Quienes de los que votaron por Abelardo de van a poner las botas?

Quienes de los que votaron por Abelardo de van a poner las botas?

Los que votaron por la guerra, espero que no esperen que sean los hijos de otros los que vayan a morirse. Por fa se ponen las botas y también a sus hijos. Gracias por defender el país. ​​

Firmes por la patria, a ponerse las botas muchachos. ​​Muestren ese tigre que llevan por dentro. ​

u/Connect_Detail98 — 4 days ago

So 100 * $0.35 is $3.5?

https://cloud.google.com/stackdriver/observability-pricing-examples?authuser=0#alerting_policies

Example 1: One policy, aggregating to the VM, 30 seconds

In this example, use the following configurations:

Data

  • 100 VMs
  • Each VM emits one metric, metric_name
  • metric_name has one label, which has 10 values

Alerting policy

  • 1 alert condition with 1 metric reference
  • Condition aggregates to the VM level
  • 30-second execution period

Resulting costs

  • Metric reference cost: 1 metric reference * $0.35 per month = $0.35 per month
  • Points returned cost: 100 points returned per period * 86,400 periods per month = 8.6 million points returned per month * $0.50 per million points returned = $4.32 per month
  • Total cost$4.67 per month

Example 2: 100 policies (one per VM), aggregating to the VM, 30 seconds

In this example, use the following configurations:

Data

  • 100 VMs
  • Each VM emits one metric, metric_name
  • metric_name has one label, which has 10 values

Alerting policies

  • 100 conditions with 1 metric reference each
  • Each condition is filtered and aggregated to 1 VM
  • 30-second execution period

Resulting costs

  • Metric reference cost: 100 metric references * $0.35 per month = $3.50 per month
  • Points returned cost: 100 conditions * 1 point returned per condition per period * 86,400 periods per month = 8.6 million points returned per month * $0.50 per million points returned = $4.32 per month
  • Total cost$7.82 per month

---

This seems objectively deceiving so people don't catch that a single alert that's replicated across multiple services with different thresholds will easily cost ~$50-$100 dollars per month in the following months.

u/Connect_Detail98 — 25 days ago

Podemos eliminar la política de este sub?

Ya hay otros subreddits como Colombia-Reddit y República-Colombia que son respectivamente de derecha y de izquierda.

Podemos hacer que el sub por defecto de Colombia no tenga política? Todo el día por todo lado nos bombardean con esta guerra entre izquierda y derecha, y hay mil lugares para ir a insultar y ser insultado... Sería aceptable si fuera algo que sucede cada 4 años, pero ya llevamos ocho años en estas.

Podemos hacer de este espacio algo diferente?

De verdad tan poquito somos como país que lo único que nos queda es discutir de política? ​​No tenemos nada más de qué hablar? Nada más por compartir?

Yo creo que si se prohíbe la política en este sub, se va a convertir en un espacio de lo que nos une y no de lo que nos divide. ​​​​​​​

reddit.com
u/Connect_Detail98 — 30 days ago

Is MGS3 supposed to be funny?

This game is hilarious. I feel like it's satire of anime, but I'm not really sure that's the actual intent.

Like, that time Ocelot does the "meooww" and calls his whole gang on Snake just to then say "ALL OF YOU LEAVE NOW! It's just the two of us now". Like bro, why did you even call them? And then he proceeds to do tricks with his guns for like 90 seconds.

I swear this is cracking me up. I played MGS4 a long time ago but it wasn't this funny. It had some moments but not like this. ​​

reddit.com
u/Connect_Detail98 — 1 month ago
▲ 7 r/GlInet

How to make Flint 2 DNS + AdGuard Home + Tailscale DNS work together

I wanted to connect to my homelab using Tailscale in my phone. I enabled AdGuard Home and Tailscale in my Flint 2, and everything worked fine on the IP layer. I could connect to all the IP:Ports from my internal network using my phone, which was amazing. But then I was tired of typing IP:Ports so I decided to add an internal DNS to my services. I used the AdGuard Home DNS Rewrites to point my internal domain to my services.

```

*.mydomain.com -> 192.168.8.111

```

While connected to the router directly, I could resolve all the domains just fine, but then when I connected to the network using Tailscale I couldn't resolve any domain from the AdGuard Home rewrites. The IP connectivity did work fine, it was just a DNS issue.

In Tailscale I was simply adding a Nameserver 192.168.8.1 without global overrides. I thought it was a Tailscale problem or an AdGuard Home problem and changed a ton of configurations but none worked. It was pretty surprising because I could reach every single homelab IP:PORT from my phone EXCEPT 192.168.8.1:53. So, this pointed to an application layer issue.

It turns out that dnsmasq in Flint 2 is configured with `localservice=1` which only allows LAN networks to send DNS queries to it. So the tailscale network interface wasn't allowed to query the DNS server on the application layer.

You can SSH into your router and run this to fix that problem:

```

root@GL-MT6000:~# uci set dhcp.@dnsmasq[0].localservice='0'

root@GL-MT6000:~# uci commit dhcp

root@GL-MT6000:~# /etc/init.d/dnsmasq restart

```

I'm assuming this has some security implications, but I think I'm fine because I don't have anything open publicly, so nobody can send DNS requests to that port anyways.

After changing this configuration, now I'm able to resolve the AdGuard Home DNS rewrites from my phone.

For the Tailscale Nameserver, I used the Split DNS option using my domain because I'm not sure if a future Flint 2 upgrade could override that setting back to "1" and then break my DNS resolution of my phone randomly. So, with the Split DNS I can guarantee that only the resolution to my internal domain is resolved by AdGuard Home.

Hope this helps someone.

reddit.com
u/Connect_Detail98 — 1 month ago

Is it possible to have my own private Terraform provider registry?

I want to publish a private Terraform provider somewhere but I don't know how to do this. I'd like to be able to be able to use lock files like I'd do with the real registry.

How are other teams doing this?

Is the public registry the only option?

Thanks!

reddit.com
u/Connect_Detail98 — 1 month ago
▲ 19 r/ArgoCD

I want to start using Kargo but I have a few questions

  1. Is the integration with Terraform as part of the freight free tier?
  2. Is the integration with Argo Rollouts free tier?
  3. Is the capacity to run automated tests between different stages free tier?
  4. What paid tier features make using Kargo a no-go for a production environment if you want to start with the free tier intially?
reddit.com
u/Connect_Detail98 — 1 month ago
▲ 3 r/docker

Docker reaching the host network isn't considered a security concern?

I'm playing around with the docker network, exploring how it is setup through the virtual bridges.

This is my setup:

- Docker network 1 - 172.17.0.0/16

- Docker network 2 - 172.18.0.0/16

I have one container running in each of those networks.

The host is plugged to the network-1 with the IP 172.17.0.1 and plugged to network-2 with the IP 172.18.0.1.

If I deploy an HTTP server in my host network namespace bound to 0.0.0.0 and port 8000, I can reach it from the docker containers.

```
# from inside the container
curl 172.17.0.1:8000 # for example.
# reaches the service running in the host.
```

I expected the host network to be isolated from the containers by allowing packets to be forwarded through the host in the forward chain, but blocked from reaching the host processes in the input chain.

So... Why does Docker allow containers to reach the host network by default but blocks containers from reaching each other between container networks? It's like they said "security is important so we don't allow containers to reach each other in different docker networks" but then said "uhhh, let's allow containers to talk to the host just because".

Would be nice if someone explain why they chose this design. To me it seems like bad isolation. What if I want to have a process in my host that I don't want these containers to reach? I'd expect the default behavior to be "there's no access. If you want to enable it, you need to do it explicitly". Instead of "all the services in the host are accessible, if you want to figure out how to close them, good luck finding the right iptables rules that don't break the docker network".

reddit.com
u/Connect_Detail98 — 2 months ago

I just interviewed a person for a Senior Cloud Engineer position. He has a ton of credentials about security, like SOC2, HIIPA...

My first cloud question is "what would you do if you have a service that is located in a public subnet and is getting accessed through the public IP of the instance". I asked some ownership and leadership questions before this.

He didn't talk about security groups, he didn't mention that he'd check if the instance if open to any attacks, didn't mention that the instance should be migrated to a private subnet. When I explicitly told him to please fix the network layout, he insisted the public subnet was the correct place for an API service running in EC2. When I told him it should go in the private subnet he said that clients would need to connect to the instance via the NAT. That's not how an AWS NAT works, omg.

I rejected this person, not solely based on this, but this was a very bad start to the interview. Am I wrong to think this is a big deal? This is the sort of stuff I learned on my first week reading about the Cloud and this guy has 12+ years of experience working with all the cloud providers and doesn't know it? It was such a big red flag.

Any opinions? I just want to make sure I'm not being a dick, maybe someone can defend this guy and make me see why this is acceptable.

reddit.com
u/Connect_Detail98 — 2 months ago
▲ 0 r/China

In my understanding, the end goal of Marxist and Leninist communism is to abolish the state and to have a classless society.

It seems to me China is currently going the opposite way, the state is gaining power internally and globally. This probably means that they are in the first stages of socialism, in which they consider necessary growing to prevent external forces from disrupting their future transition into communism.

Let's assume China reaches a point in which it is the strongest world power. It has successfully taken over the US and is now the most advanced and powerful nation in the world. There are no threats to their communism plans.

How do they migrate from being one of the countries with the most involved state into a stateless country? What does a country with more than a billion people look like when there is no state and no social classes?

Do you think this is realistic?

reddit.com
u/Connect_Detail98 — 2 months ago