Jump to content
RESET Forums (homeservershow.com)

New SuperMicro Servers


jmwills
 Share

Recommended Posts

Thanks for this post ... set me off on various tacks ...

 

1. I'd go for the NVME option, given that the SSD installation cabling seems to obstruct the front fans, especially on the E200.

I'll be watching the windows 10 installation tonight, since I am wall-to-wall W10 Pro.

 

2. How on earth is a home user going to get value for money from these units?

What workload could one present to 4xGBe ports and 2x 10GBe ports?

As a skinflint I'd like to hear the 'value for money' case.

 

3. What has piqued my interest is not one of the new units ... but the 5028D standing on the left of the picture.

This appears to be a souped-up HP Microserver, exactly the sort of thing I am looking for to replace my current, old workstation

- NVME disk

- lots of cores

- lots of memory

- x16 slot for graphics

- lots of LAN ports

- 2+4 disk bays

 

After searching I see I have missed a few references to tinkertry herein.

I'll be checking those out soonest.

Link to comment
Share on other sites

The value I see in in the money I see people spending on G8 servers, and then turn around spending almost as much again to get the options/features you want. With 32GB of RAM you are in the smaller one (E-200) for about $800.  With an abundance of ethernet ports, you could run your firewall device,  virtual servers and anything else from just one box.

Link to comment
Share on other sites

That's what its for, "virtually everything". Tinkertry will probably run his desktop virtually from that machine ad it has an  Ethernet port for each virtual box.

Link to comment
Share on other sites

Second thoughts:

 

- very interesting!

- "The idea here is not what you should do in a home lab, it's really just determining what's become possible." Paul Braren

- 10Gbe networking still very expensive (and that's just the switch!)

- the graphics card in the SuperServer is a generation behind (limited by the low profile slot of course)

- 4K is NOT 2560 by 1600 ... it is 4096 × 2160 ... and for gaming DisplayPort 2.0 and 8GB of GDDR5 RAM

- I'll keep watching for those who are cleverer than  I am at seeing how this could be cost-effectively employed in a home setup

Edited by JackoUK
Link to comment
Share on other sites

If you work in the industry and need multiple servers for one single platform, and multiples of that platform, this is the server to go with.
Who buys a server for virtualization because you want the best graphics card you can get?
Those are apples and oranges.

Link to comment
Share on other sites

"If you work in the industry ... "

 

I am on the HOME server show site , right?

Not the SMB server show ...

... not the ENTERPRISE server show?

 

" ... and need multiple servers for one single platform, and multiples of that platform, this is the server to go with."

 

I'm asking what HOME need would that be?

 

"Who buys a server for virtualization because you want the best graphics card you can get?
Those are appaps and oranges."

 

Paul Braren actually - he is suggesting it as a workstation, 'superserver' and datacentre allin1.

BUNDLE 1 TinkerTry Supermicro SuperServer Workstation (ships from US)

I'm almost with him ... but that graphics card is just a bit behind the curve.

 

I am not arguing against the idea of these new devices as value units of computing power ... just saying they are over the top in terms of HOME usage ... and slightly behind my view of a workstation.

I am more of 'scale out network' than 'scale up datacentre' person ...

... my architecture is a single powerful graphics/video workstation, as many storage servers as it takes, and a tablet for silent control functions when at leisure.

Edited by JackoUK
Link to comment
Share on other sites

We discuss most everything here, even enterprise grade Wi-Fi and UTMs.

 

And yes, I have two different workstations running inside there along with 8 servers currently.  What I did was to invest in my future so if it's not for you, then it's not for you. 

 

These threads all full of topics of people getting GEN 8 servers and basically ripping the guts out to improve performance and to decrease power consumption.  I took care of that up front with a long term approach using about 65 watts total power.

The next project is get get an F5 Load Balancer running within the environment so I can run WHS 2011, Server 2012 Essentials, Server 2016 Essential (or whatever they call it) and three SharePoint platforms without having to bind different ports within IIS.

Link to comment
Share on other sites

Home server can take on many forms. Following trends in the forums there seems to be two general use cases Home server (backup/recovery and media services) or Home lab (self education on virtualization, server OS and applications). These SuperMicro servers are well suited for Home lab and may be a fit for Home server.

Link to comment
Share on other sites

  • 4 weeks later...
The next project is get get an F5 Load Balancer running within the environment so I can run WHS 2011, Server 2012 Essentials, Server 2016 Essential (or whatever they call it) and three SharePoint platforms without having to bind different ports within IIS.

 

Not knowing too much about the WHS and essentials roll requirements why not just use a NGINX reverse proxy, reasonably easy to set up. As a bonus, in this case, you can use a legit SSL certificate on the outside to secure things, without having to use it internally. The reverse proxy will terminate the SSL and retrieve the internal site (although if you are using SSL internally, it would be a good idea to use the same cert). One external link, multiple internal

 

Personally, I have mine set up using the following settings for reference. I have removed unique identifiers for security


worker_processes  1;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       80;
        #server_name  property.domain.tld.au;
        return 301 https://$host$request_uri;
    }


    ssl_session_cache shared:SSL:2m;
    ssl_session_timeout 5m;

    # HTTPS server
    #
    server {
        listen       443 ssl;
        server_name  _;

        ssl_certificate      /usr/local/nginx/certs/Wildcard-Chain.crt;
        ssl_certificate_key  /usr/local/nginx/certs/Wildcard-Key.pem;
	
	# allow Nginx to send OCSP results during the connection process
	ssl_stapling on;

	# enable HSTS including subdomains
	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains" always;

	#Use only TLS1.2
	ssl_protocols TLSv1.2;
	
	
	# Use 2048 bit Diffie-Hellman RSA key parameters
	# (otherwise Nginx defaults to 1024 bit, lowering the strength of encryption # when using PFS)
	# Generated by OpenSSL with the following command:
	# sudo openssl dhparam -outform pem -out /usr/local/nginx/certs/dhparam2048.pem 2048
	ssl_dhparam /usr/local/nginx/certs/dhparam2048.pem;

	
        # make the server choose the best cipher instead of the browser
 	# Perfect Forward Secrecy(PFS) is frequently compromised without this
	ssl_prefer_server_ciphers on;

	# support only believed secure ciphersuites using the following priority:
	# 1.) prefer PFS enabled ciphers
	# 2.) prefer AES128 over AES256 for speed (AES128 has completely adequate security for now)
	# 3.) Support DES3 for IE8 support
	#
	# disable the following ciphersuites completely
	# 1.) null ciphers
	# 2.) ciphers with low security
	# 3.) fixed ECDH cipher (does not allow for PFS)
	# 4.) known vulnerable cypers (MD5, RC4, etc)
	# 5.) little-used ciphers (Camellia, Seed)
	ssl_ciphers '!AES128 kEECDH+ECDSA+AES256 kEECDH+AES256 kEDH+AES256 !DES-CBC3-SHA +SHA !aNULL !eNULL !LOW !kECDH !DSS !MD5 !EXP !PSK !SRP !CAMELLIA !SEED';


    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    }

    server {
      listen 443 ssl;
      server_name propertyid.domain.tld.au;
      
      location /sickbeard {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass http://172.16.1.31:8081/sickbeard;
      }

      location /couchpotato {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass http://172.16.1.12:5050/couchpotato;
      }

      location /sabnzbd {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass https://172.16.1.12:9090;
      }

      location /nas01 {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass https://172.16.1.12:5001;
      }

    }


    server {
      listen 443 ssl;
      server_name companyssn.domain.tld.au;
      location / {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass https://172.16.1.14:5001;
      }

      location /btsync {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass http://172.16.1.14:8890;
      }
    }

    server {
      listen 443 ssl;
      server_name propertyssn.domain.tld.au;
      location / {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass https://172.16.1.12:5001;
      }

      location /btsync {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass http://172.16.1.12:8890;
      }
    }

    server {
      listen 443 ssl;
      server_name propertyssn-bt.domain.tld.au;
      location / {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass http://172.16.1.12:8890;
      }
    }

    server {
      listen 443 ssl;
      server_name companyssn-bt.domain.tld.au;
      location / {
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_pass http://172.16.1.14:8890;
      }
    }

}

As you can see I use a mix of subdomain and folder redirects, folder redirects only work where I can set the webroot hence the independent subdomains for BTsync as that cannot handle a set webroot.

 

The HTTP response simply bounces the session to HTTPS

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...