Hacking Terraform
In a previous blog post, I talked about how Terraform's native capabilities don't fully cover comprehensive IP address management, which can make network configurations a bit tricky.
In this post, I’m going to dive into a practical approach for handling IP addresses in Terraform. I'll show you how to leverage an external data source and use a Python script to process IP address operations, then integrate the results back into Terraform.
Introduction to External Data Source
In Terraform, a data source allows you to retrieve information from external systems or services, which you can then use in your configurations. Unlike resources, which are used to manage the lifecycle of infrastructure components, data sources are read-only. They provide a way to fetch data that you might need when setting up or configuring your infrastructure. This is especially useful when you want to incorporate existing information without directly managing the components within your Terraform scripts.
A simple data source in Terraform looks like this:
data "external" "ip" {
id = "ip"
}Sample External Data Source
A lot of providers provide external data sources to interact with their systems and get configuration state. A data source in Terraform can range from a Continue reading
HN743: Leveraging AI for Network Automation at Scale (Sponsored)
AI is making its way into network automation. Maybe the thought of a hallucinating ChatGPT getting its six-fingered hands on your network makes you want to run the other way. But the story of AI for IT operations is more nuanced than the hot takes we get about the confidently dumb results that Large Language... Read more »The Hedge 237: What’s Wrong with Vendors?
Looking at changes in the market in the last ten years, it certainly seems like vendors work less toward innovation and more towards locking customers in to revenue streams. Chris Emerick, Dave Taht, and Russ White decided it’s time to talk about. What’s wrong with vendors? And since everything can’t be wrong with vendors, where are they doing the right thing?
download
A recent spate of Internet disruptions
Cloudflare Radar is constantly monitoring the Internet for widespread disruptions. In mid-July, we published our Q2 2024 Internet Disruption Summary, and here we examine several recent noteworthy disruptions detected in the first month of Q3, including traffic anomalies observed in Bangladesh, Syria, Pakistan, and Venezuela.
Bangladesh
Violent student protests in Bangladesh against quotas in government jobs and rising unemployment rates led the government to order the nationwide shutdown of mobile Internet connectivity on July 18, reportedly to “ensure the security of citizens.” This government-directed shutdown ultimately became a near-complete Internet outage for the country, as broadband networks were taken offline as well. At a country level, Internet traffic in Bangladesh dropped to near zero just before 21:00 local time (15:00 UTC). Announced IP address space from the country dropped to near zero at that time as well, meaning that nearly every network in the country was disconnected from the Internet.
However, ahead of this nationwide shutdown, we observed outages across several Bangladeshi network providers, perhaps foreshadowing what was to come. At AS24389 (Grameenphone), a complete Internet outage started at 01:30 local time on July 18 (19:30 UTC on July 17), with a total loss of both Internet Continue reading
A recent spate of Internet disruptions
Cloudflare Radar is constantly monitoring the Internet for widespread disruptions. In mid-July, we published our Q2 2024 Internet Disruption Summary, and here we examine recent several noteworthy disruptions detected in the first month of Q3, including traffic anomalies observed in Bangladesh, Syria, Pakistan, and Venezuela.
Bangladesh
Violent student protests in Bangladesh against quotas in government jobs and rising unemployment rates led the government to order the nationwide shutdown of mobile Internet connectivity on July 18, reportedly to “ensure the security of citizens.” This government-directed shutdown ultimately became a near-complete Internet outage for the country, as broadband networks were taken offline as well. At a country level, Internet traffic in Bangladesh dropped to near zero just before 21:00 local time (15:00 UTC). Announced IP address space from the country dropped to near zero at that time as well, meaning that nearly every network in the country was disconnected from the Internet.
However, ahead of this nationwide shutdown, we observed outages across several Bangladeshi network providers, perhaps foreshadowing what was to come. At AS24389 (Grameenphone), a complete Internet outage started at 01:30 local time on July 18 (19:30 UTC on July 17), with a total loss of both Internet Continue reading
Fat Pipe Transition Notification – August 2024
Hey, everyone. Ethan here with a behind-the-scenes administrative request. Several thousand of you subscribe to the Packet Pushers’ Fat Pipe. In the Fat Pipe, we’ve been stuffing every single podcast we produce. The problem is that we produce way too many shows–one almost every weekday–for the average podcast client to absorb them all. We can... Read more »Bytes from IETF 120 – A few Routing Topics
There was, as usual, a lot of work in the area of Inter-Domain Routing at IETF 120. There were a few routing-related topics that at IETF 120 that caught my attention.Bytes from IETF 120 – Deep Space IP
It has been an enduring fascination to see how we could use packet networking in the context of digital communications in space. Why can't we just use the IP protocol suite and declare success? The tricky issue with space is that it is really very big!Bytes from IETF 120 – DNS Topics
As usual, the recent IETF meeting contained a large set of topics related to the Domain Name Systems and its operation. Here's a quick rundown on some DNS topics that caught my eye.Bytes from IETF 120 – BBR 1,2,3
On the topic of TCP performance optimisation I’d like to dwell on one particular presentation from the ACM/IRTF Applied Networking Research Workshop held at IETF 120, "BBRv3 in the public Internet: a boon or a bane?"NAN069: Lessons On the Journey From NOC to Aerospace Networking
Today, Lexie Cooper shares her journey from a NOC environment to networking engineering in the aerospace industry. Along the way, the discussion makes stops at the importance of medium skills, and the role of humor and relatability in attracting and educating younger professionals in networking. Finally, Lexie relates her challenges when working on the New... Read more »Interesting: Crafting Endless AS Paths in BGP
Vincent Bernat documented a quirk I hope you’ll never see outside of a CCIE lab: combining BGP confederations with AS-override can generate endless AS paths.
I agree entirely with his conclusions (avoid both features). However, I still think that replacing an AS within the confederation part of an AS path (which should belong to a single well-managed AS) is not exactly the most brilliant idea I’ve seen.
PP024: Considering Resiliency in a Time of Global Outages
In the wake of one of the largest global IT outages, resiliency is the theme of today’s show. We dig into the CrowdStrike debacle as well as an Azure outage that kinda flew under the radar. We also look at the Resiliency Planning Framework Playbook from CISA and other frameworks for building resilient infrastructure. We... Read more »How the Paris 2024 Summer Olympics has impacted Internet traffic
The Paris 2024 Summer Olympics, themed “Games Wide Open” (“Ouvrons grand les Jeux”), kicked off on Friday, July 26, 2024, and will run until August 11. A total of 10,714 athletes from 204 nations, including individual and refugee teams, will compete in 329 events across 32 sports. This blog post focuses on the opening ceremony and the initial days of the event, examining associated impact on Internet traffic, especially in France, the popularity of Olympic websites by country, and the rise in Olympics-related spam and malicious emails.
Cloudflare has a global presence with data centers in over 320 cities, supporting millions of customers, which provides a global view of what’s happening on the Internet. This is helpful for improving security, privacy, efficiency, and speed, but also for observing Internet disruptions and traffic trends.
We are closely monitoring the event through our 2024 Olympics report on Cloudflare Radar and will provide updates on significant Internet trends as they develop.
An opening ceremony to remember
For the first time in modern Olympic history, the opening ceremony was held outside a stadium, lasting nearly four hours and clearly impacting Internet traffic in France. The nation’s engagement was evident during Continue reading
How the Paris 2024 Summer Olympics has impacted Internet traffic
The Paris 2024 Summer Olympics, themed “Games Wide Open” (“Ouvrons grand les Jeux”), kicked off on Friday, July 26, 2024, and will run until August 11. A total of 10,714 athletes from 204 nations, including individual and refugee teams, will compete in 329 events across 32 sports. This blog post focuses on the opening ceremony and the initial days of the event, examining associated impact on Internet traffic, especially in France, the popularity of Olympic websites by country, and the rise in Olympics-related spam and malicious emails.
Cloudflare has a global presence with data centers in over 320 cities, supporting millions of customers, which provides a global view of what’s happening on the Internet. This is helpful for improving security, privacy, efficiency, and speed, but also for observing Internet disruptions and traffic trends.
We are closely monitoring the event through our 2024 Olympics report on Cloudflare Radar and will provide updates on significant Internet trends as they develop.
An opening ceremony to remember
For the first time in modern Olympic history, the opening ceremony was held outside a stadium, lasting nearly four hours and clearly impacting Internet traffic in France. The nation’s engagement was evident during the Continue reading
HS079: Big Rock, Best-in-Breed, or Ecosystem: What’s the Best Vendor Procurement Strategy?
When choosing vendors, what strategy should you employ: big rock, best-in-breed, or ecosystem? The big rock approach consolidates vendor relationships around a few strategic partners. Best-in-breed focuses on selecting top solutions from various vendors. The ecosystem model combines elements of both. Today’s conversation explores all three models and also highlights the importance of integration, the... Read more »
HW032: What’s New With RUCKUS MDUs – From Wi-Fi 7 to AI (Sponsored)
Providing Wi-Fi in multi-dwelling units (MDUs) such as apartments or dormitories is complicated. These environments require dense AP deployments, have to provide secure access to lots of users, must support myriad device types, and must offer good performance. Our guests are Kyle Leissner, founder of Wire Star; and Bart Giordano, president of the RUCKUS at... Read more »Fun Reading: AI and Google’s Quarterly Results
I never mastered the fine art of polite diplomatic sarcasm. Brad Casemore is a virtuoso – you’ll love his take on Google’s Quarterly Results: Investors Begin Questioning Efficacy of GenAI Investments.