NetworkingNexus.net

Seeding Ansible Automation Platform Content At Installation Time

In a previous blog, I announced the tech preview of containerized Red Hat Ansible Automation Platform. With that we introduced a new feature to enable you to pre-seed configuration and content at installation time. This blog will take you through how that works.

At Red Hat, we are very lucky to have some super talented people. Some of these great folks have worked tirelessly on producing Ansible Content Collections for managing configuration within the platform. Using this as the foundation, we have wrapped enablement around that to provide a fully automated way of doing this, in a seamless fashion.

The Benefits

Many people today already use a configuration-as-code (CaC) approach to managing the platform and laying down standards for their users. If that’s your case, then this simply extends and simplifies this capability.

If this is a new concept to you, then these examples may be of interest:

Standardize your user’s out of the box (OOTB) experience, in one go, at installation time.
- Are there platform artifacts that you always need to apply to each and every installation? Define those as code and simply point the installation at that code and it will pre-configure the platform

The ability Continue reading

BGP Labs: Route Aggregation

In the BGP Route Aggregation lab you can practice:

OSPF-to-BGP route redistribution
BGP route aggregation
Suppression of more-specific prefixes in the BGP table
Prefix-based filtering of outbound BGP updates

BGP Labs: Route Aggregation

In the BGP Route Aggregation lab you can practice:

OSPF-to-BGP route redistribution
BGP route aggregation
Suppression of more-specific prefixes in the BGP table
Prefix-based filtering of outbound BGP updates

Note: if you want to keep things simple, run BGP labs with netlab (other options).

2023년 10월 4일 1.1.1.1 조회 실패

2023년 10월 4일, Cloudflare에서는 DNS 확인 문제를 겪었으며, 이 문제는 UTC 07:00에 시작하여 UTC 11:00에 끝났습니다. 1.1.1.1 또는 Warp, Zero Trust 등의 제품 또는 1.1.1.1을 사용하는 타사 DNS 확인자를 사용하는 사람 중 일부는 유효한 쿼리에 대해 SERVFAIL DNS 응답을 받았을 수도 있습니다. 이번에 서비스가 중단되어 정말 죄송합니다. 이번 서비스 중단은 공격이 아니라 내부 소프트웨어 오류로 발생했습니다. 이 블로그에서는 어떤 장애였는지, 장애가 왜 발생했는지, 이런 일이 다시 발생하지 않도록 우리가 무엇을 하고 있는지 설명하겠습니다.

배경

도메인 네임 시스템(DNS)에서 모든 도메인 네임은 DNS 영역 내에 존재합니다. 이 영역은 함께 제어되는 도메인 이름과 호스트 이름의 모음입니다. 예를 들어, Cloudflare에서는 도메인 이름 cloudflare.com을 관리하며, 우리는 이를 "cloudflare.com" 영역이라고 부릅니다. .com의 최상위 도메인(TLD)은 타사 소유이며 "com" 영역에 있습니다. TLD는 cloudflare.com에 접속하는 방법에 대한 지침을 제공합니다. 모든 TLD 위에는 루트 영역이 있으며, 이 영역은 TLD에 도달하는 방법에 대한 지침을 제공합니다 . 즉, 루트 영역은 다른 모든 도메인 이름을 확인할 수 있는 중요한 영역입니다. DNS의 다른 중요한 부분과 마찬가지로 루트 영역은 DNSSEC로 서명되며, 이는 루트 영역 자체에 암호화 서명이 포함되어 있음을 의미합니다.

루트 영역은 루트 서버에 게시되지만, 루트 서버에 연결할 수 없는 경우에도 루트 영역의 정보를 계속 사용할 수 있도록 DNS 운영자가 루트 영역의 Continue reading

Migration Coordinator – Selecting the migration mode

Migration Coordinator is a fully supported free tool, that is built into NSX Data Center, that is designed to help customers migrating from NSX for vSphere to NSX (aka NSX-T). NSX-T 2.4, was the first release, about three years back, to introduce Migration Coordinator with couple of modes to enable migrations. Today, migration coordinator supports over 10 different ways to migrate from NSX for vSphere to NSX.

The last three blogs in this series covered the various modes available along with the pros and cons of each mode.

This blog will focus on selecting the migration mode based on your requirements.

Terms, Tools and Modes

Before digging into how to go about selecting the right mode for the migration, let’s take a quick look at some of the terms, tools and high-level view of the modes available for migration, when leveraging Migration Coordaintor.

The following table summarizes some of the key terms used in regard to migrations:

Terms	Description
In-place	Migrate using the same hardware
Lift and Shift	Migrate to either new or repurposed hardware.
DFW Only	Only Continue reading

BrandPost: Selecting Cybersecurity Solutions for Hybrid and Hyperscale Data Centers

Hybrid and hyperscale data centers need cybersecurity solutions that won’t hinder an organization from doing its business. However, there are far too many data center environments that still rely on outdated traditional firewalls. Because these legacy firewalls underperform and underserve, IT teams are being pushed into making perilous trade-offs between security and performance. Since there is much at stake—and so little expert guidance available—choosing the right solutions can be extremely difficult for organizations. Below are eight key factors for IT leadership to consider when securing their modern data center infrastructure:To read this article in full, please click here

Heavy Wireless 012: Why Wireless Pros Should Get To Know LoRaWAN

LoRaWAN is a wireless protocol that's well suited for use cases that require long-range, low-power operations such as sensors, asset and livestock tracking, municipal "smart city" initiatives, and more. On today's Heavy Wireless, Keith Parsons welcomes Raymond Hendrix and Troy Martin to discuss the architecture of a LoRaWAN solution, its applications, and its pros and cons. They also share resources for further learning, including the Things Network and the LoRa Alliance.

Heavy Wireless 012: Why Wireless Pros Should Get To Know LoRaWAN

The post Heavy Wireless 012: Why Wireless Pros Should Get To Know LoRaWAN appeared first on Packet Pushers.

Kyndryl expands network security lineup with Palo Alto SD-WAN, SASE

Kyndryl continues to fill out its stable of network security partners, most recently inking an alliance with Palo Alto Networks for cybersecurity, SD-WAN and secure access service edge (SASE) services.As part of the deal, Kyndryl will integrate Palo Alto's security products and services into its own managed security services, which include security monitoring, incident response, and threat intelligence. Palo Alto brings a wide range of security offerings, including a family of next-generation firewalls, the Prisma Cloud security platform for cloud-based applications and workloads, endpoint security, and operational automation support.To read this article in full, please click here

Kyndryl expands network security lineup with Palo Alto SD-WAN, SASE

The AI Boom Props Up Datacenter Infrastructure Spending

If there is one thing that is absolutely immune from inflationary curbs and that is, to a certain degree, also contributing to inflationary pressures in the global economy, it is generative AI. …

The post The AI Boom Props Up Datacenter Infrastructure Spending first appeared on The Next Platform.

The AI Boom Props Up Datacenter Infrastructure Spending was written by Timothy Prickett Morgan at The Next Platform.

How to use the Comm command

In this Linux tip, we’re going to look at the comm command – a Linux command that provides a report on the lines that are common in two text files along with those that only exist in one file or the other.

Data centers aren’t ready for AI, Schneider warns

Schneider Electric is warning the demands of power and cooling for AI are beyond what standard data center designs can handle and says new designs are necessary.That may be expected from a company like Schneider, which makes power and cooling systems used in data centers. But it doesn’t mean Schneider isn't correct. AI is a different kind of workload than standard server-side applications, such as databases, and the old ways just don’t cut it anymore.Schneider's white paper notes that AI needs ample supply of three things: power, cooling, and bandwidth. GPUs are the most popular AI processors and the most power intensive. Whereas CPUs from Intel and AMD draw about 300 to 400 watts, Nvidia’s newest GPUs draw 700 watts per processor and they are often delivered in clusters of eight at a time.To read this article in full, please click here

Data centers aren’t ready for AI, Schneider warns

Japan invests $1.3 billion in Micron to subsidize chip manufacturing: Report

The Japanese government on Tuesday said that it had invested $1.3 billion in Micron’s Hiroshima factory as subsidy for manufacturing more advanced chips that support or power AI and quantum workloads.The investment is expected to cover the cost of installing ASML Holding’s extreme ultraviolet lithography equipment at the factory, according to a Bloomberg report. Lithography machines are used to draw patterns on silicon chips using light, and Dutch company ASML Holdings is one of the top producers of these lithography machines.To read this article in full, please click here

Importing Ansible Validated Content into Private Automation Hub

Introduction

Ansible validated content is a set of collections containing pre-built YAML content (such as playbooks or roles) to address the most common automation use cases. You can use Ansible validated content out-of-the-box or as a learning opportunity to develop your automation skills. It's a trusted starting point to bootstrap your automation: use it, customize it and learn from it!

This content is curated by experts like the Red Hat Automation Community of Practice so:

Use cases are based on successfully deployed customer examples
Content creators are trusted and verified subject matter experts
Content itself adheres to the latest best practices and guidelines issued by Red Hat’s engineering team
Ansible validated content is tested against supported versions of Red Hat Ansible Automation Platform

Ansible Automation Platform is a trusted delivery system to access and leverage Ansible validated content in your organization.

How can I get this Ansible validated content into my Ansible Automation Platform on clouds (AWS, Azure, Google Cloud) deployment?

To do this there are a few short steps. Let’s walk through these together.

As part of your Ansible Automation Platform on cloud, you will also have a private automation hub. This is your own internal automation content Continue reading

Microsoft puts its Cloud for Sovereignty in public preview

Microsoft on Tuesday moved its Cloud for Sovereignty offering from private preview to public preview and said the offering is likely to be made generally available this December.Microsoft Cloud for Sovereignty, which is aimed at helping government bodies meet specific compliance, security, and policy requirements, was first introduced in July of last year. Since then the company has released two private releases of the offering.The public preview version of the offering includes new features such as the Sovereign Landing Zone, support for two country-specific requirements, transparency logs, and automated workload templates.The Sovereign Landing Zone and policy initiative, which is now available on GitHub, instantiates guardrails for sovereign cloud environments for customer workloads, enabling customers to leverage best practices for secure and consistent environments while supporting their efforts to meet evolving local regulations, the company said.To read this article in full, please click here

Announcing General Availability for the Magic WAN Connector: the easiest way to jumpstart SASE transformation for your network

Today, we’re announcing the general availability of the Magic WAN Connector, a key component of our SASE platform, Cloudflare One. Magic WAN Connector is the glue between your existing network hardware and Cloudflare’s network — it provides a super simplified software solution that comes pre-installed on Cloudflare-certified hardware, and is entirely managed from the Cloudflare One dashboard.

It takes only a few minutes from unboxing to seeing your network traffic automatically routed to the closest Cloudflare location, where it flows through a full stack of Zero Trust security controls before taking an accelerated path to its destination, whether that’s another location on your private network, a SaaS app, or any application on the open Internet.

Since we announced our beta earlier this year, organizations around the world have deployed the Magic WAN Connector to connect and secure their network locations. We’re excited for the general availability of the Magic WAN Connector to accelerate SASE transformation at scale.

When customers tell us about their journey to embrace SASE, one of the most common stories we hear is:

We started with our remote workforce, deploying modern solutions to secure access to internal apps and Internet resources. But now, we’re looking at Continue reading

What Is Ultra Ethernet All About?

If you’re monitoring the industry press (or other usual hype factories), you might have heard about Ultra Ethernet, a dazzling new technology that will be developed by the Ultra Ethernet Consortium¹. What is it, and does it matter to you (TL&DR: probably not²)?

As always, let’s start with What Problem Are We Solving?

What Is Ultra Ethernet All About?

If you’re monitoring the industry press (or other usual hype factories), you might have heard about Ultra Ethernet, a dazzling new technology that will be developed by the Ultra Ethernet Consortium¹. What is it and does it matter to you (TL&DR: probably not²)?

As always, let’s start with What Problem Are We Solving?