Author Archives: Ivan Pepelnjak
Author Archives: Ivan Pepelnjak
Long story short: I’m launching Ansible for Networking Engineers self-paced course today. It’s already online and you can start whenever you wish.
Now for the details…
Isn’t there already an Ansible for Networking Engineers webinar? Yes.
So what’s the difference? Glad you asked ;)
Read more ...During Shawn Zandi’s presentation describing large-scale leaf-and-spine fabrics I got into an interesting conversation with an attendee that claimed it might be simpler to replace parts of a large fabric with large chassis switches (largest boxes offered by multiple vendors support up to 576 40GE or even 100GE ports).
As always, you have to decide between implicit and explicit complexity.
Read more ...Last week I published self-study exercises for the YAML and Jinja2 modules in the Ansible for Networking Engineers webinars, and a long list of review questions for the Using Ansible and Ansible Deeper Dive sections.
I also reformatted the webinar materials page. Hope you’ll find the new format easier to read than the old one (it’s hard to squeeze over 70 videos and links on a single page ;).
Oh, and you do know you get Ansible webinar (and over 50 other webinars) with ipSpace.net subscription, right?
Michael Klose left an interesting remark on my Regional Internet Exits in Large DMVPN Deployment blog post saying…
Would BGP communities work? Each regional Internet Exit announce Default Route with a Region Community and all spokes only import default route for their specific region community.
That approach would definitely work. However, you have to decide where to move the complexity.
Read more ...Mitja Robas started his PowerShell for Networking Engineers presentation with a brief introduction to PowerShell and a few simple hands-on examples. Enjoy the videos ;)
Neil Anderson collected career advice from 111 IT industry gurus (just getting all of them to respond must have been monumental effort). Well worth reading ;)
One of my readers sent me a lengthy email describing his NSX-versus-ACI views. He started with [slightly reworded]:
What I want to do is to create customer templates to speed up deployment of application environments, as it takes too long at the moment to set up a new application environment.
That’s what we all want. How you get there is the interesting part.
Read more ...The first half of 2017 is almost gone, so it’s time to check how far I got with the plans I made in January.
Delivered:
A while ago I sent out an email to my SDN and network automation mailing list (join here) asking whether anyone uses Open Daylight in anything close to a production environment (because I haven’t ever seen one).
Among many responses saying “not here” I got a polite email from VP of Marketing working for a company that sells OpenDaylight-related services listing tons of customer deployments (no surprise there).
Read more ...OpenConfig sounds like a great idea, but unfortunately only a few vendors support it, and it doesn’t run on all their platforms, and you need the latest-and-greatest software release. Not exactly a set of conditions that would encourage widespread adoption.
Things might change with the OpenConfig data models supported in NAPALM. Imagine you could parse router configurations or show printouts into OpenConfig data structures, or use OpenConfig to configure Cisco IOS routers running a decade old software.
Read more ...The work of editing transcripts of my two switches presentation is (very slowly) moving forward. In the fourth part of the Optimize Your Data Center Infrastructure series I’m talking about reducing the number of uplinks.
I’m getting plenty of emails from not-so-very-young networking engineers trying to make career transitions. I got this one from a CCIE in his mid-40s:
Would you think the SDN and Data Center paths would be suitable for a long standing engineer?
Absolutely. It's just networking, although it's sometimes disguised a bit.
This article was initially sent to my Network Automation mailing list.
Read more ...Everyone loves talking about cloud security (or lack thereof) and focuses on protecting workloads, data in the cloud… but have you ever asked the question “how protected is the cloud management API?”
Read more ...The spring craziness is still in full swing – we’ll have three webinars this week (a first) and I was so busy I didn’t even have time to write about them. Let’s fix that.
Data Center Updates on Monday is the second part of server virtualization, virtual machines and containers update to Data Center 3.0 webinar. We covered virtual machines in the last session (April 25th), this time we’ll talk about containers.
David Barroso (now at Fastly) will talk about NAPALM in Ansible on Tuesday.
Read more ...Do you have the feeling that you should know more about network automation, but don't know where to start? I was facing that same problem in 2015, and then started exploring Ansible (plus YAML, Jinja2, Git, Puppet…), creating small playbooks, and finally came to a point where I said "now I know that you can have a small solution solving an actual problem ready in a few weeks even if you know absolutely nothing today".
Read more ...One of my readers wanted to implement a large DMVPN cloud with regional Internet exit points:
We need to deploy a regional Internet exits and I’d like to centralize them. Each location with a local Internet exit will be in a region and that location will advertise a default-route into the DMVPN domain to only those spokes in that particular region.
He wasn’t particularly happy with the idea of deploying access and core DMVPN clouds:
Read more ...A great essay by Bruce Schneier about (lack of) security in IoT and why things won’t improve without some serious intervention.
One of my readers sent me a few questions about the leaf-and-spine fabric architectures webinar because (in his own words)
We have some projects 100% matching these contents and it would be really useful this extra feedback, not just from consultants and manufacturer.
When I explained the details he followed up with:
Now, I expect in one or two weeks to find some days to be able to follow this webinar in a profitable way, not just between phone calls and emails.
That’s not how it works.
Read more ...Network automation and orchestration is a great idea… but how do you verify that what your automation script wants to do won’t break the network? In Episode 78 of Software Gone Wild we discussed the intricacies of testing network automation solutions with Kristian Larsson (developer of Terastream orchestration softare) and David Barroso of the NAPALM and SDN Internet Router fame.
Read more ...One of my readers sent me this question:
Other than using Excel (and of course an automation tool) any suggestions for a tool to create device config for some 200 customer VRFs from a standard template?
You need three things to get the job done:
Read more ...