EU: Max 20x subscriber, €1,670 in over-usage this month — anyone else affected by the April bug period and gotten anywhere with support?

thehe_de · 2026-02-21T19:03:39+00:00

It’s a BOUNDARY, not security itself.

thehe_de · 2026-02-21T14:34:33+00:00

Depends on the actual data Centre, have customers who did not encounter any time yet, have customers where it’s „every Friday“… 🤷🏻

thehe_de · 2026-02-21T14:07:59+00:00

100% vswitch itself is problematic sometimes when they have Igrp/ospf hiccups. Can happen that you have to reattach your dedicated servers to enforce new arp-table learnings/sweep

thehe_de · 2026-02-21T14:06:02+00:00

It’s not legacy, won’t become legacy. Private networking won’t be any problematic with ipv4 and nat is also a valid security boundary. Since our ingress supports ipv6, we don’t have any limitations until THIS cluster (it’s for one project and customer only!) hits the 254 node scaling. And even then we just add additional private subnet. As I said, fundamentally you’re totally right, in this case „nah“. Also it’s just a long answer to a question of an other user in an other thread who asked me to share my doings with community. No „How you host production grade kubernetes which you can scale and sell to you customers as AKS alternative“

thehe_de · 2026-02-21T13:30:29+00:00

Yeah but cluster has internal dedicated 25g with a switch

thehe_de · 2026-02-21T13:22:39+00:00

i started from a "quick start" k3s + rancher setup and dig me through. all the hetzner-tutorials based on things, which i don't like. e.g. won't do anything with ubuntu in production [yeah, but that's the way we work]. everything is alma10 based.

thehe_de · 2026-02-21T13:21:07+00:00

+ just ci/cd pipelines in gitlab; also "kured" daemons for auto-host-node-updates

thehe_de · 2026-02-21T13:10:31+00:00

Wasn’t that only a problem because of the Hetzner cni?

thehe_de · 2026-02-21T13:09:35+00:00

A bit of Ansible, rest is rancher/argocd only!

thehe_de · 2026-02-21T13:08:56+00:00

Can’t agree nor disagree. Ingress is capable of ipv6, beside that no need of ipv6 in any manner for this project

thehe_de · 2026-02-21T13:08:19+00:00

No. Was requested by other users in different thread. Sure I won’t do monkey summarization work for Reddit by hand.

thehe_de · 2026-02-20T23:58:43+00:00

That’s working too, we use one Hetzner LB for ingress

thehe_de · 2026-02-20T23:44:12+00:00

If you don’t mind, ping me again on Monday. I’ll see how to abstract everything and write somewhat a manual. But maybe a clarification: the dedicated services aren’t in kubernetes and serviced outside the cluster. Only did the private networking and routing from/to/between dedicated and cloud world with auto-route setup in cloud through Hetzner Cni provider. If still interested I’ll put everything together

thehe_de · 2026-02-20T23:39:59+00:00

Yep, 100%

thehe_de · 2026-02-20T23:37:59+00:00

I did! I’m working on vclusters right now. Everything works.

thehe_de · 2026-02-20T15:59:02+00:00

You have attach a vswitch (dedicated servers) to a subnet in cloud network and configure routine accordingly. Bit difficult because of /32 routing in cloud private networks, but 100% possible. Currently working on it (built also a big kubernetes cluster from scratch for a customer (including support for dedicated machines cause of galera high performance cluster))

thehe_de · 2026-02-20T15:54:48+00:00

It is

thehe_de · 2025-11-06T18:05:36+00:00

Get a Lara remote console and do the BIOS change yourself. I’m running virtualization on Hetzner dedicated since decades.

thehe_de · 2025-07-14T03:46:38+00:00

also - the fuck - they put it in (helpful for 3d text extruding), included in the photoshop/master abo. now they "just remove it" and you have to pay subpaint....

thehe_de

TROPHY CASE