Re: Can someone explain Kubernetes in simple terms?
Off we go down the rabbit hole - reminds me of:
477 posts • joined 10 Jun 2009
Off we go down the rabbit hole - reminds me of:
As I understand it (and that's not very well), Kubernetes enables you to orchestrate container fleets.
Example: My new web service will, rather than be an evil single monolith of code, be broken down into 4 microservices, relating to user account, products, checkout, order history. The typical capacity I want necessitates running 5 web servers. I need each microservice to be highly available, and not tied to the infrastructure. So, I host the microservices in containers (Docker, in this case), then deploy an instance of every one to each server. Suddenly, I've got 20 containers running (4 services x 5 hosts).
Which containers are serving which microservices?
If one (service or container) dies, what needs to happen for it to get regenerated?
What happens when I update the code for one or more of the services?
How do I easily scale the number of required containers, or instruct them to deploy to new hosts?
Enter Kubernetes, which if we're being old-school is cluster management for those containers.
*Watches someone else comment to shoot this down in flames...*
That's a heck of a big data project to derive travel and use trends from even a small marketshare.
Sorry, just drooling.
So what about a DR site?
$200m is a hell of a capex to store what is potentially personal data that shouldn't leave the jurisdiction in which it was recorded. Surely it would be less of a risk to deploy to multiple regions in the cloud?
A few years ago I would have said car washing, but those hand-wash outfits have made a comeback* due to being better than monster rolling brushes and easier than jet-washing it yourself.
I went on a tour of the BBC, and was surprised to find no camera operators in the newsroom. The fairly routine (hence automate-able) pan/zoom etc on static studio occupants means that in an early-morning newsroom, the newsreader(s) are usually alone.
*May soon be reversed due to Brexit and the non-indigenous accents of most of the guys working there
Weirdly, people in the countryside don't seem to pick up after their dogs. It's the one thing that is worse than when living in a (UK) city.
It's simple, just take your CPU count, correlate with the relevant pack for the product, version and subversion, multiply the number sausages that can be powered at any one time (but divide by 0.75 if on Windows), minus the inverse square root of god's dad's boss's dog's inside leg measurement. Then write the number down on a wooden broom handle and shove it where the sun doesn't shine. Sideways for maximum effect.
That's my understanding. When you reserve, you pre-pay. So 12 or 36 months at an agreed price, for capacity that *must* be available to you.
Sure there is; reserved instances. The cheapskate spot-priced instances are for when you aren't bothered about the 'right now' aspect. One of their case studies is a pharma biz that uses spot pricing to run big bio simulation algorithms or some such. Comes online at quiet o'clock, stateless in case of being booted off halfway-through, reckons they save oodles.
"turn them all on in case of emergency"
I came home one night to find evidence of a break-in. I stalked around the house wielding a bottle of wine I'd just won in the pub quiz, switching lights on as I went. Once upstairs, I was down to checking the last couple of rooms when everything went dark. All I could think of was Private Hudson "What do you mean, "they" cut the power?!"
The fuse had blown.
It's not unusual. When I worked (perm) at a startup, the CEO would regularly ask us to ask ourselves "is what I'm doing worth my cost to the company?", where cost to the co was assumed to be 2 x gross salary. My ltd co revenue is less than 2 x what I could earn perm.
This thread is a perfect pub conversation (except for lacking alcohol, crisps, and ogling the barmaid). It's got science, beer, rum, coke, cheese, taste, Douglas Adams, religion, a quote from Aliens and someone saying that twins have different tastes so genetics bunkum. (As the father of twins, I can testify you have a point).
Shame it's a Monday morning.
"we can’t help thinking one solution would be for the scanner to be installed in the cubicle itself"
Programmed to recognise me only when my face is red and the forehead vein is bulging.
I'm rather cheered to see a number of comments in this general direction. I usually enjoy reading about physics, but this one lost me.
A real BOFH would have simply tipped off the Police...
Whenever I work on one of these legacy projects, getting sniffers on or router output is like pushing an elephant up the stairs. The reluctance and hoarding of info (I'm looking at you, network, firewall and security teams) is like treacle.
The irony is that, once in the cloud, the right call to the right place would get me the appropriate credentials in AWS or whatever, so I could find it myself. Except as the author points out, it's all on 80 and 443 anyway.
..although I'd have awarded bonus points if you'd squeezed in "I can see all Oracles in my way..." to follow up.
I think the author misses the point slightly, and states the bleeding obvious Of course, any implementation with any value should be resilient, but each AWS region includes multiple availability zones, each containing multiple datacentres. Any deployment with resiliency across those *should* be resilient, period. Amazon make the point that replication within a region delivers HA/DR, is fast and free. Replication between regions adds complexity, is slower (as it's over the public internet) and costs, if only because one of the core tenets of cloud is paying for data egress out of the source.
To put it another way, how many of you have your on-prem DCs spanning different regions? Off the top of my head, I would have to go back 7 jobs to find a place that did, and most of those are big enterprise shops.
I think one possible takeaway is that Amazon's position that you don't need to deploy into multiple regions is now called into question. If I worked there, I'd be pushing for a new service in the form of direct connectivity (not via internet) between regions, with a lower price point for data transfers. AWS do offer this kind of connectivity to customer sites, but presumably anything between regions would be a fat pipe not specific to any single customer.
Alternatively, perhaps the fact that so many orgs tried to all failover at once is key, in which case maybe AWS needs to review it's provisioning/overcommit policies.
Caching in the Cloudfront sense, or within S3 itself?
"Deploy in the cloud by all means but still backup, replicate, ensure that you don't have a single point of failure."
Unfortunately, that is what they've done. This fault affects a specific region, each of which contain multiple availability zones. Each zone constitutes a logical datacentre, comprising multiple physical datacentres (between 3 and 6 in each AZ, I believe). Deployment across two or more AZs in a given region *is* removing the single points of failure. Supposedly. Didn't work this time.
AWS don't particularly recommend deploying across more than one region, because each region is effectively a completely different cloud, common in branding, usage etc, but connected only via the public internet. Replication between zones within a region is fast and free, but replication between regions is slower and costs.
Ultimately though, a well-designed AWS deployment, consisting of all the fault-tolerant bells and whistles, still has no upfront cost and is thus way more achieveable than doing it on-prem. Said bells/whistles will make nuclear outages like this the cause of the rare downtime you do get.
I've been thinking about the language aspect. I suppose one of my next work study things will, rather than focus on cloud, security, blah blah etc, be a language, in the traditional sense rather than programming. I figure the likely work options (i.e. common choices for firms to relocate to from the UK) are Dublin, Paris, Amsterdam or a choice of German cities. Dublin I'll be fine obviously, and having worked in the Netherlands and seen the prevalence of English, I think the same applies in Amsterdam. Looking at French and German economies and industries, if I was a betting man I think that makes learning to speak German the best bet - anyone any thoughts?
Very true - switching to Linux generally involves a learning curve, so I was pleasantly surprised by the ease and confidence of the repository model.
All great ideas, but when you buy your own device (i.e. just the one, therefore the buyer/user *is* the admin), someone will always come up with a way of fooling the brain into providing the admin credentials.
Where does objective critial journalism stop and pessimistic nonsense stop?
""The media does have a responsibility not to give more weight to the pessimists and technophobes than is warranted – even if doing so generates more revenue," conclude the report authors, who seem to hate the idea of journalists getting paid for telling the truth."
I could imagine some clown writing this bit for the Daily Mail, before going off on this week's sanctimonious crusade.
Lots of good points here, but I would add that the last few places I've worked, the datacentres and comms have come bundled with a list of risks as long as your arm. X isn't resilient, but we aren't pay £y millions to fix. Z hardware is end of life, but no-one can be bothered to pay to upgrade it. Datacentre A is running low on space and power. Datacentre B now has a business that stores flammable materials next to it. With the cloud, all this is not our problem. Add that to the beancounters ability to map actual use/benefit to cost via the PAYG model, and there's a lot that's attractive about the cloud.
More of this please
I don't know about other providers, but AWS generally charges for download but not upload. I use this fact (along with the pay-as-you-go charging on storage) to encourage more efficient ETL and reporting. If they only store what they need to, and only spit out/download what they need to see as an end result, it's cheaper. This is in contrast to an on-prem EDW (for example), where some central project has bought/delivered the warehouse, and individual business projects don't care about efficiencies because they aren't paying for that big row of Teradata kit etc.
I just got rid of a 2014 5 series on Friday. I now cannot log in to the app on my phone.
Also, even if I managed to log in, the app checks the car's location. If it's more than 1.5km away from the phone, it refuses to provide any info 'for privacy reasons'.
The only hidden nugget on that car is Faithless's The Dance on the hard drive.
Am I the only one pronouncing that as "Why-aye Specter"?!
From AWS Cloud Best Practices:
"Be a pessimist when designing architectures in the cloud; assume things will fail. In other words, always design, implement and deploy for automated recovery from failure. In particular, assume that your hardware will fail. Assume that outages will occur. "
Customers aren't paying for an infrastructure that does not fail - they are paying for things like elasticity, parallelism, and the transfer of capex to opex.
A consensus among a raving gang of swivel-eyed conspiracy theorists probably doesn't count.
Hey Beornfrith, thanks for sharing your story and being open. Although IT is generally conducive to working from home, one of the problems is getting your foot in the door first. So for example, I've never been able to work from home for the first few weeks of any new role, at least. This is partly to get the new recruit up to speed with the role, partly so others get to know you so you can all communicate when not face to face, and partly so the manager trusts the new guy, I suppose.
Maybe it would help if you offered the first x weeks of work for free? Hopefully, this wouldn't impact on your benefits, while allowing an employer to get comfortable with the idea of you working remotely, since from their perspective, they would have little to lose from giving you a trial?
Or, how about this. Learn something like dotnetnuke, develop a couple of sites (you'd need one for yourself anyway), then try finding work on 99designs or fiverr or whatever. Admittedly this could affect your benefits if you earned money one week but not the next.
As much as the following sounds a bit iffy, you could try playing the system:
1. Set up a limited company with your wife as sole director.
2. Said company then touts for work on (for example) 99designs, as above.
3. A job comes in, which is fulfilled by an unpaid volunteer (guess who?!)
4. Money is paid to the limited company. Paying that out to your wife would incur tax, but that's ok, because at least you've earned money to be taxed on in the first place, rather than losing benefits and having nothing at all in it's place.
5. You might reach a point where there is sufficient money in the company to take on an employee (again, guess who?!) at which point you drop the benefits and take a salary.
And all this time, your wife isn't doing much for the company, so no extra work for her. You get to use your brain, extra money comes into the house, and if it doesn't work, you've still got the benefits to fall back on.
*You* think you've nothing to hide.
Or, as per my conversation with a colleague:
Me: "Do you mind me knowing you're Jewish?"
Me: "Ok, it's 1939, we live in Germany and I just joined a far-right political group, now do you mind me knowing you're Jewish?"
The point is, he hadn't done anything different, or "wrong" - it was the watcher - a hypothetical me - that was dodgy.
So mail comms are collected if the sender or receiver is overseas. If you wanted to talk to some ne'er-do-well overseas about nefarious stuff, that sounds like something you could bypass.
You (baddie 1) write message in UK and commit to disk
Replicate stored data via block-level replication to overseas data source
Baddie 2 looks at replication target disk on the other end, reads message, replies and commits to disk for replication in the other direction.
What's the chances that an encrypted block-level disk repl would be intercepted, read, and the deltas from multiple replications compiled into a legible text string? From the resource constraints and bureaucracy evident here, I wouldn't expect so.
I expect there's a bunch of other ways to do it too.
Do I *have* to take a pay cut to do it?
Really? I need the loo - I'm going to count.
That was cool. The steak and the shrimp etoufe (spelling?) were good. The two HP engineers assigned to my project didn't know each other, we all got on great, but as per my colleague's (from Kansas city) advice, I was extremely careful around politics - their very own George W was POTUS at the time.
There was, however, an odd moment where one of the HP guys recalled a childhood memory (as a 15-year-old) of standing in the back of his dad's pickup at 40mph offroad while simultaneously wedging his legs in the bars behind the cab and wielding a rifle one-handed trying to shoot a fleeing deer or some other poor beast. Properly mental stuff. Only for the other engineer to exclaim that he had almost the same experience in his own childhood. No, seriously, I'm not even joking. The only reason these guys were't wearing sidearms was because HP had a company policy of no weapons on site.
" there will be a few dozen who have the talent, the knowledge and the tools to find out who is behind this"
Sounds like a quote from a new "Taken" film...
I have to 'go' before I go out on my bike, because cycling makes the turtle put in an appearance. Add to that the strain of climbing trees to dismantle spotlights, I reckon this guy must leave the house a good few hours before a well-timed deposit.
"London closed to traffic" - that's a crazy statement right there.
"first and only time that strangers talked to strangers on London transport."
That pisses me off about people - it's ok to talk to me when they're shitting themselves, but look down their noses at everyone else as long as they are feeling nice and secure? This happened when the lights went out on a tube train - suddenly they're chatty in the darkness.
I watched two pre-teen siblings do this - bickering for an entire holiday flight, until the descent got a bit rough and suddenly they were hugging each other. At least they were kids.
To the OP, thanks for sharing. A sad day indeed.
I know the Custom Support Agreement provides hotixes and updates (although only critical one, and that's as judged by MS), but does the CSA provide continued access to tech support - given that you need a premier support agreement in order to purchase a CSA? Or has 2003 tech support been killed as part of this?
Hey folks, not sure if this should be here or in 'Consuming Passions', but here goes:
I'm moving to a house where the previous owner installed some fancy ceiling speakers for multi-room audio. Assuming that these are patched to a central point, can anyone suggest an appropriate music system? I'm thinking of a server that can see my iTunes library and spotify, and maybe rip CDs for example, and some sort of client in each room to choose the locally-played music. It would also be handy if there was an ios app version of the client.
I believe he wired cat5 throughout as well, but I guess wireless clients would be more user-friendly.
I don't know if he patched the lounge speakers into the AV for integration with the TV, but that functionality might prove handy.
Any advice appreciated.
"I say we take off, nuke the entire site from orbit. It's the only way to be sure."
I am reminded of the on-site tech who called me on the service desk (yeah, my first job) to ask if resetting the users password on the AS400 would resolve the SCSI id boot error on the workstation. Explaining that the client bios config had no concept of the os2 user, let alone the mid-range box on the other end of a 3270 session was like teaching Chinese to a toaster. The client config was a company-wide standard build, so it was either a one-off error or a hardware failure (and he hadn't tried a reboot). The best bit was that he got the password reset, rebooted the client, then because it booted ok, he called me back to call me a clueless fuckwit!
Genius. I once blagged a ticket for a Liverpool-Fulham football match, separated from my friend and in a stand with the opposing Fulham supporters. Liverpool won 2-0, met with much hurling of obscenities by those around me, including the man next to me who was with his son (I know, great example!). At the end, this lad, probably about 7 yrs old, turned to his Dad, and pointing to me, says "he's not made a sound for 90 minutes, do you think he's a Liverpool fan?" His Dad said something like "No, don't be silly, be quiet", and I just thought was that he was one of the most observant people there. I wanted to tell his Dad, but chickened out!
Thanks Hollerith and Mayhem - the business units have their own devs related to the integration aspect, so there's no fooling them in that respect, but I see the points you are getting at.
@x7 - good grief, I thought you were being sarcastic for a minute, talking about standing on the seat. Perhaps you're right, we should have embraced him (*ew*) as an innovative thinker!
@Laura Kerr - Indeed! Took a while to get any cash through when the whole ship sunk, didn't it? Still, I enjoyed the after-work social life while it lasted.
A place I worked at launched an HR enquiry to investigate the source of turds in bin bags, left by the side of the toilet. The cleaners were going ballistic, and company emails were expressing concern for mental health of colleagues ("there's the loo, right there, so why else wouldn't you use it?"-type thinking), until what was thought to be a muslim chap owned up in confidence. He was devoutly religious, and perceived the toilet to be 'unclean'. Quite why he couldn't do the squat-stand like other self-respecting OCD geeks I don't know.
I like how the Police removed one of them, and left the rest on the street!
Biting the hand that feeds IT © 1998–2017