* Posts by elip

117 posts • joined 18 Mar 2011

Page:

Microsoft's Azure Kubernetes Service mucked my cluster!

elip

Re: blame

"It has to be able to cope with an unplanned node failure and recover swiftly and in an automated fashion. It has to be able to cope with transient network connectivity problems including partitions, one way packet loss, variable latency etc. Ideally, it needs to be capable of distribution across multiple availability zones or even regions, as failures at these levels are not unknown."

^^^ Show me such an app. I've been doing this many years, and haven't seen it.

Azure is a pile of unfinished garbage (like most software these days seems to be), take it from someone who's migrated multiple data centers to it (including HPC workloads) and was not in the least bit impressed by any single part of the experience.

1
1

LabCorp ransomed, 18k routers rooted, a new EXIF menace, and more

elip

Re: Dark hole in home IT security.

Dude, Huawei is no different than Linksys, Netgear, Cisco, etc... they all have flaws that they won't fix, especially for consumer gear. Linksys, before they got purchased by Cisco, refused to release fw updates for my modem about 12 months after releasing the hardware, despite known exploit PoC code being publicly available. This was the straw that broke the camel's back for me - OpenBSD on a small embedded platform as a router since then on any network I operate.

2
0

'It's legacy stuff brute-forced in': Not everyone is happy with Citrix's cloud

elip

Venerable?

How are yall still writing venerable and <insert any Citrix application name here> in these articles?

0
0

Et tu, Gentoo? Horrible gits meddle with Linux distro's GitHub code

elip

Re: Now that GitHub is a M$-shop

Gentoo hopped on systemd as soon as every other distro. The only difference with their effort, as always, is they provide you choice and an easy method of running without it.

5
0

Citrix.com 404s mentions of F5 Networks

elip

Maybe they're self-censoring their own BS?

Did you catch that sentence in the archived screen grab? "Most cloud users have gone hybrid multi-cloud"??? What world do these guys live in?

0
0

Brave Brave browser's hamburger menu serves Tor onion routing

elip

Re: Who are you hiding from?

Not sure why the downvote. Maybe for the word *all* in your comment? There are *some* known FBI exit nodes for sure, and there will likely be more. Don't forget the Onion protocol is a DoD baby.

0
0

Amazon staffers protest giant's 'support of the surveillance state'

elip

Re: According to IBM's latest TV show on AI...

Nothing has changed from Obama to Trump when it comes to border detention, keeping mothers away from kids in detention centers (jails), etc. Did everybody just sleep through Obama's presidency and "woke" when Trump took office? Obama *still* holds the record for most deportations by US president.

1
1

Democrats need just one more senator (and then a miracle) to reverse US net neutrality death

elip

Re: Go stateless

What? Are you implying service/content providers will throttle AWS, Azure, GCP? When most of them serve *from* those locations already? Hmmmm.

0
0

US, UK cyber cops warn Russians are rooting around in your routers

elip

Re: Aren't we doing the exact same thing to Russia?

Well of course. How else do you think the US knows Russians are on the routers...they run 'w' in their existing sessions. :-P

19
0

Slicker servers, heaving racks, NVMe invasion: It's been a big week in serverland

elip

Too little too late

These guys are late to the party, and I don't see this concept working in the long haul.

"If you have racks of commodity server and are currently re-purposing servers between applications quite often, then having that process automated by products like Supermicro’s RSD could be seen as attractive."

^^ This is downright silly for 90% of the world's workloads. What everyone should be pursuing in a quest for effective utilization, is plain-old, boring compute clusters, where app (and other) folks can simply deploy a service, a process, a micro-service, a jvm, an instance of work, etc. Easy to manage (some of us have been doing this for 20 years), easy to maintain, and vastly cheaper than dedicating whole systems to a single app or a bunch of thick-provisioned VMs.

0
1

'Disappearing' data under ZFS on Linux sparks small swift tweak

elip

Lee, of course testing is happening, at the OpenSolaris derivative distros (two of which looked like they peer-reviewed the code [supposedly] before commit). A trend I've noticed with Linux-first-and-foremost devs is that they tend not to hold much value for testing, or portability, or security, or quality, etc. Yes, my brush is wide enough.

2
2

How machine-learning code turns a mirror on its sexist, racist masters

elip

Re: Mathematical modelling of sterotypes?

> How did we become so effing arrogant?

Money....lots of money is on the line. Grants or otherwise. We're 100% positive we're correct *this time*, honest!

3
0

Donald Trump jumps on anti-tech bandwagon, gets everything wrong

elip

Check for the story where he said Amazon and other retailers will have to disclose full shopping histories of their customers to the government on demand, if X legislation goes through. It was based on dubious understanding of the law at best. I wish I could find the article for ya, but I can't.

0
0

World celebrates, cyber-snoops cry as TLS 1.3 internet crypto approved

elip

Re: And yet still...

They have enough metadata to infer the content on *many* occasions. I don't have the URL handy currently, but MS researchers had done some nice work regarding key stroke reconstruction based on TLS traffic metadata alone, back around 2009/2010 I believe.

3
0

Recording Industry Ass. says vinyl and CD sales beat digital downloads

elip

Re: You'll thank yourself later on.

Neither needed. Backups, backups, backups.

5
0

Trump’s immigration policies costing US tech jobs says LogMeIn CEO

elip

But would somebody please think of the SHAREHOLDERS!!!

2
0
elip

Bingo

I've trained my replacements so many times now, that I'm thinking I may just turn it into a one-man business.

0
0

Container orchestration top trumps: Let's just pretend you don't use Kubernetes already

elip

Rancher anyone?

Am I the only one running Rancher in production?

3
0

Women of Infosec call bullsh*t on RSA's claim it could only find one female speaker

elip

I agree, increasingly, rationality and reason are becoming more of a special and unique trait among the populace. Especially among the tech bubble crowd... and then there's California.

0
0

Look at stupid, sexy Kubernetes with all the cloud firms hanging off its musclebound arms

elip

Re: Supporting Kubernetes is good, but how long for?

"Literally no one does that."

^^ Hmmm, whaaa? Sounds like you haven't been around too many "enterprises", small or large. I once worked for an extremely technically-advanced hardware sensor company (NASA one of our main clients), where I was lucky enough to work with some of the brightest engineers I've ever gotten a chance to be around, yet, unlucky enough to be responsible for "support" and "maintenance" of a load balancer that hadn't been patched (and couldn't be, cause no support) in over 12 years. Just one example of many in my career. I once saw a Sun box with a 14 year uptime.

4
0

Newsflash: Car cyber-security still sucks

elip

So wrong it hurts.

"These ECUs turn out to be poorly protected because they've been designed to prioritize simplicity."

Sorry, I disagree completely. These ECUs as well as the larger whole of the vehicle, has been re-designed in the recent decade+, to prioritize complexity (as has every other piece of technology). Worse yet, this new generation has been brainwashed into believing, the best way to secure something that has grown (largely needlessly) in complexity, to fulfill a bizarre, self-destructive human craving for convenience, is to throw yet MORE complexity at the problem. Example of this backward (or forward depending on your perspective) thinking:

"As a mitigation, the researchers suggest car makers implement an intrusion detection system that operates even when the vehicle is off, though they acknowledge this could tax the car battery."

Brilliant.

7
0

H-1B visa hopefuls, green card holders are feeling the wrath of 'America first' Trump

elip

Go Trump Go.

Sure he's a fuck-up, and we all despise almost everything he stands for, but Trump is correct on the H1B issue.

Here I am, my final week at my current gig, training my India-residing "replacements". I am on a technical team of 25, all living in the US, as the only "American". I put American in quotes, as I'm also an immigrant turned US citizen! :-) For what it's worth, *all* of my US-residing Indian colleagues, despise the H1B system, its abuses, and the generally shitty-quality H1B colleagues which we're then forced to train, and re-train, and re-train, and re-train. We just taught the 'ls' command to one of our Indian Senior DBAs, with "15 years of Oracle experience on UNIX-like systems". Yep.

22
0

Meltdown/Spectre week three: World still knee-deep in something nasty

elip

Re: Intel "shouldn't be selling CPUs?"

I'm more than a little bit distressed by the fact that Intel, ARM, AMD, Google etc. knew about this flaw for half of a year, but kept Oracle and IBM (and other smaller RISC vendors) completely in the dark. I understand, and completely disagree, with software-only security embargoes, as it effectively penalizes the smaller developers and open source projects, which ultimately hurts users' security. However, in this case, the owners of 80-90% of the world's running machines, in my opinion, *colluded* to keep these older RISC vendors out of the loop, while they developed mitigations and designs to improve their future products. They did this knowingly, and willfully. I have a feeling and hope, some very large, very reckless companies are going to be facing legal battles.

2
0

Twitter breaks bad news to 677,775 twits: You were duped by Russia

elip

Re: Follow-on to the previous post... sigh.

Trust me, these kids in the US don't even know how to spell Yeltsin, let alone begin to understand what happened in Eastern Europe or the amount of tax-payer funded propaganda operating in the name of "democracy". Many if not most I grew up with only knew of France and Germany (and that was after high school Geography classes) when asked to name European countries. Then these same kids grew up and got "woke", "becuz NPR!!".

12
2
elip

Re: @Lysenko

Ahhh yes, all those damaging tweets from the Evil East warping fragile nubile Western minds on the interwebs and "swinging" elections. Meanwhile, in the real world, US Congress has authorized a record number of *real* weapons to be distributed throughout the planet in 2017. Tweets vs. bullets. I know which I'd rather be exposed to.

19
1

SAP boss promises to cull marketing dross on community network

elip

I've previously worked for these fucks. They have no idea how terrible their software is, and god forbid you actually tell them. They lost the community many many years back.

1
0

Sili-spurned Valley! No way, San Jose! Amazon snubs SF Bay Area in search for HQ2 city

elip

Re: Indy!

At least they're fucking cities. When I moved from the Midwest to NC, I drove right through downtown Raleigh, and only noticed, after I hit a sign that said "Downtown" with an arrow pointing back to where I came from. Hope they stay the fuck out of Raleigh, we've got enough wankers here already. All implants. Have lived here since 2011 and have only met a single local.

1
1

SAP customers won't touch the fluffy stuff... so here's another on-prem HR data tool

elip

Just restating what others have already said. This has nothing to do with folks not being ready for the Cloud, and everything to do with how utterly terrible the SuccessFactors applications are (both to use and to support). If you only saw how they managed it all on the backend, you wouldn't believe it.

1
0

IBM melts down fixing Meltdown as processes and patches stutter

elip

Actually that's better than what we're doing

I work for a large cloud/SaaS provider; you guys often do write-ups about our terrible licensing terms. We haven't even begun to plan the remediation.

6
0

Azure VMs borked following Meltdown patch, er, meltdown

elip

Nah, we're in multiple regions, and they're all experiencing slow-downs in IO. Not isolated to W Europe. I also love how the patching/Maintenance status updates on our VMs are taking between 4-6 hours to actually show the current status. Quality stuff.

3
0

You Wreck Me, Spotify: Tom Petty, Neil Young publisher launches $1.6bn copyright sueball

elip

"The era of recording music as a business model by packaging it in some physical medium and tying it down with "copyright" is also over."

As someone who makes side cash doing exactly this, I can reassure you, this statement is incorrect. I also cut vinyl records for folks in the local music scene here in NC... if anything, tape, CD, and vinyl are growing in popularity (again).

5
0

VMware: Sure, you might run our stuff on bare-metal Azure, but we don't have to like it

elip

Nah, Flexpod just for bare metal services like these. Everything else? Who knows.

I agree with very few things VMware says. In this instance, as an Azure customer, I would agree and say, stay clear of Azure if you have a choice.

With that said, why would I want to run VMware to begin with, wether its on someone else's hardware or mine? Are people really that delusional about their stability, cost, and support?

1
2

Republican tax bill ready to rescue hard-up tech giants, struggling rich

elip

Re: I don't get it

"Or, of course, they could just let the deficit grow; this will push the problem on to the next generation and make it much worse."

This, this right here is all we've ever done, and all we'll ever continue to do. Just check out the debt charts and you can clearly see every and each time the debt "ceiling" was hit, and then subsequently lifted (rinse, repeat). It will not end, until everyone realizes that we print money and the dollar is worth fuck-all.. or we just do what Japan's been doing for the last few years. :-)

0
0
elip

Re: Math

Bob, shhhhh! Don't tell them how the private insurance companies got that provision added to the ACA, or who came out of a meeting with a somewhat concerned United Healthcare CEO, proudly proclaiming "Single payer is off the table!".

3
0

It's a decade since DevOps became a 'thing' – and people still don't know what it means

elip

Re: Yawn...

"...you don’t care about x86 vs ARM." <--- Spoken like a true developer.

6
0

Tech giants at war: Google pulls plug on YouTube in Amazon kit

elip

Re: Love the Hendrix reference

@IsJustabloke

As someone who has attempted and failed, and continues to ponder suicide-as-the-only-option daily, I have no issue with Teiwaz or anyone else trivializing suicide. Lets stop pretending like death (no matter the method), and life for that matter, is sacred. Everything's a joke.

8
0

WikiLeaks is wiki-leaked. And it's still not even a proper wiki anyway

elip

Re: Leaked leaks did not come from WikiLeaks

https://www.youtube.com/watch?v=apFmKz7al0Y

0
0
elip

Re: Leaked leaks did not come from WikiLeaks

Why anonymous? Obama himself reassured voters of the "US's Deep State" in multiple speeches.

1
7
elip

Re: Shower of shites!

Yes all that, but whatabout-the-evidence? We keep hearing about this mountain of evidence that the *intelligence* services have, but all we've seen is a list of public internet proxies, as attribution to any hacks. They're going to have to do better.

3
4

Intel's super-secret Management Engine firmware now glimpsed, fingered via USB

elip

Re: Read the open letter righr till the end

What is the fascination with formally verified software all of a sudden? It means nothing in the real world. Many commercial TCP/IP stacks have been formally verified, almost all have suffered serious security issues (many found by Michal Zalewski). WPA2 was also formally verified, and we now see how that worked out in the real world. Lots of software also happens to fully pass their test suites, before we start exploiting it. ;-) Save your money, skip the formal verification, and focus on simplicity.

3
2
elip

Re: Everybody switch over to AMD

Actually, Russian government asked this question several years back, passed protectionist legislation, and is now turning to its own CPU designers and fabricators for their systems.

I can only imagine, China being China, it has already done this several years back.

6
0

Google, Twitter gleefully spew Texas shooter fake news into netizens' eyes

elip

Re: The weak of mind believe this stuff

DougS, you speak of the parroting and 'fake news', and then go on to spew the same bullshit without checking twice. He didn't crack the skull of his 11 month old daughter - it was the daughter of his wife, different father.

1
8
elip

We have these news organizations now. Unfortunately, they were labeled 'fake news' and 'Kremlin stooges' by Google, Facebook, a completely anonymous group of "concerned citizens" (PropOrNot), the DoD, Kieren and the MSM outlets.

2
0

Red Hat speed fiends celebrate automation

elip

Re: Burying the lede

Do they (RH) think folks actually *like* to use Tower? The open source simple toolset is good enough for most Open-source-heavy shops.

0
0
elip

Re: Commissioning

I will add, having infrastructure as code does add the one nice-to-have function of being able to diff your *complete infrastructure* and (hopefully if you do it right) be able to track it in your source control history. This is beautiful.

0
0
elip

Re: Commissioning

Where have you been? This has been a buzz-phrase for at least 5-6 years.

0
0
elip

Re: Commissioning

Whaaat? I love ansible too. I'm not sure you're using it right. I've *never* used it to provision systems, and I'm not positive that this is even one of its intended uses.

There should be no 'entropy' in the system state. You run ansible (or chef, or puppet, or your homegrown shell scripts) every X number of minutes out of cron (or whatever your scheduler of choice is), and let it pick up/trigger updates to pkgs, configs or data files from your CMDB's API for the specific host or hostgroup resources you've defined there. It's great for one-off adhoc runs of commands as well, but really no different than shell+ssh that we've been using for decades to do the same work.

Don't get me wrong, its not nearly as efficient or quick as working directly with shell, and non-interactive ssh and issuing the one off command or two that you're trying to execute, but seeing how most sysadmins I work with these days look at me cross-eyed with a "fuck you" grin on their face when I tell them to read the manual (*any* manual), I imagine its somewhat of a necessity *these-days*. Lets be honest, the state of the art is in a bad way.

0
0

Google, VMware and Pivotal team for on-premises Kubernetes

elip

Re: Could be useful.

I love how every cloud deployment I've been involved in, required more hand-holding and more custom automation development than on-prem (mostly to work around all of those things you've been accustomed to and taken for granted on-prem, that are simply *not available* or in *preview*, or wholly inadequate for "Enterprise needs" in the cloud).

The other thing I also noticed, is the price shock that comes over VPs and Director-types when they compared Azure, for example, to running on-prem once we fully migrated to cloud.

Thirdly, almost always (in my experience) DevOps/Sysadmins come away redeemed, once it turns out that this 'fast iteration and deployment' in the cloud, actually takes longer than in the standardized environments we've been running for decades on-prem. This is especially sweet, since there's always the bullshit line of "deploying OS, apps takes soooooo long" on-prem, and when you point out that, in fact, it takes 7 minutes to deploy hundreds of VMs and app stacks on-prem on existing KVM infrastructure (including full kickstart build; because you actually can and do track these metrics easily), and it sometimes takes 30-50 seconds just for a single cloud API call to return to the automation framework (which now somebody has to maintain), you get that "oh...<lets switch topics>" response almost every time.

3
0

Sweden may extend data retention, splat NAT and register VPNs

elip

Re: Next one in line

See, too much logging involved either way! :-P

We also disobeyed when it came to the currency/Euro rules - I can still buy everything in Poland with Zloty.

7
0

Red Hat banishes Btrfs from RHEL

elip

But you've just described exactly what a file system does.

Whether you have a regular human user account with access to the data, or a service account/application token writing to the data store, the file system is responsible for the reads/writes/access enforcement. Why would we want even more abstraction?

5
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018