* Posts by Nate Amsden

1782 posts • joined 19 Jun 2007

Los Alamos National Lab fires up 750-node RPi cluster

Nate Amsden
Silver badge

Re: Pi flavour?

I certainly could be wrong (never used any Pi ) but I thought I had read the ethernet on the Pi was running off the USB bus ?? (not sure if still the case), but as you say, probably not a very good setup beyond a simple toy - the exception may be for setups that aren't network bound (e.g. download a batch of data to work on and then work on it from local storage/memory).

Even if it's only 100Mbps, as long as it's on the PCI bus (not USB), I'd think would be a major improvement over anything running on top of USB.

1
0

Google broke its own cloud, again, with dud DB config change

Nate Amsden
Silver badge

Can't imagine it's that bad at google. I have been in the SaaS space for 14 years and have seen exactly 1 SRE (though at the time he was a "performance engineer" maybe not quite a SRE but the term SRE didn't exist at the time as far as I recall)any of the companies I have worked at.

0
0
Nate Amsden
Silver badge

Re: I wonder how long it'll be ...

Almost no IaaS cloud charges for close to utilization. They charge for provisoning. Exceptions typically include object storage.

Go provision 100 8 cpu vms let them sit at 99% idle and see how much it saves vs running at 80% utilization.

Go provision 30TB of amazon EBS storage and write 10gb to it, do they charge for the 10Gb? (my main storage arrays operate at about a 10:1 over subscription model and that approach has worked fine for me for a decade).

If you have a real solid handle on utilization and capacity requirements and ongoing capacity testing then public cloud can be good. Otherwise your most likely either going to be paying out the ass (previous company peaked at 500k/mo roughly 10x what was needed), or you will be having a lot of problems.

Certainly it is possible to "get it right", seems very few and far between though.

0
0

Online outrage makes Logitech drop a brick: Now it will replace slain Harmony Link gizmos

Nate Amsden
Silver badge

why can't they renew the cert?

Last I checked certs had nothing to do with encryption just identification. And even worst case if it used http. It's a remote control device, hardly anything that needs top grade security.

Suppose there must be more to the story but I haven't seen it in any of the articles I've come across

(Never have used Logitech remotes myself i just deal with the multiple remotes from the devices themselves, I don't have a lot of devices so not a big deal)

16
0

Qualcomm is shipping next chip it'll perhaps get sued for: ARM server processor Centriq 2400

Nate Amsden
Silver badge

Re: A power draw of up to 120 watts

What makes you think Qualcomm will be better than Intel with regards to buggy chips ? If Intel chips were so buggy there would be a lot of people complaining, and there doesn't seem to be(outside of some vocal people complaining about that AMT stuff). I certainly haven't been alarmed by any recent Intel bugs, and I certainly don't think I am in the minority(though I keep my HP servers fairly up to date with Proliant Service packs so they get whatever HP may put in there to fix issues).

The Intel f00f bug was a bad one, as was the FDIV bug.

When it comes to existing Qualcomm CPUs, one of their biggest markets I'd assume is phones/tablets, and there seems to be at least as many complaints about Qualcomm in that space. Looks like several root exploits against qualcomm CPUs released last year.

AMD Epyc sounds interesting though it seems to have quite limited availability at the moment from OEMs. I remember being very excited about Opteron 6000 when it came out and still have a bunch in production even today(HP DL385G7s)

0
0

KVM? Us? Amazon erases new hypervisor from AWS EC2 FAQ

Nate Amsden
Silver badge

amazon has how many developers and support staff to hack KVM and Xen to be something viable for them?

KVM or Xen are more of technologies rather than a product (the product would be Redhat KVM hypervisor whatever they call it these days, or Citrix Xen hypervisor etc..)

KVM looks interesting (Xen never has to me), though I haven't seen anything that makes me interested in trying it over ESXi (currently running 5.5).

But I'm sure it can work fine for many folks otherwise.

0
0

HPE and WekaIO sitting in a tree, k-i-s-s-i-n-g

Nate Amsden
Silver badge

brain flips characters

WekaIO reads like WeakIO, brain transposing..

Wish HP had a good NAS(NFS) solution.

0
1

VMware open sources VR overlay for vSphere

Nate Amsden
Silver badge

Re: Really?

hopefully 7 comes out and 6.5 will be stable at that point, I looked again at the feature set for 6 and 6.5 and see nothing that interests me, though 5.5 goes end of support next year I believe so will have to upgrade.

My track record for vmware support cases averages 1 or 2 per year for the past 5 years, would like to keep it that way (running around 1,200 VMs today).

0
0
Nate Amsden
Silver badge

Re: Gimmick of the highest order

nothin but windows client here (through Xenapp)

probably will upgrade to 6.5 next year though (5.5 now)

0
0

First iPhone X fondlers struggle to admit that Face ID sort of sucks

Nate Amsden
Silver badge

swipe unlock is all I need

Strange to me to see/hear about so many people talking about how they want their device locked, or encrypted, fingerprint sensors etc, but then so many of the same people install apps on their phone with slurp their data or spy on their location etc.

The only reason my Galaxy note 3 daily driver has a pass code on it is because I needed to install a 3rd party cert to sync with my personal server, and android requires installing a lock in order to do that (not sure why). It also reminds me (on bootup) that my device could be snooped on because I installed this cert (a cheap wildcard ssl cert from comodo).

I never do any banking on my phone, and any purchase activity is typically limited to the google store(pretty rare these days) where I use virtual credit cards generated on my laptop (Bank of America uses a Flash app to generate them).

I've never lost my phone, never had it stolen, last phone that broke down for me was 2005. So I'm more concerned about remote data slurping than I am someone physically getting at my device. I use my 2nd Note 3 (and Note 4) for apps that I'm curious about that ask for more permissions than I'm willing to give on my main device (and neither device has access to my internal networks, my wifi is on a separate port on my firewall - also those devices are not linked to my personal or work email/etc). If I need the 2nd Note 3 with me and it needs network access then I fire up the hotspot on my primary device to get it online.

Just bought a Sony XZ1 (Pink) for my girlfriend - and while it apparently has a fingerprint sensor Sony disables it via software in the U.S. Her current and previous phones had no fingerprint sensors either(no pass codes either), so I guess we agree on that bit.

Only reason I'd use just swipe to unlock is to help prevent accidental unlocks.

2
5

Licensing rejig and standard price rises set for Windows Server 2016

Nate Amsden
Silver badge

Windows VMs on non Windows hypervisors

How about for VMs running in VMware ?

Windows makes up a tiny part of the 1200 or so VMs I have, but I do have about maybe a dozen or two Windows 2008/R2/2012R2 Standard servers (each individually licensed today).

I know the changes don't affect the older versions of Windows, but if I have 48 physical cores on the VMware host, and I want say 2 x 2vCPU VMs on that host (with the rest of the VMs being linux), what is the license? Is it like Oracle DB processor licensing where I have to license the 48 cores on the VM host even though I'm only using 2 x 2 CPUs ? And/or am I having to license 8 CPUs even though I'm only going to allocate 2 CPUs to the VM?

The biggest Windows VMs I have are 4 CPUs, most are 2 CPU, with a couple 1 CPU and a couple 3 CPU.

1
0

Azure fell over for 7 hours in Europe because someone accidentally set off the fire extinguishers

Nate Amsden
Silver badge

Re: Really?

I think large scale graceful shutdowns in this situation is probably really complicated as they operate as a cluster, as systems shut down likely other things kick in to try to restore availability maybe moving resources to other nodes or something. At some point you probably have to set a flag in the entire system saying it is down and take it all offline(at which point graceful from a customer standpoint is out the window)

I think this happened during that semi recent big S3 outage.

Not as if these are just racks and racks of standalone web servers with local storage.

3
1
Nate Amsden
Silver badge

Re: From the looks of it, cogs were falling off all over the place

Most likely those folks know that architecting for failure in cloud is a pretty rare thing just look at how many customers have outages when cloud goes down.

Hell I have seen developers complain about tcp connections being dropped during a LB failover(takes about 1 second ) because their app couldn't even handle that without restarting it. And this is for a new application stack, not something designed 10 or 15 years ago. I could go on and on for other real scenarios easily.

Building apps with single points of failure is very common still.

I remember what was it a decade ago or so, fire at data center in seattle, a facility that had at least annual power outages for 2 or 3 years prior. Bing travel site was in that data center. Was down for a long time. Maybe MS got it onlinr before the datacenter came back online with external generator trucks about 40 hrs later not sure (this was a colo facility not a MS datacenter).

Point is 10 years ago isn't that long and a company with the size and resources of MS wasn't willing or able to do it for bing travel at the time(hell even I had the foresight to move the company I was with at the time out of that DC 2 years before the big outage), doesn't surprise me that companies the fraction of the size still can't figure it out today. It's not as if it's impossible, it is just very difficult to do and most talk the talk but won't walk the walk when it comes down to it.

Same situation applies to security of applications.

8
0

Un-Delled SonicWall beefs up firewall to wrestle ransomware

Nate Amsden
Silver badge

Re: It used to be a good company with a good product 15 years ago

Sonicwall customer for about 5 or 6 yrs now mainly for site to site vpn but recently deployed in combo l2 l3 bridge mode for inline firewalls.

They work well. My biggest complaints are doesn't support SNI for server SSL and for SSL inspection for servers requires termination on the appliance which I'm not willing to do. Fortunately these units are site to site vpn only so impact is minimal.

Have had one bug open on my 3500s where i have to reboot them every few weeks due to something in 5.9.1 hopefully will get that fixed soon. Before 5.9.1 on those units they were solid for 5 years straight.

0
0

Equifax backtracks arbitrate-don't-litigate plan for punters

Nate Amsden
Silver badge

let users choose own pin?

How hard can that be? I froze my credit for the first time the day after the announcement. At least one of them let me use my own pin. Though I think it was limited to 4 digits.

This is the only data compromise that I'm aware of that impacts me that I am concerned about. Compromising credit cards etc doesn't matter to me. I reported a credit card breach to a hotel chain earlier in the year. A virtual credit card I gave to them and only them was compromised (in part because they never charged it so it remained open). They never replied. About a month ago got notifications from the propery management service that hotel uses(among hundreds of other properties) to a mass compromise.

One of them transunion I think I had to call them the website was giving server errors.

Wonder if credit card companies will start including credit monitoring as a more common feature. Certainly seems more beneficial than a lot of the other things offered.

2
0

Container adoption still low, barks Cloud Foundation

Nate Amsden
Silver badge

Difficulty is relative of course. One issue that blocks further adoption of some docker containers stuff apparently nfs doesn't work well (or at all?).

I deployed LXC containers 2 and a half years ago in production and they work great. The deployment model isn't remotely what these folks would consider containers though.

0
0

Confirmed: Oracle laid off 964 people from former Sun building

Nate Amsden
Silver badge

Re: I need new glasses..

Solaris and other unix have been niche for a long time maybe a decade or more? A high value niche. Doesn't mean there is no money to be made still though. I'd say the same applies/applied for very high end storage arrays as well.

Last place I was at that ran unix was 2006(HPUX on itanium and PA RISC before that). Though I work for smaller companies generally.

In the linux space there are quite a lot of options depending on your business model. Ubuntu and CentOS remain very popular, and obviously lots of folks out there running other things that may have less formal support available. I haven't worked for a company that has been willing to pay for Linux support since that company in 2006 either.

1
1

Everybody without Android Oreo vulnerable to overlay attack

Nate Amsden
Silver badge

couldn't google block it

If it comes from the store I'd expect them to be able to have a check for malicious things like this. Won't be fool proof but it should catch a bunch of things.

Funny the researchers say most users will want to update. Obviously it will be years before most have the update.

ATT has stepped up their badgering of my note3 on 4.4.x to upgrade to 5.0 but i won't have it. Must've gone 3 or 4 months without a single notification to upgrade now maybe once every 2 or 3 days. Removing the mute menu option after pressing power button is a deal breaker when my phone is also a pager. I read this was fixed in a newer 5.x build but it is not available to att note 3 (have another note 3 with 5.0 and a note 4 with 5.1 i think it is). The 5.1 solution sounds worse (volume button mute thing ) than 4.x. haven't put a sim card in note 4 yet. Even with a new battery the battery life seems significantly worse than note 3 for some strange reason.

I really miss the mute switch on my webos devices as well as the ability to immediately silence the phone just by pressing the power button (no need to look at the screen).

0
0

Networking vendors are good for free lunches, hopeless for networks

Nate Amsden
Silver badge

if it works, use it

for me anyway, I have been building networks the same way for 13 years now(I'm not a dedicated networking person just a generalist(?) that does networking among other things), works great, so I use it. (and no I have never used STP, and no I don't use Cisco either). The vendor I do use doesn't even actively promote the method I use to build networks(even though it is technically proprietary to their equipment at least at the core switch level), though I find this approach to be great.

Though I'm sure the likes of EA has far more fancy requirements for their networks than I ever have had or will ever have.

I've seen what developers do with shiny things(having worked with developers for the past 17 years), often times end result is not stable. Most developers don't even understand basic networking concepts, so wouldn't let them near networking equipment.

18
2

Google Cloud rolls back changes after 18-hour load balancer brownout

Nate Amsden
Silver badge

Re: But, but... it's the cloud

One of my biggest issues was/is cloud players are always screwing with their stuff. Very little means for customers to opt out or postpone changes, probably 95%+ of the changes are not even communicated in the IaaS space(except when there are brownouts etc after the fact). More often they are communicated in the SaaS space at least for the application side of things, though even then it seems to be really rare in SaaS for a customer to have any feedback into accepting such changes.

vs more traditional data center stuff where you basically have power+network links, both of which often times have fantastic reliability proven over a decade or more(anything higher up in the stack is managed by the organization). Add to that the complexity of network routing and providing redundant power is far less complex(and is a very mature technology vs cloud technologies) than an entire cloud application stack(on top of networking and power as well).

Data centers and network carriers (the good ones anyway) are usually very verbose about communications with any maintenance or changes on their systems. The carrier that the organization I work for even communicates things such as events that would trigger BGP route recovergence. Not that we really care about short periods of times when routing may not be optimal, it's not that critical. But the attention to detail is good.

7
0

China to get its very own cut-price cut-down cut of vSphere

Nate Amsden
Silver badge

vmotion between versions

When I upgraded 4.1 to 5.5 3 or 4 years ago I vmotioned VMs from hosts on 4.1 to hosts on 5.5. Sounds like what vmware is working on now?

Maybe it doesn't work on newer versions of vsphere, wouldn't know since I have not had a need to upgrade from 5.5 yet.

0
0

Whatchu doin' Upthere? Western Digital moves on cloud storage space

Nate Amsden
Silver badge

seems WD is going crazy with diversifying

Though I'd wager that this cloud service will be gone within 2 years?

Getting into a business that is a race to the bottom(this particular player seems to be pricing already at the bottom) isn't fun.. So many such(cloud storage) companies have already gone bust or widdled back their offerings trying to pin their hopes on business class service.

0
0

Sysadmins told to update their software or risk killing the internet

Nate Amsden
Silver badge

Re: BIND >9.7

The article isn't quite clear to me - seems as if this is specific to DNSSEC ? if I just grep for the word key in my bind 9.8 config there are 0 matches(and I have never ever worked with DNSSEC - yes have run authoritative DNS since 1996(for personal stuff, company I work for uses dynect for external DNS hosting) as well as caching DNS for internal stuff)

I read an interesting(perhaps amusing?) post by someone earlier this year that talked about how bad DNSSEC(it went into quite a bit of technical detail why DNSSEC was basically worthless) was and to just not bother with it. Can't find the link at the moment, it was good. Not that I needed convincing to (not) use DNSSEC.

edit: I think this is the link:

https://sockpuppet.org/blog/2015/01/15/against-dnssec/

1
0

Verizon kicks out hot new Unlimited* plans

Nate Amsden
Silver badge

need a new word

Unlimited just seems to get people upset. I remember back in the 90s how upset I was when I was on dialup on "unlimited" plans and ISPs would cut me off(because I was on 24/7 basically). All I was asking for is some clarification what the allowed usage was. At the time, the ISPs that I was using(all local ISPs) had no policies they were just arbitrary decisions "oops this person using too much kill that account". I was happy to pay more or get multiple ISPs if needed. Finally found an ISP at the time that actually told me what they allowed and I stuck with them until I moved out of the state.

So for me anyway I don't get upset with unlimited, as long as those terms are clearly spelled out, and Verizon seems to be doing so. I use AT&T and switched to their unlimited plan a few months ago (was on a 5GB plan before that). AT&T will throttle video as well but you can opt out (I did). I checked my mobile usage for the past 2 months under 2GB each month (I haven't turned wifi on since I got unlimited since it prevents AT&T from upgrading my Note 3 to Android 5 - last time I said that someone didn't believe me but the update screen specifically says wifi is required, and I have intercepted the update in the past by killing wifi and it stopped).

AT&T will throttle as well(like T-mo and Verizon) after some number, maybe 15GB or 20GB or something I forget.

Anyway I got unlimited mainly because I didn't want to worry about overage charges. Which as long as I stay in the U.S. (and maybe Canada but haven't been there in a long time) I'm good. Last year I went to Asia and even though I did my best to constrain usage (turned off data on my phone entirely most of the time) and had an international plan (800MB/month of data allowed phone calls were still $$), still managed to get bills in the $250-500 range for the 3 months I was away. (normal was $150/mo at the time, now is $99 with unlimited).

Seems some folks just want to have unlimited LTE speed, be able to download 10GB/day if their speeds permit it, and only pay $50/mo or something. While that would be nice, I just don't believe it's really scalable at that level of cost.

Shit 99% of the time I'd love to have a steady 5Mbps, carriers and stuff are talking about 5G and new CPUs fancy screens etc, and folks still haven't got good coverage on 4G yet, several busy places I go in a city of 200k and my data reception is basically 0(as in even DNS times out).

3
1

Official: Windows for Workstations returns in Fall Creators Update

Nate Amsden
Silver badge

Re: 4 CPU's - That's a lot!

Windows kernel can handle a lot more too. And I'm sure you realize it is 4 socket not 4 cpu.

Though hard for me to imagine if you needed ao many sockets and TBs of memory just get the server version of the OS. The cost of the software will be a rounding error on such a system anyway.

Just checked redhat workstation and it seems to top out at 2 sockets. That would be perhaps the closest comparable product in the linux world.

(Linux user on server+desktop+laptop mostly debian since 1996)

25
3

IBM Cloud turns TLS 1.0 off and then turns it on again

Nate Amsden
Silver badge

Re: TLS 1.0

Lotsa folks. Even cybersource who is a credit card processor isn't turning tls 1.0 off in production until feb 2018.(which is pretty close to the limit for pci I believe )

I just went through disabling tls 1.0 on a few production services for pci not long ago. Ran into issues immediately and had to turn it back on in a few cases, fortunately none of those cases impact pci for us.

Though i have yet to see a serious threat against 1.0. Sure it is not as strong as 1.1 and 1.2 but the press make it out to being completely cracked which last I heard was far from the case.

I really dislike how this works though. Services should be able to accept tls 1.0 in order to give a human readable error. Getting a low level ssl error is almost always a pain to diagnose(even for technical users like myself). The ciphers are even more confusing. Seems everyone has different varitions on names for the same ciphers. Had to spend a bunch of time experimenting with ssllabs testing and retesting until I found a cipher setup that was rated right.

A big chunk of the issue is it's very difficult to determine what clients are actually connecting with. For me most of my SSL is terminated on Netscalers and there is no logging of that stuff. Even with apache last I recall you had to enable debug mode to get that info. It wasn't available as a logging option for access log. And a webserver is pretty basic imagine all of the more complex apps and clients that speak different protocols.

3
0

It's official: Outages are only the second-worst thing about Comcast

Nate Amsden
Silver badge

No complaints

Back in the '00s I was in the Seattle area with AT&T Broadband, then Comcast bought that(?) and I became a Comcast customer at that point. I used 1Mbps DSL for many years(with 8 static IPs), but the ISPs kept getting bought and sold, at one point my DSL ISP said they were changing my IPs so I said screw it, I cancelled DSL and put in Comcast. I put my servers(email+web+DNS+etc) in a local colo.

Was a Comcast customer for 2-3-4 years, really had no issues. Small outage here and there, my bill was not cheap being that I had a ton of premium channels.

Anyway, in 2011 I moved to the bay area, and got a local cable company(served the city I was in only). Cost and service was comparable (for all of those folks saying cities should invest in municipal services for TV/internet) to Comcast. My only real complaint was I wanted faster upload speed(fastest was about 3Mbps, my download speeds were ~20-30Mbps though they had faster download plans).

Moved to the central valley in California a year ago, back to Comcast territory. Again costs were about the same but internet speed up by 10X (download now ~200Mbps and upload now ~20Mbps). I have had more outages out here, maybe I have noticed 3 or 4 brief outages in the past year (nothing more than a few hours tops??). Since my job is managing remote servers I need internet access, so in the event comcast goes down I use the hotspot on my phone.

Comcast really did screw up the installation of services at my current home. Took their contractors at least 3 or 4 trips. Apparently nobody in this city of 200k people uses Tivo and they lacked the hardware and kept sending people on site without cable cards. They also sold me on a triple play package(only for cost, didn't need the phone) and I told them I wanted to buy my own modem, they told me the website to find compatible modems and turns out the modem I bought wasn't compatible with any voice service. So they ended up having to re-do my order on the fly to a double play (for the same price, originally double play costed more for some reason).

Took more troubleshooting on my old Tivo Series 3 it didn't get several hundred channels, they came on site(and charged me that fee), no resolution. Eventually I learned that those channels were encoded with MPEG4 and Tivo series 3 doesn't support that so the channel remains black (even though the signal strength is very strong, and shows no errors). Annoyed that the series 3 is not as useful as it once was, but it still gets some channels. Series 4 works fine with MPEG4.

I think costs wise people blame comcast because that's who they pay. They don't see the costs of the content(Disney, and other content providers always pushing for more $$) driving the costs up. Other than the occasional big dispute between a cable/satellite and a content provider where they put banners on the channels saying the content may get cut off if they don't come to agreement by some date. I know that's not the whole picture but I bet it's a decent chunk of it. People argue for being able to subscribe to individual channels(no bundling) but many don't realize that will drive the cost even higher in many cases.

I caved in a few months ago and decided to cancel most of my premium channels, I hadn't watched much premium tv in more than a decade. Still have showtime as that is part of my "package". (and no I don't stream media either).

I have no doubt broadband etc costs are more expensive in the U.S. than in many other places (as is several other aspects of life here). And have no doubt that comcast probably does screw up regularly given the size of their customer base.

1
4

Excelero hooks up with Broadcom to tag team NVMe over fabrics

Nate Amsden
Silver badge

exceptionally low latency

Trying hard to think of what wouldn't benefit from low latency.. is there any such application that would benefit from high latency?

(leaving out any compromises that may be required to achieve such low latency that is)

Hey Lior!

0
0

It's a small VMworld after all – life in the shadow of re:Invent

Nate Amsden
Silver badge

not me

I'm not a conference person myself(or any event with lots of people). Went to a couple HP discovers a while back they were ok(went for storage/3par, those aspects were fun but the rest wasn't interesting).

Loyal vmware customer for 18 years(no signs of that ending) but never felt interest to attend vmworld.(even when it was in the bay area and I was a 30min drive away.)

0
0

Microsoft won't patch SMB flaw that only an idiot would expose

Nate Amsden
Silver badge

Re: But...

Till windows 10 ?

If you can't find it..grind it.

9
0

vSphere scales up, if you're willing to ditch a switch or server

Nate Amsden
Silver badge

Just curious where are these 'loads of security holes' ? Are you referring to undocumented security issues that any product has? Or are you referring to actual security advisories.

I have noticed I think exactly one guest escape security issue on vsphere hypervisor in as long as I can remember(going back to at least 3.5?), and that seemed to affect 6.something (i.e. no impact on my 5.5 stuff).

I have seen some other minor security things here and there, but overall it seems the security of ESXi hypervisor (and vCenter) is significantly better than the competition (that primarily being things like KVM, Xen, Hyper-V), though that is just based purely on casual observation over the years.

Can't speak to the other management stuff that vmware pitches(VSAN, NSX, and management tools), as all I need and use is Enterprise+ and Vcenter (on windows, with Oracle DB back end on Linux).

I suppose I am both the best and worst kind of vmware customer, best in that I have been a customer since 1999 running vmware on linux 0.x, later Vmware GSX, then ESX starting with 3.x. At the same time the last major release of vsphere that got me really excited was 4.0(feature wise). Moved from 4.1->5.5 after 4.1 was EOL, and likely will move to 6.x after 5.5 is EOL next year. Their products have literally been easily top 5 of the most reliable big software packages I have ever used, which is the biggest reason I have kept using them, even though I really was expecting(back in about 2009) I would want to migrate to KVM by around 2013. Obviously never happened.

Cost wise it is not cheap, but it is not expensive either, the enterprise + hypervisor is far cheaper today than it was when I started using it in about 2006(and that was standard edition back then, no vmotion etc). The way I calculate that is basically cost per core. With ever increasing core counts and CPU performance the cost per unit resource continues to decline. When I started with ESX I remember our fastest system was I believe a DL380G5 with dual proc quad core, the hypervisor license for standard edition was I believe $3500 for two sockets at the time (Vmware didn't "support" single socket configurations back then). So roughly $450/core. I don't think we even bought support back then, so that is hypervisor cost only.

Very recently I paid about $7800 for a 2 proc license for enterprise + with 3 years production support (through HP- we don't buy a lot so no fancy discounts). Our new systems(DL380Gen9) are 44 cores, so that $7800 cost comes to about $178/core, less than half of what it cost a decade ago.

That's being generous too because the cost a decade ago was very basic ESX, no vmotion, no HA. And no support if I remember right.

3
0
Nate Amsden
Silver badge

Re: tumbleweed it is, but the direction might be wrong

Linux admin since 1996(yes linux is primary OS on my laptop too). Still love my vsphere 5.5(about 1200 VMs 99% linux). No reason to upgrade yet. I run a win7 VM for vpn and xenapp to run the good ol .net vsphere client on my laptop(linux xenapp client doesn't play well with vsphere console last I tried ). I remember i hated the .net client originally but learned be careful what you wish for as the web client was obviously worse.

Tried the cloud thing twice at different companies(they had it before I got there), didn't work out. Kept people up at night wondering what the next random failure would take down.

Vsphere and vcenter are so solid that i worry about the day I upgrade. Generally 1 or 2 support requests per year on it for me going back the past 7 years or so.

It just runs and runs.

2
0

systemd'oh! DNS lib underscore bug bites everyone's favorite init tool, blanks Netflix

Nate Amsden
Silver badge

Re: underscore illegal dns character

They are not legal i checked abou6 a month ago(powerdns rejected a change I tried to put in with underscore). Many systems will allow them, but strictly speaking they are illegal. I read even in BIND there was a config option to allow underscore but I think it is not default.

But that being said I think that underscore being illegal is dumb and the systems should take it (anyone know the original reason behind that decision? Seems pretty arbitrary, maybe someone thought it would be harder to read or something )

1
0
Nate Amsden
Silver badge

Re: underscore illegal dns character

Don't want to start a flame war on top of systemd already. But I do prefer the gnu tools and apt over the bsd way of doing things. I was looking forward to debian freebsd but last i looked that project has been stalled foe years (I installed it once on a soekris box a few years ago).

Also at least with ports and stuff speaking of init, I found myself having to write custom basic init(or rc) scripts for services since so often they did not install any.

Most or all of the BSD folks i know hate linux userland but are ok towards the kernel. Find it kind of ironic i am the opposite. I shouldn't say I hate bsd userland but I prefer linux.

I haven't tried freebsd on a desktop with X11 probably in 18 years. I used to run freebsd on bridging firewalls and IDS, back in 2005 I moved to openbsd (for pf), have thought about going back since freebsd has had pf for a long time now just haven't had a real need.

Quite possible my info on init scripts and stuff is outdated for freebsd these days but as of openbsd 6 (? Last installed maybe 6 months ago), seemed to apply.

As per systemd yes I only interacted with it for a few mins so far (system is still running with systemd haven't rebooted it or anything in a few months). I think the issue was couldn't easily figure out how to get a service to start that wasn't built in. I gave up for the time being and started it manually. Not a huge deal but I can feel a sign of things to come.

And yes if debian 7 had update support for the next 5 years I would not update. I can't think of anything in debian 7 or 6 or even 5 that I felt was important to upgrade for. (Memory is hazy even going back to v5). Drivers for newer hardware is the exception. Though all of my serious systems run in vmware, where the virtual hardware has been stable for a decade

1
0
Nate Amsden
Silver badge

Re: underscore illegal dns character

Can't edit on mobile. But wanted to add a perhaps obvious tidbit. With exception of a brief time with debian 3.0 back in 2001 or 2002, where i ran "testing", every other system before and since has been "stable"

10
0
Nate Amsden
Silver badge

underscore illegal dns character

I believe anyway. I have been a debian user since 2.0 hamm back in 98 and am strongly considering moving to the deuvian. I have had about 10 minutes exposure to systemd on a recent debian release (installed maybe 4 months ago whatever the version was at the time I am not at the system ), and wasn't impressed (at the end of the day it comes down for me it wasn't broken so don't fix it).

My main "home" servers(hosted at a colo) are debian 7 still, so no systemd, my laptops are linux mint 17(MATE) which has no systemd. My work linux boxes all 1000 of em also lack systemd for the moment anyway.

I can certainly see some use cases for a systemd approach on desktops and laptops hot plugging and shit. But the negatives outweigh the positives as someone who has run linux on my desktops and laptops since 1997.

I don't mind giving people choice but it seems the choices are rapidly dwindling, which is quite sad.

some folks have fled to BSD. I like the BSD kernels but have never liked the userland stuff(openbsd is still my home firewall of choice).

I have been able to just ignore systemd for a long time but that time is running out.

Same goes for some shit about replacing ifconfig?? Been reading about that recently, again have yet to run into it, another case of it was working fine for me for the past 21 years don't see a need to change it.

Other than driver updates with newer hardware linux on my systems has been "good enough" for a decade already.

Maybe I am too old. Or perhaps a case of the hipster agile devops shit going too far.

Or maybe a bit of both.

80
2

Pathetic patching leaves over 70,000 Memcached servers still up for grabs

Nate Amsden
Silver badge

I'd wager most are on public clouds run by people who don't know what they are doing. Which i suspect makes up at least 70% of the public cloud customers out there.

At least with your own facilities even if you don't patch it's highly likely the systems are behind a firewall or at least a NAT device not being directly exposed to the interwebs.

Didn't even know memcache had authentication myself until this article. All the apps i have seen built with it over the past 10 years have not used that ability.

6
0

Gone daddy gone: GoDaddy offloads its cloud businesses

Nate Amsden
Silver badge

Yes i believe so. But that is different from the public cloud service they offered for a year or two or three.

Bring back go daddy girls

1
0

1Password won't axe private vaults. It'll choke 'em to death instead

Nate Amsden
Silver badge

Re: So, how many credit cards do I need now?

suggest having at least one credit card account where you can generate virtual credit cards. For me that is Bank of America (Shop safe is the product, I use it all the time, though it does require flash to interact with). I also have other credit cards but it seems that particular capability is far from universal.

I think my (real) credit cards have been compromised 1 time(MAYBE 2) in the past 3 years at this point. I did have one ShopSafe card compromised, which is odd because only 1 vendor ever got the number(hotel reservation system). Because the original vendor did not charge the number, it was still "open" to be used(the moment it is charged it is locked to that vendor). About 2-3 months later a strange charge showed up from another website that I had never used, it was especially weird because there was only that one charge - normally I would see multiple fraud charges in a short time period. After some investigation I tracked it to the specific virtual credit card I used to reserve the hotel room. The vendor that had charged my card with the fraudulent transaction refunded the money. I sent a message to the hotel chain with the details but never heard back. Bank of America saw no need to cancel my main card since it was only shop safe that was compromised (maybe 7-8 years ago their reps/fraud system wasn't sophisticated enough and they would insist canceling my main card when shop safe was compromised even though there was no need, now they know better).

Few years ago I had another shop safe card fraud attempt (that was blocked). I used that card to pay my cable tv subscription, I forgot how I got notified of the charge, but once again the only company in the world that number was given to was the cable company, so the breach happened with them or with their processor. They were very apologetic and offered to pay for credit protection(local cable company not a big brand name). I told them don't worry about it there is no harm done.

so in general for me at least credit card security(whether it is chip and sign or swipe) really hasn't been much of a bother for me in many many years. I would say before 2010 my card(s) would get compromised on at least an annual basis, and it was more of a bother.

1
0

Brickbat unwraps in lap of crap Snapchat yap app technocrat brats after stock splat mishap

Nate Amsden
Silver badge

I thought snapchat said

That they may not ever make money

https://www.theregister.co.uk/2017/02/03/snap_files_for_ipo/

That along with committing to spend $400M a year on google cloud (or any service for that matter) should of driven everyone scrambling to the exits.

3
0

Server vendors board the Xeon SP party bus

Nate Amsden
Silver badge

Re: Forgot a couple

Cisco and Dell are special, el reg gave them dedicated articles

http://www.theregister.co.uk/2017/07/11/ciscos_fifth_ucs_server_generation_surfaces/

http://www.theregister.co.uk/2017/07/11/dell_14g_servers/

possibly those vendors announced their gear (again) ahead(few hours early?) of the CPU announcement, not sure

1
0

Seagate SNAFU sees Cisco servers primed for data loss

Nate Amsden
Silver badge

bad controller

Seems like this is the fault of whatever disk controller cisco is using. I don't recall any real storage controller whether it is HP or Dell or even my old 3ware controllers that didn't have controller enforced drive write cache settings.

Maybe cisco ships with nothing more than bare bones controllers but that would be even more surprising to me.

10
0

Dell goes swimming in Skylake to source 14G server line

Nate Amsden
Silver badge

Re: just be prepared to wait if you want SSDs

yeah I suppose I could try to get some vendor to make me a custom build with the CPU, was quite surprised that the online store HPE(sorry) has did not have that as an option for the DL20.

0
0
Nate Amsden
Silver badge

just be prepared to wait if you want SSDs

Was going to order a single socket dell server for myself (to replace an older system I have at a colo). Tried to put a pair of 400GB SSDs in the system, and the website gave me a roughly 60 business day lead time. Without the SSDs the system could of shipped pretty quick, though I couldn't get a valid configuration the website kept complaining about the operating system, and the things it told me to do I either already did, or what it told me to do was impossible (one suggestion it had was to choose "no OS" option, and there was no such option). So I guess when I actually order it I will have to call them.

I know there is a broader SSD shortage and this problem is not specific to Dell, but was still surprised for just a pair of small SSDs the delay was so long. I had read before that it seemed like the most popular SSDs were in the 2-4TB range and I expected shortages on those, not so much 400GB.

I would of bought HP but they do not offer the CPU I need(none of their systems in their online store have it anyway), which is an Xeon E3-1240L V5 (2.1Ghz quad core 25W - I could go with the 1235L V5 as well but not even Dell has that chip).

Not sure why that CPU is so rare, seems nobody other than Dell has it (several online retailers claim to stock it but they do not actually have them in stock, I waited 6 weeks for one such retailer to ship before cancelling an order earlier in the year). Note this CPU is "L", lots of websites have the E3-1240 V5(80 watts!), but not the "L" edition(25 watts). I built another server with this CPU earlier in the year (CPU came from Dell as well). Really like the low power profile, yet still a very functional and quick processor.

I was interested in what AMD had to offer but their latest chips obviously don't come close to this power envelope. Maybe when they come out with their laptop chips next year they will release updated server chip offerings with lower wattage.

3
0

Two-factor FAIL: Chap gets pwned after 'AT&T falls for hacker tricks'

Nate Amsden
Silver badge

why would anyone link their bank accnt to paypal

Unless it is a throw away account that only has funds for a limited time.

I don't use paypal often but when I do i only use protected credit cards issued by in my case bank of america shop safe. Credit line is set for the purchase price in paypal. I make the purchase and the virtual card is useless after that.

As for sms and 2 factor. It's still better than single factor. None of my bank accounts with major banks have 2 factor as far as I know. Though each account has a unique username a unique password, and a unique email address hosted on my personal server(which does NOT correspond to any user accounts on my server, i have a general login account with access to my dozens of email inboxes and 150 or so email addresses spread over multiple domains).

4
14

'My dream job at Oracle left me homeless!' – A techie's relocation horror tale

Nate Amsden
Silver badge

my relocation bundle

When I joined the current company I was at, I guess my boss was pretty smart - instead of making it an official "relocation" thing with processes around it, he just made it a signing bonus to use however I wanted. It was $10k to move from Seattle area to the Bay area, probably used about $5-7k for the actual move (was 6 years ago don't remember exactly).

Though the company I am at is really small compared to Oracle of course.

This is the only job I have relocated for. Strangely enough recruiters in Seattle still contact me too lazy to check my linkedin profile I guess.

15
0

Multi-tier Tegile array mixes NVMe and SAS flash like a big ol' storage wedding cake

Nate Amsden
Silver badge

didn't dell have this 6 years ago?

Compellent was doing sub lun auto tiering between SLC and MLC. I have never used compellent but remember talking about it at the time.

All nvme is is just another tier of flash. (When it comes to data placement anyway)

1
0

Windows Insiders with SD cards turn into OneDrive outsiders

Nate Amsden
Silver badge

Re: This has been going on with Win10 for a couple years, Win8 too if I recall

Not that I need to sync with this but isn't the point of not using NTFS so the SD card is portable to other systems whether a camera, or something ??

27
0
Nate Amsden
Silver badge

Re: Sky blue, water wet, MS fucking over customers...

I have been linux on the desktop/laptop since about 1997 now, wow has it been that long. But I still have a windows 7 VM and my main computer is still dual boot with windows 7 (one of the last laptops that sold with windows 7).

I have used a bit of windows 2012 (always quickly installed classic shell, though have no intention of using windows 10 as long as win7 still works. Shit, even my recent windows server deployments were all 2008R2(windows makes up less than 1% of my server infrastructure).

MS just seems hell bent on screwing power users over, it is quite unfortunate. I used to be hard core anti MS back in the 90s, but was getting to like them(even bought several copies of windows 7 and Visio) up until they started the windows 10 push.

23
3
Nate Amsden
Silver badge

Re: Sky blue, water wet, MS fucking over customers...

I think they did that one already

https://www.theregister.co.uk/2016/12/09/mysterious_windows_10_networking_bug/

25
0

Forums

Biting the hand that feeds IT © 1998–2017