/srv/irclogs.ubuntu.com/2012/01/16/#ubuntu-server.txt

=== CreativeEmbassy is now known as Judy
=== Judy is now known as CreativeEmbassy
samba35	this is very stange problem i come across i have a utm /firewall as a gateway (another system ) ,i have configure web server ,ssh server and ftp server on that but i am only able to acess ftp server ,not ssh and web server but i change hardisk with oracle linux i am able to access all 3 thing (web ,ssh,ftp )	04:28
thesheff17	running iptables or ufw	04:33
thesheff17	use nmap to scan the machine	04:34
samba35	check with that also	04:35
samba35	ufw uninstalled	04:35
samba35	this is very stange problem i come across i have a utm /firewall as a gateway (another system ) ,i have configure web server ,ssh server and ftp server on that but i am only able to acess ftp server ,not ssh and web server but i change hardisk with oracle linux i am able to access all 3 thing (web ,ssh,ftp )	04:36
samba35	sorry	04:36
thesheff17	check iptables: sudo iptables -L	04:40
samba35	yes ,check that also	04:42
samba35	disabled	04:43
samba35	and i even change the ports also of web and ssh	04:43
thesheff17	try to put ssh on the ftp port and see if it works	04:44
samba35	ok	04:44
thesheff17	it still sounds like some firewall rules between the box you are trying to connect to and the client box	04:44
thesheff17	don't forget to shutdown ftp service before binding ssh to the ftp port	04:45
samba35	yes	04:45
thesheff17	also make sure the serivces are starting correctly and listening: sudo netstat --tcp --udp --listening --program --numeric-ports \| grep sshd	04:49
samba35	no its not working	04:49
thesheff17	sounds like a service issue if ftp worked and ssh didn't on the same port	04:50
samba35	never face this kind of problem	04:51
samba35	and hight is if i change hardisk to oracle linux all things works fine	04:51
thesheff17	I would put ssh back to port 22 and run sudo netstat --tcp --udp --listening --program --numeric-ports \| grep sshd	04:53
samba35	yes check	04:54
samba35	i even chage ssh port 5123	04:54
thesheff17	I would use nmap to see if it is listening....I bet from the remote machine it doesn't find ssh running	04:56
thesheff17	and something is blocking it in between	04:56
samba35	www.utmxtm.com	04:56
samba35	can yo pls try	04:56
samba35	any result	04:57
thesheff17	its running now	04:57
thesheff17	I wonder if your ISP just blocks certain things.	04:58
samba35	rdp and vnc not configure	04:58
samba35	tryed ?	04:58
samba35	no i dont think	04:59
samba35	just change hard disk	04:59
samba35	it all work with oracle linux	04:59
thesheff17	do you have the the default route ?	05:00
thesheff17	correct	05:00
samba35	yes i am hopeing that or metric is wrong but dont know how to check that	05:00
thesheff17	sudo route	05:01
thesheff17	the default value will point at your router usually like mine is 192.168.1.1	05:01
samba35	default route is my utm box	05:01
samba35	yes that is route	05:01
thesheff17	nmap is slow...it will be done in a second	05:02
twb	thesheff17: nmap -F	05:02
thesheff17	thx	05:02
samba35	thx ?	05:02
twb	!thx	05:03
ubottu	You're welcome! But keep in mind I'm just a bot ;-)	05:03
thesheff17	lol	05:03
thesheff17	says ftp and https is open nothing else	05:03
twb	thesheff17: putting SSH on a nonstandard port will affect QoS attempts by your ISP et al.	05:03
thesheff17	port 21 and 443	05:03
twb	If you are concerned with brute-force attacks an IPS would IMO be better than relying on obscurity	05:04
thesheff17	this works	05:04
thesheff17	https://www.utmxtm.com	05:04
twb	The page is empty though	05:05
thesheff17	what is this user portal? is that what you are using?	05:05
samba35	hmm that is my utm portal	05:05
twb	http://cyber.com.au/~twb/doc/iptab.ips	05:06
thesheff17	if https://www.utmxtm.com/ is not your linux box you have to do port forwarding.....	05:07
samba35	can you try now https://www.utmxtm.com	05:07
samba35	yes i did that	05:08
samba35	utm box has DNAT rules for all servicess	05:08
samba35	can you try now https://www.utmxtm.com	05:08
twb	samba35: just get a second box and test it yourself	05:09
thesheff17	yea you have bad port forwarding or firewalls rules.	05:09
twb	Probably just triangle routing	05:10
samba35	ok	05:10
samba35	all things are same just change hard disk to oracle linux all works !	05:11
thesheff17	linux on oracle and ubuntu are almost identical	05:11
samba35	dhcp assing ip to linux	05:11
thesheff17	dhcp should never be used for a server	05:11
samba35	ic	05:12
samba35	i dont know that	05:12
twb	thesheff17: I disagree.	05:12
samba35	thank i will try to put staic ip and chaeck yes we have that options open	05:12
twb	Using fixed DHCP allocations to non-core servers allows them to be configured on one end, rather than both ends.	05:12
twb	It does mean the LAN they're on must be ultimately trusted, of course.	05:13
thesheff17	well it sounds like a firewall iptables port forwarding mess....when I hit his portal I knew that wasn't his ubuntu box....him setting up fixed DHCP sounds like another layer of complexity :)	05:15
twb	Granted	05:16
twb	It is certainly useful to switch to manual configuration during testing.	05:16
pehden	does freenode allow dcc	06:53
twb	Dunno, ask #freenode	06:55
onre	irc network does not need to support it	06:55
twb	onre: it's just CTCP	06:55
twb	onre: right?	06:55
onre	it works so that clients send CTCP-style messages to each other and initiate a tcp connection between each other	06:55
onre	yes	06:55
onre	via CTCP they communicate IP addresses and port numbers	06:56
Vivek	Hi	08:28
=== himcesjf1 is now known as himcesjf
Vivek	I am using Ubuntu orchestra and I would like to get a pointer to configuring rsyslog.	08:31
Vivek	I am referring this URL http://wiki.rsyslog.com/index.php/Very_simple_config_--_starting_point_for_modifications	08:31
Vivek	Will this be ok ?	08:31
Vivek	I am using Ubuntu Oneiric and basically want to log remotely to the Ubuntu Orchestration server from a node or nodes.	08:31
Vivek	Thanks in advance.	08:32
Vivek	The rsyslog is not configured by default in orchestra.	08:32
SpamapS	Vivek: did you install 'ubuntu-orchestra-logging-server' ?	08:37
SpamapS	Vivek: orchestra doesn't do much of the configuration for you.. its mostly just a collection of packages... to configure the resulting servers you need something like juju or puppet.	08:39
AlecTaylor	Open-source or closed-source for SaaS? - http://programmers.stackexchange.com/q/130341	08:39
SpamapS	AlecTaylor: great question.. answered and +1'd	08:49
eagles0513875_	hey guys anyone here workign with virt-manager im having some really annoying issues connecting to a remote machine with it	08:49
eagles0513875_	btw morning AlecTaylor Vivek and SpamapS	08:49
AlecTaylor	Thanks SpamapS	08:50
SpamapS	if you can call 01:00 morning. :)	08:51
AlecTaylor	If you call 7:51PM morning :P	08:52
Vivek	SpamapS: yES	08:52
Vivek	SpamapS: I am well aware of the fact that it is a collection of packages with not centralized configuration.	08:53
Vivek	eagles0513875_: Hello.	08:55
SpamapS	Vivek: in that case you really just need to point other machines' rsyslogd at the logging server, and make sure the logging server is configured to accept remote messages.	08:55
Vivek	SpamapS: Do you have any documentation I can refer to ?	08:55
yann__	hello... just had to reboot a server this morning (10.10) http://waste.mandragor.org/linux-memleak.png if anyone got a clue for next time it'be much appreciated :(	08:59
SpamapS	Vivek: just the rsyslogd man pages	09:09
SpamapS	yann__: what makes you think there is a memory leak?	09:10
yann__	SpamapS, I have no software running, killed all running software and restarted what I could	09:11
yann__	and without any software running, using 5GB+ ram	09:11
AlecTaylor	!paste	09:11
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://imagebin.org/?page=add \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	09:11
_godhelpme	hi	09:12
Vivek	ok	09:13
Vivek	SpamapS: Thanks	09:14
eagles0513875_	SpamapS: you ever worked with virt-manager before?	09:15
* AlecTaylor opened up the discussion over whether I should open-source my SaaS: http://openclosedsource.wikia.com		09:18
SpamapS	eagles0513875_: I use it quite often	09:29
SpamapS	yann__: but what do you mean "using" ?	09:30
SpamapS	yann__: htop is somewhat imprecise, try 'free -m'	09:30
eagles0513875_	SpamapS: im having nothing but issues with it getting it to connect to remote server http://pastebin.com/BV50Gf7S	09:30
SpamapS	yann__: memory used in buffers and cache is memory used to opportunistically speed up the system. There is no memory leak, its just in use for better purposes when your programs haven't explicitly requested it.	09:31
SpamapS	eagles0513875_: I don't use it like that	09:31
eagles0513875_	and my friend and i have tested on 10.04 10.10 11.04 and same issue	09:31
eagles0513875_	how do you use it	09:31
eagles0513875_	even connecting to my localhost to test i have saame issue	09:32
eagles0513875_	SpamapS: you using xen as the virt technology of choice?	09:32
smb	eagles0513875_, If it is xen you want to connect, you need to enable the unix server in xend. Unfortunately there are other issues which I have not found solutions for	09:37
eagles0513875_	that didnt do it	09:38
eagles0513875_	any ideas as to these errors smb http://pastebin.com/BV50Gf7S	09:38
smb	It looks like when I had tried to connect to xen without the change in xend (one has to restart too)... Need to start the machine to remember what exactly I changed.	09:40
eagles0513875_	restart what the local hos t	09:40
eagles0513875_	host	09:40
eagles0513875_	or the remote server	09:40
smb	remote server	09:43
yann__	SpamapS, disk cache is yellow in htop :) and no, it's not "faster", i discovered that because I had 5GB swap	09:44
yann__	so I killed everything I could to see what was using so much, and was left with that	09:44
eagles0513875_	smb: giv eme a moment to reboot	09:45
smb	eagles0513875_, no reboot of server needed	09:45
smb	just restart of xend	09:45
eagles0513875_	that is done	09:46
eagles0513875_	smb: now what	09:47
yann__	http://waste.mandragor.org/memory-day.png mmmh.	09:49
* smb needs a bit trying to type, search and talk at the same time does not work that well		09:49
eagles0513875_	no worries smb im here for another 40 min	09:50
smb	eagles0513875_, Ok. :) Well so I think you need to have libvirt-bin installed on the remote xen host, then have /etc/xen/xend-config.sxp have a line like "(xend-unix-server yes)", then sudo service xend restart	09:52
eagles0513875_	libvirt-bin is started already	09:52
eagles0513875_	let me check the xend-config	09:52
eagles0513875_	that didnt work :(	09:54
smb	Hm...	09:55
eagles0513875_	smb: it seems like the remote server is trying to close the connection before i am successfully logged in is the impression im getting from the msg	09:55
SpamapS	eagles0513875_: no I use kvm	09:55
eagles0513875_	ok SpamapS	09:56
SpamapS	yann__: what does free -m show?	09:56
smb	It looks like that, but I had the exact same one because there was no service running...	09:56
yann__	SpamapS, I ll give it a try next time, had to reboot it	09:56
eagles0513875_	smb: let me try it on my local host first	09:56
SpamapS	yann__: I also usually run 'ps auxw O r' which shows the biggest process last..	09:57
SpamapS	clint 3859 4.6 5.9 970108 236588 ? Sl Jan15 13:38 /usr/lib/firefox-9.0.1/firefox	09:57
SpamapS	anyway, time to try and sleep	09:57
yann__	SpamapS, I usually use htop with sorting by memory :) have a good night, thanks for helping	09:57
smb	eagles0513875_, I would assume if you can ssh ok, the virtmanager connect should work	09:57
eagles0513875_	im on the localhost already doesnt work cant seem to establish a connection to the local host	09:58
eagles0513875_	also its seems the remote host is terminating the connection after specifying my password	09:58
eagles0513875_	smb: you using ssh keys or passwords only	09:58
smb	eagles0513875_, ssh keys	09:58
eagles0513875_	smb: is it possible to only use passwords or with virt-manager you must have ssh keys	09:59
smb	eagles0513875_, Should be possible to use both. But let me make sure...	09:59
eagles0513875_	smb: the virt-manager documentation shows remote connectiosn using ssh keys not passwords at least from what i understood	10:00
SpamapS	yann__: also one thing that has gotten me before is if you are using something configured to use HugePages like mysql or postgres.. that memory will show up as "used" by the kernel as soon as you configure the huge pages region.	10:00
smb	eagles0513875_, works both. just without ssh keys there is a local pw dialoque	10:00
yann__	I ll have a look, but I don't think I'm using huge pages :)	10:00
eagles0513875_	smb: im getting the dialogue	10:01
Vivek	SpamapS: FYI rsyslog is automatically configured on Orchestra.	10:01
eagles0513875_	but i cant fathom what is causing me to fail to connect	10:01
smb	eagles0513875_, Just for completeness, you checked that on the remote host libvirtd is running?	10:02
SpamapS	Vivek: oh, cool. :)	10:03
smb	eagles0513875_, And one other thing to check is whether "netstat -a\|grep unix\|grep xend-sock" has some output	10:06
=== gondoi_ is now known as gondoi
=== Myrtti_ is now known as Guest79446
eagles0513875	bk smb :)	10:08
=== Vivek is now known as Guest88234
smb	eagles0513875, Mind that I could then connect, but instance creation still fails because bug 914788 and bug 914792	10:09
uvirtbot	Launchpad bug 914788 in libvirt "libvirt expexts qemu-dm in wrong path for xen" [Undecided,New] https://launchpad.net/bugs/914788	10:09
uvirtbot	Launchpad bug 914792 in libvirt "libvirt: Unable to complete install: ''b454ca30-add4-8f72-8093-99c938e87b46''" [Undecided,New] https://launchpad.net/bugs/914792	10:09
eagles0513875	smb: im guessing im experiencing the first bug	10:09
=== Guest79446 is now known as Myrtti
eagles0513875	actually first one isnt	10:10
smb	eagles0513875, No that only was _after_ being able to connect. :)	10:10
eagles0513875	ahh ok	10:10
eagles0513875	guess its time for a bug to be filed	10:11
eagles0513875	2 bugs	10:11
eagles0513875	virt-manger should automatically pull ssh-askpass	10:11
ikonia	no	10:11
ikonia	I dont think it is a bug	10:11
ikonia	I think it is your setup	10:11
=== Adri2000_ is now known as Adri2000
eagles0513875	ikonia: has to be a bug	10:12
ikonia	why ?	10:12
eagles0513875	tried it on a vm of 10.04 10.10 11.04	10:12
eagles0513875	i have everything there libvirt is installed and running	10:12
ikonia	but didn't smb say he was connecting fine ?	10:12
eagles0513875	ikonia: hes using ssh keys not simple passwords	10:13
ikonia	right - so why ssh-askpass then, as that's normally for keys	10:13
ikonia	eagles0513875: how are you trying to open the virutal manager ?	10:13
eagles0513875	from the kmenu	10:13
eagles0513875	should it be run with sudo from the command line	10:13
ikonia	eagles0513875: have you looked at what the kmenu launcher is doing ?	10:14
eagles0513875	no i havent	10:14
ikonia	eagles0513875: ok - so again, checking this stuff out before logging a bug	10:14
ikonia	eagles0513875: have you tried launching it manually to get some more verbose output ?	10:14
ikonia	check the basics, get info,	10:14
=== schmidtm_ is now known as schmidtm
smb	eagles0513875, I had changed away the authorized_keys to get a pw prompt and that worked, too	10:15
eagles0513875	ahh	10:16
ikonia	I didn't have a problem when I was using it on ubuntu (I'm not any more but it worked fine when I did)	10:16
eagles0513875	ikonia: how can i get verbose output to commandline	10:16
eagles0513875	ikonia: it worked fine when i tested it out with kvm	10:16
smb	eagles0513875, I think I am a bit confused reading. Did you try the netstat line on the remote host?	10:17
ikonia	eagles0513875: just launch it by the command line first, see what it does	10:17
eagles0513875	ikonia: not doing anything	10:18
eagles0513875	smb: no i havent	10:18
ikonia	eagles0513875: what are you typing on the command line ?	10:18
smb	eagles0513875, Ok, could you try? Then we would know whether the socket interface is up	10:18
eagles0513875	smb: what socket interface should i be looking for	10:18
eagles0513875	ikonia: virt-manager	10:19
smb	netstat -a\|grep unix\|grep xend-sock	10:19
smb	unix 2 [ ACC ] STREAM LISTENING 20492 /var/lib/xend/xend-socket	10:19
koolhead11	hi all	10:19
eagles0513875	its there and listening smb	10:21
smb	eagles0513875, Ok, so at least can take that from the list...	10:22
eagles0513875	ok	10:22
smb	eagles0513875, So what is running locally and remotely? I only tested 11.10 and 12.04 combinations currently	10:24
eagles0513875	11.10 on both	10:25
smb	ok	10:25
eagles0513875	well ill be damned i installed kvm on localhost and that connected just fine	10:25
smb	Well, that has always worked. Just that Xen host server came back only with 11.10 and I am not sure how many really tried out with libvirt and xen	10:28
smb	It is quite manual at least	10:28
eagles0513875	:-/	10:28
* smb hopes to improve things until precise release...		10:29
eagles0513875	smb: you work with the virtualization stuff?	10:29
smb	yes	10:29
AlecTaylor	Will open-sourcing my SaaS solution adversely affect my revenue? - Contribute to Discussion and Notes: http://openclosedsource.wikia.com / http://programmers.stackexchange.com/q/130341	10:30
ikonia	eagles0513875: don't you have to make a change to tell it to connect to a xen hypervisor instead of kvm	10:30
smb	ikonia, Yes, that is done when you create a new connection	10:30
eagles0513875	i did i was just testing ikonia to see if i would have the same issues i am having with xen but with kvm	10:30
=== Guest88234 is now known as Vivek
lynxman	morning o/	11:20
eagles0513875_	smb: hey I'm on from web chat at school lol	11:51
koolhead11	ohai lynxman	12:05
Psi-Jack	ikonia: Looks like you're around now eh?	12:39
ikonia	I am around yes	12:39
Psi-Jack	Remember that whole MySQL battle from before? ;)	12:39
ikonia	hello	12:39
ikonia	I certainly do	12:39
eagles0513875_	hi ho :)	12:39
Psi-Jack	heheh	12:39
Psi-Jack	you'll laugh at the results. ;)	12:39
ikonia	one of the more interesting ones	12:39
ikonia	Psi-Jack: please share	12:39
ikonia	very interested	12:39
Psi-Jack	Hehe	12:40
Psi-Jack	Well, the updated kernel and mysql solved the memory usage was mostly solved, but there was an underlying issue causing most of it to begin with. ;)	12:40
ikonia	go on......	12:41
Psi-Jack	We use VMWare vSphere 4.1u2 in our infrastructure for pretty much most every server in our DC, save for a few.	12:41
Psi-Jack	This particular VMWare Guest was set to have initially 4GB, then 8GB, then finally 16GB, but no matter how much RAM we gave it at the hypervisor level, someone had set a Memory Limit on it to 2GB.	12:42
ikonia	really,	12:42
Psi-Jack	So, yeah, the guest was getting 8GB, but only 2GB of it was allowed to be used, and so it was actually swapping out on the HOST OS side to account for it.	12:42
ikonia	that makes sense for what we saw that night	12:43
ikonia	however was that hypervisor limit in place on any other machiens ?	12:43
ikonia	eg: was it effecting any other guests ?	12:43
Psi-Jack	No, it was set just for that one that we found.	12:43
ikonia	I didn't know you could do that, limit it at the hypervisor for just one vm	12:44
Psi-Jack	Yep.	12:44
Psi-Jack	VMWare can do that. heh	12:44
Psi-Jack	Our DBA of all people found it!	12:44
ikonia	I thought the hypervisor settings where global and then everything bellow that was either group policy based, or guest based	12:44
ikonia	impressive	12:44
ikonia	and a nice little feature to be aware of for future use	12:44
ikonia	thanks for sharing Psi-Jack	12:44
Psi-Jack	I don't claim at all to be a VMWare expert, I know Xen and KVM much more, but VMWare still is bleh.	12:44
ikonia	what an annoying issue that turned out to be	12:44
Psi-Jack	Nooooo sh**!	12:45
ikonia	Psi-Jack: vm-ware is what you have to use in business, so no point dodging it	12:45
ikonia	apart from redhat pushing kvm as their cloud platform now	12:45
Psi-Jack	After that, our CPU loads went back to normal, primary use of CPU load is MINIMAL now, and when it is, it's mostly user load, not system load.	12:45
Psi-Jack	That's what got me is MOST of the load was system load, which means core processes.	12:45
ikonia	at least you are sorted now	12:46
Psi-Jack	Yep. :)	12:46
ikonia	an interesting one,	12:46
Psi-Jack	A lot more useful now, and it's funny to see the load levels during prime hours are practically nothing at all anymore.	12:46
Psi-Jack	We have another DB running similarly in another DC, under Xen, and i see a lot of user load, but barely any system load.	12:46
Psi-Jack	That database however, has a lot going on. Both our flagship SaaS product, and our CMS hostings. ;)	12:47
patdk-lap	oh, did someone specify a resource limit for ram?	12:47
Psi-Jack	patdk-lap: Yeah. LOL	12:47
patdk-lap	ya, your miss that unless you use that a lot	12:47
eagles0513875_	learned something new as well about vmware sphere :D	12:47
Psi-Jack	hehe	12:48
Psi-Jack	Yeah, me too!	12:48
patdk-lap	setting resource limits is very nice though	12:48
Psi-Jack	Don't trust VMWAre! hahaha	12:48
patdk-lap	expectially for disk access	12:48
eagles0513875_	Psi-Jack: how do you guys go about creating the xen guests	12:48
Psi-Jack	Well, our disk access is tied to an FC SAN with FC Disks. ;)	12:48
Psi-Jack	eagles0513875: We don't. Our Xen stuff is run in Rackspace, they run Xen. heh	12:48
eagles0513875_	got it	12:49
patdk-lap	I	12:49
Psi-Jack	I don't do Xen anymore myself. Has too many annoying issues like easily corruptable vNIC's.	12:49
patdk-lap	I'm thinking I should just run xen inside vmware	12:49
patdk-lap	for the last legacy things	12:49
Psi-Jack	Yikes!	12:50
patdk-lap	why yikes?	12:50
eagles0513875_	Psi-Jack: how are you creating the vNIC's	12:51
patdk-lap	you need vsphere 5.0 though	12:51
uvirtbot	New bug: #917134 in drbd8 (main) "dbrd8 kernel module and padlock-sha kernel module in deadlock" [Undecided,New] https://launchpad.net/bugs/917134	12:51
eagles0513875_	I'm using a bridged networking setup which is very easy to specify and setup the bridge via the network interfaces file	12:51
eagles0513875_	ikonia: i enabled debugging in libvirt smb is helping me go through that to find out the possible cause of my issue	12:51
Psi-Jack	eagles0513875: They were fully paravirtualized guests, and just using LVS on them for network directing was causing failures that resulted in mysterious packet loss.	12:52
patdk-lap	I'm using my own custom network xen config scripts	12:52
Psi-Jack	Any kind of advanced routing or packet mangling caused these issues on Xen for me.	12:52
eagles0513875_	ahh	12:52
eagles0513875_	well atm libvirt is giving me hell	12:52
patdk-lap	Psi-Jack, odd, I didn't have that issue	12:52
Psi-Jack	And that was Citrix Xen, specifically.	12:52
patdk-lap	I also rarely ran it at high load levels though	12:52
Psi-Jack	The "Commercial Grade" stuff.	12:52
ikonia	Psi-Jack: it was always one of the drawbacks with xen	12:52
ikonia	and why cytrix wrote their own network patches for it	12:53
RootChaos	can anyone suggest a good ubuntu load balance app through personal experience ?	12:53
RootChaos	i need to load balance two smtp servers	12:53
ikonia	lvs	12:54
ikonia	ipvsadmin	12:54
ikonia	adm sorry	12:54
ikonia	simple and easy	12:54
RootChaos	* looking	12:56
RootChaos	thanks very much	12:56
RootChaos	do i need a dedicated server for lvs, or can i run it with other services on a server ?	12:58
Psi-Jack	You should do it dedicated.	12:58
Psi-Jack	Or run it along side with the mailservers.	12:58
ikonia	you can if you are strapped for hardware run the lvs process on the actual service giving servers	12:59
ikonia	you need to be a little more tidy/thought out, but you could do it if you where strapped for hardware	12:59
RootChaos	i have another server running mysql, doing nothing... i could setup lvs on that server which will balance to the 2 mail servers ?	12:59
Psi-Jack	You shouldn't run LVS on a database.	13:00
ikonia	yeah, mail = front end, database = backend, balancing a front end service would put the database at the front	13:00
Psi-Jack	You would be better off running pacemaker+ldirectord on the two mail servers.	13:00
ikonia	plus the performance risk	13:00
Psi-Jack	Just do NOT run a firewall on the same host as LVS	13:00
Jeeves_	Psi-Jack: Why not?	13:01
Psi-Jack	It will eat data for lunch. ;)	13:01
Psi-Jack	Heck, patdk-lap and Omache taught me that. ;)	13:02
RootChaos	ok, but in essence, just to test, i can use an existing server, load lvs and see how it works - then move it to a dedicated box later	13:02
Psi-Jack	RootChaos: You should run it on a front-end facing server. Not a database server.	13:02
RootChaos	ok cool	13:03
RootChaos	i can do that	13:03
Psi-Jack	Often times, people run LVS servers on their webservers.	13:03
Psi-Jack	I'm one that runs two dedicated VMs just to LVS and does nothing else, but nginx name-based and ip-based proxying. ;)	13:04
=== hito_jp0 is now known as hito_jp
Jeeves_	Psi-Jack: I really don't see the issue of combining those two functions	13:05
koolhead11	Daviey: around?	13:05
Daviey	koolhead11: briefly	13:07
koolhead11	Daviey: was writing u a mail	13:07
Daviey	koolhead11: probably better right now	13:07
Daviey	kinda swapping tasks.	13:07
htdutchy	What do I need to install to host a dhcp server?	13:10
Psi-Jack	dhcpd	13:10
htdutchy	E: no installation candidate	13:11
htdutchy	Is there a packet that I can just install with apt-get install?	13:11
Psi-Jack	Here's a tip.	13:12
Psi-Jack	aptitude search dhcp	13:12
htdutchy	I got it dhcp3-server	13:12
htdutchy	thanks	13:12
Psi-Jack	That's the older version.	13:12
Psi-Jack	isc-dhcp-server is version 4	13:13
htdutchy	ah	13:13
htdutchy	isc-dhcp-server isn't available :(	13:14
Psi-Jack	There's also a chance I could be wrong. I'm looking at a Debian server of mine. :p	13:15
htdutchy	ah, well I'm on ubuntu	13:15
htdutchy	webmin picked it up, it's working	13:17
Psi-Jack	heh.	13:18
Psi-Jack	Glad I'm not the only nut job that uses webmin. :)	13:18
Psi-Jack	I do it, though, just to be lazy. I actually know how to go in and fix problems by hand, set them up by hand, etc, ;)	13:18
htdutchy	Yeah, I like working in console, but for a quick configurations like setting up users it's just better	13:19
htdutchy	Primarily I use it for user config, apache, dns and dhcp servers	13:20
Psi-Jack	Oh heck, you don't even utilize it for much then.	13:21
Psi-Jack	You're just plum lazy. :)	13:21
Psi-Jack	I actually use it for the whole cluster effect, change one on one, it replicates that change to the others.	13:22
htdutchy	Ah	13:26
skorv	hey!	13:27
skorv	simple dumb question from a noob.... can i use a ubuntu server as a front end to redirect urls to different web servers within my network?	13:29
Psi-Jack	yes	13:29
skorv	i know how to do it with apache and virtual hosts in a single machine...	13:29
skorv	the question then is... how?	13:29
patdk-wk	Jeeves_, the issue with combining what two functions?	13:30
ikonia	skorv: look at squid and jesred, or apache	13:31
Psi-Jack	skorv: I'd setup nginx with name-based forwards to different transport endpoints as needed for each hostname you need. But that's not the proper way to do what you're asking. The proper way is to have Split-DNS and have internal DNS point to internal server, external DNS point to external IP.	13:31
Jeeves_	patdk-wk: Iptables and LVS	13:32
skorv	Psi-Jack: the proper way sounds complecated	13:32
patdk-wk	iptables and lvs don't mix	13:32
Psi-Jack	skorv: It's not.	13:32
Psi-Jack	It is more maintenance, but proper.	13:32
patdk-wk	lvs injects packets back in, in the middle of netfilter	13:32
Psi-Jack	And you don't have a SPF	13:32
patdk-wk	lvs packets don't match conntrack ever	13:32
Psi-Jack	Nope.	13:33
Psi-Jack	LVS magically moves traffic around without ever telling conntrack about it. ;)	13:33
skorv	i'm managing virtual servers as well as physical ones...	13:33
patdk-wk	well, without telling netfilter about it, and therefor screwing conntrack and some other things	13:33
Psi-Jack	skorv: Yeah, so do I.	13:33
Psi-Jack	patdk-lap: Heh, yep.	13:33
Psi-Jack	Which is partly why running a firewall on an LVS director causes issues.	13:34
skorv	ok.... i'll pick you brain in a couple of minutes... gotto go have lunch	13:34
* Psi-Jack gets a brain-picking needle ready, and cringes.		13:34
patdk-wk	running the firewall in non-stateful mode works, if you don't also need any helper modules, like ftp, irc, sip, ....	13:34
Psi-Jack	Heh.	13:34
Psi-Jack	I hardly even know what a non-stateful firewall is anymore. :p	13:35
Jeeves_	Ok, that kinda makes sense	13:41
Jeeves_	But if the firewall is only firewalling the services that are loadbalanced, it shouldnt be a real issue.	13:41
Psi-Jack	Wrong. :)	13:46
Psi-Jack	That is stateful firewalling.	13:46
Jeeves_	Ehm, that depends how you configure it :)	13:48
patdk-wk	it can be a real issue	13:50
zul	good morning	13:50
* Psi-Jack nods.		13:50
patdk-wk	the issue is, dealthing with non-stateful firewalls	13:50
patdk-wk	in order for that to work, you have to open up much more than you would have to otherwise	13:50
Psi-Jack	Exactly.	13:51
Psi-Jack	Hence, why I run my LVS directors on dedicated VM's that get proxyarp'd to by the front-end firewall. Thanks to patdk-lap's gracious help here. ;)	13:51
patdk-wk	I'm just running two firewalls and two directors, using pacemaker	13:52
patdk-wk	I also have a crapload more ip space to work with than you :)	13:52
skorv	ok... back	13:54
Psi-Jack	patdk-lap: Hehe	13:55
Psi-Jack	Yeah, I still use two firewalls, and 2 directors though. :)	13:55
skorv	for now i'll setup my servers within proxmox(KVM mode) and attach the physical ones later	14:06
Psi-Jack	My LVS directors are all run under KVM, personally.	14:08
Psi-Jack	My firewalls too.	14:08
Psi-Jack	And I too, now use Proxmox VE, but I use 2.0 beta2 with the HA stuff enabled and functioning. ;)	14:10
skorv	i'm still on a old one	14:11
skorv	1.7 i think	14:11
Psi-Jack	1.9 is out, yanno.	14:12
skorv	yea...	14:12
Psi-Jack	Proxmox VE 2.0 is nice, though. It actually comes with kvm official 1.0.0	14:12
skorv	will wait for 2.0 to fully upgrade my server farm	14:13
Psi-Jack	hehe	14:13
Psi-Jack	I upgraded from a series if pacemaker-run libvirt-managed hypervisor cluster to Proxmox VE 2.0 beta 2 which uses cman for it's cluster glue.	14:13
Psi-Jack	I hate cman+rgmanager, but eh.. The system works so far, pretty well.	14:13
skorv	you've set your firewalls in there as well?	14:13
skorv	what did u use	14:14
skorv	?	14:14
Psi-Jack	Yeah, my firewalls are run in kvm guests.	14:14
Psi-Jack	And I use shorewall for my management system for it.	14:14
skorv	i was planing on terting vyatta distro myself but not sure	14:14
Psi-Jack	Don't.	14:14
Psi-Jack	It's just not worth it.	14:14
skorv	pfsense?	14:15
Psi-Jack	Hell no. BSD-based crap.	14:15
skorv	self built?	14:15
Psi-Jack	Shorewall.	14:15
skorv	didnt knew that one	14:16
Psi-Jack	Shorewall is a perl script to manage iptables,works on any distro.	14:16
skorv	ok... so a base install of ubuntu server and that on top of it :P	14:16
Psi-Jack	You edit a few text files to setup the basic concept, it's stateful, and it builds ginormous rulesets that do exactly what you tell it to.	14:16
Psi-Jack	Eh, sure. ;)	14:17
Psi-Jack	I use openSUSE for my firewalls.	14:17
skorv	i tried centos.... but cannot adapt to the dam yum :P	14:17
Psi-Jack	Debian for my webservers and directors, though thinking about moving my directors to Ubuntu seeings that Debian's ldirectord is bugged.	14:17
Psi-Jack	yum is awesome.	14:17
Psi-Jack	Personally I hate the .deb package format. Worst design flaw ever, but it is what it is.	14:18
skorv	maybe because i'm a ubuntu freak... the fist and only distro i ever used	14:18
Psi-Jack	I started with SLS.	14:18
skorv	i tryed debian... fedora... even archlinux....	14:18
skorv	always find my way back to ubuntu	14:19
Psi-Jack	In short, I started Linux before it was even 1.0.0. :p	14:19
skorv	:P	14:19
skorv	me it was in 2008	14:19
Psi-Jack	Youngin. :p	14:19
skorv	with 8.04	14:19
skorv	actually i'm 33 but thats another story	14:19
Psi-Jack	heh	14:20
skorv	2 weeks after installing into my laptop... made my 1st server	14:20
Psi-Jack	Hmmm. Cool. My age.	14:20
skorv	completely brind	14:20
skorv	but did it anyway	14:20
skorv	portugal is an all consuming windows market	14:21
Psi-Jack	I just started young. First computer was a C64, moved up to a CISC, then got into UNIX almost immediately. I was a proud owner of a NeXT cube and Alpha server. ;)	14:21
skorv	not many chances for linux in enterprise... only small companies like my own use it internally	14:21
Psi-Jack	That's a cop-out, and an excuse. ;)	14:21
skorv	for me.... 1985's Spectrum clone Timex 2048	14:21
skorv	c64 was an amazing machine	14:22
Psi-Jack	Did you know Commodore re-made it into a 64-bit CISC machine styled just like the original keyboard unit?	14:22
skorv	nop... thatz amazing	14:23
Psi-Jack	http://www.commodoreusa.net/CUSA_C64.aspx	14:23
Psi-Jack	Legacy reborn! :D	14:25
Psi-Jack	Funny thing is, it's specifically designed for Linux. :)	14:25
skorv	:P	14:27
skorv	amazing	14:27
skorv	so.... how you've set up your network (i'm setting up firewall > server > (webserver 1) (webserver 2)	14:29
Psi-Jack	I have 4 hypervisors, attaching disks via multi-pathed iSCSI to two NAS servers (also running Linux) to act as a storage SAN.	14:30
Psi-Jack	I have two VM's running firewalls, they proxarp VIPs from the front to the LVS directors which I have 2 of, active and failover.	14:31
skorv	2 firewalls? isnt that too much?	14:32
Psi-Jack	From the director, it forwards to the appropriate servers by IP address of two backend webservers. I also run an nginx proxy server for name-based forwarding so that internal servers I don't want normally exposed are masqueraded through the gateway IP.	14:32
Psi-Jack	Nope.	14:32
Psi-Jack	Active and Failover. My primary firewall can go down and the failover will takover without any traffic loss.	14:32
Psi-Jack	I have only 1 SPOF in my network, and that's my cablemodem. ;)	14:32
skorv	ok... me is just 2 physical servers in cluster mode (proxmox) its not an enterprise	14:33
Psi-Jack	Neither is mine. :p	14:33
Psi-Jack	This is just my home setup,.	14:33
skorv	i have 8 machines total.... 2 of them are servers	14:34
skorv	"and i thought i was nutz.... :P"	14:34
skorv	1 cablemodem... a linksys wrt160nl with ddwrt as router.... the rest is just too much computers	14:35
Psi-Jack	8 and only /2/ are servers?	14:35
Psi-Jack	Bleh,. linkcrap.	14:35
skorv	1 is my personal (home) and a laptop	14:35
Psi-Jack	I have 6 physical servers, 14 virtualized servers, 1 performance desktop, 1 personal laptop, 1 company laptop, 1 personal netbook, 1 android tablet, 1 smartphone, 1 smart tv	14:36
_ruben	and you are your power company's favorite customer ;)	14:36
Psi-Jack	Indeed. ;)	14:36
skorv	then in my workshop... 2 servers, 1 workstation, 1 data recovery, 1 "experimental", and 1 acer laptop converted into a media station just for listening to music :P	14:37
Psi-Jack	Bill's more than most people I know, even at work with expensive houses. LOL	14:37
Psi-Jack	Oh, and 1 dedicated NAS storage box, a simple Netgear ReadyNAS Duo.	14:37
Psi-Jack	That's my simple backup resource point. ;)	14:37
skorv	we're crazy you and IO	14:37
skorv	we're crazy you and I	14:37
skorv	:P	14:37
Psi-Jack	This is just my home setup so I can keep on top of everything in my field of interests. ;)	14:38
skorv	ok	14:38
Psi-Jack	It's why I'm one hell of a good systems engineer, and not just a simple system admin.	14:38
Psi-Jack	Soon, I'm actually picking up server grade managed switches. ;)	14:38
Psi-Jack	Because 3 8-port switches just isn't enough.	14:38
skorv	i have a asus 24port 10/100 unmanaged	14:39
skorv	weak i know	14:39
Psi-Jack	Bleh.	14:39
Psi-Jack	I'm 100% GbE	14:39
skorv	:P	14:39
skorv	for a self employed guy here where i live i have more than any other tech i know	14:40
skorv	hardware setup for the servers (now you'll blow my mind)	14:40
Psi-Jack	I'm getting a rack, hopefully today, to actually shelf all my computers onto and organize it better. ;)	14:40
Psi-Jack	Two Dell PowerEdge 830's with dualcore Intel Xeon's and CERC RAID doing RAID-10 on 6-drives. That's my storage cluster.	14:41
skorv	ok....	14:41
Psi-Jack	4 hypervisors running AMD Phenom II X4's with 8GB DDR2 RAM	14:42
skorv	mine is just 2 home grown E8400 Core 2 Duo with asus p45 motherboards	14:42
skorv	1 has 6gb ram... the other 3	14:42
Psi-Jack	Bleh. Intel junk.	14:42
skorv	8400 were good gaming machines	14:43
skorv	my dream setup :P	14:43
skorv	dell's 815 with 4 opterons	14:43
Psi-Jack	At work, we have several Quad-CPU 12-core Opteron's with 256 GB RAM hooked up by FC to an EMC SAN.	14:43
skorv	the new 16 core buldozer	14:43
Psi-Jack	With FC-Disks. ;)	14:43
Psi-Jack	Now, THAT, is a setup. ;)	14:44
skorv	6282SE i think :P	14:44
skorv	oh yea	14:44
skorv	cant afford it	14:44
skorv	so i'll keep on dreaming	14:44
Psi-Jack	Yeah, that's several hundred thousand dollars of equipment. ;)	14:44
skorv	each of those cpus is 1000$	14:45
Psi-Jack	but definitely, AMD is a much better way to go, especially for virtualization.	14:45
skorv	true that	14:45
Psi-Jack	skorv: Yeah, and we have at least 80 of those CPUs. ;)	14:46
skorv	so... i'll probably upgrade my setup latter this year to amd 8150FX	14:46
skorv	jeez	14:46
=== masACC is now known as maswan
Psi-Jack	hehe	14:46
skorv	maybe i can pick up some "old" servers from upgrades. some companies sometimes just "give them away"	14:47
Psi-Jack	The only part I hate about my home setup is, my fricken Dell 830's onboard NIC's don't do jumbo frames.	14:48
skorv	can pick a couple of dual xeon	14:48
Psi-Jack	Pisses me off to no end.	14:48
skorv	when i set my servers up i tryed asus NICs... only to find out they only work on windows	14:50
skorv	:(	14:50
skorv	now i use tp-link's GbE NICs (pci ad pcie)	14:51
skorv	on all my machines	14:51
patdk-wk	hmm, all my home machines support jumboframes	14:53
patdk-wk	running ib at home is really nice too :)	14:53
patdk-wk	nothing better than 64k mtu	14:53
Psi-Jack	patdk-lap: Yeah, all BUT my fricken server-grade computers, the PowerEdge 830's, have jumbo frames.	14:53
patdk-wk	I don't even know what a pe830 is	14:54
Psi-Jack	And for some reason, dropping PCI NIC's into it don't work.	14:54
patdk-wk	the oldest I have around here is a pe r410	14:54
Psi-Jack	Could do PCIe or PCI-X NIC's though.	14:54
Psi-Jack	PCI-X ones are painfully expensive though.	14:55
patdk-wk	heh?	14:55
patdk-wk	you can get intel dual gigabit pcix for like $20	14:55
Psi-Jack	Really? Where!	14:55
patdk-wk	same thing for pcie is going be atleast 120	14:55
patdk-wk	ebay :)	14:55
Psi-Jack	Oh. Bleh.	14:55
patdk-wk	why waste the money on brand new pcix stuff?	14:55
=== caribou_ is now known as Caribou
patdk-wk	expecially with all the companies offloading pcix for pcie	14:56
Psi-Jack	Eh, I suppose.	14:57
Psi-Jack	I'll look into it, anyway. $20 is not bad at all.	14:57
Psi-Jack	Heh, Intel Pro 1000 MT Dual Port NIC GbE PCI-X, $8.94	14:58
Psi-Jack	(+$6.95 shipping)	14:58
Psi-Jack	patdk-lap: ebay's usually the LAST place I look, but this looks promising.	15:01
Psi-Jack	At least for the now solution. :)	15:01
patdk-wk	well, pcix is what I call, expired	15:01
patdk-wk	so ebay is my goto for that	15:01
Psi-Jack	Jumbo frames would definitely improve my throughput to the disks for the SAN of mine, and 2-ports would allow me to keep the DRBD replication going on one isolated network, and expose the volumes via the other port.	15:02
Psi-Jack	Double-Win there. :)	15:02
patdk-wk	I'm using 4 gigabit nics for iscsi round robin	15:02
patdk-wk	atleast till everything is upgraded for infiniband	15:03
* Psi-Jack nods.		15:03
Psi-Jack	Oh yeah.	15:03
Psi-Jack	My ISP FINALLY is "working on" IPv6 support.	15:03
Psi-Jack	Hmmm	15:04
Psi-Jack	They even have PXI-X 2GB FC for like $9.95	15:04
Psi-Jack	PCI-X	15:04
Psi-Jack	I might go that route. Get two of those, and two PCI-X NIC 2-port GbE's.	15:04
Psi-Jack	No need for an HBA-SW with direct connect.	15:05
patdk-wk	I have some of those	15:08
arrrghhh	hey guys. is there any difference between "service <svc> start" and "/etc/init.d/<svc> start"?	15:08
patdk-wk	and a 8 port fc switch	15:08
patdk-wk	mainly got that 2gb fc stuff, cause I have a 24 lto3 tape system, that uses 2gb fc	15:08
Psi-Jack	patdk-lap: Yeah, but direct HBA to HBA should work, too, no?	15:08
patdk-wk	but now I'm getting two netapp shelfs that are 2gb fc also, would like to put them on a 4 port pcie card though	15:09
patdk-wk	yes, direct works with fc	15:09
patdk-wk	I have never run ip over fc though	15:09
Psi-Jack	Thought so. I only have the 3.	15:09
Psi-Jack	With DRBD, it can run over FC without an IP.	15:09
patdk-wk	I think the pcix ib cards are like $40	15:10
skorv	Psi-Jack: i have to admit... you are a better tech than i am	15:12
skorv	Psi-Jack: so... challange accepted :P	15:12
Psi-Jack	heh	15:12
Psi-Jack	Don't worry, I get that a lot.	15:12
Psi-Jack	I literally tested out of many certs without even studying. I even CORRECTED their errors on their own test and proved it.	15:13
Psi-Jack	CompTIA was pretty bad about having little errors on their tests. ;)	15:13
eagles0513875	ikonia: fixed the problem with virt-manager	15:14
eagles0513875	ikonia: turned out virt-manager didnt like the way i had the networking setup in regards to the bridge	15:17
ikonia	as I said, it would be your configuration not a bug	15:19
Psi-Jack	heh	15:21
eagles0513875	ikonia: turns out using the xend config scripts work better then setting up the bridge in the network interfaces file	15:23
ikonia	shouldn't really matter	15:24
Psi-Jack	Yeah, doesn't matter, actually.	15:24
ikonia	I suspect you just set the bridge up wrong	15:24
ikonia	but the scripts set it up correctly	15:24
eagles0513875	ikonia: copied whats on the xen documentation	15:24
ikonia	copying = not good, thought = good	15:24
eagles0513875	http://wiki.xen.org/xenwiki/HostConfiguration/Networking.html	15:27
eagles0513875	ikonia: ^ that is what i followed	15:27
ikonia	showing me the link isn't going to help	15:28
Psi-Jack	Hmmm	15:31
Psi-Jack	I've been considering dropping iSCSI GFS2 in favor of NFSv3.	15:31
soren	zul: Where does the packaging branch for horizon live?	15:38
zul	on Ubuntu or trunk?	15:38
zul	lp:~ubuntu-server-dev/horizon/essex	15:38
soren	I see.	15:39
soren	Thanks.	15:39
zul	problems?	15:39
soren	zul: Only that those packaging branches seem to move around a lot.	15:42
zul	soren: yeah	15:42
soren	Er....	15:43
soren	do you not use bzr builddeb?	15:43
zul	yeah we do	15:43
soren	Uh.. how?	15:43
zul	bzr bd -S	15:44
soren	zul: Well, sure, but how do you actually work on the packages?	15:44
zul	soren: what do you mean?	15:45
soren	How do you make changes to the packaging?	15:45
=== alamar_ is now known as alamar
soren	How do you test them?	15:45
soren	How..	15:45
soren	There's no .bzr-builddeb?	15:46
zul	soren: we use merge proposals etc and we use our openstack-ci to test the packages	15:46
zul	eh?	15:46
arrrghhh	hey guys. is there any difference between "service <svc> start" and "/etc/init.d/<svc> start"?	15:46
arrrghhh	because the latter just worked when the former did not.	15:47
soren	zul: I just don't see what your are using bzr builddeb for?	15:47
zul	soren: fuck i need to add it apparently sorry about that	15:47
soren	zul: Other than a wrapper around dpkg-buildpackage	15:47
soren	zul: Don't apologise. Explain :)	15:47
soren	zul: How are you using this stuff without it?	15:47
zul	soren: i didnt know about the .bzr-builddeb directory	15:47
soren	but..	15:48
soren	How..	15:48
soren	Ok, say you find a bug.	15:48
soren	You want to fix it.	15:48
soren	What do you do?	15:48
soren	Let's say nova/utils.py needs a patch applied.	15:48
soren	Sorry, no, not nova, because I set Nova up to make this work properly.	15:49
soren	Horizon.	15:49
zul	open up a bug in launchpad, propose a branch to be merged send a merge request, i usually merge them	15:49
soren	No no.	15:49
soren	Between "open a bug" and "propose a branch" there's some actual work going on.	15:49
soren	How do you accomplish that?	15:49
zul	soren: right standard procedures apply	15:50
soren	Clearly... They do not.	15:50
soren	That's why I'm asking.	15:50
zul	yes they do	15:50
soren	...	15:50
soren	Well, the tools we've been using for years don't work on that branch.	15:51
zul	yes they do, open a bug, propose a fix and then it usually gets merged whats not standard about that	15:51
soren	Look.	15:51
soren	That's not the part 'm asking about.	15:51
zul	what part are you asking then?	15:52
soren	I'm asking about the part between opeining a bug and propsing a fix.	15:52
soren	The part where you actually fix. the. bug.	15:52
soren	Write code. Apply changed. Edit files.	15:52
soren	*changes	15:52
zul	obviously im missing something	15:53
Daviey	Does this not work, vim debian/control ; "edit something" ; dch -e/-i ; debcommit ; bzr bd -S	15:54
zul	it does	15:54
Daviey	soren: Can you outline issues with that workflow?	15:55
Daviey	.. so packaging changes works?	15:55
Daviey	(zul, we should probably have VCS fields in debian/control)	15:55
zul	Daviey: we do	15:55
Daviey	are you sure	15:56
Daviey	?	15:56
zul	yeah	15:56
zul	Vcs-Browser: http://bazaar.launchpad.net/~ubuntu-server-dev/nova/essex/debian/files	15:56
zul	Vcs-Bzr: http://bazaar.launchpad.net/~ubuntu-server-dev/nova/essex	15:56
Daviey	Hmm, i did just look - but did not see, /me re-checks	15:56
zul	it might not be in the horizon package	15:57
soren	Daviey: Yes, changing debian/control obviously works fine.	15:58
soren	Daviey: bzr bd-do, doesn't work at all, for instance.	15:58
Daviey	Ahh, i see soren's point.. it's an 'upstream only branch'... so you need to run "debian/rules get-orig-source" first, right	15:58
Daviey	?	15:58
Daviey	i thought bzr bd -S, auto ran get-orig-source as pristine-tar's last option?	15:59
soren	I mean, of course there's nothing magical about what bzr bd-do does, but having to do something like that manually? Sheesh.	15:59
soren	This isn't 2007 :)	15:59
zul	oooooh...	15:59
zul	DOH!	15:59
soren	So:	16:00
Daviey	soren: i thought pristine-tar did that automagically?	16:00
soren	How do you make a change now?	16:00
soren	Daviey: Did what?	16:00
Daviey	debian/rules get-orig-source	16:00
zul	soren: i bump the changelog and then do a bzr bd -S	16:00
soren	zul: Ngh...	16:00
soren	zul: I sure hope you actually make changes.	16:00
soren	zul: ..and don't just lie about them in the changelog :)	16:00
zul	soren: obviously thats not kosher	16:01
zul	soren: oh i do	16:01
Daviey	soren: we find it gets bugs closed faster.	16:01
soren	Daviey: Cool :)	16:01
Daviey	soren: so i just checked it out and pristine-tar grabbed the tarball from the archive	16:02
Daviey	when i did bzr bd -S	16:02
soren	bzr bd -S works fine.	16:02
soren	That's not the issue.	16:02
soren	That's boring.	16:02
soren	I'm not asking how you manage to build the packages.	16:02
Daviey	i find it exciting :/	16:02
soren	I'm asking how you work on them? I'm genuinely curious what the workflow looks like when you're not using the likes of "bzr bd-do".	16:03
soren	E.g.:	16:04
soren	For evey other package in Openstack, I can:	16:04
soren	bzr branch lp:~openstack-ubuntu-packagers/nova/ubuntu	16:04
soren	cd ubuntu	16:04
soren	bzr bd-do	16:04
soren	and start hacking away.	16:04
zul	so what we do is	16:04
zul	bzr branch lp:~ubuntu-server-dev/nova/essex	16:04
zul	cd ubuntu	16:05
zul	start hacking way	16:05
soren	No.	16:05
soren	There's only packaing there.	16:05
zul	er...cd essex	16:05
zul	right	16:05
zul	if i want to get a new tarball i bump the changelog and then bzr bd -S	16:05
soren	I've lost faith in this conversation ever going anywhere.	16:06
* soren goes to look at dinner stuff		16:07
smb	zul, Ok, I subsribed you and smoser to the libvirt bugs I openen. Found a funny way to make it work somewhat by stopping and starting libvirt-bin after boot of the host is done...	16:29
zul	smb: k	16:29
arrrghhh	meep	16:29
arrrghhh	anyone? difference between service <svc> start and /etc/init.d/<svc> start?	16:30
smb	arrrghhh, I'd suppose the former only works if there is a upstart job (something in /etc/init)	16:31
arrrghhh	smb, interesting. i didn't realize i had to create that in addition to the file in init.d...	16:32
arrrghhh	i'll take a look	16:32
arrrghhh	thx	16:32
smb	Usually after conversion the thing in /etc/init.d whines about you should be using the other	16:32
arrrghhh	well it's a homemade script	16:33
arrrghhh	;)	16:33
smb	Oh well. So after having the upstart job apparently you make /etc/init.d/foo a link to /lib/init/upstart-job	16:33
smb	arrrghhh, So no you do not need necessarily create an upstart job but in that case service x does not work	16:34
smb	;)	16:35
arrrghhh	i just want it to run on boot	16:38
eagles0513875	smb: ping	16:52
smb	eagles0513875, hmm?	16:53
Daviey	smb: the restarting of libvirt-bin after restart is a dnsmasq + libvirt fight.. jamespage encountered it aswell on the distributed automated testing	16:53
smb	Daviey, Ah ok. It clearly was a race somewhere, just that I did not understand exactly where	16:54
jamespage	smb: ah - thats a nice one that - worked around it by configuring options in the libvirt dnsmasq instances rather than using a system one	16:54
jamespage	you can tell dnsmasq not to listen on certain interfaces which is manual but works	16:55
Bogdaniel	can someone help with this error i'm getting from smartmontools ?	16:55
Bogdaniel	Jan 16 18:49:30 Jupiter smartd[6208]: Device: /dev/sda5 [SAT], offline data coll ection was suspended by an interrupting command from host (auto:on)	16:55
smb	jamespage, Hm, do you have the runes lying magically around?	16:58
jamespage	smb: lemme see	16:58
jamespage	smb: either use except-interface=virbrXXX or only listen on listen-address=XXXX - you can specify multiple times in /etc/dnsmasq.conf	17:01
smb	jamespage, Hm, looking at ps ax, it seems using a mix of both. But thanks, at least then I know where look.	17:03
* smb adds another knob to the table...		17:03
Daviey	There are enough knobs at the table, i feel.	17:04
smb	Yeah	17:04
smb	Funny, don't seem to have /etc/dnsmasq.conf at all	17:04
smb	jamespage, Could it be that in your case the machine also has a public dhcp service running?	17:05
jamespage	smb: yes - we use dnsmasq standalone alongside the dnsmasq-common package used by libvirt	17:27
smb	jamespage, Ah ok. So maybe my need of restart is slightly different that the already found one. bah!	17:30
rbasak	jamespage: can I see your late_command for booting the panda please? I'm trying to ssh-import-id myself and base64-in the script to rewrite the sd card, but neither are working. Thought I'd save the hassle of debugging it if I could have yours :)	17:33
jamespage	rbasak, hmm - looking at it it appears I don't actually do that	17:34
rbasak	lol	17:34
jamespage	I pull in the script to re-image for re-boot	17:34
jamespage	but not my keys	17:34
* jamespage sighs		17:34
jamespage	rbasak, sorry - not much help there!	17:34
rbasak	np, I'll figure it out	17:35
=== dax_roc_ is now known as dax_roc
princej88	hey guys, anyone here have experience installed forked-daapd on ubuntu server?	18:10
Cybercoke	hi guys, i need some help on CACTI , just a few questions...	18:10
princej88	I haven't been able to find a good tutorial..the new iTunes won't connect to firefly :(	18:11
princej88	anyone?	18:12
arrrghhh	princej88, i gave up on daapd, t'was too slow even on a LAN.... sorry. i found mpd to be a much better experience.	18:13
princej88	what is mod?	18:13
princej88	mpd*	18:13
arrrghhh	music player daemon	18:13
roaksoax	kirkland: ping	18:14
arrrghhh	plays music locally or streams it	18:14
arrrghhh	many different interfaces to control it remotely	18:14
arrrghhh	including webui's	18:14
princej88	oh..i am currently using subsonic. will mpd come up in itunes?	18:14
arrrghhh	subsonic is pretty sweet too.	18:14
arrrghhh	mpd come up in itunes? i don't use itunes dude.	18:14
arrrghhh	if itunes can stream http streams, then it'll work.	18:14
princej88	that is the only thing i don't like about subsonic..no native iTunes integration..or any player integration. YOu have to use subsonic player	18:14
arrrghhh	i thought subsonic would stream	18:15
princej88	Okay, ill take a look at mpd.	18:15
princej88	it does..but you have to use a subsonic player	18:15
arrrghhh	i never went all-in on subsonic since they wanted me to pay for the app	18:15
arrrghhh	and i never could get it to work right on the trial, so why would i pay for it...	18:15
princej88	http://www.subsonic.org/pages/apps.jsp	18:15
princej88	you have to use one of those..I wish it would just play though iTunes like firefly used to.	18:16
princej88	anyone tutorials u recommend for setting up mod?	18:16
princej88	mpd*	18:16
arrrghhh	their website is quite good	18:16
arrrghhh	i also made one a long time ago	18:16
princej88	ok cool. i'll check it out. thanks guys for the help	18:16
arrrghhh	not sure if it's still relevant or not, i had issues with aac encoded files with the version of mpd in the repo's	18:17
arrrghhh	np, good luck.	18:17
akhil	hi	18:22
akhil	i have a problem with dell	18:22
=== dendrobates is now known as dendro-afk
akhil	i installed ubuntu 11.04 and ow i am not able to change my brightness.	18:23
akhil	can anybody help?	18:23
arrrghhh	akhil, brightness...? this is a server installation?	18:24
akhil	sorry	18:26
akhil	where should i ask for help regarding this problem	18:27
akhil	plz	18:27
akhil	anr irc client	18:27
akhil	*any	18:27
arrrghhh	akhil, if you're running Ubuntu Desktop, there's simply #ubuntu	18:28
arrrghhh	#ubuntu-server is geared towards the server edition - which comes gui-less. no UI.	18:28
=== dendro-afk is now known as dendrobates
j3d3	my ubuntu 10.10 server has clients logging in to use software. when they print off a report locally is only giving then 1 ot 5 of their pages. anyone have any idea why?	18:40
=== Ng_ is now known as Ng
=== pdtpatrick_ is now known as pdtpatrick
kirkland	roaksoax: pong!	18:51
uvirtbot	New bug: #917309 in openvswitch (universe) "brcompatd works with brctl delif but doesn't with addif" [Undecided,New] https://launchpad.net/bugs/917309	18:56
cr3	hi folks, if I build an ubuntu image in a kvm automatically with a preseed, might there be a simple way to kickoff a command automatically once the system reboots into the installed image?	19:03
zul	cr3: yeah there is the late_command	19:06
cr3	zul: so I'd create an upstart or xdg/autostart script in the late_command which would get executed after the system reboots into the installed system?	19:07
zul	cr3: it should	19:08
cr3	zul: I was hoping for something "simple", but that's not out of my reach. will do, thanks!	19:08
cr3	another question: might there be a convenient way for the kvm system to easily drop files onto the host system, ie the output of the command that'll get run. I guess I could mount a directory on the host filesystem in the libvirt.xml, right?	19:10
zul	cr3: yep	19:11
RootChaos	anyone have a good howto for ubuntu + lvs ?	19:17
=== guntbert_ is now known as guntbert
skorv	Psi-Jack: how do you setup the redundancy?	19:53
cr3	I'm trying to mount a directory on a kvm host from a kvm guest, so I have this in my libvirt.xml: se noai	20:17
cr3	a<filesystem type='mount' accessmode='squash'><source dir='/export'/><target dir='/export'/></filesystem>:se ai	20:17
cr3	not quite, this is what I really have:	20:17
cr3	<filesystem type='mount' accessmode='squash'><source dir='/export'/><target dir='/export'/></filesystem>	20:17
cr3	however, I have no clue how to mount that from the guest or whether that even makes sense	20:18
Bogdaniel	umm can someone help uninstall mysql-server ? i'm having a strange error even if i removed it using apt-get remove mysql-server..	20:46
arrrghhh	did you try purge?	20:47
Bogdaniel	yes	20:48
Bogdaniel	i tried	20:48
Bogdaniel	but umm when i do from terminal mysql i still get	20:48
Bogdaniel	ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)	20:48
Bogdaniel	and that was the error why i tried a reinstall ..	20:48
arrrghhh	was mysqld running?	20:49
Bogdaniel	umm no i don't think so .. i didn't checked .. a little tired here .. :(	20:49
Bogdaniel	i think it was running ..	20:49
JDeagle	Hey can someone help me out with a network issue	20:56
guntbert	!ask \| JDeagle	20:58
ubottu	JDeagle: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience	20:58
JDeagle	ok, so i have this server with a virtual network interface, but everyone outside of the domain cannot access the webserver or vpn. I am not sure I have set up the virtual interface right, and I need to do a little ip masquerading	20:59
JDeagle	!patience	20:59
ubottu	Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/	20:59
arrrghhh	lol	21:00
guntbert	JDeagle: to be honest I cannot understand what you did/what you want	21:01
JDeagle	lemme go into more detail	21:02
JDeagle	I need to setup a virtual interface, i need to route certain packets to the virtual interface. And I also need people to connect to the website that is setup. right now now one can connect to the server and thats what I need help with currently.	21:07
kerframil	JDeagle: that's a very long way from being detailed	21:13
JDeagle	ok lets start with this, how do I allow incomming connections on a specific network interface?	21:18
kerframil	JDeagle: you don't need to, unless you have gone out of you to filter traffic using netfilter/iptables	21:19
kerframil	out of you way, I mean	21:19
JDeagle	ok cause right now my server is not allowing incomming connections, what can i do to fix this	21:20
kerframil	JDeagle: how are you expecting your server to be reached? from where are you connecting, and to what? some information about your network topology would be beneficial.	21:21
kerframil	JDeagle: for example, you mentioned a 'virtual' inteface earlier but that could be taken to mean several things in practice. what's the device name and how was it brought up? what is its address and how does that fit in with your mode of connectivity and the manner in which you are currently trying to reach it?	21:22
JDeagle	lemme look for some documentation, the guy before me did not leave me with a good idea of what is going on. I do know that I need people to hit the web sever from a browser on eth1, the virutal device is setup as eth1:1. I am not quite sure what you mean by how it is brought up. I do know that eth1:1 is beneficial in someform but I am trying to find what it does exactly	21:27
zul	ls	21:28
kerframil	JDeagle: can you convey the address of eth1? (note: there's no security risk in wriing it here as long if it's a 'private' RFC 1918 mandated address as used in a LAN)	21:28
kerframil	writing*	21:28
kerframil	JDeagle: or, to put it another way, does it begin with "10." or "192."?	21:29
JDeagle	its not a lan adderss. but it ends in .5, and teh virtual device is .11	21:29
Rafael	can i place a picture of my screen on pastebin so i can show what my screen shows at boot?	21:29
kerframil	JDeagle: can you just put the output of "ip addr show" in a pastebin? it woudl clarify a great deal.	21:30
JDeagle	yeah gimmie a min	21:30
guntbert	Rafael: Upload an image to http://imagebin.org/?page=add and post a link to it.	21:30
kerframil	JDeagle: also, you can check what netfilter is doing by running: iptables -S -t filter	21:31
JDeagle	want me to put both of those on there?	21:31
kerframil	JDeagle: sure	21:31
JDeagle	http://pastebin.com/RHRpGP7Y	21:33
Rafael	ok ..maybe somebody can help me..i have ubuntu 9.10 on sofware raid md0-boot (raid1) , md1-swap (raid1), md2-system (raid 5), md3-home (raid 5), i have a crash and even though system appears to be working well i get the following screen at boot: http://imageshack.us/photo/my-images/215/20120116104650458.jpg/	21:36
kerframil	JDeagle: indeed, it doesn't appear to be reachable but there's no packet filtering occuring on this particular server. run this also: ss -ltn \| grep :80	21:39
JDeagle	3 connections come up. on .11 .5 and .7	21:40
=== TomasBrincil is now known as snouman
kerframil	JDeagle: is the server behind a firewall? what happens beyond the ethernet port?	21:42
Glitchd	is it cool to ask a question about filezilla in here?	21:42
Glitchd	i mean is it ok..	21:42
JDeagle	It goes to the universities firewall, and they are suppose to allow the connection out.	21:43
Glitchd	anyone know if i need a seperate program for other to download from me if i use filezilla, or with filezilla take care of the downloading and uploading?	21:44
Psi-Jack	Glitchd: FileZilla is just a client, not a server.	21:44
Psi-Jack	And this is by far not related to server stuff.	21:45
Glitchd	so i would need "filezilla server" to make it a complete server then..	21:45
Glitchd	i know but i didnt know where else to ask	21:45
kerframil	JDeagle: tcpdump -i eth0 dst port 80	21:45
Pici	Glitchd: There is no filezilla server for Linux.	21:45
Glitchd	Psi-Jack, ^	21:45
Rafael	can somebody help me with my question	21:45
Glitchd	whats your question?	21:45
Pici	!ftpd \| Glitchd	21:46
ubottu	Glitchd: FTP servers: ftpd, proftpd, pure-ftpd, twoftpd, vsftpd, MuddleFTPd, wzdftpd - Graphical front-ends: PureAdmin, GProftpd (for GNOME), KcmPureftpd (for !KDE) - See also !FTP	21:46
JDeagle	kerframil: its sitting here listening.	21:46
kerframil	JDeagle: I'll attempt to make contact	21:46
Glitchd	Pici, i know, but i couldnt find any other room that sounded like it would help me..	21:46
JDeagle	kerframil: Stuff is coming up	21:47
kerframil	JDeagle: ok	21:47
Psi-Jack	Hmmm...	21:47
kerframil	JDeagle: from virginmedia?	21:47
JDeagle	yeah	21:47
kerframil	JDeagle: well, that's a start	21:47
Pici	Glitchd: like #filezilla?	21:47
JDeagle	kerframil: is that a good thing?	21:47
kerframil	JDeagle: yes. it proves that the firewall is not impeding inbound traffic	21:48
Psi-Jack	GFS2 over iSCSI, with the headache of GFS2 and growing at the main server whenever the time is needed.... Or NFS to XFS and allow for real live upscaling? ;)	21:48
kerframil	JDeagle: route -n	21:48
kerframil	JDeagle: is a 0.0.0.0 destination shown?	21:48
JDeagle	yeah twice	21:49
kerframil	JDeagle: twice? paste?	21:49
JDeagle	0.0.0.0 128.196.147.1 0.0.0.0 UG 100 0 0 eth1	21:49
JDeagle	0.0.0.0 128.196.147.1 0.0.0.0 UG 100 0 0 eth0	21:49
kerframil	JDeagle: check your outband path. can you ping something external?	21:51
JDeagle	like googles dns?	21:52
kerframil	JDeagle: yep	21:52
JDeagle	yeah i can ping it	21:52
kerframil	JDeagle: are you able to access the webserver from where you are?	21:56
JDeagle	yeah everyone on the domain can get to it	21:56
kerframil	JDeagle: it could be that the outbound traffic is thwarted by the university firewall	21:57
JDeagle	what would i need to tell them to fix it?	21:58
=== Madkiss_ is now known as Madkiss
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!