Network Configuration with Ansible

Demonstration showing how Ansible and Ansible Tower can be used to configure multi-vendor networks.

The network templates and variables are stored in a git repository, so we have version control for the entire network. It’s not necessary to store running configurations, as they can be rendered any time from the Jinja2 templates and variables.

Compliance job renders configurations and compares with running configuration, reporting any differences. This information could be used in change control tickets.

Reconcile job renders configurations and applies commands necessary to bring running configurations into compliance.

We have written an Ansible module, which is a wrapper for NAPALM to simplify the playbooks.

Contact us at info@evolvere-tech.co.uk

IPFIX in Elastic

Want to use the power of the elastic stack to analyse Netflow and IPFIX? Here’s how to get started.

Create a logstash configuration file in /etc/logstash/conf.d/

# IPFIX -> Logstash -> Elasticsearch pipeline.
input {
  udp {
    port  => 2055
    codec => netflow
  }
}
output {
  elasticsearch {
    hosts => ["http://10.9.100.36:9200"]
    index => "ipfix-%{+YYYY.MM.dd}"
  }
}

You may need to restart logstash. Your elastic stack will now be listening for Netflow and IPFIX records on port 2055, and post the data to an elastic host index ipfix-2019.05.31 for example.

For testing, we used an IOS-XE router:

flow exporter ELASTIC
 destination 10.9.100.36
 transport udp 2055
 export-protocol ipfix
!
!
flow monitor DEMO-MON
 exporter ELASTIC
 record netflow ipv4 original-input
!
interface GigabitEthernet4
 ip flow monitor DEMO-MON input

And that’s it! Now enjoy creating graphs and charts of your network.

Digital Transformation

As pragmatic solution providers, we are sceptical of hyperbole at Evolvere. Digital Transformation however is real, with enterprises expected to spend close to $2 trillion this year. 

Unfortunately, 70% of large-scale transformation projects fail.

Digital Transformation requires radical changes for technology, processes and people.

At Evolvere, we provide solutions that can automate existing infrastructure and facilitate transition to new technology, helping deliver Digital Transformation.

Some reasons why Digital Transformation projects fail and how Evolvere can help avoid common issues:

 

Pace of change

Most large enterprises have big, complex legacy estates with significant amounts of technical debt. Coupled with technology silos, local knowledge and snowflake devices, the challenges preventing increased rates of change mount up quickly.

Evolvere have automated discovery and migration of global datacentres for several blue-chip organisations using open source technologies and our extensive industry experience, reliably moving over 100,000 servers. Using automated tools to complete the task ensures that information is gathered consistently, completely and can be presented and consumed easily, ultimately significantly increasing change cadence for projects

Evolvere have also helped companies leverage Ansible; from running their first playbooks to developing full life-cycle systems. We are Ansible Experts and have produced thousands of lines of Ansible YAML and Custom Module code to help our customers get a consistent, robust platform which can be utilised across technology teams

digital-transformation.png

Lack of Integration

Evolvere are experts in making systems work together with APIs.

Our ACIReactor product can automate Cisco ACI policy, configure load-balancers and firewalls, and potentially anything that has an API.

Evobeat, our customisable telemetry solution, can bring key metrics from any device into a single pane.

Additionally, we’ve worked with customers to;

  • populate Infoblox with AWS IP address information; making use of configurable metadata to ensure teams have visibility of address space utilisation across their entire estate, quickly and efficiently.

  • migrate applications, batch jobs and services to container platforms, making use of open source tools such as Rancher ( https://rancher.com ) to ensure new systems are easy to use and consume

  • automate DNS record management, providing end user self service for 10’s of thousands of DNS records using customised business validation, ensuring standards are maintained without slowing down internal customers workflows

  • fully automate development pipelines ensuring all workflow steps happen without human intervention - from checking and risk assessing code changes, through creating change management tickets, all the way to deploying to production

  • automate implementation of Enterprise Transit VPC - a modification of the standard Transit VPC deployment taking into account the key considerations of a Regulated Enterprise such as Change Windows and Security/Privilege configuration

 

Lack of Skills

We deliver our solutions using open-source technology. Evolvere also offers training courses and can tailor the content to exactly match the context of a deployment or project, ensuring customers get meaningful and immediate return on training investment. 

Using key Evolvere tools and experience, we can help scope and define a programme of works to automate critical infrastructure that provides rapid results.