|
LochNessMonster posted:I guess what he means with config drift is people (more aptly named idiots) who start messing with config files and not just changing them in the central place (git) and then pushing it to all apropriate servers (if it's not already happening automatically).
|
#
?
Oct 1, 2017 20:14
|
|
|
|
| # ? May 26, 2024 04:05 |
|
|
anthonypants posted:Couldn't SELinux prevent this? not if people have access to root, which I would assume they have if they are loving with configs
|
|
#
?
Oct 1, 2017 20:18
|
|
|
Methanar posted:I want to expand on this a little bit, because the very idea of cattle VMs is foreign if you're coming from an internal position at some not-technology company. If you've got stuff like maybe an on-prem installation of FileMaker and a handful of other little fish Windows things at some company with 100 salesmen/accountants/logistics people, it's basically useless to you and not relevant. Remember when this guy was out picking up trash as part of his job responsibilities? If you're a lurker and you've got weird ideas about getting into IT, this is how quickly you can go from being poo poo on, to being "The poo poo" in IT, if you work to stay ahead of the curve.
|
|
#
?
Oct 1, 2017 22:51
|
|
|
Dr. Arbitrary posted:Remember when this guy was out picking up trash as part of his job responsibilities? Plot twist: the automation leaves him with enough free time that they still make him pick up trash.
|
|
#
?
Oct 2, 2017 01:25
|
|
|
MANime in the sheets posted:Plot twist: the automation leaves him with enough free time that they still make him pick up trash. Catch 22 bitch. Now go get your shine box.
|
|
#
?
Oct 2, 2017 02:20
|
|
|
Dr. Arbitrary posted:Remember when this guy was out picking up trash as part of his job responsibilities? I was just thinking the same thing too. Methanar has come a long from interning in the depths of the Canadian wilds. jaegerx posted:Catch 22 bitch. Now go get your shine box. Hopefully he's developed the soft skills necessary for this industry. Namely "research time" and "training"
|
|
#
?
Oct 2, 2017 02:53
|
|
|
Dr. Arbitrary posted:Remember when this guy was out picking up trash as part of his job responsibilities? Very true. I keep meaning to say it whenever I see posts from Methanar, but seriously, great job dude. It's nice to see your career take off like this. I'm always happy when SH/SC guys manage to get away from the poo poo and step into something legitimately worth their time.
|
|
#
?
Oct 2, 2017 03:37
|
|
|
Wrath of the Bitch King posted:Very true. Poor dick trauma
|
|
#
?
Oct 2, 2017 03:57
|
|
|
Wrath of the Bitch King posted:Very true. A buddy of mine is tired of working customer service for a bank and wants to give IT a try and asked what step #1 is. I told him it's absolutely spending the $10 for a forums account and checking sh/sc every single day until you're successful.
|
|
#
?
Oct 2, 2017 04:00
|
|
|
Nitramster posted:Amen. Are you a DCI? If so, for how long? I lasted about 3 months before looking to get out, and another 4 or 5 before I was gone. I had kind of enjoyed Geek Squad up to that point, but being a supervisor was a total shitshow. Corsair Pool Boy fucked around with this message at 06:31 on Oct 2, 2017 |
|
#
?
Oct 2, 2017 04:16
|
|
|
RFC2324 posted:Well, poo poo. I know in my puppet systems I have my systems refresh config from the central repo on a regular basis. You want to change a config, its gonna revert pretty quick, and if you need to tinker, you need to shut down the puppet agent, which will alert that something funny is going on. People disabling puppet "temporarily" to prevent some locally set tweaks from being overwritten is the bane of my existence. Put it in puppet, you fucks.
|
|
#
?
Oct 2, 2017 04:42
|
|
|
Mr. Fix It posted:People disabling puppet "temporarily" to prevent some locally set tweaks from being overwritten is the bane of my existence. Put it in puppet, you fucks. add a cron job to re-enable puppet every 30 minutes?
|
|
#
?
Oct 2, 2017 04:56
|
|
|
RFC2324 posted:add a cron job to re-enable puppet every 30 minutes? Don't tempt me. I could even do it remotely so that can't disable puppet and the cron. I think that keeping track of who's doing it and where and naming and shaming might be more effective with my team, though. I think I have project for the week.
|
|
#
?
Oct 2, 2017 05:10
|
|
|
I can't even wrap my head around people who have Puppet but want to circumvent it. If it was one of our operations people, that would let them in for a scolding. For anyone else. a sudden and startling change in their sudo privileges.
|
|
#
?
Oct 2, 2017 05:28
|
|
|
RFC2324 posted:add a cron job to re-enable puppet every 30 minutes? You probably wouldn't be surprised the amount of damage that can occur in 30 minutes if you're fighting someone else over configuration. God help you if you're still monitoring cattle like pets.
|
|
#
?
Oct 2, 2017 05:28
|
|
|
Zorak of Michigan posted:I can't even wrap my head around people who have Puppet but want to circumvent it. If it was one of our operations people, that would let them in for a scolding. For anyone else. a sudden and startling change in their sudo privileges. I do it in lab environments, but to do it in prod is insane.
|
|
#
?
Oct 2, 2017 05:42
|
|
|
Let me tell you about chattr +i or puppet agent disable. (Use the reporting tools to make sure runs are happening and happening cleanly. Fix your culture when that poo poo happens.)
|
|
#
?
Oct 2, 2017 06:06
|
|
|
Anyone here familiar with using LogicMonitor for network equipment monitoring? We added it about ~6 months ago for companies that didn't want to VPN/re-IP to get onto our hosted Solarwinds setup. I've never seen a more incomprehensible, non-intuitive GUI than this thing - the descriptions are obtuse and contain almost no information. It doesn't look like much (if any) effort was made to tune alerts on our end before deployment, so 99% of what we do end up working on ends with us just turning the alert off. If there's a good resource on how to navigate/manage/administrate LM out there, I'd very much appreciate it.
|
|
#
?
Oct 2, 2017 06:45
|
|
|
Proteus Jones posted:I was just thinking the same thing too. Methanar has come a long from interning in the depths of the Canadian wilds. Thanks guys  That was all really nice to read after a long trip. (I just got to NYC for training this week!) Methanar fucked around with this message at 07:28 on Oct 2, 2017 |
|
#
?
Oct 2, 2017 07:21
|
|
|
Am I the only one who's a fan of inbox zero? Or am I one of those weirdos who reads all his email...
|
|
#
?
Oct 2, 2017 14:47
|
|
|
I mark everything as read and hope for the best Edit: Actually I don't use subfolders in my mailbox except for auto-move rules for white noise, but I am pretty OCD about making sure I don't have an "unread mail" notification on any platform.
|
|
#
?
Oct 2, 2017 15:01
|
|
|
PCjr sidecar posted:Let me tell you about chattr +i or puppet agent disable. If people want to test their puppet, let them spin that poo poo up in docker and test away. We've got this hilarious two tier system where some people use testing and some done because ~*reasons*~ those reasons are basically groups that don't speak to each other and its a shame
|
|
#
?
Oct 2, 2017 15:34
|
|
|
PCjr sidecar posted:Let me tell you about chattr +i loving triggered When I first started this job I swear half the servers had some random rear end file with the immutable flag set so Chef wouldn't overwrite it. It blew my mind that someone thought this was OK to do. Now if developers need to change a managed file, they can open a drat pull request against the cookbook and have it deployed. As god intended.
|
|
#
?
Oct 2, 2017 15:56
|
|
|
Docjowles posted:loving triggered we had some chattr poo poo going on too, we had to have a big sit down and remove sudo access for this poo poo.
|
|
#
?
Oct 2, 2017 16:10
|
|
|
jaegerx posted:Poor dick trauma I HAVE BEEN SUMMONED  ENJOY YOUR GOOD STUFF WHILE IT LASTS MWAHAHAH
|
|
#
?
Oct 2, 2017 17:02
|
|
|
Real quick that talk about cattle servers and killing them when poo poo goes wrong was super helpful to me just this very day! We had an SFTP server that was having trouble running some scripts I made 6 months ago that had worked fine until Friday. I tried a few things and traced back the issue, but nothing I could figure out was solving it. I came in today fully expecting to have to deep dive into things and see where the problem was stemming from, but when I thought about it I just decided it was much much faster to kill the problem server and spin up a new VM. Took all of 10 minutes to transfer the scripts and files that I needed over and things were back up and running. Thanks thread.
|
|
#
?
Oct 2, 2017 17:11
|
|
|
Well, NetApp Insight certainly qualifies as my worst conference ever so far.
|
|
#
?
Oct 2, 2017 17:16
|
|
|
big money big clit posted:Well, NetApp Insight certainly qualifies as my worst conference ever so far. Details?
|
|
#
?
Oct 2, 2017 17:20
|
|
|
TheFace posted:Details?
|
|
#
?
Oct 2, 2017 17:22
|
|
|
anthonypants posted:There's probably a thread about the shooting in GBS or D&D if you don't want to check the news. Derp, didn't realize the location... oops
|
|
#
?
Oct 2, 2017 17:22
|
|
|
big money big clit posted:Well, NetApp Insight certainly qualifies as my worst conference ever so far. Well yeah, of course it does, you went to a loving NetApp conference
|
|
#
?
Oct 2, 2017 17:40
|
|
|
So... Azure AD Pass-through Authentication is now GA nearly eliminating ADFS Farms. Azure DNS supports Private Virtual Networks and with AD-as-a-Service removes the need for Azure IaaS DCs. RIP Windows System Administration.
|
|
#
?
Oct 2, 2017 17:41
|
|
|
CLAM DOWN posted:Well yeah, of course it does, you went to a loving NetApp conference Hopefully we evaluate our future technology partnerships more strongly on the criteria of "will this partnership lead to police bursting into my hotel room at 4am and pointing a gun at me before searching the place."
|
|
#
?
Oct 2, 2017 17:44
|
|
|
big money big clit posted:Hopefully we evaluate our future technology partnerships more strongly on the criteria of "will this partnership lead to police bursting into my hotel room at 4am and pointing a gun at me before searching the place." One of my guys is a few hotels down
|
|
#
?
Oct 2, 2017 17:47
|
|
|
MC Fruit Stripe posted:Did they really? I know you're in that hotel Yea, they did a room to room search of every room in the place, at least as far as I can tell. My coworker was on the 32nd floor not too far from the shooter and she was evacuated and hasn't been allowed back to her room since.
|
|
#
?
Oct 2, 2017 17:54
|
|
|
Tab8715 posted:So... One of our subsidiaries just finished spinning up an on-prem ADFS farm. It won't be going away anytime soon. I have ADFS, DC and WAP VM's in Azure right now myself. If I can demonstrate that pass-through auth meets all of our requirements, there's a half-dozen images I'll be able to take down.
|
|
#
?
Oct 2, 2017 18:04
|
|
|
Blockchain in the cloud as a service. Finally we will have synergy https://console.bluemix.net/catalog/services/blockchain/
|
|
#
?
Oct 2, 2017 18:30
|
|
|
big money big clit posted:Yea, they did a room to room search of every room in the place, at least as far as I can tell. My coworker was on the 32nd floor not too far from the shooter and she was evacuated and hasn't been allowed back to her room since. One of our guys was 3 doors down from the shooter. He has no idea when they'll let him back in his room, dude doesn't even have his ID/wallet on him. Tab8715 posted:So... It wont' disappear, but it's a decent pivot for sure. Co-Management between cloud and on prem was a big theme at Ignite this year. Cloud primary/only is coming though, my advice is stay up to date with all of it. skipdogg fucked around with this message at 18:44 on Oct 2, 2017 |
|
#
?
Oct 2, 2017 18:41
|
|
|
skipdogg posted:One of our guys was 3 doors down from the shooter. He has no idea when they'll let him back in his room, dude doesn't even have his ID/wallet on him. Same for her. She just wants to get the hell out and go home, but she can't get on a plane because she has no ID. Also still wearing her pajamas.
|
|
#
?
Oct 2, 2017 18:46
|
|
|
|
| # ? May 26, 2024 04:05 |
|
|
Tab8715 posted:So... If you're in IT (especially Windows administration) and arent actively learning / practicing coding, you're screwed. "Classic" Windows administration approaches are going to be dead in the near future. Dont dig your own grave by ignoring what's happening in the field.
|
|
#
?
Oct 2, 2017 18:52
|
|
