Microsoft AZ-700 completed

I just passed the Microsoft AZ-700 exam, Designing and Implementing Microsoft Azure Networking Solutions, which means I am now certified in the two major clouds (AWS and Azure) when it comes to networking. As always after an exam, I write a summary of my experience with it and the resources I used. This is this post.

What is AZ-700?

This exam is for those that want to get certified on the networking component of Azure. Microsoft describes the exam in the following manner:

Candidates for this exam should have subject matter expertise in planning, implementing, and maintaining Azure networking solutions, including hybrid networking, connectivity, routing, security, and private access to Azure services

The breakdown of major topics and their percentage is the following:

Design, implement, and manage hybrid networking (10-15%)
Design and implement core networking infrastructure (20-25%)
Design and implement routing (25-30%)
Secure and monitor networks (15-20%)
Design and implement Private access to Azure Services (10-15%)

There is a more detailed breakdown available as well. Always go through the exam blueprint before studying for a certification.

How to study for AZ-700

My goal when studying for this exam was to build a proficiency working with networking in Azure. That Continue reading

Understanding Kubernetes Autoscaling

Kubernetes autoscaling ensures each pod and cluster can achieve the optimal performance to serve the application’s current needs.

Hedge 159: Roundtable on SONiC, Antipatterns, and Resilience through Acquisition

In this last episode of 2022, Tom, Eyvonne, and Russ sit around and talk about some interesting things going on in the world of network engineering. We start with a short discussion about SONiC, which we intend to build at least one full episode about sometime in 2023. We also discuss state and antipatterns, and finally the idea of acquiring another company to build network resilience.

download

US-China chip war puts global enterprises in the crosshairs

While the Biden administration’s ban on exports of certain chip technology to China is targeted at China’s military and industrial use, enterprises across the world will find their supply chains disrupted.

Routing Protocol Implementation Evaluation in Fat-Trees

Network design discussions often involve anecdotal evidence, and the arguments for preferring something follow up with “We should do X because at Y place, we did this.”. This is alright in itself as we want to bring the experience to avoid repeating past mistakes in the future. Still, more often than not, it feels like we have memorized the answers, and without reading and understanding the question properly, we want to write down the answer. Ideally, we want to understand the problem and solution space and put that into the current context, discussing various tradeoffs and picking the best solution in the given context. Our best solution for the same problem may change as the context changes. Also, this problem...

Routing Protocol Implementation Evaluation in Fat-Trees

Network design discussions often involve anecdotal evidence, and the arguments for preferring something follow up with “We should do X because at Y place, we did this.”. This is alright in itself as we want to bring the experience to avoid repeating past mistakes in the future. Still, more often than not, it feels like we have memorized the answers and without reading the question properly, we want to write down the answer vs. learning the problem and solution space, putting that into the current context we are trying to solve with discussions about various tradeoffs and picking the best solution in the given context. Our best solution for the same problem may change as the context changes. Also, this problem is everywhere. For example: Take a look at this twitter thread

Maybe one way to approach on how to think is to adopt stochastic thinking and add qualifications while making a case if we don’t have all the facts. The best engineers I have seen do apply similar thought processes. As world-class poker player Annie Duke points out in Thinking in Bets, even if you start at 90%, your ego will have a much easier time with Continue reading

Learning Rust, assisted by ChatGPT

I finally got around to learn Rust. Well, starting to.

It’s amazing.

I’m comparing this to learning Basic, C, C++, Erlang, Fortran, Go, Javascript, Pascal, Perl, PHP, Prolog and Python. I wouldn’t say I know all these languages well, but I do know C, C++, Go, and Python pretty well.

I can critique all these languages, but I’ve not found anything frustrating or stupid in Rust yet.

Rust is like taking C++, but all the tricky parts are now the default, and checked at compile time.

Copies

With C++11 we got move semantics, so we have to carefully disable the (usually) default-created copy constructor and copy assignments, or if you have to allow copies then every single use of the type has to be very careful to not trigger copies unless absolutely necessary.

And you have to consider exactly when RVO kicks in. And even the best of us will sometimes get it wrong, especially with refactors. E.g. who would have thought that adding this optimization would suddenly trigger a copy of the potentially very heavy Obj object, a copy that was not there before?

--- before.cc   2022-12-28 10:32:50.969273274 +0000
+++ after.cc    2022-12-28 10:32:50.969273274 +0000
 Continue reading

How Can Your Company Avoid Costly and Painful Networking Mistakes?

With scalability, connectivity, and reliability in mind during the network design phase, companies can safeguard security without sacrificing convenience to their clients.

Kubernetes 004. Real-world Example of Deploying Kubernetes at Azure Kubernetes Services with Terrafom

Hello my friend,

In one of the past blogposts we have highlighted the journey for automation for engineers, who is willing to develop further outside of their core remit, such as networking, compute, or storage. In today’s blogpost we’ll provide some of examples how the different moving pieces are coming along together.


1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Do I Need to Learn Network Automation?

Yes, you do. Start today with our Network Automation Training programs:

We offer the following training programs for you:

During these trainings you will learn the following topics:

Success and failure strategies to build the automation tools.
Principles of software developments and the most useful and convenient tools.
Data encoding (free-text, XML, JSON, YAML, Protobuf).
Model-driven network automation with YANG, NETCONF, RESTCONF, GNMI.
Full configuration templating with Jinja2 based on the source Continue reading

Server supply chain undergoes shift due to geopolitical risks

Geopolitical tensions among the US, China, and Taiwan are forcing a notable change to server manufacturing, according to Asian market research firm TrendForce, which predicts that core parts of the server supply chain will eventually shift to southeast Asia and the Americas. According to TrendForce’s research, Taiwan-based original design manufacturers (ODM) currently account for about 90% of global server motherboard production. A notable exception is Supermicro, which has a 1.5 million square-foot factory in Fremont, California. It also has an 800,000 square-foot facility in Taiwan.Ever since the start of the trade dispute between the US and China beginning in 2018, server ODMs began looking at moving their production lines from mainland China to Taiwan. Then, due to the explosion in construction of data centers across the Asia-Pacific region, motherboard makers began looking at southeast Asian countries such as Malaysia and Thailand for capacity expansion.To read this article in full, please click here

Server supply chain undergoes shift due to geopolitical risks

How to use the zdiff command

In this Linux tip, we’re going to look at the zdiff command. It’s a command that allows you to view the differences between 2 gzipped files – differences in the content that was compressed.

Configuring-Junos-Devices-using-Netconf-and-YANG-Model

please visit following gitwiki

https://github.com/kashif-nawaz/Configuring-Junos-Devices-using-Netconf-and-YANG-Model

Better pipes

In my blog post The uselessness of bash I made a tool to improve pipes in shell, to assemble a better pipeline.

It solves the problem, but it’s a bit too different, with its own language.

While complaining with some people at work that one of the main features of shell (the pipe operator) is broken, someone joked that it should be replaced by a protobuf based protocol.

But on second thought it’s not really a joke.

How about instead of this:

$ goodpipe <<EOF
[
  ["gsutil", "cat", "gs://example/input-unsorted.txt"],
  ["sort", "-S300M", "-n"],
  ["gzip", "-9"],
  ["gsutil", "cp", "-", "gs://example/input-sorted-numerically.txt.gz"]
]
EOF

how about this:

$ wp -o gsutil cat gs://example/input-unsorted.txt \
  | wp -io sort -S300M -n \
  | wp -io gzip -9 \
  | wp -i gsutil cp - gs://example/input-sorted-numerically.txt.gz

It doesn’t use protobufs, but a simpler regular protocol. This in order to avoid well known bugs types. Before implementing any protocol also see formal theory and science of insecurity.

First I hacked it together in Go, but I think the main implementation I’ll maintain is the one I made while porting it to Rust, as a way to learn Rust. The Continue reading

How Work From Home Shaped the Road to SASE for Enterprises

Many businesses were forced into addressing remote access at the beginning of the pandemic, which is a well-documented access point for SASE.

What is a VPN? A secure network over the internet

VPNs date back to the 1990s when the public internet lacked almost any form of security, and the technology was developed to provide secure and cost-effective connections across this insecure landscape.VPNs have become widely deployed across enterprise networks and experienced a surge during the pandemic, when companies had to scramble to provide secure remote access to employees who were suddenly working from home.VPNs remain popular today, but they are also slowly but surely being supplanted by more flexible, more secure, more granular alternatives, such as SD-WAN, Zero Trust Network Architecture (ZTNA), and SASE, a cloud-based service that includes SD-WAN, ZTNA and other security features.To read this article in full, please click here

Managing infrastructure with Terraform, CDKTF, and NixOS

A few years ago, I downsized my personal infrastructure. Until 2018, there were a dozen containers running on a single Hetzner server.¹ I migrated my emails to Fastmail and my DNS zones to Gandi. It left me with only my blog to self-host. As of today, my low-scale infrastructure is composed of 4 virtual machines running NixOS on Hetzner Cloud and Vultr, a handful of DNS zones on Gandi and Route 53, and a couple of Cloudfront distributions. It is managed by CDK for Terraform (CDKTF), while NixOS deployments are handled by NixOps.

In this article, I provide a brief introduction to Terraform, CDKTF, and the Nix ecosystem. I also explain how to use Nix to access these tools within your shell, so you can quickly start using them.

CDKTF: infrastructure as code

Terraform is an “infrastructure-as-code” tool. You can define your infrastructure by declaring resources with the HCL language. This language has some additional features like Continue reading

Looking ahead to the network technologies of 2023

What’s the single most important thing that enterprises should know about networking in 2023? Forget all that speeds-and-feeds crap you hear from vendors. The answer is that networking is now, and forever, linked to business applications, and those applications are linked now to the way that we use the Internet and the cloud. We’re changing how we distribute and deliver business value via networking, and so network technology will inevitably change too, and this is a good time to look at what to expect.Growth in Internet dependence First, the Internet is going to get a lot better because it’s going to get a lot more important. It’s not just that the top-end capacities offered will be raised, in many cases above 2 Gbps. Every day, literally, people do more online, and get more interactive, dynamic, interesting, websites to visit and content to consume. Internet availability has been quietly increasing, and in 2023 there will be a significant forward leap there, in large part because people who rely on something get really upset when it’s not working.To read this article in full, please click here

The top 12 tech stories of 2022

The year highlighted how vulnerable the technology sector is to the vagaries of geopolitics and the macroeconomy, as IT giants laid off workers, regulators cracked down on tech rule-breakers, nations negotiated data security regulations, the US-China chip war widened, and the Ukraine war disrupted business as usual.