F5 Predicts: Education gets personal
The topic of education is taking centre stage today like never before. I think we can all agree that education has come a long way from the days where students and teachers were confined to a classroom with a chalkboard. Technology now underpins virtually every sector and education is no exception. The Internet is now the principal enabling mechanism by which students assemble, spread ideas and sow economic opportunities. Education data has become a hot topic in a quest to transform the manner in which students learn. According to Steven Ross, a professor at the Centre for Research and Reform in Education at Johns Hopkins University, the use of data to customise education for students will be the key driver for learning in the future[1].This technological revolution has resulted in a surge of online learning courses accessible to anyone with a smart device. A two-year assessment of the massive open online courses (MOOCs) created by HarvardX and MITxrevealed that there were 1.7 million course entries in the 68 MOOC [2].This translates to about 1 million unique participants, who on average engage with 1.7 courses each. This equity of education is undoubtedly providing vast opportunities for students around the globe and improving their access to education. With more than half a million apps to choose from on different platforms such as the iOS and Android, both teachers and students can obtain digital resources on any subject. As education progresses in the digital era, here are some considerations for educational institutions to consider: Scale and security The emergence of a smogasborad of MOOC providers, such as Coursera and edX, have challenged the traditional, geographical and technological boundaries of education today. Digital learning will continue to grow driving the demand for seamless and user friendly learning environments. In addition, technological advancements in education offers new opportunities for government and enterprises. It will be most effective if provided these organisations have the ability to rapidly scale and adapt to an all new digital world – having information services easily available, accessible and secured. Many educational institutions have just as many users as those in large multinational corporations and are faced with the issue of scale when delivering applications. The aim now is no longer about how to get fast connection for students, but how quickly content can be provisioned and served and how seamless the user experience can be. No longer can traditional methods provide our customers with the horizontal scaling needed. They require an intelligent and flexible framework to deploy and manage applications and resources. Hence, having an application-centric infrastructure in place to accelerate the roll-out of curriculum to its user base, is critical in addition to securing user access and traffic in the overall environment. Ensuring connectivity We live in a Gen-Y world that demands a high level of convenience and speed from practically everyone and anything. This demand for convenience has brought about reform and revolutionised the way education is delivered to students. Furthermore, the Internet of things (IoT), has introduced a whole new raft of ways in which teachers can educate their students. Whether teaching and learning is via connected devices such as a Smart Board or iPad, seamless access to data and content have never been more pertinent than now. With the increasing reliance on Internet bandwidth, textbooks are no longer the primary means of educating, given that students are becoming more web oriented. The shift helps educational institutes to better personalise the curriculum based on data garnered from students and their work. Duty of care As the cloud continues to test and transform the realms of education around the world, educational institutions are opting for a centralised services model, where they can easily select the services they want delivered to students to enhance their learning experience. Hence, educational institutions have a duty of care around the type of content accessed and how it is obtained by students. They can enforce acceptable use policies by only delivering content that is useful to the curriculum, with strong user identification and access policies in place. By securing the app, malware and viruses can be mitigated from the institute’s environment. From an outbound perspective, educators can be assured that students are only getting the content they are meant to get access to. F5 has the answer BIG-IP LTM acts as the bedrock for educational organisations to provision, optimise and deliver its services. It provides the ability to publish applications out to the Internet in a quickly and timely manner within a controlled and secured environment. F5 crucially provides both the performance and the horizontal scaling required to meet the highest levels of throughput. At the same time, BIG-IP APM provides schools with the ability to leverage virtual desktop infrastructure (VDI) applications downstream, scale up and down and not have to install costly VDI gateways on site, whilst centralising the security decisions that come with it. As part of this, custom iApps can be developed to rapidly and consistently deliver, as well as reconfigure the applications that are published out to the Internet in a secure, seamless and manageable way. BIG-IP Application Security Manager (ASM) provides an application layer security to protect vital educational assets, as well as the applications and content being continuously published. ASM allows educational institutes to tailor security profiles that fit like a glove to wrap seamlessly around every application. It also gives a level of assurance that all applications are delivered in a secure manner. Education tomorrow It is hard not to feel the profound impact that technology has on education. Technology in the digital era has created a new level of personalised learning. The time is ripe for the digitisation of education, but the integrity of the process demands the presence of technology being at the forefront, so as to ensure the security, scalability and delivery of content and data. The equity of education that technology offers, helps with addressing factors such as access to education, language, affordability, distance, and equality. Furthermore, it eliminates geographical boundaries by enabling the mass delivery of quality education with the right policies in place. [1] http://www.wsj.com/articles/SB10001424052702304756104579451241225610478 [2] http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2586847BIGI LTM VE qcow2 image - Shared directory too small for upgrade
We are in the process of migrating our servers from BIGIP 11.3 to 11.6. I am trying a test upgrade with the BIGIP-11.3.0.39.0.qcow2 image. However, the /shared directory is too small to hold the 11.6 image (over 1GB) for the upgrade procedure. [root@localhost:Active:Standalone] config df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg--db--hda-set.1.root 380M 187M 174M 52% / /dev/mapper/vg--db--hda-set.1._config 477M 15M 438M 4% /config /dev/mapper/vg--db--hda-set.1._usr 2.2G 1.4G 746M 65% /usr /dev/mapper/vg--db--hda-set.1._var 477M 160M 293M 36% /var /dev/mapper/vg--db--hda-dat.share.1 485M 37M 423M 9% /shared /dev/mapper/vg--db--hda-dat.log.1 485M 28M 432M 6% /var/log none 502M 708K 501M 1% /dev/shm none 502M 4.9M 497M 1% /var/tmstat none 502M 1.3M 501M 1% /var/run prompt 4.0M 28K 4.0M 1% /var/prompt Can anyone tell me how to increase the /shared directory? From 11.5 the tmsh modify sys disk directory command is available, but I haven't found anything for 11.3. Thanks for any help you can offer. Steve
Syslog v11 modification
Hi - I want to only send syslog levels, notice through emergency, but just want notice messages that match "monitor status". Like the messages below here: Feb 12 00:00:13 myf5.com cleansed mcpd[1925]: 01070727:5: Pool member pool_member_ip:801 monitor status up. Feb 12 00:01:33 myf5.com cleansed mcpd[1925]: 01070638:5: Pool member pool_member_ip:801 monitor status down. The syntax below is not getting it done. Am I close? sys syslog { auth-priv-from warning auth-priv-to emerg console-log enabled cron-from warning cron-to emerg daemon-from notice daemon-to emerg description none include " filter f_notice { match "(.*monitor status.*)"; }; filter f_remote_loghost { level(notice..emerg); }; destination d_remote_loghost { udp(\"172.17.2.49\" port(514)); udp(\"172.25.6.10\" port(514)); }; log { source(s_syslog_pipe); filter(f_remote_loghost); destination(d_remote_loghost); }; " iso-date disabled kern-from notice kern-to emerg local6-from notice local6-to emerg mail-from notice mail-to emerg messages-from notice messages-to warning remote-servers none user-log-from notice user-log-to emerg }
XenApp 6.5 with Kerberos Auth and CIFS-Windows Shares
I have been having difficulties with this issue for some time and I am hoping that someone can shed some light on it. All information in this post will be from my test bed environment, however the same issue is occurring in our live development environment. We are running 11.5.1 HF5 and so far I have been able to get Kerberos authentication working in order to access my published Citrix Applications with APM proxying all ICA traffic and replacing the Citrix Web Interface. The issue comes in when once a published app is launch, for example Notepad, I am then unable to access any mapped drives or other CIFS-Windows shares using Kerberos and instead I am asked for my Username and Password. I have been mostly following this thread to get to where I currently am as I have a similar scenario: F5 BigIP LTM 6900 In my testbed I have one Domain Controller, one server called XML1 which is my XenApp server and one server called WB1 which is where I had the Citrix Web Interface when I was trying pass-through authentication along with where I created the shared folder I am trying access through my Citrix apps. All servers are Windows 2008 R2, domain level is set to 2003. Our clients are not joined to the domain but I have a valid method of locating the right user using a APM AD query. In my testbed I have one Domain Controller, one server called XML1 which is my XenApp server and one server called WB1 which is where I had the Citrix Web Interface when I was trying pass-through authentication along with where I created the shared folder I am trying access through my Citrix apps. All servers are Windows 2008 R2, domain level is set to 2003. Our clients are not joined to the domain but I have a valid method of locating the right user using a APM AD query. My mapped drives are in both \\servername\share and \\fqdn\share forms. Would appreciate any help I can get, Sheigh
11.4.0 unable to import 3M-record external data-file
f5 BIG-IP LTM VE v11.4.0 ESXi VM allocated with 200 gb hdd , 16 gb ram System > File Management > Data Group File List > Import > point to 3M-record data-file on disk ( 216 MB ) receive error : " File upload failed, please check log file for details " I review all logs but don't see any entries related to data-file load. System > File Management > iFile List > Import > point to the same 3M-record file I receive the same error. Examining /var/log/ltm I see : err diskmonitor: 011d0004: Disk partition _root_ has only 0% free but the timestamp of this error does not coincide with my attempted file uploads. I assume _root_ refers to the Linux disk partition -- why would I receive an error showing 0% free ? In /var/log i see tmm , tmm1 , tmm2 , tmm3
Need to apply iRule for a VIP whose type is "Performance Layer 4" profile
Hi I am a newbie to F5 and iRule. One of our requirement is the url re-direction as below www.ramkar.com/startup ==> www.ramkar.com/login I did researched this forum and framed the following 2 iRules: iRule-1 when HTTP_REQUEST { if { [string tolower [HTTP::path]] equals "/login" || [string tolower [HTTP::path]] equals "/startup" } { HTTP::uri "/login" } } iRule-2 when HTTP_REQUEST { if { ([HTTP::host] equals "www.ramkar.com") and ([HTTP::uri] ends_with "/startup") } { HTTP::redirect https://www.ramkar.com/login } } The type of our VIP( was "Performance Layer 4". When checked with our IT and Network Team, they suggested to change the type to "Performance HTTP" as iRules will not work with "Performance Layer 4" type. We did this change in F5 for the VIP: www.ramkar.com. But when we tried to apply the irule-1, we are getting the error: "01070394:3:HTTP_REQUEST event in rule (ramkar) requires an associated HTTP or ICAP profile on the virtual server (/blah/blah/" Can any one please help me apply any one of these iRules in F5. Please note that our Network Team advised that we should not apply Standard or HTTP profile to this F5 as it will slowdown the PROD environment. Any help is greatly appreciated -- K.Ramesh Karthik.
Disk space allocation
Disk space allocation varies from release to release. For example, on my v10.2.4 box, I have: Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg--db--sda-set.2.root 248M 130M 106M 56% / /dev/mapper/vg--db--sda-set.2._usr 1.4G 1.1G 244M 82% /usr On a v11.2/3 box, I have: Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg--db--sda-set.3.root 287M 191M 82M 70% / /dev/mapper/vg--db--sda-set.3._usr 2.0G 1.6G 380M 81% /usr I wonder if sizes have changed/increased in v11.4 and v11.5?
What is hotfix and error while installing a hotfix via ICONTROL?
Hotfix is lik a patch to an OS. But if i intall a hotfix it must apply on an already present boot location but it creates a new loacation and boots from there.Now i need to know .Can i delete a primary boot location after installing a hotfix or i need to keep all partition??? and also while i try to install a hotfix on box using i control it gives an exception. "Exception in thread "main" AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server faultSubcode: faultString: Exception caught in System::urn:iControl:System/SoftwareManagement::install_hotfix() Exception: Common::OperationFailed primary_error_code : 16908289 (0x01020001) secondary_error_code : 0 error_string : Error installing hotfix "Hotfix-BIGIP-11.4.0-2419.0-HF3.iso" faultActor: faultNode: faultDetail: {http://xml.apache.org/axis/}stackTrace:Exception caught in System::urn:iControl:System/SoftwareManagement::install_hotfix() Exception: Common::OperationFailed primary_error_code : 16908289 (0x01020001) secondary_error_code : 0 error_string : Error installing hotfix "Hotfix-BIGIP-11.4.0-2419.0-HF3.iso" at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222) at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129) at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(Unknown Source) at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227) at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696) at org.apache.axis.Message.getSOAPEnvelope(Message.java:435) at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:62) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at iControl.SystemSoftwareManagementBindingStub.install_hotfix(SystemSoftwareManagementBindingStub.java:1158) at com.payoda.iControl.upgrade.VersionManagement.installHotFix(VersionManagement.java:247) at com.payoda.iControl.upgrade.VersionManagement.main(VersionManagement.java:100) {http://xml.apache.org/axis/}hostname:PTPLD105 Exception caught in System::urn:iControl:System/SoftwareManagement::install_hotfix() Exception: Common::OperationFailed primary_error_code : 16908289 (0x01020001) secondary_error_code : 0 error_string : Error installing hotfix "Hotfix-BIGIP-11.4.0-2419.0-HF3.iso" at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222) at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129) at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(Unknown Source) at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227) at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696) at org.apache.axis.Message.getSOAPEnvelope(Message.java:435) at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:62) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at iControl.SystemSoftwareManagementBindingStub.install_hotfix(SystemSoftwareManagementBindingStub.java:1158) at com.payoda.iControl.upgrade.VersionManagement.installHotFix(VersionManagement.java:247) at com.payoda.iControl.upgrade.VersionManagement.main(VersionManagement.java:100)"