I’m pleased to announce that my blog has been selected as a finalist in the Most Entertaining category of the IT Blog Awards, hosted by Cisco This blog is a project that I have been carrying out for years in the (little) free time between a demanding job, the study and the family. I think it is important to dedicate time to the blog because it has allowed me to meet many awesome people, actively participate in the community and make my contribution to the ecosystem that has helped me at the beginning of my career.
I’ve been working on a data center migration from regular switches to a Cisco ACI fabric in the last couple of months. I can’t say that’s enough to be defined as an ACI expert but I’ll share here what I learned from the experience. The project started with a Network Centric approach for an one-to-one migration from the previous network. After the migration new VRFs are being created in App Centric mode with contracts.
Automation is getting more and more momentum. I attended a training recently and none of the other people in the room ever wrote code but all of them where interested and somehow feared automation Let’s recap one thing. Automation we have today will replaces typing in CLI or in the GUI with some code. That’s it. For ACI well use Postman or Ansible instead of the GUI or the CLI. For IOS NSO or DNA Center will replace the CLI but still we’ll need people writing scripts and core.
Asset management, documentation and monitoring are important parts of any IT Ops team but at the same time they are boring, repetitive, error prone. Last summer I spent some time investigating the possibility to integrate open source projects I like to create a Minimum Viable Product for asset management/monitoring and learn something during the process. This is far from being something complete or production ready but I think it worth to share before it get lost in some abandonware repository on my laptop.
Every time I manage a change to a customer network I have a chance to taste the many shades of possible IT Operations maturity levels. I collected some best practices over the years about how to reduce risk and speed-up the change and testing process. I’ll share some in this post. Improvements and suggestions are welcome in the comments of the post or on my Twitter account.
As most IT professionals I usually configure network devices in a lab environment before the actual installation at customer site. I try to limit the installation as much as possible to a simple box moving process, spending most of the change window in a previously defined validation process. In this particular case I deal with a data center core network that includes 8 Nexus 9k switches configured in 4 VPC pairs and a bunch of links between them.
This story starts with a phone call at night. If you worked in IT long enough you know what it means. Customer’s HQ network is down and since the day before I’ve replaced a pair of data center switch in a remote site I’m somehow involved based on the well-known principle “last one who made changes is responsible”. I state that all the facts took place with my telephone support, without any remote access to the machines.
At Cisco Live Europe in Barcelona I had a chance to see Cisco Candid (Network Assurance Engine) in action. I shared my views on GestaltIT Tech Talks. Full video of TFDx session:
A couple of days ago Cisco released a Security Advisory. No big deal so far, level was informational so I didn’t read it right away. Title is impressive: Cisco Best Practices to Harden Devices Against Cyber Attacks Targeting Network Infrastructure so i read it during a lunch break just to be aware of the contents. Management sessions to network devices provide the ability to view and collect information about a device and its operations.
Automation and programmability is not a new topic for me. Having studied Information Technology in High School I’ve always coded somehow, never making it my primary focus but always using it as a tool to make my life easier. I remember a script I did in Pascal to create a menu to load custom maps for Doom II instead of using the CLI. It would be great to find it again but it’s very unlikely because I trashed so many PCs and hard drives since, well, at least I hadn’t bitcoins stored there!