S3E8: "When You Have to Swing Both Ways"

Posted
Comments 0

Navigation
Previous EpisodeNext Episode
Log
Recorded (UTC) Aired (UTC) Editor
2018-06-07 02:54:59 2018-06-17 00:00:12 "Edita"
Verification
Format SHA256 GPG Audio File
MP3 d9fab22c9ce85f6bde15d35e1456b3528cca6f2b5272c5128796129f659c9bb6 click click
OGG a713fd42e9781c8c596996cdebc3c59a60ca902e80bc95e74c8466b52dcdc32b click click

We talk about administration of systems in a cross-platform/cross-OS fleet. Jthan poses a question about evaluating software for deployment.

News

Notes

Starts at 23m40s.

I was drinking Jefferson’s Reserve again. Paden was drinking water. Jthan was drinking Dogfish Head’s SeaQuenched Ale.

  • Nosbig from our IRC channel told us about Gogs, a Go-based git server (alternative to Gitlab)
    • We will trial/review Gogs, Gitea (a fork of Gogs), and I’ll be additionally reviewing Gitlab for comparison of all three.
    • Jthan then brings us into a discussion on how to determine whether software is mature enough for deployment to your production environment.
      • I usually do it by finding out how long the project has been “in the open” – first release, first commit, etc.
      • Then I look at how many Google search results the name of the project turns up to get a rough idea of how common it is. One could theoretically utilize Google Trends to get a better idea of this.
      • Then I glance through the documentation — is it well-written, in-depth?
      • Then you look at their bug tracker/issue tracker to get an idea of how quickly they respond to issues, the oldest open issue, how many issues are open vs. closed, the severity of issues that were opened, etc.
      • Then I build a POC to see how the software “feels” to deploy.
      • Jthan doesn’t deploy much new software (hence bringing up the topic in the first place).
  • Cross-platform administration/mixed fleets (34m10s)
    • Powershell is opensource and can be compiled for Linux.
    • You can extract SSH keys in Windows’ built-in SSH system.
    • You should strive to “write [scripts] once, [and they should] run everywhere”.
      • Python is recommended over Powershell or bash/sh/ksh/etc. as it’s more widely supported cross-platform (and even allows platform-conditional logic). See the table below for which distros/operating systems contain a python installation by default and what version.
      • Powershell on Linux is mostly useful for remotely interacting with Windows boxen.
      • Applescript is probably ideal for macOS servers. Or bash.
      • For the BSDs and more traditional unices, stick to Bourne SHell conventions (“sh”, NOT Bourne Again SHell — BASH).
    • WSL or Cygwin can help greatly in “closing (some of) the gaps”…
    • Active Directory/LDAP/etc. help a LOT, but they aren’t perfect.
      • FreeIPA can help a lot with this.
    • As Jthan mentions, configuration management systems (which we talk about more in S0E6 and S0E15.

Default Python Distribution

If multiple python versions come installed, the default (e.g. /usr/bin/python) is in bold. These are based on a freshly-installed OS with no modifications/updates applied.

Python Availability/Versions
OS/Distro Python included in base install? Version(s)
Arch N
CentOS
(7.5, Minimal; incl. RHEL equiv.)
Y 2.7.5
Debian
(9.4.0, only SSH Server and Standard System Utilities enabled)
Y 2.7.13, 3.5.3
FreeBSD
(11.1)
N
Gentoo
(Found directly from systemd stage3 tarball)
Y 2.7.14, 3.5.5
macOS
(10.13)
Y 2.7.10
NetBSD
(7.1.2)
N
OpenBSD
(6.3)
N
openSuSE
(Tumbleweed, Server)
Y 2.7.15, 3.6.5
Ubuntu 18.04 LTS
(Server)
N
Windows
(10, build 1703)
N

Sysbadministration Award

In this segment, we highlight system administration mistakes. Think of them as the IT equivalent of the Darwin Awards. (1h4m50s)

MyHeritage, a consumer DNA sequencing firm, has suffered a breach of over 92 million accounts.

Errata

  • Jthan is a “modern cowboy” because apparently on a steel horse he rides.
    • I think he’s not a cowboy at all.
    • I bet he’s never even branded a calf.
    • But he’s probably had a bear brand him.
  • I totally forgot to tweet about SELF. Oops.
  • Guido von Russum wrote Python for Unix/C hackers.
  • Jthan never got back to me as to what the tool was that “lets you access config files like the Windows registry”.
  • I just checked – SuSE (or, openSuSE Tumbleweed Server edition, at the very least) does in fact use Btrfs by default.

Music

Music Credits
Track Title Artist Link Copyright/License
Intro Between Meydän click CC-BY 4.0
Outro Drag Chain Steve Combs click CC-BY 4.0
(All music is royalty-free, properly licensed for use, used under fair use, or public domain.)

Author
Categories

Comments

There are currently no comments on this article.

Comment...

Enter your comment below. Fields marked * are required. You must preview your comment before submitting it.