TCB13

TCB13 , 5 months ago to linux in Nix/Silverblue users: How big is the advantage if you already have 100% automated your deployments via Ansible?

Ansible is imperativ and applies changes to a starting state. Immutable distros replicate a known state 100%, which is in every respect superior and prevents nasty surprises Immutable distros are 100% reproducible from a config file, which is a big thing for cyber security, building software etc. Debian has too many packages given the amount of contributors they have.

So does Ansible. Pick something like Alpine and destroy and recreate instances whenever you need to change your setup. Done.

TCB13 , 5 months ago to selfhosted in Self hosted open source simultaneous multiuser password safe with .deb or .rpm and an end user webui/android app

I use it too, works just fine.

TCB13 , 5 months ago to linux in Nix/Silverblue users: How big is the advantage if you already have 100% automated your deployments via Ansible?

Immutable distros are a solution to a real problem, and this problem is not solved by Ansible/BTRFS etc.

Just tell me what that problem is and how it isn’t already solved with Ansible/BTRFS.

TCB13 , 5 months ago to selfhosted in virtualizing PFSense. What else works besides ESXi for virtual networking?

You aren’t wrong, the WebUI is stateless, it doesn’t know of any users nor it stores any other context information.

The certificates are required for the UI client to authenticate with the underlying LXD server itself. Much like the SSH authentication is boils down to creating a public/private key pair and the PK is added to your browser(s) and the public key to the server. I believe this is a good walkthrough of the process for anyone starting out.

At work we use Authelia and HAProxy to get around the need to distribute a certificate for each client / mange our logins with SSO and 2FA. At home I simply use Nginx as a reverse proxy to the WebUI with the proxy_ssl_certificate passing a certificate down to it. Here another configuration example of how to use Nginx to pass the certificate, you can then use Basic HTTP Auth to add a simple username/password to it.

TCB13 , 5 months ago to technology in Broadcom-owned VMware kills the free version of ESXi virtualization software

Since you are apparently on an anti-proxmox crusade. Have you tried that iscus thing in enterprise? Like a very large scale production deployment?

Maybe if you read the comment I linked you’ll find that that’s precisely what we had with Proxmox and then migrated to LXD.

I am curious if anyone dares to use it in enterprise when people are even scared of proxmox or anything not VMware or MAYBE hyperV

I guess it depends on the kind of “enterprise” we’re talking about. If your “enterprise” is somewhat of a provider / ISP they should be okay with LXD. A lot of service providers are running some form of LXC/LXD right now with very good results.

If by “enterprise” you mean your typical 400+ people company that does something not related to tech with an overworked and barely competent IT / infrastructure team, then the answer is: they won’t move out of vmware ever.

TCB13 , 5 months ago to linux in Nix/Silverblue users: How big is the advantage if you already have 100% automated your deployments via Ansible?

You just missed the point. There are always alternatives, generally not as good and unlike before all tooling is now hostage of some big provider.

TCB13 , 5 months ago to linux in Nix/Silverblue users: How big is the advantage if you already have 100% automated your deployments via Ansible?

So, you really think, that this must be the reason immutable desktops were invented?

Most likely not, but the people pushing for the / the narrative certainly are for that.

TCB13 , 5 months ago to technology in Broadcom-owned VMware kills the free version of ESXi virtualization software

Oh yeah, zfs send ftw. I personally run most of stuff on BTRFS and I can say the same.

TCB13 , 5 months ago to technology in Broadcom-owned VMware kills the free version of ESXi virtualization software

Oh yeah it runs fine until they kill their free tier like ESXi did or… it completely fails over and over again.

TCB13 , 5 months ago (edited 5 months ago) to linux in Nix/Silverblue users: How big is the advantage if you already have 100% automated your deployments via Ansible?

I wonder now, how big the delta is for people like me: All my desktops/servers are based on Debian stable with heavy customization, but 100% automated via Ansible.

Close to none. Immutable solve the same problem that was solved years ago with Ansible and BTRFS/ZFS snapshots, there’s an important long-term difference however…

Immutable distros are all about making thing that were easy into complex, “locked down”, “inflexible”, bullshit to justify jobs and payed tech stacks and a soon to be released property solution. We had Ansible, containers, ZFS and BTRFS that provided all the required immutability needed already but someone decided that is is time to transform proven development techniques in the hopes of eventually selling some orchestration and/or other proprietary repository / platform like Docker / Kubernetes does. Docker isn’t totally proprietary and there’s Podman but consider the following: It doesn’t really matter if there are truly open-source and open ecosystems of containerization technologies. In the end people/companies will pick the proprietary / closed option just because “it’s easier to use” or some other specific thing that will be good on the short term and very bad on the long term.

“Oh but there are truly open-source immutable distros” … true, but again this hype is much like Docker and it will invariably and inevitably lead people down a path that will then require some proprietary solution or dependency somewhere (DockerHub) that is only required because the “new” technology itself alone doesn’t deliver as others did in the past. Those people now popularizing immutable distributions clearly haven’t had any experience with it before the current hype. Let me tell you something, immutable systems aren’t a new thing we already had it with MIPS devices (mostly routers and IOTs) and people have been moving to ARM and mutable solutions because it’s better, easier and more reliable.

The RedHat/CentOS fiasco was another great example of this ecosystems and once again all those people who got burned instead of moving to a true open-source distribution like Debian decided to pick Ubuntu - it’s just a matter of time until Canonical decides to do some move.

Nowadays, without Internet and the ecosystems people can’t even do shit anymore. Have a look at the current state of things when it comes to embedded development, in the past people were able to program AVR / PIC / Arduino boards offline and today everyone moved to ESP devices and depends on the PlatformIO + VSCode ecosystem to code and deploy to the devices. Speaking about VSCode it is also open-source until you realize that 1) the language plugins that you require can only compiled and run in official builds of VSCode and 2) Microsoft took over a lot of the popular 3rd party language plugins, repackage them with a different license… making it so if you try to create a fork of VSCode you can’t have any support for any programming language because it won’t be an official VSCode build. MS be like :).

All those things that make development very easy and lowered the bar for newcomers have the dark side of being designed to reconfigure and envelope the way development gets done so someone can profit from it. That is sad and above all set dangerous precedents and creates generations of engineers and developers that don’t have truly open tools like we did.

This is all about commoditizing development - it’s a negative feedback loop that never ends. Yes I say commoditizing development because if you look at it those techs only make it easier for the entry level developer and companies instead of hiring developers for their knowledge and ability to develop they’re just hiring “cheap monkeys” that are able to configure those technologies and cloud platforms to deliver something. At the end of the they the business of those cloud companies is transforming developer knowledge into products/services that companies can buy with a click.

TCB13 , 5 months ago to technology in Broadcom-owned VMware kills the free version of ESXi virtualization software

Well, suit yourself. :)

TCB13 , 5 months ago to technology in Broadcom-owned VMware kills the free version of ESXi virtualization software

Did you ever try LXD/Incus?

TCB13 , 5 months ago to technology in Broadcom-owned VMware kills the free version of ESXi virtualization software

And LXD/Incus…

Why use Proxmox when half of it’s technology (the container part) was made by the same people who made LXD/Incus? I mean Incus is free, well funded and can be installed on a clean Debian system with way less overhead and also delivers both containers and VMs.

TCB13 , 5 months ago to linux in Install deb packages with its dependencies manually on mac mini - Broadcom firmware

deleted_by_author

TCB13 , 5 months ago to selfhosted in Broadcom yanks ESXi Free version, effective immediately

What stops Proxmox is the same thing “stopping” Canonical.

But Canonical is no longer a concern since Incus has nothing to do with them…

TrueNAS, there’s nothing broken.

As I said, a lot of the interesting software available via TrueCharts is broken or poorly maintained, this is sad as it would be a great solution.