►
From YouTube: Community Stream #19: John Capobianco
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Give
it
a
second
to
to
catch
up
on
the
website,
so
it
is
1204.
We
are
technically
four
minutes
late.
Welcome
to
the
NRI
livestream,
it's
our
it's!
The
NRI
labs,
bi-weekly
livestream,
where
we
interview
people
in
the
network,
automation,
space,
interesting
people,
sometimes
people
who
are
network
engineers
just
out
in
the
field
doing
networking
stuff.
Sometimes
we
have
other
people
like
today's
guest
John,
Capobianco,
perfect,
perfect
I
should
have
asked
before
Imahara.
Not
your
name.
A
John
is
the
John.
Is
the
head
network
engineer
at
the
Parliament
of
Canada,
and
today
he's
gonna
talk
to
us
about
his
efforts
in
that
organization,
starting
an
automation
practice
and
what
I'm
a
ssin
is
done
for
him.
This
is
gonna
be
very
interesting.
I
did
talk
a
little
bit
about
it
before
we
started
so
I'm
kind
of
excited,
and
we
also
have
Matt
on
the
line,
hello,
man,
otherwise
no
one
is
Merdan
on
twitter,
he's
the
brains
behind
the
network,
the
enemy
labs
engine.
B
Well,
thanks
for
having
me,
this
is
my
first
podcast,
so
I'm
a
little
nervous,
but
I
appreciate
that
you
guys
invited
me
along
and
so
for
the
past
six
years,
I've
been
the
senior
network,
architects,
IT,
integrator
planner
for
the
House
of
Commons,
the
Parliament
of
Canada,
that
includes
the
House
of
Commons,
the
Senate,
the
library,
the
parliamentary
security
offices
and
some
ancillary
services.
So
this
is
downtown
Ottawa
Ontario
Canada.
B
We
have
approximately
40
buildings
in
the
downtown
Ottawa
core
that
make
up
our
campus
and
then
every
member
of
parliament
has
up
to
three
constituency
offices
or
the
Riding
office
there
branch
office
so
about
450
remote
sites
connect
in
as
well
over
our
VPNs
when
I
first
joined
the
House
of
Commons,
the
goal
was
to
completely
rip
and
replace
their
existing
network
infrastructure.
That's
data
center
campus,
wide
area
network,
everything
firewalls
top
to
bottom
rip
and
replace
of
the
network,
and
that's
what
I've
been
doing
for
about
six
years
now.
B
The
transformation
has
been
quite
radical
when
I
joined
there
was
no
Wi-Fi
on
the
hill.
So
there's
no
wireless
access
points,
no
wireless
networks,
even
senators.
Even
six
years
ago,
there
was
no
voice
over
IP,
it
was
all
Potts
telephones
and
it
was
more
or
less
a
big
flat
layer
to
network
that
was
very
long
on
the
tooth
and
was
due
to
be
replaced
when
I
joined,
so
that
that's
kind
of
setting
the
stage
for
where
I've
been
within
the
last
three
years.
B
We
started
to
find
the
scale
and
the
complexity
of
this
network
was
starting
to
hinder
our
agility
hinder
our
operational
practices.
Things
were
taking
a
very
long
time
to
roll
out,
mainly
given
to
the
scale,
but
also
to
the
tooling
and
the
practices
that
we
had
been
using
to
date,
which
was
more
or
less
someone
at
my
level
would
draft
up
the
changes
to
the
network,
put
it
into
a
ticketing
system.
Someone
in
operations
would
pick
up
that
ticket
and
more
or
less
CLI
into
each
device
and
copy
and
paste
the
commands
in.
A
Wanted
it's
very
common,
very
common:
it's
like
one
of
them,
gossip
chains
rate
like
hey,
you
should
do
this
and
the
other
person
listens
and
they're
like
oh
and
they
and
they
go
down
the
chain
further
right
now,
that's
it's
amazing
that
that
that
that's
a
not
an
operational
model.
People
adopted
yeah.
B
B
Now
that's
an
outage
per
building,
there's
40
buildings.
Things
could
go
wrong.
Some
sites
actually
have
a
transit
router,
so
there
might
be
four
sites
that
connect
to
a
single
site
and
then
that
site
connects
back
to
the
core,
and
you
know
when
they
say
well:
what's
this
gonna
do
for
us
and
I
said
well,
it's
gonna
bring
link-state
advertisements
down
to
two
milliseconds.
It
wasn't
very
exciting
or
sexy
to
introduce
all
these
outages.
B
So
that's
where
I
had
previously
been
exposed
to
ansible
at
a
convention
where
they
had
a
developer,
Network
type
thing,
and
they
introduced
me
to
it
there
and
I
thought
this
might
be
a
good
opportunity
for
us
to
try
some
of
this
network
automation
I,
keep
hearing
about,
and
this
particularly
this
ansible
tool
that
I've
been
told
about,
and
it
let's
say
the
outcome
was
very
successful.
It
was
what
we
wanted
to
do.
My
operations
team
instead
of
a
big
you
know,
30
attachments
with
instructions
per
site,
I
gave
them
a
one-line
command.
B
I
said
login
to
this
Linux
box
run
this
one
command,
you
know
and
then
either
still
validation
and
stuff,
but
it
will
go
ahead
and
make
all
these
changes
in
the
orchestration
in
the
order.
I
want
them
to
be
made
in
there
shouldn't
be
any
outages
and-
and
it
went
to
plan
and-
and
it
was
very
exciting
for
us
to
see
this
actually
work.
I
think
the
change
took
45
seconds
from
the
time
they
pressed
entered
to
the
network
returning
to
its
stable
State.
B
Now
this
opened
up
all
kinds
of
doors
and
all
kinds
of
thinking,
and
it
was
very,
it
really
had
a
not
a
bomb
but,
let's
say
a
rock
being
dropped
into
a
river.
It
really
created
a
lot
of
ripples
throughout
design
and
architecture
and
security
and
operations
and
wow
this.
This
is
something
we
could
really
latch
on
to.
So
when.
B
Actually,
the
configuration
under
the
interface
we
had
just
left
it
to
the
default,
which
is
which
which
treats
it
as
a
multi-point
link,
so
it's
actually
using
broadcast
and
when
that
link
comes
down
when
it
comes
back
up,
it
has
to
wait
for
the
broadcast
response.
But
the
thing
is
we
there's
slash
30s,
so
there
was
no
reason
for
us
not
to
just
implicitly
say
you're,
a
point-to-point
link
and
don't
broadcast
just
come
up
with
your
other
point-to-point,
so
that
you
know
that
that
was
something
we
wanted
to
tune.
B
But
you
know
if
it
never
got
fixed.
If
we
didn't
address
the
issue,
you
know
other
than
when
a
building
come
offline
and
come
back
online,
there
wasn't
a
lot
of
business
value,
but
it
was
something
we
wanted
to
do
for
my
best
practices,
point
of
view
on
the
network
and
add
some
resiliency
sure
so
I
actually
have.
B
C
B
C
Can't
always
tell
them
to
stop
so
that
you
can,
like
you,
know,
break
that
apart
a
little
bit.
Did
that
talk
talk
to
me
a
little
bit
about
how
that,
having
that
presence
in
your
network,
just
that
implicit
fragility.
Did
that
impact
your
your
basically
did
that
impact
the
feelings
that
you
had
about
either
making
changes
in
general,
but
especially
making
automated
changes,
but
did
you
feel
like
it
was
one
of
those
situations
where
you
like
couldn't
like
you?
Could
I
can't
touch
it?
You
know
hey,
but
it's
it's
kind
of
funny.
C
B
That
hurdle
I
think
it
was
in,
let's
say
showing,
as
opposed
to
telling
so
I
had
the
advantage
that
I
have
a
fairly
large
lab
imprint
and
footprint
where
I
can
play
with
this
stuff.
So
I
actually
brought
my
operations
teams
on
board
and
showed
them
a
live
demo
in
my
lab
environment
to
say
you
know:
here's
exactly
what
we're
doing
with
this
PlayBook.
Here's
the
changes
that
we
would
make,
here's
how
you
would
do
it
manually
without
the
automation
tool-
and
you
know
here,
let's
watch
it
go
and
people
could
see.
B
Okay,
that
the
links
is
only
down
for
two
seconds
as
opposed
to
15
seconds
and
and
we
could
scale
it
as
as
large
as
we
wanted
to
or
as
small
as
we
wanted
to
it
was.
It
was
quite
a
challenge.
I
think
the
largest
challenge,
Network
engineers
in
general,
faced
with
automation,
is
what
I
you
know
what
I've
heard
or
call
the
blast
radius
of
the
network.
B
If
you
know,
if
I
do
some
automated
change
to
an
app
and
something
goes
wrong
well,
that
app
is
affected,
but
if
I
did
it,
if
I
make
an
automated
change
to
cell
eight,
my
building
distribution
layer
I
could
take
out
all
40
buildings
offline
very
easily,
which
has
quite
a
larger
radius
of
impact.
Now
every
app
is
offline.
We've
black
hold.
You
know,
40
buildings
from
the
campus
or
the
closer
to
the
core.
B
We
get
with
our
automation,
the
larger
the
blast
radius
is,
and
it's
you
know,
I,
don't
maybe
I,
don't
agree
that
networks
need
to
be
a
risk-adverse
endeavor,
but
my
senior
management
is
certainly
very
risk.
Adverse
on
the
network
and
I
to
your
point.
I
think
they
would
rather
let
it
die
through
attrition
versus
making
a
bunch
of
changes
that
could
shoot
ourselves
in
the
foot.
B
You
know
I,
think
they're
happy
if
two
years
go
by
and
we
forgot
to
flash
the
iOS
and
some
bug
hits
us
well,
that's
not
as
bad
as
we've
self-imposed
a
problem
on
the
network
because
of
a
change
that
didn't
go
well,
so
I
I'm,
constantly
swimming
upstream
against
the
risk
aversion
for
sure
on
the
on
the
automation
side
of
things.
What.
C
What
do
you
think
I
mean
you're
kind
of
in
the
middle
of
this?
So
maybe
maybe
you
haven't
found
the
right
answer,
but
from
your
perspective,
what
what
kind
of
work
can
you
do
ahead
of
time
to
help
prevent
that
like
if
you,
if
you're,
if
the
main
concern
is
that
the
automation
is
going
to
break
something
because
of
the
blast
radius
issue,
which
I
totally
agree
with
that,
isn't.
C
B
Don't
you
know
it
doesn't
help
me
to
automate
half
of
this
process
and
have
someone
go
CLI
to
CLI
gathering,
show
IP
route
right
or
you
know,
show
SPF
neighbors
or
something
like
that.
So
what
I
try
to
do
now
is
massage
my
play
books
where
I,
either
in
one
orchestrated
play.
You
know
steps
one.
Two,
five
are
going
to
go.
B
Capture
show
interface,
that
a
show
us
bf,
neighbors,
show
routing
tables,
whatever
relevant
information
to
my
change,
go
ahead
and
make
my
change
and
then
post
change
regather,
either
the
same
routing
tables
and
Mac
tables
interface
status
whatever,
and
they
all
get
put
into
my
repository
centrally
and
and
through
a
tool.
You
know
diff
between
the
pre
and
post
changes,
there's
still
some
manual
stuff.
There
we've
also
interjected
some.
B
Now
in
that
CI
CD
I
would
love
to
interject.
Before
you
deploy
automatically
run,
some
tests
automatically
go
ahead
and
ping.
Some
interfaces
from
some
different
vrf
sore
make
sure
you
can
route
or
make
sure
the
ACL
is
denying
before
you
actually
continue
and
execute
that
playbook.
So
I
I
don't
think
that
people
should
shy
away
from
automation.
I
think
they
just
need
to
see
the
forest
from
the
trees
and
say
what
you
know:
what
can
I
really
automate?
B
C
B
I
agree
with
that
and
I
think
I
not
to
get
into
vendor
religion
or
anything,
but
I.
Think
you
on
the
Juniper
side
of
the
house
have
a
little
more
advantage
in
that
you
can
do
stateful
type
things
I'm
kind
of
let's
say,
handicapped
by
the
Cisco
world,
where
I
can't
just
put
an
end
state
config
through
my
ansible
I
actually
have
to
handle,
you
know,
say:
I'm,
adding
a
DHCP
helper
or
an
NTP
server.
Well,
my
playbook
actually
has
to
know
out
remove
obsolete
stuff
if
they're
obsolete.
B
It's
not
like
software,
which
is
you
know,
I
repackage
an
exe
and
everything
is
all
included
and
I
push
it
out
to
the
network
with
with
Cisco
in
particular,
I
have
to
ok,
if
I'm,
making
a
change
to
a
vrf
interface
and
I
changed
the
vrf.
It
removes
the
IP
address
automatically
so
I
have
to
remember.
To
put
it
back
in.
You
know,
like
you're,
just
substituting
what
someone
would
do
at
the
CLI
like
I've.
Never
we've
all
heard
software-defined,
networking
and
Sdn
is
coming
and
it's
gonna
change.
B
Everything
and
now
I
might
be
wrong,
but
my
interpretation
of
software-defined
networking
is
is
the
abstraction
from
the
control
plane
and
the
data
plane
to
me,
the
sensible
stuff,
this
network
automation
stuff,
takes
software-defined
networking
up
to
the
management
layer,
not
the
control
plane
to
the
data
plane,
which
is
the
management
plane.
Instead
of
someone
having
the
CLI
on
to
4,000
devices
to
add
an
NTP
server,
we've
centralized
that
management
plane
through
the
ansible
box.
That
will
then
go
out
and
talk
to
all
those
central
devices.
B
Now
there's
certainly
there's
appliances,
you
can
buy
the
vendor
solution.
You
know
pizza
box
that
goes
into
your
data
center
I
found
they
will
do
65%,
maybe
75%
of
what
you
want
it
to
do.
If
you
think
about
software-defined
access
or
software-defined
LAN
or
let's
say
something
like
prime
infrastructure.
Excuse
me,
you
can
you
can
do
you
know
60
or
70%
of
what
you
do
I
find
that's
the
advantage
in
bringing
it
in-house
and
writing
your
own
code.
B
A
A
So
it's
interesting.
You
say
that
there's
there's
all
these
systems,
you
know
software-defined.
Networking
is
a
lot
of
times.
It's
very.
It
revolves
around
very
networking
things
and
network
systems
rayne,
but
when
you're
using
a
lot
of
times,
there's
still
a
last
mile
with
all
the
other
things
you
have
to
touch
in
your
environment,
like
helpdesk,
you
know
like
ticketing
systems
or
rail.
B
A
B
I
I
I
know
I've
had
some
limited
success
with
using,
let's
say,
prime
infrastructure
to
go
ahead
and
push
a
bunch
of
commands
through
the
CLI.
It's
it's
a
GUI
based
thing,
it's
kind
of
clunky
it
it.
It
works
for
very
simple
simplistic
changes,
but
not
if
I
want
to
orchestrate
something
like
I,
wouldn't
be
able
to
tell
a
central
controller
okay
go
on
well,
maybe
at
least
the
controllers
that
I
use,
I
can't
say
cake.
You
know,
go
to
the
remote
router
interface.
B
One
and
set
OSPF
point
to
point
now:
go
to
the
corresponding
uplink
on
the
core
and
put
the
same
command
in
it's
kind
of
hard
to
orchestrate
between
multiple
devices
or
service
chaining.
Let's
call
it
if
sure,
if
I
want
to
go
to
one
device
and
add
20
lines,
config
that's
easy,
but
what
if
they
need
to
go
in
a
certain
order
across
multiple
devices,
which
is
you
know
when
we're
adding
a
VLAN
I,
have
to
add
it
to
the
trunk?
B
B
So
what
an
application
developer
comes
along
and
said,
I
need
x,
y&z
I
need
some
Network
I
need
some
load.
Balancing
I
need
some
storage.
We
can
write
these
holistic
play
books
that
orchestrate
the
whole
service
chain,
and
then
we
can
present
that
to
the
app
to
say
your
apps
ready
to
go.
It's
been
automatically
configured
it's
in
our
source
of
truth.
B
Without
having
to
put
in
6
tickets,
ok,
here's
my
ticket
for
my
storage
team,
here's
my
ticket
for
my
load
balance
routine,
here's
my
ticket
for
my
core
network
team
and,
hopefully,
all
three
of
them
collaborate
and
orchestrate
this
change
together.
You
you
take
control
of
that
and
can
centralize
all
of
it
through
your
playbooks.
So
I,
that's.
C
Actually,
one
of
my
biggest
things
about
ansible,
because
I
do
have
a
programming
background,
so
I'm
very,
not
shy
to
go
deeper
into
Python
or
even
go
or
any
other
language.
So,
for
me,
like
a
lot
of
times,
the
the
concept
of
people
ask
me
like
what
what
should
I?
What
tools
should
I
use
and
the
answer
is
always
it
depends
because
you
have
to
figure
out
your
own
requirements
right
right.
C
One
thing
that
I
think
that
does
set
ansible
apart,
because
there
there
are
some
things
that
I
don't
want
to
do
an
instable
like
really
advanced
data
manipulation
I
would
just
want
to
go
to
Python
for
that.
Yeah
I
would
agree
with
that,
but
let
the
advantage
I
think
that
you
pointed
out
is
very
key
right
with,
with
with
some
not
just
dance.
So
ansible
is
a
good
example,
but
this
is
true
in
a
lot
of
places.
C
You
know
folks
will
sort
of
gravitate
towards
reinventing
the
wheel,
but
ansible
has
a
tremendous
amount
of
pre
of
integrations.
Already
built-in
I
had
the
same
experience.
When
I
worked
on
the
the
stack
StormTeam
right,
you
know
folks
would
say
they
would
always
say
something
like
well.
I
could
I
couldn't
you
know
I
just
build
this
in
X
I'm
like
you
could,
but
why
like?
Why
would
you
rather
all
of
this
software
is
already
out
there?
C
B
It's
it's
been
quite
the
journey,
I
think
I
I
had
to
kind
of
think
a
little
bit
bigger
than
just
my
aunt's
will
play
books.
We
were
talking
about
this
before
the
stream
started
and
yeah
I
can
take
two
sticks
and
rub
them
together
and
eventually
get
a
flint.
B
You
know
get
a
flame
going,
but
once
I
found
the
Zippo
lighter
once
I
had
better
tooling
and
instrumentation
like
when
I
moved,
when
I
actually
found
a
true
code,
editor
like
when
I
moved
to
vs
code
from
using
notepad
or
text
pad
or
notepad,
plus,
plus
or
whatever
yeah.
That
was.
That
was
a
huge
like
a
huge
discovery
for
me
and
then
I
had
all
of
their
extensible
plugins.
B
So
I
could
have
a
ya
mole
extension
and
a
Python
extension,
and
it's
checking
my
syntax
and
it's
helping
me
write
this
code
versus
trying
to
blindly
do
it
trial
and
error,
or
via
notepad
or
text
pad
+
+,
so
that
that
was
you
know.
One
giant
leap
forward
was
finding
vs
code
and
then
the
next
thing
I
had
a
senior
executive
said.
Yeah
sounds
like
you're
doing
some
real
cool
stuff
with
this
automation
and
he
was
calling
it
scripting.
I
didn't
correct
him
because
it's
you
know
whatever,
but
can
you
get
those
scripts?
B
You
know
into
our
central
source
control
in
version
control.
We
have
a
whole
floor
of
developers
that
are
writing
software
and
it's
all
version
control.
It's
all
source
controlled.
Why
don't
you
work
with
some
of
our
developers
and
they'll
cut
you
a
repo,
and
you
can
start
stashing
your
stuff
in
the
repository.
So
then,
once
I
had
a
git
repo
with
you
know,
with
a
GUI
front-end
and
TFS
and
I
was
using
vs
code
editor
to
write
my
code.
B
Now
there
was
some
learning
curve
there
and
I'm
still
I,
wouldn't
say:
I'm
a
get
expert,
oh
get
calm.
If
you're
getting
into
get-go,
oh
get
calm,
it's
a
great
great
site,
there's
also
a
learn:
get
branching
j/s
org.
You
know
I'm
not
related
or
affiliated
with
any
of
these
sites.
I'm
just
throwing
him
out
there,
but
once
I
got
the
hang
of
get,
then
it
was
really
powerful.
Now,
I
of
source
control,
history
of
my
changes,
I
have
branching
strategy.
B
Where
I
have
you
know,
so
this
is
all
kind
of
recommendations
or
tips
that
I
would
make
or
kind
of
why
I
wrote
the
book.
You
have
a
master
branch
and
get-and.
That
represents
your
network,
your
intent,
your
source
of
truth.
However,
you
want
to
look
at
it
perfect
and
holy
now.
I
need
a
change.
I
have
a
bug,
fix
request
or
an
enhancement
request
or
I
need
to
add
something.
B
I'm
gonna
make
a
branch
call
that
branch
you
know,
bug
fix,
bug
fix
whatever
work
in
that
branch
test
out
my
playbooks
in
the
branch
once
it's
all
confirmed
and
good
I
merged
that
back
into
master
everyone
around
me,
I'm,
like
my
distributed
team,
can
look
at
my
get
my
pull
requests
and
my
my
git
commit
history
and
figure
it
exactly
what
I
was
doing
with
that
code.
So
now
we're
really
working
like
software
developers,
it
happens
to
be
you
know.
A
Cisco
is:
are
that
I'm
pushing
code,
but
we've
abstracted
all
of
that?
B
It's
all
templates
and
data
models,
and
what
there's
you
know?
Some
big
wins
come
along
with
this
when
I'm
writing
these
play
books,
kind
of
that
point
of
capturing
pre
and
post
change,
we're
also
doing
self
documentation,
so
I'm
generating
markdown
files,
Excel
spreadsheets
PDFs,
whatever
you
want
automatically.
So
when
I
push
my
might
when
I
run
my
playbook,
it's
actually
updating
my
documentation
at
the
same
time
and
all
that
documentation
is
stored
in
git.
B
So
it's
all
version
controlled
in
history
and
it's
it's
been
a
huge
like
just
a
completely
revolutionary
way
of
operating
a
network
where
we're
finding
you
know
my
tools
are
I'm
no
longer
in
putty
I'm,
no
longer
in
Cisco,
prime
I'm
in
vs
code
writing
data
models
or
ginger
templates
or
I'm
in
TFS.
Looking
at
pull
requests
I
also
have
some
more
visibility.
B
Now
that
I'm,
using
a
central
tool
like
that,
where
some
of
my
juniors
I
can
empower
them
to
go,
write
your
own
code
and
when
you
do
a
pull
request
that
will
come
to
me
for
review
and
I
can
do
some
QA
on
the
code,
looks
good
release
the
pull
request
and
it
gets
pulled
into
the
master
branch.
So
I
have.
You
know,
there's
up
to
six
or
seven
people
all
working
on
this
code
at
the
same
time,
and
we
don't
have
conflicts,
I
don't
have
files
called.
D
B
That's
exactly
it
it's!
You
know
when
you
look
at
it
when
I
CLI
in
and
do
a
show
run
what
like?
What
is
that?
That's
that's
code
of
a
kind
right,
but
you
know
we've
configured
them
configurations
or
whatever,
but
it's
really
just
code
and
so
and
what
I?
What
I
really
like?
B
And
you
know
this
might
seem
counterintuitive,
but
if
you
can
have
a
lab
or
let's
say
I,
have
one
distribution
switch
in
a
building
and
I
know
that
that's
the
way
I
want
everything,
but
that's
how
I
want
the
end
state
of
all
of
my
devices.
The
triple-a
is
right.
The
radius
is
right.
The
time
server
is
right.
They
have
the
right.
Dhcp
helpers
on
SPI
is
whatever
the
configuration
is
you
want
you
can
take
that
show,
run
and
work
backwards
from
there.
You
don't
need
to
reinvent
the
wheel
right,
so
I,
look
at
it.
B
Config
and
I,
say:
ok,
host,
name,
John
switch
well.
John
switch
is
a
great
thing
to
make
a
variable.
Every
switch
on
my
whole
network
is
gonna,
have
a
line
that
says
host
name,
something
that's
the
perfect
thing
to
abstract.
Let's
take
that
and
put
it
in
a
data
model,
so
let's
say
I
have
10
switches.
I
have
10
files
each
with
the
host
name.
That's
the
data
model
for
that
file,
my
intent,
my
source
of
truth.
This
is
you
know:
I
want
to
switch
ones
host
name
to
be
switch
one.
B
So,
in
my
data
model,
I
have
a
variable
called
host
name
and
I
put
in
the
host
name
in
my
gin.
Template
I
just
call
that
variable
so
now,
I've
just
scaled
ten
sure
ten
isn't
very
impressive.
What
if
you
have
four
thousand
switches
and
you
want
all
their
host
names
to
follow
a
convention?
It's
just
a
variable
you're,
just
calling
a
variable.
It's
a
simple
for
loop
or
an
if
statement
you
know,
you're
not
gonna,
be
writing
a
raise
and
ansible
or
doing
crazy
stuff,
it's
basic
if-then-else
logic
or
four
and
for
logic.
B
If
you
can
handle
those
two
things
you
can,
you
know
you
should
dive
into
network
automation,
the
other
tip
I
would
give
and
I
you
know.
I
didn't
follow
this
advice
myself,
but
I
sort
of
jumped
right
in
the
fire,
making
production
changes
with
this
and
and
tried
to
learn
backwards
from
there.
If
I
were
to
do
it
all
over
again,
I
would
write
some
simple
play
books
to
do:
network
reconnaissance,
Network,
Discovery,
Network
documentation,
write
a
playbook
that
you
can't
you
can't
wreck
anything.
We
understand
the
blast.
B
Radius
is
huge
and
you
don't
want
to
take
down
networks
and
explain
to
management
while
I
was
trying
to
learn
ansible,
that's
not
gonna
fly
right
so
take
something
like
show.
Vlans
show
VXR
show
IPS
OSPF
neighbors
whatever
it
is.
You
want
make
a
playbook
to
output
those
to
a
file
and
run
that
playbook
across
your
campus.
If
you
run
that
playbook
every
week
now
you
have
a
weekly
inventory
of
all
your
MAC
addresses
on
your
network
or
all
your
routing
tables
or
whatever.
B
It
is
not
to
get
too
deep
into
the
ansible
world,
but
you're
gonna
hear
along
with
these
terms,
get
in
Python
and
source
control
and
version
control
and
CI
CD
item
potency.
It's
it's!
It's
a
really
fancy
long
word
that
you're
gonna
love
saying
in
meetings,
but
but
that
to
me
is
one
of
the
real
advantages.
B
Danceable
is
that
it's
item,
potent
meaning
I
could
have
an
intended
config
of
say
a
hundred
lines
and
if
my
running
config
is
a
hundred
lines
and
they
all
match,
it
won't
push
any
changes
and
it
won't
report
any
changes.
If
I
add
line
201
to
my
intent
and
run
it
in
check
mode,
meaning
I
can
run
it
and
not
execute.
It.
Just
show
me
what
the
playbook
would
actually
change.
B
It'll
show
me
the
one
line:
Delta
and
that's
what
it
will
push,
but
if
it's
item
potent
meaning
it
matches
my
in
tent
every
time,
I
run
this
PlayBook.
If
it
comes
back
green,
saying
I'm
not
making
any
changes,
then
I
know
that
my
running
config
on
the
network
matches
my
intended
config
in
my
source
of
truth,
and
then
you
know
once
you
reach
that
point
across
your
full
network,
then
you
can
start
looking
at
things
like
continuous
integration,
continuous
delivery,
automated
testing
and-
and
you
know,
there's
other
virtual
environments.
C
My
question
is:
has
your
has
your
as
you
pick
up
these
skills
and
as
as
your
team
starts,
to
use
these
tools
and
become
more
acquainted
with
with
developer
terminology
and
tooling
and
process?
Has
that
changed
the
relationship
that
you've
had
with
internal
applications?
Folks,
and
if
so,
in
what
way
yeah.
B
That's
a
great
question:
it
is
certainly
brought
let's
say
a
few
of
the
key
senior
people.
A
lot
closer
together,
I'm
a
lot
closer
now
with
my
counterparts
in
application,
partly
because
I
had
to
go
to
them.
With
my
hat
in
hand
and
saying
someone
sent
me
your
way
to
get
a
TFS
repository,
I,
don't
know
what
it
is
or
what
I'm
doing
with
it.
But
could
you
help
me
get
one
and
then
from
there
it
was
okay,
I,
don't
really
know
what
get
even
is.
Could
you
point
me
in
the
right
direction?
B
So
I've
learned
a
lot
from
the
application
side
of
the
house
and
I
think
through
their
own
curiosity.
They
were
curious
as
to
what
would
show
me
what
you're
doing
with
the
network
right.
So
I
showed
a
few
of
them,
some
of
this
stuff
and
they're
they're
gotten
bored.
They
think
this
is
great
and
I
I,
don't
know
if
it's
a
chicken
and
an
egg
or
they're
playing
a
bit
of
a
game
of
chicken,
but
they
are
like
yeah
push
for
continuous
integration.
B
Push
for
automated
changes
on
the
network,
I
think
because
if,
if
the
organization
says
well,
the
network
team
is
doing
it,
why
can't
us
application
guys?
Do
it
right
and
so
I
think
they're
looking
for
us
to
be
a
bit
of
a
canary
in
the
coalmine
to
look
at
see,
ICD
and
truly
having
you
know
a
job
actually
configures
the
whole
network
every
night
at
midnight,
wow
that
that's
pretty
intense?
How
would
we
do
that
on
applications
right,
so
we're
learning
quite
a
bit
from
each
other.
B
Now,
I
think
I've
had
this
philosophical
debate
with
a
few
people:
I,
don't
I,
don't
know
if,
like
I,
think
if
you
were
getting
into
this
and
you
had
an
application
developer,
you
know
they
don't
need
to
know
the
OSI
stack.
They
don't
really
even
need
to
know
cedar
or
IP
routing
or
anything
to
do
with
it
right.
You
could
send
them
a
running,
config
and
say:
look
here's!
What
I
want
to
do.
I
want
to
turn
this
into
templates
and
data
models.
Could
you
help
me
with
that
code?
B
They
I'm
sure
they
could
pick
it
up
and
help
you
versus
you
know
a
peer
networking
type
person
who's.
You
know,
maybe
CCNA
or
network
plus
certified,
doesn't
know
the
first
thing
about
development
or
a
for
loop.
It
might
take
them
longer
to
ramp
up.
Then
it
would
take
to
ramp
up
a
developer
to
the
very
basics
they
would
need
to
understand
about
a
network.
B
So
I
don't
know,
I,
don't
know
that,
maybe
five
years,
seven
years
from
now,
is
there
really
going
to
be
a
position
called?
You
know,
network
analyst?
Well,
maybe
they're,
just
software
developers,
maybe
your
pool
of
software
developers
now
includes
four
or
five
people
that
have
an
architecture
lean
towards
architecture,
infrastructure,
I,
don't
know,
maybe
this
network
as
an
isolated
silo,
might
dissolve
over
the
next
few
years,
as
this
stuff
starts
to
mature
right
and
now
everyone's
just
a
developer.
A
You
said
something
earlier:
maybe
I
missed
this
when,
when
I'm
like
I'm
on
my
headset
was
out,
but
you
you
said
you
have
these
yamo
files
and
you
have
these
play
books
and
before
the
call
you
said,
you've
even
written
a
handful
of
I'm,
not
not
huge,
but
just
a
handful
of
Python
plugins
transyl
yeah,.
B
So
if
we,
if
we
take
a
step
back
so
the
kind
of
framework,
so
maybe
I
should
have
started
with
some
of
this
a
bit
ansible
and
again
I,
you
know
I,
don't
work
for
ansible
or
red
hat
or
anything
I'm,
just
a
consumer
of
their
products.
It's
it's
agentless!
So
as
long
as,
if
you
can
SSH
from
a
Linux
box,
that's
running
ansible
onto
a
switch
or
a
router.
That's
really
all
you
need!
B
Now
there's
filter
plugins
that
you
can
write
your
own
Python
I've,
written
some
to
strip
white
spaces
or
to
do
a
natural
sort
on
interfaces,
so
they
sort
1
through
10,
11
through
19,
etc.
You
can
write
if
you're
handy
with
Python.
You
can
write
your
own
plugins
to
kind
of
override
or
enhance
the
basic
ansible
framework
now
in
terms
of
yamo
and
we're
yeah
muls
going
to
come
in,
there's
there's
a
couple
of
high
level
folders
announce
table.
So
there's
one
called
group,
VARs
or
group
variables
and
one
called
host
VARs
or
host
variables.
B
Now
your
group
bars
are
going
to
be
variables
that
apply
to
multiple
devices,
so,
inter
mine
laid
out,
I
hit
follow
a
standard
core
distribution,
access
type
campus,
so
I
have
a
group
variable
called
distribution,
and
it's
all
the
variables
that
are
specific
to
my
distribution
layer.
I
have
an
even
higher
level
group
variable
called
enterprise,
so
in
my
enterprise
group
variable
it's
things
that
apply
to
all
downstream
devices.
So.
B
Banner
of
the
day,
NTP
servers,
IP,
helpers,
radius
servers.
Anything
that's
going
to
be
exactly
the
same
on
every
device
through
your
campus,
you're,
gonna
stuff
them
all
in
a
group
variable
now.
The
host
variable
is
actually
things
that
apply
only
to
a
single
host.
So
that's
going
to
be
things
like
host
name.
The
management
IP
address
the
VLANs
that
are
presented
on
that
switch
other
things
that
are
very
specific.
Just
to
that
host
now
I
consider
those
yeah
mole
data
models,
our
intent
or
our
source
of
truth,
or
it
abstracts
it.
B
So
they
should
be
human
readable.
It
shouldn't
be
a
bunch
of
networking
terminology
or
verbage.
It
should
be
very
human,
readable
in
the
animal
format
so
that
I
can
handle
to
an
operator
or
even
a
non-technical
person.
To
say
this
is
here's
my
core
and
here's.
You
know
all
the
variables
that
I
want
to
the
important
information
so
I'm
going
to
abstract
it
from
the
actual
configure
a
lines
of
configuration.
So
then,
once
I
have
my
data
models
and
I
model,
my
data,
then
we
have
Jinja
two
templates
and
Jinja.
B
Two
templates
are
going
to
reference.
The
group
and
host
variables
to
complete
their
template
so
again
I'm
going
to
have
host
name
and
then
a
variable
you
know,
host
name
is
my
variable.
It
loops
through
I,
don't
know
a
thousand
two
thousand
ten.
However
many
devices
are
in
my
inventory
file
and
it
creates
my
intended
config
and
will
push
those
intended
configs
to
my
devices,
because
it's
all
and
get
it's
all
version
controlled.
So
I
could
look
at
my
intent
or
my
data
model
for
any
of
my
devices
through
any
any
point
in
time.
B
Once
you
have
that,
then
those
same
Jinja
templates,
you
can
have
them
output
to
say
a
markdown
file.
So
now,
not
only
am
I
documenting
my
intent,
I
can
actually
put
it
in
markdown
and
manipulate
it
to
be
in
tables
or
a
CSV
file
or,
however
output
you
want.
So
you
can
actually
look
at
your
intent
in
a
human,
readable
format.
B
So
that's
been
the
biggest
uhm
now.
If,
if
you
want
to
start
ansible
day,
one
I
would
suggest
that
probably
a
day,
five
or
six
thing
and
ansible
start
with
tactical
playbooks,
using
the
iOS
command
or
juniper
OS
command
to
add
a
VLAN
or
to
show
some
output
start
with
little
tactical
changes,
and
then
you
can
build
up
towards
what
I
call
full
configuration
management,
a
data
model
and
a
template,
and
the
two
combine
to
give
me
my
my
intended
config.
A
Yeah
it
almost
sound
you
had
your
cell
phone
I
mean
you
were
explaining
how
you
got
to
where
you
were.
It
was
a
progression
right.
You
started,
you
just
had
collections
of
files
on
a
hard
drive
somewhere
trying
to
manage
that,
and
you
sort
of
you
know,
graduated
each
like
each
time
solve
using
developer
tools.
Yes,
and
what
is
effectively
a
developer
problem
yeah.
A
B
True
network
and
we're
trying
to
see
what
else
can
we
automate
now
so
we
haven't
got
to
let's
say
our
firewalls,
but
certain
firewalls
that
we
use
have
ansible
modules.
Our
f5,
several
modules
are
NetApp.
Storage
has
ansible
modules.
So
I
think
this
is
going
to
continue
to
snowball
to
you
know
to
as
far
as
we
can
take
it.
B
If,
if
there's
an
ansible
plug-in
or
a
module
that
I
can
use,
we
should
really
try
to
leverage
that
and
its
really
because
of
the
it's
almost
because
of
the
guid
information,
because
I
have
this
rich,
get
source
of
truth
and
self,
documenting
and
and
totally
version
controlled,
I,
don't
know,
but
you
I'm
not
in
this
environment,
but
in
a
previous
environment.
My
senior
network
engineer,
you
know
every
time.
B
Let
me
update
something,
make
a
little
notepad
file
in
a
folder
that
lists
what
you
changed
and
that's
kind
of
how
we
tracked
what
was
going
on
on
the
network.
Other
places
use
ticketing
systems,
but
if
you're
like
me,
sometimes
you
get
into
that
rat's
nest
of
a
ticketing
system
just
trying
to
find
what
changed
when
and
who
approved
it.
And
what
the
code
was,
it
can
be
challenging
and
in
a
large
enterprise
environment
to
just
simple
tracking
of
what
change
went
in
went.
You
know
like
every
time,
there's
an
incident
to
me.
B
I
almost
default
to
what
changed.
You
know
everything
worked
yesterday.
It's
not
working
today.
What
has
changed,
having
everything
in
git
or
you
know
in
a
TFS
repository,
that's
just
a
get
front
end.
It
takes
all
of
this
complexity
of
finding
out
what
changed
and
on
what
devices
it
becomes
very
easy.
It's
just
a
graphical
point
and
click,
and
you
can
see
what
changed.
How.
B
A
good
point,
reverting
back
is
I,
try
to
capture
the
full
running
config
as
part
of
my
pre
changes.
Let's
have
the
full
config
and
then
in
my
post
change.
If
I
don't
get
to
the
post
change
output,
you
know
it's
a
fancy
way
of
saying
it's
a
manual
reversion
at
this
point.
I
haven't
got
it
to
the
point
where
it
will
detect.
Something
has
gone
wrong
and
self
rollback
I
have
not
got
there.
B
Yet
we
have
played
with
the
config
replaced
option
on
our
4500
s,
so
certain
Cisco
platforms,
you
can
present
a
target
and
state
config
and
do
a
config
replace,
which
is
more
of
a
stateful
change.
When
I
do
the
stateful
config
replace,
then
I
can
mathematically
roll
back
to
the
previous
state,
but
changes
that
we're
just
doing
through
CLI.
C
C
Single
talk,
I
ever
give
even
a
10.
That's
the
number
in
question,
so
Anthony
go
ahead
and
provide
an
answer.
If
you,
if
you
will
to
that,
you
know
if
somebody's
looking
at
this
and
is
still
skeptical
they're
like
oh,
my
god,
this
is
all
just
developer.
Nonsense!
Well,
yeah,
would
you
tell
them
to
say,
look,
no
look!
Here's
the
first
step!
You.
B
Can
take
so
I
I
know
for
me
and
it
depends
on
your
shop.
My
shop
is,
is
not
what
I
don't
want
to
say:
Linux
adverse,
but
we're
a
window
shop,
it's
very
hard
for
me
to
find
a
production,
Linux
box
that
can
talk
to
my
in
band
management
or
my
out-of-band
management
and
I.
You
know
I,
don't
want
to
take
too
long
to
answer
so
I
know
people
want
to
hear
this,
but
Windows
10.
B
So
if
you're
running
Windows
10
and
you
have-
and
you
can
putty
that
same
machine
into
a
switch
install,
the
windows
subsystem
for
linux
wsl
turn
that
on
go
ahead
and
get
a
boon
from
the
Microsoft
Store
and
install
that.
And
then
from
that
a
boon
to
box,
you
should
be
able
to
install
ansible,
and
then
you
can
run
playbooks
from
your
local
Windows
10
machine
through
a
boon
without
needing
CentOS
box
or
Red
Hat,
a
rail
box.
You
can
do
it
through
Windows
10
through
a
boon
and
that
should
get
you
started.
B
I
would
write
a
simple
play
to
do.
Let's
say:
show
interface
status,
use
the
iOS
command
module
to
write
yourself.
A
simple
playbook
to
do
show
interface,
status
and
they'll,
put
that
to
a
text
file.
Take
that
as
homework
and
try
to
figure
out.
If
you
can
do
that,
if
you
can
do
that,
then
it's
any
command.
You
want
right.
If
you,
if
you
want,
show
IP
route,
it's
just
a
matter
of
changing
the
one
line:
you're
feeding
ansible,
once
you're
comfortable
with
iOS
commands
or
Juno
Jeju
knows
commands
graduate
to
the
configuration
module.
B
Okay,
let
me
try
to
add
something
to
this
device
or
modify
a
configuration
item
and
then
just
keep
building
on
your
successes.
I
would
recommend
that
you
really
spend
a
lot
of
time
on
Doc's,
danceable
comm
and
look
at
the
networking
modules.
It's
very
easy
to
understand,
and
it's
very
well
laid
out
and
and
don't
be
shy,
don't
be
afraid,
don't
don't
you
know
we
take
risks.
Try
to
because
this
is
going
to
change
your
life.
B
You
are
going
to
get
hours
and
hours
tens
of
hours
back
in
return,
it's
a
very,
very
little
small
investment
in
yourself.
That's
going
to
pay
huge
dividends
in
accuracy,
agility,
speed
compliance
if
I
cannot
stress
this
enough.
This
is
like
jumping,
you
know.
What's
changed
on
the
CLI
over
the
last
30
years
we
went
from
telnet
to
SSH,
that's
probably
the
only
innovation
on
the
CLI
in
35
years
right.
This
is
the
new
innovation
at
the
CLI.
A
I,
like
it
that's
a
good
pitch
yeah,
it
is
people
it's
great
to
have.
You
know
people
on
the
show
that
are
actually
doing
this
in
production
and
I'm,
not
pontificating
about
it.
So
that's
I
mean
it's
a
great.
Your
whole
story
is
awesome
and
I'm
very
happy
that
we
were
able
to
get
you
on
the
show
to
talk
about
it.
Yeah.
B
I
appreciate
your
time
and
thanks
for
having
me
and
I,
really
encourage
you
to
go
to
go
out
and
look
at
this
stuff
because
it's
you
know
if
you
wait
too
long,
you're
going
to
be
at
risk
that
this
is
the
next
generation
of
network
infrastructure
management
is,
is
network,
automation
and
if
you
don't
start
rowing
in
that
boat,
you're,
gonna
sink
I
really
believe
that.
So
why
don't.
B
So
if,
if
you
look
up
automate
your
network
on
Amazon,
its
self-published
I,
published
it
in
March,
it's
my
poor
wife
was
my
editor
for
about
six
months,
so
she's,
probably
the
next
biggest
expert
in
network
automation,
would
be
my
wife,
even
though
she
she
doesn't
work
in
IIT
at
all
that
she
was
my
editor.
There's
an
e-book
and
a
paperback
copy
and
yeah
I
tried
to
make
it
cheap.
It
was
a
just
a
pet
project.
B
I
wanted
to
try
to
help
people
learn
how
to
automate
their
networks,
and
you
know:
I
go
to
big
conventions.
I
meet
quite
a
few
people
in
the
field
and
far
too
many
people
ask
me
what's
ansible
and
and
I'm
sure,
I
can't
believe
you're,
not
even
using
it.
You
don't
even
know
what
it
is
yet.
So
you
know,
invest
some
time
check
out
my
book.
I
would
love
it
if
you
bought
a
copy.
That
would
be
great
all.
A
A
Alright,
alright
thanks
very
much
team
sure
sure.
So
by
the
way
everyone
you
can
follow,
John
on
Twitter,
it's
add
his
name
at
John,
underscore
cap,
you
Banco,
we
will
put
a
link
to
his
Twitter
handle
and
his
book
in
the
in
the
description
on
our
YouTube
site.
Please
follow
us
on
Twitter
at
NRI
labs.
You
can
also
check
out
our
tutorials
on
our
site,
labs
down
network
reliability
about
engineering
I'm,
Claude
tow.