Skip to content

🏠 Home#

  • 8 min read

Docker for Automation Environment - Ansible 2.10

Docker is a terrific solution for making a consistent working environment. It's been about a year or so since I built my very first own Docker container. I had always known why you use a container, but was always intimidated too much so to even get started. I am glad that I did get started and am off on my journey of using Docker containers. Let me jump into the problem and why? Couple the recent experiences with Docker, and the upcoming move to slim down Ansible and install Collections for most Network Automation modules, I thought it would be a good thing to get a write up done.

  • 4 min read

Using Apple Automator to Open Projects

Today I'm going to walk through the newest part of my personal workflow for working with projects. Straight to the point, this is going to be using Apple Automator to quickly open your project that you wish to work on within VS Code, and presumably PyCharm as well.

  • 8 min read

Ansible Cisco IOS User Module

In this post I will be taking a look at some of the usability setup of managing Cisco IOS devices with the Ansible Cisco IOS User Module. This can be very helpful for setting up managed user accounts on systems, or the backup user accounts when you have TACACS or RADIUS setup.

The module documentation overall looks complete from what I have done for user account management on devices in the past. There are a couple of interesting parameters available, that I may not get to completely on this post. There is support for aggregate, meaning that you can generate the configuration for multiple user accounts and pass it in as one. You can set a password in clear text that gets encrypted when on the device, or you can set a hashed_password with the type of hash and its corresponding value. And as expected with a module for setting user accounts you can also set the privilege level for which the user account uses.

  • 8 min read

Ansible Cisco ios_interfaces module

This has become a post about the ios_interfaces module with documentation that can be found Ansible ios_interfaces doc. Originally I was going to write about the deprecations for just the Cisco IOS modules. Then as I investigated further, I had found that there are many more modules that are being deprecated. In this post I will take a closer look at the differences between the ios_interface and ios_vlan modules that I had written posts on last year and what their new counter parts look like. And in the end the post had quite a bit of good detail about the module. I think you will like what is here.

  • 3 min read

Disney Plus Streaming Bandwidth

This will be a brief departure from the automation focused attention that I have been giving to this blog over the past year or so. This week in the United States was the launch of Disney+ streaming service. I have subscribed to it at this point and have found some interesting data based on SNMP polling my network.

This post is about the bandwidth that I am seeing used, not about anything about the service, or if another service is better. I don't have the time for that at this time. This is just about what was an unexpected jump in the bandwidth usage with the new application. But I am very much OK with that as my subscription level is taking care of that.

  • 9 min read

Ansible differences between ios command and cli command

In an earlier post I covered the differences between ios_config and cli_config. However I did not cover what the difference was between ios_command and cli_command. Most of the items covered there remain the same. So this will be a post that mostly gets straight to it and sees what the difference is.

  • 9 min read

Ansible IOS BGP Module

In this post I'm going to be taking a deeper dive into the new in Ansible 2.8 IOS BGP module. This may be one of the more complex modules to date and I'll try to make it as simple as possible.

Ansible ASA OG Module

Today we are taking a look at the newest module out for Cisco ASA Ansible module - asa_og. This one is particularly exciting for the configurations that are being managed heavily with Object Groups on firewalls. I'm particularly excited to review the asa_og module, time to dig in.

Ansible ASA Command Module

Today will be a touch shorter post, but it is good to be back at it. In this post I will be taking a quick look around at the asa_command module, as we start down the path with looking at the ASA modules in Ansible. This is spurned on a little bit by Ansible 2.8 coming out with an Object Group specific module. I will be looking into that further in a future post.

Ansible Saving Cisco Configs to NVRAM with Cisco Specific Modules

Today I'm going to take a look at a method to be able to save the configuration of a Cisco device to NVRAM (copy run start). I will be taking a look at multiple Cisco platforms to save changes done during an Ansible Playbook to NVRAM. There are options to save the configuration on every change within the modules such as ios_config or cli_config, however, this can slow down the execution of your playbook.

Ansible Cisco IOS Interface Module

Update: ios_interface is to be deprecated as of Ansible 2.13

In this post I will be taking a deeper look at the ios_interface module. This module is used to configure individual interfaces on a Cisco IOS device. The documentation for the module is located here. In this module I did have to dig into the actual Python file, and that is located here.

  • 8 min read

Ansible IOS VLAN

Back to it finally. Going to take a look at the Ansible module ios_vlan. The purpose of this is to provide a declarative module for managing VLANs on IOS devices. In this I will be using IOSv-L2 images. There are a few interesting quirks (as I will call it) within the parameters for the module.

  • 5 min read

Ansible IOS Banner

Today's post is going to be a short and sweet one (unless I get to writing two). I'm going to take a look at ios_banner module. This one is pretty much straight to the point, what it states, modifying the banner on an IOS device. There are multiple reasons to want to manipulate the banner on a Cisco device. We will leave those reasons to you and the organization that you are a part of for that. For now, we will take a real quick look at the module.

  • 4 min read

Ansible differences between ios config and cli config

This is a post that I'm going to review some of the differences between the ios_config module and the new cli_config module within Ansible networking. I became interested in the module after a recent discussion between the two. I have decided to take a look at the differences between the two.

  • 12 min read

Ansible - Working with command output

You have decided to move forward with using/trying Ansible. You can now connect to a device and get a green success that you get a hello world like command such as show hostname or show inventory and get the GREEN success on Ansible. Now what. You may want to see the output of the command that you sent and got information back. This is your post on getting started.

This is the process that I typically go through when developing a playbook for use. Let's say this is a playbook that you wish to just get show information out of the device, say investigating if there are any configurations that are applied that would be part of a CVE bug, or just operational status.

During this post I will relate the Ansible data structures/formats to that of Python. So the terms will be dictionary (hashes) and lists (lists).

  • 3 min read

Micro Segmentation vs Segmentation

In a recent podcast there was some discussion that it sounded like the term Micro Segmentation was being used where it was really traditional segmentation. So I thought I would put out a few thoughts on this front.

  • 6 min read

Discontiguous Masks

Discontiguous masks are something that is going to be somewhat historic within the network design toolbox. It is basically a methodology of looking at particular bits of a network/host definition. The big thing to recall is that as a packet crosses a network device it does so within a packet. The packet is nothing more than a stream of bits. Within the packet header there are bits that define the source network address and the destination network address. This is where discontiguous masks come into play. With a system that can leverage discontiguous masks, you can access information about any part of the network bits, not just starting reading and then stopping (or vice versa) when you look at a bit boundry masking only.

  • 4 min read

Keeping Up on Tech

Life always gets busy. That is one thing that you always hear about. I am definitely in that boat as well that things are getting busy. With this in mind, I have never felt better about my ability to learn new things in the field. I do a few things that I feel are probably unique that I should share.

The first opportunity that has never been more capable of doing is to listen to podcasts. The commuting time to/from work is a tremendous opportunity. I leverage three podcasts as my primary learning mechanism these days.