Table of Contents

Your cloud project, the beginning

You deployed your highly secure & encrypted Hub & Spoke model in Azure ( with Aviatrix), scaled up the environment and expanded into additional regions.

Next you want to migrate your workloads from OnPremise and empty your datacenters (does Cloud first sound known to you?)
You require a link with low latency for your sensitive apps (SAP, Databases) and good throughput/performance so you choose an Express Route circuit and deploy an Azure Route Server (ARS) to handle the routing information exchange between the 2 worlds.
Everything comes up seamlessly and by this time your design should look similar to this:

The BGP sessions of one of the Aviatrix Transit NVAs to the two legs of the Azure Route Server:

More workloads migrate to the cloud, you assign additional CIDRs to your VNETs and at some point in time when adding a new CIDR you notice an interruption in your OnPremise traffic.

Continue reading

Table of Contents

Description

If you landed here then you must have searched for examples about how you can get Dynatrace to work with Aviatrix.

Worry not…I also searched for those as I’m a pretty lazy person and prefer not to reinvent the wheel if I can avoid it.

I found a VSCode dynatrace plugin that makes things easier but then no premade examples so I went out to try Chat GPT / Gemini AI.

I lost 1h thinking that AI is the holy grail which will save me time and I was proven wrong.

Not a single line of code from it worked. I just ended up being frustrated.

See below what I came up with and how…

Also, to avoid confusion between VSCode and Dynatrace I call:

• plugin the Dynatrace VSCode extension itself (which enables you to write Dynatrace Portal Extensions)
• extension the Dynatrace extensions that get uploaded to their service and are used for gathering metrics and setting up Dynatrace-Aviatrix monitoring

Continue reading

Table of Contents

Description

If you landed here then you must have searched for examples about how you can get Dynatrace to work with Aviatrix.

Worry not…I also searched for those as I’m a pretty lazy person and prefer not to reinvent the wheel if I can avoid it.

I found a VSCode dynatrace plugin that makes things easier but then no premade examples so I went out to try Chat GPT / Gemini AI.

I lost 1h thinking that AI is the holy grail which will save me time and I was proven wrong.

Not a single line of code from it worked. I just ended up being frustrated.

See below what I came up with and how…

Also, to avoid confusion between VSCode and Dynatrace I call:

• plugin the Dynatrace VSCode extension itself (which enables you to write Dynatrace Portal Extensions)
• extension the Dynatrace extensions that get uploaded to their service and are used for gathering metrics and setting up Dynatrace-Aviatrix monitoring

Continue reading

Table of Contents

Description

Last week I got asked by a customer what I think about the AWS Firewall and if it would be wise for him to implement it in his environment.
I browsed fast through the various tech documents about it, got initially confused and realised that this is not one of those topics that I was going to understand fast and move on.

I invested more time into it, started reading about rule groups, stateless, statefull rules and … I needed a break. There was surely no quick answer in sight.

Going into the topic even deeper I reached the proverbial French saying “je ne sais quoi”.

Would I implement this firewall in my own environment ?

Maybe…
Then again I’m a perfectionist, always afraid of failing…

I tend to find limitations, restrictions, imperfections and get easily disappointed.

If you want to learn I invite you to join me in this journey :)

Continue reading

Table of Contents

Description

Each time I visit a potentially new customer, there’s always that moment after a sip of coffee, after a few whiteboarding events and heated technical discussions when the following question pops up:

“How do you manage this Multicloud environment ?”
“Isn’t this complex for my Operations Team ?"

If you had asked me this 5-6 years ago…I would have probably said yes.
I was there jumping into action, incidents in the middle of the night, pager alarms and zombie eyes after 4-5h of sleep and the rollercoaster just kept going.

The daily struggle to reduce configuration and administration headaches was something real. I used Bash scripts, Python, Ruby, a mix of various vendor tools and still lost a lot of time investigating each time what went wrong.

This is where in the last few years Terraform has come to the rescue and has provided a consistent way of defining infrastructure while at the same time making tracking of changes easy

(hint: Github/Gitlab + a CI/CD pipeline).

Sounds like a dream come true, right ? Not if you're restless like me and always want to see what's under the hood...

Continue reading

Table of Contents

Description

I recently had to configure Strongswan with Certificate Authentication to a Checkpoint GW and got lost a bit in all the articles I could find about the openssl utility and how to generate a CA, CSRs, sign a certificate and so on.
I will summarize here the steps required for generating the CA/cert so that everything is in a single place.

I give an example with RSA and one with ECDSA.

The changes are minimal.

On the Checkpoint side I only had to import the CA from Strongswan side and configure it under the Public Key auth pertaining to the Network Interoperable Device (representation of 3rd party device Checkpoint wise).

Continue reading

Table of Contents

Description

I was using a custom solution running MongoDB in the Backend on Ubuntu 18.04 and recently decided to try out an

apt-get update
apt-get dist-upgrade

I got quickly reminded why doing such operations require a bit more planning ahead instead of the just do it way of thinking.

Luckily in IT, there’s always a solution for everything and a chance to reverse engineer what happened…

Continue reading