Visual Studio Code Snippets
https://codingpackets.com/blog/visual-studio-code-snippets
Automation 17. Using Operational Commands via NETCONF at Nokia SR OS in Sequential Mode
Dear friend,
After a bit of break caused by preparation to Kubernetes exams (we will continue blogs about Kubernetes as well) we are getting back to network and network automation topics. One of the interesting things, which is gradually emerging these days, is the possibility to manage multiple aspects of network devices (not only configuration or collection of operational data), such us issuing ping/traceroute checks, copying file, etc in a model-drive way (i.e., NETCONF, RESTCONF, GNMI with YANG). Today we are going to look into such a topic.
2
3
4
5
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.
Is that About Model-Driven Automation?
It is exactly that. NETCONF/YANG all the things, my friend! Usage of model-driven network automation significantly improves the stability and manageability of the network due to much simpler way to perform all the operations remotely. You don’t need to scrape and parse CLI anymore; instead, you interact with network devices via programmable API, what makes it possible to integrate them Continue reading
Why Kubernetes And Containerization?
There’s a general consensus in today’s tech world: “Use Kubernetes.” But why? Why jump into Kubernetes if you’re already running production-level workloads on virtual machines? Why change what your engineering team has been doing for ten years that works just fine? Why have engineers learn a new technology that may take time to implement? In […]
The post Why Kubernetes And Containerization? appeared first on Packet Pushers.
Service Mesh & Ingress In Kubernetes Lesson 8: Deploying An Ingress & Service Mesh For Production
This video walks you through installing an ingress controller and the Istio service mesh in a production cloud environment. Michael Levan brings his background in system administration, software development, and DevOps to this video series. He has Kubernetes experience as both a developer and infrastructure engineer. He’s also a consultant and Pluralsight author, and host […]
The post Service Mesh & Ingress In Kubernetes Lesson 8: Deploying An Ingress & Service Mesh For Production appeared first on Packet Pushers.
Live next week: The CalicoCon + Cloud-Native Security Summit!
Tigera is delighted to present the annual CalicoCon + Cloud-Native Security Summit on December 7th, 2022, 9:45 a.m. – 4:00 p.m. PT. This is your chance to network with top cloud-native platform, security, DevOps, and site reliability engineer (SRE) teams, and explore real-world use cases with major players in the cloud-native industry.
Live, free, and fully virtual, the Summit gathers industry experts to explore the best practices for securing, observing, and troubleshooting cloud-native applications through real-world stories.
Who should attend?
The Summit is curated for security, DevOps, SRE, and platform architect teams in the cloud-native world.
- Security teams – Learn how to holistically secure your cloud-native applications using today’s best practices.
- DevOps and SRE teams – Find out how you can incorporate security and observability in your CI/CD pipeline to enable security, observability, and troubleshooting,
- Platform Architects – Learn architecture patterns and best practices to secure and troubleshoot cloud-native applications,
Speakers and sessions
From panels to workshops to fireside chats, the Summit offers a variety of interactive sessions. Here’s a quick peek at some of our speakers and sessions:
- Lyudmila Huzenko from Playtech will talk about Playtech’s journey with Calico toward GitOps network security management in Kubernetes.
- Tapas Continue reading
Cloudflare partners to simplify China connectivity for corporate networks
IT teams have historically faced challenges with performance, security, and reliability for employees and network resources in mainland China. Today, along with our strategic partners, we’re excited to announce expansion of our Cloudflare One product suite to tackle these problems, with the goal of creating the best SASE experience for users and organizations in China.
Cloudflare One, our comprehensive SASE platform, allows organizations to connect any source or destination and apply single-pass security policies from one unified control plane. Cloudflare One is built on our global network, which spans 275 cities across the globe and is within 50ms of 95% of the world’s Internet-connected population. Our ability to serve users extremely close to wherever they’re working—whether that’s in a corporate office, their home, or a coffee shop—has been a key reason customers choose our platform since day one.
In 2015, we extended our Application Services portfolio to cities in mainland China; in 2020, we expanded these capabilities to offer better performance and security through our strategic partnership with JD Cloud. Today, we’re unveiling our latest steps in this journey: extending the capabilities of Cloudflare One to users and organizations in mainland China, through additional strategic partnerships. Let’s break down Continue reading
Has Your Network Troubleshooting and Monitoring Platform Aged Out?
The move to hybrid work and remote access underscores why enterprises must be able to monitor and troubleshoot the network links between the cloud and employee devices.Azure Networking Update Is Completed
I planned to write a few interesting blog posts last week, but then got sucked into updating Azure Networking webinar. At least I got that completed 😊; the webinar materials now include these new Azure services:
I also added descriptions of numerous new features:
Azure Networking Update Is Completed
I planned to write a few interesting blog posts last week, but then got sucked into updating Azure Networking webinar. At least I got that completed 😊; the webinar materials now include these new Azure services:
I also added descriptions of numerous new features:
Network Break 409: Regulators Tap Brakes On Broadcom, VMware; Google Settles Location Tracking Charges For $392M
This week's Network Break podcast discusses UK and EU regulators wanting a closer look at Broadcom's VMware acquisition, Google settling with 40 US states over location tracking charges, and the FCC publishing responses from the 15 biggest US mobile providers regarding customer geolocation data tracking, plus even more IT news.
The post Network Break 409: Regulators Tap Brakes On Broadcom, VMware; Google Settles Location Tracking Charges For $392M appeared first on Packet Pushers.
Network Break 409: Regulators Tap Brakes On Broadcom, VMware; Google Settles Location Tracking Charges For $392M
This week's Network Break podcast discusses UK and EU regulators wanting a closer look at Broadcom's VMware acquisition, Google settling with 40 US states over location tracking charges, and the FCC publishing responses from the 15 biggest US mobile providers regarding customer geolocation data tracking, plus even more IT news.A simple BPFTrace to see TCP SendBytes as a Histogram
< MEDIUM: https://raaki-88.medium.com/a-simple-bpftrace-to-see-tcp-sendbytes-as-a-histogram-f6e12355b86c >
A significant difference between BCC and BPF is that BCC is used for complex analysis while BPF programs are mostly one-liners and are ad-hoc based. BPFTrace is an open-source tracer, reference below
https://ebpf.io/ — Excellent introduction to EBPF
https://github.com/iovisor/bpftrace — Excellent Resource.
Let me keep this short, we will try to use BPFTrace and capture TCP
We will need
- Netcat
- DD for generating a dummy 1GB File
- bpftrace installed
To understand the efficiency of this, let’s attach a Tracepoint, a Kernel Static Probe to capture all of the new processes that get triggered, imagine an equivalent of a TOP utility with means of reacting to the event at run-time if required
https://github.com/iovisor/bpftrace/blob/master/docs/reference_guide.md#probes — Lists out type of probes and their utility
We can clearly see we invoked a BPFTrace for tracepoint system calls which takes execve privilege, I executed the ping command and various other commands and you can see that executing an inbound SSH captured invoke of execve-related commands and the system banner.
sudo bpftrace -e 'tracepoint:syscalls:sys_enter_execve { join(args->argv); }'
Attaching 1 probe...
clear
ping 1.1.1.1 -c 1
/usr/bin/clear_console -q
/usr/sbin/sshd -D -o AuthorizedKeysCommand /usr/share/ec2-instance-connect/eic_run_authorized_keys %u Continue reading
Tech Bytes: Run On-Prem Infrastructure Like Public Cloud With vSphere+ (Sponsored)
Today’s Tech Bytes podcast, sponsored by VMware, dives into VMware’s vSphere+. vSphere+ allows you to operate your on-prem workloads and infrastructure as if they were a public cloud. It supports VMs and Kubernetes, and provides admin, developer, and add-on services delivered via SaaS.
The post Tech Bytes: Run On-Prem Infrastructure Like Public Cloud With vSphere+ (Sponsored) appeared first on Packet Pushers.