Meetups/Infra/2026-04-20

From Noisebridge
Jump to navigation Jump to search

(Preamble: 

   = Meetup - Infra =
   https://www.noisebridge.net/wiki/Meetups/Infra
   https://www.noisebridge.net/wiki/Meetups/Infra/2026-..-.. )

2026-04-20m Meetups/Infra


Introductions[edit | edit source]

  • Loren - background doing cloud engineering, mythos things
  • Bjorn - chemical engineering
  • Zacchae - procrasticanted, now grinding till sleep
  • Dan - Have slept, is doing well
  • Elan - Post launch stability
  • Dave - works with infrastructure
  • Alex - plays with AI, use to play with robotics
  • Tyler - Robitics
  • PJ - use to work at Meta
  • Tom - recently moved to the area intereseting
  • Ciara - windows admin in another life, learning more production linux and kubernetes
  • Doug - likes computers, pissed off at rejection on job prospects.
  • Heather (our name) - full stack web dev and random linux stuff and automation
  • Derek - programmer, into schedulers, which seem applicable, now.
  • Kevin - route planning for aerial vehicles for now, blah blah, likes computers and schedulers
  • Eric - Trying to learn stuff
  • Portier - trying to get a machine up and running with Debian, getting things to work.


Lesson or Demo[edit | edit source]

- Bluesky postmortem: https://pckt.blog/b/jcalabro/april-2026-outage-post-mortem-219ebg2 - - High level, bluesky was breaking 

 - graffana dash board shows thrashing
   - "bind: address already in user error"
   - took a long time to resolve
   - on monday was degrading badly
     - process working through memcache
     - iterating over urls
       - without limit on the number of spawned goroutines
       - started using the entire 127 (/8) 
   - sequence diagrams shows the port pressure
     - TIME_WAIT
       - tunable, linux typically hardcodes to 60 seconds
       - pckt.blog is ?
   - what is a connection?
     - the 4-tuple (src, dst, ip, port)
   - ? things were closed because timeshake timeout?
   - ? unboundedness

- Noisebridge graffana content 

 - Caddy dashboard
 - request rate someone started scraping at 4:35.
   - 302 temp redirect
   - php fpm workers had closed before response, oops.
   - go access for log viewing
 - (TODO) perhaps strip the src and user agent.
 - Possibly invite the head SRE at google for a talk at NB 
 - Nice breakdown of http response codes https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status

https://surfingcomplexity.blog/2026/04/12/thoughts-on-the-bluesky-public-incident-write-up/


Perhaps Mythos bits—maybe we could learn about the specifics of a few bugs, the <1% that are public, what's the scope and scale. 

 - a nice video that covers the current mythos discussion from hank green https://www.youtube.com/watch?v=V6pgZKVcKpw
 - no one has experienced full access to the model, except through Project Glasswing
   - mythos is the network security exploit model
   - available only to important open source projects for now
   - infosec community was finding material bugs, not chrome, mid tier exploits
     - mythos can find bugs, but has a harder time writing the actual exploit
     - (? opus to hammer edge-cases)
     - (others have reported lower tier models are finding exploits too)
       - Small models also found the vulnerabilities that Mythos found 
         - https://news.ycombinator.com/item?id=47732020
         - expanding circles of ethics in human progress 
           - ? future claudes will learn that there are values that we stand for.
   - Thomas Ptacek article
     Vulnerability researcher response:  https://sockpuppet.org/blog/2026/03/30/vulnerability-research-is-cooked/

   - The Bitter Lesson
     - A lesson for AI Researchers
       - tweaking is bound to be overcome by more data and bigger models
     - examples
       - chess experts with expert systems can't compete with lots of data
       - fruit classifiers are better at identifying than models built by expert radiologists
   - Image net
     - thousands of classes, enormous data sets
       - all sort of images, hi-res, lo-res, different aspect ratios
https://distill.pub
https://distill.pub/2017/feature-visualization/  (https://microscope.openai.com is ever underfunded since 2021 or so)

nation states have a shared incentive to audit open source.

- Vercel hacked on the weekend (could be two weeks old) 

 - https://vercel.com/kb/bulletin/vercel-april-2026-security-incident

- Canary tokens 

 - https://www.canarytokens.org/nest/

Also inclined to think and talk about—what are devs useful for if LLMs can do much of the work, what kind of sanity, context, or translation—and how do we do that well?

something something—people want more PQ follow-up? *I'll keep that short*

NB wiki monitoring


NB rack & garden projects, perhaps - rack in the name of the infra guild


  • Ciara, Elan, & Bjorn - successfully got a talos node up and running -- running just k8s core services. On just a single node, plans to expand.
Initial plan to roll out TalOS (OS)
 - https://docs.siderolabs.com/talos/v1.12/getting-started/getting-started
 - Cool website to setup/generate system images https://factory.talos.dev


Silly WASM demo -- Dave's demo!

- DuckDB: WASM https://browser-reduce.spicy-rocks.net/index.html?dataset_urls=https://static-wiki-main-content-experiment-139675992311-us-east-1-an.s3.us-east-1.amazonaws.com/data/orderbook_2026-03-06.parquet&partition_sql=select%20max(best_bid),%20max(spread)%20from%20partition_data%20where%20market_id%20=%20%270x57aba5153e307d1645ebe0fd331e5fd410b463f0ddd32bb77226a584e0d19edd%27&merge_sql=SELECT+max(best_bid),%20max(spread)+FROM+partial_results 

workers example https://browser-reduce.spicy-rocks.net/worker/index.html?session=32f21141-7b2b-4b99-94be-dd2d9860965a

Outros[edit | edit source]

  • Loren - sqlite web stuff, fun to explore
  • Bjorn - saw a video about honeypot for control systems
  • Zacchae - still grinding
  • Dan - curious about state of security in a years time
  • Elan - intereested in dist. database, where are the tradeoffs, how to find bottlenecks in throughput
  • Dave - not an info-sec person, mythos sounds impt, all of our problem
  • Tyler - mythos, will read more, and see if i'm hit by this vercel hack
  • Alex - left over credits on claude for auditing open source
  • PJ - would love to learn more about DuckDB Wasm project
  • Tom - Interested in scaling docker containers, into Kubernetes
 see https://www.composerize.com/ !
  • Ciara - Still want to get prometheus stack up on the cluster tonight.
  • Doug - mythos, very interesting, believes the hype. Likes distributed processing.
  • Heather - (left early)
  • Derek - smaller models did find the bugs that mythos found (in notes), (what was the fruit model ..) (has been reproduced https://risky.biz/RB833/)
  • Kevin - enjoys hanging around people creating the post
  • Eric - (away)
  • Portier - Distributed file systems might describe something, with persisted files accessable from anywhere (like network filesystem).

Composerize.com ?? Parques database column standalone pass around like a file, default setting in a lot of libs, group records by (standard 50k, 15k, 25k ...) read a bit of the header (technically footer), scan into offsets efficient file access for reads. (range queries, future meeting)


Questions, Discussion, or Coworking[edit | edit source]

Retrieved from "https://www.noisebridge.net/index.php?title=Meetups/Infra/2026-04-20&oldid=90135"