Current work project is microservices architecture out of 4 - 8 components.

It is fully Infrastructure as a Code automatized. I just change somewhere code, git pushing

And it automatically invokes Gitlab CI, terraform, ansible, kubernetes helm charts.
Auto checking itself with unit and integration tests in autoredeployed staging env. Then it saves tested results to docker registry and asks for one button verificating click to be rereleased to prod.

I just go for drink or eat food. While all the stuff is happening.

And I am proud that all the infrastructure, backend and frontend I made on my own.

I don't need to remember how to Deploy it. It is all automatized

My department is focused solely on web development. Of course we are part of the major portion of I.T

The entire I.T department got acknowledged for a very important piece of software. That I wrote.
The ceremony in which we were being recognized did not listed MY department, no, they listed the ENTIRETY of I.T.

Thing is, if this product was not delivered, then I was told that the blame would be MINE (I am speaking as the head of my department) but apparently if it succeeded (which it did) it is to be attributed to people that were not even involved in the project.

My employees tried calming me down when I got upset, one of them stated that it was not even our department's effort, but mine alone. And yes, I was the one that developed the solution. By myself, with complete testing, staging, the whole works. Everything, developed by me. BUT my employees held the entire department down while I was behind close doors developing this solution.
I was fucking upset, more so because my director sent an email thanking the entire I.T department for this "win"
I asked him through or messaging service if he could point out to me who else was involved, since I did not know of anyone else that did absolutely anything in this process other than myself and my guys.

Maybe the output of my program was parsed by another I.T department and something happened from it, maybe the money generated by the application (obscene amounts of it btw) were used to add more to the infrastructure etc, who knows, but as far as I know, you cannot say "if this fails it is on you" just for them to later on thank people that were not involved in the project.

This is why I would gladly move on to a different field. I don't want to be patted on the back constantly, I know how fucking good I am at what I do. But if I do something amazing I do not want to see those efforts being given to someone else.

The dev world is usually a thankless industry, but if thanks are given, then I want the sole credit.

If I am winning or loosing I want the whole fucking credit and you can be any more gangstah than that.

Working for a startup:
"Two weeks? I'll build you the entire platform, draw illustrations, animate them and set up the infrastructure"

Working for a massive corporation:
"Two week sprint? Obviously a team of 10 people can't do more than just check the existing code."

Management has been promising we'd leave .NET framework for 2 years now. Never fucking happens. A new ASP.NET project was just started last week and yup, OF COURSE, its .NET Framework 4.8.

I'd even be happy with one of the earlier .NET Core versions at this point for fucks sake. I have no clue why tech leads are so happy to create a brand new project on a deprecated framework version.

And yes, I have checked thoroughly. Our whole infrastructure works with .NET Core onward. People are just too lazy to learn new stuff.

Stuff like switching to .NET 6, actually doing unit testing, improving our CI/CD pipeline, refactoring problematic codebases, etc. -> all this stuff is the kind of things they promise me I can work on later whenever I'm so bogged down with work that I'm looking for a light at the end of the tunnel. All empty promises.

Ideally we should be on .NET 6 since its LTS and just stay on the LTS versions as the year goes on.

I don't know how managers are planning deadlines and counting December as a full working month!

Most companies that I worked with, count either half a month or push the deadline until the end of January when the workforce is back but not here.

Our division manager has promised the customer that the production environment will be ready on the first week of January, without even consulting the team or checking the schedule like WTF!
The person responsible for setting the infrastructure was on vacation for 2 weeks and he didn't hand over the access to production or share the progress done.
Fast forward, the manager went to slack and pinged the whole company with full caps message that the production should be done today.

Fun times :/

Security!

Offensive and defensive at both code and infrastructure levels.

So many times I see devs not give a flying pancake about security. Whether it be rolling integers for sql injection or permission guarding to prevent someone executing something they shouldn't.

Why is security in this industry always the last thing to be concerned about when it's the first thing that's going to kill your business.

😓

Everyone and their dog is making a game, so why can't I?
1. open world (check)

2. taking inspiration from metro and fallout (check)

3. on a map roughly the size of the u.s. (check)

So I thought what I'd do is pretend to be one of those deaf mutes. While also pretending to be a programmer. Sometimes you make believe
so hard that it comes true apparently.

For the main map I thought I'd automate laying down the base map before hand tweaking it. It's been a bit of a slog. Roughly 1 pixel per mile. (okay, 1973 by 1067). The u.s. is 3.1 million miles, this would work out to 2.1 million miles instead. Eh.

Wrote the script to filter out all the ocean pixels, based on the elevation map, and output the difference. Still had to edit around the shoreline but it sped things up a lot. Just attached the elevation map, because the actual one is an ugly cluster of death magenta to represent the ocean.

Consequence of filtering is, the shoreline is messy and not entirely representative of the u.s.

The preprocessing step also added a lot of in-land 'lakes' that don't exist in some areas, like death valley. Already expected that.

But the plus side is I now have map layers for both elevation and ecology biomes. Aligning them close enough so that the heightmap wasn't displaced, and didn't cut off the shoreline in the ecology layer (at export), was a royal pain, and as super finicky. But thankfully thats done.

Next step is to go through the ecology map, copy each key color, and write down the biome id, courtesy of the 2017 ecoregions project.

From there, I write down the primary landscape features (water, plants, trees, terrain roughness, etc), anything easy to convey.
Main thing I'm interested in is tree types, because those, as tiles, convey a lot more information about the hex terrain than anything else.

Once the biomes are marked, and the tree types are written, the next step is to assign a tile to each tree type, and each density level of mountains (flat, hills, mountains, snowcapped peaks, etc).
The reference ids, colors, and numbers on the map will simplify the process.

After that, I'll write an exporter with python, and dump to csv or another format.

Next steps are laying out the instances in the level editor, that'll act as the tiles in question.
Theres a few naive approaches:

Spawn all the relevant instances at startup, and load the corresponding tiles.

Or setup chunks of instances, enough to cover the camera, and a buffer surrounding the camera. As the camera moves, reconfigure the instances to match the streamed in tile data.

Instances here make sense, because if theres any simulation going on (and I'd like there to be), they can detect in event code, when they are in the invisible buffer around the camera but not yet visible, and be activated by the camera, or deactive themselves after leaving the camera and buffer's area.

The alternative is to let a global controller stream the data in, as a series of tile IDs, corresponding to the various tile sprites, and code global interaction like tile picking into a single event, which seems unwieldy and not at all manageable. I can see it turning into a giant switch case already.

So instances it is.

Actually, if I do 16^2 pixel chunks, it only works out to 124x68 chunks in all. A few thousand, mostly inactive chunks is pretty trivial, and simplifies spawning and serializing/deserializing.

All of this doesn't account for
* putting lakes back in that aren't present

* lots of islands and parts of shores that would typically have bays and parts that jut out, need reworked.

* great lakes need refinement and corrections

* elevation key map too blocky. Need a higher resolution one while reducing color count
This can be solved by introducing some noise into the elevations, varying say, within one standard div.

* mountains will still require refinement to individual state geography. Thats for later on

* shoreline is too smooth, and needs to be less straight-line and less blocky. less corners.

* rivers need added, not just large ones but smaller ones too

* available tree assets need to be matched, as best and fully as possible, to types of trees represented in biome data, so that even if I don't have an exact match, I can still place *something* thats native or looks close enough to what you would expect in a given biome.
Ponderosa pines vs white pines for example.

This also doesn't account for 1. major and minor roads, 2. artificial and natural attractions, 3. other major features people in any given state are familiar with. 4. named places, 5. infrastructure, 6. cities and buildings and towns.

Also I'm pretty sure I cut off part of florida.
Woops, sorry everglades.

Guess I'll just make it a death-zone from nuclear fallout.

Take that gators!

At the institute I did my PhD everyone had to take some role apart from research to keep the infrastructure running. My part was admin for the Linux workstations and supporting the admin of the calculation cluster we had (about 11 machines with 8 cores each... hot shit at the time).

At some point the university had some euros of budget left that had to be spent so the institute decided to buy a shiny new NAS system for the cluster.

I wasn't really involved with the stuff, I was just the replacement admin so everything was handled by the main admin.

A few months on and the cluster starts behaving ... weird. Huge CPU loads, lots of network traffic. No one really knows what's going on. At some point I discover a process on one of the compute nodes that apparently receives commands from an IRC server in the UK... OK code red, we've been hacked.

First thing we needed to find out was how they had broken in, so we looked at the logs of the compute nodes. There was nothing obvious, but the fact that each compute node had its own public IP address and was reachable from all over the world certainly didn't help.
A few hours of poking around not really knowing what I'm looking for, I resort to a TCPDUMP to find whether there is any actor on the network that I might have overlooked. And indeed I found an IP adress that I couldn't match with any of the machines.

Long story short: It was the new NAS box. Our main admin didn't care about the new box, because it was set up by an external company. The guy from the external company didn't care, because he thought he was working on a compute cluster that is sealed off behind some uber-restrictive firewall.

So our shiny new NAS system, filled to the brink with confidential research data, (and also as it turns out a lot of login credentials) was sitting there with its quaint little default config and a DHCP-assigned public IP adress, waiting for the next best rookie hacker to try U:admin/P:admin to take it over.

Looking back this could have gotten a lot worse and we were extremely lucky that these guys either didn't know what they had there or didn't care.

In my current company (200+ employees) we have 3 guys who deals with everything related to service desk (format computers, fix network issues, help non-tech people...)

The same team is responsible for the AWS accounts and permissions, Jenkins, self hosted Gitlab... anyway, DevOps stuff.

Thing is: only one of them have enough DevOps background to handle the requests from the engineering team (~15 people). Also, he usually do anything "by hand" clicking trough the AWS interface on each account, never using tools like Infrastructure as Code to help (that's why I started to refer to his role only as Ops, because there's no Dev being done there).

Anyway... I asked my manager why that team is responsible for both jobs, despite the engineering guys having far more experience with those tools. He answered with a shamed smile, as he probably questioned the same to his manager:

- Because they are responsible for everything related to our Infrastructure.

Does it make sense for anyone? Am I missing something here? In what universe this kind of organization is a healthy choice?

Any senior types out there find that you’re losing your coding “chops”? I’m involved in so many OS/Middleware upgrades, infrastructure upgrades, status meetings that I can’t code to save my life anymore. I can review and guide design, but I struggle to generate new code. I can get a new dev going really quickly though - is this just a natural progression or is it game over for me? I feel like if I had to get another job, I’d be very unsuccessful. They call me a leader, but I think I’m just a slave.

Thoughts on forced emergency support?

I am with a company I generally like a lot but there are some things I generally despise about it. Like forced emergency support.

I am not good at it, I don't claim to be.. I generally struggle with anxiety, stress and depression, I specifically avoid roles that require on-call service .. I'm a senior level software engineer.

I find it very frustrating to be expected to be on-call from 7-7 in support of infrastructure I did not architect, did not code and basically know nothing about. They provided me with a ten minute discussion about ops genie and where to find internal support articles for my training and that's about it.

Last night I received an ops genie alarm and acked it as I was instructed to do, I went around the system looking for the alarm cause and basically had no idea what to do except watch our metrics graphing praying there wouldn't be an outage. Fortunately the alarm was for our load balancer scaling operation, it was taking a bit longer than usual ... Sigh of relief. Stay up til 6am and fall asleep..

Wake up to a few messages from various people asking why I didn't do this and that and it took me every inkling of my being to remain cordial and polite but I really just wanted to scream and say a bunch of shit that would probably get me fired.

What the actual fuck?

Why expect someone that has no god damn clue what they are doing to do something like this? Fuckin shit training and no leadership to mentor me and help me get better at this role, no shadowing, no regiment ..

#confused and #annoyed

Thoughts? Am I a bitch? Is it unreasonable for me to expect my job duties stay in line with what I'm actually good at!?

Thanks.

!rant

Sometimes I think about packing up my bags and just going into security consulting just to get away from the world of being an infrastructure anarchist for software companies that are overvalued "Export to Excel" generators.

Fuck the idiots yelling monopoly and use that that bullshit execues to justify a system should be changed after a couple of years by a new company.

Especially when its a new banking system that is so poorly developed due to a critical archichical design failture on the authorization layer, resulted in on when a lot of people login at once you had a chance to get someone else session informations instead of your own.

Just being so insecure in general. And dont get me started on how unstable the banking system infrastructure is.

But hey at least the it isnt a monopoly anymore by paying a new company a double digit million amount to develop a new banking system after a couple of years after the last system were developed.

The amount of energy spent to just write ‘Hi’ and click a send button is so big that we should consider banning of sending hi messages.

Instead of just saying “Hi!” we are now using analog to digital preprocessors that convert it to bunch of 0 and 1 to send it over communication layer and deliver it to other human being that will convert it from digital to analog by reading it but that is simple.

By sending message using phone we also:
- save it to local phone
- convert it to couple protocols
- transmit it over air so make connection to internet provider services that would generate logs on this provider as well as whole routing table before it gets to the target person
- save it on messaging provider disk
- probably be processed by filters by provider, sometimes be reviewed or listened by third parties and also processed in bulk by artificial intelligence algorithms
- finally delivered to target phone and saved there where that person would just change this text to their inner voice and save it
- sometimes encrypted and decrypted
- sometimes saved on provider
- sometimes saved on phone manufacturer cloud backup
- don’t get me started on people involved to keep this infrastructure in place for you just to say hi

There are also some indirect infinite possibilities of actions for example:
- emit sound and light that can lead to walking from one room to other
- the floor in your house is destroyed cause of it so you need to renovate your floor
- sound can expose your position and kill you if you’re hiding from attacker
- sound can wake you up so you wake up in different hours
- it can stop you from having sex or even lead to divorce as a result simple hi can destroy your life
- can get you fired
- can prevent from suicide and as a result you can make technology to destroy humans

and I can write about sound and light all day but that’s not the point, the point is that every invention makes life more complicated, maybe it saves time but does it really matter ?

I can say that every invention we made didn’t make world simpler. The world is growing with complexity instead.

It’s just because most of those inventions lead to computer that didn’t make our world simpler but made it more complicated.

In August 2021 I asked my bosses for a raise for my extra work that I done for the last 6 months to create the first 4 microservices in the company and deploy them in production on a new infrastructure that is cloud based.
Today 27/01/2022 they reported how happy they are of me and that they will take my proposal *in consideration*.
Now i am searching for a new job.

Funny part: I am simple guy if they would have given me a NAS from Synology with lot of space as a reward I would actually have been happy.

P.S. jokes on them, i left 4 easter eggs hidden in the app, pipeline, db and user manual.

Get 4 certifications: AWS cloud architect associate, CKA, RHCSA, RHCE... Start working towards RHCA in infrastructure

I did not think that making a serverless Discord bot would be such a learning experience. The code itself was easy. The hard part was the infrastructure, because I decided to automate it all with Terraform and deploy it on AWS.

Before this project, I had no idea how API Gateways worked. Now I still have very little idea how they work but I managed to build one anyway. Eventually. And then I had to figure out how to automate the deployment of a lambda layer and function that would both still be managed in the Terraform state, with any code changes triggering a rebuild and update for the resource.

And then I had to untangle a dependency mess because API Gateways have some weird issues where two resources that have no explicit dependencies on each other will throw an error if they don't deploy in the right order.

And then I went the wrong way with Github actions trying to conditionally chain multiple workflows together before I realized I could just put multiple jobs with conditions in a single workflow.

And now after all that work over the course of 2 days, I have a bot that does this:

Few things hack me off more than devs who can't be bothered to do a task properly, so just submit some random crap as a PR that looks half correct at some surface level in the vague hope it gets approved.

This team is about creating decent, tested, reliable, resilient backend infrastructure, and we need to trust devs in order to do that. If you want to pull the half-arsed, do as little as possible and get paid as much as possible approach then sod off to higher management somewhere.

Infrastructure took away our read access in S3 to data that we own and our ability to manually delete/upload to S3 in that prefix (which we own). Without waiting for us to confirm that we have alternative means to read and change what is in there. And I had no warning about this, so here I am doing a midnight mod on an existing solution of mine in hopes that I can finish it before tomorrow morning for some legal reporting deadline.

Things would be so much easier if the infrastructure team let the emergency support role have those permissions for emergencies like this, but they didn't. I guess "least privilege" means "most time spent trying to accomplish the most trivial of things, like changing a file".

client: "can you build out a staging server for us? here's all the code, everything you need"
me: "awesome, looking good, i have almost everything i need, just give me the credentials for the server, and I'll get started installing all the infrastructure"
client: "ok, try these!"
me: "doesn't work"
client: "this one?"
me: "doesn't work..."
client: "how about this one?"
me: "STILL NOT WORKING!!!"

imagine you want someone to do stuff on your server and you don't even know the root SSH password.... smh

why is this always a problem, use fucking 1password or something its 40 bucks a year, secure, and you can organize alllll your passwords. don't be a fucking boomer and write them on a piece of paper, or worse, apparently like my client, never know it or have it in the first place.

On the topic of having to make decisions as a dev that shouldn’t be made (solely, at least) by devs…

There’s a lot to like in my current work environment: I enjoy being around my colleagues, I get to do a variety of tasks, and many of them interesting to me and/or great learning opportunities, the pay doesn’t suck and so on… there’s also not much pressure put on the dev team from other parts of the organisation. The flipside of the coin is that nobody who should express some kind of vision as to how we should develop the product further does so.

Me and my fellow devs in the team are so frustrated about it. It feels like we’re just floating around, doing absolutely nothing meaningful. It’s as if the business people just don’t care. And we are the ones ending up deciding what features to develop and what the specs are for those etc. and I really don’t think we should be the ones doing that.

One would think that’s a great opportunity to work on refactoring, infrastructure, security and process improvements and so on - but somehow we get bothered just enough by mundane issues we can’t get to work on those effectively. Also, many of the things we’d want to do would need sign-off from the management, but they are not responsive really. Just not there. Except for our TM, but they don’t have the power neccessary… at least they are trying tho…

Started new contract recently, their main product is aiming to be some kind of automation holy grail for business, basically low code nonsense integrating with most of the industry standard tools like sap or confluence. Their entire infrastructure is setup manually, slowly transitioning from on premise to AWS. No infra as code, no playbooks, not even scripts, just "engineers" painstakingly clicking the UI. They don't seem to see the irony of being automation company that doesn't use automation, but I'm having a good laugh at least.

I find still very funny that Desktop outlook (So Microsoft) doesn't support MFA from Office 365.

I'm kind of tired to tell user go and geerate "app specific" pass which bypasses MFA.

Specially when even default Windows 10/11 mail client supports MFA just fine and fucking faster than outlook.

This is the part of my job I hate : Administrating users, search how to make thier PC/MAC work (Btw Mac client does suppoort MFA ironicly).

Can I just get back to Infrastructure, redis caches, step in Q# ? .

Question for my fellow devs:

Do you feel like you are spending too much time on maintaining ur devops/infrastructure rather than focusing on the actual product?

Do you think your company would be willing to spend a bit of money to outsource scaling problems to someone else and just focus on the product?

Ik we got lots of fancy new CI platforms like Circle CI GH actions etc but like I personally feel like I’m doing certain infrastructure tasks twice when I look at the two different codebases I work on.

Somebody: (whinwy) we need something to log into nonprivileged technical accounts without our rootssh proxy. We want this pammodule pam_X.so
me: this stuff is old (-2013) and i can't find any source for it. How about using SSSD with libsss_sudo? Its an modern solution which would allow this with an advantage of using the existing infrastructure.
somebody: NO I WANT THIS MODULE.
me: ok i have it packaged under this name. Could you please test it by manipulating the pam config?
Somebody: WHAT WHY DO I NEED TO MANIPULATE THE PAMCONFIG?
me: because another package on our servers already manipulates the config and i don't want to create trouble by manipulate it.
Somebody: why are we discussing this. I said clearly what we need and we need it NOW.

we have an package that changes the pam config to our needs, we are starting to roll out the config via ansible, but we still use configuration packages on many servers
For authentication as root we use cyberark for logging the ssh sessions.
The older solution allowed additionally the login into non-rootaccounts, but it is shut down in the next few weeks after over half an year of both systems active and over half an year with the information that the login into non-privileged accounts will be no more.

Leave it to an investing company 'dUe DiLigAnCe' document to list the following requirement:

"Schema of computing infrastructure setups for development, testing, and production"

Ah yes, the highly technical and well-known term of "schema of computing infrastructure"

God I hate business people, so clueless

BRB going to start my own business and make real money. if these neanderthals are top investors, i can be too

I am proud of my internet infrastructure/setup.

While it's not the best and has some room for upgrades, it's still pretty powerful and well managed.

And my house looks like an abandoned warehouse as compared to my internet setup.

What do you use for automating infrastructure? I'm thinking tools like Ansible, Terraform and Chef

I feel like I need a slap in the face here: My team can’t agree on a platform for our apps (Windows/.Net or Linux/Java Middleware/Java). So we have apps all over the place, and our team is fractured. Support is a mess, and I’m caught in the middle because I’m the only one willing to try to keep all these systems upgraded (our infrastructure team refuses to work with anyone except me on our team because I just shut up about my platform beliefs and get work done). I’ve pitched trying .Net core on Linux although I know very little about that. We have no technical challenges that require one platform over another - these are simple business apps. I think our architects should force one platform. Am I nuts? Maybe it’s time to look for another career if this is the new norm.

ik i already bitched about this but

"gitlab - a complete devops platform"

NO! NO YOURE FRICKIN NOT!

are ppl using gitlab as infrastructure and having to hire ops ppl to keep it up? is there more to this bug ridden, 9 year open, 12 year closed w/o solution, hey we better work on wording things to help ppl 'feeeeel' better instead of doing real work, excuse for a ci/cd system doing something major i'm not aware of and competing with aws/gcp/azure or bare metal chef and puppet instances? *deep breath*

im ok...im fine