#networking

were so difficult

BRRRR

lool yea

Are you not a drill person?

yeah im not

we have 2 lazy 2nd lvl it supps hahahaha

https://pbs.twimg.com/media/D6YkMCsUwAEn2GF?format=jpg&name=large

eventually it popped on the other side

and all was good.

everyone is a drill person, if you think your not, you just dont know it yet

well I dont like making holes and drill person is one who likes that ig lol

i want to preserve as much as i can

wrong aswer

its like with sheet rock. once you cut, it wont ever be the same strength

https://tenor.com/view/funny-man-male-gif-9199139

i dont like that

not a powertool fan eh?

everyone needs a powertool

the compressor I use for cleaning out computers

runs on 400V

it has one of those beefy red cables

👀

marry me

its all fine and dandy, until you don't have access to three phase power

which is 99% of residential homes

im the one that measures twice, cut once

i want to be careful and get it right the first time

you dont have three phase power in every room? amateur 😤

PiHole users! Anyone have a good ad list for YouTude ads?

isnt easylist kinda the standard that gets them all?

https://easylist.to/

I’ll check it out

Where can i ask question about HTML?

#development

Ok

Thanks

Where would I ask a question about power line adaptors?

Here?

Ok

So I need to know if this would work:
The transmitter and receiver would be on different mains circuits, but would be connected to the same breaker, would it work?
See my image for visual representation

thats against code isnt it?

☠️

@tame carbon muh sparkie

?

two wires connected at the same breaker

@thick minnow there's no way to know for sure

unless you test

Ok

It’s the same breaker box, but not same switchy thing

a breaker is this

In that case they are not on the same breaker

I think if they are on the same phase then is should work

are you in NA

No

where?

Uk

ah

idk how that works

@tame carbon is CSS610-8G-2S+IN a good switch to start? i have a lot of devices that use utp like hue bridge and ps4

to start with fiber

@thick minnow yeah its a tiny 4 port 10G switch

generally if you want to connect 1G clients

you'd have another switch

to breakout 1x 10G -> 10x 1G

no it has Eight 1G Ethernet ports and two SFP+ ports for 10G fiber

oh wait

i need the 8 ethernet ports

misread

@thick minnow I wouldn't buy that personally, not because of the specs but because of the software

SwitchOS is rather limited

but then again if you want it purely as a switch

its perfect

one of the tips I can give you with mtik devices

yeah and with this one i can start with fiber

is looking at the block diagram

okay

oh they dont have one

not for this product

@thick minnow do you necessarily need more than 1 SFP+ port?

https://i.mt.lv/cdn/rb_images/1633_l.jpg

well i think 2 is better for later

well thats why I have the router on a stick configuration

I have a CRS305 https://i.mt.lv/cdn/rb_images/1661_l.jpg

connected to the RB4011

thats a 10G link between router & switch

you got 3 more 10G ports

ofc you are limited to 10G max between any device & the router

doesnt really matter what device is plugged into what port

either on the router or the switch

since you can use VLANs

yeah but i dont need a router because our modem alreay does that

if you put 10 bucks more down

https://mikrotik.com/product/CRS326-24G-2SplusRM

You can get a switch that also supports RouterOS

and with the CSS610-8G-2S+IN i can connect al my devices to our network and two 10gbit

its more than a router

RouterOS comes with a lot of L3 features

thats 100 more

really?

yeah

oh I mistook the other ones

you want a non ISP router, ISP routers have very little configuration

^

how you gonna handle ur vlans

if you cant even route across them

cus I bet you the ISP router cant do vlans

wait im gonna go home now and look what our modem supports

Thats why I suggested the RB4011 as a centerpiece

99% sure it doesn't

it has 10G expansion

as well as 10x 1G

see yall in 20-30 mins

@peak cloak yeah I've yet to see one that allows you configure virtual interfaces lol

let alone

do it in a sane way

https://i.imgur.com/Xsazf6i.png

this is for bridge vlans

on a CRS305

and making an actual interface to forward from and to

you just create a new vlan interface

https://i.imgur.com/PsDhAMi.png

in routerOS you can just transfer a vlan from one interface to another?

b/c in edgemax a vif is tied to an interface

you can't easily move it

easiest way is to manually edit the config

@peak cloak a physical interface becomes a slave

@peak cloak the interface it sits on is just a config field yeah

nice

much better tbh

@peak cloak https://i.imgur.com/2gLkWyE.png

@tame carbon can I hop into your dms so I can quick explain something in Dutch?

you can call if you like

My uncle is using my mic rn I don’t have one

😢

do you know what is wrong?

@oak night you can verify nginx config files

sudo nginx -T

Oh right

Thanks for reminding

to see current status of the nginx daemon

you can use systemd

sudo systemctl status nginx

Active and running

you can also do

journalctl -u nginx to get a log

to make it live you can add -f

i dont need it live

or if you want to put it in a text file journalctl -u nginx > log.txt

Restarted just today

@oak night is there a reason you it set to ipv6 only?

it's ipv6? it's ipv4 on my end

@peak cloak well the config looks fine

only difference to my configs

is that I have a huge list of cipher suites it supports

what's odd is the fact you are using certbot

I'm using letsencrypt

certbot is letsencrypt

yeah

but the commands look diff

letsencrypt renew

is what I run

We recommend that most people with shell access use the Certbot ACME client.

letsencrypt has there own client?

https://packages.ubuntu.com/search?keywords=letsencrypt

@peak cloak if you go to the install instructions for certbot

they recommend using snapd

yeah

even though ubuntu just has a package for this

why

yeah

I told kri to just apt

When I eventually get an ssh I'll prob use this instead https://github.com/acmesh-official/acme.sh

certbox doesn't support HE dns "api"

@peak cloak ,lol check #public-chat

warship?

too much going on, what word is banned?

I can't say it

put a space in

yes

but they just banned people for evasion of filter

is this right?

I know that i can use -T

But it shows me that is right

But when i use the site it won't work

@oak night hold on

let me check my configs

ok

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }

this is how it runs on my laptop

oh that is slightly different

you can just add this to the server { }

index index.html index.php

it will pick either of those files

if its a .php file, it will put it in fast_cgi

through a unix p[ipe

server {
listen 80 default_server;
listen [::]:80 default_server;
server_name flarum.kristianburiascophotos.tk;
root /var/www/html/discussion/public;
index index.html index.htm index.php;

    location / {
            try_files $uri /index.php$is_args$args;
    }


    location ~ \.php$ {
    fastcgi_pass unix:/run/php/php7.4-fpm.sock;
    fastcgi_index index.php;
    fastcgi_read_timeout 240;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
    fastcgi_split_path_info ^(.+.php)(/.+)$;
    }
}

Thats mine

did you set up the permissions for the directory?

chmod?

ye

Yes

i did

put an index.php in the root of that

add

<?php
phpinfo();

then see what happens

at same time

you can read the log of nginx

see if anything goes wrong

did you install php-fpm ?

and make sure its running?

right

get rid of the other lines

try it with just the cgi pass

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/run/php/php7.4-fpm.sock;
        }

all those config fields you are adding

are already in there

https://i.imgur.com/MYpQslE.png

so you can just include that default file

@oak night can you show me the updated config?

ok so the socket is not running

is there a service you need to enable for php?

check /var/log/nginx/error.log

@peak cloak php-fpm

https://i.imgur.com/QGtXAov.png

so systemctl status php-fpm?

sudo systemctl enable php7.4-fpm.service

sudo systemctl start php7.4-fpm.service

Same error

get status:

sudo systemctl status php7.4-fpm.service

I want to see what socket it is providing

ok see the config file there?

php-fpm.conf?

can you open that one

yeah

Sure

you want to show the whole config

so use nano

or cat

last lines?

can you see what files are in /run/php

anything else

?

No

there's supposed to be a socket file there

I can check with winscp

nginx cant find it

no

/run is a virtual filesystem

all those files are actually programs

ok

so is /sys and /dev

xD

Didnt know

think of it as a socket where data can be read and written to

ok

except in unix systems, datastreams, or sockets, can also be represented by files

like RAm?

yes there is one

the process can check its own memory and process info

in /proc

theres a directory in there for every process

@oak night this is a design philosophy from the 80s all the way back to the beginning of computing

"Everything is a file"

Cool

AT&B Bell Labs engineers came up with this

/dev/sda1 is first partition of your first harddrive

/dev/sda is the entire disk

/dev/sdb

but muh uuid

xD

yes

its like a rest api almost

xD

should i create it?

@waxen scroll https://i.imgur.com/yz9p1Ds.png

wow my eyes

@waxen scroll yeah windows can't handle solarized fonts

my zsh is hacked

Cool

@oak night ok so let me do some digging

sec

No problem

flarum eh

Yup

trying it

It's just a php app right

try serverpilot - will make ur life easier

Yes

lol

I'll try

@mystic hull he has everything running but one part is still not configured

its just a config file to modify

oh

well then do that

@oak night https://i.imgur.com/1rCb4VY.png

@mystic hull where you the one that set LTT up with those mtik routers/switches?

I see them in some shots sometimes

Never been featured in any video, how one might go to deploying those

@oak night in that pool.d should be a config file

can you open that one

the mikrotiks?

ya

like this one? Hehe

their new all in a single box switch lol

with all the I/O in the world

https://i.imgur.com/tpsdC0Y.png

that is a SHARP photo

ya the fault is a fan fault cuz I put noctua fans in it

🤣

@oak night you still with us?

Yup

Following

did you manage to find that pool config file?

Nope

can you check /etc/php

always the same with ubuntu...

ok go to 7.4

i suppose /fpm

ye

ok then the pool.d

What do you use for LTT Forum

?

thats a directory

ok whats in that www.conf

oh

its using tcp/ip

not a unix socket

it is a VPS

@oak night no no

a socket = tcp/ip

its same

Ok

you can either do a unix:/socket

or

an ip:port

in our case

For what?

port 9999

ok go back to your nginx config

Ok

Then

and replace the fast_cgi pass line

with

fastcgi_pass 127.0.0.1:9999;

Done

Reload

ye

see my laptop had an older version, but the IP variant commented out

https://i.imgur.com/Ht8Bssp.png

see ^

Yes

does it work?

So i should comment

ok what about /index.php

There is nothing there

there are files there though?

oh

well create a php file

and put

<?php
phpinfo();

in there

Also in /html

Np

wherever you set the server { root }

I have it pointed to /var/www/html

but if you have multiple sites

you may want to split this up into multiple directories

Ok

I have to eat

cya after

thanks

I need a router for home network

Pls can someone give me models?

just a router?

https://mikrotik.com/product/RB750Gr3

If I can ask I need a trusted company and a vpn to my home network

Mikrotik has all entreprise features at a fraction of a price. We pay in $ instead of kidneys, with mikrotik

yeah mikrotik may be intimidating at first, but is has a lot of features. It runs routerOS which you can check out it's web interface here http://demo.mt.lv/

Ok th

@thick minnow keep in mind that's just a router, you also need an Access Point for wifi

Ok th

I know I’m anoing but u send a wap to?

And the last thing I swear a switch

mikrotik also has a WAP which intergrates with the router nicely with CAPsMAN, their own management thing https://mikrotik.com/product/cap_ac

I myself have an EAP225

Ok th so match

And just checking on this softwares I can do a virtual lan?

yeah, vlans are supported

👍🏼

nothing out of this

White page

Flarum

Thanks

What is the problem?

look in flarum logs

you have mysql installed right?

Yup

How do i show databases?

no clue

I don't use mysql

What you use?

nothing

Ok

I dipped my toes into mongodb, but that's it

Ok

Just a question

Can you login into the root account if you know the password but without letting the owner know that you've been there?

Ubuntu server

wdym by know that you've been there

it's show in the log

Where

I need it

unless they delete the line

I suspect a friend has entered my vps

/var/log/auth.log

Ok thanks

disable root login

and use ssh keys

and disable password login

What is that

ssh keys?

But i can still enter

?

?^

so you can't do ssh root@server because root login is disabled

and can't login as user with a password

the client's ssh key needs to be installed on the server

and the ssh key can have a password on it too, but doesn't need to

and for even more protection put ssh on a non standard port

https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys

He bruteforced me

you have a weak password

use ssh keys

that digitalocean guide is really good

@oak night

Ok

It is this?

you run ssh-keygen on the client, ex: your desktop computer that will initilizing the connection

with windows, idk how it works

but you need to install openssh

then you copy the public key over to the server

ssh-copy-id does it nice and fast for you

you can do it manually as well

wait

you are doing that on the server

Yes?

ssh-keygen is run on YOUR computer

I should do it on windows

OK

that starts the ssh connection

yeah

and 2

why are you logged in as root

Then i should use the CMD

I shouldn't use it

no

create your own user with sudo perms

and disable root ssh login

I should first Create a user

basically useradd nameofuser

What about password

passwd nameofuser

ok

then you want to add the user to wheel group, which is the sudo group (only on centos, on deb it's different)

I have to give it root privilegies?

usermod -aG sudo nameofuser

Ok

sudo adduser username group

?

To what group?

no look what I posted, I used to run centos which is different

i mean in ubunut server

#networking message

Once that?

?

I can just logoff Root

?

you can switch to your new user and check if it works

su - nameofuser

ah

useradd is deperacated

didn't know that

so delete that user

and create a new one using adduser

confusing

ps aux | grep 595015

Do i send the result?

yeah

t found
root@vmi495395:~# roo

we want to see what is running

Kristian 595015 0.0 0.0 2608 1936 pts/5 S 22:05 0:00 -sh
root 595186 0.0 0.0 9028 676 pts/5 S+ 22:10 0:00 grep --color=auto 595015

oh, probobly because it's not logged out

we can kill it

Ok

kill -15 595015

-15 are secondS'

?

huh

How to logout

?

pkill -KILL -u Kristian

Done

now try

ok

deleted

Should i create another?

adduser

adduser: Only one or two names allowed.

well you need to specify a user adduser nameofuser

No capital letters

I think that's the issue

Unlike windows, Linux is case sensitive

It was

Added

Now put a password on it and add it to sudo

Done

su - kristian

yep

i'm in

nice

do sudo whois just to check you have sudo

🤦

my bad

Sudo who

it's whoami

just root

good

try sshing into it just by kristian@ip

just to make sure it works before we disable root login later

for one delete that image

it has the ip

Right

Ok

How do i resolve that

?

wait show the screenshot again

Now no ips

go to `C:\Users\Christian.ssh\known_hosts

and delete the entry for your vm

if that warning pops up later, then it's a bad thing

Does this cause issues with Putty

shouldn't

Ok

So known hosts

And delete the key?

delete the whole entry

I think it's the whole line

Ip SOmething something Key

Delete this line?

yeah

I'm in

ok and everything works right?

Yup

you are using openssh or putty?

openssh

Cmd

so just do ssh-keygen

in cmd

I think it may need admin perms

I'm administrator

For windows

if it asks for a passphrase, you can leave it blank for no passphrase or if you fill it in, then that's the passphrase for the key. So if someone steals the key, but doesn't have the passphrase it will be much more difficult

did ssh-keygen work?

Yup

Inserted the passphrase

doesn't have to be linux passphrase

fyi

windows doesn't have ssh-copy-id but I found this

type $env:USERPROFILE\.ssh\id_rsa.pub | ssh {IP-ADDRESS-OR-FQDN} "cat >> .ssh/authorized_keys"

I think it may need to be ran in powershell

whenever something is in {} get rid of the {}

type $env:USERPROFILE\.ssh\id_rsa.pub | ssh 1.1.1.1 "cat >> .ssh/authorized_keys"

example

Ok

bash: .ssh/authorized_keys: No such file or directory

ah

login normally via ssh

with a password

then mkdir .ssh

mkdir .ssh/authorized_keys

Now is a directory

oh my bad

If you havn't seen this is my first time really doing this through windows

Ok

ssh back in via password

Its ok

and

rmdir .ssh/authorized_keys

Done

touch .ssh/authorized_keys

creates an empty file called authorized_keys

Ok

now try

it worked

i hope

now try sshing again

Logout and back in

it worked

But i had to insert my passphrase

Anyway its better than before

it will ask for the passphrase

when you generate the key if you leave the passphrase blank it won't ask for one

Nah its ok

So it's more safe

but with a passphrase someone needs the key AND the passphrase to the key

don't loose your key

ok

So if he doesn't know me

He probably doesn't know my passphrase

f'ril, don't lose your key

Ok

Sure

I'm not going to

now we need to disable root login and disable password login

and we can put ssh on a different port

sneak 100

maybe not now for password login

but disable root login

Cuz Other people need to enter it

yep sure

But can i enable back Root login after is gone?

well it's ssh root login

I would have to

Su - Root

once you are logged in you can do sudo su - root

yeah

OK

perfect

/etc/ssh/sshd_config

-bash: cd: /etc/ssh/sshd_config: Not a directory

is a file

Sorry

yeah

nano /etc/ssh/sshd_config

@peak cloak live tv is le popc0rn rightnow

So nano

why

pm

PermitRootLogin yes i should say

No

Right?

yeah

Done

So no one can enter via root now?

if he is outside

yeah

Perfect

you may need to restart sshd service

let me look that up

i'll just try

it should be just sudo systemctl restart ssh

it'll kick you out

it doesnt

I'll restart it

It worked?

yeah

YESS

try sshing with the key

It works

Perfect

nice

good

For now also the port will remain the same

Also because there are other people

I mean you can tell other people the port

Yeah

I'll talk to them

I'll tell them for security reasons

you just do ssh user@ip -p 22

change the 22 to the port

oh ok

Now i'm going to install

Flarum

I wanna try it

it seams cool

@oak night did you end up getting the webserver to run php?

Yup

cool

But i had an error

mh?

Flarum

it gave me an error

too much specific

by default php doesnt generate an error log

but its probably in the nginx log

?

@oak night https://discuss.flarum.org/d/11562-can-t-install-something-went-wrong-undefined/2

@oak night can just cat or tail the log

Where is the log

?

/etc/ is config

logs are in /var/log

you can use ls to list the contents of directories instead of blindly trying to open a file

@vernal jacinth I dont even use ls most of the time

I just double tap tab

heh, sure

zsh

<3

learning about ls seems reasonable anyway

Access log 1

?

access log is just for logging individual requests

should be in error log

is this /var/log/nginx ?

yup

yeah pick one of them

btw

those .gz files are compressed text files

ok

you can use zcat to uncompress and print

but error.log is probably fine

wjat should i search for in the log

just dump the content

see if you can find something interesting

Cuz there are lots of ips

?

add these two lines to your php config

include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

its missing some info from nginx

remember, nginx calls php-fpm, which runs the actual script

no

?

in /etc/nginx/sites-available

add them to the place where you do fastcgi_pass

server {
listen 80 default_server;
listen [::]:80 default_server;
server_name flarum.kristianburiascophotos.tk;
root /var/www/html/discussion/public;
index index.html index.htm index.php;

    location / {
            try_files $uri /index.php$is_args$args;
    }


    location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass 127.0.0.1:9999;

include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}

    }

yu

and try now

It is not working

error logs?

btw

phpinfo dont work

cus security feature

it says it right there

but the 2nd error

is odd

I also use iredmail could this mean something?

mailservers are mailservers

all these protocols are standardized

So no

so its kinda plug and play

Ok

https://stackoverflow.com/questions/35261922/how-to-debug-fastcgi-sent-in-stderr-primary-script-unknown-while-reading-respo

its a permission error it seems

I never had these issues on ubuntu 16 and 18

must be a thing with 20

https://bbs.archlinux.org/viewtopic.php?id=251050

here's another interesting topic

Ok

Thanks

So i cant do anything?

https://i.imgur.com/II1qk74.png

this guy claimed he got it fixed

https://i.imgur.com/E5U66C4.png

this is a rather recent change in the program

So what sould i do?

Those commands?

There is nothing there

are you storing files in a home directory?

i'm not storing files

From my own

A part from a minecraft server

sounds odd to disable ProtectHome for hosting a website, storing such things under /home seems strange

@oak night thats cus that file dont exist

@vernal jacinth nah

So i have to create it?

wait what?

this is just the daemon that mediates between php and nginx

its fastcgi

why would it need to access home directories?

Where should i put protect home

@oak night its probably somewhere else in the directories

I'm also too tired for this rn

it ok

dont disable security stuff blindly, it sounds like an exceptional bad idea to give /home access to random software if you are not knowing why

That is true

https://i.imgur.com/MNQ6uG6.png

you can read what ProtectHome is for here: https://www.freedesktop.org/software/systemd/man/systemd.exec.html

@vernal jacinth honestly, I just wanted to toggle it to verify if it was indeed a permission problem

Takes a boolean argument or the special values "read-only" or "tmpfs". If true, the directories /home/, /root, and /run/user are made inaccessible and empty for processes invoked by this unit

usually I then use strace to figure out what exactly it tries to access

and then fix it there

unless you know there are files living under any of those dirs that you need, the above sounds unrelated to the problems

https://cdn.discordapp.com/attachments/387022787480387605/796503271485341696/unknown.png

I'm tired too

So i'm going to sleep

Here is like 23:49

11:49 PM

Cya

@vernal jacinth https://cdn.discordapp.com/attachments/387022787480387605/796438282275782676/unknown.png

and this was his php-fpm config

hmm, so the logs above states "no such file or directory" for /var/www/html/owa/auth/logon.aspx", is that related to your setup or some random bot looking for vulnerabilities?

sounds more like a bot since im guessing you are not running .aspx on a linux host

@oak night figure out what file you are trying to reach when accessing the web server, then see if logs mentions any file like that. As @tame carbon mentioned using strace is a nice idea when not being able to figure out what a process is doing, but it can be hard to grasp the wall of text that tends to be a result from that when you are not used to it

@vernal jacinth yeah I was wondering what that was too

wait

facepalm

I think his install is functional

he only tried to load phpinfo

which didnt work

but that was explained by that log

I just assumed he was trying to load wordpress, but that seems like a typical kind of chinese crawler

guess its possible 🙂

i'm guessing the owa-log is probably something looking for a outlook web access site (the web frontend for microsoft exchange)

any good domain registars you would reccomend?

because my original domain on get.tech which I got though github costs 30 bucks to renew

.tech seems to be expensive accross the board

@peak cloak Gandi

Never heard of them, will look at it

They're who I register all my domains through

Someone knows a good virtualization to run on centos server?
Except terminal kvm virtualization, it's for a friend that doesn't have enough knowledge in managing vms from ssh.
I need something with web interface.
Thanks.

kvm with cockpit?

I think cockpit can do that idk

proxmox?

Ya kinda can do it

Nah I want base os centos

any reason why?

centos is now soon rolling release anyway

Because I want to help him managing it for his business

no I mean, why centos?

I know but I'm used to centos

Redhat systems

I barely touch proxmox cli

proxmox ui is pretty user friendly

It comes with web interface or something else ?

proxmox is made to be mostly managed though web interface

Ok

How the installation going ? Because I'm installing the os remotely

oh, how remotly?

via something like iDRAC?

or on a vps?

Last time I installed os virtualization via kvm on my server it was hell

because proxmox is an os

Dedicated server

it comes as an iso and you install it like debian

https://www.proxmox.com/en/proxmox-ve

Ya the problem was to start the installation from lara (lantronix) kvm uploading the iso

The part of uploading the iso was hell

ah

Because it's uploading and loading it at the same time

https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_Buster

And my internet now is not that stable

looks like you can install it on debain

I'll look on it later today

It's 4am here I should get some sleep

Thanks :)

you should

I installed ovirt but something fucked up the cert so I lost access to the admin panel

oh never heard of ovirt

It's libvirt / kvm

so same underlying tech like proxmox

kvm

Very nice option but burning your brain cells

Do you heard about openstack?

Almost the same

isn't openstack a manager

not what you install on the machine

Nope

It's some kind of docker based

Not like other virtualization

ah

not docker

docker is different

Nova for VM's

and Zun for containers

it's a whole orchestration system

kinda like kubernetes

For the love of all that is holy, do not use openstack

if you don't like openstack, what would you recommend

Depends on what you’re doing. Single host, nothing fancy? KVM. Single host, free, some nice to have features, proxmox. Single host, paid, lots of that good-good, ESXi. And clustered, I’ve found it’s hard to be an esxi vSphere cluster.

Oh no esxi

I have never seen, in enterprise, education, and personal use/application of openstack, it perform like it said it should.

Esxi is an industry titan/standard for a reason

Is the reason, they are locked in

No. Believe me, people love using free and open source stuff whenever they can. Mainly because of the free part. But nothing matches VMware offerings in terms of, well, everything.

My own server runs esxi I don't like...
My friend doesn't need esxi waste of money and time.
Just need some basic features and easy to use interface.
I have tried ovirt that uses kvm / libvirt but need reinstall the server for install it

fedora server - web interface or terminal or desktop environment.

¯_(ツ)_/¯

Does anyone know about nftable hooks?

@lean pebble What do you not like about it?

esxi is closed source and requires licensing

to me thats a blocker

I can understand the closed source part, and why that might irk people

But a essentially limitless dev license is 200$/year, and includes support.

@thorny vector meh

with kvm you can pretty much get all the features you'd want in a VM

and there are plenty of tools that basically offer same functionality as vCenter

dont need an all in one solution

meh, +1 for vsphere

I've yet to see a solution that gets close to all the features that vSphere has. Especially when it comes to integration with other products

I had to make a custom esxi image before, to add support for this one raid controller

you probably never had to use the higher end vcenter features such as DRS or live migration etc.

amount of effort involved...

vsphere is awesome, however an overkill for homelab

@desert briar yes but there are open alternatives for that

It's called using supported hardware. They put out massive lists for that.

i use VMUG too though 😄 . 200 per year is reasonable to pay

Proxmox is a compelling alternative for an advanced homelab

also enjoys scaling capabilities for enterprise

@thorny vector yeah but if you run kvm, you don't have to worry about hw compatability

since linux runs on everything

I'm not sure what kind of kernel ESX uses

Its a unix-like system though

Its a modified linux kernel

It can't be, since it is propietary and commercially sold

if it was, it would have sourcecode available

Disregard, VMKernel

VMware has been sued by Christoph Hellwig, a Linux kernel developer, for GPL license violations. It was alleged that VMware had misappropriated portions of the Linux kernel

@thorny vector ahh so

they wrote an interface for loading kernel modules from linux

they have their own kernel

ESX (up to version 5) was linux based

my whole copyright knowledge is very iffy, but as far as im correct, you can re-purpose open source projects for commercial use, as long as the open source ideology is still maintained

Yeah it couldnt be linux itself, since that would be a violation

@desert briar you just have to provide source code

and have a list of your modifications

if you just use linux itself as part of the system, without modification

you don't have to provide sourcecode

merely provide a license to GPL

fair enough

if its a hosted service, eg: you are not selling sourcecode

you dont have to provide a notice at all

so using linux is free

sounds about right

@desert briar https://tldrlegal.com/license/gnu-lesser-general-public-license-v3-(lgpl-3)

This is an amazing website for programmers

to understand what a license might mean

This is for LGPL

often used by libraries

thanks

will be sure to give it a look

https://i.imgur.com/GRw7xon.png

and this is kinda defualt for all GPL

https://i.imgur.com/LyYgYGL.png

even mikrotik that uses linux as core in their RouterOS

https://github.com/robimarko/routeros-GPL

has provided copies of their source

as per request

not for every release

Meh. I still don't see anything competing, REALLY, with VMware. Big thing they do is the networking they support, with stuff like Distributed Switches

technically

mtik is still violating GPL

but GPL is infectious like that

@thorny vector only reason why its so popular is because it integrates with active directory and such

its ment for enterprise and corporate settings

and there's contractors that sell managed solutions

you can ring a company up: I want a vm solution

and they sell you hardware and support

thats where vmware is king

damn this guy hits the nail on the head

https://i.imgur.com/fChk8BH.png

I was never taught any legal stuff

and I had a 4 year engineering course

My lab is setup at an enterprise scale. I don't recommend VMware to the average user, but when it comes to the king of virtualization, No one beats out vmware.

@thorny vector I used vmware before I grew a clue

once I became proficient with kvm and libvirt, I ditched vmware

glad I don't need a windows vm anymore to run the vSphere client

vSphere client for linux was through the Workstation Player, which was subject to licensing fees on linux