designetwork(EN)

IT technical memo of networking

Installing Praeco (ElastAlert GUI) into Kubernetes with Helm (Beta)

I created Helm Chart of Praeco (ElastAlert GUI) . Praeco is Web GUI for ElastAlert. github.com Beta Release This is my first Helm Chart and has not been put into production yet, and onl has been tested in k3s local Kubernetes environment. …

Visualize NetFlow with ElastiFlow (Elasticsearch + Logstash + Kibana)

Earlier, I reviewed the open source (OSS) NetFlow collector, as summarized in this article. designetwork.daichi703n.com When I investigated again, I found ElastiFlow , a NetFlow collector and visualizer based on Elasticsearch + Logstash + …

Checking state of NAT connection on iptables (AWS NAT instance, etc.)

Sometimes a NAT machine is created by iptables on Linux, such as an AWS NAT instance. If you are a network engineer who has experience in operating network devices such as routers and FWs, you will often want to check the connection status…

Cisco ASA SSH login with Public Key Authentication

Implement SSH Public Key Authentication on the Cisco ASA, which is common in server operation. This makes it possible to operate more securely and efficiently. Official information SSH related configuration guide of Cisco ASA is here www.c…

Chaos Engineering in BOSH with Turbulence

On the 24th day of Cloud Foundry Advent Calender 2018 I will implement chaos engineering which is introduced by advanced companies and services. If it is an environment constructed by BOSH, such as Cloud Foundry and Kubernetes, it can be i…

BOSH-Lite in VirtualBox with Bridged Adapter for remote access

On the 23rd day of Cloud Foundry Advent Calender 2018 Procedures for building BOSH-Lite in the local environment with VirtualBox are explained in some articles. In these, as described in the BOSH Official, you have to manage and access fro…

Gray out holidays on Easy Gantt with Gitmike

Easy Gantt is useful Redmine's Gantt chart tool, but when combined with the theme Gitmike, holidays are not grayed out by default. Note that this problem does not occur in the default theme. Customize CSS so that you can gray out holidays …

Create MACVLAN (802.1Q VLAN Tag) network with Docker-Compose

In this article I connected the Docker container with an external network 802.1Q VLAN Tag. en-designetwork.hatenablog.com This time with define as Docker-Compose file to make it easier to operate. If I make it further, I think that network…

Connecting the Docker container to the external network via VLAN Tag

I am considering a system that utilizes the Docker container for tests such as network communication and route confirmation. It is inefficient to prepare a large number of PCs for testing, so we would like to utilize a lightweight and spee…

Build SSH R-Proxy with SSH Piper w/Docker

In an environment where SSH access to the server is restricted by a firewall or the like, SSH Proxy access to the backend server is established by SSH R-Proxy server (Docker container), not a step-by-step server. There is also a method to …

Mark up overdue tickets of Redmine in listing (using View Customize Plugin)

Task management in Redmine, markup overestimated tickets helps to prevent countermeasure leakage. Equivalent effects can be expected by using remind mail, but it is easy to grasp the situation by markup even when displaying the list. Imple…

Gem, Bundle installation fails due to setting error in Proxy environment

For package installation in the Proxy environment, it is necessary to designate the proxy server by environment variables and so on. Similarly for Gem and Bundler, setting of environment variables http_proxy is required. During constructio…

Proxy setting for installing Gem with Docker Redmine

When adding a plugin to Docker Redmine, if you need to install the Gem package, set the Proxy environment variable in docker-compose.yml. The problems that occurred, the contents of the investigation, and how to respond are shown. Environm…

Relolve Docker Redmine's SMTP delays by asynchronizing

Redmine running on Docker response when creating and updating tickets got worse, and as the problem was solved by investigating cause/workaround, write down the procedure. As a result, by setting the SMTP mail notification to Async (asynch…

Install Hinemos with Docker (Initial construction)

I will introduce Hinemos that is integrated monitoring system NTT-DATA develops as OSS, with Docker. Here is the official Docker Image, but it seems that the version is old and maintenance is not done, so create it from original Dockerfile…

Install BOSH on OpenStack

Basically install BOSH on OpenStack as described here. https://bosh.io/docs/init-openstack.html Although it is possible to work with CentOS that is used as a host of OpenStack, in my environment using PackStack, did not work well because o…

(Queens)Build practical standalone OpenStack verification environment with PackStack

Since OpenStack Queens has been released, we verify from installation to initial use. Using PackStack, which can easily build OpenStack environment, build a practical OpenStack verification environment with a little customization. OpenStac…

SSH key pair is not imported in OpenStack external network diagram

When building OpenStack for verification and deploying CirrOS, the SSH key pair was not imported, and an issue occurred that CANNOT login to the instance by the SSH private-public key. OS is similar for CirrOS and Debian. (Switch to passwo…

DS-Lite (IPv4 over IPv6) Internet connection with VyOS

This article implemented DS-Lite Internet access at ZOOT NATIVE & CentOS. en-designetwork.hatenablog.com However, it is troublesome (problem of familiarity) to operate CentOS (Linux) as a router, so build an equivalent DS-Lite environment …

DS-Lite (IPv4 over IPv6) Internet connection with CentOS

This article tested Internet access speedup by IPv6 connection, but IPv6 Plus (MAP-E) provided by @nifty requires dedicated equipment, the Cisco ASA5505, VyOS, Linux etc. can only perform simple IPoE connection , It was not possible to spe…

IPv6 connection to the Internet with the Cisco ASA 5505 and NAPT

Since the speed of home Internet has slowed and dissatisfaction has become bigger, I will try to introduce IPv6 aiming for improvement. Although there are restrictions for continued use of the Cisco ASA, it was possible to construct a mini…

Evaluate Reporting CSV Export function of Kibana 6.x

Kibana 's long - awaited feature, the ability to CSV - export search results on the Discover tab. It is finally implemented from Version 6. I can not wait for the GA release, I tried the Alpha version. github.com Kibana 6.0.0-alpha2 is rel…

Patch to Kibana 5 and export CSV from the Discover tab

In this article I built a feature addition version that can be exported from Discover tab of Kibana, but honestly it took quite a lot of trouble. en-designetwork.hatenablog.com Over time, there seems to be someone who created the same func…

Turn on/off iTerm's Vim scroll setting (not use .vimrc)

Change the scroll setting when switching to Vim screen with iTerm 2 popular as a MacBook terminal. I often see an article saying .vimrc the following setting, but it did not work well in my environment. vi ~/.vimrc set mouse=a This time, n…

Suppress Non-Zero Metrics log with Filebeat

As described in this article, Beats (Filebeat) is sending Fluentd in a simple log. en-designetwork.hatenablog.com I noticed that the following logs occurred frequently among them. It seems to be a mechanism of Beats' s Metrics monitoring, …

Beats (Filebeat) logs to Fluentd tag routing

Beats is a lightweight log shipper with a buffer and retransmission function (acknowledgment), and installing it on the server that generates logs makes it easy to analyze logs in Elasticsearch. I usually use Fluentd (td-agent) as the main…

ESXi hosting diagram with Home Lab and VyOS

My colleague said, "I want to study servers at home, but there is only an old PC (32 bit) and I can not build ESXi." In order to provide a verification environment, I built ESXi hosting environment in my home laboratory. I am using ESXi v6…

Setting to add X-Forwarded-Proto in BIG-IP

When load balancing HTTP/S with F5 BIG-IP, make S-NAT and add X-Forwarded-Proto, X-Forwarded-For HTTP header. The setting method of this time is based on the information of this discussion. devcentral.f5.com Verification configuration Veri…

BIG-IP VE cannot be deployed to ESXi6.5 by postNFCData failed

I attempted to deploy F5 BIG-IP VE (Virtual Edition) to VMware ESXi 6.5 for evaluation, but an error occurred and the deployment failed. As a result, ALL, LTM’s OVA image could not be deployed, and deployment succeeded with 1 SLOT model. E…

Two pairs of RAID1 with 4HDDs and mount to ESXi (PowerEdge T110 II PERC H200A)

Add HDD to Dell PowerEdge T110 II used as home server. The existing DISK uses the initial installed RAID controller PERC H200A and has a RAID1 configuration. Since up to four HDDs can be connected to the controller, the remaining two are a…


This Blog is English Version of my JP's.

Sorry if my English sentences are incorrect.

designetwork