Group Details Private

Service Providers

People who work for a technology service provider.

  • RE: Local Storage vs SAN ...

    Examples in known open source worlds...

    If you run ProxMox with DRBD on the Debian (host) layer, it's RLS assuming ProxMox has local disks.

    If you then make that block storage available over the network, it becomes a SAN (a traditional / physical SAN.) A SAN with replication for resiliency.

    If you run ProxMox and make a VM of Ubuntu and in that VM install DRBD it may or may not be RLS depending on where the host is getting its storage from for that VM. To the VM it will appear as if it is RLS, but we really don't know unless we check the stack. It's just the replication piece here.

    If you then make that DRBD block layer in the VM available over the network, it becomes a vSAN.

    posted in IT Discussion
  • RE: Local Storage vs SAN ...

    @Pete-S said in Local Storage vs SAN ...:

    @scottalanmiller said in Local Storage vs SAN ...:

    @PhlipElder said in Local Storage vs SAN ...:

    StarWind and VMware adopted the vSAN designation for their Hyper-Converged Infrastructure solution sets IIRC. Both did.

    Both do vSAN. So it makes sense as they run SAN appliances on VMs.

    VMware vSAN runs directly on the hypervisor as far as I know. I haven't installed it myself even if I specced it for customers.

    They CLAIM that to be true, but they, like MS, often speak in licensing terms rather than how things are physically implemented.

    What's funny is that if that is true, it would obviously make it not a vSAN at all. Which is totally plausible as it is a latecomer to the market and like everything with "virtual" or "cloud" slapped on it, they are just playing on the marketing name that people have heard. vSAN is the product name, not its description.

    VMware vSAN uses a proprietary SAN protocol to distant nodes (and I assume the local one for transparency) making it... a traditional physical SAN. Just a converged one, rather than a remote one.

    None of that is bad. It's all just funny that they claim to explicitly not be the product description whose name they used.

    posted in IT Discussion
  • RE: ZeroTier rules to limit freelancer access

    @Pete-S said in ZeroTier rules to limit freelancer access:

    Or you can just rely on authentication and authorization for every service and have no network segmentation. More risky but less work.

    To me this is what makes more sense. I get the value is DOUBLE protection. But at a minimum this should be there first, ZT only as a completely additional layer of protection.

    posted in IT Discussion
  • RE: What did you have for lunch or dinner today?

    My chef just handed me breakfast nachos...

    52667142370_92fe77afa9_k.jpg

    posted in Water Closet
  • RE: What Are You Doing Right Now

    I should add that of those ads that I can decipher, a huge percentage are for companies that provide the same services that I do. Things that I do myself, for free, because I'm an IT pro. So the amount of mis-targetting is crazy.

    And I don't drive. And I get a lot of car ads. Those are the "most applicable" that I get most of the time.

    The only truly good ads that I get are for subscription services... that I already have, lol.

    posted in Water Closet
  • RE: What Are You Doing Right Now

    I can't believe how many YouTube ads are for...

    1. Things that I can't identify. Nothing in the ad tells me what to buy or do. It's just like some video of nothingness.
    2. Only states what they are selling in audio. I typically have audio off on YouTube so like... it's just some images of people standing in a field to me.
    3. Is for a product that I get the name of but have zero idea what it would be for or who could use it. I just saw one where they made the name obvious, but nothing in the ad gave a hint as to... what the product does at all. And the name means nothing to me.

    Like, I'd say more than half the ads I see can't sell me anything because it's just gibberish to me.

    posted in Water Closet
  • RE: What Are You Doing Right Now

    @siringo said in What Are You Doing Right Now:

    @scottalanmiller said in What Are You Doing Right Now:

    Having the house wired up tomorrow, finally. We have two Internet providers (Claro & Teko), one on cable and one on fiber. My office is already wired to the fiber, but we are going to re-route everything so that we have both providers going everywhere. Gotta install a switch in my office and a switch in the middle of the house and put four or five access points up to get coverage.

    don't forget your speakers ! 😉

    No wired speakers here these days. Eventually I'll ship them in from the US. But just working from Apple HomePods down here for now.

    posted in Water Closet
  • RE: What Are You Doing Right Now

    @RojoLoco said in What Are You Doing Right Now:

    Hooray!!! The leak came through the ceiling in the front of our training room!!!

    Wow

    posted in Water Closet
  • RE: What Are You Doing Right Now

    @RojoLoco said in What Are You Doing Right Now:

    About to assay the damage in the server room... apparently our supplemental AC started leaking yesterday.

    Damn

    posted in Water Closet
  • RE: ZeroTier rules to limit freelancer access

    @Pete-S said in ZeroTier rules to limit freelancer access:

    You prevent network access on ssh from SERVER1 to SERVER2 by setting the OS firewall on SERVER 2 to only allow ssh from IPs on the VPN subnet.
    That means you can reach each servers ssh port from VPN, but not from anywhere else. So if you ssh into one server through VPN, you can't ssh from there to the next server.

    That might not work. Two problems that I can think of...

    1. Each devices is on the VPN and has a VPN IP address. So server to server communications can happen via VPN IPs. So it would potentially end up being allowed. ZT is specifically a VPN designed to be used for local, as well as distant, communications so we expect even local server to server traffic to still traverse the VPN, just not the router.

    2. There might be a need for other users to SSH between servers or the servers themselves to communicate over SSH. This isn't stated, so it is only a possibility. But we have to consider that we might be blocking more than requested if we get this behaviour to work.

    posted in IT Discussion