Does anyone have experience with a load balancer migration from F5 to A10? I'm new to both F5 & A10 devices but I managed to export the VIPs, backend IPs, Ports etc from F5 in JSON object and dumped the JSON on A10 device. I used A10's API in python to parse and create a test partition, virtual servers, service groups, and servers.
I have run out of ideas on how I can automate the export/import of Profiles (SSL, protocols, and services) from F5 to A10. This may not be a straightforward process to automate but I would appreciate any idea on how I can achieve this manually.
Thank you!
You can download your certificates and keys from the F5 using sftp.
Certificates are in: /config/filestore/files_d/Common_d/certificate_d
Keys are in: /config/filestore/files_d/Common_d/certificate_key_d
The naming of the files is a mess but you can rename them.
The F5s have a REST API called iControl that you can use to retrieve all of the profile information that you are looking for. There's several different SDKs available for working with it.
Related
I have a database of files that are already tagged. Now, I would like to upload these files to an OwnCloud or NextCloud Server and pass on my already existing tags so that they show up as tags in the respective system. I wasnt able yet to find a way how I could do that in the documentation, does anyone have an idea how I could do it?
Thanks!
I just made available the source code of the (remote) file tagging micro-service for Nextcloud on github (https://github.com/julianthome/taggy). The implementation consists of two parts: 1) the taggy client for uploading files to the Nextcloud server, and for invoking the taggy server; 2) the taggy server for adding specified tags to uploaded files.
I will polish the code further within the next days. I am also planning to add SSL support which is important because username and password are currently transmitted unencrypted to the taggy server. The server uses these credentials in order to check whether the user can be properly authenticated before tagging any files.
Please let me know if you have other ideas, suggestions or feedback ;)
Kind regards
Installed Parse Server on Digital Ocean, and have been trying to use the CLI to manage cloud code. I've hit a wall, since the CLI tool will not move forward without an account key on Parse.com (which no longer offers account keys). For example, if I type in "parse new", I get this:
We've changed the way the CLI works. To save time logging in, you should create an account key. Type "parse configure accountkey" to create a new account key. Read more at: https://parse.com/docs/cloudcode/guide#command-line-account-keys
If you actually do that, it responds:
Input your account key or press ENTER to generate a new one. NOTE: on pressing ENTER we'll try to open the url: "https://www.parse.com/account/keys" in the default browser:
This leads to a login page. Since I don't have an account on Parse.com (nor should it be necessary for Parse Server), I'm stuck. If I click on the "I don't have an account" link, it just takes me to the front page.
I find it hard to believe that there's no way to manage/create cloud code on Parse Server. But, it is sure looking that way. Is this just a failure to update the CLI or am I missing something obvious.
Many thanks.
Parse cli is not meant to be used with parse server. At least not currently. Parse server is simply a node module which means that you will have to handle deployment etc yourself. There are many tools that will handle everything that the parse cli did, and much more, from the nodejs community however.
You said that you used digital ocean. You might want to consider heroku, aws or google cloud. Heroku for example has the heroku cli with many of the same features as the parse cli which might save you some time.
You can't use parse cli on parse-server. Parse-server and parse.com environment are both different , parse-server is just the node module so deployment can be automated using other tools.
I am using forever to restart my parse-server automatically when a file changes. So you can just copy/paste your files using filezilla and that's it.
One of my clients just received the software ordered from his chosen developers, asked me to look at it and prepare the hosting procedures.
It's an Java (jar) app, so far so good ... but I saw something suspect, every 60 minutes or so the software connects to a remote host :443 port using SSL and transferring ~ 3-10 MB of encrypted data (as POST) then closes the connection, this is very strange. Tried to wireshark it but everything is encrypted and I have no clue about what kind of data is transferred, I know only the destination hostname. The hosted data within the app will be highly sensitive (insurance-broker) and if my client decides to go with it - this is a serious issue for his business and also for his clients, I've asked the developer company about this and they said that no one added something like this even if I provided them the proff (pcap).
I can block it within firewall, but if they added something like this it could exist another hosts ready to receive the encrypted data.
The only way I can figure it out is to somehow decrypt the SSL traffic in order to read RAW data and give my client all the needed informations in order to talk with the developer company to sort it out, how can I do that ? With some sort of ssl-proxy or whatever ... tried to google it but didn't find any kind of relevant tutorials.
I have access to the physical machine which is running the Java application, I can see every single bit of the traffic but ... encrypted.
If I was in your place instead of trying to decrypt ssl connection would have tried following steps:
1)Since you are aware of the host to which it is making a post request , find out more about that service so as to learn what it does ? May be try contacting that site saying that we need to consume your service what should I send my in post request ;)
2)Second way around would be if you can decompile the jar file and find line in the source code which makes that request and then you could go back to the developer asking as why this has been written. To find the source code which is making the call what you could do is block the host access on your firewall.
The code would fail and mostly probably he would have logged the exception in his log files. Find the stack trace and you will know the line of code that is
making that request.
Hope this helps.
So, as part of my daily jobs, I have to transfer a one file from our customers server to our internal server and any responses back.
Each customer effectively has one file up and one file down each day.
I have an SFTP server here that I can use and is already used manually for a few sites.
I'm looking to automate as many sites as possible using batch files on a scheduled task.
Initially, I'm looking at automating the internal side of the process.
We simple have a requests folder that needs to import from the SFTP (then delete the original on the SFTP) and a response folder which needs to copy to a 'sent' folder and then export to the SFTP (also, deleteing the original)
On the SFTP server I have a "to site" and "from site" folder. Each file is site specific followed by a variable. So SiteNameImport.<variable> and SiteNameExport.<variable>
EDIT:
I'm asking this as I'm a novice at scripting and basically have no idea what to do.
I've tried reading the automation guide on WinSCP website but a lot of it means nothing to me.
Filezilla doesn't support automation, You're better off with WinSCP. They have some scripting examples here as well as any other information you'll need to build the scripts functionality. You'll just need to add the specifics (Like deleting sent files and so on) CuteFTP is also another solution you can script with but I believe you have to pay for a licence. I suggest VBscript, Examples can be found Here for vbscript.
I want to upload pictures to the AWS s3 through the iPhone. Every user should be able to upload pictures but they must remain private for each one of them.
My question is very simple. Since I have no real experience with servers I was wondering which of the following two approaches is better.
1) Use some kind of token vending machine system to grant the user access to the AWS s3 database to upload directly.
2) Send the picture to the EC2 Servlet and have the virtual server place it on the S3 storage.
Edit: I would also need to retrieve, should i do it directly or through the servlet?
Thanks in advance.
Hey personally I don't think it's a good idea to use token vending machine to directly upload the data via the iPhone, because it's much harder to control the access privileges, etc. If you have a chance use ec2 and servlet, but that will add costs to your solution.
Also when dealing with S3 you need to take in consideration that some files are not available right after you save them. Look at this answer from S3 FAQ.
For retrieving data directly from S3 you will need to deal with the privileges issue again. Check the access model for S3, but again it's probably easier to manage the access for non public files via the servlet. The good news is that there is no data transfer charge for data transferred between EC2 and S3 within the same region.
Another important point to consider the latter solution
High performance in handling load and network speeds within amazon ecosystem. With direct uploads the client would have to handle complex asynchronous operations of multipart uploads etc instead of focusing on the presentation and rendering of the image.
The servlet hosted on EC2 would be way more powerful than what you can do on your phone.