As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

[Sysadmin] Routing to null

1262729313299

Posts

  • SniperGuySniperGuy SniperGuyGaming Registered User regular
    SniperGuy wrote: »
    I floated the idea of "hey we should move the cabinet out of the break room and into a more secure room" and was then shown a small room we have that was very cold, only accessible by a locked exterior door (kind of weird but whatever, it's locked at all times) and apparently includes the place where our net connection enters the building, but clearly has room for server racks. This seems potentially ideal?
    What about cooling/ventilation? I know you’re just putting one server in there, but at full load, you might be in trouble.

    It's real cold in there so I would assume it is air conditioned pretty well, but I'll check. We've got a guy coming out Monday to help me finish setting up the server so I'm gonna see if we can maybe just put it in there on a table for now instead of in the other guy's office and they'll be able to tell me if there's any reason that's a bad idea.

  • SeidkonaSeidkona Had an upgrade Registered User regular
    Hello friends!

    Those who are labbing environments might want to look into multipass.


    https://multipass.run/


    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • SeidkonaSeidkona Had an upgrade Registered User regular
    edited August 2019
    Also if you want to play with k8's without any initial setup you get yourself microk8s

    Which you can run in Multipass if your not running Linux as a primary OS.

    https://microk8s.io/

    Seidkona on
    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • EchoEcho ski-bap ba-dapModerator mod
    Entaru wrote: »
    Also if you want to play with k8's without any initial setup you get yourself microk8s

    Which you can run in Multipass if your not running Linux as a primary OS.

    https://microk8s.io/

    How does that compare to Minikube? It's what I've dabbled with on my Mac, but it uses full Virtualbox stuff.

  • SeidkonaSeidkona Had an upgrade Registered User regular
    edited August 2019
    Echo wrote: »
    Entaru wrote: »
    Also if you want to play with k8's without any initial setup you get yourself microk8s

    Which you can run in Multipass if your not running Linux as a primary OS.

    https://microk8s.io/

    How does that compare to Minikube? It's what I've dabbled with on my Mac, but it uses full Virtualbox stuff.

    Minikube is good too but I am not a fan of Virtual box. It seems to get worse each release since Oracle bought it.

    Microk8's is cool in that it's a snap and therefore it is sort of managed for you.

    Edit: and if you're on Linux as a base you are running k8's in a snap sandbox with a lot less overhead. Which is cool.

    Seidkona on
    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • ThawmusThawmus +Jackface Registered User regular
    I do love me some snaps!

    Twitch: Thawmus83
  • DarkewolfeDarkewolfe Registered User regular
    I'll be honest, I'll probably add something running multipass just so I can say it.

    Moolteeee paaasssss.

    What is this I don't even.
  • EchoEcho ski-bap ba-dapModerator mod
    I ditched Minikube and tried doing the same setup with Docker for Desktop's own stuff. Sure, it works, but oh boy, container management! I'll try Microk8s as well, I mostly just want a quick way to turn k8s on/off for when I want to dabble with it.

  • RandomHajileRandomHajile Not actually a Snatcher The New KremlinRegistered User regular
    Y’all have said a lot of words and I understand maybe half of them.

  • EchoEcho ski-bap ba-dapModerator mod
    Well, some cursory trial and error ended up with mostly error - tried multipass/microk8s and multishift and couldn't be arsed figuring out what went wrong.

    Docker for Desktop's built-in k8s worked well enough for demo purposes - I just want to learn some k8s, I'll deal with the minor annoyances I get with this solution.

  • EchoEcho ski-bap ba-dapModerator mod
    Also my Macbook runs hot enough while doing this that the power I get over USB-C from my monitors isn't enough to keep the battery topped off. :rotate:

    Eh, it's just 80 containers, walk it off.

  • wunderbarwunderbar What Have I Done? Registered User regular
    Echo wrote: »
    Also my Macbook runs hot enough while doing this that the power I get over USB-C from my monitors isn't enough to keep the battery topped off. :rotate:

    Eh, it's just 80 containers, walk it off.

    what monitor do you have?

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • DarkewolfeDarkewolfe Registered User regular
    Donglebook Pros seem real bad at external power management.

    What is this I don't even.
  • wunderbarwunderbar What Have I Done? Registered User regular
    Darkewolfe wrote: »
    Donglebook Pros seem real bad at external power management.

    eh, the power from the monitor really matters. the macbook pros have an 87w power adapter, and the couple usb c monitors I've seen max out at 45w out. That's why I asked. Doesn't matter what laptop you have if it's pulling 60w+ under load and you have a 45w adapter, it's just math.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • djmitchelladjmitchella Registered User regular
    I was just playing around with kubernetes last week. Their docs need some improvement, if you ask me. Their getting started page says you should use minikube to install a tiny kubernetes setup on your laptop to talk to. Fine. But the page on installing minikube says:
    Installing minikube
    ...
    Make sure you have kubectl installed. You can install kubectl according to the instructions in Install and Set Up kubectl.

    Okay, fine. Off I go to the 'set up kubectl' page.

    Install and Set Up kubectl
    ...
    if you are intending to run a Kubernetes cluster on your laptop (locally), you will need a tool like Minikube to be installed first

    Ugh.

    It turns out that I could just blindly install things without actually running them and then it all sort of came together, but then I realised that it was much easier to just use the 'I would like kubernetes please' checkbox in Docker Desktop and that was that.

  • SeidkonaSeidkona Had an upgrade Registered User regular
    I plan to set up a controller node on multipass and the set it up so it can spawn the worker nodes itself.

    Then I plan to build the cluster by hand.. .

    Because that's a thing I do for fun.. .

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    Anyone with Office 365 have any 3rd party two-factor authentication running with it? And if so, how much of a pain is it for users?

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • a5ehrena5ehren AtlantaRegistered User regular
    My company (I'm not admin, but a user) uses RSA with O365.

    They are moving to Okta Verify shortly because RSA sucks so bad, FWIW.

  • SeidkonaSeidkona Had an upgrade Registered User regular
    We have okta on o365. It's not my responsibility though.

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • LD50LD50 Registered User regular
    edited August 2019
    We use Symantec VIP and its not bad aside from a few self inflicted quirks.

    Edit:

    I think switching to the microsoft authenticator is on our roadmap though.

    LD50 on
  • schussschuss Registered User regular
    I think ours is the Microsoft one? It's fine, not a big deal.

  • mcpmcp Registered User regular
    Okta looks great.

    For our number of users it was six figures a year, which made management cringe a bit.

    We've put that on hold for now, but it's still on the table.

  • lwt1973lwt1973 King of Thieves SyndicationRegistered User regular
    It’s been suggested we use Duo but I wanted to see other options that have been used.

    "He's sulking in his tent like Achilles! It's the Iliad?...from Homer?! READ A BOOK!!" -Handy
  • pentium166pentium166 Registered User regular
    edited August 2019
    I wasn't playing with Kubernetes last week, but we are using Helm currently and I did spend some time seeing what kind of improvements we could make to the app versioning and deployment process for our Kube clusters. Turns out that it has lifecycle hooks that could be used for things like ensuring database migrations are always performed before an upgrade!

    Our software is made up of multiple components (not microservices, but a monolithic API server and multiple frontend apps). We also, for each of our client deployments, specify versions for each component individually, so our production environments are a giant clusterfuck of version combinations. I'd also like to dumpster the multiple helm charts we have currently and replace them with a single, properly-versioned chart that bundles known versions of each component with no possibility for overriding individual versions.

    The infrastructure team seems content to exclude the dev team from their planning, unfortunately, so making progress there is difficult.


    I have (had?) an irrational urge to play with Hashicorp Nomad, and I was looking into the effort required to run a cluster that I'd feel reasonably safe putting into production. One of the first steps was something like "And now, create your own certificate authority" and I kind of lost enthusiasm at that point.

    pentium166 on
  • wunderbarwunderbar What Have I Done? Registered User regular
    lwt1973 wrote: »
    It’s been suggested we use Duo but I wanted to see other options that have been used.

    we use duo for our mostly on prem environment (moving to o365 within a year). It's ok, but I don't love it. I'm not sure about the other solutions but the options for offline login suck.

    So, we use it as a 2FA for users to sign into laptops. If a laptop doesn't have a connection to the internet when you attempt to sign in, you can't use the normal 2FA (push notification or the normal authenticator). You either have to use one time use codes that have to be set up separately from the "nromal" 2FA, or something like a yubikey. This means for most users we have to set up two different 2FA methods for them, which is not ideal.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • MyiagrosMyiagros Registered User regular
    edited August 2019
    ^^ This guy 4 factors!

    We have one client that uses 2FA with Office 365, besides that we don't have any systems that use it.

    Myiagros on
    iRevert wrote: »
    Because if you're going to attempt to squeeze that big black monster into your slot you will need to be able to take at least 12 inches or else you're going to have a bad time...
    Steam: MyiagrosX27
  • ThawmusThawmus +Jackface Registered User regular
    omg I just realized I haven't seen Cog in here for like ever.

    Twitch: Thawmus83
  • SeidkonaSeidkona Had an upgrade Registered User regular
    Thawmus wrote: »
    omg I just realized I haven't seen Cog in here for like ever.

    Oh deer!

    Mostly just huntin' monsters.
    XBL:Phenyhelm - 3DS:Phenyhelm
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    daddy 2 factors

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • SniperGuySniperGuy SniperGuyGaming Registered User regular
    Okay so I've got this VMware server running but am having some trouble. We've got vCenter/vSphere on it, and I am able to log into both the host and to vcenter. However, vcenter is showing the host as "not responding", or it was until I told it to disconnect, then reconnect, and now it can't even reconnect. Only 3 VMs on the thing, a domain controller, one for doing backups, one for vcenter. Someone else configured it for me but when we got it installed we switched the IP of the domain controller (also handling DNS/DHCP) and used the same IP the old DNS/DHCP server was using (while unplugging the old one of course.) Internet works just great on the network and I can log into the host and see the VMs, but vcenter isn't working and vcenter is what seems to let me actually control stuff. The network is working so this isn't a "oh no everything's on fire" type deal but anyone have any quick fixes for this sort of thing I might be missing? I haven't tried rebooting the whole server yet but that's an option I suppose.

  • wunderbarwunderbar What Have I Done? Registered User regular
    the only thing worse than a maintenance window where I have to actively do the maintenance is when that maintenance window is from 4 am to 5 am.

    There is not enough coffee.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
  • twmjrtwmjr Registered User regular
    wunderbar wrote: »
    the only thing worse than a maintenance window where I have to actively do the maintenance is when that maintenance window is from 4 am to 5 am.

    There is not enough coffee.

    see, I feel the opposite of this -- if I have to do something, I'd always rather do it super early in the morning. I'd rather keep my evenings to myself and get up early to get work done...doubly so if it's on a Saturday.

  • SiliconStewSiliconStew Registered User regular
    SniperGuy wrote: »
    Okay so I've got this VMware server running but am having some trouble. We've got vCenter/vSphere on it, and I am able to log into both the host and to vcenter. However, vcenter is showing the host as "not responding", or it was until I told it to disconnect, then reconnect, and now it can't even reconnect. Only 3 VMs on the thing, a domain controller, one for doing backups, one for vcenter. Someone else configured it for me but when we got it installed we switched the IP of the domain controller (also handling DNS/DHCP) and used the same IP the old DNS/DHCP server was using (while unplugging the old one of course.) Internet works just great on the network and I can log into the host and see the VMs, but vcenter isn't working and vcenter is what seems to let me actually control stuff. The network is working so this isn't a "oh no everything's on fire" type deal but anyone have any quick fixes for this sort of thing I might be missing? I haven't tried rebooting the whole server yet but that's an option I suppose.

    Since you changed IPs, did you update the DNS config on the host and inside vcenter? Does the host and vcenter have records in DNS?

    Just remember that half the people you meet are below average intelligence.
  • Dizzy DDizzy D NetherlandsRegistered User regular
    Also DC/Vmware/Vsphere (I'm old and haven't been working with VMware myself for a while, so it might not be as relevant anymore): what are your timeserver settings? If you're DC/timeserver changed IP, it's possible that you're timesync is off.

    Steam/Origin: davydizzy
  • SniperGuySniperGuy SniperGuyGaming Registered User regular
    edited August 2019
    SniperGuy wrote: »
    Okay so I've got this VMware server running but am having some trouble. We've got vCenter/vSphere on it, and I am able to log into both the host and to vcenter. However, vcenter is showing the host as "not responding", or it was until I told it to disconnect, then reconnect, and now it can't even reconnect. Only 3 VMs on the thing, a domain controller, one for doing backups, one for vcenter. Someone else configured it for me but when we got it installed we switched the IP of the domain controller (also handling DNS/DHCP) and used the same IP the old DNS/DHCP server was using (while unplugging the old one of course.) Internet works just great on the network and I can log into the host and see the VMs, but vcenter isn't working and vcenter is what seems to let me actually control stuff. The network is working so this isn't a "oh no everything's on fire" type deal but anyone have any quick fixes for this sort of thing I might be missing? I haven't tried rebooting the whole server yet but that's an option I suppose.

    Since you changed IPs, did you update the DNS config on the host and inside vcenter? Does the host and vcenter have records in DNS?

    We updated that VM's IP, but not anything on the host or in vcenter to my knowledge. New to VMware stuff so not certain how to do that. Or the timeserver stuff

    edit: Ah HA! I did have to update the DNS IP for vcenter in a different menu with a different port I didn't know about until now. Thanks everyone!

    SniperGuy on
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    It's always DNS

    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • DarkewolfeDarkewolfe Registered User regular
    Or some sort of loadbalancing/proxy.

    What is this I don't even.
  • EchoEcho ski-bap ba-dapModerator mod
    Google's MDM doesn't let you whitelist paid iOS apps? What a piece of shit.

  • ThawmusThawmus +Jackface Registered User regular
    edited August 2019
    Employee called me over to look at a phone issue. Hands me her headset, and I notice there's no rubber earpiece, just a rubber-band wrapped around the stem. Note, this isn't what she calls me over for, it's for something else entirely.

    I swear to god my predecessors physically abused these people or something, man. She used her headset like this for a year. Stuck a coiled up rubber-band inside her ear for a fucking year.

    "Well I assumed we didn't have any spares and I knew this was expensive and wouldn't get replaced."

    I then cracked open a bag of 100+ replacement earpieces I've had on the shelf.

    I just can't wrap my head around willing to shove a rubber-band into your ear canal every day for a year rather than ask someone for help. I can only surmise that asking someone for help was too painful in comparison.

    Thawmus on
    Twitch: Thawmus83
  • wunderbarwunderbar What Have I Done? Registered User regular
    I had someone who had her dual monitors set up backwards (i.e. to go from right monitor to left you had to move the mouse off the right side of the monitor) for a solid year. When I asked her why she didn't ask anyone about it she said she didn't think it could be fixed and just got used to it.

    XBL: thewunderbar PSN: thewunderbar NNID: thewunderbar Steam: wunderbar87 Twitter: wunderbar
This discussion has been closed.