* Posts by Trevor_Pott

6907 posts • joined 31 May 2010

Rise up against Oracle class stupidity and join the infosec strike

Trevor_Pott
Gold badge

Re: Real geeks roll their own home routers.

Well, I use OpenWRT. So that's upgradable. Not everyone is allowed to do this, however. My ISP, for example, usually freaks out if you don't use their shitty Actiontec modem/gateways. I was able to score an appropriate VDSL2 modem-only unit from ebay and put my own router behind it. But what if I had had an Actiontec? I can't really do much to it. I'd be entirely at the mercy of the ISP.

This is a really bad situation.

0
2
Trevor_Pott
Gold badge

Re: will it really help?

Actually, we are working on HTTPS for all our sites. (There are about 12, including trevorpott.com)

The issue we're facing is one of limited IP addresses. I know that HTTPS should work with multiple sites to a single IP on newer browsers, but I would really like to ensure that we have backwards compatibility support. So I'm in the process of evaluating load balancers and how it is they might (or might not) solve the problem.

In the meantime, we have (to my knowledge) removed from all our sites any member sign-ups on publicly published pages. We have informed our existing members that we're looking to alter our entire security stance on the sites, including eventually altering where the login pages are, switching to .hta access and more.

We've been mostly working on behind the scenes security in the past month. Database and operating system hardening. Automated updates for Wordpress. Security plugin testing and hardening for wordpress. Selective writelock cascades for any site which doesn't have to be writable for that particular timeframe...we've also gone over the code and the databases to make sure we weren't pwned at any point in the past.

Because we aren't in the process of building an active forum presence that requires readers to sign up or subscribe, bur primary focus from a security standpoint has been to ensure that we aren't hosting malicious stuff that could infect readers. HTTPS support is on the list in the near term, but as the sites are (at the moment) publicly facing read-only (rather than interactive) sites, we felt the other security issues had priority.

If you feel there is a really good reason to push HTTPS above the rest of our security efforts to get it done sooner, please, make your case! We're entirely open to it!

3
1
Trevor_Pott
Gold badge

Re: will it really help?

Hence why I think both legislation and grassroots nerdrage are required. Corporates are not going to give fucks without both things occurring.

5
1
Trevor_Pott
Gold badge

Re: will it really help?

Fortunately, I don't have to make that choice. The Register is, in fact, working on HTTPS support (or so I have been told). But you know what? Yeah. In the long run, if I couldn't convince them that it mattered - especially for a technology site! - I'd probably take my content elsewhere. I don't want to, but I really do think ethics matter.

Someone has to say "no, I won't take that job". I've started to do just this with some of my sysadmin clients. I think it's valid to think about it applying to writing, too.

There is room for discussion about taking things to extremes though. If your employer is making headway and clearly working on the problem, it's probably not going to help anything if you pull the rip cord. But if they just stubbornly don't care about their customers to the point that they ignore security why would you believe they give a bent damn about you?

But before we can hammer out these sorts of fine details we need to start having the discussion about infosec professional ethics in the first place. Glad to see some readers are willing to join in.

4
2
Trevor_Pott
Gold badge

Re: Rise up Techie Introverts and be ...

Yep. That's a big problem right there. I don't really have a solution to that. Maybe it requires an extrovert to start taking a stand so the rest will follow. Maybe it requires massive encouragement across the industry. Maybe social media can help. But we need to get everyone - even the introverts - to stop allowing badness to ensue through apathy. If anyone comes up with magical solutions to motivate, I'd love to hear them! :)

3
2
Trevor_Pott
Gold badge

Re: First, I stand for TLS, not SSL.

Hah! Fair point. I think of TLS as "SSL" even though I know the difference. Same purpose, same libraries, same modules...guess I'm just getting old; conflating things that are "close" because of implementation rather than provenance.

4
1

BlackBerry can't catch a break: Now it's fending off Jeep hacking claims

Trevor_Pott
Gold badge

A) OCZ chose to use Sandforce

B) OCZ handled the whole even completely fucking atrociously and they deserved to have been run out of business for that. It is a crime against consumers that they were purchased.

OCZ purchased something from a supplier, put it together and sold it to customers. It was defective. They denied this up and down and then they were awful to customers. Even after it was undeniable, they continued to be terrible. Sorry mate, there is absolutely nothing defensible about OCZ. One of the worst, most awful storage companies in all of tech history, full stop.

2
0
Trevor_Pott
Gold badge

OCZ didn't take a huge hit for selling bad flash. They took a huge hit for denying the issue repeatedly and loudly and treating victims of the flaw like shit. OCZ were (and who knows, maybe still are) run by utter twatdangles and how they handled the whole affair will end up in multiple text books about how not to do things in the modern world. Or any world.

Ever.

4
0

Texas senator Ted Cruz serves up sizzling 'machine gun bacon'

Trevor_Pott
Gold badge

Re: The republican clown car.

The same Carly who demanded that Apple, Google et al simply give up all user data without a fight?

So many flavours of fuck you if you support her. Fuck you in flavours.

11
0

Nutanix digs itself into a hole ... and refuses to drop the shovel

Trevor_Pott
Gold badge

I have considered it. I have given their testing methodologies a cursory overview based on what they make available publicly and found that the results I can achieve with those methods more or less line up with what they publish.

The whole incident has piqued my interest for deeper research, however, and I am hoping to pursue this behind the scenes with them over the coming weeks. I have a call scheduled with them at the end of the week, hopefully I'll learn more.

Overall, however, their results have tended to be among the most "realistic" I've seen. They most closely match the "real world tests" that I do; tests that tend to be around 1/3rd the headline achievable IOPS or throughput, usually because real world tests aren't 100% one (IOPS) or the other (throughput).

This confusion is also why many of us in the testing community really do want an open, affordable, standardized set of tests that the industry as a whole can agree upon.

2
1
Trevor_Pott
Gold badge

Re: A few points...

Again, you are mistaken that this as is all about you. This isn't your lawn and your aren't a part of The Register, you write guest contributed, unpaid content and you comment on the message boards.

I'm not a part of The Register? I have 418 articles published here. I've been writing here for over 5 years. At what point are you "part of" a publication, hmm?

Also: my articles are unpaid? That's news to me. And my bookkeeper. And my 4 employees. Because it seems to me we invoice The Register for rather a lot of money. Which is nice. As it does things like pay our mortgages.

It's a hot topic and you want to wave your flag, we get it.

It's a boring topic that the overwhelming majority of Register readers don't give a flying fuck about. Some do, but there's only about 800K - 1M that seem to care enough to poke their noses in on this, and fewer still who care to comment.

And again, you're wrong, I really don't want to "wave my flag" here. People like you whoa re assholes on the internet, make it a very unpleasant topic to write about. I've gotten death threats because I have written something that someone doesn't like; most of the negative feedback begin from the zealots that inhabit the storage industry.

I don't even like storage. I got sucked into being a storage blogger/analyst/whatever-the-fuck-I-am entirely against my will. And once sucked in, I learned fast. Now people see me as "knowledgeable" on the topic and seek me out at an ever increasing rate for advice.

But I hate storage. I really, really do. It's boring and the people are mean.

There are much better things to write about. Things that actually interest me. DevOps. SDN/NFV. Compute hardware. Above all else: security. These are my actual passions. They also "get the clicks" as it were.

Sadly, storage needs a shit disturber or twenty. Your own douchetastic response is exactly why. Zealotry and misinformed ad homenim too often take the place of reasoned discourse, as your perpetual firehose of haterade so ably demonstrates.

But it's not even necessary, you have a voice here and you post regularly on The Register. I'm not trying to shut you up, I'm simply suggesting you chill out and let others chime in without sucking all of the oxygen out of the room by responding to every single comment.

But you are trying to shut me up. That is exactly what you are doing. You feel somehow that you, personally, have a right to dictate when and where I should be allowed to speak. What gives you the right to determine the context of my speech? And why shouldn't I be allowed to participate in discussions both from an official platform (as a writer for The Register) and from an unofficial platform (as a commenter on The Register)?

The various mediums available to me - numerous places where I publish my articles, Twitter, my own personal blog, various comments sections, forums and message boards - all offer me the chance to approach topics in various ways. Some allow me to advance my personal opinion in a more unbridled fashion than others. Some have a mass audience while some a more select one.

There is an entire internet available for you to vent your hate and spew forth opprobrium. Yet here you are, on my digital lawn, trying to tell me what to do.

Given the context there is only one appropriate response: go fuck yourself, asshole.

And maybe, just maybe, you should actually add something useful to the conversation. If anything is sucking the oxygen out of the room it is your worthless personal attacks and pitiful demands for censorship.

The route to people valuing your opinions is to contribute something meaningful, not restricting who can talk until yours is the loudest voice left. If your ego needs satiating, satisfy it somewhere else.

2
1
Trevor_Pott
Gold badge

Re: The shady truth of the storage industry

I also just want to back up what Satinder is saying. Tintri have been absolutely amazing about testing their units. They've given me a completely free hand. (I hope to have the review out this Monday, as a matter of fact.)

I have found some flaws with Tintri's implementation. But I've found a crazy amount of good. Tintri has not shackled me with restrictions on testing or on publishing. They've let me toss a unit into production, run every synthetic I can on it, and abuse it in every way. They've made an SE available to me for any questions and shown me how they prefer to benchmark things, but not insisted this be the only path.

I've learned a lot about storage from them. Just as I have from every really good storage company I've worked with. They have fantastic engineers who have taken the time to get really in depth on things I don't understand, or flat out get wrong.

(Side note: I will disagree with Satinder on the utility of SQLIO. Even full of 0s, it's great for testing the network portion of shared storage, and it is also possible to replace the all-0s file with a randomly-generated one so that you are hammering with more than just 0s. I find it a useful tool, if used correctly. That said, Tintri's "Tingle" load generator is actually pretty cool, and a useful item that the whole industry should be using.)

Another thing that Satinder said is important here: education. Of customers and of reviewers. You can't review storage properly if you honestly think you have nothing new to learn. Each storage offering is different. Not only that, but tools to generate and test load are constantly evolving.

Many vendors - like Tintri - do an excellent job of educating, so it behooves anyone (customer or reviewer) who is doing testing to really listen through the various presentations.

The truth is that there is a lot of good storage out there. Hyperconverged, scale out, object and legacy alike. There are a lot of great companies peddling that storage. More to the point, the market for storage is huge, and continually growing.

We shouldn't need to have the petty rivalries that have developed, or be getting bogged down in who is allowed to review what by which means. We should be educating people as to which test are best to simulate (or test) what components of storage. We should be verifying our synthetics with real world workloads. And we should all be absolutely open and honest about the results because it is how we all - vendor, reviewer and customer alike - learn, adapt, and ensure the next round of products are better than the last.

1
1
Trevor_Pott
Gold badge

Re: The shady truth of the storage industry

@Virtualgeek: great response. Truly. I have nothing negative to say to that, it's absolutely spot on. It's why I insist on running real world test with workloads I know inside and out (from having run them for 11+ years in production) alongside the benchmarks. There's a lot more to testing storage than synthetics. (See; iSCSI microburst issues with switches; something we don't have standardized tests for yet!)

1
1
Trevor_Pott
Gold badge

Re: E-mail reply from Chuck Hollis of VMware

1) "Profane" language can be used for either emphasis or to provoke a response. It works well in both cases.

2) "Profane"? What era are you from? What was it like watching them invent the steam engine?

3) Yes, I like arguing. Especially with people who like to jump right in on personal attacks.

4) There are rather a lot of people on these forums who post on behalf of their employers. There are also a bunch who are irrational brand tribalists. I see no reason to treat either category as anything other than hostile.

By all means, post things I disagree with. In case you didn't notice, I not only admit that I can be wrong, I tend to point out where and when I feel it is possible that I am wrong, and I will even post information from external sources when I feel that information has come to light which brings my own dialogue into question. (See: posting Chuck's e-mail as an example).

Just because I don't think you are right about your inane blitherings - or that I troll you because you're a douche - doesn't mean I am somehow unaware of my own fallibility or am unwilling to admit it. It really just means I think you haven't clue one what you, personally, are prattling on about.

Also: fuck, shit, ass, and cockmongling cuntpotato! Just because you like the profane.

*Smoochie boochies*

2
2
Trevor_Pott
Gold badge

@Alan Brown

There is a difference between "difficult to work with" from a technology side and "difficult to work with" from a people side. Lots of companies have decent-to-good tech but miserable people. Plenty of companies have middling-to-miserable tech but great people.

Great tech can make up for miserable people and great people can make up for miserable tech. The exact mixture that works for one company may not work for another because requirements for uptime, support responsiveness an other such things can vary dramatically.

The biggest warning sign I can give is to take a good look at the executive layer. Especially of small companies. If the executives - most critically the CEO and CTO - are "high touch" individuals, you're in trouble. The worst thing in tech is an engineer CEO who won't let the various division heads (sales/marketing/QA/channel/etc) do their jobs unhindered.

High-touch CEOs are a screaming alarm bell warning about oncoming icebergs.

Tech is a tricky business, and I find more companies getting the "people" part of it wrong than those that get it right. Oddly enough, getting the "technology" part right seems easy. There are lots of companies with great technology. It is in managing staff, customer and community expectations - and coping with extremes of emotion from all sides - that tech companies fall down.

Unfortunately, too many in tech think that "the human factor" is irrelevant. Until, of course, it isn't. At which point it's probably too late.

0
1
Trevor_Pott
Gold badge

I'm sorry that I don't have a "valid, scientific definition", but I do have this. It's the closest I've come to trying to explain the marketing terms and the history surrounding them. I hope it helps.

1
1
Trevor_Pott
Gold badge

Bingo

Nail on the head. And this is why I feel that more than just synthetics are required for a full testing suite to be accurate for this space. Maybe you should be out there doing testing, eh?

1
1
Trevor_Pott
Gold badge

Re: A few points...

Including this comment, there are 30 comments on this board. ****11 are from Trevor**** WTF?

It's really not that hard to understand: The Register is my digital lawn. I've been a commenttard - and quite frankly, troll - about these parts for roughly a decade. That gold badge my posts sport? Only 10 of us have them.

In addition, I write for The Register, so I have even more reason to hang out on the forums. Add in the fact that storage and virtualization have been my areas of research and specialty for the past 3-ish years and, actually, it would be pretty odd if I weren't all over this like white on rice.

Now, normally, I'd make a few pithy comments and leave. Some people made replies worth replying to, so that ups my count a bit.

Now you, you seem to get angry if I post. I"d say I'm sorry you don't like me, but the truth of it is you're really quite being a dick, so I'm actually quite happy that I upset you. It's not like someone is forcing you to read the forums. Or The Register. Or to sit in front of the computer at all.

It's not like you are forced to acknowledge my existence or tolerate my opinions. You have infinite choices regarding how you might ignore me. You can shape and craft your own world so that no dissenting opinions enter your consciousness.

Hell, there are seven billion people on this planet: you can choose to shape your whole life such that you never encounter any opinion that you don't like. You choose to put yourself in situations where you are exposed to ideas and individuals who upset you.

And so, I'm going to keep posting. You don't intimidate me. You don't shame me. You don't make me feel guilty. But it's absolutely crystal clear that I have struck a nerve. And that means I should keep digging, because the more ardently someone wants me to not talk about something the more important is usually is that I do.

Cheers, and thanks for helping me set my research priorities for the next several months.

I'll be sure to be quite loud about broadcasting my results.

6
1
Trevor_Pott
Gold badge

Re: A few points...

If you deride someone by name then go on to attempt to deride others without listing their names it helps for clarity to either be explicit that you aren't continuing your derision of the first person or to clarify whom you are now deriding.

It's also generally considered good form to use your real name when you deride someone, otherwise you really do just come across as nothing more than a petty Anonymous Coward.

Also: this "message board"? It's my back yard. I'll do what I like on my own lawn mate. Go get your own.

1
2
Trevor_Pott
Gold badge

Re: Testing shmesting ..

Perhaps Trevor could do an article on the benchmarks in question, and how well what they tested reflected the sorts of things which customers actually cared about.

Well, I was going to. But both VMware and Nutanix have potentially disruptive offerings coming out in the near term. I think I'll wait until those land, then throw a month or two at it.

2
2
Trevor_Pott
Gold badge

Re: One for the weekend -

Ceph. Oh god. So many brokens. So much slow. So much potential. So terrible right now.

3
1
Trevor_Pott
Gold badge

Re: A few points...

1) Trevor, great feedback but this isn't about you. You have the benefit of writing a post on The Register any time you want so I don't understand why you would empty your laundry on a message board. Grow up.

Why would this be about me? Where did I say it was about me? In pretty much every single post in this thread I have stated explicitly that I am a nobody and that I both understand if vendors don't want me to test things and am entirely okay with that, so long as there are other, more important, and - most critically - credible independent testers who are allowed to do the testing.

I don't see how relating my experiences makes this "about me". It is simply providing more data.

If you average all the readers I have across all the places I write I have an audience of about 15 million. That may not be a lot, but it's enough that I could have been much louder and more dickish about this issue. Still, I felt that the discussion needed - and does need - to be had.

I know from experience that if I reply to a major article in The Register those comments will be read by relevant people at those companies. Social media teams are actually quite good these days. So I chose this method because of the limited scope of impact it would have while still getting my point across to the relevant people. It seems like an acceptable compromise.

2) About the test: VMmark (the test Storage Review uses) is a VERY GOOD measure of real world environments and is as close as you are going to get in a test environment. Those who say you cannot effectively test for real world results are spewing vendor FUD. You clearly haven't used VMmark.

Where did I say VMmark wasn't good? It's not the be-all and end-all of tests, but it sure is a great synthetic! I heartily approve of its use as one part of a larger suite of tools.

3) Nutanix response to the testing is abhorrent and they deserve all the backlash they get. It speaks about the company, their technology, their culture and yes, their employees. There is never a shortage of Nutanix employees talking badly about the competition and, like roaches, they disappear when the light is cast on them.

VMware is not remotely immune to talking smack about competitors...even when they aren't willing or able to fully back it up. The whole industry is a clusterfuck of egotism and douchebaggery.

Hence the need for independent testing.

P.S. If you're going to cast aspersions on someone have the genitals to use your real name.

5
2
Trevor_Pott
Gold badge

Re: E-mail reply from Chuck Hollis of VMware

Might it be so that because, in your own words, you are a nobody, that both Nutanix and VMware don't really want to spend valuable marketing $$'s on you performing tests that no sizeable crowd is ever going to read?

Absolutely. I 100% accept this as plausible, and I don't honestly take issue with either or both companies deciding that I am irrlevant.

I absolutely do take issue with them not working with the more important members of the independant testing community, and I haven't talked at all here about what they tell me about interacting with either company.

This is just my polite way of saying that you maybe should tone it down a little?

And as such I'm not basing my purchases on FUD from any website, or person but just test the stuff myself before any PO leaves my desk.

Where did I ask you to base anything you're doing on what I wrote here? I asked that you - and everyone else - test for yourselves. I asked that you ask hard questions. I am listing here my issues, just as others are starting to do, in the hopes that when it comes time for you to make purchasing decisions you take the time to remember these events and you to a more rigorous POC than maybe you otherwise would have done.

This isn't about my ego. Nobody with self-esteem as low as I have can really have much of an ego. This is honestly about just wanting to do well by others. I'm sorry you feel offended by that.

If I'd wanted to make a gigantic mess out of this I could have posted an article on The Register and put this in front of 9 million readers. As it is, less than 1% of The Register's readership uses the comments section.

By choosing to talk about this in the comments section of an article I know that the major players at both companies - as well as most of the independent testing community - will read, I am restricting the impact of my being shouty whilst still making my point to the right people.

2
2
Trevor_Pott
Gold badge

We'll have to disagree here. I don't believe VMware are going to be in the pole position, because I don't believe VMware have an awareness of the market required to make the cultural changes that will allow them to take that position. Nutanix, for all their flaws, are the dominant play by a country frigging mile. And they are not lax. You seem to have a real hate on for them, but there's nothing at all to indicate they will crumple up and die, as you seem to hope.

1
3
Trevor_Pott
Gold badge

E-mail reply from Chuck Hollis of VMware

Chuck Hollis of VMware has read this comment thread and sent me an e-mail. His opinion and views on the matter - and on my comments above - are valid and deserve to be included in this dicussion. I am reproducting the e-mail chain here.

Chuck Hollis to Trevor Pott

Hi Trevor

It was interesting to read your recent comments on The Register regarding the latest Nutanix snafu.

But I think you've completely mis-understood (and mis-represented) our stance on performance testing. We encourage it, not discourage it.

We've published oodles of our own data. We've published data from customers. We've encouraged StorageReview.com to publish. Etc. etc. etc. The more the merrier.

All we ask is a chance to review the configs and methodologies prior to publication -- which has been VMware's policy for many, many years. Lots of people are new to this testing thing.

We plan to release an easy-to-use testing tool (based on VDbench) to help make it easier for folks to test hyperconverged clusters with a variety of IO profiles. You, of course, are free to use it -- as will anyone else.

Or use your own tools. Have at it -- really!

However, we don't have much of a budget to send people free hardware. We're tapped out for the year, unfortunately, so you'd have to round up your own four-node config that conformed to the VMware VSAN HCL and design guidelines. Dell may be willing to play, or perhaps HP or similar.

Nor do we generally pay for reviews, as that's a slippery slope.

I hope you understand our position here, and can perhaps soften some of your comments to more accurately reflect reality?

Thanks!

-- Chuck

Trevor Pott to Chuck Hollis (reply)

While your take on this does not reflect my experiences with VMware in this regard. We appear to have dramatically different understandings of the meaning of "chance to review the configs and methodologies prior to publication". I view independent reviewing – especially of software solutions like VSAN – to be fair game if you test multiple options on the same hardware. Doubly so if the individual components are on the HCL.

VMware seems to disagree, and has insisted that individual components being supported isn't good enough: the whole of the thing must meet the desired qualities. Slower CPUs, for example, are apparently not okay.

That said, I don't have to agree with your take on this for it to be valid. I have my view and I have expressed it. It is entirely possible that my views or understanding is wrong, and I'm willing to admit that possibility.

I will publish your e-mail in the comments as it is entirely valid that you get the change to rebut what I have said, along with this response. The readers will decide.

For the record: I never wanted – and don't really want – extra hardware to do testing. I will absolutely test whatever hardware comes my way, but for the love of $deity I have 10x as much server widgetry as I could ever conceivably use. I've also not asked to be paid for reviews by you or by Nutanix. I've offered several times to do independent testing for free in order to help put this debate to rest.

What I want – all I've ever wanted – is the chance to test hardware, software and services that I think my readers or my clients (or preferably both) will care about. I want to dig to find the truth of the gear that real systems administrators use, because it is those sysadmins that I feel a kinsip with, and it is those sysadmins that I feel I serve.

Parting thoughts

It is worth discussing the issues surrounding vendor control over reviews via an exercise of their legal rights. I believe it is perfectly valid for VMware to want to review the configuration and methodology of a review of their software. I don't believe, however, that they should have the opportunity to deny things just because they won't show that software in the best possible light.

It is absolutely valid to test non-optimal configurations and report the results of that testing. In the real world, lots of people live outside pre-canned, certified solutions. HCLs exist for a reason: they are a recognition of this fact and a publicly visible list of not just entire servers that are certified, but individual components, for those who are colouring outside the lines a little.

I view VMware's VSAN team as spectacularly hard to work with in a way that the rest of VMware isn't, specifically because of the level of control they insist on having over reviews. VMware's VSAN team don't seem to view their efforts as an attempt at control, but as an attempt at quality assurance and review integrity.

If I am being honest, then I cannot say that I have the answer to which view is right. My views are deeply rooted in my own past as an SMB sysadmin, which is tied to a need to know how things work when you can't afford to pay top dollar (and high margins) for everything. I feel that is a world that needs to be quantified, and I spend most my year trying to answer those questions for other sysadmins.

VMware's views are influenced by their own needs, but I must admit their take is objectively no less valid. I think readers should read all of this. Not just this thread, but many of the other threads that are associated on various blogs across the virtualization blogosphere.

I am one voice with one set of experiences. There are other voices with other points of view. Decide for yourselves. Test for yourselves.

I look forward to using both VMware and Nutanix's testing tools in my future HCI testing just as soon as they become generally available.

9
2
Trevor_Pott
Gold badge

Re: Howard Marks?

Storage Howard Marks has a mightier beard than Weed Howard Marks.

Also a wizard hat. The wizard hat is important.

3
3
Trevor_Pott
Gold badge

In theory I agree, but there's two problems.

1) Where do you get the money for a "sizable budget"?

2) When reviewing technology products you are bound by the EULAs of those products - especially in the United States - which often state that you are not allowed to review that product without permission.

You don't own VMware's ESXi just because you bought a license. And they can come after you with a fist full of lawyers if they don't like what you write.

We all have to make compromises in order to review things. The compromise I choose to make is that I will sit on endless briefings and play politics and try to work with vendors to find testing regimens that both meet their requirements and that I, in my professional capacity, feel adequately represent the product.

I don't let vendors push me around on my reviews and water them down. If I find bad things, I report that.

Unfortunately, it also means that sometimes vendors exercise their right not to engage with me or to prevent me from publishing. So there are hardware and software items which I have reviewed which never got published. I don't like it, but that is a better choice than compromising my ethics and publishing cherry-picked reviews.

Now, I don't have the clout or pull of Storage Review, or Howard Marks or any of the other big names. I still have to fight and claw and politic. But there are people out there who absolutely do try their damnedest to be independent. Hans De Leneer's take on this is really worth reading, as he discusses this concept at further length.

The short version is: no, nobody is truly independent because our laws prevent such independence. Beyond that, the part where there are no independently wealthy people willing to spend a few million a year buying and testing equipment is a damper on absolute independence as well.

Within the constraints of those two issues, however, I (perhaps egotistically) like to think many of the reviewers available in the storage and virtualization space do a damned fine job of maintaining their objectivity.

I say the above not only as a reviewer and a writer, but as an editor for my own technology outfit who has had to go to the mattresses for one of my writers. That writer bought a device with his own cash, wrote a review that absolute panned the device, and the company freaked out. Fortunately, there was no EULA item that allowed a legal avenue of attack at the time. But there are few things that will make you sweat quite so much as having to play that game of chicken, I promise you.

3
3
Trevor_Pott
Gold badge

I'd be a bit obsessed with any company that was this much of a pain in the ass on a daily basis.

Except that's crazy. I can't think or be like that. I'd go mad in very short order.

There are a bunch of storage and virtualization companies that are decent to work with, but make no mistake most tech companies are horrible to work with. Working with tech companies is my job. No matter how dickish they are, it is my duty to my readers to suck it up and work with every vendor, regardless of my personal feelings.

No one is 100% objective, but it is my job to try as hard as I possibly can to be so. That means I can't allow myself to become "obsessed" with any company.

Though, following on from the previous thread and discussion, Nutanix is a big deal and you need to learn to deal with that. They are a huge company that is actually selling rather a lot of gear to a number of different clients. They will be around for a long time. And unlike many others they are more than their initial base product (hyperconvergence) and are putting a lot into R&D.

I know you want to dismiss them - and HCI in general - as irrelevant. Too bad. They're not. Nutanix may be a pain in the ass, but they're here to stay. Saying this isn't "obsession", it's objective assessment of the facts.

2
2
Trevor_Pott
Gold badge

Where is storage review - or any of us - going to get the money to buy a Nutanix node on the open market? Also, you do realize that VMware will sue you into oblivion if you publish test results that they don't approve of.

I tried to work with VMware. My lab is here. I built much of it in order to test Maxta and other HCI vendors. I tried to get permission from VMware to test VSAN. They didn't want me to test on VSAN unless I replicated their internal configurations exactly, including CPUs much faster than i could possibly afford.

I told VMware that I couldn't do that. Money was a very real issue. I was subsequently given a not-at-all-subtle warning against YOLOing testing on VSAN.

Now how am I, or Storage Review, or any of the other analysts supposed to afford to buy a Nutanix cluster? Or EVO:RAIL? Or SimpliVity? If the vendor doesn't play ball and send a unit in for testing we just can't do it. (Unless they are software-only. Most of us have or are building HCI-compatible labs that can do software-only solutions for multiple vendors.)

Nutanix and VMware are the HCI companies that are hard to work with regarding reviews and testing. The rest have proven to be amazing. (Though to be fair, Nutanix has a great relationship with Storage Review that they don't seem to have with many others, so go Storage Review!)

Make of that what you will.

2
1
Trevor_Pott
Gold badge

We’re committed to working with independent third-party evaluation labs like Storage Review to compare our solution against any hyperconverged product using comparable hardware and a comprehensive and representative testing methodology.

The current generation of methodologies does not adequately represent how hyperconverged solutions perform in real-world customer environments. We feel strongly that utilising outdated test tools and methodologies would not provide customers interested in hyperconverged solutions with relevant and indicative data.

As indicated by Lukas, we’re building an open, comprehensive test suite for this category that we feel will help customers better understand the performance of hyperconverged solutions. We’ll demonstrate it at the Nutanix booth at VMworld and will release it in September so anyone in the industry can use it.

In the meantime, we’ll continue talking to Storage Review and any other third parties about working together on a review that will benefit both the industry and customers evaluating hyperconverged solutions.

Bullshit. Bull fucking shit. Bullshit of the highest order. Liar, liar pants on goddamned fire.

Maybe you are building a test suite, but it sure isn't "open". Open would mean that you included the community in the development process and worked with other vendors in the space. I can absolutely believe you're cranking out a test suite that will make Nutanix look amazing, but is it going to test your weaknesses as well as your competitor's strengths?

Look, Nutanix, you've been a pain in the ass to even try to engage with to get reviews done, though that isn't to say I don't appreciate being allowed to use a cluster in your remote POC lab for a week to test some of my own workloads. It was a start, but given the vitriol of the debate with VMware, it isn't enough.

I realize I'm small potatoes, but I've been entirely willing to work with you to come up with a viable methodology that both you and VMware would agree to. I can get the rest of the industry to agree to play and you know it. I've even offered multiple times to do the testing (or rally the troops) for free. Ther are others who can do so as well.

Now, as stated above, I'm a completely irrelevant small fry here. There are bigger names with bigger followings who command more money than I. People like, oh, Storage Review. Or you could pick Howard Marks. Or The Other Scott Lowe. Or any of a dozen trusted, highly competent and capable analysts or vExperts who have reputations for independence.

You haven't done this.

Now, you're not alone in this. VMware are a bunch of knobbly ponces refusing to play ball here too, but the rest of the field is absolutely not giving independent testers the run around. SimpliVity, Maxta, Scale...frigging NodeWeaver for $deity's sake. You are being out-legitimized by an SMB HCI vendor who is just passing their 100th customer!

I don't care if you don't think I'm independant enough, or that guy is, or that other guy over there. Pick one. More than one, preferably. Let the community know about it. We'll all jump down Chuck Hollis' throat and make the bugger send his stuff to the same party. I'll work on the other vendors personally and we'll finally get both a standardized set of tests for HCI agreed upon by all vendors and a baseline we can all work from.

It was cute for a while that getting independent reviews was "tricky". New market. We get it. But you're a behemoth now, and HCI has moved from "product" to "feature". It's not new. It's not sexy. And it's time to quantify, compare and educate.

Nutanix, you and VMware are holding back the entire hyperconvergence space with your constant back and forth shitfighting and the bipartisan refusal to simply get this crap solved in an objective manner. There are bigger issues with HCI than performance. We need to address those and that takes a focus on education, not bickering.

Remove head from sphincter. Both of you. And let's please get on with the business of making storage, compute and networking better for everyone.

16
3

We can give servers more memory, claims Diablo. Well, sort of

Trevor_Pott
Gold badge

Holy hell

There are still Netlist shills.

Will you people let it go? You lost. Do you really need to drag your sorry, wrecked egos through the mud again, chasing after Diablo jumping up and down trying to lash out? FFS, just let Netlist crawl into a corner and die with whatever pathetic shreds of dignity it has left.

You hardcore Netlist believers are about as crazy as the two people who believe SCO's bullshit and try to convince the world of it. Find a new religion. Yeesh.

0
1

Fancy 10 Gbps home broadband? Broadcom's built the guts of it

Trevor_Pott
Gold badge

I'll eat a $30K install cost if they keep the bandwidth costs down to something sane. Unfortunately, they want thousands of dollars per month 10Mbit continuous use. Fucking madness.

1
1
Trevor_Pott
Gold badge

Re: WHY WHY WHY

WHY WHY WHY can't I buy a 10Mbit upload for less than $500 a month, or $5,000 a month is I want to actually use the bandwidth?

0
1
Trevor_Pott
Gold badge

Re: 10Gbs fibre to 4*1Gbs ethernet

The questions is more how to make a service like this pay.

Simple. You charge $250 a month for "access to" the 10Gbit fibre, with a "generous" "free" bandwidth allocation of 100GiB. Then you charge them $50/TB over the limit. If they complain, you have them rounded up as terrorists and thrown in jail.

Yes, I live in a country where protesting is illegal and can be classified as terrorism at the prime minister's whim.

0
1

Sane people, I BEG you: Stop the software defined moronocalypse

Trevor_Pott
Gold badge

Re: A better analogy

In Canada you get your license taken away for a minimum of 6 years, get a large fine and go to jail. Increasingly there are zero tolerance rules, especially if you have a GDL instead of a full license.

0
0
Trevor_Pott
Gold badge

So you want us to just turn off the internet and pretty much our entire manufacturing and power generating capacity, not to mention all of our tanks, jets, warships, satellites and our entire bloody society?

That'll go over well...

5
2

I, for one, welcome the rise of the Infrastructure Endgame Machines

Trevor_Pott
Gold badge

Re: Terminator

And? So? Why do you think that gets you a job?

Companies have hundreds of operations nerds today. Why does "customizing an IEM" or even "periodically updating the automation for legacy and paleo software" require hundreds of systems administrators going forward?

Once the infrastructure can largely take care of itself, the old software is automated, and developers are making the new software with automation built-in and control of the infrastructure that software runs on through APIs....why do they need more than 4 people to do what had ben done by hundreds?

Someone has to do maintenance and update runbooks. I absolutely, 100% agree. So that's 3 shifts of 8 hours a day and one extra body to cover in while you rotate the other three out for vacations and training.

That is what is under discussion here. The technologies that will allow going from 100 operations sysadmins to 4. It's the technology that is going to mean that instead of SMBs relying exclusively on VARs and MSPs handling IT as consultants until they get to about 50 seats you'll see SMBs be able to avoid hiring sysadmins until they are 250 or even 500 seats. The VARs and MSPs will eb able to handle many - many - more seats worth of servers across their customer base with far fewer administrators.

There will still be a need to have end user helpdesk support. That's seperate from IT operations. There will still be a need for developers - the number of devs will explode. There will be a massively growing need for security and compliance professionals.

But the days of getting paid to watch blinkenlights or create users in some wretched piece of paleo softtware are coming to a rapid end.

unless you are absolutely the best of the best of the best and you can do architecture work you're going to be shit out of luck as a systems administrator. And with so many sysadmins hitting hte market as redundant, the downwards wage pressure is going to be extreme. Those 4 guys kept around from a department of 100 are going to be paid peanuts.

If you think I'm wrong, then by all means, plow ahead.

1
3
Trevor_Pott
Gold badge

Re: Thanks for the info and intel for phishers and phormers of novel agents

IBM has evolved SoftLayer into their first IEM” …… rather than “IBM has evolved SoftLayer into the first IEM”, for the latter is surely one of those known unknown things

You are right, your version is clearly more precise to mine. Pint to you.

Such prognostications about the future of economies and financials is what the likes of Mark Carney and governments do all the time to fool themselves

Don't disagree. I believe that's covered in the preamble where I say, essentially, "so I realize that by making predictions in public I am setting myself up for future humiliation if (and maybe when) this all proves to be utter bollocks". I know I'm sticking my neck out.

That said, I think every now and again we need people to take that risk and talk about where things are going. This allows us to all have a think about things and then have discussions. Is the scenario presented possible? Is it likely? What are the implications? Do we like the scenario presented?

If we feel the prognosticator is right, how can we adapt to best take advantage of the changes discussed? If we like the changes discussed, how can we encourage the future to unfold in this manner? If we don't like those changes, how can we try to alter the outcome?

I have a visibility of IT as a whole that few people have. By and large, it's my job to get that visibility and I pay for it in endless briefings and presentations.

I am good at seeing patterns. Tracking thousands upon thousands of variables and assembling the jigsaw puzzle of possibility. This is what I see coalescing out of the spinning fragments of effort from dozens of organizations and thousands of engineers, all working separately but (unknowingly) towards similar goals.

There are a lot of unknowns - known or otherwise - but IT is actually a fairly predictable industry. It's run by nerds who rather like logic, after all. ;)

0
1
Trevor_Pott
Gold badge

This for one.

Here is another worth reading.

What I discussed in the article itself - and in associated articles - is more than "just a hyperconverged solution", which you seem focused on believing I'm talking about. It's more than just VMs. It's the ability to consume applications through an application store/virtual appliance library/etc.

Legacy applications may need care and feeding, but that whole style of application design is going away, and fast. Cloud native application development models are the norm amongst younger developers and there are rapidly becoming more of them than there are of us.

Developers are largely able to maintain infrastructure on their own. They are being trained to code in monitoring, make failure-tolerant applications, and interact with all infrastructure subsystems from disaster recovery and backup to storage.

Right now, today, and for the next five years or so, there is a lot of money to be made automating legacy software. But once that's automated, it's mostly done with. Entire teams of sysadmins and specialists can be wiped out and replaced with a single maintenance drone as the new applications are developed against infrastructure that is addressable by API.

Developers will blossom in the datacenter of the 2020s. Operations is already dead, it just hasn't accepted it yet.

Security will blossom in the datacenter of the 2020s, and if operations don't convert from their existing specialties to security, they'll be out of a job.

In large enough or niche companies there may be room for teams of operations admins. But in most companies - including most enterprises - the operations team circa 2025 will be a fraction the size ti is today. The developers will explode in size. The security teams will explode in size. The operations teams will consist of the proverbial "man and a dog".

And yes, the first IEMs will start rolling out by 2020. By 2025 enterprises will have finished reorganising their IT teams such that operations functionally no longer exists. By 2030 IEMs will be cheap enough for the SMB, and so much new software will exist that SMBs can run this stuff on their own, without nerds.

What I think you don't grok is that how applications are build has changed. It used to be that automation, high availability, backups, disaster recovery and so forth were all done by operations teams. This is increasingly not the case. New applications have this stuff built in, and this is the model of design being taught to new developers.

Tomorrow's applications won't need the sort of care and feeding that today's do. They will just need (relatively) stable APIs. We'll spend the next five years automating our legacy software, 5 years after that realizing that operations is not doing anything for the money we pay them and then it's "man and a dog" time.

Meanwhile, one at a time, those legacy applications will be replaced.

Operations is already dead. But feel free to bet your career on its continued viability if you so choose.

1
5
Trevor_Pott
Gold badge

Re: Who or what could ever be trusted that much?

Nail on the head.

I can tell you how the pieces are aligning. I can't tell you yet who will win, or whether open standards (read: OpenStack, most likely) will win. I suspect that if two proprietary IEMs appear that are mostly interoperable (where "interoperable" can be achieved with some minor conversion of automation/orchestration runbooks between the IEMs) then enterprises won't care. They only ever needed EMC and Netapp to play off one another, (or Oracle, DB2 and SQL)...why would they need more than two, possibly three IEMs?

Interesting few years ahead...

1
1
Trevor_Pott
Gold badge

Except that an SDI block I describe is more than just hyperconvergence, mate. Maybe you should read the article and the links.

There's more to what's under discussion than just a new way to do virtualization.

0
4
Trevor_Pott
Gold badge

Sorry, but I must disagree. The old specialties will go away as they are simply no longer needed. Technology is adding ease of use as a core competency, even at the infrastructure level. That is removing the need to have all these niche infrastructure specialties running about. You really just need capable developers. They can make competently designed infrastructure go.

The only other specialty most organizations will need is SecOps. Though I suspect most won't believe they need SecOps until breaches inevitably happen to them.

2
3
Trevor_Pott
Gold badge

Some of that is explained here. But most of it boils down to this: no matter how much packaged software exists there will always be the need for custom software that meets the very specific needs of a given company. Even if that "custom software" is little more than parsers or translation layers that take one set of data from one application and feed it into the next.

I'd go so far as to say that not only will demand for developers increase over the coming decade, but that they will become essential to larger small businesses and an unquestioned presence in all midmarket companies. Much like systems administrators had been for the past 15 years or so.

IEMs are really about doing away with the need for dedicated ops teams in all but the largest or most niche outfits. It is a lot harder to get rid of developers.

Operations teams keep the lights on. They build the digital edifice of the business, but it is the business that must occupy that edifice and make profits.

Developers are the business in a very real way. The code they create encapsulates the business logic. They automate mundane tasks. They replace entire departments with code. They can even - and this will become far more common far quicker than you think - program robots to do mundane physical tasks.

Once the building is built you don't need builders. You might keep a maintenance guy around, but how much better for most businesses to simply lease the building and let the landlord handle the maintenance? Or, if they own the building, hire a maintenance company to keep it ship-shape?

We are very rapidly approaching the point where operations simply won't be needed by most companies. I do not forsee a point in my lifetime where developers will face the same problem.

5
2
Trevor_Pott
Gold badge

Utopia may be just around the corner, but it seems like a mighty ugly pill...

Isn't it always?

All the work week be done on tablets and internet connectivity will be fast and reliable.

Internet connectivity is fast and reliable for a significant chunk of the parts of the world that have enough money to entire tech companies. 5 years from now it will be better. 10, 15? The first IEMs will start to emerge around 2020. They will probably start to make their way to the SMB space for the first time in 2025. They will be ubiquitous by 2030.

The pieces are all there for anyone willing to see.

Will compliance managers also be replaced by devops, I wonder...

SecOps, actually. I have a piece on that here.

1
1

Hacking Trump: Can we not label web vandalism as 'terrorism', please?

Trevor_Pott
Gold badge

Re: TED talk

We're going to have to agree to disagree. I believe you are projecting your own personal beliefs and morals out and thinking "everyone" agrees with them. Maybe "everyone" your particular geo does, but yoru statements don't reflect measurements of changing opinions.

More to the point, your arguments are functionally moralistic. "The world should be allowed to pry into interpersonal relationship issues because sex is involved and one person in a relationship might have an issue with how the other person conducts their affairs." That's bullshit. Bullshit of the highest order. If ti was an argument about wearing sandals versus sneakers nobody would try to say that anyone else had a right to listen in.

And yes, I am not going to listen to you on this. You are arguing from a position of prejudice rooted in nothing more than an ardent affirmation of sterotypes and your belief that others share your views. I've actually done a fair amount of research into this topic - and recently - as part of some large studies I'm engaging in on cultural differences in western nations.

Your social mores here are absolutely not shared by everyone. More to the point those who don't share your views on this are not some extreme fringe minority, they are a substantial - though not yet majority - % of the population. Even in the United States.

As religious influence wanes, so does puritanism about sex. And as puritanism about sex wanes so does the belief that people outside your immediate relationships deserve to know who you are having sex with.

And you know what? That is the moral truth of things. Religion used sex to control populations for generations. It is not in any way moral to continue with this, or to try to keep sex and sexuality titillating and taboo.

So no, you won't be convincing me. Mostly because your arguments stem from a sense of morality that I simply don't share...and I have done enough research to know that there are millions of others across the western nations who feel as I do. My moral and ethical viewpoint on this is emphatically not uncommon.

It may not be the majority view (yet), but it is shared by enough people that it cannot be considered invalid. So I'll stick to my original affirmation: the nation has no business in the bedroom of its elected officials, nor does the nation have any business in the bedrooms of the people.

And I'll fight against any attempt to make (or keep) our society one of puritanical voyeurism. If you wish to think ill of me for that, you go right ahead.

0
1
Trevor_Pott
Gold badge

Re: TED talk

No, that's bollocks. In just about any functional marriage, each partner would be properly fucked off about the other cheating on them. Sure, you can find me exceptions - but those are very much outliers. Marriages are substantially always damaged when infidelity occurs.

Sorry, but nope. Marriages have moved past the bizarre religious ideals of monogamy for a great many people. Maybe not the majority, but a very significant number.

Run the numbers. Look at the *fraction* of marriages that are truly open. It's a statistical insignificance. Most marriages where there is infidelity end in divorce in a relatively short space of time. Whether that's healthy or not is for someone else to decide - but it is a fact.

I don't know where you're getting your numbers. They certainly don't line up with any I've seen. Now, infidelity is the most frequently listed reason for divorce, but it has been repeatedly noted in research surrounding divorce that most of those relationships were about done anyways, and the infidelity (or claims thereof, in many cases it's hard to verify) are used to deal with legal issues surrounding divorce and/or to milk the ex-spouse dry.

I am incredulous that you've written that. Look at the history of failed marriages - a vast proportion are due to infidelity. I cannot believe you are naive enough to believe that more than a handful would not care about an extra-marital affair; substantially all cuckolds/cuckqueens really do care, and I am frankly astonished that you could believe anything else.

Your inability to see beyond your own prejudices is your own problem, sir. I have actually researched this topic at quite some length. The number of marriages that don't fail after infidelity are actually quite high. The number of marriages in which infidelity is tacitly (if not openly) tolerated is also a lot higher than you seem to think.

What's more, when marriages do dissolve it is rare that it is anywhere near so simple as "X found out Y was cheating on them and divorce ensued". A) Usually there are all sorts of reasons why the infidelity occurred in the first place that boil down to "marriage in trouble". B) Infidelity is quite often tacitly (if not openly) tolerated until something else in the relationship goes rather wrong.

You seem to personally believe quite strongly in monogamy. That's fine, but I think you need to realize that not only has that not always been the case, people in our culture are a lot more diverse in their attitudes and approaches to marriage than you are portraying.

What's more, you still haven't laid out a rationale for why the fact that some individuals choose to be obsessed with monogamy gives them the right to care whether or not others are, or to pressure those others regarding their marital habits.

To be quite blunt about it, poking your nose into the bedchambers of others uninvited should be of itself illegal, no matter who the individuals in the bedchambers are.

You will not convince me otherwise.

1
0

Netzpolitik spy journo treason case stalls, chief prosecutor told to quit

Trevor_Pott
Gold badge

Re: Needless surveillance is treason

What the fuck am I reading?

An accurate summation of the total body of Adam Smith's works. I wouldn't expect that you know them, as given your posting history you seem quite focused on the "selected works" that drive the very pro-market anti-liberal American-style conservatism. But the OP is not wrong.

Adam Smith did in fact warm ardently, stridently and often about the dangers of capitalism and tried to ensure that we build in safeguards against what he saw as inevitable issues and dangerous excesses. Too bad that part of Smith's teachings are so conveniently left out of the education systems of certain places. This willful ignorance has cost us all more than we'll likely ever be able to count.

0
0

Boffins turned off by silicon switch to TILTING MAGNETS

Trevor_Pott
Gold badge

Bunch of Tantalum in Canada with reserves proven out and environmental assessments done. Just need investors to make a hole in the ground and light up the refining facilities.

1
0

Sysadmin jailed for a decade after slurping US military docs

Trevor_Pott
Gold badge

but that doesn't mean that the NSA didn't have to work at it a bit.

Not nearly enough.

If they were able to crack it at all then it was insecure.

1
0

Vision? Execution? Sadly, omission and confusion rule Gartner's virty quadrant

Trevor_Pott
Gold badge

Re: In the market for two years

It's common knowledge that Nutanix biggest customer (US Dept of Defense) accounts for the majority of their sales.

Common knowledge is out of date.

And no, I can't cite my sources. Things told to me in confidence stay in confidence. And if you think I'm buying into the PR hype you don't know a damned thing about me.

I am PR hype's antiparticle.

1
0

Forums