Joined devRant on 10/29/2016
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Hi lil puppies what's your problem?
Have you eaten something wrong....
*proxy happily eats requests and answers correctly*
Hm... Seems like you are...
*proxy vomits dozen of requests at once*
... Not okay.
Ok.... What did u you get fed you lil hellspawn.
TLS handshake error.
Thousands. Of. TLS. Handshake. Errors.
*checking autonomous system information*
Yeah... Requests come from same IP or AS. Someone is actively bombing TLS requests on the TLS terminator.
Wrong / outdated TLS requests.
Let's block the IP addresses....
*Pats HAProxy on the head*
*Gets more vomit as a thank you no sir*
I've now added a list of roughly 320 IP adresses in 4 h to an actively running HAProxy in INet as some Chinese fuckers seemingly find it funny to DDOS with TLS 1.0... or Invalid HTTP Requests... Or Upgrade Headers...
Seriously. I want a fucking weekend you bastards. Shove your communism up your arse if you wanna have some illegal fun. ;)12
You know the configuration sucks if it's a one file, 10 K lines nginx reverse proxy configuration.
But what really really really sucks....
If the person who wrote it was a google craptastic copy pasta ninja.
For fucks sake, if you don't know what you are doing, just stop.
I've had this in so many rants, it's terrifying how many devs seem to be completely unaware of what they're doing Oo
This time, fuckwad ignored the basic principle of NGINX configuration: set the HTTP version for the proxy.
It's by default HTTP 1.0 - as HTTP 1.1 requires a Host Header _which you must set if not already present_.
The fuckwad had all kinds of scary optimizations enabled. Literally a bukkaka (not a typo) of <way too high value> and <too obscure configuration value that cannot apply here>.
But the most trivial thing, enabling HTTP 1.1 and keepalive. Nope.
Not in it.
It's funny how fast NGINX can be without the bukkaka of configuration values but HTTP keepalive enabled.
*me sits in the silent corner of the plushy pink room with soft walls*2
Has anyone maybe a link to HTTP security topics in general?
I find often breadcrumbs, like in several different attack possibilities, but nothing comprehensive.
Mostly regarding HTTP 1.1 / HTTP 2 (h2c) and proxying.
I'm currently unclogging an whole ecosystem of proxies, endpoints, edge nodes and so on...
My knowledge is limited and it's frustrating to Google cause seemingly I get always just pieces of the puzzles but not a collection -.-
(Looking for specific information, e.g. regarding attacks like H2C Smuggling, HPACK attacks, stuff regarding Cookies / Headers / Encoding... But please not spread over several dozen pages where it becomes frustrating to read the same shit over and over again without learning something new :( )3
You mother fucking piece of shit.
Whoever taught you programming should be removed from history.
And whatever form of intelligence you claim to possess, let me assure you: breathing is the limit of it.
Some of the projects I'm working on are really the epitome of "YOLO let's turn the poopomat machine on in diarrhea mode".
The worst: I cannot really give examples.
I've seen the last days everything.
(bash scripting, docker, services like nginx /haproxy/...)
Eval as an template generator in bash...
Declaring an whole environment in an Dockerfile, that should never be used as it is only necessary for building... But not checking if an env file is provided, so the whole thing can blow up spectacularly.
A nearly 1k long bash calculator for system limits, reading out all kinds of stuff from /proc and /sys, seemingly partially stolen from NGINX Docker.
Declaring and starting an own DNS Server to bypass the Docker DNS service inside an docker container.
Mkfifo fun for creating several stdout and stderrs for seemingly no reason...
Actively not using bash, instead of creating shell only functions to emulate bash...
I could go on.
But really. I'm getting too old for this shit.3
I hate those persons...
Don't do this.
Person does it.
Don't do it. We are currently overworked and this _must_ be a project every team agrees on. Otherwise it will end exactly like it is currently - a big mess that every team implemented differently.
2 hours later....
Person books time for said project.
Other team lead: Stop working on it. This makes no sense.
Person: yeah... But I needed to clean it up anyways, so I just started cause why not.
Me and the other team lead had a 5 min discussion about it shortly after...
Wasn't the first time said person has gone solo rogue *sigh*
Despite that this is driving me (and the other team lead) nuts...
WHY THE FRIGGING FUCK DOES HE ALWAYS DO IT WHEN WE ARE SO FUCKING OVERWORKED....
Really. Every fucking time this mother tugging bullshit kindergarten play.
I think it's the first time that I said: I don't care - I'll just trash his work when we start on the project as a team in 2 months (Yeah... That's realistic. 2 months minimum...).
The universe really has it's way to make me angry.
I hope he stops tomorrow, we really cannot deal with emotional bullshit at the moment.
How can such fuckwads exist....15
Request for internal service
FW takes request
FW NATs request to external / WAN IP
Other FW (different location) gets request
DNS redirect for whole domain
"data-zone: *.*.*.org redirect"
Via DNS redirect request goes to LB
LB sends request to other LB
LB send request to NGINX server
NGINX resolves via Host header
And now you get a TLS handshake error somewhere in the travel of the request...
The level of fucked: my arse can take the Eiffeltower horizontal.
I am scratching my head since 2 days cause a rather large Dockerfile doesn't work as expected.
CMD Execution just leads to "File not found".
Thanks, that's as useless as one ply toilet paper...
Whoever wrote the Dockerfile (not me…) should get an oscar...
Even in diarrhea after eating the good one day old extra hot china takeout from dubious sources I couldn't produce such a dumpster fire of bullshit.
The worst: The author thought layering helps - except it doesn't really, as it's a giant file with roughly 14 layers If I count correctly.
I just found out the problem...
The author thought it would be great to add the source files of the node project that should be built as a volume to docker... Which would work I guess....
Except that the author is a clueless chimp who thought at the same time seemingly that folder organization means to just pour everything into one folder....
Yeah. That fucker just shoved everything into one folder.
It looks like this:
several bash scripts
several TS / JS / config files
If you read the above.... Yes.
He went so far to copy the large Dockerfile 3 times to add development and production specific overrides.
I can only repeat what I said many times before: If you don't like doing stuff, ask for fucking help you moron.
He directly mounts this source directory as a volume.
And then executes a shell script from this directory...
And before that shit was copied in the large gooozfraba Dockerfile into the volume.
We copy stuff inside the container, then we just mount on start the whole folder and overwrite the copied stuff.
*rolls eyes* which is completely obvious in this pit latrine of YML fuckery called Dockerfile.
As soon as I moved the start script outside the folder and don't have it running inside the folder that is mounted via volume, everything works.
Yeah.... Maybe one should seperate deployment from source files, runtime related stuff from build stuff.
I really hate Docker sometimes. This is stuff that breaks easily for reasons, but you cannot see it unless you really grind your teeth and start manually tracing and debugging what the frigging fuck the maniac called author produced.1
I hate this feeling.
Changing stuff with a greamripers scythe around my neck called doubt because the available data isn't too convincing.
Then having to go big or nothing as it is an ecosystem change (e.g. changing the cipher suites of TLS, changing protocol - e.g. HTTP 1.1 to 2) so it needs to be consistent as otherwise fun stuff could happen (fun as in the grim reaper cuts off my neck except a few centimeters and plays "now your head is off, now your head is on" ).
To top it off - just few seconds after the change has happened people coming up in the support channel.
My hands are - mysteriously - not sweaty then. Rather cold.
Lil prayer to the heavens and getting the whiskey bottle...
Opening an ongoing discussion in support channel....
And they're discussing whether the page needs to have an additional arrow for going back to the last page or if the default page navigation is enough.
Constantly using @all so everyone gets pissed off due to being pinged every few seconds in a channel that was meant for emergency support.
Now my hands go from a dark red to a bright red, my nostrils flare out, my adrenaline goes through the roof and I literally wanna murder people....
I hate those days.
And I hate the timing of some people...
Like they're deliberately fucking with me without knowing it, like the universe told them explicitly to do so just to fuck with me.
And of course, everything else is fine and running smooth like butter, except that said discussion now goes on in a total flamewar so I get even more pings.
Sucks to be in management.
You have way to many rooms where people can annoy you.
To top it off - after being grumpy and pissed and angry for people just annoying the fuck out of me, I have to mediate.
Yeah. Cause the usual person is on vacancy.
*slowly strangling the whiskey bottle like homer does with bart*
Turns out after 15 mins listening to enraged UX designer vs Frontend Team Lead that UX designer meant a completely different thing - uploaded wrong screenshot, whole discussion was unnecessary.
*Nah. Fuck it. Drinking whiskey*
Reminding everyone what the fucking frigging support channel is meant for and that penis fights aka who got the longest schlong don't belong there....
"Yeah it was a mistake, but it wasn't so bad"
You pinged fucking 32 people like it was the end of the world, you ignorant fucktwads.
For over 5 mins.
For fucking frigging nothing except your tiny dicks and shitty egos.
*Second round of whiskey*
Back to work after a wasted half hour.
What says monitoring?
Ah. Everything's working.
At least luck hasn't failed me.
Good server. Brave server.
Then I hear this lil voice in my head: no.
The servers know your personality.
They're afraid. Terrified.
Somehow that thought makes me giggle always...
Childish? Maybe. But it helps on those days.... Funnily enough, remaining 3 hours noone said anything in any chat channel.
"I wonder why, I wonder how...."... *hum*
Need two needles, two infusion hoses and 5 - 10 l of coffee.
The blood must go, the caffeine get in instead.
And yeah. This sounds fantastical in my brain right now, as I'm literally drooling half asleep in front of the PC.
It's 16 o clock in germany and I have gotten done nothing.
And I think I should put on some baby bips or the keyboard fries from drool.6
I'm amazed how some people either think I'm fucking jesus or a god or both.
App XY not working.
Yeah. We're talking about how App XY and it's exhaustion of the connection pool since a year....
It's not working, what can we do?
Well. I don't know. Tried restarting?
Well... Nothing I can do, you're responsible for developing the app and we've talked many times how complex the problem is.
It's not working, can u do something?
<Me just fed up increasing the connection count>
Well. I've increased the connections.
This will not work. It's a band aid. The app needs really a complete migration.
Ok. But it works.
No it doesn't work.. For fucks sake... It still exhausts the connections for unknown reasons, this is a band aid.
But it works....
This conversations was over then....
Well. Have fun.
I reverted the change I did.
May this crappy piece of shit die a thousand deaths, I:m now working on something else.
Goodbye mother fucking bitches, habe fun with the nightmare you created.
I'll cry over the other fucking nightmares I at least can solve, cause what you created in this App is beyond irresponsible and dumb.6
Nooooo.... Why on earth do you do that.
Looking at the sysctl settings someone took a road trip to Google and stackoverflow and just copy pasted every mother fucking stupid bullshit bingo inside it.
Half of this doesn't apply as the kernel version doesn't even support it anymore (for good reasons) or makes sense as these settings have NOTHING not even REMOTELY to do with the servers hw setup.
If you have no fucking clue what you do, ram the keyboard up your arse till you enjoy it.
But stay the fuck away from administration and the fuck away from anything that carries responsibilities.
Joyful task today: unclogging old failing Haproxy setups while being busy with 3 other tasks.
And if you wanna know why they're failing and it needed to happen today... Weeeell....
They restarted. And today they decided to restart so fast people finally noticed it.
Cause yeah. They did that the last fucking years every few hours. Now every 5 minutes.
:@ :@ :@ :@ :@ :@
I'm very short tempered at the moment.
A lot like Dr Cox in Scrubs.
And really ... You mother fucking stupid idiotic developers with your tendency to discuss absolutely everything just to not have to work for a dozen more minutes...
But ok. Let's discuss.
But even that seems to be absolutely impossible for you little shitheads.
Instead of discussing solutions, nooooooooo....
We're grown up developers so we discuss how the baddy manager hurt our lil feelings by saying that we're morons for wasting all the fucking time without coming up with a solution.
Now my lil cry babies, once the baddy manager got your pacifiers so at least once in an hour my migraine finally calms down for not hearing your bitching pathetic lil whiny noises...
Face it. Over the years you collected a huge ton of mother fucking tech debt because no one of you actually took a bit of time to use that empty space in your head to think at least a mu further than the dumb jira task you were given.
And yes. That ends badly.
And yes. As it is now in a state of cluster fuck, guess what. You have to work. You get money for it, remember?
And yes. if you would stop moping and bitching and crying and being a pathetic lil piece of shit, you'd realize we could come up with solutions very fast.
But nooo... Let's talk about our feelings.
And how we are over worked.
And how nothing works.
Cause yes. That will be the hail mary that saves us all.
Let me give u a hint: it's a mother fucking waste of time bitches.
I think it's time I put a pacifier not only in your mouth, but arse too. Maybe it helps overcoming the anal and oral phase of childhood so we can at least have something close to adult talk.
I think that's the thread dump of my brain currently.
Anyone knows what date and time we have?
I'm so lost right now.
17 projects atm thanks to e.g. Microsofts Exchange Hell.
I. Hate. Everything.
Go spread your butt cheeks so I can give you two fists of love before you write a damn ticket regarding yet another (security-) problem in infrastructure.10
Defragmentation of several applications codebase(s), sifting out duplicate code and creating a library out of it. Bash.
Yesterday while cooking I was too fast.
Chopping board with adjustable cutting depth, was at 6mm. Right thumb. Full speed. :(
Boy that wasn't pretty. Bled for half an hour and created quite a mess while trying to find some band aid to get pressure on it. Guess I'll have fun the next week's as no thumb is pretty handicapped .
And today we have in Germany a pretty severe snow storm.
I really hope that the server rooms @ company don't get flooded or shit like that.7
I remember a certain prank that amuses me till today....
Just add some devices to monitoring and the notification queue of the build chain / ... ...and wait patiently.
I still cry tears remembering an manager screaming what the hell "the poop train clogged the drain" means and why this is a critical system failure.
(Notice: next time check the mailing aliases of mailing aliases)
Although I can only recommend this if you know your team well. In my case we had a whole lot of fun after I got my head chewed off. XD (got an earful, but in the end he laughed his ass off)1
Hm. in MySQL 8.0.23 (yeah I'm kinda slow at catching up) they changed quite a lot.
- Hash Join implementation
- invisible columns
- InnoDB behaviour, eg AHI / IB
Guess no more MySQL for me.
How should I trust a database whose QA seems completely non existent and where minor version releases change the complete behaviour of the database....
(it's not new per se, Oracle announced that with the 8 GA release minor releases can have new features, but I'm surprised they really keep it up with breaking... Their QA sucked before, but with the new features coming, MySQL / Oracle is dead to me. )
Will be interesting to see in which direction Maria DB goes.... So far it looks good, although they really should think about cutting ties with Oracle / MySQL as a lot of internals have quite diverted....
One of these days....
Where you want to do a tiny task
And suddenly an explosion nukes every service, related service and dependant service.
Chain reaction. Yaaaayyy........
(ancient prometheus node lead to an snapshot error, snapshot error made the migration tool unhappy, migration tool unhappy meant that my task failed - updating prometheus meant checking every target, exporter and so on...
Fuckity fuck it''s gangbang time.)1
Today I experimented a bit with Dockerfile's.
Was quite surprised how far you could go with a spicy salsa of ARG, ENV, SHELL and multi stage builds.
But... For fucks sake....the debugging is like poking a light year long rod into a black hole, trying to fish something out of the event horizon....
In the end I got a nice setup for Java build's, version injectable with ENV/ARG, non root user and version specific behaviour.
As the debugging is non existing...
I filled up more than once my SSD....
It was an annoying brain damaged repetitive cycle of changing Dockerfile, pruning all images if docker build stopped because of missing free space, waiting for all stages to complete, start new.
And caching is a fragile thing that puzzles me .........
Guess more fishing tomorrow.
*Gives a happy deep throat to the beer bottle in hope of death*4
I'm at this point where I want to throw a temper tantrum - throw myself on the floor and crying like a child.
Frustrated. Only shit mundane work. Isolation sucks. Health sucks. Everything stinks.
And my willpower is like a candle in the wind.
I know it's not specificly the job, because not everything is mundane. It's my brain and soul poking each other's eyes out.
Why must everything be so shitty at the moment...4
Unlimited time is impossible... But I don't wanna ramble.
The one thing that I absolutely miss in my kind of work is something that does exist in dozens of flavors and each existence promises to solve some thing...
It's "bug tracker" / "time management" / "ticket management" / "board" / "kanban" or what ever pervert method you prefer software.
I haven't seen a decent one.
I'd think I'd want to build one - it would be definitely an all time consuming effort, since I would be in dire need of specialists.
The thing with nearly all of the solutions is that they lack ... an associative mindset.
Simply put, what we humans can.
The longer a project exists, the more it's housekeeping (guess that's a better word for it) turns into maintenance nightmare.
I remember quite well the joy of puzzling together eg Jira / Bugzilla / ... complex search formulars trying to find the needle in a planet of hay.
If you're read so far and have had similar experiences, think about how nice it would be if you had a mixture of AI and BI doing exactly that.
BI / Business Intelligence to get meaningful statistics is possible, but without AI it's a lot of work.
The AI would need to do several things...
- Match information (eg version XY was released at XY, so each bugreport after XY belongs to version XY and higher if no version matched)
- Tag and categorize (crashed / faulted / fried / ... - tag crash)
- "do the mundane work": ask nicely if the marching / tagging and so on was right, ask for missing info, require feedback etc.
There's a lot I could write more about that topic. But that's the gist. ;)
I'm in sad nostalgia....
32MB BIOS updates take a loooong time.
Hey. i'm updatinf the LED firmware.
Hey. I needed to reset all settings.
Fan detection for min rate.
Dozen settings changed.
Laggy mouse because EFI and graphics is slooooow...
I miss the old days of just keyboard based BIOS. And where updating didn't take 15 mins....2
Every meeting that contains one or more of the following points:
- "I don't think it belongs in the meeting, but"
- "Didn't get the meeting notes"
- "When's the food coming?"
- "I know we've said no technical discussion, but..."
- "Why is he so strict, this is no fun meeting at all :("
- "I think it's unfair to include risk assessment, you blame US before XY is finished"
- "The admins / the Team XY / ZX didn't talk with us, so we don't talk with him / her / them..."
- "Why are we here?"
- "Why is it so bad when production is down?"
- "I didn't know we do security / audit checks... Why hasn't anyone told us?"
- "Not happening. I'm against it"
- "I don't want to work with XY - he doesn't do it like I want it"
I could add thousand more things here.
I had countless meetings where I really thought that I was an alien who got broadcasted in a comedy reality TV soap...9
Thx to a close friend :)
His mom is currently "bored" after she came to germany recently (getting too old to live alone)
Kartoschka, Oreschki, Pelmeni, Wareniki, Beljaschi, Bliny....
I got a ton of food and beer.
I'm in heaven. That's the best that has happened in the last months.1
Dear brain, could u please work?
"No you motherfugging arsehole, scratch the sand out of your vagina and make yourself your own processor. Fuck u."
Seems like it's the jolly season of "my brain is uncooperative and unwilling".1
Good code is a lie imho.
When you see a project as code, there are 3 variables in most cases:
- people / human resources
Every variable plays a certain role in how the code (project) evolves.
Time - two different forms: when certain parts of code are either changed in a high frequency or a very low frequency, it's a bad omen.
Too high - somehow this area seems to be relentless. Be it features, regressions or bugs - it takes usually in larger code bases 3 - 4 weeks till all code pathes were triggered.
Too low - it can be a good sign. But it should be on the radar imho. Code that never changes should be reviewed at an - depending on size of codebase - max. yearly audit. Git / VCS is very helpful here.
Why? Mostly because the chances are very high that the code was once written for a completely different requirement set. Hence the audit - check if this code still is doing the right job or if you have a ticking time bomb that needs to be defused.
If a project has only person working on it, it most certainly isn't verified by another person. Meaning that only one person worked on it - I'd say it's pretty bad to bad, as no discussion / review / verification was done. The author did the best he / she could do, but maybe another person would have had an better idea?
Too many people working on one thing is only bad when there are no rules ;)
Rules. There are two different kind of rules.
Styling / Organisation / Dokumentation - everything that has not much to do with coding itself. These should be enforced at a certain point, otherwise the code will become a hot glued mess noone wants to work on.
Coding itself. This is a very critical thing.
Do: Forbid things that are known to be problematic in the programming language itself. Eg. usage of variables in variables, reflection, deprecated features.
Do: Define a feature set for each language. Feature set not meaning every feature you want to use! Rather a fixed minimum version every developer must use and - in case of library / module / plugin support - which additional extras are supported.
Every extra costs. Most developers don't want to realize this... And a code base that evolves over time should have minimal dependencies. Every new version of an extra can have bugs, breakages, incompabilties and so on.
Don't: don't specify a way of coding. Most coding guidelines are horrific copy pastures from some books some smart people wrote who have no fucking clue what you're doing and why.
If you don't know how to operate on people, standing in an OR and doing what a book told you to do would end in dead person pretty sure. Same for code.
Learn from mistakes and experience, respect knowledge from other persons, but always reflect on wether this makes sense at this specific area of code.
There are very few things which are applicable to a large codebase on a global level. Even DRY / SOLID and what ever you can come up with can be at a certain point completely wrong.
Good code is a lie - because it can only exist at a certain point of time.
A codebase should be a living thing - when certain parts rot, other parts will be affected too.
The reason for the length of the comment was to give some hints on what my principles are that code stays in an "okayish" state, but good is a very rare state
My current state of mood:
Too many dumb fucktards trying to be clever.
It's everywhere. Even when I close my fucking work apps and just want to have a fucking break, some dumbtards of friends remind me of the insanity outside.
I always laughed about the paranoid people who built bunkers somewhere in nowhere for very obscure and most of the time lunatic reasons.
Now I'm envious.
Winter Depression is also setting in and sleep wasn't good in the last weeks, too.
It's funny how one can be furiously annoyed and pissed 24/7 and at the same time be totally tired.
3 weeks sitting alone over Christmas and new year since paying out vacation and overtime is not possible.
Don't expect me round for the following weeks, think my mood will get even worse.7
Another part of messy network gone.
Caching fucked me hard....
Isn't it just lovely that nowadays you need to nearly wipe a machine to get it from claiming stale data....
And thanks to DNS, HAProxy -/ service names / ... I think I know now why the curse of babel is so powerful.
When you have to think for 2 mins to make sure you've set the zone's right, cause otherwise you need to ProxyJump with SSH through more tunnels than imaginable (VPN/HO) to fix possible caching on several DNS servers.... You'll realize that it's russian roulette with too much bullets. :(
And If a monitoring service asks another monitoring service for status information which asks the first monitoring service which then asks the second monitoring cause you were too late...
You'll get very funky monitoring statistics.
Too slow, had to nuke it (mismatched a DNS name, the second monitoring service should have been a service node).
I think I've had more near death scenarios in the last 2 weeks than I like.
Hopefully I'll never have to do that again.
(Splitting and reordering a few dozen VLANs, assigning proper DNS names, loadbalancer migration....)
I am right and you're wrong.
Aka: Living in a yin / yang (black n white) bubble.
If you're unable to adapt because the only perspective that matters is your own small little universe, then you shouldn't be a dev.
As a dev, you'll have to accept that you cannot know it all. There will be smarter people and there will be things that you won't understand.
It's okay to be wrong. It's okay to not know it all.5
I'm sea sick. Feel like migraine started becoming a real person and kicking me.
This whole site is just so fucking shitty.
Everythings moving. Spinning. Neon bright.
If anyone of you were responsible for that, I hope a ghost bites you everytime in your private parts while shitting....5
MySQL 5.7.32 breaks innodb zlib compression in combination with xtrabackup.
Oracle started the trend to break GA cycles....
Seems like the MySQL ecosystem finally splits in MariaDB (as 10.5 renamed MySQL to Mariadb) and MySQL.
I hope Oracle MySQL dies.
What Oracle does is beyond madness.
MariaDB 10.5 has it's troubles too. But at least you can look up their sources, check their bugtracker and don't get surprise foot fisting up your arse.8