Before upgrading to Proxmox 6 you need to upgrade to Corosync 3. Here's an ansible playbook that will automate that…
We recently upgraded our network to 10 Gbit and were really hoping to see monumental speed increases in our ceph cluster.
One of our benchmarks was
pgbench and to say we were sad
would be an understatement…
There are lots of posts about setting up CD with Jenkins and Kubernetes but I haven't found any describing how to do it with Nomad and Gitlab.
So here's how I did it…
I also found the docs for
consul connect to be confusing. They don't
clearly differentiate the difference between the client and server
Some declarations that are worth stating explicitly:
consul aclneeds to be setup first, see consul acl for more info
- acl and intension are used somewhat interchangeably here
- client side
consul connectproxies can only talk to other
- client side
consul connectproxies can not talk directly to a service
- the docs explaining
- I'll use the term proxy to mean
- the term service refers to the actual service (eg. redis)
- the term server proxy refers to the proxy that connects to a real service
- the term client proxy refers to the proxy that clients connect to
Having said all that, service mesh sounds like they're worth having.
I found the otherwise great consul docs to be very obtuse and confusing and maybe even wrong.
I'm running these commands against my home setup which only has a single consul server. In a more realistic setup you'll need to duplicate the config changes on all your consul servers and then restart them one at a time.
The problem, and why I ignored it for several months, was that I don't know Go. The patch itself is crazy simple, just editing an html template. The problem is the Go environment. How do you build, how do you test, etc…
Anyhow… today was the day I'd tackle this… what could go wrong?
On Tuesday, December 11, 2018 I received a phising email, redacted version on pastebin.
Thankfully I used a unique password because there it was, in the clear. The unique password showed me that it was for http://osnews.com.
I reached out to them immediately and got a response promptly but it didn't mention anything about disclosure. So I then asked David if he was planning to tell his users about the breach and he replied he would by the end of the week.
Here's a snippet of his response:
The very old custom CMS that OSNews runs on hasn’t been meticulously updated, and it does appear that someone got ahold of our user data.
On Monday, with still no announcement I sent another email and asked again. David replied he would announce by end of day. Although several content posts have been added in the last week there has still been no announcement of the security breach.
So, after one week, I'm announcing for them.
- osnews.com has been hacked
- osnews.com kept user passwords in the clear
- those email/password tuples are now in the wild
Sometimes you don't have a
favicon.ico or it's not in your
404s in your debug output.
Here's how you can serve up a hard coded icon (or any file really) directly from django.
I got this transparent icon from transparent-favicon.info
wget http://transparent-favicon.info/favicon.ico base64 favicon.ico
I put this in my main project
urls.py but feel free to put wherever.
# project/urls.py def favicon(request): from textwrap import dedent from django.http import HttpResponse import base64 icon = """\ AAABAAEAEBACAAEAAQCwAAAAFgAAACgAAAAQAAAAIAAAAAEAAQAAAAAAgAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAA////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAP//AAD//wAA//8AAP//AAD//wAA//8AAP//AAD/ /wAA//8AAP//AAD//wAA//8AAP//AAD//wAA""" icon = dedent(icon) icon = base64.b64decode(icon) return HttpResponse(icon, content_type="image/x-icon") urlpatterns += [ url(r'^favicon.ico', favicon, name='favicon'), ]
I just installed pfSense 2.4.4 on an NVMe drive over IPMI with a (very important!) uefi cdrom drive.
I can also verify that trying to do this with pfSense 2.3 leads to tears and sadness.
Prometheus is really good at pulling metrics but it needs help if you want to test if a given host is up with a simple ping.
In this post I'll show you my config that gets a list of hosts from consul (plus some static hosts) and then ping them to monitor if they're up or not.
If a host goes down then fire an alert.