This blog is the second blog of this Federated Identity Management for VMC on AWS series. Please complete the vIDM connector installation and setup as per my first blog of this series before moving forward. (https://davidwzhang.com/2019/07/31/setting-up-federated-identity-management-for-vmc-on-aws-install-and-setup-vidm-connector/) VMware Cloud on AWS Federated Identity management supports different kinds of authentication methods. This blog will demo the basic …
Author: David Zhang
Setting Up Federated Identity Management for VMC on AWS – Install and Setup vIDM Connector
As an enterprise using VMware Cloud Services, you can set up federation with your corporate domain. Federating your corporate domain allows you to use your organization's single sign-on and identity source to sign in to VMware Cloud Services. You can also set up multi-factor authentication as part of federation access policy settings. Federated identity management …
Install Docker Offline on Centos7
Recently, I had to build an environment which have a kind of real web application running to test LBaaS site affinity solution,. After a few minutes,I made a decision to install a Jenkins container on my testing Centos 7 virtual machines. Unfortunately, my Centos virtual machines have no Internet access. So I spent a bit …
Install PowerCLI and PowerNSX Offline on RHEL7
With the release of PowerCLI 10.0.0, VMware adds support for Mac OS and Linux! Now you can install PowerCLI and PowerNSX on Linux System including RHEL, Centos, Unbuntu and Mac OS. To complete installation of VMware PowerCLI 10 and PowerNSX, firstly you need to install Powershell Core 6.0. In most of enterprise environments, we won't …
Continue reading Install PowerCLI and PowerNSX Offline on RHEL7
Wireshark Filter for SSL Traffic
Useful Wireshark filter for analysis of SSL Traffic. Client Hello: ssl.handshake.type == 1 Server Hello: ssl.handshake.type == 2 NewSessionTicket: ssl.handshake.type == 4 Certificate: ssl.handshake.type == 11 CertificateRequest ssl.handshake.type == 13 ServerHelloDone: ssl.handshake.type == 14 Note: "ServerHellpDone" means full-handshake TLS session. Cipher Suites: ssl.handshake.ciphersuite I found the below from Wiki. All these SSL handshake message types …
Automate F5 GSLB with Ansible
F5 BIG-IP Global Traffic Manager (GTM) provides tiered global server load balancing (GSLB). BIG-IP GTM distributes DNS name resolution requests, first to the best available pool in a wide IP, and then to the best available virtual server within that pool. GTM selects the best available resource using either a static or a dynamic load …
Automate F5 LTM with Ansible
Ansible has included F5 as extra network module, which can help to provide LBaaS by use of Infrastructure as Code method. Like normal Ansible modules, Ansible F5 module is installed the /usr/lib/python2.7/site-packages/ansible/modules/extras/network directory. [dzhang@localhost network]$ pwd /usr/lib/python2.7/site-packages/ansible/modules/extras/network [dzhang@localhost network]$ ls -al total 512 drwxr-xr-x. 9 root root 4096 Jan 30 03:17 . drwxr-xr-x. 20 root root …
Install Python Paramiko on Centos 7
You need the following packages installed so that the Paramiko module installation can be completed successfully: yum install python-devel yum install libffi-devel yum install -y openssl-devel [root@localhost python2.7]# pip install paramiko Collecting paramiko Using cached paramiko-2.0.2-py2.py3-none-any.whl Collecting cryptography>=1.1 (from paramiko) Using cached cryptography-1.5.tar.gz Requirement already satisfied (use --upgrade to upgrade): pyasn1>=0.1.7 in ./site-packages (from paramiko) …
How to achieve maximum TCP throughput on LFN
Firstly, what's LFN? LFN means long fat network, often pronounced "elephan". In RFC 1072, a network is considered an LFN if its bandwidth-delay product is significantly larger than 105 bits (12500 bytes). Then you will possibly have another question: what bandwidth-delay product is? As Wiki suggested, bandwidth-delay product refers to the product of a data …
Continue reading How to achieve maximum TCP throughput on LFN
davidwzhang.com 