2.5 Admins 220: Get a Job
31:08 Share

Two and a half admins epsom to twenty i'm jr.

i'm jim and .

i'm melon .

and he wear again. Before get started, you got a plug out in five reasons why S, F, S, storage benchMarks are wrong.

Yeah so when we walk through the common mistakes people make when trying to benchmark any file system, but especially is that fs, and why the results you are seeing might not be measuring what you think they're measuring and how you can do that right?

right? Well, linking the show that says usual, something occurred to me recently and that is that ran somewhere should not be a thing in twenty twenty four in a world where zeta face and stack shots exist, ransom, where should not be possible?

That's how I felt in twenty fourteen.

right? There are clearly not everyone is using that s because race, where is very much a thing. So I thought I might be interesting to go through why run somewhere shouldn't be a thing if everybody just use set of .

fess and IT doesn't even have to be specifically certified. You just need things with snapshots that are copy on, right? And basically means if you have your juicy files ever fill of all your important business files and you're taking sp shots on a regular basis and retaining those for a reasonable of time when the ransom wear shows up and starts enquist ting your files, it's going to write the encysted versions al file to a new place on the nas, not over top of the original version.

So means via the snapshot, you can go and pull out the on encrypted version. And I especially like the rain somewhere that I had experiences with. IT was a bit slurred. IT didn't encrypt whole file and every file because I would take days to go through the whole ass. IT only encrypted the first mega bite, the last mega bite and some mega bite, about twenty three percent through the file, just enough to mostly stop the files from working in both programs, right? If you take out the first and last major, but most videos are aren't going to be detected as videos and they want play, office documents won't open, everything will be screwed, but you only had to write three, make about profile instead of some of these files were multiple gig bites, and IT was taken a lot longer to encrypt.

Can we just go back a step? Because the obvious answer to avoiding ransom or mitigating rank is back ups, right?

Yes, thank you. I was waiting patiently for the chance to get to that. IT doesn't really have anything to do with the way that Z F.

S. doesn't. You don't specifically need snaps shots. What you need is back up that you can rely on an R, T, O and an R P O. They're both short enough that you would prefer to go to back up then to pay some s hole money who happens to be the same as hole that just missed up all your stuff to begin with.

right? But if you've got terrible tes and terrible tes and terrible tes of data that is backed up, IT could take days or even weeks to restore in a traditional backup set up. What was that? Fs, if you've got the snapshot, you can do IT in seconds. But again.

we're just talking about an ro recovery time objective and R, P, O recovery point objective that are low enough you'd prefer to go to back up rather than, you know, talking to some jerk.

Now, Z, F S goes way above and beyond on this because you, your, your R, T O is usually going to be in the milliseconds, the seconds in your r po, assuming you did something smart and you set up, you know, automate at snapp shopping, what's can be whatever you set that up to IT might be? Uh, it's hally typically for me. I know a lot of folks who do like every fifteen minutes or five minutes even.

And if that works for you, that's fine. But again, the whole point is backup PS. You are very right about that and a very low R T O 和 R P O。 And if all you want to know is like, you know, how do I make ransome where not be a problem? You don't really need to know more than that.

However, you satisfy those requirements and get your R T O 和 R P O low enough。 That works. That did the trick. You no longer want to pay some jerk to descript of your data because you would rather just get the descript, the copies yourself off a backup.

However, I do think that we're doing everybody a really big disservice if we pretend that the only facet of modern ransom, where is the encryption? In fact, especially when you're talking about larger businesses with competent I T staff that are actually supported in their mission objectives these days, that's not really the scary fact of somewhere. The scary facility is expelled tion.

And Z F S can't do anything for you about that. Z F S can absolutely protect you from some jerk, encrypted all my data, and now I can't read all my data. Ziva can't do anything for you.

When that jerk instead spent the last three or four months sifting out every bit of confidential data from your network if they could possibly manage, and is now threatening to publish IT everywhere, there's no easy answer on that. That's why you still live. Info sixteen z fs is great, but IT will not replace in the info sec department.

Yeah, but the one that really brought at home for me was, you know, I was visiting my college and they were having a vig I T emergency because some rest somewhere hit. They never drive for the medical students. And IT was going to take them about two and a half days to restore all the files because the R T O was that bad.

And they couldn't make the R P. O. They were like how long ago since their last back up any Better because the backup took so many days to run where a set of snapshot, like jim said, you could have happened every five minutes because IT doesn't take any time to create a snapp shot. IT doesn't have this latency between how often you can take them was if you're doing a traditional backup to tape, you can do IT more frequently than how long IT takes to do a whole back.

And one crucial aspect of set of snapshot is that no one or nothing can change that snapshot once it's been taken right. IT can be destroyed, effectively deleted, but not even that effect itself can change the contents of that snapshot. That's correct.

That would be a very difficult even to build the tool to do that to a snapshot in the built in middle of chain because you you've got I said chain and I should have said tree because that's the thing you can follow the the tree all the way back.

So it's very difficult to edit something in the in much the same way that you know if you've already printed your novel and the page numbers are on every page, you can't really just stick a new paragraph in the middle somewhere. You'll have to reprint the second half of the book. If you do that, you you have a very similar situation going on with A Z, F, S, or, you know, even god help us Better yeah.

So if when someone does try and encrypt everything on the system that IT sees, everything on the file system that IT sees, IT cannot touch those snapshots.

If IT has administrate actives, IT could try to delete the snapshots. If I was aware, nowhere yeah although to help with that, you can put a hole on a snapshot which basically locks IT with a it's not like encysted or a strong password. It's more like a lockout tag use when doing maintenon physical equipment.

So somebody doesn't turn the equipment on while you're inside of IT. IT prevents, for example, your automatic snapshot script from cleaning up these old snapshots. If you still need them for something, you can basically put a hole on IT saying you jim needs this for something. Don't automatically deleted and IT can't be deleted in somebody until somebody does a release on that.

Yeah but if my windows laptop is connected to the network share that is backed by the face, my windows laptop has no clue that is dealing with that first. It's just a network here and the ransom where will go to attempt to enquiries everything that IT sees but cannot even conceive of the snapshots to some .

really like depending how to set up, the set of a snapshots can be exposed the windows as volume shadow copy like previous versions and so on.

However, they're still really only their immutable table snapshots are immutable able period at the VS level. Again, in theory, if you're really, really good at math and a whole bunch of other things, you could make some delicious tool that try to generate hash collisions to edit blocks in a, in a snapp shot in the the middle a tree. But like why? Like there's not in any point trying to do that. Like at that point, you would be Better off destroying everything because that you can do if you've got root access, you can destroy the map shows just fine, but you can't monkey with them.

but you need root access on the server where that first is living. Like even if you've admin on the windows laptop, let's talking to the network share, that's still not gonna able to destroy the snapshots.

correct? That will do you know good. Because the the only way that you would have even the read only access the snaps shots from the windows box that's just doing like an S M B share across the network is is IT has been set up to expose the snapshots as volume shadow pies.

Then you can see the contents of volume shadow copies in the the windows explore file history tab, but they're only like there is no right access being given the file history client in windows doesn't understand the concept of of writing to that. You can just copy stuff out of IT or not, or you can destroy IT again much lucks snapp shot. But there is no provision to go back in time.

Yeah.

you can't go a mess with stuff with the client IT. IT doesn't work that way even if you could samba on the other end is IT doesn't have that concept. It's it's not set up to say, oh, you wanna to snap shot, let me help you with that or you want to destroy a snapp shot, let me help you that that's not some as job IT doesn't do that. IT doesn't know how to do that. So effectively yeah um even if you just want to destroy the snaps shot, you need to have root or dedicated destroy privileges for the data set in question on that box and you need to get to shell on that box and want to do IT and .

you should not have given the person who's got the windows laptop any such access. You absolutely should not.

And it's not always, in the case of separate physical machines like a file server know in a closet somewhere ever just your laptop. Sitting on the dining room table, in my case, usually the separation is more at the virtual machine level. Know the hypervisor is the big barrier for me because is far on one of my servers, i'll usually have five or six virtual machines that all think they're quite large.

Real boys, thank you very much. And y've got their own hardware and their own storage and the everything as far as they know, they're wrong about that. But the point is the snapshots existed at level that they have absolutely no access to or even awareness of .

yeah but speaking awareness. One of the interesting things about that of us and naps, ts, is that can help you detect rent somewhere earlier than other file systems in that when they started crypt files, they're going to start taking up more space because you're keeping the old version and the encysted version. And so if you're not expecting to see Terry bites of data getting written to your naas, you're going to notice when terribles of data still shown up yeah writing .

terabytes of data to your nas when you're not using a copy on right false system doesn't necessarily mean you need terra bites more space on your nas because your month with things in place, whether because the fs is copy on right and this is going to be true for any other copy on right false system as well.

To be fair, again, you do have to have some snaps, shots or else what happens is you create the new block and then you and link the old block so you can still of you this space without notes. If you get a snapp shot, every book you change is another block you write. So you're not just seeing terabytes of data being written. You're seeing the volume of data on your nas growing by terabytes in a day or two.

Yeah and if you you got proper monitoring set up, which you should have, then you're gonna tice, that really quickly.

But you'll notice, ed, the increase in rights that wasn't there before in the decrease in free space that you know is unexpected.

And now I know that you should definitely have backup PS, obviously.

So just snapshots on one. Maz is not enough, right? You want to be replicating those snapshots off to somewhere else, and then probably ideally from that back up, taking a non that F, S, back up, using the snapshots to have a stable version of the source, and having, you know, that third coffee be something, is not that F S.

just in case right now, that's what you should do, right? But if all you had with snapshots, which are not back up, but if you had snaps, shots, that could or probably would still mitigate ransome, where? right? Yes, if you've got the snapshot on that box, even if it's not backed up because the ransom where can touch the snapshot so you just roll IT back in less than a second.

Jobs are good in i'm not aware of an E Z F S A where ransome where right now. But if you've got ransome where on your box, IT almost certainly has root and IT has root. IT can destroy snapp shots just fine or destroy entire data sets or do with over one it's got root on your box.

But i'm again, i'm thinking more of this kind of sad situation with the windows laptop versus actually getting around where on .

the self the file or said one box only the one box with its snapshot. I wanted to be clear. Yeah, do you need to have another layer separation othe wise? It's is security through obscurity and you're just betting that the rent somewhere or the script, dier, whatever, won't know about the F S, and onto be bright enough to go destroyed your snapp shots, which isn't the worst bet in the world. You know, in in terms of winning the bet, it's just a really dumb bet to make regardless because you don't need to take that back, just do Better.

okay? This episode is sponsored by people who support us with paypal and patron. Go to two dot five aben stop come slash support for details of how you can support us to patria on supporters have the option to listen to episodes without us like this.

And it's not just this show. There's late nights linux for news discoveries, audience input and misanthrope. Linux matters for upbeat family friendly adventures.

Linux after ark for silly chAllenges and philosophical debates. Linux have time about developing with and for linux hybrid cloud show for everything, public and private cloud. And asked the host for off topic questions from you.

You can even get some episode bit early. We've got a lot going on, and it's only possible because of the people who support us. So if you like what we do and could afford IT, IT would be great if you could support us two at two dot five abb stock com slash support.

Let's just some free consulting then for first, just quick thank you to everyone who supports us with paper al and patron. We're really do appreciate that. And if you want to send any questions for germany in or your feedback, you can email show a two five aben 点 com。 We often get quite a lot of questions about how to get started in a sidin career, and we're gona cover three of them.

Now, ride is considering a career change from another tecumthe field. Jim, not that one, is a twenty five year linux hobby's who'd like to start getting paid for IT. And L, C. Is fresh out of high school. So let's cover some of the chAllenges that they going to be facing and the best strategies to overcome them.

You know the industry is gotten a IT weird about the classic actual system role, you know with the adaptive dev ops and and advance to these other related things and even just decided to call them as a reason. So on a lot of times, the classic system in that actually knows how the surface work isn't a role a lot of companies higher for anymore.

And I think that's going to be more or more of a problem for those companies when everybody that works there only understands the higher level abstractions and doesn't actually know how anything works underneath. But I think this kind of beside the point to what these people asking about of just how to get started with the career, I don't know, find the best personal of advice because I kind of fell backwards during my career and started my first business being assistive in and hosting R C. Servers when I was sixteen, out of my parents basement with a collocation server at the cable company, and kind of throw that went on to never have had a Normal job and always kind of work for myself.

But I think forced man stuff is really a lot of getting to know what you're doing and throw that being able to solve problems that people actually have. And so for hom lab stuff, a lot of that means getting experience with the types of problems that business is actually have when you're trying to play stuff. So you know if you're using prox, mincer, whatever that can make sense, that you have to look at how they are going to use that you a business to do critical things verses using IT for you know your whole media or just running a couple of vms that are are toying with stuff, how do you make different components work together? And how do you set up by a single sign on system between a bunch of these different services or web features or whatever that is going to be more applicable to what a business is doing?

yeah. How do you set up a whole stack and document that stack and make sure that stack is backup and understand how to recover when things go wrong? Like these are all the things that kind of people do. And did you not only want to be practicing all the stuff you want to be doing IT with the tools that you would like to work with?

Now in some cases, that's going to mean, well, I know that I want to work with this company, and I have some friends who I can ask what that company uses, and so I can practice on some of the same tools and applications that company actually uses. And I get very focused direct applications to try to get me into that specific job. In other cases, IT may be a case of like, well, you know, I have discovered these tools that I ve built a stack and really proud of, and I think that, that could be applicable out in the business world.

And i'd like to bring this knowledge and expertise out there, and that is also very valid. Now that's going to tend to lead you more in the direction of, uh, career like mine mercenary s sad min because like you know what you want to do and you're just like, hey, give me some money, i'll do this stuff for you too. And if you're good at IT, folks will eventually do that.

However, that career path isn't for everybody because in addition of being a assad men, you need to have at least some ability for like general face to face humanity. You get to do a little bit sales. You can to do a little bit of marketing.

You need to be able to do some of the book keeping on the back and you can get, you know, actually put an entire business together. And to some folks, that's going to sound awesome. It's certain ly sounded awesome to me. The other folks is going to sound overwhelming and intimidating, and that is not what I want at all.

So if that's not what you want, then if you're not choosing a specific set of tools to learning your homeland because you know that they're applying in a specific job or add a specific company that you d like apply for work, then you may wind up wanting to just kind like a work through everything that you know is is out there in the industry. Maybe you already got an entire stack set up on prox mox, and you think that's great and like you want to to change IT, but you may also want to set up the same stack on Normally, I would say E, S, X, I have that kind of a dead horse at this point. Just in general, you may want to experiment with other technologies to do the same thing because the the more that you can just say, oh yeah, I know that technology.

I have experience that technology. H, yeah, look at, you know, my notes over here, you and just on github, you wherever i've put my documentation. But again, you want to have things you can point to. You don't want to just be sitting there telling somebody, oh yeah, I ve worked with that is the first time they are hearing of IT.

You want to people say, oh yeah, here's here's all my notes on that like here's all the things that i've done with that and no lessons that i've learned and in most cases and interviewers not onna dive that deep into that stuff but just the fact that you can confident like, oh ah. There is in here's on my documentation on IT. You didn't remember you yeah.

Well, when i'm looking at resumes, if there's a link to get up, I don't look at what they did. How many contributors are they regular? Is the documentation any good as opposed to some people included linked to their and is like all I ve never done anything in two years, it's like, well, that's a great resume.

T there. I do want to point out Allen is a small business and small business is higher very differently from large businesses. When Allen is looking to hire, he's looking at raw resumes, trying to find people that he wants to hire, doing the kind of all in one thing, if you want to hire at a bigger, more traditional, you know, corporation, you don't get to top the interview.

You've got to make your way through the folks in H. R. That put out the the job ads there are, you know get a massive stuff in from where cruise or indeed dot comer whatever.

And they're just they're looking for radio buttons to be much they're looking for checked boxes to be ticked. And so you have to get through those folks. And now those folks may not care about your github. You need to make sure that you have got whatever certificates or you know as much as you can, whatever kind of experience those folks will look for, to get through that firewall to the people you really want to talk to. The other way around that is to talk to people in the industry, make friends, make context.

If you want to get hired for a longer than i've been alive and folks on fifty two years old for longer i've been alive, the best way to get hired anywhere is to know people there because they can get you through those firewalls I was talking about. They can lean internally on g people. If they want to get you hired, they can not only move you past, you know, some of that H R.

Fire while to get the interview, they can lean on the interview and be like, look, this guys awesome, like we need him. We want him or her or there, you know, whatever the point is called to, they context, go to conferences, meet people, give talks as a matter effect that will give you intellect. Speaker sponsor dinners, you'll be sitting at tables and like rubber shoulder with people. And you make friends, you impress people there they will want to bring you in places.

But to James point, like even with our smaller company, when we do put a post out on linked in or indeed we get hundreds of resumes, is half of them you know applying for the Z F S kerl developer position and they're only experiences java script full stack. It's like you why are you advised to? And so a lot of IT is you need your resume, especially so you only have like a pager to to get my attention and you kind of got a almost seo IT right?

Has to have the keywords I am looking for and that has to match the things we know. And to jims point, those people in H. R. They don't know what any of those technology words mean.

They're just binary filtering of, does IT say carbonates on IT or not? And if IT doesn't say cover, that is IT goes in the circular file. And so you really got a look at each particular job we are flying to.

And sometimes it's just tween three or four words on the resume by getting a version that's gonna get past that filter and that will get you a lot further than a lot of other stuff to dims. Other point a vote yes. X I going away.

There are a lot of businesses using VR that would love to have some people to have experience migrating from vem r to prox mox. This is something you can teach yourself in your home lab. Get to work, write a guy post IT.

point to IT. It's also a great way to get contract work for that. And a lot of the time contract work will lead too much longer employment as well.

I can't tell you how many times i've getting called in for a tiger team like one off contract and the folks they're decided like go this is somebody who actually knows what they are doing. We would like to have them back for other things. And then you can get approach for that and you can have longer running engagements, are repeat contracts or even, you know, convert to salary. I ve done all three of those things.

My career, if I was the same thing, you know, healthy, somebody ever buy one time. And it's like, oh, you actually understand how our things work. Can you just got here and we need you all the time. So we're a great customer for the last five years now.

And to Allen's point about the resumes, and you know you've got to have the right keyword in there if you're playing a larger business because the folks they are looking at the first round of resumes, they don't know anything about any. The stuff is looking is the word there or not that leads into the the question of like what do you not put on your resume?

For example, if you really, really want to get hired in for a junior cuba ties job, and you've been doing stuff with cuba ties in your home lab for five years, you may wanna really consider just putting, as a bullet point, five years cuba ties experience on your resume. You don't have to say home lab. You can talk about that in the interview.

That's not shady, that's not sketchy if you get the interview and then ask you so tell me about experience. There is absolutely nothing wrong with well, you know it's it's in the homa b, but let me walk you through some of the things that i've done. It's fine. And doing IT that way may be a Better approach than actually just putting you know, i've done this in a home lab right there on the resume where the people who aren't really the decision makers might see that just go, oh, that doesn't count.

Check in the bin at the same time, don't just key ard stuff that ever of reserves. I've seen recently talking about something I have experiences with windows list all the version, including XP. It's like, well, that's not relevant to this job and also nobody cares about windows X P anymore unless it's something very specialized where you would maybe want to find that out. But yeah, don't put a bunch of irrelevant stuff in there. I don't care that you know how to use excel. If I am trying to hire you to be a sea developer, it's worse when you are trying to hire someone that to a job that requires excel and they claim they know and they really don't, but try to avoid listings too much, completely irrelevant stuff and focus on the stuff that is, is going to matter if you just have a giant laundry list of skills that can be like what this person isn't good at anything, they're just have a giant list of things. And we're probably, I can believe that they say they know these things.

That just brings us right back to tailor or resume in the links of the resume that you submit for. A position is incredibly important and shorter is Better, like a page and a half is the general except maximum. But if you can fit IT onto a page and hit all the bullet points, that is absolutely what you want to do.

Believe me on that one, don't feel like you just need to keep cramping extra weird crap and to make IT longer. And also, again, this should be a tailored resume. Every time you give somebody a resume, IT should be a resume tailed for that position that you want.

You don't write one genre resume and give IT to everybody the same way you don't like learn one, pick up line and walk around the same bar all night saying IT to every single person of the appropriate gender you see. In either case, you're not going to have the results that you're looking for. And you know you might get slept.

No, i've mentioned this a few times. It's kind of been a throw line. But I think IT might be worth explicitly pointing out that to learn new things, you have to do those things is no good to just read about them. You actually have to do IT in a home lab on A V P. S.

Whatever is, I would say even further is you have to write about IT. IT doesn't matter if anybody ever reads IT. But as you're doing IT write down what you're doing, the steps and why you will be very useful for yourself. But also when you get to the end of this, delete IT and do IT again following your instructions and find out all the places you left things out of your instructions, because there will be a bunch. And if you do IT, while it's fresh, you will get those instructions to be good.

And you're really good to appreciate having those instructions when you have to rebuild something out really like in the morning because your brain will not be working out away and it's not going to remember the subtle details and your documentation that does cover them will be good. But I can express the number of times that people documenting what they were doing has helped them. I have a friend who does previous city system in work, and occasionally he runs into a problem and what he does, because he's documented what he was doing, he can show me out.

This is what the system looked like before I started. That's a step. People always forget before you start making changes to a system, document what IT is right now. I just get the dump of like equal status and if can figure or whatever I P atter. I know what the system looks like when IT was working and then write down everything you did, everything you did. And then when you run into the trouble, somebody will be able to see, uh, there's the type right there or whatever, and able to help you out of IT. But that also means you yourself can look over with fresh eyes, even if it's just the next day, and I see what I did wrong now, and get yourself unstuck.

even if you never read IT again. The act of having to create the documentation will fix the details of what you did in your brain law Better. It's the same reason you exposed to write down on your own no book, all the stuff the teacher wrote on the choke board or the smart board.

Now, you know what have you in school? It's not because, you know, teachers are too dumb to know about xerox machines or about just emAiling you know notes to you from their own document. It's because the muscle memory helped summit that knowledge in your head and and lets you recall IT later a lot Better.

And I will say also like if you never go back and reread your own documentation, like you should start because I don't care how great your memory is. I don't care how much of a natural you are. If nothing else, you don't know how good a job you're doing with the documentation unless you go back and read IT.

And part of the reason that we say this specifically about job seeking is even if you never, ever need that documentation against yourself, because you y're some kind of weird new, you do need to take IT, you don't need to read IT again, you're just amazing. Well, the fact that you documented is one of the things that people are going to look for. IT lets them not only for one thing, believe you a lot more when you say, oh, hey, I did this thing because they can see all the steps that you did. IT also tells them, hey, this is a person who documents the things they do, which is going to make them much more valuable as a team player. So that's going to make you stand out.

Yeah, i've run across the couple people in my career who felt that their job security came from the fact that only they knew how the system worked and they wouldn't tell anybody else. And it's like, yeah and then they were on vacation or sick and nothing to get fixed or we had to interrupt their vacation in order to get a fix.

You're going to start as a junior system in probably, but if you want to be the senior one, someday you will have created that documentation. So that is not you that has to do the steps of three in the morning at somebody else's problem. They can just follow the steps you wrote down for them.

I will also warn you folks, my entire career I ve ve been hearing all those jokes about, oh, you know, far me because i'm the only one who knows blow blew blow. Sometimes is jokes and sometimes people mean IT seriously. But that's people talking as far as wherever observed happening.

I have long since lost track of the number of sd means who don't document what they do and you know who nobody can figure out what IT is they're doing and they wind up getting forced to train their own replacement. The companies not a certainly to wait free to go on vacation for somebody broken while you were gone like they know what you're doing and they don't like IT. And the odds are real good that eventually you are literally going to watch your own replacement get hired and you're going to be given a few weeks to train them and either you do or you don't.

But either way, you're gone because that companies can be tired. Your crap. Don't be that guy. B, O, F, H, jokes are jokes. They're not a role model to aspire to.

right? Well, we bit get out of her then. Remember, show at two of five administer coming. We want to send any questions or feedback. You can find me a just rest to come sash mester on.

You can find me a mercenary is that com.

And i'm at alan jude.

We say next week.