-
At work we run tinc as a quasi-VPC clone in production and it’s been good to us so far.
The only complaints I have is that under a lot of network load it’ll eat up a good amount of processing power on a DO droplet.
It took some time getting up a lot of the infrastructure in place to manage and hand out keys and configs – FWIW I think had we started with something more zerconf like this might have been easier on us.
-
I am usually recommending ipsec as VPC between hosts. Do you have performance numbers? The only downside I saw with these setups was that they add some latency. I did not see unreasonably huge CPU usage even when under heavy load. How is tinc performing. Sparing one core for tinc will usually be ok, if latency is improved.
-
In our testing across datacenters tinc did not add any noticable latency. In our tests with iperf bandwidth capped out at about 150Mb/s whereas without it we’d hit line speed (1 Gb/s) we’re not network constrained so that wasnt a deal killer for us – You’re right about it eating up a core, but that’s still a core you’re paying for.
Prior to selecting tinc we looked at using ipsec but the management burden of it seemed really high. There’s a good talk by Fran Garcia from hostedgraphite who went into their problems with it https://www.usenix.org/sites/default/files/conference/protected-files/srecon16europe_slides_garcia.pdf That presentation and doing some reading pretty much steered us away from ipsec
In the end I think we’ll probably up switching to a provider who provides a VPC like service and then we’ll do site to site vpns across providers if only to relieve us from the management and overhead burdens of tinc.
-
Prior to selecting tinc we looked at using ipsec but the management burden of it seemed really high. There’s a good talk by Fran Garcia from hostedgraphite who went into their problems with it https://www.usenix.org/sites/default/files/conference/protected-files/srecon16europe_slides_garcia.pdf
Decent write-up. TL;DR: Don’t use Racoon.
-
-
-
-
-
-
jawn
1 year ago
|
link
| on:
One second code: Do YOU know how much your computer can do in a second?
This is a great companion to/practical application of “Latency Numbers Every Programmer Should Know” https://gist.github.com/jboner/2841832
-
In my experience, erlang’s syntax while foreign to most developers isn’t much of an actual stumbling block. However, it’s difference from most languages does give developers an easy excuse to not consider it.
We are a fad driven industry with a penchant for throwing the baby out with the bath water every 5 years.
As a result, people become skeptical of touted complexity reductions in using languages such as erlang.
It’s not until those rough edges are smoothed a bit (elixir), that the benefits of the language become easier to convey.Meanwhile languages with less complete concurrency solutions but lower barriers to entry (golang) gain huge followings in short amount of time (and with good reason).
Anecdotally, I know of a few people who have gone from elixir->erlang, and I hope the good work that Jose has done continues to make conversions.
-
Week 2 of my being employed at Shutterstock (specifically, Premiumbeat). Very much excited, culture seems good and sane, and I’m already digging my claws in some code. Node stuff, which is (IMHO) a step up from PHP, so all good. I’ve been learning a bit about mixing programmatically, for fun.
On a non-work related note, I’ve been reading a book about communication specifically aimed at tech people, covering communications for non-tech people. It’s got tons of great insight and I can’t wait until I finish it because I suck so hard at communicating correctly. It even has a section on navigating office politics. That book was literally written for me, figuratively.
-
the video for this is hilarious.