=== sixstringsg|afk is now known as sixstringsg === dendrobates is now known as dendro-afk === sixstringsg is now known as sixstringsg|afk [00:56] New bug: #912588 in ocfs2-tools (main) "mount.ocfs2 doesn't accept mount option "uhelper=udisks"" [Undecided,New] https://launchpad.net/bugs/912588 === sixstringsg|afk is now known as sixstringsg [01:28] Hi all :) Anyone do much work with Orchestra and Juju yet? Having a problem with what I thought would be some simple customizations to my juju.preseed file [01:28] No, but [01:28] !any [01:29] !anyone [01:29] A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll. [01:35] Ok :) I'm editing juju.preseed to customize the initial user/pass (passwd/user-fullname, passwd/username, and passwd/user-password-crypted). The change works fine, and machines that are imaged using a profile that references juju.preseed come up with the expected initial username and password. However, "juju status" fails with "Invalid SSH key" errors. [01:35] If I have an ubuntu server and a domina name (mydomain.com) -- can I tell a free dns system (zoneedit for instance) -- to forward all *.mydomain.com accesses to my IP? [01:40] pythonirc101: yes [01:42] Get the registrar to add mydomain.com NS to the com domain, have zoneedit serve a mydomain.com zone that includes @ IN A and * IN A or so === dendro-afk is now known as dendrobates [02:05] twb: will this help : http://www.namecheap.com/support/knowledgebase/article.aspx/597/46/how-can-i-setup-a-catchall-wildcard-subdomain ? [02:05] No [02:06] what's the difference? [02:06] The difference is that's some company's website about that company. [02:06] twb: I bought the domain from them [02:06] "Please note that you can only setup this option for the domain if it’s using our default nameservers." [02:06] i.e. not zoneedit [02:07] I have the option of pointing the dns to zoneedit, then to my ip. or I cud use the trick that they mention in that article [02:07] am not sure if url redirection is the same thing as dns thou [02:07] It is not. === dendrobates is now known as dendro-afk [02:08] twb: I'm currently using their dns, but I can easily point it to zoneedit. [02:09] Supposing your target host is 1.2.3.4, and the domain is example.net. URL redirection involves adding a record "example.net. IN A 5.6.7.8" and running a web server on 5.6.7.8 that responds to all requests with "go talk to 1.2.3.4" [02:09] twb: I really don't know if I should go with zoneedit vs their own dns for what I need [02:09] indeed [02:09] pythonirc101: it doesn't really matter which you use [02:09] ok, in my case, I need https://joe.mydomain.com --> 1.2.3.4 [02:10] The whole space is pretty shitty, because the components are cheap and not many people understand it. So all the vendors try to basically trick you into thinking you need to buy extra components from them. [02:10] also https://smith.mydomain.com --> 1.2.3.4 [02:10] I still have to figure out how to decode what one used to come to my website...but I think https can do that...but first thing is to point [02:10] e.g. the registrar will try to convince you to get your zone hosting ("name server") from them as well [02:11] the registrar gets my $8/year for now. that is it. [02:11] pythonirc101: IMO get https working first by IP address, then worry about zones [02:13] ok -- @ IN A and * IN A or so -- what do I type in subdomain? Its right now "@" [02:15] @ means "myself", e.g. if the zonefile is for example.net, @ expands to example.net. [02:15] * means all subdomains (less any subdomains that are explicitly mentioned). [02:16] it would be better to define @ and www only, rather than @ and * [02:16] @ - NS - 7200 - ns19.zoneedit.com -- is already defined. [02:16] so I need : * A 7200 1.2.3.4? [02:16] That is the NS (name server) RR. [02:16] You want an A (address) RR [02:17] I strongly recommend you go read some wikipedia articles on zonefiles and DNS so you understand what all this means. [02:17] A = IPv4 -- since mine is static ip v4 [02:18] Yes, A RR is for IPv4 addresses; AAAA RR is for IPv6 addresses [02:19] from what you told me @ and * should both point to my ip, so should perhaps www ? [02:19] I would recommend @ and www, no * [02:19] twb: in that case, how would I route joe.example.com --> to my ip. Same with smith.example.com [02:19] I want them both come to my server [02:20] Unless you have hundreds of such examples, I would name them explicitly [02:21] In fact, it would be best to simply use CNAMEs for those back to www, if they are just http vhosts [02:21] If you run "dig AXFR cyber.com.au @ns1.cyber.com.au" you can see one of my domains [02:21] twb: I'm trying to have one webserver per user on my machine...and have 100s of users. [02:21] pythonirc101: you can't. [02:21] so I do need a * [02:22] You can't run one webserver per user unless you have one IP per user [02:22] Why do you want to? [02:23] my webserver proxies each user to a backend webserver [02:25] twb: so essentially my ubuntu box is just a proxy for 100s of webservers behind a firewall - do I make sense? [02:26] I guess so, but IMO you should just use www.example.net/~fred/ [02:26] And disallow PHP so the users can't fuck up the webserver with broken scripts. [02:26] we used to use http://www.example.net/fred [02:27] but we have a new guy who is writing the proxy code, and he says he can do fred.example.net [02:27] Why do you want to? [02:27] It's a waste of resources [02:28] this is what I was told: setup a wildcard dns [02:28] and I guess you told me exactly how to setup a wildcard dns, right? [02:28] I did. [02:31] twb: what's the difference between url forwarding and dns setup? I can ask dns to point http://*.example.net --> IP or I can say redirect all URLs of http://*.example.net --> IP. [02:32] 13:09 Supposing your target host is 1.2.3.4, and the domain is example.net. URL redirection involves adding a record "example.net. IN A 5.6.7.8" and running a web server on 5.6.7.8 that responds to all requests with "go talk to 1.2.3.4" [02:32] URL redirecting should be avoided; it's less efficient than plain DNS [02:37] I could do it with namecheap itself... :) [02:37] At this point, I've lost interest. [02:37] namecheap is awesome :) [02:38] Registrars are not awesome. === sixstringsg is now known as sixstringsg|away === xInterlopeRx is now known as reboot|brb === dendro-afk is now known as dendrobates [02:50] twb, even godaddy? [02:51] They get to charge money for no reason other than a RIR handed them write access to TLDs [02:53] twb: how much money does one have to pay to get that access? [02:54] pythonirc101, more than you have available :p [02:56] AFAIK you don't have to pay any money, you just have to be working on a research-grade internet at a lab in your country circa 1980 [02:56] Maybe that's only the way RIRs get priviliged access; I know more about AUNIC/APNIC history than godaddy or whatever [02:58] (I'm the master server for aunic.net, for purely historical reasons ;-) [03:00] cwillu_at_work: you should have said: "I don't know" :) [03:00] pythonirc101, what, you have enough money to buy a registrar? [03:01] twb: Thanks for all the info today :) [03:01] pythonirc101, I'm not the one who's been trying to set up hosting by programmatically modifying sshd authorized_keys files [03:02] cwillu_at_work: indeed I was trying -- you've anything against trying? [03:03] * twb blinks [03:03] cwillu_at_work: do I even want to know? [03:04] *smiles* [03:04] pythonirc101, no, but you were also quite resistant to explaining what you were actually trying to accomplish [03:04] which could have easily saved you the last week of exploration on this :p [03:04] cwillu_at_work: Indeed what I do is my business, don't you think? :) [03:05] pythonirc101: not when you do it wrong [03:05] pythonirc101, and maintaining the snr in the support channels I frequent is mine :p [03:06] * goes back to work * - no noise. :) [03:06] Especially, not when you do it wrong on a shared network like the internet. [03:07] after all, every general web server ever has the ability to reverse proxy requests to other locations (including other http servers only listening on loopback on the local machine) [03:08] hell, twisted can do it quite easily, and would be trivial to programmatically configure the forwarding at runtime [03:08] * cwillu_at_work notes that #twisted is one of the places pythonirc101 was asking about how to implement sshd with the "required" features :p [03:08] twb, I believe that will answer your question as well :) [03:09] (specifically: no, you don't really want to know :p) [03:09] Yeah I switched off when I heard "twisted" [03:09] there's nothing wrong with twisted :p [03:09] cwillu_at_work: if you are free, I would love to get your help on a twisted program for starters? :) [03:09] pythonirc101, I was last week. [03:09] cwillu_at_work: it's not a C library? ;-P [03:09] (when I was asking :p) [03:09] now I'm rather busy :p [03:10] twb, sorry? [03:10] A python library is hard to use unless you're writing in Python [03:10] A C library has less lock-in [03:11] I'm sorry, you want a c wrapper around the standard non-blocking unix stuff? [03:11] i.e. all else being equal, I'd rather have a library or framework implemented in C than [03:12] I think you're confused [03:12] cwillu_at_work: simple twisted question for you: How do I do a "ssh -R" using twisted with keys in files? -- and the keys have to be generated using twisted / python as well. Can you do this in python? :) [03:12] pythonirc101, you can, and I'm not in the mood to explain how [03:12] twb: I agree. :) === guampa|2 is now known as guampa [03:13] twb, pointing out that two thirds of the conversation I've seen was in python related channels, I think the use of python is probably a given [03:13] Maybe, but I'm not [03:13] cwillu_at_work: I asked a binary question :) not for an explanation :) And I know the answer is "no", unless you prove me wrong :) [03:13] lock-in doesn't even enter into it at that point === jhelwig is now known as jhelwig_ [03:13] pythonirc101, given that I've done it... [03:14] cwillu_at_work: you've not. [03:14] prove it? show the code ? :) [03:14] you asked a binary question, I gave an answer === jhelwig_ is now known as jhelwig [03:15] cwillu_at_work: perhaps you should ignore me in the rooms that I frequent. [03:15] cwillu_at_work: conversation with you only kills my time? -- if you can't help -- why put your nose in the conversation? === ktk_ is now known as KurtKraut [03:19] pythonirc101, I invite you to look at twisted/conch/ssh/channel.py and forward.py [03:19] cwillu_at_work: you think I've not [03:20] I need a way to generate the keys cross platform in python before I can even think of doing a ssh -R -- rule number one -- no subproces or os.system [03:20] problem number two -- ssh-rsa keys are not the same as pem or ssl keys [03:20] there are crypto libs for python; that has nothing to do with twisted though (and so asking in #twisted was somewhat amusing :p) [03:21] cwillu_at_work: someone who writes a ssh client / server - and says, hey keys -- get it from somewhere else -- I can't take that seriously [03:21] still have no idea why you're trying to use ssh for the proxying though [03:21] because I thought it was easy to do this from inside python -- turns out its not [03:21] since I can do it in one line from outside python [03:25] cwillu_at_work: is he the guy that wanted to use ssh -w in production? [03:25] twb: For beta --> ssh -R actually. [06:37] hia ll [06:42] grrr timezone timezone !! [06:44] koolhead17: many of us will be in UTC+1 next week [06:44] SpamapS: some come coming ahead? :P [06:45] *conference [06:46] koolhead17: just a meeting [06:46] SpamapS: can i participate remotely !! :P [06:49] koolhead17: its a company meeting [06:49] koolhead17: but we'll still be in here to chat w/ everyone who isn't there. :) [06:49] SpamapS: ooh. okey!! [06:50] SpamapS: sorry for not poking you for help with the php bug. I need to get back to it soon. [06:51] koolhead17: I have plenty to do, just get to it when you can [06:52] SpamapS: am currently working on one juju charm and get to see it working on eucalyptus in way you suggested [06:54] i dont want to be very optimistic but i am thinking to give talk on Juju at one of the conf here, if it gets selected [06:57] iptables -I INPUT -p tcp --syn --dport 22 -m connlimit -- connlimit - above 2 -j REJECT [06:57] iptables v1.4.10: You must specify "--connlimit-above" [06:57] Try `iptables -h' or 'iptables --help' for more information. [06:57] how to fix ir [06:57] it [06:57] cloudgeek: you have a space between -- and connlimit [06:57] -m connlimit --connlimit-above 2 [06:58] okay trying [06:58] cloudgeek: also, you may want to add --reject-with tcp-reset [06:59] spamapsS: can you give me full command line i also try to remove space between -- and also try -, connlimit --connlimit-above 2 [07:00] SpamapS:thanks it working yeah :) iptables -I INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 2 -j REJECT [07:02] now it working !! [07:09] cloudgeek: unless you add --reject-with tcp-reset, some firewalls will drop the ICMP errors your firewall is sending. [07:10] SpamapS: i also need add this with the same [07:10] iptables -I INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 2 -j REJECT [07:13] Is there a CLI utility that can read and write xattrs? apropos(1) and apt-cache search aren't finding anything [07:16] twb: looks like there's a python library if nothing else [07:16] That's kinda plan B [07:16] twb: I believe it includes a program 'xattr' [07:16] twb: python-xattr [07:16] Hmm, /me checks apt-file [07:17] There's also python-pyxattr, I think a separate implementation [07:17] SpamapS: yep, you're right. I'll try that === dendrobates is now known as dendro-afk [07:19] My goal is to make a little shell utility that increments/decrements a target file's "score", stored in xattrs. And then to say "show me a random file weighted by score" [07:22] Argh, xattrs aren't supported on a tmpfs? [07:26] And mount -o remount has failed me: http://paste.debian.net/151194/ [07:42] OK that is way too slow [07:42] It takes 3 seconds to print an xattr from 10 files! [07:43] ls takes 0.07s to print dirent data, that's the kind of speed I'll need [07:43] strace to the rescue? [07:43] Maybe gnu find can just print it, or stat can... [07:43] SpamapS: well the cost is probably the ramp-up time for python [07:43] yeah don't call it for each file! ;) [07:44] twb: the C interface is pretty simple.. if you need speed [07:45] time &>/dev/null xattr x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ==> real 0m0.467s [07:45] time &>/dev/null ls x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ==> real 0m0.017s [07:46] I guess I will need to write C for this job. [07:47] something weird with your system [07:47] real 0m0.106s [07:47] hmm actually no the same speed ratio on my system.. 0.003s for ls [07:47] ARM [07:48] And an SD card [07:48] ah haha [07:48] well strace -c says 60% of the time was spent int he stat syscall [07:49] wait no.. in getdents [07:49] I blame python until there's conclusive evidence to the contrary :P [07:49] actually it varies *wildly* [07:50] strace -c xattr x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x [07:50] twb: pretty interesting results, but not consistent [07:51] hmmmm.. [07:51] twb: I think python may be searching its path for 'x' [07:51] haha [07:51] I will RTFS after I finish clocking this batman game [07:51] twb: 1309 calls to 'open' [07:52] SpamapS: more likely its searching its path for pyxattr.py or whatever [07:52] xttr/__init__.py [07:54] twb: indeed, that seems to be it.. like you said.. python spin up time [07:54] Probably what I should do is write xattr(1) in C and leave my main glue code as sh [07:54] 1220 unique paths attempted [07:55] twb: doing 1000 files closes the gap quite a bit [07:56] OK [07:56] But by then you start to hit MAX_CMDLINE_ARGS or whatever [07:56] no such thing exists anymore [07:56] Well, I hit it... [07:57] Not just now, but I'm pretty sure I've hit it in the near past [07:57] I just did 100000 files [07:58] actually.. hrm.. no.. still sucks with 100000 files.. ls is 0.512s, xattr is 2.902s [07:58] twb: it was solved somewhat recently.. last 2 years IIRC [07:58] That ratio is more acceptable tho [07:59] Hum, it just occurred to me there's no tcc on arm [07:59] No C "scripts" [08:02] twb: looks like xattr probably calls stat too often, and I think it might exec something one time [08:03] actually no [08:03] its just that it does stat, and listxattr, where ls can just do stat [08:06] twb: I don't know that rewriting in C is going to save you much [08:07] twb: good luck [08:07] * SpamapS passes out [08:21] hi all [09:00] morning all [09:20] smoser: hello there [09:20] hey jamespage [09:20] morning koolhead17 - how are you today? [09:21] jamespage: doing great thanks!! [10:06] jamespage: How is, [james-page] Investigate upstream co-operation from Hortonworks/Cloudera to ensure ongoing collaboration going forward: INPROGRESS [10:06] ? [10:07] SpamapS: when you see this, what is servercloud-p-juju-mir blocked on? [10:07] Daviey: slowly - we might get to a point where that entire spec if moot and can be canned [10:07] Daviey: due to discuss next week at the sprint === Yarph-ar-ti is now known as beerbro [10:07] jamespage: thanks! === rickspencer3_ is now known as rickspencer3 [10:12] rbasak: How is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-arm-service-orchestration looking? [10:12] Daviey: I'm looking at it as we speak. It's still pretty vague for me tbh [10:13] rbasak: what part? [10:13] jdstrand: How is [jdstrand] rewrite aa-complain and aa-enable/etc. in python and make sure they are installed in base installs: TODO [10:14] lynxman: [lynxman] write puppet external node classifier for juju status -> puppet: TODO ? [10:15] Daviey: most of the WIs. Eg. juju with LXC seems hardcoded for single machine operation, so the 1xmachine LXC idea would need to be written AFAICT. I should sync with juju people next week on this really [10:17] rbasak: Good thinking, there has been work in this area. I think SpamapS would be the best PoC for that. [10:19] hi all [10:19] i'm having some basic cli trouble [10:19] i'm trying to use grep to search text files for the string: $user['id'] [10:19] so i used grep -R '$user['\''id'\'']' . [10:19] but that still doesn't work [10:19] how can I do this? [10:26] cd #ubuntu === airtonix is now known as smee === koolhead11 is now known as koolhead17 [10:36] morning o/ [10:37] Daviey: thought that one was on SpamapS, can take care of it, its todo indeed :) [10:45] lynxman: right, i just saw your name on it :) [10:54] Daviey: my name is on very compromising things ;) hehe [10:55] lynxman: is it possible to run juju on an Openstack cloud or is it still limited to EC2 [10:55] ? [10:55] caribou: afaik it's possible, you just need to add some parameters to enviroment.yaml [10:56] caribou: gimme some mins and I'll give them to you ;) [10:56] lynxman: sure, I'm just playing around with it & the FAQ says that EC2 is the only way right now [10:58] caribou: officially that's true [10:58] caribou: since the openstack ec2 api is lacking some commands so it's not production ready [10:58] lynxman: ah, ok [11:08] sad, http://is.gd/zm3Vpo [11:10] lynxman: i failed to get it working in my case :( because of my internal infra [11:11] New bug: #912701 in nova "Openstack Compute with Xen in Ubuntu 11.10 fails to load due to Domain-0 being considered an instance" [Undecided,New] https://launchpad.net/bugs/912701 [11:12] Daviey: sir!! [11:14] caribou: http://pastebin.ubuntu.com/794738/ [11:15] caribou: remove the "branch" values as well since it's already in trunk :) [11:15] lynxman: thanks ! [11:28] lynxman: what should be used for the ec2-key-name , [11:35] caribou: you can either put the key name of a key you've created in openstack or just remove hte option and juju will create a new one [11:35] lynxman: ok [11:56] hello [11:56] New bug: #912716 in apache2 (main) "[improvement] allow graceful-stop via the init.d script" [Undecided,New] https://launchpad.net/bugs/912716 [11:56] could you please tell me what i must do to have secure openssh connection? [12:01] run ssh [12:02] only accept connections to keys that you have verified [13:01] morning [13:11] zul: morningtons [13:25] quick and easy question : Is Ubuntu server using Ubiquity as its installer and, if not, what's the name of Server's installer ? [13:25] is it a different flavor of Ubiquity ? [13:27] Daviey: re rewrite> you mean, what is the status of it? === smee is now known as airtonix [13:36] caribou: ubuntu-installer [13:36] thanks pmatulis [13:37] caribou: sometimes called debian-installer [13:40] pmatulis: :P === bladernr_afk is now known as bladernr_ [14:30] jdstrand: right! [14:30] jdstrand: just going through the WI's and checking in. [14:33] uke47*ikp=xO97q [14:33] power mag [14:35] textdb.allow_full_path [14:35] Daviey: well, *ahem* since it only recently showed up on my list and no one talked to me about it, I'm not sure yet. I hope to take a crack at it next week [14:36] <537 |)4748453 6( 57473/V\3/V7> ::= 537 |)4748453 6( <|_|/V5!6/V3|) !/V7363|2 1!73|241> [14:36] Daviey: I hope that didn't come off as *too* snarky. some snarky, yes, too snarky, no ;) [14:37] Daviey: let's go with 'very-slight snarky' [14:37] if (isr != null) isr.close(); } catch (IOException ioe) { // TODO: Throw appropriate exception [14:37] xlinux: Stop it. [14:37] * xlinux prev.svg [14:37] Daviey, zul: Are there any plans from your side to adopt the OpenStack packaging from Debian? [14:38] * *DSV_TARGET_FILE = ${java.io.tmpdir}/test-roundtrip-${user.name}.dsv * *DSV_TARGET_TABLE = t CREATE TABLE t (i INT, a INT, d DATE); [14:38] Daviey, zul: If not wholesale, then basing your packaging off of them? [14:38] soren: it's up in the air :/ [14:38] two way communication is currenty poor. [14:38] jdstrand: How did it get on your list? [14:39] Daviey: that is the source of the snarkiness. I don't know. someone just gave it to me without discussing it [14:39] well [14:39] jdstrand: right, i'm going through my mail log now. [14:39] we might have discussed it at UDS [14:39] ahhhh! [14:39] soren: ive cherry picked some stuff from them [14:39] jdstrand: is this backtracking the snark? :) [14:40] Daviey: but it wasn't assigned then, and no one asked/reminded me before assigning it to me. ie, I didn't say at UDS that I would do that per se. just that someone should/could [14:40] zul: That's a "no", is it? [14:40] Daviey: re backtracking> not in the least :P I am justifying the slightliness of it :) [14:41] soren: still up in the air though [14:41] Daviey: it isn't a big deal. I was just surprised to see new work items on my list is all [14:42] jdstrand: looks like it's been there since at least 10th Nov [14:42] as assigned to me? [14:42] jdstrand: right [14:43] I am quite surprised by that but not saying it is outside the realm of possibility [14:43] especially since I was doing various reports and things [14:43] oh well [14:43] jdstrand: https://lists.ubuntu.com/archives/ubuntu-server-bugs/2011-November/066450.html [14:44] Daviey: perhaps the bp was formatted in a way that it didn't show up properly. *shrug* [14:44] jdstrand: it's possible someone fudged the mail logs? :) [14:44] :P [14:44] I don't know. maybe it is the new year. I wiped my slate a bit too clean [14:45] maybe the bp wasn't approved or something [14:45] * jdstrand seriously doesn't remember seeing it in the work items tracker [14:46] and I look at that more frequently than I care to admit [14:46] jdstrand: it was approved, https://lists.ubuntu.com/archives/ubuntu-server-bugs/2011-November/067295.html :D [14:46] New bug: #910296 in php5 (main) "Please backport the upstream patch to prevent attacks based on hash collisions" [Medium,Confirmed] https://launchpad.net/bugs/910296 [14:46] jdstrand: sorry, i shouldn't be enjoying combating snarkyness so much :D [15:01] When you install ubuntu it asks for an account with sudo (and other) rights. For some reason, when I am running synaptic or whatever gui-based program that needs to elevate rights, that is the account that is asked for (as opposite to the ldap account I am logged into as even though it has sudo rights). Is there a way to change that? === dendro-afk is now known as dendrobates [15:38] raubvogel: this behaviour is seen only for gui-based programs? === sixstringsg|away is now known as sixstringsg === ksx4system is now known as syfkurwa [15:52] pmatulis: yeah. And only a few === syfkurwa is now known as ksx4system [16:51] hallyn: ok, so lxc-create on armel (panda) fails. I get http://paste.ubuntu.com/795021/, running "lxc-create -n test_container -t ubuntu -f lxc.conf -- -r oneiric". debootstrap on its own works fine. Looks like an apt-get update is failing, maybe because sources.list is wrong? Only lxc-create helpfully wipes what it was doing after the error so I haven't got the sources.list out of it yet [16:52] rbasak: you're on precise, right? [16:52] rbasak: the work is being done by /usr/lib/lxc/templates/lxc-ubuntu. [16:53] hallyn: yes, but juju is hardcoded to oneiric inside the container so that's what I'm testing [16:53] hallyn: thanks, I'll dig around in there [16:53] rbasak: is your mirror bad? the archive urls that are failing *should* be fine, right? [16:54] hallyn: I think it should be s/archive/ports/ [16:54] rbasak: are you taking a pandaboard with you next week? [16:54] yes [16:55] rbasak: ports.ubuntu.com? that would be too bad... [16:55] i guess we'll need to special-case line 112 in lxc-ubuntu for armel [16:56] hallyn: http://paste.ubuntu.com/795030/ [16:56] rbasak: glad you're trying it out then! I swear this has worked for me on the arm netbook up to UDS-p... [16:57] I'm sure I've seen some special casing of that somewhere else [16:57] stgraber: ^ [16:58] drat. so i guess powerpc will end up being the same then. [16:58] one day [16:59] aha [16:59] /usr/share/debootstrap/scripts/oneiric for example has special casing at the top for this [17:01] hallyn: yeah, I think debootstrap is clever enough but looking at these it looks like your changes for updates and security don't use the same logic [17:02] so it indeed used to work until the change to make sure our containers are also using updates and security [17:02] all right i'm sure there's a right way to do that (rather than hack it in with a case stmt) [17:03] amd64 and i386 go to archive.ubuntu.com/ubuntu [17:03] the rest goes to ports.ubuntu.com/ubuntu-ports [17:04] man i don't know what is going on this week, but i'm typing pages ahead of the echo back from server, it reminds me of using the slow VAX decades ago [17:04] stgraber: is there a tool we can use, feed it $arch and get back the right archive url? [17:05] hallyn: I think python-apt has that logic in a queriable way, but we probably don't want to end up writting a python script just for that :) [17:05] bug 912842 [17:05] Launchpad bug 912842 in lxc "lxc-create fails on armel" [Medium,Triaged] https://launchpad.net/bugs/912842 [17:06] well, is that logic likely to change sometime? [17:07] hallyn: I think it's going to be much easier to just add the extra if statement to the template [17:07] assuming i386 and amd64 are on archive and the rest on ports works for all current releases [17:07] maybe one day armhf will be moved to archive.u.c but for now it's not possible due to space reason (as in, we'd have to ask all our mirrors to buy more disks) [17:08] stgraber: ok [17:08] rbasak: thanks [17:09] hallyn: np. I'm happy to fix it although I won't get it done today [17:10] rbasak: that'd be great. thanks. [17:13] Daviey: servercloud-p-juju-mir is blocked on somebody from txaws upstream ACK'ing the patches [17:16] New bug: #912842 in lxc (main) "lxc-create fails on armel" [Medium,Triaged] https://launchpad.net/bugs/912842 [17:32] Daviey: actually all my patches were merged upstream, so I can upload and move forward with juju's MIR, w00t. :) [17:37] SpamapS: \o/ === jono_ is now known as jono [17:38] * SpamapS would like to thank the academy, and Thomas Herve. :) [17:41] I do feel i can take most of the credit fwiw. [17:51] New bug: #833073 in gdm (universe) "oneiric gdm picker list contains system user, rabbitmq" [Undecided,Confirmed] https://launchpad.net/bugs/833073 === sixstringsg is now known as sixstringsg|away === dendrobates is now known as dendro-afk === dendro-afk is now known as dendrobates [20:26] test [20:30] one two [20:33] !test [20:33] Testing... Testing... 1. 2.. 3... ( by the way, remember that you can use #test ) [20:33] doesn't let me know if this channel is broken though :) [20:34] that's OK === sixstringsg|away is now known as sixstringsg === alaing is now known as funkymonk [21:09] hello, i need to instakk , but i can't becouse ubuntu disk 11.10 don't recognizes gigabyte p35-ds3 RAID-0 hard diskcs, can someone help me? [21:10] does it see the drives? [21:11] pauliax: if it sees the drives and not the raid-0 logical volume, it means you don't have a real raid controller, just a controller with a fancy windows driver to do the raid stuff [21:11] Probably jmicron chipset [21:12] probably no reason whatsoever to dig further until pauliax tells us what really happens :þ [21:15] ls -alh [21:15] >_< [21:15] i reformated drives, configured RAID-0 on gigabyte p35-ds3, when installing no hdd or partition - i think raid driver is missing [21:17] use mdadm, because you have fake raid [21:20] what is fake raid, raid0? [21:21] pauliax: http://en.wikipedia.org/wiki/RAID#Firmware.2Fdriver-based_RAID [21:21] distro? [21:22] "fake" raid requires special software during the installation [21:22] i dont need soft raid - it will be bad [21:23] i thats why i dont need it [21:24] i have two operating systems by now, and i need four, dont ask me why :) [21:25] soft raid is not as bad as that. Month ago my 2 old dell power edge 1850 died (faulty RAM in hardware controller - at the first server (no data loss)! and at the (controller faild with partial loss of data)) [21:26] and at the second server (controller faild with partial loss of data)) [21:57] afternoon folks, anyone have a good page for configuring apache on ubuntu to use UCC SSL certs? [21:57] is it just like replacing a regular ssl cert in apache? === sixstringsg is now known as ayysir-capt_obvi === ayysir-capt_obvi is now known as sixstringsg [22:45] hey guys is it possible to get a net install version of ubuntu server [22:51] eagles0513875: you can grab the mini.iso from the netboot directory in, for example, http://archive.ubuntu.com/ubuntu/ubuntu/dists/precise/main/installer-i386/current/images/ [22:52] is there a 64bit one? [22:52] adam_g: thats for 12.04 [22:53] we need something that has already been released that has the cobbler stuff so for now 11.04 will upgrade once 12.04 becomes LTS and released [22:53] Deathvalley122: check that out and try that iso instead [22:54] eagles0513875: cobbler is available in 11.04 I believe [22:54] it's been around for quite a while [22:54] ikonia: its in 11.10 [22:54] cobbler with orchestra is what i mean [22:55] Deathvalley122: want to explain to ikonia the issue we are having trying to get things installed on this remote server [22:55] it's taking ages to erase the lvm data from Debian lvm [22:55] http://archive.ubuntu.com/ubuntu/ubuntu/dists/oneiric/main/installer-i386/current/images/netboot/ [22:55] use that then [22:56] ok [22:56] eagles0513875: http://archive.ubuntu.com/ubuntu/ubuntu/dists/natty/main/installer-i386/current/images/ [22:56] thanks adam_g [22:57] eagles0513875: you should be able to import the precise/oneiric/whatever ISO into cobbler [22:57] im trying to install this on the server we dont have anything installed yet [22:57] just net boot the iso then [22:57] eagles0513875: orchestra isn't in natty (i dont believe) [22:57] !help [22:57] Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience [22:58] whats natty got to do with orchestra [22:58] O_o [22:58] ikonia: ok [22:58] Deathvalley122: cobbler is in natty just not the whole orchestra stuff [22:58] eagles0513875: you'll want oneiric, or if you're just testing i'd advise precise. lots of new stuff going on around orchestra right now, and the precise version is more usable/complete [22:58] I think there is a serious issue with erasing lvm data from another distro [22:58] the problem for now is we need something for production and 12.04 isnt ready for a live environment yet [22:58] for ubuntu [22:58] trouble is 12.04 isn't [22:59] eagles0513875: then just wait [22:59] we are trying to wipe the stuff using 11.04 [22:59] 11.10 i mean [22:59] i want to set up a remotely controlled server at my father in laws house for android building. what are your suggestions? [22:59] "wipe the stuff" ??? [22:59] yes [22:59] eagles0513875: what are you looking to do [23:00] the server has Debian on it with lvm [23:00] we are erasing the lvm data from the debian one [23:00] ikonia: reformatting the drive for a clean installation as the DC tested with debian works fine and now erasing one lvm partition is going really slowly [23:00] but [23:00] its taking ages to do that [23:00] or do you both have the same issue ? [23:00] are you and Deathvalley122 the same person ? [23:01] no [23:01] (confused that you both seem to be having the same issue) [23:01] im working for Deathvalley122 ikonia [23:01] cause we both are on kvm right now [23:01] we are using kvm to connect to the server during install [23:01] how are you trying to "wipe" the data [23:02] using manual partitioning that is part of the installer [23:02] ok - so are you deleting the partition ? [23:02] correct and it asks to confirm you want to wipe and erase the partition and that is whats taking ages [23:02] is lvm started ? [23:03] (eg: are volume groups active) [23:03] no [23:03] it is not [23:03] Deathvalley122: how sure are you though [23:03] cause we aren't in Debian [23:03] the drive isn't even active right now [23:03] only the virtual drive [23:04] virtual drive which has the iso mounted [23:04] correct [23:04] how big is the partition ? [23:04] I have no freaking clue [23:04] I didn't check that [23:04] roughly [23:05] you must have an idea [23:05] just a guess [23:05] 200 [23:05] 200GB / MB ? [23:05] GB [23:05] how long has it been running [23:05] about 2 hours [23:05] is this a physical machine or a virtual guest [23:05] ok, so I suspect it's probably hung [23:06] physical machine [23:06] physical machine the host machine === dendrobates is now known as dendro-afk [23:06] the DC already replaced the motherboard the drive and sata cables [23:06] why ? [23:06] cuz they found problems with the hardware not sure exactly what [23:06] with the motherboard they said sata controller [23:07] ok - boot a CD - run fdisk and remove the partition [23:07] hard disk was I/O errors [23:07] ok [23:08] if they have changed the drive - why does it have data on it also ? [23:08] surly if it was a new drive, there would be no data on it [23:09] no [23:09] they put data on it as a test [23:09] to make sure [23:09] there isn't anymore issues [23:09] with the hardware [23:10] not sure I'd agree with that, but lets see what fdisk does [23:21] Hmm [23:21] Anyone know how I can shut down excessive non-needed getty's? [23:21] They're upstart managed, so I'm not so sure how to stop them and keep them from running. [23:21] kill them ? [23:22] Ahh, duh me.. [23:22] kill -19 [23:22] tty1 - tty6 [23:22] I just stopped 3-6 ;) [23:22] ikonia: Upstart would just repawn then. :p [23:22] ahhhh [23:22] ha ha, nice one [23:23] Psi-Jack: not sure it would with 19, not tried it [23:23] It would. [23:23] I'll take your word on that [23:23] upstart itself has to know to stop it, else it will keep bringing it back up [23:23] totally, I thought upstart monitored for process exit state though, so 19 it would ignore, but I've not looked into it in enough detail [23:24] Trying to figure out why our db server's chewing through memory like no tomorrow, when it's maximum threshold limit is 5.5GB out of 8GB. [23:24] Already dug through 755mb swap, out of 1gb total. [23:24] whoa [23:25] any signs of what's using it ? [23:25] Nope. [23:25] top show any big footprints ? [23:25] not active, but something that maybe leaking a little [23:26] Just MySQL, which has a VIRT of 4GB, and RES of 2.3GB [23:26] Lots of those. ;) [23:27] what's your mysql memory limits set to in my.cnf [23:27] not exceeding those is it ? [23:27] Nope. The MySQL tuning-primer script actually says, maximum utilization of memory is topped off at 5.5GB. [23:27] And it's not even hit that yet. [23:27] CPU usage itself is almost nil [23:27] are you running a web server or anything like that [23:28] ok, so at least you know that's good and no crazy process is found an obscure leak [23:28] Psi-Jack: watched vmstat for a while with say 5 second interval, [23:28] Nope. This is a dedicated MysQL server. [23:28] ok [23:28] is the usage growing, high scan rate, anything like that ? === bladernr_ is now known as bladernr_afk [23:32] swap si/so are fluctuating. [23:32] cpu usage is minimal. [23:33] not a massive surprise if you are eating ram that si/so are moving around a bit [23:33] memory usage is constant. I have this server under Zabbix monitoring, too,. [23:33] what abour sr [23:33] sr? [23:34] sorry, so it the equiv in vm [23:34] that is very odd then that nothing seems to be actually eating it, but it's in use [23:35] and if you're swapping it's struggling, but why ? [23:35] cpu is low so there is probably no wait time lock [23:35] ikonia: could it be vcpu allocation [23:35] what ? [23:35] not enough cpu time has been allocated to the vm [23:35] he's not running a vm [23:35] or not said he is [23:35] ikonia: above you said sorry, so it the equiv in vm? [23:36] eagles0513875: yes, vmstat [23:36] ahh my b ad [23:36] "so" is the equiv in "vmstat" [23:36] Actually. [23:36] It IS a VM. [23:36] Under VMWare. [23:36] ha [23:36] Psi-Jack: how many vcpus does this vm have [23:36] Bu tno. [23:36] what's the host doing ? [23:36] (or host showing) [23:36] it has 4 VCPUs, and they're all pretty much idling. [23:37] the cpu usage is low, so that is not going to be an issue [23:37] ikonia: It's a VMWare vSphere server, and it's on a very high end system. ;) [23:37] Psi-Jack: are you running vmware esxi or another piece of vmware kit [23:37] eagles0513875: We're running the full vSphere server. [23:37] nice [23:38] ikonia: could the be a bug not with the os on the vm but with vsphere? [23:38] On AMD 48-core Opteron servers with 256 GB RAM each. ;) [23:38] god all mighty lol [23:38] Hooked up to an EMC SAN over FC 3 [23:38] eagles0513875: you're just picking random things for no reason [23:38] With FC Disks in the SAN. [23:38] eagles0513875: vsphere is enterprise class and tested, I'd have confidence that basics like this are covered [23:39] Psi-Jack: is the box actually doing "anything" at the moment ? [23:39] or is it just a typical day, typical usage etc [23:39] The Host, or the VM itself? [23:39] vm [23:39] Very little. Serving 57 clients that're 90% idle. [23:40] And zabbix monitors which probe every 30s to 120s [23:40] To pick up information about the system and db. ;) [23:40] sorry pretty solid standard style setup [23:40] it's odd that it's swapping when the memory isn't at threshold [23:41] Yeah. [23:41] Here's the wierd part. [23:41] ikonia: i have noticed the same thing with my linodes they do a bit of swapping as well even when not fully using the vcpus [23:41] total used free shared buffers cached [23:41] Mem: 8196800 8139208 57592 0 4172 20860 [23:41] -/+ buffers/cache: 8114176 82624 [23:41] Swap: 905208 768004 137204 [23:41] eagles0513875: that's not uncommon though to swap out idle stuff [23:42] Cache is EXTREMELY low, memory usage is EXTREMELY high. [23:42] Psi-Jack: yeah, that's not good [23:42] Psi-Jack: I have one terribly random thing I can think of that was not the same but had a similar situation [23:43] Anything short of restarting mysqld? ;) [23:43] Psi-Jack: some large mysql 5 inodb tables had a corrupted index in ram, and each write the db was using the ram to create a temporary "at that moment" index, and had to keep getting flushed and re-written every $X writes [23:44] Psi-Jack: pastebin ps axfv [23:44] basically constantly re-creating an idex on the fly, it was low load on the machine, but kept the ram swapping out/in as it updated the index [23:44] Psi-Jack: seems to me you need more swap, then more RAM [23:45] RoyK: http://pastebin.com/hABWNnqE [23:45] We actually just upped the RAM this morning at 3am from 4GB to 8Gbn [23:45] Psi-Jack: 24837 ? Ssl 107:20 24834 8893 4315578 2439240 29.7 /usr/sbin/mysqld [23:46] but then that only eats 4,3GB [23:46] Exactly. [23:46] Which matches exactly what the tuner-primer script tells me MySQL is consuming, too. [23:46] which ties in clean with the limits in your my.cnf [23:47] Yep. [23:47] I tuned it low, so I could tune it up. [23:48] * RoyK thinks postgresql is a *BIT* better than mysql for 99% of use cases [23:48] I agree. :) [23:48] but, still. [23:48] mariaDB will definitely be better. I'm waiting on that one. ;) [23:48] Gonna try out MariaDB, in fact, on my home server farm, replacing MySQL with MariaDB 5.2, unless 5.3 comes out real soon. ;) [23:49] that won't fix your current issues though [23:49] Nope. ;) [23:49] looking at maria on a centos 6 setup at the moment for similar reasons [23:50] this isn't my home system either, this is corporate. ;) [23:50] Well, looks like there's updates to the kernel, mysql, so, I'm going to push that out tonight. [23:52] May very well be a kernel level bug. [23:52] well, you'll need a reboot [23:52] That, I know. ;) [23:52] almost a shame to boot it without a better understanding [23:52] For now, I'm pulling the packages in, and might restart the mysqld real quick since it's pretty fast. [23:53] One good thing I do like about Ubuntu. It also boots like super fast. Great for a server. :) [23:53] This is 10.04 too BTW. :) [23:54] Wow. Swap just dropped a crapload doing all these updates. ;) [23:54] that's so annoyingly wrong [23:54] And now, Swap and Free RAM have crossed over each other. [23:55] And now, mysql is probably stopping from the update and swap is relieving itself RAPIDLY. [23:56] lets see if it goes back up [23:56] It did. [23:56] Course mysql is still stopped, grrr!