Key Vault references are not presently able to resolve secrets stored in a key vault with network restrictions.
That seemed ok when i first read it as after all, there’s an explicit setting to bypass the firewall. But when i disabled network firewall (allow access from all networks), everything suddenly worked, and the key status is Resolved with a nice green tick:
I often have conversations with friends and colleagues about their careers. And many times, i point people to a great blog post by my colleague Liz Aab, about the “7 Ps”. But i always find myself adding two to the list, so i thought i’d just post it here.
There are lots of factors which go in to choosing a job. You can’t have all of them, all of the time. At least, i think you can’t. But you can (and should) decide which are most important to you. Here are Liz’s 7 Ps (which she says were originally 5 Ps from some other source). I’ve added my two on the end, and i’ve reworded some of Liz’s original post:
Place : Where geographically do you want to work? The city/country you are based in and your commute affect how you spend your time, and who you spend your time with, both inside and outside work.
People : Who specifically would you work with on a daily basis? Do you like them? Does your boss care about you and want to see you succeed?
Pay : Does the job or sector pay you enough to live the life you want? If not, will your pay will increase in a few years in this career path? Or, are you happy to change your lifestyle to accommodate a lower salary?
Progression : Will you develop skills, knowledge, a network or a reputation that will help you move forward in your career? Does this job offer defined progression opportunities, or do you need to develop these for yourself? If so, are you comfortable with this?
Perception : How do people react when you tell them what you do? Whose opinion do you really care about, and how important is that to you? Of course perceptions of jobs and industries change over time.
Purpose : What is the company or organisation trying to achieve, and do you support that? It’s not just millennials that want to work on something they believe in.
Procedures : In Liz’s list, this is how you do your job day to day. I’ve reworked it – for me, procedures is how the organisation operates. Do they expect a rigid 9-5, or are you trusted to deliver a result? Do decisions get made once and then implemented, or does it take a consensus to make change? Are you empowered to deliver, or do you need permission to take a bathroom break?
Projects : While procedures might be how the work gets done, this is what you’re actually doing. Are you spending your day on the phone, or sitting reading stacks of paper, or crunching Excel, or standing on your feet in front of 25 teenagers? Is your work indoors or outdoors? And do you like doing those things?
Pace : Is it frantic from the moment you wake to when you sleep? Or is there lots of space in the day for you to collect your thoughts or think things through? Are you expected to check your emails after hours, or do you ‘clock off’ when you’re done? What do you need to thrive?
Of course, as Liz points out, what you value today will differ to what’s important to you tomorrow. When you’re young and eager, you may want a role which is always on the go (high pace), and with a compelling purpose. If you start to plan a family, pay and progression move up the list.
Some repos, such a the one for the Unifi Controller, use different ‘field’ values to tie a release and require manual updates. For someone like me who has a standalone, automated controller setup designed mainly to keep the firmware up to date without much intervention, this is a hassle. It looks something like this:
[email protected]:~$ sudo apt-get update
[sudo] password for robert:
Hit:1 http://mirrors.linode.com/ubuntu bionic InRelease
Get:2 http://mirrors.linode.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:3 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Get:4 http://mirrors.linode.com/ubuntu bionic-backports InRelease [74.6 kB]
Ign:5 http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 InRelease
Hit:6 http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 Release
Get:7 https://dl.ubnt.com/unifi/debian stable InRelease [3,024 B]
Reading package lists... Done
E: Repository 'https://dl.ubnt.com/unifi/debian stable InRelease' changed its 'Codename' value from 'unifi-5.12' to 'unifi-5.13'
N: This must be accepted explicitly before updates for this repository can be applied. See apt-secure(8) manpage for details.
It’s an easy fix. Just tell apt-get to ignore the codename field:
The ZFS Pool on my server was showing degraded state. After checking the SMART status of the constituent drives and finding no problem, I discovered that there’s a bug in Solaris 10.5 where the system reports a growing number of errors and eventually fails the pool. dmesg shows an error unable to kmem_alloc enough memory for scatter/gather list, however, there is actually nothing wrong with the pool. Running zpool status shows degraded state:
[email protected]:~# zpool status
pool: rpool
state: ONLINE
scan: none requested
config:
NAME STATE READ WRITE CKSUM CAP Product /Disks IOstat mess SN/LUN
rpool ONLINE 0 0 0
c1t0d0 ONLINE 0 0 0 32.2 GB VMware Virtual S S:5 H:25 T:0 000000000000000
errors: No known data errors
pool: tank
state: DEGRADED
status: One or more devices has experienced an unrecoverable error. An
attempt was made to correct the error. Applications are unaffected.
action: Determine if the device needs to be replaced, and clear the errors
using 'zpool clear' or replace the device with 'zpool replace'.
see: http://illumos.org/msg/ZFS-8000-9P
scan: scrub repaired 0 in 12h15m with 0 errors on Fri Dec 21 00:08:43 2020
config:
NAME STATE READ WRITE CKSUM CAP Product /Disks IOstat mess SN/LUN
tank DEGRADED 0 0 0
raidz1-0 DEGRADED 0 0 0
c0t50014EE20BF0750Dd0 ONLINE 0 0 0 4 TB WDC WD40EFRX-68W S:0 H:0 T:0 WDWCC4E6NAXVAS
c0t50014EE263348A3Ed0 ONLINE 0 0 0 4 TB WDC WD40EFRX-68W S:0 H:0 T:0 WDWCC4E0FRRRRP
c0t50014EE2B69D2D68d0 DEGRADED 0 0 20 too many errors 4 TB WDC WD40EFRX-68W S:0 H:0 T:0 WDWCC4E3AN2Y99
errors: No known data errors
Running zpool clear recovers the pool:
[email protected]:~# zpool clear
[email protected]:~# zpool status
pool: rpool
state: ONLINE
scan: none requested
config:
NAME STATE READ WRITE CKSUM
rpool ONLINE 0 0 0
c1t0d0 ONLINE 0 0 0
errors: No known data errors
pool: tank
state: ONLINE
status: One or more devices has experienced an unrecoverable error. An
attempt was made to correct the error. Applications are unaffected.
action: Determine if the device needs to be replaced, and clear the errors
using 'zpool clear' or replace the device with 'zpool replace'.
see: http://illumos.org/msg/ZFS-8000-9P
scan: none requested
config:
NAME STATE READ WRITE CKSUM
tank ONLINE 0 0 0
raidz1-0 ONLINE 0 0 0
c0t50014EE20BF0750Dd0 ONLINE 0 0 2
c0t50014EE263348A3Ed0 ONLINE 0 0 0
c0t50014EE2B69D2D68d0 ONLINE 0 0 0
For various reasons, not least because I wanted to play with it, we have a Yale Keyless Connected Smart Door Lock with a Z-Wave module (we have the v1 module which works fine). This lock has a couple of key features that we liked:
You can grant or revoke access using RFID tags or cards, or by entering a 6-8 digit code on the keypad.
With the Z-Wave module (and a compatible Z-Wave controller), you can programatically add and remove codes so that you can enable codes at specific time or dates. For us, this meant we could create a code for the cleaner, but if they turned up at 2am on a Saturday, the door wouldn’t open for them.
It’s connected to our Samsung SmartThings hub, and i run the RBoy Apps custom device type and smart app to enable the scheduled key rotation etc. Overall, we’ve been fairly happy with it, but the thing really does eat up batteries, and I started to feel guilty about putting between 4 or 8 AA batteries in the bin each month. Of course I also got annoyed at constantly having to buy them and change them, so I decided to try rechargeables.
We bought some Panasonic Eneloop Pro batteries. I’d read a very interesting piece of research showing how high performance NiMH batteries actually outperform alkaline batteries – delivering a stable ~1.2v for far longer. As it turns out, this is a problem.
With a regular battery, as the charge drops, the device detects this and fires off an alert reminding you to change them. As the research showed, however, NiMH batteries provide a fairly constant 1.2v until the “power” in the batteries is pretty much depleted, and then they just die. This isn’t a problem for a radio controlled car. But of course if the batteries go flat on your front door lock, you can’t get in to your house as there’s no key override on it, and with no alerts, we wouldn’t know to change them. Although you can power the lock from the outside in an emergency using a 9v battery, after a particularly embarrassing situation where I discovered that the 9v battery I had stored in the glove box had expired 2 years ago, I decided to figure out how to wire the lock up to a permanent power supply. The main challenge here of course is that I would like to be able to unlock my house even when the power is out. After a bit of thinking, i decided that I probably needed a battery in there somewhere too.
Picture from ebay seller random-bargains2009
The first challenge is working out how to wire up the device. Ideally, didn’t want to be soldering connectors on. After a bit of research, I found a “4 X 6V AA MONEY SAVING BATTERY REPLACEMENT PLUG IN ADAPTER” on ebay (the item i bought is from “random-bargains2009” but there were three or four different ones from other sellers). This is basically an AA battery with a wire coming out of it connected to a mains adaptor, and 3 “dummy” battery blanks. I cut off the AC adaptor, and soldered on a USB A plug, and connected it to a Belkin USB battery pack, then plugged that in to a charger to keep it constantly topped up and … nothing. It turns out that Belkin battery packs can’t provide power and be charged at the same time. Doh!
I tried another battery pack, and all was fine until my wife tried to come in about 5 minutes later. Apparently the “smart” charge controller built in to the battery didn’t detect sufficient current, and so switched off the battery pack. Brilliant.
After a bit of research, I was able to find a 3,000mAh battery pack with a USB plug (from Amazon) that was designed to provide backup power for 12v CCTV cameras. Made by Chinese company TalentCell, it claims CE compliance for both the batteries and the charger. Mine arrived from Germany with an EU plug, but I already had some fused, screw fixed adaptor plugs, so not a problem.
Finally, the I ran the cable around the frame of the glass in the door to try and keep it discrete, and I’m now confident that we won’t ever be locked out again.
Hybrid peer-to-peer/5G vehicle communication technology, C-V2CX ("cellular-vehicle-to-everything"), has evolved since it's 2016 debut, with recent demos showing how it helps vehicles "see" threats and obstacles out of sensor range (such as cars coming around corners, traffic lights and so on). But it's not the only protocol on the block – Toyota, the world's largest car manufacturer, and GM, prefer a competing protocol based on wifi. The winner should start to emerge later this year when 5G trials begin. https://rob.al/2N03G6n
C-V2X enables vehicles to communicate, which should reduce accidents and aid autonomous driving.
Is AI the hot topic of the moment? Well, tickets for one of the foremost conferences for academics, the Neural Information Processing Systems conference, sold out in under 12 minutes… https://rob.al/2QbhPeR
The conference has become the one that everyone working in the field of artificial intelligence wants to attend.
Ever thought of becoming a bug hunter? The pay's ok – not great, just ok. For Evan Ricafort, in the Philippines, it's enough to make ends meet – in a typical month, Ricafort earns roughly average salary, sometimes more. Free t-shirts and tours of the US Capitol don't pay the bills… https://rob.al/2QdpOrC
Independent cybersleuthing is a realistic career path, if you can live cheaply.
IBM is testing a paper test strip which, when analysed with an app on a standard smartphone, could reduce the time and cost for farmers trying to work out how to prepare soil for planting, treat water, or maintain optimal growth of crops. The card is about the size of a business card, and changes colour in specific patterns to measure pH, nitrogen dioxide, aluminium and other chemicals necessary for (or best avoided) for healthy plant growth. The app allows immediate, precise diagnosis (the camera is more a accurate colour sensor than the human eye), and aggregated data can help governments monitor fertilizer/chemical use. https://rob.al/2MZR7b2
The IBM AgroPad is a paper testing strip that, when combined with a mobile app, relies on machine vision to measure the precise amounts of chemicals in samples of water and soil.
