Ansible Cheat Sheet Facts ansible host -m setup -i inventory.yaml --- - hosts: spine,leaf gather_facts: yes connection: local tasks: # - name: Gather facts (eos) # arista.eos.eos_facts: # when: ansible_network_os == 'arista.eos.eos' - name: Display some facts debug: msg: "The hostname is {{ ansible_net_hostname }} and the OS is {{ ansible_net_version }}" - name: get interface status arista.eos.eos_command: commands: - command: show int status when: ansible_net_version == "4.29.1F" register: int_status - name: Create backup dir file: path: "backup/{{ inventory_hostname }}" state: directory recurse: yes - name: save interface status local_action: module: copy content: "{{ int_status }}" dest: backup/{{ inventory_hostname }}/{{ inventory_hostname }}.

manual config int vxlan 1 vxlan source-interface loopback 0 vxlan vlan flood vtep 10.11.11.11 10.12.12.12 vxlan vlan 101 vni 10101 ! config with bgp int vxlan 1 vxlan source-interface loopback0 ! use 1 in case of mlag peers vxlan udp-port 4789 vxlan vlan 101 vni 10101 router bgp 650xx vlan 101 rd 10.11.11.11:101 !for mlag use shared loopback addr (1) route-target both 101:10101 redistribute learned exit vxlan troubleshooting commands sh vxlan vtep sh vxlan address-table sh vxlan flood vtep

test test bla Spine config router bgp 65100 maximum-paths 2 ecmp 2 neighbor EVPN-OVERLAY peer-group neighbor EVPN-OVERLAY next-hop-unchanged neighbor EVPN-OVERLAY update-source Loopback0 neighbor EVPN-OVERLAY ebgp-multihop neighbor EVPN-OVERLAY send-community neighbor EVPN-OVERLAY maximum-routes 0 neighbor 10.0.1.11 peer-group EVPN-OVERLAY neighbor 10.0.1.11 remote-as 65001 next-hop-unchanged is only necesary in older EOS versions. in newer ones it’s the default value for EVPN peerings default behaviour of iBGP is next-hop-unchanged default behaviour of eBGP is next-hop-self

VXLAN/EVPN - BGP underlay Design Options using IGPs In case you need IGPs choose IBGP as an overlay and any IGP (ospf, is-is, etc.) for the underlay. using BGP in the underlay If your vendor offers a easy and robust implementetion of EVPN over eBGP go for an eBGP-only EVPN implementation. spine switches should not be involved in intra-fabric traffic forwarding the BGP-next hop in an EVPN update must not be changed (next-hop-unchaganged) on the path between egress and ingress switch.

Build a docker image for unifi controller Planning Requirements (minimal req. to manage just a few devices) Ubuntu 22.04 / Debian 11 CPU x86-64 RAM 2Gb Network 100Mb HDD min 10Gb, 20Gb recommanded Java JRE 8 Mongo DB > 3.2 (unclear if newest version is supported) Source: deciding to go with debian because I’m more familiar with it.

Run Unifi Controller in K8S Install MicroK8S sudo apt update sudo apt install snapd sudo snap install core sudo snap install snapd sudo snap install microk8s --classic sudo usermod -a -G microk8s $USER sudo chown -f -R $USER ~/.kube Install Traefik helm repo add traefik https://helm.traefik.io/traefik helm repo update helm install traefik traefik/traefik -n traefik --create-namespace Configuration traefik-values.yaml ports: traefik: httpalt: port: 8080 expose: true protocol: TCP # It will persist TLS certificates.

Composition Files Chart.yaml apiVersion: v2 name: helm-osi description: A Helm chart for the osi application # A chart can be either an 'application' or a 'library' chart. # # Application charts are a collection of templates that can be packaged into versioned archives # to be deployed. # # Library charts provide useful utilities or functions for the chart developer. They're included as # a dependency of application charts to inject those utilities and functions into the rendering # pipeline.

Cloud Services LAB Commands Task2 helm repo add svc-cat https://kubernetes-sigs.github.io/service-catalog helm search repo service-catalog helm search repo service-catalog kubectl create namespace svc-cat helm install catalog svc-cat/catalog --namespace svc-cat kubectl get all -n svc-cat Task3 helm repo add minibroker https://minibroker.blob.core.windows.net/charts helm install minibroker minibroker/minibroker --namespace srv-cat svcat get broker svcat get classes svcat describe class postgresql svcat provision orderdb --class postgresql --plan 11-6-0 -p postgresqlDatabase=orderdb -p postgresqlUsername=dbUser kubectl get pods,svc svcat bind orderdb --name orderdb-binding --secret-name orderdb-secret svcat get bindings svcat describe binding orderdb-binding --show-secrets kubectl describe secret orderdb-secret svcat unbind orderdb svcat deprovision orderdb Task4 svcat get instances svcat get bindings svcat describe binding orderdb-binding --show-secrets Files k8s/microservice-order.

DevOps continous Delivery faster time to market immediate feedback shorter innovation cycle minimize risks only small changes prove that sw is building find broken build fast and early awareness of current sw status no dependencies on key personell Improve Product Quality automated testing & code auditing documentetd history of builds to verify issues Phases of Software Automation Pipeline Build automation Developer runs build and unit tests on his machine Continuous Integration auto.

12 Factor Apps Code Base Dependencies Config Backing Services Build, release, run Processes Port Binding Concurrency Disposability Dev/prod parity Logs Admin Processes Test Exam Explain the difference between dependency declaration and isolation. Cloud nativ Apps never expect packages to be already available, but fully declare all needed dependencies. Dependency isolation means, there is a toolset making sure no dependencies are leakd into the container from the sourounding system.