DEVCOR - Infrastructure as Code - Puppet Commands

 Over the next series of blog posts I'm going to set out the commands required in order is install and run Infrastructure as Code solutions - Puppet, Chef, Ansible, Terraform.

I'm not going to go in to any depth on explanations per say, these are meant to be command guide posts allowing you to ensure you have correct sequence of events in mind and can easily identify answers if they ask 'Which command do you use to execute XYZ' or perhaps a drag and drop type question stating 'Put these commands in the correct order'

So lets start with Puppet.

Assume we are installing the server and agent on Ubuntu servers. 

1) Download Puppet using wget:
 $ wget https://apt.puppet.com/puppet7-release-focal.deb

2) Install Puppet with dpkg utility:
 $ sudo dpkg -i puppet7-release-focal.deb

3) Run an update to ensure you have all the latest package information:
 $ sudo apt-get update

4) Install the Puppet Server:
$ sudo apt-get install puppetserver

5a) Start the Puppet Server service:
$ sudo systemctl start puppetserver
$ sudo systemctl enable puppetserver

5b) Check the Puppet Service is running:
$ sudo systemctl status puppetserver

Puppet Server is now installed.

Now lets install the Puppet Agent, go to your server/destination that will be running the agent.

1) Install the Puppet Agent
$ sudo apt-get install puppet-agent

2a) Add the package binaries to the Ubuntu executable path, first run the Puppet Agent profile script
$ source /etc/profile.d/puppet-agent.sh

2b) Next, check the executable path is as expected:
$ echo $PATH
      *Note output should contain - : /opt/puppetlabs/bin - at the end of the line.

3) Confirm Puppet is install correctly and check the version is as expected:*
$ puppetserver -v
$ puppet -V
$ puppet agent -V
       * Note - the lowercase v for the puppetserver cmd and the uppercase V for the puppet cmds.

4a) Configure the Puppet Server destination that the Puppet Agent targets:
$ sudo puppet config set server puppetserver.networkstudies.co.uk
* obviously set this to whatever your server FQDN is

4b) Confirm this is correct by checking the puppet.conf file:
$ cat /etc/puppetlabs/puppet/puppet.conf

5) Start the Puppet Agent service:
$ sudo puppet reseource service puppet state-running

6) Test the Puppet Agent connectivity
$ sudo puppet agent --test

CCNA - Starting Out For Free (...or at least very nearly...)

 Over on the Learning Network some one asked how to get started with studying the CCNA.

I thought I'd post my reply here as well in case it can be of help to any one.

'Assuming you're starting out from scratch, if you work in an environment that has its own IT dept or even better a Networks team, start speaking to them. Find out what tech they use, what systems are used to monitor the tech and what new technologies are being looked at for the future. This gives you your focus.

Next, what to study.

 

There are no prerequisites to studying and passing the CCNA exam.

 

In an ideal world I would recommend you ask your employer to fund a place at your local Networking Academy on a CCNA course. Its a fantastic training program and really sets out the ground work that all other networking builds upon.

 

If you're self funding, then there are loads of free/ low cost resources you can access.

 

The hardest part is trying to determine where to start? You want to be fully prepared to be able to sit and pass the CCNA exam. So I recommend you start by checking out the exam topics here. Now you have a list of topics you can start making a plan to study each area.

 

If you can, buy the CCNA Official Cert Guide which has sample questions and provides a framework to cover the topics being tested in the exam.

 

The Learning Network has a fantastic CCNA Learning Plan that you can work through in preparation for your exam.

 

Lean on this community, keep an eye on the CCNA community pages. Watch the CCNA training series here (again for free).

 

Check out the free tier on CiscoU - work through the Automation learning path which will set you on a path for automating networks and future proofing your skills.

 

YouTube has loads of free CCNA courses. I recommend David Bombal's Complete CCNA Course or Network Chuck's free CCNA course

 

You can practice building networks and study packets as they move across the network using Packet Tracer from the Network Academy.

 

You can practice the technologies covered in the exam topics for free at the Cisco DevNet website. There are labs, learning paths and tutorials all for free that can help with preparing you for the CCNA exam.

 

Finally, you will need to know your subnetting. On the exam there will be loads of questions such as 'Which network is this host IP on?' or 'How many hosts can you have on this network?' These type of questions provide an opportunity to gain easy marks and can be answered quickly if you know your subnetting.

 

Practice, Practice, Practice! you can access subnetting questions here and aim to be able to answer any subnetting question within 20 seconds. You can gain easy marks and recover time on the exam to use up on harder questions.'

DEVNET - My DevNet Journey - 1 year in!

 It's been just over a year since my first Cisco Live and my introduction to the new DevNet certification track.

Since then I've managed to cover so much and looking back I've got to say I'm really proud with myself on how far I've come.

From a standing start, knowing little of network automation or the technologies associated with it, I have:

• Completed Hank Prestons Programming Fundementals course
• Completed the DevNet Fundementals online training course
• Completed Nick Russo's DevNet Associate Path on PluralSight.com
• Completed many Cisco DevNet Sandbox's
• Sat and passed the Cisco Certified DevNet Associate exam
• Joined the Cisco DevNet Class of 2020

As I look forward to the rest of 2021, I'm thinking about what's next and how I can utilise my studies at work. 

I'm aware one of the business objectives in my team will be to adopt 'network automation' - what manner that will take has not been defined yet so I have a real opportunity to get in at the ground level help move the business processes forward.

Wth that in mind I plan to set out new list of personal targets to take me to 2022 and beyond. 

In no particular order:

• Get hands on with Ansible, YAML and gain an understanding of Ansible Tower
• Look into CI/CD pipeline, in particular Jenkins
• Get a better handle on GitHub and Git, and tidy up my repo
• Keep working on the Cisco DevNet Sandboxes to keep the DEVASC skills fresh
• Consider the DevNet Professional certfication in order to renew my CCNP before 2023

Exciting times ahead.

All the best with your studies and keep moving forward.

DEVNET - DevNet Fundamentals Course - Done

 After just short of 6 months I'm pleased to say that I've completed the DevNet Fundamentals course on DevNet.

I really enjoyed the content and found the course flowed well.

As a fundamentals course it outlines a particular area, such as NETCONF, and outlines its main attributes and you generally get started.

Early in the course it introduces Python. Whilst the course does offer insight in to Python I would say its really not covered in any depth and you need to plan to study this separately. I'm going to start 'Automating the Boring Stuff' and take it from there. 

Another topic introduced but not covered in as much depth as I would have liked is application testing. Various testing concepts were presented such as UnitTest and PyTest but I didn't feel I was comfortable with the foundations at the end of topics. I suspect this was mainly down to my short comings with Python so I'll try again once I feel more confident.

One of the areas I did get alot out of however was the section on API's. I've had colleagues demonstrate various tasks via API calls and there were a few moments in the course where I went 'I've seen this!' 

One the things I liked the most was the hands on learning incorporated in to the online course its self. It was really useful to take part in hands on demonstrations such as getting started with GIT, REST APIs, or demonstration of Ansible.

Would I recommend it? Absolutely! This course lays the ground work for the DevNet Associate exam. I don't think there's enough in it to use as your only source material for the exam but when has that ever been the case for a training course?

As a career networker with no experience of coding or automation I found this to be an excellent use of my time. 

Finally, there is an added bonus with this course! The Cisco Continuing Education programme!

This course is worth 48 CE credits to go towards the re-certification of your certificates. Thats huge! I'm a CCNP and CCDP so to recertify I need 80 CE credits. As a result of this course I now just need 32 CE credits over the next 3 years to re-certify all my certifications without sitting an exam. A few Cisco Live sessions and I'm done. Brilliant!

Soooo what next?

There are 3 areas that I'm going to follow up immediately:

1) Firstly I intent on working on my Python. I've got a number of simple projects in mind, whilst they're not going to set the world alight they might make a few tasks at work a bit more interesting.

2) Next I'm going to complete the Nick Russo's Cisco Certified DevNet Associate (DEVASC 200-901) learning path on Pluralsight.com

 3) At the same time I'll be chipping away at the DevNet Learning path, doing the labs and getting a handle on concepts such as GIT and RESTCONF/NETCONF

Following up on my check list from the start of the year, here is my progress so far:

• Get it set up.  <<DONE
• Install Visual Studio Code.  <<DONE
• Link to my Github profile (?) page(?) whatever...<<DONE
• Make Cisco DevNet my homepage. <<DONE
• Work through the Programming Fundamentals course. <<DONE
• Work through the DevNet Associate Fundamentals course. <<DONE
• Move on to the DevNet sandbox environments and have a play there.  <<ON GOING
• Pluralsight.com - Nick Russo's DevNet Associate Path <<ON GOING
• DevNet LEarning Path Labs - <<ON GOING
• Start learning Python <<ON GOING
• Work through the Visual Studio Code Python tutorial  <<TO DO
• Check out NAPALM  <<TO DO
• Check out Netmiko  <<TO DO

Onwards...

DEVNET - My DevNet Journey

Its update time.

Lets see where we are with things so far then...

• Get it set up.  <<DONE
• Install Visual Studio Code.  <<DONE
• Link to my Github profile (?) page(?) whatever...<<DONE
• Work through the Visual Studio Code Python tutorial  <<TO DO
• Make Cisco DevNet my homepage. <<DONE
• Work through the Programming Fundamentals course. <<DONE
• Work through the DevNet Associate Fundamentals course. <<ON GOING
• Move on to the DevNet sandbox environments and have a play there.  <<ON GOING
• Check out NAPALM  <<TO DO
• Check out Netmiko  <<TO DO

My main focus has been working through the Programming Fundementals video course on DevNet

I feel I'm making steady progress but given this is a side project for me I doubt I'm going to make the DevNet 500.

I'll look at posting some further stuff on how I set up the various bits above shortly.

See you soon.

Stop Starting...

One of the things I'm struggling with as I attempt to get into network automation and programming is the huge volume of information.

There's DevNet, all the Cisco YouTube channels, udemy courses, cbtnuggets, Cisco press back catalogue, blogs, twitter, Facebook groups, webex teams, the list goes on and on.

I've found that I've been utterly daunted by just how much information is out there.

I spotted a quote on twitter just yesterday though -

'you must build an actual project '  @wellpaidgeek

- which pretty much summed me up.

I've spent so much time researching that I've been unable to see where to start. I look at one area and it sends me on to another, and another, and another. Before you know it I've watched 4 YouTube videos and read various blogs and not actually done anything!

So today marks my first actual steps.

I've got my new laptop due for delivery any time now. First tasks are:

• Get it set up.
• Install Visual Studio Code.
• Link to my Github profile (?) page(?) whatever...
• Work through the Visual Studio Code Python tutorial
• Make Cisco DevNet my homepage.
• Work through the Programming Fundamentals course.
• Work through the Python Fundamentals course.
• Move on to the DevNet sandbox environments and have a play there.
• Check out NAPALM
• Check out Netmiko

Thats all well and good but I've not actually 'done' anything even if I manage to clear that lot any time soon...

As result a simple task I'm going to look at will be :

• A simple Python script to take pre and post change snapshots of the kit I work on. 
• Next, develop it so I can split out specific tasks based on the type of device I'm making a change on.
• Next, add a Diff process to compare the before and after state of my changed devices.
• Further down the line I want to be able to look at the active connections at any one time and run a comparison for before and after my change.
• Next, lets take all that detail and store it in a central location to be reviewed at a later date if needs be. 
• Those are all read only tasks so I guess at some point I'll be looking to run the actual change and then run all the post checks as well.
• It would also be nice to have a basic web page our ops team can reference to check the live status of the connections on the devices I'm working.
• The list goes on...

Now you might say 'Hey, Sparky! there's already code out there that can do that!' - well yes, that's true. But where's the fun in copying some one else's work? what would I learn?

Today is the day I stop starting and simply start doing.

Wish me luck!

Cisco Live 2020 - Barcelona

I was able to attend Cisco Live 2020 in Barcelona this year and it was EPIC!

It's the first time I've been to Cisco Live and had no idea what to expect. I thought I'd make a few notes on my experience with the view of keeping a list of reminders in the event that I get to go again.

In no particular order:

• Wear comfy shoes, I was walking at least 12km each day!
• Don't worry about the schedule - it is not possible to do everything you might want to do so pick out your 'must do's' then use the app to bookmark anything else of interest
• Download and use the app - Cisco Events - about 2-3 days before the event the Cisco Live event was added and I could login in using my Cisco account and access my schedule (that I had already started to fill up online)
• Make time for the World of Solutions hall and the The Hub / DevNet halls - its not all break out sessions. 
• Get to the Walk-in Labs early, find out what time it opens and get there before 9am - I found that after my 9am talks I'd get to the Walk in Lab area at around 9:30 and all the seats were full and there was a massive queue.
• Same for Capture the Flag - it fills up quick so get there early or go there late in the day
• The food was awesome, everything was free (meals, sandwich bags, tea, coffee, fizzy drinks) and breakfast was also available via pastries and muffins!
• Get Social - Follow @CiscoLiveEurope and monitor #CLEUR for updates and news
• Drop  in on sessions that have already started, if you spot a session that you hadn't seen on the schedule before you arrived don't think twice about rocking up and standing in the corner. I did this a few times and found there was always a spare chair. People's plans change and I never had trouble find a chair even on the ones I hadn't registered for prior.

Would I go again? ABSOLUTELY! I learnt more in one week at Cisco Live than I had in previous roles going back years. In your day to day role you will no doubt have a set number of duties and its really easy to forget that there's more to networking than the bit you do. Cisco Live opened my eyes to whats out there and what's coming in the future and it was amazing.

I also loved the fact that I was with like minded people who were enthusiastic and that got me really engaged and excited about the possibilities on my return to work.

I doubt I'll get to go to Amsterdam next year but I'll be sure to be planning a visit as soon as I can.

New Year - New Posts!

How long is it since I've posted!

A lot has happened since my CCDP Arch posts. I passed my CCDP - Yey! I've re-certified all my Cisco certs with a last gasp effort last autumn whilst the counter to the 4th November (expiry day) was counting down.

It took me 3 attempts to clear the CCNP - ROUTE , with a week to go, which brings my routing up to date given my last routing exam was the BSCI.

2020 marks my first time at Cisco Live as well. Really looking forward to Barcelona on the 27th and I'll be adding a few posts around my experiences as a first timer.

Finally I'm intending on picking up the ENCOR study material and get my self prepared for the CCIE lab - eek! - Not sure if I'll clear it but what the hell, I'll pick up a load of skills on the way.

Good luck in your NetworkStudies folks!

CCNP - ENTERPRISE - DESIGN - Command Reference

This article looks to collect together the most frequent commands associated with the CCDP ARCH exam.

The point being that these are easy marks to pick up on the exam when you get a question such as 'Name the command that allows you to [insert task here]'

This list is by no means complete and I'll add further commands as I find them.

OSPF - Originate a default route in to OSPF
    #router ospf 10
        #default-information originate [always]

OSPF - On the ABR filter out all advertised routes accept those listed in the range command
Limits the size of the DB and reduces the flooding internally
    #router ospf 1
         #area 20 range 192.168.200.0 255.255.255.0

OSPF - On the ASBR filter routes sent out externally to those explicitly listed.
    #router ospf 20
         #summary address [prefix] [mask]

OSPF - Tune the OSPF hello timer interval for faster convergence
    #interface f0/0
        #ip ospf hello-interval [seconds]

OSPF - tune SPF timers to increase efficiency
    #conf t
          #timers throttle spf [spf-start] [spf-hold] [spf-max-wait]

OSPF - Increase the reference bandwidth to factor in high speed link such as 10GB ethernet, do this across all links for consistency
    #router ospf 20
          #auto-cost reference-bandwidth 10000 (for 10Gb ethernet links)

EIGRP - Originate a default route in to EIGRP
    #conf t
         #ip default-network [network ip]

EIGRP - configure unequal-cost load balancing
    #router eigrp 1
       #variance 2

BGP -configure neighbor as a Client of the route reflector
    #router bgp 65123
        #neighboor 1.1.1.1 route-reflector-client

IPv6 - enable IPv6 routing for use with RIPng, EIGRP for Ipv, OSPFv3 etc
    #conf t
         #ip v6 unicast-routing

IPv6 - Define a base prefix to use for addressing:
  #conf t
       #ipv6 general-prefix [prefix]

CEF - Eliminate CEF Polarisation where one redundant link ends up being preferred to the other
    #conf t
         #mls ip cef load-sharing

EtherChannel - Use this to ensure all links within an Etherchannel bundle are utilised effectiviely
    #conf t
        #port-channel load-balance src-dst-port

FlexLinks  - Configure a port to act as a resilient backup for FlexLinks. Configure this on the primary link.
    #interface f0/10
       #switchport backup-interface [interface id]

CCNP - ENTERPRISE - DESIGN - Well Known Multicast Addresses

In the CCDP ARCH exam there are numerous refereences to Multicast addresses.

This post is to simply catalogue those that are specifically refered to in the various reading materials I've covered.

Address Scope:

• 224.0.0.0 /4 - Class D reservation

Address type:

• 224.0.0.0 to 224.0.0.255 - assigned by IANA for services (detailed below)
• 224.0.1.0 to 224.0.1.255 - Control Block - assigned by IANA for traffic crossing public networks e.g.- NTP 224.0.1.1
•  224.0.2.0 to 224.0.255.255 - AD-HOC block assigned by IANA for addresses that don't fit the above ranges
• 224.3.0.0 to 224.4.255.255 - AD-HOC block assigned by IANA for addresses that don't fit the above ranges
• 233.252.0.0 to 233.255.255.255-  AD-HOC block assigned by IANA for addresses that don't fit the above ranges
• 232.0.0.0 255.0.0.0 - Source-Specfic Multicast Addresses
• 233.0.0.0 255.0.0.0 - GLOP addresses - Originally experimental now publically assigned addresses for use by ISPs and any organisation want to ublich content over Multicast
• 234.0.0.0 255.0.0.0 - Uni-cast Prefix addresses
• 239.0.0.0 255.0.0.0 - Administratively scoped IPv4 addresses, locally assigned, not globally unique

Well Known Addresses:

224.0.0.1 The All Hosts multicast group addresses all hosts on the same network segment.

224.0.0.2 The All Routers multicast group addresses all routers on the same network segment.

224.0.0.5 The Open Shortest Path First (OSPF) All OSPF Routers address is used to send Hello packets to all OSPF routers on a network segment.

224.0.0.6 The OSPF All Designated Routers ""(DR)"" address is used to send OSPF routing information to designated routers on a network segment.

224.0.0.9 The Routing Information Protocol (RIP) version 2 group address is used to send routing information to all RIP2-aware routers on a network segment.

224.0.0.10 The Enhanced Interior Gateway Routing Protocol (EIGRP) group address is used to send routing information to all EIGRP routers on a network segment.

224.0.0.13 Protocol Independent Multicast (PIM) Version 2

224.0.0.18 Virtual Router Redundancy Protocol (VRRP)

224.0.0.19 - 21 IS-IS over IP

224.0.0.22 Internet Group Management Protocol (IGMP) version 3

224.0.0.102 Hot Standby Router Protocol version 2 (HSRPv2) / Gateway Load Balancing Protocol (GLBP)

224.0.1.1 Network Time Protocol clients listen on this address for protocol messages when operating in multicast mode.

224.0.1.39 The Cisco multicast router AUTO-RP-ANNOUNCE address is used by RP mapping agents to listen for candidate announcements.

224.0.1.40 The Cisco multicast router AUTO-RP-DISCOVERY address is the destination address for messages from the RP mapping agent to discover candidates.

224.0.1.41 H.323 Gatekeeper discovery address

239.255.255.250 Simple Service Discovery Protocol address