Networking and Security are Converging. Are You Ready?
Once you've built a networking solution built on the foundation of security-driven networking—one that weaves security and networking functionality into a single system—you're ready for anything.Cisco adds to its Nexus data-center-management software
Cisco has added support for traditional network environments to the company’s recently available data center-management console.
Introduced in October, Cisco’s Nexus Dashboard melds a number of Cisco’s on-premises, cloud and hybrid fabric-management tools into a single interface to administer application lifecycles from provisioning to maintenance and optimization.
The idea is that the dashboard provides a central platform for data center-operation applications to simplify the operation and management of the applications while reducing the infrastructure overhead to run them, according to Cisco.
Managers Must Prep Their Teams For Kubernetes – Video
If the boss demands a Kubernetes deployment, and flies in a team of consultants to get the project off the ground, what should the IT staff be prepared for once the consultants depart? That’s the question in this excerpt of Day Two Cloud podcast “Why Kubernetes Is Wrong For You.” You can listen to the […]
The post Managers Must Prep Their Teams For Kubernetes – Video appeared first on Packet Pushers.
Day Two Cloud 080: Multi-Cloud Isn’t A Myth – We Have Proof
Is multi-cloud real? Some say no, but others know the reality of multi-cloud because they are living it every day. One such human is William Collins, and he joins us to talk through some actual multi-cloud use cases.
The post Day Two Cloud 080: Multi-Cloud Isn’t A Myth – We Have Proof appeared first on Packet Pushers.
Day Two Cloud 080: Multi-Cloud Isn’t A Myth – We Have Proof
Is multi-cloud real? Some say no, but others know the reality of multi-cloud because they are living it every day. One such human is William Collins, and he joins us to talk through some actual multi-cloud use cases.A Name Resolver for the Distributed Web
The Domain Name System (DNS) matches names to resources. Instead of typing 104.18.26.46 to access the Cloudflare Blog, you type blog.cloudflare.com and, using DNS, the domain name resolves to 104.18.26.46, the Cloudflare Blog IP address.
Similarly, distributed systems such as Ethereum and IPFS rely on a naming system to be usable. DNS could be used, but its resolvers’ attributes run contrary to properties valued in distributed Web (dWeb) systems. Namely, dWeb resolvers ideally provide (i) locally verifiable data, (ii) built-in history, and (iii) have no single trust anchor.
At Cloudflare Research, we have been exploring alternative ways to resolve queries to responses that align with these attributes. We are proud to announce a new resolver for the Distributed Web, where IPFS content indexed by the Ethereum Name Service (ENS) can be accessed.
To discover how it has been built, and how you can use it today, read on.
Welcome to the Distributed Web
IPFS and its addressing system
The InterPlanetary FileSystem (IPFS) is a peer-to-peer network for storing content on a distributed file system. It is composed of a set of computers called nodes that store and relay content using a common Continue reading
Developing NetBox Plugin – Part 3 – Adding search panel
Welcome to part 3 of my tutorial walking you through process of developing NetBox plugin. In part 2 we added basic web UI views to our BgpPeering plugin. In this post we'll add search panel to list view to allow us to search/filter Bgp Peering objects.
Developing NetBox Plugin tutorial series
- Developing NetBox Plugin - Part 1 - Setup and initial build
- Developing NetBox Plugin - Part 2 - Adding web UI pages
- Developing NetBox Plugin - Part 3 - Adding search panel
- Developing NetBox Plugin - Part 4 - Small improvements
- Developing NetBox Plugin - Part 5 - Permissions and API
Contents
- Introduction
- Filter class
- Search form class
- Adding form to list view template
- Adding filtering to list view class
- Conclusion
- Resources
- BGP Peering Plugin GitHub repository
Introduction
List view we created for displaying all Bgp Peering objects in one place is very useful. However it will become difficult to find items of interest once we have more than 30-50 objects. For that purpose we should add means of filtering objects to the ones that meet certain criteria.
Other objects in NetBox already have filtering functionality and use search panel located to the right of object tables. Continue reading
Imperative and Declarative API: Another Pile of Marketing Deja-Moo
Looks like some vendor marketers (you know, the same group of people who brought us the switching/routing/bridging stupidity) felt the need to go beyond the usual SDN and intent-based hype and started misusing the imperative versus declarative concepts. Unfortunately some networking engineers fell for the ploy; here’s a typical feedback along these lines I got from one of my readers:
I am frustrated by most people’s shallow understanding API’s, especially the differences between declarative (“what”) and imperative (“how”) API’s, and how that impacts one’s operations. Declarative APIs are the key pillar of what many vendors call “policy” or “intent-based” networking.
Let’s try to unravel that.
Imperative and Declarative API: Another Pile of Marketing Deja-Moo
Looks like some vendor marketers (you know, the same group of people who brought us the switching/routing/bridging stupidity) felt the need to go beyond the usual SDN and intent-based hype and started misusing the imperative versus declarative concepts. Unfortunately some networking engineers fell for the ploy; here’s a typical feedback along these lines I got from one of my readers:
I am frustrated by most people’s shallow understanding API’s, especially the differences between declarative (“what”) and imperative (“how”) API’s, and how that impacts one’s operations. Declarative APIs are the key pillar of what many vendors call “policy” or “intent-based” networking.
Let’s try to unravel that.
Finding Ways of Teaching
Some days ago I tweeted about that when you are trying to master a topic, you should both find different sources to learn from, as well as different mediums, such as reading, listening, watching videos, but also not to forget labbing. I also wrote that teaching someone else is a great way of learning and retaining information yourself. You might be familiar with the saying that “You remember 10% of what we read, 20% of what we hear, 30% of what we see, 80% of what we personally experience, and 95% of what we teach others”. How truthful this statement is, is up for debate, but I think we can all agree that you will recall more of what you have learned if you are teaching the topic to someone, as opposed to just reading about something.
How do you find a place to teach, though?
Thankfully, there are a lot of options today to teach, even some that may not seem obvious at first. Let’s go through a few of them.
Blogging – As you’re reading this blog, hopefully you are learning something. It may not seem like teaching, considering that it’s not a realtime event, but it is Continue reading
Pluribus Networks release UNUM 6.1.0 – Accelerating Automation into 2021
Pluribus is well known for radically automating the deployment and management of small- and large-scale underlay and overlay data center...Calico & Calico Enterprise: Now Available as AWS Quick Starts
As an AWS Advanced Technology Partner with AWS Containers Competency, Tigera is thrilled to announce that Calico and Calico Enterprise are both now available as AWS Quick Starts. If you’re unfamiliar with the concept, an AWS Quick Start is a ready-to-use accelerator that fast-tracks deployments of key cloud workloads for AWS customers. Described as “gold-standard deployments in the AWS Cloud”, Quick Starts are designed to reduce hundreds of manual procedures into an automated, workflow-based reference deployment.
With Calico network policy enforcement, you can implement network segmentation and tenant isolation, which is especially useful when you want to create separate environments for development, staging, and production. Calico Enterprise builds on top of open source Calico to provide additional higher-level features and capabilities, and integrates with your existing AWS tools including security groups, Amazon CloudWatch, and AWS Security Hub so you can leverage existing processes and workflows in your EKS or Kubernetes infrastructure.
Everything you need to take advantage of Calico and Calico Enterprise in these Quick Starts is installed and configured in your Amazon Elastic Kubernetes (Amazon EKS) cluster, enabling you to take advantage of a rich set of Kubernetes security, observability, and networking features that Tigera provides in these Continue reading
Ansible Network Resource Modules: Deep Dive on Return Values
The Red Hat Ansible Network Automation engineering team is continually adding new resource modules to its supported network platforms. Ansible Network Automation resource modules are opinionated network modules that make network automation easier to manage and more consistent for those automating various network platforms in production. The goal for resource modules is to avoid creating and maintaining overly complex jinja2 templates for rendering and pushing network configuration, as well as having to maintain complex fact gathering and parsing methodologies. For this blog post, we will cover standard return values that are the same across all supported network platforms (e.g. Arista EOS, Cisco IOS, NXOS, IOS-XR, and Juniper Junos) and all resource modules.
Before we get started, I wanted to call out three previous blog posts covering resource modules. If you are unfamiliar with resource modules, check any of these out:
- acls - the resource module for configuring access control lists on network devices. For example: junos_acls on Juniper Junos
Deep Dive: ACL Configuration Management Using Ansible Network Automation Resource Modules - ospfv2 - the resource module for configuring the routing protocol OSPF. For example: ios_ospfv2 for OSPF configuration on Cisco IOS
Getting Started With OSPFV2 Resource Modules Continue reading
Technologies that Didn’t: ARCnet
In the late 1980’s, I worked at a small value added reseller (VAR) around New York City. While we deployed a lot of thinnet (RG58 coax based Ethernet for those who don’t know what thinnet is), we also had multiple customers who used ARCnet.
Back in the early days of personal computers like the Amiga 500, the 8086 based XT (running at 4.77MHz), and the 8088 based AT, all networks were effectively wide area, used to connect PDP-11’s and similar gear between college campuses and research institutions. ARCnet was developed in 1976, and became popular in the early 1980’s, because it was, at that point, the only available local area networking solution for personal computers.
ARCnet was not an accidental choice in the networks I supported at the time. While thinnet was widely available, it required running coax cable. The only twisted pair Ethernet standard available at the time required new cables to be run through buildings, which could often be an expensive proposition. For instance, one of the places that relied heavily on ARCnet was a legal office in a small town in north-central New Jersey. This law office had started out in an older home over a Continue reading