Buy used Samsung pm983s on ebay. Super cheap, super fast, and they have power-loss protection. Only downside is that they’re M.2 22110, not m.2 2280. There’s also a bunch of cheap Samsung and hgst u.2 drives on eBay, but you’ll need an adapter.

deleted by creator

Yeah housing can be tricky, especially in Stockholm. There is the Stockholm bostadsförmedlingen, which is good to join if you’re a resident, but queue times are completely unrealistic. 10+ years for the nicer neighborhoods. There are a number of student apartments on there though that might be easier to apply for.

I highly recommend the apartments in Bergshamra and Lappkärrsberget, I have a lot of friends who live there. I think those apartments are owned by the student union. I’ve also seen student apartments on campus at KTH, but I think those are a special arrangement with the university maybe, not sure how you can get those.

But yeah, the unfortunate reality in Stockholm is that the easiest way to get an apartment is to put up a down payment to buy a condo in a housing coop (“Bostadsrätt”). You can search for those on the government-owned real-estate site booli.se, but it usually takes 2 months for it to clear even after you buy. A typical down payment in Stockholm is 15% of the apartment/house value, ie $30-60k for a typical $200k-400k apartment.

In a pinch, you can find a room to rent second-hand (“andrahandshyra”) online, but it can be a hassle and expensive to have a landlord, and it’s sometimes a bit grey-market in the Swedish system when it comes to taxes, rent-control, and BRF rules. Plenty of sites for finding those, one is blocket, and you can find many more by googling “hyra lägenhet”.

Lycka till!

Democratic principles are important, but elections are never about one issue and some issues can be pretty divided like this one. I’m not sure if there is a poll for whether trans people should be recognized legally, but I can’t imagine that the majority will of the voters in Illinois is for encouraging LGBT suicides.

It’s also important to note that even the state isn’t simply there to enforce polls. There are laws and constitution for a reason, and officials are often more informed than the population on snap decisions. Mob rule is a risk that has to be avoided too. I just watched a series called “Show Me A Hero” where like 60-70% of the voting population in Yonkers, NY wanted to segregate housing in the 1980’s. (gerrymandering and voter suppression aside) If there was no laws in Yonkers, then those houses would still be segregated today. However, there are federal laws against racial discrimination, even if NIMBY’s are against diverse neighborhoods. In the end, the federal courts forced Yonkers to desegregate its housing, against the will of the voters.

Definitely come! Let me know if you have any questions about the system. I’m a citizen, and I only did my undergrad so far, but I’m happy to help fellow American immigrants make their way here.

Yeah but 15 GB/s is 120 gbit. Your storage nodes are going to need more than 2x800gbit if you want to take advantage of the bandwidth once you start putting more than 14 drives in. Also, those 14 drives probably won’t have more than 30M iops. Your typical 2U storage node is going to have something like 24 drives, so you’ll probably be bottlenecked by bandwidth or iops no matter if you put in 15GB/s drives or 7GB/s drives.

Maybe it makes sense these days, I haven’t seen any big storage servers myself, I’m usually working with cloud or lab environments.

nah datacenters care more about capacity or iops, throughput is meaningless, since you’ll always be bottlenecked by network

The sqlite database that Jellyfin uses tends to get corrupted easily, especially if the disk gets full.

The main big feature that Jellyfin devs are working right now is a complete overhaul of the internal database system:

https://github.com/jellyfin/jellyfin/issues/13047

Can’t have personnel costs if you get all your agents killed

Zed is great! Not as many features as IntelliJ, but insanely fast, and new features are being added all the time.

Insane that Github blocked their entire development without discussing it with them though. Ban the contributor, not the entire open source project.

Implying that Trump’s security team is at all competant

Yeah, I think you pick up things from all over the place as a consultant. I see lots of different environments and learn from them.

Ah yeah, external-dns operator is great! it’s maybe a bit basic at times but its super convenient to just have A/AAAA records appear for all your loadbalancer svcs and HTTPRoutes. Saves a ton of time.

That’s super unfortunate that the certs are siloed off. Maybe they can give you a NS record for a subdomain for you to use ACME on? I’ve seen that at some customers. Super important that all engineers have access to self-service certs, imo.

Rook is great! It definitely can be quite picky about hardware and balancing, as I’ve learned from trying to set it up with two nodes at home with spare hdds and ssds 😅 Very automated once it’s all set up and you understand its needs, though. NFS provisioner is also a good option for a storageclass as a first step, that’s what I used in my homelab from 2021 to 2023.

Heres my rook config:
https://codeberg.org/jlh/h5b/src/branch/main/argo/external_applications/rook-ceph-helm.yaml
https://codeberg.org/jlh/h5b/src/branch/main/argo/custom_applications/rook-ceph

Up to 3 nodes and 120TiB now and I’m about to add 4 more nodes. I probably would recommend just automatically adding disks instead of manually adding them, I’m just a bit more cautious and manual with my homelab “pets”.

I’m not very far on my RHCE yet tbh 😅 Red hat courses are a bit hard to follow 😅 But hopefully will make some progress before the summer.

The CKA and CKS certs are great! Some really good courses for those on udemy and acloudguru, there’s a good lab environment on killer.sh, and the practice exams are super useful. I definitely recommend those certs, you learn a lot and it’s a good way to demonstrate your expertise.

it’s a classic anarchism vs centralization struggle, happens a lot in federations historically. Sometimes you do need everyone to stop slacking off and fight off the invaders.

Well, my point was to explain how Kubernetes simplifies devops to the point of being simpler than most proxmox or Ansible setups. That’s especially true if you have a platform/operations team managing the cluster for you.

Some more details missed here would be that external-dns and cert-manager operators usually handle the DNS records and certs for you in k8s, you just have to specify the hostname in the HTTPRoute/VirtualService and in the Certificate. For storage, ansible probably simplifies some of this away, but LVM is likely more manual to set up and manage than pointing a PVC at a storageclass and saying “100Gi”.

Either way, I appreciate the discussion, it’s always good to compare notes on production setups. No hard feelings even in the case that we disagree on things. I’m a Red Hat Openshift consultant myself these days, working on my RHCE, so maybe we’ll cross paths some day in a Red Hat environment!

You’re not using a reverse proxy on rhel, so you’ll need to also make sure that the ports you want are available, and set up a dns record for it, and set up certbot.

On k8s, I believe istio gateways are meant to be reused across services. You’re using a reverse proxy so the ports will already be open, so no need to use firewall-cmd. What would be wrong with the Service included in the elasticsearch chart?

It’s also worth looking at the day 2 implications.

For backups you’re looking at bespoke cronjobs to either rsync your database or clone your entire 100gb disk image, compared to either using velero or backing up your underlying storage.

For updates, you need to run system updates manually on rhel, likely requiring a full reboot of the node, while in kubernetes, renovate can handle rolling updates in the background with minimal downtime. Not to mention the process required to find a new repo when rhel 11 comes out.

There’s much more tooling for containerd containers than there is for LXC

Theyre using signal instead of self-hosted in order to bypass FOIA laws. It’s pretty scummy.

I have 33 database servers in my homelab across 11 postgres clusters, all with automated barman backups to S3.

Here is the entire config for the db cluster that runs my Lemmy instance

This stuff is all automated these days.

Yeah I’m not saying everybody has to go and delete their infra, I just think that all new production environments should be k8s by default.

The production-scale Grafana LGTM stack only runs on Kubernetes fwiw. Docker and VMs are not supported. I’m a bit surprised that Kubernetes wouldn’t have enough availability to be able to co-locate your general workloads and your observability stack, but that’s totally fair to segment those workloads.

I’ve heard the argument that “kubernetes has more moving parts” a lot, and I think that is a misunderstanding. At a base level, all computers have infinite moving parts. QEMU has a lot of moving parts, containerd has a lot of moving parts. The reason why people use kubernetes is that all of those moving parts are automated and abstracted away to reduce the daily cognitive load for us operations folk. As an example, I don’t run manual updates for minor versions in my homelab. I have a k8s CronJob that runs renovate, which goes and updates my Deployments in git, and ArgoCD automatically deploys the changes. Technically that’s a lot of moving parts to use, but it saves me a lot of manual work and thinking, and turns my whole homelab into a sort of automated cloud service that I can go a month without thinking about.

I’m not sure if container break-out attacks are a reasonable concern for homelabs. See the relatively minor concern in the announcement I made as an Unraid employee last year when Leaky Vessels happened. Keep in mind that containerd uses cgroups under the hood.

Yeah, apparmor/selinux isn’t very popular in the k8s space. I think it’s easy enough to use them, plenty of documentation out there; but Openshift/okd is the only distribution that runs it out of the box.