(Justin)
Tech nerd from Sweden
Self hosting can save a lot of money compared to Google or aws. Also, self hosting doesn’t make you vulnerable to DDOS, you can be DDOSed even without a home server.
You don’t need VLANs to keep your network secure, but you should make sure than any self hosted service isn’t unnecessarily opens up tot he internet, and make sure that all your services are up to date.
What services are you planning to run? I could help suggest a threat model and security policy.
Not to mention, fiber is cheaper than copper at this point.
Telecoms are just lazy and don’t want to string up new lines.
I’m using IPv6 on Kubernetes and it’s amazing. Every Pod has its own global IP address. There is no NAT and no giant ARP routing table slowing down the other computers on my network. Each of my nodes announces a /112 for itself to my router, allowing it to give addresses to over 65k pods. There is no feasible limit to the amount of IP addresses I could assign to my containers and load balancers, and no routing overhead. I have no need for port forwarding on my router or worrying about dynamic IPs, since I just have a /80 block with no firewall that I assign to my public facing load balancers.
Of course, I only have around 300 pods on my cluster, and realistically, it’s not really possible for there to be over 1 million containers in current kubernetes clusters, due to other limitations. But it is still a huge upgrade in reducing overhead and complexity, and increasing scale.
Ah fair enough, I figured that since the registers are 512 bit, that they’d support 512 bit math.
It does look like you can load/store and do binary operations on 512-bit numbers, at least.
Not much difference between 8x64 and 512 when it comes to integer math, anyways. Add and subtract are completely identical.
Tons of computing is done on x86 these days with 256 bit numbers, and even 512-bit numbers.
There’s plenty of instructions for processing integers and fp numbers from 8 bits to 512 bits with a single instruction and register. There’s been a lot of work in packed math instructions for neural network inference.
I haven’t really looked into it, but it doesn’t seem like it.
Heres the documentation about having multiple cidr pools in one cluster with the Cilium network driver, and it seems to imply that each Pod only gets one IP.
https://docs.cilium.io/en/stable/network/concepts/ipam/multi-pool/
There’s something called Multus that I haven’t looked into, but even then it looks like that is for multiple interfaces per Pod, not multiple IPS per interface.
https://github.com/k8snetworkplumbingwg/multus-cni
Containers are just network namespaces on Linux, and all the routing is done in iptables or ebpf, so it’s theoretically possible to have multiple IP addresses, but doesn’t look like anybody has started implementing it. There’s actually a lot of Kubernetes clusters that just use stateful IPv6 NAT for the internal Pod network, unfortunately.
And hack their phones so we can see why they want to spy on everyone else’s phones
It was protected by the ECHR in a recent ruling. https://www.eff.org/deeplinks/2024/03/european-court-human-rights-confirms-undermining-encryption-violates-fundamental
However, Chat Control 2.0 argues that since the spying is done before the content is encrypted, it’s somehow ok. 🙄
Yeah, I wonder if there’s any proposals to allow for multiple IPV6 addresses in Kubernetes, it would be a much better solution than NAT.
As far as I know, it’s currently not possible. Every container/Pod receives a single IPv4 and/or IPv6 address on creation from the networking driver.
Yeah, more accurate dead reckoning is always useful, but you’ll still need some sort of of ground-based or satellite based navigation system if you’re using this for any system that requires any reasonable amount of accuracy.
I have static IPs for my Kubernetes nodes, and I actually use DHCPv6 for dynamic dns so I can reach any device with a hostname, even though most of my devices don’t have static IPs.
The issue is those static IPs are tied to my current ISP, preventing me from changing ISPs without deleting my entire Kubernetes cluster.
Hurricane Electric gives me a /48.
Site-local ipv6 would work here as well, true. But then my containers wouldnt have internet access. Kubernetes containers use Ipam with a single subnet, they can’t use SLAAC.
1:1 stateless NAT is useful for static IPs. Since all your addresses are otherwise global, if you need to switch providers or give up your /64, then you’ll need to re-address your static addresses. Instead, you can give your machines static private IPs, and just translate the prefix when going through NAT. It’s a lot less horrible than IPv4 NAT since there’s no connection tracking needed.
This is something I probably should have done setting up my home Kubernetes cluster. My current IPv6 prefix is from Hurricane Electric, and if my ISP ever gives me a real IPv6 prefix, I will have to delete the entire cluster and recreate it with the new prefix.
Cheater bots only make up like 1% of the bots in tf2.
The game is dying, the vast majority of players are bots that idle for items.
Overhyped cpus, appealing to people who don’t understand cpu design.
I just don’t see Qualcomm competing on performance per watt any time soon, let alone on software compatibility.
I’m not sure if they literally use sand as the base material, but SiO2 (aka sand) would have to be reduced to metallic Si before the silicon crystal can be grown.
Coops are still about the money. They’re about saving money by sharing resources with fellow workers/consumers, and maintaining democratic control over the company. You’re not going to get rich from a coop (without embezzlement), but you and your coowners will be cutting out the middle man. Obviously, it only makes sense for industries that you’re heavily invested in.