NetworkingNexus.net

Using VMware vCenter Tags in a Red Hat Ansible Tower Dynamic Inventory

VMware vCenter Server tags are labels that can be applied to objects like the system’s environment and usage, therefore it is a very useful method of asset management - also making tags a perfect fit in the Ansible world to organize systems in an Ansible inventory. Red Hat customers have regularly requested the ability to use vCenter Tags in Red Hat Ansible Tower. This is now possible with an Ansible Tower inventory source that supports tags and provides the vmware_vm_inventory plugin.

Ansible Automation Platform 1.2 brings completely native Ansible inventory plugin support to Ansible Tower 3.8. In previous versions, there were specific inventory plugin configurations based on the old inventory scripts where a specific set of parameters surfaced in Ansible Tower's user interface. For example: cloud region and a specific subset of variables you could pass to those inventory scripts surfaced as variables you could pass to the inventory source, which means that new configuration parameters that come with Ansible inventory plugins are not supported in order to maintain compatibility with the old inventory scripts.

The move to support native inventory plugins allows Red Hat Ansible Automation Platform customers to use all the configuration parameters available through Continue reading

Introducing IRP Lite 3.11.1

The post Introducing IRP Lite 3.11.1 appeared first on Noction.

Sudan’s exam-related Internet shutdowns

To prevent cheating in exams many countries restrict or even shut down Internet access during critical exam hours. I wrote two weeks ago about Syria having planned Internet shutdowns during June, for exams.

Sudan is doing the same thing and has had four shutdowns so far. Here's the Internet traffic pattern for Sudan over the last seven days. I've circled the shutdowns on Saturday, Sunday, Monday and Tuesday (today, June 22, 2021).

Cloudflare Radar allows anyone to track Internet traffic patterns around the world, and it has country-specific pages. The chart for the last seven days (shown above) came from the dedicated page for Sudan.

The Internet outages start at 0600 UTC (0800 local time) and end three hours later at 0900 UTC (1100 local time). This corresponds to the timings announced by the Sudanese Ministry of Education.

Further shutdowns are likely in Sudan on June 24, 26, 27, 29 and 30 (thanks to Twitter user _adonese for his assistance). Looking deeper into the data, the largest drop in use is for mobile Internet access in Sudan (the message above talks about mobile Internet use being restricted) while some non-mobile access appears to continue.

That can be seen by looking Continue reading

AI tackles data-center workload management

As data center workloads spiral upward, a growing number of enterprises are looking to artificial intelligence (AI), hoping that technology will enable them to reduce the management burden on IT teams while boosting efficiency and slashing expenses.AI promises to automate the movement of workloads to the most efficient infrastructure in real time, both inside the data center as well as in a hybrid-cloud setting comprised of on-prem, cloud, and edge environments. As AI transforms workload management, future data centers may look far different than today's facilities. One possible scenario is a collection of small, interconnected edge data centers, all managed by a remote administrator.To read this article in full, please click here

AI tackles data-center workload management

AI tackles workload management challenges in the data center

Unexpected Interactions Between OSPF and BGP

It started with an interesting question tweeted by @pilgrimdave81

I’ve seen on Cisco NX-OS that it’s preferring a (ospf->bgp) locally redistributed route over a learned EBGP route, until/unless you clear the route, then it correctly prefers the learned BGP one. Seems to be just ooo but don’t remember this being an issue?

Ignoring the “why would you get the same route over OSPF and EBGP, and why would you redistribute an alternate copy of a route you’re getting over EBGP into BGP” aspect, Peter Palúch wrote a detailed explanation of what’s going on and allowed me to copy into a blog post to make it more permanent:

Unexpected Interactions Between OSPF and BGP

It started with an interesting question tweeted by @pilgrimdave81

I’ve seen on Cisco NX-OS that it’s preferring a (ospf->bgp) locally redistributed route over a learned EBGP route, until/unless you clear the route, then it correctly prefers the learned BGP one. Seems to be just ooo but don’t remember this being an issue?

Baselining and DHCP (Sort of)

As part of my baselining series, I am covering the various topics or protocols to look for. In this example I have a PC bootup trace file that you can take using a span port or tap.

Kubernetes Port Names and Terminating HTTPS Traffic on AWS

I recently came across something that wasn’t immediately intuitive with regard to terminating HTTPS traffic on an AWS Elastic Load Balancer (ELB) when using Kubernetes on AWS. At least, it wasn’t intuitive to me, and I’m guessing that it may not be intuitive to some other readers as well. Kudos to my teammates Hart Hoover and Brent Yarger for identifying the resolution, which I’m going to call out in this post.

This AWS Premium Support post outlines the basic scenario:

You’re running Kubernetes on AWS. The post references EKS, but as far as I know the issue is not limited to EKS, and should apply to self-managed Kubernetes clusters on AWS (assuming these clusters are configured with the AWS cloud provider).
You’ve published a Service of type LoadBalancer (which, in turn, creates a classic ELB). For self-managed clusters, this requires the AWS cloud provider to be installed and configured.
You want to terminate HTTPS traffic on the ELB. The post references the use of an ACM certificate, but I suspect it’s not limited to ACM certificates.

Consider the following YAML, taken directly from the previously-referenced AWS Premium Support article:

apiVersion: v1
kind: Service
metadata:
  name:  Continue reading

Google Does The Server Math With Tau Cloud Instances

In a world where Moore’s Law is slowing and hardware has to be increasingly co-designed with the system software stack and the applications that run above it, the matrix of possible combinations of hardware is getting wider and deeper. …

Google Does The Server Math With Tau Cloud Instances was written by Timothy Prickett Morgan at The Next Platform.

Tech Bytes: Batteries Plus Powers Its Branches With Fortinet SD-WAN (Sponsored)

Today's Tech Bytes podcast is an interview with Fortinet customer Batteries Plus, a retailer that specializes in batteries, chargers, and lighting, about its SD-WAN and SD-Branch deployments. Fortinet is our sponsor for this episode.

Tech Bytes: Batteries Plus Powers Its Branches With Fortinet SD-WAN (Sponsored)

The post Tech Bytes: Batteries Plus Powers Its Branches With Fortinet SD-WAN (Sponsored) appeared first on Packet Pushers.

A Well-Defined API is Layer 8

Protocol (noun): a set of rules governing the exchange or transmission of data between devices

Network Break 338: Breach In Progress? Gigamon Operators Are Standing By; IEEE Finalizes New Ethernet Standard

Gigamon adds a human touch to a new SaaS NDR offering, the IEEE finalizes 802.3cu for faster speeds over single-mode optical fiber, US service providers roll out managed SASE services, and more IT news in this week's Network Break podcast.

Network Break 338: Breach In Progress? Gigamon Operators Are Standing By; IEEE Finalizes New Ethernet Standard

The post Network Break 338: Breach In Progress? Gigamon Operators Are Standing By; IEEE Finalizes New Ethernet Standard appeared first on Packet Pushers.

The Week in Internet News: Biden Warns Putin About Some Cyberattacks

No-go zone: U.S. President Joe Biden told Russian President Vladimir Putin that some types of cyberattacks are off-limits during a meeting at the G7 summit in Switzerland recently, Reuters reports. Destructive attacks by Russian hackers on U.S. critical infrastructure must end, Biden said. It’s unclear if the talk will have much of an effect. Banned […]

The post The Week in Internet News: Biden Warns Putin About Some Cyberattacks appeared first on Internet Society.

Network Analysis 1. Setting up and Getting Started with Batfish in Multivendor Network with Cisco, Arista, and Cumulus.

Hello my friend,

The new year we start with a new topic, which is a configuration analysis of the multivendor networks. We have a passion both to create our own open source tools and to use existing, creating by other teams and project. Today we will start dive in one of such a tool.


1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Network analysis as part of automation?

In software development we have a concept called CI/CD (Continuous Integration/Continuous Delivery). In a nutshell, it’s a methodology, which incorporates mandatory testing of configuration (code, software version, etc) before bringing it to production. The main idea behind it is that automated testing and validation will make sure that code is stable and fit for purpose. Automated testing? That’s where the automation comes to the stage.

And automation is something what we are experts in. And you can benefit from that expertise as well.

In our network automation training we follow zero to hero approach, where we Continue reading

Comparing EVPN with Flood-and-Learn Fabrics

One of ipSpace.net subscribers sent me this question after watching the EVPN Technical Deep Dive webinar:

Do you have a writeup that compares and contrasts the hardware resource utilization when one uses flood-and-learn or BGP EVPN in a leaf-and-spine network?

I don’t… so let’s fix that omission. In this blog post we’ll focus on pure layer-2 forwarding (aka bridging), a follow-up blog post will describe the implications of adding EVPN IP functionality.