04 Jan

Observium pollers vertical scaling

Observium in containers

There are several free monitoring tools available for commercial or non-commercial use. I decided to use Observium to monitor my home and remote labs. I had no specific requirements except that it had to have an option to run in Docker containers on RaspberryPi (ARMv6/8 CPUs). The downside of all monitoring solutions are the resource requirements. There are three resources that matter – storage, memory, and CPUs. Vertical scaling of Observium pollers and other processes is one of the solutions if your hardware resources are limited.

The vertical scaling means adding more workers doing the same process in parallel, but tasks assigned to each process should not overlap. In my case, I wanted to spread the polling across my RaspberryPi cluster. Polling process can consume the CPU and make RaspberriPi unresponsible. In worst scenario, if you have many devices or you are poling lots of data from your devices the polling processes may not finish their work within 5 minutes (this is how often devices have to be queried) so you will miss some data. You may of course tune number of threads the polling process start but any platform has it resources limitations you cannot bypass.  

In this article I will present my solution based on Docker Swarm cluster. It has some limitations and downsides but may work for many people, not only on RaspberyPi.

Read More
11 Dec

Upgrading the VMware Harbor

VMware Harbor is a docker images registry. You can use it instead of docer registry from official repository.

I lately decided to upgrade my local Docker registry installation. I use VMware Harbor as a Docker registry – In my opinion, it is much better and easier than official registry software. Recently I upgraded it from version 1.5.1 to 1.6.2.

VMware Harbor runs in containers which simplifies managing the software, but the upgrade is not straightforward as you may think. Most significant change is database consolidation. Instead of separate databases for Harbor, Clair and Notary version 1.6.0 introduces a single database engine for all components – the PostgreSQL. The 1.5.0 Harbor uses the MySQL, while Clair already uses the PostgreSQL. The developers prepared a dedicated container with migration engine that performs all the work. However, I found upgrade documentation missing the crucial explanation of steps and commands which may lead to loss of your data. I will try to cover my findings in this post.

Read More
13 Apr

Use Ansible to check SNMP on remote device

Best way to learn Ansible and the whole idea of automation is to start from the small playbooks and then grow big. If you first automate simple tasks, even those that may be easier and quicker to perform from the command line, you will learn how Ansible is working. Let’s say, we want to test if SNMP is responding on the remote host (we name it HostA). We will use SNMPv3 and authPriv security model. And of course, we want to write the Ansible playbook and run it on server HostNOC.

Read More

06 Mar

Response attributes on Synology RADIUS server

Secure Your Network

You can use Synology NAS products not only as file storage. The DSM system provides a broad spectrum of additional services via packages – either signed by Synology or provided by third-party communities – the SynoCommunity repository is the most known. The only limitation you have is your NAS hardware platform and its performance. I own DS211 model which reached its End of Sale status already. I run several network services like DNS server there, and I use it as remote storage for SMB and AFP shares as well as for iSCSI LUNs. It also provides some services for my home network and lab. One of them is RADIUS server.

I want to show you how you can use the Synology products as RADIUS server which will use LDAP database for user authentication. This way local accounts that I use for network shares authentication remains separated from any additional accounts dedicated to RADIUS service. Both RADIUS and LDAP runs on the NAS itself.

Read More

05 Sep

AWS Step Functions for networkers – the CLI approach

Step Function Workflow Graph

In the previous post, I told you that it is not possible to update State Machine configuration once you create it. I prefer an approach like in API Gateway where you have stages of the same project, but Amazon for some reason did not follow this way. So if you want to deploy a new version of your Step Functions project you need to delete old and create new State Machine. Using the GUI interface is not efficient in a long term, you can do this much easier using AWS CLI.

Read More

30 Aug

AWS Step Functions for networkers – Workflow definition

Step Function Workflow Graph

AWS has many great tools and products that may simplify your task. In day to day work, no matter if you are networks engineer, software administrator or have a different role in your organization you will perform small repetitive tasks to complete the bigger project. Writing a long, complex scripts or programs is a solution, but it is flexible? Step Functions is a good option in such cases.

Good programming rule is to create small functions to complete small chunk of work and then pass it on another one. So instead of writing one script that will log into 100 devices to fetch firmware version you create a small function that does it for one device and then you call it in a loop in other function passing the new IP as an argument. That is exactly what AWS Step Functions are meant for. Using this service you can create a flow of small tasks, each dependent on other if required, to complete bigger work. Let me show you the basics and how you can use it.

Read More

19 Apr

How to add network device to Microsoft Operations Management Suite using syslog

How to add network device to Microsoft Operations Management Suite using syslog

Microsoft Operations Management Suite is nice, and in some cases free, tool to manage and search through logs. But it’s dedicated to Windows and Linux operating systems by default. In many environments, especially those most secure ones, huge amount of logs are generated by network devices. Firewalls placed on the edge between Internet and DMZ zone quite often are set up to log all denied connections. Those firewalls can produce significant volume of logs that need to be searched and analyzed. Microsoft Operations Management Suite seems to be perfect tool for that but there is no native support of such feature. But we can implement this doing small workaround. Let’s look how to add network device to Microsoft Operations Management Suite using syslog.

Read More

13 Apr

Microsoft Operations Management Suite – powerful log analyzer in Azure (in 10 minutes for free)

Collecting and processing logs from all systems and network devices can be a nightmare for any systems admin. Searching through them and performing security audits can be a nightmare for security team if collector engine is not powerful enough to process queries in efficient time. Microsoft Operations Management Suite is interesting solution to answer both those problems and add much more analysis giving administrators visibility and control across on-premise and cloud installations.

Microsoft Operations Management Suite runs in Azure which means it’s extremely fast in processing the data. Millions of records are not problem for OMS so we can get Insights and Analytics of what is happening on our servers or workstations, detect and respond to threads or apply proper protection or even put in place some automation in controlling. It’s quick to setup and for many users it can be for free!

Read More