News

Techshort: Difference between horizontal and vertical scaling

As system & application owners we encounter a point where we need to grow our environment, but the question that often occurs is in what way do we scale.

So let’s start with some defining methods of scaling today:

Horizontal scaling – where you scale by adding more machines (workers) into your pool of resources.

Vertical scaling – where you scale by adding more power (CPU, RAM, DISK) to an existing resource.

Use case:

Horizontal-scaling is easy as you can add more machines into the existing pool of resources, whereas vertical-scaling, on the contrary, may be limited to the capacity of a single machine. Scaling beyond that capacity results in downtime and comes with an upper limit.

Limitations:

I have been reading that hypervisors may pose limitations to the ability to scale as different hypervisors impose different limits on the number of resources that can be allocated

An example would be: VMware ESXi 6.7 – Limits such as: Each VM can support up to 128 virtual CPUs, 6.1 TB of memory, VM disk file sizes up to 62 TB and up to 10 virtual network interface controllers (NICs). Although there has been added support for things such as NVMe (virtual nonvolatile memory). The absolute limitations do present a scalability limitaiton.

Why are you thinking about this?

My recent work with Kubernetes & Docker has me looking at how they function from a resource level and I see the potential for them to surpass what I can do today with hypervisors alone.

ADPREP Error – Promoting Windows Server 2016 in 2008 R2 Forest/domain

When promoting a Windows Server 2016 to DC, adprep fails with an error that an attribute or value already exists. I am unsure if I caused this by attemping to add mutiple DC’s at the same time (race condition).

Error: The DN is CN=Send-As,CN=Extended-Rights,CN=Configuration,DC=.

The error logs were located: C:\Windows\debug\adprep\logs\

Entry DN: CN=Send-As,CN=Extended-Rights,CN=Configuration,DC=<domain>
changetype: modify
Attribute 0) appliesTo:7b8b558a-93a5-4af7-adca-c017e67f1057

Add error on entry starting on line 1: Attribute Or Value Exists

The server side error is: 0x2083 The specified value already exists.

The ADPrep log will point you to a ldif.err log which details the objects which are causing conflict and preventing this update.

Using ADSIEdit remove the conflicting GUID’s located under the Configuration

1: CN=Send-As,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

2: CN=Receive-As,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

3: CN=Personal-Information,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

4: CN=Public-Information,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

5: CN=Validated-SPN,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

6: CN=Allowed-To-Authenticate,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

7: CN=MS-TS-GatewayAccess,CN=Extended-Rights,CN=Configuration,DC=companywear,DC=local

Once removed rerun your domain controller promotion again

Installing Docker on Ubuntu 18.04

To start, make sure our system is up to date

Update your systems:
sudo apt-get update
sudo apt-get upgrade

Once the system is up to date, we install Docker followed by portainer which is a simple management solution for Docker. It consists of a web UI that allows you to easily manage your Docker containers, images, networks, etc.. For more info – https://portainer.readthedocs.io/en/stable/

sudo apt install docker.io
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl status docker

Once that is done, we are now ready to install the program portainer as our first docker container…. This will enable you to manage Docker

Create a disk for you portainer instance

sudo docker volume create portainer_data

sudo docker run -d \
–name=”portainer” \
–restart on-failure \
-p 9000:9000 \
-v /var/run/docker.sock:/var/run/docker.sock \
-v portainer_data:/data \
portainer/portainer

Now you should be able to connect to portainer…. To do this you navigate to http://IP.OF.HOST:9000

It will prompt you to create a username, once you do that, click on create user After that choose Local and then click on connect.

Done!

Tech Short: Configure IP address in RHEL

The following short should help someone who needs to configure an IP address or networking on a RHEL (Red Hat Enterprise Linux) server post install, or if they are looking to modify an existing host.

The ‘classic’ method of doing this would be to vi or nano to ‘/etc/sysconfig/network-scripts’ and edit the name of the interface.

Another method I find helpful for those who prefer a user interface to step them through the process is to use the tool ‘nmtui‘.

All you need to do is: enter the command ‘nmtui’ & press enter. This will open a new window with 3 options i.e. we can edit our network interface, activate a network interface or set a hostname for our system.

Look, Mom, No Malware! | DocuPhish

And, just like that, all your advanced threat protection, anti-virus, and anti-malware protection and the bad guys are still getting to you.

There is a new phishing scam going on these days that use legitimate resources to pull off classic social engineering maneuvers to capture your information.

Enter – DocuPhish – The bad guys are now using the Docusign infrastructure to launch attacks against unsuspecting victoms.

By clicking on the yellow “Review Document” button you land on a legit Docusign page, where are asked to fill out the form with information about yourself, your company. Filling out such a form would allow for the phisher to steal your or companies identity.

If you are gullible enough the damages could be extensive. Imagine if someone on your finance team was to fall for this attack…

More reason to be aware of such threats and take security awareness training. It’s recommended that you hire a profeshinal to come in to educate you and your staff, but there are many free resources online that offer the same if not better materials

Here is a YouTube search link to many videos discussing security