Posts made by stacksofplates

I know we talked about this but for everyone, one thing that can help here is having multiple node pools. You can have a node pool for the database that has a certain node size and then one pool for the applications that can be a different size. The application node pool can then be scaled down to zero if needed and then bumped back up.

@pete-s said in GKE Auto Scaling down to shut down resource usage and save costs.:

@irj
Interesting, I know nothing but aren't you using the cluster autoscaler?

It's supposed to scale up and down automatically as needed with the settings you give it. If it doesn't scale down as far as you like, have a look at the settings.

Autoscaling depends on the apps. If your app can't withstand a shutdown it's not a good idea. When more nodes are added the scheduler might move the pod to a different machine.

@dashrender said in Staying at your shitty employer is your fault:

@gjacobse said in Staying at your shitty employer is your fault:

@irj said in Staying at your shitty employer is your fault:

I'm 6 years into IT (network admin, sysadmin, security (generalist)) and have my Security+ and am making $70,000

You are doing better than a fellow I worked at the state - who was two years from retirement (28 years of service)... By almost $20k... At $70k I think is is more an exception than the rule... Location is a big key here.... Yes - State Employees generally make less...

This is my general belief as well - location is king!

Now - today after Covid, location is a bit less, but I wouldn't say significantly less important, assuming the company moved a position to fully remote.

Living in SF, LA, NYC all cost 2-4 times what it does in Wisconsin.

I've read that west coast companies are now starting to have a new baseline salary for a position, then up it based on where you actually live. So the base might be $80K, but if you live in SF, you get $40K/y more, but live in Wisconsin - you just get 80K.

I have no personal experience in that happening - so no idea if it's true.

And those that are seeing high prices around here on ML - I think most of you live in or near those expensive cities - correct me if I'm wrong.

I live in a small town in western PA.

@dbeato said in Active Directory Domain name:

@scottalanmiller said in Active Directory Domain name:

used that way. No certificate maker should ever have included it (and I've never heard of that as it would always indicate a scam CA as you cannot own that domain by definition).

The Majority if not all did add the .local, .lan and others, unless you think all CA are scams then I wouldn't say they are a scam.

Yeah from a quick search looks like at least GoDaddy and Digicert offered them.

Nov 2015 is when CA/Browser Forum set the standard to not allow internal domains. So looks like most if not all would have supported it before that.

https://cabforum.org/internal-names/

@dashrender said in GPO or GPP printer setup in light of all this printing nightmare stuff?:

@stacksofplates said in GPO or GPP printer setup in light of all this printing nightmare stuff?:

@dashrender said in GPO or GPP printer setup in light of all this printing nightmare stuff?:

If you have a real green field situation - I would seriously look at options to get rid of AD if possible.

I'm not sure I'll ever be able to do that because I have a large number of spots that need any number of 20+ persons be allowed to log into those computers. AD or some similar technology make that pretty easy. While you can script users over multiple machines - that seems painful, though I've never done it.

Seems any hosted directory service would work? AAD or Jumpcloud sound like they would fit.

AAD sounds OK - but Jumpcloud - (I believe it uses traditional AD Kerberos/NTLM - if not, the following doesn't apply) I probably wouldn't go that direction, don't want to have to manage/maintain VPNs between the endpoints and Jumpcloud.

Then the question is - Does MS have a remote printing solution with AAD as part of the backend?

Jumpcloud doesn't use any AD. It creates local accounts on all the systems and syncs the password. You'd be responsible to have a place for users to store configuration changes but other than that it's really simple.

@dashrender said in GPO or GPP printer setup in light of all this printing nightmare stuff?:

If you have a real green field situation - I would seriously look at options to get rid of AD if possible.

I'm not sure I'll ever be able to do that because I have a large number of spots that need any number of 20+ persons be allowed to log into those computers. AD or some similar technology make that pretty easy. While you can script users over multiple machines - that seems painful, though I've never done it.

Seems any hosted directory service would work? AAD or Jumpcloud sound like they would fit.

I have a couple. Never had any issues with anything just didn't use them enough. They worked as advertised though.

@scottalanmiller said in What Are You Doing Right Now:

@stuartjordan said in What Are You Doing Right Now:

@scottalanmiller Never heard of it to be fair. Just done a google search and does look like a nice product. and you can save to pdf etc. battery life is good as well. Have you personally used one of these?

I've been following them for a while but have not played with one. Ask @stacksofplates about how he likes it.

I just got it Friday. I know two other people who have it and they convinced me it was worth it. I'll let everyone know how it is after I get to use it for a bit.

@scottalanmiller said in HTML Editing:

@stacksofplates said in HTML Editing:

@jaredbusch said in HTML Editing:

I only use VS Code today.

Even if I was only Windows, I would use VS Code over Notepad++ now.

There is nothing better available since it can be universally installed on Linux, Windows, or macOS.

I've been using a Mix. I use VSCode some days and I use Pycharm/GoLand other days. I like different things about both.

I like PyCharm and its related tools a lot. I just don't use them enough (or like them enough) to justify the extra price.

Pycharm is free. I did pay for Goland because the debugging and some extra features are worth it. I don't need to use pycharm because you can use the Python plugin in Goland but I had a couple issues one time and just decided to use pycharm separately.

@jaredbusch said in HTML Editing:

I only use VS Code today.

Even if I was only Windows, I would use VS Code over Notepad++ now.

There is nothing better available since it can be universally installed on Linux, Windows, or macOS.

I've been using a Mix. I use VSCode some days and I use Pycharm/GoLand other days. I like different things about both.

@olivier said in KVM or VMWare:

@stacksofplates said in KVM or VMWare:

@pete-s said in KVM or VMWare:

It isn't the ability to automate that is the problem. It's the availablility of easy to use tools that is the problem.

Thats the whole point I'm making.

KVM is hard to automate. Not that it's impossible, but the tooling doesn't exist to where you can easily automate like with VMware.

And that's a very good point. That's why here at Vates, we made various efforts in XCP-ng/Xen Orchestra, providing multiple solutions: Packer, Terraform and even Ansible integration. That's also why Xen Orchestra really makes sense as a "middleware", as a single central point to consume with its API. Like vCenter in fact.

This is a true way to create value on top of it. The other aspect is all about integration, like we did with Netbox for example (sync all VMs and hosts, with their IP address, config and such to Netbox).

Right VMware or Xen Orchestra. If the tool isn't built with an API first mindset, the work needed to automate it greatly increases.

@travisdh1 said in KVM or VMWare:

@eddiejennings said in KVM or VMWare:

@travisdh1 said in KVM or VMWare:

@stacksofplates said in KVM or VMWare:

@travisdh1 said in KVM or VMWare:

@irj said in KVM or VMWare:

@francesco-provino said in KVM or VMWare:

@WLS-ITGuy I haven’t been in this forum for years, and after years I still see similar questions and the same arguing…

Do yourself a favor and learn something useful like Terraform to automate VMware or similar stuff, the real deal today is not wasting your time reinventing the wheel and doing manual operations, not saving a few bucks on hypervisor’s license.

I agree here. Many on here don't understand the benefits of IaC and proper SDLC because they haven't been exposed to it yet. Penny wise and pound foolish.

Granted many of these one man shops don't have the resources (IT employees) to do it. If you're fixing printers you don't have the bandwidth to do this kind of stuff. Either way there is still pain in the long run for not doing automation, but for them it's just not feasible.

I'm all in favor of automation.

What I question is why you NEED VMWare to automate things? I've done it with XenServer/XCP-NG, and I don't see why anyone couldn't also automate KVM based things as well.

Can you give examples of this automation? I have a feeling the terms aren't exactly the same here.

What I'm thinking of in this case is using Ansible to provision and build and manage VMs and/or the host server.

I’ve been working with this in my home lab, and the virt module seems pretty limited in what it can do. For making a new VM, I’m basically creating and executing a script that runs virt-install to make the VM, which is similar to what the Fedora Project does for VM creation.

This is an example I've used before for XenServer/XCP-NG. https://jrisch.medium.com/using-ansible-to-automate-vm-creation-on-xenserver-d092aa484a06

So two things with this. The first is, what was even the point of using Ansible here? They're just running shell commands for everything. You lose huge advantages of Ansible here. It's really no different than a Bash script at this point.

The second is, this isn't the type of automation I'm talking about. You can do this type of rudimentary stuff with KVM also, but it's all based on cli tools.

Someone mentioned VDI the other day on the site. Say you want to automate bringing up a system for a user automatically when they need a VDI. With these tools you'd either need to use CGI scripts which is essentially a no go, or you'd have to have some way to expose Ansible with AWX, Jenkins, Tower, etc. But you can't just expose Ansible because that doesn't give the end user an easy way to get something. So now you have to either have build a pipeline in Jenkins with remote triggers, or set up Tower/AWX with provisioning callbacks, or something similar. Then you give the user some interface that can then send a request to your middle layer or software to define the request. It's a ton of unnecessary work.

vSphere would either be a RESTful call from a form, or some IaC tool like Pulumi which is embedded in your app that would let them define what they need and it would call vSphere and build it.

The amount of work to automate KVM vs VMware is just too much unless you have a niche case like a cloud provider.

@pete-s said in KVM or VMWare:

It isn't the ability to automate that is the problem. It's the availablility of easy to use tools that is the problem.

Thats the whole point I'm making.

KVM is hard to automate. Not that it's impossible, but the tooling doesn't exist to where you can easily automate like with VMware.

@eddiejennings said in KVM or VMWare:

@travisdh1 said in KVM or VMWare:

@stacksofplates said in KVM or VMWare:

@travisdh1 said in KVM or VMWare:

@irj said in KVM or VMWare:

@francesco-provino said in KVM or VMWare:

@WLS-ITGuy I haven’t been in this forum for years, and after years I still see similar questions and the same arguing…

Do yourself a favor and learn something useful like Terraform to automate VMware or similar stuff, the real deal today is not wasting your time reinventing the wheel and doing manual operations, not saving a few bucks on hypervisor’s license.

I agree here. Many on here don't understand the benefits of IaC and proper SDLC because they haven't been exposed to it yet. Penny wise and pound foolish.

Granted many of these one man shops don't have the resources (IT employees) to do it. If you're fixing printers you don't have the bandwidth to do this kind of stuff. Either way there is still pain in the long run for not doing automation, but for them it's just not feasible.

I'm all in favor of automation.

What I question is why you NEED VMWare to automate things? I've done it with XenServer/XCP-NG, and I don't see why anyone couldn't also automate KVM based things as well.

Can you give examples of this automation? I have a feeling the terms aren't exactly the same here.

What I'm thinking of in this case is using Ansible to provision and build and manage VMs and/or the host server.

I’ve been working with this in my home lab, and the virt module seems pretty limited in what it can do. For making a new VM, I’m basically creating and executing a script that runs virt-install to make the VM, which is similar to what the Fedora Project does for VM creation.

You can use virt-clone if you don't want to run full virt-install.

But you need to set the template up first through something.

@travisdh1 said in KVM or VMWare:

@stacksofplates said in KVM or VMWare:

@travisdh1 said in KVM or VMWare:

@irj said in KVM or VMWare:

@francesco-provino said in KVM or VMWare:

@WLS-ITGuy I haven’t been in this forum for years, and after years I still see similar questions and the same arguing…

Do yourself a favor and learn something useful like Terraform to automate VMware or similar stuff, the real deal today is not wasting your time reinventing the wheel and doing manual operations, not saving a few bucks on hypervisor’s license.

I agree here. Many on here don't understand the benefits of IaC and proper SDLC because they haven't been exposed to it yet. Penny wise and pound foolish.

Granted many of these one man shops don't have the resources (IT employees) to do it. If you're fixing printers you don't have the bandwidth to do this kind of stuff. Either way there is still pain in the long run for not doing automation, but for them it's just not feasible.

I'm all in favor of automation.

What I question is why you NEED VMWare to automate things? I've done it with XenServer/XCP-NG, and I don't see why anyone couldn't also automate KVM based things as well.

Can you give examples of this automation? I have a feeling the terms aren't exactly the same here.

What I'm thinking of in this case is using Ansible to provision and build and manage VMs and/or the host server.

Yeah. That's what I assumed. It's reliant on many disparate cli tools that aren't necessarily related.

There's a terraform libvirt provider but using a centralized place for images doesn't work because it copies the image through the machine running terraform because of libvirt limitations.

If you don't use virt-clone you're heavily limited to either using the domain xml and manually copying the images or wiring up another cli tool like virt-builder.

It's a mess. VMware has its idiosyncrasies but it is light-years ahead in automation.

@travisdh1 said in KVM or VMWare:

@irj said in KVM or VMWare:

@francesco-provino said in KVM or VMWare:

@WLS-ITGuy I haven’t been in this forum for years, and after years I still see similar questions and the same arguing…

Do yourself a favor and learn something useful like Terraform to automate VMware or similar stuff, the real deal today is not wasting your time reinventing the wheel and doing manual operations, not saving a few bucks on hypervisor’s license.

I agree here. Many on here don't understand the benefits of IaC and proper SDLC because they haven't been exposed to it yet. Penny wise and pound foolish.

Granted many of these one man shops don't have the resources (IT employees) to do it. If you're fixing printers you don't have the bandwidth to do this kind of stuff. Either way there is still pain in the long run for not doing automation, but for them it's just not feasible.

I'm all in favor of automation.

What I question is why you NEED VMWare to automate things? I've done it with XenServer/XCP-NG, and I don't see why anyone couldn't also automate KVM based things as well.

Can you give examples of this automation? I have a feeling the terms aren't exactly the same here.

@gjacobse said in Windows Terminal: Runas:

@Obsolesce
That didn't help either....

Are you sure there isn't a policy from something blocking the execution of it?

@eddiejennings said in What Are You Doing Right Now:

@stacksofplates said in What Are You Doing Right Now:

@eddiejennings said in What Are You Doing Right Now:

Working on some Python chops.

FastAPI is a really nice framework. Using it for a bunch of services at work.

From what I’m seeing from job posting most Linux system administration / “devops” gig seem to want a person with some skill in using Python, so post-RHCE this seems to be a good use of time.

Yeah it's definitely a really valuable skill.

@eddiejennings said in What Are You Doing Right Now:

Working on some Python chops.

FastAPI is a really nice framework. Using it for a bunch of services at work.

@scottalanmiller said in DuckDuckGo:

@stacksofplates said in DuckDuckGo:

@scottalanmiller said in DuckDuckGo:

@wrcombs said in DuckDuckGo:

@scottalanmiller said in DuckDuckGo:

@wrcombs said in DuckDuckGo:

@pete-s said in DuckDuckGo:

@wrcombs said in DuckDuckGo:

Anyone using this browser?
I've heard good things online about it, but whats the community thoughts on it?

Didn't know they had a browser but now I'm going to give it a spin.

I just downloaded it on my iPhone - debating on download for my laptop..

Where do you get it? I went to the website, there was nothing there. Just an extension for my current browser.

It's a an app on iPhone as the default browser.

I think you'll find it just looks that way and is actually still Safari.

All web browsers on iphone are repackaged safari afaik, even chrome.

I know that that was true in the past. I'm just assuming that it has not changed. I can't find any reference to it having changed. So I think that that is still true.

Yeah got lazy and I didn't read through everything yet. Just commented on that. But finally made it to the end.