Lightboard Lessons: DNS Scalability & Security

Posted in security, f5, big-ip, silva, video, dnssec, lightboard, devcentral, dns by psilva on September 21st, 2016

The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup, loading complex sites necessitates hundreds of DNS queries.

DNS lookups has exploded in recent years with mobile, IoT and the applications to support the growth. It is also a vulnerable target. In my first Lightboard Lesson, I show you how to scale, secure and consolidate your DNS infrastructure.

ps

Related:

Watch Now:



Don’t Take the Impostor’s Bait

Posted in Uncategorized, security, f5, big-ip, cybercrime, devcentral, phishing by psilva on September 20th, 2016

detect_phishing_intro.jpg

Phishing has been around since the dawn of the internet. The term was first used in an AOL Usenet group back in 1996 but it wasn’t until 2003 when many baited hooks and lures started dropping. Popular transaction destinations like PayPal and eBay were some of the early victims of these spoofed sites asking customers to update their personal and credit card information. By 2004,it was a full-fledged ‘get rich quick scheme’ with many financial institutions– and their customers – as targets.

Oxford Dictionary defines Phishing as, ‘The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.’

You’ve seen it, the almost perfect looking email with actual logos, images and links to a reputable company only to have it go to a slick looking replica complete with a login form. If you aren’t paying attention and do enter your credentials,you’ve just given a crook access to your money.

The Anti-PhishingWorking Group (APWG) reports a 250 percent jump in the number of detected phishing websites between October 2015 and March 2016. More than in any other three-month span since it begantracking back in 2004. That’s around 230,000 unique phishing campaigns a month.And as recent as last week, AmericanExpress users were hit with a phishing email offering anti-phishing protection. Go figure. If you clicked the link, you were taken to a bogus Amex login page which asks for all the important stuff: SSN, DoB, mother’s maiden, AMEX number plus security code and a few other vitals.

When complete, you’ll be redirected to the authentic site so you think you’ve been there all along. That’s how they work their magic. A very similar domain URL and all the bells of the original, including the real customer service 800 number.

You can combat it however.

F5’s WebSafe Web Fraud Protection can secure your organization (and your customers) against the evolving online fraud and you do not need any special client to detect it. WebSafe inserts an obfuscated JavaScript code which can detect malware like bait, mandatory words or if the fake was loaded from a different domain. It can validate source integrity like comparing fields for multiple users and detect threats like automatic transactions. Alerts are sent to an on premise dashboard and can also be forwarded to F5’sSecurity Operations Center (SOC).

If you are configuring malware protection for the login and transaction pages for a financial application, it’s as simple as adding an Anti-Fraud profile to yourVIP.

First, you create an anti-fraud profile:

anti_fraud.jpg

Then indicate which URL should be watched and the action:

anti_fraud_url.jpg

Then enable Phishing detection:

anti_fraud_pshishing.jpg

And when a phishing attach occurs, both the domain and the username of the victim get reported to the dashboard:

anti_fraud_pshishing.jpg

The code that’s inserted is a little piece of JavaScript added to your website to detect the malicious activity. No action is needed on the part of the user since everything is handled within BIG-IP.

anti_fraud_code_added.jpg

This tiny piece of code will dramatically reduce fraud loss and retain the most important asset in business—customer confidence.

Don't get fooled by a faker.

ps

Related:




750th Blog Spectacular - Lessons of the LightBoard

Posted in f5, big-ip, silva, application delivery, lightboard, devcentral by psilva on September 13th, 2016

IMG_3526.jpg

I recently built out a LightBoard Studio for my home office so I can start contributing to the awesome LightBoard Lessons on DevCentral. These are short, informative videos explaining various technologies and often, how to implement on a BIG-IP system. Instead of writing on a whiteboard and looking over your shoulder into the camera as you explain something, Lightboards allow you to draw on and look through the crystal clear glass (into the camera) while discussing technical concepts. A transparent whiteboard. The LEDs that surround the glass accompanied with neon markers make the images pop. It’s pretty darn cool.

So the story goes, a college professor was looking for a better way to deliver lessons to his students both on campus and online without a chalkboard. He called it the Learning Glass and now there are Lightboards all over the world, especially in universities. Incidentally, there is cool video of Picasso painting on glass from 1949.

He had the right idea.

IMG_3525.jpg

You may have read or watched Jason & John’s Lightboard Lessons: Behind the Scenes and I wanted to report on my own experiences. First, I followed Jason’s bill of materials (except the camera) and it provides most everything you need to get started. I initially thought about a 3’ x 5’ pane of glass due to my smaller venue but couldn’t find an appropriate frame for that size. Well, to be clear, there may have been one but it was way outside my budget. I looked at various saw horses, ladder frames and other apparatus thinking I could ‘make’ something that could properly hold the glass in place. No dice.

So I decided to go a little larger with the 4’ x 6’ size since there is a frame specifically built for this purpose. Rahm is correct about ordering the frame first since you’ll need to carefully measure the mounting holes so the glass can be drilled perfectly. It also takes a few weeks to order and have the glass delivered - at least in my area. This was fine since it allowed me to set up the other equipment like the lights, back drop and camera location. In addition, make sure you have the delivery folks help you place it on the frame…depending on the size, this is not a pick up and install yourself deal. The glass is large, heavy and certainly needs a few people to carry and properly align with the holes.

IMG_3524.jpg

Once the glass is installed (and cleaned) you can wrap the LEDs around the edge. There are a couple ways to go with this step. You could use large binder clips to hold the lights at the edge or, like Jason, I got 3/8” shower u-channels to go around the glass and hold the lights in place. Instead of silicon to hold the u-channel, I used clamp clips to hold the outer metal. This allows me to easily change and adjust the LEDs if needed.

The Expo Neon markers do make a greasy mess and I’ve got the same Sprayway glass cleaner. I also got one of those magic erasers to help clean and old hotel room keys work well on dried ink. It’s not that difficult to have a clean slate but any smudges will certainly appear if it’s not sparkle-city.e binder clips to hold the lights at the edge or, like Jason, I got 3/8” shower u-channels to go around the glass and hold the lights in place. Instead of silicon to hold the u-channel, I used clamp clips to hold the outer metal. This allows me to easily change and adjust the LEDs if needed.

This week I’ll be moving around the lights and doing some test shots for audio and visual screen tests and look forward to publishing my first LightBoard Lesson very soon. Shooting for next week if all tests go well. I’m excited.

It’s always been a dream of mine to have a home studio. Some guys want a man-cave, some want a game room, others a high end home theatre or a rack of computer equipment. Me? A studio.

And for my 750th DevCentral article I wanted to say: Thanks Gang!!

ps




Q/A with Secure-24’s Josh Becigneul - DevCentral’s Featured Member for September

Posted in f5, big-ip, adc, interview, silva, application delivery, devcentral by psilva on September 6th, 2016

Josh.jpg

Josh Becigneul is the ADC Engineer for Secure-24 and DevCentral’s Featured Member for September!

Josh has been working in the IT industry in various positions for a little over 10 years. He’s moved through various disciplines including MS server administration, Linux, Networking, and now has been working primarily with F5 BIG-IPs. For the past 3 years he has focused on F5’s products and growing a team of engineers to manage them. Secure-24 delivers managed IT operations, application hosting and managed cloud services to enterprises worldwide.

DevCentral got an opportunity to talk with Josh about his work, life and the importance of being F5 Certified.

DevCentral: You’ve been an active contributor to the DevCentral community and wondered what keeps you involved?

Josh Becigneul: DevCentral has helped me greatly over the years as I’ve worked with F5 products, so I feel like it’s worth some of my time to spend both reading posts and helping others in the community. When I started off it helped to be able to explain a need and have someone create a basic iRule, or point me towards documentation explaining something. Now that my skills have grown, I want to pay it forward.

DC: Tell us a little about the areas of BIG-IP expertise you have.

JB: I started off on just BIG-IP LTM but over the years have grown into managing APM, GTM, ASM, and sometimes a mix of each. I’ve worked with 1500’s, 1600s, 3600’s, 3900’s and VIPRION. As well as Enterprise Manager and now BIG-IQ too.

DC: You are an ADC Engineer with Secure-24, an application hosting and cloud services organization. Can you explain how DevCentral helps with your daily challenges? Where does BIG-IP fit in the services you offer or within your own infrastructure?

secure24.jpg

JB: At Secure-24, BIG-IP has grown into an essential product for many portions of our organization, along with many of our customers utilizing its services to deliver their applications. We’ve got a large number of LTM customers, APM customers and we’ve been growing into ASM. GTM provides advanced DNS services for many of our customers around the globe. Most deployments using BIG-IP are custom tailored to suit the needs of the particular customer. These can vary from basic load balancing to advanced content steering, or small deployments of a few virtual services to large ones comprised of hundreds.

With the variety of F5 products in use, having a resource like DevCentral is invaluable to our team. From being able to ask my peers questions about things, or utilizing the codeshare and wiki to learn more about iRules and iControl, I couldn’t imagine it not being available.

DC: Describe one of your biggest BIG-IP challenges and how DevCentral helped in that situation.

JB: One of the most useful things iRules allow us to do is virtual hosting; running many services behind a virtual service. Coupling this with APM allowed us to greatly simplify remote access for us and our customers. For several customers, we used APM to migrate them away from MS Forefront.

DC: I understand you are an F5 Certified Professional. Can you tell us about that and why you feel it is beneficial?

JB: Yes, I first became F5 Certified in 2015 with my 201 Certified BIG-IP Administrator, and followed that up at 2016’s F5 Agility conference by obtaining my 304 APM Specialist. I feel it is beneficial because it helps to reinforce what I’ve learned over the years, and (hopefully) lets my customers feel like they are in good hands. (DC: Josh also recently passed the 302 GTM Exam!)

DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?

JB: I’d probably be a roadie, and tour the world doing lights and sound for a huge band!

DC: Thanks Josh and get us backstage passes! Check out all of Josh’s DevCentral contributions, connect on LinkedIn and follow both Josh @vsnine and @secure_24.

And if you'd like to nominate someone to be the DevCentral Featured Member, please send your suggestions to the DevCentral Team!




Time to Get Prepping for the F5 Certification 201 Exam

Posted in f5, big-ip, application delivery, devcentral, certification by psilva on August 30th, 2016

cert_hat.jpg

Less than a month after gaining some cred (and relief) from passing the F5 Certification 101 exam, the DevCentral team is now embarking on our 201-TMOS Administration journey. The 201-TMOS Administration exam is the second exam required to achieve F5 Certified BIG-IP Administrator status. You see, the 101 is simply a gauge - a benchmark – to determine if you qualify to take the next exam to officially become F5 Certified. The 201 exam focuses on the TMOS operating system, the day-to-day operation and basic troubleshooting of BIG-IP devices. 

You won’t need to install the software but you do need to understand how to administer and troubleshoot it once it is running. You'll also need to understand how (and what) to provide accurate and appropriate information for senior engineers and/or F5 support. This exam is not so much 'what do you know' but more about 'how do you do it.' Theory plus experience.

The DevCentral team is taking the same preparation approach as we did for the 101. We’re doing weekly team study sessions with each person taking a section and presenting to the team. This allows us to share knowledge, experience and discuss the potential questions around a certain topic. We found this very successful while prepping for the 101. Plus it was a good excuse to get together to talk shop. In addition, we'll need to spend some hands-on time (at least I do) doing real GUI-click stuff.

The good news is there seems to be a lot of 201 resources available. Of course there is F5’s own Eric Mitchell’s comprehensive 201 Certification Study Guide along with the TMOS Administration Exam Blueprint.

Outside of F5, Rich Hill put together a great click-read-learn journey with the various exam sections and the corresponding links to F5 support, DevCentral and other resources. Funzune has a fantastic F5 BIG IP – 201 exam – TMOS administration (Tips and tricks) along with a how to set up F5 BIG-IP lab at home. This is critical since (as mentioned earlier) the 201 exam does require BIG-IP hands on participation.

You can pass the 101 by studying the material but you need actual experience to ace the 201.

f5_admin_cert.jpg

TomsITPro has a good overview and career path article for F5 Certifications and there’s a nifty flash-card based 201 Study Guide on Cram.com which delivers 80 potential questions along with the answers. Like the 101, candidates need to answer 80 questions in 90 minutes so nail the ones you know and come back for the more difficult questions. And don’t forget to flag those so it is easier to review with 10 minutes left. Another great resource is the F5 Certified Professionals LinkedIn group. A very active group that always has good tips as members work their way through the process.

Lastly, I would be remiss if I didn’t mention TheF5Guy’s 5 reasons to become F5 Certified. As Nathan Abbott puts it, ‘Reason #1 – I’m “The F5 Guy”, I have to do my best to live up to my name!  Hehehe…

The one theme that runs through many of the 201 certification prep articles is that this exam is not something to take lightly. It is much more challenging than the 101. While the 101 has a 70% pass rate, the 201 hovers around 67%. 69% correct is a pass. And if you do pass you will be awarded the credential of F5 Certified BIG-IP Administrator.

That’s what we’re aiming for.

ps




The Intruders of Things

Posted in f5, big-ip, cloud computing, silva, application delivery, privacy, devcentral, iot by psilva on August 23rd, 2016

Gartner predicts that by 2020, IoT security will make up 20 percent of annual securitybudgets.

New-Year-2020-Calender-by-Danilo-Rizzuti

2020seems to be an important milestone for the Internet of Things. That’s the yearthat Ciscosays there will be 50 billion connected devices and also the year Gartner notes that over 50%of major new business processes and systems will incorporate some elementof the Internet of Things.

That’s the good news.

A recent SymantecInternet Security Threat Report says there are 25 connected devices per 100inhabitants in the US. Minimum 25 entry points to your personal information,not counting your front door, personal computers, compromised ATMs and otherdata sources. As your connected devices grow, so will your exposure. And with noclear methods of identifying and authenticating connected devices,enterprises will have a challenging time getting a handle on how many employeeshirts, shoes, fitness trackers, and smartwatches are connected to thecorporate network. And more importantly, what do they have access to?

The sneaky spreadsheet macro malware will soon be a spoofed critical alertrequiring instant attention.

Healthcare is a prime target for IoT attacks and researchers have alreadycompromised several devices revealing personal info and worse, causing thedevices to malfunction. ‘Hey, why isn’t my heart beating any……

The chaos on the feature first consumer side can be frustrating but nothingcompared to industrial and manufacturing.

The Industrial Internet of Things (IIoT) focuses on industrial controlsystems, device to network access and all the other connective sensorcapabilities. These attacks are less frequent, at least today, butthe consequences can be huge – taking out industrial plants, buildings,tractors, and even entire cities.

List-of-640-IoT-projects-min.png

If you think data protection and privacy are hot now, just wait until 2020.Like BYOD, security pros need to be ready for the inevitable not just thepotential of a breach. While the gadgets get all the interest, it’ll be theback end data center infrastructure that will take the brunt of the traffic –good and bad.

Organizations need an infrastructure that can both withstand the trafficgrowth and defend against attacks. Over on F5’s Newsroom, Lori MacVittie talks about the 3Things the Network Must Provide for IoT – delivery, security andvisibility. Things that can communicate securely with back-end apps, ADC’s thatcan understand the languages of things (like MQTT) and the ability to see whatis going on with the things.

Accordingto TechTarget, ensuring high availability of the IoT services will rely onboosting traffic management and monitoring. This will both mitigate businesscontinuity risks, and prevent potential losses. From a project planningstandpoint, organizations need to do capacity planning and watch the growthrate of the network so that the increased demand for the required bandwidth canbe met.

iot_keys.jpg

If you already have BIG-IP inyour back yard, you’re well on your way to being IoTready. You got the networksecurity to protect against inbound attacks; you can offload SSL to improvethe performance of the IoT application servers; you can extend your datacenters to the cloud tosupport IoT deployments; scale IoT applications beyond the data center whenrequired and both encrypt and accelerate IoT connections to the cloud.

A pair of BIG-IPs in the DMZ terminates the connection. They, in turn, intelligentlydistribute the client request to a pool (multiple) of IoT application servers,which then query the database servers for the appropriate content. Each tierhas redundant servers so in the event of a server outage, the others take theload and the system stays available.

The BIG-IP tuning may vary but it is still all about nodes, hosts, members,pools, virtual servers and the profiles and services applied. The BIG-IPplatform is application and location agnostic, meaning the type of applicationor where the application lives does not matter. As long as you tell the BIG-IPwhere to find the IoT application, the BIG-IP platform will deliver it.

ps

Related:




I’m Sorry Sir, You’re Obsolete

Is the rate of obsolescence proportionate to the rate of technologyadvances?

ihome.jpg

Afew years ago, those little iHome alarm clocksstarted to appear in hotel rooms. Cool gadgets that you could mount your mobilephone to battery charge or play the music on the device. We also had a few in ourhome. They worked perfectly for the iPhone4 since the connector was that 1 inchprotruding plug. When I got the iPhone6, those clocks instantly became useless.Obsolete. At least the phone connector part lost its value.

I’ve been thinking about this for a while.

The rate of obsolescence. The state when an object,technology, service or practice is no longer needed or wanted…even though itstill may be in good working order. E-waste is the fastestgrowing segment of the waste stream. With the technological advances, notonly are we buying the latest and greatest electronics but we’re also dumpingperfectly good, working devices at silly rates. There was even a story about a CentralPark mugger who rejected a flip phone during a heist.

Sure, the new gadget is shiny, faster, better or does stuff the other onecouldn’t. All commercial things have the typical emerging, growth, maturity anddecline model and I started wondering if the rate of obsolescence isproportionate to the rate of technology advances.

Moore’s Law and Wright’s Law are generally regarded as the bestformulas for predicting how rapidly technology will advance. They offerapproximations of the pace of technological progress. Moore’s Law (1965)describes the rate of improvement in the power of computer chips –essentially, the number of components doubles every 18 months. Generally,the principle can be applied to any technology and says that, depending on thetechnology, the rate of improvement will increase exponentially over time.

Wright’s Law (1936),says that progress increases with experience. Meaning that each percentincrease in cumulative production (in a given industry) results in a fixedpercentage improvement in production efficiency.

A simple web search of ‘rate of technological advancement’returns scores of images that show a huge ramp going up.

rate_of_advancement.jpg

But is there the same rapid decline chart for ‘out of date, lostfreshness’ technologies gone by?

Nothing with a laptop falling off a cliff but there are certainly chartsshowing the rate of e-waste.

e-waste-management-17-728.jpg

The climb is not as dramatic as technology advances (yet) but itis still growing rapidly.

So there doesn’t seem to be (or I simply can’t find it) a direct correlationor chart that incorporates both technology advances and resulting obsoleteness.There are plenty of articles that do cover thingsthat will be obsolete in the next few years (DVD players, landlines, clockradios); the jobsthat will be obsolete (travel agent, taxi driver); and the things thatbecame obsoleteover the last decade.

There is a patent, US7949581B2, which describes a method of determining an obsolescence rate of atechnology yet that looks more at the life of a technology patent and itseventual decay and depreciation rate. Less citations over the years means patentdecay. This is more about the depreciation of a specific patent rather than howsociety embraces and then ultimately tosses the technology.

The funny thing is that nowadays vintage items and antiquesseem to be hot markets. Nostalgia is a big seller. Longing for the simplertimes I guess.

And lastly, the rate of WorldIQ over time. Is there a connection with technology?

world_IQ_over_time.png

If you feel your infrastructure is becoming obsolete with all thatcloudy talk, F5 cancertainly help by providing the critical application delivery servicesconsistently across all your data centers - private clouds, publicclouds, and hybrid deployments - so you can enjoy the same availability,security and performance you've come to expect.

ps

Related:

 

E-waste image courtesy: www.slideshare.net/SuharshHarsha

World IQ image courtesy: http://uhaweb.hartford.edu/BRBAKER/




I Am an Application Delivery Fundamentalist!

Posted in f5, big-ip, silva, application delivery, devcentral, infrastructure, certification by psilva on August 9th, 2016

Fun and a little mental.

certrockstar.jpg

If you’ve been following along the DevCentral team’s journey toward F5 Certification, then you may be aware that we were in Chicago last week for F5’s Agility 2016 conference and took our 101 Application Delivery Fundamentals exam. I am happy to report that all of us, Jason, John, Chase and I, passed our exams. I gotta tell you, it’s a relief since I didn’t want to title this article, 'Two Out of Three Ain’t Bad.' Good song but wanted to avoid that.

We started this excursion back in April (me in March) with the team deciding to create a study group. Each week we’d tackle a topic with the guidance of Eric Mitchell’s excellent Study Guide. We worked through the sections and decided to test our luck with the Certification Team’s mobile testing center...with the pressure of passing during an F5 event. Imagine the slight pre-test anxiety going through our minds if we didn’t pass. ‘How long have you been at F5?’ the questions would have started. My mouth covering, embarrassing, face-palming, muffled response of, ’12 years,’ would not have been sufficient.

As Ken told us on the way into the exam room, ‘I tell people it is either pass or fail…so don’t worry about your overall score.’ But he also added specifically to me, ‘You know if you fail, I will give you grief.’ No Pressure.

Well, we were prepared and we all passed!

IMG_3439.jpg

Jason, John and I took the exam Tuesday morning. After registering and scheduling with Pearson Vue, we arrived at the mobile test center. You need to sign in and present two forms of ID, one with your picture. Even though the Certification team knew all of us, we still needed to follow the procedure, no exceptions. We liked that we had no special treatment – other than the ‘hello’ hugs – and had to process and pass fair and square.

We were seated in different areas since the exam room was fairly full when we entered. The moderator helped each of us get to the proper test associated with our registration and the timer started. For the 101, you have 90 minutes to answer 80 questions. At 23 minutes in, Jason got up and was finished. ‘Wa?!?’ as I look up seeing him walk by, ‘I’m only on question 28!’ I lamented. At least John was still there and I kept an eye on my time and question count the rest of the way. But I also told myself, ‘I’m in no hurry and if I need the full 90 minutes, I’ll take it to the last tick.’

John finished about a 40 minutes later and I was left for the last 30 to myself. With 10 minutes left, I was done but took that remaining time to review my answers. One tip: you can flag questions for review during the test or make comments for yourself as you move along. Close out the ones you know and go back for the more challenging questions. In the end I think I changed 3 answers. No idea if it swayed the results either way.

IMG_3442.jpg

When you are done, you walk back to the registration room and your preliminary results are already waiting. I felt a quiver when Heidi glanced at my results and gave that ‘I’m sorry,’ look. But that was soon turned to glee as I read, ‘you have Passed.’ We were 3 for 3. Chase took the test on Wednesday and also passed.

I feel it was a very fair test to determine one’s basic application delivery knowledge. Some networking, some security, some infrastructure. And although we did prepare, it was still a challenging test. These exams are not supposed to be cake-walks but a good way to measure your knowledge around a certain topic.

me_hats.jpg

While we passed and may be certifiable in our own right, we are not ‘officially’ F5 Certified. That comes with the 201 exam. The 201-TMOS Administration exam is the second exam required to achieve Certified F5 BIG-IP Administrator status. Candidates must have passed the 101-Application Delivery Fundamentals exam in order to be eligible for the 201 exam.

And wouldn’t you know it, we’re all now shooting for the 201. We plan on doing the team study again but we’ll also need to dig into some on box time for this one. I plan on keeping you posted for the 201 but for now, I’ll just bask in my 101 glory.

Phew!

ps

Related:




Q/A with SpringCM’s Joel Newton - DevCentral’s Featured Member for August

Posted in f5, big-ip, application delivery, devcentral by psilva on August 2nd, 2016

IMG_2995.jpg

Joel Newton is a Senior DevOps System Engineer at SpringCM, a current DevCentral MVP and DevCentral’s Featured Member for August!

SpringCM believes in leveraging technology to deliver immediate savings by automating and accelerating business processes – essentially, bringing the power of the cloud to contract and document management. SpringCM was using BIG-IP LTM to load-balance their application servers when Joel started there four years ago, and he stepped into the role of being the primary BIG-IP admin, managing the VIPs, pools, and iRules. In addition to managing the BIG-IP LTM, he’s also an architect of their continuous delivery and configuration management systems. Outside of work, he enjoys philosophy, genealogy, spending time with his family, and being a craft beer evangelist (as well as drinking craft beer).

DevCentral got a chance to talk with Joel about his work, life and how DevOps & DevCentral have more in common than just the word ‘Dev.’

DevCentral: Hi Joel, thanks for your time! You are a current DevCentral MVP and have been a tremendous contributor to our community over the years. What keeps you involved?

Joel: I think it’s that DevCentral is a very active community, with a lot of smart people trying to solve a lot of interesting problems. Just perusing the most recent questions can be a great way to learn things.

My initial interest in DevCentral was sparked by Joe Pruitt’s docs on iControl and all the PowerShell knowledge and examples he provided. After a while, I realized that having a PowerShell module to manage LTMs might be beneficial, so I developed that and shared it with the community.

DC: Tell us a little about the areas of BIG-IP expertise you have.

JN: SpringCM primarily uses the BIG-IP LTM module and iControl REST. We built and host a large, complex, public-facing web application, and as such we have hundreds of servers that require load balancing. Since we have so many servers, our goal is to do as much of the administration as possible via scripts and command line, which is where iControl REST comes in. With PowerShell and iControl REST, we’re able to configure virtual servers, pools, pool members and iRules.

DC: You are part of a DevOps team at SpringCM. Can you explain how DevCentral helps with DevOps challenges?

springcm.jpg

JN: I think DevOps is just a fancy term for the attempt to achieve better system process automation and better system visibility. Anything that allows one to programmatically change settings and retrieve information about one’s systems (such as iControl and iControl REST, and all the PowerShell /Perl /python snippets shared on DevCentral) aids people doing DevOps.

DC: Describe one of your biggest IT challenges and how DevCentral helped in that situation.

JN: SpringCM has wanted to do continuous delivery for a while. Instead of doing monolithic quarterly deployments of the entire production environment, we want to get to where we’re deploying to select servers during the day with zero downtime, as needed. A big part of this is being able to automate the management of BIG-IP pool members.

We’ve been doing zero-downtime deployments to production on a smaller scale to dozens of servers, but just recently, we accomplished our first “hot” (zero-downtime) deployment of our entire production environment (around 350 servers). This was only possible because we were able to use iControl REST and PowerShell scripts to have pool members disable themselves, wait until their connections dropped below a defined threshold, update their code, and re-enable themselves in their pool.

DC: We’re in your hometown, Chicago, this week for F5 Agility 2016. What are you looking forward to at Agility?

JN: I’ve signed up for some iRules labs, as well as one on BIG-IQ. We have some iRules that I inherited and have tweaked as needed, but I don’t feel that I’ve yet got a comprehensive picture on all that I could be using iRules for in our application. I’m looking forward to that, as well as getting a good intro to BIG-IQ.

DC: Lastly, if you weren’t an IT admin – what would be your dream job? Or better, when you were a kid – what did you want to be when you grew up?

JN: Probably a full-time craft beer evangelist.

DC: Thanks Joel! Check out all of Joel’s DevCentral contributions and follow him on GitHub or connect on LinkedIn. And follow SpringCM: @springcm




DevCentral at F5 Agility 2016

Posted in f5, big-ip, cloud computing, silva, devcentral, 2016 by psilva on July 26th, 2016

Four outta Five DevCentral members will appear in person at #F5Agility 2016.

That’s right! Jason, John, Chase and yours truly will be in Chicago next week for F5’s annual gathering of customers and partners. The DevCentral area will be in the heart of the Solution Expo and we’ll be offering some short technical presentations throughout the event. We’ll also have some t-shirts to give away along with a few other goodies.

Here is where we’ll be:

sol_expo.jpg

And here is our presentation schedule* to lock in to your mobile app.

dc_agility_sessions.jpg

If you will be at Agility 2016, please stop by to see us. 

And here are your Top 10 reasons to visit DevCentral at F5 Agility 2016:

  1. This is your F5 community
  2. Learn some new technical tips
  3. Ask your technical questions
  4. Watch a few technical presentations
  5. Our presentations are only 20 minutes
  6. Meet the team
  7. Grab a T-shirt
  8. Hang with other DC community members
  9. Relax and take a break
  10. Chase Abbott’s Session

Hope to see you there!

ps

*Subject to change 





« Older episodes ·