|
code:
|
# ? Jun 21, 2023 16:50 |
|
|
# ? May 18, 2024 09:11 |
|
Quebec Bagnet posted:Slows down attackers to give you time to prepare a defense, much like irregular stairs in a medieval castle You're saying I have stairs in my git repo?
|
# ? Jun 21, 2023 19:17 |
|
I had to explain to an intern today what a teletype terminal was, and why command line output came in as a string array when captured in a PowerShell variable. First time I’ve felt at work
|
# ? Jun 28, 2023 05:13 |
|
Junkiebev posted:I had to explain to an intern today what a teletype terminal was, and why command line output came in as a string array when captured in a PowerShell variable. My company doesn't have interns anymore. I honestly don't know why, a shitload of our longest tenured employees came in as college interns/coops. My boss has worked here 10 years and came in as an intern. Wrangling interns was my own springboard into management. Seems like a slam dunk. But ~this economy~ means we have to hire contractors in eastern Europe and India instead and then wonder why we have attrition problems ANYWAY the last thing I trained an intern on was Chef. Which already feels pretty Config management still has its place of course but it's kind of wild how fast it peaked and then faded behind the glow of containers and cloud. I've been working long enough that it didn't exist when I got out of college, then it became the hottest possible thing you could have on your resume for a few years, and now nobody gives a poo poo cause it's either table stakes or irrelevant to their tech stack. Docjowles fucked around with this message at 05:39 on Jun 28, 2023 |
# ? Jun 28, 2023 05:36 |
|
Docjowles posted:My company doesn't have interns anymore. I honestly don't know why, a shitload of our longest tenured employees came in as college interns/coops. My boss has worked here 10 years and came in as an intern. Wrangling interns was my own springboard into management. Seems like a slam dunk. But ~this economy~ means we have to hire contractors in eastern Europe and India instead and then wonder why we have attrition problems Good Christ, I would look for an out! Any engineering firm that does not take interns is, in my mind, effectively electing to not utilize the wheel.
|
# ? Jun 28, 2023 05:41 |
|
It’s “1980s mailroom” as gently caress, but christ ~$40 an hour and you get to mold how they think about problems and how they might be solved, and encourage them to strive/teach them how to Work… If your management can’t see the upside, Run!
|
# ? Jun 28, 2023 05:55 |
|
Junkiebev posted:Good Christ, I would look for an out! Any engineering firm that does not take interns is, in my mind, effectively electing to not utilize the wheel. It's sure not ideal. But it's been a stable job with great pay and benefits and work/life balance and now that I'm an old that means a lot to me. 10 years ago this would have horrified me but I'm in a different place now in my 40s with kids. Antenna's always up of course if something incredible comes along but the gig works for where I am at in life right now. And it's not like I'm stagnating. I get to work daily with AWS / Terraform / CDK / Kubernetes / ArgoCD / gitops / etc. I'm not in an on call rotation for the first time in like 15 years. It's just human nature to bitch about what we don't like. I don't log on to the CI/CD thread to be like "HEY I GOT A GOOD BONUS THIS YEAR AND WE HAD AN AWESOME PRIDE EVENT LAST WEEK AND WHEN I TOOK PTO NOBODY CALLED ME". Overall I feel very fortunate even if I dislike certain choices by management
|
# ? Jun 28, 2023 06:03 |
|
I’m sorry I presumed. Sounds like a good gig, I just surfaced a hosed Vibe
Junkiebev fucked around with this message at 06:11 on Jun 28, 2023 |
# ? Jun 28, 2023 06:08 |
|
No worries. I mean if I was interviewing for my current role and they told me during the interview process "we do not hire interns" it would weird me out too. I absolutely think it is a mistake. But I'm already here and in a good spot so There are financial reasons they are doing what they're doing that I shouldn't/won't get into other than "stock price has to go up"
|
# ? Jun 28, 2023 06:18 |
|
Docjowles posted:My company doesn't have interns anymore. I honestly don't know why, a shitload of our longest tenured employees came in as college interns/coops. My boss has worked here 10 years and came in as an intern. Wrangling interns was my own springboard into management. Seems like a slam dunk. But ~this economy~ means we have to hire contractors in eastern Europe and India instead and then wonder why we have attrition problems
|
# ? Jun 28, 2023 14:29 |
|
Vulture Culture posted:The decline of config management would have been an easy letdown if it was replaced with something a little more effective for the business than "lol not my problem". As someone who got into this space around 2015-2016, config management tools always looked like a marginal improvement at best over shell scripts and native packages. Once you have IaC, then using cattle VMs and dropping the whole question of idempotence and reconciliation seems like a very natural progression, and removes a whole category of problems.
|
# ? Jun 28, 2023 14:43 |
|
NihilCredo posted:As someone who got into this space around 2015-2016, config management tools always looked like a marginal improvement at best over shell scripts and native packages. Idempotence and reconciliation are great, and I think this model works really well on platforms built for tight event-driven control loops like Kubernetes. But most significant infrastructures in public cloud now exist in this gray space where you have the K8s tight control loops, you have servers running line of business apps that all live in the Wild West. Underneath it all you have a bunch of cloud resources with ungovernable tagging being managed through an assortment of totally random poo poo, IaC systems with no ability to attribute resources back to the projects that manage them, and resource change notifications that work on the time horizon of maybe AWS Config will detect this change at all. So you end up with this bimodal approach, at best, where the K8s stuff is hyper-reactive to changes in state on the local cluster, and then the whole rest of the cloud is working on this model of a person will do this change eventually. The whole system is totally hosed and each cloud's IAM system is the only thing that even gives it a pretense of being an actual platform. Everything is this bloated mess of feature creep and nobody is even looking at the core problems anymore because that would take away from the obvious AI cash grabs they need to be focused on right now. Vulture Culture fucked around with this message at 15:08 on Jun 28, 2023 |
# ? Jun 28, 2023 15:03 |
Depends on the business really. If you’re buying COTS the cloud is really a massive waste of money and time. If your LOB apps are largely custom there is a path to containerize and standardize, and I’ve seen it work really well. Also re:IAC and being able to tie it back to projects is a base level design/product selection problem. The enterprises who are showing up late to the game aren’t shotgunning this poo poo out of desktops running TF, there are easy mechanisms to ensure tagging if you’re intentional about it, and if you go a step further and buy TFC/TFE it’s just part of the package at this point.
|
|
# ? Jun 28, 2023 15:26 |
|
Except when stuff like AIB spin up vm's and storage on your behalf without any option to configure it
|
# ? Jun 28, 2023 15:30 |
Never even heard of that til now but I don’t really work with VMs anymore. Databricks and other services do similar nonsense on Azure
|
|
# ? Jun 28, 2023 15:39 |
|
We're still rolling out Puppet and I am acutely aware that I am deploying 2017's solution in 2023. The problem is we're still supporting 2015's architecture so, yeah, this feels like an improvement, even though specific pockets of development are running genuinely modern apps in the cloud. ${job} is a land of contrasts.
|
# ? Jun 28, 2023 16:29 |
|
Infrastructure needs to be code, but there’s no reason that code has to be terraform. Nobody complains because you’re not provisioning every individual k8s node with tf, because the node pool abstraction you do manage with TF manages the lifecycle of ephemeral resources for you. As long as you have that lifecycle manager construct somewhere, you’re fine on the IAC front imo.
|
# ? Jun 29, 2023 07:20 |
|
Zorak of Michigan posted:We're still rolling out Puppet and I am acutely aware that I am deploying 2017's solution in 2023.
|
# ? Jun 29, 2023 15:50 |
|
We've been running puppet since 2010 and are so invested in it now it would probably take another 13 years to migrate to anything else. But we're a pretty old school environment, lots of on prem stuff and not-containerized services.
|
# ? Jun 29, 2023 15:54 |
|
I came to Puppet late, but having looked at docs covering earlier versions, I don't mind not having to mastermind an enterprise Puppet deployment in 2008.
|
# ? Jun 29, 2023 16:43 |
|
Zorak of Michigan posted:I came to Puppet late, but having looked at docs covering earlier versions, I don't mind not having to mastermind an enterprise Puppet deployment in 2008.
|
# ? Jun 30, 2023 02:14 |
|
Please trigger warning mentions of cfengine I’m old enough that my first serious interaction with config management was porting a company from cfengine to saltstack
|
# ? Jun 30, 2023 02:32 |
|
We used cfengine for about 7 years, in the early 2000's you put up with it because there was nothing better. Then puppet showed up and we couldn't get migrate to it fast enough. At least neither one was bcfg2, which was so bad that it couldn't survive an evaluation up against cfengine (the xml is what killed it for us).
|
# ? Jun 30, 2023 02:54 |
|
Gentlemen and lady. https://www.systeminit.com/ I show you yet another IaC.
|
# ? Jun 30, 2023 04:22 |
|
jaegerx posted:Gentlemen and lady. multiplayer no-code infrastructure deployments
|
# ? Jun 30, 2023 04:36 |
|
jaegerx posted:Gentlemen and lady. I'm sure the plumbing is built out in such a way that this will morph over time into something radically different, but this runs the precise wrong direction from the reason people want no-code solutions is because devs don't want to plug in fuckin image IDs
|
# ? Jun 30, 2023 05:01 |
|
I've got a doubt about GitOps... we're currently testing it, using ArgoCD against our manifests into a new cluster, while we continue to operate production from Gitlab pipelines that run kubectl commands. We'll migrate when all is ready and we are comfortable with the workflows. Anyways, my question is, how do you validate a PR of the manifest repo? We are typically always making mistkaes but don't get visibility until it gets in the main branch, then we have to do follow-up PRs, and if we require approval that's slow. Of course it doesn't impact production since we first deploy to a dev cluster and then a follow-up PR will promote the same change to production. But still, the feedback cycle for implementing new manifests can be slow. Compared when we first tried ArgoCD and were just pushing to main and seeing changes immediately, now with main locked down, so nothing happens when you push, it's frustrating. I can see several options to improve the situation:
What are people typically doing for this? SurgicalOntologist fucked around with this message at 10:51 on Jul 6, 2023 |
# ? Jul 6, 2023 09:12 |
|
What about introducing another branch before main, say 'staging', that doesn't have all the branch protections slowing you down. Have the dev cluster manifests track it instead of main and enable auto sync. Then you can get fancy with automated testing, like if tests on the dev cluster pass then it auto-PRs from staging to main and Slacks you for final approval.
|
# ? Jul 6, 2023 10:35 |
|
From what I've heard branching with GitOps is an anti-pattern, right? (at least long-lived branches that don't get merged to main) I'll have to dig up some of the considerations we made when we decided to have a long-lived dev or staging branch and instead use paths in the repo, but I remember seeing lots of consensus around that.
|
# ? Jul 6, 2023 10:49 |
|
Sure, it's reasonable to hate that branching pattern. Your alternative is to track via git tags or commit SHAs. Same idea: have ArgoCD track the repo differently for dev than prod.
|
# ? Jul 6, 2023 11:45 |
|
A place I work finally instituted a bonus payment for weeks you're on call I'm not currently part of a pager rotation (after being on call uncompensated in one way or another for nearly 20 years across a bunch of companies) so it doesn't affect me personally but that's still very cool and good. It feels bad that what precipitated it was forcing developers to join the on call, and this was a condition of them accepting it. Whereas IT and ops had been asking for this for like a decade and been told "pound sand, it's part of the job". Engineering caste system still a thing despite 15 years of devops. But whatever, we got there in the end.
|
# ? Jul 7, 2023 21:51 |
|
I somehow got taken off the on-call rotation when my kid was born (I took a few months leave) and have never been added back on, I'm truly blessed. And of course, absolutely no compensation goes along with it.
|
# ? Jul 7, 2023 21:58 |
What do you guys think of ArgoCD? I saw it mentioned a couple times and it seemed like mostly positive comments about it.Junkiebev posted:Good Christ, I would look for an out! Any engineering firm that does not take interns is, in my mind, effectively electing to not utilize the wheel. I started as an intern and I've been here for 16.5 years now. We paused our intern program for a couple years because the conversion to FTE was not high enough, it was a big investment that we just were not getting the return on. It's tough competing in the Bay Area against the name brand employers! We resumed it though and it's been great. My two interns this year have been super impressive, I am hopeful they will come aboard full time after they graduate.
|
|
# ? Jul 7, 2023 23:21 |
|
Argocd is great.
|
# ? Jul 7, 2023 23:25 |
|
jaegerx posted:Argocd is great.
|
# ? Jul 7, 2023 23:35 |
It's gotta have some warts right?? Or is all of it great? Is there anything close to competing with it?
|
|
# ? Jul 7, 2023 23:37 |
|
That’d be “kunernetes” OP.
|
# ? Jul 7, 2023 23:45 |
|
ArgoCD is great, in my experience the difficulties are not with ArgoCD itself but gitops in general as most tools/resources are extremely unopinionated and you have to make a million decisions about how to set up your repos, apps, etc. It's real easy to feel like you did things wrong and have to refactor. The other option is Flux, I've heard both are good but ArgoCD has better adoption.
|
# ? Jul 7, 2023 23:54 |
|
If you have any form of tenant segmentation and restricted RBAC setup for users v. operators in your cluster make sure you understand Argo's SA and applications / projects restrictions. I've used it multiple times for priv escalation because nobody did anything to harden it.
|
# ? Jul 8, 2023 01:29 |
|
|
# ? May 18, 2024 09:11 |
|
Maybe this is the wrong place to ask this question but I dont see a Docker thread per se. Is there a way to combine docker hub container images into one container image? I want to be able to pull python and selenium/cypress/robot framework in one docker pull request.
|
# ? Jul 10, 2023 21:41 |