Who is Squatting IPv4 addresses?
Who is Squatting IPv4 addresses?
It’s an established fact on the internet that we have ran out of IP(v4) addresses, and we are st
Who is squatting IPv4 addresses?
Who is squatting IPv4 addresses?
It’s an established fact on the internet that we have ran out of IP(v4) addresses, and we are st
The Impact of Jumbo Maximum Frame Size on Data Center Switches
Sander Steffann sent me an intriguing question a long while ago:
I was wondering if there are any downsides to setting “system mtu jumbo 9198” by default on every switch? I mean, if all connected devices have MTU 1500 they won’t notice that the switch could support longer frames, right?
That’s absolutely correct, and unless the end hosts get into UDP fights things will always work out (aka TCP MSS saves the day)… but there must be a reason switching vendors don’t use maximum frame sizes larger than 1514 by default (Cumulus Linux seems to be an exception, and according to Sébastien Keller Arista’s default maximum frame size is between 9214 and 10178 depending on the platform).
The Impact of Jumbo Maximum Frame Size on Data Center Switches
Sander Steffann sent me an intriguing question a long while ago:
I was wondering if there are any downsides to setting “system mtu jumbo 9198” by default on every switch? I mean, if all connected devices have MTU 1500 they won’t notice that the switch could support longer frames, right?
That’s absolutely correct, and unless the end hosts get into UDP fights things will always work out (aka TCP MSS saves the day)… but there must be a reason switching vendors don’t use maximum frame sizes larger than 1514 by default (Cumulus Linux seems to be an exception, and according to Sébastien Keller Arista’s default maximum frame size is between 9214 and 10178 depending on the platform).
How To Pass Environment Variables To A Remote SSH Deployment With PyCharm
I pass access tokens, authentication keys, and other secrets to Python scripts via environment variables rather than encode these values into the scripts themselves. If I was a real boy, I’d use a solution like Hashicorp Vault or other secrets management tool (there’s a bunch of them), but I haven’t yet found the motivation to learn such a tool.
I’m not sure I’d want to build and maintain such a tool if I did find the motivation. I’m sort of lazy sometimes is what I’m saying. So for now, environment variables it is.
PyCharm allows for the passing of environment variables from the IDE to a script, whether that script is running locally or in a remote SSH deployment you’ve configured for your project.
To set the environment variables, select Edit Configurations from the Run menu.
Or in the project bar above the code window, click the dropdown with your script name, and select Edit Configurations.
Either way brings up the following configuration window for the scripts in your project. In the Environment variables: field, click the icon.
That will bring up the following window you can use to configure the environment variables.
Fantastic. But how do we assign the Continue reading
Hedge 118: Integrating New Ideas with William Collins
When vendors build something new—or when you decide to go a different direction in your network—you have to figure out how to integrate these new things. Integration of this type often includes cultural, as well as technical, changes. William Collins joins Tom Ammon and Russ White to discuss his experience in integrating new technologies on Hedge 118.
Atos Defends Its Supercomputing Turf With New Exascale Iron
There are not many companies left on Earth that can field an exascale-class supercomputer. …
Atos Defends Its Supercomputing Turf With New Exascale Iron was written by Timothy Prickett Morgan at The Next Platform.
Connect and Secure your Apps with Antrea and VMware NSX-T 3.2
The release of VMware NSX-T 3.2 and VMware Container Networking with Antrea 1.3.1-1.2.3 delivers on VMware’s vision to have heterogeneous Antrea clusters running anywhere integrate with NSX-T for centralized container policy management and visibility.
NSX-T becomes the single pane of glass for policy management when connected to Antrea clusters. The Antrea clusters could be running on VMware Tanzu platform, RedHat OpenShift or any upstream Kubernetes cluster. Inventory management, tagging, dynamic grouping and troubleshooting can be extended to Antrea clusters along with native Kubernetes network policies and Antrea network policies to be centrally managed by NSX-T.
Integrating Antrea to NSX-T
Antrea to NSX-T interworking Architecture
Antrea NSX Adapter is a new component introduced to the standard Antrea cluster to make the integration possible. This component communicates with K8s API and Antrea Controller and connects to the NSX-T APIs. When a NSX-T admin defines a new policy via NSX APIs or UI, the policies are replicated to all the clusters as applicable. These policies will be received by the adapter which in turn will create appropriate CRDs using K8s APIs. The Antrea Controller which is watching these policies run the relevant computation and sends the results Continue reading
Don’t Fall Victim to Cloud Monitoring Blind Spots
By keeping a close eye on your cloud-based vendors, you can make sure you always have a clear picture of what’s happening and the information you need to respond.Day Two Cloud 134: Simplifying Infrastructure Access With StrongDM (Sponsored)
Today's Day Two Cloud is a sponsored episode with StrongDM, which helps engineers and IT professionals get access to databases, servers, Kubernetes clusters, switches, Web apps, and more from a desktop or laptop. We dive into StrongDM's proxy model, integrations with directories and ID stores, audit features, and more.Day Two Cloud 134: Simplifying Infrastructure Access With StrongDM (Sponsored)
Today's Day Two Cloud is a sponsored episode with StrongDM, which helps engineers and IT professionals get access to databases, servers, Kubernetes clusters, switches, Web apps, and more from a desktop or laptop. We dive into StrongDM's proxy model, integrations with directories and ID stores, audit features, and more.
The post Day Two Cloud 134: Simplifying Infrastructure Access With StrongDM (Sponsored) appeared first on Packet Pushers.
Migrating from Python virtual environments to automation execution environments in Ansible Automation Platform 2
Red Hat Ansible Tower (included in Ansible Automation Platform 1.x) used Python virtual environments to manage dependencies and implement consistent automation execution across multiple Red Hat Ansible Automation Platform instances. This method of managing dependencies came with its own set of limitations:
- Managing Python virtual environments across multiple Ansible Tower instances.
- Confirming custom dependencies across Ansible Tower instances grew in complexity as more end-users interacted with it.
- Python virtual environments were tightly coupled to the control plane, resulting in Operations teams bearing the majority of the burden to maintain them.
- There were no tools supported and maintained by Red Hat to manage custom dependencies across Ansible Automation Platform deployments.
Ansible Automation Platform 2 introduced automation execution environments. These are container images in which all automation is packaged and run, which includes components such as Ansible Core, Ansible Content Collections, a version of Python, Red Hat Enterprise Linux UBI 8, and any additional package dependencies.
Why should you upgrade?
Ansible Automation Platform 2, announced at AnsibleFest 2021, comes with a re-imagined architecture that fully decouples the automation control plane and execution plane. The new capabilities enable easier to scale automation across the globe and allow Continue reading
Infrastructure Privacy Webinar
I’m teaching a three-hour webinar on privacy over at Safari Books on Friday. From the description there—
Privacy is important to every IT professional, including network engineers—but there is very little training oriented towards anyone other than privacy professionals. This training aims to provide a high-level overview of privacy and how privacy impacts network engineers. Information technology professionals are often perceived as “experts” on “all things IT,” and hence are bound to face questions about the importance of privacy, and how individual users can protect their privacy in more public settings.
Please join me for this—it’s a very important topic largely ignored in the infrastructure space.
Running BGP between Virtual Machines and Data Center Fabric
Got this question from one of my readers:
When adopting the BGP on the VM model (say, a Kubernetes worker node on top of vSphere or KVM or Openstack), how do you deal with VM migration to another host (same data center, of course) for maintenance purposes? Do you keep peering with the old ToR even after the migration, or do you use some BGP trickery to allow the VM to peer with whatever ToR it’s closest to?
Short answer: you don’t.
Kubernetes was designed in a way that made worker nodes expendable. The Kubernetes cluster (and all properly designed applications) should recover automatically after a worker node restart. From the purely academic perspective, there’s no reason to migrate VMs running Kubernetes.
Running BGP between Virtual Machines and Data Center Fabric
Got this question from one of my readers:
When adopting the BGP on the VM model (say, a Kubernetes worker node on top of vSphere or KVM or Openstack), how do you deal with VM migration to another host (same data center, of course) for maintenance purposes? Do you keep peering with the old ToR even after the migration, or do you use some BGP trickery to allow the VM to peer with whatever ToR it’s closest to?
Short answer: you don’t.
Kubernetes was designed in a way that made worker nodes expendable. The Kubernetes cluster (and all properly designed applications) should recover automatically after a worker node restart. From the purely academic perspective, there’s no reason to migrate VMs running Kubernetes.