleCI, Docker and systemd to play together. After much frustration, I have a workable solution. Machine Executor, privileged: true, cgroup passthrough, and disabling AppArmor.

Background: CircleCI for Ansible Linting & Checks

In the StackStorm team we use CircleCI with most of our repositories. We check things like code style checks, and run unit tests. With every Pull Request we trigger these checks, and checks must pass before merging. Some repos also use CircleCI for post-merge deployment steps.

We use Ansible and Terraform to manage some of our internal infrastructure. All configurations are stored in Git. All changes to that configuration must be submitted as a Pull Request. All PRs need approval, and all commit checks must pass. We use CircleCI to run these commit checks.

We run multiple checks, but for Ansible playbooks, they include using ansible-lint, and ansible-playbook --syntax-check. We then spin up a Docker container using CircleCI and run some of our playbooks twice, checking that it passes both times, and that the second run records no changes.

Here’s a snippet of some of our CircleCI configuration:

1
2
3
4
5
6
7
8
9
 Continue reading

More Ansible Modules for Extreme

We published Ansible modules for Extreme SLX devices earlier this year. Now we have modules covering all the main Extreme Switching & Routing product families - SLX, VDX, MLX, EXOS, VSP.

Available Modules

  • SLX - slxos_command, slxos_config, slxos_facts, slxos_interface, slxos_l2_interface, slxos_l3_interface, slxos_linkagg, slxos_lldp, slxos_vlan
  • VDX - nos_command, nos_config, nos_facts
  • EXOS - exos_command, exos_config, exos_facts
  • VOSS - voss_command, voss_config, voss_facts
  • MLX - ironware_command, ironware_config, ironware_facts

All modules are available in the current GA version of Ansible (2.7), except for voss_config. That one proved a bit trickier for me to write, and I didn’t get it done in time for the 2.7 cutoff. That one is an open Pull Request against the Ansible devel branch. That should get reviewed and merged soon. It will then make its way into the next GA release. You can of course use the code direct from my branch in the meantime.

All modules use the network_cli plugin. See Platform Options for general information about how to use this connection type.

Thanks to Continue reading

More Ansible Modules for Extreme

We published Ansible modules for Extreme SLX devices earlier this year. Now we have modules covering all the main Extreme Switching & Routing product families - SLX, VDX, MLX, EXOS, VSP.

Available Modules

  • SLX - slxos_command, slxos_config, slxos_facts, slxos_interface, slxos_l2_interface, slxos_l3_interface, slxos_linkagg, slxos_lldp, slxos_vlan
  • VDX - nos_command, nos_config, nos_facts
  • EXOS - exos_command, exos_config, exos_facts
  • VOSS - voss_command, voss_config, voss_facts
  • MLX - ironware_command, ironware_config, ironware_facts

All modules are available in the current GA version of Ansible (2.7), except for voss_config. That one proved a bit trickier for me to write, and I didn’t get it done in time for the 2.7 cutoff. That one is an open Pull Request against the Ansible devel branch. That should get reviewed and merged soon. It will then make its way into the next GA release. You can of course use the code direct from my branch in the meantime.

All modules use the network_cli plugin. See Platform Options for general information about how to use this connection type.

Thanks to Continue reading

Ansible – Don’t be Afraid of a Little Python

This year I’ve written several Ansible modules. It wasn’t that hard, yet some people claimed they had been waiting “years” for those modules. There was nothing stopping anyone else doing it, yet they hadn’t. There’s a weird reticence amongst network engineers to learn or write any code, even when it could make a large difference to their job. People either do nothing, or they create complex Ansible playbooks to work around their reluctance to write Python. It’s not that scary. Why don’t people put in a bit of effort?

Don’t be Afraid of a Little Python

Ansible playbooks use YAML, a somewhat human-readable markup language. These are instructions for “what” Ansible should do - e.g. “Use the Cisco ios_config module to ensure that this configuration line is present."

The underlying modules use Python. These are the “how” - they take the instructions from the playbooks, and turn those into device connections to devices, making configuration changes, checking state, etc.

Some people look at these modules as a mystery black box that only the vendor can write. They think that the only way they can interact with Ansible is via playbooks.

This leads to two situations:

1/ Twiddling thumbs Continue reading

Ansible – Don’t be Afraid of a Little Python

This year I’ve written several Ansible modules. It wasn’t that hard, yet some people claimed they had been waiting “years” for those modules. There was nothing stopping anyone else doing it, yet they hadn’t. There’s a weird reticence amongst network engineers to learn or write any code, even when it could make a large difference to their job. People either do nothing, or they create complex Ansible playbooks to work around their reluctance to write Python. It’s not that scary. Why don’t people put in a bit of effort?

Don’t be Afraid of a Little Python

Ansible playbooks use YAML, a somewhat human-readable markup language. These are instructions for “what” Ansible should do - e.g. “Use the Cisco ios_config module to ensure that this configuration line is present."

The underlying modules use Python. These are the “how” - they take the instructions from the playbooks, and turn those into device connections to devices, making configuration changes, checking state, etc.

Some people look at these modules as a mystery black box that only the vendor can write. They think that the only way they can interact with Ansible is via playbooks.

This leads to two situations:

1/ Twiddling thumbs Continue reading

CCIE – Should I Renew?

It is 6 years since I passed the CCIE Lab Exam. The dreaded email has arrived:

CCIE: Your CCIE status is ‘suspended’ and you need to recertify in twelve months.

Time to re-evaluate what the CCIE means to me. Should renew it? Should people start out on the CCIE track now? My opinions have shifted over the years.

Should I Renew?

I’ve been through this cycle a few times now. I’m getting closer to Emeritus, but it’s still a few years away.

My career has shifted over the last few years. I work for a Network Vendor, but networking is only part of what I do. I am a Product Manager, focused on automation. I spend very little time looking at network devices, or CLI. I spend my time talking to customers, updating roadmaps, writing Python, reviewing Pull Requests.

My future will be working with technologies like Serverless Computing, IoT, and Edge.

CCIE R&S doesn’t cover any of that.

It is unlikely that I will ever work as a traditional hands-on network engineer again. Not impossible, but unlikely. I doubt that any future employer will care about whether I have a current CCIE certification. At this point my experience Continue reading

CCIE – Should I Renew?

It is 6 years since I passed the CCIE Lab Exam. The dreaded email has arrived:

CCIE: Your CCIE status is ‘suspended’ and you need to recertify in twelve months.

Time to re-evaluate what the CCIE means to me. Should renew it? Should people start out on the CCIE track now? My opinions have shifted over the years.

Should I Renew?

I’ve been through this cycle a few times now. I’m getting closer to Emeritus, but it’s still a few years away.

My career has shifted over the last few years. I work for a Network Vendor, but networking is only part of what I do. I am a Product Manager, focused on automation. I spend very little time looking at network devices, or CLI. I spend my time talking to customers, updating roadmaps, writing Python, reviewing Pull Requests.

My future will be working with technologies like Serverless Computing, IoT, and Edge.

CCIE R&S doesn’t cover any of that.

It is unlikely that I will ever work as a traditional hands-on network engineer again. Not impossible, but unlikely. I doubt that any future employer will care about whether I have a current CCIE certification. At this point my experience Continue reading

IXP Graphs are an Eyesore

Too many IXPs (and networkers in general) are using horrible outdated methods of graphing data. These are an ugly eyesore, and should be updated to something from this century. Big IXPs in particular have no excuse: they have the resources to do better.

IXPs: Invest, Spend, Drop Prices?

Two years ago Dave Temkin from Netflix presented at NANOG 67, talking about The Real Cost of Public IXPs (warning: PDF).

This caused a bit of a stir. As El Reg put it:

[According to Dave Temkin] The internet exchange industry is ripping customers off, charging too much for features people don’t need, and spending millions on staff salaries, unnecessary marketing and social events.

You can argue amongst yourselves as to how much IXPs should invest, how closely their port prices should track transit costs, etc. Or maybe you just like all the free drinks, dammit.

I think that if they’re going to spend money rather than reduce prices, they should spend it on something I care about: Data visualization. Most IXPs traffic graphs are an eyesore, they’re outdated, and it’s time they were fixed.

Ugly Eyesores

Here’s some typical traffic graphs from some of the biggest IXPs in the world:

DE-CIX

Continue reading

IXP Graphs are an Eyesore

Too many IXPs (and networkers in general) are using horrible outdated methods of graphing data. These are an ugly eyesore, and should be updated to something from this century. Big IXPs in particular have no excuse: they have the resources to do better.

IXPs: Invest, Spend, Drop Prices?

Two years ago Dave Temkin from Netflix presented at NANOG 67, talking about The Real Cost of Public IXPs (warning: PDF).

This caused a bit of a stir. As El Reg put it:

[According to Dave Temkin] The internet exchange industry is ripping customers off, charging too much for features people don’t need, and spending millions on staff salaries, unnecessary marketing and social events.

You can argue amongst yourselves as to how much IXPs should invest, how closely their port prices should track transit costs, etc. Or maybe you just like all the free drinks, dammit.

I think that if they’re going to spend money rather than reduce prices, they should spend it on something I care about: Data visualization. Most IXPs traffic graphs are an eyesore, they’re outdated, and it’s time they were fixed.

Ugly Eyesores

Here’s some typical traffic graphs from some of the biggest IXPs in the world:

DE-CIX

Continue reading

1 2 3 9