Author Archives: mralcadmin

Admin Admin Podcast #101 – Show Notes -It’s not like riding a bike

We are back for episode 101:

  • Jon has started a new job as a SRE.
  • Stu is currently at the same place for over a year.
  • Jerry just finished a contract job using vSphere and Rancher (Enterprise Kubernetes Management)
  • Al been using Puppet and Pulumi

Jon has been using Puppet and using to configure his work laptop. We talk about Manifests files,PDK and the link to Stu blog to puppet.

Jerry mentions k9s cli

Jon mention the self hosted podcast. He been playing with Proxmox and GlusterFS to make Home Assistant High Availability

Al mentions Borg backup to backup his Linux configs

Jon mention vaultwarden

Admin Admin Podcast #100 Show Notes – Branching out at 100

Admin Admin Podcast 100 Show notes

We reached the century! This episode was recorded via a live stream, so you get to hear a lot more of what happens behind the scenes than usual.

Jon is back in full after a short hiatus (due to being busy at his job). Jon has been visiting his clients at his role, rather than over conference calls.

Stuart has been at his current role for a while now, and is getting into Reliability being a primary focus rather than an afterthought.

Jerry is working with a client who runs Rancher (a Kubernetes distribution) on-premises using VMWare’s VSphere. He mentions about working across timezones with colleagues, which Al and Stuart also have experience with.

Jerry also mentions that his freelance work is increasing, meaning he may have to look at bringing other people in to help. He mentions the challenges of building his code/infrastructure to be utilised/managed by other people.

Jerry and Jon talk about using Github Actions to deploy code/changes.

Al brings up using Continuous Integration with Terraform (referencing Ned In The Cloud). He then asks the question about Git and branching strategies.

Jerry and Stuart talk about trunk-based development, and some of the downsides long-lived branches. Stuart talks about tagged commits, which can be a good way of managing how and where code runs.

Jerry mentions about some of the challenges of working with long-lived branches and divergence from the primary/default Git branch.

Stuart brings up the point that sometimes long-lived branches are useful, but more for deprecated versions/features (e.g. supporting older versions of Terraform).

Jon mentions a useful Github Action for working with Terraform.

Al brings up linting, which Jon gives a brief explanation of. Everyone talks briefly about pre-commit as well. Listener Yannick also mentions that Anthony Sottile (who has written a lot of pre-commit hooks) is doing Twitch streams on Python code, which are worth looking at.

We all talk about the podcast from the early days, meeting at different editions of OggCamp, and how the conference landscape has changed in recent years.

A big thank you to Dave Lee for supporting us in the Podcast, editing, and keeping us honest! Another big thank you to the Otherside Network for supporting us too.

A massive thank you to all of our listeners too!

Admin Admin Podcast Episode 100

So we have made it to Episode 100. To celebrate, we are planning a live show on Saturday 3rd Decmeber at 21:00 UTC, where you can join in the fun!

Details of how to join us on the show will be update on this page near the event.

If you have a question you would like answered in the show email us mail at adminadminpodcast.co.uk

Admin Admin Podcast #099 Show Notes – Making it all a bit modular

Jon recently passed his AWS Certified Security – Speciality exam, congratulations!

Jon mentions how we’re starting to go to more in-person meetings again. Stu and Jerry have been to a few more in-person meetings recently, whereas Al has transitioned to working from home more.

Al mentions how his team and current workplace are trying to adopt a more SRE mindset.

Stu mentions how he is working very heavily with SLIs, SLOs and Error Budgets. He also mentions that a couple of the people on his team come from development primarily, which means he is starting to pick up new ways of doing development (e.g. TDD).

Al mentions how it’s interesting working alongside developers in your team, especially when you come from an infrastructure/networking/sysadmin background. Al is also starting to learn .NET.

Jerry mentions his new role includes Kubernetes and Rancher.

Al talks about Terraform. Al mentions how they are starting to consider adopting/refactoring their current codebase to use Terraform Modules.

Stu talks about using Modules to enforce requirements (e.g. tags for costing resources), consistency and turning business logic into code. Stu also mentions versioning your modules, like using Git tags to reduce breakage but improve the modules.

Stu also mentions his views on Community/Public Terraform modules (i.e. using ones created and open sourced), compared to creating your own. Jon mentions similar views on community Ansible Galaxy modules.

Jon mentions about how to structure your Terraform code, so that plans/applies do not take a long time to complete. The structure can also help with permissions/access for other teams.

Stu mentions using Terraform Data Sources or Remote State for separating concerns within Terraform code.

Jerry mentions that it is possible to abstract far enough so that a team just needs to define a configuration file to create their app, and the Terraform code and modules provide this to them, without them needing to understand Terraform.

Jerry mentions Terragrunt, a Terraform wrapper to abstract Terraform code. It makes code "DRY" (Don’t Repeat Yourself), allowing even less code to be defined within your Terraform codebase.

Stu talks about pipelines and Git strategy, especially with Terraform. Some examples are available here (including GitHub Actions and CircleCI).

Jon mentions an option for testing Terraform in pipelines could be creating ephemeral environments that the Terraform code runs against, so it shows real infrastructure changes.

Al and Stu talk about linting code. Jon mentions pre-commit for taking steps before a commit finishes (meaning code cannot be pushed into a Git repository until the pre-commit rules finish).

Al and Jon talk about public versus private endpoints (i.e. exposing web services to the internet by default, or having it private by default).

Jon mentions HTTP Request Smuggling, as a way of finding ways of bypassing/making a request go to an endpoint that isn’t necessarily exposed to the internet directly.

Jon also mentions some Bastion-style techniques for accessing infrastructure without needing to expose the bastion to the internet instead (e.g. AWS’s SSM).

Admin Admin Podcast #093 Show Notes – Coding up a storm

Al talks about the change from working for an MSP to working directly with teams of developers, and being part of a DevOps team. Al mentions helping them deploying code to Azure Functions (among other Azure technologies), using Azure DevOps.

Al also talks about using version control (using Git), and their Branching Strategy.

Stu mentions other stages of CI/CD to look at like Integration Testing and Feature Flags. He also mentions Canary Releases, related to Testing in production. Jon also mentions Blue/Green Deployments.

Jon mentions Observability of your applications and infrastructure.

Al mentions a Youtube channel that has interviews with DevOps/SRE professionals.

Al asks about tracing, and Stu explains why tracing and telemetry is becoming more important now that applications are being split into containers ("Microservices architecture").

Al asks about Jenkins, Stu mentions about the popularity of Jenkins. Jerry mentions how Jenkins being central to your deployments can be a problem, given how much access it often has to your estate.

Stu also mentions about the Jenkins plugin architecture, and how that there is almost always a plugin available for Jenkins to achieve a task, but it can make managing Jenkins a problem (dependencies can become an issue). He also mentions his preference on how to use Jenkins.

Stu mentions ArgoCD for managing Kubernetes deployments.

Jerry mentions the Groovy language, which is used to configure Jenkins jobs and pipelines.

Al mentions getting into coding as part of his job, and learning Python as well.

Jon mentions that he has started learning is NodeJS. He has worked with PHP in the past.

Jerry mentions Data Structures and Control Flow statements like for loops, while loops and more.

Stuart mentions the Binary Search (incorrectly referred to as a Binary Tree), which is more generally known as the Divide-and-conquer algorithm.

Stuart mentions learning Go, coming from using Python previously. He mentions the initial struggles with Types, but appreciating them eventually. He also mentions the advantages of Golang producing single binaries, and how prevalent Golang is in the industry.

Jon mentions "Duck Typing", as well as Hack, a typed version of PHP.

Jon also mentions how Javascript deals with "Duck Typing", shown a video called Wat.

Stu mentions Python now having Type Hints, which gives Python a more comprehensive type system.

Stu mentions Syntax Highlighting and Intelligent code completion. Editors/IDEs like Visual Studio Code or IntelliJ have this inbuilt, Stu mentions using coc.nvim with ViM and NeoVim for this.

Jerry talks about client side and server side rendering for applications. Stu makes reference to a Bad Voltage episode that mentions this too.

Jon mentions that you can open up the JavaScript console in web browsers, and potentially opens up security issues. Jon also mentions a talk from Stuart Langridge about client-side rendering and Javascript in general.

Jon also mentions Unhosted applications.

Al asks about Domain-Specific Languages. Jerry mentions tools like Terraform and Ansible that use them for declaring resources/tasks and more.

Stu also mentions Hashicorp’s HCL, that was heavily inspired by libucl, which in turn was inspired by the configuration for NGINX.

Admin Admin Podcast #091 Show Notes – A Comedy of Errors

Jon brought Nick "Mohclips" into the podcast to talk to us about some of the things he does.

Nick talks about "Gold Images" – and mentions that he’s created images because of issues of provenance. He mentions docker containers holding cryptocurrency miners. We agree that you should check the images you’re downloading are coming from the vendors of those images, as it’s not just on Docker, there are also issues with at least AWS (Amazon Web Services) public AMIs (AWS Machine Image) and Azure public VM images too.

We also discuss CIS (Center for Internet Security) hardening guides and Nick mentions that he uses Ansible to implement the controls. Jon mentions an interview with Jeff Geerling to quote some numbers of Ansible Modules.

We talk a bit about Ansible 3, and Collections which are formally introduced in this release.

We talk about Semantic versioning, and explain about how movements in version numbers should explain why you would move between one major version number and the next, or between a major.minor version number, or between a major.minor.patch version number and the next.

Next Nick talks about ServerSpec, a set of RSpec tests for servers and Jerry suggests that Nick might be talking about Inspec instead. Jerry also mentions Molecule which is similar. Jerry asks whether Nick uses a CI/CD (Continuous Integration and Continuous Delivery or Continuous Deployment) system. Nick explains why he doesn’t.

Nick mentions he’s a "Lazy Engineer". Nick also mentions Kanban boards in passing.

Jerry talks about Netdata. Stu talks about Pulumi. Jerry talks again about Tinkerbell which was linked to from DevOps Weekly. Stu mentions that Tinkerbell was also mentioned on an Equinix Metal blog post which also covers quite a bit of Pulumi too.

We’re a member of the Other Side Podcast Network. The lovely Dave Lee does our Audio Production.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.