* Posts by Jay 2

792 posts • joined 11 Jun 2009


Monitoring is simple enough – green means everything's fine. But getting to that point can be a whole other ball game

Jay 2

At my place it's not necessarily the monitoring that's the problem... but the alerting.

We've currently got an ageing Zenoss setup that we're going to be migrating to Prometheus. So the other day there was a memory-based issue on a JVM, the trigger for utilisation was passed and Zenoss sent a few emails out. But no-one in the team it goes to took any notice (for whatever reason). As a result the JVM wasn't very happy.

The leader of that team then said the problem was as the alert was an email, they get too many of them etc... So it was really important we get that sort of thing switched over to Prometheus so they could be alerted via a chatbot. Now he'd obviously forgotten but no so long ago they were receiving disk space alerts for an application via Prometheus/chatbot and you can probably guess what happened. Yes, that's right, there was too much noise from some other servers and the really important disk space alert was missed and the application ground to a halt.

Just moving to a newer/sexier monitoring/alerting platform won't always solve your problems. But on the other hand it will solve some of mine as I look after the current Zenoss setup, but the newer Prometheus/ELK stuff is run by another team. So the day I'm (mainly) no longer on the hook for any application monitoring will be a happy day indeed! I'll still have to worry about system monitoring, but that's far easier and less grief-laden.

Mind the gap(ing mouth): London's Underground to get ubiquitous mobile phone coverage

Jay 2

Re: Thanks I hate it

If it's actually on a train then you may be spared the sort of person who holds the phone horizontally with the speaker on like some vapid Apprentice wannabe.

Can't say I'm looking forward to any of this development. There's a reason I've usually got some earphones on when travelling by public transport.

Microsoft loves Linux so much that packages.microsoft.com has fallen and can't get up

Jay 2

Re: never rely on external systems for critical repos

Thankfully after a "security incident" in the recent past most people where I work are now on board with the fact that you can't just go and download stuff on a whim any more (plus tightened up proxies help). Added to that is that any (new) external software required has to be vetted by InfoSec and then stuffed into Nexus Repo Manager. So if anything goes bang in the outside world then hopefully we'll be covered.

It also helps with my little quest to drag things to least privilege levels. Too many horror stories from years past where some people who really should have known a lot better decided that everything running as root and with far too many people having sudo access was OK...

Systemd 249 release candidate includes better support for immutable OSes and provisioning images

Jay 2

"alternative to the classic BSD syslog protocol for locally delivering log records to the Journal,"

I was about to say I'm very slowly coming to accept systemd (note that's accept, not like) but the main thing that really infuriates me still is the need to use a completely separate util/command just to see what systemd is logging (or spewing) so I can try and actually figure out why a service won't start. As just telling me the error/output when the actual command is run is obviously far too useful/intuitive.

If ever there was a case making something more user-unfriendly or making it so much more complicated than it needs to be... this is a prime example.

Say helloSystem: Mac-like FreeBSD project emits 0.5 release

Jay 2

Re: “sudo su works now”

Ooh ouch. We've managed to avoid that one. It's got to the point where we now have our own in-house built version of python that lives in a special place (eg not under /usr anywhere) that the application people can target and use whatever modules they like. And then everyone is (mostly) happy with the versions of Python at their disposal.

Jay 2

“sudo su works now”

At work I've tried to stamp out use of sudo su (and variants like sudo su - username) as much as I can. They're a bit too open-ended and the cause of much grief, usually along the lines of "who did that?". Instead I try and work on the basis of least privilege and limit sudo to either a service user or a specific set of commands.

It's a long slog, as many users complain they can't do what they need to do or are too lazy to type/alias sudo -u whatever. But I'd rather not go back to the days when someone tried to install an EL7 RPM on an EL6 dev server, got a glibc error, copied over some glibc libs from elsewhere and then wondered why the server stopped working.

Mark it in your diaries: 14 October 2025 is the end of Windows 10

Jay 2

I've never seen the point of changing product version numbers "just because everyone else is doing it" or "they have bigger numbered versions than us, we must compete!". See Solaris 2.x -> 7.x and Firefox 5.x onwards.

Do you come from a land Down Under? Where diesel's low and techies blunder

Jay 2

At my last company we moved into a new building which had a huge flywheel generator thingy on the roof. It was frequently tested, so everyone was under the impression it would do the job if it came to it.

Obviously one day a JCB (or similar) went through some nearby power lines and it was time for emergency power... or it would have been had someone remembered to flip the switch from "testing mode" to "do something when the power goes out mode". Oops.

This didn't effect me as I wasn't in the nice shiny building, but the old building a lot of the company didn't know existed which housed the computers/phone switches etc where we toiled in the basement. Ironically it couldn't be made a machine room down there as "it might flood".

Whatever you've been doing during lockdown, you better stop it right now

Jay 2

Once upon a time in our last office someone decided to put their slice of pizza in the microwave to warm up. Nothing wrong with that you may think, but it was still in a cardboard box. Still not too bad? The box was just big enough to fit in the microwave, but not rotate. And then they put it on for a too long amount if time and pissed off somewhere. The smell of burning made its way to some nearby desks where the occupants then went to investigate. Somehow it didn't set off the fire alarm!

In the current office we now have some full-on industrial strength microwaves, which don't have a turntable. The catch with these is that they're quite powerful and some staff ignore the warnings, plonk their food in and then set the amount of time they usually do at home. Well within half of that time what ever is in there starts bubbling over and spreading (see 80s B movie The Stuff).

Jay 2

Snap. Some time back there was an unpleasant smell from near my colleague's desk. But nothing obvious could be found. So at some point he pulled out the drawers on wheels under his desk and the smell then got much worse. On closer inspection there was half a mouse sticking out from underneath the unit near the wheels.

With incoming iOS 15, update refuseniks will be given choice to stay where they are while still receiving security patches

Jay 2

Re: iPhone 6s

Wow, I really didn't expect that. Not real reasons to replace my 6S (and its 3.5mm headphone jack). Though the rather old iPad Air is a different matter.

EE and Three mobe mast surveyors might 'upload some virus' to London Tube control centre, TfL told judge

Jay 2

Great now we have someone "official" (from TFL) mentioning the word virus in conjunction with a mobile mast. That will be picked up by the usual nutjobs I'm sure.

I wonder why everyone is "too busy" in TFL to have a person or two to chaperone said telco types (and ensure they don't make a beeline for the nearest USB socket).

Lotus Notes refuses to die, again, as HCL debuts Domino 12

Jay 2

Too little, too late

We're currently in the middle of a Notes -> Outlook migration. So the other week my ~20 odd years of Notes came to an end. It started back with Notes 4 which was good for security as it was so stupid that it wouldn't know what to do with an infected attachment even if you gave it a training video. Then I think we jumped via 6, 8 and 9. To be honest I think I had Stockholm syndrome in the end, I didn't mind it much. For many, many years we'd get new higher ups who would always complain about having to use Notes and would make noises about moving.

Mind you the one thing they all overlooked (and still do) is that Notes isn't just email and so where do you think all those applications/databases are going to be now? Yes that's right, one of my underlings now has to go into Notes to use the holiday booking system, which then sends me an email (in Outlook) and for reasons I can't click on the link to get things to work, so I have to open up Notes to approve, which then sends them an email in Outlook.

How many remote controls do you really need? Answer: about a bowl-ful

Jay 2

Re: My television wants me dead, or just gibbering in a 'special' ward.

One of my biggest problems with my Sony Bravia is that it obviously hasn't got enough grunt to run Android as the general input lag is horrendous and pretty much makes doing anything a complete exercise in frustration.

But that's nothing compared to a recent problem. I have Sony TV using ARC to talk to Sony Amp (sorry long term historical fanboi) and Sky box attached to the amp. I'd noticed that every now and again the sound field on the amp would keep switching from Neural X/Dolby/whatever to stereo which was really annoying as I had to change it back. Then the other week I got Sky Q and then even going into the Sky menu would change the sound.

Turns out that the the signal was going from Sky to the amp and then to the TV, which in its infinite wisdom was then making some strange decision to tell the amp to change the sound field (and not even to something useful). In the end the fix was to update the firmware on the TV (it had been a while since I checked) which gave me a completely new and more slow/useless front end, but crucially there was a setting to force the TV's sound field which then translated to something more suitable on the amp. Job done.

Firefox 89: Can this redesign stem browser's decline?

Jay 2

Re: MSI's Would have helped

That's one of the reasons my work VDI has got Chrome and IE, but not FF. Also I'm not sure if there was something about being able to lock it down with group policies. Pity as it's my browser of choice and I need all the help I can get with old Dell iDRAC that insist on using old versions of Java. At least HPE update iLO firmware every so often to add in other options to get the console.

Days Gone PC: Melting pot of open-world influences makes for one of the more immersive zombie slayers out there

Jay 2

Re: "If you love a game, buy it at fucking full price."

That would depend on which particular console you'd be after. Currently PS5 and latest Xbox are all frolicking with the GPU in an un-obtainable utopia somewhere.

China's Digital Yuan not aimed at challenging US dollar, says former People’s Bank governor

Jay 2

I wonder if the Digital Yuan is based on blockchain by any chance...

That aside not sure if it's a co-incidence that this is mentioned just after the fact that China is pretty much going to outlaw use of cryptocurrencies.

As another vendor promises 3 years of Android updates, we ask: How long should mobile devices receive support?

Jay 2

Re: ...be replaced after a year or two

Snap and snap. Though I don't think it'll get a full iOS update in August/September as it slides very slowly out of the sliding full support window (but it should still get the odd security update, my ages old iPad Air does). Overall I'm waiting until later this year to see what comes out. Right now the 12 Mini or SE 2nd gen would be my preferred replacements.

I'd like to think more 'Droid shippers could throw out patches for a similar amount of time but there does seem to be a bit of pass the parcel whilst Google, handset manufacturer and telco all try to blame each other.

Visual Basic 6 returns: You've been a good developer all year. You have social distanced, you have helped your mom. Here's your reward

Jay 2

Re: Loved it

My CompSci degree final year project was written in VB as I couldn't write C to save my life, which may explain why I'm a sys admin now. A lot of my friends used to joke about me using "Visual Painting". I also purchased a VBX to make my life easier which did lead to someone on my course making a comment that I'd "purchased my project". He was an idiot.

Like some other commenters say, VB had it's place as a quick/easy tool to create some sort of demo/prototype or just as a handy Windows front end to a database (usually Access).

21 nails in Exim mail server: Vulnerabilities enable 'full remote unauthenticated code execution', millions of boxes at risk

Jay 2

Re: shocking

It is said if you have a monkey with a typewriter, eventually they will write the works of Shakespeare. If you give them a few minutes they'll create a sendmail config file.

RHEL, RHEL, RHEL, fancy that: Rocky Linux would-be CentOS replacement hits RC1 milestone

Jay 2

Hmm, I think I might take this for a test drive in the near future. Will play at home to get an idea (though to be honest I just want it to do what CentOS 8 does for me now), then maybe see how the appetite at work is. As so far for various reasons the front-runner is Oracle Linux, but if possible I'd like to avoid that where we can as we know you can trust Oracle about as far as you can throw one of Larry's yachts.

Terminal trickery, or how to improve a novel immeasurably

Jay 2

Remote? Yes. Control? No.

In my second year of university some labs popped up with Sun SPARC IPX workstations. One of the things they had that some of the previous SPARCs hadn't was a floppy drive... which could be ejected by any user that could log on. So obviously there was a spate of floppies being ejected and possibly somewhat trashed as they had proper filesystems on that really should be un-mounted before ejecting.

Similarly at some point in my first two years at university some people found out that you could quite happily also log onto someone else's SPARC and cat a file to /dev/audio. If you were being playful it would be a .au of something like the James Bond theme. If not then it would be a system binary. Either way there was nothing the victim could do aside from sit there and protest their innocence.

Can't get that printer to work? It's not you. It's that sodding cablin.... oh beautiful job with that cabling, boss

Jay 2

Re: Blame the Cable

See also the fun with SCSI terminators and if you needed a single-ended or differential.

33 'unsustainably loss-making' Dixons Travel outlets set to be shuttered affecting 400 staff

Jay 2

Re: Not really a surprise

Not too far from their high-street equivalents in those respects. Generally I wouldn't by much from them, but every now and again the click and collect came in handy for the odd very reasonably priced hard drive (or small gadget) that I really did need in a bit of a hurry.

But overall, that sort of behaviour isn't really going to fill their coffers enough to keep them running.

In case you were wondering, no, AMD hasn't managed to fsck everything up. It's still making lots of money

Jay 2

If it were up to me generally not. Though to be honest we'd really need to do some sort of proper testing for some of the low-latency stuff to see if it can match what the current Intel kit does.

I like the phrase "bureaucratic inertia". Sums up what happened when we did agree on moving to AMD for a QA env, only for the devs to u-turn as they got scared that it "wasn't what they had in prod". Even though it won't be used for performance testing use.

Jay 2

Where I am we've started buying AMD-based servers for non-prod use. The fact an AMD EPYC 32 core is somewhat cheaper then 2 x Intel Xeon 18 core might have something to do with it!

Brit MPs and campaigners come together to oppose COVID status certificates as 'divisive and discriminatory'

Jay 2

That's my take on it too. Other countries will want to be sure that we (as individuals) won't be causing them any more grief than we have to. So if I want to go away, then that's something I'd have to accept. After all I have the choice not to go away.

However no-one should be stopped from visiting a pub/restaurant/shop/etc of their choice just because they don't have the app du jour or even a piece of paper.

BOFH: Postman BOFH's Special Delivery Service

Jay 2

Re: Yep

Ha C&H is where I first encountered Crisco too! Thanks for the link, I always thought it was something lile Lard...

Ever wondered what it's like working for Microsoft? Leaked survey shines a light on how those at the code coalface feel

Jay 2

Re: You can tell a lot from employees’ social media footprint

Indeed. Too many articles on El Reg as of late reporting on people who have been fired or hounded out of their jobs for what they spew out onto them social medias, but which they generally haven't mentioned in the workplace.

Overall I think it comes down to "know your audience" and on t'interwebs in most cases that's almost impossible. It's just far too easy for anything to be taken out of context or selectively sampled and blown up into something that it's arguably not.

Last chance to grab an iPhone Mini as savvy analyst reckons Apple will scrap it next year

Jay 2

Re: The pandemic didn't help the sales of small phones.

Both my personal and work phones are both 6S, which I'm pretty sure won't make the cut for the next iOS update. As part of a rolling programme the work phones are due to be replaces by the SE (2nd gen 2020).

I'm quite happy with the form factor of my 6S and I *really* don't need some phablet/handbag phone type thing. But I'm still trying to decide to go for the SE or the 12 mini. Maybe I should just wait until later this year see if there's a suitably sized new handset or not (when I can pick up a 12 mini on the cheap).

'Chinese wall'? Who uses 'Chinese wall'? Well, IBM did, and it actually means 'firewall'

Jay 2

I've been aware of "Chinese walls" being used in financial institutions where one part of a company can't (or isn't supposed to) talk to another part due to conflict of interest/insider dealing/etc, which I guess would cover the ethical wall thing. But I've never heard it being used in reference to a firewall.

Wi-Fi slinger Ubiquiti hints at source code leak after claim of ‘catastrophic’ cloud intrusion emerges

Jay 2

Re: Just, why!?

I believe that apparently you can house some of the config stuff on something like a Pi instead of cloud, but to be honest why should you even have to do that? I did briefly look an Ubiquiti kit for home, but the faff with the config stuff and the need for PoE just made it a bit OTT and PROsumer for my needs.

From what I've seen the kit is OK and performs well, but the dependencies are another matter...

Shedding the 'bleeding edge' label: If Fedora is only going to be for personal use, that doesn't work for Red Hat

Jay 2

Sometimes it's bad enough trying to keep an estate of Enterprise Linux up to date in production. I can only assume some of those mentioned *really* want new kernels/packages. I guess if you frequently pull down and rebuild using a suitably large amount of automation then it could be viable.

I think I've got to the age where if it works I'm less inclined to start messing with it (life is too short). So on that point I'd have a hard time even using Fedora on the desktop for a prolonged period of time. Though I do download it and throw it on a VM every few releases just to see what it's up to.

I'd say overall it's a trade-off between having the stability of a more long-term distro or having the time to mess with "bleeding edge". Yes I deliberately used that phrase, because Fedora is. It pretty much follows the "move fast and break things" mantra.

9 years after SpaceX strode into Texas village, Elon Musk floats name change for Boca Chica: 'Starbase'

Jay 2

Re: You've got to Marvel at him


BOFH: 7 jars of Marmite, a laptop and a good time

Jay 2

Required Friday reading

I wish we could still upvote actual articles, I found this one to be really laugh out loud funny!

Always nice to know we can usually rely on On Call, Dabbs and BoFH to help ease us into the weekend.

Red Hat returns with another peace offering in the wake of the CentOS Stream affair: More free stuff

Jay 2

After much pondering I think we're going to end up on a mix of supported/non-supported Oracle Linux going forward. Though we're extremely wary about Oracle for the usual reasons. On the up side I'm sure some of our devs will like a bit of support for their kernel needs, EL6 support is also offered (albeit at a not-insignificant cost) and it may give some people a warm fuzzy feeling that we have a supported OS.

Possibly we could look at Rocky Linux for stuff in the future when it's fully up and running and got a bit of momentum. I'm somewhat wary of Alma Linux. I applaud their willingness to step into the breach and provide a product for free, but given their day job is a paid offering I do wonder about their long term commitment and any possible ulterior motive (a la RHEL).

Happy birthday, Python, you're 30 years old this week: Easy to learn, and the right tool at the right time

Jay 2

Re: Ronacher's Rant

We've recently (finally!?) got to the point where we have built some in-house Python to be deployed to a standalone dir, to be targeted by the application guys who can then use virtualenv etc and pip to their hearts content.

This then frees us from the un-endying nightmare of the same application lot complaining about what the OS-provided Python was or was not providing.

Unfortunately it still hasn't quite got rid of the same asking for the very latest version of Python for the reason that it's the latest not that they actually need any of those features. Yes, we could indulge them, but then we'd end up with a never ending amount of Python versions to keep under control to make InfoSec happy.

LastPass to limit fans of free password manager to one device type only – computer or mobile – from next month

Jay 2

Re: Software as a service? no way

Another Password Safe/pwSafe user here. I use a combination of both via iCLoud and Dropbox to sync various macOS, iOS and Win devices. I have no problems paying for the macOS/iOS clients. But $36 a year(!) to store some passwords for 2+ devices, that does sound a bit OTT.

I've always avoided LastPass as not only don't I trust their somewhat centralised model (and their suspect security) but also pretty much everything they touch seems to either turn to shit or shortly starts to cost a lot more...

Watch this space: Apple offers free repairs for the self-bricking Apple Watch SE and Series 5 wearables

Jay 2

They've got form for this. The old (white plastic) MacBooks would quite happily trash their own batteries if left for a few days with a low charge. Apart from the fix for that was to tell you to fuck off and buy a new battery.

Generally I'm fairly happy with Apple kit, that was an obvious exception.

Dept of If I'd Known 20 Years Ago: Call centres, roosting chickens, and Bitcoin

Jay 2

Re: Centipede on a Nokia?

I think he does. Centipede was that excellent Atari arcade game with a trackball.

Footfallcam kerfuffle: Firm apologises, promises to fix product after viral Twitter thread, infoseccer backlash

Jay 2


Well, that escalated quickly!

What a rather bizarre turn of events and default device config (don't think I'd trust going via their servers to re-config either). It's almost as if Footfallcam don't actually know what they're doing at all.

Microsoft's underwhelming, underpowered dual-screen Surface Duo phone arrives in the UK this month for £1,349

Jay 2

I'm somewhat reminded of 3D and curved TVs in this regard. Just some (potentially impractical) new take on an existing product that pretty much everyone already has in an attempt to try and flog you some sort of replacement.

Forget about an AI stealing your job, even pigs can be trained to use computers

Jay 2

Re: Done before?

You are not. I thought exactly the same thing when reading the story on the BBC.

Linus Torvalds labels Super Bowl 'violent version of egg-and-spoon race'

Jay 2

As someone from the right bank of the pond I can more-or-less follow a game of American Football. The thing that irks me most is that for a game that has a "game time" (for want of a better description) of an hour it takes around three-four hours to actually play. Quite if it's the ~20 second of action and stop and/or the ad breaks that cause this I'm not sure. Unfortunately this does make trying to watch a game an exercise in tedium.

Still, at least it's not as bad a baseball (yes, coming from someone who can vaguely stand the shorter forms of cricket) and basketball. Not as good as ice hockey though!

Virtual cycling service bans riders for doping – doping their data, that is

Jay 2

Re: How sad do you have to be ...

The mind does indeed boggle at people who are willing to cheat at such things. This article covers some of the more high-end/tech related type things that people do. But even at the lower end of the scale it's just as easy to misrepresent your weight, which would influence your power to weight ratio and therefore which racing category you should be in. I've done the odd low-level race for fun and it can be somewhat annoying when the "winner" of your category seems to have been producing a lot more w/Kg than should be allowed.

Each to their own at to what they spend their time/money on, but in most cases people are using their own bikes on static trainers and pay a subscription to use the service, which in some cases makes it no different to having a gym membership or a premium Spotify account etc. As it's currently winter in the Northern hemisphere then riding a bike outside may not be as much fun, plus there's currently all the lockdown stuff. Platforms like Zwift allow you to ride/race/train without having to worry about things like the weather, the state of the roads and other road users. It's never going to be a full-on substitute for going outside, but it's a nice addition to have if you feel like it. Personally I use it over the winter months to keep the fitness levels up and get ready for when it's nice and sunny outside where the hard work will pay off (or at least things may not hurt as much).

To plug gap left by CentOS, Red Hat amends RHEL dev subscription to allow up to 16 systems in production

Jay 2

Re: Can't put the toothpaste back in the tube.

That's probably the biggest kicker. Thankfully we had only just put our toes into the CentOS 8 water (a bit behind the times I know), so in EMEA I'd only deployed three servers; one of which was my own test box and another two for devs who wanted CentOS 8 for various reasons.

The catch now is having to do all that again (and more) with a new OS... which we're still trying to figure out what to jump to. At this rate some more immediate/important stuff may go for the 'free' Oracle Linux (yeah, I know, but any port in a storm) and the rest may be able to wait until Rocky Linux is up and running.

Screw you, gadget-menders! No really, you'll need loads of screwdrivers to fix Apple's AirPods Max headphones

Jay 2

Re: Extensive toolkit


Looking for something on which to spend all that bonus Bitcoin? How about The Hoff's very own KITT?

Jay 2

More Magnum PI Ferrari 308/328 GTS QV for me. But I'm not fussy, a Cannonball Run Lamborghini Countach or Bond's Lotus Esprit S1 also appeal.

Hollywood drone pilot admits he crashed gizmo into cop chopper, triggering emergency landing

Jay 2

Re: Not really the brightest bulb, was he?

I did think of this (or one of the other books I've read written by Vietnam Huey pilots) whilst reading the comments. I seem to recall whilst under heavy load they sometimes took a few liberties and did end up going through some trees without too many problems, although the rotor blades did sustain some damage.

Pizza and beer night out the window, hours trying to sort issue, then a fresh pair of eyes says 'See, the problem is...'

Jay 2

Re: Nope, never, not me...

Once upon a time when I could actually escape the office to go on a course I was doing a RHEL refresher/certification and it was pretty much drummed into us that there are many ways to change things on Linux boxes, but don't forget to make the changes permanent so they they'd survive a reboot.

We've got some kit running an in-house mutation of Linux which rebuilds itself upon boot. So for example we can add routes on the fly, but the best way to make sure is to change the config, reboot (and therefore rebuild) and check.



Biting the hand that feeds IT © 1998–2021