Top5 10/07/2013
Here for you today I have another installation of my overly complex ploy to allow for widespread wordplay amongst a few thousand of my closest friends, otherwise known as “The Top5”. I mean, where else do I get to talk about cool technology while combining things like “malfeasance” and “’round these parts” into a single sentence? I have no idea how that makes sense but I’m going with it, and you’ll just have to let me know if it works for you or not. Word games aside, the Top5 is, as always, a source of what’s cool, interesting, awesome and going on in the world of DevCentral in the past couple of weeks. At least, that’s true assuming your idea of cool and awesome matches up completely with mine. Which it should, obviously, in my opinion. There’s some great stuff out there this time around so be sure to click through and take a look for yourself. Whether you’re looking to toss up a new testing auction site or remotely collect packet captures on your BIG-IP via Wireshark, this Top5 installment has got you covered. So without further prologue:
Configuring the BIG-IP and PHP “Hack-It-Yourself” Auction Site
So you’ve got your fancy F5 gear. You know it can do some pretty awesome things, or so you’ve been told, but you haven’t had a chance to test them out just yet. You’re looking for a way to start playing with the super fun bits of ADC land like iRules, iCall, even iControl automation. That sounds awesome! Fun and interesting and useful, so what’s the hold up? Well, aside from the ever reducing number of hours of “free time” with which to do these sort of things, one of the things I hear time and time again from users all over the world is that they lack a test/dev environment against which to hurl traffic. Let’s face it, you’re not testing a large portion of this stuff in production, for good reason. You need a site to test things against. Often times setting up a fully functioning version of your primary application can be more arduous than it’s worth, depending on the type of dev/testing you’re looking to do. What you really need is a paired down, largely simple but functionally broad application that you can burn down and rebuild at will. Enter the “Hack-It-Yourself” auction site. This is the site that John’s been using in several of his recent articles working through ASM’s functionality, and has proven hugely useful not only for those of us following along, but for him in describing the things he’s doing and actually testing them out. This is now wrapped up and available all handy and easy to install in a Virtual Machine format (ovf file). In this article he walks you through, complete with pretty pictures, setting up the VMs and all necessary networking bits to get this site up and working on your local hypervisor. This could be a huge help to those of you hurting for a test site, and might just put you in an awesome place to try those fancy features on your F5 gear that you’ve been itching to try out. We here at Top5 inter-super-galactic headquarters are fans of awesome. As such, we heartily recommend that you take a look and see for yourself.
Routing: How DevOps Bridges IT Gaps and Enables Software-Defined Something
Okay, so she had me with the joke in the title. I’ll admit it, guilty as charged, your honor. But come on, that’s funny! “Enables Software-Defined Something”? That’s geek comedy gold right there. Fortunately there is far more to this gem than a snappy title and a quick laugh. Lori digs through and delves into not just what some of the gaps in the Dev/Networking/IT operations world are, but tackles the far more important part of the equation, namely why they exist. Going through and taking a look at what each group hears and means when discussing the same term sheds some serious light on where the communication, and as such cooperation, breakdown is. I’ve never thought to explain the issue quite like this, much to my chagrin, despite using an amazingly similar tactic when discussing many things with people in the real world. I won’t hold her being smarter than me against her, though, as that’s a good thing in my book and those are just the types of people I want to surround myself with. If you’re wondering why all the hubbub about DevOps, I’d seriously recommend taking a look at this post. There is a definite breakdown of communication amongst some groups integral to applications being delivered smoothly. If they aren’t (can’t?) working together properly, there is serious trouble on the horizon for your app. It’s not as easy as just wagging your finger and telling them to play nice, however. Learning to speak their language can be huge, and this is a great start to precisely that. Take a look and thank me later. Oh I suppose you can thank Lori too since, you know, she wrote it and all.
Running Wireshark captures from F5 BIG-IP
Wireshark, for those unfortunate enough to have never had the sheer joy of running or analyzing packet captures, is a hugely wide spread application used to capture, read and analyze network captures allowing … you know what? No. Never mind. This is Wireshark. If you don’t know what it is, first of all you must be supremely bored by now since this entire post is likely akin to reading Greek to you. Second…go read about it for yourself. What Wireshark is isn’t the story here, so I’m going to go ahead and assume you already knew what it was upon showing up here, or that you’ve gone to that little link above and figured it out. Now that we’re all caught up, we can get to the heart of the matter: Wireshark captures being run remotely from your BIG-IP. Yes, that’s what I meant to say. You can, with the appropriate black belt in network hawesomeness and a pointy enough wizard hat, have your Wireshark capture traffic directly from your BIG-IP for analysis. This is some super cool, super geeky stuff, and I love it! No more command line tcpdump and then copy files and attempt to load and analyze. With the proper tunnels and commands you can fire up your shark and have it sniff directly from your BIG-IP. And while a shark sniffing a BIG-IP brings to mind an amazingly humorous visual, it’s also wickedly cool in a less cartoonish, more real world useful kind of way. Go check this out! Thanks go to David Holmes for re-appropriating this idea from Simon Kowallik and sharing it with the world.
The BIG-IP Application Security Manager Part4: Attack Signatures
John steams forward on his very cool ASM series, detailing the different parts and terms related to making Application Security Manager dance just the way you want. In this edition he touches on “Attack Signatures”, which is something you really don’t want to miss, if you’re at all interested in ASM. This is because attack signatures are pretty darn important. Attack signatures are, in fact, the thing that you’re using to stop attacks from coming in, which you may have already figured out by the less than cryptic name. Crazy, I know. These series of rules and patterns allow you to send your ASM on the hunt for whatever maliciousness or malfeasance you’re hoping to prevent, down to an extremely granular level, and then rest assured that such badness is no longer permitted ‘round these here parts. In John’s by now expected style he digs through to a comfortably deep level to explain what these things are, how they work, how to make use of them, and even provides some tasty pictures along the way to keep the more visually inclined from veering off the path of useful information and checking to see what’s happening in the world of social media amongst their friends. You just checked, didn’t you? I mentioned it and then you checked. That’s all right, I’ll forgive you, but finish your farming, chatting or picture posting later, and for now go take a gander and Mr. Wagnon’s lovely article.
1024 Words: SEND Buffers and Concurrent Connections
For someone as verbose (read: overly wordy and talkative to the extreme) as me, the concept of a 1024 word blog series is a bit daunting. Not because it’s hard to write in few words. Quite the contrary I could churn that out with relative ease (did anyone word count this post just then? I did). Making those words useful however? That becomes a far more challenging proposition. Lori seems to consistently pull it off, however, and this newest installment is no exception to the rule. In a scant 108 words, plus a graphic and associated labeling, Lori is able to depict what is actually an important and powerful concept. Namely, that while many try to build efficiency into the network by sending larger packets across the wire, it doesn’t always go as planned. That sounds great, less packets, bigger chunks, larger SEND buffers, woo, efficient! That’s neat and all, except as Lori so eloquently pointed out, this mucks horribly with the number of concurrent connections you will likely be able to handle, given then increase in the required memory to sustain each connection. Didn’t think of that? Well, now you have, and with that knowledge I encourage you to go forth and prosper. I’m confident Lori won’t mind you using her info to tailor your needs/requirements to meet reality. We’ll just assume her royalties are in the mail, mmkay?