Posts by wheelybird

It's cold up there.

Battery efficiency goes down with temperature. Temperature goes down with altitude. :D

Death to CM!

Out of all the config management stuff Ansible is certainly one of the best, if not the best.

Other systems like Puppet and Chef suffered from bloat and complexity (and stupid agent-based nonsense). When Ansible arrived it was a breath of fresh air - a relatively simple approach to config management an one that encouraged you to keep things simple.

Unfortunately Ansible's gone the way of other CM systems - more modules are being piled in, increasing the complexity. A rapid development cycle often breaks compatibility between one release and another either intentionally or down to bugs.

The documentation on the site is pretty poor too; this is quite common with a lot of modern 'devop' tools. (Hashicorp is a particular offender).

The basic fact is that configuration management is, and always will be, difficult when run against long-lived instances. As someone above mentioned, you'll inevitably encounter a time when running Ansible/Chef/whatever against a server will break something.

You'll also find that your CM code becomes more convoluted and harder to maintain over time.

This sort of thing leads to the scenario where you need to make a change to your infrastructure; you _could_ do it in your CM system, but that might take a day or two with updating, debugging and refactoring your CM code (often to find it doesn't work due to months-old bugs).

Then you're a bit scared to run the stuff against your systems because you can't truly be sure of the outcome.

Or you could do it manually in less than an hour with much less risk of things breaking

Personally I'm fully embracing containerisation; it still leaves the infrastructure provisioning, but with things like Docker for AWS that becomes much less of a headache.

Adam Roberts

I'll nominate Adam Roberts as a British author in the vein of authors like Aldiss. Jack Glass is a fantastic novel.

Teledildonics

Teledildonics (with the same meaning) has been around for at least ten years.

I have a vague memory of it being used in conjunction with some old-school VR (back when that stuff was done with Amigas).

The Linux server stats are way out.

https://en.wikipedia.org/wiki/Usage_share_of_operating_systems#Public_servers_on_the_Internet

What goes on behind company firewalls is a different matter, but 12% sound highly dubious.

I'm not sure what the point of the article is apart from use a long term support version of a distro and keep your software up-to-date.

Someone mentioned it's hard on Linux because of the amount of local compiling you need to do. Perhaps that was an issue in 1999, but the only thing I've had to compile on a server in *years* is OSSEC - an intrusion detection system. And you compile that so that you can trust the binaries.

Live kernel patching is also available (for a price) which means you don't even need to reboot your server to apply all the latest patches.

As someone mentioned, for Debian/Ubuntu systems, apt-get update; apt-get upgrade will sort you out. apt-get dist-upgrade if you want to upgrade held packages, but careful with that because it'll restart services.

You'll also want to subscribe to the security advisory mailing lists for your chosen distribution. They'll let you know when vulnerabilities are patched and available to upgrade from the repositories.

Depends on whether you harden your server

and only open the necessary ports on the public interface.

I suppose you might want to whitelist SSH access, but you can easily run iptables or something on the VM.

Of course if you're running Windows then good luck to you.

On the plus side

Ubuntu does make the process of upgrading your distribution one of the least traumatic around (that is, for distributions with distinct releases).

Of course, this will all be moot in the glorious future of minimal OSes running nowt but a container engine. :D

webOS webOS webOS

webOS.

webOS had a hardware sensor for gestures and made using the phone so intuitive it was almost insulting. I haven't found another mobile OS that comes anywhere near it yet. SailfishOS is the closest, but not quite there. BBOS10 is a vague nod towards gestures, but there are too many discontinuities. Android's a joke - I find a lot of the time hitting 'back' doesn't do at all what you'd think it would.

What the hell.

I've just sent them a chunk of money; I think that it'd be a neat little device to own. Maybe it'll never appear, but I've been dying for a mobile device with a decent keyboard for bloody ages now.

The website doesn't mention the caviar and hookers.

There must be some to justify that price, right? It's just that I can't find the page with those details.

Ah well

I don't use my pebble for much in the way of internet connected thingies anyway, and as I use SailfishOS I don't need to worry about the app disappearing - there's a native app.

However, there's always: https://blog.jolla.com/watch/

Is this an advert?

It reads like one.

I get portable data volumes. However whatever happened the concept of stateless containers? Wasn't that the dream?

No, don't tell me. You've got a database in a container and you want it to fail-over. My suggestion is to stop looking at containers as a solution to everything.

I think flockerhub is solving a problem that, if people architected properly, oughtn't exist in the first place.

Arch is not bad

The package system is quite good, and there's community stuff similar to FreeBSD ports or Gentoo portage.

I've used it on ARM devices (cubox-i etc.) and uses systemd. I'm not sure if that's mandatory, but if it is then I feel sorry for anyone using Arch to learn Linux and then having to use systemd.

To avoid that horror, flee to Slackware!

The article explains what DevOps ought to be

but the reality is that DevOps has been confused with CI/CD by almost all agencies/employers now.

I'm currently looking for a contract - my expertise is Linux infrastructure/operations. Those contracts don't exist any more. Go to a job site of your choice now and search using the keyword 'Linux'. A year or more ago that would have given you mixed results; Linux support, Linux Admin, Operations, Engineers etc.

These days over 90% of the results are 'DevOps Engineer'.

Look at the spec for a DevOps engineer and it'll vary, but it's typically Puppet/Chef/Ansible, Python/Ruby, AWS, Jenkins/Travis etc. The role is generally "Manage the CI/CD toolset, package up the software for deployment, write the deployment scripts, do the deployments."

So DevOps is actually "that bit where dev and ops overlap which no-one else wants to do."

The issue with this is that it doesn't solve the problems that the real DevOps aims to solve. Instead of separate dev and ops silos, you now have dev, ops and devops silos.

The "DevOps" roles also put a lot of emphasis on the candidate being able code (and that's code, not script), so evidently this favours developers that, for reasons either good or bad, have moved from their development career into DevOps. They'll tend not to have (and the employers aren't looking for) deep or broad experience in ops, and therefore won't be aware of the niceties of how to properly apply the stuff they're doing in dev environments to production.

Oh, and for extra hoots, in the past week I've also come across adverts for TechOps, WebOps and NetOps. The future's looking bright!

Hardware access

There's no reason that a container can't have direct hardware access. I think you're mistaking containerisation for virtualisation. It's misleading to call containers a form of virtualisation - they're not running on emulated hardware but rather directly on the host hardware, which is why they can access it.

It's actually best described as a way of bundling software and it's dependencies and running them so that they're isolated from other containers; more like a super-fancy chroot.

And of course you wouldn't put your actual data within a container anyway - there's stuff you can do with data volume containers, but the real question is, what's the point? There's no real benefit to it.

I think the point you made about putting GUI components etc. into containers is the only sensible use of containers when it comes to storage, but just because you've put something in a container it doesn't mean you're committed to updating the container every few days? What makes you think that this is forced on containers any more than it's forced on 'traditional' applications?

Monitoring

So you're suggesting that host servers are monitored? Good idea - I don't think sysadmins ever considered monitoring servers before. That might be a new market!

Docker containers can leave a load of cruft behind; stopped containers that haven't been removed, volumes from removed containers that weren't removed along with the containers and of course container images that aren't being used by any running containers any more.

I think it's worth suggesting that, in the same way that containers should be ephemeral, the cloudy hosts running them ought to be too, so avoid the accumulation of this slough.

If you're on bare metal then your ops people should be putting the normal housekeeping monitors and scripts on the server that they'd run on a 'normal' server.

If your 'devops' doesn't grasp the concept of general server husbandry then I'd rather not buy shares in your slack startup.

Yeah, but no, but..

I agree with the thrust of the article, but the reality is of course that there aren't as many system 'architect' jobs going as sysadmins or helpdesk. You'll still need some form of IT support; to imagine that all support and administration tasks will be automated is pretty naive.

I don't think it's fair to dismiss readily the people who are happy to work in a support role for their whole career. Why should they aspire to an 'architect' role if they don't want to?

The other issue is that compared to ten years ago the amount of new technologies is astounding. It's hard, no, impossible to keep up to date with them all. So yeah, an architect should have a good idea of what's out there but it's unavoidable that a lot of it will be shallow knowledge; vague impressions even.

So the idea that an architect will come in, look at the issues and splurge out the ideal solution immediately from their vast store of knowledge is a nonsense. Anyone worth the money will spend a while analysing the issues and then a good deal of time research potential solutions and offer up different options to their employer or client.

A nonsense

This is a nonsense. If DevOps is supposed to mean *anything* it's supposed to mean a form of collaboration between dev and ops which allows everyone to do their job as painlessly as possible, be happy and fulfilled in life and churn out crappy software updates on a weekly/daily/hourly basis in order to fix the last crappy software update you did.

You don't have such a thing as a DevOps 'role'. You still work either in dev or ops. It's supposed to be about getting the procedures and toolkits right.

So telling someone that they need to learn how to be a developer and a sysadmin at the same time suggests that whichever paid-per-word pseudo tech journalist drone wrote this "article" knows less about DevOps than the average CTO.

Like WINE in reverse.

But can you use it to play Linux games on Windows?

I think you've missed the point of Docker - it's not meant to run simultaneous operating systems on the same server. It's not virtualisation - it's a encapsulation and deployment solution. You're not "giving up" high-availability - that's provided by the design of your production infrastructure and software architecture.

Your article is essentially pointless.