Sysadministrivia

Linux, Lagers, and Late Nights

S3E18: "Arousal (pt. 1)"

Posted
Modified
Comments 0

Navigation
Previous EpisodeNext Episode
Log
Recorded (UTC) Aired (UTC) Editor
2018-10-27 02:55:24 2018-11-04 17:44:18 "Edita"
Verification
Format SHA256 GPG Audio File
MP3 004732a381e667f0b3586e071222fbba7280fb8eadc325e519404aa19c129639 click click
OGG 394d207e8aee017663d008ebe90728d64c83723e3e8c51ddff613c5d24953eda click click
Quicklisten:

In this episode, Jthan and I (Paden was unavailable) talk about different ways of distributing workload based on role and hardware distribution.

The title is a complete misnomer but thanks to Jthan incessantly bringing up how aroused he was for me, it was obligatory.

News

  • Microsoft is implementing Google’s Retpoline fix for Spectre.
  • There’s been a libssh vulnerability discovered and reported in a Cisco advisory (as I believe they use it for certain components).
    • And boy howdy, is it a doozy.
    • Once again, this is not OpenSSH or any of its associated libraries, this is libssh — a standalone C library for the SSH protocol. Typically it is used for clients, but on the rare occurrence where it is used for a server (where this vulnerability occurs), it’s typically in embedded applications. And these.
  • A Russian greyhat (maybe?) hacker is patching MikroTik routers.
    • This isn’t as friendly a thing as you may think as there’s a lot of reasons why people would be rightfully upset at this, and we talk a bit about why.

Notes

Starts at 21m28s.

I was drinking green tea, water, and Porterhouse’s An Brain Blásta (and, by the way, it was AMAZING. SO delicious!). Jthan was drinking Boulder Bourbon.

  • Deploying hierarchy
    • Jthan brings up how this topic came up re: IRC and netsplits (thanks, atg and amayer!). I mention that per the RFC, it’s a non-flat leafnode/tree system of distribution.
    • Jthan talks about federated authentication (when he ACTUALLY means centralized, but more on that later).
      • He mentions Shibboleth (other alternatives are: Twitter’s auth (or any OAuth service), OpenID, etc.).
    • XMPP, Mastodon, and email are unfederated because they allow an organization to they themselves be the central authorized source of the service they use (within their “domain” or “realm”) while still interacting with other services in kind.
      • Federation, on the other hand, is a single external source through which multiple “client parties” can access that service.
    • Distributed systems are multiple servers working together segregated by role/purpose/goal. Non-distributed (“localized”, as I prefer) would be one server running all services/multiple roles.
      • As an example, distributed would be one or more servers handling databases, one or more servers handling webservers, etc. A localized server would run a database and webserver on the same instance.
    • Distributed:
      • Cons:
        • Basic cost (price)
        • Complexity
      • Pros:
        • Scalability
        • Flexibility (e.g. staggered patching)
        • Stability/collective uptime
    • Decentralized:
      • Cons:
        • (MUCH) more complex maintenance
      • Pros:
        • No single point of failure
        • Best practice, honestly.
    • Unfederated:
      • Cons:
        • Vendor lock-in
        • Not able to “wash your hands of it” — you are solely responsible for the hardware, updates, security, etc.
      • Pros:
        • Flexibility (patching, featureset, etc.)
        • Best practice, I’d argue.

Sysbadministration Award

In this segment, we highlight system administration mistakes. Think of them as the IT equivalent of the Darwin Awards. (46m0s)

Per our reporting it in the news last episode, Microsoft has deleted users’ personal data with a recent update.

Errata

  • The definition that William Gibson gives cyberspace is “a consensual hallucination experienced daily by billions of [users]”.
  • The last episode where it was just Jthan and I (officially, anyways) before we brought Paden on was S0E18.
  • The photo at HOPE that looks suggestive can be found here. It’s also available via the Sysbot command “!scandal”.
  • Jthan finally gave me a photo he said he would:
  • The “jiraphics” throwback is a reference to S0 shitshow.
  • The feature request I placed in Red Hat’s bugtracker for virsh and globbing/regex patterns is here.
  • The “jazzed” thing is this (from April 4, 2018; timestamps in EST):
...
12:05:06< r00t^2> also what's maxilaria
12:05:09< jthan> r00t^2: get jazzed 
12:05:15< jthan> r00t^2: maxilaria is a genus of orchids. 
12:05:16< r00t^2> NU PLZ 2 NOT JAZZ ON ME
  • …and is indeed a Sysbot command:
12:12:20 < r00t^2> !jazzed
12:12:21 <@sysbot> NUUUUUUUUUU PLZ 2 NOT JAZZ ON ME :(((((

Music

Music Credits
Track Title Artist Link Copyright/License
Intro Techno My EchoOo KidNNasty click CC-BY-SA 4.0
Outro My Algo2 Yan Terrien click CC-BY-SA 4.0
(All music is royalty-free, properly licensed for use, used under fair use, or public domain.)

Author
Categories

Comments

There are currently no comments on this article.

Comment...

Enter your comment below. Fields marked * are required. You must preview your comment before submitting it.