• 0 Posts
  • 28 Comments
Joined 1 year ago
cake
Cake day: December 17th, 2023

help-circle






  • Depends on your approach, but only open the minimum amount of ports necessary. Fail2ban is a good idea.

    Consider a strict default deny iptables that also affects the output table - in case someone does get in, this will limit the damage one can do by making it part of a botnet.

    Personally I like to isolate any exposed servers on its own vlan, so in case of compromise, it won’t affect any of the other hardware I’m running.

    Also, most routers have less strict security if the connection is coming from the inside. Make sure any access methods to your router is secure.



  • Jabra still exists yes. I’m still using Jabra, although I’m using a pair that I bought after I thought that one earbud was gone forever. I still use the older ones, which was Jabra Elite 4, but only with my PC, as its battery took a hit after those 6 months at sea. I currently main Jabra Active 7 or something like that, and I quite like them. I noticed that the cover doesn’t stay very attached after a few proper cleans, but nothing a drop of glue doesn’t fix. What I really like about the ones I currently use is that they’re supposedly built to withstand sweat while training. I don’t work out, but it would seem that those who do sweat A LOT, as I can wear mine while showering without any issues.

    As for resilvering, the RAIDs are only a small fraction each of the complete storage cluster. I don’t remember their exact sizes, but each raid volume is 12 drives of 10TB each. Each machine has three of these volumes. Four machines total contributes all of its raid volumes to the storage cluster for 1.2PB of redundant storage (although I’m tempted to drop the beegfs redundancy, as we could use the extra space, and it’s usually fairly hassle free to swap in a new server and move the drives over).

    EDIT: I just realized that I have this Jabra confference call speaker attached to the laptop on which I’m currently typing. I mostly use it for discord while playing project zomboid with my friends, though. I run audio output elsewhere, as the jabra is mono only.


  • Story time!

    In this one production cluster at work (1.2PB across four machines, 36 drives per machine) everything was Raid6, except ONE single volume on one of the machines that was incorrectly set up as Raid5. It wasn’t that worrysome, as the data was also stored with redundancy across the machines in the storage cluster itself (a nice functionality of beegfs), but it annoyed the fuck out of me for the longest time.

    There was some other minor deferred maintenance as well which necessitated a complete wipe, but there was no real opportunity to do this and rebuild that particular RAID volume properly until last spring before the system was shipped off to Singapore to be mobilized for a survey. I planned on getting it done before the system was shipped, so I backed up what little remained after almost clearing it all out, nuked the cluster, disassembled the raid5, and then started setting up everything from scratch. Piece of cake, right?

    shit

    That’s when I learned how much time it actually takes to rebuild a volume of 12 disks, 10TB each. I let it run as long as I could before it had to be packed up. After half a year of slow shipping it finally arrived on the other side of the planet, so I booked my plane ticket and showed up a week before anyone else just so I could connect power and continue the reraiding before the rest of the crew showed up. Basically, pushing a few buttons, followed by a week of sitting at various cafes drinking beer. Once the reraid was done, reclustering was done in less than an hour, and restoring the folder structure backup was a few hours on top of that. Not the worst work trip I’ve had, except from some unexpected and unrelated hardware failures, but that’s a story for another day.

    Fun fact: While preparing the system for shipment here in Europe, I lost one of my Jabra bluetooth buds. I searched fucking everywhere for hours, but gave up on finding it. I found it half a year later in Singapore, on top of the server rack, surprised it hadn’t even rolled down. It really speaks to how little these huge container ships roll.