This blog is the second blog of this Federated Identity Management for VMC on AWS series. Please complete the vIDM connector installation and setup as per my first blog of this series before moving forward. (https://davidwzhang.com/2019/07/31/setting-up-federated-identity-management-for-vmc-on-aws-install-and-setup-vidm-connector/) VMware Cloud on AWS Federated Identity management supports different kinds of authentication methods. This blog will demo the basic …
Setting Up Federated Identity Management for VMC on AWS – Install and Setup vIDM Connector
As an enterprise using VMware Cloud Services, you can set up federation with your corporate domain. Federating your corporate domain allows you to use your organization's single sign-on and identity source to sign in to VMware Cloud Services. You can also set up multi-factor authentication as part of federation access policy settings. Federated identity management …
Install Docker Offline on Centos7
Recently, I had to build an environment which have a kind of real web application running to test LBaaS site affinity solution,. After a few minutes,I made a decision to install a Jenkins container on my testing Centos 7 virtual machines. Unfortunately, my Centos virtual machines have no Internet access. So I spent a bit …
Install PowerCLI and PowerNSX Offline on RHEL7
With the release of PowerCLI 10.0.0, VMware adds support for Mac OS and Linux! Now you can install PowerCLI and PowerNSX on Linux System including RHEL, Centos, Unbuntu and Mac OS. To complete installation of VMware PowerCLI 10 and PowerNSX, firstly you need to install Powershell Core 6.0. In most of enterprise environments, we won't …
Continue reading Install PowerCLI and PowerNSX Offline on RHEL7
Wireshark Filter for SSL Traffic
Useful Wireshark filter for analysis of SSL Traffic. Client Hello: ssl.handshake.type == 1 Server Hello: ssl.handshake.type == 2 NewSessionTicket: ssl.handshake.type == 4 Certificate: ssl.handshake.type == 11 CertificateRequest ssl.handshake.type == 13 ServerHelloDone: ssl.handshake.type == 14 Note: "ServerHellpDone" means full-handshake TLS session. Cipher Suites: ssl.handshake.ciphersuite I found the below from Wiki. All these SSL handshake message types …
New Ansible F5 HTTPs Health Monitor Module
Just got time this weekend to test the newly released dev version of Ansible F5 HTTPs health monitor. The result of testing looks good: most of common use cases have been covered properly. Below is my first playbook for my testing: After run the playbook, I log in my F5 BIGIP VE and see the …
Automate F5 GSLB with Ansible
F5 BIG-IP Global Traffic Manager (GTM) provides tiered global server load balancing (GSLB). BIG-IP GTM distributes DNS name resolution requests, first to the best available pool in a wide IP, and then to the best available virtual server within that pool. GTM selects the best available resource using either a static or a dynamic load …
Automate F5 LTM with Ansible
Ansible has included F5 as extra network module, which can help to provide LBaaS by use of Infrastructure as Code method. Like normal Ansible modules, Ansible F5 module is installed the /usr/lib/python2.7/site-packages/ansible/modules/extras/network directory. [dzhang@localhost network]$ pwd /usr/lib/python2.7/site-packages/ansible/modules/extras/network [dzhang@localhost network]$ ls -al total 512 drwxr-xr-x. 9 root root 4096 Jan 30 03:17 . drwxr-xr-x. 20 root root …
Using TShark Filter for Packet Capture on Vyatta 5600
Vyatta 5600 provides Tshark as the packet capture tool. To capture your interested traffic and remove unnessary nosiy traffic, you need to use the capture filter when you perform the packet capture. Here I show you a few real world example for tshark capture filter, which hope can save you a bit of time. Capture …
Continue reading Using TShark Filter for Packet Capture on Vyatta 5600
Install Python Paramiko on Centos 7
You need the following packages installed so that the Paramiko module installation can be completed successfully: yum install python-devel yum install libffi-devel yum install -y openssl-devel [root@localhost python2.7]# pip install paramiko Collecting paramiko Using cached paramiko-2.0.2-py2.py3-none-any.whl Collecting cryptography>=1.1 (from paramiko) Using cached cryptography-1.5.tar.gz Requirement already satisfied (use --upgrade to upgrade): pyasn1>=0.1.7 in ./site-packages (from paramiko) …
davidwzhang.com 