[00:17] <zul> jamespage/coreycb: i switched over glance to use the milestone-proposed git branch
[02:17] <Havenstance_> question
[02:18] <sarnold> answer
[02:18] <Havenstance_> Installed ubuntu 13.10 server, during install i had DHCP and the internet worked, now after install I have no DHCP
[02:18] <Havenstance_> any idea's what might be wrong? I checked /etc/networking/interfaces and eth0 is listed there as dhcp
[02:19] <Havenstance_> but when I run a sudo service networking restart I get networking stop/waiting
[02:19] <Havenstance_> never goes beyond it, router is giving out DHCP Addresses fine as I'm talking to you on it now
[02:19] <sarnold> Havenstance_: yeah don't run "service networking restart", that busts dbus badly ...
[02:20] <Havenstance_> ok, how would I get it to get a DHCP, that's what I don't understand it had one during install
[02:20] <sarnold> Havenstance_: ifdown eth0 ; ifup eth0 ;  is the better way to cycle networking
[02:20] <Havenstance_> but once install finished and it rebooted it gets nothing
[02:20] <Havenstance_> ok
[02:21] <Havenstance_> its sending DHCP Discover on 255.255.255.255
[02:21] <Havenstance_> my netmask should be 255.255.255.0
[02:21] <sarnold> Havenstance_: check logs, there might be something there, /var/log/syslog, /var/log/upstart/network-interface*
[02:21] <sarnold> Havenstance_: dhcp discover is sent using a link-local broadcast packet; 255.255.255.255 is correct
[02:21] <Havenstance_> okay :)
[02:22] <sarnold> nice paranoia :)
[02:22] <Havenstance_> well, i understand enough about networking but in linux it seems to be enough to get me in trouble lol
[02:22] <Havenstance_> Can't a guy just shitcan windows, that's all I want to do :)
[02:22] <Havenstance_> give bill gates some sign language
[02:23] <sarnold> heh, it took me a few years to transition completely away from windows
[02:23] <Havenstance_> i've been running ubuntu on and off for ever now
[02:23] <Havenstance_> I still have disks from 5.04 and the such, when they used to give away the CDs to those of us unlucky people who had Dial Up :)
[02:24] <Havenstance_> 4.10 too apparently :)
[02:26] <Havenstance_> here's something in syslog idk if it means anything or not but it says -- apr 1 22:03:43 uss-enterprise rsyslogd-2039 could not open output pipe '/dev,console'
[02:27] <sarnold> /dev,console ?? what an odd mistake..
[02:28] <sarnold> Havenstance_: time for me to bail, good luck :) have fun
[02:29] <Havenstance_> dhcp request of 192.168.1.104 on eth0 to 255.255.255.255 port 67
[02:29] <Havenstance_> dhcp offer of 192.168.1.104 from 192.168.1.1
[02:29] <Havenstance_> dhcpack of 192.168.1.104 from 192.168.1.1
[02:30] <Havenstance_> bound to 192.168.1.104 -- renewal in 33966 seconds
[02:30] <Havenstance_> but ifconfig still shows no dhcp addr
[02:31] <jrwren> ubuntu systemd in the future will already benefit : https://plus.google.com/+TomGundersen/posts/eztZWbwmxM8
[04:17] <koolhead17> hello world11
[04:22] <ubunty_> Why do I get this message http://paste.ubuntu.com/7192789/  What could be the issue? http://paste.ubuntu.com/7192787/
[05:49] <ubunty_> why do I keep getting "sudo: unable to resolve host (none)" during my PXE boot installation?
[05:49] <ubunty_> It will complete the installation but with no internet access which I suspect is caused by this issue
[05:50] <TJ-> ubunty_: Sounds like there is no DNS resolver configured
[05:51] <ubunty_> How would I got about fixing this issue? Or I mean how would I get to the point where I am configuring the dns resolver?
[05:52] <sarnold> ubunty_: does your /etc/hosts look sane? does your /etc/nsswitch.conf look sane?
[05:53] <TJ-> add an entry in /etc/resolv.conf
[05:53] <ubunty_> ok ill try that
[05:53] <TJ-> ubunty_: If you did a PXE boot, the interface will be inherited from the kernel, and so you need to take care of such things
[05:54] <ubunty_> and if it is inherited from the kernel how can I make those changes if needed?
[05:54] <sarnold> ubunty_: yikes are you still doing this?? http://paste.ubuntu.com/7192787/
[05:54] <ubunty_> nope got that worked out
[05:55] <sarnold> ubunty_: after CIDR was introduced back in the 90s, I think support for non-CIDR style netmasks has long since atrophied, I wouldn't expect "subnet-mask 255.255.0.255;
[05:55] <sarnold> to work all that often
[05:55] <sarnold> oh good
[05:56] <ubunty_> resolv.conf looks like this http://paste.ubuntu.com/7192972/
[05:58] <TJ-> ubunty_: best to fix the typo
[05:58] <sarnold> and there's no point in searching hsd1.tx.comcast.net, you'll never look up hosts under that domain..
[05:59] <ubunty_> oops but it was a copy paste typo not on my actual resolv.conf file
[05:59] <ubunty_> google.com for the domain?
[06:00] <sarnold> none at all should work fine
[06:00] <ubunty_> so take out domain and search?
[06:02] <TJ-> If you're doing PXE boot, that infers a local BOOTP/DHCP server, is there not also a local network DNS server?
[06:03] <ubunty_> yes my modem is giving out those DNS
[06:04] <ubunty_> thats what it says on my dhcpclient.leases
[08:02] <jamespage> zul, Daviey: that nova test failure only happens in virtualized PPA builds
[08:02] <jamespage> as found in openstack-ubuntu-testing and icehouse-staging for the CA
[08:02]  * jamespage siggs
[08:20] <allaga_> hey :)
[08:57] <lordievader> Good morning.
[08:59] <mischief> hello
[08:59] <mischief> i'm trying to boot ubuntu 14.04 LTS server from a hard drive
[08:59] <mischief> i dd the iso to the disk and reboot, and now the installer can't find the cd image.
[09:00] <mischief> the server has a LSI Logic Fusion-MPT SAS card to which i believe the disk is attached to, but i can't find any kernel module for this in the installer
[09:00] <cfhowlett> mischief until release, 14.04 support = #ubuntu+1
[09:01] <mischief> oh, it's not released until the 17th :|
[09:01] <mischief> well, i have a feeling 12.04 would result in the same issue, but i can try it too
[09:09] <mischief> cfhowlett: is there a standard way to get raid drivers at install time?
[09:10] <cfhowlett> mischief oh, my.  Never done that and so I don't know.  sorry.
[09:10] <mischief> poop
[09:10] <mischief> i really don't want to have to file a ticket at my dedicated server provider :<
[09:11] <cfhowlett> mischief stay in channel and ask.  someone else will know.
[09:11] <mischief> i am getting 13.10 server image now, to try instead
[09:11] <mischief> but i think it will end up the same at 14.04
[09:19] <mischief> same problem on 13.10 ;_;
[09:34] <zetheroo> Is there a GUI for OpenIPMI?
[10:10] <mischief> zetheroo: i wasn't able to find one
[10:20] <ivoks> gui for ipmi?
[10:20] <ivoks> why would anyone want that? :)
[10:21] <mischief> so they dont have to use the stupid java clients ;)
[10:22] <ivoks> isn't java client a gui?
[10:22] <mischief> yes
[10:22] <mischief> i'd rather a native client than java
[10:22] <ivoks> why do you need GUI access to the server?
[10:23] <ivoks> i mean, what's wrong with SOL?
[10:23] <mischief> can you mount iso with that
[10:23] <ivoks> you can't do ISO with SOL, true
[10:23] <mischief> sorry if i sound dumb, it's my first day
[10:23] <ivoks> but PXE is much faster than ISO anyway
[10:23] <mischief> i dont have pxe on my host
[10:24] <mischief> i mean, pxe exists, but my host doesn't have anything to boot to
[10:25] <ivoks> let's go from start
[10:25] <ivoks> you have a server isolated on the network to wich you want to install ubuntu 12.04?
[10:26] <mischief> uh
[10:26] <mischief> yes?
[10:26] <mischief> i'm not sure what you mean by isolated on the network.
[10:27] <ivoks> PXE is network boot
[10:27] <mischief> right
[10:27] <ivoks> usually, datacenters have some kind of network installation setyp
[10:27] <ivoks> setup
[10:27] <ivoks> so that people don't walk around with CDs
[10:28] <ivoks> so when i say isolated, i mean network without such infrastructure
[10:28] <mischief> well i tried to pxe boot, but the tftp server makes no offers
[10:28] <mischief> dhcp works
[10:29] <ivoks> ok, then you probably don't have tftp/pxe setup on your network
[10:29] <mischief> yea
[10:29] <mischief> so i tried to mount an iso with the IPMI shit on my dedi
[10:29] <mischief> some 'MEGARAC Aster' by AMI on a dell poweredge
[10:30] <mischief> the kvm console it provides is a really poor java program, and i have openjdk on debian
[10:30] <mischief> most of it works, *except* mounting an iso
[10:30] <mischief> so i tried to write the ubuntu server iso to the second disk, and directly boot to that
[10:31] <mischief> it boots, it scans for the cd image.. and it can't find it.
[10:31] <ivoks> dell uses DRAC, so you should be able to open web browser and go to DRAC's IP
[10:31] <mischief> and why? because the hard drive is on a fucking lsi fusion-mpt sas card and the ubuntu iso has no mptsas driver
[10:31] <ivoks> well, watch your language
[10:32] <ivoks> ubuntu iso does have mptsas driver
[10:32] <ivoks> but it's not part of the kickoff installer
[10:32] <ivoks> it gets added during discovery process
[10:33] <mischief> sorry, i'm just very frusterated. i've been trying to get openstack running on this dedicated server since last week
[10:33] <mischief> the web ui of the management console looks like -> http://blog.milford.io/wp-content/uploads/2012/03/megarac2.png
[10:34] <ivoks> yeah... it's ugly, but you have to do it that way
[10:34] <ivoks> at least to kick off installer
[10:34] <mischief> what way?
[10:35] <ivoks> mount the iso within the web ui and boot from cd
[10:35] <mischief> there is no way to do it from the web ui!
[10:36] <mischief> and it's full of bugs anyway
[10:36] <mischief> the web ui runs on https, but frequently tries to redirect me to a url like https://1.2.3.4:80/...
[10:36] <mischief> which doesn't work obviously
[10:37] <ivoks> and you say this is dell poweredge?
[10:37] <mischief> one moment and i can run dmidecode..
[10:38] <ivoks> (that's not what dell's drac ui looks like)
[10:39] <ivoks> http://wiki.hetzner.de/index.php/Datei:Idrac_logon_en.jpg
[10:39] <ivoks> that's how it looks like ^
[10:39] <mischief> it's definitely a dell system, albeit probably an older one
[10:40] <mischief> now i can't even run the java applet, great
[10:45] <ivoks> there are also drac cli tools
[10:46] <ivoks> but i'm not sure they can handle isos
[10:46] <ivoks> Attaching, Auto-Attaching, and Detaching Virtual Media using RACADM
[10:46] <ivoks> racadm config -g cfgRacVirtual -o cfgVirMediaAttached 1
[10:46] <zetheroo> so is the short answer that there is none?
[10:47] <ivoks> http://support.dell.com/support/systemsinfo/document.aspx?~file=/software/smdrac3/drac5/145/en/ug/racugc1b.htm
[10:47] <mischief> it's a dell poweredge c6100
[10:48] <ivoks> ah, this doesn't have drac
[10:48] <ivoks> just ipmi
[10:48] <mischief> and is apparently incapable of mounting ISO's
[10:49] <mischief> even though a virtual cd rom drive appears
[10:49] <mischief> so there's really no way for me to reinstall ubuntu, unless i either ask the datacenter to do it, or build my own iso with the mptsas driver in the kernel
[10:49] <ivoks> http://www.iptp.net/en/support_ipmi.php
[10:50] <ivoks> looks like yours
[10:50] <zetheroo> I have been using IPMIview from Supermicro for our Supermicro servers - but this time I am dealing with a HP server which is not being seen by IPMI view ...
[10:50] <mischief> it's not the same
[10:50] <mischief> this is AMI ipmi, not SuperMicro
[10:50] <ivoks> zetheroo: hp uses ilo; not every ilo is ipmi compatible
[10:51] <ivoks> mischief: look at the screenshots
[10:51] <ivoks> mischief: it's the same, just rebranded
[10:51] <zetheroo> I have also checked out the IPMI (iLO) of the HP via the browser but there is hardly anything in there - and no KVM viewer
[10:51] <mischief> well, perhaps so. but my interface does not have such options as 'Virtual Media'
[10:51] <ivoks> 1) Launch the remote console;
[10:51] <ivoks> 2) On the top of window select Media->Virtual Media;
[10:52] <mischief> it doesn't exist in the web ui man
[10:52] <ivoks> zetheroo: some older ilos are IE only
[10:53] <zetheroo> ok, so is there any utility (graphical) that can be used to connect to iLO ?
[10:54] <mischief> http://i.imgur.com/VRrbnU9.png
[10:54] <mischief> that's the java client with the iso error, next to the web page of the ipmi
[10:54] <mischief> i think i should just ask the dc for a new server :)
[10:54] <ivoks> mischief: well, that's you answer... can you redirect usb?
[10:54] <zetheroo> I could even try a Windows-based on in wine I suppose ...
[10:55] <mischief> ivoks: nope
[10:55] <ivoks> mischief: ubuntun iso is cd/hdd hybrid; you can boot it as a disk or as a cd
[10:55] <mischief> i can't redirect anything from the media menu
[10:55] <mischief> cdrom, iso, usb, floppy
[10:55] <ivoks> bad luck
[10:56] <mischief> and.. i thought i made this clear. i did write the ubuntu server iso to the hard drive and try to boot that
[10:56] <mischief> but the installer can't load itself from the cd image, because it can't read the disk, because there is no mptsas module in the installer's kernel
[10:56] <mischief> bit of a chicken and egg problem
[10:56] <ivoks> mischief: correct, it actually tries to read cdrom to fetch that module
[10:57] <ivoks> if you can dd iso to a usb stick, that would solve the problem
[10:57] <mischief> what usb stick :-)
[10:57] <mischief> this server is 200 miles away
[10:58] <ivoks> well, then you are managing a remote server that has pretty poor remote management capabilities
[10:58] <ivoks> it can't boot from a virtual media
[10:58] <ivoks> and you don't have pxe
[10:58] <mischief> i've come to realize that
[10:59] <ivoks> how about...
[10:59] <ivoks> net boot iso
[10:59] <ivoks> hm...
[10:59] <ivoks> at what stage does installer fail?
[10:59] <mischief> it's a possibility, if it can do dhcp and then load the mptsas module from the 'net
[11:00] <mischief> ivoks: scanning for and mounting cdrom
[11:00] <mischief> right after picking the language/keyboard pretty much
[11:00] <ivoks> you can try net boot iso
[11:00] <ivoks> i'm not 100% sure it will work
[11:00] <mischief> might as well
[11:02] <ivoks> http://www.howtoforge.com/boot-linux-over-http-with-netboot.me
[11:02] <ivoks> that might be an option too
[11:03] <ivoks> doh
[11:03] <ivoks> latest ubuntu is 10.04
[11:08] <mischief> ivoks: nice work man
[11:08] <mischief> netboot is going
[11:09] <mischief> now i just ask providence to help me install openstack without too many headaches
[11:30] <mischief> ivoks: thanks again, saved me a lot of time. i would have either had to wait on the datacenter guys or build my own installer image with the driver, if it had not been for the netboot image
[11:37] <ivoks> mischief: np
[12:32] <zul> jamespage: glance rc1 still waiting to be accepted
[12:34] <jamespage> zul, did you see my ping re nova in virt-ppa's
[12:36] <zul> jamespage:  i did...not good
[12:36] <jamespage> zul, still need to decide what todo about db encoding
[12:36] <jamespage> zul, the tests must have passed in the lab
[12:36] <zul> jamespage:  they did
[12:36] <jamespage> otherwise it does not get to the PPA
[12:43] <mischief> i'm installing openstack on trusty ^.^
[12:46] <jamespage> mischief, good!
[12:46] <jamespage> mischief, things to watch for - db table encoding
[12:48] <jamespage> mischief, if you are deploying neutron you have to configure neutron to talk to nova for nic plugging notifications
[12:55] <mischief> jamespage: any link to tips on that?
[12:56] <mischief> jamespage: re table encoding - a bug got filed that has the fix
[12:56] <mischief> https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/1300814
[12:56] <jamespage> mischief, kinda
[12:56] <mischief> i'm setting up nova as we speak
[12:56] <mischief> so neutron is next :^)
[12:56] <jamespage> mischief, https://github.com/openstack/neutron/blob/master/etc/neutron.conf#L295
[13:07] <jamespage> zul: do we have an upstream bug for the keystone utf-8 break?
[13:08] <zul> jamespage:  gimme a sec
[13:09] <zul> jamespage:  affects heat as well https://bugs.launchpad.net/oslo/+bug/1301036
[13:10] <zul> jamespage:  im going to test that patch in the openstack-ci lab and re deploy using the charms
[13:10] <jamespage> zul, OK
[13:24] <zul> jamespage:  ok we are just waiting for swift rc1 now
[13:27] <jamespage> zul, ack
[13:35] <jamespage> zul, I think we might have a bug in the image snapshotting process
[13:35] <jamespage> 2014-04-02 13:33:59.067 32697 INFO nova.virt.libvirt.driver [req-c05e37f9-1d3f-49ad-a6a9-57b6d690979e fdb9cd48f1804034a98aebd2918a9bdc d12b5ca2e2ca4329ac3b232052bd6a5e] [instance: cbe3d0c6-ee35-450e-9cbe-614108f13d1a] Snapshot extracted, beginning image upload
[13:35] <jamespage> 2014-04-02 13:33:59.297 32697 ERROR oslo.messaging.rpc.dispatcher [-] Exception during message handling: Requested operation is not valid: No active operation on device: drive-virtio-disk0
[13:35] <zul> uh? is there a traceback?
[13:36] <jamespage> zul, yes
[13:37] <jamespage> zul, http://paste.ubuntu.com/7194270/
[13:37] <jamespage> zul, wanna bug?
[13:38] <zul> jamespage:  yes please
[13:38] <zul> jamespage:  interesting
[13:39] <zul> jamespage:  anything in the /var/log/libvirt ?
[13:46] <zul> jamespage:  trusty or CA?
[13:46] <jamespage> zul, trust
[13:46] <jamespage> y
[13:46] <jamespage> zul, https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1301393
[13:59] <Haven|Work> TJ- could I pick your brain for a moment?
[14:21] <jamespage> zul, nothing in the libvirt logs
[14:21] <zul> shazbut
[14:22] <zul> im just trying to reproduce it now
[14:31] <jamespage> zul: adam_g was hankering after new libvirt - wonder whether he's seen anything similar
[14:32] <zul> jamespage:  like libvirt 1.2.3? or just an ubuntu cloud archive update
[14:32] <jamespage> just ca
[14:32] <zul> ah last time we touched it was for an libxl update...hallyn is doing a qemu 2.0/libvirt update for it though
[14:35] <hallyn> but not just yet
[14:54] <tomixxx5> what does mean entry "
[14:54] <tomixxx5> sorry
[14:55] <tomixxx5> what does mean entry "*" in gateway column when i call "route"
[15:08] <zul> jamespage:  i havent been able to reproduce it
[15:09] <jamespage> zul, hhm
[15:10] <zul> granted i tried devstack but the tests ran fine for me
[15:10] <ivoks> damn
[15:10] <ivoks> i have to kill highlight on 'ante' :)
[15:11] <zul> ivoks: try highlighting chuck
[15:11] <zul> as in "im going to chuck this thing in here"
[15:11] <ivoks> wanted, granted...
[15:29] <jamespage> zul: bug 1301154
[15:29] <jamespage> opinion?
[15:29] <jamespage> might as well make it compat
[15:30] <zul> jamespage:  why not
[16:02] <seaninryan> quit
[16:39] <jamespage> zul: added some libvirtd.log to bug 1301393
[16:41] <jamespage> zul, ah
[16:41] <zul> hallyn:  ^^^
[16:41] <jamespage> I might see the issue
[16:42] <jamespage> zul, root disk filling up
[16:42] <zul> ah...:)
[16:44] <hallyn> that's bug 1301393 you're talking about, jamespage ?
[16:44] <jamespage> hallyn, yes
[16:44] <hallyn> k
[16:46] <jamespage> hallyn, zul: I've bumped the root-disk size for m1.medium in serverstack
[16:46] <zul> jamespage:  cool
[16:46] <zul> jamespage:  i was using /mnt for some devtsack testing
[16:54] <hallyn> zul: i'm trying to migrate a vm from a saucy laptop to a trusty one.  have you doen that, and had success/
[16:55] <hallyn> zul: seems to hang on sh -c if nc -q 2>&1 | grep "requires an argument" >/dev/null 2>&1
[16:55] <patdk-wk> I have done several precise -> trusty, without issue
[16:55] <hallyn> patdk-wk: live migrations?
[16:55] <patdk-wk> oh, migrate
[16:55] <hallyn> those are supposed to be impossible :)
[16:56] <patdk-wk> I read it as, migrate version :)
[16:56] <zul> hallyn:  i havent
[16:59] <jamespage> zul, hallyn: looks OK now - marked invalid
[16:59] <hallyn> zul: ok.  hm.
[19:02] <adam_g> jamespage, i haven't hit that but i needed the newer libvirt for something else
[19:02] <adam_g> jamespage, you might be interested in https://review.openstack.org/#/c/74889/  someone is playing with the icehouse pocket and beating at it in the gate
[20:08] <tsilenzio> hello
[20:09] <tsilenzio> I have an ubuntu-server (13.10) box running nginx, php-fpm, mysql and postgres, etc.
[20:09] <tsilenzio> its 8 cores, 20gb, etc. its a local development box that 4 developers use
[20:11] <tsilenzio> right now when I do free -m as a command I get (Mem:         19070 total      18806 used       264 free         0 shared       250 buffers     16524 cached)
[20:11] <tsilenzio> is it normal to be so low on free memory? or do i have a memory leak? :s
[20:12] <Pici> you have 16GB cached. thats fine.
[20:12] <tsilenzio> ah alright, thought i had a memory leak
[20:12] <Pici> http://www.linuxatemyram.com/
[20:13] <tsilenzio> why do i have some 6 bytes or 6kb of swap used? :s jw
[20:24] <patdk-wk> looks like you have a harddrive leak
[20:24] <patdk-wk> leaking all over your cached ram
[20:28] <faiss> hi, how to rename p3p2 into eth0 on saucy?
[20:49] <sarnold> faiss: check out /etc/udev/rules.d/70-persistent-net.rules
[20:52] <bladernr_> hey, how familar are any of you with tweaking kernel routing?
[20:52] <jamespage> adam_g, don't worry - it was just me being stupid (to small a root volume)
[20:52] <bladernr_> there used to be a setting in /proc/sys/net/ maybe in ./ipv4 to force packets to ONLY go out and return via the interface they were supposed to.
[20:53] <jamespage> adam_g, I'm fairly comfortable with the icehouse pocket
[20:53] <jamespage> its smoking OK for me right now
[20:53] <bladernr_> by default, it's possible to have packets go out eth1 and come in eth0 if both are on the same network
[20:53] <bladernr_> and it's been well over 5 years since I last tried this and I forgot the magic switch.
[20:56] <sarnold> bladernr_: check Documentation/networking/ip-sysctl.txt for the rp_filter variable -- that looks like the right thing on first glance
[20:56] <bladernr_> thanks... that's a good start then...
[21:16] <Quintasan> Hi, is there any way to make sure which way the data is mirrored in RAID1? Currently I have /dev/md1 (RAID1) with only one disk which contains my data, today I have created /dev/md0 which is RAID0 made out of two 1TB disks, can I just add /dev/md0 to the /dev/md1 array as a device and the data won't get overwritten?
[21:22] <wiredfool> openssl question: Starting a server in a vm at startup, it starts up O(1) seconds after boot and reads 32 bytes from /dev/urandom to seed openssl's random number generator. . In trusty, O(100) seconds after boot,  [   99.783379] random: nonblocking pool is initialized shows up in the logs.
[21:22] <wiredfool> Is this as sketchy as it sounds?
[21:30] <sarnold> wiredfool: every process that uses openssl's random number generator should seed it themselves when they need it; that specific message comes from the linux kernel when it has finally collected enough entropy for the pool to be safe to use
[21:31] <wiredfool> sarnold: so, yes, it's sketchy?
[21:31] <wiredfool> for instance, starting a ssl-enabled webserver @ system startup
[21:31] <Diegonat> hi.. With iftop I see a connection to a IP. I'd like to understand what program is connecting to that ip. How can I do it?
[21:31] <sarnold> wiredfool: it would be best if it could block, but that's not the way the linux /dev/urandom works :(
[21:32] <sarnold> wiredfool: however, we've got a new feature that you could turn on, if it isn't on already... let me go find a nice link to pollinate :)
[21:32] <wiredfool> is there an upstart event that could trap the kernel saying urandom is ready?
[21:32] <sarnold> wiredfool: http://bazaar.launchpad.net/~kirkland/pollen/trunk/view/head:/README
[21:34] <kirkland> sarnold: right, if you want it to block, it should be pointed at /dev/random, not urandom
[21:34] <sarnold> wiredfool: one of our users put this together, but I didn't get around to trying to integrate it into our distribution in time for trusty: http://www.av8n.com/cgit/cgit.cgi/init-urandom/
[21:36] <Diegonat> hi.. With iftop I see a connection to a IP. I'd like to understand what program is connecting to that ip. How can I do it?
[21:36] <wiredfool> sarnold: that sounds like what I want
[21:36] <sarnold> Diegonat: netstat -nlp is very useful for this
[21:36] <sarnold> Diegonat: (sorry for missing it earlier..)
[21:37] <sarnold> wiredfool: yes :) it sounds nice. granted it isn't perfect because the kernel's api really does suck here. :(
[21:37] <wiredfool> sarnold: this is what I'm getting from pound, a ssl terminating load balancer: http://pastebin.com/UPU2EFhv
[21:38] <Diegonat> thank you sarnold
[21:39] <wiredfool> sarnold: looks like open, read, close.
[21:39] <Diegonat> mh... sarnold I cannot see anything with your command
[21:39] <Diegonat> I still see that ip
[21:40] <sarnold> Diegonat: if you run it as root you'll see which process is doing the sending and receiving
[21:40] <wiredfool> sarnold: incidentally,  when pound starts, /proc/sys/kernel/random/entropy_available == 0
[21:40] <Diegonat> ok i see it
[21:40] <sarnold> wiredfool: yeah, it'd be nice if you could delay that read() command until after the entropy pool has been filled some..
[21:40] <Diegonat> but i see an IP
[21:40] <Diegonat> a remote IP
[21:41] <Diegonat> i want to understand what is connecting to it
[21:41] <sarnold> wiredfool: if you set pound to wait to run until after pollinate, you can at least be certain that some entropy has been shoved into the kernel -- it won't change the kernel's conservative entropy measurements, but it -will- provide the pool with unique input
[21:42] <sarnold> Diegonat: which program has the socket open?
[21:42] <Diegonat> no which program is talking to this remote ip
[21:42] <wiredfool> sarnold: I'm wondering if the urandom seed file is early enough in the process that I'm getting the seed from there, it's just not updating the estimate
[21:43] <sarnold> wiredfool: hrm?
[22:47] <hallyn> mdeslaur: jdstrand: hey, how do you feel about the lxc option in virt-manager and virt-install?  and in particular about disablign it?
[22:50] <hallyn> zul: ^
[23:01] <mdeslaur> hallyn: I don't really have an opinion on it
[23:02] <hallyn> ideally we'd have a config file where we coudl leave lxc out by default and have user override it if they really really want
[23:02] <hallyn> but if ppl aregonna stumble into this whiel just playing around, this is pretty much exactly what i didn't want (supporting another, untested lxc)
[23:03] <sarnold> I know I've seen at least one person surprised that the libvirt "lxc" wasn't as safe as the lxc lxc..
[23:03] <hallyn> i'd be surprised too if id idn't know
[23:34] <ivoks> hallyn: ping
[23:35] <ivoks> serious issue with pacemaker in 12.04
[23:35] <ivoks> https://github.com/ClusterLabs/pacemaker/commit/03f6105592281901cc10550b8ad19af4beb5f72f
[23:35] <ivoks> marked as low, but really has a big impact
[23:36] <ivoks> pacemaker node might refuse joining existing cluster cause of this
[23:36] <ivoks> roaksoax: ^
[23:38] <roaksoax> jamespage: ^
[23:38] <roaksoax> ivoks ^
[23:39] <jdstrand> hallyn: disabling it makes some degree of sense. I have always hoped that libvirt could be made to use our lxc. that said, I thought I saw some patches go by on the list for apparmor integration for their lxc
[23:39] <jdstrand> hallyn: maybe from suse? not sure where they came from... maybe within the last month?
[23:39] <ivoks> roaksoax: really? i notified you :)
[23:50] <zul> hallyn:  i dont have an opinon on it
[23:50] <zul> jdstrand:  they came from suse