Posts by Nate Amsden

Re: sas is fine for me

I believe they both had controller failures, I don't have the logs from the first failure in 2023 anymore but I recall the events saying the disk was not responding anymore.

Most recent failure was last month first error was

pd 14 port a0 on 3:0:1: cmdstat:0x1a (TE_PATHSICK -- Path is sick), scsistat:0x02 (Check condition), snskey:0x0b (Aborted command), asc/ascq:0x47/0x82 (Vendor-specific ASC/ASCQ code), info:0x0, cmd_spec:0x0, sns_spec:0x0, host:0x6, abort:0, CDB:28001441CED000000800 (Read10), blk:0x1441ced0, blkcnt 0x8, fru_cd:0x0, LUN:0, LUN_WWN:0000000000000000 after 0.001s, toterr:95, deverr:39

then 2 hours later

pd 14 port a0 on 3:0:1: cmdstat:0x1e (TE_UNITATT -- Unit attention error), scsistat:0x02 (Check condition), snskey:0x06 (Unit attention), asc/ascq:0x29/0x2 (Scsi bus reset occurred), info:0x0, cmd_spec:0x0, sns_spec:0x0, host:0x6, abort:0, CDB:8800000000019977E8C0000000200000 (Read16), blk:0x19977e8c0, blkcnt 0x20, fru_cd:0x0, LUN:0, LUN_WWN:0000000000000000 after 0.000s, toterr:96, deverr:40

few seconds later

hw_disk:5001173100A6357C pd 14 port a0 on 3:0:1: cmdstat:0x1a (TE_PATHSICK -- Path is sick), scsistat:0x02 (Check condition), snskey:0x06 (Unit attention), asc/ascq:0x29/0x7 (I_t nexus loss occurred), info:0x27174e00, cmd_spec:0x0, sns_spec:0x0, host:0x6, abort:0, CDB:8800000000019974DCC0000000200000 (Read16), blk:0x19974dcc0, blkcnt 0x20, fru_cd:0x0, LUN:0, LUN_WWN:0000000000000000 after 0.002s, toterr:97, deverr:41

about 90mins later the RAID rebuild was complete and the drive was disabled

No indication that the drive went to read-only mode(unless that is buried in the hex codes somewhere).

None of the drives report less than 84% wear life remaining, really blows my mind still how reliable it has been. Zero read or write errors reported on any disk(except the ones that failed but those stats were reset when the drives were replaced).

Re: Lots of hot air

yeah makes no sense to me as someone who moved to MariaDB about a decade ago(zero application changes required). In the time since I have not come across anything (mostly open source but also commercial) that mandated Oracle's MySQL for anything.

Re: Why am I ashamed of my tribe ?

VMFS is another reason. I shit on Xen back in 2008 when my manager didn't want to pay for VMware. It wasn't until a couple of months ago that I realized that none of the competition Xen, proxmox, KVM(commercial or open source) support a reliable shared filesystem SIXTEEN YEARS after vsphere released sub LUN locking. Red hat has a couple of offerings from 3rd parties(one is Veritas, forgot the other, both require additional licensing for the filesystem, guessing they don't get much usage as hypervisor storage).

HPE supports it but I suspect it doesn't work well yet(they all seemed to try GFS2 a 20+ year old cluster filesystem and abandoned it due to bugs they are unwilling to fix). I don't like the complexity of using ceph as a block storage platform for my VMs, when I have nice high quality fibrechannel storage systems that have hummed along for a decade without issue). VMFS has been flawless for me personally at least going back to my first usage of it in 2006.

My mind is still blown, still in shock really.

Re: There is already a fork

I'm sure it's a great system, though for casual people like me(not a DBA) for no other reason than the syntax/setup is so foreign to me from and admin standpoint. I'm more comfortable with Oracle DB than postgres from that standpoint even though I haven't touched Oracle is about a decade(I still do miss Oracle EE with the vast instrumentation and performance analysis it has, haven't used that since 2007ish though used Oracle SE up till about 2016, at the time it was hosting my vCenter 5 database, and yes I know vCenter DB runs on postgres since then which i have no issue with since I never have to interact with it directly).

I know it's my fault but it's just super frustrating to have to do multiple web searches to find the most simple things how to do basic things in postgres every time (because I don't use it often enough). Takes forever to get stuff done(for me). My org does have a DBA so I just ask him to do the vast majority of it these days(which isn't much, maybe less than 1% of the work he does for mariadb already). He's not fond of it either for the same reasons though probably knows it much better than me (I hope anyway..).

Re: RIP

Back in 2004 I was at a company that used HPUX Integrity Itanium servers for big Oracle databases. I recall they had redundant out of band management cards on them. At one point we did a big network upgrade moving from older 24-port 3COM switches(I don't remember the model but have a picture taken a year or two later http://elreg.nateamsden.com/2004-network.jpg ), that may of been gig? But I think they were still 10/100 on our backend network. The network was quite a mess, none of the cables were labeled and everything was going to a single rack, very tightly packed. We were going to a new pair of 48-port Extreme Networks Summit 400 switches.

The migration was basically unplug everything, remove the switches, put the new switches in again, and plug everything back in again. During this process we caused a network loop, somehow plugging both ends of the same cable into the switches, no idea how that happened but it took a while to track down just unplugging ports till the loop stopped. I recall at one point our manager was saying "we need to prepare to roll back soon". The network engineer and I(I was the server/app/ops guy) looked at each other and said, no way we can't roll back it will take so much longer.. anyway we found the loop and fixed it.

Where Itanium comes into this story is that loop caused all of the Itanium out of band management ports to hang, from what I recall there was no other systems that had lasting effects, once the loop was gone everything was fine except those out of band Itaniums. The back end engineer in charge of those systems contacted HP for suggestions. There may of been a reset button on the cards, if so, they tried it and it didn't help. HP insisted those cards were hot swappable, and to just yank the card and re-seat it and it would reboot with no impact to the running HPUX system.

So they yanked it on a lower priority system after hours and the system promptly crashed hard. It came back up, but clearly not hot swappable.

The next year or so the company funded a project of mine to basically rebuild everything, all new servers, new network, new back end storage, and new Itaniums (I had nothing to do with the back end). Built it out much better then, though we still made mistakes since we were learning as we went.

The company later moved to RHEL Oracle systems after I left on x86(when I first joined they ran HPUX on PA-RISC). I recall years later still being told their largest customer, AT&T was demanding they return to big iron Unix(didn't care which), and AT&T said they'd even foot the bill. Apparently Oracle on Linux was super unstable, at least for the databases they were running (largest single instance OLTP in the world, by that point maybe it was 70-ish TB, it was mid 50s TB when I left 2-3 years earlier).

Re: Impressive

I used AfterStep myself for many years(late 90s to mid 00s) I assume because windowmaker was more popular(though Enlightenment was most popular among newbies) and I wanted something different (same reason I chose Slackware originally over Red Hat in 1996, went to Debian in 1998). Seemed quite similar in UI to windowmaker, I think both could use all of the same "applets" or whatever they were called. But it is what got me hooked on using tons of virtual desktops and using edge flipping (move mouse to edge of screen to move to adjacent desktop), which became a critical part of my workflow through to today where I run Mint+Mate with a Gnome app named brightside which hasn't seen an update since 2004 (last released with Ubuntu 16), though managed to get it to build cleanly (and 17 other dependencies) on Mint 22, so happy to continue to have a consistent interface for a few more years yet. Brightside provides the edge flipping functionality to Gnome, and I have not found an alternative to that tool (last I checked anyway). AfterStep was last updated in 2013, though I think I switched to Gnome v1 around 2006/7.

I even ran LiteStep on Windows XP at one job I was at about two decades ago, not quite as nice as AfterStep but worked well enough. The company's IT team couldn't figure out how to open control panel on my computer so I suppose that was a nice side effect.

Your mention of GNUStep triggered an Afterstep memory since it stored some things in ~/GNUstep I believe, other than that I have no idea what GNUstep even was(assuming it was something..).

sample screenshot (removed a couple of private things just in case) from 2002, at one point I ran with something like 64 virtual desktops but no screenshot of that unfortunately. Today I use 24 virtual desktops(all but 3 currently in use)

http://elreg.nateamsden.com/x-desktop-02-27-01.jpg

Re: Trend

Everything is relative... my last CDN outage was 9-10 years ago. Cloudflare certainly seems to go down more than others. I mean I can't remember the last time I saw a news article about a big Akamai outage for example, or Fastly (which is another CDN that competes with Cloudflare).

Re: Yay!

Maybe. Never looked into it. My account on eBay has an excellent reputation as a buyer but have never sold anything there.

Re: Where is the free/community edition?

I don't know when the "free esxi" started, but my history with vmware goes back to 1999 with vmware ("workstation" but it was just called vmware) on linux. Later I worked with VMware GSX (which AFAIK never had a free version), and later VMware server(re-badged GSX, which may have been free?), before going to ESX 3.5 in 2006/2007. I didn't personally use a free esxi till vSphere 5 I think it was(perhaps the free license was available earlier, I'm confident they had free 60-day trials earlier). And of course vmware workstation throughout(not free until post broadcom acquisition).

Re: curious

weird, wonder what that has to do with AI then.

Re: Damn.

I was thinking the exact same word, damn... I remember using Kingston and Kingston ValueRAM back in the 90s before switching to Crucial(after realizing ValueRAM was just a mixture of different brands of memory chips) at some point and have been 100% crucial for everything since. Pretty much been happy the whole time past 20-25ish years.

Though I did happen to get a memory stick in a package this year that had a pair that was DOA, very surprised never had that happen to me for memory before. Crucial did replace it but it took about 6 weeks to get the replacement, fortunately I wasn't in a hurry. It took a little convincing to get them to believe the stick was DOA. It was brand new from B&H, came in a pack of 2. One stick worked fine in either slot, the other stick the system would not POST at all, in either slot.

I too don't care about RGB or overclocking, or even super high performance just want the bog standard regular stuff but want high quality, cost is less important. Though I did like the big heatsinks on the pair of Crucial Ballistix memory I got in 2019(2x4GB), I guess technically that was "overclocked" (got it for a day 0 Ryzen 3700X running Linux Mint that did nothing but handbrake encoding for 4 years). Just "retired" those memory modules earlier this year, only to install them in a refurb Dell XPS 8930 I got from ebay for one of my sister's kids for xmas.

Maybe the next obvious thing to switch to is Samsung memory? Though I've never looked into how(or if) one can acquire such memory, maybe have to go through a 3rd party brand or something..

Re: Does this matter?

I think in most cases, for most users, the biggest threat is just installing super questionable apps, which I think most users don't generally do. Think of the news stories about various at least Android apps that have been found to be malicious. Their install bases tend to be tiny compared to the market as a whole. So your personal risk factor in general is quite low regardless of how your device is patched.

I have said for a long time, the best form of security is "don't be a target". Most people are not targets. People that are targets, don't really have much choice (thinking politicians, perhaps journalists, important leaders etc). A nation state(or similar) is not likely to deploy their fancy malware broadly, they want to target those that they really want to get and not let the world know what they are exploiting and how. You may get hit anyways, but in my 30 years on the internet the real world likelihood of that happening is super remote(was much more likely 25 years ago when people were directly connecting their operating systems to the internet with dialup modems)

For computers, really just keep your browser relatively up to date(even Windows 7 still has Firefox being officially supported through ESR for a few more months!), and if you need to go to a website that is questionable ... (I would say gaming sites especially those that offer cracks and stuff, along with the "free" porn sites) use another computer or at least use a VM or isolated browser to do that stuff, and be sure to have decent security software installed(maybe you trust windows defender enough, or maybe not.. assuming you use windows - I've used linux on my desktop/laptop since 1998), and don't connect directly to public networks(includes public wifi etc) unless as a last resort. I'll tether to my phone in the rare cases that I am traveling with a laptop before I consider public wifi, or even hotel wifi, for me all of that is last resort. It's PROBABLY FINE, but I'd rather not if I have an alternative.

I've never used SharePoint (though annoyed that so many orgs seem to want to use it as a general file storage not the CMS that is is, when there are cloud things like Azure files that are built for file shares - note I haven't used Azure anything either), but at my first SaaS gig two decades ago we did use Visual Source Safe For version control of our internal documents. Fortunately I never had to deal with the fallout of that. There was one person we had who knew VSS and was tasked with recovering our VSS on the many occasions it decided to corrupt itself.

Re: At some point you have to blame the downloaders

Most devs care as much about security as they care about how much their cloud bill is (Which is not at all). Pretty sad to see how many people are willing to just download a shell script and run it (often as root) blindly.

At least with Linux repos there's often some checking that goes on before something is published. I run my own repos so systems only shnc against a known state.

I remember back in 2007 I would manually build RPMs for all of the ruby gems our app used at the time. Built them for probably 3 different operating systems/architectures. In 2013 at another org came the first request for NPM. I planned to do the same but noped out pretty quick. What a disaster that was waiting to happen(blindly downloading dozens lf hundreds of dependencies).

Re: Like Proxmox but…

Maybe not impossible(?), just stupid. If I were to use Proxmox in this way(I have never used Proxmox) I could export unique LUNs to each of my systems (assuming Proxmox includes fibrechannel drivers and hopefully MPIO?) and even if the volumes are not shared between hosts, and could format local ZFS on each node or whatever to do stuff.

I do find it interesting/sad that it seems none of the open source hypervisors can handle shared storage like VMware? I just checked last night for Xen after reading an article here about that again. They technically support GFS2 but apparently no storage migrations allowed with it. Ubuntu LXD (their container/VM solution) does not support GFS2, Proxmox does not last I checked, and I saw a comment here recently from someone trying HP VM Essentials that DOES support it and had major issues.

Then I realized something I forgot a long time ago, I think it was vSphere 4.0 that introduced VAAI, which included "sub LUN locking"(hardware accelerated by the storage), Broadcom calls it "Atomic Test & Set (ATS), which is used during creation and locking of files on the VMFS volume". Of course that was over fifteen years ago now and the competition still doesn't have reliable locking, hopefully this race to improve the alternatives fast tracks this for GFS2 or the creation of a new file system. Though at the time that feature was limited to Enterprise Plus licensing, unsure if that ever changed.

Dug up an old blog post I wrote on the topic from September 2010 - http://www.techopsguys.com/2010/09/07/vsphere-vaai-only-in-enterprise/

So perhaps some org (HPE is probably best positioned given they sell a lot of SAN stuff) can implement this feature on the open source side, since the hardware out there has already supported this technique for such a long time already, would be ideal if they could just leverage the existing support. Maybe they can't get all of VAAI, but this one part seems super important.

I remember getting into arguments with my then manager in 2008, we were a very small vmware shop, just a few ESX 3.5 servers only using standard licensing - no vCenter, no clusters etc. He didn't want to pay the cost for VMware, and wanted to use the free Xen included with our CentOS systems instead. I pushed back saying Xen wasn't good enough IMO (I had no experience with Xen just a "feeling"). I remember at one point he called me a "pussy" out on our open floor plan office for not wanting to try Xen. I laughed it off. I left the company not too long after. He directed my former co-workers to then deploy Xen. They tried, for a month, and gave up. The critical failure was they could not get a 32-bit CentOS system running on a 64-bit Xen hypervisor it would just lock up every time, and they couldn't find a fix. Our standard was 32-bit for some of our apps as running them in 64-bit mode literally caused memory to explode.

Many years later I reached out to him just to say hi or something and he eventually apologized saying I was right, he was wrong, Xen(at the time anyway) was a piece of crap compared to VMware.

But wow, that was literally 17 years ago. It's just shocking that Xen and others still are that far behind on basic things like storage. There's a reason the last version of vSphere that excited me was 4.1, I want a rock solid foundation for my systems, all of the bells and whistles on top are far less important to me. vSphere was one of the most solid pieces of software I've ever used, with the caveat that I ran conservative configurations and stayed well behind the curve (running 4.1, 5.5 6.5, and 6.7 at least a year past EOL before upgrading).

Re: Ditch the emotion

I agree to some extent. Prior to broadcom, vsphere enterprise+ was about the same price as it was 15 years ago minus the 32 core limit per license (?). CPUs have gotten so much more powerful not to forget inflation during that time.

I think even if you doubled the enterprise+ license it would be worth it. But they went far farther than that of course.

As it's been shown/exploited countless times over the past couple of decades, it's easier to ask for forgiveness then ask for permission.