[04:33] <Kingtiger01> Hello Everyone
[04:38] <Kingtiger01> Hello, anyone around?
[04:39] <twb> !anyone > Kingtiger01
[04:41] <Kingtiger01> i have a question regarding Clusters...
[04:42] <Kingtiger01> just wondering if anyone has any articles in how to setup a cluster on *nix like OS for load balancing...
[04:43] <twb> load balancing of what?
[04:44] <twb> http://en.wikipedia.org/wiki/Load_balancing_(computing) cites both textbooks and external articles.  I can't vouch for any myself.
[04:47] <Kingtiger01> im locally hosting mysql/apache/XMPP. but individual services are starting to eat up enough cycles to overload I/O...
[04:48] <Kingtiger01> either can i, im new to clusters, im just starting to try and research about Beauwulf style clusters at the moment, trying to get ideas to alleviate some of this...
[04:49] <twb> It's spelt "beowulf".
[04:49] <Kingtiger01> i know... simple spelling error.
[04:50] <thorsten11> hello all
[04:50] <twb> Have you considered profiling your services to see if there are simple optimizations which will obviate the need for a load-balancing cluster?
[04:53] <Kingtiger01> To be honest, No. But, i will now considering it is a immediate step.
[04:58] <Kingtiger01> ill be back later...
[06:25] <artillerytx> every time i restart bind it tells me * the remote server is using an older version of the command protocol ...
[06:25] <artillerytx> not sure how to fix that
[06:35] <_ruben> im guessing your rndc and named executable are from different versions
[06:40] <artillerytx> ahh
[06:43] <artillerytx> so i need to regenerate a rdnc key
[06:44] <artillerytx> and paste it where it says
[06:46] <artillerytx> Its just #rndc-confgen
[06:46] <artillerytx> right
[06:46] <_ruben> the key isnt the problem, the executable is, or your time(zone) stuff is wrong, though that'd only matter when using rndc from a remote box
[06:46] <artillerytx> oh
[06:46] <_ruben> (judging from my experience that is, could be something else in your else)
[06:46] <_ruben> s/else/case/
[06:46] <artillerytx> well the only way i access the computer is with ssh on another computer
[06:47] <artillerytx> on the same network
[06:47] <_ruben> which versions do "named -v" and "rndc -v" report?
[06:48] <artillerytx> bind  9.5.1-P2
[06:48] <artillerytx> rndc 9.5.1-P2
[06:49] <_ruben> odd
[06:49] <artillerytx> well let me give you the full error i get when i do a "/etc/init.d/bind9 restart
[06:50] <artillerytx> http://pastebin.com/daf403d4
[06:50] <_ruben> the logs might show more (probably /var/log/daemon.log)
[06:52] <artillerytx> what am i looking for exactly
[06:52] <_ruben> ah, seems list of possible errors is slightly longer than what i've seen myself .. key and acl i hadnt thought of myself
[06:52] <_ruben> anything mentioned by "named" at the time of your attempted restart
[06:52] <twb> Is rndc a BIND-specific utility, or does it work with arbitrary DNS services?
[06:52] <_ruben> twb: its part of bind, so i'd assume the first
[06:53] <_ruben> as it uses a special secure control channel
[06:54] <_ruben> (re)running rndc-confgen -a might do the trick in this case, or double-check your bind config's settings for the control channel
[06:55] <artillerytx> i see a /etc/bind/named.conf couldn't add command channel 127.0.0.1:953 address in use
[06:55] <_ruben> sounds like an old named process is still lingering around
[06:55] <_ruben> sudo killall named might do the trick (optionally with -9)
[06:56] <_ruben> gotta drop off car at the garage, be back in an hour or 2
[06:56] <artillerytx> k
[06:56] <artillerytx> do i add a 9
[06:56] <artillerytx> ?
[06:57] <artillerytx> ahh now i get rndc:connect failed: 127.0.0.1#953: connection refused
[07:26] <LeChacal> hello, can someone tell me how to change the order in which modules are load? Or some way that I can get one module to load before another?
[07:29] <soren> LeChacal: Why?
[07:33] <LeChacal> i have a special mouse driver that i need to load before the usbhid module, and I need the usbhid module for my usb keyboard, and i think my APC UPS because installing the UPS started all the problems with my mouse not working. I am told by the mouse driver maker that usbhid takes over the mouse if it is loaded before the special driver. Before I got the UPS i would just unload both modules then load in the special mouse driver 
[07:34] <LeChacal> and before you ask this isnt a server but i have been trying to find an answer for a while and no one has even tried to help me yet anywhere else.
[07:34] <ttx> soren: hey -- feeling better ?
[07:36] <LeChacal> i have searched google and found an old forum post saying that you can't change the order because udev randomize them at boot, but this was a post about 6.06
[07:40] <soren> ttx: Much.
[07:40] <ttx> soren: good :)
[07:41] <ttx> soren: I took the liberty to upload a new eucalyptus release so that my two fixes-of-the-day would make it in karmic before BetaFreeze.
[07:41] <soren> LeChacal: udev has never randomised anything.
[07:41] <ttx> opefully I did it correctly and didn't break anything
[07:41] <ttx> +h
[07:41] <soren> ttx: I can check?
[07:41] <ttx> soren: you can check what ? That I didn't break anything ? Sure :)
[07:42] <LeChacal> soren: this is what i found http://ubuntuforums.org/showthread.php?t=304491
[07:42] <soren> LeChacal: I don't see the string "random" on there anywhere.
[07:42] <LeChacal> soren: last post and he says shuffling
[07:43] <LeChacal> soren: he does give a solution about block udev, but not fully knowing what udev does i didnt want to start playing with that
[07:44] <soren> LeChacal: Try this:
[07:44] <soren> LeChacal: Create a new file in /etc/modprobe.d/ (name whatever.conf)
[07:45] <soren> LeChacal: Add a single line to it:
[07:45] <soren> install usbhid /sbin/modprobe nameofyourspecialdriver ; /sbin/modprobe --ignore-install usbhid
[07:45] <soren> That ought to do it.
[07:48] <LeChacal> question, the first part "install" what is that doing if you dont mind me asking i understand the rest?
[07:49] <soren> Look at man 5 modprobe.conf
[07:50] <LeChacal> ok that makes since thank you, ill try that
[07:57] <soren> ttx: WEll, I could check that you did things correctly.
[07:58] <soren> ttx: ...and I think you did.
[07:58] <ttx> \o/
[07:58] <soren> So that's a good start.
[08:05]  * soren takes a short break
[08:06] <LeChacal> soren: thank you that worked perfectly
[08:19] <artillerytx> how does dreamhost have its server set up so that whenever you install a cms and it emails someone it has whatever email you gave the cms ...
[08:19] <artillerytx> I have my server running through gmail and it sends from only one account it seems
[09:02] <kinnaz> is there something like openbsds security script for ubuntu, what send the /etc/ file diffs to mail daily
[09:10] <johe> good morning
[09:22] <RoyK> good moaning
[10:15] <gamla_kossan> I'd liek to do a dist-upgrade, but.. how do I know what the next version will be then?
[10:16] <gamla_kossan> I'm thinking it's a little risky jumping from 7 to 9 directly
[10:16] <gamla_kossan> anyone have any htoughts on this?
[10:25] <_ruben> gamla_kossan: when upgrading you shouldnt skip versions (single exceptin: lts -> lts upgrades are supported)
[10:25] <_ruben> and upgrading using dist-upgrade isnt recommended either
[10:25] <_ruben> there's upgrade docs on the site
[10:26] <soren> gamla_kossan: What do you mean by 7 and 9?
[10:26] <kinnaz> do-release-upgrade is your friend :)
[10:26] <kinnaz> soloslinger,  7.x to 9x
[10:26] <kinnaz> soloslinger,  7.x to 9.x i bet
[10:26] <kinnaz> soren even
[10:26] <soren> 7.x and 9.x are both nonsense.
[10:27] <soren> 7.04 and 7.10 are vastly different releases, as are 9.04 and 9.10.
[10:27] <soren> I'm having a problem with quagga (ospf). :(
[10:28] <kinnaz> nonsense ?
[10:28] <soren> I've got two routers in my house (well, three really, but the last one is outside my control), and a machine that runs most of my virtual machines.
[10:28] <soren> kinnaz: Yes.
[10:28] <soren> kinnaz: I just explained it.
[10:28] <soren> 09:27:15 < soren> 7.04 and 7.10 are vastly different releases, as are 9.04 and 9.10.
[10:28] <soren> It makes no sense to speak of 7.x.
[10:28] <soren> Nor 9.x.
[10:29] <kinnaz> if you say so, for me it seems no nonsense
[10:29] <soren> So, I've set up quagga to speak ospf on the two routers and the host running the virtual machines.
[10:30] <kinnaz> i think you will have better luck with ospf in #networking
[10:30] <soren> Hmm... Possibly.
[10:32] <_ruben> quagga is somewhere down on my (way too large) todo list to investigate
[10:34] <kinnaz> for me the list says dynamic routing protocols in general
[10:35] <_ruben> kinnaz: kinda the same here, but with quagga in particular in mind :)
[10:35] <kinnaz> i have some hardware to play around for starters
[10:36] <_ruben> my hardware would be a set of vms most likely
[10:41] <soren> _ruben: It was too for me yesterday. Now it's on the list of stuff I use :)
[10:42] <_ruben> soren: hehe
[10:47] <\sh> ugh ospf...
[10:56] <maxagaz> how to know which video driver i'm using
[10:56] <maxagaz> it's not in xorg.conf
[11:07] <_ruben> -server doesnt tend to use xorg at all
[12:31]  * soren goes to lunch
[12:45] <gamla_kossan> soren: fair enough, from 7.04 to 9.04 then =)
[12:45] <gamla_kossan> kinnaz: thanks
[12:53] <_ruben> step by step .. 7.04 -> 7.10 -> 8.04 -> 8.10 -> 9.04 .. using do-release-upgrade for each step (assuming that it already existed back then)
[13:28] <soren> Whoo!
[13:28]  * soren finally got quagga/ospf working.
[13:28] <soren> Now I can access my virtual machines from anywhere in the house.
[13:29] <soren> Man... The pain!
[13:41] <zul> morning
[13:43] <smoser> soren, can you take a look at https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/429106
[13:43] <smoser> and comment on file naming and such for kernels ?
[13:44] <smoser> soren, and just an fyi, i turned your crontab entries off on nectarine. now vmbuilder is doing the builds.
[13:45] <soren> smoser: Why wouldn't the kernel build be spitting those out?
[13:45] <smoser> splitting what out?
[13:45] <smoser> oh. it is spitting them out
[13:45] <soren> spitting. Not splitting.
[13:46] <soren> kernels and ramdisk.
[13:46] <smoser> well, kernel doesn't spit out ramdisk, but install does. the changes just collect them from the image
[13:46] <soren> What would VMbuilder be doing to them, then?
[13:46] <soren> I don't think this belongs in VMBuilder at all.
[13:46] <smoser> at the moment, vmbuilder doesn't do anything.
[13:46] <soren> Nor the automated build scripts.
[13:47] <smoser> well, we need to provide some way for people to easily get a kernel and an initramfs for uec images they've built
[13:47] <smoser> and saying "take it from /boot" is not sufficient in my opinion
[13:48] <soren> That's fair enough.
[13:48] <smoser> second, vmbuilder really *should* be involved, at very least with xen it should give the user a kernel and initrd to use.
[13:48] <soren> Eh?
[13:48] <smoser> (and should update the xen.conf and such)
[13:48] <soren> Are you talking about Xen or EC2?
[13:48] <smoser> there, i meant xen.
[13:48] <soren> Ok.
[13:49] <soren> Well, that may be reasonable. I've ask dozens of people how to do it (I don't use Xen myself), but noone could give me a straight answer.
[13:49] <smoser> i will agree that ec2 is less important to have the kernel/initramdisk outside the image
[13:50] <smoser> it is also true for the kvm case that it would be useful to offer the option to pull kernels from the image
[13:50] <smoser> so that the user can boot with -kernel / -initrd and -append as opposed to grub
[13:50] <soren> Why, oh why, would anyone want to do that?
[13:51] <soren> Mind you, it's called VMBuilder, not VMDisassembler.
[13:51] <soren> :p
[13:51] <smoser> hm... i dont know, maybe they're following instructions you wrote ? https://wiki.ubuntu.com/UEC/Images/Testing
[13:51] <smoser> :)
[13:51] <soren> Ok, I'm clearly confused.
[13:51] <soren> You talk about extracting stuff from an image.
[13:52] <soren> kernel and ramdisk, I presume.
[13:52] <smoser> yes.
[13:52] <soren> Yet, the stuff I speak of on https://wiki.ubuntu.com/UEC/Images/Testing has neither in the images.
[13:52] <soren> So what exactly do you mean?
[13:52] <smoser> well, now the uec images do have a kernel/initrd in them.
[13:52] <soren> they... do?
[13:52] <soren> How did that happen?
[13:53] <smoser> yes. they have 2. linux-ec2 and linux-virtual
[13:53] <soren> But, but..
[13:53] <smoser> they need modules in them. modules are provided by kernel packages.
[13:53] <soren> Why would you stick a kernel and a ramdisk in there?
[13:53] <soren> Yes, and grub is our bootloader.
[13:53] <soren> Except on EC2 where everything is conveniently different.
[13:54]  * soren makes quotations marks in the air
[13:55] <smoser> i dont think its conveniently different enough to not use the existing kernel packaging.
[13:55] <smoser> we need modules. modules come in kernel packages. kernel packages are built for each kernel basically the same way.
[13:55] <smoser> the uec/ec2 images need kernel modules and for both ec2 (xen) and kvm (uec)
[13:56] <soren> Another reason why this really, really, really should not be preinstalled, but handled at boot time.
[13:57] <soren> Let me ask this way: Is this a temporary solution because we didn't have time to do it better for Karmic or is this The Plan[tm]?
[13:58] <smoser> i really dont know why it wouldn't be the plan.
[13:58] <soren> I can think if quite a few reasons:
[13:59] <smoser> if you were building an appliance to run on a full virtualization solution, it would absolutely be "the rigth way"
[13:59] <smoser> so, the only difference here is that the kernel and initrd are needed outside the image.
[13:59] <soren> If you're running on UEC, you have a huge stack of modules and stuff that you will never ever need taking up space.
[13:59] <soren> If you're running on EC2, you have a huge stack of modules and stuff that you will never ever need taking up space.
[13:59] <smoser> huge stack ~ = 20M
[13:59] <soren> 20?
[14:00] <soren> Package: linux-image-2.6.31-10-virtual
[14:00] <soren> Installed-Size: 32068
[14:01] <soren> Package: linux-image-2.6.31-300-ec2
[14:01] <soren> Installed-Size: 70388
[14:01] <soren> So that's 50% and 350% more than 20.
[14:01] <smoser> :)
[14:01] <soren> Respectively.
[14:01] <smoser> -ec2 will be trimmed
[14:01] <smoser> to basically be -virtual
[14:01] <smoser> so < 50
[14:01] <smoser> in your 10G root fs
[14:02] <smoser> err...
[14:02] <smoser> i obviosly have issues with math
[14:02] <smoser> each one wastes 302068
[14:02] <smoser> gar
[14:02] <smoser> so, ec2 will "waste" -virtual installation. 32M
[14:02] <zul> imho ideally for ec2 you just want a package that does the modules and no other kernel bits (except for maybe the config and the System.map)
[14:02] <smoser> and uec will "waste" the -ec2 installation. 32M
[14:03] <soren> Sorry, phone call.
[14:03] <smoser> zul, so, there, the "waste" that the current package has is the size of the kernel. 6M
[14:04] <smoser> its not perfect. i will completely agree to it being wasteful of < 40M for each case.
[14:04] <smoser> i think its a reasonable tradeoff to make user space work like the rest of ubuntu
[14:05] <smoser> ie, if you want to build a kernel module for your kernel, you can build one just like any other install
[14:05] <smoser> zul, and in your "just modules" package, we still need to somehow create and extract a kernel to upload to ec2.
[14:09] <soren> smoser: What's the plan for kernel upgrades=
[14:09] <soren> ?
[14:09] <smoser> i dont think this affects that at all.
[14:10] <soren> Uh...
[14:10] <soren> sure it does.
[14:10] <soren> You boot with another kernel, and boom, you have no modules for it.
[14:10] <soren> (and *two* useless sets of modules and kernels and stuff)
[14:10] <smoser> why/how were you booting with another kernel ?
[14:10] <soren> Because the new one had a secret backdoor in it that zul put ther.e
[14:10] <smoser> and not picking a new ami that was released with that new kernel and initrd
[14:10] <soren> Err.. The old one had.
[14:11] <soren> Because I rebundled, perhaps?
[14:11] <smoser> you can still boot with the new kernel and initrd. they're sufficient to mount root and start init, and then apt-get update && apt-get install linux-ec2
[14:11] <smoser> poof. modules.
[14:11] <zul> soren: if you mean by the xen patch then yes its been bacdoored ;)
[14:12] <smoser> i must have missed the backdoor in the 531,893 lines of patches :)
[14:12] <soren> Of course it has. It's a 20MB patch. It's the perfect plan. Noone is going to read through that.
[14:13] <soren> smoser: I'm very sorry, but I think this is the worst possible solution.
[14:13] <soren> I realise it works.
[14:13] <smoser> :). i can think of worse ones.
[14:13] <soren> Oh, sure, so can I, but of the ones that were actually seriously proposed..
[14:13] <smoser> why do you think its so bad? it works much more like everything else than any othe rsolution
[14:14] <smoser> consistency is extremely nice for all sorts of reasons.
[14:14] <soren> That really depends on your perspective.
[14:14] <soren> If you care more about the boot process being identical, then yes, this is more similar to everywhere else.
[14:15] <soren> If you care more the final system  being identical, then it's dissimilar.
[14:15] <smoser> i dont follow that.
[14:16] <smoser> the final system is much more similar. you can ask dpkg about "where did this module come from" or apt-get install -headers
[14:16] <soren> If we were to go the route of the initramfs hook that would copy the modules into the root filesystem, the user would end up with a system that is virtually indistinguishable from a regular one.
[14:16] <smoser> the user now has a system that is virtually indistinguisable from a regular one
[14:16] <soren> He can look at his uname info, know that he can find the appropriate modules in /lib/modules (and nothing else)..
[14:16] <smoser> and happens to use all sorts of common tools to get there.
[14:16] <soren> How they landed there are an implementation detail.
[14:17] <smoser> ok, so pretend for a moment, that i dont care that i have a bunch of files in /lib that were not installed by the package manager
[14:17] <soren> Good point about package management.
[14:17] <smoser> what benefits are provided ?
[14:17] <soren> In that case you could have done the apt-get trick on boot.
[14:18] <alonswartz> Hey guys. With reference to MySQL InnoDB, I have come across the issue "ib_logfile0 is of different size". All forum posts seem to recommend deleting the logfiles once the mysql service has been shutdown as the logfiles will be recreated. The problem is that this issue keeps on repeating itself so I was wondering what could be the cause, and how safe is it to constantly remove the logfiles...
[14:18] <alonswartz> ...prior to mysql start?
[14:18] <soren> smoser: By what, sorry?
[14:19] <smoser> the only benefit i see to the additional work is that you can flip flop kernels and initrds around with wreckless abandon.  kernel/ramdisk and root are more detached from one another.
[14:19] <smoser> but, as i pointed out, that is quite easy with the other route
[14:19] <smoser> the only negative i see in what i have right now is 32M of wasted space
[14:20] <smoser> (and i will bring it up just to be fair... apt-get update && apt-get dist-upgrade inside the image is going to pull new kernels and waste network traffic)
[14:20] <soren> I think the ability to replace the kernel is hugely important.
[14:20] <smoser> you can do that.
[14:20] <smoser> didn't i point that out ?
[14:20] <soren> Yes, you /can/. It's just more of a hassle than it ought to be.
[14:21] <smoser> its no more a hassle than it is on any other linux distribution that i've ever dealt with
[14:21] <smoser> :)
[14:21] <soren> This is one thing we actually had the opportunity to make /better/.
[14:22] <smoser> i dont think so. i think we have the opportunity to make different. i dont really understand how its better ?
[14:22] <smoser> what use case is it better for ?
[14:22] <soren> Security problem in the kernel => Boot with a different one, and you're done.
[14:22] <smoser> the strongest argument i can think of is that it makes non-ubuntu distributions more easily able to use ubuntu kernels and initramfs because they dont have to use alien
[14:23] <smoser> soren, security problem in the kernel, boot with a different one and your done.... versus "boot with a different on and run 'apt-get install linux-ec2'"
[14:23] <gamla_kossan> _ruben: cheers!
[14:23] <smoser> which could easily be done from ec2-init
[14:24] <smoser> if it detected it was running a kernel that did not have modules installed
[14:24] <gamla_kossan> _ruben: yey! it does!
[14:24] <gamla_kossan> ^_^
[14:26] <smoser> for the record, i did not believe that i was being at all subversive in doing this. i thought that you(soren) were aware.
[14:26] <soren> smoser: That would make me somewhat happier.
[14:26] <smoser> it would probably make pitti less happy
[14:26] <_ruben> gamla_kossan: you managed to upgrade all the way?
[14:26] <soren> smoser: Hm? Why?
[14:26] <gamla_kossan> _ruben: oh nono, I haven't touched that part yet
[14:27] <gamla_kossan> need to do some serious dd-ing of the hd in question
[14:27] <_ruben> ah
[14:27] <gamla_kossan> it's  a vital piece of infrastructure, the box I'mma do it on
[14:27] <smoser> the ec2-init MIR. he doesn't like that we do non-standard things (or allow for them to be done) in ec2-init.
[14:27] <gamla_kossan> but at least do-release-upgrade is on it =)
[14:27] <smoser> i would welcome your comments and help there. i think i've failed to do a good job of explaining the need for ec2-init.
[14:28] <smoser> bug 434963
[14:28] <smoser> hmm.. that doesn't look right
[14:28] <smoser> bug 434693
[14:28] <smoser> thats better.
[14:30] <soren> smoser: Wow, yeah, pitti is annoyed.
[14:31] <soren> smoser: ...and really doesn't get it, apparantly.
[14:33] <smoser> yeah, i tihnk i failed to describe what its used for
[14:35] <smoser> i just hit 'send' on a reply.
[14:36] <smoser> i initially wrote him off-bug, because i was afraid of long winded confusing bug
[14:36] <smoser> but apparently that was unavoidable
[14:37] <smoser> apparently launchpad wraps lines at less than 74 chars
[14:38] <soren> Hopefully at 72.
[14:38] <soren> Anything other than that would be silly.
[14:38] <smoser> funny. i always thought that 74 was the correct number. it seems we're argumentative today. hope you're not still feeling ill
[14:38] <soren> I wasn't.
[14:38] <soren> Now I am.
[14:38] <smoser> and regarding launchpad, if i shrink the font, it doesn't wrap
[14:39] <soren> Oh, you're right. Yes, that's much more pleasing to read.
[14:39] <smoser> that seems reasonable (not wrapping when i shrink) except for that there is like 2 inches of whitespace inside the comment box to the  right
[14:39] <smoser> ie, the comment box wasn't forcing the wrapping
[14:54] <smoser> soren, you want to confirm bug 435905
[14:54] <smoser> as i think you're seeing it too
[14:55] <soren> odne
[14:55] <soren> done, even.
[14:58] <smoser> soren, so what do i need to do to make you karmic-happy regarding kernel and initrd.  note, that we need to have a solution for this.
[15:01] <soren> smoser: A promise that you will never blame me for any ot.
[15:01] <soren> of it.
[15:01]  * soren wonders about the accuracy of this keyboard.
[15:01] <gamla_kossan> I must say, this channel is very very nice. esp when compared to #ubuntu. that channel is no fun at all :/
[15:01] <gamla_kossan> =)
[15:05] <soren> It can be a bit... much.
[15:06] <zul> soren: we cant promise it ;)
[15:17] <smoser> i really try to avoid making promises about my future behavior
[15:17] <smoser> but I guess I can just deny making the promise later, so, sure.
[15:18] <soren> Great. Then do whatever you want.
[15:49] <aubre> ladies and gentlemen, after applying the last karmic alpha 6 patches, I am now running instances in my local cloud
[15:50] <smoser> soren, just to be clear above, i do give your rights to say "i told you so".
[15:50] <smoser> aubre, awesome
[15:50] <aubre> I can't ssh into them yet, but I am running them hehe
[15:50] <aubre> smoser: thanks
[15:51] <aubre> I use my private key, but it still wants a password for user ubuntu
[15:51] <soren> smoser: And I have permission to gorge your eye out with a rusty spoon in response.
[15:51] <smoser> in response to your saying "i told you so" ? i dont think that makes sense.
[15:51] <aubre> I do however feel like I just hit 88 mph in a specially customized DeLorean
[15:51] <smoser> and i am fairly attached to my eyes
[15:52] <soren> smoser: Oh. I completely misread :)
[15:52] <aubre> we need him to have his eyes because it makes reviewing code much easier
[15:52] <soren> smoser: I thought you were suggesting that /you/ had the right to say "I told you so". :)
[15:53] <smoser> well no, not until we decide my idea was bad, and we try your idea, and its bad too
[15:53] <smoser> *then* i get to say i told you so
[15:53] <soren> smoser: We'll see :)
[15:54] <soren> aubre: The fun doesn't start until eighty-eight *point eight* mph. You should give it a go. :)
[15:54] <aubre> soren: well do
[15:54] <smoser> thats funny. i missed the reference until just now.
[15:54] <smoser> 1.21Gw
[15:54] <aubre> soren : will do.
[15:55] <aubre> I think I won't be going back from this future :)
[15:55] <aubre> thanks to everyone for the help to get to this point, and thanks in advance for the help you'll be giving me to get it into production lol
[15:57] <smoser> shoot. what a pita.
[15:58] <smoser> i just realized that we can't check for the metadata service to decide whether or not ec2-init should do anything
[15:58] <smoser> because we might be on ec2 and the metadata service just not there yet
[16:00] <smoser> soren, so, you want to list things you thought we could check for ? i know you suggested certain /proc/cmdline contents (splash, root=UUID...)
[16:00] <smoser> anything else?
[16:00] <kinnaz> soren, got your ospf working ?
 in other news, i'd like to suggest to the euca2ools people that they make it work slower.  each time i run euca-describe-instances pointed at ec2 and it comes back in < 4 seconds, i dont trust it worked.</not-serious>
[16:02] <smoser> I'm too used to ec2-describe-instances taking some time to accomplish such tasks
[16:03] <soren> kinnaz: I did.
[16:03] <kinnaz> soren,  problem was in that bridge ? or wifi ?
[16:04] <aubre> I do have to say that the instance went from pending to running in a very fast amount of time
[16:09] <soren> kinnaz: Some kind of multicast weirdness with my wifi setup, yes.
[16:09] <huats> soren: hey :)
[16:10] <huats> how are you ?
[16:10] <soren> huats: I'm on a call right now :)
[16:10] <huats> ok
[16:10] <huats> sorry :)
[16:10] <huats> I'll come back to bother you later :)
[16:14] <aubre> I just got in :)
[16:14] <aubre> on the Eucalyptus supplied image you go in as user root
[16:15] <aubre> ssh -i /home/clouduser/.euca/mykey root@hostname
[16:23] <smoser> soren, suggestions for "is this not running in ec2" ?
[16:23] <soren> smoser: Sorry, on a call at the moment.
[16:24] <smoser> take your time
[16:26] <metalf8801> Hi I need to set up a NAS (Network-attached storage) at my apartment to back up my computers (laptop, Desktop, olpc netbook) I'm wondering if it would be a good idea to use Ubuntu server to do this or if I should use something like FreeNAS?  I've set up Ubuntu Lamp servers before so I have a little experience using Ubuntu Server but I've never used any kind of a NAS
[16:30] <jmarsden> metalf8801: I'd expect a Ubuntu server solution to be somewhat more flexible than FreeNAS, but perhaps a bit more work to configure.  If you are already familiar with Ubuntu Server, and you don't mind configuring it using the command line, I'd say use it :)
[16:40] <MagicFab> metalf8801, Ubuntu server will propose a "Samba File server" task at install time, so it's trivial and fast to set that up.
[16:40] <MagicFab> or sudo apt-get install samba-server^ (yes, with "^") if your server is already up.
[16:41] <metalf8801> oh ok so I don't need to add anything to Ubuntu server after I install Samba file server?
[16:41] <MagicFab> no out-of-the-box nice web UI however
[16:43] <MagicFab> you can install E-Box (package name: ebox) and manage some of it, see http://trac.ebox-platform.com/
[16:44] <MagicFab> Not sure what version of eBox we have in  Ubuntu though
[16:44] <MagicFab> I'd try it on a virtual machine first if I were you
[16:44] <metalf8801> yeah I will try it on Virtualbox first
[16:44] <metalf8801> Um but what is E-Box?
[16:47] <MagicFab> "<MagicFab> you can install E-Box (package name: ebox) and manage some of it, see http://trac.ebox-platform.com/"
[16:47] <Pici> !ebox
[16:48] <metalf8801> oh ok I've used webmin before does ebox have advantages over webmin?
[17:09] <jmarsden> metalf8801: ebox is officialy Ubuntu-compatible, webmin is not.  That's a pretty serious advantage.
[17:09] <jmarsden> Note the "It is designed to work with Ubuntu/Debian style configuration management." in the above factoid from ubottu
[17:09] <soren> smoser: I have some code that can determine wheter you're running in a VM.
[17:10] <soren> smoser: I can dig that out for you this evening or tomorrow morning.
[17:10] <metalf8801> ok I'll make a point of trying e-box thanks
[17:10] <smoser> soren, you have a vague description of how ?
[17:10] <giovani> soren: what method are you using to determine that? -- there are many
[17:11] <soren> giovani: For KVM, there's a CPUID leaf that reveals it.
[17:11] <giovani> ok, so it's KVM-specific
[17:11] <smoser> soren, http://paste.ubuntu.com/277210/ is what i have
[17:11] <soren> For Xen... I don't remember what it does. I seem to remember it's more than just looking for /proc/xen, but that would probably be sufficient as well.
[17:11] <smoser> and we need nmore then just knowing if we're in a vm
[17:12] <smoser> presense of /proc/xen would not indicate yes or no for "is this ec2"
[17:12] <soren> ...
[17:12] <soren> I know.
[17:12] <soren> You don't need to tell me that.
[17:12] <smoser> ok. well take a look at that pb url
[17:12] <soren> As I've said /many/ times, I'm looking for tells that we're /NOT/ on EC2 or UEC.
[17:13] <smoser> right.
[17:13] <soren> Not being in a VM is a pretty good indication that you're not in either of those.
[17:13] <smoser> so i suppose if we're "not in a vm" then you could sy "this is not ec2"
[17:13] <smoser> but i'm hesitant on that, because really in a full virt situaltion (uec) you shouldn't necissarily know that
[17:14] <soren> Sure you do.
[17:14] <soren> As I just said...
[17:14] <soren> 16:11:03 < soren> giovani: For KVM, there's a CPUID leaf that reveals it.
[17:14] <smoser> you're saying that in the current implementation of kvm, a guest kernel can figure out if its in a vm or not.
[17:15] <smoser> i'm saying that, to me, that isn't something that should be relied upon, as it may at some point be a feature of kvm to *not* indicate such things to guests
[17:17] <soren> Well, Amazon may also start using real hardware.
[17:17] <soren> With wlan in them.
[17:17] <smoser> but if you think otherwise, we can definitly add a check like "if I do not appear to be running in a virtual machine, then I am not not xen".
[17:17] <soren> And 17 other nics.
[17:17] <smoser> thats a fair statement.
[17:18] <soren> As fair as yours.
[17:18] <smoser> i wasn't being sarcastic. i agree. it is fair.
[17:18] <soren> Well, I don't.
[17:18] <soren> :)
[17:18] <clusty> hey
[17:18] <smoser> also, do you get "/proc/xen" if your running a para-virt kernel ?
[17:19] <clusty> i am having yet another problem with LDAP user auth
[17:19] <soren> Yes.
[17:19] <smoser> or whatever that test would be?.
[17:19] <clusty> i restarted the LDAP server machine and now the clients wont auth no more. i restared a client by hand and it works again
[17:19] <smoser> yeah... ok now i'm sorry. i have to nix your solution
[17:19] <clusty> this leads me to believe that PAM-LDAP is keeping a persistent connection to ldap and will nto reconnect
[17:19] <clusty> clue how to fix without a reboot?
[17:20] <smoser> as if someone is running this vm with ec2-init in a virtualbox or vmware, or some other VM
[17:21] <smoser> they would not necissarily have such things. and i think that is a likely situation.
[17:24]  * soren has to go to dinner and stuff
[17:32] <Jad> hello, i read that ubuntu server supports cloud computing. is this like virtualization where multiple users can have multiple remote desktop connection to the same server or is it something entirely different?
[17:32] <Jad> maybe it means that one application can run on multiple servers like windows azuri
[17:32] <Jad> *azure
[17:36] <erichammond> smoser, soren: Good points in the discussion about kernel modules on EC2 images.  I'm happy with either the current (just added) way or with initrd copying them in.  Both have their benefits and drawbacks as you listed.
[17:37] <smoser> thanks for reading.
[17:37] <erichammond> smoser, soren: If you're trying to detect whether ec2-init is on EC2 in order to decide if it should run, then I would again propose the following:
[17:39] <erichammond> ec2-init is inert when initially installed as a package.  It requires a positive, conscious action to enable the startup scripts.  This could be done with a config file tweak or an explicit command which bumbling users would never accidentally run.
[17:39] <erichammond> This solves the problem Martin listed of users accidentally installing the package to check it out and having their ssh host keys overwritten.
[17:39] <erichammond> vmbuilder can easily tweak a file or run a command after installing the ec2-init package.
[17:39] <erichammond> .
[17:40] <smoser> that is true, and quite simple.
[17:42] <smoser> there are 2 things i see as an issue with that
[17:42] <smoser> 1. is that, then if someone takes the uec image (which has ec2-init set to active), and runs it under kvm on their system to debug, it will time out on first boot (which is annoying to me)
[17:43] <smoser> 2. it doesn't give us some way to tell "am I on ec2", only "did someone tell me I was on ec2"
[17:47] <smoser> erichammond, thoughts on that?
[17:48] <smoser> 1 is fairly easily workaroundable by allowing a "not-on-ec2" cmdline to force ec2 into inert mode
[17:49] <erichammond> smoser: There was a thread a long time ago on http://ec2forum.notlong.com about how to tell if you're on EC2.  As I recall, there was no good answer, but they were looking at it from a proof perspective instead of a "most likely" perspective so there might still be good ideas there for (2).
[17:49] <smoser> 2 isn't really that big of a deal, other than that we were hoping to use this script to run otherplaces (ie, in the apport hook). it would be nice to have more truthful indication of the environment as opposed to a statement of how the OS is configured
[17:50] <erichammond> I haven't thought about (1).
[17:53] <smoser> wonder if soren can read that. i think its much simpler than a bunch of circumstantial guessing
[17:55] <zul> why not just query the metadata service the very first thing you do and then exit?
[17:56] <smoser> because the metadata service might not be there
[17:56] <smoser> "yet"
[17:57] <smoser> or, the non-ec2 user may have firewall configured such that attempts to reach http://169.254.169.254/ may just hang , causing annoying long timeout
[18:09] <dendrobates> kirkland: if I reinstall but keep my home partinion and do not reformat it, will I have any problems with my encrypted home dirs?
[18:09] <kirkland> dendrobates: depends...  jaunty install or karmic install?
[18:09] <dendrobates> karmic
[18:09] <kirkland> dendrobates: more specifically, do you have anything in /var/lib/ecryptfs/* ?
[18:10] <clusty> how can I run apt-get dist-upgrade so that it answers yes to everything?
[18:10] <clusty> i want to be able to upgrade a whole bunch of machines from a script
[18:10] <dendrobates> kirkland: don't even have that dir.
[18:10] <kirkland> dendrobates: you're fine, as long as there's nothing in /var/lib/ecryptfs/*
[18:10] <kirkland> dendrobates: yup, then you're fine
[18:11] <dendrobates> kirkland: cool thanks.
[18:11] <kirkland> dendrobates: the key is that you have all of your config and encrypted data in /home/.ecryptfs/$USER
[18:11] <smoser> clusty, DEBIAN_FRONTEND=noninteractive apt-get install --assume-yes
[18:11] <clusty> smoser, thanks
[18:12] <dendrobates> kirkland: I saw that, but I was still hesitant.  Should I tell the installer to encrypt or not when I install?
[18:12] <kirkland> dendrobates: not
[18:12] <dendrobates> kirkland: thanks
[18:13] <kirkland> dendrobates: no problem; i haven't tested this use case yet, but others have
[18:13] <kirkland> dendrobates: but i'm going to setup my next install this way
[18:14] <dendrobates> kirkland: I would love to have the ability to auto encrypt and decrypt external drives.  any plans to extend the integration to usb drives?
[18:15] <kirkland> dendrobates: hrm, depends on what you mean...
[18:15] <clusty> smoser, DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade --assume-yes ?
[18:15] <kirkland> dendrobates: of course, you can add an ecryptfs entry in your /etc/fstab
[18:16] <kirkland> dendrobates: and a udev rule
[18:16] <smoser> maybe. (i only did the 'install' recently)
[18:16] <smoser> but probably.
[18:17] <clusty> worked thanks
[18:17] <clusty> the welcome screen still shows: 5 packages to be installed
[18:17] <clusty> who knows what caused it to not update...
[18:19] <dendrobates> kirkland: yeah, I could, but not everyone could, and it would be nice to mark a drive as encrypted and for udev to decrypt it automatically when it sees that uuid.
[18:19] <dendrobates> kirkland: great work though, I am loving ecryptfs.
[18:19] <kirkland> dendrobates: i see; file an upstream feature request ;-)
[18:20] <kirkland> dendrobates: good to hear, me too :-)
[18:20] <kirkland> dendrobates: that article should be published in next month's Linux Magazine
[18:59] <tyabux> is it ok to have a complete coud with only one machine? That is, one phyiscal box running eucalyptus-cloud, eucalyptus-cc and eucalyptus-nc?
[19:03] <smoser> well, for anyone still playing at home, this is what i have right now. erichammond, zul, soren http://paste.ubuntu.com/277296/
[19:04] <zul> smoser: uh what is it? :)
[19:04] <smoser> we'll just change vm-builder to write 'active=1' (or some other var that we agree on) to /etc/ec2-init/ec2-config.cfg
[19:04] <zul> ah ok
[19:04] <zul> cool
[19:05] <smoser> w'll call that early in /etc/init.d/ec2-init to determine "am i turned on"
[19:06] <zul> why the switches? since its a apart of the init script
[19:08] <smoser> it will be a standalone program
[19:08] <smoser> and usable by anything else that wanted to check
[19:10] <zul> gotcha
[19:22] <bnjmn> i'm using a 64-bit ami and i want to replace the 64-bit python with a 32-bit one. whats the easiest way to do this?
[19:28] <smoser> hm...
[19:40] <zoopster> tyabux: you can run all of UEC on one computer, however there are limitations to the modes you can use, obviously
[20:55] <zul_> back later
[20:57] <ruben23> hi can i increase the storage size of my /opt/ directory on my linux server..?------->http://pastebin.com/m32a9a22
[20:58] <ruben23> anyone have idea
[21:06] <mushroomblue> anyone have any tips on how to resize an LVM partition?
[21:07] <mushroomblue> I have 4 drives attached, but only two are being used.
[21:11] <domas> mushroomblue: lvresize ?
[21:11] <domas> mushroomblue: add disks to VG first
[21:12] <mushroomblue> the disks have been added.
[21:12] <mushroomblue> so maybe lvresize is what I needed. thanks.
[21:26] <Daviey> smoser: is iptables expected to work in ec2?
[21:26] <smoser> i would have expected so, yes.
[21:26] <smoser> i do not know otherwise
[21:27] <Daviey> ERROR: problem running iptables: FATAL: Could not load /lib/modules/2.6.31-300-ec2/modules.dep: No such file or directory
[21:27] <Daviey> iptables v1.4.4: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
[21:27] <Daviey> Perhaps iptables or your kernel needs to be upgraded.
[21:27] <Daviey> we can haz bug.
[21:27] <smoser> where do you see this ?
[21:28] <smoser> what ami
[21:28] <Daviey> latest alpha, one moment
[21:29] <Daviey> ami-fa658593
[21:29] <smoser> what did you run that caused that ?
[21:30] <smoser> oh
[21:30] <Daviey> sudo iptables -L
[21:30] <smoser> soryr
[21:30] <smoser> i know
[21:30] <Daviey> or even sudo ufw status
[21:30] <smoser> for some reason i was thinking the alpha6 had this fixed
[21:30] <smoser> you need to 'apt-get update && apt-get install linux-ec2'
[21:30] <smoser> that is fixed now
[21:31] <smoser> (now as in post yesterday)
[21:34] <Daviey> smoser: ok, upgrading linux-ec2 yields:
[21:34] <Daviey> http://erk.daviey.com/ec2-1.png
[21:34] <Daviey> http://erk.daviey.com/ec2-2.png
[21:34] <Daviey> is it fair to assume these are transient?
[21:35] <smoser> yeah, just hit enter. there is a bug on that... let me find that number.
[21:36] <Daviey> yeah, didn't realise there was a bug on it.
[21:36] <smoser> grub is bug 434755
[21:36] <Daviey> solved the module.
[21:36] <smoser> modules is bug 429169
[21:59] <howie> how do i port forward vnc in shorwall to a box on the local network?