/srv/irclogs.ubuntu.com/2012/11/30/#ubuntu-server.txt

Gaming4JCHey all, trying to migrate from a worthless VPS server. Is it possible from a SolusVM Serial Console to start sshd on the VPS. It is running Ubuntu.01:06
Gaming4JCtheir support team told me they would not be able to assist because of "my bad configuration" which appears to be a problem on their end, can't ssh into the VPS :(01:07
sarnoldGaming4JC: do you have a login: prompt on the serial console? or is it stuck somewhere else?01:07
Gaming4JCsarnold: I can get into root at serial console, however I'd like to turn ssh back on and login as my user and backup my stuff locally.01:08
sarnoldGaming4JC: excellent. first things first, run apt-get update && apt-get install openssh-server openssh-blacklist openssh-blacklist-extra01:09
sarnoldGaming4JC: if it wasn't installed yet, this will install it. if it is installed, it ought to be a no-op01:09
=== n0ts_off is now known as n0ts
Gaming4JCsarnold: It has sshd but it's only for the control panel, it's like a limbo account. I can't login as my user and the IP is different from the VPS (it would appear to be spawning an SSH shell on the control panels IP itself) :-/ ??01:11
Gaming4JCat any rate I should be able to backup most of my stuff from this shell, even though user permissions are all wrong and I can't get dropbox to sync as my user01:12
sarnoldGaming4JC: hrm; are you trying to use password or keys? when you try to ssh in, what error do you get?01:13
Gaming4JCsarnold: trying to use passwords. I'm getting Connection refused01:14
sarnoldGaming4JC: check netstat -anp output and see which IPs your sshd is bound to01:15
sarnoldGaming4JC: check iptables -L output and make sure you can connect to your sshd from your client01:15
Gaming4JCsarnold: inside of Serial console it is bound to 0.0.0.0 and ipv6 ::: :(01:17
Gaming4JCok I think I have something, it's letting me login from root and drop to user, at least then I can innitiate a backup01:18
Gaming4JC:)01:18
sarnoldGaming4JC: 'it' == serial console, right?01:20
Gaming4JCsarnold: yes, ran a netstat -anp inside of serial console and you can see an sshd running and bound to 0.0.0.001:21
Gaming4JCwow.01:24
Gaming4JCbegin to see the problem. I'm inside the VPS and can't even ping google.com01:24
Gaming4JCit can't reach the internet01:24
sarnoldGaming4JC: hey, that's progress and a good reminder to check the basics. :)01:25
Gaming4JCyes, was overthinking the obvious :)01:26
sarnoldGaming4JC: ip addr show ; ip route show   ... make sure those look sane? :)01:26
Gaming4JClooks pretty insane - http://pastebin.ubuntu.com/1398178/01:27
Gaming4JCthat's ip addr show01:27
FauxFauxDOWN01:27
Gaming4JCheh, I think I'll cancel my subscription ASAP. :|01:28
sarnoldwow. never seen 'lo:..down' before. :)01:29
Gaming4JCWell, I guess I could have expected as much for 1TB bandwith 1GB of memory and 100GB of space for $100 a year.01:30
Gaming4JCcheap :P01:30
sarnoldthat sounds like a good deal, indeed :)01:30
Gaming4JCIt worked for 11 months with 80/75% up-time and 512MB of ram :)01:31
FauxFaux80% uptime, eh.01:31
sarnoldhaha01:31
Gaming4JCthey told me it's my fault it runs so bad01:31
Gaming4JCepic support.01:31
Gaming4JCran Minecraft on it ;)01:31
FauxFauxNone of our other customers noticed!01:31
FauxFauxTo be fair, http://www.hetzner.de/hosting/produkte_vserver/vq7 is about competitive with that, and they are a serious hosting company (i.e. 98+% uptime).01:32
FauxFauxhttp://www.hetzner.de/en/hosting/produkte_vserver/vq701:32
FauxFauxThat's unfair, it's probably 99.99%+01:32
sarnoldthat's the third time in three weeks I've heard good things about hetzner :)01:32
Gaming4JCnot heard of them but will keep it in mind. I got one of the LowendBox ChicagoVPS packages ($300 for $30 Cybermonday deal) that I'm going to test out next01:33
Gaming4JCgotta love 90% discounts01:33
Gaming4JCI expect a lot01:33
Gaming4JC;P01:33
FauxFauxI said cheap, not good.  Their server auction, https://robot.your-server.de/order/market , is pretty awesome, if you want, say, more than 100gb of storage for under €30/mo.01:33
FauxFaux(Which is why I'm with them.)01:33
Gaming4JCChicago VPS was $30 for a year01:34
Gaming4JC:)01:34
FauxFauxSounds awful. =p01:34
Gaming4JC2GB of ram, 1TB of bandwith and 50GB of space01:34
Gaming4JCw00t01:34
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
kantlivelonghey all.. im setting up a raid 5 using mdadm.. im a bit confused on what to do.. i made autodetect partitions on each drive.. the total size will end up over 4TB requiring GPT.. do i need to make a partition on the md0?02:34
=== Ursinha is now known as Ursinha-afk
=== Ursinha-afk is now known as Ursinha
patdk-lapkantlivelong, heh? you need gpt if your making a partition and if the drive is >2tb02:50
patdk-lapyou don't need to partition md0 if you don't want to02:50
patdk-lapdepends on what your doing02:50
patdk-lapyou could must format it with your filesystem02:50
patdk-lappartition it, then format02:50
patdk-lapor install lvm on it, then format the lvm parts02:51
patdk-lapif you don't boot from it, no need for partitions though02:51
sarnoldpatdk-lap: why would you need to partition it if you boot from it?02:51
=== chilicuil_away is now known as chilicuil
patdk-lapsarnold, cause grub will get upset? and so will the bios02:52
=== n0ts is now known as n0ts_off
sarnoldpatdk-lap: hrm, grub can find its way through raid5? :)02:53
patdk-laphmm, yes02:53
patdk-lapgrub has had raid support for awhile02:53
sarnoldnice!02:54
=== n0ts_off is now known as n0ts
patdk-lapI don't know of the limitations, if any02:54
patdk-lapcause I would never boot from my data disks02:54
=== n0ts is now known as n0ts_off
=== Guest3512 is now known as Chalaman
Chalamanhello all03:17
ruben231hi guys03:19
ruben231any help on this please, i got error---------------------> http://pastebin.com/yEMZuc6F -------------------------> http://pastebin.com/TSA2EEcM03:20
lvmerWhat do you guys use to DLNA to a "smart tv" ?  minidlna?03:25
lvmeror is there something like media tomb?03:25
ruben231guys any help there03:29
uvirtbotNew bug: #1064320 in python-glanceclient "Error on deleting image membership" [Medium,Fix released] https://launchpad.net/bugs/106432003:56
=== chilicuil is now known as chilicuil_away
=== Psi-Jack_ is now known as Psi-Jack
=== Gallomimia_ is now known as Gallomimia
=== Ursinha is now known as Ursinha-afk
=== n0ts_off is now known as n0ts
=== ibiris|afk is now known as ibiris
D3RGPS31how can i skip the warning dialogue for no swap when installing server 12.10 through kickstart07:53
=== Ursinha-afk is now known as Ursinha
=== th0mz_ is now known as th0mz
Sander^workCan anyone recommend software for alert monitoring and graphing of server performance?08:22
pndemcI installed Zpanel on my ubuntu server, and now I can't launch my game servers, it keeps telling me "No such fule or directory" when it gets to either ./steam or ./srcds_run08:31
vezqSander^work: Zabbix08:41
Sander^workvezq, What is it based on?08:42
Sander^workvezq, I would prefer something with an agent.08:44
Sander^workvezq, Would prefer something which dosn't require snmp configuration.08:48
progre55hi guys. How do you set a timezone on a remote server without interactvity? "dpkg-reconfigure tzdata" requires some extra actions from the user =)09:12
vezqSander^work: it has an agent, not snmp required09:12
FauxFauxprogre55: Set /etc/timezone then run dpkg-reconfigure -f nointeractive tzdata.09:23
FauxFauxWell, on Debian, anyway.09:23
progre55FauxFaux: thanks, will try that09:24
* pr3d4t0r eyes FauxFaux.09:39
BrixSatany one here with cisco any connect  vpn client? (i cant seem to make it run automaticaly in ubuntu server)10:04
BrixSati have to make the connection manualy by typping the commands10:04
BrixSatin to the vpn program of cisco10:04
mjau^morning!10:14
mjau^what apache version does the latest ubuntu-server run?10:14
rbasakmjau^: https://launchpad.net/ubuntu/+source/apache2 will give you a summary10:16
=== n0ts is now known as n0ts_off
mjau^rbasak: ah, so 2.2.22 then? do you know if it's got OCSP support?10:17
=== n0ts_off is now known as n0ts
=== disposab1e is now known as disposable
BrixSatnobody with cisco vpn?10:49
greppynot on linux.10:53
=== cpg is now known as cpg|away
satyawe are getting tcp reset on port 80, while other ports are getting accessed properly .. there is no firewall which is running on the system .. can anybody provide any clue or help12:52
FauxFauxWhat happens if you stop the webserver?12:54
RoyKsatya: check the webserverlogs12:55
satyathere is no request which is getting logged on webserver12:56
satyapacket getting tcp reset as we see in tcpdump12:56
RoyKsatya: and netstat -ln --tcp shows you're listening to port 80?12:56
satyayup12:56
RoyKwhich webserver?12:57
satyanginx12:57
RoyKperhaps try to strace -f nginx12:57
satyait works if we run on any other port other than 8012:57
RoyKperhaps try to strace -f `pidof nginx`12:57
RoyKeh - that doesn't make sense...12:57
RoyKperhaps try #nginx12:58
satyaeven we tried with nc -l 80 after stopping nginx12:58
satyastill no luck12:58
RoyKdo the packets arrive to port 80?12:59
RoyKdoes it work from localhost?12:59
satyayes12:59
RoyKyes what?12:59
satyaboth yes12:59
RoyKno idea - must be an nginx issue...13:00
RoyKthat is - I really don't know13:00
FauxFauxI love the way people just ignore me.13:00
RoyKiptables -vnL shows an empty set?13:00
satyawe stopped nginx and made port 80 listening using netcat13:00
satyayes iptables show empty13:00
FauxFauxSo, kill netcat and try to connect.  What does the client get/13:01
satyahttp://paste.ubuntu.com/1399034/13:01
RoyKkill nginx and netcat and check with netstat -ln --tcp if something's listening13:01
FauxFauxJesus fucking christ.13:01
satyanothing is listning on port 8013:03
satyaand the response is13:03
satyatelnet: Unable to connect to remote host: Connection refused13:03
satyawe suspect some kernel firewall or some sort of thing in os which is sending resets to port 8013:05
Kartagissorry if not appropriate question here, but would using pvcreate on an already existing partition wreck it?13:16
=== n0ts is now known as n0ts_off
RoyKKartagis: it'll overwrite whatever's there, yes13:21
RoyKor at least the start of it13:21
jamespageDaviey, just added the check for irqbalance to the default server test in raring13:23
Kartagisthanks RoyK, looks like it's useful to make a backup first13:23
Davieyjamespage: thanks13:24
RoyKKartagis: it's always useful to have a backup or two...13:24
KartagisRoyK: how do I move the backed up files back afterwards? a simple mv will do?13:24
jamespageDaviey, running the tests now in the lab13:24
RoyKI ususally just use rsync13:24
Davieyjamespage: running the test for just raring, or precise daily aswell?13:26
jamespageDaviey, thats just raring atm13:26
Davieyjamespage: confirmed, precise includes it.13:27
Davieyit must just be the cloud images..13:27
jamespageDaviey, for precise - lemme check13:27
Davieyjamespage: My iso install just confirmed it13:28
jamespageDaviey, for precise?13:28
DavieyYes, iso precise has it.. I haven't confirmed cloud images13:28
jamespageDaviey, cloud-image looks OK _ although it stops on a m1.small due to only having 1 cpu13:31
* jamespage tries a bigger image13:31
sorenWhat's the problem with irqbalance?13:31
jamespageDaviey, actually its installed in my raring cloud-image as well - just not running13:32
jamespagesoren, question over whether its shipping by default or not13:32
jamespagebut I think it is13:32
sorenIt is. It's been since... Gosh, a long time ago.13:33
jamespagesoren, yes13:33
Davieysoren: Yep, been in standard since Lucid, and seeded directly before13:33
jamespageDaviey, I'm not sure this is an issue tbh13:33
Davieysoren: The issue is a large user had a 'bad time' until they installed it13:34
hallynstgraber: a guy (in private email, sigh) complains that lxc-clone doesn't preserver hardlinks.  do you have any experience with how much -H slows down rsync?13:34
Davieysoren: So i'm trying to work out how they are not having it byu default13:34
sorenDaviey: Ah, I see.13:35
Davieyjamespage / soren: Might not be a one off.. http://www.linux-archive.org/ubuntu-user/519707-irqbalance-off.html13:36
jamespageDaviey, hmm13:37
sorenDaviey: I may have a guess.13:39
Davieysoren: oh?13:39
Davieyjamespage: Maybe the reason you are seeing it not run, is it exit's itself if it's a one (v)cpu box13:41
jamespageDaviey, thats what I'm thinking13:41
jamespageits def installed and is running when I spin up something with more than 1 CPU13:42
sorenDaviey: Hang on, readiing code.13:42
* jamespage probably just created a test failure in the lab by adding a check for this.13:42
sorenDaviey: Oh, wait... Did they say it wasn't installed or that it didn't run?13:43
Davieysoren: Honestly, the info is too sketchy to be sure13:44
DavieyI think it was not installed.13:44
sorenThat package's use of debconf is... umm... interesting.13:44
sorendb_set irqbalance/enable ENABLED13:44
sorenwhere irqbalance/enable is a boolean13:45
soren(from irqbalance.config)13:45
Davieyhah13:45
DavieyStill, i don't think that is the cause.13:46
sorenDaviey: You're probably right.13:47
jamespagesoren, I can't see that?13:47
jamespagesoren, package dbconf looks OK to me13:48
Davieyjamespage: you are confident this isn't a bug our side?13:55
jamespageDaviey, I don't think so13:57
jamespageDaviey, needs a check of the aws cloud image as well13:57
Davieyjamespage: surely that would be the same?13:59
Davieybut yes, good thinking13:59
Davieyjamespage: Do you have access to an AWS image running already?13:59
stgraberhallyn: nope. I wouldn't expect it to take much longer as rsync needs to call stat on all the files anyway, all -H should do is that it'll do it before copying anything to figure out if some are the same inode14:00
zuljamespage: https://code.launchpad.net/~zulcss/ubuntu/precise/python-novaclient/new/+merge/13720114:02
hallynstgraber: ok, then maybe i should just add it always.  I usually use lvm cloning anyway so *I* don't care :)14:05
jamespageDaviey, installed on 10.04 and 11.10 instances I have running14:05
stgraberhallyn: I usually use the rsync code path, but I'm on SSD pretty much everywhere ;)14:06
jamespageDaviey: erm - I don't appear to have a handy 12.04/12.10 instance to check this on14:06
Davieyjamespage: OK, lets leave it for now14:08
Davieythanks for your help14:08
jamespagezul, see MP - 1 minor nit; please fix and upload14:08
jamespageDaviey, ack14:09
zuljamespage: ack14:09
zuljamespage: last one https://code.launchpad.net/~zulcss/ubuntu/precise/python-keystoneclient/new/+merge/13720214:10
jamespagezul: stop14:12
zulstopped14:12
Davieyzul: your bzr commit includes 3 x * New upstream release...14:13
zulDaviey: for which one?14:14
Davieyhttps://code.launchpad.net/~zulcss/ubuntu/precise/python-keystoneclient/new/+merge/13720214:14
zulDaviey:  in the debian/changelog? i dont see14:15
Davieythe bzr commit...14:15
* jamespage rewinds14:15
zulDaviey: im looking at line 552 of the diff14:15
Davieyah, i guess that makes more sense... i was looking at the BZR COMMIT LOG14:17
jamespagezul: sorry - python-novaclient is fine for precise-grizzly14:17
zuljamespage: k14:18
Daviey(remember debuild -v)14:18
zulkeystoneclient alright as well?14:19
jamespagezul, keystoneclient looks OK as well14:19
zulcool thanks14:21
jamespagezul, Daviey, smoser: I added a new script to smoses cloud-archive-check14:21
jamespage~james-page/+junk/cloud-archive-check/14:21
jamespagelp:~james-page/+junk/cloud-archive-check/14:21
jamespageverify_ca_branch.py - see code for details of what it does14:22
Davieyrelease notes?!  THE CODE IS THE RELEASE NOTES :)14:23
Kartagiswhat package does it take to install KDE? kdebase-bin?14:34
Kartagissorry, wrong channel14:34
caribouwhat is a good tool to browse python code ? ctags ? cscope doesn't seem to like python14:40
RoyKcaribou: spyder?14:49
RoyKthere's a bunch of different ones out there14:49
RoyKoh, spyder is the scientific one - probably not what you'r looking for14:50
benjicaribou: I have used cscope semi-succesfully with Python but it was a hack (and a hack that I don't remember very clearly); ctags works well, for what it is.  I have been meaning to try http://pypi.python.org/pypi/pycscope/14:50
uvirtbotNew bug: #1085057 in lxc (universe) "lxc-clone of busybox lxc 440M instead 1.7M" [Undecided,New] https://launchpad.net/bugs/108505714:51
cariboubenji: yeah, I saw mentions of pycscope, but didn't find it in the archives. Since I had ctags already installed, I tried it but not convinced14:51
cariboubenji: I'll give a second look at pycscope14:52
benjicaribou: if you think of it, let me know how it goes; I would like to be motivated/demotivated with regards to setting it up mysel14:52
cariboubenji: ok, will do14:52
=== mcclurmc_away is now known as mcclurmc
cariboubenji: d/led it, installed & built the cscope file. seems to do what I want, even from within VIM with exhuberant CTAGS shortcuts15:03
benjicool, sounds like a winner15:03
cariboufrom the timestamp, took ~10 min to setup :)15:03
hallynzul: jdstrand: http://people.canonical.com/~serge/libvirt-hugepages.debdiff and http://people.canonical.com/~serge/qemu-hugepages.debdiff, plus a server guide entry on picking values for sysctl vm.nr_hugepages ...  any objections?15:19
zulhallyn: looks good to me15:20
JoeVLceksmoser: ping15:23
yolandahi, is there any way to build a package skipping the tests? i'm just trying to debug some lintian errors15:24
jdstrandhallyn: well, this gets back to if guests end up with access to other guests15:24
jdstrandhallyn: I'm not really familiar with hugepages. will the kernel isolate them based on pid or similar?15:25
jdstrand(if so, then ack-- it is as good as the kernel enforcing other access controls)15:25
hallynjdstrand: no, the kernel won't isolate guests based on pids i don't think15:30
hallynhowever, you have to opt into /run/hugepages/kvm being mounted...15:30
hallynjdstrand: so to make this more secure, we'd have to edit qemu_driver.c and virt-aa-helper.c, i assume, to grant access to only $HUGEPAGES_MOUNT/libvirt/qemu/<vm-name> ?15:32
=== matsubara is now known as matsubara-lunch
hallynjdstrand: but... there are no files under there, actually15:34
kirklanddoes anyone know if it's possible to have multiple partitions on an EBS root device?15:35
kirkland(and still actually boot the damn thing?)15:35
jdstrandhallyn: if there are no files, what is it accessing?15:44
hallynjdstrand: just looked, here's how it works15:44
hallynlibvirt just creates $hugepagemount/libvirt/qemu, and runs qemu-kvm with -mem-path <thatpath>,15:45
hallynqemu-kvm then opens a file in that dir, mmaps memory from it, and truncates the file immediately15:45
hallynso that's why with a hugepage-backed vm running, there areno files to be found in that dir15:45
=== yofel_ is now known as yofel
jdstrandseems a rogue guest would not be able to take advantage of that... I assume there is some locking mechanism to prevent races on $hugepagemount/libvirt/qemu15:47
hallynjdstrand: qemu-kvm uses mkstemp in that dir15:48
jdstrandah15:48
jdstrandthat sounds ok then15:48
jdstrandhallyn: thanks for looking into it15:48
hallynso the worst a guest should be able to do is grab all the hugepages15:48
hallynnp.  thanks, ttyl15:48
jdstrandyeah, but apparmor wouldn't prevent that anyway15:48
jdstrand(assuming the user actually wants to use hugepages)15:49
hallynright15:49
jdstrandor rather, assuming the host wants guests to use hugepages15:49
jdstrandhallyn: hugepages is opt-in via the xml?15:50
hallynyes15:50
hallyn(unfortunately :)15:50
hallyni need to look into adding a switch in virt-manager for that15:50
jdstrandhallyn: so, actually, since that is the case, would it be better for virt-aa-helper to add that line only for guests that want huge pages?15:50
hallynyeah...15:51
hallyni guess i need to look deeper into virt-aa-helper anyway.  there are other open bugs with that...15:51
jdstrandhallyn: I think all you need to do is in get_files() look in ctl->def->(<whatever hugepages is>) and see if you should use it, then call virBufferAsprintf() appropriately (see vah_add_file for how to do that)15:55
hallynjdstrand: waht exactly is get_files() meant to do?  get list of all paths it needs access to?15:58
jdstrandhallyn: it looks in the vm definition for user specific file paths, yes16:00
hallynjdstrand: all right for now i think i will (a) push that qemu-kvm debdiff, and (b) look at every apparmor related libvirt bug i can find and see if i can get a few done in one fell swoop along with this16:01
jdstrandhallyn: a few are also added in main()16:01
jdstrandhallyn: this one might be better in main() (or some function you create called from main() rather than get_files(), since the actual path is user specified)16:01
jdstranderr16:02
hallynjdstrand: actually this might be a problem - the path isn't user specified per se,16:02
jdstrand*isn't* user specified16:03
hallynso virt-aa-helper will have to reprdouce the logic done in qemu_driver.c to determine the path16:03
jdstrandhallyn: hmm16:03
hallynok, will look into it - thanks, bbl16:03
sliddjurHello, how do I open port 53 for DNS?16:06
sliddjurI created etc/iptables.rules and it contains "-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT16:07
sliddjur"16:07
andolsliddjur: While DNS uses TCP in some cases (large responses) it most commonly uses UDP.16:08
sliddjurandol, yeah, i got a line for udp too16:08
sliddjurnmap shows port 22, 111 and 2049 is open16:09
andolsliddjur: Of course assuming that /etc/iptables.rules is read by an iptables-restore (or an iptables-apply) somewhere.16:09
SpamapSadam_g: hey, I was looking at quantal SRU's and noticed the nova and quantum SRU's which have a ridiculous number of bug #'s, but no single bug to track the general testing effort (since we'll be doing them like an MRE)16:14
yolandamm, i'm having a lintian error about empty binary package, but that package actually has some contents inside /usr/share/doc... is that a good idea to add some lintian overrides there, or what's the best fix for that?16:22
yolandajdstrand, what do you think about it? ^16:24
jdstrandif it doesn't ship anything usable or isn't a meta-package, it should probably be removed.16:25
yolandajdstrand, it's the nova-compute-xcp package, and ships some documentation inside /usr/share/doc/nova-compute-xcp/16:27
=== matsubara-lunch is now known as matsubara
jdstrandyolanda: sorry for the delay16:56
yolandajdstrand, no problem, i'm trying to progress with other points16:56
jdstrandyolanda: so, /usr/share/doc/nova-compute-xcp/changelog.Debian.gz is there because the package was declared in debian/control16:56
jdstrandyolanda: so that shouldn't be considered16:56
jdstrandyolanda: /usr/share/doc/nova-compute-xcp/copyright is an actual file16:56
jdstrandyolanda: t (to be considered), but it is referring to things that the package doesn't ship. this looks to be a mistake16:57
jdstrandyolanda: looking at the Depends, it seems to be a package made simply to pull in python-xenapi16:59
yolandai added an override there17:00
yolandaa lintian overrides17:00
jdstrandyolanda: I suggest asking zul what the intent of the package is (he added xcp support in 2012.1~e4-0ubuntu1)17:01
jdstrandan override might be ok, I can't say. zul can let you know if there is a mistake there17:01
zulits on my personal todo list to fix for raring17:01
zuloverride should be fine for now17:01
keyz182Hi all, not sure if there's a better place to be asking this, so point me there if so. I'm running an Essex openstack installation at the moment on Ubuntu 12.04 for a university research project. We'd like to upgrade to Folsom, and there seems to be an upgrade path out there for it, but I can't find much info on it other than Mark Shuttleworths video, and instructions on how to enable17:07
keyz182the correct repo. Is there any info out there, or guides, on preperation that needs to be done, potential problems, and any manual steps? My google-fu is failing me today.17:07
yolandazul, ok, i added that override17:09
roaksoaxjamespage: howdy!! so I was thinking that it doesn't really make sense to make the charms (i.e. keystone) configure its own haproxy when there's really a charm for it17:12
roaksoaxjamespage: so we should probably use it as a subordinate17:12
roaksoaxor figure out a way to use it effectively17:12
jamespageroaksoax, charms can only have one personality17:13
jamespagesubordinate or principle17:13
roaksoaxjamespage: right, we can have a simplified version of the HA proxy charm then17:13
roaksoaxjamespage: i.e. keystone principal, with 2 subordinate haproxy/hacluster17:13
roaksoaxand a relation in bteween the subordinates17:13
roaksoaxjamespage: or even colocate them with jitsu17:14
jamespageroaksoax, not that last option17:14
roaksoaxyeah that wouldn't work with add-unit17:14
jamespageeverything should be deployable WITHOUT jitsu17:14
jamespageroaksoax, I agree with 're-use' for haproxy but not with subordinate17:14
roaksoaxjamespage: right, so then there's really no way to do so without integrating haproxy in keystone17:15
roaksoaxjamespage: or even in the hacluster charm17:15
jamespageroaksoax, OK - so reuse the same code for haproxy across all of the openstack charms that need it17:17
jamespageand add stuff into the charm hooks that calls it in the right way17:18
jamespagethat way the principle is in charge of configuring its haproxy; hacluster takes care of the VIP/service failover17:18
jamespageI think adding another subordinate is over complicating things17:18
roaksoaxjamespage: right, so we will only use haproxy if we have hacluster right?17:19
adam_gSpamapS: what is the quantum SRU? i had put together a nova SRU last month for quantal-proposed with a meta bug (LP: 1074359) to track. but upstream has released a new stable release yesterday that ill be preparing a new one (today,m hopefully) that will supersede that one.17:19
SpamapSadam_g: ah ok, want to just reject the current upload then?17:20
SpamapSadam_g: I'd say just make it clear in the changelog which one is the meta bug17:20
SpamapSadam_g: and re quantum, I'll just chalk that up to me assuming you did them both.17:20
jamespageroaksoax, hmm - probably;  the principle should start generating config for haproxy as soon as it has peers17:21
jamespageand a vip configured17:21
roaksoaxjamespage: right, so I think it might be easier to make the hacluster do that config, since it is there were we will configure the vip17:22
adam_gSpamapS: looks like zul did the quantum one back on nov 07th. rejecting them is fine. in the new batch ill be  sure to reference the metabug at the top of the changelog17:22
* jamespage thinks17:22
adam_gSpamapS: also FYI--i sent an email to the TB list yesterday (stuck in moderation, tho) requesting cinder and quantum be added to the existing MRE17:25
SpamapSadam_g: Its still "provisional".. I wonder, how many have been done since that provisional MRE was granted?17:26
hallynjdstrand: <shrug> still playing, but i think i'll just need to add the backing file to the VirDomainDef struct17:28
jamespageroaksoax, not sure TBH; I like the separation between hacluster (responsible for VIP's and service control) and a principle that set's up and configures the services17:30
jamespagethat way if a principle starts todo something new; then all it has todo is tell hacluster...17:30
roaksoaxjamespage: or, you can simply tell hacluster "get me haproxy with HA"17:31
roaksoaxjamespage: then hacluster will configure haproxy for such escenario17:31
roaksoaxjamespage: and in principal charms, you would simply say17:31
roaksoax"enable haproxy, this is the VIP i want you to use"17:31
jamespagehmm17:32
roaksoaxjamespage: i see this as a similar thing as what will happen with DRBD17:32
jamespageI remain unconvinced17:33
adam_gSpamapS: we managed to push out 4 SRUs (LP: #1041120).  this time around there is a set release schedule for upstream point releases, so i expect we'll be shooting to do as many in Ubuntu this time around17:33
jamespageroaksoax, sorry - I'm not trying to be awkward :-)17:35
roaksoaxjamespage: lol no worries :)17:36
roaksoaxjamespage: so HA proxy in this escenario (running in the same place as keystone), doesn't make sense without hacluster17:37
roaksoaxright?17:37
jamespageroaksoax, agreed; and it won't work really cause it does not have an IP to bind to17:37
jamespageroaksoax, the way I saw it (probably) was17:37
jamespagejuju set keystone vip=xx.xx.xx.xx17:37
jamespagejuju add-unit keystone17:37
jamespage(at which point we start generating a haproxy configuration using a peers hook)17:38
jamespagejuju deploy hacluster keystone-hacluster17:38
jamespagejuju add-relation hacluster keystone17:38
jamespage(keystone then says to hacluster - relation-set vip=xx.xx.xx.xx service=haproxy)17:39
jamespage^^ that line is over simplified I know17:39
uvirtbotjamespage: Error: "^" is not a valid command.17:39
jamespageand then hacluster does it magic, brings up a vip on one of the nodes and starts up haproxy17:39
jamespageroaksoax, does that make sense?17:39
taowaHos do I use wireless on ubuntu server17:40
roaksoaxjamespage: yeah, that's very similar workflow as I was thinking but doing so in the hacluster side17:40
roaksoaxas in: juju set keystone vip=x.x.x.x17:40
roaksoaxjuju deploy keystone17:40
roaksoaxjuju deploy hacluster17:40
roaksoaxjuju set keystone service=haproxy17:40
roaksoaxjuju add-relation keystone hacluster17:41
smoserJoeVLcek, i'm here now.17:41
roaksoaxjuju add-unit keystone17:41
taowaHos do I use wireless on ubuntu server17:41
roaksoaxjamespage: and then, hacluster say, oh wait, keystone wants to use VIP for HA proxy, let's install and configure haproxy for usch purpose17:41
taowaHow do I use wireless on ubuntu server?17:42
roaksoaxjamespage: to me, in reality, is the same in either place17:42
sarnoldtaowa: normally, it is considered polite to repeat questions once an hour at the most.17:42
jamespageroaksoax, hmm17:42
roaksoaxjamespage: in this case escenario it is exactly the same17:44
jamespageroaksoax, I just prefer the split of what (in keystone) and how (in hacluster)17:44
roaksoaxjamespage: the benefit I see, however, is thta this would work (or should) if we don't deploy them in the same machine17:44
jamespageroaksoax, I don't understand that last comment17:45
uvirtbotNew bug: #1075342 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess new pre-removal script returned error exit status 255" [Undecided,Invalid] https://launchpad.net/bugs/107534217:46
roaksoaxjamespage: basically is "there might be various units of keystone, but as long there's no hacluster controller haproxy, then they are all useless"17:46
roaksoaxs/controller/controling17:46
=== pr3d4t0r is now known as NikkiWade
roaksoaxso you might aswell integrate haproxy in hacluster, the same way you would do with DRBD17:47
roaksoaxas in, juju deploy mysql17:47
roaksoaxjuju dmeploy hacluster17:47
roaksoaxjuju add-relation mysql hacluster17:47
roaksoaxhacluster will then say, oh mysql in HA, so I need to configure DRBD, and put all the mysql stuff in the DRBD partition17:48
roaksoaxand control mysql17:48
roaksoaxjamespage: but again, to me really, it is the same doing it in keystone or doing it in the hacluster17:48
elventearHello. I am having an issue with a software raid 1 volume that is rebuilding. The new drive that was added to the volume is writing at very slow speeds, in the the hundreds of KB/s. Any ideas what could I check to see what is going on?17:49
jamespageroaksoax, it think it is different17:49
jamespageroaksoax, keystone should tell hacluster which resources it should HA; same with MySQL17:50
sarnoldelventear: anythin in dmesg that looks like io errors?17:50
elventearsarnold: Nothing.17:51
roaksoaxjamespage: sure! again really this doesn't make any difference to me17:53
roaksoaxit is ust who does the configuration and controls it17:53
roaksoaxbecause my way of seeing things in this particular case is "haproxy does not make any sense without hacluster"17:54
roaksoaxso you might as well do the haproxy configure in hacluster rather than in keystone17:54
elventearI changed the scheduler and things are better now. I was using deadline.17:54
roaksoaxsame as it wouldn't make any sense to have DRBD without hacluster17:55
roaksoaxso hacluster should be the one configuring DRBD based on the specifications of whomever wants to use DRBD17:55
sarnoldelventear: no kidding? o_O17:55
sarnoldelventear: thanks for reporting back :)17:55
elventearsarnold: Maybe I spoke too soon. Speeds spiked for a while but they are going down :(17:56
jamespageroaksoax, I think the two use-cases are different; DRDB is 'please provide me with a replicated block device' - its just one thing17:56
jamespageroaksoax, haproxy is software with potentially service specific configuration....17:56
roaksoaxjamespage: same as drbd :)17:57
sarnoldelventear: oh :/17:57
jamespageroaksoax, OK _ so maybe me trying to think this through at 1800 on a Friday is not working so well.17:57
roaksoaxjamespage: haha maybe :)17:57
roaksoaxjamespage: i beer would help,. wouldn't it?17:58
jamespageroaksoax, can I suggest that you put together a prototype of each; we have most of the keystone bits done for haproxy in keystone; lets work them both and compare and contrast next week17:58
* jamespage thinks that sometimes its a good idea to spike two solutions to see which one works best17:59
roaksoaxjamespage: indeed17:59
jamespageroaksoax, adam_g: btw I have quantum integrated into the nova-compute charm now18:00
JoeVLceksmoser: ping18:00
jamespagejust need to finish off the quantum gateway bits now - but that will be monday18:00
* jamespage <- brain is fried18:00
roaksoaxjamespage: to finilize my thoughts, for simplicity, keystone would manage haproxy, then you need to add support for cloud-controller no manage haproxy as well right?18:01
jamespageroaksoax, yes - but the code will be shared across all os services that need this feature18:01
jamespageso its a hook and a call to nova-common/openstack_common18:02
jamespage+1 extra package to install18:02
JoeVLceksmoser: Sorry I missed you. I was grabbing some lunch. Back now18:02
jamespageroaksoax, have a good rest of the day - catchup monday18:03
* jamespage signs out for the weekend18:03
roaksoaxjamespage: alright, you have a good weekend18:03
jamespage(like that actually ever happens)18:03
jamespageroaksoax, you to18:04
qwebirc14433Hi, my /boot ran out of space.  What's the proper way to remove files in /boot?18:06
qwebirc14433I am trying to upgrade from 10.04 to 12.04 and encountered "no space left on device"18:06
greppyqwebirc14433: uninstall any unused kernels18:07
qwebirc14433how to uninstall?18:07
greppydpkg -l | grep linux-image18:08
greppythen for instance do: apt-get remove linux-image-3.2.0-30-generic18:08
greppyor whatever your old unused kernels are.18:08
qwebirc14433ic.  so i can basically remove all the old kernels, maybe keep one or two just in case needed right?18:09
greppyI normally only keep the last kernel and the current one.18:10
greppyand once I reboot on the latest one and all is well, I have been known to remove the older ones and only leave the one.18:10
qwebirc14433great, it's working!  Thanks greppy!18:12
Loraxperhaps a silly question, but will the current iso fit on a 2gig usb stick with unetbootin?18:29
=== NikkiWade is now known as pr3d4t0r
=== mcclurmc is now known as mcclurmc_away
=== nerd is now known as harsh_bhatt
=== harsh_bhatt is now known as nerd
=== r0tha is now known as 45PABE0JT
=== Deathvalley122 is now known as Guest9788
=== glebihan_ is now known as glebihan
lvmer1Where should I ask ubuntu-server dlna questions? I'm having trouble with linux -> samsung pc for some reason, while windows seems to work fine.19:23
lvmer1samsung tv**19:23
tedskilvmer1: which dlna server are you using?19:25
lvmer1tedski: I tried minidlna & it didn't seem responsive to the tv, but it worked across computers so I uninstalled it & was just going to go down a list until I found one that worked: mediatomb, mythtv, serviio, etc. But I figured I'd ask, because Mezzmo from Win7 -> samsung tv works fine.19:27
sarnoldI've used ushare to my ps3 before, but it never seemed to work as well as just using the browser on the ps3 to download video files...19:27
sarnoldpause kinda sucked.19:27
lvmer1sarnold: yah fastforward kinda sucks for me xD19:28
lvmer1lol I'm 'pinging' a tv.....19:28
lvmer1what has this world come to19:29
sarnoldlvmer1: just wait until your tv refuses to do anything until you give it a software update..19:29
lvmer1sarnold: lol that already happened19:29
lvmer1it forced me to download "angry birds" as part of a necessary software update19:30
lvmer1lmao19:30
sarnoldhahaha19:30
tedskilvmer1: i hate to answer your question with a different solution... but i use plex19:30
lvmer1yah... makes you wonder.... what kind of deal did samsung do with angry birds lol19:30
tedskilvmer1: samsung has an app for it, too19:30
lvmer1yah19:30
lvmer1pcsharemanager or allshare or something19:31
lvmer1doesn't work even on my windows pc's no idea why19:31
lvmer1doesn't work on the samsung bluray player either19:31
lvmer1I doubt I can install it on linux either19:31
lvmer1unless I do some crazy wine terminal stuff on the server19:31
lvmer1I'm going to try plex and ushare19:32
lvmer1thanks tedski & sarnold   :)19:32
simenHi guys. I am trying to locate the cause of my high load. I have low CPU, low RAM, low IO wait. Are there any other parameters that might affect my load?19:41
simenI am guessing maybe some latency? Maybe epoll (memcached) or TCP/IP.19:42
sarnoldsimen: what do you mean by 'high load'?19:42
simensarnold: I mean 10 concurrent users on a web server with 1 core and 2 GB RAM is constantly around 1.7. Web server is Nginx with APC caching and Memcached19:43
taowaHow do I use wireless on ubuntu server?19:43
sarnoldtaowa: what have you tried? where are you stuck?19:44
taowaNothing..19:44
SpamapSsimen: so if you run top, you don't see anything using CPU?19:44
genii-aroundman wpa_supplicant19:44
Danichanhello!19:44
simensarnold: Top has brief spikes of php-fpm processes doing some work, but average CPU is around 20%19:45
SpamapSsimen: Is this by any chance on Ubuntu 10.04 on EC2?19:45
SpamapSsimen: there were problems with "phantom load" on EC2 for a while19:45
simenSpamapS: No, it's 12.04 VPS - hosted by my provider. Not sure about their infrastructure19:46
SpamapS"VPS" ?19:46
SpamapSCan you elaborate?19:46
simenSpamapS: "Phantom load" describes my problem pretty well. Good name19:46
TheLordOfTimetheir image i think SpamapS19:46
simenSpamapS: VPS = Virtual Private Server. So on some other, bigger box.19:46
TheLordOfTimesimen, we know that, but what architecture?19:46
TheLordOfTime32bit?  64bit?19:46
SpamapSsimen: but, is it a VM, or a container?19:46
TheLordOfTimeall VMs still have an arch.19:46
TheLordOfTime:P19:47
SpamapSIf its a container, then thats the issue.19:47
TheLordOfTimealthough SPamapS has a good point19:47
DanichanI have a samba PDC  and a client as ROLE_DOMAIN_MEMBER that it can join to the domain using a terminal. Can i log in domain using a xdm like slim or gdm??19:47
simenMy service provider often talks about "container" and how there sometimes isn't room for me to upgrade on it.19:47
Danichanwindows domain style19:48
SpamapSif its a VM, you should see the "steal%" go up with other users using your CPU, and that is also "load"19:48
henkjanSpamapS: hmm, leaving canonical?19:48
SpamapShenkjan: aye19:48
SpamapShenkjan: have we met?19:48
henkjanno, i just read your post at the planet19:48
SpamapSah ok :)19:49
SpamapSsimen: ignore load average19:49
simenSpamapS: really?19:49
SpamapSsimen: though realistically, it probably *is* legitimate19:49
SpamapSsimen: your concern is response time of your app19:50
SpamapSsimen: you should be monitoring that19:50
simenSpamapS: Actually, response times are not bad19:50
henkjanSpamapS: you where responsible for mysql 5.5 packaging right?19:50
SpamapSsimen: I suggest logging how long requests take, and having your monitors watch for spikes and trends in the logs.19:50
SpamapShenkjan: yes19:50
SpamapShenkjan: still am responsible actually :)19:50
henkjanand you keep maintaining it after you leave?19:51
SpamapSsimen: the load is just saying that on average you have 1.7 things waiting for resources .. with 10 users (assuming they never pause to LOOK at the screen, just keep clicking), thats still only 170ms per request19:52
SpamapShenkjan: when I can, here and there.19:52
SpamapShenkjan: others have the skills to pick up the slack.19:52
henkjanmaybe...19:53
henkjanik took long enough for 5.5 to become packaged for debian/ubuntu19:53
SpamapShenkjan: only because the Debian maintainer was transitioning out of his old role, so it took a while for us to get it going19:54
henkjanah, okay19:54
SpamapShenkjan: I expect 5.6 to land very quickly after it goes GA19:54
ScottKSpamapS: Is that expected for raring?19:54
SpamapSno19:55
SpamapSdefinitely no19:55
ScottKOh good.19:55
henkjanScottK: afaik there is no public announced date for 5.6GA19:55
SpamapSScottK: they always need 1 or 2 point releases to shake out the final GA stuff19:55
SpamapSas in, you wait for GA, then you *try it*.. then you wait for the next 2 patches, then you deploy it.19:55
henkjanSpamapS: did you manage to get one of the codership guys to UDS Kopenhagen?19:55
simenSpamapS: You are a legend. Thank you for connecting load with ms for me. Also, I'm quickly doing some request logging in Nginx, will post an example in a minute. Thanks19:55
SpamapSIt will definitely be in 14.04 unless Oracle implodes or something19:55
SpamapShenkjan: they were busy.. but Stewart Smith from Percona had enough info to be helpful.19:56
SpamapShenkjan: the problem with Galera at the moment is that it is somewhat invasive as a patch to MySQL, so its really like another derivative.19:57
henkjanah, would be nice to get xtradb-cluster or mysql + galera in main19:57
SpamapSThe plan is to do xtradb-cluster19:57
SpamapSPercona's going to work on it.19:58
henkjancool19:58
SpamapSAnd I may even still work on it.19:58
henkjani'll ask the percona guys next week :)19:58
SpamapSReminds me I need to see about going to Percona Live again. Would be 4 years in a row19:59
henkjan2nd time for me19:59
henkjangot free tickets this year :)19:59
henkjanSpamapS: are you next week in London @ percona live?20:01
SpamapSno20:01
SpamapSthe US shone20:01
SpamapSone20:01
henkjanthe big one :)20:01
hallynjdstrand: sigh, it looks like virSecurityManagerGenLabel is called too early for either hugepage backign info or vnc socket path info20:01
hallynall right guess i'll need to add fns...20:05
=== mjau^_ is now known as mjau^
hallynaha, the mem info may be fine.  the vnc - i may just not be setting up an appropriate test case.  sigh20:43
=== ibiris is now known as ibiris|afk
=== ibiris|afk is now known as ibiris
kirklandhallyn: howdy!20:53
kirklandhallyn: have you ever used kexec in ubuntu?20:54
hallynkirkland: nope20:57
hallynwell, only to test whether you cando it from a container :)20:57
kirklandhallyn: and?20:57
hallynlooking to do some ksplicing?20:57
kirklandhallyn: no not really20:57
hallynand it needed a patch to prevent it20:57
kirklandhallyn: trying to support reboots of encrypted overayroot20:58
hallynkirkland: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/103412520:59
uvirtbotLaunchpad bug 1034125 in linux "containers can load a kernel to kexec" [High,Fix released]20:59
sarnoldteehee21:00
hallynsar:)21:00
hallynhm21:00
hallynthat was weird21:01
sarnoldlaggy ssh to your irc client?21:01
hallynvery21:02
kirklandhallyn: i'm failing to kexec load21:02
kirklandkexec_load failed: Device or resource busy21:02
hallynkirkland: can you strace that?21:06
hallynin kernel all i see is two EBUSYs on mutex load and one if htere are frozen processes21:06
hallyn(well, if freeze_processes() fails)21:07
kirklandhallyn: http://paste.ubuntu.com/1400579/21:07
kirklandopenat(AT_FDCWD, "/sys/firmware/edd", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = -1 ENOENT (No such file or directory)21:08
kirklandinteresting21:08
hallynwell doing openat and giving a full pathname is interesting :)21:08
hallynis that the lst failure though?21:08
hallynoh nm.  it's kexec_load itself21:09
kirklandhallyn: yeah21:10
kirklandhallyn: what is supposed to populate edd?21:10
hallynmy guess is machine_kexec_prepare() is failing.  dunno why21:10
hallynapw might have an idea21:10
kirklandapw: howdy :-)21:10
kirklandapw: I reckon it's late on a friday night for you21:11
=== cpg|away is now known as cpg
uvirtbotNew bug: #1085225 in lxc (universe) "can't install lxc fedora "17, 18" container " [Undecided,New] https://launchpad.net/bugs/108522522:06
=== ibiris is now known as ibiris|afk
=== cpg is now known as cpg|away
=== Ursinha is now known as Ursinha-afk
=== cpg|away is now known as cpg
=== matsubara is now known as matsubara-afk
=== Ursinha-afk is now known as Ursinha
=== cpg is now known as cpg|away
uvirtbotNew bug: #1085255 in quantum (main) "Meta bug for tracking Openstack 2012.2.1 Stable Update" [Undecided,New] https://launchpad.net/bugs/108525523:31
=== cpg|away is now known as cpg
=== cpg is now known as cpg|away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!