Posts

Posted on

A10 Thunder VIP – well…

VIP Configuration Guide

Introduction

If you are setting up a test environment for an application, it is important to consider the “User Acceptance to Production” dilemma. This guide provides some basic tips on how to set up a VIP (Virtual IP) to ensure smooth deployment to production.

Test Environment

When setting up a test environment, always use port 443 (HTTPS) and never concede to having port 80 (HTTP) open. Although HTTPS can be a pain, it is essential to avoid setting up an HTTP path to the same resources on the test environment. This can create a dependency on HTTP that can cause problems in the future.

Redirections

If you want to provide HTTP access to the test environment, be careful when using redirections. Ensure they are “hard” redirects and you are not propagating the path and full URI. However, remember that something could go wrong even with the best intentions. Therefore, it is important to create hard errors that developers can see, which will provide the feedback necessary to prevent deployment issues.

Production Environment

When you go to production, force a port 80 HTTP redirection to the application’s home page (with NO path or query strings). This will not disrupt the application functionality, as port 80 HTTP was never available in the test environment.

VIP Configuration

To create a VIP, you must define and group servers for redundancy and scale. You can then apply a service group to a port of a VIP to get the whole picture. Here is a minimum VIP configuration:

slb server mcyork1 199.60.123.50
port 80 tcp

slb server mcyork2 199.60.123.51
port 80 tcp

slb service-group example-mcyork tcp
member mcyork1
member mcyork2

slb virtual-server example.mcyork.com 199.60.123.75
 port 80 http
  service-group example-mcyork

DNS Primer If you go to the IP 199.60.123.75, the result should be a response from either 199.60.123.50 or .51, where the website/application or API is hosted.

Conclusion

This is the most straightforward VIP configuration in any ADC/load balancer. Remember, no HTTP in pre-production – ever ( wait for the next example to see HTTPS in action). Follow these tips to ensure a smooth deployment to production.

Enjoy

Posted on

A10 Thunder basic CLI

Step 1 – We are building a configuration to load balance a web service together. Won’t that be fun!

If you are new to the A10 ADC load balancer this may be interesting to you. If you use iRules with the F5 future steps may provide perspective. Experts in this area are encouraged to correct and enhance this content by emailing me ian@mcyork.com

That’s all for day one – exhausting right! Stay safe.

Posted on

There is no phone book – Never change your email address again.

What’s a phone book?  Never mind that.

“If you don’t know I am not going to tell you” is how the Internet treats you if you need to find a friend’s email address.  When they change it and don’t email everyone they know of the change (and even when they do).  You will perhaps say Facebook, Twitter, et al will come to the rescue. This may be true in a lot of cases – but why rely on a rescue plan that’s as ephemeral as a fart?

Ephemeral you say (word of the day btw)?  I’d like to use a Yahoo example.  What if Yahoo fails (and we see it has teetered a bit).  I’d hate it to fail of course, but “what if” is how we need to approach the problem.  Say it goes poof.  You have no email now.  Um… what do you do?  Well of course you search through all your contacts and send out an email – hey I changed my email to pinkbunny42@somenewISP.com.  Please DO UNNECESSARY WORK, I need you all to update your address books. People all have the lazy gene on the Internet.  They’ll assume they can get to it later.  They won’t be able to find that email when they next think of you… The common thought you all have when going through this is “The close friends in my life know how to contact me regardless”.  Yup – well in this world you might also have moved, changed your cell phone number, and, not that it is relevant, been issued 4 different credit card numbers “because we detected suspicious activity” this year.  The point is (important) stuff changes all the time.  The perfect storm can leave you in the Internet’s dust.

Not to mention every site on the Internet you log into and forgot the password of – will no longer be able to email you a password reset.  This list is LONG.  Far more onerous than changing a credit card number.

Aside: Website password advice – use lastpass.com

Imagine a rock.  One touchstone that’s always there.  No matter what.  Your email address.  From beginning to end it never changes, not once.  Are you willing to go that extra mile to save a boatload of future pain?

My domain, mcyork.com, was registered on 1995-02-03.  Not the start of the Internet by any means but the start of my online life.  Associated with mcyork.com is my very first email address ianm@mcyork.com.  I HAVE changed my email now to ian@mcyork.com.  I never sent friends an update.  If they use ianm@ – I still get the email.  My replies are now from ian@.  Over time, but without a worry on my part, they will soon start to use my newer more current email address.  In fact, the more luddite-prone friends of mine will never know or need to know, my email address was modified. @mcyok.com is mine, I control it and all the email addresses (near-infinite) that can be associated with it.

What’s the answer/point?  Own your domain / control your destiny!

“Ok, thanks but there’s a catch, right?  To manage all that is probably technical and difficult.  We KNOW you are a geek with a blog!”

Let’s go through that over beers.  I’ll get you started.

Posted on

This video can’t be played

It looks like your HDMI cable or connection doesn’t support HDCP, which is required to play this type of video. Try reconnecting the HDMI cable from Apple TV to your TV, and play this video again.

OK

Yeah, not fun. Older TVs don’t know about the encryption stuff that’s happening now to help prevent us from recording the output, say from Apple TV of a BlueRay. Well don’t go buy a new TV unless you need to. Instead get this gizmo to solve the problem until you do. It’s a simple splitter and you don’t NEED a splitter but it has the HDCP decoder in it. Just get this and another short HDMI cable and your shows will play all day long. Bonus if you wanted your shows output to 2 TVs you can do that not too!

This worked for older equipment – DOES NOT WORK ON APPLE TV. Ordering a different part and will update if there is success.

Posted on

Can’t connect your Trezor One?

Deposits are simple you just send to the address and crypto comes in. However if you need to open the hard wallet and you have a new MAC, yer stuck without one of these little gems. On the theme of everything seems to be USB-C these days this converter is cheap and simple to just leave connected. Turns that Trezor One into a USB-C capable device.

USB C to Micro USB Adapter, (4-Pack) Type C Female to Micro USB Male Convert Connector Support Charge & Data Sync Compatible with Samsung Galaxy S7/S7 Edge, Nexus 5/6 and Micro USB Devices (Orange)
Posted on

USB-C console cable

As you know we are geeks here @ McYork. So when we needed to get work from home all ramped up – our kit had to include console cables. Everyone (of the geeks) has these. However, most are now on new laptops and such where the older style USB is not native. Well simply grab one of these – we got 5 of them now.

USB-C Cisco Console Cable,OIKWAN 6ft USB Type C to RJ45 Serial Adapter Essential Accessory of Cisco, NETGEAR, Ubiquity, LINKSYS, TP-Link Routers/Switches for Laptops
Posted on

2020 shopping list

For the next, while I will be posting products we’ve bought and used with links to the sites (mostly Amazon – thank you 2020!) These are “affiliate links” and so I’ll be clear – when you use these links I do get some type of a kickback. However, you may or may not know that I’d never steer you wrong just for my own gain. Every product listed I have bought in the past, probably in 2020, or have personally used (through a friend or work). As we get more “stuff” this site will grow.

What about all the other amazing McYork projects and blogs from the past? These exist and will be reorganized into a new section. Don’t panic.

Posted on

A perfect read/listen

For the sci-fi lover or not, this is a fun book. Trust me if you like sci-fi you can buy this book without reading anything about it in advance. Go get it is all I can say. Go in blind it really will be one of the best ways to experience it. The audio version is very well produced.

Project Hail Mary

Posted on

Sound Great on Zoom

It is clearly getting better out there. We’ve endured the heart of the storm. Regardless you will want to up your Zoom game as that’s never going to end. This is what I use now and have for most of 2020. Simple plugs in USB-C and if I recall came with a selection of cables for other USB options. I use it on Windows 10 so that’s my experience. I expect it will work on MacBooks too.

Audio-Technica ATR2100x-USB Cardioid Dynamic Microphone (ATR Series)