General > General Technical Chat
Goodbye Windows, Hello Linux [advice needed for a Linux workstation at home]
<< < (40/46) > >>
radar_macgyver:
Anecdotes don't substitute for evidence, but here goes. In my day-to-day, I've had to support a couple of ZFS and btrfs filesystems. The ZFS file systems (data storage for radars) are on large servers (Supermicro 15 or 24 disk chassis) and I followed the advice of the ZoL community and did the following: large amounts of ECC memory, CPUs with lots of cores, not using SATA interposers with SAS backplanes, use nearline or enterprise grade SATA or SAS disks, use raidZ6, periodic scrubs. The file systems range from 8TB to 48TB, all of which have been running 24/7 for many years (at least 7 in one case). The drives get a lot of sustained writes while the radars operate, and lots of reads when folks want to analyze data from them. When drives fail, they will email me a warning and I go swap them out. At least once, one of the large arrays caught a case of 'bit rot' (ZFS reported a CRC error during a scrub even though the drive itself did not). I preemptively replaced the drive anyway. I've had multiple drive failures (approximately one every 2 months) but never lost any data. By comparison, commercial systems we had previously used (EMC, Sun Microsystems, Coraid) have all ended up losing the array and having to restore from backup.

On a trial basis, I set up a NAS at home using FreeNAS. Once again, I followed the advice on FreeNAS forums and got a Supermicro Mini-ITX Xeon E1540D board, 16 GB ECC memory and four nearline 4TB SATA drives (rated for 24/7 use). It's been going for about a year now with no trouble, but it doesn't see nearly as many reads and writes as the ones mentioned above. After kernel 5.0 ZoL would either stop working or have a significant performance hit, so I might migrate some of my work servers over to FreeNAS (they are currently on CentOS).

As for btrfs, I use it as the root FS on various workstations so that I can make snapshots and back them up hourly. In this case, the workstations don't do parity striping (raid5/6), so I'm not worried about the btrfs write hole bug. Once again, across about a dozen filesystem instances, I have never lost any data yet due to an FS bug; I have lost data to hardware errors but the backups meant it was painless to recover. I've occasionally used btrfs' ability to expose copy-on-write at the filesystem level (cp --reflink=always) when making a copy of a source tree that I wanted to modify, and not take up more disk space).

I am forced (thanks to Solidworks and Altium) to use Windows on a couple of boxes, these use rsync for backups and every so often I get the 'file disappeared' messages because I couldn't snapshot the FS before backup (yes, I should figure out how to use VSS for this).
Nominal Animal:

--- Quote from: Simon on January 25, 2019, 07:31:35 am ---Linux is a funny old world. Free is not free. You get the code for free and if you can't make it work screw you or pay people for support.
--- End quote ---
Yes, this is absolutely true.  Good or bad, that's how it works.  Me, I like it; I can work with that.


--- Quote from: Simon on January 25, 2019, 07:31:35 am ---Linux was never meant to be free to the everyday user. It was meant to be free to the nerds to do with it as they please and as a consequence there is no high level standardization and unless you are an initiated nerd you get nowhere.
--- End quote ---
I dislike the "nerd" and "initiation" there as much as radar_macgyver disliked my use of "hate" earlier, but other than that (and the claim about lack of standardization), that is correct.

It was never about helping other people, or giving them something for free.  It was, and still is, about developers being free to do what the heck they want, without any kind of artificial barriers.  The way how the licenses are completely irrelevant to end users, and only affect how and what developers can do with any given piece, should be a dead giveaway.

(Initiation is an incorrect term, because it implies that you need to be accepted.  No, you don't, you do not need to be accepted in any way.  If you want, you can fork the Linux kernel codebase, and go in your own direction.  It is only when you want to work with other people, or use their work, that you need to talk to them.  I'm definitely not "an initiated nerd", yet I do whatever the heck I want with Linux.  So, you only need to be "initiated" if you want the already "initiateds" to work with your code, like accept your bug fixes or additions.)

(Lack of standardization is plain wrong here, because basically all of the internet standards we use are a result of those "nerds" doing standardization work; in particular, IETF and the RFCs.  Rather, you're just complaining that the devs don't bother to provide you with an uniform User Experience you have grown to expect, across all the variants.  That is not standardization, it is complaining that nobody herds the cats.)

(Also, while I was tempted to write "Users just do not matter" above, that is not true either.  They do matter to the developers who have users who pay them to do that work.  The kernel developers also know that without userspace, the kernel is useless, so the userspace is definitely important.  That has lead to pretty strict enforcement on backwards compatibility in the binary userspace-kernel interface, as well as on things like /proc and /sys pseudofiles; and in general, the idea that kernel changes must not break userspace.  Those are surprisingly hard rules.  Now, the issue with ZFS is that it isn't userspace, and any accommodation kernel developers make to let ZFS work within the Linux kernel is non-reciprocal with the onus on the Linux kernel developers only, and that flies against the idea behind the GPL license they use.  The BSD variants, with their permissive licensing, are not nearly as interested in reciprocality, which means that community works with one-sided ZFS developers much better.  It is funny to see how rare it is for anyone to make the most rational suggestion, which is dual-licensing the ZFS codebase to GPL-2. Somehow, it's always the "Linux nerds" that need to bow down and change.)


--- Quote from: Simon on January 25, 2019, 07:31:35 am ---I don't care for getting to read the code that I don't even understand I just want the damn thing to work
--- End quote ---
Yup; free/libre/open source is clearly not for you.  Nothing wrong in that.  You get more shit done with commercial proprietary software, and that's that.

Yet, that's not universal.  I'm in the completely opposite boat.  It is trivial for me to fix and change things I don't like, so working with Linux to me is like being a kid in a candy store, or a mechanic who is given a full fledged machine shop or two for free, and given a free reign to do whatever they want in there.

The way I see things, is that the demands, elsewhere (but including in this thread), that Linux must become this or that to gain desktop market share, or the developers must do this or that because X, is like claiming that privately-owned machine shops must all be completely automated because I don't know how to operate a manual Bridgeport mill.

As to FreeBSD and OpenBSD, I do recommend taking a look.  Monoculture is dull and uninspiring, and variety always helps; and the differences may give you new ideas on how to solve your problems; similar to how learning completely different programming languages helps you write better code in any of them.  If you can afford the maintenance effort, you can even use the variety as a sort of a security barrier, so that any security breach would only affect a portion of your servers.

They are just frigging tools, not your family members.  Don't get angry when someone uses a different tool, or because you don't have the time to learn to use that nice free tool yourself and everybody else seems to be having fun with them. Only get angry when people try to use the wrong tool for the job and expect others to clean up their mess.
RoGeorge:
I feel guilty for all the discord.  It was not my intention.  Maybe the word 'ditching' in the title of the topic was not a good idea.  My bad, sorry.  Title changed.

- for the external storage,  decided to keep the ZFS.  After all, my ZFS will be used only rarely, almost like a write only.  The motherboard has a nice feature, it can disconnect 2 hard disks (from BIOS) by powering them down (cutting the +5/+12V).  My external storage disk are only rarely powered up.  There is no better protection than an air-gap separation.  Therefore, a v5 kernel and ZFS will not be a problem.  If it were to reboot in order to power-up the storage disks, then I can reboot into a v4 kernel.

- for the OS, will keep Ubuntu.  Fedora is very nice, too, but it's moving too fast (i.e. in 2 weeks Fedora updated 3 minor version for the kernel, Ubuntu has a ZFS package in repository, while Fedora doesn't, because Fedora is moving too fast, small details like that).

- for a Hypervisor, it was between Xen and ProxMox.  Probably neither.  For now, I'll just keep a bare metal install of Ubuntu Workstation, and use KVM.  After all, ProxMox is just a minimal Debian with KVM on top, and a nice web interface for remote administration.  Will see.  The main reason to have a hypervisor would have been to have a gaming Windows 10 machine, but then I will contradict my main principle, the air-gap separation.  If it will be to need a Win10 for gaming, then I'll power down all the internal disks, and install a bare metal Windows on an USB disk.  For anything other than gaming, Wine will do it, or a Windows VM in Ubuntu, at most.

Installed on the SSD, Ubuntu 18.10 boots up in about 15 seconds, 20 if you count the POST and the BIOS splash screen, too. 
^-^

Thank you all.

One more thing:  Remember the complains about Linux being unstable, and sometimes freezing or crashing apparently with no reason?

I think this is why:  All the tests and all the Linux installs were made on a 15 years old HDD.



With the current SSD install, all works great.  So far, no OS freezing and no crash reports.  Will keep an eye on that.

About the 4K monitor scaling, there is no need for it.  It can scale, but then the fonts rendering will become foggy, like in Windows.  There is a setting in the dconf, where the fonts can be magnified at any scale, integer or float.  This Gnome magnification will render all the fonts crystal clear.  Much better than monitor scaling.
RoGeorge:
I was fiddling with the next step, virtualization and type 1 hypervisors, when I bumped into this:  QubesOS



It is pretty close from what I was aiming for, except Qubes OS is doing that at a professional level, upto the point where their OS is good to use for journalist, sysadmins or other people actively targeted by crackers.

Pros:
- very easy installer, no need to fiddle with the command line
- everything is configured and ready to use
- based on Xen
- dom0 is Fedora
- it has template machines, disposable machine, secured machines and vault machines (vault are also isolated from net)
- it has a dedicated firewall machine that can also isolate traffic and route it through VPN, Torr, etc. to disguise the location or to anonymize the Internet traffic
- nice GUI (Xfce), each window bar is colored accordingly:  red for disposable machines, blue for work machines, green for secure, and so on
- has protection against malicious USB devices (user confirms and decides to which machine a plugged USB will go)
- can open malicious webpages, mail attachments or PDFs into a disposable machines, then save them as a picture, thus sanitizing any possible malicious content for other unprotected users
- a secured common clipboard between machines, so one can securely copy/paste between machines with different security level
- allow to run any OS, including Windows
- can save, update or backup specified machines
- can encrypt disks
- can wipe the RAM before shutdown/reboot, so no cold RAM remanence data leaks between reboots
- can make a USB template with selected machines (e.g. for a journalist going into a difficult location)
- free as in freedom and as in beer
- etc.

Cons:
- needs VT-d/VT-x (hardware virtualization) capable processor and plenty of RAM
- a SSD is a must, since disposable machines are created and booted each time i.e. a disposable Firefox browser is opened
- no GPU passthrough out of the box, so no heavy Windows 3D gaming
- requires attention from the operator
- requires understanding of the idea of multiple machines running in the same time on the same hardware (virtualization), and a little understanding of the dataflow between the nachines and the Internet traffic, also requires understanding of what Torr or VPN can do and can not do, and so on.  Nothing sysadmin level, but requires a technically aware user in order to benefit from what Cubes OS can do.

I gave it a try for about a day, and I'm very impressed.  Rock solid, stable, has all I was needed and much more, dead simple to install and to use, no command line required.  The only thing I didn't understood was why sometimes the HDD was crunching for minutes, apparently with no reason, while I was doing nothing, i.e. just reading a webpage.

Overall, I was very, very impressed.  Everything just worked out of the box, for free and no string attached.   :-+
edy:
If you are concerned about security and leaving traces behind, why not just install Tails on a USB stick and make it persistent (persistent storage). Apparently Snowden used something like this. I've tried it, works great. You boot it up on your machine, runs off the USB completely (live USB OS), has all sorts of firewall and Tor-Browser and other anonymity and encryption related tools set up already:

https://tails.boum.org

As far as being an "initiated nerd", I agree there takes some effort to learn Linux, no doubt. However this would also apply to Windows if it weren't already pre-installed on almost every PC you buy and you have been using it for decades. Let's face it, if I gave someone a bare-bones hardware with nothing and told them to install Windows 10 on it, they would probably also stare back at you with a blank look on their face!

Even with Windows you need to go download a Win10 ISO and burn it to a DVD or to a USB stick. What machine are you doing this on? What software do you need? How do you go about doing it? Yes most people will have no clue. What about booting it? Changing BIOS settings if secure boot is on, or if the DVD or USB doesn't have boot priority or is even in the list (some BIOSes have strange menus and sometimes need other workarounds). Anyways my point is that if most people had to do that to use Windows they would also be having trouble.

Because Linux needs an effort and some knowledge to get installed and set up it does require "initiative" but it is not only in the realm or domain of the "initiated". I have found modern Linux distros to be quite user friendly when it comes to install and use. You can be a "light" Linux user without getting under the hood and still be very productive.

Navigation
Message Index
Next page
Previous page
There was an error while thanking
Thanking...

Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod