Red Hat Ansible Automation Platform on Microsoft Azure – Network Access – blog #1

Introduction

In this blog series we will discuss the deployment of Red Hat Ansible Automation Platform on Microsoft Azure, specifically focusing on the deployment access types and what that means for accessing Red Hat Ansible Automation Platform on Azure after deployment completion.

 

Deployment Access Types

First let’s start by discussing the different deployment access types.

During deployment, Red Hat Ansible Automation Platform on Azure will present an option called “Access” that determines how you will access the user interfaces.

 

Access Selection at Deploy Time

Deployment Type

Details

Public

Public deployments allow ingress to the user interfaces over the public internet. Upon deployment, a domain name is issued to the Red Hat Ansible Automation Platform on Azure instance, and users will be able to navigate to the domain to login. This is the easiest approach to deploy because there is no configuration required to access Red Hat Ansible Automation Platform on Azure.


Public Access Architecture Diagram below

 

Public Access Architecture Diagram

Deployment Type

Details

Private

Private deployments omit access from the public internet. When deployed, Red Hat Ansible Automation Platform on Azure will reside in an isolated Azure VNET with no access from external sources or even other Continue reading

Orhan Ergun CCIE Enterprise Infrastructure Course Review 1

I see some people have been asking what other people are thinking about Orhan Ergun’s CCIE Enterprise course, thus starting today to share what other people share about us on their blog posts as well. Not just on social media, but with these blog posts, because they are able to share more thoughts about us, I think it is very valuable feedback for everyone.

I would like to start with the website ‘ samovergre.com ‘.

He is our CCIE Enterprise student and you can find his CCIE study plan on this page. He is sharing feedback about our CCIE Enterprise training and other study materials he uses for his CCIE Enterprise study.

Why Orhan Ergun CCIE Enterprise Infrastructure Course?

One thing that was very important there was that He understand the uniqueness of our CCIE Enterprise Training. It is the design part.

Everyone can teach you how to configure routers or routing protocols, but a design mindset is a completely unique thing and for years, if you are a Network Engineer, probably you have heard about our CCDE training and its success too.

Now, we continue delivering our design knowledge and experience to our CCIE students as well and Continue reading

Despite a persistent problem, using the DHCP features on a Cisco switch makes sense

Dynamic host-configuration protocol (DHCP) has a lot of benefits, including saving time by assigning IP addresses and other attributes to networked devices rather than IT pros having to do it manually.Sometimes, though, problems arise that eat up time in a different way. This is one such case affecting Cisco Catalyst 6500 and 9600 Layer 3 chassis switches used as distribution switches for our network, with different groups of buildings linked to them. [ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here

netlab: Combining VLANs with VRFs

Last two weeks we focused on access VLANs and VLAN trunk netlab implementation. Can we combine them with VRFs? Of course.

The trick is very simple: attributes within a VLAN definition become attributes of VLAN interfaces. Add vrf attribute to a VLAN and you get all VLAN interfaces created for that VLAN in the corresponding VRF. Can’t get any easier, can it?

How about extending our VLAN trunk lab topology with VRFs? We’ll put red VLAN in red VRF and blue VLAN in blue VRF.

Read more …

netsim-tools: Combining VLANs with VRFs

Last two weeks we focused on access VLANs and VLAN trunk implementation in netsim-tools. Can we combine them with VRFs? Of course.

The trick is very simple: attributes within a VLAN definition become attributes of VLAN interfaces. Add vrf attribute to a VLAN and you get all VLAN interfaces created for that VLAN in the corresponding VRF. Can’t get any easier, can it?

How about extending our VLAN trunk lab topology with VRFs? We’ll put red VLAN in red VRF and blue VLAN in blue VRF.

Read more …

Cloudflare is redefining employee well-being in Japan

Cloudflare is redefining employee well-being in Japan

This post is also available in 日本語

Cloudflare is redefining employee well-being in Japan
“You can accomplish anything if you do it. Nothing will be accomplished unless you do it. If nothing is not accomplished, that’s because no one did it.“
— Yozan Uesugi

Long hours and hard work. If you ask anyone in Japan what our work culture is like, chances are, these are the words that will come to mind. Different countries have their own cultures and also specific work habits and ways of having a work-life balance. The pandemic brought everyone (companies and their people) a new reality, new lessons, and new habits. Here at Cloudflare, our thinking around where and how we do our best work has evolved over the course of the pandemic. We care about addressing the diverse needs of our workforce and our policies and benefits are designed to optimize for their flexibility and needs. To that end, Cloudflare Japan is making a few important changes to our employee benefits:

  • “take what you need” time off for all our employees
  • 16-week gender-neutral paid parental leave
  • flexible working hours

First, let’s try to understand a bit of the Japanese work culture. According to Japan’s labor laws, Japanese employed workers are Continue reading

BGP communities part 3: Customer BGP Traffic Engineering communities

If you’ve ever been asked to prioritize one internet connection over another for any variety of reasons, cost, latency, SLA, etc… this is for you.

Often I hear the same tactics to solve this problem:

  • AS-PATH prepending
  • conditional advertisements
  • scripting
  • some other manual process

However, most carriers offer customer BGP TE communities that you can use to influence traffic within their AS, with one notable exception Hurricane Electric. If you’re not sure what a BGP community take a quick look at this post on them first.

Lets explore how to utilize these, where to find them, and how they might give more deterministic path selection than the options laid out above.

BGP Topology

Default behavior with no modification

First to get familiar with the topology and show reachability we’ll leave all settings as “defaults” with no modifications. 

ISP-1-RTR-1#traceroute 203.0.113.1 source 192.0.2.1
Type escape sequence to abort.
Tracing the route to 203.0.113.1
VRF info: (vrf in name/id, vrf out name/id)
  1 100.123.0.1 1 msec 1 msec 1 msec
  2 100.124.0.2 1 msec 0 msec 0 msec
  3 100.126.0.10 2 msec *  1  Continue reading

Using OpenSSL with Ed Harmoush 3/6 Troubleshooting: Matching Keys To Certificates – Video

ED, HIS TLS COURSE, AND THE FREE OPENSSL CHEATSHEET Twitter @ed_pracnet https://practicalnetworking.net Practical TLS course: https://pracnet.net/tls OpenSSL Cheatsheet: https://pracnet.net/openssl FILES FOR THE CERT/KEY MATCHING EXERCISE: ZIP VERSION: packetpushers-pracnet-openssl.zip https://ln5.sync.com/dl/1f1f63d90/kqztwkp9-hkcz3yvq-tuzx79ke-aewxgaip TAR.GZ VERSION: packetpushers-pracnet-openssl.tar.gz https://ln5.sync.com/dl/0791b8d50/q973jpyb-qrmz3cpd-xeiar9zn-qu99gi5w FOR MORE INFO Hashing, Hashing Algorithms, and Collisions – Cryptography Symmetric Encryption vs Asymmetric Encryption Public & Private Keys – Signatures & […]

The post Using OpenSSL with Ed Harmoush 3/6 Troubleshooting: Matching Keys To Certificates – Video appeared first on Packet Pushers.

Controversial Reads 061122


In the hands of police and other government agencies, face recognition technology presents an inherent threat to our privacy, free expression, information security, and social justice.


From social credit scores and online censorship to electronic billboards that display a citizen’s “violations” like jaywalking, surveillance is a part of everyday life for millions of Chinese people.


But there’s a much bigger threat to democracy coming out of Silicon Valley and it’s this: America’s largest financial and tech increasingly act as independent countries, routinely exporting jobs, money and technology to our most significant global adversary.


It’s difficult to overstate how dramatic this shift is, both in substance and in tone. Overpaying, and even coddling, talented engineers has, for years, been seen as a point of pride among tech’s leadership class.


Excessive centralization can stymie coordination and erode freedom, democracy, and economic dynamism—decentralization is supposed to be the remedy. But the term on its own is too vague to be a coherent end goal.


In early March, weeks after senators advanced a sweeping bill to expand competition in the tech industry, a regional newspaper more than 2,000 miles from Silicon Valley ran a defensive op-ed.


Raskin didn’t foresee how tech giants would exploit Continue reading

Segment Routing with MPLS (SR-MPLS)

In this lab we explore Segment Routing (SR) using Multiprotocol Label Switching as an encoding mechanism. Segment Routing, also known as “Source Packet Routing in Networking” (SPRING), is a method of routing in which ingress routers prepend instructions to traffic that cause actions to be performed by transit nodes as it travels across a network. This is sometimes as simple as a list of routers a packet must traverse to reach its destination.

Weekend Reads 061022


Alongside the announcement of Ryzen 7000 processors, AMD revealed a new technology coming to the platform: Smart Access Storage.


The web of global intermediary liability laws has grown increasingly vast and complex as policymakers around the world move to adopt stricter legal frameworks for platform regulation.


Like other kinds of computing, if you put garbage data into a machine learning training run and then pour new data through it, what comes out as the answer is puréed garbage.


A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering Windows Defender and a roster of other endpoint protection products.


Although cyber conflict has existed for thirty years, the strategic utility of cyber operations remains unclear.


By expanding the breadth of device-to-application solutions with IPv6, LoRaWAN’s addressable IoT market is also broadened to include internet-based standards required in smart electricity metering and new applications in smart buildings, industries, logistics, and homes.


Earlier this year, the LockBit group posted a table listing encryption speeds for more than 30 ransomware families, highlighting the fact that LockBit 2.0 was the fastest.


In this post, I’ll Continue reading

Heavy Networking 634: Why (Not) MikroTik?

Today's Heavy Networking gets into networking hardware from MikroTik, a vendor you may not have heard of. Our guest is Kevin Myers, a senior network architect and consultant who uses MikroTik with a variety of clients big and small. We'll find out what MikroTik is good for, and not good for, management and support, and more. This is a non-sponsored episode.

Heavy Networking 634: Why (Not) MikroTik?

Today's Heavy Networking gets into networking hardware from MikroTik, a vendor you may not have heard of. Our guest is Kevin Myers, a senior network architect and consultant who uses MikroTik with a variety of clients big and small. We'll find out what MikroTik is good for, and not good for, management and support, and more. This is a non-sponsored episode.

The post Heavy Networking 634: Why (Not) MikroTik? appeared first on Packet Pushers.

Futurist Keynote: Professor Sue Black, June 14

SPONSORED POST Technology has changed the lives of countless people over the years, many of them women from underserved communities who have been helped through education and onto the career ladder by the improved methods of communication, collaboration, and information dissemination which IT innovation has consistently enabled.

Futurist Keynote: Professor Sue Black, June 14 was written by Nicole Hemsoth at The Next Platform.

Sponsored Post: G-Core Labs, Close, Wynter, Pinecone, Kinsta, Bridgecrew, IP2Location, StackHawk, InterviewCamp.io, Educative, Stream, Fauna, Triplebyte

Who's Hiring? 

  • Close is building the sales communication platform of the future and we're looking for a Site Reliability Engineer to help us accomplish that goal. If you have a passion for databases (both SQL and NoSQL), significant experience building, managing, and monitoring infrastructure, databases, and backend services at scale and want to work with a rag-tag team of hardworking, but humble humans, then come check us out!

  • Wynter is looking for system administrators, engineers, and developers to join its research panel. Participate in research surveys, get paid ($90-$180/hr) for your feedback and comments. Super low key commitment, 10-15 mins per survey. Learn more and sign up.

  • DevOps Engineer: At Kinsta, we set out to create the best managed hosting platform in the world. If you are an experienced DevOps Engineer who is constantly looking for ways to innovate and improve, we might just be the place for you! As Kinsta’s DevOps Engineer, you will be instrumental in making sure that our infrastructure is always on the bleeding edge of technology, remaining stable and high-performing at all times. If you love working with Linux, have a background in PHP, and have worked with cutting-edge technologies, such as Continue reading

Using OpenSSL with Ed Harmoush 2/6 Generating Certificates – Video

ED, HIS TLS COURSE, AND THE FREE OPENSSL CHEATSHEET Twitter @ed_pracnet https://practicalnetworking.net Practical TLS course: https://pracnet.net/tls OpenSSL Cheatsheet: https://pracnet.net/openssl FILES FOR THE CERT/KEY MATCHING EXERCISE: ZIP VERSION: packetpushers-pracnet-openssl.zip https://ln5.sync.com/dl/1f1f63d90/kqztwkp9-hkcz3yvq-tuzx79ke-aewxgaip TAR.GZ VERSION: packetpushers-pracnet-openssl.tar.gz https://ln5.sync.com/dl/0791b8d50/q973jpyb-qrmz3cpd-xeiar9zn-qu99gi5w FOR MORE INFO Hashing, Hashing Algorithms, and Collisions – Cryptography Symmetric Encryption vs Asymmetric Encryption Public & Private Keys – Signatures & […]

The post Using OpenSSL with Ed Harmoush 2/6 Generating Certificates – Video appeared first on Packet Pushers.

Friday Thoughts Pre-Cisco Live

It’s weird to think that I’m headed out to Cisco Live for the first time since 2019. The in-person parts of Cisco Live have been sorely missed during the pandemic. I know it was necessary all around but I didn’t realize how much I enjoyed being around others and learning from the community until I wasn’t able to do it for an extended period of time.

Now we’re back in Las Vegas and ready to take part in something that has been missed. I’ve got a busy lineup of meetings with the CCIE Advisory Council and Tech Field Day Extra but that doesn’t mean I’m not going to try and have a little fun along the way. And yes, before you ask, I’m going to get the airbrush tattoo again if they brought the artist back. It’s a tradition as old as my CCIE at this point.

What else am I interested in?

  • I’m curious to see how Cisco responds to their last disappointing quarter. Are they going to tell us that it was supply chain? Are they going to double down on the software transition? And how much of the purchasing that happened was pull through? Does that mean Continue reading
1 467 468 469 470 471 3,819