This video shows how to deploy near-production grade HashiCorp Vault Cluster using Terraform, using Robert Debock’s Terraform repository listed below. In the next video, we’ll take it a step further, and setup three clusters, and set them up using Performance Replication and DR Replication!

Github Repository:

https://github.com/robertdebock/terraform-aws-vault

Ansible and Terraform are both amazing tools with different use cases, however, some of their use cases can overlap. For example, both Ansible and Terraform can be used to deploy and configure AWS, Azure, GCP, Cisco ACI or hundreds of other platforms. In most environments, especially mutli-cloud or hybrid environments, you could, and may be should use both tools to get best of both worlds. For example, you’d setup the Infrastructure-as-code (IAC) using Terraform, and then also use a Terraform “provisioner” to invoke an Ansible Playbook to do the required configuration.

After recently completing the Terraform certification, I was guided by smart fellow Cloud geeks to learn Vault. One of the fun things I decided to do based on their suggestion was to deploy a Vault Dev server on AWS using Terraform.

My mentor challenged me to create the simplest possible way to deploy a Vault dev server on AWS. A couple of hours later, building on my Terraform and Vault knowledge, here is the working answer I came up with:

https://github.com/main-salman/simpleVaultDevAWSinstance

I am learning Vault using Zeal Vora’s excellent course on Udemy. His Terraform course was AMAZING – and his Vault course is amazing too. Zeal is a truly gifted instructor.

If you are also learning Vault, you may find this interesting 🙂

Obviously this is in no way meant to be used for production workloads – it’s dev instance, it’s not clustered, it’s not secured/hardened, etc. But for learning, this can be a great start – and an alternative to running the Vault dev server on your own machine.

Enjoy!

My Ansible demonstration video was 47 minutes long. In this video, which is 11 minutes long, I demonstrate how you can use Terraform to configure Cisco ACI. That 47 vs 11 min difference sums up the difference in complexity between Ansible and Terraform. Although Ansible offers many more knobs, it’s also significantly more complicated. It’s also hard to hit the ground running with Ansible. Also all the changes in the last couple of years have not helped either in terms of complexity. Terraform on the other hand, relative to Ansible, is SIMPLE. I LOVE TERRAFORM. It’s easy. It’s powerful. It’s flexible. It’s awesome. Watch the video below and see for yourself.

This video shows how you can use Terraform to configure ACI – and implement infrastructure-as-code (IAC). The demo crates a tenant, application profile and three EPGs. The video is meant to demonstrate how easy it is to use Terraform to configure ACI vs other options like Ansible, Python, CLI or GUI.

Repository used (Configuration):

https://github.com/main-salman/terraform-aci

Recommended Terraform Training:

https://udemy.com/course/terraform-beginner-to-advanced/learn/ – This is an awesome course

https://udemy.com/course/terraform-associate-prep-course/learn/ – This is a good supplementary course if you want to also get Terraform certified

So, in the last couple of years (between 2020-2022), Ansible has changed significantly, with the introduction of Collections, and a number of older commands either already deprecated or slated to be deprecated.

Some core Ansible files such as hosts.ini are also to be deprecated and replaced with YAML equivalent instead (i.e. hosts.yml – or whatever else you want to name it). Further, Ansible is also encouraging administrators to use “connection = network_cli” for network automation instead of “connection = local” that the network geeks were using prior to 2020, and a number of other changes.

All of this has resulted in playbooks that look significantly different than before. All of this is a GOOD change – this will make Ansible scale better and ultimately be an even more awesome tool – but it is also a bit of a hassle to update playbooks.

So, how can you get started with Ansible Network Automation in 2022, without having to reference old and outdated playbooks that don’t work with newer versions of Ansible (2.9 and later) anymore? I got a video and a Github repository for you showing step-by-step on how to get started!

The sessions.xml file that my team uses has 1400 entries! Kinda insane. This little script converts SuperPutty sessions.xml file into output that can be copy/pasted into hosts file. I needed a way to quickly copy content from the sessions file into a hosts file so that I can automate some of the configuration using Ansible (DNS is not an option in my environment)

https://github.com/main-salman/SuperPuttySessionsXMLtoHostsConverter

Usage

python SuperPuttySessionsXMLtoHostsConverter.py

The above script assumes that the SuperPutty sessions.xml file is in the same directory as the script. Outputs hosts.txt and also prints output, so you can copy/paste output from either source into your hosts file.

More to come in the next post!

I visited both India and Pakistan in 2007. At that time, I wished Pakistan was more like India – secular, pluralistic, and accepting of minorities. Now I wish for the opposite – because India has taken a complete u-turn, while Pakistan has been slowly progressing.

Since the advances of #BJP #Hindutva government in the last several years, India has taken a u-turn, and minorities are being oppressed, while Pakistan, which has a LONG way to go, has made improvements in the lives of minorities.

In 2007, there was a day and night difference between the two. Pakistan was full of sectarian violence, crime, and full of stories of minorities being oppressed. In India, I visited my friend who belonged to a minority, and I was so happy to see that he could practice his faith safely and openly. Now, I no longer have any desire to even visit India anymore – it’s become like the violent and oppressive Pakistan of the 80s and 90s – and continuing to further go down that road.

I wish Indians would look at Pakistan of the 80s and 90s as a cautionary tale to learn from – but it seems that the #BJP #Hindutva government is hell bent on repeating the same mistakes as Pakistan, and leading itself to more death and destruction at it’s own hands. In India, the #hindutva #bjp fundamentalist are taking it down the same bloody road that Pakistani fundamentalist have already taken Pakistan through in the past.

Do you need to keep track of all the interfaces that your systems connect to? And also have them available in diagram form? You can use the ExcelToNetworkDiagramConverter (E2NDConverter) Python script to create Scalable Vector Graphics (SVG) files which can be imported directly into Visio and further manipulated directly in Visio as required. This method, of converting an Excel to a Network Diagram can save you hours and hours of work by simply defining in Excel what device and ports you want connected, and having them show up in diagram format!

As a bonus, you can also keep track of Serial Numbers, IP addresses, device Location and any other asset information that may be specific to your organization, which is built-in to the diagram and Excel file for easy tracking and documentation.

Following up on my previous post, here is a video which outlines how to use Excel to Network Diagram Converter! Enjoy!