Logging in Python
How many times have you found yourself staring at your screen, surrounded by a sea of hastily added print statements, thinking "There's got to be a better way"? If you're like me, the answer is probably "more times than I'd care to admit."
Sick of finding myself in this situation more often than I'd like, I decided to take action. Python's default logging module is powerful, but it just didn't cut it for my needs. I was looking for something more.
Why Logging Matters
Before we dive in, let's look at why logging is crucial:
- Debugging: Logs provide a trail of breadcrumbs to track down issues.
- Monitoring: They help you understand your application's behavior.
- Auditing: Logs can serve as a record of important events or actions.
- Performance Tracking: You can use logs to identify bottlenecks and optimize your code.
Introducing PyLogger
With these benefits in mind, I set out to build a custom logging class that would meet all my requirements. The result is PyLogger, a Python logging class that aims to make logging both powerful and user-friendly.
Key Features
Below are some of the key features that make pylogger appealing:
- Flexible Continue reading
IPv6: Instructions for Use
Retirement obviously does not sit well with my friend Tiziano Tofoni; the English version of his IPv6 book just came out.
It is a bit sad, though, that we still need “how to use IPv6” books when the protocol is old enough to enjoy a nice glass of whiskey (in the US) trying to drown its sorrow at its slow adoption.
HN750: Under the Hood Of Palo Alto Networks Prisma Access Browser (Sponsored)
On today’s Heavy Networking, we discuss enterprise browsers with sponsor Palo Alto Networks. Most end users do the majority of their work in the browser these days. At the same time, more threats are coming in via the Web and Web-based apps. Palo Alto Networks recently launched its Prisma Access browser, a Chromium-based browser designed... Read more »Creating a Simple GUI Application with Python Tkinter
A few years ago, I used a simple application called 'TypeItIn'. It kept a small GUI window open with some buttons and labels. You could configure each label with your own text. If you wanted to type one of these texts into a window, all you needed to do was click on the label, and it would start typing the text into whatever window you opened. It was such a time-saver, especially if you had multiple texts that you often used.
Fast forward a few years, I really needed such a tool and then realized I knew a bit of Python, so I should be able to create the same functionality using Python. So, in this blog post, let's go through how you can create a simple GUI application with just a few lines of code.
What Is Tkinter?
Tkinter is the standard GUI toolkit for Python, providing a fast and easy way to create simple GUI applications. It is built into Python, so there’s no need to install anything separately if you already have Python.
Tkinter is widely used due to its simplicity and the vast availability of widgets like buttons, menus, and text fields, which help Continue reading
TNO003: DevOps, NetOps, and Batman – Part 1
Do you know what DevOps is? Really? And how well does it fit traditional NetOps? Host Scott Robohn and guest Tom McGonagle explore ways to apply DevOps to Network Engineering and Operations. They review the seven DevOps practices and Tom’s proposed adaptations of DevOps under the banner of GitNops. This is the first part of... Read more »Hedge 244: Networks for AI
What are the requirements for running AI workloads over a data center fabric? Why is InfiniBand so popular for building AI networks? What about Ethernet for AI? Jeff Tantsura joins Tom Ammon and Russ White to discuss networks for AI workloads.
Removing uncertainty through “what-if” capacity planning
Infrastructure planning for a network serving more than 81 million requests at peak and which is globally distributed across more than 330 cities in 120+ countries is complex. The capacity planning team at Cloudflare ensures there is enough capacity in place all over the world so that our customers have one less thing to worry about - our infrastructure, which should just work. Through our processes, the team puts careful consideration into “what-ifs”. What if something unexpected happens and one of our data centers fails? What if one of our largest customers triples, or quadruples their request count? Across a gamut of scenarios like these, the team works to understand where traffic will be served from and how the Cloudflare customer experience may change.
This blog post gives a look behind the curtain of how these scenarios are modeled at Cloudflare, and why it's so critical for our customers.
Scenario planning and our customers
Cloudflare customers rely on the data centers that Cloudflare has deployed all over the world, placing us within 50 ms of approximately 95% of the Internet-connected population globally. But round-trip time to our end users means little if those data centers don’t have the capacity Continue reading
Cloudflare incident on September 17, 2024
On September 17, 2024, during routine maintenance, Cloudflare inadvertently stopped announcing fifteen IPv4 prefixes, affecting some Business plan websites for approximately one hour. During this time, IPv4 traffic for these customers would not have reached Cloudflare, and users attempting to connect to websites assigned addresses within those prefixes would have received errors.
We’re very sorry for this outage.
This outage was the result of an internal software error and not the result of an attack. In this blog post, we’re going to talk about what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.
Background
Cloudflare assembled a dedicated Addressing team in 2019 to simplify the ways that IP addresses are used across Cloudflare products and services. The team builds and maintains systems that help Cloudflare conserve and manage its own network resources. The Addressing team also manages periodic changes to the assignment of IP addresses across infrastructure and services at Cloudflare. In this case, our goal was to reduce the number of IPv4 addresses used for customer websites, allowing us to free up addresses for other purposes, like deploying infrastructure in new locations. Since IPv4 addresses are a finite Continue reading
Repost: Building Layer-3-Only EVPN Lab
In early August, I published step-by-step instructions for a lab you can use to explore how to implement pure L3VPN with an EVPN control plane.
How Cloudflare is helping domain owners with the upcoming Entrust CA distrust by Chrome and Mozilla
Chrome and Mozilla announced that they will stop trusting Entrust’s public TLS certificates issued after November 12, 2024 and December 1, 2024, respectively. This decision stems from concerns related to Entrust’s ability to meet the CA/Browser Forum’s requirements for a publicly trusted certificate authority (CA). To prevent Entrust customers from being impacted by this change, Entrust has announced that they are partnering with SSL.com, a publicly trusted CA, and will be issuing certs from SSL.com’s roots to ensure that they can continue to provide their customers with certificates that are trusted by Chrome and Mozilla.
We’re excited to announce that we’re going to be adding SSL.com as a certificate authority that Cloudflare customers can use. This means that Cloudflare customers that are currently relying on Entrust as a CA and uploading their certificate manually to Cloudflare will now be able to rely on Cloudflare’s certificate management pipeline for automatic issuance and renewal of SSL.com certificates.
CA distrust: responsibilities, repercussions, and responses
With great power comes great responsibility Every publicly trusted certificate authority (CA) is responsible for maintaining a high standard of security and compliance to ensure that the certificates they issue are trustworthy. Continue reading
IPB160: The Making of RFC 9637 – IPv6 Documentation Prefix
IPv6 Buzz welcomes back Nick Buraglio, a frequent guest, to discuss RFC 9637. We get into the details of RFC 9637, which describes the new documentation prefix space for IPv6. We also explore the process of how RFCs go from idea to standard in the IETF. (Cue the “I’m Just a Bill” song from Schoolhouse... Read more »Custom netlab Reports
A previous blog post described how you can use the netlab report functionality to generate addressing, wiring, BGP, and OSPF reports from a running lab. But what could you do if you need a report that doesn’t exist yet? It’s straightforward to define one (what else did you expect?).
Let’s create the report I used in the EVPN Hub-and-Spoke Layer-3 VPN blog post to create the VRF table.
D2DO251: AI For the Rest of Us – New Conference Alert!
AI is everywhere. So are questions about AI’s value, how it really works, and how it will affect technology. Hannah Foxwell aims to demystify AI via a new conference, AI for the Rest of Us, taking place October 24-25, 2024 in London. Hannah hopes to create a collaborative learning environment. In today’s Day Two DevOps... Read more »EVPN Hub-and-Spoke Layer-3 VPN
Now that we figured out how to implement a hub-and-spoke VPN design on a single PE-router, let’s do the same thing with EVPN. It turns out to be trivial:
- We’ll split the single PE router into three PE devices (pe_a, pe_b, and pe_h)
- We’ll add a core router (p) and connect it with all three PE devices.
As we want to use EVPN and have a larger core network, we’ll also have to enable VLANs, VXLAN, BGP, and OSPF on the PE devices.
This is the topology of our expanded lab:
PP031: Cloud Firewall Architecture Essentials
Today on Packet Protector we look at cloud firewall architectures. If you’ve deployed firewalls in the campus or a data center, it’s useful to know that there are differences in the public cloud. We’ll dive into what you need to know, including deployment options, the role of high availability in public cloud, selecting the right... Read more »HW036: eduroam Visitor Access (eVA): Simplifying Campus Guest Wi-Fi Access
In today’s episode, guest Cheryl Connell joins host Keith Parsons to talk about the eduroam Visitor Access (eVA) system. Cheryl explains that eVA is a free add-on for institutions with an existing eduroam setup, allowing them to create temporary usernames and passwords for guests without needing a separate guest network. They discuss the challenges of... Read more »Hub-and-Spoke VPN on a Single PE-Router
Yesterday’s blog post discussed the traffic flow and the routing information flow in a hub-and-spoke VPN design (a design in which all traffic between spokes flows through the hub site). It’s time to implement and test it, starting with the simplest possible scenario: a single PE router using inter-VRF route leaking to connect the VRFs.
How to Use GitPython to Manage Git Repositories?
I know what you're thinking, we usually manage our Python code via Git to track changes, but what do I mean by using GitPython to manage Git repositories? I recently faced a situation where I needed to automate a Git workflow. This includes pulling the latest changes from a Git repository, creating a branch, making some changes, viewing the diff, committing, and then pushing my branch back to the remote repository.
Doing this repeatedly was time-consuming, and I figured there must be a way to automate this. With Python, virtually anything is possible. I found a Python library called 'GitPython' that does exactly this. So, let's get to it.
What Is GitPython?
GitPython is a Python library that lets you work with Git repositories. It allows you to manage Git tasks using Python code, making it easy to automate things like commits, branches, and pushes without using the command line. This is useful for automating repetitive Git tasks directly from Python.
For example, you can use it to pull the latest updates from a repository, create new branches, and commit to your changes. It also provides a way to view diffs, so you can see what has changed Continue reading
NB495: Fortinet Customer Data Stolen; Boeing to Test Quantum Entanglement Networking
Take a Network Break! This week we discuss the theft of 440Gbytes of customer data from a Fortinet cloud repository, how to think about resiliency after an AT&T network update kills access to Azure apps, and new troubleshooting features in Juniper Apstra. HPE goes to the bond market to raise as much as $6.5 billion... Read more »Hub-and-Spoke VPN Topology
Hub-and-spoke topology is by far the most complex topology I’ve ever encountered in the MPLS/VPN (and now EVPN) world. It’s used when you want to push all the traffic between sites attached to a VPN (spokes) through a central site (hub), for example, when using a central firewall.
You get the following diagram when you model the traffic flow requirements with VRFs. The forward traffic uses light yellow arrows, and the return traffic uses dark orange ones.