Using ansible and dynamic Amazon EC2 inventory management on #AWS

Screenshot_2015-02-03_13.00.10 Brandon Chavis, an AWS Partner Solutions Architect, has a great post over on the AWS blog titled "Getting Started with Ansible and Dynamic Amazon EC2 Inventory Management" today.

From the post:

Today, the options for configuration and orchestration management seem nearly endless, making it daunting to find a tool that works well for you and your organization. Here at AWS, we think Ansible, an APN Technology Partner, provides a good option for configuration management due to its simplicity, agentless architecture, and ability to interact easily with your ever-changing, scaling, and dynamic AWS architecture.

Instead of having to push an agent to every new instance you launch via userdata, roll an agent into an AMI, or engage in similarly management-intensive deployments of your config management software, the Ansible framework allows administrators to run commands against Amazon Elastic Compute Cloud (Amazon EC2) instances as soon as they are available, all over SSH. This document intends to examine ways that your Amazon EC2 inventory can be managed with minimal effort, despite your constantly changing fleet of instances.

Read the full post here.

NFD8 Recap: Nuage Networks – One to Watch

Last fall, I attended the Tech Field Day NFD8 event, and one of the presenting companies was Nuage Networks. This was actually the second time I’d seen Nuage present at an NFD event, the first one being NFD6 a year earlier. Upon my return from NFD8, I did a short write-up of each presenting sponsor for my coworkers at H.A. Storage Systems to keep them informed. The following is my recap of Nuage Networks after their presentation in which I explain why I think Nuage is really on-target with their SDN solution and is definitely a solution to keep an eye on.

Nuage Networks is definitely an SDN company to watch. They are a subsidiary of Alcatel-Lucent (sort of like Cisco’s Insieme but apparently there are no current plans to spin them back in), so they have good financial backing — better than many startups. They have a very mature vision of complete end-to-end SDN with automated deployment tools and fabric-wide management, but they’ve gone beyond what several of the competitors have to look at massive, massive scaling as a core requirement.

Rather than using VXLAN or some other new protocol for things like federation between fabrics, they simply use Continue reading

Binary Metal Guitar

Thank you Ed for sharing the video the led me to find this…

The post Binary Metal Guitar appeared first on Router Jockey.

The Cisco Network Programmability (SDN) Intro Course

Four network programmability certs, two exams for each cert (with matching video courses for each exam) – plus one introductory video. Today’s post discusses that introductory video course, namely:

Introducing Network Programmability Fundamentals

No muss, no fuss – jump into the post for more details.

Overview

Cisco recommends their “Introducing Network Programmability Fundamentals” course to anyone who is:

New to SDN
New to network programmability

Basically, before diving into the other exams and courses, this introductory course sets the stage. Do you have to watch it to get the certifications? No. Can you benefit? Sure. But if you do want to use this course, take it first in sequence, before taking the other Cisco network programmability courses.

Figure 1: Big (and Obvious) Progression from the Introductory Course

Covering the bases, this list gives the highlights of the course:

Six videos of approximately 1 hour each
Six different presenters (one per video)
6 month lease
$59 (at least when I looked just now)
No exam associated with the course – it’s just fundamental background
My recollection (with no way to confirm) is that the version of the course I see when writing this post came out late 2013.

To Continue reading

NBase-ing Your Wireless Decisions

Cat5

Copper is heavy. I’m not talking about it’s atomic weight of 63 or the fact that bundles of it can sag ceiling joists. I’m talking about the fact that copper has inertia. It’s difficult to install and even more difficult to replace. Significant expense is incurred when people want to run new lines through a building. I never really understood how expensive a proposition that was until I went to work for a company that run copper lines.

Out of Mind, Out of Sight

According to a presentation that we saw at Tech Field Day Extra at Cisco Live Milan from Peter Jones at Cisco, Category 5e and 6 UTP cabling still has a significant install base in today’s organizations. That makes sense when you consider that 5e and 6 are the minimum for gigabit Ethernet. Once we hit the 1k mark with speeds, desktop bandwidth never really increased. Ten gigabit UTP Ethernet is never going to take off outside the data center. The current limitations of 10Gig over Cat 6 makes it impossible to use in a desktop connectivity situation. With a practical limit of around 50 meters, you practically have to be on top of the IDF closet Continue reading

First Git, now Vagrant

When I shared the story behind migrating the blog to Jekyll and GitHub, I mentioned that one of the reasons for the migration was to embrace Git as a part of my regular workflow. I’d been recommending to folks that they learn and use Git, and now I needed to “walk the walk” as well as “talk the talk.” This post describes another step in my effort to “walk the walk.”

As the title of the post implies, this step involves the well-known tool Vagrant. (If you are unclear what Vagrant is or what it does, please read my quick introduction to Vagrant.) In the same presentation where I was recommending to folks to learn tools like Git, I was also recommending that they learn (and use, where applicable) tools like Vagrant. Once again, though, I was talking a good game but not backing it up with my actions. So, I’ve resolved to expand my use of Vagrant, sharing with all of my readers and followers along the way. And, because I believe that VMware Fusion is the most robust virtualization solution for Mac OS X, I’ll be using Vagrant with VMware Fusion.

So what will Continue reading

Decision Time for the Open Internet

On February 26 of this year the Federal Communications Commission of the United States will vote on a proposed new ruling on the issue of "Network Neutrality" in the United States, bringing into force a new round of measures that are intended to prevent certain access providers from deliberately differentiating service responses on the carriage services that they provide.

The Cisco Network Programmability (SDN) Intro Course

Introducing Network Programmability Fundamentals

No muss, no fuss – jump into the post for more details.

Overview

Cisco recommends their “Introducing Network Programmability Fundamentals” course to anyone who is:

New to SDN
New to network programmability

Figure 1: Big (and Obvious) Progression from the Introductory Course

Covering the bases, this list gives the highlights of the course:

Six videos of approximately 1 hour each
Six different presenters (one per video)
6 month lease
$59 (at least when I looked just now)
No exam associated with the course – it’s just fundamental background
My recollection (with no way to confirm) is that the version of the course I see when writing this post came out late 2013.

To Continue reading

Before Talking about vMotion across Continents, Read This

I expect to hear a lot about the “wonderful” idea of moving running VMs 100 msec away (across the continent) in the upcoming weeks. I would recommend you read a few of my older blog posts before considering it… and don’t waste time trying to persuade the true believers with technical arguments – talk with whoever will foot the bill or walk away.

ACS 5.X REST API

For a typical network engineer, reading Cisco's REST API documentation looks really simple. All you need to do is to issue the following CLI command

acs config-web-interface rest enable.

But now what? Where are the examples? Thats easy, all you need to do is to download example code directly from the ACS administration UI. But that code is in Java, and several pages long for each example.

So let me do you a favor and show you how to extract a list of all ACS users without even writing a single line of code:

wget -O user-list.xml --auth-no-challenge --http-user=acs_admin_user --http-password=admin_pass --no-check-certificate https://acs.ip.address.x/Rest/Identity/User

Few things to notice:

Its a one line command UNIX command. A windows version can be found here.
The output is XML file called user-list.xml
--no-check-certificate is needed because ACS has its own self generated SSL certificate, and wget will fail to authenticate that certificate. This can be changed, but how many are actually using anything else?
--auth-no-challenge is used because ACS expects to use preemptive authentication.

Enjoy!

Kubernetes 101 – The build

In this series of posts we’re going to tackle deploying a Kubernetes cluster. Kubernetes is the open source container cluster manager that Google released some time ago. In short, it’s a way to treat a large number of hosts as single compute instance that you can deploy containers against. While the system itself is pretty straight forward to use, the install and initial configuration can be a little bit daunting if you’ve never done it before. The other reason I’m writing this is because I had a hard time finding all of the pieces to build a bare metal kubernetes cluster. Most of the other blogs you’ll read use some mix of an overlay (Weave or Flannel) so I wanted to document a build that used bare metal hosts along with non-overlay networking.

In this first post we’ll deal with getting things running. This includes downloading the actual code from github, building it, deploying it to your machines, and configuring the services. In the following posts we’ll actually start deploying pods (we’ll talk about what those are later on), discuss the deployment model, and dig into how Kubernetes handles container networking. That Continue reading

February Network Topology Photo Challenge

Show us your best GNS3 Topology to win a $250 Amazon Gift Card + Pica8 Polo Shirt! Contest Closes on March 2nd Over the past couple

New Product Release :: CCIE Data Center – Written Exam Video on Demand

We are happy to announce that we’ve recently completed a brand new CCIE Data Center Written Exam Video on Demand. In this coursework, you’ll immerse yourself in each technology your instructor, Jason Lunde CCIE #29431 x2 (R&S and Data Center) presents. Jason will also dissect each technology in a manner in which you will walk away with a complete understanding. Included in the coursework is close to 18 hours of lectures, white boards, and configuration topics!

Check out this Video on Demand course here.

Below, you will find the complete outline of our latest Video on Demand course! We’re quite confident that you won’t find a more thorough, up-to-date product on the market!

Outline

Course Introduction
CCIE DC Equipment Overview
NX-OS Architecture
NX-OS Redundancy and File MGMT
VDC’s
Fabric Extension
NX-OS Layer 2
- VLANs/PVLANs
- Spanning-tree
- Port-channels
Virtual Port-Channels (vPC)
NX-OS Basic Layer 3
- EIGRP
- OSPF
- BGP
CCIE DC Jumbo Frames

FabricPath
VRF (virtual routing and forwarding instances)
NX-OS Multicast
NX-OS Security
- Local Accounts
- RBAC
- AAA
- SSH
- CoPP
- Rate-limiting
- ACLs
- Port-security
- DHCP Snooping
- DAI
- IP Source Guard
First Hop Redundancy
- HSRP
- VRRP
- GLBP
OTV
NX-OS Services
- ISSU
- Smart Call Home
- SNMP
- SPAN
- EEM
- Netflow

Unified Ports
Fibre Channel
- Theory
- Addressing
- Principle Switches
- Flow Control Continue reading

Migrating From One Old Mac To Another with Factory Reset & OS X Yosemite

Send to Kindle I had a need this past weekend to migrate from one old Mac running OS X Yosemite to another old Mac, also running OS X Yosemite. Apple’s Migration Assistant can get this done, but I was looking to zero out the target Mac first. You can google a few different ways to […]

Wireless Configuration Method Speed Test Shootout :: Part 3

This is the third and final article in a series focusing on seeing which configuration methods are fastest or slowest in the CCIE wireless lab. The idea is to test each method under a variety of likely configuration scenarios that you would experience in the real lab and see how things stack up.

Check out the supporting Speed Test video playlist on our YouTube channel.

This article focuses on autonomous APs. I set up 3 different scenarios, as listed below:

Configuring WDS using local RADIUS and registering 2 APs
Configuring two SSIDs with their associated VLANs
Configuring a few settings under the radios

If you want to watch the actual configurations, you can check out the companion video to this article over in our YouTube channel. It shows how I arrived at the configuration speeds and the methods that I used. You may be able to pick up a few tips or tricks for faster configurations by watching how I do things.

WDS

For this test, had to configure local RADIUS with a network device and user account, then configure AAP1 as a WDS with associated authentication methods. Finally, I registered both AAP1 and AAP2 Continue reading

Multigigabit Ethernet 2.5 / 5.0Gbps NBASE-T Alliance

Ethernet 2.0

The title above may seem a little odd given Ethernet’s long and healthy life. Keeping conversation to more recent Ethernet standards (10/100/1000/10000/40000/100000 Mbps) the transmission technology and encoding standards have come a very long way for Ethernet. I remember when 100Mbps ports were the absolute norm and when 1Gbps ports were spared for very special (high paying) customers often on a single line card on a router!!! A router!!!

Wind the clock forward about ten years and where are we? 10Gbps access ports to servers, 40Gbps uplink ports from top of rack switching and 1Gbps ports to wireless access points, vending machines and home devices such as printers and coffee machines. Wireless technology is flourishing and with the advent of 802.11ac (Gigabit wireless) the access layer is seeing rolling upgrades.

So if we imagine our access tier is formed of 1Gbps access ports to wireless access points, multiple 10Gbps uplinks often in a multi-chassis Ethernet LAG (MLAG/MEC/vPC/) bundle and core speeds at least at multiple 10Gbps if not 40Gbps speeds, what happens when wireless plays catch up? Introducing The 802.11ac Wave 2 standard which sees speeds that could exceed 6.8 Gbps. This unbelievable wireless speed Continue reading

Networking Basics: Spanning Tree Protocol

by Ethan Banks, originally published on the Auvik blog For new networkers, Spanning Tree Protocol (STP) can be an intimidating topic. Many

Untangle Comprehensive Feature Analysis [Continued]

In the preceding article Untangle Scrutinized : Deep Dive into Untangle’s Features, we scrutinized Untangle’s Web Filter, HTTPS

Response: Whats New in systemd, 2015 Edition

Summary of a presentation at FOSDEM about systemd is very interesting. Lots of improvements and practical changes from what I can see that would Linux more usable and viable. But this caught my eye about replacing syslog with HTTP: journald-remoting: the binary logger now has remote support (aka: remoting) via HTTP (instead of the syslog […]

The post Response: Whats New in systemd, 2015 Edition appeared first on EtherealMind.

text2pcap – How to convert ASCII packet dumps to .pcap files?

Nothing in my experince is better at telling the real story than a packet capture. They tell exactly what is really going on and whether the configuration or changes are working as expected or not. Sometimes an engineer needs to look at packet captures taken from devices that don’t generate .pcap files directly. Although with [...] No related posts. Related posts brought to you by Yet Another Related Posts Plugin.

« Previous 1 … 3,495 3,496 3,497 3,498 3,499 … 3,695 Next »