* Posts by Trevor_Pott

7010 posts • joined 31 May 2010

Sysadmin Day 2017: Still time to get the beers in

Trevor_Pott
Gold badge

Re: Seriously?

Looks like someone never discovered composable workloads or composable infrastructure. But Happy Sysamin Day anyways.

0
0

Approaches to building the enterprise cloud

Trevor_Pott
Gold badge

Re: I hate Agile as well

Yeah, I wasn't going to get into pricing with these sorts. Open source stuff like Ceph or LizardFS can handle HCI storage layer, with OpenNebula and many others providing great management UIs. Then we go up through the various smaller contenders like Maxta, Yottabyte and Nodeweaver to the midsized ones like Hypergrid or Scale to the big heavies like SimpliVity, VMware or Nutanix.

The price range varies wildly, and even Nutanix have entry-level gear that isn't that badly priced. HCI isn't expensive. It certainly isn't as expensive as ancient three-tier architecture. That said...

"It is difficult to get a man to understand something, when his salary depends upon his not understanding it!"

--Upton Sinclair

1
0
Trevor_Pott
Gold badge

Re: I hate Agile as well

"Does HCI actually give you the ability to go to a web interface, spec your server and provision it without ever going near a techie like a cloud platform does?"

Depends on the platform, but yes, several HCI solutions do exactly this. Nerds optional.

0
0

How HCI simplifies the data center

Trevor_Pott
Gold badge

"On prem IT really isn't like that, HCI or no HCI, because you still have to scale to peak"

Bull.

You only have to keep your critical workloads on-prem. The stuff that is actually burstable is likely not mission-critical (it will just run slower if there aren't 'enough' instances) and you can farm that out. To the public cloud or to a service provider. Use the right tool for the job. The world isn't black and white/one or the other.

Use the public cloud only for what it's good at: providing non-mission-critical capacity when you are over peak. It's 2017. We can do this stuff now without having to throw out our ability to sweat our assets through bust times, have control over our own data, or run sensitive workloads in our own legal jurisdictions.

Hybrid IT isn't just some buzzword. It's not even some ideal towards which we are striving in the distant future. It's a thing we do today. Some things on prem, some things in the cloud. It's not rocket surgery. It's just some bloody YAML.

0
0
Trevor_Pott
Gold badge

"Economics 101 lets you know that cloud will be less costly and better than on prem"

Let me guess, you also believe - despite mountains of evidence - that trickle down economics works.

*sigh*

And the earth is only 4000 years old. The eye is irreducible complexity. *thud* *thud* *thud* *thud*

"Everyone knows this intuitively. If I were to ask you if it would be less costly to purchase network services from an ISP like Verizon or bury your own fiber lines underneath the ground/oceans around the world, everyone would say that obviously it is going to be a lot more cost effective to just rent lines from the ISP where many people share the cost burden than to pay billions to create your own global network...."

Um...you're demonstrably wrong. Massively, demonstrably wrong.

First off, it's cheaper to build your own global network the instant the cost of laying your own fibre gets to about 1/20th the cost of renting it. Right about there you can go lay multiple strands of cable, use whatever capacity you need and rent out the rest.

You know, like Google does. Sure wasn't cheaper to just stand up their own datacenters and pay the rent to the ISP. Nope, they laid their own fibre. And yes, they even have a stake in oceanic cable.

I can introduce you to municipalities that also lay fibre for everything from last mile to backhaul. I can introduce you to WISPs and even businesses as small as 10 people who would rather pay the municipal fees to dig a ditch to lay fibre between their location and the local internet exchange than to pay the ISP. Shock, horror...it turned out to be significantly cheaper.

In some cases the ISP is cheaper. In many others it's not. Just like in some cases (you know, those very rare niches where you have "could native" burstable workloads) the cloud is cheaper. In many others (such as 24/7 workloads), it's not.

As with everything in IT it depends. You do a needs assessment and you use the right tool - technical and economical - for the job. You don't decide on the tool and then contort all reasoning beyond logic in order to fit what you do to that tool.

Also - and I don't understand why I have to keep repeating this to someone supposedly so smart - there are huge differences between regulated industries (like telcos) and completely unregulated ones (like public cloud services). What my governments impose on telcos here as minimum service quality, pricing caps and more keeps monopolistc behavior in check. There is absolutely nothing keeping monopolistic behavior in check amongst the cartel of public cloud providers.

Also - and again, I can't understand why this is so hard for you to get - when you do the actual numbers on running your own workloads you don't have to be running that many workloads 24/7 before rolling your own is significantly cheaper than public cloud.

Religion. All you're touting here is religion. It is no different than trickle down economics or praying the gay away.

2
0
Trevor_Pott
Gold badge

Members of the local cult "haven't seen a case" where their forced religious indoctrination of children causes lifelong trauma either. Despite this, escapees spent the rest of their lives in therapy.

I have yet to see more than edge cases where the public cloud actually is less expensive than on premises. Then again, I'm not a believer. I'm just someone who uses spreadsheets a lot.

2
0
Trevor_Pott
Gold badge

Cost. Security. Privacy. Regulatory compliance.

Not everyone gives no fucks about the cost of things, is bamboozled into thinking the opex model is great, or lives in the US. There are lots and lots of reason not to use the public cloud.

There are lots of reasons you should use the public cloud.

It's what you want to do that determines where a workload is best run. Not some sort of religious belief.

1
0
Trevor_Pott
Gold badge

Sort of. Turbonomic has its limitations, and is itself limited by what the management software will allow. You cannot do proper overprovisoning of CPUs, for example, when you are forced by the cloud implementation to dedicated cores when creating a tenant.

1
0

Not that scary or that hard: Two decades of VLANS

Trevor_Pott
Gold badge

Re: DHCP is you friend.

Here, read this. It might help.

1
0
Trevor_Pott
Gold badge

Re: Somebody forgot to check the manuscript before printing....

Q-in-q is implemented in proprietary solutions as well that aren't full 802.1ad implementations, but are implementing nesting. This is less common today, but was quite common before the full ratification of 802.1ad.

Aren't standards processes awesome?

0
0

What is the enterprise cloud?

Trevor_Pott
Gold badge

Re: Optional

Are you implying that I, as the author of that article on Virtualization and cloud review, owe or have some sort of allegiance to VMware or Netapp?

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAH

You truly don't even know what you don't know. Considering the amount of shit I give those companies - especially Netapp - yeah...I can never take you seriously ever again. Mate, VaCR gives me free hand to write what I want. No checking with the editor about topics, no kowtowing to any vendors. I am free to eviscerate (or praise) them as need it.

But hey, you keep on keeping on. Try the next house over. I think they might be willing to accept Amazon the Saviour into their hearts today.

1
0
Trevor_Pott
Gold badge

Re: Cloud automation at the right level is key

The only problem with what you've said is the word Oracle.

And that's one hell of a really big problem.

2
0
Trevor_Pott
Gold badge

WannaCrypt: Pwnage is a fact of life but cleanup could and should be way easier

Trevor_Pott
Gold badge

Re: Bah!

If we can't win a simple battle like "let us update our computers patch at a time", how the hell are we supposed to win "stop spying on us" and "gimme back a usable WIMP interface"?

Start with the border skimishes, sirrah, then plow face first into the war...

3
0
Trevor_Pott
Gold badge

Re: "We can see if they weigh more than a duck"

African or European?

3
0

Shadow Brokers lay out pitch – and name price – for monthly zero-day subscription service

Trevor_Pott
Gold badge

Re: Exploit As A Service

Not the first such service. Won't be the last.

0
0

Hackers emit 9GB of stolen Macron 'emails' two days before French presidential election

Trevor_Pott
Gold badge

Re: So, just another day in the office...?

Way more money - and certainly more power - in stripping people of every single right and freedom you can. Starting with privacy, but by no means ending there. ANd when profit comes before people, it's the right that will be out there doing it.

In other words: you can't trust anyone whose only motive is profit: there will always be more profit in betrayal and lying about it than in doing right by one's customers. All of human history is nothing more than this lesson being relearned by subsequent generations of naive individuals desperate for some grand rationale to justify their own selfishness.

0
0
Trevor_Pott
Gold badge

Re: So, just another day in the office...?

"So, you're saying that privacy advocates are now staunch Leftists?"

Yes.

See, here's how this works: right wingers are all about their own privacy. Those on the left care about everyone's privacy. It's really not that hard to work out. If you're on the right, your philosophy is "if I've got mine, then nobody else matters". If you're on the left, your life philosophy is "we all go together".

So absolutely, there are right wing privacy advocates, but what they are advocating is privacy for them, and whatever group they self-identify with. Anyone who is not a member of that group shouldn't have privacy, and should probably be demonized and dehumanized so that the authorities "do it to Julia" instead of them.

Leftists are all about pesky concepts like "universal human rights" that apply to everyone regardless of what identifiable group they're part of.

2
1
Trevor_Pott
Gold badge

@John Savard

"But since Russia now has nuclear weapons, justice cannot be done in any practical way for the time being."

Justice? Sounds a lot like you're advocating revenge. Revenge isn't justice.

Justice would be finding individuals responsible for crimes and holding them accountable. Revenge is orchestrating a campaign of hatred, intolerance and economic or military reprisals against entire populations because of something their antecedents and/or the tyrants that held control over them did.

The sins of the father are the burden only of the father. The child bears no responsibility.

Alternately: "an eye for an eye leaves the whole world blind".

5
0

Having a monopoly on x86 chips and charging eyewatering prices really does pay off – Intel CEO

Trevor_Pott
Gold badge

Re: @Nate Amsden

"does Intel make high performance low power chips in quantity"

Yes

"or do they hunt for a few exceptional parts to send out to reviewers"

Also yes

Made in quantity doesn't mean available to the hoi polloi in quantity.

0
0

A very Canadian approach: How net neutrality rules reflect a country's true nature

Trevor_Pott
Gold badge
Coat

Re: there aren't any derogatory terms used by Canadians to describe their continental cousins...

@Dan55

I was about to say...

Also: Isn't "American" a derogatory term? I'll get my...

0
1

Alert: If you're running SquirrelMail, Sendmail... why? And oh yeah, remote code vuln found

Trevor_Pott
Gold badge

Re: Why?

Why not use Squirrelmail + Sendmail? They've served me well for over ten years, I don't see any benefit in changing...

0
0

Data trashed? When RPO 0 isn't enough

Trevor_Pott
Gold badge

Re: Pay per mention?

According to ctrl-f, 3 times. If you have a better example of a zoom zoom post-today's-NAND tech that is actually sampling amongst companies, I'd love to know. Or even a term that is better than "zoom zoom post-today's nand tech".

If I say "3d xpoint" people get what I mean, even if xpoint isn't the actual technology that's relevant there. It's a placeholder. Kleenex, without being Kleenex branded tissues. But I'm open to a better term...

1
1

Take that! FCC will hand net neut to FTC – reports

Trevor_Pott
Gold badge

Re: No.

Old people aren't wise either, though clearly they retain the arrogance of youth.

Here's a shocker: the percentage of people who are actually smart is pretty small, and doesn't correlate with age.

6
1

Twitter's motto: If at first you screwed developers over, try, try again, eh?

Trevor_Pott
Gold badge

Re: Only twits tweet.

"I never used no 'Internet', and never needed it! There's pornography on there. Tells you something about the mentality of the people who use it!"

TL;DR: oldmanyellsatcloud.jpg

2
0

Coppers 'persistently' breach data protection laws with police tech

Trevor_Pott
Gold badge

Re: @David 132

Then 2% of cops should be jailed every year. You or I would be in their place. If the cops can't handle being held to higher standards, they shouldn't get exceptions to breaching the standards to which mundanes are held.

0
0

Finally – from brandbox to whitebox: Storage fabric is SDS realised

Trevor_Pott
Gold badge

Re: Welcome

It's worth pointing out that fabrics can install onto bare metal by integrating with a Linux kernel. So HCLs can be the Microsoft HCL or the VMware HCL if you ware using the hyperconverged VSA-style solution on top of an existing hypervisor, or it can be "pretty much anything you can find" if you are using a bare metal scale-out solution native to the fabric vendor's software/integrated with KVM. Interesting times.

1
0
Trevor_Pott
Gold badge

Re: Welcome to the world of tomorrow

ViPR's cute, but to my understanding is still pretty limited compared to modern SDS platforms. Yes, proper fabrics exist today, but none of them have all the pieces together and have enough funding to go big. There are startups with all the bits, but they're tiny. There are big companies with SDS solutions, but they don't have all the bits.

Storage fabrics are today where hyperconvergence was circa 2010 or 2011.

Also: ScaleIO as a storage fabric? No. Hyperconvergence is only one feature of a storage fabric. It is not a fabric in and of itself.

1
0

Linux, not Microsoft, the real winner of Windows Server on ARM

Trevor_Pott
Gold badge

Re: Not so sure

I don't need Red Hat support for all my instances. Just my dev and test instances. As long as I know that everything with a given config set works I can use those same config chains on CentOS. Desire state config is amazing.

And it's beyond TCO. There are multiple companies willing to provide Linux (or BSD) support. You can choose whom you trust. You can have one of your devs submit patches directly to an offending project. You don't have to trust one company that - let's face it - has done everything they can to destroy trust.

This would be a different conversation if Microsoft gave a bent fuck about trust and acted in a responsible an honourable manner towards it's partners, customers, or even staff. It doesn't. Thus it can't be trusted.

In the open source community there are always alternatives. From hiring freelancers to whack a particular mole to working with companies to solve your problems...where there exist professionals at most open source companies ready and willing to work in a professional and trustworthy manner.

Microsoft dug their own grave. Let the bastards rot in it.

4
0
Trevor_Pott
Gold badge

The growth is on Azure because Microsoft have sacrificed everything in order to force the growth to be there. See here.

Microsoft went to the cloud because of two things: a) subscription revenue and b) lock-in. Windows had reached the place where Office had been for some time: sure, there was some lock-in, but there was no room for growth and all the features that needed be already were.

With Azure, Microsoft could create a whole new form of lock-in, charge even more, and do it all as recurring revenue. Win, win, win for MS. Lose for customers.

Windows is legacy. It will shrink and then stabilize, and sit at that level with no appreciable growth for decades. Just like mainframes.

4
0
Trevor_Pott
Gold badge

Re: Not so sure

"Windows is still much easier to deploy and manage, and the reliability and security of Windows have improved dramatically in the past decade."

This depends entirely on whether or not you're comfortably blindly trusting Microsoft and whether or not you believe in actually having control of your operating system. Microsoft is steadily moving away from administrators being able to control everything and towards just having to trust Microsoft because Microsoft knows best.

See: cumulative updates, as one example.

I have some lovely stories of Windows updates breaking things at fortune 2000 companies and, because of cumulative updates, not being able to subsequently update systems. Administrators fighting with Microsoft support for quite some time to get them to acknowledge there was a problem, hotfixes being slow and then the next cumulative update breaking things all over.

A couple of reasonably large orgs I know of have called halt to the idea of "Windows by default" and are now requiring justification for why Windows should be used instead of SaaS or LAMP.

Windows is the easiest for people who have built their careers on Windows. But there are now enough people out there who have built their careers on other technology stacks that they're simply not afraid of looking elsewhere. And it's starting to show, in enterprises and even in governments deployments.

Windows is a hell of a lot more secure than it was. But it has gone backwards on manageability, and that's hurting Microsoft in a big way.

7
0
Trevor_Pott
Gold badge

Someone did create a nice UI for Linux. It subsequently claimed the endpoint crown, completely crushing Windows.

It's called Android.

Yes, Windows dominates a specific chunk of the endpoint market - desktops - and leads in another chunk of the endpoint market - notebooks - however, both those segments are in overall decline. Not merely as a percentage of total endpoints deployed (which has been catastrophic from that standpoint,) but in terms of total units shipped per year. Not one quarter's decline, or a year. Desktop and notebook sales have been for over 5 years.

So go right ahead and cling to your Windows uber alles fantasy. Actual facts don't back you up. As for the rest, most ITDMs I've talked to in the past 18 months have been reigning in purchases of new Windows applications and moving towards either SaaS or in house LAMP applications for new projects.

Like mainframes, Windows will take a very long time to completely die...but it's days of maintaining datacenter market share - let alone growth - are over. It's about time.

6
1

Algorithms no excuse for cartel behaviour, says European commish

Trevor_Pott
Gold badge

Re: Duh

So what you're saying is A) you don't want Google Search to exist any more (because a search engine isn't profitable without other components, like advertising), and B) you want all the rest of Google's offerings to no longer be available as the entire company collapses (because the only thing that makes any money is the ability to advertise against things, with search being the real money draw).

If you broke up Google you might have one piece - website advertisement - that could survive independently, but it would be a pretty small entity that would fade pretty quickly as the market turned to Microsoft. Having the only major search engine left with an integrated advertising system, Microsoft would be able to provide the targeted advertising that advertisers want, leaving the on-website advertising solution that was hived out of the former Google to wither and die.

Everything else Google does would cease, because it's funded by advertising. Amazon would own shopping outright and Microsoft would own everything else. Microsoft, of course, wouldn't be anywhere near as objective as Google, and our ability to search the web effectively would be reduced to pre-2000 levels.

That's what you want?

How many shares in Seattle tech companies do you own, anyways? Google aren't the good guys, but they're a fuck of a lot less awful than the alternatives.

Killing Google to solve perceived conflicts of interest is like trying to solve perceived governmental inefficiency by completely eliminating the government and saying really loudly "no, we won't end up like Somalia, because this time it will be different". There's nothing rational about it, and it won't make anything better for anyone except some sociopathic warlords.

1
0

One IP address, multiple SSL sites? Beating the great IPv4 squeeze

Trevor_Pott
Gold badge

Re: Wrong.

@Orv: then you'd clearly be surprised at the number of network equipment vendors still shipping models today that don't support it. Let alone any of the midmarket, SMB or consumer level stuff, which are the folks that really need it. You know, because of renumbering. We're still a decade away from NPT getting to the folks as need it. And judging from the reactions of IPv6 purists here in this very thread, we might have to wait more than a decade before the purists decide they'll support NPT in the software they develop.

Awesome. And just think, had the IPv6 elites not been stubborn asshats for 15 years, we could have solved all of this ages ago and could be using it today in a manner that met everyone's needs. But people suck.

1
2
Trevor_Pott
Gold badge

Re: End to end is a myth

Quit being rational, sir. There's no place for that in an IPv6 discussion.

2
0
Trevor_Pott
Gold badge

Re: Wrong.

An RFC existing doesn't make anything supported or usable. Being incorporated into working products does. Having applications not coded to expect end-to-end and having them not die when there's a prefix change does.

In short: years and years of IPv6 "support" has to be completely undone and redesigned. NPT hadn't been done then, and is still incredibly rare today. Of course, we could always use the traditional IPv6 purist answer: everyone should throw away everything they have and buy the most expensive possible new everything and just hope it supports what you need. Just do that regularly and you'll clearly be fine.

Or, you know, not use IPv6 until everyone gets their shit together.

RFCs are only "usable" once broadly implemented. Still fucking waiting...

2
1
Trevor_Pott
Gold badge

Re: Thumbs up, but have to respectfully disagree with some things

End to end princess. Got it. You're on the list. Cheers.

0
0
Trevor_Pott
Gold badge

Re: TREVORRRRR!!!!!

Yes. Yes it is. I was defeated.

1
0
Trevor_Pott
Gold badge

Re: Wrong.

And it took 20 years to get the bastards to admit we needed Network Prefix Translation, and it will be 20 more before it's widely supported enough for use. NAPT in IPv4 scared the IPv6 purists enough for them to fight a generation-long war against the simple idea ease of use matters for someone other than developers, universities flush with grant money and large corporations.

4
1
Trevor_Pott
Gold badge

Re: SixxS

Well, I don't go hanging websites off of a SixxS tunnel. But it's really the best solution for the end-users who want to, for example, learn about IPv6 at home so that they aren't left behind as the rest of the world moves on. You know, because their ISPs are from the bloody dark ages.

3
0
Trevor_Pott
Gold badge

Re: NPTv6

Um, I said NPT was the same as 1:1 NAT. Not that NPT was the same as NAPT. Nor did I say "NAT = security", which you have clearly ascribed to me without my having said it anywhere.

Do try to keep up.

2
0
Trevor_Pott
Gold badge

Re: You dont need a reverse proxy to do this

What makes you think all of a person's websites can even run on the same version/configuration of Apache, PHP et al. Indeed, by using nginx I can inject a bunch of security into the stream for those sites that demand usage of ancient versions of things.

2
0
Trevor_Pott
Gold badge

Re: Thumbs up, but have to respectfully disagree with some things

But if I used Varnish, I'd never get the taste of DevOps hipster out of my mouth! Nginx has been tested for about the right number of years to trust it.

3
0
Trevor_Pott
Gold badge

Re: Simple answer

I know pfsense. I prefer Linux. The reason is simply Webmin. Webmin is a great GUI. We use it for other Linux endeavors. Also: I can load up the edge device with a bunch of filters, packet sniffing and the like and roll to taste.

Familiarity does have its positive attributes.

1
0
Trevor_Pott
Gold badge

NPT *is* 1:1 NAT, and IPv6 purists hate the ever-living crap out of it, with many refusing to code for it, add support for it, etc.

I even wrote about it in the article I linked to...

2
2
Trevor_Pott
Gold badge

Re: chmod 0755 or similar...

Crud? Crud? Why you young whipper snapper, I'll have you know...

...and get off my goddamned lawn!

5
1
Trevor_Pott
Gold badge

Re: Thumbs up, but have to respectfully disagree with some things

A) I'm sorry, NAT has a purpose. That purpose is renumbering. SO I'm not listening to anything else you have to say about IPv6. Your opinions are now invalid.

B) You don't have to have one certificate with all the domains on your server using my method. Only one certificate per server {} block. Each server {} block gets it's own cert and you can have multiple server {} blocks point to a single backend server, if you want.

So um...NEXT!

12
2

Controversial opinion alert: Privacy and the public cloud – not just possible, but easy

Trevor_Pott
Gold badge

Re: Embedded?

The existence of an exception does not invalidate the broadly general applicability of the rule.

4
1
Trevor_Pott
Gold badge

Re: Embedded?

Lots of other countries in the world. Many that give negative fucks about fines. For that matter, plenty of executives don't give fucks about fines. You're IT. Make it work. You don't get to dictate to executives, etc.

Sysadmins aren't the iron rulers of their little fiefdoms anymore. They're digital janitors. Best invest in industrial cleaning products.

5
2
Trevor_Pott
Gold badge

Re: Embedded?

I'll wait here whilst you explain that to the executives far above your pay grade. And by wait here, I mean laugh until my ass falls off.

9
5

Forums

Biting the hand that feeds IT © 1998–2017