You can seed public torrents with Proton? I thought they did something to curb that a few years back.

What is your opinion on Windscribe and PIA?

MAC is generally more complex than simple Unix permissions. Whether SELinux is more complex than AppArmour is more up to preference in my opinion

Considering I am the operations team, just goes to show how much I have left to learn. I didn’t know about the external-dns operator.

Unfortunately, my company is a bit strange with certs and won’t let me handle them myself. Something to check out at home I guess.

I agree with you about the LVM. I have been meaning to set up Rook forever but never got around to it. It might still take a while but thanks for the reminder.

Wow. That must have been some work. I don’t have these certs myself but I’m looking at the CKA and CKS (or whatever that’s called). For sure, I loved our discussion. Thanks for your help.

ACLs are pretty good and have come in handy for me multiple times

I am using a reverse proxy in production. I just didn’t mention it here.

I’d have to set up a DNS record for both. I’d also have to create and rotate certs for both.

We use LVM, I simply mounted a volume for /usr/share/elasticsearch. The VMWare team will handle the underlying storage.

I agree with manually dealing with the repo. I dont think I’d set up unattended upgrades for my k8s cluster either so that’s moot. Downtime is not a big deal: this is not external and I’ve got 5 nodes. I guess if I didn’t use Ansible it would be a bit more legwork but that’s about it.

Overall I think we missed each other here.

SRE here and I agree with you. I’m basically a glorified Linux admin lol

The very act of writing FOSS code is altruistic. Indeed, I’m looking at the big corporations when I point and say “thief!”.

Some companies do work that I like though. Mullvad is a prime example. Recently I’ve been looking at Nym and I like their ideas and work. I really liked that the big giants like Google and IBM collaborated for k8s. I believe Uber has done something wonderful for the FOSS community too but I don’t remember what it is. The fact is that they can if they try

I understand that if your boss tells you to write MIT/Proprietary code, you do so. I just wish that the ones who had a choice would use GPL

I understand. I can’t argue against wanting to earn money and be told to do something. I just wish that those that have a choice would take the extra minute to use GPL

Because most corporations do not contribute their changes back if it’s MIT/BSD licensed

Look, I understand if your boss tells you to not write Open-source/only use MIT so they can profit off of it later on. But for the people who have a choice, why wouldn’t they? I don’t see how it hurts their bottom line.

I’m middle class and here I am raging on Lemmy about software licenses LMAO

I didn’t think most of them allow port-forwarding

No idea. I personally use PVs and PVCs with k3s and it’s trivial there with some downtime

There’s a GUI for containerd?

In this case, yes. If you were altruistic toward the community, shareholders could instruct devs to use it anyway so it works out for both groups. Doesn’t work the other way around

I’m interested in the VPN you use

Sorry, I’m not much of a software dev so bear with me:

If the libraries are GPL licensed, is there a problem? Unless you’re editing the libraries themselves.

Now if the application is GPL licensed and you’re adding functionality to use other libraries, please push upstream. It helps the community and the author will more likely than not be happy to receive it

Exactly

By more moving parts I mean:

Running ElasticSearch on RHEL:

• add repo and dnf install elasticsearch.
• check SELinux
• write config
• firewall-cmd to open ports.

In k8s:

• grab elasticsearch container image
• edit variables in manifest (we use helm)
• depending on if the automatically configured SVC is good, leave it alone or edit it.
• write the VS and gateway (we use Istio)
• firewall-cmd to open ports

Maybe it’s just me but I find option 1 easier. Maybe I’m just lazy. That’s probably the overarching reason lol

Ah thanks, I’ll go through it!