Tampermonkey - DevCentral Site Enhancements (Notifications Page)
Problem this snippet solves: The DevCentral notifications page has no way to load all notifications quickly or dismiss all the visible notification, so this script fixes that. It adds a Load All button that will load all your notifications onto the page, and a Dismiss All button that will dismiss all the visible notifications on the page. It also updates the CSS a little bit to minimize the amount of whitespace between items. Please feel free to suggest additional enhancements or fork the project and update it on your own. Version History v1.0 - Includes Load All and Dismiss All buttons v1.04 - Added auto-subscribe to a question when you add a comment v1.05 - Added auto-subscribe to a codeshare when you add a comment How to use this snippet: Instructions The Tampermonkey Chrome extension needs to be installed for this script to work. Once installed, click on the Tampermonkey icon and click Dashboard Click the new script button and set the Update URL field to https://github.com/jangins101/F5/raw/master/F5%20Devcentral%20Enhancements.js . You can also copy the whole document linked below into a new Tampermonkey script and save it. Click Save and then click the value in the Last Updated column for that new row. This should update the script Navigate to Devcentral and check your notifications. You should see 2 new buttons after the notification count. Code : https://github.com/jangins101/F5/raw/master/F5%20Devcentral%20Enhancements.js Tested this on version: 11.5DevCentral Relaunch Commencing
The last few years here at DevCentral we've seen fantastic growth and it's thanks to all of you! We've talked with you at industry events, on the streets, at user groups, and online in the community. Your message is loud and clear. You want more. We're getting ready to do just that and here's what you'll see coming very soon. Changing Launch Platforms To meet your global needs and provide new and supportable capabilities, we decided to change platforms. That's a big undertaking especially since we made the crazy and obvious decision to bring along all of the content with us. That's right, we're bringing what makes DevCentral great along with us. We're bringing over: All of the articles All of your questions and answers Your fantastic codeshare repository All of you, our users and your DevPoints Your user-to-content relationships - this one was tough, but we made it A community is only as good as its members, so our first responsibility was preserving your contributions on our new platform. To offer anything less would be a disservice to you and your participation. Thank you for being part of what makes DevCentral great. A Fresh Coat of Paint The primary goal with our platform switch was to ensure a successful content migration, but that's no fun without some improvements to the user interface. We worked at improving your engagement with questions, codeshare, and with each other. Out of the gate you'll see: Content preferences to tailor your home page experience Preset filters to get you content you want to read More content per page Improved replying and interaction in questions Improved User Profile with better following & bookmarking features Private user messaging (that works) And so much more... We could keep going but it's easier to say we improved the DevCentral experience from top to bottom and we'll continue to do so with your feedback and our thanks. Flight Inspection Team Is Proceeding to The Launch Pad The DevCentral team is hard at work in our last phase of verification and are excited to show you what we'e been working on. We will follow up with you regarding how we're going to manage API documentation next week but won't stop there. This whole process and program from start to finish is for you and thanks to you the DevCentral Community. We'll continue to do great things together and are quite excited to keep on growing. Main Engine Start in T Minus....I Am an Application Delivery Fundamentalist!
Fun and a little mental. If you’ve been following along the DevCentral team’s journey toward F5 Certification, then you may be aware that we were in Chicago last week for F5’s Agility 2016 conference and took our 101 Application Delivery Fundamentals exam. I am happy to report that all of us, Jason, John, Chase and I, passed our exams. I gotta tell you, it’s a relief since I didn’t want to title this article, 'Two Out of Three Ain’t Bad.' Good song but wanted to avoid that. We started this excursion back in April (me in March) with the team deciding to create a study group. Each week we’d tackle a topic with the guidance of Eric Mitchell’s excellent Study Guide. We worked through the sections and decided to test our luck with the Certification Team’s mobile testing center...with the pressure of passing during an F5 event. Imagine the slight pre-test anxiety going through our minds if we didn’t pass. ‘How long have you been at F5?’ the questions would have started. My mouth covering, embarrassing, face-palming, muffled response of, ’12 years,’ would not have been sufficient. As Ken told us on the way into the exam room, ‘I tell people it is either pass or fail…so don’t worry about your overall score.’ But he also added specifically to me, ‘You know if you fail, I will give you grief.’ No Pressure. Well, we were prepared and we all passed! Jason, John and I took the exam Tuesday morning. After registering and scheduling with Pearson Vue, we arrived at the mobile test center. You need to sign in and present two forms of ID, one with your picture. Even though the Certification team knew all of us, we still needed to follow the procedure, no exceptions. We liked that we had no special treatment – other than the ‘hello’ hugs – and had to process and pass fair and square. We were seated in different areas since the exam room was fairly full when we entered. The moderator helped each of us get to the proper test associated with our registration and the timer started. For the 101, you have 90 minutes to answer 80 questions. At 23 minutes in, Jason got up and was finished. ‘Wa?!?’ as I look up seeing him walk by, ‘I’m only on question 28!’ I lamented. At least John was still there and I kept an eye on my time and question count the rest of the way. But I also told myself, ‘I’m in no hurry and if I need the full 90 minutes, I’ll take it to the last tick.’ John finished about a 40 minutes later and I was left for the last 30 to myself. With 10 minutes left, I was done but took that remaining time to review my answers. One tip: you can flag questions for review during the test or make comments for yourself as you move along. Close out the ones you know and go back for the more challenging questions. In the end I think I changed 3 answers. No idea if it swayed the results either way. When you are done, you walk back to the registration room and your preliminary results are already waiting. I felt a quiver when Heidi glanced at my results and gave that ‘I’m sorry,’ look. But that was soon turned to glee as I read, ‘you have Passed.’ We were 3 for 3. Chase took the test on Wednesday and also passed. I feel it was a very fair test to determine one’s basic application delivery knowledge. Some networking, some security, some infrastructure. And although we did prepare, it was still a challenging test. These exams are not supposed to be cake-walks but a good way to measure your knowledge around a certain topic. While we passed and may be certifiable in our own right, we are not ‘officially’ F5 Certified. That comes with the 201 exam. The 201-TMOS Administration exam is the second exam required to achieve Certified F5 BIG-IP Administrator status. Candidates must have passed the 101-Application Delivery Fundamentals exam in order to be eligible for the 201 exam. And wouldn’t you know it, we’re all now shooting for the 201. We plan on doing the team study again but we’ll also need to dig into some on box time for this one. I plan on keeping you posted for the 201 but for now, I’ll just bask in my 101 glory. Phew! ps Related: Jumping on the Rails of the Technical Train Let the Training Begin! The Road to F5 Certification DevCentral at F5 Agility 2016Blog Roll 2017
It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2017 entries. If you missed any of the 64 attempts including 16 videos, here they are wrapped in one simple entry. I read somewhere that lists in articles are good. I broke it out by month to see what was happening at the time and let's be honest, pure self-promotion. Check out our Featured Members for the year, dig into June's Cloud Month, catch up on some #Basics or sit back and watch some cool Lightboard videos. I truly appreciate your engagement throughout 2017 and Have a Safe and Happy New Year! January 2017 OK 2017, Now What? Lightboard Lessons: What is MQTT? Deploy BIG-IP VE in AWS What is Load Balancing? What is an Application Delivery Controller - Part I What is an Application Delivery Controller - Part II February Q/A with itacs GmbH's Kai Wilke - DevCentral's Featured Member for February What is DNS? Security Trends in 2016: Securing the Internet of Things Lightboard Lessons: IoT on BIG-IP Shared Authentication Domains on BIG-IP APM What to Expect in 2017: Mobile Device Security March Q/A with Admiral Group's Jinshu Peethambaran - DevCentral's Featured Member for March What is Virtual Desktop Infrastructure (VDI) Social Login to Enterprise Apps using BIG-IP & OAuth 2.0 Lightboard Lessons: What is a Proxy? Protecting API Access with BIG-IP using OAuth What is a Proxy? Lightboard Lessons: Service Consolidation on BIG-IP April Q/A with Betsson's Patrik Jonsson - DevCentral's Featured Member for April Deploy BIG-IP VE in Microsoft Azure Using an ARM Template High Availability Groups on BIG-IP Lightboard Lessons: The BIG-IP Profiles Configure HA Groups on BIG-IP May DevCentral’s Featured Member for May – NTT Security’s Leonardo Souza Deploying F5’s Web Application Firewall in Microsoft Azure Security Center Lightboard Lessons: What is BIG-IP? Updating an Auto-Scaled BIG-IP VE WAF in AWS Device Discovery on BIG-IQ 5.1 June Cloud Month on DevCentral DevCentral Cloud Month - Week Two DevCentral Cloud Month - Week Three DevCentral Cloud Month - Week Four DevCentral Cloud Month - Week Five DevCentral Cloud Month Wrap July DevCentral’s Featured Member for July – Vosko Networking’s Niels van Sluis BIG-IP VE on Google Cloud Platform Is 2017 Half Empty or Half Full? (F5 Newsroom) Lightboard Lessons: Attack Mitigation with F5 Silverline Lightboard Lessons: What is BIG-IP APM? August DevCentral’s Featured Member for August – Piotr Lewandowski Create a BIG-IP HA Pair in Azure I’ve Successfully Failed the F5 Certification 201-TMOS Administration Exam Lightboard Lessons: BIG-IP ASM Layered Policies Deploy an Auto-Scaled BIG-IP VE WAF in AWS Lightboard Lessons: What is BIG-IQ? September DevCentral’s Featured Member for September – Rob Carr Automatically Update your BIG-IP Pool Using the Service Discovery iApp Lightboard Lessons: What is HTTP? October DevCentral’s Featured Member for October – Jad Tabbara Lightboard Lessons: Connecting Cars with BIG-IP Legacy Application SSO with BIG-IP and Okta Selective Compression on BIG-IP Lightboard Lessons: What are Bots? Prevent a Spoof of an X-Forwarded-For Request with BIG-IP November DevCentral’s Featured Member for November – Nathan Britton Lightboard Lessons: What is DDoS? VDI Gateway Federation with BIG-IP Post of the Week: BIG-IP Policy Sync Mitigate L7 DDoS with BIG-IP ASM The OWASP Top 10 - 2017 vs. BIG-IP ASM December DevCentral's Featured Member for December - Kevin Davies F5 Certified Practice Exams The Top 10, Top 10 Predictions for 2018 (F5 Newsroom) Post of the Week: SSL on a Virtual Server ps The History Blog Roll 2016 Blog Roll 2015 Blog Roll 2014 Blog Roll 2013 Blog Roll 2012 Blog Roll 2011OK 2017, Now What?
The Year of the (Fire) Rooster will soon be upon us and the talkative, outspoken, frank, open, honest, and loyal Rooster could influence events in 2017. Whether you were born under the symbol or not, Roosters strive on trust and responsibility, essential for any organization especially in these times. 2016 (Year of the Monkey) brought us a crazy year of high profile breaches, a 500% increase in ransomware, a 0-day per day and slick malware each looking to cause havoc on all parts of society including your mobile device. The monkey’s shenanigans exhausted many of us in 2016 and 2017 will require some quick thinking and practical solutions to battle the ongoing, ever-growing threats. A year ago I noted, Mobility, both the state of being and the devices we use, will continue to grow and be an immense enabler and/or inhibitor for organizations. Today, we are the devices, controllers and data generators and we’re interacting, even socially, with a growing list of robots and objects. Security continues to flummox folks both from a development standpoint – talking to you IoT manufacturers – and from a purely personal realm. The more connected devices we have in and around our lives, homes and offices the more opportunities for the bad guys to take advantage. This is sure to continue as our digital, software-defined lives connect and intersect with the things around us. We’ll likely see a number of significant IoT security discussions coming out of CES this week too with cars and robots the starring attraction this year. And as our lives – personal and professional – continue to be chronicled on the internet, the various thieves, nation states, and activists will continue to be one step ahead, probing data and looking for that golden slab of info. Making money, causing disruptions, or orchestrating outright take-downs through online attacks are big motivations for those seeking notoriety or simply a big score. But it’s not always from the crook or spy half a globe away. Insider threats, malicious or not, have made traditional concepts of the perimeter almost useless. Here at DevCentral, our community is ready to help you through many of your most challenging application delivery endeavors this year. Like the rooster, we aim to be open and honest about how to accomplish a task with BIG-IP...including when it cannot do something. In recent weeks we’ve posted mitigations for Mirai bots, the recent PHP 0-days, along with a bunch of iControlREST solutions and an excellent article from Kevin Stewart about TLS Fingerprinting. And we look forward to answering your most perplexing BIG-IP questions. Also our very own Jason Rahm passed his Exam 201 - TMOS Administration so make sure you hit him up for some of your harder questions. The rest of the team will be looking to take the F5 Certified 201 sometime this quarter. While trends like cloud, mobility, IoT, DevOps and big data will consume your attention, securing those trends and how they map to business objectives will come to roost in 2017 and DevCentral is here to help. Let’s try to be smart, practical, open and honest about our challenges and guard against the vain, boastful and attention grabbing bad guys trying to get the best of us. The 2017 Rooster arrives January 28, 2017 and we’ll need to be prepared and stay calm when the proverbial fan starts spinning. ps Related: OK 2016, Now What? OK 2015, Now What? OK 2014, Now WhatQ/A with Rackspace Network Architect Vijay Emarose - DevCentral's Featured Member for November
Koman Vijay Emarose works as a Network Architect with the Strategic Accounts team at Rackspace. He has been a “Racker” (Rackspace Employee) for 7+ years and currently he is adapting to a networking world that is pivoting towards a world of automation. In Odaah's free time, he likes to identify DevCentral site bugs, incessantly torment Chase Abbott to fix them – particularly the badges and he is DevCentral’s Featured Member for November! Vijay's other hobbies include traveling and has been to more than eleven countries and looking to increase that number in the future. Personal finance blogs and binge watching documentaries are his guilty pleasures. DevCentral got an opportunity to talk with Vijay about his work, life and blog. DevCentral: You’ve been an active contributor to the DevCentral community and wondered what keeps you involved? Vijay Emarose: I have been a passive DevCentral user for quite a while and relied heavily on DevCentral to improve my iRule skills. The continued support for DevCentral community among F5 employees and other BIG-IP administrators provided me with the motivation to start sharing the knowledge that I have gained over the years. Answering questions raised by other members helps me to reinforce my knowledge and opens me up to alternate solutions that I had not considered. Rest assured, I will strive to keep the momentum going. DC: Tell us a little about the areas of BIG-IP expertise you have. VE: I started working on F5 during the transition period from 9.x to 10.x code version in 2010. BIG-IP LTM & GTM are my strong points. I have some experience with AFM, APM and ASM but not as much as I would like. Working with clients of various sizes from small scale to large enterprises at Rackspace, exposed me to a wide variety of F5 platforms from the 1600s to the VIPRION. I am sporadically active in the LinkedIn Community for F5 Certified Professionals. I had taken the beta versions of the F5 Certification exams and I am currently an F5 Certified Technology Specialist in LTM & GTM. I am eagerly looking forward to the upcoming F5 402 Exam. I have been fortunate enough to work with the F5 Certification Team (Ken Salchow, Heidi Schreifels, et al) in the Item Development Workshop (IDW) for F5’s 201 TMOS Administration Certification Exam and it was an eye-opener to understand the amount of thought and effort that goes into creating a certification exam. The 2016 F5 Agility in Chicago was my very first F5 Agility conference and I enjoyed meeting with and learning from Jason Rahm, Chase Abbott and other DevCentral members. I look forward to participating in future F5 Agility Conferences. DC: You are a Network Architect with Rackspace, the largest managed cloud provider. Where does BIG-IP fit in the services you offer or within your own infrastructure? VE: Rackspace is a leader in the Gartner Magic Quadrant for Cloud Enabled Managed Hosting and participates in the F5 UNITY Managed Service Provider Partner Program at the Global Gold Level. Various F5 platforms from the 1600s to the VIPRIONS are offered to customers requiring a dedicated ADC depending on their requirements. LTM & GTM are widely supported. In the past, I have been a member of the RackConnect Product team within Rackspace. “RackConnect” is a product that allows automated hybrid connections between a customer’s dedicated environment and Rackspace’s public cloud. F5 platforms were utilized as the gateway devices in this product. There is a DevCentral article on RackConnect by Lori MacVittie. I would like to take this opportunity to thank the F5 employees who support Rackspace that I have had the pleasure of working with - Richard Tocci, Scott Huddy and Kurt Lanthier. They have been of massive help to me whenever I required clarification or assistance with F5. DC: Your blog, Network-Maven.com, documents your experiences in the field of Network Engineering, Application Delivery, Security and Cloud Computing. What are some of the highlights that the community might find interesting? VE: This is a recent blog that I started to share my knowledge and experience working in the Networking field. Application Delivery Controllers are a niche area within Networking and I was fortunate enough to learn from some of the best at Rackspace. My idea is to share some of my experiences that could potentially help someone new to the field. Working with thousands of customer environments running different code versions on various F5 platforms has provided me with a rich variety of experience that could be of help to fellow F5 aficionados who are executing an F5 maintenance or implementing a new feature/function in their F5 environments. DC: Describe one of your biggest challenges and how DevCentral helped in that situation. VE: DevCentral has been a great resource for me on multiple occasions and it is tough to pinpoint a single challenge. I rely on it to learn from other’s experiences and to develop my iRule and iControl REST skills. I have benefited from the iRule: 20 Lines or Less series and I am an avid follower of the articles published by community members. For someone starting new with F5, I would certainly recommend following the articles and catching up on the iRules: 20 Lines or less series. DC: Lastly, if you weren’t working in IT – what would be your dream job? VE: I haven’t figured it out yet. Tech, finance & travel interest me. May be some combination of these interests would be the answer. DC: Thanks Vijay and congratulations! You can find Vijay on LinkedIn, check out his DevCentral contributions and follow @Rackspace. Related: Q/A with Yann Desmarest - DevCentral's Featured Member for July Q/A with SpringCM's Joel Newton - DevCentral's Featured Member for August Q/A with Secure-24's Josh Becigneul - DevCentral's Featured Member for September Q/A with ExITeam’s Security Engineer Stanislas Piron - DevCentral's Featured Member for October750th Blog Spectacular - Lessons of the LightBoard
I recently built out a LightBoard Studio for my home office so I can start contributing to the awesome LightBoard Lessons on DevCentral. These are short, informative videos explaining various technologies and often, how to implement on a BIG-IP system. Instead of writing on a whiteboard and looking over your shoulder into the camera as you explain something, Lightboards allow you to draw on and look through the crystal clear glass (into the camera) while discussing technical concepts. A transparent whiteboard. The LEDs that surround the glass accompanied with neon markers make the images pop. It’s pretty darn cool. So the story goes, a college professor was looking for a better way to deliver lessons to his students both on campus and online without a chalkboard. He called it the Learning Glass and now there are Lightboards all over the world, especially in universities. Incidentally, there is cool video of Picasso painting on glass from 1949. He had the right idea. You may have read or watched Jason & John’s Lightboard Lessons: Behind the Scenes and I wanted to report on my own experiences. First, I followed Jason’s bill of materials (except the camera) and it provides most everything you need to get started. I initially thought about a 3’ x 5’ pane of glass due to my smaller venue but couldn’t find an appropriate frame for that size. Well, to be clear, there may have been one but it was way outside my budget. I looked at various saw horses, ladder frames and other apparatus thinking I could ‘make’ something that could properly hold the glass in place. No dice. So I decided to go a little larger with the 4’ x 6’ size since there is a frame specifically built for this purpose. Rahm is correct about ordering the frame first since you’ll need to carefully measure the mounting holes so the glass can be drilled perfectly. It also takes a few weeks to order and have the glass delivered - at least in my area. This was fine since it allowed me to set up the other equipment like the lights, back drop and camera location. In addition, make sure you have the delivery folks help you place it on the frame…depending on the size, this is not a pick up and install yourself deal. The glass is large, heavy and certainly needs a few people to carry and properly align with the holes. Once the glass is installed (and cleaned) you can wrap the LEDs around the edge. There are a couple ways to go with this step. You could use large binder clips to hold the lights at the edge or, like Jason, I got 3/8” shower u-channels to go around the glass and hold the lights in place. Instead of silicon to hold the u-channel, I used clamp clips to hold the outer metal. This allows me to easily change and adjust the LEDs if needed. The Expo Neon markers do make a greasy mess and I’ve got the same Sprayway glass cleaner. I also got one of those magic erasers to help clean and old hotel room keys work well on dried ink. It’s not that difficult to have a clean slate but any smudges will certainly appear if it’s not sparkle-city. This week I’ll be moving around the lights and doing some test shots for audio and visual screen tests and look forward to publishing my first LightBoard Lesson very soon. Shooting for next week if all tests go well. I’m excited. It’s always been a dream of mine to have a home studio. Some guys want a man-cave, some want a game room, others a high end home theatre or a rack of computer equipment. Me? A studio. And for my 750th DevCentral article I wanted to say: Thanks Gang!! psRSA Security Octagon: What's the Best Way to Secure Applications?
We're doing something a little different this year at #RSA with a Security Octagon. Everyone loves a good debate and in the security community discussions pop up constantly around a myriad of topics at any given point - with individuals or groups in the community taking opposing sides in these quarrels. While we’re not looking for a knock-down drag out geek fight, we are looking for a spirited debate in hopes of engaging with security pros to lend their support and opinions to the topic. In the first debate we focus on the topic of application security. Is application security just secure coding or is it more than that? Preston Hogue from F5 and Jeremiah Grossman from WhiteHat Security are our first participants to discuss 'What's the Best Way to Secure Applications?' How can you play along? Visit https://f5.com/securityoctagon to cast your vote and comment on the discussion. 1. Make sure to use the appropriate #hashtag: a. #TeamGrossman b. #TeamHogue 2. Can’t pick a camp to support, promote the program overall: a. #SecOctagon If you're at RSA, visit F5 booth 1515 and say 'Aloha' to DevCentral folks John Wagnon and Jason Rahm and ask how you can Integrate WhiteHat Scans With BIG-IP ASM. And a very special thanks to Jeremiah for participating this year. Always appreciate his security expertise. Enjoy the show! ps Connect with Peter: Connect with F5:The New, Old Kid in Town
For nearly 12 years at F5, I've had only two job titles - Security Systems Architect from 2004-06 and Technical Marketing Manager since 2006. Whenever anyone asks what I do at F5, I typically answer, 'Writer, speaker and video producer,' in that order. Above all, I focused on covering emerging trends within our industry and evangelizing the various solutions - including F5's - to solve some of these challenges. I am now embarking on my third adventure at F5 - joining the F5 DevCentral team as a Sr. Solution Developer - concentrating my writing, speaking and videos on our amazing community. DevCentral’s mission is to deliver technical thought leadership to the community through connecting, preparing, and empowering professionals engaged with F5 technologies and I'll be helping develop, test and share technical solutions to some of today's technology challenges. In many ways, my job really doesn't change all that much, except for digging a little deeper into technical solutions and engaging deeper within our community. Now, I'll be the first to admit that my technical chops have slightly eroded since my SSA days installing FirePass (now our BIG-IP APM) and TrafficShield (BIG-IP ASM) but I'm looking forward to returning to my technical roots exploring and explaining how some of this stuff works in the real world. I'll still write lighter stories about IoT, mobile, cloud and the usual (or unusual) things that interest me along with contributing to DevCentral's already awesome LightBoard Lessons video series and reporting from industry events. If you remember the 'In 5 Minutes' video series, I'm also toying with the idea of resuming that - in LightBoard - so if you got any early requests, let me know. I published my first blog post ever on DevCentral in 2007 and with over 1000 entries later, including close to 400 videos, I feel like I'm coming home. ps Technorati Tags: f5,devcentral,big-ip,silva Connect with Peter: Connect with F5:
Name Based Virtual Hosting irule efficiency
Hey guys, we are currently going the route of name based virutual hosting with all of applications. After finding a terrific doc https://devcentral.f5.com/articles/name-based-virtual-hosting-with-ltm that pretty much explains what we need I have a few concerns on the best way to scale it. Here are my concerns: if have say we have 100 sites, I am guessing that the irule will not scale that well when HTTP_REQUEST { switch [HTTP::host] { iz.hotkittehs.com { pool hotkittehs } www.bukkitsgalor.org { pool bukkitsgalor } icanhaz.devcentral.f5.com { pool icanhaz } default { reject } } } } or will it ? is there another way to make it more scalable efficient? prehaps breaking it out into a couple of separate switch statement while maintaining the same piece of code..thoughts ? Thanks
