surfrock66

joined 1 year ago
[–] surfrock66@lemmy.world 3 points 1 week ago (1 children)

There were a lot of SpongeBob and Patrick interpretations, the inflatable costumes were huge

[–] surfrock66@lemmy.world 14 points 1 week ago

Updated night pic

 
[–] surfrock66@lemmy.world 3 points 1 week ago

This may not be exactly what you want, but I use Apache guacamole for this. The client becomes a web browser, and a chromium based browser allows seamless bidirectional clipboard. I use Ubuntu VMs with Mate as the DM and with a few keybinds tweaked it is solid. I use tightVNC as my server which supports dynamic resize, and the soon to be released guacamole 1.6 supports sending dynamic resize (since the underlying libraries are now updated to support it; RDP in guac already supports dynamic resize). How performant is it? I have a single proxmox vm which runs 3 Minecraft instances for our server's 3 bot accounts (which just stand still) and the desktop is still navigable.

[–] surfrock66@lemmy.world 10 points 2 weeks ago
[–] surfrock66@lemmy.world 1 points 2 weeks ago (1 children)

I've read extensively about that, and this thread was very helpful, and my understanding is that's still not really a DRS equivalent, but more of a recovery mode: https://forum.proxmox.com/threads/ha-cluster-resource-scheduling-filling-in-the-missing-pieces-from-the-docs.139187/

[–] surfrock66@lemmy.world 1 points 2 weeks ago (3 children)

Where do you see the load balancing feature? Searching for exactly that was what got me to ProxLB. I have HA groups and fences, but that's less resource allocation than failure resolution in my experience. My cluster is 8.2.7.

I posted to the forums, but I got a "YMMV" kind of answer; the docs say it's technically unsupported: https://pve.proxmox.com/pve-docs/chapter-qm.html#_requirements

The hosts have CPUs from the same vendor with similar capabilities. Different vendor might work depending on the actual models and VMs CPU type configured, but it cannot be guaranteed - so please test before deploying such a setup in production.

I'm setting the CPU Type to x86-64-v2-AES which is the highest my westmere CPU's can do. I have a path to getting all 3 nodes to the 6525 hardware, pending some budget and some decomm's at work.

[–] surfrock66@lemmy.world 2 points 2 weeks ago (5 children)

I'm battling this right now; it SHOULD work but does not work consistently. Again, homelab, not ideal environment. I'm going from 2 R710's with Xeons to a 3-node cluster with the 710's and an EPYC R6525. Sometimes VM's migrate fine, sometimes they hang and have to be full reset. Ultimately this was fine as I didn't migrate much, but then I slapped on a DRS-like thing, and I see it more. I've been collecting logs and submitting diagnostics; even pegging the VM's to a common CPU arch didn't fix it.

To that end, DRS alternatives are still mostly plugins. This was the go-to, but then it was abandoned:

https://github.com/cvk98/Proxmox-load-balancer

And now I'm getting ready to go deeper into this, but I want to resolve the migration hangs first:

https://github.com/gyptazy/ProxLB

[–] surfrock66@lemmy.world 20 points 2 weeks ago (9 children)

I think you are looking at this wrong. Proxmox is not prod ready yet, but it is improving and the market is pushing the incumbent services into crappier service for higher prices. Broadcom is making VMware dip below the RoI threshold, and Hyper-v will not survive when it is dragging customers away from the Azure cash cow. The advantage of proxmox is that it will persist after the traditional incumbents are afterthoughts (think xenserver). That's why it is a great option for the homelab or lab environment with previous gen hardware . Proxmox is missing huge features...vms hang unpredictably if you migrate vms across hosts with different CPU architectures (Intel -> AMD), there is no cluster-wide startup order, and things like DRS equivalents are still separate plugins. That being said knowing it now and submitting feedback or patches positions you to have a solution when MS and Broadcom price you out of on-prem.

[–] surfrock66@lemmy.world 3 points 3 weeks ago (1 children)

All you have to do is name tag them and they won't dig into the ground!

[–] surfrock66@lemmy.world 17 points 1 month ago (3 children)

This would make a terrible farm, ultimately the warden just stares at them a lot and half the time they despawn. They also don't spawn too often, but that's because this is a zoo with trapped hostile mobs all over and I think it impacts the rates. I also spammed sensors and shriekers to try to make him angrier faster, but it didn't really help. That being said, you just make a plus farm under them with a cat in the middle; they get scared and run into a bubble column which pushes them into a pool where they can be seen by the warden, but not close enough to hurt him if they explode.

This is for a zoo, so the idea is that viewers can see the warden but not get blasted by him, and can get blindness by going up on the observation platform. Occasionally, like the goat in Jurassic Park, it acts like a predator, but just like in the movie, it's disappointing a lot of the time lol.

 
[–] surfrock66@lemmy.world 4 points 1 month ago* (last edited 1 month ago)

I have a philosophy of sticking close to reference implementations and upstream in the homelab because it forces me to learn principles rather than implementations. I use bind9, but that upstreams to pihole on a different port. It is hard to configure for sure, editing zone files in vi, but I learn a lot analyzing the reference syntax to understand features. I also use isc-dhcp-server for DHCP, again manually populating dhcpd.conf.

Bind can peer with other instances; right now it is it's own ipam vm on my proxmox with bind/isc-dhcp/pihole docker, but I'm looking at dropping some hardware at a family member's for a site 2.

[–] surfrock66@lemmy.world 3 points 1 month ago (3 children)
 
 
 
 
 

Additional info, I checked via the web in the instance doesn't appear to have any problems showing the upvote down vote counts, it is just in the main screen on jeroba. If I click a post, I can see the current score in the upper right.

 

Story time! We recently bought a rural property with a burnt down house on it and are going up every few weekends to clean it up. I'm up there this morning picking up random sheet metal and yeeting it into the trash pile. Suddenly I hear frantic squeaks....I look, and I accidentally yeeted the cover of a squirrel nest (I think squirrel)! I got the baby, got it out of the baking sun and made a new nest under another piece of cover. Still, holding a baby squirrel so new it's eyes weren't open was pretty magical! The kids (I have a 7 year old girl and a 9 year old boy) got to each hold it for a second too! Ideally we wouldn't have touched it, but the existing cover was mega-gone and it had to be relocated to safety out of the sun, so we got some brush and put it under a smaller wood plank right near where we found it, hopefully it's mom finds it, no one will be up there for the next few weeks so it won't be disturbed by people again.

 
 

Hey there, I've been on a networking journey that has, over a few years, taken me from simple unmanaged networking, to managed networking, to advanced VLAN management. It's all been self taught, but mostly successful. However, I've gotten myself into a bit of a pickle and I'm hitting a wall in troubleshooting. Apologies for the length of the post, however I want to provide as much detail as possible.

High level, I have several /16 vlans for things. VLAN 99 is networking, 2, is servers, 4 is clients, 6 is wireguard clients, and there are some others. They're all 10.99.0.0/16 with a gateway at 10.99.1.254, etc.

I have had a very old Netgear Layer3 switch for some time. I've replaced it with a Brocade ICX6610, mostly so I can move my storage infrastructure to 10G fiber (I have a small hypervisor cluster). I had done a ton of preparatory work to configure the new L3 switch so that it could just be dropped in place of the old one; this was MOSTLY successful...

...However, in doing that I broke the connection to my opnsense firewall and sort of had to redo that piece from scratch. During my planning, I didn't realize some of the config changes I'd made would require changes on the firewall, and after the cut over I was locked out of the firewall. This is all my fault; that's the piece of this I understand the least, and I had followed dodgy guides when getting it to initially work. I have a backup in xml format, but even having that I'm realizing what I had been doing didn't make sense. Previously, I had a firewall interface on all of my vlans and the trunk going to it was carrying all the VLANS. Now, I set this up with only 2 vlans going to the firewall, the networking vlan and the wireguard vlan, as it seems to make more sense with my understanding of how Layer 3 routing works. All routing should happen on the Brocade L3 switch. The firewall itself has 4 physical ports, 1 going to my comcast gateway, and 2 in an LACP lagg going to my L3 switch. (I have a single interface right now going to the L3 switch separately for troubleshooting, removing the LACP lag as a complexity source).

So, in recovering this, I had to get into the firewall at the console and re-define the interfaces and IP's. I got this to work, but at this point I had tons of connection problems which I didn't understand fully. I have found some of opnsense's configuration to be a bit obfuscating, which I think is making my learning more difficult. The following were put in place:

  • The "LAN" interface was given a static 10.99.1.40/16 IP, and an upstream gateway was defined at 10.99.1.254.
  • The "WAN" interface was given DHCP, and is up and works

Once I recovered the connection to the web interface I had to make the following changes:

  • Under the "Firewall" sidebar, under "Aliases", I defined each of my VLANS/Subnets with a CIDR notation and a name.
  • Under the "Firewall" sidebar, under "NAT" and then under "Outbound" I switched the mode to "hybrid" and added a rule for each of my vlans on the "LAN" interface, with the "Source" being the aliases defined above, and the target (NAT Address) being the "WAN address"
  • Under the "Firewall" sidebar, under "NAT" and then under "Port Forward" I added some port forward rules.
  • While it's outside the scope of my immediate troubleshooting, I had a working WireGuard setup. I have an interface defined for it on that VLAN, and a second gateway defined at 10.6.1.254. It's all set up according to the opnsense documentation, and I can connect from the WAN and can access any resources on the LAN.

So onto the problem...I can access the internet from almost all of my LAN clients. I can access LAN clients via the port forward rules from the WAN. The firewall itself CANNOT access the WAN; for example, I can't check for updates. I can access the firewall web interface from anywhere on the LAN, I can ssh to the firewall from anywhere on the LAN, but once I'm ssh'd in, I can't ping back to the client I'm connecting from. The firewall CAN ping things like 8.8.8.8, but as my DNS resolver is on the LAN, DNS queries from the firewall fail. I believe in a related note, my WireGuard clients can access anything on the LAN, but cannot connect to anything on the WAN.

I believe this has to do with outbound routes from the firewall, but any time I mess with it I end up locking myself out and having to reset interfaces from the console. I tried defining some static routes in "System" -> "Routes" -> "Configuration" but that isn't working. I'm kind of stumped and have been looking at it so long that I don't think more reading and configuring is going to help me anymore. I'll post some screenshots of rules and routes as well (you'll be able to see various things enabled/disabled for experimentation), but I'm kind of in over my head and need some help.

 

I paid for Puzzle Quest 2 on android like a decade+ ago. It is a local single-player game. It has a validation check when you open the app. That check fails because this game is ancient and the servers are offline.

I want to replay the game I paid for. I have the APK from an APK site. It's even been pulled from steam to push their crappy p2w pq3. Anyone have tricks to crank an APK and bypass a server check? I've decompiled the APK but am in a bit over my head.

view more: next ›