Pivotal Engineering Journal

Technical articles from Pivotal engineers.

Brian Cunnie

Posts By Brian Cunnie
  1. Flow Your Tests Like Your Code When writing Behavioral Driven Development (BDD) Golang unit tests, pattern the flow of the tests after the code; it will make the tests easier to understand, navigate, and maintain. Categories:   Golang    TDD    BDD   
  2. How To Enable IPv6 on Your Cloud Foundry's HAProxy This blog post describes how to assign both an IPv4 and an IPv6 address to the HAProxy VM (an optional load balancer) on a Cloud Foundry deployment (foundation). This may be of particular interest to homelab enthusiasts who have an abundance of public IPv6 addresses but only one public IPv4. Categories:   BOSH    CF    IPv6    vSphere   
  3. A High-performing Mid-range NAS Server, Part 3: 10 GbE Upgrading our iSCSI (Internet Small Computer System Interface) NAS (network-attached storage) server from 1 GbE (gigabit ethernet) to 10 GbE increased our vSphere VM’s (Virtual Machine’s) sequential read throughput 43%, sequential write throughput 940% (!), and IOPS (Input/Output Operations Per Second) 60%. Categories:   Logging & Metrics    FreeNAS   
  4. Transferring Time-based One-time Passwords to a New Smartphone Time-based One-time Passwords (TOTP) authenticator apps are often deployed on smartphones to enhance security of sensitive online accounts; however, replacing the phone typically requires a burdensome reset of all TOTP passwords. In this blog post we describe the clever use of a QR code reader, secure storage, bash scripting, and a QR code generator to quickly configure a new phone (no reset of TOTP required). Categories:   2FA    TOTP    Google Authenticator   
  5. Troubleshooting Obscure OpenSSH Failures How an elusive CI (Continuous Integration) error led us to uncover a hidden man-in-the-middle ssh proxy. Categories:   Networking   
  6. Safely Upgrading PAS 2.2 with NSX-T Load Balancers How to upgrade an NSX-T-based PAS 2.2 → 2.3 foundation without downtime Categories:   NSX-T    Operations Manager    BOSH   
  7. How to Install a TLS Certificate on vCenter Server Appliance (VCSA) 6.7 We install a Transport Layer Security (TLS) certificate issued by a commercial Certificate Authority (CA) on a VMware VCSA 6.7 while avoiding several pitfalls. Categories:   vSphere   
  8. Benchmarking the Disk Speed of IaaSes It’s helpful to know the performance characteristics when selecting a disk type for an Infrastructure as a Service (IaaS). In this blog post we describe the results of benchmarking various disk types of various IaaSes, including Amazon Web Services (AWS), Microsoft Azure, Google Compute Engine (GCE), and VMware vSphere. We measure Input/output operations per second (IOPS), read throughput, and write throughput. Categories:   BOSH    Logging & Metrics   
  9. Deploying BOSH VMs with IPv6 Addresses on vSphere Recent changes to the BOSH software suite enable the assignment of IPv6 addresses to VMs deployed by the BOSH Director in a vSphere environment. In this blog post we describe how we deployed a BOSH Director and subsequently used the Director to deploy a web server with a private IPv4 address and a public IPv6 address. Categories:   BOSH    IPv6   
  10. Maintaining BOSH Directors with Concourse CI and bosh-deployment BOSH directors can be deployed (and redeployed) with a properly built Concourse pipeline and manifests generated by the curated bosh-deployment manifest generation tool. This lightens the burden of keeping BOSH directors patched & up-to-date. Categories:   BOSH    Concourse   
  11. Deploying a BOSH Director With SSL Certificates Issued by Commercial CA A BOSH director is typically deployed with self-signed SSL (Secure Sockets Layer) certificates; however, the director can be deployed with certificates issued by a trusted CA (Certificate Authority). Here’s how. Categories:   BOSH   
  12. Deploy To vSphere NSX-T Opaque Networks Using BOSH BOSH now allows attaching vSphere deployed VMs to NSX-T’s Opaque Networks Categories:   BOSH    BOSH CPI    vSphere    NSX-T   
  13. Why Is My NTP Server Costing $500/Year? Part 3 Running a Network Time Protocol (NTP) server in the pool.ntp.org project can incur $500/year in data transfer (bandwidth) costs. Those costs can be reduced or even eliminated by choosing alternative Infrastructure as a Service (IaaS) providers, modifying the server’s pool.ntp.org connection speed setting, choosing an alternative continent upon which to place the server, and modifying the NTP daemon’s configuration file to rate-limit the clients. Categories:   NTP   
  14. Using the beta BOSH CLI to Deploy an IPv6-enabled nginx Server to AWS Amazon Web Services (AWS) has recently announced Internet Protocol version 6 (IPv6) Support for their Elastic Compute Cloud (EC2) Instances in Virtual Private Clouds (VPCs). In this blog post, we describe using the beta BOSH command line interface (CLI) to deploy a virtual machine (VM) running nginx (a popular webserver) to EC2 with a native IPv6 address. Categories:   BOSH    IPv6   
  15. Leveraging NSX's Features with BOSH's vSphere CPI BOSH, a VM (Virtual Machine) orchestrator, includes the ability to interoperate with NSX, a network virtualization platform, when deploying to a vSphere IaaS (Infrastructure as a Service). This blog post describes deploying VMs as the backend of an NSX Load Balancer. Categories:   BOSH    NSX    vSphere   
  16. How to Customize a BOSH Stemcell BOSH Stemcells are Linux-based bootable disk images upon which BOSH applications may be deployed. This blog post describes a process to customize a stemcell (most often used to troubleshoot stemcell boot problems). Categories:   BOSH   
  17. Updating a BOSH Release Authors of a BOSH Release may want to release a new version when the upstream application is updated. This blog post describes the process of updating a BOSH Release while avoiding common pitfalls. Categories:   BOSH   
  18. Concourse has Badges Use Concourse’s badges to display the health of your project Categories:   Concourse   
  19. Concourse without a Load Balancer nginx is a less-expensive alternative to a load balancer for a BOSH-deployed Concourse server’s SSL termination. Categories:   BOSH    Concourse   
  20. How to Deploy a Multi-homed BOSH Director to a vSphere Environment We explore deploying a multi-homed BOSH Director to a vSphere environment to segregate networks in a secure manner. Categories:   BOSH   
  21. The World's Smallest Concourse CI Server How to deploy a publicly-accessible, extremely lean Concourse CI server. Categories:   BOSH    Concourse