DevCentral Top5 04/26/2013
It doesn’t take The Doctor to decipher that there has been a lot of content coming out on DevCentral the past few weeks. Between the ever present and highly appreciated blogs of our dedicated blog army, the standard flow of media and the up-tick in Tech Tips being released, there has been more than enough to consume. The even more impressive thing is that those things are just scratching the surface. The reality is that, just like any good tardis, DevCentral is even bigger on the inside, with more things going on than get blasted to the front page. I know this means there’s no way you’re going to keep up with everything. I know that means there’s a chance you’ll miss some really good stuff going on. Never fear, though, even though I can’t help you control time and space, I may be able to ensure you don’t miss some of the goodness. As such, I bring to you this week’s offering of my Top5 selections from the wonder that is DevCentral:
Project Acceleration: Test Infrastructure
Coming in both first and last on the list this week are offerings from the Project Acceleration series. This series has been coming out so quickly and with so much content that I couldn’t even begin to feature all of them in the Top5. It would be a sin, however, to allow you to go without properly digging into this (hopefully) informative and interesting publication. As such you’re getting a double dose this week, which I’m hopeful will be just what The Doctor ordered (pun intended but completely unavoidable, really). In this particular entry in the Project Acceleration series Jason digs deep into the infrastructure that was used to perform the real world testing that we did (had done, really) to check and see what effect our different WebAccelerator configuration options and tweaks were having. We wanted to get real world numbers and enlisted folks around the world to help us out. By way of some configuration trickery and iRules magic, we were able to get simultaneous paths through the LTM that gave us a way to get data for each set of configuration options. While those results aren’t included in this article, never fear they are in the conclusion episode. This installment, however, includes the things that make that possible, including an iRule, a flow chart showing just how we set things up, and some explanations as to why and what issues we ran into along the way. Jason did a great job laying things out here and the info might just be awfully handy to those in need of a similar solution, or looking to do some testing in the future.
20 Lines or Less #68: Simplifying the Complexified Simplicity
Back in action, the 20 Lines or Less is dusted off post transition to air again, and with any luck, regularly. For those new to this program the 20LoL is a collection of three simple iRules that are each less than 21 lines long that show off some cool iRules fu. This week I managed to find three examples of something that started out as a simple concept, like a sorry page, and ended up being made more complex by way of added requirements, such as that sorry page needing to include linked CSS, custom formatting, menus and images, and then re-simplified via an iRule that makes doing that complex bit in the middle, easy. Did anyone actually follow that? Either way, it’s a fun edition that even manages to will into existence a new word and I am, as always, madly in love with the technology that enables me to rant and rave about all this coolness. Check out this and previous 20LoL editions for a slew of cool, simple iRules.
Add Outlook Web Access Login Options to the APM Logon Page
Just about anyone that works in an organization that runs Exchange has used Outlook Web Access (OWA). It’s a massively pervasive and widely used tool to allow remote or mobile access to corporate email that would, usually, be otherwise accessed via Outlook. As with any web application, however, there are pitfalls and drawbacks, not the least of which is requiring separate authentication when attempting to log in. APM can help with SSO and some other optimizations and tweaks, which is fantastic to be sure, but as it turns out there are a couple of options on the default login page for OWA that the APM solution leaves out. This article will walk you through in big animal picture (that’s a good thing, honest) fashion just how to reclaim those lost security options in the case that your users may want or even need to make use of them. Bringing the APM login option up to parity with the default seems like a darn good idea to me, and I’m extra excited to see some code being thrown around that can help APM do more stuff, in more cool ways, for more people, to more applications. I’m a more is better kind of guy, what can I say? Check this one out if you’re an OWA or APM user, for sure.
BIG-IP LTM SYN Check
Have you ever heard of a DDOS (Distributed Denial of Service)? If you have, there’s a decent chance you may have heard of the concept of a SYN flood. A SYN flood is a popular form of attack that can do some pretty heinous things to even a large scale application infrastructure with relative ease, bringing an application to its knees and preventing legit users from doing their thing. This style of attack has been used to great effect all over the world by all manner of would be nefarious folk. This is fortunately something that BIG-IP is inherently extremely good at thwarting, and there’s a decent chance you may have even heard that before. Have you, however, been walked through exactly how a SYN flood works? Can you describe what a half-open connection is? Do you know why BIG-IP is so darn good at shrugging off these attacks that can reduce hulking clusters of brawny servers to a mass of whimpering metal? Well allow me to introduce you to John Wagnon. John is the newest addition to the DevCentral team and is hoping to help those guys out with some solution development. And by “hoping to” I mean “is already”. Oh, and by “helping out” I mean “kicking tail at.” John has already put out a pretty wicked explanation of just what this type of attack is, how it works, how we defend against it, and the whole ball of wax. He even included pretty pictures! Some of you will have known for years how this stuff works, some of you will have no idea, but I guarantee everyone will enjoy reading through this concise, solid explanation and demonstration of a way in which to avoid this otherwise potent attack. Welcome, John, and not too shabby for your first week.
Project Acceleration: Conclusions
As promised oh so long ago, up there in that first link’s blurb, here is the other Project Acceleration book-end of this week’s Top5. This series is just too good to pass up, folks, seriously. There are 10 articles and if I didn’t feel like such a self promoting jerk I’d list them all here. This article is not just me rambling on though, so that makes it even more valuable, right? This is the wrap up to the entire project in which we (Dawn Parzych, Jason and myself) chime in about the series, our experiences with the project, and the results. The results, testing methodology, iRule and more are all linked here for your easy download and perusal, too. As if that weren’t enough, you can check out this week’s video podcast turned wrap video. The four of us that built the content, Joe, Jason, Dawn and myself, got together to chat about the project and give some insight, some thoughts and to reflect a bit on what we learned. All of that for the low, low price of “click this link now!". It’s a deal too sweet to pass up, I know, so don’t resist and go check it out. This is (possibly) the last you’ll hear me ramble about this project (maybe), so it is (ostensibly) your last opportunity to have this stuff handed to you on a platter (okay probably not). Don’t miss out.
There you have it, my fellow whovians and … others, another Top5 for the books. If you’ve got any questions, want to hear more, have suggestions for content or anything of the sort, you know where to find me. Until then, keep your screwdriver handy. I’ll be back with more in a couple weeks.