some day, I will meet the wise and noble up_the_irons he should just drop by Maria's Downtown, and that'd make it easy. :) RandalSchwartz: where is Maria's? I'm in downtown so little now, having specifically engineered all my gear to be remotely accessible (if something is down, there is no driving to add to additional downtime) I'd say I can count that as a success :) RandalSchwartz: are you still in LA? all: today I will send all the pre-order people their signup link I arrived the 4th, leaving the 16th or so maria's is 600 block of floswer flower ah cool oooh, and being mayor on 4square here gives me a free appetizer and dessert! yeay LOL but since I get double miles for my credit card mon-wed, I'll save those for thursday :) I've got neil's new machine mostly configured... he just has to test and approve before we go live this weekend and then we can get off that ugly expensive EC2 box ah cool how is EC2 pricing these days? I find it kinda confusing so never did real calcs... but from what i've heard isn't it comparable to a vps, like $20 / month for something basic? like if you add up all the "CPU Hours" and crap for a full month sup up_the_irons: I think a basic EC2 instance costs around $70/month. Ask cmeiklejohn for the details. He's done the calcs. neil's paying about $120/month for about half of what he'll be getting from ARP so it's about 2 or 3 to 1 and that doesn't count the multiple redundancies what are the multiple redundancies? mhoran: roger power supply, disk, network, ultimately the CPU, EC2 doesn't promise restarting my instance if the physical machine dies I suspect you would RandalSchwartz: doesn't EC2 have redudancy in those things though? I mean, it's supposed to be "cloudy" ;) no - they promise restarting the boot image RandalSchwartz: well yeah, I'd copy all the instances to a new machine but not the live disk RandalSchwartz: oh i c we've had to calculate that into backup plans so the live disk is not persistent, in that case? right weird I have a script that snapshots to permanent storage i mean, i assume they still have the live disk stored somewhere but it'd still be a pain to get restarted Yeah - weird eh? you can't boot from permanent storage only attache it ah ok I thought you could by now nope so my / is always volatile I can issue a reboot, and it's preserved but if they need to migrate, it's dead that seems really dumb; but i think the EC2 market is different than the 24/7/365 uptime machine market yup it's all about servers starting from known AMIs gotcha so / is really irrelevant yeah what's important is where your DB is and what your IPs are gotcha in fact, you coudl view local changes to / as distracting and possibly destructive you're supposed to get everything as you want for a boot image, then make an AMI from it and then launch everything from there it's a different model from a VPS RandalSchwartz: ah ok, so you can make your own AMI's, but not have an "forever evolving" AMI which would be like a VPS, always at the last state you had it right you *can* reboot your own server but they don't promise eternal existance of it so it's possible you'll have to boot from an AMI as I said, you offer the far better deal for most mortals and I really appreciate getting off the single dedicated box in texas because god-forbit that thing go down... it'd be my problem to have backed up to another disk somewhere off box where I know you have my disk in a place that a new CPU can look at it and since I'm not the only guy on the box, many people would be yelling at you :) so I don't have to be the guy yelling RandalSchwartz: haha, yeah that's true a buddy of mine had his dedicated box die recently; he then just bought a vps with me there's an advantage in numbers yeah I know there's a slight security risk in the ring0 being penetrated, but that's all worth the upside yeah i fear that enough to take measures to avoid it have you seen any recent hacks that break ring0 theoretical ones have been demonstrated yeah, just wondering about things in the field you said you'd be rebooting when you needed to update. I don't recall any of those. the debian / ubuntu security mailing list shows them from time to time, but when I see "[so and so] has demonstrated [such and such]", i never know if that "hack" was disclosed or still secret I tend not to want to reboot every time a security update comes out. Many are not applicable. The ones that are can build up into a "super" update. Unfortunately, if I rebooted every time a Linux kernel hack came out, it'd be every few weeks yeah - that's what I expected. I guess you don't do that the break-ins we've seen in the past (like the fsckvps fiasco) tend to come from weaker links, like bad / common passwords, leaving this too open, etc... ok yeah, it'll always be low-hanging fruit s/this/things/ hence, no more sshd on 22 for me yeah me either neil's first box was getting hammered 24x7 so I just removed that dictionary attacks, coordinated from 30 IPs so clearly it was a mass attack yeah a .. z but from rotating 30 IPs bad guys got too much resourcs I blame redmond same for all the good that having windows made business buy computers... I wonder if enough bad has already been done to reset that gotta wonder considering that 80%+ of spam is from zombies... and zombies couldn't exist without windows desktop idiots visiting pr0n sites gotta return some movies to the video store... whats up up_the_irons: you doing signups at 12am? :) ok work now, gotta run lol that would be sweet