Stefanos Cloud

Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27507 and CVE-2022-27508 The following vulnerabilities have recently been discovered and announced by Citrix. CVE-2022-27507  Authenticated denial of service CWE-400: Uncontrolled Resource Consumption    VPN (Gateway) virtual server with   DTLS, and  either 'HDX Insight for EDT traffic' or 'SmartControl' is configured  CVE-2022-27508  Unauthenticated denial of service CWE-400: Uncontrolled Resource Consumption    Appliance must be configured as a VPN (Gateway) or AAA virtual server  Details on the conditions under which the above vulnerabilities are triggered can be found at https://support.citrix.com/article/CTX457048 . Citrix recommends that affected customers install the relevant updated versions of Citrix ADC or Citrix Gateway as soon as possible. - Citrix ADC and Citrix Gateway 13.1-21.50 and later releases  - Citrix ADC and Citrix Gateway 13.0-85.19 and later releases of 13.0   - Citrix ADC and Citrix Ga...

Case You have a Linux-based KVM installation and you need to deploy Cloudstack latest version to control your KVM hypervisor and virtual machines. This article provides high-level guidance on how to deploy Cloudstack on Ubuntu Linux. This article is being updated to include more detailed steps for configuring all aspects of Cloudstack deployment on Ubuntu Linux. Bear in mind that this post assumes 14.6.1.0 version of Cloudstack. You should always consult the latest documentation from the official Cloudstack website. See the refences section of this post for details. Solution The Cloudstack (CS) management server can be installed on any supported Linux distribution, including the following: - Ubuntu 18.04 LTS, 20.04 LTS - CentOS versions 7, 8 (note: CentOS 8 will EOL in Dec 2021) - Rocky Linux 8 - RHEL versions 7, 8 - openSUSE Leap 15 - SUSE Linux Enterprise Server 15 (not tested, but expected to work same as with openSUSE 15) The CS management server can be a physical server or a virtu...

gRPC announcement Microsoft announced today that gRPC is now available and supported on Azure App Service for Linux workloads. This was made possible by recent platform upgrades to the HTTP reverse proxy layer to leverage YARP and Kestrel . This is an important announcement as it removes the native support limitation in Azure App Service which prevented the migration and usage of gRPC-enabled applications in Azure App Service. In such cases, running the Azure App Service migration assessment tools would report incompatibility errors, leaving you with the pain of having to decide upon an alternative design option for your net.tcp, wcf or gRPC applications. gRPC utilizes the remote procedure call (RPC) framework to streamline messages between clients and servers over the HTTP/2 protocol. Using gRPC protocol over HTTP/2 enables the use of features like multiplexing to send multiple parallel requests over the same connection. gRPC is currently available for use with .NET Core 3.1 and .N...

Case You need to install the KVM hypervisor in Ubuntu Linux. For the purpose of this demo I will be deploying KVM in Ubuntu Linux LTS server, as shown below. However you can follow the same procedure on any Linux platform, making any adjustments related to the package management system used by your distribution (e.g. deb vs rpm). This article offers step-by-step instructions on how to install KVM in Ubuntu Linux. Solution First check if your Ubuntu server or desktop installation supports virtualization by running the below command. You need to get a result which is greater than 0, to ensure that your system supports virtualization. egrep -c '(vmx|svm)' /proc/cpuinfo Run the following command to ensure that kvm can be supported and installed on your machine. If the kvm-ok command is not available it should be installed as part of the cpu-checker deb package. You are now ready to install the KVM-related packages to enable KVM virtualization in your Ubuntu system. Run the command ...

Welcome to Cloud Computing Crossword 2. Instructions on solving a crossword online: - Click a cell on the crossword grid, or click a clue - Click twice on a cell to toggle between across and down - The active cell is highlighted in blue - Start typing in the word - Hit enter when you are done typing in the word - The word will turn green or red if you got it right or wrong - You can use the tab and shift-tab keys to move around the crossword, and the arrow keys You should subscribe to the blog newsletter and send me a direct email to request the crossword solution. https://stefanos.cloud/blog/cloud-computing-crossword-2/

Case You cannot open pdf files in Mozilla Firefox. When trying to open and view a pdf file inside the browser, the file is saved to your local disk as .pdf file by default. After installing Adobe Reader DC or previous version to your Windows operating system, you realize that Adobe only provides a browser add-on for Google Chrome and not for Firefox. You need to be able to open pdf files inside the Mozile Firefox browser and not save them as .pdf files to your local disk. This is a known issue in the Adobe community and has been discussed in the following thread: https://community.adobe.com/t5/acrobat-discussions/acrobat-dc-extension-missing-in-firefox/td-p/11210656 . Solution Adobe indeed does not provide a browser add-on for Mozilla Firefox in its latest version of Adobe Reader DC software. You can only track and install the Google Chrome Firefox add-on file (.xpi extension) in the Adobe installation folder "C:Program Files (x86)AdobeAcrobat 2017AcrobatBrowser" file name ...

Introduction The current post attempts to present an overview of the Azure database services, as of late May 2022. Azure database services mainly cover the conventional database administration side of things (with SQL and NoSQL databases) but can conceptually expand to cover a full range of Analytics and Data Engineering and Analysis services (for example Azure Data Factory and Azure Synapse Analytics). This broader view of data-related services essentially constitutes the Azure Data Platform . Given the dynamic nature of public clouds, this list will most likely change soon in the near future but nevertheless acts as a general point of reference when discussing Azure database services. You find an overview of all Azure service categories at https://stefanos.cloud/blog/azure-service-categories/ . Database services Azure allows you to support rapid growth and innovate faster with secure, enterprise-grade, and fully managed database services. Azure Cache for Redis Accelerate apps with h...

Case You have two or more physical Hyper-V hosts on which you need to configure a Hyper-V cluster to be able to host virtual machines. This article provides step-by-step guidance on how to deploy a Hyper-V cluster with Powershell. Solution Pre-requisites First off, you should have configured the core/distribution switching infrastructure and the storage infrastructure for supporting your Hyper-V cluster. Designing the proper networking and storage environment for any Windows Failover Cluster (WFC) is outside the scope of this article. You can find out more about design considerations and best practices in my Windows Failover Clustering Design Handbook . Each Hyper-V host which will join the WFC Hyper-V cluster will need to have sufficient RAM memory, sufficient storage IOPS in its local disks and sufficient number of physical Network Interface Cards (NICs). You will need to ensure redundancy for the shared storage cabling paths with LACP configured at the switch ports side. Ensure that...

Introduction Linux Ubuntu Server 22.04 LTS was released by Canonical on April 21st, 2022. The 22.04 Long Term Service (LTS) release (code named Jammy Jellyfish) is the most mature and feature rich release to date and includes various noteworthy additions and new features. Canonical releases its LTS and interim Ubuntu versions as per the following release cycle. The Ubuntu Wiki has more details on each released Ubuntu Server or Ubuntu Desktop version. By subscribing to Ubuntu Advantage (UA), Canonical clients can receive additional and extended support for their Canonical products including the Ubuntu Server. Run the following command to view details of your UA status. ua status New features Ubuntu Server 22.04 LTS comes with the following new features. - Cloud images for AWS , Azure and GCP with hardening, compliance, extended security and more with Ubuntu Pro - Kafka, Grafana and Loki joined the growing portfolio of trusted OCI images maintained by Canonical - OpenSSL 3.0 for mode...

Citrix 1Y0-341 exam overviewThe Citrix 1Y0-341 exam is a 69 question exam written in English. The exam consists of multiple choice items only. Passing the exam grants you with the Citrix Certified Professional in Networking (CCP-N) certification.The official Citrix 1Y0-341 exam study guide is available for free download from https://training.citrix.com/public/Exam+Prep+Guides/341/1Y0-341_Exam_Preparation_Guide_v01.pdfAudienceThe 1Y0-341 exam was developed for candidates who have demonstrated the minimumrequisite knowledge and skills required for a Citrix networking professional who candeploy and/or manage Citrix Web App Firewall (WAF) to secure application access in a CitrixADC 13 environment, as well as Citrix Application Delivery Management (ADM) to administer aCitrix ADC environment or optimize Citrix ADC-managed application delivery traffic. The tasks tested in this exam will represent these skills, which are deemed as advanced topics such as Security, Management, and Optimization....

Internet Explorer 11 retirement announcementAs per Microsoft MC378271 announcement, the Internet Explorer (IE) 11 desktop application will be retired on June 15, 2022, on certain versions of Windows 10. This means that the IE11 desktop application will no longer be supported and will be progressively redirected to Microsoft Edge over the following months, and ultimately disabled via Windows Update, to help ensure a smooth retirement. Internet Explorer 11 is not included in Windows 11. Internet Explorer mode (IE mode) is a feature of the successor Web browser (Chromium based Microsoft Edge) which will be providing legacy browser support for applications which can only run on the IE HTML/CSS/Javascript engine. Action items for Windows administratorsMicrosoft recommends that Windows administrators proactively retire IE in their organization before June 15th by using Group Policy. Note that Windows 10 LTSC and Windows Server are not affected. To continue using legacy IE-based sites and app...

IntroductionThe Distributed Component Object Model (DCOM) Remote Protocol is a protocol for exposing application objects by way of remote procedure calls (RPCs). The protocol consists of a set of extensions layered on Microsoft Remote Procedure Call Protocol Extensions as specified in . The DCOM Remote Protocol is also referred to as Object RPC or ORPC. As per Microsoft MC376180 announcement which appeared in the Microsoft 365 Admin Center, Windows devices which use the Distributed Component Object Model (DCOM) or Remote Procedure Call (RPC) server technologies will go under Windows DCOM hardening phases. Windows updates released starting September 2021 address a vulnerability in the DCOM remote protocol by progressively increasing security hardening in DCOM throughout 2022. Timeline of DCOM hardening updatesDCOM components are gradually being hardened by issued Windows Updates. Windows DCOM hardening is being carried out as per the below past and scheduled important deadlines.- June ...

CaseYou need to upgrade your Linux Ubuntu installation to the latest available major release, for example upgrade from 20.x LTS to 22.x LTS. A thorough list of available Linux Ubuntu releases can be found in the Ubuntu Wiki at https://wiki.ubuntu.com/Releases. SolutionFirst study the Ubuntu Wiki at https://wiki.ubuntu.com/Releases for release notes and known issues and bugs before upgrading to a higher major release. Then follow the procedure below from an Ubuntu bash terminal. # Clean-up the Linux package repository cachesudo apt-get update# Optionally# sudo apt-get update --allow-insecure-repositories# Upgrade Ubuntu libc, drivers and other core packages such as docker containersudo apt-get upgrade# Upgrade the Linux core packages, Linux kernel and third packages, for example NVidia packagessudo apt-get dist-upgradereboot# Check if a release upgrade existssudo do-release-upgrade -c# Upgrade to the latest Ubuntu major releasesudo do-release-upgradeThe output of the apt-get upgrade com...

IntroductionThe current post presents an overview of the Azure container services, as of early May 2022. Generally speaking, containers are an evolution to virtualization solutions and fall under the Azure Compute Services category. Given the dynamic nature of public clouds, this list will most likely change soon in the near future but nevertheless acts as a general point of reference when discussing Azure containers services. You find an overview of all Azure service categories at https://stefanos.cloud/blog/azure-service-categories/.App ConfigurationFast, scalable parameter storage for app configurationAzure Kubernetes Service (AKS)Deploy and scale containers on managed KubernetesAzure Red Hat OpenShiftDeploy and scale containers on managed Red Hat OpenShiftAzure Container AppsBuild and deploy modern apps and microservices using serverless containersAzure FunctionsExecute event-driven serverless code with an end-to-end development experienceWeb App for ContainersRun containerized web...

CaseYou notice that even though you setup a custom layout for your Windows desktop icons, the Windows desktop icon layout is lost after reboot. SolutionFollow the steps below to resolve the issue. You can automate the below tasks by running a startup Powershell script or a Windows scheduled task as part of a Group Policy object. - Click Start --> Run --> %userprofile%. This will open the user’s profile folder. Ensure hidden folders are shown. Navigate to “AppData --> Local” folder and delete the IconCache.db file.- Open regedit.exe and navigate to path ComputerHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionThemes. Ensure that the ThemeChangesDesktopIcons item’s value is set to zero (0). https://stefanos.cloud/kb/windows-desktop-icon-layout-is-lost-after-reboot/

IntroductionIf you are a Cloud engineer or possess a similar technical Cloud related role, you need to ensure that you can automate your daily tasks and better manage your workload. This post serves as a compilation of a software toolkit which I regard to include the most frequently used and most useful software applications in the day-to-day activities of a Cloud engineer. Software toolkit for cloud engineersStandard productivity toolsThe following tools are standard productivity tools and can be used by any IT professional or more broadly by any professional who is spending a considerable amount of time in an office job. - Email client. Examples include Outlook 365 and other SMTP and IMAP-based clients, such as Protonmail and Tutanota. ProtonMail was founded in 2013 by scientists who met at CERN and were drawn together by a shared vision of a more secure and private Internet. Since then, ProtonMail has evolved into a global effort to protect civil liberties and build a more secure In...

IntroductionClaiming and publishing your cloud and IT certificates and badges to partners, colleagues and potential employers is key in establishing just the right rapport and in establishing credibility as a Cloud professional. Hopefully there are various online cloud digital credential systems which allow you to effectively request, issue, publish and manage your cloud certificates and badges with ease. Most cloud certificate management systems can serve both the certificate or badge issuing authority, e.g. cloud computing vendor or training provider organization, as well as the students who receive the certificates and badges. A category of cloud digital credential systems is the category of digital badge management systems which cover other aspects of digital identities in the e-learning landscape. Issuing e-learning badges should be part of a broader initiative to motivate learners by providing easily shareable digital credentials with which to prove the learner's participatio...