D2C245: Don’t Fear Database DevOps
Most platform engineers are scared of databases, and most database administrators prefer it that way. But our guest today says it’s time to move forward together toward a future of database linters, observability, and abstraction. Adam Furmanek makes the case that just like how developers had to learn some networking, and networking tools were created... Read more »PP019: The God Accounts: Cloud IAM
Today we discuss how to secure your all-powerful root accounts on the three major public cloud providers: AWS, Azure, and GCP. Our guests today, Ned Bellavance and Kyler Middleton from the Day Two Cloud podcast (soon to be Day Two DevOps podcast), describe the struggle of securely managing several root accounts at once. They take... Read more »HS075: How to Ask Questions
Asking questions is a critical skill whether you’re an outside consultant or on an internal IT team. In today’s episode, Greg and Johna review what kind of questions to ask and how to ask them. They discuss the ‘Five Whys,’ identifying points of invariance, discovering unknown unknowns, and watching out for landmines. They also cover... Read more »
Automated Validation of BGP Labs
In late 2023, I started playing with the idea of having automated validation in netlab. The early implementation was used in BGP labs, and a user liked it so much that he opened an issue saying:
I would suggest providing netlab validate for each lab.
Numerous rounds of yak-shaving later, I merged a humongous commit that adds automated validation to these lab exercises:
Automated Validation of BGP Labs
In late 2023, I started playing with the idea of having automated validation in netlab. The early implementation was used in BGP labs, and a user liked it so much that he opened an issue saying:
I would suggest providing netlab validate for each lab.
Numerous rounds of yak-shaving later, I merged a humongous commit that adds automated validation to these lab exercises:
NB483: Cisco Hopes To Be Ikea For AI Infrastructure; Is Anyone Besides Nvidia Making Money From AI?
Take a Network Break! We start with an announcement from Greg about his impending retirement. After we dust ourselves off from that, we pivot to this week’s tech news. Fortinet acquires a company to bolster its offering in securing cloud deployments and workloads, Cisco announces an Ikea-like kit to build AI infrastructure on prem, and... Read more »Live Training: Build Your Own Networking Lab
This Friday at 1pm ET, Bruce McDougall and I are teaching a live class on using Containerlab to build and automate network labs. From the course description:
This course will guide learners through the tools and techniques to build virtual labs either locally or on common cloud services, so you can become more proficient at understanding, designing, monitoring, and troubleshooting networks. The course begins with obtaining and starting the basic tools required to build and test network labs using open-source and freely available tools. The instructors will build a variety of network topologies, including data center and campus, to help learners understand how to test in different environments.
Tech Bytes: Journey to SSE with HPE Aruba Networking (Sponsored)
When it comes to SSE, it’s helpful to know the vendor’s history and approach to understand if it’s the best fit for your organization. HPE Aruba’s SSE journey started when it acquired Axis Security, a company focused on solving the problem of third party access. Because of that focus, HPE Aruba says its SSE is... Read more »netlab 1.8.3: RIPv2, BGP Route Servers
During the ITNOG8 netlab presentation, I jokingly said something along the lines “all that’s missing is RIPv2 and Babel.” That’s no longer true; someone asked me how hard it would be to add RIPv2 to netlab, and I said, “give me a few days 😎”
Other new features in netlab release 1.8.3 include support for BGP route servers (and route server clients), BGP Link Bandwidth community, and OSPF/BGP validation plugins for Arista EOS, Cumulus Linux and FRR. We also fixed the installation scripts to work with Ubuntu 24.04 and Debian Bookworm.
For more details, read the release notes.
netlab 1.8.3: RIPv2, BGP Route Servers
During the ITNOG8 netlab presentation, I jokingly said something along the lines “all that’s missing is RIPv2 and Babel.” That’s no longer true; someone asked me how hard it would be to add RIPv2 to netlab, and I said, “give me a few days 😎”
Other new features in netlab release 1.8.3 include support for BGP route servers (and route server clients), BGP Link Bandwidth community, and OSPF/BGP validation plugins for Arista EOS, Cumulus Linux and FRR. We also fixed the installation scripts to work with Ubuntu 24.04 and Debian Bookworm.
For more details, read the release notes.
Network Observability with SuzieQ: Part Three
In part 2 of this multipart series on network observability with SuzieQ, we looked at how to setup SuzieQ using docker compose. In this part, we will look at how to interact with the data collected by SuzieQ using the command line interface (CLI) and its REST API.
If you have not read Part One and Part Two yet, I recommend you read it first before proceeding with this part.
SuzieQ CLI
SuzieQ provides a command line interface to interact with the data it has collected. Like any Linux CLI, SuzieQ CLI providers command completion when options are available and also provides help for each command. All commands follow a common structure <table_name> <verb> <filters>. This will make more sense when we start looking at some examples.
Let us start by running the SuzieQ CLI. If you have been following along with the previous parts, you should have the SuzieQ docker container running and you can connect to the SuzieQ CLI by running the docker attach suzieq_cli command. Once you are connected, you will see a prompt like this suzieq>. This is the SuzieQ CLI prompt.
root@sudarshanv:/suzieq/suzieq# docker attach suzieq_cli
suzieq>Connecting to SuzieQ CLI
From here you can get Continue reading
Palo Alto – Find and Remove Unused Objects
If you work with Palo Alto firewalls, you might know there's no straightforward way to find and remove unused address objects. When I googled for solutions, I found that others suggested using Expedition or some kind of automation. In this blog post, I'll show you a very simple script to find these objects and remove them if needed.
Expedition or Automation
I tried using Expedition a few years back, but it required a dedicated VM, and I struggled to wrap my head around how to use it. I just needed a simple solution. While I could also use Palo Alto's REST API or even the Python SDK, setting everything up takes a bit more time.
Palo Alto 'Set' Commands
Then it occurred to me that Palo Alto provides 'set' commands, and you can use the 'delete' version of those commands to remove something. With that in mind, I thought, "Hmm, what if I get the whole config from either the firewall or Panorama in the 'set' format, run it through a regex, and extract all the object names?" Once I have the object names, I can go through the configuration line by line to check if the objects are Continue reading
HN738: Reducing Complexity With Fortinet’s Unified SASE (Sponsored)
Fortinet’s Unified SASE provides consistent security controls and policies both for traditional campuses and the hybrid workforce.. Nirav Shah joins us to explain how Fortinet is positioned to do this: a foundational software developed for 20 years, a network of over 140 POPs, a security lab with over 1,000 researchers, continuous ZTNA verification proxies, and... Read more »Hedge 230: Preparing for Layoffs
You will probably be laid off at least once in your career–we no longer live a world of “permanent positions,” or even a world where people are in complete control of their “work destiny.” It’s important, then, to prepare to be laid off, made redundant, or impacted by a RIF, today. Mike Bushong joins Eyvonne Sharp, Tom Ammon, and Russ White in a wide-ranging discussion about preparing to be laid off.
IPB153: Leveraging ICMPv6 to Troubleshoot Network Issues
If you don’t blame “destination unreachable” messages on DNS servers, are you even a real network engineer? All joking aside, Johannes Weber joins the show today to teach us how to use ICMPv6 to troubleshoot network issues, pinpointing if the problem is within your network or outside of it. He walks us through identifying possible... Read more »Worth Reading: Cisco SD-Access and IoT Devices
Dan Massameno wrote a series of blog posts describing the challenges you might encounter when connecting Internet-of-Things1 devices to a Cisco SD-Access network. It is an absolute must-read if you have to deal with IoT devices.
-
Reading some of his caveats, you’ll quickly confirm the alternate meaning of the IoT acronym: Internet-of-Trash. ↩︎
Worth Reading: Cisco SD-Access and IoT Devices
Dan Massameno wrote a series of blog posts describing the challenges you might encounter when connecting Internet-of-Things1 devices to a Cisco SD-Access network. It is an absolute must-read if you have to deal with IoT devices.
-
Reading some of his caveats, you’ll quickly confirm the alternate meaning of the IoT acronym: Internet-of-Trash. ↩︎
A Journey from Intern to Front-End Developer
The post A Journey from Intern to Front-End Developer appeared first on Noction.
What Is Python concurrent.futures? (with examples)
As a Python learner, I've faced several challenges, but so far, one of the most difficult topics to understand has been concurrency. In the beginning, it can be incredibly confusing, especially if you're a beginner. The aim of this blog post is to simplify concurrency by breaking it down with a couple of examples and an analogy to help you understand this challenging concept. So, let's get started.
Why does Concurrency Matter?
When writing Python programs, you might find yourself needing to execute multiple tasks simultaneously or in parallel. This is where concurrency comes in. Concurrency allows your program to run multiple tasks at the same time, which can significantly improve performance and efficiency, particularly when handling time-consuming tasks.
The Magic of Python concurrent.futures
Python's concurrent.futures module simplifies concurrent programming by providing a high-level interface for asynchronously executing callable (functions/methods). ThreadPoolExecutor and ProcessPoolExecutor are two popular classes within this module that enable you to easily execute tasks concurrently, using threads or processes, respectively.
When deciding between ThreadPoolExecutor and ProcessPoolExecutor, consider the following analogy - ThreadPoolExecutor is like having multiple chefs in a shared kitchen, while ProcessPoolExecutor is like having multiple chefs, each with their own kitchen.
ThreadPoolExecutor is Continue reading