Category Archives: Show Notes

Admin Admin Podcast #092 Show Notes – Cloud Native Master of Puppets

We’re without Al again this episode, but we carry on regardless!

Stu talks about Puppet which is a configuration management system, comparable to Ansible, Salt Stack or Chef.

Like Chef and Salt, Puppet is predominently agent based, where the agent is installed on the endpoint, and it calls out to a central server, every X period of time (Jerry mentions 30 minutes at one point in the show, while Stu says 15 minutes) to get the state the device should be in, and it then tries to remediate all those items which are not compliant with the state.

Puppet is more like Chef than Ansible or Salt in that it uses a Ruby “Domain Specific Language” (or DSL) to define the configuration of the node, rather than YAML.

We then get into a more general conversation about configuration management software, including talking about how Salt Stack allows you to create entire tasks and variables using jinja2 templates, and Jon mentions he did something like this with Ansible variables. Jon mentions seeing a video from an early PuppetConf where a member of the board (he thinks the CTO) decided to learn Puppet by wiping and reinstalling his machine every day using Puppet. Sadly, he can’t find this video now, and would appreciate listeners pointing him to that video, if they can find it!

Jon talks about Architecture Decision Records (or “All” Decision Records) writing bash scripts, and using BATS to perform unit testing of bash files. He also mentions that it’s possible to “mock” specific commands in BATS.

Lastly, Stu proposes we talk at about using Cloud Native services in AWS, Azure, etc. versus using Infrastructure as a Service. A series of specific services on AWS and Azure are mentioned. We talk about how vendor-lock-in can occur and some of the things you can do to help prevent that. Jon mentions the books “The Phoenix Project” and “The Unicorn Project” by Gene Kim which discuss the idea of “Core” services (which make money for the company or project) and “Context” services (which don’t, and can be outsourced.) We also talk about the issues involved in not transforming your services when you “Lift and Shift” services into a cloud service.

We’re a member of the Other Side Podcast Network. The lovely Dave Lee does our Audio Production.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #091 Show Notes – A Comedy of Errors

Jon brought Nick "Mohclips" into the podcast to talk to us about some of the things he does.

Nick talks about "Gold Images" – and mentions that he’s created images because of issues of provenance. He mentions docker containers holding cryptocurrency miners. We agree that you should check the images you’re downloading are coming from the vendors of those images, as it’s not just on Docker, there are also issues with at least AWS (Amazon Web Services) public AMIs (AWS Machine Image) and Azure public VM images too.

We also discuss CIS (Center for Internet Security) hardening guides and Nick mentions that he uses Ansible to implement the controls. Jon mentions an interview with Jeff Geerling to quote some numbers of Ansible Modules.

We talk a bit about Ansible 3, and Collections which are formally introduced in this release.

We talk about Semantic versioning, and explain about how movements in version numbers should explain why you would move between one major version number and the next, or between a major.minor version number, or between a major.minor.patch version number and the next.

Next Nick talks about ServerSpec, a set of RSpec tests for servers and Jerry suggests that Nick might be talking about Inspec instead. Jerry also mentions Molecule which is similar. Jerry asks whether Nick uses a CI/CD (Continuous Integration and Continuous Delivery or Continuous Deployment) system. Nick explains why he doesn’t.

Nick mentions he’s a "Lazy Engineer". Nick also mentions Kanban boards in passing.

Jerry talks about Netdata. Stu talks about Pulumi. Jerry talks again about Tinkerbell which was linked to from DevOps Weekly. Stu mentions that Tinkerbell was also mentioned on an Equinix Metal blog post which also covers quite a bit of Pulumi too.

We’re a member of the Other Side Podcast Network. The lovely Dave Lee does our Audio Production.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #090 Show Notes- Rise and Shine

 

Al is using remote state in Azure using Azure Blob Storage.

John mentions terraformer using this to import infrastructure into the tfstate file.

Jerry mentions using “terraform import” to import Azure Resources.

Al ask about output.tf.

John mentions his blogpost.

Al mentions the youtube channel he’s been following for Tutorials about Terraform.

Jerry mentions that Centos 6 EOL was November 30th 2020 and Ubuntu 16.04 will be on April 30th 2021.

Al mentions the Naming vs Tagging blog post.

Al mentions that he now using unraid for his nas. Jon mentions following this 2.5 admins podcast episode.

Admin Admin Podcast #089 Show Notes – Unexpected Depth

First episode of 2021! We’re in lockdown number 3 in England!

Jon admits to writing a private-only diary using WordPress (he doesn’t mention he also has a separate photo diary). Jerry mentions that another of his friends also has recently started a diary using WordPress, and suggests that maybe this is a new trend.

Jon is also Internet Famous due to a post he made on StatusNet in 2009 (mirrored to twitter) that got captured in the screenshot of a StatusNet client and posted to Wikipedia.

Jon wrote a post on his blog talking about how he got into his career. He would encourage anyone else to write something similar, particularly if they’ve taken an unusual route into their career!

Al asks the team what he should learn about. He talks about the tooling they’re using – BambooAzure DevOpsTerraformAnsible. We talk a bit about what Bamboo is, what a code pipeline entails, and how they’ve used it. Jon mentions that Lorna Jane Mitchell talks about moving from Travis to Github Actions on her Twitch Stream. We then drill into using Terraform modules.

Jon mentions about “Architecture Decision Records” and cites files in the gov.uk public repo as an example of this. It’s similar in principle to IETF RFCs. He found it via the Last Week in AWS newsletter issue 195 (which at the time of writing was only available to subscribers). He mentions the tooling (“adr-tools“) which you can use to write these records.

Al then asks where we find time to learn. We all talk about what we do, some at more length than others.

Al talks about being OK about being alone. He mentions about his life coach, the “Alonement” podcast, and the talk he gave at OggCamp about staying positive on a digital world.

Jon then reminds our listeners to check in with family, friends, colleagues and neighbours to make sure they’re OK.

Admin Admin Podcast #088 Show Notes – Speculative execution

This is a predictions show. To save you from being spoiled what the predictions are, there will just be some links to terms and articles mentioned in the show. The rules are inspired by the Bad Voltage accumulation of prediction rules revealed in episode 2×62. We make reference to the fact that in the most recent predictions review show (episode 3×19) the haggling for fractions of a point are unbelievable. It’s amazing 🙂

This had the impact of making some of the predictions being walked back…

So, with that, on to the terms of note:

Wrap up

We’re a member of the Other Side Podcast Network. The lovely Dave Lee does our Audio Production.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #087 Show Notes – Feedback Loop

In this bumper feedback episode we talk about line endings in files, OpenStack, secrets management, and protecting your network.

  • Iain asks:

    Hello all,

    I hear a lot about Openstack but whenever I try to find out stuff about it, I get vague buzzword-laden and vague comments from “evangelists”. Could any of you guys explain to an IT-literate but not a sysadmin end user, what the hell Openstack is?

    Stu explains what OpenStack is built for, where it’s often deployed these days, and some of the issues he’s seen with it.

    Jon talks about some of the components inside OpenStack, and how OpenStack upgrades can have issues.

    Jon and Stu talk about companies who were selling OpenStack distributions, and comparisons to Kubernetes.

    Jerry mentions that many of the problems OpenStack was created to solve are now mostly solved by Kubernetes. He also mentions that we discussed Kubernetes in Episode 51.

    Jon mentions Eucalyptus, nominally as an alternative to using AWS S3 or OpenStack Swift (the object storage module), but also mentions it could be used to virtualize some of the other services provided by AWS.

  • Al asked about “Dark Matter Engineering” which he’s heard about on Coder Radio. We presume it’s code that isn’t released into the public, or never gets any traction. We also discuss Linode and compare it to Digital Ocean as a result of the adverts run on Coder Radio.

  • Jay provides some feedback:

    Hi, in your last podcast someone mentioned having an issue with VSCode in windows always saying that files were all edited.

    What’s probably going on is a wrong setting for the core.autocrlf setting.

    You can fix it by opening powershell in windows and running

    git config --global core.autocrlf input

    https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration#_formatting_and_whitespace

    There are 3 settings, but I always recommend the ‘input’ one, as it converts everything to LF endings on commit, and checks out without modification.

    Also, you may be interested in a recent networking video series I made: https://jaytuckey.name/2020/10/18/how-websites-load-a-deep-dive-into-the-ip-network-stack-and-how-it-is-used-to-connect-to-a-site/

    Jon talks about how he’s got Microsoft’s Windows Subsystem for Linux (WSL) setup and how he organizes his “My Documents” directory structure. He mentions “Symbolic Links” to easily find Windows directories in his WSL environment.

    We also talk about Line Endings (CR – Carriage ReturnLF – Line Feed, CR+LF). Jon incorrectly recalls CR as ASCII character 10 (it should be 13) and LF as ASCII character 13 (it should be 10).

  • WIE E asks for help with Secrets Management in a Continuous Integration (CI)/Continuous Delivery (CD)/Continuous Deployment (CD) environment.

    Stu talks about GitlabHashiCorp Vault, and AWS IAM roles, which Jerry extends to include Azure System Assigned Identities. Jerry mentions that you can use your provisioning system to create a per-system key during a build, which never commit to your version control system.

    Jon mentions about protecting CI/CD/CD systems and references the exploit of a CI/CD system on the Matrix.org project.

  • Yannick asks:

    VPN: always on or not?

    How to protect the target network – i.e. does my machine becomes the weakest link in the network and what can/should I do to protect the network ?

    Jon talks about his views on always-on Client-to-Server Virtual Private Network (VPN) connections.

    Al mentions that he thought the question was talking about Site-to-Site VPNs, and Jon suggests that VPNs typically now auto-establish themselves when traffic is initiated from the “Encryption Domain” on one side of the network to the “Encryption Domain” on the other side of the network. Jon refers to IPsec Phase 1 and Phase 2 which are two stages of a VPN tunnel, dealing with the initial connection between the “left” and “right” sides of a VPN tunnel, and the connections between two encryption domains (subnets or hosts at either end of the tunnel). Jon also mentions about various encryption algorithms like DESTriple DESAES, and hashing algorithms like SHA1.

    Jerry quotes “Clarke’s Third Law“: Any sufficiently advanced technology is indistinguishable from magic.

    Jon mentions about the Diffie Hellman Key Exchange video, and then talks about browse-down management environments and references the National Cyber Security Centre (NCSC) End User Device security guidance for hardening machines. He also talks about segregating network segments for protecting trusted and untrusted networks, and then goes into “Zero Trust” networks, mentions “CASB“. Jon and Stu both talk about broadcast domains in a network, and how you can work around that.

    Jerry mentions about Bastion Hosts, and Jon explains why they’re not really a good idea.

    Jon butchers talking about User Behaviour Analytics (UBA) systems. He also mentions about a protocol break.

Wrap up

We’re a member of the Other Side Podcast Network. The lovely Dave Lee does our Audio Production.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #086 Show Notes – Committed to Cloud

The whole crew is back together for the first time in a while, talking about: Git commit hooks, Windows as a development environment, cloud network firewalls, and Azure DevOps.

What have we been up to?

  • Jerry started a new job, and he’s re-started using Windows 10 as part of his job after a few years of using OSX and Linux. He’s using Windows Subsystem for Linux (WSL). We talk a bit about the difference between WSL 1 and WSL 2, and comment about how WSL 2 uses Hyper-V and what that means compared to using VirtualBox or VMWare for virtual machines. We compare WSL 1 to a “reverse” WINE.
  • Stu mentions that you can’t run some network controls (like traceroute) with WSL 1 because some of the kernel calls are not available.
  • Jon notes that he used the terraform for Windows binary in WSL by mistake and couldn’t authenticate to AWS because he’d installed the AWS CLI for Linux. Installing Terraform for Linux and also putting the AWS configuration files into both the Linux expected path (~/.aws/config) and the Windows expected path (%UserProfile%\.aws) worked around this issue!
  • Jon then mentions using /etc/wsl.conf to configure mounting the Windows drives into WSL, and notes that you can configure it to permit POSIX style file permissions with this sample:
[automount]
options = "metadata"
  • Jon also creates a symbolic link between /mnt/c/Users/Jon/Documents and ~/Documents to “easily” get into the Windows paths that are backed up in Windows.
  • Jerry notes that he’s using the Windows version of Virtual Desktops. He’s also using the Microsoft Terminal application.
  • Al mentions that if you navigate to \\wsl$ in Windows Explorer, you can access the Linux file system from Windows Subsystem for Linux. Stu mentions he has this open in the left hand pane in Explorer all the time!
  • Al said he’s using Visual Studio Code (VSCode), and uses that to open Windows Subsystem for Linux, and he also mentioned that if you type in code in any path in WSL (or Command Prompt, for that matter [ed.]) it will open that folder in Visual Studio Code.
  • Jerry notes that he’s just moved to using VSCode, but has installed the Vim extension. Jon asks whether he’s installed the “Butterflies” extension, referring to an XKCD comic.
  • We talk briefly about using Git in VSCode, versus using it from the command line. Jon mentions a specific bug he has. Jon talks about the differences in line endings between Linux and Windows systems.
  • Al talks about using Azure DevOps with it’s pipelines. We talk about it’s history, and compare it to other products. Al mentions using Azure DevOps to trigger Terraform using PowerShell. Al also mentions using AWX (the open source upstream version of Ansible Tower), and having an agent for Azure Devops running on his AWX service.
  • Jon mentions the DevOps.fm podcast in the context of Azure DevOps. Stu asks about running PowerShell on Linux. Jerry mentions a Binary Times podcast episode where they interview the person, “dementor”/”the mentor” who runs the Powershell On Linux, Al mentions the Makers Corner podcast which also interviewed the same person.
  • Jon is writing Terraform to deliver 3rd party security appliances in AWS and Azure. He notes that most of the AWS appliances use a Transit Gateway to set this up. Jerry and Stu mention how they use Terraform Modules. Jerry mentions automating Jenkins with Terraform. Stu and Jon talk about using count and for each statements. Jon also mentions about defining which “providers” to use in the Terraform files. He also notes that you can get into a dependency loop if you have several modules with different provider files. Talking of Providers, Jon mentions using the “null” provider, but doesn’t explain what he uses it for.
  • Jon talks about Git hooks, and Jerry talks about a python project called pre-commit which can help to automate some of these pre-commit hooks, like calling a linter or a unit testing system (like ShellCheck) before the commit completes. Stu mentions using the GitLab Continious Integration (CI) system instead of using Pre-Commit hooks. Jon suggests when it might be preferable to use Pre-Commit hooks instead.
  • Stu mentions about SourceHut, which is an alternative to GitHub which uses email for patch sharing.
  • Al talks about using the Azure Firewall product, and Jon and Al drills down into how Azure Networking works. Jon then explains how High Availability events occur in AWS and Azure with 3rd party firewalls. Jon also mentions AWS Firewall Manager. Jon also mentions that Terraform and Ansible have code to write and amend AWS and Azure Firewall rules.

Feedback

  • We received feedback (although the source has now been lost) about how we pronounced “Oriented” as “Orientated”. These are both valid words in UK English and are interchangable in UK English.

Wrap up

We’re a member of the Other Side Podcast Network. The lovely Dave Lee does our Audio Production.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #085 Show Notes – Verbosely build your objects

No Jerry this time, but we do have Al back!

What have we been up to?

Feedback

  • Wayne (from the Binary Times podcast) contacted us to suggest that we’re not being very good at explaining what terms mean. We try to clear some of the terms up that we use!

Techniques for Rebuilding a machine using Post-Provisioning Tools (like Ansible)

  • Jon suggests a process of using Git on /etc/ and /home/<user>/ with Vagrant to test each stage of the build, and to see what files are changed by each action performed. Once you’ve got your build instructions based on that, you can use something like Ansible, SaltPuppet or Chef to apply pos-install statements.
  • Stu mentions using Chocolatey for installing packages in Windows. Jon mentions that using BoxStarter works well for automating Chocolately installs. He mentions using boxstarter paths which are currently not documented – https://boxstarter.org/package/<yourpackage> and https://boxstarter.org/package/url/?some_path_to_a_boxstarter_set_of_instructions.
  • Jon mentions the Ubuntu Server Vagrant Box file, and the Desktopify script written by Martin Wimpress. He also talks about provisioning Windows machines where Terraform renames machines and adds them to the Active Directory Domain.

Object Orientated Programming

  • Al wanted to know more about what Object Orientated Programming (OOP) is, as he’s started looking at ASP.NET and has previously only known Classic ASP. Jon talks about it from his previous PHP experience and perspective. Jon talks about when he used OOP in a previous role to perform network device backups. Jon mentions he’d used OOP in CCHits.net and the now defunct CampFireManager.

Wrap up

We’re a member of the Other Side Podcast Network. The lovely Dave Lee does our Audio Production.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #084 Show Notes – Git your stack here!

  • Al couldn’t make it for this recording cry
  • Jon broke his QNAP NAS with Debian. He doesn’t go into any details, and will leave it to another show (as long as he can remember what he did until then)!
  • Stu has been blogging, now on Consul, Saltstack and Prometheus on LOTS of different platforms.
  • Jerry started a new job. The CTO at his new firm is possibly a listener! His NAS has failed, and he’s building a ZFS mirror to move the data to. He used Syncthing to move the data off to another drive, and is using Backblaze to run a backup.
  • We discuss possible other uses of Syncthing, in particular, one YouTube creator talks about how he uses SyncThing for his video editing workflow (part 2).
  • Jon also mentions that he’s been watching some of Martin Wimpress’ YouTube channel, and in particular, the series where he created the Desktopify script for turning a Raspberry Pi Ubuntu Server image into a Desktop Flavour.
  • We talk about “Hashistack” (referring to the collection of tools released by Hashicorp, which are “Terraform“, “Packer“, “Consul“, “Vagrant“, “Vault” and “Nomad“). All the hosts provide summaries of how each of these tools work (except Nomad) and why you might use them.
  • We discuss using Git.
    • Jon talks about DangItGit (and a slightly more rudely named version of that site), and mentions a comic on XKCD about Git.
    • Then he mentions some of the things about git which may give it a bit of a bad name, like SubModules.
    • He also mentions that you can use “hooks” which are scripts that run before or after certain actions (like a commit or a push), and Stu talks about how he’s used that in the past.
    • Stu also talks about some of the tools in Github and Gitlab which are similar to hooks, that run when Github or Gitlab actions occur (like a pull/merge request being raised, or an issue being opened).
    • Stu also talks about CI/CD pipelines and Gitlab runners.
    • Stu and Jon talk about Pull Requests (Github terminology) and Merge Requests (Gitlab terminology). We all talk about Issues and Wikis within Github and Gitlab.
    • Jon talks about what a Fork is.
    • Stu reminds us that Git is not the only version control system, and that Subversion (SVN) is also out there. Jerry mentions CVS. Jon mentions Mercurial (HG) and we talk about where version control systems have come from.
    • We diverge into how Blockchain is similar to Git… and why it isn’t the same.

We’re a member of the Other Side Podcast Network. The lovely Dave Lee does our Audio Production.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #083 Show Notes – Parameterize This

  • Jon has reinstalled his QNAP NAS with Debian.
  • Jerry has been running Folding@Home with in his K8S environment.
  • Jon mentioned BOINC which he erroniously mentioned was what Folding@Home uses – it’s not, but there are other BOINC projects and that you can run, and that you can run BOINC on Android. You can’t run Folding@Home on Android.
  • Stu was blogging about managing Arista EOS with Ansible, and that he’s working on his next posts, firstly managing the MikroTik RouterOS in the same way, and also he’s looking at building a OpenBSD based equivelent too.
  • Al has been working with Terraform. He’s moving from using ARM templates to using Terraform Configuration Files.
  • Jerry suggests building a VM to a patched image, and then deploying the patched image instead of just building up a machine from a stock market image.
  • Al is doing something like that already.
  • Jon suggests some naming conventions with regards to Terraform configuration files. He also suggests using modules in Terraform. Stu and Jerry do the same thing.
  • Stu mentions that Terraform modules can be used with git tags.
  • Stu also suggests not provisioning EVERYTHING with the same directory of configuration files.
  • The team reviews the operations of the Terraform binary.
  • Stu mentions that Terraform has a lifecycle setting which may prevent accidental deletion of resources.
  • Al is also moving to using Ansible to post-provision the virtual machines.
  • Jon talks about how Ansible Tower and it’s upstream open source project, AWX, works, including scheduling, credential abstraction and the availability of web hooks.
  • Al talks about how he’s looking to use Ansible against his environment, and looks for some better practices in using Ansible.
  • Jerry suggests using inventory and roles. Stu suggests using tags to only run parts of the playbook. Jon uses conditionally included roles instead of using tags.
  • Jon explains about Ansible Galaxy, Roles and Collections, based on his attendance of a talk about the Ansible roadmap at Red Hat Summit. Stu mentions using ansible-galaxy to create role template directories.

Astute members of the community will notice that we’re now a member of the Other Side Podcast Network.

We want to remind our listeners that we have a Telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #082 Show Notes – The Four Amigos

TRIGGER WARNING: We mention the current Covid-19/Coronavirus situation a few times in the podcast, but without really going into any details about it.

We add Stu to our permanent line-up! Welcome Stu!

Al started a new job. He’s doing Agile working, with sprints and standups. They’re On-Prem and in Azure. He’s considering looking at Ansible with AWX to standardise their builds. He’s started using Slack, and noted that the company he works for uses Slack rather than Email for most conversations.

We talk about using GMail instead of Exchange. Jon mentions about a blog post talking about improving workflow in GMail following a comment in the Bad Voltage community slack.

Jerry mentions that Slack’s free plan has a limit on the number of messages you can recall. Stu mentions that his company were using Slack, but that they’ve started the migration to MS Teams. Jon mentioned that the backgrounds in Teams videocalls can be changed, or set to a blur. [New Path?]

Jon explains what CI/CD/CD stands for and explains what it can be used for. He also mentions that he wrote some AWX deployment scripts as part of a Gitlab and AWX demo which might be useful. He also mentions that he recorded a video about how AWX works.

Jon explains that he’s been writing documentation at work, and that outside work, he’s building a card playing game script that is based on the code he wrote for talk scheduling at OggCamp and inspired by the code he wrote for CCHits.net. Al also notes that Laravel is good for a PHP framework, and mentioned that Jon suggested it to him…

Al mentions playingcards.io as an alternative to writing his own game, and said he uses that to play Cards Against Humanity. Jon counters with houseparty.com .

Al then said that he’s using Git at work, which is the first time he’s using Git at work, rather than just in his personal life. Jon asks if Al’s signing his commits, and suggests using krypt.co to perform Two Factor Authentication (2FA) where you pair your phone to a browser and use the phone as the U2F authenticator, and it also has a mode where you can also pair the phone to enable signed git commits and use the phone as an separate SSH key provider too, if you turn the “developer” switch on in the phone app.

Stu talks about bypassing AWS network architecture moving to linux based routers, moving Prometheus/Consul into production, and why they’re doing that, and about some blogs he’s been writing about automating network products with Ansible. Jon talks about the Ansible modules moving out from Ansible core, and into Ansible Collections. Jon mentions looking at Nebula instead of changing the AWS network architecture, and explains how this works with NAT environments. He makes reference to a Pull Request he’s raised to add more documentation. We talked about Nebula in Episode 80.

Jerry has just got a new job, which is a permanent role, making a change from his previous freelance environment. Until that job starts he’s been writing some documentation on Disaster Recovery for sysadmin with VProtect, and also been looking at providing some support to a developer to provide configuration management tooling and new images with Packer [ ].

Al mentions that another podcast (the Mike Tech Show) had a question about using appliances that need IPv6, when you don’t have IPv6, like several of the hosts have with PlusNet. Jon used Hurricane Electric to create an IPv6 gateway. The downside to this was that the connection became much more flakey because you’re effectively using Hurricane Electric as a VPN provider. Stu mentions that this is likely to be because of “Happy Eyeballs“. We talked about Jon’s IPv6 gateway in Episodes 73 and 72.

Jerry mentions that he had an interesting situation because of his printer and was being detected on it’s IPv6 address, not on the IPv4 address. Jon makes some suggestions on alternatives using trunking or VLANs. We discuss how complicated our networks are, and what our partners/spouses will do if we’re not available in case of a disaster with that network.

We want to remind our listeners that we have a telegram channel and email address if you want to contact the hosts. We also have Patreon, if you’re interested in supporting the show. Details can all be found on our Contact Us page.

Admin Admin Podcast #081 Show Notes – Contain your enthusiasm

With the guys all back together, they talk about the Fully Automated Install (FAI) system, Kubernetes, and their recent projects.

Jerry mentions K3S – a simple Kubernetes (K8S) deployment, Jon mentions he’s reimaging Windows on his Laptop, and has been working on his AWX (he says Ansible Tower, but means AWX) install and configure Github Repo. Al has a new Job doing DevOps on Azure and mentions CI/CD (Continuous Integration and Continuous Delivery or Deployment) and Azure DevOps. The new job will be more Agile, and be working in Sprints.

Al talks briefly about SnapRaid and MergeFS. With the assistance of Stuart, who previously guest hosted, they have been building a dashboard for Prometheus with Node Exporter and Grafana that shows a lot of the automated tasks that Al previously received by email, and now he just has that as his opening tab on his browser.

Jerry talks about what he’s done with K3S. Jon mentions he also has done some stuff with K3S and that he has that published in a Git Repo. The Git Repo he’s created also includes a script to deploy to multiple machines and to include MetalLB to make K8S provide a load-balanced connection across multiple K3S nodes, without needing an external load balancer. MetalLB also lets you advertise addresses over BGP.

Jerry says that Plex can use multiple nodes to transcode. He also wants to mount persistent volumes with NFS, and so he’s experimenting with K8S to do this. Jon mentions Rook to do cross-cluster persistent volumes, and it can use Ceph to do that.

Al asks why use Kubernetes rather than Docker. Jerry and Jon give their viewpoints. Jon mentions a blog post called “‘Let’s use Kubernetes’, now you have 8 problems” and some courses on Pluralsight about the Container big picture, as well as deep dive courses on Docker and Kubernetes. Jerry mentions Podman.

Jon talks about the youtube video he recently recorded, and the inspiration for it, in a video by podcaster Chris Hartjes he found on Pluralsight. The video is about Vagrant, Ansible and Inspec. Alan Pope (@Popey from the Ubuntu Podcast and the User Error podcast) suggested publishing the video on Lbry too, which Jon did. Jon talks a little about Lbry. Jerry and Al talk about how they consume content, and Jon talks about his motivation (mostly because of a comment from Reggie from The Coolest Nerds in the Room Podcast).

We talk about a question from Yannick in the Telegram group, which is where he asks if we can advise on “Setting up a secure access to your home network : the bad way, the better way and the best way”. We talk about SSH, running VPNs (like OpenVPN) using PFSense, or using Raspberry Pis (using PiVPN). Streisand (which provides tools like IPsec with IKE, OpenVPN, OpenConnect, and Tor).

Jerry talks about FAI – the Fully Automated Install project that he has used at work as a tool to build Debian based systems and CentOS based systems.

We mention that we have a Patreon account, and encourage our listeners to join us in our Telegram group.