In my previous ACI automation post, I used Terraform and the credentials were in plain text inside the main.tf file. I have updated this, so the credentials are stored in GitLab environment variables, which is a much more secure method. The process of the credentials from GitLab to Terraform are as follows; Create Environment Variables […]
GitLab Variables for Credentials – ACI Lab Read More »
In a previous post, I have created a sample of FortiGate config with Terraform. This was all performed locally from a Windows machine. While this is good in a lab environment, the major problem with it is that the management doesn’t scale. If there is more than a single network engineer, they need to share
FortiGate Terraform with GitLab CI/CD Pipeline Read More »
After setting up the GitLab CI/CI pipeline, the next step I wanted to take is to use Terraform to make changes to AWS infrastructure. There are several steps to configure a GitLab pipeline for Terraform. This example is for a new project with nothing yet configured in AWS yet. Create a New Project in GitLab
GitLab Terraform AWS Pipeline Read More »
This is a short post to explain how to setup a GitLab SSH key to securely access your repos. For the full GitLab documentation, please see this article. In GitLab, to create an SSH key, navigate to: User Settings >> SSH Keys Generate an SSH Key I am doing this on a Mac, open a
GitLab Create SSH Key Read More »
DevOps principles are becoming very popular in the networking space. In this post, I will demonstrate how to setup a GitLab pipeline using your own GitLab Runner. By default, GitLab does have public runners that perform the same tasks. Overview In GitLab, a pipeline is a series of stages and jobs defined in a .gitlab-ci.yml
CI/CD Pipelines With Git Lab Read More »
Cisco ACI Supports several methods of automation or infrastructure as code. For this example, I will be using Terraform to give examples of setting up different fabric policies using the Cisco ACI lab. Setup To get this setup, I have several things to do Lab Once the lab has been setup and VPN connected to
Cisco ACI – Automation Read More »
This lab takes the initial config from the post, Creating FortiGate Config with Terraform, and adds in the IPS config to the firewall rule that permits all traffic between INSIDE and DMZ. The IPS policy is the default from FortiNet that blocks critical attacks. The attack that I will demonstrate is the ever popular vsftpd
Enabling FortiGate IPS with Terraform – Metasploit Test Read More »
For this lab I have created a small topology with a FortiGate which will be configured with Terraform. There are two networks INSIDE 192.168.10.0/24 and DMZ 192.168.20.0/24. The other interface is for OUTSIDE this is connected into my home lab network and has an IP of 10.10.30.215. Terraform is used to configure the FortiGate firewall,
Creating FortiGate Config with Terraform Read More »
Terraform can be downloaded from here, Select the OS (Windows, in this case) and CPU type ADM64 is most likely. Once downloaded, extract the executable and move it somewhere. I have moved it to C:\Terraform Then add it to the path environment variable under: system >>> settings >>> Advanced system settings >>> environment variables Once
Terraform Installation – Windows Read More »
I have been over the automatic creation of the VXLAN topology in the previous post. However, this stopped at the creation of the topology only. If in the future I wanted to add a new spine or leaf switch, this could be done, but the other switches wouldn’t be aware as they would also need
Arista VXLAN 3 – Automating Adding New Spine and Leaf Switches Read More »