0

Juniper Release Process 2024 Redux

I’ve written before about choosing a Juniper version. Juniper has a new release process. Well, two actually - the new official process, and what they’re actually doing…

First the good bits. Juniper started a new release process in 2023. Key points:

• Numbering format remains the same - “<year>.<quarter>.R<release number>-S<service release>”
• New feature releases are only twice a year, in June & December - “YY.2” and “YY.4”. Not quarterly.
• No more “R3” maintenance releases - just the initial R1 release, then a later R2 release.
• Service Releases “-Sx” continue.

I like the new process. It simplifies the versions they have to maintain. We used to say that you should wait for the R3 release, but really there’s no difference between R3 and R2-S3. Now Juniper doesn’t have to maintain the quarterly releases, and all the maintenance and service releases below them. It avoids the confusion that happened when they kept patching -R2, even after releasing R3.

But here’s the thing with a simplified release process: you’ve got no excuses for not delivering. I have no issue with 6-monthly feature releases. But it feels like they’re doing annual releases these days.

Look at the current download page for Continue reading

0

Go as another automation language 000. The Beginning.

Dear friend,

It’s been a while since I’ve blogged for the last time. Probably it was too long since I’ve blogged. But, here I am back, with some new ideas and fresh perspectives. One of the key new idea is usage of Go, which I’m actively picking up now. And just shortly I will tell you why.

Do You Still Use Python?

We absolutely do. In fact, we not only using it, but also teaching it from the perspective of network automation. In our flagship training Zero-to-Hero Network Automation Training we guide you the whole way from having little to no theoretical knowledge and practical skills to a good level of developing automation software with Python. Python is at heart of many purpose-built network (and not only) automation systems, such as NetBox, StackStorm and many others. It’s ecosystem is vast and there are no signs of it slowing down. Therefore, getting good exposure to Python from Network Automation perspective is a good step to increase your own value and secure your job place looking forward. To be brutally honest, any network engineering role nowadays requires Python and/or Ansible knowledge, so don’t pass by.

Here is what we have to offer Continue reading

0

TrueNAS, a Linux Distro for Low Cost Network-Attached Storage

Network Attached Storage (NAS) is a great way to build out storage for your business. Instead of relying solely on external drives, shared directories or expensive cloud storage, why not deploy a tool that was created specifically for scalable storage? That’s where TrueNAS comes into play. TrueNAS is a take on Linux that is purpose-built for storage and comes with all the NAS capabilities you can imagine. TrueNAS can be installed on off-the-shelf hardware (even small form-factor PCs or virtual machines), so your storage server can be tucked out of the way. This storage solution includes features like: User/group management Alerts SSH connectivity 2-Factor authentication Storage pools Snapshots Disks (and disk importing) Support for directory services such as Active Directory, LDAP, NIS, and Kerberos Sharing via Apple Shares, Block Shares, UNIX Shares, WebDAV, and SMB Service management Plugins Jails Virtual Machines Shell access The installation of TrueNAS is all text-based but is incredibly simple to take care of and takes very little time. With minimal configuration work for the installation, I had an instance of TrueNAS up and running within about 2 minutes. The only thing you need to do is set a root password during the installation, which is Continue reading

0

Running Cisco IOL Devices in Containerlab

Containerlab v0.58.0 supports running Cisco IOL images, which is something I was very much looking forward to. IOL nodes are an implementation of Cisco IOS-XE that does not run as a full virtual machine. Therefore, the IOL nodes generally consume much less CPU and memory.

Containerlab already has great documentation on how to use Cisco IOL devices, but I'll cover it here as well for any of my readers who are interested. You can check out the official documentation for more info.

If you have Cisco CML (you may need version 2.7 or later), it should include the IOL images. You'll need to use vrnetlab to convert the binary file into a Docker container, which can then be used within Containerlab like any other container/image.

First, I have downloaded these two Cisco IOL files to the Downloads folder. One for L3 and another one for L2.

• x86_64_crb_linux-adventerprisek9-ms
• x86_64_crb_linux_l2-adventerprisek9-ms.bin

Next, clone the hellt/vrnetlab repository to your local machine.

git clone https://github.com/hellt/vrnetlab.git

Then, copy these two images into the vrnetlab/cisco/iol directory Continue reading

0

Hedge 248: Procrastination

Do you procrastinate too much? I know I do. Why do we procrastinate, and what strategies can we use to stop it? Terry Kim joins Eyvonne Sharp and Russ White to consider procrastination.
 

 
download

0

HN755: Optimizing Ethernet to Meet AI Infrastructure Demands

Ethernet competes with InfiniBand as a network fabric for AI workloads such as model training. One issue is that AI jobs don’t tolerate latency, drops, and retransmits. In other words, AI workloads do best with a lossless network. And while Ethernet has kept up with increasing demands to support greater bandwidth and throughput, it was... Read more »

0

AI Should Be Concise

One of the things that I’ve noticed about the rise of AI is that everything feels so wordy now. I’m sure it’s a byproduct of the popularity of ChatGPT and other LLMs that are designed for language. You’ve likely seen it too on websites that have paragraphs of text that feel unnecessary. Maybe you’re looking for an answer to a specific question. You could be trying to find a recipe or even a code block for a problem. What you find is a wall of text that feels pieced together by someone that doesn’t know how to write.

The Soul of Wit

I feel like the biggest issue with those overly word-filled answers comes down to the way that people feel about unnecessary exposition. AI is built to write things on a topic and fill out word count. Much like a student trying to pad out the page length for a required report, AI doesn’t know when to shut up. It specifically adds words that aren’t really required. I realize that there are modes of AI content creation that value being concise but those are the default.

I use AI quite a bit to summarize long articles, many of which Continue reading

0

Elephants in tunnels: how Hyperdrive connects to databases inside your VPC networks

With September’s announcement of Hyperdrive’s ability to send database traffic from Workers over Cloudflare Tunnels, we wanted to dive into the details of what it took to make this happen.

Accessing your data from anywhere in Region Earth can be hard. Traditional databases are powerful, familiar, and feature-rich, but your users can be thousands of miles away from your database. This can cause slower connection startup times, slower queries, and connection exhaustion as everything takes longer to accomplish.

Cloudflare Workers is an incredibly lightweight runtime, which enables our customers to deploy their applications globally by default and renders the cold start problem almost irrelevant. The trade-off for these light, ephemeral execution contexts is the lack of persistence for things like database connections. Database connections are also notoriously expensive to spin up, with many round trips required between client and server before any query or result bytes can be exchanged.

Hyperdrive is designed to make the centralized databases you already have feel like they’re global while keeping connections to those databases hot. We use our global network to get faster routes to your database, keep connection pools primed, and cache your most frequently run queries as close to users Continue reading

0

Public Videos: Active-Active and DR Data Centers

I had a Disaster Recovery Myths and Reality talk at the DEEP conference yesterday. The presentation is already online, but unfortunately, not everyone made it to Zadar (your loss, but I get it).

To counteract that, I made the first part of the Designing Active-Active and Disaster Recovery Data Centers webinar public. Hope you’ll like it.

0

VSCode Debug Python CLI Program

https://codingpackets.com/blog/vscode-debug-python-cli-program

0

TL006: From Blame to Empowerment: Changing Team Culture in Tech

Leadership has a huge impact on an organization’s culture, including tech teams. On the positive side, leaders can foster healthy, productive environments. On the negative side, they can build hostile, blame-centric viper pits. Today’s episode of Technically Leadership examines how to strive for the positive by shielding teams from internal politics, developing empathetic leadership, distinguishing... Read more »

0

Durable Objects aren’t just durable, they’re fast: a 10x speedup for Cloudflare Queues

Cloudflare Queues let a developer decouple their Workers into event-driven services. Producer Workers write events to a Queue, and consumer Workers are invoked to take actions on the events. For example, you can use a Queue to decouple an e-commerce website from a service which sends purchase confirmation emails to users. During 2024’s Birthday Week, we announced that Cloudflare Queues is now Generally Available, with significant performance improvements that enable larger workloads. To accomplish this, we switched to a new architecture for Queues that enabled the following improvements:

• Median latency for sending messages has dropped from ~200ms to ~60ms

• Maximum throughput for each Queue has increased over 10x, from 400 to 5000 messages per second

• Maximum Consumer concurrency for each Queue has increased from 20 to 250 concurrent invocations

^{Median latency drops from ~200ms to ~60ms as Queues are migrated to the new architecture}

In this blog post, we'll share details about how we built Queues using Durable Objects and the Cloudflare Developer Platform, and how we migrated from an initial Beta architecture to a geographically-distributed, horizontally-scalable architecture for General Availability.

When initially designing Cloudflare Queues, we decided to build something simple that we could get Continue reading

0

Billions and billions (of logs): scaling AI Gateway with the Cloudflare Developer Platform

With the rapid advancements occurring in the AI space, developers face significant challenges in keeping up with the ever-changing landscape. New models and providers are continuously emerging, and understandably, developers want to experiment and test these options to find the best fit for their use cases. This creates the need for a streamlined approach to managing multiple models and providers, as well as a centralized platform to efficiently monitor usage, implement controls, and gather data for optimization.

AI Gateway is specifically designed to address these pain points. Since its launch in September 2023, AI Gateway has empowered developers and organizations by successfully proxying over 2 billion requests in just one year, as we highlighted during September’s Birthday Week. With AI Gateway, developers can easily store, analyze, and optimize their AI inference requests and responses in real time.

With our initial architecture, AI Gateway faced a significant challenge: the logs, those critical trails of data interactions between applications and AI models, could only be retained for 30 minutes. This limitation was not just a minor inconvenience; it posed a substantial barrier for developers and businesses needing to analyze long-term patterns, ensure compliance, or simply debug over more extended periods.

In Continue reading

0

Build durable applications on Cloudflare Workers: you write the Workflows, we take care of the rest

Workflows, Cloudflare’s durable execution engine that allows you to build reliable, repeatable multi-step applications that scale for you, is now in open beta. Any developer with a free or paid Workers plan can build and deploy a Workflow right now: no waitlist, no sign-up form, no fake line around-the-block.

If you learn by doing, you can create your first Workflow via a single command (or visit the docs for the full guide):

npm create cloudflare@latest workflows-starter -- \
  --template "cloudflare/workflows-starter"

Open the src/index.ts file, poke around, start extending it, and deploy it with a quick wrangler deploy.

If you want to learn more about how Workflows works, how you can use it to build applications, and how we built it, read on.

Workflows—which we announced back during Developer Week earlier this year—is our take on the concept of “Durable Execution”: the ability to build and execute applications that are durable in the face of errors, network issues, upstream API outages, rate limits, and (most importantly) infrastructure failure.

As over 2.4 million developers continue to build applications on top of Cloudflare Workers, R2, and Workers AI, we’ve noticed more developers building multi-step applications and workflows Continue reading

0

How Does Netlab Deal with Server Reboots?

Now and then, someone asks how netlab deals with reboots (or power failures or crashes) of the server it’s running on.

TL&DR: It doesn’t. However…

netlab is a CLI command that acts as an umbrella orchestration layer for Vagrant and Containerlab. It does not run as a cron job, init script, or service and thus cannot be invoked when a server is booted.

0

NAN077: Network Observability: Tools, Automation, and Insights

Network optimization starts with observing, but how are networks observed and what tools are used? Joining the podcast today are the authors behind the book “Modern Network Observability.” Eric Chou welcomes David Flores, Christian Adell, and Josh VanDeraa to help uncover practical strategies and real-world case studies for network observability. Episode Guests: David Flores, Christian... Read more »

0

D2DO254: Intelligent Data Infrastructure: How NetApp Builds for Performance, Security, and Visibility across Clouds (Sponsored)

Enterprise data is everywhere: on prem, at the edge, and across the public cloud. Storing and managing that data involves more than just SSDs and spinning disks; it’s about building and operating a data infrastructure. On today’s Day Two DevOps podcast, host Ned Bellavance explores the idea of data infrastructure with Jeff Baxter, VP of... Read more »

0

Management Toolkit: SMART Goals

In the last post we discussed Management vs Leadership, now let’s start getting into some useful tools, traits, and behaviors for both managers and leaders. Starting us off will be SMART goals. SMART is an acronym for Specific Measurable Achievable Realistic and Time-based. Once you hear about SMART goals and what SMART goals represent it […]

0

Introducing Access for Infrastructure: SSH

BastionZero joined Cloudflare in May 2024. We are thrilled to announce Access for Infrastructure as BastionZero’s native integration into our SASE platform, Cloudflare One. Access for Infrastructure will enable organizations to apply Zero Trust controls in front of their servers, databases, network devices, Kubernetes clusters, and more. Today, we’re announcing short-lived SSH access as the first available feature. Over the coming months we will announce support for other popular infrastructure access target types like Remote Desktop Protocol (RDP), Kubernetes, and databases.

Organizations have embraced Zero Trust initiatives that modernize secure access to web applications and networks, but often the strategies they use to manage privileged access to their infrastructure can be siloed, overcomplicated, or ineffective. When we speak to customers about their infrastructure access solution, we see common themes and pain points:

• Too risky: Long-lived credentials and shared keys get passed around and inflate the risk of compromise, excessive permissions, and lateral movement

• Too clunky: Manual credential rotations and poor visibility into infrastructure access slow down incident response and compliance efforts

Some organizations have dealt with the problem of privileged access to their infrastructure by purchasing a Privileged Access Management (PAM) solution Continue reading

0

4.2 Tbps of bad packets and a whole lot more: Cloudflare’s Q3 DDoS report

Welcome to the 19th edition of the Cloudflare DDoS Threat Report. Released quarterly, these reports provide an in-depth analysis of the DDoS threat landscape as observed across the Cloudflare network. This edition focuses on the third quarter of 2024.

With a 296 Terabit per second (Tbps) network located in over 330 cities worldwide, Cloudflare is used as a reverse proxy by nearly 20% of all websites. Cloudflare holds a unique vantage point to provide valuable insights and trends to the broader Internet community.

• The number of DDoS attacks spiked in the third quarter of 2024. Cloudflare mitigated nearly 6 million DDoS attacks, representing a 49% increase QoQ and 55% increase YoY.

• Out of those 6 million, Cloudflare’s autonomous DDoS defense systems detected and mitigated over 200 hyper-volumetric DDoS attacks exceeding rates of 3 terabits per second (Tbps) and 2 billion packets per second (Bpps). The largest attack peaked at 4.2 Tbps and lasted just a minute.

• The Banking & Financial Services industry was subjected to the most DDoS attacks. China was the country most targeted by DDoS attacks, and Indonesia was the largest source of DDoS attacks.

To learn more about DDoS attacks and other types Continue reading