0

New reference architecture: Deploying Ansible Automation Platform 2 on Red Hat OpenShift

It has arrived! The latest reference architecture showcasing the best practices for deploying Red Hat Ansible Automation Platform 2.3 on Red Hat OpenShift! 

 

Why are you going to love it?

With Ansible Automation Platform running on top of Red Hat OpenShift, you get the best of both worlds. You can now focus on what really matters - automation - while taking advantage of Red Hat Ansible Automation Platform Operator to do the heavy lifting of deploying, managing, scaling and upgrading your Ansible Automation Platform environment.

This reference architecture not only focuses on the step-by-step to deploy Red Hat Ansible Automation Platform 2.3 on Red Hat OpenShift, but focuses on key aspects including:

• Sizing your automation controller: Learn how to size your automation controller by understanding its control capacity and how many automation jobs can run concurrently.

• Resource management: Discover how to set resource requests and limits for the Ansible Automation Platform, ensuring that your deployment has enough resources to run smoothly and efficiently.

• Installation guidance: Understand key considerations prior to your deployment of Red Hat Ansible Automation Platform.
  

• Monitoring your Ansible Automation Platform: Learn how to use Prometheus and Grafana to monitor your Ansible Continue reading

0

Modernizing the WAN from Client to Cloud

The evolution of WAN architectures has historically paralleled that of application architectures. When we primarily connected terminals to mainframes, the WAN architecture was largely point-to-point links connecting back to data center facilities. As traffic converged to remove OpEx-intensive parallel network structures, the WAN evolved to architectures that enabled site-to-site connectivity in a full mesh or configurable mesh and then enabled multi-tenancy for carrier cost optimization.

0

External Links on Spine Switches

A networking engineer attending the Building Next-Generation Data Center online course asked this question:

What is the best practice to connect DC fabric to outside world assuming there are 2 spine switches in the fabric and EVPN VXLAN is used as overlay? Is it a good idea to introduce edge (border) switches, or it is better to connect outside world directly to the spine?

As always, the answer is “it depends,” this time based on:

0

External Links on Spine Switches

A networking engineer attending the Building Next-Generation Data Center online course asked this question:

What is the best practice to connect DC fabric to outside world assuming there are 2 spine switches in the fabric and EVPN VXLAN is used as overlay? Is it a good idea to introduce edge (border) switches, or it is better to connect outside world directly to the spine?

As always, the answer is “it depends,” this time based on:

0

The Networking RFCs: To read or not to read?

I see this question rather often asked on various social media. A post on Twitter a few days ago triggered this little blog post and I deeply appreciate the poster. The question was simple “Is it really necessary for an engineer to know or understand the key RFC numbers?”. Some of the engineers I work […]

The post The Networking RFCs: To read or not to read? appeared first on Packet Pushers.

0

Demo Bytes: Upgrading Network Devices With BackBox – Video

The BackBox network automation platform comes with many pre-built functions to make routine tasks performed by network administrators simple & foolproof. In this demo, BackBox’s Senior Product Manager Perry Greenwood shows Packet Pushers’ Ethan Banks how to automate network device upgrades using BackBox. We look at the entire lifecycle of the upgrade process, including scheduling, […]

The post Demo Bytes: Upgrading Network Devices With BackBox – Video appeared first on Packet Pushers.

0

SD-WAN, SASE prove essential tools for Porsche’s electric-racecar success

The ninth season of Formula E World Championship racing is under way, with events slated this spring everywhere from Berlin to Jakarta to Portland, Oregon. Formula E has all of the thrills and spills of IndyCar or F1 racing—sleek aerodynamic vehicles, talented drivers, spirited competition. But there’s one key difference: the cars are electric.In traditional auto racing, the skills of the driver are certainly important, but so is the strategy of when to make a pit stop for fuel and tires as well as the real-time communication between driver and pit crew. Similarly, in Formula E the driver is the star of the show, but data analytics running in the background plays an important role.To read this article in full, please click here

0

Assume Disaster

One of the things that people have mentioned to me in the past regarding my event management skills is my reaction time. They say, “You are always on top of things when they go wrong. How do you do it?”

My response never fails to make them laugh. I offer, “I always assume something is going to go wrong. I may not know what it is but when it does happen I’m ready to fix it.”

That may sound like a cynical take on planning and operations but it’s served me well for many years. Why is it that things we spend so much time working on always seem to go off the rails?

Complexity Fails

Whether it’s an event or a network or even a carpentry project you have to assume that something is going to go wrong. Why? Because the more complex the project the more likely you are to hit a snag. Systems that build on themselves and require input to proceed are notorious for hitting blocks that cause the whole thing to snarl into a mess of missed timelines.

When I was in college studying project management I learned there’s even a term for Continue reading

0

Providing Terraform with that Ansible Magic

Late last year, we introduced a Red Hat Ansible Certified Collection Collection for Terraform. This was an important step in automation, as these two tools really are great together and leveraging Ansible's ability to orchestrate other tools in the enterprise made this a no-brainer. Terraform with its infrastructure as code (IaC) provisioning and Ansible’s strength in configuration as code are a synergy that cannot be ignored - we are better together! Organizations are now in the position to utilize their existing infrastructure as code manifests and extend their automation with Terraform and Ansible together.  

Now, we are back  with help from our partners at Kyndryl and XLAB and adding more value and magic to infrastructure as code - This time we have some extra muscle with an addition to the Red Hat Ansible Certified Content Collection: The Ansible provider for Terraform.

So what does the provider help us with?

Without a provider, we would need to rely on inventory plugins for the different cloud platforms and use filters to grab instance information from our freshly "Terraformed" infrastructure. This allows us to update our inventory so we can run automated tasks against these hosts. This is pretty smooth in Continue reading

0

Network Break 422: Microsoft Tasks Copilot To Do Your Drudge Work; Cisco Debuts A New Learning Platform

On this week's Network Break podcast we examine Palo Alto Networks adding AI Ops to its SASE offering, and Microsoft Copilot bringing AI into its suite of Office tools. The Ethernet Adapter market grew 22% in 2022, but not because more NICs were sold; we discuss the real reasons and cover more tech news.

0

Network Break 422: Microsoft Tasks Copilot To Do Your Drudge Work; Cisco Debuts A New Learning Platform

On this week's Network Break podcast we examine Palo Alto Networks adding AI Ops to its SASE offering, and Microsoft Copilot bringing AI into its suite of Office tools. The Ethernet Adapter market grew 22% in 2022, but not because more NICs were sold; we discuss the real reasons and cover more tech news.

The post Network Break 422: Microsoft Tasks Copilot To Do Your Drudge Work; Cisco Debuts A New Learning Platform appeared first on Packet Pushers.

0

Taking Another Stab At Massively Parallel Data Analytics

For many years, and quite a long time ago in computer time, Hadoop was seen as the best way to store and analyze mountains of unstructured data. …

Taking Another Stab At Massively Parallel Data Analytics was written by Jeffrey Burt at The Next Platform.

0

JWTs: Connecting the Dots: Why, When and How

JSON web tokens (JWTs) are great — they are easy to work with and stateless, requiring less communication with a centralized authentication server. JWTs are handy when you need to securely pass information between services. As such, they’re often used as ID tokens or access tokens. This is generally considered a secure practice as the tokens are usually signed and encrypted. However, when incorrectly configured or misused, JWTs can lead to broken object-level authorization or broken function-level authorization vulnerabilities. These vulnerabilities can expose a state where users can access other data or endpoints beyond their privileges. Therefore, it’s vital to follow best practices for using JWTs. Knowing and understanding the fundamentals of JWTs is essential when determining a behavior strategy. Curity is a leading IAM and API security technology provider that enables user authentication and authorization for digital services. The Curity Identity Server is highly scalable, handles the complexities of the leading identity standards, making them easier to use, customize and deploy. Learn More The latest from Curity $(document).ready(function() { $.ajax({ method: 'POST', url: '/no-cache/sponsors-rss-block/', headers: { 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }, data : { sponsorSlug : 'curity', numItems : 3 }, success : Continue reading

0

The quantum state of a TCP port

Have you noticed how simple questions sometimes lead to complex answers? Today we will tackle one such question. Category: our favorite - Linux networking.

When can two TCP sockets share a local address?

If I navigate to https://blog.cloudflare.com/, my browser will connect to a remote TCP address, might be 104.16.132.229:443 in this case, from the local IP address assigned to my Linux machine, and a randomly chosen local TCP port, say 192.0.2.42:54321. What happens if I then decide to head to a different site? Is it possible to establish another TCP connection from the same local IP address and port?

To find the answer let's do a bit of learning by discovering. We have prepared eight quiz questions. Each will let you discover one aspect of the rules that govern local address sharing between TCP sockets under Linux. Fair warning, it might get a bit mind-boggling.

Questions are split into two groups by test scenario:

In the first test scenario, two sockets connect from the same local port to the same remote IP and port. However, the local IP is different for each socket.

While, in the second scenario, the local Continue reading

0

Everything you might have missed during Security Week 2023

Security Week 2023 is officially in the books. In our welcome post last Saturday, I talked about Cloudflare’s years-long evolution from protecting websites, to protecting applications, to protecting people. Our goal this week was to help our customers solve a broader range of problems, reduce external points of vulnerability, and make their jobs easier.

We announced 34 new tools and integrations that will do just that. Combined, these announcement will help you do five key things faster and easier:

1. Making it easier to deploy and manage Zero Trust everywhere
2. Reducing the number of third parties customers must use
3. Leverage machine learning to let humans focus on critical thinking
4. Opening up more proprietary Cloudflare threat intelligence to our customers
5. Making it harder for humans to make mistakes

And to help you respond to the most current attacks in real time, we reported on how we’re seeing scammers use the Silicon Valley Bank news to phish new victims, and what you can do to protect yourself.

In case you missed any of the announcements, take a look at the summary and navigation guide below.

Monday

0

Stop Building Networks: It’s Time for Networking-as-a-Service

Networking-as-a-Service is the logical outcome of moving to the cloud and is a perfect match for today's anything-as-a-service economy.

0

Test VRF-Aware DHCP Relaying with netlab

After figuring out how DHCP relaying works and testing it in a simple lab, I went a step further and tested VRF-aware DHCP relaying.

Lab Topology

I had to make just a few changes to the DHCP relaying lab topology:

• DHCP server is running on CSR 1000v. IOSv DHCP server does not support subnet selection DHCP option and thus doesn’t work with relays that do inter-VRF DHCP relaying.
• I put the link between the DHCP client and DHCP relay into a VRF.

0

Test VRF-Aware DHCP Relaying with netlab

After figuring out how DHCP relaying works and testing it in a simple lab, I went a step further and tested VRF-aware DHCP relaying.

Lab Topology

I had to make just a few changes to the DHCP relaying lab topology:

• DHCP server is running on CSR 1000v. IOSv DHCP server does not support subnet selection DHCP option and thus doesn’t work with relays that do inter-VRF DHCP relaying.
• I put the link between the DHCP client and DHCP relay into a VRF.

0

Worth Reading: History of 8-bit Bytes

Just in case you wondered why we have eight bits per byte: after Julia Evans investigated this mystery, Steven Bellovin published an excellent overview of the early years of bytes and words.

0

Worth Reading: History of 8-bit Bytes

Just in case you wondered why we have eight bits per byte: after Julia Evans investigated this mystery, Steven Bellovin published an excellent overview of the early years of bytes and words.