Build Load Balancing Service in VMC on AWS with Avi Load Balancer – Part2

This blog is Part 2 of this series. If you have not gone through the Part1, please go and check it out now. In Part 2, we will demo how to set up a local load balancing virtual service for a web-based application on our deployed Avi load balancer. The IP Address allocation and network …

Continue reading Build Load Balancing Service in VMC on AWS with Avi Load Balancer – Part2

Build Load Balancing Service in VMC on AWS with Avi Load Balancer – Part1

When we design a highly available (HA) infrastructure for a mission-critical application, local load balancing and global load balancing are always the essential components of the solution. This series of blogs will demonstrate how to build an enterprise-level local load balancing and global load balancing service in VMC on AWS SDDC with Avi Networks load balancer. …

Continue reading Build Load Balancing Service in VMC on AWS with Avi Load Balancer – Part1

Setting Up Federated Identity Management for VMC on AWS – Authentication with Okta IdP

The Federated Identity feature of VMware Cloud on AWS can be integrated with all 3rd party IdPs who support SAML version 2.0. In this integration model, the customer dedicated vIDM tenant will work as SAML Service Provider. If the 3rd party IdP is set up to perform multi-factor authentication (MFA), the customer will be prompted …

Continue reading Setting Up Federated Identity Management for VMC on AWS – Authentication with Okta IdP

Setting Up Federated Identity Management for VMC on AWS – Authentication with Active Directory

This blog is the second blog of this Federated Identity Management for VMC on AWS series. Please complete the vIDM connector installation and setup as per my first blog of this series before moving forward. (https://davidwzhang.com/2019/07/31/setting-up-federated-identity-management-for-vmc-on-aws-install-and-setup-vidm-connector/) VMware Cloud on AWS Federated Identity management supports different kinds of authentication methods. This blog will demo the basic …

Continue reading Setting Up Federated Identity Management for VMC on AWS – Authentication with Active Directory

Setting Up Federated Identity Management for VMC on AWS – Install and Setup vIDM Connector

As an enterprise using VMware Cloud Services, you can set up federation with your corporate domain. Federating your corporate domain allows you to use your organization's single sign-on and identity source to sign in to VMware Cloud Services. You can also set up multi-factor authentication as part of federation access policy settings. Federated identity management …

Continue reading Setting Up Federated Identity Management for VMC on AWS – Install and Setup vIDM Connector

Integrate VMware NSX-T with Kubernetes

Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. K8s use network plugin to provide the required networking functions like routing, switching, firewall and load balancing. VMware NSX-T provides a network plugin called NCP for K8s as well. If you want to know more about VMware NSX-T, please go …

Continue reading Integrate VMware NSX-T with Kubernetes

Install Docker Offline on Centos7

Recently, I had to build an environment which have a kind of real web application running to test LBaaS site affinity solution,. After a few minutes,I made a decision to install a Jenkins container on my testing Centos 7 virtual machines.  Unfortunately, my Centos virtual machines have no Internet access. So I spent a bit …

Continue reading Install Docker Offline on Centos7

Install PowerCLI and PowerNSX Offline on RHEL7

With the release of PowerCLI 10.0.0, VMware adds support for Mac OS and Linux! Now you can install PowerCLI and PowerNSX on Linux System including RHEL, Centos, Unbuntu and Mac OS. To complete installation of VMware PowerCLI 10 and PowerNSX, firstly you need to install Powershell Core 6.0. In most of enterprise environments, we won't …

Continue reading Install PowerCLI and PowerNSX Offline on RHEL7

Wireshark Filter for SSL Traffic

Useful Wireshark filter for analysis of SSL Traffic. Client Hello: ssl.handshake.type == 1 Server Hello: ssl.handshake.type == 2 NewSessionTicket: ssl.handshake.type == 4 Certificate: ssl.handshake.type == 11 CertificateRequest ssl.handshake.type == 13 ServerHelloDone: ssl.handshake.type == 14 Note: "ServerHellpDone" means full-handshake TLS session. Cipher Suites: ssl.handshake.ciphersuite I found the below from Wiki.  All these SSL handshake message types …

Continue reading Wireshark Filter for SSL Traffic