I know that this is a arm based list - but - to play devils advocate - and not to aggravate everyone on this list [1], I must admit that I'm having an issue seeing the value proposition here.
Take a a look at this Intel NUC <http://www.amazon.com/gp/product/B00HVKLSVC/ref=oh_aui_detailpage_o01_s00?ie=UTF8&psc=1> Drop in a low-cost SSD (Crucial MX100 120Gb <http://www.amazon.com/Crucial-MX100-adapter-Internal-CT128MX100SSD1/dp/B00KFAGD88/ref=sr_1_fkmr0_3?s=electronics&ie=UTF8&qid=1412707060&sr=1-3-fkmr0&keywords=crucial+mx100+120gb>) and you've got an x86 system + enclosure + power supply (brick) - that you can stack (if you wish to). Given that you can run your choice of OS and take advantage of Docker <https://www.docker.com/> containers... why mess with ARM based systems. What are the advantages - especially considering your time investment. OR to continue to play devils advocate, you can spin up a 7x24 f1-micro instance <https://cloud.google.com/compute/#pricing> for about $8.xx/month with the 40% discount you get for running it 7x24/month. Understand that there is no committment and you have no power or UPS or Air/Conditioning (A/C) bills - and no, up-front, capital equipment costs.[2] So, if I, again, playing devils advocate, compare 5 ARM based systems at $100/system, compared with two Google Compute Engine (GCE) f1-micro instances for one year: ARM hardware GCE VMs 5 * $100 8.12*2 * 12 = $194 How about for 2 years: ARM GCE 5 * $100 $389 How about for 3 years: ARM GCE 5 * $100 $584 4 years: Whoops - time to replace that "old" ARM hardware. Oh - and BTW the cloud based VMs will very (extremely) likely have gone down in price and may or may/not be ARM based! Yes - you have to pay for "virtual" disk and bandwidth etc. But .... I'm having difficulty seeing Roberts' cost/benefit to running ARM. As I said, please feel entirely free to push back at me. I'm not trying to troll this list - I think its very interesting and beneficial and I applaud every contributor. [1] as you guys know, I'm already providing some support to the list members in terms of a means of providing some download facilities at opensxce.org. [2] the other alternative is an Amazon Web Service 1 or 3 year reservation on a t2.micro instance. And don't forget the AWS Free Tier <http://aws.amazon.com/free/?sc_icountry=en&sc_ichannel=ha&sc_idetail=ha_en_c_cta_112_1&sc_icontent=ha_en_112&sc_iplace=ha_en_hero_cta&sc_icampaign=ha_en_FreeTier&trk=/> which gives you a micro instance with storage/bandwidth etc. etc. *free* for one year. Regards, On Tue, Oct 7, 2014 at 7:24 AM, Robert Moskowitz <[email protected]> wrote: > > On 10/07/2014 08:09 AM, Gordan Bobic wrote: > >> On 2014-10-07 13:05, Robert Moskowitz wrote: >> >> Of course roundcubemail is its own set of problems, but I do have to >>>>> provide web imap email. >>>>> >>>> >>>> Roundcube isn't really that problematic, I've been running it for >>>> years. Having said that, I run it on a dedicated VServer instance, >>>> so any scope for damage even if it did turn out to have an exploit >>>> is very limited. >>>> >>> >>> And when I was first testing Roundcube about 1.5 years ago, I detected >>> a problem in their conf and recommended: >>> >>> php_admin_flag session.cookie_secure "1" >>> >>> and got yelled down! A couple others agreed that this should be the >>> default. I will have to see if the new build does this. >>> >> >> I only ever run it on a https only virtual host, so didn't see >> this as a big deal. >> > > this is a client-side security issue. And what is passed in the cookie > that can be intercepted, prior to TLS starting up. I had checked it out > with wireshark at the time. > > >> I generally prefer to use VServer/LXC/OpenVZ to isolate >>>> instances if I need to have things running efficiently >>>> on a single machine. It mitigates at least some types of >>>> possible attack. Of course, those require rebuilding >>>> the kernel with suitable patches, if they are not already >>>> in the kernel you are using... >>>> >>> >>> I run separate hardware for each purpose; why I am so interested in >>> arm platforms. Then TRY and have as little other stuff as possible. >>> I move SSH to another port, just to keep the rift-raft away. And >>> whatever else I learn. >>> >> >> It's a valid approach , but it does increase the machine >> sprawl. VServer helps keep that under control. >> > > It use to be two shelves of SFF intelboxen on their sides, now check out: > > http://medon.htt-consult.com/~rgm/cubieboard/cubietower-3.JPG > > It looks neater now. Should get a new pix posted. > > > > _______________________________________________ > users mailing list > [email protected] > http://lists.redsleeve.org/mailman/listinfo/users > -- Al Hopper
_______________________________________________ users mailing list [email protected] http://lists.redsleeve.org/mailman/listinfo/users
