Why is HAProxy on the host? I would always put it on its own VM and keep the host isolated as the host. If you put HAProxy on it, it's now functioning as one of the worker VMs, but also the host. While this works fine, in theory, it's extra complicated and violates fundamentals design principals for virtualization. The host, in theory, is expected to be completely limited to host functions. But also handling one random workload.
Posts made by scottalanmiller
-
RE: Fedora 39 Server as host with HAproxy and Qemu/KVM virtual machines. Trouble with communication.posted in IT Discussion
-
RE: Meta Down: Facebook and Instagram Offlineposted in IT Discussion
@DustinB3403 said in Meta Down: Facebook and Instagram Offline:
@scottalanmiller They aren't down here in the states as far as I can tell.
Downdetector shows everything in the US down. I just heard that AT&T is under attack. It's the US backbone having issues, apparently.
-
RE: Meta Down: Facebook and Instagram Offlineposted in IT Discussion
Youtube is working here, but Downdetector is showing every major service down.
-
Meta Down: Facebook and Instagram Offlineposted in IT Discussion
Here in Nicaragua the Meta services are down. Don't know if it is regional or global.
-
RE: Broadcom Acquired VMware: Does KVM Have a Chance?posted in Starwind
@CCWTech said in Broadcom Acquired VMware: Does KVM Have a Chance?:
@Oksana You couldn't pay me enough to use VMware. KVM is the industry standard and has been for years. And VMware with the recent announcement to kill their free offerings is now just a sinking ship.
And it isn't like when it was free, it was worth it. It was laughable what a bad product it was for free. Paying for it is totally insane.
-
Windows 11 Remove PIN and Only Use Password Instructionsposted in IT Discussion
-
Press Windows+I to open the Configure window
-
Select the option Accounts
-
Select in the left column the option "Input Options"
-
In the window on the right, scroll down to the option "Require Windows Hello Sign In for Microsoft Accounts" and set the button to "Disabled"
-
Go up to the option "Windows Hello PIN", click "Remove", and confirm once more
-
Enter your Microsoft account password in the next window and confirm.
-
-
RE: Broadcom Acquired VMware: Does KVM Have a Chance?posted in Starwind
@DustinB3403 said in Broadcom Acquired VMware: Does KVM Have a Chance?:
@scottalanmiller said in Broadcom Acquired VMware: Does KVM Have a Chance?:
@DustinB3403 said in Broadcom Acquired VMware: Does KVM Have a Chance?:
@scottalanmiller said in Broadcom Acquired VMware: Does KVM Have a Chance?:
@Oksana Does KVM have a chance? It's the only game in town. VMware is such a backwater of out of date, out of touch, "why would anyone use this" tech. If you use KVM, then you use VMware, it's like going from living in a beach front mansion to a caveman's cave where they are still pooping in a dark corner in the back.
VMware has been dead tech for years. It's so antiquated like they think it is the 2005 era.
XCP-ng is picking up a ton of customers as well, since there is a support model behind it.
Yeah, two great (and free) solutions on the market, and VMware that is costly and requires so much overhead to manage and maintain. It's such a disaster.
Broadcom just cancelled the free version of ESXi as well, so any small customer shops are just going to migrate, they have too.
Yeah, it REALLY makes Vmware so much less relevant, in a space where it struggled so hard to show value before!
-
RE: Broadcom Acquired VMware: Does KVM Have a Chance?posted in Starwind
@DustinB3403 said in Broadcom Acquired VMware: Does KVM Have a Chance?:
@scottalanmiller said in Broadcom Acquired VMware: Does KVM Have a Chance?:
@Oksana Does KVM have a chance? It's the only game in town. VMware is such a backwater of out of date, out of touch, "why would anyone use this" tech. If you use KVM, then you use VMware, it's like going from living in a beach front mansion to a caveman's cave where they are still pooping in a dark corner in the back.
VMware has been dead tech for years. It's so antiquated like they think it is the 2005 era.
XCP-ng is picking up a ton of customers as well, since there is a support model behind it.
Yeah, two great (and free) solutions on the market, and VMware that is costly and requires so much overhead to manage and maintain. It's such a disaster.
-
RE: Troubleshooting poor network performanceposted in IT Discussion
@DustinB3403 said in Troubleshooting poor network performance:
@DustinB3403 said in Troubleshooting poor network performance:
Moving from that port which was only giving 10FDx to an unused port, gave us 1000FDx.
I'm not sure where this issue stems from..
Got it sorted out, for some reason (and I'm still working on the specifics) our ESXi hosts secondary NIC keeps falling to 10FDx (likely some misconfiguration at setup).
I've moved XO off of this nic, and performance has been fixed.
If you want to improve ESXi performance, install KVM.
-
RE: Troubleshooting poor network performanceposted in IT Discussion
@jt1001001 said in Troubleshooting poor network performance:
@DustinB3403 I would think a hub would show half-duplex not full duplex?
It would definitely. A hub cannot be FDX.
-
RE: Broadcom Acquired VMware: Does KVM Have a Chance?posted in Starwind
@Oksana Does KVM have a chance? It's the only game in town. VMware is such a backwater of out of date, out of touch, "why would anyone use this" tech. If you use KVM, then you use VMware, it's like going from living in a beach front mansion to a caveman's cave where they are still pooping in a dark corner in the back.
VMware has been dead tech for years. It's so antiquated like they think it is the 2005 era.
-
RE: MeshCentral Futureposted in News
And what good timing as ScreenConnect / ConnectWise was just compromised.
-
RE: MeshCentral Futureposted in News
@DustinB3403 said in MeshCentral Future:
I was actually considering rolling this out with where I'm at we use a different IdP, which has this same sort of functionality built in, but I'm not a fan of it..
MC continues to be the best thing I've ever used. And our deployment of it is so massive. Thousands of devices, hundreds or maybe a thousand users now. We use it so heavily and it's just a tank.
-
RE: MeshCentral Futureposted in News
@AdamF said in MeshCentral Future:
@scottalanmiller said in MeshCentral Future:
1.1.21 is out now. Updating...
How did this go for you, @scottalanmiller ? I tried updating last evening and the gui never came back. Then after a reboot, the proper ports weren't even open on the web server. I didn't have time to troubleshoot at the time, so I rolled back from a snapshot. Any "gotchas" to be aware of?
Weird. No issues at all for us. Haven't (looks around for wood to knock on) had an update failure in years.
-
RE: New Building Considerations ...posted in IT Discussion
Build a super dedicated, fully cooled, fully wired, LARGE space with room to move about data closet on a raised floor.
-
RE: Define Air Gapped Networksposted in IT Discussion
Think of it another way...
Two random computers anywhere on the Internet are isolated from each other. I can't randomly send data to an ad hoc computer somewhere on the Internet. But we aren't air gapped.
So "isolated" is a super low bar. If I'm at my house and you are at your house and we are both online we are isolated. So isolated is the default state of most computer users. But air gapping is an extreme measure that goes dramatically beyond that so that no amount of technical hacking could ever, physically, breach the gap. You have to social engineer a human to connect the computer to something in order to remove the air gap in order to hack it.
-
RE: Define Air Gapped Networksposted in IT Discussion
@DustinB3403 said in Define Air Gapped Networks:
@IThomeboy80 said in Define Air Gapped Networks:
I think it is isolated from the rest of the network. This is to ensure that data and intellectual property are kept safely guarded.
Right, but isolated from the "rest of the network" doesn't mean that it is isolated from the rest of the world.
Or are you suggesting that it does?
Well the "rest of hte world" is a connection between the two. So while "the outside world" itself isn't a problem, both can't be on the Internet without being connected to each other.
-
RE: Define Air Gapped Networksposted in IT Discussion
@Obsolesce said in Define Air Gapped Networks:
@DustinB3403 said in Define Air Gapped Networks:
When using terminology like "Air Gapped" what is your first impression of it?
When I see someone say they have an air gapped network, I think it to mean that the network is separate from the rest of the organization (through a physical disconnect), and that Air Gapped, does not imply the lack of internet.
Air Gapped != Without InternetWhat's your opinion?
An air gapped network is indeed physically isolated from other networks, but the key yiur missing is that it is also isolated from the Internet. The primary characteristic being lack of any connection to outside networks, including the internet.
It's not the "connection to the outside" that violates the air gap, the issue is that if BOTH networks connect to the Internet or any shared network, it clearly isn't air gapped. Air gapped systems can never talk to each other without a different mechanism passing messages in between that crosses the air gap.
-
RE: Define Air Gapped Networksposted in IT Discussion
@IThomeboy80 said in Define Air Gapped Networks:
I think it is isolated from the rest of the network. This is to ensure that data and intellectual property are kept safely guarded.
Definitely isolated, but it HAS to be isolated by a lack of connection.
If you hack a normally isolated network's infrastructure, you need nothing more to violate the isolation.
If you hack an air gapped network infrastructure, you have to further hack a human (or robot) to remove the air gap in order to violate the isolation.