Abstract By using tcpdump to troubleshoot an elusive error, we uncovered a man-in-the-middle (MITM) ssh proxy installed by our information security (InfoSec) team to harden/protect a set of machines which were accessible from the internet. The ssh proxy in question was Palo Alto Network’s (PAN) Layer 7 (i.e. it worked on any port, not solely ssh’s port 22) proxy, and was discovered when we observed a failure to negotiate ciphers during the ssh key exchange....

When customers with vSphere+NSX-T-based foundations apply a stemcell update, update a tile, or upgrade PAS (Pivotal Application Service) from 2.2 to 2.3, their Cloud Foundry may become unreachable as their NSX-T static load balancer server pools have been emptied. This blog post describes a method to ensure availability during upgrades. We use a combination of customized Operations Manager resource configs and BOSH VM Extensions. The sample workflow in this post is for upgrading PAS 2....

The following section is the new Quickstart for installing a TLS certificate on vCenter 7 vCenter 7 Quickstart On your vCenter, navigate to Menu → Administration → Certificates → Certificate Management On the __MACHINE_CERT tile, click Actions, select Generate Certificate Signing Request (CSR). Enter the appropriate info; for inspiration, this is what we entered: Common name: vcenter-70.nono.io Organization: nono.io Organizational Unit: homelab Country: United States State/Province: California Locality: San Francisco Email Address: yoyo@nono....

0. Overview [Disclaimer: the author works for Pivotal Software, of which Dell is an investor. Dell is also an owner of VMware] It’s helpful to know the performance characteristics of disks when selecting a disk type. For example, the performance of a database server will be greatly affected by the IOPS of the underlying storage. Similarly, a video-streaming server will be affected by the underlying read throughput. 0.0 Highlights: If you need a fast disk, nothing beats a local vSphere NVMe drive....

0. Abstract BOSH is a VM orchestrator; a BOSH Director creates, configures, monitors, and deletes VMs. The BOSH Director interoperates with a number of IaaSes (Infrastructure as a Service), one of which is VMware vSphere, a virtualization platform. BOSH traditionally operates exclusively within the IPv4 networking space (i.e. the BOSH Director has an IPv4 address (e.g. 10.0.0.6), and the VMs which it deploys also have IPv4 addresses); however, recent changes have enabled IPv6 networking within the BOSH Framework....