Today I'm going to walk through the newest part of my personal workflow for working with projects. Straight to the point, this is going to be using Apple Automator to quickly open your project that you wish to work on within VS Code, and presumably PyCharm as well.
In this post I will be taking a look at some of the usability setup of managing Cisco IOS devices with the Ansible Cisco IOS User Module. This can be very helpful for setting up managed user accounts on systems, or the backup user accounts when you have TACACS or RADIUS setup.
The module documentation overall looks complete from what I have done for user account management on devices in the past. There are a couple of interesting parameters available, that I may not get to completely on this post. There is support for aggregate, meaning that you can generate the configuration for multiple user accounts and pass it in as one. You can set a password in clear text that gets encrypted when on the device, or you can set a hashed_password with the type of hash and its corresponding value. And as expected with a module for setting user accounts you can also set the privilege level for which the user account uses.
This has become a post about the ios_interfaces module with documentation that can be found
Ansible ios_interfaces doc.
Originally I was going to write about the deprecations for just the Cisco IOS modules. Then as I
investigated further, I had found that there are many more modules that are being deprecated. In
this post I will take a closer look at the differences between the ios_interface and ios_vlan
modules that I had written posts on last year and what their new counter parts look like. And in the
end the post had quite a bit of good detail about the module. I think you will like what is here.
This will be a brief departure from the automation focused attention that I have been giving to this blog over the past year or so. This week in the United States was the launch of Disney+ streaming service. I have subscribed to it at this point and have found some interesting data based on SNMP polling my network.
This post is about the bandwidth that I am seeing used, not about anything about the service, or if another service is better. I don't have the time for that at this time. This is just about what was an unexpected jump in the bandwidth usage with the new application. But I am very much OK with that as my subscription level is taking care of that.
In an earlier post I
covered the differences between ios_config and cli_config. However I did not cover what the
difference was between ios_command and cli_command. Most of the items covered there remain the
same. So this will be a post that mostly gets straight to it and sees what the difference is.
As I restarted looking at how I'm continuing my education on the Network Automation and certification realm I asked the question "How are you simulating your network environment?" At the same time there has been thought on the idea of leveraging cloud resources to gain experience there.
In this post I'm going to be taking a deeper dive into the new in Ansible 2.8 IOS BGP module. This may be one of the more complex modules to date and I'll try to make it as simple as possible.
Today we are taking a look at the newest module out for Cisco ASA Ansible module - asa_og. This one is particularly exciting for the configurations that are being managed heavily with Object Groups on firewalls. I'm particularly excited to review the asa_og module, time to dig in.
Today will be a touch shorter post, but it is good to be back at it. In this post I will be taking a quick look around at the asa_command module, as we start down the path with looking at the ASA modules in Ansible. This is spurned on a little bit by Ansible 2.8 coming out with an Object Group specific module. I will be looking into that further in a future post.
Today I'm going to take a look at a method to be able to save the configuration of a Cisco device to NVRAM (copy run start). I will be taking a look at multiple Cisco platforms to save changes done during an Ansible Playbook to NVRAM. There are options to save the configuration on every change within the modules such as ios_config or cli_config, however, this can slow down the execution of your playbook.
Update: ios_interface is to be deprecated as of Ansible 2.13
In this post I will be taking a deeper look at the ios_interface module. This module is used to configure individual interfaces on a Cisco IOS device. The documentation for the module is located here. In this module I did have to dig into the actual Python file, and that is located here.
Back to it finally. Going to take a look at the Ansible module ios_vlan. The purpose of this is to provide a declarative module for managing VLANs on IOS devices. In this I will be using IOSv-L2 images. There are a few interesting quirks (as I will call it) within the parameters for the module.
Today's post is going to be a short and sweet one (unless I get to writing two). I'm going to take a
look at ios_banner module. This one is pretty much straight to the point, what it states,
modifying the banner on an IOS device. There are multiple reasons to want to manipulate the banner
on a Cisco device. We will leave those reasons to you and the organization that you are a part of
for that. For now, we will take a real quick look at the module.
In this post we will talk about primarily three components that will work together to get structured data out of the command line of a Cisco device. The three pieces are:
This is a post that I'm going to review some of the differences between the ios_config module and the new cli_config module within Ansible networking. I became interested in the module after a recent discussion between the two. I have decided to take a look at the differences between the two.
You have decided to move forward with using/trying Ansible. You can now connect to a device and get
a green success that you get a hello world like command such as show hostname or
show inventory and get the GREEN success on Ansible. Now what. You may want to see the output of
the command that you sent and got information back. This is your post on getting started.
This is the process that I typically go through when developing a playbook for use. Let's say this is a playbook that you wish to just get show information out of the device, say investigating if there are any configurations that are applied that would be part of a CVE bug, or just operational status.
During this post I will relate the Ansible data structures/formats to that of Python. So the terms will be dictionary (hashes) and lists (lists).
In a recent podcast there was some discussion that it sounded like the term Micro Segmentation was being used where it was really traditional segmentation. So I thought I would put out a few thoughts on this front.
Discontiguous masks are something that is going to be somewhat historic within the network design toolbox. It is basically a methodology of looking at particular bits of a network/host definition. The big thing to recall is that as a packet crosses a network device it does so within a packet. The packet is nothing more than a stream of bits. Within the packet header there are bits that define the source network address and the destination network address. This is where discontiguous masks come into play. With a system that can leverage discontiguous masks, you can access information about any part of the network bits, not just starting reading and then stopping (or vice versa) when you look at a bit boundry masking only.
Life always gets busy. That is one thing that you always hear about. I am definitely in that boat as well that things are getting busy. With this in mind, I have never felt better about my ability to learn new things in the field. I do a few things that I feel are probably unique that I should share.
The first opportunity that has never been more capable of doing is to listen to podcasts. The commuting time to/from work is a tremendous opportunity. I leverage three podcasts as my primary learning mechanism these days.
Why this post? Because I decided to change the style of how I was hosting my blog. Before I had decided to just host the blog on something that was easy to get to and update. I could have kept on blogging there, but I found making blog posts a little bit more difficult than what I wanted to. I also wanted to learn some of the new ways of doing things within networking technologies.
With this, I decided to bring my blog over to a static site generator. I'm not doing anything significantly crazy with a blog site, other than hopefully creating some useful content. So static site generation brought me over to Github.