on 12-Nov-2012 17:40
Some of you may have noticed a distinct hush from this particular quadrant of the web. I've been far more quiet than normal for a couple of weeks, but there was a good reason, honest. I went down under to present at the F5 Agility event in Australia this year, where local F5ers and their customers have been hankering for another dose of DevCentral goodness. So, I set out to attend the conference and present two sessions; one 90 minute session on Tuesday the 30th to cover DevCentral and a relatively high level iRules overview, and a second on Wednesday the 31st that was a 3 hr deep dive into iRules concepts, inner workings, examples and underpinnings. A real geek fest…I was excited. Beyond that I would then continue on to Sydney and dig in with some users in more traditional User Group style meetings, which are always a good thing. I could ramble for hours, but I'll just say that things were smashingly successful all around. The users were fantastic, the event was top notch by all accounts, and the interactions I got to have with the impressively technical users really made the trip something special. There's nothing like rolling up your sleeves to sit around for hours after your session is supposed to be finished to talk about CMP, TMM, stack prioritization and handling, memory structure comparisons and optimizations, and all other manner of supremely, delightfully geeky bits. To do so while there is the promise of beer, in Australia, means that those interested parties were more than marginally interested; a wicked experience to be sure.
That aside, as is often my message here in the Top5, the content rolls on. The proverbial torch was handled swimmingly by my fellow DC cohorts with Josh and Jason each knocking out a couple of awesome contributions that warrant highlighting, along with yet another user contributed article. You all know I love those things, and I don't care how frequently they come in these days, they still get me stoked to see what users are up to. So, those tasty tidbits will be precisely what I choose to pass along this week, despite the near cacophony of forum and blog posts, wiki updates and other information spread about on DevCentral that I could choose from. So with that, I'll get on with it and give you this week's DevCentral Top5:
Security iRules 101: Logging, why we do it?
I've spoken more than once about Josh and his security leanings. They're a good thing, they're useful, they keep things here around the DevCentral world, well, secure. We like that, and I'm happy to post about most of the cool things he's doing when they seem interesting, which is often enough. Of course, then he had to go and start writing about not just cool security stuff, but about iRules doing said cool security stuff. Well now that's just a combination that I can't resist, and anyone that's been around a while or, you know, met me, knows it. So buckle up kids and get used to seeing this new series on a regular basis in the Top5. In this inaugural voyage of the series Josh goes into the what, how and why of logging from within iRules. I've talked about logging a lot from both design/development as well as troubleshooting perspectives, but a security take on logging is a new and interesting one to me. Go forth and be educated, yon readers, and thank me for it later. Well, thank Josh, really.
Getting Started with Bigsuds - a New Python Library for iControl
Despite Jason's best attempts, I have not yet converted over to Python zealotry. He has, however, and as such he was the perfect ambassador for this dang cool new way to access all the power that is iControl even more easily than before. He's quick to point out that this is not the first deployment of a python based iRules library, nor even the second. This third attempt, coming on the heels of pycontrol1 and 2, is different. It's easier to use, it's got more … well, go read the article. If you're looking to use iControl, and you're even mildly invested in python, this is a fantastic resource in every way, and I'm quite excited to see it released. Jason's our resident python guy on the team, so he's just the person to bring it to you, and has done a great job writing it up. Check it out and see for yourself.
Utilizing Google Authenticator for BIG-IP Shell Access
From the realm of "This isn't at all supported, we aren't going to fix it for you, you should only do this if you're positive you can handle it" and "you break it you bought it", I bring to you a pretty cool little number from Budi Ang. Budi describes, in gloriously simple steps, how to get Google Authenticator up and running as your second factor of authentication when logging into your BIG-IP via ssh. Whose nerd bell did I just ring? Anyone? That's a dang cool thing, and if I can find time between other projects and riding giant metal birds in the sky to talk geek with the lovely people of Someotherland, I'm going to be giving this one a shot myself. You may or may not know it, given how well I camouflage it, but I'm a bit of a *nix guy. I like them there command lines, and whatnots. This is a really cool example of one of the many things you can do to make your BIG-IP play however it is you'd like it to. Even though I may not personally have any need for 2 factor auth on my little dev VM, it's still darn cool. On top of that? User contributed content for the win. Dig in, but mind that first step, it's a doozy.
We've talked about the DevCentral move to the cloud more than once, but I'll say it again for the new folks in the group, or those at the back that are furiously trying to find food for their elf, who is proclaiming loudly just how badly he needs it: DevCentral moved to the cloud. We're 100% driven by virtualized devices, from web to mail to F5 devices, to DBs…all of it happily running in the cloud and humming away. We've told this story a few times, a few different ways, but as the person largely responsible for the lion's share of the actual design and implementation of said infrastructure, Jason tells that story from a uniquely geeky perspective. For a diagram laden look at exactly how we're doing what we do in the cloud, you really have to check this one out. We've gotten some awesome feedback when showing off this architecture to different people, very commonly comments such as "Huh, it looks like you've basically re-created an enterprise network environment in the cloud…". I'll let you in on a little secret … we didn't know that's not what people, you know…did out in the cloud. It made sense to us, so that's precisely what we did. And by we, I mean Jason did 80% of the work and the rest of us cheered him on and lent a hand in our respective areas of expertise. Anyway, look this one over if you want some more details on how to get a complex web app up and running in the cloud, it's a good read.
Security iRules 101: You can't always get what you want.. or can you?
More security, more iRules, more monkeys, less filler…fits in every technology geek's diet with room to spare for a side of connection pooling afterwards. Josh delivers another look into how to use iRules for the security minded folks among us. This one isn't a super complex iRule, but that's kind of the beauty, isn't it? You can use a darn simple iRule to rule out (see what I did there?) some relatively nasty attack vectors. With a few keystrokes, a click or two of a mouse, if you're graphically inclined, and the slightest bit of iRules (or in this case…copy and paste) know how, you can close off an entire avenue of attacks before even allowing the offensive traffic to the servers you're trying to protect. That's valuable, it's efficient, but most of all it's effective, and when security is involved, that's what matters most, isn't it? This series is shaping up to be a good one, if this second installment is any indication. Even if the guy is addicted to silly monkey pictures, I can't begrudge his know how on all things security and F5. I've subscribed, I've tuned in, and I'll be following along as this series unfolds. Maybe you should too?
There you are my fellow brown coats, a bit of DevCentral geekery to tide you over until the next installment can install all the serenity for which you long, at least in so far as your curiosity of what's hot on DevCentral is concerned. I know that keeps people up at night and all, so here's hoping this helps. I'll be blogging with a trip report from my time down under soon, as well as my visit to chat with the folks at Tcl Con as this year's keynote. Keep an eye out for those updates, and of course check back in 2 weeks for another Top5.