Past Sessions
Below you will find session abstracts, presentations, and additional information for past meetups.
2024
Software Image Management (SWIM) is a repeatable framework where engineers can produce repeatable, safe outcomes for efficient device software upgrades. This results in a faster response to vulnerability management, more predictable maintenance schedules, and hours of an engineer's life saved in the middle of the night.
In this session, Bob Longmore from World Wide Technology helped us answer the question- What if we used AAP and EDA to decouple the tasks involved in this workflow?
In this session, we explored how STRUCTURA.IO, a cutting-edge network automation orchestrator, simplifies and accelerates the deployment of Azure, Cisco NX-OS, and Aruba Edge Connect providers.
During the demo, we demonstrated how STRUCTURA.IO enables the creation of reusable templates for LAN devices, ensuring consistent configurations across the deployment. We dove into the extensive capabilities of the NX-OS provider, which supports over 200 resources, including Ethernet Interfaces and dynamic routing protocols such as OSPF, VLANs, and BGP.
The Azure deployment process was also highlighted, starting with creating an Azure vWAN Hub. We witnessed how STRUCTURA.IO seamlessly builds a secured vWAN Hub by attaching a firewall. The demo also covered the configuration of VPN components, including VPN gateways, VPN sites, and connections, focusing on IPSec tunnel configuration. Throughout the session, we emphasized the importance of BGP configuration on SD-WAN devices, such as Aruba Edge Connects, for establishing BGP sessions with Azure vWAN Hubs and Nexus Switches. These BGP sessions enable dynamic path selection and optimal traffic flow.
Juniper Apstra is an intent-based networking platform that simplifies and automates data center fabrics for most sizes and vendors. In this session, Jeff Doyle from Juniper Networks demonstrated how Apstra automates a data center fabric's design, build, deployment, and day two operations.
In this session presented by Daniel Hertzberg from Arista Networks, we provided an in-depth explanation of network monitoring and analytics with streaming telemetry, leveraging the latest high-performance gRPC interface, gNMI. We covered all the gRPC fundamentals, as well as gave an introduction to gNMI (gRPC Network Management Interface) with its RPCs and interacting with network devices for real-world use cases for streaming telemetry. We discovered how streaming telemetry revolutionized network monitoring by providing real-time insights into network performance and health. We learned about YANG (Yet Another Next Generation) data modeling language and how it facilitated standardized network management. We also explored OpenConfig, a community-driven effort to standardize network device configuration and telemetry using YANG models.
By the end of this session, network operators found great use cases for removing a lot of their polling/SNMP infrastructure for modern network tools like the TIG stack and Prometheus.
VS Code extensions provide capabilities to increase developer productivity and streamline the developer experience.
In this session, presented by Ben Novak of F5, we explored all the great features of the vscode-f5 extension, how it streamlines automation workflow development, and looked under the hood at how it works.
2023
As we approach the 15th anniversary of DevOps, we find ourselves at a crossroads. While DevOps was initially conceived to break down silos and enhance communication for stability, reliability, availability, and security, the proliferation of tools has unintentionally created new complexities and silos. What if we could embark on a paradigm shift, rather than an incremental one, based on lessons learned along the way?
In this presentation, System Initiative reflected on the lessons learned throughout the DevOps journey and explored how we, as a community, can transform how we collaborate to build and maintain complex infrastructure. Whether you're a seasoned DevOps expert or just embarking on this journey, this talk will provide valuable insights into the role you can play in ushering in the "second wave of DevOps." We'll discuss the capabilities we see as necessary in a new platform and explore what's possible when we are no longer constrained by the current state of the system that we, together, have created over the last 15 years.
In this session, Michael DeHaan, who previously created Cobbler and Ansible, presented Jetporch (aka Jet), a newly released community-driven automation system.
Jetporch is written in Rust and features a streamlined automation language and exceptional multithreaded performance. Jet works over SSH and requires no software installation on managed machines. Additional deployment topologies, such as SSH fanout and multi-region-capable messaging, are coming soon.
Managing the security posture of routers, switches, and firewalls involves selecting and applying passwords for services enabled on these devices. Access Control Lists (ACLs) are used to protect the device or as a firewall for the organization.
This session, presented by Joel King, introduced Pangea, a security platform you can leverage with simple API calls for authentication, audit logging, secrets management, sensitive data removal, and intelligence services.
In the session, we examined how Pangea Cloud services can be integrated into network automation through a Red Hat Ansible Content Collection to provide services for IP intelligence, domain and URL reputation checking, and identifying if the passwords used on devices have been previously breached.
SuzieQ is the first open-source, multi-vendor network observability platform application. It is both a framework and an application using that framework that is focused on improving your understanding of your network.
In this session, Dinesh Dutt of Stardust Systems, the creators of the SuzieQ Project, provided an overview of SuzieQ and its capabilities.
The use of telemetry is an increased focus in IT operations providing raw data to the Machine Learning / Artificial Intelligence (ML/AI) algorithms for AIOps (Artificial Intelligence for IT Operations).
Network operators have relied upon SNMP and Syslog to monitor the network. Network telemetry (streaming data pushed to a collector) is replacing the polling of network devices. The push approach is less burden to the CPU of the device, can be delivered promptly, and is initiated by the device when a state change is detected.
There are open source tools to receive telemetry data, store it, visualize and alert; how should the network operator provide access to infrastructure telemetry data, in real-time, at scale across all teRepeater (2 of 2)Item 2chnology stakeholders?
This session, presented by Joel King from Netcraftsmen, illustrated publishing telemetry data from the Meraki SDK to Apache Kafka deployed in Confluent Cloud. Kafka is a distributed event store and stream-processing platform designed for big data and high throughput. Using the developer instance of Confluent Cloud and the Python SDK, we examined the ease at which a network operator can publish and consume telemetry data to implement its own AIOps approach.
2022
Many network engineers are used to the human-readable CLI output when interacting with a network device. However, that data is unstructured because it is not in a predefined format or data model that an application can consume programmatically. As you can guess, structured data is the opposite, with defined formats and data models that allow applications to consume the data programmatically. The net-textorial project is a Python application built to help network engineers learn and visualize the differences between structured and unstructured data output from network devices while interacting with a place that feels like home to many network engineers, the terminal.
In this session, presented by Dan Wade from NetCraftsmen, we will go over net-textorial and how you can get started using it!
As crucial as automating your network deployment is, the ability to ensure correctness and validate proper behavior and state of your network is the key to a successful automation strategy. Test automation for your network deployments helps build the early detection system that the development team needs to avoid unintended outcomes. More importantly, it helps develop the trust of the customers who rely on the automation or the infrastructure it builds.
This session, presented by Tafsir Thiam of World Wide Technology, is the second of the Test Automation series. We built on the first discussion around pytest to include more advanced concepts around fixtures and hooks. We walked through more realistic network tests and learned how to leverage existing data sources like Ansible inventories and intent data to arrange and assert our tests. Finally, we looked at how to leverage the testinfra plugin for better integrations with Ansible and to improve our tests by removing boilerplate code.
As crucial as automating your network deployment is, the ability to ensure correctness and validate proper behavior and state of your network is the key to a successful automation strategy. Test automation for your network deployments helps build the early detection system that the development team needs to avoid unintended outcomes. More importantly, it helps develop the trust of the customers who rely on the automation or the infrastructure it builds.
This session, presented by Tafsir Thiam of World Wide Technology, is the first of the Test Automation series. We discussed foundational concepts related to testing and the anatomy of good tests. We explored these concepts using the popular `pytest` Python library, and walked through realistic scenarios using Pytest to demonstrate the concepts you can apply to test your infrastructure!
Cloudify, integrated with ServiceNow ITSM (IT Service Management) and ITOM (IT Operations Management), provides a seamless way to automate the orchestration of provisioning, management, and governance of cloud environments that supports the needs of both development teams and DevOps teams. Developers get a self-service experience to request the creation or management of their cloud environments via ServiceNow ITSM Service Catalog. DevOps teams can define certified environment blueprints in Cloudify to create deployments of cloud environments when fulfilling requests from the development teams submitted via the Service Catalog. Cloudify also provides DevOps and IT Governance teams the ability to automatically remediate resources that are out of compliance with cloud governance policies. Cloudify ensures that not only are they aware of cloud resources that violate these policies but that those resources are brought into compliance quickly. In this session, Jason Hammond and Anthony Critelli from Cloudify presented the Cloudify cloud orchestration platform. They also demonstrated how Cloudify & ServiceNow work together to increase the speed and efficiency of development and DevOps teams.
GraphQL is a query language for APIs used by popular web services, including GitHub, ArangoDB, and Nautobot, a network automation platform. In this session, Joel King introduced GraphQL and demonstrated using Nautobot as a Source of Truth to manage Arista Containerized EOS (cEOS) routers using Ansible.
At some point in our career, we've written scripts to process data and generate reports on the current state of our systems. Unfortunately, these scripts often are tucked away, dug up, and manually invoked from our desktop the next time someone asks for an update, perhaps quarterly. Each time, we teeter on the line of investing the time to fully automate a seldom-used process versus the value of the results delivered, despite the amount of time we spend manually running a script and preparing a report into a presentable form. In this session, Kris Reese and Harry Kabbay from World Wide Technology showed how they'd taken this type of process to the next level by converting a python script into a serverless application run a-top Knative Serving, and building an offering of on-demand, ad-hoc execution of scripts via ServiceNow. A demo showcased an example scenario to perform user access validation to MongoDB databases, validate employment, remove terminated accounts, and generate a report to meet SOC2 compliance that auto attaches itself to a ServiceNow ticket.
We're all now on a journey towards the nirvana of a fully-automated self-driving network. Some of us may be just thinking about it, others may have tooled up and been building a netdevops culture in their organization. But there are some things that you just can't do without on that journey: Full understanding of just what your network looks like from user to Cloud instance at a point in time; A way of measuring if it is configured and behaving as you expect it to; The ability to share that insight with everyone who needs or wants it.
IP Fabric is a plug-and-play Network Assurance platform that allows you to bring that insight to an enterprise network end-to-end. It automatically discovers and models the network, then runs the rule over the model to verify that it is behaving as you intend. It presents that as regularly updated interactive documentation through a web-based UI, and via REST API it provides the context that allows you to augment your existing processes and tooling ecosystem, and accelerate and enhance your automation efforts. In this session, Daren Fulwell from IP Fabric dug into the hows and whys of network assurance, then demonstrate how IP Fabric delivers for the network engineer.
2021
A user's identity is a cornerstone for most modern applications today. Over the years, standards such as SAML, OAuth 2, and OpenID Connect have emerged to solve growing challenges around user identity authentication and authorization on the web. In this session, Tyler Hatton, Tafsir Thiam, and Tim Hull from World Wide Technology discussed and showcased these different standards that can be used to better secure web applications and APIs.
Have you ever mocked up a lab environment and needed a router that doesn't require a license or a lot of time to set up? At WWT, our tool of choice is Traffic Jam! The idea of Traffic Jam was initially conceived back in 2015 (by Bill Thompson) as SD-WAN was heating up, and customers were coming to WWT's Advanced Technology Center (ATC) to perform evaluations of SD-WAN. Because of the number of SD-WAN tests, we needed a tool that we could quickly spin up to act as the service provider to the SD-WAN devices and perform impairments on the WAN links.
It's been six years since that original idea, and Traffic Jam is still going strong! Over that period, Traffic Jam has gone through many transformations and looks quite different from when it initially hit the scene (it's getting ready to go through another transformation!). You can find it in labs on WWT's platform as well as custom environments running in the ATC. Odds are, if you've interacted with a lab on the platform or performed a POC within the ATC, then Traffic Jam has been there, running in the background.
In this session, Brian Saunders, the lead developer of Traffic Jam, talked about the idea of Traffic Jam, some of the components that make it run, and how it fits within WWT's lab environments. If you're interested in Linux, networking, frrouting, python, or javascript, please check this session out.
WWT Labs Containing Traffic Jam:
In this session, Joel King provided an overview of basic cryptographic concepts, then examined the use of Fernet, a component of the Python cryptography library, which provides a system for symmetric encryption/decryption of passwords stored in YAML files.
You may have heard of the growing trend to use a Network Source of Truth (SoT) as a critical component for network automation. This session, presented by Tim Fiola from Network to Code, introduced Nautobot, an open-source project that doubles as a Source of Truth and Automation Platform. First, Tim covered the basics of what Nautobot is as SoT. Then Tim spent most of the time talking about how it is an Application Platform and can complement nearly any network automation strategy or tool on the market. Tim also demonstrated many of the applications in the Nautobot App Ecosystem.
In this session, Jeff Andiorio from World Wide Technology walked through creating a simple, non-production Python SDK. The goal was not to build a production-quality Python SDK since these already exist for many of the Cisco products but rather to provide some guided practice using many of the requisite skills of an automation engineer today.
Network automation is an essential tool for managing today's complex networks. Unfortunately, one minor error during an automated change window can have a ripple effect of unintended consequences that span the on-prem, cloud, and virtual networks. Combining automated workflows and API interaction with the visualization and predictive capabilities of the Forward Networks Platform can prevent or rapidly detect unintended network behavior.
In this session, Kevin Kuhls from Forward Networks presented an overview of the Forward Networks product and showed how to use it to achieve Worry-Free Network Automation.
Cisco's Extended Detection and Response (XDR) platform, SecureX, allows organizations to quickly identify and respond to threats in an automated fashion using a cloud-native platform. In this session, Brian Sak showed attendees the platform's capabilities with an emphasis on SecureX Orchestration, the automation and orchestration tool organizations can use to build atomic actions and workflows to simplify security operations.
Brian Sak is a Cybersecurity Architect with Cisco focused on developing technical security solutions and supporting partners. He has a Master's in Information Security and Assurance and has contributed to multiple security, IoT, and data analytics publications. He enjoys automating things, contributing code and is always looking for something new to learn.
Serverless computing is emerging as a common architectural model for building and hosting applications at scale. In this session, Tyler Hatton from F5 Networks presented as we explored serverless computing, the different platforms and frameworks around serverless, and how to get started writing your first serverless application.
Additional Reading:
This Hands-On walk-through is designed to provide you real-world exposure to the foundational Docker instructions needed to build a Docker image and integrate it with Visual Studio Code. The outcome from this lab is the knowledge of building Docker containers plus the added benefit of learning how to utilize the container as your development environment when using Visual Studio Code.
What You Need:
- A Windows or macOS computer with Docker Desktop.
- You can install Docker in a Linux Environment and complete the walkthrough.
- Visual Studio Code
One challenge for a network engineer learning the 'tools of the trade' for programmable networks is how to set up a development environment.
The environment must be ephemeral, consistent, and repeatable with the instructor, your teammates, and your study partner.
In this session, Joel King demonstrates how to use Visual Studio Code along with Vagrant, Docker, and cloud computing environments. Joel also shares sample configurations in GitLab and also a number of Jupyter Notebooks which can be used as study aids for the Cisco DevNet Certification exams.
Would you like to learn more about data center automation and programmability? Are you interested in taking the Cisco DEVNET DCAUTO Specialization exam? In this fully NDA-Compliant session, Tim Hull and Jeff Shively from WWT will show and share the learning resources and study tools they found the most useful on their way to passing the DCAUTO exam in May. Tim and Jeff will also discuss how they got from the starting line to the finish line and what they would do differently if they had to do it all over again.
Technologies:
As engineers embrace infrastructure-as-code, building in testing and sanity checks of the proposed changes becomes critical. Batfish is an open-source tool that does network configuration analysis. Some of the project's capabilities include analysis of system information, routing and forwarding tables, and ACLs. Batfish is written in python and is consumable in python, but also has Ansible modules available.
We will demonstrate using Batfish to ensure our ACLs are doing what we expect them to do. Finally, we will look at using Batfish in a CI pipeline to automate configurations upon check-in to version control.
Technologies: