Ansible versus Puppet in Initial Device Provisioning

One of the attendees of my Building Next-Generation Data Center course asked this interesting question after listening to my description of differences between Chet/Puppet and Ansible:

For Zero-Touch Provisioning to work, an agent gets installed on the box as a boot up process that would contact the master indicating the box is up and install necessary configuration. How does this work with agent-less approach such as Ansible?

Here’s the first glitch: many network devices don’t ship with Puppet or Chef agent; you have to install it during the provisioning process.

Read more ...

udevadm, systemd and a barcode scanner

I've been fooling around with a Symbol LS2208 barcode scanner attached to a CentOS 7 machine as part of a network automation project. I learned a bit about the scanner, udev and systemd along the way.


The LS2208
I chose the LS2208 because there were lots of them on eBay and because documentation was available. So far I'm happy with the LS2208, but wish it didn't require a physical PC to be nearby. A USB Anywhere box may be in my future (nope, Windows only). If I'd been able to find a WiFi scanner that would POST scans directly to a REST API over TLS, I'd have gone with that instead, but it seems that this guy and I are out of luck in that regard. I've got zero interest in fooling around with WinCE or similar mobile devices with built-in scanners.
The LS2208 gets configured by scanning barcodes. Special codes found in the manual. So far, the ones I've found most interesting are:
  • Set Factory Defaults
  • Simple COM Port Emulation
  • Low Volume
  • Beep on <BEL> (still need to fool with this - seems like it could provide useful feedback to the operator)
  • Do Not Beep After Good Decode

IoT botnet highlights the dangers of default passwords

A botnet responsible for a massive DDOS (distributed denial-of-service) attack was created thanks to weak default usernames and passwords found in internet-connected cameras and DVRs.The Mirai botnet grabbed headlines last month for taking down the website of cybersecurity reporter Brian Krebs with a huge DDOS attack. Unlike most botnets, which rely on infected PCs, this one used IoT devices to target its victims.It turns out the botnet was specifically designed to scan the internet for poorly secured products like cameras and then access them through easily guessable passwords like "admin" or "12345." Last Friday, the botnet's maker released its source code, and security experts have noticed it's built to try a list of more than 60 combinations of user names and passwords.To read this article in full or to leave a comment, please click here

IoT botnet highlights the dangers of default passwords

A botnet responsible for a massive DDOS (distributed denial-of-service) attack was created thanks to weak default usernames and passwords found in internet-connected cameras and DVRs.The Mirai botnet grabbed headlines last month for taking down the website of cybersecurity reporter Brian Krebs with a huge DDOS attack. Unlike most botnets, which rely on infected PCs, this one used IoT devices to target its victims.It turns out the botnet was specifically designed to scan the internet for poorly secured products like cameras and then access them through easily guessable passwords like "admin" or "12345." Last Friday, the botnet's maker released its source code, and security experts have noticed it's built to try a list of more than 60 combinations of user names and passwords.To read this article in full or to leave a comment, please click here

Google Fiber buys Webpass for wireless extensions to fiber network

Google Fiber's strategy to use wireless technology to supplant its fiber optic cable installations came into sharper focus Monday with Google's purchase of Webpass.Google Fiber President Dennis Kish, in a blog post on the deal, noted that Webpass helps Google Fiber with its strategy "going forward [with] a hybrid approach with wireless playing an integral part."Webpass has proven that point-to-point wireless is a reliable way to connect more people to high-speed Internet in a densely populated environment by setting up wireless transmission links between buildings," Kish added.To read this article in full or to leave a comment, please click here

Network to Code and General Update

It’s been a long time since my last post, way longer than I’d like. For the last several months we’ve been neck deep in network automation. This post focuses on the highlights of not only what I’ve been up to, but also the rest of the Network to Code team. More detailed posts will come over the coming days and weeks.

Training

As you can see from the website, we have a good number of public courses on network automation and even a few starting early next year that are completely virtual, but the majority of our training engagements have been private on-site instructor-led courses with Enterprises and Global Carriers. The private courses have varied from using the same course outline you see on the website, but have also been modified for a particular vendor, device type, and/or API. Popular topics covered in our training include Ansible, Python, NETCONF/RESTCONF/YANG, and various vendor APIs including Nexus NX-API, Arista eAPI, Juniper’s XML API, to Cisco’s new NETCONF/RESTCONF APIs on IOS XE.

Software Development

We’ve contributed to various open source projects, but key highlights include contributions to Ansible modules that are now part of core as well as adding Palo Alto Networks (PAN) Continue reading

Network to Code and General Update

It’s been a long time since my last post, way longer than I’d like. For the last several months we’ve been neck deep in network automation. This post focuses on the highlights of not only what I’ve been up to, but also the rest of the Network to Code team. More detailed posts will come over the coming days and weeks.

Training

As you can see from the website, we have a good number of public courses on network automation and even a few starting early next year that are completely virtual, but the majority of our training engagements have been private on-site instructor-led courses with Enterprises and Global Carriers. The private courses have varied from using the same course outline you see on the website, but have also been modified for a particular vendor, device type, and/or API. Popular topics covered in our training include Ansible, Python, NETCONF/RESTCONF/YANG, and various vendor APIs including Nexus NX-API, Arista eAPI, Juniper’s XML API, to Cisco’s new NETCONF/RESTCONF APIs on IOS XE.

Software Development

We’ve contributed to various open source projects, but key highlights include contributions to Ansible modules that are now part of core as well as adding Palo Alto Networks (PAN) Continue reading

Toyota’s cute Kirobo Mini robot will chat with you

Driving can sometimes be a solitary affair, heading from place to place with only the road and the radio for company, but that could change with Kirobo Mini.It's a small robot developed by Toyota that's designed to act as a virtual companion, listening to and responding to chat from people in a car or just about anywhere. At 10 centimeters tall, its small size means it can easily be carried around.The technology behind it is quite simple. Audio is sent from Kirobo's microphone to a smartphone running a companion app. The phone passes the audio on to a Toyota cloud service that runs voice recognition and helps to determine the appropriate response. That is then sent back to Kirobo via the smartphone app.To read this article in full or to leave a comment, please click here

Server Encryption With An FPGA Offload Boost

Everyone talks about security on infrastructure, but it comes at a heavy cost. While datacenters have been securing their perimeters with firewalls for decades, this is far from sufficient for modern applications.

Back in the early days of the Internet, all traffic was from the client in through the web and application servers to the back-end database that fed the applications – what is known as north-south traffic in the datacenter lingo. But these days, an application is a collection of multiple services that are assembled on the fly from all over the datacenter, across untold server nodes, in what

Server Encryption With An FPGA Offload Boost was written by Timothy Prickett Morgan at The Next Platform.

BrandPost: New Dynamic for CPE

Running an enterprise wide area network (WAN) can entail installation, configuration and maintenance of a bewildering array of hardware that includes switches, routers, load balancers, VPNs, accelerators and firewalls.But would you still use separate devices for each core network function, if you could instead opt for standardized, off the shelf hardware that can be configured and updated as often as you need it? Looking at the manner in which virtualization has impacted other areas of enterprise infrastructure, the likely answer is a resounding ‘No’!That’s the rationale behind AT&T’s recent launch of a Network Functions Virtualization (NFV)-enabled Universal Customer Premises Equipment (uCPE) product. With the benefit that one standards-based, off-the-shelf server can perform any AT&T certified network function.To read this article in full or to leave a comment, please click here

BrandPost: Leading the migration from TDM

We were happy and proud to learn that Frost & Sullivan had bestowed its 2015 Business Metro Carrier Ethernet Services Market Leadership Award to AT&T.In fact, AT&T has ranked number 1 in Frost & Sullivan’s market share analysis of the retail Ethernet market over the past 5 years. “AT&T continues to lead through a combination of deep metro network footprint, market leading Ethernet solutions and high-performance service level agreements (SLAs),” says Frost & SullivanAT&T and customers, old and new, are migrating from time-division multiplexing (TDM) private line technology to Ethernet service to take advantage of scalability, reliability, and cost efficient bandwidth.To read this article in full or to leave a comment, please click here

IBM’s IoT blockchain service gets ready to set sail

A massive DDOS attack and weaknesses in critical systems have put security concerns front and center in the internet of things. IBM thinks a technology best known from the world of bitcoin could lock down at least one use of IoT.The company is using blockchain technology to ensure that everything’s in order with IoT transactions. Just as a public blockchain makes bitcoin transactions traceable and verifiable, the private, cloud-based system that IBM will operate for enterprises will verify non-monetary interactions between some devices.To read this article in full or to leave a comment, please click here

What to expect from Tuesday’s big Google hardware event

We know that Google is set to release a slew of hardware Tuesday at an event in San Francisco, including smartphones, smart home devices and even a new Wi-Fi router. Here’s what the leaks and rumors say about the specifics of the company’s big release day tomorrow.Bye, bye, NexusGoogle is set to release the already-widely-leaked Pixel and Pixel XL smartphones, which will boast flagship specs and run totally stock Android. It’s the same idea as the Nexus line of phones – top-end smartphones designed to showcase the possibilities of the operating system free from the modifications that OEMs impose on their own devices.ALSO ON NETWORK WORLD: Tim Cook: Augmented reality will be an essential part of your daily life, like the iPhone | U.S. cellular carriers charge too much, and here’s proofTo read this article in full or to leave a comment, please click here

A few cool tech startups I came across at Boston’s HUBweek

"Do you like movies?"That was the ice-breaker laid on me by Pilot Analytics CEO and Founder Alan Xie as he caught me spying his start-up's space at last week's HUBweek Demo Day event in Boston, trying to figure out what the heck the company did.Being on a shoestring budget, the recent Harvard University grad and his colleagues decided to forego a more elaborate booth set-up, instead relying a a couple of laptops, some basic branding in the form of cardboard cutouts and their story. This outfit has a system for crunching numbers to help movie studios better gauge how much they might make on a movie, no matter how awful it sounds. Factors such as genre, cast and geographical viewing markets all play roles, of course.To read this article in full or to leave a comment, please click here

73% off amFilm Tempered Glass Screen Protector for iPhone 7/6/6s (2-Pack) – Deal Alert

These Amazon best-selling screen protectors from amFilm are specifically designed for iPhone 7, 6S, and 6. Ultra thin-0.3mm thickness is reliable and resiliant, and promises full compatibility with touchscreen sensitivity. Also ultra-clear with 99.9% transparency to allow an optimal, natural viewing experience. Highly durable and scratch resistant/chip resistant, this strong protector will guarantee your cell phone the best protection against drops, bumps, scratches and normal wear and tear. Over 8,200 reviewers on Amazon give this item an average of 4.5 out of 5 stars (read reviews). Amazon indicates that its list price has been dramatically reduced to just $8, and for that price you will receive 2 glass Screen Protector, wet/dry wipes, squeeze card, installation guide and dust removal stickers. See the discounted screen protectors on Amazon.To read this article in full or to leave a comment, please click here

IoT: We’re serfs and pawns

There is a huge problem with the ugly Internet of Things (IoT). Many IoT thingies have the security of wet tissue paper, and they’re being used in large swarms and masses to wreak havoc. A colleague of mine, Stephen Satchell, says misbehaving IoT devices should bear the full front of the Consumer Product Safety Commission and be recalled, every last one of them.  Recalled. Why won’t this happen? Let me speculate. It’s because our own government, that is to say the more covert parts of the U.S. government, has its own cadre of botnets and control vectors that allows them interesting windows into foreign lands. To read this article in full or to leave a comment, please click here

IoT: We’re serfs and pawns

There is a huge problem with the ugly Internet of Things (IoT). Many IoT thingies have the security of wet tissue paper, and they’re being used in large swarms and masses to wreak havoc. A colleague of mine, Stephen Satchell, says misbehaving IoT devices should bear the full front of the Consumer Product Safety Commission and be recalled, every last one of them.  Recalled. Why won’t this happen? Let me speculate. It’s because our own government, that is to say the more covert parts of the U.S. government, has its own cadre of botnets and control vectors that allows them interesting windows into foreign lands. To read this article in full or to leave a comment, please click here