[01:11] *** Webhostbudd has joined #arpnetworks
[01:40] *** gcw|mini1 has joined #arpnetworks
[01:42] *** LT has joined #arpnetworks
[01:42] *** gcw|mbpro has quit IRC (Ping timeout: 246 seconds)
[02:16] *** Webhostbudd has quit IRC (Ping timeout: 250 seconds)
[06:33] *** fink has joined #arpnetworks
[06:36] <up_the_irons> jlgaddis: no web frontend to powerdns, it just powers my Reverse DNS manager
[06:38] <up_the_irons> jdoe: mercutio : the comparable Intel stuff is sexy too, but way expensive
[06:43] <mercutio> up_the_irons: do the new cpus support bulldozer?
[06:43] <mercutio> err i mean are they bulldozer
[06:45] <mercutio> i actually have no ideahow much cpu ssh would be taking up
[06:45] <mercutio> but i like the idea of it being accelerated :0
[06:47] <up_the_irons> mercutio: they are bulldozer, yes.  would ssh even take advantage of the hardware aes-ni?  like, how would it know it's there.. probably need a new version of ssh
[06:50] <LT> if it's anything like the old VIA AES instructions it just requires the right openssl setup for most things to use it
[06:51] <up_the_irons> ah cool
[06:53] <LT> 'openssl engine'
[06:55] *** irons|xchat has quit IRC (Ping timeout: 246 seconds)
[06:56] *** HighJinx has quit IRC (*.net *.split)
[06:56] *** arenlor has quit IRC (*.net *.split)
[06:56] *** teneightypea_ has quit IRC (*.net *.split)
[06:56] *** dferris has quit IRC (*.net *.split)
[06:56] *** Igneous has quit IRC (*.net *.split)
[06:56] <mercutio> up_the_irons: openssl needs to be up to date
[06:57] *** arenlor has joined #arpnetworks
[06:57] <mercutio> lt: ubuntu doesn't show it in openssl engine now
[06:57] <mercutio> do you have one of those cpus now?
[06:57] *** HighJinx has joined #arpnetworks
[06:57] *** dferris has joined #arpnetworks
[06:57] *** Igneous has joined #arpnetworks
[06:57] <mercutio>  openssl speed -evp aes-256-cbc
[06:57] <mercutio> you want to run that command
[06:58] <mercutio> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
[06:58] *** teneightypea has joined #arpnetworks
[06:58] <mercutio> aes-256-cbc     202878.63k   208678.91k   206311.52k   225509.62k   222816.90k
[06:58] <mercutio> if it's anything like as high as that it's accelerated
[06:58] <mercutio> if it's more like:
[06:58] <mercutio> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
[06:58] <mercutio> aes-256-cbc      73896.75k    74157.50k    75189.17k    75321.54k    75582.84k
[06:58] <mercutio> then it's not
[07:00] <LT> hmm rhel stilll shows it in engine
[07:00] <LT> aes-256-cbc     614184.36k   684397.85k   696434.09k   699525.12k   701133.83k
[07:00] <mercutio> that's accelerated numbers :)
[07:00] *** fink has quit IRC (Quit: fink)
[07:00] <mercutio> actually i wonder if that first one is accelerating properly
[07:01] <mercutio> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
[07:01] <mercutio> aes-256-cbc     164786.10k   183756.50k   189753.15k   190754.71k   191059.91k
[07:01] <mercutio> cos that's the number of non accelerated core 2 duo
[07:03] <LT> actually mine wasn't accelerated...
[07:03] <mercutio> really?
[07:03] <mercutio> how come?
[07:03] <mercutio> options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) blowfish(idx)
[07:04] <mercutio> # openssl engine
[07:04] <mercutio> (rsax) RSAX engine support
[07:04] <mercutio> (dynamic) Dynamic engine loading support
[07:04] <mercutio> is there something else that has to be done too?
[07:05] <LT> hmm... you have me wondering now
[07:06] <mercutio> the first number is xeon e5420
[07:07] <mercutio> actually xeon E5345
[07:07] <mercutio> model name      : Intel(R) Xeon(R) CPU           E5345  @ 2.33GHz
[07:07] <mercutio> and you''re like nearly 10 as fast
[07:07] <mercutio> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
[07:08] <mercutio> aes-256-cbc     134099.06k   152144.10k   157358.49k   158168.27k   157409.28k
[07:08] <mercutio> e5420 is quite a bit faster
[07:08] <mercutio> actually i wonder if i'm accelerated properly
[07:10] <mercutio> https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1001424
[07:11] <mercutio> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
[07:12] <mercutio> aes-256-cbc     213802.95k   687449.25k  1094622.32k  1083138.24k  1088128.52k
[07:12] <LT> oh yeah it is accelerating, I thought I could trick it by setting -engine to something else but it seems to load the engine anyway
[07:12] <mercutio> it's a lot quicker when you pass -decrypt
[07:12] <mercutio> -decrypt        time decryption instead of encryption (only EVP).
[07:13] <mercutio> The 'numbers' are in 1000s of bytes per second processed.
[07:13] <mercutio> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
[07:13] <mercutio> aes-256-cbc      59636.47k    41641.90k   141532.70k   150321.79k   152577.39k
[07:13] <mercutio> but e5345 still sucks at decrypt
[07:14] <LT> aes-256-cbc     613619.75k  1452257.90k  1860791.98k  1988995.41k  2028642.30k
[07:14] <mercutio> lt: what cpu is that?
[07:14] <LT> X5690
[07:14] <mercutio> hmm
[07:14] <mercutio> oh that's really high ghz isn't it?
[07:15] <mercutio> 3.47ghz ?
[07:15] <mercutio> versus 2 ghz
[07:16] <mercutio> it's the first intel series to support aes-ni i think
[07:19] <mercutio> wow those things are expensive :/
[07:20] <LT> yes... but useful if you're stuck running something single threaded
[07:21] <mercutio> like dos?
[07:22] <mercutio> the new e5s latency reduction thing sounds intersting
[07:22] <mercutio> i suppose it'll come into desktops soon
[07:23] <mercutio> opteron 6276 seems similar speed to x5650
[07:23] <mercutio> e5-2690 is like 50% faster
[07:23] <mercutio> but e5-2690 is like what the recent version of what you're using
[07:23] <mercutio> ie: expensive :/
[07:24] <mercutio> it's also power hungry
[07:24] <mercutio> http://www.anandtech.com/print/5553
[07:24] <mercutio> reading that
[07:25] <mercutio> what opteron 6276 is expensive too :/
[07:26] *** fink has joined #arpnetworks
[07:26] *** fink has quit IRC (Client Quit)
[07:26] <mercutio> oh it's cheaper than X5670
[07:26] <mercutio> and X5690 isn't even sold here :/
[07:27] <LT> the latest new thing always is expensive - we tend to wait until the next new thing is out then buy up the best of the last generation on the cheap
[07:28] <mercutio> ahh i see
[07:28] <mercutio> i prefer lower spec newer stuff generally
[07:28] <mercutio> but end up with lower spec older stuff :/
[07:29] <mercutio> the e5-2620 is actually pretty good value
[07:30] <mercutio> and all the opterons seem to be branded hp
[07:33] <mercutio> up_the_irons: what cpus are in the kvm nodes atm?  kvm hides the cpu type
[07:34] <mercutio> it says 2.641 ghz
[07:34] <mercutio> but that's about as much
[07:35] <mercutio> x3450?
[07:35] <mercutio> i'm guessing it's 2.66ghz
[07:36] <mercutio> or e5430
[07:36] <mercutio> or e5150
[07:45] <mercutio> you have to tell ssh to use aes
[07:45] <mercutio> otherwise it defaults to blowfish
[07:47] <mercutio> without acceleration aes256-cbc and blowfish are about the same speed and aes128-cbc is faster
[07:48] <mercutio> and ptuty defaults to aes rater than blowfish
[07:49] <LT> openssh defaults to aes128...
[07:49] <mercutio> does it?
[07:49] <mercutio> aes128-cbc?
[07:49] <mercutio>  Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
[07:49] <mercutio> i actually foudn this
[07:49] <mercutio> commented out
[07:50] <mercutio> blowfish isn't even in that last?
[07:50] <mercutio> but if i change that first entry to be aes128-cbc ssh to localhost with dd'ed zero data is faster
[07:50] <mercutio> oh hmm
[07:50] <mercutio> that really isn't a good test is it
[07:51] <LT> default is in the ssh_config man page... probably varies due to version, but aes has been preferred for many many versions
[07:51] <mercutio> it's aes128-ctr versus aes128-cbc?
[07:51] <mercutio> what's the diff
[07:52] <mercutio> i was reading something old that said blowfish default :)
[07:52] <LT> one is ctr mode one is cbc mode :p
[07:53] <LT> ctr is meant to be easily parallelisable, cbc isn't
[07:54] <mercutio> 209715200 bytes (210 MB) copied, 6.54909 s, 32.0 MB/s
[07:54] <mercutio> versus
[07:54] <mercutio> 209715200 bytes (210 MB) copied, 2.4191 s, 86.7 MB/s
[07:54] <mercutio> and non-zero file
[07:54] <mercutio> oh?
[07:54] <mercutio> first is ctr second is cbc
[07:54] <mercutio>   dd if=/var/www/testfile.zip bs=1024k | ssh -c aes128-cbc  root@localhost 'dd of=/dev/null'
[07:55] <mercutio> hmm# gzip -cv /var/www/testfile.zip| wc
[07:55] <mercutio> /var/www/testfile.zip:   -0.0% 820474 4625767 209749312
[07:55] <mercutio> so non compressable
[07:56] <mercutio> it would be nice to be like more than 50% faster than that :)
[07:57] <mercutio> so that ssh can be liek gigabit speeds with encrpytion
[08:04] <LT> if you want fast ssh you need the hpn version - that actually has a parallel version of aes-ctr
[08:04] <mercutio> oh?
[08:05] <mercutio> i don't really need faster ssh
[08:05] <mercutio> i was just curious how much diff these acceleration things made
[08:05] <mercutio> and i'm not getting a lot of diff
[08:06] <mercutio> aes128-cbc is faster than aes128-ctr on xeon e5435 too though..
[08:06] <LT> maybe there's no acceleration for ctr but there is for cbc? dunno
[08:06] <mercutio> does the hpn version work on openbsd?
[08:07] <mercutio> xeon 5435 has no acceleration aynway
[08:07] <mercutio> err i meant 5345
[08:08] <mercutio> but i think that could be right too LT
[08:08] <mercutio> cos i foudn a rhel bug about such, i cant' acecss it though to see more about it
[08:10] <LT> cbc is a pretty standard way of doing things that's been around for ages, but ctr is newer and I think the ssh people might even have invented it
[08:10] <mercutio> hmm
[08:11] <mercutio> well the ssh people took out the none cypher
[08:11] <mercutio> i like the idea of encrypting auth but not data :)
[08:12] <LT> the hpn version adds none back
[08:12] <mercutio> ahh
[08:13] <mercutio> i do slightly remember hpn from ages back
[08:13] <mercutio> when ssh had window size limitations
[08:13] <mercutio> that made international transfer speeds always suck
[08:13] <mercutio> back then it was always behind ssh by quite a few verisons
[08:14] <LT> http://www.cl.cam.ac.uk/~rja14/book.html is a great free book for understanding the differences between cbc, ctr, etc as an aside
[08:14] <mercutio> cool i'll bookmark it
[08:17] <mercutio> hmm dd over ssh is faster than scp
[08:19] *** ix33 has quit IRC (Read error: Operation timed out)
[08:19] <mercutio> i do actualyl want to understand encrpytion sometime .. especially with regards to interactive ssh type applications
[08:19] *** notion has quit IRC (Read error: Operation timed out)
[08:19] <mercutio> (ie not much data.. data could be guessed by delays between keystrokes etc)
[08:19] *** notion has joined #arpnetworks
[08:19] *** ix33 has joined #arpnetworks
[08:58] *** LT has quit IRC (Quit: Leaving)
[09:52] *** hive-min1 has quit IRC (Ping timeout: 268 seconds)
[09:52] *** hive-mind has joined #arpnetworks
[10:05] <up_the_irons> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
[10:05] <up_the_irons> aes-256-cbc     279385.84k   277993.37k   301771.51k   318107.50k   319316.99k
[10:06] <up_the_irons> mercutio: ^^
[10:06] <up_the_irons> AMD 6216
[10:09] <up_the_irons> mercutio: the kvm nodes are dual E5430's
[10:12] <up_the_irons> these are numbers on the E5430's (no acceleration)
[10:12] <up_the_irons> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
[10:12] <up_the_irons> aes-256-cbc      95563.29k   106319.22k   110646.64k   112421.96k   106064.11k
[10:13] *** fink has joined #arpnetworks
[10:14] *** HighJinx has quit IRC (Quit: Computer has gone to sleep.)
[10:15] <up_the_irons> jeez
[10:15] <up_the_irons> Intel Xeon E5-2660 Sandy Bridge-EP 2.2GHz
[10:16] *** irons|xchat has joined #arpnetworks
[10:16] <up_the_irons> $1329
[10:16] <up_the_irons> all i can is
[10:16] <up_the_irons> Fuck That(tm)
[10:16] <up_the_irons> *say is
[10:17] *** hive-mind has quit IRC (Ping timeout: 272 seconds)
[10:21] *** hive-mind has joined #arpnetworks
[10:26] *** hive-mind has quit IRC (Ping timeout: 240 seconds)
[10:26] *** hive-mind has joined #arpnetworks
[10:32] *** fink has quit IRC (Quit: fink)
[10:33] *** hive-mind has quit IRC (Ping timeout: 268 seconds)
[10:36] *** HighJinx has joined #arpnetworks
[10:38] *** atmark has joined #arpnetworks
[10:42] *** fink has joined #arpnetworks
[10:46] *** hive-mind has joined #arpnetworks
[10:50] *** hive-min1 has joined #arpnetworks
[10:50] *** hive-mind has quit IRC (Ping timeout: 245 seconds)
[10:54] *** fink has quit IRC (Quit: fink)
[10:58] *** fink has joined #arpnetworks
[11:02] *** gcw|mini1 has quit IRC (Remote host closed the connection)
[11:02] *** fink has quit IRC (Client Quit)
[11:07] *** gcw|mbpro has joined #arpnetworks
[11:45] *** Webhostbudd has joined #arpnetworks
[11:45] *** fink has joined #arpnetworks
[13:27] *** mtve has quit IRC (Ping timeout: 244 seconds)
[13:28] <phlux>  3:28PM  up 391 days, 17:36, 4 users, load averages: 0.05, 0.06, 0.01
[13:28] *** gcw|mbpro has quit IRC (Ping timeout: 272 seconds)
[13:28] <phlux> ^My ARPNetworks FreeBSD VPS...I think I'm going to be starting it from scratch soon :(
[13:30] <up_the_irons> $ uptime
[13:30] <up_the_irons>  13:49:07 up 958 days, 13:37,  3 users,  load average: 4.09, 4.76, 4.38
[13:31] <up_the_irons> kvr04 went up to 983 days, my longest box ever
[13:31] <phlux> good lord
[13:31] <up_the_irons> maybe this one will surpass it
[13:31] <phlux> am I on that box, by chance?
[13:31] <up_the_irons> that's kvr05
[13:31] <up_the_irons> check your vnc host, says what box you're on
[13:31] <phlux> I honestly don't even know what I'm on
[13:31] <phlux> Roger that, one second
[13:33] <phlux> bah
[13:33] <phlux> I don't know my VNC host :\
[13:33] <phlux> I thought it would be in the dashboard somewhere
[13:34] <phlux> oh wait, it is
[13:34] <phlux> I'm on kvr06
[13:34] <up_the_irons> ah
[13:34] * phlux is kevinthompson
[13:35] <up_the_irons> that's a long running host too
[13:35] <up_the_irons> $ uptime
[13:35] <up_the_irons>  13:07:43 up 934 days, 10:01,  2 users,  load average: 3.10, 3.23, 3.31
[13:35] <phlux> nice
[13:35] <phlux> Hopefully it keeps it up :P
[13:35] <up_the_irons> :)
[13:35] <twobitha1ker> all that time with no kernel security patches :D
[13:35] <phlux> My ARPNetworks VPS is the hub of my entire network because of its stability
[13:36] <phlux> I've got VPSes from elsewhere, and they don't really compare imo
[13:36] <phlux> I've considered moving my entire network to ARPNetworks, but I don't know how much sense that would make for me.
[13:36] <up_the_irons> phlux: :)
[13:36] <up_the_irons> phlux: i say "do it"
[13:36] <phlux> haha, I bet!
[13:37] <phlux> If I could ensure that my servers were all on different hosts, I will be convinced to swap over everything.
[13:37] <up_the_irons> twobitha1ker: i knew someone would say that...
[13:37] <phlux> Someone says that to me about my VPS, too
[13:37] <phlux> I tell them to go ahead and exploit it for me right quick
[13:37] <up_the_irons> that's what you always hear when u try to tout uptime
[13:38] <up_the_irons> phlux: LOL hahaha
[13:38] <phlux> They always answer "Sure give me a shell." It doesn't work that way. If I did that, I'd be giving you a head start.
[13:38] <up_the_irons> phlux: well, we *do* put VMs of the same customer on different hosts, by default.
[13:38] <phlux> No kidding?
[13:39] <phlux> So if I picked up 3 more at the same time, all 3 would be on separate hosts?
[13:39] <up_the_irons> this one dude got like 15 VMs, in one day, and that was the only time it was hard to make sure they all got spread out
[13:39] <up_the_irons> phlux: sure of course
[13:39] <phlux> If so, I am going to make that change on Sep 1 (which also happens to be my birthday, yay me!)
[13:39] <phlux> Awesome
[13:39] <phlux> It's going to be so much easier paying one company :P
[13:39] <up_the_irons> phlux: i understand the concern about not having all eggs in one basket, i practice that myself, so why not do it for the customers?
[13:40] <fink> phlux: see if you can negotiate for an arpnetworks tshirt
[13:40] * fink has tried yet failed :(
[13:40] <phlux> up_the_irons: I'm glad to hear that you do it that way.
[13:40] <phlux> lol fink
[13:40] <phlux> YEAH
[13:40] <phlux> 3 servers for 1 T-shirt
[13:40] <phlux> whaddya say?!
[13:40] <up_the_irons> phlux: i wish i knew that was your only concern, i would have addressed it earlier :)
[13:41] <phlux> up_the_irons: No worries. I originally signed up a long time ago with the intention of "testing the waters," and I ended up using that VPS for *everything*
[13:41] <up_the_irons> phlux: haha cool
[13:42] <phlux> Speaking of which, I'm teaching a guy some things, and he's most likely going to pick up a VPS from ARP in the coming days.
[13:44] <phlux> Hoping his introduction to programming goes smoothly..he wants to be an IT Commisioned Officer in the USCG. I'm waiting for him so we can try to go to OCS together. We're both already enlisted, so we wouldn't really be competing with eachother.
[13:45] <up_the_irons> I got invited to OCS, then saw the age cutoff was 29.  I officially felt old (I'm 33)
[13:46] <up_the_irons> i hunger, cd $food
[13:47] <phlux> Dang I didn't know that the cutoff was 29
[13:47] <phlux> I'm only 23 (as stated earlier, 24 soon) so I haven't had to worry about age limits for anything, yet
[13:48] <kraigu> up_the_irons: child :D
[13:49] <kraigu> I was considering re-careering here as a direct entry officer, but the Canadian Forces dropped signing bonuses and I couldn't afford the pay cut without one
[13:50] <phlux> Man, if I'd have joined a year earlier, I'd have got a signing bonus with the CG.
[13:50] <phlux> I became an MST (Marine Science Technician)
[13:50] <phlux> I deal with oil spills, HAZMAT releases, waterfront facility regulations, foreign and domestic vessel inspections, and container inspections.
[13:50] <phlux> That's a mouthfull.
[13:50] <kraigu> also I suggested this possibility to my wife and her reaction was nearly as violent as I could expect in Kandahar :\
[13:50] <milki> o.O
[13:53] <kraigu> ?
[13:55] *** hive-min1 has quit IRC (Ping timeout: 240 seconds)
[13:57] <arenlor> up_the_irons: Given that kvr05 has 934 days uptime, how is its health?
[14:02] *** hive-mind has joined #arpnetworks
[14:25] <up_the_irons> kraigu: lol
[14:27] <up_the_irons> arenlor: health looks good; there are a couple drives with reallocated sectors, but i did a raid verify (twice) on it, and everything checked out; so, i'm just watching it
[14:27] <up_the_irons> phlux: that sounds interesting, actually
[14:27] <arenlor> up_the_irons: Alright, given that my important eggs are on it, don't care to have it go down too suddenly ^_^
[14:27] <up_the_irons> phlux: you will have to worry about age limit for American Idol soon (26, i think ;)
[14:28] <up_the_irons> arenlor: i hear ya.  i don't want a repeat of kvr04, where i spent all day and night at the data center nursing it back to health
[14:54] *** Webhostbudd has quit IRC (Quit: Leaving)
[15:21] <ryk> up_the_irons: well they do say natural breastfeeding is better than the bottle, so good job
[15:21] <up_the_irons> lol
[15:35] *** mtve has joined #arpnetworks
[15:36] *** fink has quit IRC (Quit: fink)
[15:57] *** dj_goku has joined #arpnetworks
[16:02] *** fink has joined #arpnetworks
[16:04] *** atmark has quit IRC (Ping timeout: 252 seconds)
[16:27] *** fink has quit IRC (Quit: fink)
[16:29] *** Webhostbudd has joined #arpnetworks
[16:35] *** hive-min1 has joined #arpnetworks
[16:37] *** hive-mind has quit IRC (Ping timeout: 244 seconds)
[16:40] <mercutio> up_the_irons: e5-2620 is a lot cheaper than e5-2660
[16:41] <mercutio> and your e5430 results seem a little low
[16:41] <mercutio> ie i got higher results than that from e5420
[16:42] <mercutio> it may be openssl version, or it may be load / context switching overhead
[17:20] *** DataCable has joined #arpnetworks
[17:22] *** dj_goku has quit IRC (Ping timeout: 244 seconds)
[17:22] *** DataCable has quit IRC (Client Quit)
[17:31] *** CaZe has quit IRC ()
[17:57] *** dj_goku has joined #arpnetworks
[17:57] *** dj_goku has quit IRC (Changing host)
[17:57] *** dj_goku has joined #arpnetworks
[18:06] *** dj_goku has quit IRC (Ping timeout: 244 seconds)
[18:52] *** HighJinx has quit IRC (Quit: Computer has gone to sleep.)
[19:28] *** Webhostbudd_ has joined #arpnetworks
[19:30] *** Webhostbudd has quit IRC (Ping timeout: 250 seconds)
[19:59] <up_the_irons> mercutio: well, that was on a production server, hardly idle
[20:32] <mercutio> yeh load could create that
[20:32] <mercutio> it could be related to openssl version too
[20:33] <mercutio> OpenSSL 1.0.1c 10 May 2012
[20:33] <mercutio> is what i was using
[20:33] <mercutio> err actually it was 1.01
[20:33] <mercutio> 1.0.1
[20:33] <mercutio> i think openssl changed a bit recently
[21:04] *** fink has joined #arpnetworks
[21:12] *** hive-mind has joined #arpnetworks
[21:13] *** hive-min1 has quit IRC (Ping timeout: 260 seconds)
[21:19] *** hive-mind has quit IRC (Ping timeout: 240 seconds)
[21:20] *** hive-mind has joined #arpnetworks
[21:26] *** hive-mind has quit IRC (Ping timeout: 245 seconds)
[21:28] *** hive-mind has joined #arpnetworks
[22:35] <up_the_irons> mercutio: i was using 0.9.8something
[22:36] <jpalmer> up_the_irons: less talking.. more testing centos images or spending time with your family.
[22:36] <jpalmer> ;)
[22:36] * jpalmer ducks and runs
[22:36] <up_the_irons> i'm researching ways of exporting a block device from one host to another (say an lvm volume from one host to some /dev/foo on another).  i've used AoE before, but things these days seem to be leaning toward iSCSI.  Anyone have any thoughts on the matter?
[22:36] <up_the_irons> jpalmer: lol
[22:36] <up_the_irons> jpalmer: the kids are asleep:)
[22:36] <up_the_irons> same with the wife
[22:37] <jpalmer> iscsi is the new hotness.  do it!
[22:37] <up_the_irons> brb
[22:39] <jpalmer> I think I'ma head to bed.
[22:39] <jpalmer> night all
[22:43] <up_the_irons> 'nite
[22:59] <mercutio> up_the_irons: think newer versions have improved by a bit
[23:00] <mercutio> up_the_irons: with iscsi you want to have seperate network for it and use large mtus
[23:01] <mercutio> balancing can be annoying, you c an use either multiple gigabit or expensive 10 gigabit
[23:01] <mercutio> but with gigabit you limit top speed to 110mb/sec or something
[23:01] <mercutio> fibre channel is the other option that is affordable
[23:02] <mercutio> but most of the affordable stuff ise second hadn
[23:02] <mercutio> and 10 gigabit ethernet is coming down in cost
[23:02] <mercutio> that said 100mb/sec is racing, if access times are good
[23:03] <up_the_irons> mercutio: i c
[23:04] <up_the_irons> mercutio: separate network is no problem, large mtus no problem
[23:04] <up_the_irons> pretty easy to bond 2 gige's, but fc would be better
[23:06] <up_the_irons> mercutio: have you used any iscsi targets that you would deem reliable?
[23:09] <mercutio> only opensolaris
[23:09] <up_the_irons> interesting
[23:09] <mercutio> and that's in state of "uhh what's happening"
[23:09] <up_the_irons> wut?:)
[23:09] <mercutio> well when oracle bought sun
[23:09] <mercutio> everyone left
[23:09] <mercutio> err a lot of the higher up people left
[23:09] <mercutio> there was a fork to illumos
[23:10] <up_the_irons> ah
[23:10] <Webhostbudd_> the illumos camp is hopping
[23:10] <mercutio> openindiana is going between prereleases...
[23:10] <Webhostbudd_> it's the only place to be
[23:10] <up_the_irons> oh, would you look at that... who has illumosvps.com  (me)
[23:10] <mercutio> openindiana seems stable with ok hardware
[23:10] <mercutio> stable as in reliable
[23:10] <Webhostbudd_> they have a lot of sun people working there so we should see some good stuff
[23:10] <mercutio> but not stable as in "one version for years"
[23:11] <mercutio> yeh
[23:11] <Webhostbudd_> well, no
[23:11] <mercutio> smartos sounds interesting too
[23:11] <Webhostbudd_> smartos is a great concept
[23:11] <up_the_irons> dang, i have openindianavps.com too
[23:11] <mercutio> md3000i is around for iscsi support but is slow
[23:11] <up_the_irons> i musta been looking toward the future... ;)
[23:11] <mercutio> there are higher cost options too
[23:11] <mercutio> hmm
[23:11] <mercutio> well joyent ported kvm to illumos
[23:12] <Webhostbudd_> it runs very well
[23:12] <up_the_irons> holy shit, they did?
[23:12] <Webhostbudd_> yes
[23:12] <mercutio> yeh
[23:12] <up_the_irons> wow
[23:12] <up_the_irons> runs good?
[23:12] <Webhostbudd_> that's what i have heard
[23:12] <mercutio> the base tools haven't had the work they need
[23:12] <mercutio> but the raw support is stable
[23:12] <Webhostbudd_> yes
[23:12] <Webhostbudd_> exactly
[23:12] <Webhostbudd_> once they port libvirt
[23:12] <mercutio> even though they ported it quickly
[23:12] <Webhostbudd_> it is going to be very attractive
[23:12] <mercutio> showing that they have good engineers
[23:13] <Webhostbudd_> they have a lot of the old sun guys
[23:13] <Webhostbudd_> because of the mass exodus from oracle
[23:13] <mercutio> by good poeple leaving oracle
[23:13] <mercutio> people like the guy who made java left
[23:13] <Webhostbudd_> mhmm
[23:13] <up_the_irons> smartos _does_ sound interesting
[23:13] <Webhostbudd_> all of the zfs, dtrace and other solaris kernel specialists left
[23:13] <mercutio> and said how he was unhappy with the direction oracle were taking sun
[23:14] <mercutio> and you'd think someone like that isn't likely to be someone who would motuh off randomly
[23:14] <Webhostbudd_> they aren't
[23:14] <Webhostbudd_> they LEFT
[23:14] <mercutio> http://www.eweek.com/c/a/Application-Development/Java-Creator-James-Gosling-Why-I-Quit-Oracle-813517/
[23:14] <mercutio> yeh but i mean it's not like a straight business man leaving or something
[23:14] <mercutio> and saying about his new venture
[23:15] <Webhostbudd_> no, they just don't want to be a part of the lawnmower
[23:16] <Webhostbudd_> up_the_irons: i could totally see you running smartos one day
[23:16] <Webhostbudd_> up_the_irons: assuming it becomes stable
[23:16] <up_the_irons> Webhostbudd_: i'm checking it out right now
[23:16] <Webhostbudd_> what's funny is that their port of KVM requires the use of zones
[23:16] <Webhostbudd_> so each kvm instance is wrapped in a zone
[23:16] <Webhostbudd_> oddly enough it prevents a lot of kvm exploits
[23:17] <Webhostbudd_> because the attacker can't break the zone
[23:17] <mercutio> i think that was a sensible move
[23:17] <Webhostbudd_> yes it was
[23:17] <Webhostbudd_> i mean, why not
[23:17] <Webhostbudd_> it gives the administrator even more control over the virtual instance
[23:17] <mercutio> and with zfs you can clone file systems
[23:17] <mercutio> and do copy on write
[23:17] <Webhostbudd_> zfs is amazing
[23:17] <mercutio> so it's not as high overhead having heaps of zones
[23:18] <Webhostbudd_> smartos is a killer combination of technologies
[23:18] <Webhostbudd_> i would love to see it get bigger
[23:18] <mercutio> webhost: marketing on the other hand...
[23:18] <mercutio> have you seen their videos?
[23:18] <Webhostbudd_> no?
[23:18] <mercutio> they seem tacky
[23:18] <Webhostbudd_> it's pretty hard to market it at this point though
[23:18] <Webhostbudd_> let's be honest, they don't have a product to ship
[23:19] <mercutio> i think they do?
[23:19] <mercutio> joyent are doing private clouds already
[23:19] <up_the_irons> so does smartos run illumos underneath?
[23:19] <mercutio> http://joyent.com/solutions/privatecloud/
[23:19] <Webhostbudd_> no one who is concerned with how they market a product is going to call that a product
[23:19] <mercutio> up_the_irons: yeh
[23:19] <Webhostbudd_> up_the_irons: yes
[23:19] <mercutio> and is one of the major contributors
[23:19] <up_the_irons> and illumos is an opensolaris fork?
[23:19] <Webhostbudd_> illumos is the kernel if i am not mistaken
[23:19] <Webhostbudd_> or do they do userland work?
[23:19] <mercutio> illumus is like the base system
[23:20] <mercutio> like netbsd etc i think
[23:20] <Webhostbudd_> yea, that was always my impression
[23:20] <up_the_irons> yeah i think i get it
[23:20] <Webhostbudd_> except they don't actually assemble any of it
[23:20] <mercutio> openindiana is more like opensolaris
[23:20] <Webhostbudd_> i wanna say it would be like GNU finishing a kernel
[23:20] <mercutio> there's also nexenta
[23:20] <mercutio> or something
[23:20] <mercutio> which uses apt-get
[23:20] <Webhostbudd_> the way i see it, GNU = illumos and OI / nexenta are distros
[23:21] <Webhostbudd_> IF GNU had a kernel
[23:21] <up_the_irons> so, with zones, i've always thought of them to be the solaris equivalent of freebsd jails.  and since they are just processes that share the same base OS kernel, is it true the only thing you can put in a zone is another illumos instance?
[23:21] <Webhostbudd_> up_the_irons: mostly true
[23:21] <mercutio> up_the_irons: i think it's like freebsd jails, but a bit more brokenout
[23:21] <up_the_irons> (and that instance could run kvm, yeah, but in the end, it's still illumos)
[23:21] <Webhostbudd_> yes
[23:21] <up_the_irons> roger
[23:21] <Webhostbudd_> but there is probably work to emulate linux / bsd systemcalls
[23:22] <Webhostbudd_> i know freebsd jails can run centos
[23:22] <Webhostbudd_> with linux emulation
[23:22] <mercutio> web: i think that work is still behind
[23:22] <Webhostbudd_> maybe
[23:22] <mercutio> smartos is getting a new package manager i think
[23:22] <Webhostbudd_> i don't use zones so i wouldn't know
[23:22] <mercutio> and packages can be old at present
[23:22] <Webhostbudd_> well, all of the illumos stuff seems to be using pkgsrc
[23:22] <up_the_irons> so illumos is only the kernel, and openindiana is kinda like kernel + userland (e.g. GNU)
[23:22] <mercutio> but i think in general it's under quite a lot of active work
[23:22] <up_the_irons> freebsd jails can run cent?  LOL
[23:23] <Webhostbudd_> up_the_irons: yea, i think that is probably more correct
[23:23] <Webhostbudd_> up_the_irons: bottom line, you don't run illumos
[23:23] <up_the_irons> Webhostbudd_: yeah makes sense, at least roughly
[23:23] <mercutio> openindiana has both sun and gnu userland
[23:23] <Webhostbudd_> directly
[23:23] <Webhostbudd_> yea
[23:23] <mercutio> ls you have /usr/gnu/bin/dd
[23:23] <mercutio> and /usr/bin/dd
[23:23] <mercutio> and the normal dd doesn't support things like conv=fdatasync
[23:23] <Webhostbudd_> there is a really cool fork out there
[23:23] <Webhostbudd_> which im really digging
[23:23] <Webhostbudd_> stormos
[23:24] <Webhostbudd_> debian userland + illumos kernel
[23:24] <mercutio> webhost: what have they done?
[23:24] <Webhostbudd_> similar to debian kfreebsd
[23:24] <mercutio> oh?
[23:24] <up_the_irons> i think i'm gonna load this up on one of my microcloud blades
[23:24] <Webhostbudd_> give it a shot
[23:24] <mercutio> smartos is doiugn things new and fancy
[23:24] <mercutio> like they want you to network boot
[23:24] <up_the_irons> even more reason to finish that box and haul it to the d/c
[23:24] <Webhostbudd_> mercutio: which is great
[23:24] <mercutio> and have all the storage on a machine running under zfs
[23:24] <Webhostbudd_> imagine how easy it is to deploy nodes
[23:25] <mercutio> which isn't a new concept
[23:25] <Webhostbudd_> nope
[23:25] <Webhostbudd_> don't the big guys do it?
[23:25] <mercutio> people have been doing such with esxi etc for a while
[23:25] <Webhostbudd_> vmware
[23:25] <Webhostbudd_> yea
[23:25] <mercutio> but like they're working towards "well thought out" ways of doing things
[23:25] <Webhostbudd_> which i like
[23:25] <mercutio> but also allowing a steeper learning curve
[23:25] <mercutio> and doing things diffrently
[23:25] <mercutio> like they're not trying to just support a whole lot of legacy ways of thinking
[23:25] <Webhostbudd_> nope
[23:26] <mercutio> they're trying to streamline things etc
[23:26] <Webhostbudd_> i really appreciate the effort for a solid, opensource hypervisor
[23:26] <Webhostbudd_> linux really doesn't fit the bill
[23:26] <Webhostbudd_> well, the distros of today don't
[23:26] <Webhostbudd_> illumos is a very solid kernel though
[23:27] <Webhostbudd_> hardware support is probably shaky though
[23:27] <Webhostbudd_> outside of your common server hardware
[23:28] <mercutio> it's better than esxi for hardware support
[23:28] <up_the_irons> i would only want to run common server hardware ;)
[23:28] <Webhostbudd_> which is outstandingly sad
[23:28] <up_the_irons> the uncommon stuff is expensive...
[23:28] <mercutio> up_the_irons: one of the older hp's was broken a while back
[23:28] <Webhostbudd_> hp's make me cringe
[23:28] <mercutio> cpqarwy o rwhatever scsi controllers
[23:28] <mercutio> cpqary3
[23:29] <up_the_irons> if it'll run on an Ivy Bridge 3.4GHz + plain ol' SATA + Intel GB, then that's all i need :)
[23:29] <mercutio> http://www.greenviolet.net/articles/2011/09/21/openindiana-151a-and-hp-smart-array-controllers.gv
[23:29] <Webhostbudd_> anyone here in the market for a sas expander?
[23:29] <mercutio> up_the_irons: yeh it'll do that
[23:29] <up_the_irons> mercutio: yeah i didn't figure that basic of hardware would be a challenge
[23:29] <mercutio> up_the_irons: you need nehalem or whatever or newer cpus for kvm under illumos
[23:30] <up_the_irons> mercutio: well sure, u need that for kvm in general
[23:30] <Webhostbudd_> yes
[23:30] <mercutio> well the hp thing would effect quite a lot of older hardware
[23:30] <mercutio> up_the_irons: nah
[23:30] <Webhostbudd_> ehhhh
[23:30] <Webhostbudd_> nah
[23:30] <up_the_irons> wut
[23:30] <mercutio> up_the_irons: e5430 won't run kvm on illumos
[23:30] <Webhostbudd_> i run kvm on adm phenoms
[23:30] <up_the_irons> mercutio: oh? why?
[23:30] <mercutio> because they're relying on some newer intel feature
[23:30] <up_the_irons> ah
[23:30] <Webhostbudd_> yes
[23:30] <mercutio> uhh it hikn it's EPT
[23:30] <up_the_irons> interesting
[23:30] <mercutio> i can't remember what it was
[23:30] <Webhostbudd_> that sounds correct
[23:30] * up_the_irons googles
[23:31] <Webhostbudd_> they don't support amd at all do they?
[23:31] <up_the_irons> oh, extended page tables?
[23:31] <mercutio> web: that was the case last i knew
[23:31] <up_the_irons> no amd support?!
[23:31] <Webhostbudd_> nope
[23:31] <mercutio> up_the_irons: that's what it stands for but i don't know if that' the case
[23:31] <mercutio> or if it was anothe rfeature
[23:31] <up_the_irons> k
[23:31] <mercutio> up_the_irons: someone may fix the amd stuff sometime
[23:31] <mercutio> but smartos developers focused on intel
[23:31] <up_the_irons> i'm loving my AMD 6212 system...
[23:31] <Webhostbudd_> Currently KVM on OpenIndiana only supports recent Intel VT chipsets.
[23:31] <up_the_irons> Webhostbudd_: ah gotcha
[23:32] <Webhostbudd_> bulldozer opterons huh?
[23:32] <up_the_irons> yup
[23:32] <Webhostbudd_> do you get 16+ cores on those?
[23:32] <up_the_irons> the 6212's have 8
[23:32] <Webhostbudd_> oh
[23:32] <up_the_irons> but two sockets on my board, so 16 altogether
[23:32] <mercutio> Finally, there is no support currently for AMD SVM. This is not a value judgement of AMD's technology, but rather a reflection of limited engineering and testing resources. (In the spirit of full disclosure, it should be said that the sponsor of illumos-kvm, Joyent, is an Intel-funded company -- but the lack of AMD support reflects only engineering prioritization and lack of testing infrastructure; AMD SVM support would be most welcome should someone in the 
[23:33] <Webhostbudd_> it sucks that those 8 cores get beaten so badly by 4 intel cores
[23:34] <up_the_irons> Webhostbudd_: my cpus: http://i.imgur.com/Ed6nw.png
[23:34] <up_the_irons> Webhostbudd_: in benchmarks or real world operation?
[23:34] <Webhostbudd_> actually more in real world
[23:34] <up_the_irons> cuz i'm finding them to be quite awesome
[23:35] <Webhostbudd_> but a lot of server stuff is multithreaded and integer intensive so bulldozer should be a good fit
[23:35] <up_the_irons> yeah
[23:35] <mercutio> you've also got context switches to worry about
[23:35] <mercutio> and having more cores can cut down in that when virtualising
[23:35] <up_the_irons> exactly
[23:36] <up_the_irons> context switching is super high in virt
[23:36] <mercutio> i've never seen any good benchmarks for high load virtualisation
[23:36] <mercutio> of multiple diff applications
[23:36] <Webhostbudd_> no, and that is a problem
[23:36] <up_the_irons> i find that benchmarks are like job interview questions; they look good on paper but do not reflect how the thing will behave in real life situations
[23:37] <Webhostbudd_> exactly
[23:37] <mercutio> up_the_irons: well it depends if you find the right benchmarks..
[23:37] <Webhostbudd_> you can also find the right interview questions
[23:37] <mercutio> like you cna easily find game benchmarks to know if a video card will be a good fit for you
[23:37] <up_the_irons> mercutio: maybe i'm looking at the wrong stuff then
[23:37] <mercutio> but finding cpu benchmarks for virtualisation ... yeh..
[23:37] <Webhostbudd_> mercutio: that's pretty hard to say though
[23:37] <up_the_irons> mercutio: yeah, games are specialized, cpus are generalized
[23:38] <mercutio> mm
[23:38] <Webhostbudd_> that's actually the problem with game benchmarks though
[23:38] <mercutio> i'd look at kernel compile time benchmarks probably
[23:38] <Webhostbudd_> unless you always play the same games...
[23:38] <mercutio> but they're still not going to be accurate
[23:38] <mercutio> webhost: you're comparing video cards to see what would be "good enoguh" for you :)
[23:38] <up_the_irons> mercutio: kernel compile time might be a good overall heuristic, it uses disk + cpu
[23:38] <Webhostbudd_> compile benchmarks have a lot of floating point though right?
[23:38] <mercutio> webhost: nope
[23:38] <up_the_irons> i would imagine
[23:38] <up_the_irons> no?
[23:39] <mercutio> why would compilers be floating point?
[23:39] <mercutio> video encoding etc would be
[23:39] <mercutio> but compiling is gnerally memory/integer heavy
[23:39] <Webhostbudd_> see, i would assume that
[23:39] <mercutio> if you add 2.5 + 3.5 on a compiler using float point numbers
[23:39] <mercutio> the compiler only has to generate the assembler
[23:40] <mercutio> that doesn't require it actually doing the maths.
[23:40] <Webhostbudd_> oh im not talking about that
[23:40] <up_the_irons> mercutio: perhaps at the optimize phase there is fp (but not lexer, parser, etc...)
[23:40] <up_the_irons> *optimization
[23:40] <Webhostbudd_> yes
[23:40] <Webhostbudd_> this is what i always thought
[23:40] <mercutio> well, if you multiply by 1.5
[23:41] <mercutio> it probably does a shift
[23:41] <mercutio> and adds it to the number
[23:41] <mercutio> rather than actually doing it in floatin gpoint
[23:41] <Webhostbudd_> im not talking about arthimetic in code at all
[23:41] <mercutio> hmm
[23:41] <mercutio> there's not that much optimisation work these days.
[23:41] <mercutio> there's some, but it's not really as fancy as people often seem to believe.
[23:41] <Webhostbudd_> obviously
[23:41] <Webhostbudd_> fancy stuff breaks
[23:41] <mercutio> heh
[23:42] <Webhostbudd_> people like to believe a lot of cool stuff is at work
[23:42] <mercutio> it's mostly stuff like cache line optimisation that is easier for compiler to do than by hand
[23:42] <Webhostbudd_> mhmm
[23:42] <mercutio> and reordering to prevent stalls.
[23:42] <Webhostbudd_> yep
[23:43] <mercutio> i'm still surprised by how big the linux kernel is
[23:43] <Webhostbudd_> freaking massive
[23:43] <mercutio> i'd like a kernel < 1 megabyte compressed really
[23:44] <mercutio> i have one with lots of stuff disabled and it's still 3.4mb compressed
[23:44] <mercutio> back with linux 2.1 it wasl ike 500 or 600k compressed
[23:44] <Webhostbudd_> lol freebsd kernel so small
[23:44] <mercutio> how big is freebsd kernel?
[23:44] <Webhostbudd_> that's not real
[23:44] <Webhostbudd_> bullshit
[23:44] <Webhostbudd_> 630k
[23:44] <Webhostbudd_> really
[23:44] <mercutio> openbsd is 5.1 mb
[23:44] <mercutio> did freebsd go to modules?
[23:44] <Webhostbudd_> i do have a lot of stuff disabled in my kernel
[23:44] <Webhostbudd_> freebsd does have modules
[23:45] <Webhostbudd_> but i also removed a ton of built in device support
[23:45] <mercutio> openbsd isn't compressed
[23:45] <mercutio> nor modular
[23:45] <Webhostbudd_> well
[23:45] <Webhostbudd_> my freebsd kernel doesn't even have ufs support
[23:45] <mercutio> oh
[23:45] <Webhostbudd_> i mean, i compiled everything out
[23:45] <mercutio> it can't be zfs with that size
[23:45] <mercutio> what fs are you using?
[23:45] <Webhostbudd_> zfs doesn't build directly into the kernel
[23:45] <Webhostbudd_> and zfs is only 120k
[23:45] <mercutio> oh
[23:46] <Webhostbudd_> it's not huge
[23:46] <mercutio> that's good
[23:46] <up_the_irons> nice
[23:46] <Webhostbudd_> sec
[23:46] <mercutio> i've got this thing against bloat :)
[23:46] <Webhostbudd_> alright, i was massively mistaken
[23:46] <Webhostbudd_> =p
[23:46] <Webhostbudd_> 2mb for zfs.ko
[23:47] <Webhostbudd_> lol
[23:47] <mercutio> heh
[23:47] <mercutio> i thought zfs was big :)
[23:47] <mercutio> it'll have support code etc
[23:47] <Webhostbudd_> well, i knew it was big, i thought most people just overestimate
[23:47] <mercutio> heh
[23:48] <mercutio> zfs is a bit of a memory hog too
[23:48] <mercutio> it's nice ram got cheaper :)
[23:48] <Webhostbudd_> oh god yea
[23:48] <up_the_irons> zfs is quite a memory hog
[23:48] <Webhostbudd_> zfs is fast with lots of ram though
[23:48] <Webhostbudd_> blazing
[23:48] <Webhostbudd_> i love that arc cache
[23:49] <mercutio> weird this page says kvm just needs vmx
[23:49] <Webhostbudd_> which kvm?
[23:49] <mercutio> illumos
[23:49] <Webhostbudd_> linux kvm probably
[23:49] <Webhostbudd_> oh
[23:49] <Webhostbudd_> maybe they added support recently?
[23:49] <mercutio> ARC Size: Current Size:             3598 MB (arcsize) Target Size (Adaptive):   3598 MB (c) Min Size (Hard Limit):    638 MB (zfs_arc_min) Max Size (Hard Limit):    5111 MB (zfs_arc_max)
[23:49] <Webhostbudd_> and maybe that OI wiki is out of date
[23:49] <jdoe> "memory hog" is another word for "aggressive caching" ;)
[23:49] <mercutio> https://github.com/joyent/illumos-kvm/
[23:50] *** fink has quit IRC (Quit: fink)
[23:50] <mercutio> it goes real slow with 2gb of ram
[23:50] <Webhostbudd_> so wait.... that thing works on amd!
[23:50] <Webhostbudd_> oh
[23:50] <mercutio> what?
[23:50] <Webhostbudd_> derp
[23:50] <mercutio> svm is amd
[23:50] <Webhostbudd_> yea
[23:51] <mercutio> that page makes installing kvm really hard
[23:51] <mercutio> it's actually simple on openindiana
[23:51] <Webhostbudd_> just use smartos =p
[23:51] <mercutio> EPT is supported on E5430
[23:52] <mercutio> maybe it does work on earlier cpus?
[23:53] <up_the_irons> interesting
[23:54] <mercutio> what's this omnios
[23:55] <Webhostbudd_> people love illumos
[23:55] <Webhostbudd_> jeese
[23:58] <up_the_irons> anyone know of a good iscsi target for linux?  i see iscsitarget and open-iscsi (and i actually don't know of open-iscsi can be a target...)
[23:59] <Webhostbudd_> no idea
[23:59] <Webhostbudd_> god, i can't believe illumos is built with gcc 3.4.3
[23:59] <Webhostbudd_> that just feels super old now