2018-12-19

How To Add and Use Taggged and Untagged VLANs Trunks on pfSense Router Interfaces

How To Add and Use Taggged and Untagged VLANs Trunks on pfSense Router Interfaces

(Complatible and tested with Cisco switches)
Updated May 13, 2018: Configuration can be done completely within the pfSense GUI
Objective:
Using VLANs and Trunking to provide subnet 
192.168.10.0 tagged on interfaces em3 & em4
to trunked interfaces on switches.

Requirements:
Available Interfaces
em2 (OPT1), em3 (OPT2), em4 (OPT3)
3 subnets each on it's own router interface to its own switch
192.168.10.0 on em2 (VLAN10)
192.168.20.0 on em3 (VLAN20)
192.168.30.0 on em4 (VLAN30)

Note:
192.168.10.0 on em2 will be untagged
192.168.10.0 on em3 will be tagged
192.168.10.0 on em4 will be tagged
192.168.20.0 on em3 will be untagged
192.168.30.0 on em4 will be untagged

This was developed on pfSense
2.4.3-RELEASE (amd64)
built on Mon Mar 26 18:02:04 CDT 2018
FreeBSD 11.1-RELEASE-p7

(Click on screenshots to zoom, back buttion to return)

Source: http://www.curtronics.com/Networking/pfSense/pfSenseTrunkedVLANs.html

2018-12-14

[Jira] Server vs. Data Center – What’s right for you?

Many teams choose Atlassian Server products because they want or need control over their data and infrastructure. But did you know that Atlassian offers another option for you to deploy on your own infrastructure?
This alternative is called Atlassian Data Center, our self-managed enterprise offering, which provides the same functionality you know and love in our Server products, but has additional capabilities to better serve enterprise organizations. A Data Center edition is available for Jira SoftwareConfluenceBitbucketJira Service Desk, and Crowd.

But really, what’s the difference between Server and Data Center?

Let’s start with the basics. Both deployment options provide you with control over your data and infrastructure. The main distinction is that while Server runs on a single nodewith internalized data stores, Data Center allows you to run on multiple nodes with externalized data stores.
When your Server instances grow, and your organization’s ability to build products and deliver services puts an increasingly demanding load on them, you might need a better way to stay ahead. For many of you, not only is the rate of your organization’s growth too much for a single server to handle, but as your organization continues to mature, you need a better solution to meet the growing list of requirements your software needs to meet company requirements.
We built Data Center with this group of our customers in mind. Atlassian Data Center was built to serve our Server customers as they grow and mature by providing them the infrastructure and capabilities to ensure consistent performance as they scale. Atlassian Data Center also helps teams work faster and smarter as they grow and gain increased control over the application. In addition, this better meets evolving security and compliance needs.

When should you consider upgrading to Data Center?

To determine whether Server or Data Center is the right fit for you, we’ve outlined some criteria to help in the decision-making process:



Users

How many users do you have accessing your Atlassian applications each day? Is this number growing? We’ve found that Jira Software, Confluence, and Bitbucket customers typically need more stability between 500 – 1,000 users. 45% of current Data Center customers have upgraded to this offering at the 500 or 1,000 user tier. For Jira Service Desk, we found that 50% of Data Center customers upgrade when they reach 50 agents. Your team’s growth rate is also a good indication of which option you should choose.





Performance
As you scale, do you still get the same level of performance? Performance degradation usually happens under high load or peak times for larger customers. Many global companies experience this when their teams in multiple geographic locations are online at the same time. In addition to concurrent usage, other running jobs like API calls and queries can also impact performance. Therefore, it’s also important for you to evaluate your number of concurrent users and the impact that your global offices are having on overall system performance.



Downtime

Is downtime unacceptable in your organization? Do you know what an hour of downtime costs you? There are typically two primary causes of downtime: application and server-side.
Application issues are often caused by JVM errors. Most commonly, application failure is caused when memory dedicated on the server for running the application gets too full or when the database’s connection is overloaded by requests.
Server disruption or crashes can be caused by a variety of things including planned maintenance, unplanned upgrades or installations, or resources such as CPU, RAM, or storage on the server being overwhelmed. Any type of outage results in lost productivity from your employees being unable to work. It is important to consider how many of your employees rely on Atlassian products to get their jobs done and what that hour of downtime may cost you.





Administration

How are you trying to streamline your administrative processes? Some of you may be using a federated environment or trying to meet your needs on a single server. However, your job quickly becomes more complicated when your single server is overloaded or your federated servers aren’t working together the way you’d like. Are you spending too much time managing simple tasks like password reset requests? Our Data Center offerings aim to simplify your job by giving you the tools you need to maintain optimal performance, avoid downtime, and manage your continued growth.

Learn more about Data Center

As you can see, there are many factors that make Data Center a great option for Server customers as their needs grow and change over time. And we are invested in continuing to build new Data Center capabilities to meet these needs. You can learn more about the differences within individual Server and Data Center products by checking out our feature comparisons:
Find out more about the criteria you should move to determine when to move to Data Center, learn how to plan, prepare and setup Data Center and read stories from customers who’ve successfully migrated to Data Center.

[JIRA] Jira DataCenter Model

Data Center consists of a cluster of dedicated machines, connected like this:


Load balancer

The load balancer distributes requests from your users to the cluster nodes. If a cluster node goes down, the load balancer immediately detects the failure and automatically directs requests to the other nodes within seconds. You can use any load balancer that supports session affinity.

Application nodes

The cluster of Data Center nodes share the workload of incoming requests. Failure of a cluster node causes virtually no loss of availability for users, because requests are immediately directed to other nodes.

Shared database and storage

Data Center supports the same databases that are supported for Jira Software Server. It also supports any shared file system, which stores: import/export files, plugins, Logos directory, shared caches, and any data directory which includes attachments, avatars and icons.

Additional Data Center considerations

Atlassian Enterprise releases

An Atlassian Enterprise release is a feature release that gets backported security updates and critical bug fixes during its entire two-year support window. If you can only upgrade once a year, consider upgrading to an Enterprise release.   Learn more

2018-12-12

[HAProxy] Haproxy termination vs passthrough

#A/ Termination
Client--(https)-->HAPROXY--(http)-->Backend
#Source: https://www.digitalocean.com/community/tutorials/how-to-implement-ssl-termination-with-haproxy-on-ubuntu-14-04




#B/ Passthrough
Client--(https)-->HAPROXY--(https)-->Backend
#Source: https://serverfault.com/questions/738045/haproxy-to-terminate-ssl-also-send-ssl-to-backend-server
frontend app1_ssl
    bind *:443 ssl crt /etc/haproxy/certs.d/example.com.crt crt /etc/haproxy/certs.d/ no-sslv3

    option http-server-close
    option forwardfor
    reqadd X-Forwarded-Proto:\ https
    reqadd X-Forwarded-Port:\ 443

    # set HTTP Strict Transport Security (HTST) header
    rspadd  Strict-Transport-Security:\ max-age=15768000

    # some ACLs and URL rewrites...

    default_backend             backend_app1_ssl


backend backend_app1_ssl
    server mybackendserver 127.0.01:4433 ssl verify none

2018-12-11

[Linux] delete all data except 4 file newest

#______________________DELETE_OLD_DATA:BEGIN
#Source: https://stackoverflow.com/questions/25785/delete-all-but-the-most-recent-x-files-in-bash

FOLDER_DST=/opt/bk
mkdir -p $FOLDER_DST
cd $FOLDER_DST

#Giu lai 4 file moi nhat trong thu muc [$FOLDER_DST]:
rm  -rf `ls -t | awk 'NR>4'`

#______________________DELETE_OLD_DATA:END





#/opt/script/fwsync-HOST01_2_HOST02.sh
#LastUpdate: #09:38 2018.12.23
#################################################
#FILE_NAME=fwsync-HOST01_2_HOST02.sh
#HA_VHOST=/opt/script
#cat $HA_VHOST/$FILE_NAME | grep LastUpdate
#################################################
#SYNC FW:
#0 */1 * * * /opt/script/fwsync-HOST01_2_HOST02.sh
#################################################

#__________________________________CONTENT:BEGIN
HOST01=srv186_HaProxy01
HOST02=srv187_HaProxy02

#1/ BACKUP $HOST02 CONFIG:
ssh -p 65022 root@$HOST02 "\
mkdir -p /etc/iptables;\
cd /etc/iptables;\
rm -rf *.bk;\
cp -vR /etc/iptables/rules.v4 /etc/iptables/rules.v4-[$HOSTNAME]-[$(date +'%Y.%m.%d-%H.%M.%S.%3N')].bk;
"
#


#2/ SYNC 100% CONFIG FROM HOST01->HOST02:
rsync -avz -e "ssh -p 65022" /etc/iptables/rules.v4 root@$HOST02:/etc/iptables/rules.v4

#__________________________________CONTENT:END

#THE-END

##rm -rf `ls -t *.bk | awk 'NR>4'`;\