[00:10] <zul> Daviey: so sendfile is not really needed so i dropped it for f1, but python-jsonschema is at https://bugs.launchpad.net/ubuntu/+source/python-jsonschema/+bug/1003729
[00:11] <zul> Daviey: can you also get them to look at dwarves-dfsg, its blocking a new libvirt
[00:12] <zul> Daviey: after that we are all set
[00:12] <Daviey> zul: do you have MIR's open for all of them?
[00:13] <zul> Daviey: yeah
[00:13] <Daviey> zul: ~ubuntu-server as subscriber to the package?
[00:13] <zul> damn it give me a sec
[00:13] <Daviey> http://status.qa.ubuntu.com/reports/ubuntu-server/release-bugs.html .. missing a bunch
[00:15] <zul> Daviey: how do i get it on that list
[00:16] <zul> Daviey: python-repoze.lru, dwarves, python-jsonschema are on the list
[00:18] <Daviey> zul: ~ubuntu-server as bug subscriber, and ~ubuntu-mir subscribed to the actual MIR bug
[00:19] <Daviey> and != Fix Released
[00:19] <zul> Daviey: ack
[01:14] <wolferz> Does anyone have a good suggestion for hosting PDF files on a server, like SubSonic does for audio/video?
[03:26] <tash> I'd like real-time file sync between two servers.  I could use Rsync to run every minute or something, but I want closer to real-time than that.
[03:26] <tash> Does anyone have any practical experience setting something like that up?
[03:26] <twb> drbd
[03:26] <twb> But it's a pain, don't bother
[03:26] <mgw> NFS is no good for you?
[03:26] <twb> Yeah or a simple NFS
[03:26] <twb> Except of course then the content actually only lives on one host
[03:27] <tash> never worked with NFS, and if that data only lives on 1 host, not interested.  If server 1 kicks the bucket I want server 2 to essentially be a mirror of that.
[03:27] <tash> I don't need to sync the entire filesystem either
[03:27] <tash> just a few directories
[03:28] <twb> tash: so put those dirs on their own filesystem
[03:29] <tash> how does that accomplish anything? Not being sarcastic here, maybe ignorant... ?
[03:41] <blkperl> sounds like you want drbd.
[03:42] <blkperl> its not trivial though
[03:42] <twb> drbd is a pain in the arse
[03:42] <twb> FWIW I just do a nightly rsync and if you lose a day of data that's just tough
[03:43] <blkperl> oh theres also glusterfs
[03:43] <twb> For something fancier you need to pay me 10 or 100 times more and in the end it'll probably still be flaky
[03:45] <qman__> that kind of uptime requires serious infrastructure, too
[03:46] <qman__> you _can_ set it up on regular old servers, but it won't work as intended unless you've got the hardware to back it up
[04:00] <twb> qman__: and a NOC monkey to babysit it
[04:03] <patdk-lap_> twb, I thought noc monkeys normally caused the issues
[04:06] <twb> They cause DIFFERENT issues
[04:07] <patdk-lap_> well, maybe, normally same solutions
[04:13] <twb> Always mount a scratch monkey
[04:51] <sponzor> hi. i was timeout from the session. (i was yust installing one problem and went timeout in the midle of setup) how to log in to session again? is there any way? the process is still running
[05:00] <koolhead17> sponzor,
[05:15] <vadi2> Has anyone ran into issues with encryptfs's private file storage size not reflecting original files size?
[05:18] <twb> "reflecting" how
[05:18] <twb> encryption will obviously increase the flie size
[05:19] <twb> It probably can't show the decrypted size without decrypting it, which would be a linear or superlinear operation -- not appropriate for a simple ls -l
[05:20] <lifeless> I think it caches it
[05:20] <lifeless> encryptfs uses backing files
[05:20] <lifeless> but each backing file will be a rounded size (rounded to the size of the cypher block
[05:20] <lifeless> vadi2: ^
[05:20] <twb> gotcha
[05:21] <vadi2> lifeless: my issue is that my home folder is 10gb, my encryptfs for my home folder is 80%, and available space on disk is 0.
[05:21] <vadi2> The situation is critical at this point with 'out of disk space
[05:21] <vadi2>  errors coming up every half an hour.
[05:22] <vadi2> er, 80gb, not %. So something is awfully really broken without my touching it on a clean 12.04 install and I'm hoping there's someone who knows this thing.
[05:22] <twb> pastebin df -h and df -i output
[05:22] <twb> Make that df -m not df -h
[05:22] <lifeless> also mount
[05:23] <twb> cat /proc/mounts
[05:23] <twb> mount output is full of lies
[05:23] <lifeless> heh
[05:23] <vadi2> It says the following: http://pastebin.com/raw.php?i=LSKJqxVP
[05:25] <twb> Well you've managed to fill both of them apparently
[05:25] <twb> "tune2fs -l /dev/sda1" please
[05:25] <twb> I want to know what percentage is reserved for root; it should be at least 5%
[05:25] <vadi2> I did not. Observe this screenshot: http://i.imgur.com/EQuKp.png
[05:26] <vadi2> My home partition is only 9.7gb. I've been cleaning and cleaning it of things without realizing where the issue is. It's 10% of the drive.
[05:26] <vadi2> Sure, moment.
[05:26] <twb> I don't trust baobab.  Try "du -hx / | sort -hr | head -20"
[05:26] <lifeless> vadi2: your / is full; the question is what has filled it
[05:27] <vadi2> One must imagine that it should be trustable... tune says this: http://pastebin.com/c2vryzJP
[05:27] <vadi2> lifeless: is it not encryptfs private files that filled it?
[05:27] <twb> baobab is probably reporting --apparent-size
[05:27] <twb> OK at least you have a reserved %, that's good
[05:27] <vadi2> Here is that du command: http://pastebin.com/pGvLqNEv
[05:28] <twb> vadi2: you need to be root when you run it
[05:28] <twb> sudo du ...
[05:28] <lifeless> vadi2: quite possibly
[05:28] <twb> But it's indicating your /home is using all the space
[05:28] <lifeless> vadi2: twb is, sensibly, assuming that there may be a lot of confusion going on.
[05:28] <twb> So do it on /home as well as /
[05:28] <lifeless> vadi2: due to the encryption layering and so forth.
[05:28] <vadi2> Here is du: http://pastebin.com/7dsLvhYW
[05:29] <twb> lifeless: not to mention there is more than one way to count files
[05:29] <vadi2> That was on / ? I will try /home
[05:29] <twb> vadi2: good.
[05:29] <mgw> tash: re your earlier issue — I just came across ceph — fairly complex as well, though
[05:29] <twb> vadi2: er, you might need to run it on /home/vadi not /home
[05:29] <vadi2> Here is /home : http://pastebin.com/q12fK4cJ
[05:29] <vadi2> I only really have 1 user.
[05:30] <twb> vadi2: run it on /home/vadi
[05:30] <vadi2> Okay
[05:31] <vadi2> It's different: http://pastebin.com/xXLCy0pW
[05:42] <vadi2> Guess that works it out, baobab was wrong! Thanks, I'll stick with this command until it's fixed. Crisis averted...
[05:42] <twb> If you want GUI, xdu can take the output of du and render it graphically
[05:42] <twb> It is much faster than baobab
[05:43] <vadi2> I do, thanks. Baobabs speed is OK on this SSD that sits at the top of the benchmarks I've seen... just need something reliable
[08:11] <qbitza> Hi guys
[08:11] <qbitza> Anyone know if snapshot functions have been removed from virsh? on Ubuntu-10.04
[08:11] <qbitza> and how do I get them back?
[08:23] <twb> Removed as compared to what?
[08:23] <twb> libvirt-bin is not in 8.04
[08:25] <qbitza> twb, 8.04? I'm talking about 10.04
[08:26] <twb> qbitza: to be removed, they must have existed in an earlier release.
[08:26] <qbitza> this page says it exists: http://manpages.ubuntu.com/manpages/maverick/man1/virsh.1.html
[08:26] <twb> maverick post-dates lucid.
[08:26] <twb> i.e. it is newer
[08:26] <qbitza> *sigh*
[08:27] <qbitza> twb, thanks so I need to upgrade the entire server to get snapshots :(
[08:27] <_ruben> heh
[08:27] <twb> It would not be surprising if maverick's virsh had featurse that were not present in lucid; I cannot vouch for this specific case.
[08:28] <twb> qbitza: or you could perhaps do it by hand and bypass libvirt-bin.  Depends on what you want, precisely.
[08:28] <twb> It is worth noting that maverick is not a LTS release and will EOL much sooner than precise
[08:28] <qbitza> I just need to create and rollback snapshots - for testing
[08:29] <twb> For KVM?
[08:29] <qbitza> twb, yeah if I upgrade, I'd go to 12.04
[08:29] <qbitza> Yes
[08:29] <twb> qcow2?
[08:29] <qbitza> Yes
[08:30] <twb> That functionality is present in KVM, if you can work out how to connect to KVM's control pty (or stream, depending on how libvirt-bin invoked it) you can simply tell it to make/delete snapshots as necessary
[08:30] <twb> In kvm -curses, it's Alt+3 to switch to the relevant control console.  I don't remember how you'd do it via libvirt-bin
[08:30] <twb> It's probably using a fifo in which case you can't do it while libvirt-bin is running that VM
[08:31] <qbitza> Any chance of just upgrading libvirt? cause once I manage that, testers (read newbees that like to break things) will be using the functionality
[08:32] <twb> probably not without grief, but you can check backports and so on
[08:32] <qbitza> twb, Okay thanks - gives me some new places to go dig around in
[08:32] <twb> Especially not if you have newbies
[08:32] <twb> Oh and note that virt-manager is utterly terrible as at lucid, and it is also dangerous to hook up a newer virt-manager to an old lucid libvirt-bin
[08:33] <lynxman> morning o/
[08:33] <twb> To the point where I have basically given my users instructions "do not EVER click this, this this or this" re their newer mavericks and my old lucid libvirt-bin
[08:33] <qbitza> Oh... so, an upgrade might not be such a bad idea?
[08:33] <twb> If I could get away with it I'd just ban virt-manager entirely since it's clearly still alpha quality software
[08:33] <twb> IIRC even the virt people said it was not production ready as at the versino lucid shipped
[08:34] <qbitza> Phew that's harsh - so you use KVM straight?
[08:34] <twb> qbitza: I use kvm straight when I'm in charge, when I have some users I use libvirt-bin and as little virt-manager as possible
[08:34] <twb> And try to get them to use virsh instead
[08:34] <qbitza> :) Gotcha
[08:35] <twb> Unfortunately virsh consoel doesn't work at all over libvirt's inbuilt ssh magic &c &C
[08:35] <twb> it's all quite griefful when you are used to kvm -curses and kvm -stdio
[08:35] <twb> Er, kvm -nographics?  Whatever the one is that connects stdio to the guest's serial port
[08:36] <twb> I should point out that my VMs are all servers, not GUI desktop things.  So graphics is either unnecessary or pointless
[08:36] <qbitza> That's our setup here too
[08:37] <qbitza> although we *might* need to do one or two Windoze boxes
[08:37] <twb> I have one, to talk to the stupid goverment tax people who are in bed with MS
[08:38] <qbitza> I find the lack of console access to my VMs a pain, but I manage...
[08:38] <qbitza> kvm -somat/nographics/curses should conenct me?
[08:40] <twb> qbitza: well something like kvm -hda /dev/mapper/VG0-Guest17 -curses
[08:41] <twb> Except that since the guest is probably expecting whatever environment libvirt-bin provides, you might need to pass extra args.  Look at /var/log/libvirt-bin/guest.log IIRC to see how it was started
[08:41] <twb> It's pretty hairy IIRC
[08:42] <qbitza> Sweet
[11:21] <jamespage> adam_g, does bug 1003854 link into the stuff you where doing for openldap? sounds similar
[11:47] <Syria> Daviey:  Hi!
[11:48] <Daviey> hi Syria
[11:50] <Syria> Daviey: Lost the connection yesterday sorry about that, is this correct please? ssh -D my-ip-address:4000 user@VPS-address
[11:50] <Daviey> Syria: no.
[11:51] <Syria> Daviey: I did not what should I use instead of 0.0.0.0:4000 !
[11:51] <Daviey> did not what?
[11:52] <Syria> Daviey: Do I have to do this exactly? ssh -D 0.0.0.0:4000 user@VPS-address ??
[11:52] <Daviey> that is what i would do.
[11:56] <Syria> Daviey: Okay, Then you told me to set the socks proxy as the ip of the laptop and port will be 4000, but my ipad doesn't have a feild for socks proxy? is that okay? it is just a normal proxt field.
[11:56]  * Daviey has to go
[11:57] <_ruben> proxy != socks proxy in 99% of the time
[11:57] <_ruben> so if the ipad doesn't do socks, you'll need to use squid for instance instead
[11:58] <Syria> Daviey: Thank you for your help. It was useful.
[11:58] <Syria> _ruben:  Good news, I will test it later.
[12:10] <vrturbo> Whats the recommended method for setting up MAAS server, dnsmasq seem buggy?
[12:10] <vrturbo> should I use my normal dhcp network server and just use "next server" ?
[12:46] <hallyn> stgraber: I'm about to test http://people.canonical.com/~serge/lxc-always-close-fds.debdiff for bug 1003583
[13:00] <zapotah> did someone repackage and check xen-hypervisor for precise?
[13:02] <zapotah> Could not read keymap file: '/usr/share/qemu/keymaps/en-us'
[13:02] <zapotah> because the path for some reason is /usr/share/qemu-linaro/keymaps/en-us
[13:03] <zapotah> gave a good headache
[13:04] <jamespage> zul: could you give me an opinion on bug 993355
[13:04] <zul> jamespage: yeah lemme try to figure out whats going on here
[13:05] <zul> jamespage:  havent seen that one before
[13:08] <Italian_Plumber> in a situation where more than one user needs to update a website directory, is it customary just ato add them to the www-data group
[13:08] <jamespage> zul, I'm going to fix that nmbd upstart configuration to not fail when testparm returns a non-zero error code
[13:09] <jamespage> its not the intent of the check anyway and generates lots of cruft.
[13:09] <zul> jamespage: ack
[13:11]  * jamespage -> lunch
[13:11] <jamespage> and then those last 21 bugs a in my target for today....
[13:32] <bieb> I installed ltsp with Ubuntu 12.04, I have to connect to Active directory, so I installed pbis (Likewise-open's replacement), I am connected to the AD domain, I can run the commands from command line to verify AD (find-user, find-dc, etc) and can ssh into the ltsp server with my AD credentials. BUT.. on the server I can not get login as an AD user, there is no option for it, I see the user that I created when installing Ubuntu, and guest session.
[13:32] <bieb> There is no option for domain\username to login..
[13:40] <stgraber> hallyn: cool, let me know if it works fine, if it does I'll start preparing the SRU
[13:47] <hallyn> stgraber: it works fine as far as running with open fds.  running lxc-test just to be sure
[13:49] <stgraber> k
[13:54] <hallyn> added the SRU justification to the bug report
[13:55] <hallyn> all right i need to change the lxc-test to only duplicate one, not all tests :)  (for testing with empty and primed caches)
[14:01] <jamespage> smoser, reckon we can get New/Undecided to 0 today?
[14:03] <smoser> jamespage, apt-get --purge remove samba openldap
[14:03] <smoser> done!
[14:03] <jamespage> smoser: +1
[14:04] <jamespage> smoser: see my comment above to zul re samba nmbd failures
[14:04] <zul> jamespage: no ones uses samba anyways
[14:05] <hallyn> stgraber: tests pass
[14:05] <stgraber> hallyn: cool
[14:06] <zul> jamespage: thats old sk00l
[14:08] <jkyle> so, a question. when deploying the MaaS + Juju, you have to have the initial MaaS server to orchastrate the rest of the nodes. And, if I understand juju's model, it has to have a provider like MaaS, EC2,OpenStack, etc. to manage a node.
[14:09] <jkyle> That leaves the MaaS/admin node unmanaged. so it has to be set up manually. Have a missed a feature/ability of juju or some such?
[14:09] <jkyle> s/Have a/Have I/
[14:11] <hallyn> jamespage: o/
[14:11] <jamespage> hey hallyn
[14:12] <hallyn> heh, sorry, that wasy supposed to be \o/
[14:12] <hallyn> obnbd
[14:12] <hallyn> but one \ gets filtered by my input script :)
[14:13] <jamespage> lol
[14:13] <jamespage> \o/
[14:15] <martman> is there a guide/wiki somewhere for installing xen on 12.04? i cant seem to find much
[14:21] <martman> ?
[14:26] <zul> jamespage: filed the python-webob sru btw
[14:26] <jamespage> zul: nice one
[14:29] <smoser> jamespage, so https://bugs.launchpad.net/ubuntu/+source/nmap/+bug/1003326 is confirmed?
[14:29] <smoser> you left incomplete.
[14:30] <jamespage> smoser: yes it is - I was just looking to see if nmap6 fixes ipv6 stuff
[14:30] <jamespage> methinks we might be overlapping
[14:30] <smoser> yeah. i was acutally buildin gnmap6
[14:30] <smoser> nmap6
[14:31] <smoser> on a brain-dead-hope-it-works merge.
[14:35] <bieb> any lightdm gurus around?
[14:35] <smoser> jamespage, well, simple merge failed. so that'd be more work to figure that out (i just tried building hte debian package). didn't even bother with building nmap
[14:36] <smoser> building nmap outside of ubuntu package.
[14:36] <smoser> i'm always confused as to what constitutes triage.
[14:36] <jamespage> smoser, I think thats probably a step to far TBH
[14:37] <jamespage> its about confirming bugs in the current version in the archive - rather than their absence from a future version
[14:42]  * apw has hit an upgrade bug on a server package (lucid->precise) is there somewhere these get tracked for the .1 point release ?
[14:42] <apw> bug #1003971
[14:43] <apw> Daviey, ^^
[14:48] <Daviey> apw: the bug task is pointed to .1.. so it should be good
[14:48] <Daviey> (we need to do some work to create better SRU reports)
[14:48] <Daviey> thanks for letting me know
[14:49] <jkyle> Daviey: hey, what do you guys use to orchastrate your initial admin node?
[14:51] <apw> Daviey, heh yeah only cause i pointed there :)
[14:55] <jamespage> adam_g, is the no-change rebuild still required for openldap for bug 990742?
[14:58] <stgraber> hallyn: nice to see Christian's patchset on lxc-devel this morning!
[14:59] <hallyn> yup
[15:03] <jamespage> anyone know anything about how kolab works?
[15:04] <mr-rich> Is https set up by default on Ubuntu Server 12.04?
[15:05] <zul> jamespage:  it needs php i think
[15:05] <jamespage> zul, more wondering what it does with openldap configuration
[15:05] <jamespage> bug 994843
[15:06] <jamespage> I *think* its failing because it can't access the kolab ldif files...
[15:06] <zul> jamespage: its a recommend for kolabd
[15:07] <jamespage> zul, yeah - I just read the README - it has a kolab_bootstrap step which munges your system
[15:07] <zul> jamespage: bah
[15:07] <jamespage> sorry - that sounded derogatory to kolab - 'configures' would be a better work
[15:07] <jamespage> word
[15:29] <tash> I setup software raid on my server that has 2 drives in it. It is RAID1.  If I lose a drive, do I have to do anything to rebuild the array?
[15:29] <tash> Or does it rebuild on its own when I put a new drive in?
[15:31] <stgraber> hallyn: wrt close-fds, I'm wondering if it doesn't make sense to actually completely drop the option but just keep it in the SRU
[15:31] <stgraber> hallyn: IIRC upstream LXC never actually released a version with that change so I don't see any reason to keep backward compatibility with something that was never released
[15:37] <hallyn> stgraber:  but we want the option to keep working for precise
[15:38] <stgraber> hallyn: correct. Your debdiff looks good for the SRU, I just don't think we want to use that one for quantal and upstream
[15:40] <hallyn> stgraber: quantal and upstream already automatically close them, so there's nothing to do
[15:41] <stgraber> hallyn: ah, ok, I missed that sorry.
[15:41] <hallyn> oh, maybe not.  what on earth
[15:41] <hallyn> stgraber: upstream does seem to have -C --close-all-fds option
[15:42] <hallyn> but, apparently, when that isn't specified, it simply warns but doesn't fail nor close the fds
[15:42] <hallyn> if im' reading this right
[15:42] <stgraber> and I just confirmed that quantal still lists --close-all-fds in --help, I think this should go away
[15:42] <hallyn> do you have a precise lxc handy?
[15:42] <stgraber> yep, I have precise lxc pretty much everywhere
[15:43] <hallyn> sorry i meant a quantal lxc
[15:43] <stgraber> I have that too
[15:43] <hallyn> so you could run the testcase from the bug description
[15:43] <hallyn> and see if it starts the container
[15:44] <stgraber> except the kernel in quantal is still buggy and tends to oops/panic on container startup :)
[15:44] <hallyn> jinkeys
[15:44] <stgraber> let's try, maybe I'll be lucky and will just get an oops ;)
[15:45] <hallyn> stgraber: as for remving the close-all-fds, i think maybe we should just suggest it upstream but let them do it
[15:46] <stgraber> hallyn: ./execme works fine on qunatal
[15:46] <stgraber> *quantal
[15:47] <hallyn> and 'works' means the container starts up?  :)
[15:47] <stgraber> right
[15:47] <hallyn> cool
[15:47] <hallyn> thanks
[15:48] <stgraber> hallyn: I'll send an e-mail to lxc-devel with a proposed patch to drop --close-all-fds (making it clear it's just a suggestion :))
[15:49] <hallyn> k
[15:51]  * jamespage high 5's smoser
[15:51] <jamespage> http://reports.qa.ubuntu.com/reports/ubuntu-server/triage-report.html - New/Undecided bugs == 0
[15:51] <smoser> hooray!
[15:51] <smoser> 1 bucket empty.
[15:51] <smoser> now noone open any new bugs!
[15:52] <jamespage> only 252 in the next bucket!
[15:53] <lynxman> jamespage: "only" :)
[15:53] <RoyK> testing one two
[15:55] <stgraber> hallyn: I'm not sure I see why --close-all-fds isn't needed on quantal. Looking at the code, it's only set to 1 if -d is specified.
[15:55] <lynxman> RoyK: three
[15:56] <RoyK> thanks ;)
just doing some testing to see if irssi is logging while on an encrypted fs, which is automatically closed when I log out, and it seems at least it's buffering sufficiently to flush it when I get back in...</offtopic>
[16:01] <bieb> Ubuntu 12.04 LTSP.. connecting to Active Directory with Likewise, to get the other user option back, one must disable the user list and guest account in lightdm or use the gtk greeter... is it as simple as going into lightdm.conf and change the line greeter-session=unity-greeter to "gtk-greeter" or is there more to it?
[16:02] <stgraber> bieb: http://paste.ubuntu.com/1004958/
[16:02] <stgraber> bieb: for /etc/lightdm/lightdm.conf
[16:02] <hallyn> stgraber: no, case 'C': args->close_all_fds = 1; break
[16:03] <bieb> stgraber: awesome! will try it now
[16:05] <stgraber> hallyn: right, but that should only apply when called with -C no?
[16:05] <stgraber> hallyn: I don't see why close_all_fds would be set to 1 if I don't start with -C or -d
[16:05] <hallyn> my_longopts has {"close-all-fds", no_argument, 0, 'C'},
[16:06] <hallyn> so if you pass --close-all-fds, it'll send 'C' tothat fn
[16:06] <hallyn> so, the argument is there.  But it's quite useless to have not passing the arg as an option :)
[16:07] <zooko> Hey folks! Does anyone have strong juju fu and you value privacy and security for end users, and you want to collaborate on writing a charm for Tahoe-LAFS?
[16:07] <zooko> I think it should be pretty easy.
[16:07] <stgraber> hallyn: right, let me rephrase that then ;) I don't see why close_all_fds would be to set to 1 if I don't start with one of -C, -d, --daemon or --close-all-fds
[16:07] <zooko> For one thing, Tahoe-LAFS servers do not need to do anything in response to other servers or clients coming or going.
[16:07] <zooko> So that's some charm code that we don't need to write right there. :-)
[16:08] <hallyn> stgraber: correct, it would not.
[16:08] <stgraber> so WTH is execme working on quantal? it should surely fail :)
[16:09] <hallyn> no, it is giving you a warning message and then not failing, bc the code to make it fail was taken out :)
[16:10] <stgraber> oh right, it'll print a warning "inherited fd %d" but won't actually close the fd...
[16:10] <zooko> Also, Tahoe-LAFS is already in Ubuntu, so we don't even need to configure a PPA.
[16:10] <hallyn> right.  IMO a worse behavior than failing :)
[16:11] <stgraber> agreed... I'll send a patch dropping all the close_all_fds stuff and making the close() stuff the default (instead of printing a warning)
[16:11] <stgraber> now things make sense ;)
[16:11] <hallyn> excellent :)
[16:14] <stgraber> hallyn: looking at the code, I'm not sure to understand the reason for the "goto restart" in the loop iterating all the fds, was there an actual problem with just calling close(fd) and continuing?
[16:14] <hallyn> stgraber: yes, because originally that was then where we returned an error
[16:14] <hallyn> (look at the precise package's code)
[16:14] <hallyn> so you can get rid of that now
[16:15] <stgraber> oh, right, yeah, makes sense :) whoever moved it to a warning probably could have removed the goto though...
[16:16] <hallyn> yeah i don't know when that happened.  it may have been a merge of two patches.  (it's possible i did it, but i don't think so)
[16:18] <hallyn> yeah that was a commit by Greg Kurz (92c7f6295518decd3989b2790d758888551e7d9a)
[16:20] <grendal-prime> ok..this is sort of irratating
[16:21] <grendal-prime> I have a bit of a "involved" network configuration (vlans..and openvpn bridging to them ..stuff of that nature right)
[16:21] <grendal-prime> well for whatever reason on system boot i get this....prolonged networking start up.
[16:22] <grendal-prime> waiting for network configureation.  then Waiting 60 more seconds for network configuration...
[16:22] <grendal-prime> then "booting system without full network configuration"
[16:23] <grendal-prime> everything seams to work right. but i dont understand what it does not like and more importantly i dont like the 2 min prolonged boot time.
[16:25] <RoyK> grendal-prime: server? if so, pastebin output of ifconfig -a and pastebin /etc/network/interfaces
[16:26] <grendal-prime> ya its server..
[16:29] <grendal-prime> http://pastebin.com/PgffR0r3
[16:33] <RoyK> grendal-prime: only thing I can think of is that using eth0:x is somewhat outdated, but then, using the iproute2 way with 'up ip addr add ...' probably won't let you specify the vlan
[16:41] <grendal-prime> should i set up the vlan using a raw device
[16:42] <grendal-prime> i thought that the eth0.1 was the way to do it now?
[16:44] <stgraber> hallyn: I really need to spend a couple of hours playing with git send-email... every time I have to use it I end up spending 30min trying to figure out the right way of calling it and it never sends exactly what I want ;)
[16:46] <hallyn> I think I always just do : git format-patch -o subdir -n HEAD~n; cat > intro_msg << EOF ... EOF;  then git-format-patch --no-chain-reply-to --to thelist --compose subdir (:r intro_msg in editor)
[16:48] <stgraber> hallyn: yeah, I guess I should switch back to doing format-patch and send-email separately, being able to do it in a single call is nice until you want to change anything ;)
[16:48] <adam_g> jamespage: bug 1003854 looks to be something different than what i had fixed via SRU
[16:48] <rbasak> I just git format-patch and then just cat and :r in mutt when writing my email
[16:49] <hallyn> cringe - yeah i like to stage everything ahead of time :)
[17:00] <zul> hallyn: ill fix dwarves
[17:02] <hallyn> it's broken?
[17:04] <zul> hallyn: ftfbs due to some multi-arch issue (mterry is doing the mir)
[17:04] <hallyn> zul: thanks
[17:04] <RoyK> grendal-prime: seems ip(8) has vlan support these days
[17:04] <RoyK> grendal-prime: but I don't get it - you have an ip address on that interface and then a tagged vlan virtual interface on the same?
[17:06] <RoyK> grendal-prime: is eth0 connected to a tagged vlan port on the switch, or an untagged one, or are you using a mix? a mix would probably be quite messy IMHO
[17:07] <RoyK> grendal-prime: or, on what vlan does 204.94.93.3 belong?
[17:08] <RoyK> grendal-prime: if it's a tagged vlan interface, the address set on eth0 won't get any connection...
[17:11] <grendal-prime> i always get confused about this.
[17:12] <RoyK> ok, is eth0 connected to a tagged port?
[17:12] <grendal-prime> the vlan is physically attached to the eth0 (aparetnly)  I then bridge my vpn traffic to it
[17:13] <RoyK> the vlan isn't physical ;)
[17:13] <grendal-prime> should i just add another interface for the vlan?
[17:13] <grendal-prime> ok soo let me explain what i am trying to do..
[17:13] <grendal-prime> you might be able to explain a better path.
[17:14] <RoyK> grendal-prime: no, what I'm saying is that the port in the switch to which your server is connected, is usually configured as either a static port or a tagged port, static being a member of one (or sometimes more) VLANs
[17:14] <RoyK> or, can be a "tagged" port, accepting VLAN-tagged packages
[17:14] <RoyK> not packages
[17:14] <RoyK> frames
[17:14] <RoyK> a tagged frame is like any ethernet frame, but with a VLAN tag attached
[17:15] <grendal-prime> i have alot of vpn clients that all connect with a tap and bridge to a huge network space.  (ya i understand the traffic is taged.)
[17:15] <RoyK> it can also be a "mixed" port, allowing both untagged frames and tagged ones, but personally I find that messy
[17:15] <grendal-prime> ok well the eth0 is a public interface
[17:16] <RoyK> I'm talking about the switch port
[17:16] <RoyK> erm...
[17:16] <RoyK> not sure here - vpn clients attach to tap and it's *bridged* to the inside?
[17:17] <RoyK> wouldn't it be easier to route it, to stop unwanted broadcasts and whatnot to pass through?
[17:17] <grendal-prime> ya but that would require changes to clients wich we do not have the ability to do
[17:18] <grendal-prime> i want to bridge the traffic to a vlan.  (this has to do alot with the fact that the appliances that are connected point to a specific ip address)
[17:18] <RoyK> ok, so apparently, the port in the switch is in mixed mode, meaning untagged traffic goes to port N as decided by the switch, and it allows some other (or all) VLANs set by the OS
[17:19] <grendal-prime> the machine is a vm
[17:19] <grendal-prime> by the way it does work...the way it is configured.
[17:19] <zul> adam_g: after f1 is uploading we can start thinking about SRU
[17:19] <RoyK> and the host handles the different VLANs?
[17:20]  * RoyK wouldn't setup a system like that, not like that, or perhaps, at gunpoint
[17:21] <grendal-prime> RoyK, the info i pastedbined is all from the openvpn server (ubuntu12.04)
[17:21] <grendal-prime> it is a vm on vmware
[17:21] <grendal-prime> ya well i dont have much choice
[17:21] <RoyK> hence the gunpoint? ;)
[17:21] <grendal-prime> exactly
[17:21] <RoyK> ok, so it works, but takes a while to boot up?
[17:21] <grendal-prime> as far as the vlan.  what is the best way to set that up.
[17:22] <grendal-prime> ya it works great..but like i say..the error bothers me
[17:22] <grendal-prime> and slows down the boot...but back to the vlan..
[17:22] <grendal-prime> is thats what it dows not like..what would make it..well..cleaner?
[17:23] <RoyK> grendal-prime: AFAICS, iproute (or ip(8)) doesn't support that flexibility with VLANs(yet?)
[17:23] <grendal-prime> should i add another interface and associate the vlan with that ?
[17:24] <RoyK> no, an interface belongs to its hardware (or virtware if you want)
[17:25] <RoyK> I was just a bit confused with both eth0 and eth0.1 having connections with eth0.1 being the only one tagging frames
[17:26] <grendal-prime> well i have to have a physical device for the vlan.
[17:26] <grendal-prime> i always thought of it as...a container for the lan
[17:26] <grendal-prime> sorry a container for the vlan.
[17:27] <grendal-prime> so would it help if i just make another interface that is just for vlans?
[17:27] <grendal-prime> im a little confused why a vlan has to have a physical interface at all honestly
[17:28] <RoyK> if vmware could give that vm a "physical" interface for that vlan, that would probably be the easiest
[17:28] <grendal-prime> i was under the impression that a vlan is like a ...virtual box that you can put networkable connections onto..like a software switch...
[17:29] <RoyK> http://en.wikipedia.org/wiki/VLAN
[17:31] <RoyK> my short version: If you want to separate two LANs on a switch, use two VLANs, say, ports 1-12 for VLAN1 and ports 13-24 for VLAN2. Then someone says "let's connect another switch", and you use port 25 for VLAN trunking, meaning "tagged VLAN" in which the ethernet frames are prefixed with a small tag saying "I belong to VLAN X"
[17:31] <RoyK> that way, you can configure a firewall with, say, four networks on the same NIC, given a switch supporting VLAN tagging like 802.1Q
[17:32] <stgraber> hallyn: will you have some time later this afternoon to review the lxc SRU? it looks like it's going to be a pretty big one
[17:33] <grendal-prime> are you mixing subinterface type traffic with vlan..because my understanding was subinterface traffic is just thrown around with everthing else on the interface were vlan tagging is taged and the phisical interface traffic does not see it
[17:33] <grendal-prime> is subinterface traffic what you mean when you say untaged traffic?
[17:34] <RoyK> grendal-prime: pre-up vconfig add eth0 1
[17:34] <RoyK> that's vlan tagging
[17:35] <RoyK> oh, why is that under eth0.1?
[17:35] <RoyK> grendal-prime: try moving those vconfig lines under th0
[17:35] <RoyK> eth0
[17:37] <stgraber> grendal-prime: defining eth0.1 is enough to tell ifupdown to setup VLAN ID 1 on eth0, no need for the pre-up/post-down
[17:37] <stgraber> having them there will most likely mean one of them returning non-zero breaking part of your setup
[17:38] <RoyK> stgraber: vconfig is VLAN (802.1q) things - a virtual NIC!=VLAN
[17:39] <stgraber> RoyK: as the maintainer of the vlan tool and ifupdown, trust me, I know ;)
[17:39] <RoyK> stgraber: :)
[17:39] <grendal-prime> wow
[17:39] <grendal-prime> looks like i came to the right place
[17:39] <stgraber> http://paste.ubuntu.com/1005121/ is my test machine
[17:40] <grendal-prime> ok stgraber sooo you can tell me what the bootup check does not like in there?
[17:40] <stgraber> as you can see, you can perfectly define an interface called <physical interface>.<VLAN-ID> and it'll just work, no need for pre-up or post-down
[17:40] <RoyK> stgraber: sorry, misundestood there - : =! . in this setting, right?
[17:40] <RoyK> got it
[17:41] <stgraber> grendal-prime: you can check in /var/log/upstart/network-*.log but my guess is that your pre-up and post-down are breaking it, try to comment them and see if that solves it (they shouldn't be needed)
[17:42] <RoyK> stgraber: thanks :) (not that I'm grendal-prime, but I learned another thing just now)
[17:42] <stgraber> the ifupdown vlan hook will automatically run vconfig as a pre-up if the interface entry in /etc/network/interfaces contains a . followed by a vlan id. Running vconfig twice will likely fail, causing the interface to fail to come up and your system to hit the 120s fallback code
[17:43] <stgraber> RoyK: http://www.stgraber.org/2012/01/04/networking-in-ubuntu-12-04-lts/ contains some more if you're interested, trying to cover the changes that happened in 12.04
[17:43] <RoyK> thanks
[17:43] <grendal-prime> i knoticed in your config you dont specify a vlan anywhere..
[17:43] <grendal-prime> im just asking by the way
[17:44] <RoyK> .vlan
[17:44] <stgraber> grendal-prime: I do, read carefully :)
[17:44] <stgraber> auto bond0.1005
[17:44] <stgraber> iface bond0.1005 inet dhcp
[17:44] <grendal-prime> auto bond0.1005  ?  does that syntax just imply a vlan?
[17:44] <RoyK> implies vlan 1005
[17:44] <stgraber> these two lines mean, create a interface bond0.1005 that's VLAN 1005 on top of bond0 and run dhclient on it
[17:45] <grendal-prime> ok cool i didnt realize that would do it
[17:45] <stgraber> "man vlan-interfaces" also contains some examples of the supported syntax
[17:45] <grendal-prime> than you very much.
[17:45] <stgraber> np
[17:47]  * RoyK just found out that Windows 2008R2 server doesn't have native support for VLAN at all, but allows the NIC driver software to add some
[17:48] <grendal-prime> and i know why that is
[17:48] <RoyK> the win thing?
[17:48] <grendal-prime> windows suck...and blows...at the same time!  It sort of   "Blucks"
[17:49] <RoyK> windows sucks, sure, but I'd have thought not that badly
[17:49] <grendal-prime> it was working for me some time back...but after some time...it started sucking again..pretty quickly really
[17:50] <stgraber> yeah, Windows never had VLAN support for some weird reason... maybe to try and get people to buy more managed switches and NICs
[17:50] <grendal-prime> thats exactly why
[17:50] <grendal-prime> they sell some sort of software switch im sure for 1200 bucks
[17:52] <RoyK> stgraber: most larger setups have managed switches, but I was setting up a 10Ge NIC for some Hyper-V node and it'd be rather nice to have that VLAN support in the OS and not in some driver with no support from M$
[17:54] <grendal-prime> actually the sofware switch will be 10 the piece of digital pvc reducer that is needed to connect it is 1190 bucks
[17:54] <RoyK> not that M$ support matters much - it's merely worthless anyway
[17:54] <grendal-prime> its great if you get paid by the hour
[17:55] <grendal-prime> you can even play light sports while you are waiting.. just need  a blue tooth headset.
[17:55] <RoyK> really, unmanaged switches isn't much fun in a large network
[17:56] <RoyK> I know they're overpriced, but then, I'm not the one paying
[17:57] <RoyK> but try to setup a redundant network with non-managed switches without SPT and you'll have a hard time
[17:57] <RoyK> STP even
[18:08] <patdk-wk> heh, I have a single 8 port unmanaged switch, not used
[18:08] <patdk-wk> only use l2 or l3 switchs everywhere, even at home
[18:08] <patdk-wk> I love vlans :)
[18:09] <shimo> anyone know how to get OS on bochs emulator to communicate with browser on localhost? Bochs can hear browser request, but browser can't hear Bochs.
[18:13] <hallyn> stgraber: one thing,
[18:14] <hallyn> stgraber: have you tested with two open fds?
[18:14] <hallyn> stgraber: bc i'm not sure that readdir() won't get messed up after you close one of the files
[18:14] <hallyn> after all, /proc/self/fd/5, after you close it, goes away, and changes the list of files under /proc/self/fd :)
[18:15] <hallyn> I'm not sure whether readdir caches and is safe from that
[18:15] <stgraber> oh, good question. I didn't test that case, no. I'll test it once I'm done with the SRU (which wouldn't be affected by that problem anyway)
[18:16] <hallyn> right iw as just looking at your email.  would be easy enough to write a standalone test prog :)
[18:16] <hallyn> maybe i'll do that.  be fun.
[18:17] <stgraber> yeah, I supposed you could just do two fopen, then call the same loop looking at /proc/self/fd and trying to close them, see what happens
[18:17] <stgraber> *suppose
[18:19] <jkyle> when using juju in combination with MaaS can you specify which servers are to be used for which services?
[18:20] <axisys> how to find the exact size of disk?
[18:21] <axisys> vgdisplay or pvdisplay does not give it
[18:21] <hallyn> stgraber: eh, my stupid testcase suggests it's fine
[18:21] <hallyn> (I fopen 3 files, do a similar loop closing the files, and look at the remaining /proc/self/fd/ contents at end)
[18:23] <stgraber> hallyn: good :)
[18:24] <axisys> also how do I find the disk rpm?
[18:25] <stgraber> SpamapS: hey, SRU question for you. I'm working on the next lxc SRU. Quantal got quite a few improvements to lxc-ubuntu that I want to SRU (missing entries in /etc/hosts, hardcoded ubuntu releases, wrong package list, potentially racy DNS config, ...) but there also are 1-2 changes that are just cosmetic (replacing making space indent consistent, adding the missing header to /etc/network/interfaces)
[18:25] <axisys> fond some info in dmesg
[18:25] <axisys> [   10.377599] ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
[18:25] <axisys> [   10.451994] sd 0:0:0:0: [sda] 3907029168 512-byte logical blocks: (2.00 TB/1.81 TiB)
[18:25] <axisys> [   10.384558] ata1.00: ATA-8: HITACHI H7220AA30SUN2.0T 1031MS6EHZ, JKAOA28A, max UDMA/133
[18:25] <stgraber> SpamapS: I could certainly cherry-pick the 90% of the changes we want and skip these bits, but as it's changing the indent, it's going to make it a pain for any other fix we want to backport later on
[18:26] <axisys> google gave me the rest
[18:26] <axisys> thanks
[18:26] <stgraber> SpamapS: so are you fine with me pushing these cosmetic changes along so we can keep the patches identical and keep the ability to cherry-pick whole patches without having to rebase them all everytime?
[18:30] <SpamapS> stgraber: yes, a cleaner patch is much better than a weird one. :)
[18:31] <SpamapS> stgraber: make it easy on us in the SRU team, and we'll make it easier on you. :)
[18:32] <stgraber> SpamapS: perfect, thanks. Any preference on the changelog side? I was wondering if it's worth splitting the actual bugfixes from the nice to haves that we get by pulling the whole patch?
[18:32] <RoyK> axisys: just cat /proc/partitions - that's the easy way
[18:33] <grendal-prime> stgraber, thanks man you were right i took those out and it booted rigth up
[18:34] <grendal-prime> i was using a gui tool to manage that..(i was asked to do that)  it added those i believe
[18:34] <zul> adam_g: ping for 979745 the patch has made it into stable/essex right?
[18:35] <RoyK> grendal-prime: gui tools are worthless compared to configuring things the right way ;)
[18:35] <zul> adam_g: nm i answered my own question
[18:35] <grendal-prime> agreed. unfortunatly its not always my call.
[18:36] <grendal-prime> and if i dont try out what they want to use..i cant explain why they should not use it
[18:36] <SpamapS> stgraber: the changelog needs to document all the bugs that are being fixed
[18:36] <SpamapS> stgraber: and be somewhat human readable
[18:36] <SpamapS> stgraber: other than that, I think its up to you
[18:45] <adam_g> zul: http://paste.ubuntu.com/1005256/ going to upload glance f1 unless you've got any objections
[18:46] <zul> adam_g: ensure_versioned_db_models.patch why isnt it upstream again?
[18:46] <zul> other than that i dont
[18:47] <adam_g> zul: not sure if its upstream-able.  i hope to work that out in the coming weeks
[18:47] <zul> ack
[18:47] <zul> im fine with it
[18:51] <stgraber> hallyn: hmm, while reviewing the lxc-ubuntu delta between precise and quantal I noticed that we apparently upgrade the chroot twice in download_ubuntu, can you take a look? I believe it's your code :)
[18:52] <hallyn> lemme check
[18:52] <hallyn> "cause I don't believe you" :)
[18:53] <stgraber> it looks like you do it once without lxc-unshare and once without, so it looks like a bad merge
[18:54] <zul> hallyn: cmake is fun
[18:57] <hallyn> stgraber: oh, in q.  i was looking in p
[18:58] <stgraber> hallyn: yeah, in q. I noticed it when diffing p and q for stuff to document in the changelog
[18:58] <stgraber> hallyn: another thing I noticed and isn't mentioned in the changelog is added mac_override to the list of dropped capabilities
[18:59] <hallyn> the list of dropped caps went back and forth last cycle iirc
[18:59] <stgraber> I'm not going to get these two for the SRU as the upgrade code looks like a merge mistake and I can't find the rational for dropping mac_override
[18:59] <hallyn> anyway the duplication is also upstream
[18:59] <stgraber> oh, nice :)
[19:01] <stgraber> hallyn: planned SRU: http://paste.ubuntu.com/1005289/
[19:02] <hallyn> stgraber: yeah commits 2e44ed1e647d9fd1544b7ad855bda22ca71abd12 and 15da01b3938d7ba45472e6c9d3b183a94dd86ca9 both introduce that bit
[19:03] <stgraber> hallyn: k, do you want to take care of fixing that in Quantal and upstream or should I put it on my list?
[19:03] <hallyn> heh, oh no, did we duplicate the effort of writing a patch to remove '()' from cleanup()?  :)
[19:04] <stgraber> oh, no, just put it under the wrong name :)
[19:04] <stgraber> I cherry picked yours
[19:05] <hallyn> sigh.  can i ask, is there an advantage to have every line in lxc-start-ephemeral be sudo'd, versus just requiring sudo access to lxc-start-ephemeral?
[19:05] <hallyn> i mean, thinking in therms of an admin having to give sudo access to each tool...
[19:06] <hallyn> as well as cleaning up the script itself
[19:06] <hallyn> I realize something needed to be done, but i woudl think the thing to do is remove all sudo calls
[19:07] <hallyn> zul: "what was wrong with make?"  :)
[19:10] <hallyn> stgraber: in any case, that's one honkin' patch, but nothing stands out to me that woudl be wrong.
[19:10] <hallyn> passes the tests I assume?
[19:10] <hallyn> stgraber: oh, I'll send the patch to fix the template.  thanks.
[19:11] <stgraber> hallyn: I wondered the same for lxc-start-ephemeral, the problem is that it unfortunately kind-of works in 12.04 without these fixes, so I can't simply change the behavior in the SRU
[19:11] <hallyn> good point
[19:11] <stgraber> hallyn: I'd definitely be happy to drop all the sudo calls in quantal and check for root privileges though
[19:12] <hallyn> gary_poster: ^ can you give a good reason not to do that?
[19:14] <stgraber> hallyn: haven't tested it yet ;) I just wanted to make sure I have everything in there, I'll now push it to my PPA for a test build, then run the tests against it.
[19:14] <stgraber> hallyn: where's your lxc test suite again (for some reason I don't have it around anymore...)?
[19:14] <hallyn> i didn't find any other bugs that still have 'needsru' tag
[19:14] <hallyn> lp:~serge-hallyn/+junk/lxc-test
[19:14] <gary_poster> hallyn, +1 on removing sudo calls
[19:15] <gary_poster> they don't quite work anymore anyway IIRC
[19:15] <hallyn> well stgraber fixed those.  but i don't like them :)
[19:15] <stgraber> gary_poster: well, they work now in Quantal and will be fixed in Precise with the SRU ;) it's just that it makes the code quite complicated when it could just be fixed by calling the whole thing with sudo
[19:16] <gary_poster> stgraber, heh.  As I said, I'm +1 on simplifying and removing
[19:16] <gary_poster> "it seemed like a good idea at the time..."
[19:16] <gary_poster> but in retrospect maybe not so much
[19:17] <hallyn> stgraber: so you have no fixes queued for quantal right now?
[19:18] <hallyn> not sure i want to push a new version just for this little fix
[19:18] <stgraber> hallyn: nope, nothing queued here
[19:19] <stgraber> hallyn: I opened a bug for it so we don't forget it, so if you want to simply stack it in the branch, I guess that's fine
[19:24] <hallyn> stgraber: I don't see the bug yet.  do you have a #?
[19:24] <hallyn> stgraber: meanwhile, we should at some point brainstorm about bug 1003888
[19:27] <stgraber> hallyn: bug 1004118
[19:27] <zul> hallyn: dwarves ftbfs fixed
[19:28] <hallyn> woot
[19:28] <stgraber> hallyn: Launchpad likes hiding any bug that's fixed in the dev release and not in SRU, so I'm now using this instead: https://bugs.launchpad.net/ubuntu/+source/lxc/+bugs?field.searchtext=&orderby=-date_last_updated&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=FIXCOMMITTED&field.status%3Alist=FIXRELEASED&field.status%3Alist=INCOMPLETE_WITH_
[19:28] <stgraber> hmm, I doubt IRC will have let me paste it in one chunk...
[19:29] <stgraber> hallyn: http://goo.gl/jW02g
[19:30] <hallyn> stgraber: i guess that's probably a more robust solution than adding 'needsru' tags :)
[19:31] <hallyn> all right, i feel like i've fiddled the day away with nick-nack bugs :)  one more though (libcgroup)
[20:08] <stgraber> gary_poster: can I get you to update the description of bug 994752 with the needed information for the SRU?
[20:09] <gary_poster> stgraber, will do.  tomorrow ok?
[20:09] <stgraber> gary_poster: yeah, I'll probably upload to -proposed in an hour or so (waiting for test suite to finish running) but the packages won't land into -proposed until tomorrow I guess
[20:11] <gary_poster> cool stgraber I made a todo and will ping you when done as well
[20:12] <stgraber> gary_poster: cool, thanks
[20:17] <bencord0> hi, I've been trying out ubuntu 12.04 MaaS and I'm trying to add it to my own network.
[20:17] <bencord0> https://wiki.ubuntu.com/ServerTeam/MAAS#Configuring_DHCP says that I can use my own dhcp server, but I can't find any documentation.
[20:17] <bencord0> I'm using ISC dhcp btw
[20:18] <bencord0> anybody know what options the dhcp server needs to send out?
[20:18] <RoyK> bencord0: iirc the trick is to set the boot server parts and point it to the right server
[20:20] <bencord0> RoyK: any idea which ones they are? I'm assuming it's just a PXE boot or similar mechanism, but I don't know which options to use
[20:22] <RoyK> bencord0: no idea, for tftp boot, 66,67 seems likely
[20:22] <RoyK> bencord0: or google tells me so ;)
[20:26] <patdk-lap_> heh?
[20:26] <patdk-lap_> dhcp = 67/68 and tftp is 69
[20:27] <bencord0> I think I figured it out, ISC DHCP has an option literally called 'next-server'
[20:28] <bencord0> I've just added ... "next-server <ip>;" to my /etc/dhcp/dhcpd.conf and restarted
[20:28] <bencord0> no complaints so far
[20:31] <bencord0> but I still need a 'option bootfile-name' line
[20:33] <RoyK> man dhcp-options
[20:34] <bencord0> I mean, I need the string to put into that option. it's a file name
[20:37] <stgraber> hallyn: test suite passed, uploaded to -proposed and poked #ubuntu-release about it so whoever sees it first isn't too scared at the big diff and changelog :)
[20:42] <hallyn> great
[21:12] <bencord0> Ahah! found it
[21:12] <bencord0> option bootfile-name "/pxelinux.0";
[21:13] <bencord0> there were some hints under /etc/cobbler/dhcp.template
[21:31] <roaksoax> adam_g: I can have various nova-schedulers for a single availability zone right? Or only 1? And what's the maximum amount of compute node's per scheduler?
[21:38] <koolhead17> hi roaksoax i suppose you can have only one scheduler and there is no limitation on number of compute node on a scheduler in a availablity zone
[21:39] <adam_g> roaksoax: you can have many schedulers
[21:40]  * koolhead17 scratches his head. adam_g i will test it tomorrow then
[21:41] <roaksoax> adam_g: so do the schedulers share information about what they have been loadbalancing between compute nodes?
[21:42] <roaksoax> adam_g: e.g. I can have 2 compute nodes and 2 schedulers and both schedulers balanace instance initiation between the two compute nodes?
[21:42] <adam_g> koolhead17: i could be full of it, but IIRC they're just popping jobs of the message queue
[21:42] <adam_g> roaksoax: you can, the scheduling policy used is configurable
[21:43] <roaksoax> adam_g: ok cool, I'll look into that. Thanks for the info
[21:43] <adam_g> roaksoax: compute hosts utilization is stored in the database, some schedulers use that information to make intelligent decisions as to where to cast new VMs
[21:44] <koolhead17> adam_g, yes sir. your right seems like i screwed up my config last time then
[21:44] <adam_g> roaksoax: i havne't played around too much with the scheduler but you should look through the code. i know the default scheduler does some intelligent scheduling based on host utilization (memory, cpu, etc)
[21:44] <roaksoax> adam_g: ok cool
[21:45] <urthmover> how do I figure out what the latest current stable version of apache is?
[21:46] <roaksoax> adam_g: does this make sense to you? Am I correct? http://pastebin.ubuntu.com/1005564/
[21:49] <adam_g> roaksoax: what is this for?
[21:49] <adam_g> roaksoax: the first line is debatable :)
[21:51] <roaksoax> adam_g: its the proposal I'm writing for integrating Powernap into OpenStack
[21:51] <roaksoax> adam_g: and I'm gonna use it for a class I have lol
[21:51] <adam_g> ah
[21:53] <blendedbychris> any idea
[21:53] <blendedbychris> where can i find out how to setup snmp for a remote monitoring system?
[21:53] <blendedbychris> i installed it and am a bit confused as to how to add users
[21:54] <jmedina> what is that remote monitoring system?
[21:55] <jmedina> blendedbychris: do you want to configure the snmpd agent with snmp v3?
[21:56] <blendedbychris> jmedina: it's solarwinds something something...
[21:56] <blendedbychris> i think so?
[21:56] <blendedbychris> i installed snmpd is all so far and commented the listen on localhost only and uncommented the 163 port listen
[21:57] <jmedina> well that is all you need for a simple setup with snmp v1 or v3, if you want to use authentication, you need to setup snmp v3
[21:57] <jmedina> I always use the guide in the cacti wiki
[21:58] <jmedina> I dont know if there is a official guide for ubuntu
[21:58] <blendedbychris> okay how do i do the latter… it says not to edit /var/lib/snmp/snmpd.conf in that file but it says otherwise in /etc/snmp
[21:58] <jmedina> probably this can help: http://www.fineconnection.com/How_to_install_and_enable_SNMPv3_on_a_linux_system_for_authentication_en_encryption_testing
[22:01] <blendedbychris> which dern file do i put creds in heh
[22:01] <blendedbychris> http://pastie.textmate.org/private/ldfnlwnnyvpus5equaz4a
[22:01] <blendedbychris> ah i think just the createUser tokens :)
[22:02] <blendedbychris> would help if they just put that first stuff in that lib file
[22:03] <ZenMaster> I have an issue with tomcat7 running on ubuntu-server and users not being able to login.
[22:06] <blendedbychris> interesting
[22:08] <jkyle> anyone seen badly behaving apparmor with tcpdump issues before?
[22:09] <jdstrand> jkyle: please file a bug against tcpdump if you have apparmor denials
[22:09] <jkyle> it's tough to debug, going ot go poke around. but when it happens it crashes networking
[22:09] <jkyle> so I get kicked from the VM
[22:09] <jdstrand> jkyle: are there apparmor denials in /var/log/kern.log?
[22:10] <jkyle> sec, gotta get into the dom0, kill the libvirt process, restart the vm, etc.
[22:13] <jkyle> this is all we really get
[22:13] <jkyle> type=1400 audit(1337897559.713:10): apparmor="STATUS" operation="profile_load" name="/usr/sbin/tcpdump" pid=470 comm="apparmor_parser"
[22:13] <jkyle> May 24 22:12:39 i-00004bd4 kernel: [   13.465149] init: failsafe main process (423) killed by TERM signal
[22:14] <jkyle> in kern.log
[22:14] <jdstrand> then it shouldn't be apparmor
[22:14] <jkyle> we see this intermittantly (tcpdump killing eth0 on virts)
[22:14] <jdstrand> if you want to be sure, you can do 'sudo aa-disable /etc/apparmor.d/usr.sbin.tcpdump'
[22:14] <jkyle> had an engineer report that he got rid of it by killing apparmor
[22:15] <jkyle> hm, no aa-disable
[22:15] <jdstrand> there are no silenced denials in the tcpdump profile
[22:15] <jkyle> looks like a 10.10
[22:15] <jdstrand> jkyle: sudo apt-get install apparmor-utils
[22:17] <jkyle> no hang after disabling
[22:18] <jdstrand> jkyle: try this:
[22:18] <jdstrand> sudo sysctl -w kernel.printk_ratelimit=0
[22:18] <jdstrand> sudo aa-enforce /etc/apparmor.d/usr.sbin.tcpdump
[22:18] <jdstrand> maybe you are hitting kernel rate limiting
[22:19] <jdstrand> jkyle: do you have auditd installed?
[22:19] <jkyle> didn't hang that time
[22:19] <jkyle> interesting
[22:20] <jkyle> what is the unit of the rate limit?
[22:20] <jdstrand> jkyle: seems like it probably isn't apparmor, but an intermittent failure
[22:21] <jkyle> jdstrand: could be that too. the rate limit idea is a start. I'm not keen on bringing this site down during this time of day..but this will give me something to debug around when it pops up again
[22:22] <jdstrand> jkyle: fyi, if you have auditd installed, apparmor denials are logged to /var/log/audit/audit.log
[22:46] <blendedbychris> jdstrand: have you configured snmpd yourself?
[22:47] <jdstrand> me? not in ages
[23:04] <grendal-prime> stgraber, hey man
[23:04] <grendal-prime> so question..
[23:04] <grendal-prime> i mean really do i need to give any info to the vlan?
[23:05] <grendal-prime> if i just set it to manual..
[23:06] <grendal-prime> then bridge my vpn to it.   i guess what im wondering is do i really need to assign an ip, subnet and all that to something that is basically pretending to be switch..that i would not do that to in the first place?
[23:11] <stgraber> grendal-prime: just use "iface <INTERFACE>.<VLAN> inet manual"
[23:12] <grendal-prime> why would i assign one?
[23:12] <stgraber> if you use inet manual you won't need to set an address or netmask
[23:14] <grendal-prime> i mean im just currious i use to set them up just like an interface.  with netmask and all that..  is there any advantage to that?
[23:48] <blendedbychris> why are the configs between lucid and precise for snmpd so drastically different?