Top5 09/24/2013
The funny thing about funny little human brains, other than, of course, getting around in them, is that they are forever trying to keep up with their surroundings. That can prove a formidable task under the simplest of circumstances. We’re talking no input, isolation from the world type simple. Add to that a few sources of stimulus and input and the tide of inbound information is likely to be beyond stemming in a hurry. Now then, what happens when an unmitigated fire-hose of information, much of it actually useful and relevant, such as DevCentral presents itself? How is one to cope? If you’re a cyborg like Hoolio or Kevin Stewart you just take it in stride, buffer to RAM and carry on not ever worrying about silence falling in your neck of the woods. For the rest of us we try hard not to blink, so we don’t miss anything, and often times fail miserably with huge portions of useful data being spun off into the bit bucket for pure lack of available bandwidth. That is, my friends, the problem that the Top5 was invented to solve, and the reason I am back again this week with my Top5 picks that are “must read” content:
BIG-IP Interface Stats in Real Time with a TMSH Script
And now for something just a little bit different. There is almost always some very cool, interesting, useful chunk of code bouncing around on the “most recent” lists on DevCentral. This is not a new thing, or a fad that I plan on seeing pass any time soon. This is as it always has been, and should be. So it is written, so it shall be done, at least I can hope. What is rather new, however, is that these chunks of code are rapidly diversifying. No more does the list of code represented in said lists look like “iRules, iRules, iRules, iRules, iRules, iControl, iRules, iRules, iRules, iRules, iControl….”, you get the idea. Now we’re seeing more and more iApps, iControl and tmsh than ever before. Sure, partly because two of those three are recent additions, but follow me here! There are more and more ways to automate and script your application at the network level than ever before these days, and that is, by my account, a double plus good thing. To accompany all those fancy new ways to do things there needs to be some explanation of how they work, right? Right. Enter Jason and this handy-dandy article on dealing with statistics via a tmsh script. I’m a huge fan of app level programming. “I’m so shocked by that revelation!” – said no one, ever. I know, it’s obvious right? But what you might not know is that I actually cut my teeth back on the command line in a BSDi environment, and darn it if there isn’t just something home-y and comforting about seeing someone busting out some command line goodness. Way to go Jason! This one is definitely worth a read, and even offers some useful code for your own environment. What more do you want, a pony? Sheesh.
Bandwidth, Bandwidth, Bandwidth!
My initial reaction: “Bandwidth? Who cares about bandwidth?!” I’ve been saying for years that bandwidth effectively doesn’t matter for performance anymore, that latency is the ruler of that particular roost. It is a very rare thing that I strongly disagree with the things that Lori puts out in her posts. I generally find them informative and in many cases educational. That’s why I was shocked when I read this title. I was shocked not only because “ZOMGZ How dare she take such an incorrect stance on something I’m so passionate about!?”, but also because I was then immediately shocked at how ridiculous and over-reactive I was being. Reading more than 3 words into things (Note to self: Judging an article after the title alone == sub optimal) I quickly realized that this was not the outlier that I originally thought. No, this was another informative, interesting, insightful post about bandwidth and managing it. She was not, in fact, saying “Hey gaiz, bandwidth is the best!” which is apparently where my overly defensive brain went in the time it takes a rocket pack laden cheetah to traverse the length of a soup spoon. It was, in fact, discussing managing bandwidth, application fluency and how intensely important such things are. Oh. Well yeah, that…that I agree with completely. I’m less shocked by this, and suddenly find myself nodding along and wondering where these torches and pitch forks came from, for no apparent reason. The force is back in balance, and this post from Lori deserves your attention far more than my sleep addled overly quick to leap into geek defense mode brain does. So go read this article about bandwidth management and things like URI inspection and application intelligence. Since you know, those are all very good things. *cough*
The BIG-IP Application Security Manager Part 3: The Importance of File Types, Parameters, and URLs
Speaking of URIs and application fluency and how those are both very good things, let us take a look at another instance of doing exactly that to great effect (See how I quickly ushered you away from me frothing at the mouth for no good reason? I’m smooth like that. Oh wait…). John, who has been on the DC team for a relatively short amount of time but has been churning out hawesome content for precisely all of said time, posted another article in his ASM series. In this series he’s going through and detailing what ASM is, how it works, and generally why you should care about such things. Some of you chuckled just there, as you’re already security (and hopefully ASM) ninjas. These things are as apparent to you as bow ties being cool. The rest of us are wickedly grateful to have such walk through type content being produced. I can spell ASM, and maybe tinker with the settings a bit here and there, but that’s about it, and dude I work here. If my ASM knowledge is lacking (hint: it is) then there’s a safe bet that others could use some more info as well. John dishes out another heaping helping of precisely that in this informative post. He walks through a real world-ish example, how to deal with file types and parameters within ASM, a look at why these may in fact be the droids you are looking for and should care about such things, and even includes enough admin interface screenies to allow us to follow along. The dude abides.
F5 and Versafe: Because Mobility Matters
You may have heard by now, but the F5 family has grown! Dipping back into the well of Lori’s writing (And not at all because I was an idiot about it earlier. I swear.) we get to take a look at the worlds of both mobility and security. Particularly we get to look a bit at where those things intersect, and the role which F5 is able to play at that particular point. By making use of Versafe’s technology we are able to offer a deeper, more complete security platform to our users. Safer users is never a bad thing. Well, until you deem “safe” to be disconnecting the network entirely. No network makes for angry monkeys, especially this one. Seriously, though, the ability to provide client-side visibility and comprehensive security coverage in a clientless fashion is rather fantastic. It even uses iRules to “do the cool stuff”! That’s a win in my book, for sure. Go take a look at Lori’s article to get a better idea of where Versafe fits into the F5 ecosystem, and feel free to follow the links out to the Versafe site for more info. No really, click through, there’s cool stuff out there.
20 Lines or Less #69: Port Ranges, Oracle Connections and Pool Member Toggling
Tried and true, the 20LoL is back again to make it rain…code. Okay maybe “make it rain” is a horrible analogy for code. Deliver the goods? Hmmm, I’ll work on the catch phrase. In the meantime, however, you should go check out this newest edition of the 20 Lines or Less. This is the blog feature that I put together by digging through the community to find out what the heck people have been building that might be useful to others or easily repurposed to be so. The one requirement? It must be, as the title implies, less than 21 lines of code. This is actually a pretty common things. iRules, while insanely powerful and completely capable of building out huge swaths of application functionality, are also quite compact when wielded by someone with their sights set on a more tactical fix. This week we’ve got a port range trick that’s quite handy, messing with Oracle connection strings, and flipping pool members to and fro. I always enjoy putting this one together and tend to share it often as it’s a great way to show people just what iRules is capable of without scaring them off. Just 20 lines, that’s all. They’re cute little scriptlets, honest. Go take a look, they want your love. Can you give one a forever home? No adoption fees apply.
#Colin