[00:21] <stimble> Has anyone here tried launching the UEC images directly with kvm?
[00:21] <stimble> Im trying but missing somethign, not sure what
[00:21] <stimble> kvm  -kernel karmic-server-uec-amd64-vmlinuz-virtual -initrd karmic-server-uec-amd64-initrd-virtual -m 256  -drive file=karmic-server-uec-amd64.img,if=scsi,media=disk
[00:22] <stimble> thats what i've tried, if anyone has any hits, greatly apprecitated
[00:24] <ruben23> hi anyone tried load balancing 2 apache web server on prodcution..
[00:32] <patdk-lap> yep
[00:32] <stimble> ruben23: haproxy works
[00:32] <stimble> or if your in ec2, elastic load balancers
[00:33] <patdk-lap> there are hundreds of ways to do it :)
[00:33] <ruben23>  stimble: any how to from ubuntu-server on it..?
[00:33] <stimble> yes
[00:33] <stimble> ruben23: nothing special that i know of, but im sure there are a lot
[00:33] <patdk-lap> will you need to balance https?
[00:34] <ruben23> stimble: i have tried googling but not fine a clearer one..
[00:34] <patdk-lap> the main issue with loadbalancing is https and sessions
[00:34] <ruben23>  patdk-lap: i think im using http only..
[00:34] <stimble> ruben23: how about http://www.howtoforge.com/high-availability-load-balancer-haproxy-heartbeat-debian-etch
[00:34] <stimble> debian is similar enough to ubuntu in this case i think
[00:35] <patdk-lap> what kind of app is it?
[00:39] <Roxyhart0> hi somebody know a manual how to configurate step by step openldap in ubuntu 9.10...tha changes are really anoying and very different than before
[00:40] <patdk-lap> can't talk about openldap in 9.10
[00:40] <patdk-lap> but I have done openldap several times
[00:41] <Roxyhart0> without sldap.conf file?
[00:41] <patdk-lap> slapd.conf? hmm, normally it doesn't come with one
[00:41] <ruben23>  patdk-lap:are you asking about what kind of apps im suing..?
[00:42] <patdk-lap> ruben, kind of to get an idea what kind of issues you might have :)
[00:42] <patdk-lap> like is it static, dynamic, user logins, ...
[00:44] <ruben23> patdk-lap: i have a webs erevr used only for local now, its single server but as the users increases i need to add up another web server load balance them to carry all the load it needs.
[00:44] <Roxyhart0> the new versions maybe ...but i dont know how configurate without sldap.conf i tryed to follow a manual, but doesn't work ...i dont know where configure the name of my domain and details...do you know about that?
[00:44] <ruben23> stimble: i got a problem with HAproxy, i need like for server to run it..? wow...are there no solution using only my 2 web server.
[00:45] <stimble> you can run haproxy on one of your webserver boxes
[00:45] <patdk-lap> ruben23, you can do it on 1 server with haproxy if you want :)
[00:45] <stimble> just add localhost and remotehost1 to the pool
[00:45] <patdk-lap> it's really recommended not to, cause if one server goes down, haproxy would go down with it
[00:45] <patdk-lap> and your other server would be useless then
[00:46] <stimble> but, if its load balancing you are looking for, and not HA, it is fine
[00:46] <patdk-lap> yep
[00:46] <stimble> not ideal, but not awful
[00:46] <ruben23> patdk-lap: i dotn get the idea..can you explain it  alittle bit more
[00:46] <ruben23> you mean i can used my 2 web server only..
[00:46] <stimble> yes
[00:46] <patdk-lap> in your case you want to balance 3 ip's
[00:46] <ruben23> without adding another nodes
[00:46] <patdk-lap> one ip for haproxy and 2 for servers
[00:46] <patdk-lap> in the example they show it as 3 computers, instead of ip's
[00:47] <ruben23> how many nodes for it..?
[00:47] <stimble> haproxy get a public ip, and localhost plus another private ip = 3
[00:47] <stimble> 2
[00:47] <stimble> 2 nodes
[00:47] <stimble> 3 processes
[00:47] <stimble> node1 = haproxy+first_apache
[00:47] <stimble> node2=second_haproxy
[00:48] <ruben23> thats all..?
[00:48] <patdk-lap> yep
[00:48] <patdk-lap> if node2 where to die, your would be fine
[00:48] <patdk-lap> if node1 would to die, you have issues
[00:48] <ruben23> how about my second apache..
[00:49] <patdk-lap> he meant scond apache, not haproxy :)
[00:49] <patdk-lap> I would do haproxy and apache on both though
[00:49] <patdk-lap> then if node1 was to die, just do a dns change to point it at haproxy2
[00:49] <stimble> oops
[00:49] <stimble> yeah i did mean second_apache
[00:49] <stimble> sorry bout that
[00:50] <ruben23> i can follow the hot o you give me right but i will not used another nodes.ill install itself to my apache servers
[00:50] <ruben23> i can follow the how to you give me right but i will not used another nodes.ill install itself to my apache servers
[00:51] <ruben23>  stimble: patdk-lap: ill try to follow it and test it hope your always here so ican ask if any problem arise during the setup..
[00:51] <ruben23> stimble: patdk-lap:but thanks so much guys for the idea
[00:52] <stimble> sure, good luck
[00:52] <patdk-lap> ruben, just for the example
[00:52] <patdk-lap> use your public ip's for node1 and node2 on haproxy public ip
[00:52] <patdk-lap> and for apache, I would probaby use your public ip, but alt port, (8080?)
[00:52] <patdk-lap> then your haproxy config will remain portable
[00:53] <patdk-lap> and if you need to see what apache was having issues, you could directly connect to it
[00:53] <ruben23> patdk-lap: im not using public IP for my 2 web server..
[00:53] <patdk-lap> nothing like having php configured wrong on one box, and attempting to figure out the issue
[00:53] <ruben23> its mainly for local service
[00:53] <patdk-lap> well, the ip you normally access the box using :)
[00:54] <patdk-lap> when your not on the box itself :)
[00:55] <ruben23> so ill be having for local IP for the setup..right..?
[00:55] <ruben23> i mean 4 local IP
[00:56] <patdk-lap> if you want, you only need 2
[00:56] <patdk-lap> but if you don't want to put apache on an alternate port, then yes, 4
[00:58] <ruben23> patdk-lap:ok ill try this..hope this would be a success.. thanks
[01:03] <cohonen> UGHR ,m a lot inhere
[01:04] <cohonen> is there like a suggestion box for ubuntu server ?
[01:05] <patdk-lap> oh, you mean /dev/null? :)
[01:05] <Roxyhart0> pleae, somebody can explain me why the new ubuntu bersion doesn't come with slapd.conf and where is this configuration now? Please
[01:05] <cohonen> patdk-lap: yeah something like that
[01:06] <cohonen> patdk-lap: maybe a few good suggestion would come up,, like try to unfuck services
[01:06] <cohonen> dont default to emt kernel
[01:07] <cohonen> use sane ulimit defaults
[01:07] <patdk-lap> emt kernel?
[01:07] <cohonen> ehm
[01:07] <cohonen> aghh forgot the name
[01:07] <cohonen> the 36 bit mem support
[01:07] <patdk-lap> pae?
[01:07] <cohonen> yeaaap
[01:07] <cohonen> that one
[01:08] <patdk-lap> heh, I wonder what limits are on freebsd these days
[01:08] <patdk-lap> I remember having to recompile the kernel cause it limited any single user program to 512megs of ram
[01:08] <cohonen> can imagine a lot of people like me wanting to install is on an older box for a small toy server og home server and reusing outdated box
[01:08] <cohonen> but not with pae kernel you can
[01:08] <patdk-lap> all you have to do is load the -generic kernel, instead of -server
[01:09] <cohonen> patdk-lap: hehehe,, well you could find a happy medium with ulimit im sure
[01:09] <cohonen> patdk-lap: is that a install time option ...
[01:09] <patdk-lap> is what?
[01:09] <cohonen> a install time option
[01:10] <cohonen> like when you boot the disc
[01:10] <patdk-lap> is what an install time option?
[01:10] <cohonen> the generic kernel vs the pae one
[01:10] <patdk-lap> I have no idea
[01:10] <patdk-lap> I haven't installed server since 8.04 came out
[01:10] <cohonen> i seem to remeber instant nasty screen telling me that my old box didnt have pae support
[01:11] <patdk-lap> these days I pxe boot install, so it just installs -generic all the time, and I swap it for -server
[01:11] <cohonen> mnnn pretty nifty
[01:12] <cohonen> i dont have boxes enough to justify a setup like that
[01:12] <patdk-lap> ya, I have edited many init.d scripts to adjust ulimit for open files
[01:12] <patdk-lap> but that is normally the only thing I have issue with
[01:13] <cohonen> i mostly wold just like to see one that disallows for normal users to crash the system
[01:13] <patdk-lap> that's pretty easy
[01:14] <patdk-lap> just delete /etc/passwd
[01:14] <cohonen> it should just be a default
[01:14] <cohonen> hahahaha
[01:14] <cohonen> i meant fork bombs among other
[01:14] <cohonen> but point taken
[01:14] <patdk-lap> I have that on my user http server
[01:14] <patdk-lap> but I set those manually in suexec
[01:15] <cohonen> who about defaulting to locking each new user into a jail or a kvm instance
[01:15] <cohonen> going all openbsd on it ;)
[01:15] <patdk-lap> that has been around for a long time
[01:15] <cohonen> how even, hmm its getting late here
[01:15] <cohonen> typo time
[01:15] <patdk-lap> usermode linux would be bsd's jail
[01:16] <cohonen> but still not a default ;)
[01:16] <patdk-lap> it's not a default in bsd either
[01:16] <cohonen> i know
[01:16] <patdk-lap> cause it is damned annoying
[01:16] <cohonen> that was more like a joke really
[01:16]  * patdk-lap doesn't attempt to solve jokes
[01:17] <cohonen> the pae thing and then cleaning up the daemon conf would be my more serious suggestions
[01:17] <cohonen> ohh yea and working resonable ulimit out of the box
[01:18] <cohonen> patdk-lap: one should think you were a sysprog
[01:23] <ruben23> hi guys how do i install linux-source on my ubuntu server coz im having problem installing an applcation saying this error--->http://pastebin.com/m1fad1e6a
[01:23] <ruben23> anyone can help and have idea
[01:24] <ruben23> i have this ---> Linux ubuntu 2.6.24-24-server #1 SMP Fri Sep 18 17:24:10 UTC 2009 i686 GNU/Linux
[01:24] <cohonen> well
[01:24] <cohonen> have you read the error messsage =
[01:24] <cohonen> ??
[01:25] <cohonen> in specific ,, point 7
[01:26] <cohonen> just because you have the compiled kernel doesnt mean you have the source for the kernel you use
[01:26] <cohonen> in fact thats not the default  on any debian derived distro
[01:26] <cohonen> thats more a gentooish thing
[01:26] <ruben23> cohonen: so how do i workaround this thing
[01:27] <cohonen> you find the src package for your kernel in synaptics or whatever and get it
[01:27] <cohonen> sudo apt-get install <your kernel>-SRC
[01:27] <patdk-lap> I thought it was, apt-get install linux-source-(version)
[01:28] <cohonen> its was an example
[01:28] <cohonen> psuedocode
[01:28] <cohonen> cant be bothered with specific semantics
[01:28] <patdk-lap> hell, apt-get install linux-source, will get the most recent kernel
[01:28] <cohonen> sorry ,, syntax
[01:28] <cohonen> now its really getting late
[01:28] <ruben23>  patdk-lap: tried apt-get linux-source.. but still got same error
[01:29] <cohonen> patdk-lap: i didnt want to assume he ran the newest although its very likely
[01:29] <patdk-lap> ruben23, you missed the *install* command
[01:29] <cohonen> ruben23: you need to read the messages your console gives you
[01:30] <cohonen> apt.get  randomsource wouldnt have worked
[01:30] <ruben23> linux-source is already the newest version.
[01:30] <cohonen> ruben23: whats in usr/src ?
[01:30] <ruben23> that the output upon installing..
[01:30] <cohonen> /usr/src/
[01:30] <ruben23> http://pastebin.com/m6fa43a3d
[01:30] <cohonen> ls /usr/src     for me
[01:31] <ruben23> thats the one
[01:31] <patdk-lap> heh, you have -26 probably
[01:31] <patdk-lap> not sure about -24
[01:31] <cohonen> yea
[01:31] <ruben23> what i will do now
[01:31] <cohonen> plus,, you might need a symlink
[01:31] <cohonen> but im not sure
[01:31] <patdk-lap> maybe do a ls -la /usr/src
[01:31] <patdk-lap> this time :)
[01:32] <cohonen> ;)
[01:32] <ruben23> http://pastebin.com/m593ff2e2
[01:32] <patdk-lap> and a uname -a
[01:32] <ruben23> Linux ubuntu 2.6.24-24-server #1 SMP Fri Sep 18 17:24:10 UTC 2009 i686 GNU/Linux
[01:33] <ajmitch> minor version difference there, you have headers for 2.6.24-26-server installed
[01:33] <cohonen> ruben23: you got the linux-source-2.6.24 from ubuntus mirrors ?
[01:33] <cohonen> you didnt cheat and got a vanilla kernel ?
[01:33] <ruben23> cohonen: yes
[01:33] <cohonen> ok
[01:34] <ruben23> cohonen:what i do is install linux-source
[01:34] <cohonen> ok
[01:34] <ruben23> ans install linux headers
[01:34] <ruben23> thats all
[01:34] <patdk-lap> I think you need to upgrade everything
[01:34] <patdk-lap> so you don't have a mismatch
[01:34] <patdk-lap> of -24 and -26 stuff
[01:34] <ruben23> patdk-lap:already done
[01:34] <cohonen> it looks like a very generic kernel by the name
[01:34] <patdk-lap> apt-get dist-upgrade
[01:34] <patdk-lap> you don't have -26 though
[01:34] <Roxyhart0> hi, is ubuntu 9.10 better than LTS version?
[01:34] <patdk-lap> except for the headers
[01:35] <cohonen> Roxyhart0: better ?
[01:35] <patdk-lap> Roxyhart0, depends what you call *better*
[01:35] <Roxyhart0> bo bugs easy to configurate and more security
[01:35] <cohonen> Roxyhart0: it will help you score with chicks
[01:35] <ruben23>  patdk-lap:im running it now
[01:35] <patdk-lap> uname says you are using -24, not -26
[01:36] <ruben23> hoep this would correct the issue
[01:36] <cohonen> ruben23: linux-headers-2.6.24-26-server <-- you need the sources corrsponding to THOSE headers
[01:37] <Roxyhart0> I mean is 9.10 better: less bugs, more secutiry and easier to configurate?
[01:37] <patdk-lap> cohonen, ya but it still wouldn't work :)
[01:37] <patdk-lap> he would compile it
[01:37] <patdk-lap> but couldn't use it, cause he is on 2.6.24-24 and not -26
[01:37] <cohonen> ahh shit
[01:37] <cohonen> i turned it upside
[01:37] <cohonen> sorry
[01:37] <ruben23> cohonen:im upgrading now
[01:38] <patdk-lap> you will need a reboot
[01:38] <cohonen> dont listen to me,, im in a sleep deprived state
[01:38] <ruben23>  cohonen:why..?
[01:38] <cohonen> working on some poor app server
[01:38] <cohonen> not really getting much done
[01:38]  * patdk-lap takes sleep pills
[01:39] <ruben23>  cohonen: yoga
[01:39] <cohonen> so noone ever just answers ,, GO TO BED , for this issue ?
[01:40] <ruben23> cohonen::-D after yoga
[01:41] <ruben23> patdk-lap after i reboot, ill do update..?
[01:41] <cohonen> ruben23: you can do it now
[01:42] <ruben23> cohonen:i laready compile some application before..it will be lost, need to compile an d install again..?
[01:43] <cohonen> ehmm , depends on if you mean a normal app og a module for the kernel
[01:43] <cohonen> normal app no,,
[01:43] <cohonen> the kernel part,, yea,, it failed anyway
[01:43] <ruben23> cohonen: like php, mysql, lame
[01:44] <cohonen> no no no man,, keep that
[01:44] <cohonen> why did you compile all that yourself
[01:44] <cohonen> you should be using gentoo for this  :D
[01:44] <ruben23> yes i need to install thos things for a bigger application.
[01:44] <ruben23> i mean i install it with ubuntu package, sorry
[01:45] <cohonen> well,, whats wrong with getting them from the package mirrors
[01:45] <cohonen> ahh okey
[01:45] <cohonen> thats fine
[01:45] <cohonen> a kernel change doesnt affect user space compatibility
[01:46] <cohonen> mario ?
[01:48] <ruben23> doing good so far..
[01:48] <cohonen> awesome
[01:48] <cohonen> installing new kernel is easy peasy
[01:49] <cohonen> or well it would have if it wasnt for initrd
[01:49] <ruben23> yes finally succes, thanks guys--it was not on my mind running my application with this new server verison..:)
[01:49] <cohonen> ruben23: just remeber to read the output carefully
[01:49] <ruben23> im up to 8 LTS but i guess i need to test some upgrade on this..
[01:49] <ruben23> yeah thansk
[01:49] <cohonen> another time,, someone put it there with intent
[01:50] <cohonen> :)
[01:51] <ruben23>  cohonen: one more thing, how do i start application automatically on ubuntu..
[01:52] <cohonen> a daemon or a user script
[01:52] <cohonen> well i cant remeber specifics but for a user command you put it in .bashrc in your homedir
[01:53] <ruben23> hmm..
[01:53]  * patdk-lap is lasy, and adds it to /etc/rc.local
[01:53] <cohonen> for a daemon you /etc/rc.local
[01:53] <cohonen> add shit to that
[01:54] <cohonen> or you make your own rc file and pu tin the appropiate runlevel
[01:54] <ruben23> ok the shit is added..:)
[01:54] <cohonen> which is sorta messy
[01:54] <cohonen> hehe sorry about the language
[01:55] <ruben23> centos have chkconfig..a litte bit simpler..
[01:55] <ruben23> hope ubuntu would also have like that
[01:55] <cohonen> hmmm
[01:56] <cohonen> like i mentioned to patdk-lap the deamon setup is not as elegant as it could be
[01:56] <cohonen> but gentoo and redhatish distros beat debian here
[01:56] <cohonen> and likely also the BSD's
[01:57] <ruben23> yeah but still i love ubuntu even though..
[01:58] <cohonen> yea,, its got its own strongpoints
[01:59]  * cohonen checks out chkconfig
[01:59] <patdk-lap> ya, I love bsd's init scripts
[01:59] <cohonen> ahh now i see
[02:00] <cohonen> chkconfig is like rc-update in gentoo
[02:00] <cohonen> patdk-lap: doesnt BSD also have conf.d ?
[02:00] <cohonen> or is that a gentoo invention =
[02:00] <cohonen> ?
[02:00] <patdk-lap> not that I know of, unless it's new
[02:01] <patdk-lap> I'm still on v6
[02:01] <cohonen> its like this, /etc/init.d/junk for starting stopping deamon s etc
[02:01] <cohonen> /etc/conf.d/junk for telling them which ports to listen too etc
[02:02] <cohonen> as i recall it its a bit more chaotic on the debian front
[02:03] <cohonen> patdk-lap: also have a look at the service command on redhatish systems
[02:04] <patdk-lap> I use it all the time
[02:04] <patdk-lap> but it just makes init.d more tollatable
[02:04] <patdk-lap> doesn't make init.d scripts easier to make
[02:04] <cohonen> hmm actually that was for ruben23
[02:05] <cohonen> patdk-lap: nope there really needs to be a standard or some novel ideas here
[02:13] <ball> Does Ubuntu Server have any convenient way for two servers to share a filesystem?
[02:16] <ball> (or a directory)?
[02:17] <Roxyhart0> please somebody can tell me which is the best ubuntu version for server...i mean less bugs and more security?
[02:18] <cohonen> security isnt a product
[02:19] <ball> I'll have a pint of security please.
[02:19] <ball> ...make sure there's a wee brolly in it.
[02:19] <cohonen> ball: do you mean like nfs or cifs ?
[02:21] <Roxyhart0> ok, but which version is better ...no much problems?
[02:22] <ball> cohonen: No, that won't give me two synched copies of the same filesystem
[02:22] <cohonen> are you looking for a distributed filesystem
[02:22] <ball> Yes, something like that.
[02:23] <cohonen> og simple file mirroring
[02:23] <ball> mirroring I suppose
[02:23] <cohonen> rsync for mirroring
[02:23] <ball> I'm not sure rsync will be able to keep up.
[02:23] <cohonen> dist filesystems are more complex to setup
[02:24] <cohonen> keep up with ?
[02:24] <ball> I'm trying to lash together two servers, with each server having a complete copy of the shared directory or partition
[02:25] <ball> When one server fails, I need the other to have full access to the filesystem
[02:25] <cohonen> hmmmm
[02:25] <patdk-lap> for that you have two ways to do it
[02:26] <patdk-lap> use unison (ugly, but works for a few things)
[02:26] <cohonen> these sortha thing can get really really complex
[02:26] <patdk-lap> or drbd
[02:26] <cohonen> yea,, i would get the simplest solution if possible
[02:26] <patdk-lap> drbd is simple (as simple as it can get)
[02:26] <patdk-lap> just has latency issues, but well, you wanted reliable :)
[02:27] <patdk-lap> I did unison between 3 server for years
[02:28] <patdk-lap> for handling 26gigs of maildir :)
[02:32]  * ball goes away to look that up.
[02:32] <cohonen> it looks pretty good
[02:34] <patdk-lap> ball, you probably want drbd :)
[02:34] <patdk-lap> unless you really want to maintain it all the time
[02:35] <ball> I want something that's going to work reliably.  I imagine we'll have to pay for a software support contract anyway.
[02:35] <patdk-lap> drbd will work reliably
[02:36] <cohonen> as i said these things get get very very complex
[02:37] <cohonen> banks uses hw assisted SAN on several SAN boxes
[02:37] <ball> cohonen: shouldn't be all /that/ complex... surely we aren't the only people doing this?!
[02:38] <cohonen> depends a lot of your requirements
[02:38] <cohonen> the DRBD looks okey for a small-medium setup
[02:41] <ball> Okay, I'll bark up that tree for a few days, see what happens.
[02:41] <ball> Thanks.
[02:45] <patdk-lap> drbd is the best way to do it without mirrored san arrays :)
[02:45] <patdk-lap> but it's defently not the quickest or fastest
[02:45] <patdk-lap> but it will work for *anything* though
[02:45] <Roxyhart0> Hi is phpldapadmin  running on ubuntu 9.10? im having problems
[02:46] <patdk-lap> I hated phpldapadmin and tossed it in the trash :)
[02:46] <patdk-lap> and for me to giveup on something, is defently saying something
[02:48] <cohonen> later guys
[02:49] <Roxyhart0> I hate the new versions...nothing running like before
[02:49] <Roxyhart0> poor documentation
[03:03] <jongbergs> hi, im considering to setup a proxy server using squid with dansguardian web content filtering..i have seen many great howto's but does this setup require 2 NICs?
[03:03] <patdk-lap> it doesn't have to
[03:04] <patdk-lap> just normally when you do it, it's on the same server that nat/firewalls your internal to external network
[03:04] <patdk-lap> so it does
[03:06] <jongbergs> patdk-lap: ok this is our current setup..our Linksys router does the NAT with IP 192.168.1.1..How would I setup a server using this IP 192.168.1.253 to act as proxy
[03:08] <jongbergs> patdk-lap: should i set our clients gateway to point to our proxy say 192.168.1.253?
[03:11] <jongbergs> !hello
[03:12] <jongbergs> patdk-lap: will this setup http://www.lesismore.co.za/squid3.html work in my situation?
[03:12] <jongbergs> patdk-lap: hello are you still there?
[03:15] <jongbergs> hello, anybody here please...
[03:15]  * ball waves
[03:17] <garymc> hi, anyone tell me how easy or hard it is to setup email stuff so all my emails are sent from my server?
[03:18] <ball> quite hard I imagine
[03:18] <ball> ...to do it right, anyway.
[03:19] <ejat> hi ..
[03:20] <ejat> anyone wanna comment about this http://is.gd/7geaE
[03:20] <garymc> hi ball
[03:20] <ball> hello garymc
[03:20] <garymc> i was doing a walk thru with you sometime back
[03:20] <jmarsden> garymc: Setting up a simple one domain postfix + dovecot email server is pretty trivial in Karmic... sudo apt-get install dovecot-postfix  and answer the debconf questions, and you are done.
[03:20] <garymc> on adding a hard drive space to my rack server
[03:20] <ball> Really?  How did that go?
[03:21] <garymc> yeah im looking on ubuntu site it says Postfix and dovecot
[03:21] <garymc> but what about spammassasin? do i need that?
[03:21] <garymc> what are debconf questions what would it ask. what would i need to know?
[03:21] <jmarsden> garymc: It depends how much spam protection at the server level you want/need.  If thsi is just for you and your family, try without it and add "nice extra stuff" later when you are more familiar with the setup.
[03:22] <Roxyhart0> hi sorry what about clamd?
[03:22] <jmarsden> The questions are very simple, basically about how your server will connect to the Internet (send email via a smart host or be a full blown server sending mail out directly, etc)...
[03:22] <garymc> jmarsden : as its for work and its already a working webserver i dont want to mess anything up so just need as much knowledge before i plunge in
[03:22] <ball> garymc: try it in a VM?
[03:23] <jmarsden> garymc: Then set one up for fun on a test virtual machine  first (ball beat me to it!)
[03:23] <garymc> hmmm i havnt got a virtual machine i dont think?
[03:23] <garymc> i need to get one i suppose
[03:23] <jmarsden> garymc: You have a server.  You have free virtualization software.  Use them and you end up with virtual machines :)
[03:24] <jongbergs> patdk-lap: ok this is our current setup..our Linksys router does the NAT with IP 192.168.1.1..How would I setup a server using this IP 192.168.1.253 to act as proxy?
[03:24] <garymc> ok i can do that stuff? I need a test server to test setting up a virtual server then lol
[03:24] <jongbergs> hi, im considering to setup a proxy server using squid with dansguardian web content filtering..i have seen many great howto's but does this setup require 2 NICs?
[03:24] <jmarsden> On a Ubuntu desktop, virtualbox-ose is trivial to set up and use.  I did a talk about it for a LUG recently... slides at... http://crosswire.org/~jmarsden/talks/virtualbox/virtualbox.html
[03:25] <jmarsden> garymc: Or you can even run virtualbox on a Windows PC if that is all you have available for testing.
[03:25] <garymc> hmm ok, didnt know i could do all this stuff
[03:25] <jmarsden> garymc: My talk was subtitled "turning one computer into many" :)
[03:26] <garymc> yes i m looking at it
[03:26] <garymc> thanks :)
[03:26] <jmarsden> You're welcome.
[03:27] <garymc> ok so all i need to do is install postfix and dovecot follow onscreen instructions and bingo
[03:28] <jmarsden> To get yourself a working basic email server, yes.
[03:28] <garymc> and i could add as many email addresses or users as i wanted?
[03:29] <jmarsden> garymc: Don't install postfix and dovecot separately, install the dovecot-postfix package.     Yes, as long as they are all in one domain.  Multidomain setup would need more work and more understanding of how things work.
[03:29] <garymc> or do i then need squirrel mail etc
[03:29] <garymc> im going to need multi domain i know it
[03:29] <garymc> for other websites i need to host
[03:29] <garymc> got any bummf on multi domain stuff?
[03:30] <garymc> ok so the command to instal postfix and dovecot in ubuntu is? Ill do it now before bed :) as its 3:30am here
[03:31] <jongbergs> hi, im considering to setup a proxy server using squid with dansguardian web content filtering..i have seen many great howto's but does this setup require 2 NICs?
[03:31] <jmarsden> Adding a webmail server like squirrelmail would be pretty easy.  Going multi-domain... not really.  There is a lack of good free "pretty" config tools for that.  There are some "HOWTO" docs on various random web sites, but I've yet to find one I really like, and following one without understanding it has got several newcomers int over their heads.
[03:31] <garymc> it defo wont mess naything up?
[03:31] <garymc> ok ill leave it out for now then
[03:31] <garymc> sudo apt-get dovecot-postfix
[03:31] <jmarsden> garymc: I gave the command earlier.  sudo apt-get install dovecot-postfix  .  Don't run that on a production server if you don't know what you are doing, but it really shouldn't mess up anything unless there is another mail setup already there, or something!
[03:32] <garymc> ^^ is that the command?
[03:32] <uvirtbot`> garymc: Error: "^" is not a valid command.
[03:32] <garymc> ok its UBUNTU LTSP
[03:32] <garymc> i dotn think any mail stuff wa son it how would i know?
[03:32] <jmarsden> garymc: The LTSP part won't be an issue.  But it is Karmic (9.10) based, not 8.04 LTS, right?
[03:33] <jmarsden> The dovecot-postfix "do everything for you" package is new in Karmic...
[03:33] <garymc> I thought it was Juanty 9.10
[03:33] <jmarsden> Jaunty is 9.04 :)
[03:33] <garymc> ok im jaunty
[03:33]  * ball has a nice big doorstop thanks to Jaunty
[03:34] <jmarsden> garymc: Then you can't use the dovecot-postfix package.
[03:34] <garymc> shit
[03:34] <garymc> is jaunty bad?
[03:34] <garymc> in the GUI it says upgrade to latest version but i havnt cos was scared it would mess all my stuff up
[03:34] <garymc> will it?
[03:35] <garymc> i think it says upgrade to 10. something
[03:35] <jmarsden> garymc: Not unless your "stuff" was pretty unusual, hand installed, weirdly configured, etc.
[03:35] <jmarsden> Don't upgrade to 10.4 yet, that is Lucid which is still in Alpha :)
[03:35] <garymc> like my Mysql LAMP stuff?
[03:35] <ball> I can't fix my Ubuntu box without physically swapping disks around or building a PXE-boot server
[03:36] <ball> ...moving disks around will be easier.
[03:36] <garymc> so why would my GUI be advising me to upgrade to an unstable version?
[03:36] <jmarsden> garymc: As long as the LAMP stuff was installed conventionally using Ubuntu packages and you left the Mysql data in its default location, the upgrade should be fine.
[03:36] <jmarsden> garymc: It shouldn't be advising you to upgrade to 10.4 yet.
[03:36] <garymc> ok i did
[03:37] <garymc> so what version do you think it is advising?
[03:37] <garymc> im not at the office right now im at home
[03:37] <jmarsden> You are the one who can see it :)
[03:37] <jmarsden> SSH in :)
[03:37] <garymc> I dont know how to ssh into the gui
[03:38] <jmarsden> I need to go pick up my wife soon, no time right now for teaching ... and Ubutnu desktops/GUIs are technically out of scope for this channel anyway...
[03:38] <garymc> ok
[03:39] <garymc> i got a ssh software winscp32 is that any good for it?
[03:39] <garymc> i got putty too
[03:39] <ball> putty isn't bad.
[03:39] <ball> Did I mention that it's British? ;-)
[03:39] <garymc> is there a command to get into the gui
[03:39] <garymc> iam british ;)
[03:39]  * ball <- British
[03:39] <jmarsden> I suspect it is saying you could upgrade to 9.10.  Putty is OK.  But running Ubuntu in virtualbox-ose on your Windows box would be more fun than using Putty :)
[03:39] <garymc> I know :)
[03:40]  * jmarsden admits to being British too, although currently living in California.
[03:40]  * ball <- Illinois
[03:40] <jmarsden> I need to go... probably back later on.
[03:40] <garymc> ok so i upgrade to 9.10 2morow and install postfix-dovecot
[03:40] <garymc> ok bye bye me too bed time
[03:40] <garymc> thanks for the help
[03:40] <jmarsden> You're welcome.
[03:40] <ball> I need to drag some PCs around.
[04:04] <Roxyhart0> Hi, one question there are any documentation how to configurate a openldap as backup domain ldap with ubutnu 9.10?
[04:16] <twb> Roxyhart0: did you read the ubuntu server guide?
[04:21] <Roxyhart0> yes i did, but i dont undestand...also the domain controles is a old gentoo ..i am changing it by ubuntu in a new server, but must to be gradually..so i need to configurate a new bakup domain controler with samba in a ubuntu but connecting with a gentoo domain controler
[04:22] <Roxyhart0> do you know if it is possible?
[04:58] <Roxyhart0> hi question, im installin openldap and there are a section that said dn: olcDatabase=hdb,cn=config
[04:58] <Roxyhart0> ...what mean hdb is the kind of database, can I change by dbd?
[05:45] <jmarsden> Roxyhart0: I think hdb is a "new, improved" variant of bdb.  There is no "dbd" backend for LDAP than I know of.  I don't think changing backends would be as simply as just changing that DN...
[06:02] <Roxyhart0> thanks jmarsen, so do you think should be ok if i keep hdb?
[06:30] <jmarsden> Yes, I think it is the current/new "standard" for OpenLDAP backends.
[06:37] <Roxyhart08> sorry i my netowork was down...so which is better to use on ldap DBD or HDB?
[06:50] <twb> Roxyhart08: ask #openldap
[06:50] <twb> Oh, 16:45 <jmarsden> Roxyhart0: I think hdb is a "new, improved" variant of bdb.  There is no "dbd" backend for LDAP than I know of.  I don't think changing backends would be as simply as just changing that DN...
[06:51] <jmarsden> Roxyhart08: See http://www.openldap.org/faq/data/cache/1166.html for one sentence that confirms this.
[06:52] <Roxyhart08> thanks
[06:52] <jmarsden> You're welcome.
[07:17] <acalvo> godd morning
[07:17] <acalvo> s/godd/good/
[09:36] <uvirtbot`> New bug: #514196 in samba (main) "package libsmbclient 2:3.3.2-1ubuntu3.3 failed to install/upgrade: read error in `/var/lib/dpkg/triggers/update-initramfs': Invalid argument" [Undecided,New] https://launchpad.net/bugs/514196
[09:41] <uvirtbot`> New bug: #514198 in eucalyptus (main) "SSH key stopped working" [Undecided,New] https://launchpad.net/bugs/514198
[10:07] <maxagaz> how to get the list of dependences  of a package ?
[10:14] <_ruben> maxagaz: many ways .. apt-cache show packagename is one way
[10:27] <TeTeT> has anybody lately tried euca-bundle-vol? I get a No Space left on device error on Ubuntu 9.10
[10:29] <TeTeT> my mistake, specified wrong size
[10:56] <uvirtbot`> New bug: #514220 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/514220
[11:03] <garymc> Hi Im upgrading to Karmic, its asking me "Replace the customised configuration file /etc/cups/cupsd.conf ?" Do i keep or replace this file?
[11:05] <garymc> fudge it i pressed replace
[11:49] <BeardedChimp> I have some hsdpa modems that I have created a udev rule for that calls a script to dial them when they are detected. The script after dialing creates iptables rules that varies depending upon how many modems have been connected. However I can't create the iptables rules until all modems have been dialed and so I tried created a lock file ie /etc/modem.lock, but when I first boot up the udev rules run for more than one modem so fast that they 
[12:06] <uvirtbot`> New bug: #514252 in qemu-kvm (main) "[arm] (might) need porting to thumb2" [High,Triaged] https://launchpad.net/bugs/514252
[12:16] <garymc> anyone here help me with my postfix-dovecot setup?
[12:21] <patdk-lap> garymc, no idea
[12:50] <zul> morning
[12:58] <pmatulis> morning
[13:06] <uvirtbot`> New bug: #514278 in authbind (main) "Bind to 0.0.0.0/0 fails on 32 bit Ubuntu 9.10" [Undecided,New] https://launchpad.net/bugs/514278
[13:06] <garymc> anyone here help me get my basic email server up and running?
[13:21] <zul> fuuuuu....someone is actually using authbind?
[13:27] <tdn> I would like to have shared contacts on a server. The clients are using Thunderbird and Outlook. How can I accomplish this? Can I do it *without* LDAP?
[14:00] <ttx> zul: we are moving tomcat6 to dump jsvc and use authbind instead... anything against it ?
[14:00] <zul> ttx: nope
[14:01] <zul> its just that I havent really seen any new bugs with it
[14:01] <ttx> right, that's good, not bad :)
[14:04] <zul> ttx: agreed :)
[14:05] <_ruben> unless its because its so buggy that nobody uses it anyway :)
[14:05] <zul> ttx: im updating samba today for your edification
[14:06] <ttx> thanks for edifying me
[14:06] <ttx> zul: please also advance some of the remaining MIR bugs, looks like the ball is on your side of the field
[14:07] <zul> ttx: yep did some of that yesterday
[14:10] <zul> ttx: ctdb is a bit more problematic since there needs alot of changes in order for it to get to main
[14:11] <smoser> where is the correct place to write routes that you want to be persistent (across reboots) ?
[14:12] <patdk-wk> in interfaces?
[14:12] <patdk-wk> using the up option
[14:18] <zul> smoser: i would just do it in rc.local
[14:18] <smoser> i think /etc/network/if-up.d/ seems right.
[14:18] <smoser> no?
[14:19] <patdk-wk> if-up.d?
[14:19] <patdk-wk> I just use /etc/network/interfaces
[14:19] <patdk-wk> and add like, 'up route add ....' to the interface
[14:19] <patdk-wk> if you are really want it good, and a down command to remove it also
[14:19] <patdk-wk> then ifup/ifdown will work completely
[14:20] <patdk-wk> I would say do that, or use quagga :)
[14:21] <patdk-wk> now if only I could make networkmanager work :(
[14:36] <ttx> mathiaz: re:UEC test infra -- good news indeed ! Please reflect progress on the spec, in a way that allows it to be > 0% completion :)
[14:38] <ttx> mathiaz: let me know when you'll be available for quick call
[14:39] <ttx> mathiaz: thx
[14:44] <lau> hello, i am trying to deploy a webdav solution on my hardy server
[14:45] <lau> using the webbrowser interface I can see and follow the symlinks
[14:45] <lau> using cadaver or nautilus i can't see them, any idea plz ?
[15:11] <zul> soren: i would like to sit down with you and learn more about the automated server testing next week i want to learn more things about it if you dont mind
[15:36] <uvirtbot`> New bug: #514362 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.4 failed to install/upgrade: problemas de dependencias - se deja sin configurar" [Undecided,New] https://launchpad.net/bugs/514362
[16:12] <orkun> hi i am using ubuntu-mid with hal installed. things get mounted with iso8859 (vfat /dev/sdb1 to be specific) - i want it to be mounted with utf8 encoding. how can i change hal settings? (i hope the question would still be sort of supported, i don't want to use fstab or hal alternatives for another 4 months. please ignore if not supported)
[16:15] <ttx> mathiaz: <cjwatson> bug 512592 - believed to be fixed as of last night's debian-installer upload (and ev has closed this now); please report recurrences
[16:15] <uvirtbot`> Launchpad bug 512592 in debian-installer "[Lucid] console-setup-udeb succeeded but requested to be left unconfigured" [High,Fix released] https://launchpad.net/bugs/512592
[16:18] <MTecknology> you guys know generally how much more a rackmount server costs than the desktop style servers?
[16:20] <zul> MTecknology: depends where you get it from but usually more
[16:20] <MTecknology> zul: I know they're more - I was just curious how much more
[16:23] <patdk-wk>  hmm, normally about 50% more
[16:23] <Elad> how do I find a cron and disable it? I ran crontab - but don't see the cron in question
[16:23] <Elad> crontab -l
[16:23] <patdk-wk> but I guess it also depends what rackmount vs desktop
[16:23] <patdk-wk> 2u vs midtower, midtower is about 150% the cost of the 2u
[16:24] <patdk-wk> elad, check /etc/cron.* directories
[16:24] <Elad> looks like it is there
[16:24] <Elad> do I just rm the file?
[16:25] <MTecknology> patdk-wk: really? 2u would probably work perfect for what I need it for; hopefully
[16:25] <patdk-wk> the place I'm at, 1u and 2u is same price
[16:25] <patdk-wk> 3u, 4u, midtower, same price
[16:26] <bogeyd6> Elad, sometimes they are in the /etc/cron.* directories
[16:26] <Elad> bogeyd6: I found it in the directories, can I just rm file_name or will that break stuff?
[16:26] <patdk-wk> elad, you could, I normally just commened stuff out inside the file, so it's there as a reminder, if I want it back
[16:27] <MTecknology> patdk-wk: how much can you fit into a 4u or 2u ?
[16:27] <bogeyd6> Elad, just mv it to another directory in case you need it later
[16:27] <bogeyd6> commenting every line takes a while and a simple cp script /root/script.backup is just fine
[16:27] <bogeyd6> sorry sorry i meant /home/user/script.backup
[16:27] <bogeyd6> !noroot
[16:28] <MTecknology> bogeyd6: what about just toss exit up top?
[16:28] <patdk-wk> MTecknology, depends, normally more than enough :)
[16:28] <patdk-wk> 3u/4u is a normal computer
[16:28] <bogeyd6> MTecknology, as a matter of opinion only i find it easier to just let newbs be newbs than to try to school them
[16:28] <patdk-wk> 2u you get 6 to 8 drives, 2 to 6 pci/pcie cards
[16:29] <patdk-wk> heh? put a # on every line is simple with vi :)
[16:29] <MTecknology> awesome :) - 6 drives should be perfect
[16:32] <patdk-wk> 2u will cost you more money than a midtower computer
[16:32] <patdk-wk> but normally it pays itself back within 1year of colo costs
[16:34] <MTecknology> colo ?
[16:36] <MTecknology> patdk-wk: right now everything is under steps; when we get these servers they'll still be under steps stacked up - until we can afford moving them to a data center
[16:37] <patdk-wk> move to datacenter = colocation
[16:37] <MTecknology> oh
[16:38] <MTecknology> but datacenters around here you host your own server in it
[16:38] <patdk-wk> yes, when you host your own equipment, it's colocation
[16:39] <MTecknology> where do we save money?
[16:39] <patdk-wk> if you don't have your own equipment, it's just, dedicated server rental :)
[16:39] <patdk-wk> a 2u server costs more than a midtower server
[16:40] <patdk-wk> a 2u server costs less to put in a datacenter than a midtower
[16:40] <patdk-wk> so the longer the 2u is at the datacenter, the more money you will save
[16:40] <MTecknology> oh
[16:41] <patdk-wk> I would also say, a 2u has better cooling than a midtower, so less problems
[16:42] <MTecknology> and generally more expansion
[16:42] <patdk-wk> hmm, not really
[16:43] <patdk-wk> both do dual cpu's, and same drives
[16:43] <patdk-wk> difference would be on the 2u you pick, if it has 2 slots, or more for cards, where the midtower would have 6 or 7
[16:44] <MTecknology> http://www.newegg.com/Product/Product.aspx?Item=N82E16816152101
[16:44] <patdk-wk> 2u's can come with 6 low profile slots, or 3 low, and 3 normal slots, max
[16:44] <patdk-wk> that's a 1u
[16:44] <MTecknology> Why does it look like I can put 8 drives in there
[16:44] <patdk-wk> cause it's not 2u :)
[16:44] <MTecknology> hu?
[16:44] <patdk-wk> oh, you can :)
[16:44] <patdk-wk> 8 laptop drives
[16:45] <MTecknology> OH!
[16:45] <MTecknology> I missed that :P
[16:45] <patdk-wk> I only use 2.5" sas drives now
[16:45] <patdk-wk> cause 2.5" drives are faster than 3.5" drives
[16:45] <patdk-wk> just less storage space
[16:45] <MTecknology> I didn't know that
[16:46] <patdk-wk> ya, a 10k rpm 2.5" drive will be equiv to a 15krpm 3.5" drive
[16:46] <patdk-wk> I crunched those numbers awhile back
[16:46] <MTecknology> thanks :)
[16:47] <patdk-wk> drive is smaller, it doesn't have to move as much to find what it needs :)
[16:47] <MTecknology> makes sense
[16:47] <patdk-wk> but I wouldn't say that holds true for sata drives though
[16:47] <patdk-wk> but it did for the sas drives I check the specs on
[16:49] <patdk-wk> heh
[16:49] <patdk-wk> I was looking at something like that
[16:49] <patdk-wk> but it was an hp system, 2u, that you could plug upto 4 servers in
[16:49] <patdk-wk> was planning on doing 3 servers and 1 harddrive module
[16:50] <MTecknology> hm?
[16:50] <MTecknology> 4 servers on a 2u system?
[16:51] <patdk-wk> yep
[16:51] <MTecknology> how do you do that?
[16:51] <MTecknology> brb - gotta go to class?
[16:51] <MTecknology> s/?//
[16:52] <patdk-wk> http://h71016.www7.hp.com/dstore/ctoBases.asp?ProductLineId=431&FamilyId=3043&jumpid=re_R2515_store/enProdCat/DL100/DL170hG6
[17:00] <MTecknology> patdk-wk: 4 servers running on a single server.. Never heard of that without needing virtualization
[17:00] <patdk-wk> why?
[17:00] <patdk-wk> that box you where looking at was 2 servers, in a single case
[17:00] <MTecknology> oh- I didn't know that either
[17:00] <patdk-wk> think of it like a blade system :)
[17:01] <MTecknology> lost me at blade :P
[17:02] <MTecknology> patdk-wk: how do you manage something like that?
[17:02] <patdk-wk> using the blade center stuff
[17:03] <patdk-wk> hell, on my blade center, I I can remap network ports, turn off/on/reboot, connect fiber drives, ...
[17:03] <MTecknology> right now we have 3 servers running on linode; I'd liketo change to running those plus one other server on rackmount systems
[17:04] <patdk-wk> http://www.brentozar.com/archive/2008/01/hp-c-class-blade-chassis-review/
[17:04] <patdk-wk> that is what I have
[17:05] <MTecknology> ........
[17:07] <MTecknology> so do you have two boards in there to do that?
[17:08] <patdk-wk> boards?
[17:08] <patdk-wk> each blade is a full computer
[17:08] <patdk-wk> just instead of having normal ports on the back, for power, network, ...
[17:08] <MTecknology> I meant motherboard
[17:08] <patdk-wk> it has a single plug that plugs into that case
[17:09] <patdk-wk> the motherboard is inside the blade
[17:09] <MTecknology> oh
[17:10] <patdk-wk> heh, he so doesn't have the netowrk connected for that blade right :)
[17:10] <patdk-wk> in that pic, he has 14 blades :)
[17:10] <patdk-wk> 6 power supplies
[17:11] <patdk-wk> 2 ilo management units (that control the blade, turn on/off everything, and map network ports and stuff)
[17:11] <patdk-wk> 2 fiber switchs (hba's)
[17:11] <patdk-wk> and 4 network switchs
[17:11] <uvirtbot`> New bug: #513727 in samba (main) "Samba 3.4 member server in domain fails to authenticate users" [Undecided,Fix released] https://launchpad.net/bugs/513727
[17:12] <MTecknology> patdk-wk: I bet that was extremely expensive
[17:12] <patdk-wk> around 40k for the one I have
[17:13] <patdk-wk> just don't buy a new car :)
[17:13] <MTecknology> Right now my budget is ~1k
[17:14] <MTecknology> we don't have that money yet either
[17:16] <MTecknology> patdk-wk: any suggestions there?
[17:17] <patdk-wk> ya, getting a nice server for <1k isn't going to happen
[17:17] <patdk-wk> your going have to cut corners
[17:18] <patdk-wk> so you need to figure out exactly what you need
[17:18] <patdk-wk> cpu power? or harddrive speed?
[17:18] <MTecknology> so far it looks like everything I'm seeing only gives 4GB memory
[17:18] <MTecknology> max
[17:18] <patdk-wk> heh?
[17:19] <MTecknology> I'd like 32GB max memory; we can start with only using 4GB RAM but that's something I need to be able to expand
[17:19] <MTecknology> drive speed isn't as big of a deal
[17:20] <MTecknology> cpu power.. not as big of a deal
[17:20] <MTecknology> # drives is a big deal either; nor is drive space
[17:20] <MTecknology> I'm not putting drives in that price, or ram
[17:22] <uvirtbot`> New bug: #506865 in net-snmp (main) "snmp-net not working with lm-sensors" [Low,Incomplete] https://launchpad.net/bugs/506865
[17:23] <MTecknology> patdk-wk: we've had this company going for about 3mo now; we're hitting our server limits but we're not making much money
[17:29] <MTecknology> patdk-wk: finding available money sucks.. there's too many pretty shiny servers too
[17:30] <patdk-wk> what is your servers currently doing? that is causing it to need more resources?
[17:32] <MTecknology> we have a dev server that takes ~5 sec to load a simple page; production server that hosts websites; production server that hosts different crap
[17:32] <MTecknology> we need a coding server
[17:32] <MTecknology> the productino servers don't have enough memory
[17:32] <patdk-wk> what language is your stuff written in?
[17:33] <patdk-wk> what is the site? if I can ask
[17:33] <MTecknology> they're linodes though - we can't bump up the memory very much
[17:33] <MTecknology> which site?
[17:33] <patdk-wk> that the production stuff runs
[17:33] <MTecknology> It's mostly all php
[17:33] <patdk-wk> apache?
[17:33] <MTecknology> ya
[17:34] <patdk-wk> how many hits per second?
[17:34] <MTecknology> the server itself; about 10/min
[17:34] <patdk-wk> serving large files?
[17:34] <MTecknology> we're very low traffic atm
[17:34] <patdk-wk> guess large would be >1mb for this :)
[17:34] <MTecknology> our dev server is
[17:35] <MTecknology> oh, then ya
[17:35] <patdk-wk> but not >50megs
[17:35] <MTecknology> no
[17:35] <MTecknology> It's ram and hd space we're out of on the production systems
[17:35] <patdk-wk> you have lots of room for optimization it soulds like
[17:36] <MTecknology> 16GB HD space & 360MB RAM
[17:36] <DrNick_> which processes are using all the RAM on your production machines?  app servers?
[17:36] <patdk-wk> apache+php will suck ram quick :)
[17:37] <patdk-wk> I've switched all my stuff to lighttpd+php to handle php better
[17:38] <MTecknology> how much does that help?
[17:38] <patdk-wk> depends, apache will attempt to autoadjust
[17:38] <DrNick_> still, i was only asking to check what was using the RAM.  tomcat, for example, is a huge memory hog
[17:38] <patdk-wk> lighttpd doesn't auto anything, so you have to watch and change it yourself
[17:39] <patdk-wk> lighttpd does cache the crap out of stuff though, why I was wondering how large the files where
[17:39] <MTecknology> I meant how much did it save for you
[17:39] <MTecknology> I'd say for the most part they're pretty small files
[17:40] <MTecknology> maybe 6 files over 10MB
[17:40] <patdk-wk> well, apache + mod_php, I could only serve 110 pages per second
[17:40] <patdk-wk> apache + fastcgi php, I was doing around 130
[17:40] <patdk-wk> lighttpd + fastcgi php, I got 145
[17:40] <patdk-wk> I went with lighttpd, also cause it of how it loadbalanced php
[17:41] <patdk-wk> it made php better load the database, over how random apache used php
[17:41] <MTecknology> what's your opinion about mysql vs pgsql
[17:41] <patdk-wk> I know all there is to know about mysql
[17:42] <patdk-wk> I have attempting to play with pgsql some, but never seem to have enough time to figure enough of it out to actually do anything with it
[17:43] <patdk-wk> I have mysql easily doing >5k commands per second
[17:43] <MTecknology> what changes between fastcgi php vs mod_php ?
[17:43] <patdk-wk> my syslog mysql does >2k inserts per second
[17:43] <patdk-wk> everything :)
[17:43] <patdk-wk> mod_php is in all ways evil
[17:43] <patdk-wk> it's simple though
[17:43] <MTecknology> does source code need to change?
[17:44] <patdk-wk> yes
[17:44] <patdk-wk> but normally you just install it
[17:44] <patdk-wk> php_cli, mod_php, php_cgi
[17:44] <patdk-wk> those are the 3 php versions
[17:44] <patdk-wk> you use php_cgi for fastcgi and cgi
[17:46] <MTecknology> I guess I'll have to look into the feasibility of changing source code
[17:47] <patdk-wk> you guys actually hacked the php base code?
[17:47] <MTecknology> I thought you said code needs to change
[17:47] <patdk-wk> and did it so badly that you can't just say, compile cgi
[17:48] <MTecknology> 11:43 < MTecknology> does source code need to change?
[17:48] <MTecknology> 11:44 < patdk-wk> yes
[17:48] <patdk-wk> yes, the same source for mod_php doesn't for work for cgi/fastcgi
[17:48] <MTecknology> I was referring to the php code we wrote
[17:48] <patdk-wk> that is why you get the mod_php binary, and the php_cgi binary
[17:48] <patdk-wk> no
[17:48] <patdk-wk> your php programs don't need change (normally)
[17:49] <MTecknology> ok
[17:49] <MTecknology> When I start deploying a new server I'll use that and see how it works out
[17:50] <patdk-wk> I've gotten extreemly good at optimizing php and mysql
[17:50] <MTecknology> I wish I had some startup capital..
[17:50] <MTecknology> How do you optimize mysql?
[17:50] <patdk-wk> hundreds of ways :)
[17:50] <MTecknology> you compile it yourself then?
[17:50] <patdk-wk> I do, but that isn't how I optimize it
[17:51] <patdk-wk> and once I update to 5.1  Iwon't have to compile it myself anymore
[17:51] <MTecknology> I'll have to ask you for tips later then
[17:51] <MTecknology> I gotta run.. :(
[17:52] <MTecknology> last question - what do you think a decent price is to host a 1u / 2u server in a datacenter?
[17:52] <patdk-wk> it all comes down to how good the internet is :)
[17:52] <patdk-wk> for crappy internet, your talking $70-100
[17:52] <patdk-wk> for good internet, $150+
[17:53] <patdk-wk> I don't think you need good internet
[17:53] <patdk-wk> the different is latency
[17:53] <MTecknology> oh
[17:53] <MTecknology> that's goin to be out of our price range for a long while
[17:54] <MTecknology> by that probably - at least 6mo
[17:54] <MTecknology> thanks for all the help
[17:54] <MTecknology> gotta run - ttyl
[18:07] <uvirtbot`> New bug: #456099 in axis2c "axis2c.log is full of spurious errors" [Low,Triaged] https://launchpad.net/bugs/456099
[18:26] <uvirtbot`> New bug: #492235 in eucalyptus (main) "mDNS for CC hostname is only available while eucalyptus-cc is running" [Low,Incomplete] https://launchpad.net/bugs/492235
[18:38] <uvirtbot`> New bug: #424648 in openssh (main) ""Error: ssh program unexpectedly exited" when trying to browse files on router" [Low,New] https://launchpad.net/bugs/424648
[18:48] <smoser> mathiaz, you have a minute?
[18:48] <mathiaz> smoser: sure
[18:48] <mathiaz> smoser: a few minutes
[18:48] <smoser> https://bugs.launchpad.net/ubuntu/+source/ec2-init/+bug/506960
[18:48] <uvirtbot`> Launchpad bug 506960 in ec2-init "investigate ec2 kernel/ramdisk and apt-upgrade" [Medium,Confirmed]
[18:48] <mathiaz> smoser: I'm going to board soon
[18:48] <smoser> i'm looking at/ thinking about that.
[18:49] <smoser> oh. headed to pdx already.
[18:49] <smoser> ok
[18:49] <smoser> well i'll be fast
[18:49] <smoser> basically, i boot an ec2 instance
[18:49] <smoser> its out of date with the archive
[18:49] <smoser> apt-get update && apt-get dist-upgrade
[18:49] <smoser> wants a new kernel
[18:49] <smoser> it makes no sense to get a new kernel
[18:49] <smoser> should i dpkg pin those versions that the image is built with ?
[18:50] <mathiaz> smoser: is ther kernel package installed on a ec2 image?
[18:50] <smoser> yes.
[18:50] <mathiaz> smoser: IMO it should not
[18:50] <smoser> it should not what
[18:50] <mathiaz> smoser: because of the modules?
[18:50] <smoser> right.
[18:51] <smoser> (actually, there are 2 , both ec2 kernel and uec kernel)
[18:51] <mathiaz> smoser: well - you don't control which kernel is booted from the instance
[18:51] <mathiaz> smoser: IMO we should bundle the modules in a different package
[18:51] <mathiaz> smoser: and then update that package only when we publish a new kernel in EC2
[18:51] <smoser> wouldn't matter.
[18:51] <smoser> you'd still (in an old image) be told to upgrade
[18:52] <smoser> or unless the other package didn't appear as an upgrade
[18:52] <mathiaz> smoser: yop
[18:52] <smoser> what would be wrong with pinning the version ?
[18:52] <mathiaz> smoser: what is kernel related in the EC2 image?
[18:52] <smoser> i dont understand the question. i think you're missing a word
[18:53] <mathiaz> smoser: what do you need to change in the EC2 image when the external kernel changes?
[18:53] <smoser> you need new kernel modules.
[18:53] <smoser> so i just realized that this fixes the problem:
[18:53] <smoser> sudo apt-get --purge remove linux-image-virtual linux-virtual
[18:54] <mathiaz> smoser: yes - as mentionned in the google groups, there's no need to have a kernel package installed on the EC2 image
[18:54] <mathiaz> smoser: neither grub
[18:54] <mathiaz> smoser: they should be removed
[18:54] <mathiaz> smoser: what you need is the kernel modules though
[18:55] <smoser> i disagree with "there's no need to have a kernel package installed on the EC2 image"
[18:55] <smoser> completely
[18:55] <mathiaz> smoser: we could have an linux-ec2-kernel-modules that would depend on linux-ec2-kernel-modules-X.Y.Z packages
[18:55] <smoser> i dont see the value in that to be greater than the pain to maintain it.
[18:56] <mathiaz> smoser: and linux-ec2-kernel-modules-X.Y.Z packages would just provide the relevant kernel modules for published ec2 kernels
[18:56] <mathiaz> smoser: right - what you need in each EC2 image is the kernel modules for the running kernel right?
[18:56] <smoser> correct.
[18:57] <mathiaz> smoser: however the running kernel is outside of the control of the image
[18:57] <mathiaz> smoser: but we control all the published kernel
[18:57] <smoser> a.) for now that is the case
[18:57] <mathiaz> smoser: so we can publish packages that have the relevant kernel modules for every published kernels in EC2
[18:58] <smoser> b.) no, but the "supported kernel" with that image *is* 'controlled' in that it is the one registered.
[18:58] <mathiaz> smoser: if we push a new kernel in EC2, we publish/update the linux-ec2-kernel-modules to have the new kernel modules
[18:58] <smoser> but see thats exactly what we're doing now
[18:58] <smoser> except for, when the image is built, it requests 'linux-virtual' and 'linux-ec2'
[18:59] <smoser> which end up getting updated, and then updgrade says "hey you need new versions"
[18:59] <mathiaz> smoser: does linux-ec2 have a kernel or only kernel modules?
[18:59] <smoser> but if we didn't have those 2 packages, but rather only the kernel packages then it would not prompt for update
[18:59] <smoser> who cares if there is a kernel
[18:59] <smoser> really
[19:00] <smoser> yes, its a waste of 3M
[19:00] <mathiaz> smoser: right - what matters is to have the kernel modules corresponding to the running kernel
[19:00] <smoser> i'm confused.
[19:00] <mathiaz> smoser: one related idea I had for some time is how we can notify instances that there is a new kernel available
[19:01] <mathiaz> smoser: hm - me too.
[19:01] <mathiaz> smoser: so what's the current problem?
[19:01] <MTecknology> patdk-wk: I think you should donate a spare server + hosting to us :D
[19:01] <smoser> the problem is that on an ec2  instance (or UEC) running an 'apt-get upgrade'
[19:01] <smoser> suggests that you install new kernel packages
[19:01] <smoser> which it doesn't need to
[19:02] <smoser> so you waste the bandwidth and IO
[19:02] <smoser> but the old image package is not removed, everything still works.
[19:02] <smoser> its just confusing and a waste of resources
[19:02] <smoser> while talking to you, i realized that
[19:02] <mathiaz> smoser: ok
[19:03] <mathiaz> smoser: right - so don't install the normal linux-ec2 kernel package
[19:03] <mathiaz> smoser: rather a specific linux-ec2-kernel-modules
[19:03] <smoser> right. that can all be fixed by: sudo apt-get remove linux-image-virtual linux-virtual linux-image-ec2 linux-ec2
[19:03] <MTecknology> I should look into the cost of ec2
[19:03] <zul> mdeslaur: ping
[19:03] <mathiaz> smoser: that will only be updated if there is a new kernel available in EC2
[19:03] <smoser> the reason i install the meta packages is that they automatically resolve to "latest in archive" for me.
[19:03] <mdeslaur> zul: yessir
[19:03] <patdk-wk> ec2 is much more expensive than linode
[19:03] <zul> so explain why again?
[19:04] <smoser> ec2 is not really a linode replacement. they're almost completely different things.
[19:04] <smoser> but if what you want is a VPS, linode is cheaper
[19:04] <mdeslaur> we ship mount.cifs with the setuid bit set, because debian does it. Other distros don't. Upstream samba doesn't want the bit set, as the code hasn't been audited for that. They've even added code in the latest release to bail out if the setuid bit is set.
[19:04] <mathiaz> smoser: right - what you really wanna install in your ec2 image are the kernel modules for which there is a corresponding kernel published in ec2
[19:05] <mdeslaur> so I wonder what tools we have that _need_ the setuid bit
[19:05] <smoser> well, yes, but the way it works now is that is all in one process
[19:05] <MTecknology> so what si ec2 best used for?
[19:05] <mdeslaur> zul: ie: does nautilus need it?
[19:05] <smoser> image is built, kernel is extracted, if the kernel is not published, it is published, then image is published.
[19:05] <zul> mdeslaur: have you tried using it out with the setuid bit?
[19:05] <mdeslaur> zul: well, if you remove the bit, regular users can't mount samba shares
[19:05] <smoser> basically when publishing an image, you publish the kernel it needs
[19:05] <zul> mdeslaur: i dont think so but I dont use nautilus that much
[19:05] <mdeslaur> zul: let me investigate more next week
[19:05] <patdk-wk> MTecknology, could probably do something
[19:05] <zul> mdeslaur: sure
[19:06] <mdeslaur> it's a bit early
[19:06] <mathiaz> smoser: right - so I think what you need to install in EC2 images is the linux-ec2 package
[19:07] <mathiaz> smoser: since if there is a new linux-ec2 package available in the archive, corresponding modules should be available for ec2 images and the kernel is automatically published in ec2?
[19:08] <MTecknology> patdk-wk: the way I'm looking at it now is I should just try to build a VM to test out what you mentioned; then try to push that to the dev server, then push it live; I should also try to manage in linode as long as I possibly can - $20/mo for each system
[19:09] <smoser> mathiaz, i dont follow that last part.
[19:10] <mathiaz> smoser: if there is a new linux-ec2 kernel, is it automatically published in EC2?
[19:10] <mathiaz> smoser: ie can the new kernel be used to boot new images?
[19:11] <smoser> mathiaz, basically, yes.
[19:11] <smoser> afer a nightly build takes place
[19:11] <uvirtbot`> New bug: #455294 in eucalyptus (main) "UEC Installer should point to management interface" [Wishlist,Incomplete] https://launchpad.net/bugs/455294
[19:12] <mathiaz> smoser: right
[19:12] <MTecknology> patdk-wk: I looked into it more and it could be potentially over a year before we can consider a datacenter
[19:12] <mathiaz> smoser: I think the problem mentionned in the google group thread is that when there is security update published, dist-upgrade in an instance will pull it down
[19:13] <mathiaz> smoser: that's something we wanna avoid - right?
[19:13] <smoser> well, sort of.
[19:14] <smoser> i just posted a comment there, please read
[19:14] <smoser> in the bug
[19:14] <mathiaz> smoser: if so, don't install linux-ec2, but the actual package - like linux-image-2.6.32-301-ec2
[19:14] <smoser> i actually think it all fixes itself we dont have the metapackages.
[19:14] <smoser> right.
[19:14] <smoser> and that gets updates *someimtes* (within the abi)
[19:14] <mathiaz> smoser: yop
[19:14] <smoser> and you would likely want those changes
[19:15] <smoser> so, fo me, the easiest way to do this is to simply purge the metapackages after image build
[19:15] <mathiaz> smoser: well - in EC2 you'd have to rebundle the image no?
[19:15] <smoser> because right now i select my kernel with them
[19:15] <smoser> and that is easy
[19:15] <smoser> rather than figuring out which version is current.
[19:15] <smoser> mathiaz, well now. inside of a single ABI, the kernel modules will be good
[19:16] <smoser> ie:
[19:16] <smoser> linux-image-2.6.32-301-ec2 is version 2.6.32-301.4
[19:16] <mathiaz> smoser: right - I'd discuss that with the kernel team though
[19:16] <smoser> there at times are updates for that
[19:16] <smoser> and they have the same package name
[19:16] <mathiaz> smoser: as you'd just update the modules, not the kernel
[19:16] <smoser> different version
[19:16] <smoser> that is what ABI compatibility is
[19:16] <smoser> :)
[19:16] <smoser> thats the reason there is that number
[19:17] <mathiaz> smoser: right - so just having the package name, without pinning the version should be enough
[19:17] <smoser> the '301' or '11' in linux-image-2.6.32-301-ec2 or linux-image-2.6.32-11-virtual
[19:17] <mathiaz> smoser: if you don't have the metapackage installed, you won't be asked for an upgrade
[19:17] <smoser> thanks mathiaz . i think i'm fine now.
[19:17] <smoser> right.
[19:18] <smoser> for  now i think i'm just going to remove the packages after they're included
[19:18] <smoser> so that i get them at build time to help me figure out "what is the current package"
[19:18] <smoser> but then dont need them after that.
[19:18] <mathiaz> smoser: right - you may wanna investigate the grub removal as well
[19:18] <mathiaz> smoser: right
[19:18] <smoser> right.
[19:19] <mathiaz> smoser: and then we can brainstorm about how to notify of new kernel available in running instances
[19:19] <mathiaz> smoser: as hey there is a security update for the kernel - you rebundle/restart your EMI
[19:19] <mathiaz> smoser: as hey there is a security update for the kernel - you *should* rebundle/restart your EMI
[19:20] <smoser> is there any thing different there than in mnormal '-server' ?
[19:20] <mathiaz> smoser: for the kernel upgrade notification?
[19:21] <smoser> right.
[19:21] <smoser> or would i be breaking that by removing meta packages
[19:21] <mathiaz> smoser: that's one of the reason for having the meta-package installed
[19:21] <smoser> y
[19:21] <mathiaz> smoser: that's how you'd be notified that there is a new kernel available
[19:23] <mathiaz> smoser: that's why I'd suggest to have a specific -kernel-modules packages, that only ships the kernel
[19:23] <mathiaz> smoser: it would be smaller and you'd still be notified about new kernel being available
[19:24] <smoser> just maintainence
[19:24] <smoser> i have lots of things to maintain
[19:24] <mathiaz> smoser: if that happens, you'd get the new kernel modules and you could rebundle your emi with the new kernel
[19:25] <smoser> i guess i'm missing something
[19:25] <mathiaz> smoser: right - it's a tricky situation
[19:25] <mathiaz> smoser: I'm about to board
[19:25] <smoser> later.
[19:25] <mathiaz> smoser: we can discuss that later then
[19:26] <uvirtbot`> New bug: #514304 in samba (main) "Samba failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/514304
[19:42] <Italian_Plumber> I looking through a user's DNS queries a good way of telling what web surfing they're doing?
[19:46] <erichammond> mathiaz, smoser: I didn't quite follow all of that EC2 kernel/modules/package conversation.  However, I wanted to point out that you don't have to rebundle/build a new AMI to upgrade the kernel.  There are currently two options:
[19:47] <erichammond> (1) start a new instance with the same AMI, but specify an override of the newer kernel.
[19:48] <erichammond> (2) Stop a running EBS boot instance (not terminate), ec2-modify-attributes to change the kernel+ramdisk, and start the instance again.
[19:49] <smoser> 2 actually gives a supportable path for kernel upgrades.
[19:49] <erichammond> It should be easy to install and keep multiple kernel module versions on an instance so that it can be tested back and forth with different kernels.
[19:49] <erichammond> smoser: but (2) is only available for EBS boot instances.
[19:49] <smoser> in both cases you have to get the modules into the instance
[19:50] <smoser> although it will boot successfully you wont have all modules
[19:50] <erichammond> Which begs the term of "successfully" if you're running an application on it :)
[19:51] <smoser> well, you can get them with 'apt-get install linux-ec2-$(uname -r)
[19:51] <smoser> '
[19:51] <smoser> if you're using package dkenerls.
[19:51] <smoser> so, that is intersting, for ebs, it seems like the value of the package "upgrade" is there.
[19:52] <smoser> thanks for your input.
[19:52] <erichammond> sure, but this being Ubuntu, I'm guessing you're going to try to find the simplest, easiest way to do this for users so they don't have to know things like $(uname -r) :)
[19:52] <smoser> so heres where this started
[19:53] <smoser> in an ec2 instance (non EBS), when there is an new kernel available, your 'apt-get upgrade' will pull it and install it
[19:53] <erichammond> smoser: Sorry to interrupt, but I'm leaving now and trust you to work it out.  Let me know if you need my input and I'll study the issue further.
[19:53] <smoser> (it will also pull linux-virtual, which is completley pointless for you).
[19:53] <smoser> but because without ebs you cannot change that instance's kernel, theres no point in that upgrade
[19:53] <smoser> its wasted IO
[19:54] <smoser> with ebs, that upgrade actually does make sense though, as you oculd hten tell the user: you should stop this instance and modify its kernel"
[19:57] <ruben23> can i setup my linux server to used nas as storage..
[19:57] <ruben23> is it possible
[19:58] <patdk-wk> sure
[19:58] <patdk-wk> use nfs or cifs
[19:59] <Maleko> why exactly is user "irc" created by default in vanilla ubuntu setup?
[20:00] <Disconnect> so without trying to be snarky i'm really beginning to think that UEC has a -wildly- different definition of "enterprise" than the rest of us.
[20:01] <ruben23> thanks im planning to buy Qnap a Nas hardware..to be used for file server and storage for my servers..
[20:12] <erichammond> smoser, mathiaz: Without ebs boot installing the new kernel modules could still help because the user can rebundle the running instance and run the resulting new AMI with the new kernel.  There a number of different paths for using AMIs on EC2 depending on the architecture.  Downloading a few extra MB of kernel modules seems like a small price to pay for the potential benefits, simplicity of your implementation, and to reduce the el
[20:14] <genii> Maleko: I imagine it's a standard reserved name and uid for a service, like others such as mail, news,syslog, saned and so on
[20:16] <Maleko> is there any way to know if those accounts are being used?
[20:17] <Maleko> i need to use the account name for my own use but i fear removing it will break something
[20:19] <guntbert> Maleko: I advice against that: irc is  a system account (uid=39), and cannot be accessed normally (look with sudo grep irc /etc/shadow)
[20:23] <Maleko> ah okay.
[20:54] <cihan253> hi all I have an amazon ec2 and using ubuntu but I have some problems. I cant install ec2-ami-tools to the machine. so I cant save the modified ami file in S3
[22:14] <MTecknology> !info nginx
[22:15] <MTecknology> !info nginx lenny
[22:15] <MTecknology> !info nginx lucid
[22:56] <Italian_Plumber> hello.   I've installed a PCI SATA controller card in a Pentium III machine running hardy.  when I start up the machine, I get a "kernel panic". What could be the problem?
[23:04] <PatrickDK> hmm, maybe something on that motherboard doesn't like that pci card at all
[23:06] <Italian_Plumber> yes... with this hard drive in, the machine won't even boot up into the live CD.
[23:25] <android60> How can I tell which disk grub installed to? Also, I am getting a black screen and no prompt after boot, I can ssh just fine, just no prompt at the machine
[23:53] <MTecknology> patdk-lap: I think I might wind up using nginx and lighthttpd inside a vm to see which I Like better