@wrx7m said in Resume Revamp - Advice on Format/Layout and Type of Content:
I also have been seeing a lot of graphical graduated scoring for skill sets. Like this-
Is that really a thing?
No, it looks stupid, and creates more questions. If you are going for a project focused resume style, your project descriptions would be what gives them an idea of your skill level
@wrx7m said in Resume Revamp - Advice on Format/Layout and Type of Content:
When listing technologies and products, would you include version numbers? For Windows and some other MS products (Exchange) I would imagine you would. But, for other things like Veeam or ShoreTel, would you? Also, if it spanned multiple versions, would you just hyphenate (Windows 7-10)?
In the format I use, it would be without version in the list, but if I mention it in a project I might provide more version information
But I do know for a fact that it's not just union regulations that might trigger employers to post fake jobs in Canada, but there are certain government regulations that cause this too.
@scottalanmiller said in Never Give More than Two Weeks Notice:
@flaxking said in Never Give More than Two Weeks Notice:
I live in Canada and I've never had a job where there was an expectation that I could refuse any duties assigned to me without getting fired (unless they were unsafe)
The US absolutely does not have anything like people are implying it has, not in the least. It is something being projected from union contracts where collective bargaining has made a strict scope of what someone is allowed to do, and they are thinking that somehow those contracts apply to non-union workers, which they do not.
Yes, that kind of thinking is more up the union alley. And although Canadian labour laws have been influenced by unions, they are still vastly different workplaces. For example, in the trades, of you are non unionized there is often an expectation you will do work unsafely without reporting it, if it's what you need to do to get the job done. However, if you are unionized it is the complete opposite.
I live in Canada and I've never had a job where there was an expectation that I could refuse any duties assigned to me without getting fired (unless they were unsafe)
However we do have like a reverse 2 weeks notice rule. If your employer is going to fire you they either have to fire you or pay you out 2 weeks worth of work. Kind of weird, since I can't imagine anyone not paying out the 2 weeks. (This is after a 3 month probation period after being hired)
Often there is 2 weeks notice of quiting explicitly explicitly spelled out in contracts, but I don't think it is enforceable.
Is it possible to seperate the management/configuration and the actual running of the web server?
In my notes I have syspass.org and passbolt.com
Haven't tried either, probably noted them after someone mentioned them here
No idea, we don't manage the client's infrastructure
From what I heard from our tech, it sounds like the company's UTM was messing with it.
Goal: Create a Vultr VM using Terraform. Get an idea of what would be required to manage this setup just using GitLab. (Next will be do the same with Salt Cloud and compare)
Dockerfile
FROM alpine:3.8 AS downloader
RUN apk --no-cache add wget
RUN wget --no-check-certificate https://github.com/squat/terraform-provider-vultr/releases/download/v0.1.9/terraform-provider-vultr_v0.1.9_linux_amd64.tar.gz
RUN tar xvzf terraform-provider-vultr_v0.1.9_linux_amd64.tar.gz
FROM hashicorp/terraform:0.11.11
WORKDIR /vultr/
COPY --from=downloader /terraform-provider-vultr_v0.1.9 ./.terraform/plugins/linux_amd64/
RUN terraform init
I built the image locally (I don't think GitLab.com has a way of building images using the shared runners) and pushed it up to my GitLab Docker Registry
provider "vultr" {}
data "vultr_region" "toronto" {
filter {
name = "name"
values = ["Toronto"]
}
}
data "vultr_os" "centos" {
filter {
name = "name"
values = ["CentOS 7 x64"]
}
}
data "vultr_plan" "starter" {
filter {
name = "price_per_month"
values = ["5.00"]
}
filter {
name = "ram"
values = ["1024"]
}
}
resource "vultr_instance" "example" {
name = "example"
region_id = "${data.vultr_region.toronto.id}"
plan_id = "${data.vultr_plan.starter.id}"
os_id = "${data.vultr_os.centos.id}"
hostname = "example"
}
shared_prod:
image:
name: registry.gitlab.com/username/terraform-vultr
entrypoint: [""]
tags:
- docker
stage: deploy
script:
- mkdir ~/.ssh
- touch ~/.ssh/known_hosts
- echo "$GITLAB_FINGER" >> ~/.ssh/known_hosts
- touch ~/.ssh/id_ed25519
- echo "$STATE_KEY" >> ~/.ssh/id_ed25519
- chmod 400 ~/.ssh/id_ed25519
- git clone [email protected]:username/terraformstate.git /state
- cp -R /state/. /vultr
- export VULTR_API_KEY=$VULTR_API_KEY
- cp -R /vultr/. ./
- terraform init
- terraform apply -auto-approve -input=false
after_script:
- cp ./terraform.tfstate /vultr/
- cd /vultr
- git config --global user.email "[email protected]"
- git config --global user.name "Pipeline"
- git commit terraform.tfstate -m "Update state"
- git push
environment:
name: shared_production
only:
- prod
When run, it commits the terraform.tfstate file to the state repo when everything is finished. Ideally there should be some kind of locking mechanism in place so that it's not possible to run terraform when at the same time.
Also, I created a prod branch in my main repo for the config to be run off of, rather than master.
@wrx7m said in Simple Resume Fails:
@flaxking said in Simple Resume Fails:
I've seen resumes from people living in largely Muslim countries that state their regilion. It's almost like they think we're prejudiced or something...
Prejudiced against non-muslims?
In this case they are putting a religion other than Islam
@wrx7m "Note This doesn't mean Office 365 will block TLS 1.0 and 1.1 connections. There is no official date for disabling or removing TLS 1.0 and 1.1 in the TLS service for customer connections."
@wrx7m said in Office 365 SMTP server not advertising StartTLS:
@flaxking said in Office 365 SMTP server not advertising StartTLS:
@wrx7m said in Office 365 SMTP server not advertising StartTLS:
Could it be TLS 1.2 is not set as the default on the client system? If it is Windows 7, you need to adjust some registry entries.
The one email library will only use a maximum of TLS 1.0. And it is before the TLS handshake, so I wouldn't think that TLS version would be a consideration yet.
OK, because they started forcing TLS 1.2 back in October.
Nope, they've updated that notice
I've seen resumes from people living in largely Muslim countries that state their regilion. It's almost like they think we're prejudiced or something...
@wrx7m said in Office 365 SMTP server not advertising StartTLS:
Could it be TLS 1.2 is not set as the default on the client system? If it is Windows 7, you need to adjust some registry entries.
The one email library will only use a maximum of TLS 1.0. And it is before the TLS handshake, so I wouldn't think that TLS version would be a consideration yet.
If you use process isolation, then there are no licence restrictions. This is what has fueled our push for Docker. We cannot run some of our services on the same system because they share components but use different versions. Will save us a ton on licencing.
Hyper-V isolation gives containers their own kernel, so they are subject to regular Windows licencing.
Containers do not expose any local gui, you can communicate with a container via terminal or network communication
I believe the 1809 nanoserver base image doesn't even have powershell
Tested using same application but on different computer and network, works without any issue.
Need to verify whether or not it's only happening on one of the computers on their network.
The logs from two separate email libraries show smtp.office365.com not offering StartTLS
log #1
01/16/19 13:16:09 Opening Socket.
Performing DNS lookup: smtp.office365.com
Connecting to: 40.101.128.18
220 YTXPR0101CA0068.outlook.office365.com ESMTP Service ready
EHLO domain.com
250-Requested mail action okay, completed
250-SIZE 20000000
250-8BITMIME
250 OK
STARTTLS
503 Bad sequence of commands
503 Bad sequence of commands
QUIT
221 Service closing transmission channel
log #2
Connected to smtp://smtp.office365.com:587/?starttls=always
S: 220 YTXPR0101CA0071.outlook.office365.com ESMTP Service ready
C: EHLO [10.25.124.141]
S: 250-Requested mail action okay, completed
S: 250-SIZE 20000000
S: 250-8BITMIME
S: 250 OK
However, following the same commands via telnet shows StartTLS offered
220 BYAPR03CA0002.outlook.office365.com Microsoft ESMTP MAIL Service ready at Wed, 16 Jan 2019 23:11:15 +0000
EHLO domain.com
250-BYAPR03CA0002.outlook.office365.com Hello [x.x.x.x]
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
This is on Windows. I haven't tried what happens on a different computer, but I'm wondering what could possibly be the difference happening here that's causing the server to respond differently?
@scottalanmiller said in Which is easier to learn Ansible or Chef or Puppet:
@Emad-R said in Which is easier to learn Ansible or Chef or Puppet:
I truly think containers will make CM obsolete. If not already.
I think more the other way around. Containers are important, but mostly hype. At least app containers like you are talking about. Full containers are best managed by CM. CM and containers are a perfect pairing.
If a server container is immutable, then why would there be need to actively manage the live configuration?
But there will always be servers it doesn't make sense to make immutable.
And, at least on more heavyweight containers, there's no guarantee that the configuration hasn't changed. Although it would seem unlikely. So it's not truely immutable.
The whole container/CM thing is kind of at a weird place right now. With containers, we've sort of migrated back to the golden image thing, just with the pressure to create an image using a config file. I don't really like images on docker hub that don't have links to the dockerfile.
@Obsolesce said in Which is easier to learn Ansible or Chef or Puppet:
@flaxking said in Which is easier to learn Ansible or Chef or Puppet:
It took me quite a long time to get through the initial Puppet tutorials. And even then I was missing important pieces that should be used on any production setups. After that Salt was really easy to pick up. I haven't tried Ansible, but people always seem to say it is the easiest.
Ansible is a more simple machine, because it only has one piece. But SaltStack is actually the easiest to read and use.
It's probably hard for me to truely evaluate how much easier Salt is than Puppet, since Puppet was my intro to CM, and jinja/python was where I had previous experience. But every piece of Salt just feels like more of the same. Once you're familiar with the basics and the documentation, learning to use another piece of it is no big deal.