I don't know much about MPLS except that even with redundant links the entire connection goes down if the company that runs it has a problem. So it's some kind of half-redundancy.
For real redundancy you need to have multiple links using different operators.
@travisdh1 said in Blind swap / automatic rebuild on linux:
@Pete-S said in Blind swap / automatic rebuild on linux:
I often see that the argument for using hardware raid is to be able to initiate an automatic rebuild by just swapping a faulty drive for a new one.
A lot of people assume that software raid can't do that. But that's incorrect.Software raid on linux (as in
mdmanaged bymdadm) can do the exact the same thing.It's under policy and partition policy in
mdadm.conf. You'll find on theman mdadm.confpage.
Thespare-same-slotoption would be the one that works the same way as hardware controllers usually do.I haven't used it myself since I prefer to initiate the rebuild myself. But I wonder if you guys have used it?
I don't think blind swap is about automatic rebuild, that's a given no matter what software/hardware RAID is running. It's more about seeing the light is red instead of green on drive 6, so you know that is the one to replace.
The only example of not having that available, that I can think of, is https://www.45drives.com/
I don't know man.
A typical SMB would have no monitoring and any server would be stuck in a closet somewhere. Nobody would notice any red lights until several months later or until something breaks and then they'd have no clue what to do about it, wouldn't know who to call and wouldn't have any idea if the server even has warranty (it never has). A spare drive wouldn't be available unless it was an old discarded drive left on the shelf from the last time something was replaced.
If it was someone who knows what they're doing then a red light or not doesn't make much of a difference. Any drive that gets kicked out of an array doesn't have any activity. So it's always the one that doesn't blink.
BTW, Supermicro has better toploading servers than 45drives. You still have drive activity LEDs on those and you can hotplug any drive while it's running.
Storage server porn:
Youtube Video
@Pete-S said in Blind swap / automatic rebuild on linux:
@DustinB3403 said in Blind swap / automatic rebuild on linux:
@Pete-S said in Blind swap / automatic rebuild on linux:
@travisdh1 said in Blind swap / automatic rebuild on linux:
@Pete-S said in Blind swap / automatic rebuild on linux:
@travisdh1 said in Blind swap / automatic rebuild on linux:
@Pete-S said in Blind swap / automatic rebuild on linux:
I often see that the argument for using hardware raid is to be able to initiate an automatic rebuild by just swapping a faulty drive for a new one.
A lot of people assume that software raid can't do that. But that's incorrect.Software raid on linux (as in
mdmanaged bymdadm) can do the exact the same thing.It's under policy and partition policy in
mdadm.conf. You'll find on theman mdadm.confpage.
Thespare-same-slotoption would be the one that works the same way as hardware controllers usually do.I haven't used it myself since I prefer to initiate the rebuild myself. But I wonder if you guys have used it?
I don't think blind swap is about automatic rebuild, that's a given no matter what software/hardware RAID is running. It's more about seeing the light is red instead of green on drive 6, so you know that is the one to replace.
The only example of not having that available, that I can think of, is https://www.45drives.com/
I don't know man.
A typical SMB would have no monitoring and any server would be stuck in a closet somewhere. Nobody would notice any red lights until several months later or until something breaks and then they'd have no clue what to do about it, wouldn't know who to call and wouldn't have any idea if the server even has warranty (it never has). A spare drive wouldn't be available unless it was an old discarded drive left on the shelf from the last time something was replaced.While probably true, that doesn't really have anything to do with blind swap.
I'm just saying those that have their server park under control doesn't really need any LEDs. And those that really needs it, doesn't look at it.
But it would actually be a small thing to make a script that would indicate faulty drives. You look at /proc/mdstat and any drive showing a
_instead ofUis lit up on the drive bay. It's controlled by SGPIO or SES. That's how the raid controller does it.I thought MD was already capable of performing this. . .
I don't think so but I could be wrong.
I mean you could run raid 1 on a pair of sd cards. Since that
mdworks on any type of block device or partition there is no guarantee that there are any drive bay lights or anything of that nature. But it's possible that there is an option for it.
Has a quick look and it looks like the ledmon package monitors md arrays and set LEDs accordingly.
So yes, software raid can indicate what drive has an error directly on the chassis with some additional software.
It depends on the size of the company.
For a small company it might be easier to adjust the way they work, to the tools that are available.
For a large company you'll either have your own custom side-systems or you put the same amount of money into customization of an off-the-shelf product.
IMHO the easiest way forward, for the organization, is to have an new modern system developed that will replace the Access 2003.
@scottalanmiller said in Need help to connect two office with OPNSense router and a laptop by using Zerotier:
@ismurdegus said in Need help to connect two office with OPNSense router and a laptop by using Zerotier:
I installed of each OPNSense router the ZeroTier client and assigned to the ZT interface a static IP.
ZT needs to be configured as a gateway. By default it is not, it's a client.
On OPNsense you install OPNsense packages so it's not a regular install. You need to configure it in the GUI.
https://docs.opnsense.org/manual/how-tos/zerotier.html
Another way that is easier to get working, is to just install zerotier on everything that need to communicate with each other.
So you don't set it up on the firewalls themselves but on the devices behind the firewall, for instance servers.
@scottalanmiller said in Need help to connect two office with OPNSense router and a laptop by using Zerotier:
@Pete-S said in Need help to connect two office with OPNSense router and a laptop by using Zerotier:
Another way that is easier to get working, is to just install zerotier on everything that need to communicate with each other.
So you don't set it up on the firewalls themselves but on the devices behind the firewall, for instance servers.
If you don't need any other devices like printers, NAS, IoT, etc.
You could work around that by routing over devices that has a zerotier connection. But if you know enough to do that I guess you'd have the knowledge to do it on the firewall instead.
ZT makes any machine dual homed.
@CCWTech said in Ubuntu DDE Spanish Characters:
@Pete-S said in Ubuntu DDE Spanish Characters:
Change your keyboard settings to the English US international. You'll get some additional AltGr+key combinations for Spanish and other languages.
Thanks!
Or you can just go old-school and use alt+numeric pad combinations.
¡ Inverted Exclamation Point 0161
¿ Inverted Question Mark 0191
Á Uppercase Accent Acute (A) 0193
É Uppercase Accent Acute (E) 0201
Í Uppercase Accent Acute (I) 0205
Ñ Uppercase Ligature (NN) 0209
Ó Uppercase Accent Acute (O) 0211
Ú Uppercase Accent Acute (U) 0218
Ü Uppercase Accent Diaeresis (U) 0220
á Lowercase Accent Acute (a) 0225
é Lowercase Accent Acute (e) 0233
í Lowercase Accent Acute (i) 0237
ñ Lowercase Ligature (nn) 0241
ó Lowercase Accent Acute (o) 0243
ú Lowercase Accent Acute (a) 0250
ü Lowercase Accent Diaeresis (u) 0252
I haven't tried these in Ubuntu DDE so I don't know if they actually work. They work in Windows though.
@Dashrender said in Access 2003 in a 2021 World???:
@DustinB3403 said in Access 2003 in a 2021 World???:
And yes I know that best is relative to ones needs.
Access was the "best" at one point I'm sure.
I'm willing to bet that's not true - not a lot.. maybe $100... lol pretty sure Access was never the best for anything.. other solutions while possibly more difficult could still likely be shown to be much better solutions.
It wasn't Access itself that was the thing. It was the JET database engine that Access used under the hood that made it popular.
Back in the 90's if you wanted a simple database in your application and you used something like Visual Basic 3.0 then the JET engine was the first option to consider because Microsoft bundled it with VB and it was free. That's how it gained a foothold.
The JET engine was very very far from the best or even good. It was common to corrupt the database and run tools to "repair" it. But it was available without any effort - today we know that is perhaps the most important "feature"...
If you wanted the best you'd connect your application to an Oracle db.
MS Access itself was never a serious tool that developers used for business applications. It's very limited so VB was the default choice in the MS ecosystem for these kinds of applications.
I need some understanding about how mail works in linux. What I'm trying to figure out is how to have the system, the daemons and any scripts use email notifications and actually have those delivered to a real email address.
I have a couple of questions but I don't know if they are the right questions to actually be asking.
Often you have something like exim installed but it's by default setup to be completely local from what I've seen. Would you use exim or do you need to install something else? Is there a "best practice" tool?
What daemons or services sends notification type mail to root (or some other user)? Or does that happen only if you explicitly configure something? Is there a default admin address to send system mail to or is that root?
How would you go about having those notification mails forwarded to a real email address using an external SMTP server?
Also when sending mail from the shell I know you can use mail but there are other utilities too. What is happening behind the scenes when using mail? Is that the same mechanism as that daemons would use for sending mail?
@Pete-S said in Alternative to FTP:
@Dashrender said in Alternative to FTP:
This doesn't provide the requested, ASAP onsite on the server component in the OP.
It kind of depends on the definition of asap right?
The customer uploads and it's immediately synced to the local server. That's asap. No second step is required.
I don't know if the sync software will wait until it's completely uploaded or start to download blocks of a partial file. I guess that would be up to the sync software.
And asap might not be so fast if the client has to install software and can't get it to work or the software can't handle the upload being interrupted midway. Or if the clients networks slows down to a crawl for hours because it uses too much bandwidth.
I'd like to know how big are the files or are there multiple files per "transfer". What kind of bandwidth does the server has to the internet? How much of that bandwidth can it use? And the same for the typical client. And how many clients and how often will this happen? Will the same client transfer files over and over or will mostly be a one-time thing. And how fast is asap?
@siringo said in Alternative to FTP:
Thanks everyone for the input.
It's medical data that needs to be looked at by medical software which resides on a local server.
I had considered syncing using Onedrive, but thought I'd ask and see what else popped up.
Driving to site is not an option unfortunately, this could be a nationwide thing.
As I type I'm thinking the Filezilla solution may be a good one. I can supply the senders with info on how to configure FZ and have as a step of the operation, for them to contact the receiver once the upload has completed.
This will be an unsupervised operation, so with anything that syncs, there is the potential for people to grab the upload before the sync has completed.
Another sftp option is to use sshfs (ssh filesystem).
We use it on windows and linux. It allows you to mount a remote file system, like a network share if you will.
Then you can just drop any file there.
The users don't even realize what going on behind the scenes. All they need to do is the same as when they copy a file in Windows.
https://mangolassi.it/topic/21159/how-to-mount-remote-filesystem-over-ssh-both-windows-linux
@travisdh1 said in Run ls as another user?:
@Pete-S said in Run ls as another user?:
@travisdh1 said in Run ls as apache user?:
@Pete-S said in Run ls as another user?:
What's the easiest way to run
lsas the apache user (which you can't login as)?
su -u apache lsDid you mean
sudoorsu?Because you can't do
su apache. You get "This account is currently not available.".I know the
-u apacheis needed to run a command as a user fromsuorsudo. I'm thinking the issue might be with the apache account being set to nologin in/etc/passwd. Just be sure to change the shell entry in passwd back when you finish up.
I'd rather not change anything on the user account if possible.
Accounts such as apache that can't login, doesn't have a shell etc, are used for daemons, but I want to be able to run commands as that daemon user for troubleshooting. I'm thinking that if I am root there should be a way to do that.
I didn't read the entire thread but the solution to problems like this is to test logically and measure things.
For instance is it really a problem with the wifi or is it the ipads or it is it the SaaS provider?
Well, you could set up a laptop or a raspberry pi or whatever and run ping tests to the SaaS provider and to another host and log everything to a file.
You could do things both on lan and wifi and compare.
You could also record the traffic and analyze with wireshark.
You should also look at what might be different in this place versus the others.
I hope they don't offer free wifi for the guest btw. Maybe you need to test their internet connection...
There are many possibilities and many ways to track down the problem.
My opinion is that the best way is to put a reverse proxy in front and authenticate on that using SSO (SAML or OpenID) to an identity provider. And then have the identity provider do the 2FA.
Apache has the most advanced options for this but others have it too.. Identity provider can be whatever is suitable. Key is using SSO and not "homebuilt" 2FA. And the proxy server will have nothing to do with passwords or managing users. That's taken care of by the identity provider, which have all the tools already in place for this.
I want to try and make a macro but can't make Autohotkey do what I want.
Has anyone here experience with it?
I want to reprogram Win+F1 to do Win+Tab, Tab, RightArrow, Enter
This is what I have but it doesn't work:
#F1::
#NoEnv
#Warn
SendMode Input
Send, #{Tab}{Tab}{Right}{Enter}
return
I figured it out.
It doesn't look like the comma matters one way or the other.
But the problem was that in windows you can't just send all the keys at once because Win10 can't handle it. It might have to do with the fact that it's the Windows key or perhaps just sloppy programming from Microsoft.
With some delays it works though.
So when you press Win+F1 you get Win+Tab then another Tab, right arrow and Enter.
Basically it switches to the second virtual desktop in windows. The amount of right arrow presses will determine which virtual window get selected.
#NoEnv
#Warn
#SingleInstance Force
SendMode Event
#F1::
Send #{Tab}
Sleep 1000
Send {Tab}
Sleep 50
Send {Right}
Sleep 100
Send {Enter}
@notverypunny said in Raspberry Pi-based KVM over IP:
Saw this too. Using it for a server never crossed my mind, but having a couple at remote sites or that could be express-shipped to WFH staff for desktop / laptop troubleshooting seems like an interesting possibility.
99% av all problems will be solved with teamviewer, screenconnect or whatever you are using.
It seems very complicated to use a KVM over IP switch in a mobile environment. You still need network connectivity to the KVM. How are you going to enter wifi password etc? And you need to be able to reach the KVM switch from outside the network.
There are already crash cart adapters that turns any laptop into a crash cart. That is probably a better option.
@notverypunny said in Raspberry Pi-based KVM over IP:
@Pete-S Yeah... problem is that for WFH folks you can rarely expect them to have a 2nd machine beyond a phone or tablet. For network connectivity, nothing's better than a cable, and even then we've had problems "configuring" that with some folks.
That CV211 would have been nice to have a few weeks back when the iDRAC at one of our remote sites decided to puke instead of reboot but that's another issue.
Yeah, I was thinking more about remote technician.
One hurdle with a RPI as a KVM is going to be that you need to actually get the laptop to output hdmi (if it even has a hdmi output or you need adapters). And they are going to need big USB ports or you need more adapters. And then you need power to the RPI and they need to be able to connect the right ports to the right thing as well.
I just see as lot of troubleshooting before you're even able to connect to the remote system.
Better to have them use their phone so you can see the screen on their computer. If it looks like a hardware problem, then just ship it.
@siringo said in Another RDS server?:
@Pete-S yes, there's one other VM. It has 8vCPU's 16GB of startup RAM and uses dynamic memory.
Unfortuantely I didn't have time to look at the problem too much today so I'm not too sure how busy the host was.
You have 48GB RAM and one 8 core CPU on the hyper-v host. 10K HDDs.
On that host you have:
I think your hardware is just not up to the task. Not enough RAM and not enough cores.