This is a real paradigm shift. Until now in linux one was free to choose to install mostly any additional software even on a server. It was only the admins choice or decision, if this is making sense or not.
One may install any container in NS8, of course. If there is one for the software you may want to add. But only those in the software center as I understood, will work seamless with NS8. So as a part-time admin I’m no more free to choose how I build my server in the end.
To @Andy_Wismer: I do know exactly what it means “I cannot” or “I will not”.
With all respect (again) to the devs and all forum members, all important information (for me) is lying on the table. Right now, I will not migrate to NS8.
This is not true: Davide gave a general rule, you should respect if you expect support from the community on NS8.
It doesn’t mean you are not free to choose: NS8 is Open Source and based on a Linux distribution. You can do whatever you want inside it. Just be aware that if something breaks, it will be very hard to help you recover the system.
Not all professioals are payed that much for flat-rate firewall administration.
Or not all companies have multiple places/points with installed firewall that will have so much operative advantages for automated deployiment/configuration update.
It’s a powerful tool for new and bigger customers? Absolutely.
Does it fit to the currente base install? IMVHO no.
Has been repeated many times from different representative that “small home business is still important to NethServer”.
I can understand some of the goals of the new path. I can understand that technological changes (the ones i questioned about and still mr Fattorini did not answer, I’d love to know why) had created the necessity for… not doing from scratch again NethServer.
But if “fake it until you make it” is the current gig… they’re not making it. Yet.
I’d love to emphysize that there are two lines beside my current feelings.
First line is the monumental task to transition customers from current generation of NethServer to this sort of cluster overlord which should fit the role. It’s tough, this is improving and the community are IMVHO wonderful beta testers for anticipate a lot of the bugs, design potholes, and “i forgot that” issues. Community is helping a lot into refining the 1.0 version of this kind of distro, so if the fails will be enough before the release, the product will be much more market ready.
Second line is my incapability to accept some of deflection and attempted ridiculization about what will make this product leave most of the adopters. If it’s shaped like a fork, if you can use it like a fork but it’s also a little bit sharpened on one side, you cannot sell that as a knife because it’s not.
System is not the same, paradigm is not the same, firewall will be not the same and also will be not the same from Nethesis started for, because I hardly find possible that NextSecurity can support all the modules available for OpenWRT. Seems too much expensive in term of support collection and developer time to adjust things
And viceversa, I don’t think that any module designer will take care of the different kinks between NextSecurity and OpenWRT, unless payed for it (develop a NextSecurity compatible version).
Whatever I find this pleasant or not it’s irrelevant. Industry massively pushed data, system, power consumption outside offices and companies. It’s less complicate define if you can pay a monthly fee than create accountancy for server (and amortization), licenses about hardware and software (and amortization for pay the upgrades) and CALs, power, skills (inner or on loan), backup. It’s way to easy to sell the things to accountancy with the monthly fees.
However, accountancy often can’t quantify the value of information control and privacy.
Everything outside your network perimeter is under the company control only limitately to the contract established between the company and the service provider.
In this world of “invoices a service”, being fast to deploy applications is a value. And lots of applications (invoices) are available in containers.
What’s your opinion about that? Is it a good thing or not? Do you like it?
I like it very much, it’s a big help for my work and I don’t feel like I’m doing a bad thing.
Some posts of this forum against or in favour of the firewall split are maybe too much ideologically biased. However we explained many times the technical reasons to do it. It was an hard decision, and I’m sorry if someone is not happy with it. I think there are more development constraints than market opportunities in that hard choice.
You wrote a long post: I think it is very relevant.
These are some sensational comments that I don’t find helpful to the discussion.
Yes, everything COULD be done. Perhaps you’d like to compile all your packages, write your own kernel, and solder your own hardware as well?
The fact is that everyone has a line (acceptable threshold) of what they want to do for their servers. It’s a wasted effort to try to convince others to join you in your position.
Another fact is that this fundamental shift in NS8 moves the line of what is being expected of existing NethServer admins. I think this has not been stated clearly enough.
But the decision has been made, so I won’t waste my time debating it. I’m sure the team has done the math and decided this is what’s best for their goals for the product; but you can’t be surprised that existing users (and customers) disagree and are not happy with a change that means more work for them.
As for me, I’ll spend my time and money on a product that does what I want it to: let me self-host all my my things with minimum effort and a good level of control when I want it.
It’s been fun. Thanks for your hard work Neth Server team
This, and a lot of other points mentionned here by some ole die-hards do not help the discussing either.
The world is moving forward, security has changed, a lot else has changed too!
Horses were once the king when it came to human mobility.
When cars came in, horses went out.
Sure, a lot of complaints - by interest groups, like Smiths, Breeders, others.
Nowadays? Most people with horses drive the most expensive cars as transport, horses are “for fun” or as status symbols. And the financial means to afford the decadence? Hardly ever earned through hard work!
Horses, as a method of mobility for humans, has literally become a dinosaur!
And dinosaurs? Became Oil during the millenia - and helps humanity to power their cars!
That is a well known fact - some just ignore facts…
My Philosophy?
I don’t want to change the world.
For one it’s not mine, I didn’t create it or bought it.
I just live here, like a renter in an appartment.
When I move on, I’ll give up the place as I took it over, or as good as possible.
So no, I don’t want to make the world a better place.
But I can try to improve the neighborhood, what’s around me or close.
In that sense, I can try to propagate “best practices” in networking, according to my know how and experience of 35 years. And by the feedback, a lot of the folks here have gladly accepted my input for their projects.
I wish you a lot of luck, happiness and a well running server in your quest for the ideal All-In-One server
My 2 cents
Andy
I’m sure the NethServer Team will put your previous generous donation to good use!
But do forgive me when I find the statement somewhat “broad-guaged”…
This is our fault, the code name was NExtsecurity but the official one is NethSecurity.
We are very close to an Alpha1 announcement, we will try to explain also this part!
Great BOX for Home LAB. It looks like a NAS Motherboard with ports ideal for Home Server. I am not able to find it available in India.
I recently purchase one Old hp MiniPC Core i5 6th Gen, 16GB RAM, 500 GB NVME for testing purpose Proxmox and various VM. Eventually I have planned to use it as NAS and to monitor IP Camera.
And IMVHO developers should care a lot more about the community value, work, and test, because every yikes not found from the community will hit Nethesis’ QC and customers.
It’s an opinion, so… a bias par se?
You as person, developer and enthusiast have your own bias, due to technical costrain, budget, management decision and the team needs to follow.
Are my posts unfair about the situation? I hope not, and I hope that the community will emphasize that if they are, but also… do my opinions have to comply Nethesis managament and developer team decisions? I don’t think so, I’m “only” me, providing opinion… and founding elements that leads me to that.
The only “technical” reason is “no longer shorewall”. This lead to a replacement choice.
That lead to three options:
pick up shorewall project, revamp it if necessary and follow the development
write something that fit the same shoes
pick something existing that could fit same shoes
First two options are not viable probably for budget reasons, from this seat; feel free to deny.
Third option was the one choosen and fun fact… there are not a lot of modern enough firewall linux distros fitting the boxes already sold or currently buyable.
Now, compared to the level of tools provided from shorewall/NS7, OpenWRT is a step back, also in system footprint and disk usage. But is a step back in functionality .
Also, the necessary removal of the firewall option from the server install is a step back in functionality too.
It’s also technically necessary for the container approach? Yes. The factual technical reason is here. But everything reported before stands.
Again… I try to explain what I find wrong. I can simply say “that sucks”, or do a everytime refrain about “the best way to deploy is”… And both IMVHO are… wrong.
Project provided by Nethesis has until there proven solid, reliable, with some hiccups and whoops
but the job done from developers has been until NS7 great. Will be with Container Overlord 1.x? I cannot tell, but I trust your commitment and capabilities.
However… lots of persons delivered criticism and “that won’t work in the same old way” claims.
As staten before from other persons, leaving the adoption is still an option, but deying, deflecting and hype-pumping… is really a good way for keeping people on that? IDK.
I personally do separated devices for network and server, possible on different hardware. Many reasons are behind this preference, but… it’s me, not everyone else. So that should not bother me that much.
But what I found proper, common sense, viable, the right way to do things may or may not be interesting to the community, so it’s useless to countless times repeat that on most posts. I tried several times to provide a “do a better analysis” approach in some support threads, but what does fit me is only an example, not the best way to do things for all people.
This is the meaning behind
I am aware cannot steer the project, the ship already left the pier.
I also cannot change the current path of IT world. I’m not Microsoft, I’m aware of that (and even Microsoft IMVHO can’t do that).
I do things my way, so this means that other ways are… possible and viable to other people.
It’s simply stating the truth… what I find pleasant or not it’s irrelevant.
Probably the percentage of leaving adopters will be vastly compensated from other bigger adopters, at least as revenue standpoint. I hope that this will give room to Nethesis for increase resources on bugcheck and QC. Because for the route of Container Overlord (formerly known as NS8) lots of persons not willing to create a “one server cluster” are gonna leave. Because one server cluster is a overheaded cluster, without the advantages of the cluster…
@pike i think if we give it abit of time for NS8 to mature, all comments and sentiments of the community included there should be some paths to have everyone if not most users from NS7 be fatoed in and their needs met in one way or another.
sometime things might not be exactly as you want them to be, but the provided method might endup being even more better than the other methods.
Most probably, yes. The problem seems to be with the fact that CentOS 7 support ends middle of next year, and NS7 users will be forced to switch to something else.
Will 8 months from now on be enough for NS8 to implement all the missing features, and become a mature, proven solution that “just works” (and if it does not, can be debugged/fixed easily), as it is the case for NS7 today? And will there be enough time left for the users of NS7 to prepare and run a proper migration?
Given the state of NS8 today, I think doubts are justified. It seems like there will be a solution for early adaptors willing to take some trouble, and that can accept some missing features. But for more conservative users, or those needing the still-missing features, the migration path looks pretty risky right now.
I have seen container based solutions work and do wonders and some magic that standard server deployment would never dream of, while i am not the develope rof Nethserver, but as a Software developer myself and as a systems solutions architect, i beleive i would say yes.
with regards to ease of use and ease of debugging etc, of this one, i am also alittle bit sceptical tbh, thats why most of my ran ton the community has been around administrative aspects and functions as opposed to dev related issues, when it comes to building and getting anything new implemented that i believe can be done, but as a solution, i also required the “just works” for nethserver
regarding this matter, i pointed out one aspect, for a huge numbe rof users, i am sure the deep features and integrations in NS might not really be required immediately, but the apps in Software center, if we can get all the apps that were previously available, as well as the communiity apps, then for the most apps, would be pissble to migrate a huge numbers of users.
regarding the hardcore features, only the developers can answer that with utmost precision.
As i have seen here in the community as well as on the Trello boards,
I believe the main aim is to have all features y the time we hit release, then the others will be added as time goes by. so in ost cased all users will be factored in in terms of migration.
Let’s all not forget, back in the old days we had MANY MANY more developers in the community and versions and modules matured fast. Today I only know of Nethesis team, @stephdl and @mrmarkuz and please correct me if I am wrong. So not only the product is changing, also the audience.
