@eddiejennings said in Reverse Proxy for Single Public Facing Server:

@dashrender said in Reverse Proxy for Single Public Facing Server:

@eddiejennings said in Reverse Proxy for Single Public Facing Server:

@dashrender said in Reverse Proxy for Single Public Facing Server:

That's pretty easy to do when you're self hosted, but if you're doing something like Vultr instances, I'm guessing it's a bit harder - unless Vultr allows for the creation of VMs that only exist on a private network.

True and that why I specifically mentioned a self-hosting scenario. I think I have a thread from the past asking about whether or not people bother with reverse-proxy for things hosted in Vulture or the like.

I don't think that it makes a difference.

@fredtx said in Did I connect these switches according to best practices?:

For instance, I've seen your posts where you said you learned some good concepts while studying for the mcsa MCSE back in the 90's.

That's true. But mostly I learned about the parts that weren't related to them, and mostly from third party sourced like Ed Tittle. Microsoft's own materials weren't bad, but not on par with good educators.

@scottalanmiller said in Multiple Virtual Disks and Application Performance:

Remember.... just because you are virtual does not imply that your storage is virtual, nor does virtual storage imply that the storage will be shared between workloads or VMs. None of that is implied or suggested in going virtual. You still maintain all proper storage management decision making when virtual as you did physical. You don't get to give any of that up.

In restrospect, I probably ought not have included the System Center Dude stuff in the discussion, since it seemed to just cause confusion about what I was curious.

You still maintain all proper storage management decision making when virtual as you did physical.

I believe this is the greatest takeaway from the discussion. Regardless if the environment is like the one I'm in where ultimately one physical storage device is hosting all of the virtual storage within the VMs.

Like I said, it was a couple years ago. Make sure to go through their documentation well.

@scottalanmiller said in Do You Need Two AD Domain Controllers? SAMIT Video:

@dave247 said in Do You Need Two AD Domain Controllers? SAMIT Video:

.... haven't had the chance to dig in as I am a freaking "IT generalist" where I work.

Youtube Video

I have a video for everything these days.

yep I just watched that one.. guess I can't call myself a Systems Administrator anymore 😢 (jk I totally am)

@matteo-nunziati said in windows server updates: critical/cumulative/security:

ok,

I'm still confused about the terminology. Please, can you confirm and/or fix my interpretation?

critical: not a security fix, but something seriously broken is fixed here. security: a security fix, something seriously broken is fixed here and a security hole is closed. cumulative: just use this if you have missed a lot of stuff and you have a long queue updates otherwise. Download this bulk huge fatty thing and align with upstream. all other types... really too many types here, do they really worth?

Now the second question.

Having an hyperv server 2016 should I need to install critical fixes? I mean: if I do not notice any misfunction should I patch? to me it is right to patch as you never know when a critical bug will hit your usage.

Also, as a general rule I patch manually and I always require recommended updates only. Then I choose what to install.

any opinion/correction/suggestion?!

thank you.

I do at least Critical, security, and definition updates to all servers, hypervisors included.
For Windows10 desktops, I do everything.

But I do it all through WSUS.

@fuznutz04 said in MySQL configuration best practices:

@emad-r

What is your practice for log rotation? For example, the error log. If that grows (obviously indicating other issues) , and needs to be rotated, what procedure do you use to rotate logs?

Currently the third party vendor uses this:

expire_logs_days = 10
max_binlog_size = 100M

In our MySQL instance.

@black3dynamite said in Remote Administration of FreePBX:

@scottalanmiller said in Remote Administration of FreePBX:

Also gives you (if you use GIT like we do) a record of when the port was opened, why and when it was closed again.

How does that work?

You commit your change to your local file system on your workstation. Then you commit it to the GIT repo. When you do this, GIT stores your change as well as the previous state of the system and you add a comment when you commit. This gives you a chance to say "Opening port to work on PBX" or whatever. Then when you are all done, change the firewall back, commit it, comment again saying you are done and closing it and it closes itself.

Step One: Install something other than Windows Home
Step Two: Be more secure

Location matters very little. I would stick to the standards.

Suggested edit:

We assume that not only does buying the most expensive, most famous products will be judged well compared to less expensive or less well known ones. We can also assume that but that those in Management see buying products is seen as beneficial to not buying products; even though often the best IT decisions are to not buy things when no need exists.

@aaron said in You Cannot Virtualize That:

@scottalanmiller said in You Cannot Virtualize That:

@aaron said in You Cannot Virtualize That:

said in You Cannot Virtualize That:

We are long past the point where running systems non-virtualized is considered acceptable

/me looks around at servers

I think it's ok to not virtualize 🙂

Doesn't BB cluster their entire farm? I thought virtualization was an effective necessity at that scale. You manage the servers without them being clustered in any way? I thought that the pods were nodes in a single farm

Oh they're clustered. I was thinking of a specific pod not being virtualized by itself. As in they aren't running a hypervisor. And we do have virtualized stuff around too. 😛

That cluster is really the virtualization, the nodes are below that level. We had another thread discussing this previously. Clusters are not always virtualized at the node level because the node is like the CPU, not a server and the entire cluster is really the computer and the cluster manager is the real hypervisor. Workloads run on the cluster, not on the nodes. Each node remains replacable as just part of the overall "Computer" which is, virtualized.

@StuartJordan said in My First Server: Build Basics:

Good post Scott and very relevant.

Thank you, sir. 🙂

I'm building out a Starwind SAN for this. It's partially done. But I've been traveling.

@Jimmy9008 keep in mind that resulting availability and risk aren't the same thing. Any five nines system is expected to hit six nines nine out of ten years. It's the average over the operating lifespan, not over a set interval. Otherwise any normal interval that you select would have 100% uptime.

So there are two ways to look at it reasonably...

Resulting Availability Over Operational Lifetime Expected Availability Over Operational Lifetime

The first is what an individual system actually provides. The second is the average of all systems configured identically, over all of their operational lifetimes.

The first you measure. The second you project with simulations.

In extremely large systems, like BackBlaze, they get close approximations to the later through measurement because they look only at small components (like hard drives) of which they have substantiation numbers to create a reasonable approximation to a full number.

When I was on Wall St., we had 80,000 servers in our pool and so we had actual risk and availability numbers for the industry in datacenters like ours. But it still only told us about a handful of server models, and only under our exact conditions. And it still took a decade or more to produce meaningful numbers, and those numbers only applied to the servers of the past, not the ones being installed new.

This one has been intended for years, but never bubbled to the top of the writing list.

This one was fun.

IT leader: “Wow, I think this developer is great.”
HR: “Really? What do they do?”
IT leader: “They built this excellent application.”
HR: “Well, are they better than the other developer who built ten applications?”
IT leader: “That depends on what you mean by 'better.'”

After all...that 1 application happened to be called Google.

@Son-of-Jor-El said in Over Investing Early Can Be Big Time Failure:

Interesting convo. I can't get into too much detail but in the solar industry it is ESSENTIAL to have the investors lined up. If you don't, you die.

Even with them lined up, you still want to spend money wisely.