As engineers, we’re obsessed with efficiency and automating anything we find ourselves doing more than twice. If you’ve ever done this, you know that the happy path is always easy, but the second the inputs get complex, automation becomes really hard. This is because computers have traditionally required extremely specific instructions in order to execute.
The state of AI models available to us today has changed that. We now have access to computers that can reason, and make judgement calls in lieu of specifying every edge case under the sun.
That’s what AI agents are all about.
Today we’re excited to share a few announcements on how we’re making it even easier to build AI agents on Cloudflare, including:
agents-sdk
— a new JavaScript framework for building AI agents
Updates to Workers AI: structured outputs, tool calling, and longer context windows for Workers AI, Cloudflare’s serverless inference engine
An update to the workers-ai-provider for the AI SDK
We truly believe that Cloudflare is the ideal platform for building Agents and AI applications (more on why below), and we’re constantly working to make it better — you can expect to see more announcements from us in this space in the future.
The previous blog posts described how virtualization products create LAN segments and point-to-point links.
However, sometimes we need stub segments – segments connected to a single router or switch – because we don’t want to waste resources creating hosts attached to a network device, but would still prefer a more realistic mechanism than static routes to inject IP subnets into routing protocols.
Late last year Adam Angell shared a very thought provoking observation on the Network Automation Forum Slack channel, part rant, part shared experience, part lament. I want to quote a statement he makes that really struck me like a "Gibbs head slap". For me it seems easier to go from a Software dev(eloper) to come READ MORE
The post Whats DevOps got to do with it? appeared first on The Gratuitous Arp.
Pavel Odintsov published a series of introductory blog posts describing protocols we can use to collect network traffic telemetry:
These blog posts will not make you an expert but will give you an excellent overview of the telemetry landscape1.
Hint: more than enough to turn you into an instant AI-assisted LinkedIn garbage generator Thought Leader™ 😜 ↩︎
Before diving into the somewhat complex world of Artificial Intelligence (AI), let’s first consider what intelligence means from a human perspective. Judo, as a martial art, serves as a good—though not an obvious—example. I trained in judo for over 20 years. During that time, I learned which throwing techniques to use to take down an opponent efficiently by leveraging their movement energy and reactions. But how did I learn that? Through a supervised training process, where our coach first taught us the throwing techniques and the situations in which they work best. Then, we practiced them ourselves. Mastering these techniques requires thousands of repetitions before achieving perfection. Ultimately, timing and reaction to the opponent’s movements play a significant role in determining whether a throw is successful or not. After mastering several throwing technics, I was capable of apply them in the situation not necessarily to seen before.
How does this relate to Artificial Intelligence (AI)? AI is a broad term encompassing solutions that aim to mimic human brain functions. A subset of AI is Machine Learning (ML), which enables systems to make decisions based on input data without being explicitly programmed for each scenario. The driving force behind this Continue reading
As the title suggests, Palo Alto's clientless VPN allows users to access internal resources (HTTPS-based) without installing the GlobalProtect client. This is useful when you have an internal application that external contractors need to use, but they may not want to install a VPN client. All they need to do is open a browser, log in to your GlobalProtect portal, and access the applications directly. In this blog post, we'll go through the steps to configure Palo Alto Clientless VPN.
As always, if you find this post helpful, press the ‘clap’ button. It means a lot to me and helps me know you enjoy this type of content.
GlobalProtect Clientless VPN lets users securely access internal web applications from a browser without installing the GlobalProtect client. This is helpful for providing partners or contractors with access to specific internal applications. You can set up the GlobalProtect portal landing page to give users direct access to these applications.
Clientless VPN acts as a reverse proxy, intercepting and modifying web pages from internal applications before presenting them to remote users. When users access these URLs, their requests pass through the GlobalProtect portal.
Hello my friend,
As mentioned in the previous blogpost, we started talking about practical usage of Python and Go (Golang) for network and IT infrastructure automation. Today we’ll take a look how we can interact with any SSH-speaking device, whether it is a network device, server, or anything else.
Our ultimate goal is to make you successful with software developing for IT infrastructure management. Out blogs are the first step so that you can get up to speed if you already well equipped with fundamentals as protocols, data formats, etc. We believe that sharing is caring, hence we share back our knowledge with you, so that your path could be a little bit easier and quicker, so that you have more time to focus on what matters. If that’s enough for you to move forward, that’s great.
At the same time, if you feel you need more, you want to have finely-curated labs, slack support and deep dive not just in coding, but really in fundamentals, our training programs are here for you:
We offer the following training programs in network automation for you:
Trends in the global BGP table–the Default Free Zone (DFZ) table–can tell us a lot about the state of the global Internet. Is the Internet growing? Is IPv6 growing, or are we still in a world of “all things IPv4?” Geoff Huston joins Tom Ammon and Russ White to review the state of the routing table from 2024.
download
When I asked my readers what they would consider a good use case for EBGP multihop (thanks again to everyone who answered!), many suggested running BGP across a layer-3 firewall (Running BGP across a “transparent” (bump-in-the-wire) firewall is trivial). I turned that suggestion into a lab exercise in which you have to establish an EBGP multihop session across a “firewall” simulated by a Linux host.
If you haven’t set up your own lab infrastructure, click here to start the lab in your browser using GitHub Codespaces. After starting your codespace, change the directory to basic/e-ebgp-multihop
and execute netlab up.
Kubernetes has revolutionized cloud-native applications, but networking remains a crucial aspect of ensuring scalability, security, and performance. Default networking approaches, such as iptables-based packet filtering, often introduce performance bottlenecks due to inefficient packet processing and complex rule evaluations. This is where Calico eBPF comes into play, offering a powerful alternative that enhances networking efficiency and security at scale.
Kubernetes networking consists of two primary components:
Choosing the right data plane is critical for optimal performance. Factors such as cluster size, throughput, and security requirements should guide this choice. Poor networking choices can lead to congestion, excessive latency, and resource starvation.
Networking in Kubernetes is an abstract idea. While Kubernetes lays the foundation, your Container Networking Interface (CNI) is in charge of the actual networking. To better understand networking, we usually divide it into two sections: a control plane and a data plane.
Dmytro Shypovalov published another article well worth reading: why should you use an SDN controller for RSVP-TE. It covers:
Have fun!