Category: Automation

🚀 How to Install Docker on Ubuntu Server (Step-by-Step Guide)
Docker has become an essential tool for developers, system administrators, and DevOps engineers. It allows you to run applications in lightweight containers, making deployments faster, more consistent, and easier to manage.

In this guide, you’ll learn how to install Docker on an Ubuntu server and get started with your first container.

🧠 What is Docker?

Docker is a containerization platform that enables you to package applications along with their dependencies into portable containers. These containers can run consistently across different environments.

🔧 Step 1: Update Your System

Before installing Docker, update your system packages:
sudo apt update && sudo apt upgrade -y
🔧 Step 2: Install Required Dependencies

Install packages required to use HTTPS repositories:
sudo apt install apt-transport-https ca-certificates curl software-properties-common -y
🔐 Step 3: Add Docker’s Official GPG Key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor
📦 Step 4: Add Docker Repository
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
⚙️ Step 5: Install Docker Engine
sudo apt update sudo apt install docker-ce docker-ce-cli containerd.io -y
✅ Step 6: Verify Docker Installation

Run the following command to test Docker:
sudo docker run hello-world
If Docker is installed correctly, you’ll see a confirmation message.

🔓 Step 7: Run Docker Without sudo (Optional)

To run Docker commands without using sudo, add your user to the Docker group:
sudo usermod -aG docker $USER
Then log out and log back in for the changes to take effect.

🧩 Step 8: Install Docker Compose

Docker Compose allows you to define and manage multi-container applications.
sudo apt install docker-compose -y
🌐 Step 9: Run Your First Container

Example: Run Nginx Web Server
docker run -d -p 8080:80 nginx
Now open your browser and visit:
http://<your-server-ip>:8080
You should see the Nginx welcome page.

🧪 Example: Run a Test Container
docker run hello-world
🔐 Basic Security Tips

This verifies that Docker is working correctly.
- Avoid exposing Docker services directly to the internet without proper security controls
- Keep your system updated regularly
- Use official images from trusted sources
- Limit container privileges when possible
💡 Useful Docker Commands

Command Description
docker ps List running containers
docker ps -a List all containers
docker images List images
docker stop <id> Stop container
docker rm <id> Remove container

🎯 Conclusion

Docker simplifies application deployment by packaging everything into containers. With just a few commands, you can install Docker, run applications, and manage services efficiently.

Whether you’re a developer, system administrator, or learner, Docker is a powerful tool worth mastering.
March 22, 2026
How to install OpenDaylight (ODL) on a Proxmox environment.
🌐 What is OpenDaylight (ODL)?

OpenDaylight (ODL) is a modular, open-source Software-Defined Networking (SDN) controller developed under the Linux Foundation.
It acts as the central brain of a software-defined network.

Think of ODL as a network operating system that controls switches/routers from one place using programmable APIs.

🧠 What ODL Does

ODL sits centrally and communicates with network devices through southbound protocols like:
- NETCONF
- OpenFlow
- BGP-LS
- PCEP
- RESTCONF
- gNMI
Using these, ODL can:
- Read device configuration
- Push new configuration
- Collect topology information
- Automate network behavior
- Build SDN applications on top
⭐ Why ODL Is Popular
- 100% open source
- Supports multi-vendor hardware (Cisco, Juniper, Arista, Nokia, etc.)
- Deep support for NETCONF/YANG (used in modern Cisco IOS-XE)
- Full automation capabilities (northbound REST APIs)
- Strong community and carrier-grade framework
Used by:
- Cisco (old Cisco OSC was based on ODL)
- Red Hat
- Brocade
- Ericsson
- AT&T
🏗️ ODL Architecture (Simple Explanation)
- Applications
  Custom or prebuilt apps that run on top of ODL (traffic engineering, path computation, network monitoring).
- Northbound APIs
  RESTCONF/REST APIs used by automation tools (Python, Ansible, SDN apps).
- Controller Platform (MD-SAL)
  The Model-Driven Service Abstraction Layer.
  This is the “brain” that stores models, state, topology, and configuration.
- Southbound Plugins
  Protocols used to talk to network devices:
  - OpenFlow
  - NETCONF
  - OVSDB
  - BGP-LS
  - PCEP
🔧 What You Can Do With ODL

✔ Build full SDN topologies

Example: OpenFlow-based switching labs.

✔ Automate Cisco devices using NETCONF/YANG

ODL can act like an automation engine:
- Push configs
- Track device state
- Collect data models
✔ Visualize network topology

ODL automatically discovers and displays network nodes and links.

✔ Traffic engineering (TE) and segment routing

Using BGP-LS and PCEP.

✔ Build your own SDN applications

Example:
- Auto-VLAN provisioning
- Auto-QoS
- Path optimization
- ACL automation
Here is the simplest and cleanest way to install OpenDaylight (ODL) on a Proxmox environment.
You can install ODL inside a VM (Ubuntu/Debian is recommended).
I’ll give you step-by-step commands, VM configuration, and post-installation access steps.

✅ 1. Create a VM on Proxmox

Use the following recommended specs:

Recommended VM Specs
- OS: Ubuntu Server 20.04 / 22.04 (ODL works best on 20.04)
- CPU: 2 vCPUs
- RAM: 4–6 GB
- Disk: 20–30 GB
- Network: 1 Ethernet interface (bridged or VLAN)
OpenDaylight is Java-heavy, so do not assign < 4 GB RAM.

🔧 2. Update the OS

SSH into the VM / Console:
```
sudo apt update && sudo apt upgrade -y
```
⚙️ 3. Install Java (ODL requires Java 11)
```
sudo apt install openjdk-11-jdk -y
```
Check version:
```
java -version
```
📦 4. Download OpenDaylight

Download the latest stable version (Phosphorus, Sodium, or Aluminium—any works).
```
cd /opt
sudo wget https://nexus.opendaylight.org/content/groups/public/org/opendaylight/integration/distribution-karaf/0.14.4/distribution-karaf-0.14.4.tar.gz
```
(Replace version if newer available.)

📁 5. Extract the ODL package
```
sudo tar -xvzf distribution-karaf-*.tar.gz
sudo mv distribution-karaf-* opendaylight
cd opendaylight
```
▶️ 6. Start OpenDaylight

Run ODL:
```
sudo ./bin/karaf
```
This launches the Karaf console (ODL CLI).

🧩 7. Install required ODL features

Inside the Karaf console, install main modules:

For OpenFlow:
```
feature:install odl-restconf odl-l2switch-switch odl-openflow-plugin-all
```
For NETCONF/YANG:
```
feature:install odl-restconf odl-netconf-all odl-mdsal-all
```
For BGP-LS / PCEP:
```
feature:install odl-bgpcep-bgp odl-bgpcep-pcep
```
🌐 8. Access Web UI (DLUX)

Enable DLUX:
```
feature:install odl-dlux-all
```
Open your browser:
```
http://<VM-IP>:8181/index.html#/login
```
Default credentials:
```
username: admin
password: admin
```
🔄 9. Run ODL as a service (recommended)

Exit Karaf (Ctrl + D)

Create a systemd service:
```
sudo nano /etc/systemd/system/opendaylight.service
```
Paste:
```
[Unit]
Description=OpenDaylight SDN Controller
After=network.target

[Service]
User=root
ExecStart=/opt/opendaylight/bin/karaf
Restart=on-abort

[Install]
WantedBy=multi-user.target
```
Enable + start:
```
sudo systemctl daemon-reload
sudo systemctl enable opendaylight
sudo systemctl start opendaylight
sudo systemctl status opendaylight
```
🎉 ODL is now running on Proxmox!

📌 Bonus: Integrate ODL with Cisco Devices

If using NETCONF:
```
feature:install odl-restconf odl-netconf-all
```
Then add your Cisco device:
```
PUT http://<ODL-IP>:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/<device-name>
```
If using OpenFlow, make sure the switch points to ODL:
```
openflow controller x.x.x.x port 6633 vrf <name>
```
November 26, 2025
The Silent Cost: Underutilization of Assets and Tools in Organizations
In today’s cloud-first world, organizations spend millions on security, compliance, and infrastructure tools — yet most use less than 50% of their potential.
This underutilization isn’t just wasted investment — it’s a missed opportunity to optimize, automate, and secure the digital ecosystem.

🚨 The Reality of Tool Sprawl
From CSPM, SPM, and Infrastructure Security to BUA , tech stacks are growing faster than adoption.

Many enterprises:
- Keep buying new tools instead of optimizing existing ones,
- Overlook built-in features in Microsoft, AWS, or Azure,
- Ignore capable open-source alternatives, and
- Struggle with low tool adoption in operations due to lack of integration or enablement.
The result? Expensive tools delivering minimal outcomes.

🔍 Hidden Potential Across Key Areas
- CSPM: Used mainly for visibility, while automation, remediation, and multi-cloud correlation stay idle.
- SPM: Focused on dashboards, rarely integrated with ITSM or DevOps to catch compliance drifts early.
- Infrastructure Security: Tools like Tufin, Skybox, or Lacework offer strong analytics but are seldom linked to CI/CD or workflow automation.
🧩 The Open-Source Gap
Many organizations purchase costly solutions when powerful open-source options like Terrascan,Trivy, Terrascan, Falco, OSQuery, Rsyslog,Prometheus, or OpenVAS already exist.
These tools offer:
- Deep configurability,
- Smooth CI/CD integration, and
- Strong community support.
Yet, they’re often ignored or only partially adopted — leaving huge value untapped.

💡 Shifting the Mindset

Instead of expanding toolsets, focus on maximizing existing capabilities:
- Conduct Tool Utilization Audits.
- Evaluate open-source before buying new tools.
- Train teams to use advanced features.
- Automate posture insights within DevSecOps pipelines.
The goal isn’t to have more tools — it’s to make existing ones work smarter together.

⚙️ The Way Forward
Before investing in another platform, ask:
“Are we fully using what we already have — or paying twice for the same capability?”
Optimizing assets and leveraging open-source innovation can reduce costs, improve visibility, and strengthen cloud security posture.
In cybersecurity today, optimization is the new innovation — and efficiency is the new defense.

💬 What’s your view?
Have you seen costly tools purchased while open-source alternatives sit idle? How can organizations empower operations teams to bridge this gap?

#CloudSecurity #CSPM hashtag#SPM #InfraSecurity #DevSecOps #CloudGovernance #OpenSource #Freeware #ToolOptimization #SecurityPosture #Azure hashtag#AWS #CostOptimization #SecurityAutomation

hashtag#CloudSecurity hashtag#CSPM hashtag#SPM hashtag#InfraSecurity hashtag#DevSecOps hashtag#CloudGovernance hashtag#OpenSource hashtag#Freeware hashtag#ToolOptimization hashtag#SecurityPosture hashtag#Azure hashtag#AWS hashtag#CostOptimization hashtag#SecurityAutomation
October 19, 2025

Command	Description
`docker ps`	List running containers
`docker ps -a`	List all containers
`docker images`	List images
`docker stop <id>`	Stop container
`docker rm <id>`	Remove container

🧠 What is AI and ML in Networking?

Artificial Intelligence (AI) and Machine Learning (ML) in networking refer to the use of data-driven algorithms and automation to make networks smarter, self-learning, and self-optimizing.

In simple terms —
👉 AI/ML help networks think, learn, and act on their own instead of relying only on human intervention.

For example:

The network can detect anomalies, predict failures, or optimize routing automatically — based on continuous data analysis.

⚙️ Why AI/ML Are Needed in Networking

Modern networks are:

Massive (thousands of devices, millions of connections)
Dynamic (cloud, IoT, 5G, SDN)
Complex (virtual + physical + security layers)

Traditional manual management can’t keep up.
AI and ML provide automation, intelligence, and adaptability to handle this complexity efficiently.

🧩 Key Applications of AI/ML in Networking

1. Network Automation

AI helps in automatically configuring, optimizing, and healing networks.
ML models learn from network data and predict optimal configurations.

Example:
Automatically adjusting QoS or bandwidth based on traffic patterns.

2. Predictive Maintenance

ML algorithms analyze device logs, performance metrics, and temperature data to predict failures before they happen.

Example:
AI predicts a switch port failure based on rising CRC errors and triggers proactive replacement.

3. Anomaly Detection and Security

AI detects unusual traffic patterns that may indicate cyberattacks, malware, or misconfigurations.
ML models can learn what “normal” behavior looks like and alert when deviations occur.

Example:
Detecting a DDoS attack based on sudden traffic spikes.

4. Traffic Analysis and Optimization

ML helps to analyze traffic flows and dynamically reroute data for better performance.
Can optimize latency, throughput, and load balancing.

Example:
AI-driven SD-WAN controllers automatically select the best WAN link per application.

5. Quality of Experience (QoE) Enhancement

AI monitors user experience (e.g., video call quality) and adjusts parameters like jitter, latency, and bandwidth in real time.

6. Network Planning and Capacity Forecasting

ML models analyze growth trends and predict future capacity needs.
Useful for ISP and data center planning.

7. Intent-Based Networking (IBN)

The network understands high-level intent (“ensure low latency for voice traffic”) and uses AI/ML to translate it into actual configurations and policies automatically.

🧱 AI/ML in Networking Architecture

Layer	Function	Example
Data Collection	Collect telemetry, logs, SNMP, NetFlow, Syslog	Network devices, sensors
Data Processing	Clean, normalize, and store data	Streaming analytics platforms
Machine Learning Engine	Train models, detect patterns, make predictions	TensorFlow, Scikit-learn
Automation Layer	Take actions (config updates, alerts, rerouting)	Ansible, SDN controller
Visualization Layer	Display analytics and decisions	Dashboards, reports

🧠 AI Techniques Used in Networking

Technique	Purpose	Example
Supervised Learning	Predict outcomes from labeled data	Predict link failures
Unsupervised Learning	Detect patterns or anomalies	Network anomaly detection
Reinforcement Learning	Learn best actions via trial and feedback	Adaptive routing
Deep Learning (Neural Networks)	Handle large and complex data	Video QoS optimization
Natural Language Processing (NLP)	Understand text/voice input	Chatbots for network operations (NetOps assistants)

🧰 Real-World AI-Driven Networking Tools

Vendor	Platform	AI/ML Capability
Cisco DNA Center	AI Network Analytics	Client health, anomaly detection, insights
Juniper Mist AI	AI-driven WLAN	Predictive Wi-Fi troubleshooting
Arista CloudVision	AI Telemetry	Network state analysis
VMware vRealize Network Insight	Network analytics	Flow visibility and optimization
Fortinet FortiAI	Security AI	Malware detection and behavioral analysis

🌐 Benefits of AI/ML in Networking

Self-Healing Networks: Automatically detect and fix issues
Proactive Maintenance: Prevent outages before they occur
Reduced Downtime: Faster troubleshooting and resolution
Better Security: Identify new attack patterns
Improved Performance: Optimize bandwidth and routing
Cost Efficiency: Reduce manual work and operational overhead

🚧 Challenges

Data Quality: Inaccurate or incomplete data leads to wrong predictions
Integration: Legacy systems may not support modern APIs
Explainability: Hard to understand ML model decisions
Security: AI systems themselves must be protected

🏗️ Example Use Case

Scenario: Enterprise WAN Optimization

Routers and switches send telemetry to a central AI engine.
The ML model analyzes traffic latency, loss, and jitter.
AI identifies congestion and predicts peak hours.
The SDN controller reroutes traffic proactively to maintain SLA.

Result → Better performance, fewer complaints, and automated control.

🧭 Summary

Concept	Description
AI in Networking	Systems that make intelligent decisions automatically
ML in Networking	Algorithms that learn patterns from network data
Use Cases	Fault prediction, anomaly detection, optimization
Benefits	Automation, efficiency, reliability, cost reduction
Key Tools	Cisco DNA Center, Juniper Mist AI, VMware NSX, FortiAI

October 8, 2025

🧠 What is a REST API?

REST API stands for Representational State Transfer Application Programming Interface.
It’s a standard way for two systems to communicate over the web (HTTP/HTTPS) — often between a client (like Python script or Ansible) and a server (like a network device or SDN controller).

In simple terms:
👉 A REST API allows you to interact with a system (get data, configure, update, or delete something) using HTTP requests — just like how your browser communicates with websites.

⚙️ Why REST APIs Matter in Networking

In modern networks:

Devices (Cisco, Juniper, Fortinet, etc.) and controllers (like OpenDaylight, Cisco DNA Center, VMware NSX) expose REST APIs.
Engineers can automate tasks (like getting interface status, pushing configurations, or monitoring health) using API calls instead of manual CLI.

Example:
Instead of logging into 50 routers to check interface status,
you can run one Python script that uses REST APIs to fetch all interface data.

🧩 Key Concepts of REST API

Concept	Description
Client	The system or application making the API request (e.g., Python script, Postman, Ansible)
Server	The system that provides the API (e.g., router, firewall, controller)
Resource	The object you’re working with (e.g., interface, VLAN, route, policy)
URI (Uniform Resource Identifier)	The address to access a resource (e.g., `/api/v1/interfaces`)
HTTP Methods	Define what action to perform on a resource

🔠 Common HTTP Methods

Method	Purpose	Example
GET	Retrieve information	Get interface status
POST	Create new data/configuration	Add a new VLAN
PUT	Update/replace data	Change an interface IP
PATCH	Modify part of a resource	Update interface description
DELETE	Remove data/configuration	Delete a VLAN

🧾 Typical REST API Request Structure

A REST API request looks like this:

Method: GET
URL: https://192.168.1.1/api/v1/interfaces
Headers:
    Content-Type: application/json
    Authorization: Bearer <token>

Response (from device or server):

{
  "interfaces": [
    {"name": "GigabitEthernet0/0", "status": "up"},
    {"name": "GigabitEthernet0/1", "status": "down"}
  ]
}

💡 Key Characteristics of REST APIs

Stateless: Each request is independent; the server doesn’t remember previous ones.
Uses HTTP verbs: GET, POST, PUT, DELETE, etc.
Uses URIs to identify resources.
Supports multiple data formats: Commonly JSON, sometimes XML.
Client-Server separation: Clear boundary between what requests and what responds.
Cacheable: Responses can be cached for performance.

🧰 Common Tools to Work with REST APIs

Tool	Use
Postman	GUI-based tool to test and visualize API calls
cURL	Command-line tool for sending HTTP requests
Python (Requests library)	Programmatically interact with APIs
Ansible / Terraform	Use APIs for automation/infrastructure as code

🐍 Example: Python Script Using REST API

import requests
import json

url = "https://192.168.1.1/api/v1/interfaces"
headers = {
    "Content-Type": "application/json",
    "Authorization": "Bearer your_token_here"
}

response = requests.get(url, headers=headers, verify=False)
data = response.json()

for interface in data["interfaces"]:
    print(interface["name"], "-", interface["status"])

✅ This script retrieves interface status from a network device that supports REST APIs.

🌐 Example REST API Endpoints (Networking)

Vendor	API Example	Description
Cisco DNA Center	`/dna/intent/api/v1/network-device`	Get all devices
Fortinet FortiGate	`/api/v2/monitor/system/interface/`	Get interface list
Juniper Junos	`/rpc/get-interface-information`	Get interface info
OpenDaylight	`/restconf/operational/network-topology:network-topology`	Get network topology
Arista eAPI	`/command-api`	Send CLI commands via JSON-RPC

✅ Benefits of Using REST APIs

Automation: Eliminate manual configuration
Integration: Connect network, cloud, and monitoring systems
Speed: Fast configuration and data collection
Consistency: Apply uniform settings across devices
Scalability: Manage hundreds of devices easily

🧭 Summary

Concept	Description
Full Form	Representational State Transfer API
Purpose	Communication between client and server using HTTP
Data Format	JSON / XML
Common Methods	GET, POST, PUT, DELETE
Use in Networking	Automate configuration, monitoring, and integration
Tools	Postman, Python Requests, Ansible

October 8, 2025

🤖 Bridging Manual AWS Infrastructure to Terraform: Automating Security Group Imports with Python
In modern cloud engineering, Infrastructure as Code (IaC) is more than a best practice—it’s a necessity. But what happens when your AWS infrastructure already exists, created manually through the console or scripts, long before Terraform entered the picture?

This blog post walks through a hybrid solution: using Python and Boto3 to detect and import existing AWS Security Groups into Terraform, then converting them into reproducible, editable .tf files. It’s fast, scalable, and minimizes human error.

🚩 Problem Statement

Many teams start their cloud journey without IaC. As the environment grows, managing resources manually becomes error-prone and unscalable. Transitioning to Terraform becomes inevitable—but re-creating everything manually in .tf files is:
- Time-consuming
- Risky
- Hard to validate
💡 Solution:

Use Python to automate the Terraform import process and dynamically generate configuration files per AWS Security Group.

⚙️ Tech Stack

Tool Role
Terraform Infrastructure provisioning
Python (Boto3) AWS resource discovery
AWS CLI / IAM Role Credentials & API access
Shell Commands Automating imports

🔄 Workflow Overview
- Discover all Security Groups in a region
- Create Terraform directories per group
- Write provider.tf and main.tf
- Run terraform import to sync state
- Output the state into HCL format via terraform show
- Format and validate using terraform fmt
📜 Python Script Breakdown

Here’s the key automation script: securitygroupimporter.py
```
import boto3
import os

region = "us-west-1"
client = boto3.client('ec2', region_name=region)

for group in client.describe_security_groups()['SecurityGroups']:
    dir_name = group['GroupId']
    os.system("mkdir " + dir_name)

    with open(os.path.join(dir_name, "provider.tf"), "w") as file:
        file.write(f"""provider "aws" {{
    region = "{region}"
}}""")

    with open(os.path.join(dir_name, "main.tf"), "w") as file:
        file.write(f"""resource "aws_security_group" "imported_sg_tf" {{
    name        = "{group['GroupName']}"
    description = "{group['Description']}"
    vpc_id      = "{group['VpcId']}"
}}""")

    os.system(f"cd {dir_name} && terraform init && terraform fmt && terraform import aws_security_group.imported_sg_tf {group['GroupId']} && terraform show -no-color > main.tf")
```
🧾 Example Output

The script generates a clean folder structure like:
```
bashCopyEditsg-0a1b2c3d4e5f67890/
├── provider.tf  # AWS provider config
├── main.tf      # Full resource definition (after import)
```
This makes it easy to commit, audit, and manage each security group individually.

📦 Terraform Usage

Once the .tf files are created:
```
cd sg-0a1b2c3d4e5f67890
terraform plan
terraform apply
```
You can now modify the SG rules as code and re-apply them safely!

📈 Benefits of This Approach

✅ No Manual Rewrites: Automates tedious .tf file generation
✅ Version Control: All SGs under Git with Terraform
✅ Audit-Friendly: Clear, editable .tf source
✅ Repeatable: Works in any region with any account
✅ Safe Migration: No downtime or resource recreation

💡 Possible Enhancements

Here’s how we can take this further:
- ✳️ Add user prompts for selective SG import
- 🔍 Extract individual ingress/egress rules instead of full state dump
- 📦 Refactor into reusable Terraform modules
- 📊 Add CloudWatch alerts for drift detection
- ⚙️ Integrate into CI/CD pipeline
🌐 Real-World Use Case

Imagine you’re handed an AWS account with 100+ resources but no existing Terraform config. This script gives you a jumpstart, extracting current state and turning it into a fully manageable codebase — all without starting from scratch.

🔐 Security Considerations
- Use IAM roles with read-only EC2 access
- Validate the Terraform plan before applying changes
- Consider sanitizing or encrypting sensitive outputs if saved
📸 Architecture Diagram

This tool can be a part of a larger provisioning pipeline (e.g., VPCs, EC2, Load Balancers, etc.).

🧪 Try It Yourself
```
pip install boto3
export AWS_ACCESS_KEY_ID=...
export AWS_SECRET_ACCESS_KEY=...
python securitygroupimporter.py
```
Each SG is imported and converted into Terraform-ready format in its own folder. You can version it, tweak rules, and manage it from here on out like any other .tf module.

🧩 Final Thoughts

Cloud infrastructure is not always born as code — but it should evolve that way. With this approach, we take a real-world AWS environment and transform it into Terraform IaC with minimal friction.

This saves hours of repetitive work and brings undocumented infrastructure under the umbrella of security, compliance, and automation.

🤝 Let’s Connect

If you found this useful or have ideas to improve it, let’s talk!
I’d love to collaborate with other DevOps engineers and cloud enthusiasts.

📬 DM me on LinkedIn or drop a comment below.

#Terraform #AWS #Python #Boto3 #DevOps #InfrastructureAsCode #IaC #CloudMigration #Security #Automation
May 30, 2025
Python script to check if VDB databases are updated in Cisco FMC

To check if VDB databases are updated in Cisco FMC and print the results to an Excel file using Python, you can use the following approach:

1.Access Cisco FMC through API: Use the Cisco FMC API to retrieve the VDB database information. You can find more details about the API in the Cisco FMC API documentation.

import requests
import json

fmc_feeds_url = “https://10.10.10.10/api/fmc_feeds/access”
fmc_headers = {‘content-type’: ‘application/json’}
fmc_auth = (‘admin’, ‘YourPassword’) # replace ‘YourPassword’ with your actual password

response = requests.get(fmc_feeds_url, headers=fmc_headers, auth=fmc_auth, verify=False)
feeds = json.loads(response.text)

2.Parse the API response: Extract the VDB database information from the API response.

vdb_databases = [feed for feed in feeds[‘items’] if feed[‘name’].startswith(‘VDB’)]

3.Create an Excel file and print the results: Use a library like pandas to create an Excel file and print the results.

import pandas as pd

df = pd.DataFrame(vdb_databases)
df.to_excel(‘VDB_databases.xlsx’, index=False)

October 19, 2024
Migrate APs from Old WLC to 9800
Python script to move access points from an old WLC (Wireless LAN Controller) to a new Cisco Catalyst 9800 WLC:

Example Code Snippets
1. Collecting configuration data from the old WLC (AireOS):
import netmiko

old_wlc_ip = ‘192.168.1.100’
old_wlc_username = ‘admin’
old_wlc_password = ‘password’

ssh_conn = netmiko.Netmiko(
hostname=old_wlc_ip,
username=old_wlc_username,
password=old_wlc_password
)

config_data = ssh_conn.send_command(‘show running-config’)

2.Processing data to extract AP information:

import csv

ap_info = []
for line in config_data.splitlines():
if ‘ap-name’ in line:
ap_name = line.split()[1]
ap_info.append({‘ap_name’: ap_name, ‘wlc_ip’: old_wlc_ip})

with open(‘ap_config.csv’, ‘w’, newline=”) as csvfile:
writer = csv.DictWriter(csvfile, fieldnames=[‘ap_name’, ‘wlc_ip’])
writer.writeheader()
writer.writerows(ap_info)
1. Sending configuration commands to the new 9800 WLC:
```
new_wlc_ip = '192.168.1.200'
new_wlc_username = 'admin'
new_wlc_password = 'password'

ssh_conn = netmiko.Netmiko(
    hostname=new_wlc_ip,
    username=new_wlc_username,
    password=new_wlc_password
)

with open('ap_config.csv', 'r') as csvfile:
    reader = csv.DictReader(csvfile)
    for row in reader:
        ap_name = row['ap_name']
        wlc_ip = row['wlc_ip']
        config_cmd = f'config ap primary-base {wlc_ip} {ap_name}'
        ssh_conn.send_command(config_cmd)
```
October 10, 2024
Python Script to Configure Multiple Cisco Devices
This script to configure multiple cisco devices , we need to put all IP addresses in the IPAdrresslist.txt file and change cmd1 and cmd2 of the script with required config commands

from future import print_function
from netmiko import ConnectHandler

import sys
import time
import select
import paramiko
import re
platform = ‘cisco_ios’
username = ‘XXXX’
password = ‘XXXX’

ip_add_file = open(‘ips.txt’,’r’)

for host in ip_add_file:
try:
device = ConnectHandler(device_type=platform, ip=host, username=username, password=password)
output = device.send_config_set([cmd1′,’cmd2′])
print(output)

except Exception:
print(“Unable to connect”)
July 5, 2021
Python Script to Execute Show Commands in Multiple Devices and Save the Output to a Text File
The script requires two text files, put your device IP addresses in IPAddressList.txt and create another blank file named Command_Output.txt in the application directory .

Prerequisites
- Python 3
- Paramiko
from future import print_function
from netmiko import ConnectHandler
import os
import sys
import time
import select
import paramiko
import re

fd = open(‘r’\home\user\Command_Output.txt’,’w’)
old_stdout = sys.stdout
sys.stdout = fd
platform = ‘cisco_ios’
username = ‘XXXX’
password = ‘XXXX’
ip_add_file = open(r’\home\user\IPAddressList.txt’,’r’)

for host in ip_add_file:
#host = host.strip()
device = ConnectHandler(device_type=platform, ip=host, username=username, password=password)
output = device.send_command(‘sh int trunk’)
print(output)

fd.close()
July 5, 2021

Tool	Role
Terraform	Infrastructure provisioning
Python (Boto3)	AWS resource discovery
AWS CLI / IAM Role	Credentials & API access
Shell Commands	Automating imports

Category: Automation

🌐 What is OpenDaylight (ODL)?

🧠 What ODL Does

⭐ Why ODL Is Popular

🏗️ ODL Architecture (Simple Explanation)

🔧 What You Can Do With ODL

✔ Build full SDN topologies

✔ Automate Cisco devices using NETCONF/YANG

✔ Visualize network topology

✔ Traffic engineering (TE) and segment routing

✔ Build your own SDN applications

✅ 1. Create a VM on Proxmox

Recommended VM Specs

🔧 2. Update the OS

⚙️ 3. Install Java (ODL requires Java 11)

📦 4. Download OpenDaylight

📁 5. Extract the ODL package

▶️ 6. Start OpenDaylight

🧩 7. Install required ODL features

For OpenFlow:

For NETCONF/YANG:

For BGP-LS / PCEP:

🌐 8. Access Web UI (DLUX)

🔄 9. Run ODL as a service (recommended)

🎉 ODL is now running on Proxmox!

📌 Bonus: Integrate ODL with Cisco Devices

⚙️ Why AI/ML Are Needed in Networking

🧩 Key Applications of AI/ML in Networking

1. Network Automation

2. Predictive Maintenance

3. Anomaly Detection and Security

4. Traffic Analysis and Optimization

5. Quality of Experience (QoE) Enhancement

6. Network Planning and Capacity Forecasting

7. Intent-Based Networking (IBN)

🧱 AI/ML in Networking Architecture

🧠 AI Techniques Used in Networking

🧰 Real-World AI-Driven Networking Tools

🌐 Benefits of AI/ML in Networking

🚧 Challenges

🏗️ Example Use Case

Scenario: Enterprise WAN Optimization

🧭 Summary

⚙️ Why REST APIs Matter in Networking

🧩 Key Concepts of REST API

🔠 Common HTTP Methods

🧾 Typical REST API Request Structure

Response (from device or server):

💡 Key Characteristics of REST APIs

🧰 Common Tools to Work with REST APIs

🐍 Example: Python Script Using REST API

🌐 Example REST API Endpoints (Networking)

✅ Benefits of Using REST APIs

🧭 Summary

🚩 Problem Statement

💡 Solution:

⚙️ Tech Stack

🔄 Workflow Overview

📜 Python Script Breakdown

🧾 Example Output

📦 Terraform Usage

📈 Benefits of This Approach

💡 Possible Enhancements

🌐 Real-World Use Case

🔐 Security Considerations

📸 Architecture Diagram

🧪 Try It Yourself

🧩 Final Thoughts

🤝 Let’s Connect