M03 wrote
Absolutely not correct, networking failover is not part of the sysadmin role. While a storage failover is indeed a part of the role.
don't mixup the word 'failover' over multiple things.
Failover of networked service is a must for sysadmin as well, it is part of HA skills.
And bonding(you mentioned it) configuration too.
https://www.globalknowledge.com/us-en/course/86284/red-hat-system-administration-iii-with-rhcsa-and-rhce-exams-rh255/
Check this and requirements. It includes:
"Network port security and link aggregation" (which is bonding)
Also if sysadmin don't know how to configure VRRP on his server... thats suck.
M03 wrote
Can you please define what's a "Developer" in order for us to understand what you're exactly referring to? because I still disagree with you on this one. There's literally a "Developer" position just like a "Network Engineer" position.
Again you're saying things from the lebanese perspective. I am not applying in Lebanon due to this mixup on roles and responsibilities that the companies do.
Person with necessary skills to write software that match employer requirements. Some employers need "HTML Developers", hehe.
Nobody care about formal definition of "developer" or "sysadmin". Company care if you match their requirements or not.
M03 wrote
I can tell you, I worked for several Silicon Valley companies that had ties with Facebook, and NON of them had such an enforcement for languages. They let you do whatever you want to get the job done, there are literally other people whom exist and are hired to make those things dynamic in organizations such as documenting, analyzing code for backwards and forwards compatibility which have to be adaptable across teams and departments.
Thats probably IT sweatshops. Facebook don't hesitate to outsource low skilled jobs to such.
In any reputable company there is teamwork. Nobody will allow single person to do automation on scala or erlang if there is no other engineers who know it and team for sure wont agree on exotics.
M03 wrote
Not when you have different operating systems and I only gave "some" of the modules, let alone custom modules and lua scripts.
You gave me modules, i am telling you - those dont need recompiling nginx. And it is trivial job for juniors.
And even if you want to recompile it for some patches that touch nginx code, it is not big deal to make your own package rpm/deb/whatever with your own set of modules.
M03 wrote
self-signed certificates are not something to do on production servers at all and is more of a network thing again.
this allows you to have more control over your network.
Some companies do not like their website to have certificates issued by "Let's Encrypt" and rather have it from "Verisign", "GlobalSign", "Comodo", "Digicert" etc.
Yes, as you mentioned it's about parsing the certificate because such providers doesn't have a tool to use and you gotta do some scripting in order to renew those. And to be fair? this is a mandatory point to write on your CV/Resume because a lot of "Huge" companies even Google, sometimes in the past few years failed to renew a subdomain certificate and even forgot to renew the entire domain lease in the first place, those are important things to keep a company going and it is becoming more concerning over the recent years that huge companies are being targetted in this area (part of infosec), domain take over etc.
just to make one thing clear, I'm not a perfect sysadmin and I never claimed so, we all have our ups and downs and I clearly need to improve in some areas but our main topic is about "Roles" and "Hiring Process" which is biased
There is no major difference between self-signed and CA signed(in technical procedure), except who generate signed cert.
I can easily use self-signed cert for my own app TLS service, because i will do certificate pinning in this app by certificate id, and thats fine to use in production as well.
And procedure, generate certificate, make CSR, (send CSR to CA | sign CSR using your own certificate), install private key and received/signed certificate. As simple as that.
It doesnt matter much also, who is your CA, procedures vary, but mostly in verification process. In some cases you will do extensive paperwork to verify identity for EV SSL, but thats obsolete since 2019.
Again, this is very basic procedure.
And I'm pretty sure the problem with expiring domains/certificates is clearly not technical skill issue. They just forgot to include this situations on the list, "what should be automated/monitored".
I might be wrong on some requirements, formally you can say, yes sysadmin require very basic skills (on my view).
But, remember, you need to have something more than insisting on formal(bare) sysadmin skills. Why they need foreigner then?