|
| DevCentral > Weblogs > - Two Different Socks
|
application
There are 28 entries for the tag application
 |
The problem with HTTP (okay, one of the problems with HTTP, happy now?) is that it resides at the top of the “stack” regardless of whether we identify the “stack” as based upon the TCP/IP stack or the OSI model stack. In either case, HTTP sits at the top like a a king upon his throne. There’s nothing “higher” than the application in today’s networking models. But like every good king, HTTP has a crown: the actual application data exchanged in the body of an HTTP transaction. In the good old days, when intermediaries (proxies) were only able...
posted @ Tuesday, February 16, 2010 3:17 AM |
|
|
Preparing for the upcoming Cloud Connect conference several speakers and presenters have put forth the proposal that no one should attempt to define cloud yet again. After all, if you’re attending the conference (and you are attending, of course, aren’t you?) then you certainly have a firm understanding of what cloud computing is and what it can do. But most end-users and business stakeholders won’t be attending and don’t have a firm understanding of cloud computing. Even the technology pundits to whom these constituents turn to learn about the technology often fail to really “get” cloud computing, as evinced...
posted @ Friday, February 12, 2010 3:50 AM |
|
|
load balancing intermediaries have long used the terms “virtual server” and “virtual IP address”. With the widespread adoption of virtualization these terms have become even more confusing to the uninitiated. Here’s how load balancing and application delivery use the terminology.
I often find it easiest to explain the difference between a “virtual server” and a “virtual IP address (VIP)” by walking through the flow of traffic as it is received from the client.
When a client queries for “www.yourcompany.com” they get an IP address, of course. In many cases if the site is served by a load balancer or...
posted @ Monday, December 28, 2009 6:00 AM |
|
|
You can address the problem of converting smart quotes – and any other content - in your application if you control the code. What if you’re using third-party software for which you do not have the code? Or what if it is your code but the “defect” is so low on the priority list that you won’t get to it until the year 2020?
Dealing with Microsoft smart quotes is a fact of life for developers. Almost every developer out there has a server-side script/function they use to strip them out of user-generated content and replace them with web-friendly HTML...
posted @ Monday, November 02, 2009 3:03 AM |
|
|
Spectacular “cloud” failures over the past few weeks have raised the hue and cry for portability and interoperability across clouds for data.The problem is that the cry is based on the false assumption that a “cloud service” is the same as an “application service.” Apparently Microsoft felt Google and Amazon were getting too much attention with their recent outages and decided to join the game. The absolute loss of data for thousands lots and lots of T-Mobile Sidekick users is regrettable and yes someone needs to address such issues but that someone is not a standards group or...
posted @ Monday, October 12, 2009 9:06 AM |
|
|
Are you monitoring the network, servers, stack, or the application? The answer may mean the difference between your application being available or not. One of the biggest problems with moving away from simple load balancing to application delivery is that network teams don’t often get the memo and the application teams don’t have a good understanding of what load balancers can do so they can’t even offer suggestions regarding how to architect a better solution to availability. That means neither team really understands the role of health monitoring in maintaining availability for applications. What should happen...
posted @ Wednesday, September 30, 2009 3:25 AM |
|
|
Back in the day when I was actually allowed to write code for customers the pat answer to any code being returned from QA because of problems was a flat “but it works on my machine.” Alright, alright, I’ll be honest; it wasn’t flat at all, it usually a plaintive whine. This isn’t an uncommon scenario as differences in environments and interactions with other applications may be enough to cause problems on one machine and not another. Troubleshooting such subtle issues were painful, to say the least, and not something anyone wanted to do. Now comes the time...
posted @ Thursday, September 24, 2009 3:37 AM |
|
|
There’s more than one way to address the rapid rate of change in infrastructure supporting a dynamic environment. We spend a lot of time talking about how software and systems and standards are the ultimate solution to addressing the rapid rate of change in the association between applications and IP addresses in a dynamic infrastructure. But sometimes you have look down the stack to find a simpler, more economical and honestly, elegant, answer to the challenge of managing the problem associated with virtualized and cloud computing architectures. We need to take another look at the link layer...
posted @ Friday, September 18, 2009 3:19 AM |
|
|
Are you load balancing servers or applications? Network traffic or application requests? If your strategy to application availability is network-based you might need a change in direction (up the stack). Can you see the application now? Network load balancing is the distribution of traffic...
posted @ Tuesday, September 15, 2009 4:16 AM |
|
|
Why do application delivery vendors talk about both? Aren’t they the same thing? In general, acceleration implies that something will be done to the application: caching, compression, etc… The actual behavior of the application is changed such that the client may need to participate in the acceleration. Acceleration is technically speaking disruptive in the sense that it requires participation of client, intermediary, and often the server. This generally takes a form that leverages existing standards, a la caching, such that no changes need be made to clients or servers, but the behavior of the application and its...
posted @ Thursday, August 20, 2009 6:00 AM |
|
|
When it comes to availability, coding a solution is just delaying the inevitable Jonathan Howell, in Five Things That Will Kill Your Site – an excellent read, by the way, for all web application developers – asserts that there are several ways to avoid web application death that do not require the implementation of “expensive redundant hardware with top of the line load balancers and an enterprise class SAN.” In general he’s got some good advice to which application developers should pay attention, but I had to disagree with his assertion that a solution to provide graceful degradation...
posted @ Tuesday, August 11, 2009 3:56 AM |
|
|
The importance of a full-proxy architecture to application delivery, security, cloud computing, and virtualization People often describe the act of changing focus from one related but distinct task to another as “wearing two different hats.” Like moving from “developer” to “administrator” when you’re trying to deploy an application in a testing environment. You’re the developer, but then you have to “switch gears” and become a server administrator in order to ensure that the application server and its environment is configured properly before you can actually test the application you just wrote. But the metaphor...
posted @ Thursday, July 30, 2009 4:07 AM |
|
|
Using network-side scripting to remove client-side cookies @quine overhead an interesting question that he offered via Twitter regarding cookies and BIG-IP. Specifically someone was wondering whether BIG-IP automatically removes cookies from the browser. Our team had a quick discussion because the question isn’t as straight-forward as it first appears. On the surface the answer is an unequivocal “no”, because for an intermediary to just arbitrarily remove cookies would be a Very Bad Thing. But the ability to manipulate cookies is certainly something you can do using iRules, and if you implemented such functionality then the...
posted @ Wednesday, July 08, 2009 3:43 AM |
|
|
Now I lay me down to sleep I pray that safe my apps will keep If hacked they be before I wake I pray it was a (DEV || OPS) mistake Technorati Tags: MacVittie,F5,Infosec,prayer,humor,application,security
posted @ Thursday, May 07, 2009 9:40 AM |
|
|
Collaborating automatically via Web 2.0 APIs is a beautiful thing. I can update status on Twitter and it will automagically propagate to any number of social networking sites: Facebook. FriendFeed. MySpace. LinkedIn. If I had to do it all manually, I wouldn’t. But the automation of sharing, i.e. collaboration, between Web 2.0 social networking sites made possible by open APIs is just too easy to pass up.
The danger is, of course, that a single malicious message can just as quickly propagate through that same social network. The power of the API can quickly be turned against us.
A...
posted @ Monday, April 13, 2009 4:05 AM |
|
|
Finding new life for SOA in the cloud We’ve been having quite a few discussions with analysts over the past few months on the subject of “cloud”. The interesting thing about these discussions is the vast array of points of view from which those analysts are viewing “cloud”. Some are focused on the network aspects, others on pricing/differentiation, and some are even very focused on what “cloud” means to applications – and the organizations that will, allegedly, take advantage of the cloud as a means of application deployment. One such analyst is Daryl Plummer of Gartner. Daryl...
posted @ Tuesday, April 07, 2009 3:37 AM |
|
|
Mike Fratto loves to tweak my nose about web application security. He’s been doing it for years, so it’s (d)evolved to a pretty standard set of arguments. But after he tweaked the debate again in a tweet, I got to thinking that part of the problem is the definition of web application security itself. Web application security is almost always about the application (I know, duh! but bear with me) and therefore about the developer and secure coding. Most of the programmatic errors that lead to vulnerabilities and subsequently exploitation can be traced to a lack of secure...
posted @ Wednesday, March 11, 2009 3:21 AM |
|
|
According to the definition of cloud computing used by Avanade for a recently released and often cited study on the use of cloud computing, I could claim to be a cloud computing provider. And so could you. Basically, so could just about everyone who happens to run web-based applications accessed over the Internet. From the summary of the report: In the midst of widespread economic turmoil, this global survey of C-level executives and IT decision-makers shows a clear, collective mandate: use technology to cut the cost of doing business. ...
posted @ Tuesday, March 03, 2009 2:59 AM |
|
|
Owning the stack is important to security, but it’s also integral to a lot of other application delivery functions. And in some cases, it’s downright necessary. Hoff rants with his usual finesse in a recent posting with which I could not agree more. Not only does he point out the wrongness of equating SaaS with “The Cloud”, but points out the importance of “owning the stack” to security. Those that have control/ownership over the entire stack naturally have the opportunity for much tighter control over the "security" of their offerings. Why? because they...
posted @ Wednesday, February 25, 2009 3:13 AM |
|
|
Over the holidays I did, as most folks I suspect, things I enjoy doing. For me, one of those things was playing around with Adobe's Flex using Flex Builder 3. Yes, I am that much of a geek. I was a bit concerned it would take some time to figure it all out, but after quickly realizing that MXML, Adobe's interface markup language, was close enough to XAML, Microsoft's interface markup language, it was pretty much smooth going. ActionScript is close enough to JavaScript and C and most other languages I'm familiar with so that...
posted @ Thursday, January 08, 2009 8:12 AM |
|
|
The INTERNET, December 18, 2008 - In what is certainly a blinding epiphany for some it was suddenly realized today that some applications are not well suited for deployment in a public cloud computing environment. With all the hype surrounding cloud computing these days it is easy to forget that there's more to enterprise applications than just some code and a database. It is a rare application that is an island in the data center, and the more integrated with other systems a given application is the less likely it is that the application will be well suited...
posted @ Thursday, December 18, 2008 4:14 AM |
|
|
One of the most affordable options for small and medium businesses in terms of Internet connectivity is business-class service from cable and telco providers like Time Warner Cable, Cox, Verizon, and AT&T. Unfortunately, the definition of "business-class" is ill-suited to businesses that host their own web applications or mail servers. If you've ever looked into business class service, you'll notice that like residential services, they are only truly cost effective if you don't really care about upload speed. For example, Verizon has a promotional offer that promises download speeds up to 7.1Mbps, but limits upload speeds to 768Kbps....
posted @ Friday, December 12, 2008 3:46 AM |
|
|
Wesley: Now, there may be problems once our app is in the cloud.
Inigo: I'll say. How do I find the data? Once I do, how do I integrate it with the other apps? Once I integrate it, how do I replicate it?
If you remember this somewhat altered scene from the Princess Bride, you also remember that no one had any answers for Inigo. That's apropos of this discussion, because no one has any good answers for this version of Inigo either. And no, a holocaust cloak is not going to save the day this...
posted @ Tuesday, December 09, 2008 4:12 AM |
|
|
Amidst the hype of cloud computing and virtualization have been the publication of several research notes regarding SOA. Adoption, they say, is slowing. Oh noes! Break out the generators, stock up on water and canned food! An article from JavaWorld quotes research firm Gartner as saying: The number of organizations planning to adopt SOA for the first time decreased to 25 percent; it had been 53 percent in last year's survey. Also, the number of organizations with no plans to adopt SOA doubled from 7 percent in 2007 to...
posted @ Friday, November 21, 2008 3:09 AM |
|
|
Last month I happened across this amusing, and ironic, poem describing the dichotomy that exists in trying to define cloud computing. Go ahead and read it, I'll wait, it's worth the time. Seriously. I am not going to define cloud computing again. I've done that already and the point of this discussion is not what is cloud computing but rather how the cloud is beginning to separate into distinct models, each serving a different set of needs. The common theme between these models is "as a service". Some "thing" traditionally relegated to the local IT data center is...
posted @ Thursday, November 20, 2008 3:12 AM |
|
|
When SOA was the hot topic of the day (not that long ago) everyone was pumped up about the ability finally align IT with the business. Reusability, agility, and risk mitigation were benefits that would enable the business itself to be more agile and react dynamically to the constant maelstrom that is "the market". But only half of IT saw those benefits; the application half. Even though pundits tried to remind folks that the "A" in SOA stood for "architecture", and that it necessarily included more than just applications, still the primary beneficiary of SOA has been applications...
posted @ Monday, November 10, 2008 8:23 AM |
|
|
Many people are concerned with virtualization security (already coined VirtSec), and they're applying that concern from the virtual images all the way down the stack, to the network infrastructure through which virtualized application traffic is delivered. The desire for network infrastructure to be itself virtualized is growing out of a perceived need to isolate application traffic at every point in the infrastructure. But the technology to isolate application traffic at layer 2 and 3 of the infrastructure already exists, and has been essentially virtualized for years.
The sudden desire for everything in the infrastructure to be virtualized completely is borne...
posted @ Friday, November 07, 2008 6:33 AM |
|
|
There are a lot of things you can share on the Web today - you can bookmark pages, share pictures on Flickr or twitpic, blast a 12 second audio message out, e-mail links, or post nifty tidbits to your Facebook profile. But rarely do you find an online tool that lets you bring all that disparate content together in one elegant presentation-like format. Flowgram aims to change the way you share content, by allowing you to mashup multiple media formats into a single, audio-backed "flowgram", sharable across a large number of social networking sites as well as via...
posted @ Thursday, September 25, 2008 11:31 AM |
|
|
|
|
|
|
