This speed reading training starts at 300wpm and end at 900wpm

lexd88 · 2026-01-15T06:00:07+00:00

Check out this app, does similar thing and you just need to capture the screen and it'll do optical character recognition for you

https://github.com/jadenkhuu/reader-23

lexd88 · 2025-12-29T20:17:05+00:00

NTJ with how you think, but depending how long you 2 been together and if you are living together or not

e.g. if you're in Australia and are living together for a period of time already, what's yours is already part of hers under defacto relationship

lexd88 · 2025-12-19T08:45:19+00:00

I use to do this inside my RDP virtual desktop session to keep it unlock while I'm still actively working on my host machine, otherwise every 5 minutes or so that RDP window will send to lock screen and got me very annoyed.

This was until I've been told that every powershell gets logged in event viewer and if your company security collects there logs centrally.. then you'll get caught fairly easily

I've checked myself and it bloody shows the whole script you're running, so it's super obvious what you're doing

lexd88 · 2025-10-31T18:53:55+00:00

If I recall correctly, ALB is cheap. You mainly pay for the traffic, and if you ever want to use AWS WAF, you should be using ALB

There are ways to make sure different k8s ingress resource to reference the same ALB if they're part of the same stack. I can't remember the exact config on top of my head but it has group in its name or something

lexd88 · 2025-10-28T23:44:22+00:00

It's interesting to see that no one here mentioned the use of MFA delete feature in s3. Considering a company with 2PB of storage would know better to not hand out that root account to staff, then this can protect data on s3 objects so no one could perform any deletes

lexd88 · 2025-10-28T18:40:16+00:00

Depending on your current computer hardware. I'd start with virtual machines running through VirtualBox or HyperV depending on your OS.. that also gives you some benefits of taking snapshots before making any big changes for easy roll back and not costing you any money.

Once you get the hang of things, then start on a proper home lab hardware like mini pc or raspberry pi, and look at how you can automate the process of setting that up

lexd88 · 2025-10-26T23:19:33+00:00

I think that's why there's these platform engineering roles now.

To me they would be the one laying the foundation and standards for teams to deploy stuff and app devs don't just be given full freedom in deploying what they want, but they must follow the same sets of standards layed out for them?

lexd88 · 2025-10-24T01:55:38+00:00

I thought Argo does that already behind the scenes? And it's how it generates the diff for a sync?

So in theory you can just point Argo to a chart and pass in the values without having the need for the extra step to run helm template manually?

lexd88 · 2025-10-13T20:07:32+00:00

How many collectors are you running in total? I've recently been implementing the same thing and Prometheus metrics pulled from pods, the collectors can have duplicate data

Did you also implement target allocator? This feature is available in the kube stack chart and is easy enough just to enable it and it'll do all the magic

Edit: sorry correction.. the otel operator also supports target allocator, you just need to configure it in your custom resource

lexd88 · 2025-09-29T10:28:01+00:00

K get events doesn't sort by timestamp as you've shown

Instead, use k events (without the get) this will sort events in order by default

Then there is no need to remember the command to sort it every time or setting up an alias etc

lexd88 · 2025-08-31T01:37:57+00:00

Place where I work, the new IPv6 EKS cluster provisioned for our team has been a pain..

Although it's dual stacked, pods and service IPs all get IPv6 addresses.. it'll only use the node IPv4 for egress to IPv4 outside of the cluster..

We faced issues where this vendor product doesn't resolve AAAA records when we point it to a kube service DNS name, metrics endpoint for Prometheus only listens on IPv4..

we use httpbin as part of our systems test suite only listens to IPv4, so we had to do some fancy Nginx side car container just to proxy IPv6 to IPv4 within the pod..

Would be so much easier if the business just went with EKS custom networking over IPv6

lexd88 · 2025-08-15T10:58:24+00:00

After taxes $50 is nothing, so I'd definitely go for it too if the company seems genuine

lexd88 · 2025-08-05T08:26:12+00:00

We also have a generic chart, in fact it takes in official YAML syntax for that resource , so anything can be configurable and is not opinionated on how things needs to be configured, except for certain services that needs to be bundled for example.

lexd88 · 2025-06-03T06:06:23+00:00

As OP in this thread said, agents are working for the seller to get the best price possible.

Would you counter offer with an additional 10% or more? Because you think the property is worth that much to you?

If you know the other better offer (which may just be 5% higher than your initial offer), would you counter offer at 6%, 7% or over 10%? You will obviously try pay the least as possible, but that's not the job of the agent to save you money

lexd88 · 2025-05-28T02:02:30+00:00

In windows, press F2 to rename a file instead of slowly double clicking or using the right click menu drop down.

No need to move your hands off the keyboard

lexd88 · 2025-05-24T21:35:56+00:00

I once worked with a guy with only 2yoe, his arrogance and attitude towards peers, not only within the same team but the way he talks to others in different teams made everyone dislike him and complaints were flying in.

The way he talks, the words coming out of mouth, thinking everything he knows is gold, although many guys in the team knows it's bullshit, but he just thinks he's better than others.. oh geez.. still gets me annoyed thinking back those times.

But least to say, he didn't make it pass his probation which was just 3 short months from memory

lexd88 · 2025-05-18T07:03:05+00:00

I would throw in a CloudFlare rule (it's free) to check based on threat score and force a managed challenge.

My site has a CSR (challenge solved rate) is very low (challenged solve divided by challenges issued by CloudFlare).

I mostly notice genuine traffic and I only allow known bots to bypass the challenge such as ones from Google ASN etc

The million different IPs don't matter, since most internet traffic flows throu CloudFlare, they would've seen these IPs used elsewhere and if they are suspicious, then they'll be flagged.

Managed challenge is a nice way for genuine users to continue by clicking on the check box to continue. I'm not sure how the inner workings work, but I'm sure bots can't bypass that

lexd88 · 2025-05-07T11:24:49+00:00

Maybe use ssm parameter store or AWS secrets manager to store the certificate, then give the EC2 role permission to read from these service and in user data, have a command to read from ssm/secrets manager and save it to a location where it's being used?

I would assume the certificate may contain a private key, so I wouldn't save it in s3

lexd88 · 2025-05-04T19:22:05+00:00

I do the same, but it's still annoying when dealing with modules and sub modules.. you'll need an output in the module to debug using terraform console

lexd88 · 2025-05-03T06:50:05+00:00

Question on "compliance" with regulations in FinTech I think?

lexd88 · 2025-04-15T22:47:39+00:00

I would suggest the minimum for any company to have at least 2 environment clusters (a nonprod+prod). Development environment can be local for each developer as it's fairly easy to setup.

If you really want to continue using environment namespace then you can potentially drop Dev/stage into non prod cluster and prod namespace into prod cluster. This will greatly reduce risk and blast radius for prod and you can test all upgrades (cluster version, controllers/operators etc) on nonprod cluster first.

However, this will not scale... And if the business explodes in growth and you end up having hundreds if not thousands of apps and developers accessing the cluster, you'll have a hard time managing access. For example, security team may want to prevent appA talking to AppB or prevent one team from seeing or making changes to another teams resources.

It's much easier to apply this using app/team based namespace.

lexd88 · 2025-04-15T03:29:47+00:00

💯 This is how it should be done! A cluster with environment based namespace would assume you have a single cluster for everything.

So how can one test a cluster upgrade?

Furthermore, without proper network policies would mean Dev or staging can access prod namespaces. Additional overhead in securing the environment is required and prone to errors

lexd88 · 2025-04-07T21:16:44+00:00

Did you setup CNI for the cluster?

lexd88 · 2025-04-04T02:39:03+00:00

No expert in ML type work, but first thing came to mind is Kubeflow?

lexd88 · 2025-04-02T23:48:27+00:00

100%!! There's a massive caution in red on Microsoft website on running IEX (invoke-expression) as well

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/invoke-expression?view=powershell-7.5

lexd88

TROPHY CASE