|
Agrikk posted:Depending on the exact model and generation of your SmartUPS, a network management card for the smart slot will run you $20 if your ups is older, $100 if newer. The APC BackUPS line are consumer/end user UPS units inteded for desktop machines. You can't add a network card to them. That would be the SmartUPS line.
|
#
?
Nov 12, 2023 23:06
|
|
|
|
| # ? Jun 10, 2024 04:21 |
|
|
Was just messing around in my homelab for the first time in awhile, and set up Tailscale on my PfSense router, advertised my internal subnet and tested it on my iPhone. Holy poo poo, I cannot believe how easy that was. Insane.
|
|
#
?
Nov 12, 2023 23:32
|
|
|
Tailscale is magic 
|
|
#
?
Nov 12, 2023 23:34
|
|
|
Just becareful with it and thread favorite proxmox. I set it up on the Hypervisor like a total rube. No problems everything is great for months. Next reboot, no LXC has DNS since on boot of an LXC /etc/resolv.conf is written based on host settings, and the host was using tailscale DNS and the LXC has no tailscale installed or running.
|
|
#
?
Nov 12, 2023 23:43
|
|
|
Motronic posted:The APC BackUPS line are consumer/end user UPS units inteded for desktop machines. You can't add a network card to them. That would be the SmartUPS line. Whoops! I readBackUPS as SmartUPS. My mistake.
|
|
#
?
Nov 13, 2023 01:40
|
|
|
Hughlander posted:Just becareful with it and thread favorite proxmox. I set it up on the Hypervisor like a total rube. No problems everything is great for months. Next reboot, no LXC has DNS since on boot of an LXC /etc/resolv.conf is written based on host settings, and the host was using tailscale DNS and the LXC has no tailscale installed or running. Sounds like a nice lesson learned! I have it running on my pfsense router via their built in package. Honestly I don’t have a real use case for it right now…but it was something to do and pretty cool. I’m sure it’ll come in handy in the future.
|
|
#
?
Nov 13, 2023 04:12
|
|
|
chocolateTHUNDER posted:Sounds like a nice lesson learned! It was... Just finding it took an embarrassingly long time because the symptom was that a docker container was in a crash loop without any output. Turns out the reason why was it tried to bind to a port by DNS, and well it's always DNS.
|
|
#
?
Nov 13, 2023 20:37
|
|
|
Things that route packets belong on routers/firewalls, not hypervisors 
|
|
#
?
Nov 14, 2023 06:54
|
|
|
Wibla posted:Things that route packets belong on routers/firewalls, not hypervisors I disagree. VPNs are for clients and should be as close to the client as possible. If an LXC needs a VPN connection, that VPN connection should be on the LXC. The docker host in particular has 4 different VPNs for different services if you count tailscale. PIA in Docker for transmission - If PIA isn't connected, no transmission traffic goes out. OpenVPN inbound for when I'm offsite. OpenVPN outbound from one of the LXCs. The LXC has 'public' traffic which is to say I have a Digital Ocean box that passes 443 over the VPN to that LXC. Tailscale that I haven't adopted yet. That doesn't count various other times I'll spin up a PIA VPN and use docker --network container:pianame to get around google's ratelimits. Or even the fact that my windows 11 chrome instance can use a socks5 proxy from either PIA or the OpenVPN outbound when I need to use a different IP. I don't think that I have enough knowledge to configure a unifi router to handle the complexities there.
|
|
#
?
Nov 14, 2023 08:26
|
|
|
Wibla posted:Things that route packets belong on routers/firewalls, not hypervisors By definition the hypervisor has to route packets. It has to know where packets inbound/outbound to its VMs need to go. Especially if it isn't creating unique network hosts on the network for each VM as is the case when you are dealing with user level VMs in Linux. Plus there's the added benefit of it being able to route way faster than jumping out to a LAN and back if it can be done entirely locally on the physical machine.
|
|
#
?
Nov 14, 2023 13:46
|
|
|
Yeah, most Hypervisors have some sort of built in router/switching. Otherwise, you can't really handle a bunch of hosts that are often on different VLANs talking to the general network. That being said - if you are specifically trying to provide a general network service like VPN, Routing, Firewalling, you do generally put those either in dedicated hardware or within a VM in the pool. I use PFSense to do Firewalling/Routing inside my clusters, broken up by switching and interfaces.
|
|
#
?
Nov 14, 2023 15:15
|
|
|
CommieGIR posted:Yeah, most Hypervisors have some sort of This is what I was trying to get at.
|
|
#
?
Nov 14, 2023 15:43
|
|
|
I don’t see a huge advantage to Tailscale and I feel like I’m missing something. It was pretty trivial to set up a WireGuard instance hooked to a DDNS domain and have my LAN readily available via turning on the tunnel when needed. TS seems neat, but as best I can tell you’re just cutting out some of the in between steps and then it’s just a machine to machine connection. Neat and handy for sure but it seems like if you’re running umpteen services locally across containers and so on that you’re only causing more work for you self to integrate it to each host. Am I completely off base here?
|
|
#
?
Nov 14, 2023 15:46
|
|
|
Warbird posted:I don’t see a huge advantage to Tailscale and I feel like I’m missing something. It was pretty trivial to set up a WireGuard instance hooked to a DDNS domain and have my LAN readily available via turning on the tunnel when needed. TS seems neat, but as best I can tell you’re just cutting out some of the in between steps and then it’s just a machine to machine connection. Neat and handy for sure but it seems like if you’re running umpteen services locally across containers and so on that you’re only causing more work for you self to integrate it to each host. Am I completely off base here? By default it's machine to machine but you can set it to act as a regular VPN by designating an exit node. Otherwise you've pretty much got it, they're essentially just making Wireguard a bit more user friendly, especially if you don't own your own domain. I use it as a backup to my Wireguard since that's hosted on my main server and if that's down I can't get into anything. My PiKVM is on TS so I can get to the bare metal of the server to try and get that back up. Scruff McGruff fucked around with this message at 19:00 on Nov 14, 2023 |
|
#
?
Nov 14, 2023 15:57
|
|
|
Ooh, the PiKVM thing is a good idea. I’ve been vaguely meaning to get around to getting 2fa on there so I’d have access to Proxmox to spin up redundant VPNs if my main and backup went offline (though the backup is on my router so if that’s fubar it’s all fubar) and that would be a better alternative than exposing it. Does TS use WireGuard as their means of VPN-ing?
|
|
#
?
Nov 14, 2023 16:48
|
|
|
Yeah. TailScale uses Wireguard as the vpn back end.
|
|
#
?
Nov 14, 2023 17:10
|
|
|
I need something like ITGlue, but for my Homelab. Any recommendations? ITGlue for reference: https://www.itglue.com/
|
|
#
?
Nov 14, 2023 17:28
|
|
|
chocolateTHUNDER posted:I need something like ITGlue, but for my Homelab. Any recommendations? I don't understand. What's wrong with homenetworkips.txt?
|
|
#
?
Nov 14, 2023 17:37
|
|
|
chocolateTHUNDER posted:I need something like ITGlue, but for my Homelab. Any recommendations? Is Writerside similar to what you are looking for? You use it to create technical documentation and it spits out a static site for you. It's in early access right now, though.
|
|
#
?
Nov 14, 2023 21:10
|
|
|
Kibner posted:Is Writerside similar to what you are looking for? You use it to create technical documentation and it spits out a static site for you. It's in early access right now, though. This seems cool, but not exactly what I'm looking for. I'm looking for more of an ITGlue or Hudu style thing: https://www.youtube.com/watch?v=vn0f1yHIh3s https://www.youtube.com/watch?v=cEOZ7T3rCaM Maybe Netbox?
|
|
#
?
Nov 14, 2023 21:28
|
|
|
wrong thread
|
|
#
?
Nov 14, 2023 22:33
|
|
|
What distributed storage are y'all running at home with low node counts? I janitor Ceph at work and not only want to learn something different at home, but also know that Ceph is much happier when both host and disk counts are much, much higher than I want to spend at home. What's the high-level overview of Starwind VSAN vs VMWare VSAN vs Hyper-V Storage Spaces Direct? I know that officially VMWare VSAN and Microsoft SDS need validated hardware, but I'd hope I could shove it onto home stuff by saying "i know what I"m doing" and just feeing it 1 full NVME disk each across 3 nodes. Thoughts? How are you guys distributing your storage?
|
|
#
?
Nov 22, 2023 20:42
|
|
|
Twerk from Home posted:What distributed storage are y'all running at home with low node counts? I janitor Ceph at work and not only want to learn something different at home, but also know that Ceph is much happier when both host and disk counts are much, much higher than I want to spend at home. Ceph through proxmox or just resilio in a container if it’s going to windows.
|
|
#
?
Nov 22, 2023 21:36
|
|
|
So I have been kicking around an idea... I posted earlier but I have a couple free R740s with a ton of processor and memory but no GPU. I'd really like to build a machine learning rig. Does anyone know of a semi sane way that I can shoe horn 1 or 2.... RTX 3080s(????) into that chassis? I know the power connectors are going to be a problem, that's a separate thing. They would like 5X my power bill so I really can't use them as a replacement for my relatively efficient home server but I want to do something cool with that metal because it's really nice gear for free.
|
|
#
?
Nov 23, 2023 02:03
|
|
|
Do you have to keep the cards in the chassis? Get a cheap ATX case, mount a PSU and the GPUs inside that, use risers to route the slots to the R740.
|
|
#
?
Nov 23, 2023 04:21
|
|
|
Twerk from Home posted:What distributed storage are y'all running at home with low node counts? I janitor Ceph at work and not only want to learn something different at home, but also know that Ceph is much happier when both host and disk counts are much, much higher than I want to spend at home. I'm using ceph at home with 3 hosts each with 5 OSDs and I haven't had any problems with it. I switched over from Gluster maybe nine months ago and haven't looked back - Gluster (and the RH derived product) are on life support anyway so it's not wise to go with it. I don't have any experience with the options you mentioned however.
|
|
#
?
Nov 23, 2023 10:10
|
|
|
cr0y posted:So I have been kicking around an idea... I have a 740xd and kinda wanted to do the same initially but couldn't figure out a semi same way to even attempt it.
|
|
#
?
Nov 23, 2023 10:26
|
|
|
Bjork Bjowlob posted:I'm using ceph at home with 3 hosts each with 5 OSDs and I haven't had any problems with it. I switched over from Gluster maybe nine months ago and haven't looked back - Gluster (and the RH derived product) are on life support anyway so it's not wise to go with it. What sort of hardware are you on?
|
|
#
?
Nov 23, 2023 15:42
|
|
|
Azhais posted:What sort of hardware are you on? It used to be three mostly identical HP DL380p servers with a mix of SAS and NVMe OSDs, but two of the servers have now been replaced with AM4 desktops with the same OSD arrangement to try and keep the power costs down. I was running the desktops as Proxmox nodes anyway, just not part of the ceph cluster, so consolidating the stack cut the power usage.
|
|
#
?
Nov 23, 2023 15:57
|
|
|
I got Tailscale up after reading a lot about it. Had a bunch of issues trying to figure out how to use the app for my NAS off wifi but after the initial hump it is pretty cool just how easy it is. Now all of my data is flowed through my desktop and I added my LAN subnet to also get LAN only stuff. I should maybe get a VPS or VPN so it's not my home IP being shown everywhere.
|
|
#
?
Nov 23, 2023 16:57
|
|
|
Maybe a dumb question, but if I'm connected from my phone or other device to Tailscale, is that the same thing as activating my separately installed WireGuard connection? Meaning having private vpn to my home. I know I'm accessing my home services with Tailscale but not explicitly confident I'm concealing my traffic if on another connection.
|
|
#
?
Nov 24, 2023 17:15
|
|
|
TraderStav posted:Maybe a dumb question, but if I'm connected from my phone or other device to Tailscale, is that the same thing as activating my separately installed WireGuard connection? Meaning having private vpn to my home. I know I'm accessing my home services with Tailscale but not explicitly confident I'm concealing my traffic if on another connection. You can go to https://whatismyipaddress.com/ while on your phone and away from your wifi to see if you still have the same IP. If you do it should be vpn'd the whole way.
|
|
#
?
Nov 24, 2023 17:41
|
|
|
I figure its time to get off the 13 year old AMD Opterons and onto something in the single digits, so trying out my Dell M420 miniblades
|
|
#
?
Nov 24, 2023 18:08
|
|
|
Nitrousoxide posted:You can go to https://whatismyipaddress.com/ while on your phone and away from your wifi to see if you still have the same IP. If you do it should be vpn'd the whole way. By default, Tailscale doesn't run as a full VPN, it just does direct Wireguard connections between things in the tailnet. You can set it up to tunnel all traffic through a chosen exit node, see https://tailscale.com/kb/1103/exit-nodes/.
|
|
#
?
Nov 26, 2023 10:41
|
|
|
I just ordered 128GB of ram (https://pcpartpicker.com/product/2pYmP6/kingston-server-premier-32-gb-1-x-32-gb-ddr4-3200-cl22-memory-ksm32ed832hc) for my home server/NAS. At least ZFS will be able to use it well and I will never have to worry about running low!
|
|
#
?
Nov 27, 2023 21:30
|
|
|
Kibner posted:I will never have to worry about running low! On FreeBSD, the SPL is ~300 LoC shim with integration into uma(9) so you can end up with systems that have no free memory - but at least it's less of an issue: pre:last pid: 91172; load averages: 0.32, 0.32, 0.32 up 27+22:01:55 18:18:22
89 processes: 1 running, 87 sleeping, 1 zombie
CPU: 0.4% user, 0.0% nice, 0.6% system, 0.0% interrupt, 98.9% idle
Mem: 412M Active, 2436M Inact, 26G Wired, 2245M Free
ARC: 24G Total, 22G MFU, 768M MRU, 432K Anon, 607M Header, 339M Other
22G Compressed, 86G Uncompressed, 3.94:1 Ratio
Swap: 2048M Total, 2048M Free
BlankSystemDaemon fucked around with this message at 18:29 on Nov 29, 2023 |
|
#
?
Nov 29, 2023 18:19
|
|
|
ngl, I don't think I fully get what you mean.
|
|
#
?
Nov 29, 2023 21:32
|
|
|
Pretty sure he's referring to the fact that on Linux, ARC size defaults to 50% of system memory because [arcane reasons] and if you try to set it higher, you're entering a very dangerous zone. And that FreeBSD doesn't have this problem.
|
|
#
?
Nov 29, 2023 22:17
|
|
|
Kung-Fu Jesus posted:Pretty sure he's referring to the fact that on Linux, ARC size defaults to 50% of system memory because [arcane reasons] and if you try to set it higher, you're entering a very dangerous zone. And that FreeBSD doesn't have this problem. Ahh, gotcha. Yeah, I am fine with it using "only" half my memory. 64 GB (or near enough) still feels like a heck of a lot!
|
|
#
?
Nov 29, 2023 22:34
|
|
|
|
| # ? Jun 10, 2024 04:21 |
|
|
What's the most CPU & memory you can squeeze in a 1U that consumes under 200W?
fletcher fucked around with this message at 10:37 on Nov 30, 2023 |
|
#
?
Nov 30, 2023 10:14
|
|
