在機房裡面看到奇怪的 Raspberry Pi?

看到「The curious case of the Raspberry Pi in the network closet (2019) (blog.haschek.at)」這篇消息,這篇是 2019 當時的新聞,我當時就有看到,不過好像沒寫下來... 原文在「The curious case of the Raspberry Pi in the network closet」,基本上是個在機房裡面發現奇怪的設備,然後追查兇手的故事。

先整理一下事情,作者的父親 (看起來與作者都是這個行業的人) 在機房裡面發現一個奇怪的 Raspberry Pi 設備:

跟能夠進入機房的人確認後發現這不是他們帶進來的設備。另外他就請他爸把 SD card 裡面的東西倒出來再傳給他分析 (因為作者當時在遠端):

I asked him to unplug it, store it in a safe location, take photos of all parts and to make an image from the SD card (since I mostly work remote).

後面就是抓出這個設備是誰擁有的過程了,最後找到人交給 legal 處理。(這樣講好像太簡單了,但有興趣的人可以回去看作者的說明)

另外當年作者就有提到這個單位的 IT team 不大 (只有四個人),加上 BYOD 的政策,導入 802.1X 反而會帶來太多人力成本:

Good points. The problem is, there are over 1000 people coming and going every day, the site has a BYOD strategy and the IT team is 4 people. We tried implementing 802.1X for LAN devices but it was soo much overhead that we dropped that.

The thing of this case is that the person was only able to place the Pi there because he had a key to the network closet. That's game over no matter how many security protocols you implement

We did change the server passwords though

結果六年以後在 Hacker News 上被提起來,作者又來補充了一些事情,在 id=38923967 這邊提到這個點是一間學校,而他們是 contractor 的角色,所以有很多事情沒辦法直接推動:

OP here. What I didn't mention in the article is that this actually happened in a public School (small-ish for US standards as there are just ~1000 students and 100 teachers)

Hard to get the budget for serious switching hardware, even harder to get people who know how to manage them as I'm just an external contractor but can't exceed the alotted budget for my work there

另外在 id=38923991 這邊則是提到是歐洲,另外似乎是私下解決了,沒有上到法院:

OP here. Court records are thankfully not public in europe and it's even illegal to name names in public (unless it's about a public figure)

As far as I know there also were no court proceedings as this was handled internally

算是稍微補充了當年的一些難處...

Raspberry Pi 4 將可以透過有線網路安裝系統了

在「Raspberry Pi 4 to support Network install to a blank MicroSD card」這邊看到 Raspberry Pi 4 將可以透過有線網路安裝系統了:

The Raspberry Pi 4 will soon be able to install Raspberry Pi OS without the need for external hardware to flash the image.

先前都是透過其他機器先刷好 SD card 再放進去開機,之後可以透過有線網路直接裝,讓步驟簡單一些... 另外有提到這次會支援的只有 RPi4 與 CM4 機種,先前的版本還是得透過其他機器生出可開機的 SD card:

The Raspberry Pi Foundation simply changed the bootloader code to enable the Network install feature, and yes, it will only work with Raspberry Pi 4, CM4, and Raspberry Pi 400 keyboard PC, but not Raspberry Pi 3 and earlier models.

Raspberry Pi OS 64-bit 與 32-bit 的效能差異

前幾天提過「Raspberry Pi OS 64-bit 版本正式推出」,而 Phoronix 實際拿正式版測試 64-bit 與 32-bit 的系統差異了,在「Raspberry Pi OS 32-bit vs. 64-bit Performance」這邊可以看到每一個測試項目的結果。

測試的硬體是 Raspberry Pi 400,這台機器基本上就是 4GB 版本的 Raspberry Pi 4 加上週邊配件:

Using a Raspberry Pi 400 keyboard computer with 4GB of RAM, I ran some fresh benchmarks of Raspberry Pi OS in its default 32-bit build and then again with the new 64-bit build.

先講結果,在 Phoronix 的 33 個測試裡面,64-bit 全部都比 32-bit 好,而且是很明顯的差異:

Across the few dozen different workloads tested, switching Raspberry Pi OS 11 for the 64-bit version improved the performance on average by about 48%. See all the 32-bit vs. 64-bit Raspberry Pi benchmarks over on OpenBenchmarking.org.

之前 64-bit OS 還在 beta 的時候就已經知道這個情況了,所以不會覺得太意外。當時提出的解釋是指令集的差異,aarch64 提供的指令集比 armv6 有效率多了,這點在 2016 年的文章「64-bit ARM (Aarch64) Instructions Boost Performance by 15 to 30% Compared to 32-bit ARM (Aarch32) Instructions」這邊可以看到說明。

所以正式版出來以後,只要硬體有支援,基本上都建議裝 64-bit OS 了...

Raspberry Pi 4 2GB 版本「暫時」漲價,另外 1GB 版本回歸

Raspberry Pi 宣佈 Raspberry Pi 4 的 2GB 版本將從 US$35 漲到 US$45,另外本來淘汰掉的 1GB 版本回歸,賣 US$35:「Supply chain, shortages, and our first-ever price increase」。

In February last year, we announced that we were discontinuing the 1GB variant of Raspberry Pi 4, and moving the 2GB product to our signature price of $35. We’re still glad we did this, as countless young people made use of this device as they studied from home during the pandemic.

Unfortunately, cost increases caused by the current shortage mean that this product is not currently economically viable at this reduced price point. We are therefore moving it back to $45 on a temporary basis.

To support the many industrial customers who have designed the 2GB variant of Raspberry Pi 4 into their products, we are reintroducing the 1GB variant at the $35 price point. This provides a degree of choice: less memory at the same price; or the same memory at a higher price.

然後共用 40nm 製程的 3B+ 會暫時先被降低優先權,產能會優先提供給 CM3CM3+3B

In allocating our limited stocks of 40nm silicon, we will prioritise Compute Module 3, Compute Module 3+, and Raspberry Pi 3B, and deprioritise Raspberry Pi 3B+.

整個供應鏈的情況被炸的亂七八糟...

在 Hacker News 上看到 Raspberry Pi 400 使用心得

Hacker News 看到 Raspberry Pi 400 的使用心得:「I've now played with a Raspberry Pi 400 for a week and here are my conclusions」,先前在「Raspberry Pi 400」這邊有提到 Raspberry Pi 400,主要就是一台 Raspberry Pi 4 Model B 的主機,但跟鍵盤整合在一起。

在文章裡提到了 Raspberry Pi 4 可以 USB Boot 後帶來的改變 (參考之前寫的「Raspberry Pi 4 可以透過 USB 開機了」這篇),主要是透過 USB3 外接硬碟可以讓讀寫速度大幅提昇 (尤其是 SSD),這一直都是 Raspberry Pi 上面用 SD card 的問題,看起來唯一的問題還是 CPU 的速度還是沒有像目前常見的 x86-64 強。

If you give it fast enough "disk" storage it really moves. I plugged in a Kingston brand 120GB SSD on a USB3 adapter. hdparm -t gave 292MB/s read speed and the default LXDE environment was really crisply responsive, with even a first launch of Chromium taking less than two seconds. With such good storage, the only real limitation is that heavy Javascript stuff is too slow - 5+ seconds to switch between folders in Chrome, or for the thumbnail gallery to appear in Youtube. Also, video calling is marginal. Aside from that the CPU is fast enough.

另外討論裡面也有人希望 Raspberry Pi 考慮引入 eMMC 或是提供 M.2 界面改善讀寫速度,不過我覺得 SD card 的設計算是 Raspberry Pi 當初的方向,本來就有取捨,不太可能什麼都做進去...

回到作者的心得,雖然 USB3 轉 SSD 看起來 i/o 速度快不少,但我好像主要不是遇到 i/o 速度問題,反倒是最近 chromium 的硬體解碼好像有些進度,也許看影片有機會用硬體處理 (至少一部份?),希望至少可以輕鬆看 1080p60 啊...

用 Monitorix 代替自己搞的 MRTG

先前我家裡的有線電視網路上我放了一顆 Raspberry Pi 跑各種分析,包括用 MRTG 抓流量與溫度,還有用 SmokePing 抓網路狀況。

前幾天系統掛了,本來以為是 SD 卡掛掉,換了一張上去發現還是開不了機,後來才發現是板子掛了,記得這張板子是當年還在 K 社時 zonble 送的,記得是當年一代剛出沒多久很紅,算了一下這台也跑了七八年了...

網路上找了一下找到了便宜的 Raspberry Pi 3,弄了回來後裝一裝,剛好最近接觸 Monitorix 後發現裡面已經有很多現成的設定設好,只要開起來就可以自己抓到...

現在的版本自帶 HTTP server,但我希望透過 nginx 轉進去 (包成 HTTPS),這樣的話需要在 /etc/monitorix/monitorix.conf 裡加上:

url_prefix_proxy = https://rpi.gslin.com/

如果想要抓 Raspberry Pi 的電壓與溫度資訊,只要把檔案裡面的 raspberrypi = n 改成 raspberrypi = y 就可以了。

在 nginx 裡面把 /monitorix/monitorix-cgi 轉進去,像是這樣的設髮:

    location /monitorix {
        proxy_pass http://127.0.0.1:8080/monitorix;
    }

    location /monitorix-cgi {
        proxy_pass http://127.0.0.1:8080/monitorix-cgi;
    }

比起自己搞 MRTG 設定一堆 shell script 簡單多了,cfgmakerindexmaker 用起來還是不順手。

不過 Ubuntu 上要 20.04 才有內建包進來,18.04 看起來沒有:「Ubuntu – Package Search Results -- monitorix」,目前還沒有在 18.04 上跑的需求,之後遇到再看看要怎麼處理...

Raspberry Pi 4 的 Type C 無法使用 Macbook Charger 供電的問題

Raspberry Pi 4 出來後有些災情 (畢竟又加了不少東西近去),在 Hacker News 上看到的 Type C 介面的充電問題:「Raspberry Pi 4 not working with some chargers (scorpia.co.uk)」,引用的原文可以在「Pi4 not working with some chargers (or why you need two cc resistors)」這邊看到,裡面提到了新的 Type C 供電介面在接某些充電器時不會供電 (包括了 Macbook 的充電器):

The new pi has been released and it has a USB Type-C connector for power however people are finding some chargers are not working with it (notably macbook chargers). Some have speculated that this is due to a manufacturer limitation on the power supplies however it is actually due to the incorrect detection circuitry on the Pi end of the USB connection.

這樣說有點偏頗,但是 Macbook 的充電器一向是 Type C 裡的指標,如果這顆充電器跟其他裝置配合上有問題,通常都是代表其他裝置的實作有問題... (噗)

這次發現的電阻問題看起來有點苦 (看起來需要改版子),目前文章作者建議的 workaround 主要就是「不要用那麼好的設備」,比較簡單的包括了 Type C 的線不要那麼好 (像是找充手機用的線就好,不要找拿可以跑 5A 的線),或是透過 Type A 轉 Type C 的線也應該可以避開這個問題,最差的情況應該是找其他的充電器:

Now onto some solutions. Assuming the issue you are having is caused by the problem discussed above, using a non e-marked cable (most USB-C phone charger cables are likely this type) rather than an e-marked cable (many laptop charger/thunderbolt cables and any 5A capable cable will be in this category) will allow for the pi to be powered. In addition using older chargers with A-C cables or micro B to C adaptors will also work if they provide enough power as these don’t require CC detection to provide power. Ultimately though the best solution in the long run will be for there to be a board revision for the pi 4 which adds the 2nd CC resistor and fixes the problem.

對於已經入手的人,如果真的中獎,workaround cost 應該還在可以控制的範圍...