Ive been neglecting this blog for a while now, i do wonder if anyone noticed?
Well, nevermind, ill just send this out to the blogosphere in the vain hope that someone may read it and find it useful/funny/weird/strange/etc
So, I was away for a fair chunk of the year, in oz due to a family issue. When most British have a 'family issue' its something that can be dealt with OOH, but not this little ex-pat chicken. Lots of midnight phonecalls followed by 2 trips out to Oz, and a fair amount of desperately-trying-to-catch-up-with-work/colleagues-while-hopelessly-out-of-timezone-jetlag-ugh! Also the trusty laptop packed up around 2 weeks in, meaning a call to Dell oz for new memory (supplied direct to hospital room!), keyboard ( flat out denied!) and HDD meant i quickly found myself getting very familiar with Ubuntu very quickly. As usual, Ubuntu (9) didnt disappoint, working straight out of the box, and to the delight of my employers, back up and running in no time. The only downside, and the reason i didnt keep it on there, is th VMware Vsphere client, which is next to impossible to import into Wine unless youre unemployed and got lots of time on your hands - something i wasnt wildly enthusiastic about. For security reasons we dont enable to web client, so at the moment, Windows on the laptop is a bit of a necessity. Ho Hum. At least my Hardy Heron work PC running dual monitors (oh the configuration hell! maybe i should post it here sometime ) is the last and only remaining Linux Box on the Office PC network.
Speaking of office networks.... we are moving our Linux/corp network far far far away from anything resembling a windows machine...The solution of this of course is a Bastion network, meaning all servers are firewalled away from everything else, and only what is necessary is actually punched through the firewall to the corresponding machines IP. Iptables are a good second layer of security here too. In specifying all the rules i have had to refresh my knowledge of each machine exactly what its running and what its not supposed to be running, which means the wiki also benefits whereas a documentation task on its own would have been rather tedious and boring.
Of course the real proof in the puds is when i decide to 'flip the switch' or rather change the IP's over and watch everything break in a rather spectacular fashion, but im sure that wont happen because i am made of WIN right???
Production infrastructure continues apace... we have a lovely set of puppet configs now and everything is just so *easy*, except if your search domains in resolv.conf are broken of course and puppet cant resolve and therefore cannot roll-back and then theres hateful manual configuration, but thankfully a) it wasnt me! and b) only a small pool of machines. It does make me wonder though about the wisdom of managing DNS through puppet and whether or not i would be shooting myself in the foot? Prace bets now...
Oh i got a new phone - HTC Desire of course, but kind of disappointed that it doesnt have pure IPSec VPN OOTB , which kind of rules out me using it as a work phone, so i guess we will stick with the BB's for now - theyre not too bad, but i do hate lugging 2 phones everywhere. The only option is rooting my phone, but given the hell i had to go through with T-mobile to get it, only to brick it, i think i would rather poke my eyes out with rusty chainsaws, kthx.
Anyway i promise to update more, thanks for listening.
About Me
- Mel
- Blonde, ambitious sysadmin of the femme variety, currently working for a global corp implementing SAAS solutions. Linux, Centos/RHEL specialist, who likes to KISS (Keep It Simple, Stupid) ;^D Big fan of ThinkGeek, BOFH and Dilbert.
No comments:
Post a Comment