/srv/irclogs.ubuntu.com/2015/03/17/#ubuntu-server.txt

=== JanC_ is now known as JanC
=== markthomas is now known as markthomas|away
orionHi. My ubuntu server is currently experiencing extremely high load. ksoftirqd/0 is using a lot of CPU time. I am running nginx + php-fpm on 14.04.03:49
orionWhat things can I do to better diagnose the issue?03:49
=== kickinz1|afk is now known as kickinz1
lordievaderGood morning.07:17
=== Lcawte|Away is now known as Lcawte
=== kickinz1 is now known as kickinz1|afk
=== kickinz1|afk is now known as kickinz1
tmontneyI'm having trouble booting ubuntu 14.04 server.08:23
tmontneyIt is using a resolution none of my monitors can display.08:23
tmontneyI just did an install, rebooted, and gets stuck immediately after POST.08:23
lordievadertmontney: Does it actually get stuck, or does it continue but you cannot see it continue?08:25
tmontneyI see HDD activity, so I assume it's loading.08:26
tmontneyHowever I cannot see anything due to incorrect/out of range resolution.08:26
lordievadertmontney: Do you set a resolution in grub?08:27
tmontneyI didn't set any resolution. I cannot see anything past POST.08:27
tmontneyI pretty much did a standard installation, rebooted, and got the out of range display error from my monitor.08:28
tmontneyI tried a few monitors capable of 1024x768 to 1920x1080.08:28
lordievaderHmm, what resolutions does your monitor support?08:28
tmontneyNone of them could display.08:28
lordievaderThat is odd...08:29
lordievaderHow are they connected?08:29
tmontneyVGA08:29
tmontneyintegrated graphics08:29
tmontneypc is from 200308:29
=== Lcawte is now known as Lcawte|Away
lordievaderVery odd indeed. The live-cd/install-cd/usb worked without trouble?08:30
tmontneyYeah, no problem there.08:30
tmontneydid it from usb, used the latest 14.04 LTS server install08:30
tmontneyIs there a config file I can edit?08:30
tmontneyI can pull the HDD out, connect it via an IDE NAS I have.08:30
tmontneyconnect it to another PC I mean*08:31
tmontneyunless the problem runs deeper than simply trying the wrong resolution08:31
lordievaderYou'd think that if it fails detecting the resolution it would take a resolution ~any monitor can display.08:32
tmontneyYeah, that's what I was expecting.08:32
tmontneyI was hoping there was a key combination that would force a resolution safe mode.08:33
tmontneyA common resolution almost any monitor can support, like 640x480 or 800x600.08:33
lordievaderCan you ssh into the box?08:33
tmontneySadly I didn't add anything to the install.08:33
tmontneyIt's going to be for diskless workstations.08:34
tmontneyAll I needed was DHCP and TFTP according to a howto.08:34
lordievadertmontney: So you have an image somewhere?08:34
tmontneyPerhaps I should install a lower server version considering the age of the pc?08:34
tmontneyan image of what08:34
tmontneythe server install?08:35
lordievaderchroot into there, set up ssh, reboot client.08:35
tmontneyHow do I chroot?08:35
lordievaderYou are doing a netboot right?08:35
tmontneyYeah, diskless workstations will get the image from my server.08:35
lordievaderAh wait, this is going to be the server providing the image? *is not awake*08:36
tmontneyCorrect.08:36
tmontneyPerhaps the best thing would be to reinstall but with ssh?08:36
lordievaderAnd it doesn't do ssh?08:36
lordievaderIt probably does ssh, have you tried?08:36
tmontneyOnly because I didn't add anything to the install. I was going to do it later.08:37
tmontneyBut it seems now ssh is always a good idea in case of local access issues.08:37
tmontneyOh08:37
tmontneyI haven't actually tried it.08:37
tmontneyI assumed you had to specify it on install.08:37
lordievaderPerhaps you have to, but I wouldn't be surprised if it is there by default.08:38
tmontneyOdd, it's not even showing up on the network.08:39
lordievaderHmm, the installation did complete sucessfuly?08:39
tmontneyNever mind, it's there but says connection refused.08:40
lordievaderHmm, too bad...08:40
tmontneyI'll reinstall.08:41
lordievadertmontney: You'd want to read this: http://askubuntu.com/questions/299975/proper-way-to-change-terminal-resolution-in-ubuntu-server-13-0408:41
tmontneySo I could connect the HDD to another PC, edit the file, and we're good?08:43
lordievadertmontney: If you then also chroot and run 'sudo update-grub2', yes.08:47
tmontneystill nothing09:19
tmontneyedited /etc/default/grub to GRUB_CMDLINE_LINUX_DEFAULT="splash vga=768"09:20
tmontneyoriginally it was set to "quiet splash" no vga tag presnet09:20
tmontneypresent*09:20
tmontneyI'm tired. I'm just gonna reinstall with SSH.09:30
tmontneyThanks for your help anyway.09:30
tmontneyI appreciate it.09:30
=== bilde2910|away is now known as bilde2910
=== Lcawte|Away is now known as Lcawte
zermannoHi, i am trying to build a router with ubuntu server. Do you know where can i buy a pci express adsl modem that is supported by ubuntu?11:11
RoyKzermanno: I guess I'd rather use a standard DSL modem in bridge mode11:17
RoyKless hassle when you need to upgrade11:17
rbasakYeah. Also the first thing you'll want to do when you have ADSL issues is to try a different modem. Much pain with PCI.11:18
zermannoOk thanks all11:20
zermannoDo you know of any resources for this kind of job apart from lartc.org?11:21
zermannoI mean docs, guides ecc11:21
RoyKzermanno: imho lartc.org is for the rather advanced stuff - what do you need?11:21
zermannoRoyK, Yes its more a hobby project for home, i'd like to try stuff, i have a phd in tlc eng i can handle advanced stuff. I am looking for hints of what people to in real life to take ideas.11:23
RoyKwell, start out at http://www.kintona.com/ip-forwarding-and-masquerading-in-linux/ and add the fun stuff later ;)11:24
zermannoRoyK, thanks!11:24
rbasakmelmoth: thank you!12:10
melmothno problemo :)12:10
=== Lcawte is now known as Lcawte|Away
=== kickinz1 is now known as kickinz1|afk
=== txspud is now known as txspud|ORS
=== kickinz1|afk is now known as kickinz1
=== kickinz1 is now known as kickinz1|afk
=== kickinz1|afk is now known as kickinz1
=== Lcawte|Away is now known as Lcawte
=== kickinz1 is now known as kickinz1|afk
=== kickinz1|afk is now known as kickinz1
samba35is it possible to use cpu passthrouth with kvm like pci ethernet card passthrougth using 14.04.214:33
lordievaderCpu passthrough sounds like a bad idea, even if it was possible.14:44
=== alchemistswl_ is now known as alchemistswl
patdk-wkhmm, if your using kvm, is it basically cpu passthough14:58
patdk-wkif you need something like a dedicated cpu per kvm14:58
patdk-wkthen you use cpu pinning14:58
lordievaderIt is still shared with the host, I'd say.15:00
patdk-wkheh?15:00
patdk-wkif it's pinned? no15:00
patdk-wkif it is still shared, you didn't pin the host15:00
lordievaderSo it is not really passthrough.15:01
patdk-wkheh?15:01
patdk-wkkvm always runs in passthough cpu mode15:01
lordievaderAm I seeing things wrong?15:01
patdk-wkit's just not sticky15:01
patdk-wkpinning makes it sticky15:01
patdk-wkif you mean, you want to use a raw un-initialized cpu, no that won't work15:02
lordievaderI see passthrough as the vm has exclusive rights to the device. The host cannot use it anymore.15:02
patdk-wkbut the way kvm has always, and only works, is by using the virtualization features of the cpu, to do it's form of passthough mode15:02
lordievaderAh, in that sense.15:03
patdk-wkthat is true15:03
patdk-wktill but even in passthough mode, the host can interrupt it15:03
patdk-wkand reassign it15:03
patdk-wkor evne use it if it wants15:03
patdk-wkit just has to *interrupt* the current user15:03
lordievaderAh, check.15:03
patdk-wkfor cpu, that means the vm sleeps15:04
patdk-wkfor pci, that normally means the vm is shutdown15:04
patdk-wkunless your using sr-iov15:04
patdk-wksince then pci passthough using sr-iov is *virtualization* friendly15:04
patdk-wkmore like cpu's15:04
patdk-wkif pci devices supported a saved state, like cpu, it would be much more clean15:05
patdk-wkand you could even support live migration15:05
lordievaderWhoo, fancy.15:05
samba35ok thanks , i will be right back make some chanes15:09
Slinghow does iptables-persistent and fail2ban cooperate? should I stop fail2ban before I save my iptables-persistent rules?15:09
Slingto avoid getting multiple fail2ban chains15:10
jpdsDo you even need fail2ban?15:14
samba35sorry , i just rebooted to check wheter it work but ot seems still i see vcpu /qemu15:15
samba35i tryed to used pinning form vrt-manger15:15
Slingjpds: well, need, I like to have it on all public facing ssh boxes15:15
Slingeven though they don't allow password auth etc15:15
jpdsSling: I just enabled SSH keys, and have iptables rate-limit new connections.15:15
Slingsaves some log pollution and annoyances15:15
Slingwell this is effectively also a rate-limit :)15:16
lordievadersamba35: What is the output of 'virsh vcpuinfo <domain>'?15:16
samba35pls wait15:16
jpdsSling: Built-into iptables itself. :)15:17
samba35vcpu 0 1 and running15:17
samba35cpu affinity  is yyyy15:18
lordievadersamba35: Could you pastebin the full output?15:18
lordievadersamba35: You are not pinning them.15:18
samba35sorry i have internt on guest that is centos715:18
samba35host is 14.04.215:19
lordievadersamba35: 'virsh vcpupin <domain>' shows the pinning in more detail.15:19
samba35ok pls wait let me see i can use ssh15:19
samba350 is 0-3 and 1 is 0-315:20
lordievaderYeah, that means the vcpu's can run anywhere.15:20
samba35can you pls telll me what  i should use to configure cpu /virt-manger ?15:20
samba35while makeing changes do i have to turn off guest ?15:21
samba35or i can reboot guest after makeing changes15:21
lordievadersamba35: Issue 'virsh vcpupin --help' ;)15:22
lordievadersamba35: You can make changes live, but they will not be saved in the config.15:22
lordievaderSo next shutdown -> boot they will be gone.15:22
samba35ic then what i suppose to do15:23
samba35in face i make changes with virsh edit domain15:23
samba35can you pls tel me persistent solution15:25
lordievadersamba35: I have a '<vcpu placement='static' cpuset='1,3' current='1'>2</vcpu>' in my xml definitions. This specifies that there may be a max of 2 vcpu's, at boot 1 is enabled. And the vcpu threads may run on cpu 1 and 3.15:26
samba35so you mean to say i have to edit with virsh and add cpuset=1,315:28
samba35did you configure it by hand or by any tool15:29
lordievadersamba35: Depends on my mood, usually by hand.15:30
samba35ok15:30
samba35let me try15:30
samba35if you dont mind can you pls post some line from you xml file for the guest15:31
lordievadersamba35: http://paste.ubuntu.com/10615859/15:32
samba35this command from redhat will this work virsh vcpupin rhel6u4 1 215:32
samba35ok15:33
samba35thanks15:33
=== xachet_ is now known as xachet
=== Lcawte is now known as Lcawte|Away
samba35i will be back after reboot15:36
samba35thanks15:36
samba35lordievader: thanks15:36
samba35lordievader: that worked15:53
samba35thanks ,but i think i should use the how it was becase it was constantly using 2 cpu and it might matter to other guest15:53
samba35lordievader: btw how many phyiscal core cpu youi are using and which cpu you are using ,this is just to understand my knowlege ,i am using core 2 quard cpu15:57
lordievaderAn AMD Opteron something, something.15:58
samba35ok15:59
samba35cat /proc/cpuinfo15:59
=== markthomas|away is now known as markthomas
caribouhallyn_: looks like you are chairing the meeting today : I will not be able to attend16:13
lordievadersamba35: I know, but I was being lazy.16:26
samba35:)16:26
lordievadersamba35: I also run KVM on an i7 but without pinning as it doesn't have multiple NUMA cells (it's a laptop ;) )16:29
samba35ok16:30
=== Lcawte|Away is now known as Lcawte
=== xachet is now known as xachet_lunchtime
RoyKA laptop with NUMA would have been cool :)17:04
lordievaderJup :)17:15
patdk-wkcool?17:16
patdk-wkthat sounds like a royal pain17:16
JediMasterhi all, is it possible to get logrotate to only delete files older than a certain age? I know it can be done easily with find, but I have a lot of requirements for rotating logs so would like to keep it all together17:27
jpdsJediMaster: Don't you just change the 'rotate' integer?17:31
JediMasterjpds, I don't want to rotate the files, the logs in this directory are one-off logs each time a program is run17:35
JediMasterso I just want to delete the old ones17:35
jpdsJediMaster: Then just use find with -mtime.17:35
JediMasterso I've got a really simple config: /path/to/files/* { daily maxage 7 }17:36
=== Lcawte is now known as Lcawte|Away
JediMasterjpds, read the above =)17:36
JediMasterI want to keep all log management within logrotate config files so they're not splintered into cron scripts etc.17:36
jpdsFor one off logs, I don't bother with logrotate personally.17:37
jpdsWell, not quite, I use the 'savelog' command.17:37
JediMastersure, but there just so many different requirements for different logs I've been given it'll be a headache putting it in different places17:37
JediMasterwhen I run logrotate with the above config file (split over several lines) it just returns back to the command line with no output and no effect17:38
JediMasterahhh17:39
JediMasterin the man page for maxage "The age is only checked if the logfile is to be rotated"17:39
=== xachet_2 is now known as xache
=== xache is now known as xachet
rostamhi how would i know my ubuntu 14.04 box is at which update release, i.e. 1 or 2? thx18:41
RoyKlsb_release -a18:42
rostamRoyK, thanks it says 14.04 there is no update 1 or 2 beside it, I thought apt-get -u upgrade will upgrade it to the latest 14.04 update 2 ?18:43
sarnoldrostam: the only difference is which kernel and x11 is installed, see https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes#LTS_Hardware_Enablement_Stack18:44
RoyKrostam: http://paste.ubuntu.com/10616821/18:45
rostamsarnold,  where do I get security upgrade, there has been some changes to bash. Thanks18:45
RoyKgues you get those from a normal apt-get upgrade18:45
RoyKs/gues/guess/18:45
sarnoldrostam: apt-get update && apt-get -u dist-upgrade18:45
RoyKI usually just do a dist-upgrade18:46
rostamsarnold, RoyK  I do not want to  upgrade the kernel. would dist-upgrade upgrade the kernel ? thx18:46
=== markthomas is now known as markthomas|away
RoyKrostam: IIRC the kernel won't be upgraded by dist-upgrade, and that shouldn't be needed either unless you need some bleeding edge drivers or new stuff18:47
sarnoldrostam: you won't get the new kernel unless you go to some effort to install it18:48
RoyK'some effort' being an apt-get install :P18:49
RoyKbut if you don't know which part of the new stuff you need, well, you don't need a new kernel18:49
rostamsarnold, RoyK it seems it tries to install the kernel: http://paste.ubuntu.com/10616853/18:49
RoyKok18:50
RoyKgo on18:50
rostamRoyK I do not want to install new kernel, since it will break some of the kernel modules we have developed. The kernel modules have kernel version stamped in them and that will break with new kernel.18:51
patdk-wkrostam, heh?18:51
patdk-wkhow did you deploy them?18:52
patdk-wkyou didn't use dkms?18:52
rostampatdk-wk,  we use insmod command.18:53
sarnoldrostam: those are standard security updates. you want those. note the version 3.13.0-46.79 here: https://launchpad.net/ubuntu/+source/linux18:53
RoyKwhat sort of modules?18:53
patdk-wkinsmod doesn't make kernel modules18:53
patdk-wkit loads them18:53
sarnoldrostam: whatever mechanism you have in place really needs to be able to handle security updates.18:54
rostampatdk-wk,  we create .ko files and install them during system boot. They are image capture and audio devices.18:54
patdk-wkyes, how do you make the .ko files?18:54
patdk-wkyou should be using dkms to create your .ko files18:54
rostampatch-wk in our build infrastrucrure we have a custom build, it points to a kernel and header version installed on the host system.18:56
rostamsarnold, thanks I will see how to include those security patches.18:56
RoyKthat's what dkms is for18:57
patdk-wkdkms does all of that for you18:57
rostampatdk-wk, RoyK  my understanding from dkms is the kernel gets compiled on installed system, not sure, if there are any references I greatly appreciate. thanks18:58
patdk-wkyes it will18:58
patdk-wkit will build against the kernel installed on that system18:59
patdk-wkthe only other way you could do it, it would be kindof evil18:59
patdk-wkbuild a binary package for it18:59
rostampatdk-wk, does this means I have to have the kernel source on that system also?18:59
patdk-wkand *depend* on specific kernel versions18:59
patdk-wkthen update it as new security patched kernels come out18:59
patdk-wkno, kernel headers only19:00
rostampatdk-wk,  are there any document please, I just did some googling did not find much on dkms Thanks19:01
patdk-wkhttps://help.ubuntu.com/community/Kernel/DkmsDriverPackage19:03
rostampatdk-wk,  thank you so much.19:03
RoyKhttps://en.wikipedia.org/wiki/Dynamic_Kernel_Module_Support19:03
patdk-wkI know it works, done several19:03
rostampatdk-wk, RoyK thanks I start reading about it. My only concern is we can not have the source code on the system, and it would be interested to find out how dmks will compile the kernel module without source code.19:06
RoyKrostam: obviously, it can't19:09
RoyKrostam: out of interest, why can't you have the source code on the system?19:09
RoyKrostam: ?19:18
rostamRoyK, sorry took a while I have to be in the lab. Well we do not want anyone to access the source code it reveal some of our internal intellectual property.19:23
=== Lcawte|Away is now known as Lcawte
RoyKrostam: what sort of servers do you use this on?19:23
rostamRoyK the servers are PCIe off the self product. We buy them from various vendors.19:24
RoyKrostam: just wondering - if they're for use inhouse, why are you scared about the code?19:25
patdk-wkwell, you have to rethink how you do it19:25
patdk-wkhave to make a lib that has your code in it19:25
patdk-wkthen *compile* the kernel wrapper around it19:25
rostamRoyK, They are sold to Enterprise customers. We can update the images but we do not want the customer access our source code.19:26
RoyKrostam: that's a breach of GPLv219:26
rostampatdk-wk, I agree we need to rethink on this, kernel wrapper ??19:26
RoyKrostam: if you sell a system with custom kernel code to a customer, that customer must have access to the code19:27
rostamRoyK, our legal department has advise as long as we are not GPLv3 we do not have to release the source code.19:27
sarnoldnvidia has something similar but since they derived their linux drivers from their windows drivers they are (begrgudguingly?) allowed to not be a derivative work of the kernel..19:28
RoyKrostam: they are wrong. Cisco lost a case to FSF about the exact same thing19:29
RoyKrostam: and Linux is GPLv2, so you won't get around that19:29
rostamRoyK I will defintely recheck this.19:29
RoyKdo that19:30
rostamsarnold, RoyK, patdk-wk  thank you so much for all your advise.19:30
RoyKcisco isn't a small company, but they lost this https://en.wikipedia.org/wiki/Free_Software_Foundation,_Inc._v._Cisco_Systems,_Inc.19:30
rostamRoyK thanks for link I will forward it to our legal department19:31
RoyKrostam: do that - I don't like people breaking GPL19:31
rostamRoyK sure19:32
patdk-wkI forget where the legal bouneries lie, and won't go there19:32
RoyKpatdk-wk: well, in GPLv2 it's quite simple, if you distribute a compiled driver or something else that links to GPL, you have to distribute the code19:33
patdk-wkah, then you just need to use userspace callbacks to get around the issue19:36
RoyKpatdk-wk: indeed, if you can do that19:39
RoyKpatdk-wk: or do as graphics cards makers do - create a blob and distribute it with the source doing the linking19:40
RoyKpatdk-wk: but most normal drivers are just easy things that should be open19:41
RoyKpatdk-wk: do you remember the Intel driver by Becker? It sucked at some things and Intel did the only right thing - they opensourced their drivers19:42
patdk-wkdon't remember19:42
RoyKwell, Intel was one of the first to write drivers for Linux directly, in OSS19:43
RoyKand to start talking to the kernel guys19:43
RoyKinstead of keeping the cards close at hand and refusing access to any docs without a mile long NDA19:44
patdk-wkvideo? or other?19:45
patdk-wkmy experience with intel linux drivers hasn't been good19:45
RoyKnot sure about video - think they're open on that too19:45
patdk-wkfrom endless intel graphics and wifi problems19:45
RoyKbut it all started with that e100 card19:45
patdk-wkissues too with network, but those are more rare atleast19:45
RoyKbroadcom didn't learn from that :P19:45
patdk-wkbroadcom is horrible19:46
RoyKAFAIK their hardware is ok19:46
RoyKbut reverse-engineered drivers aren't19:46
patdk-wknot so sure of that :)19:46
zkvvoobHi all. I'm getting some strange ERROR 500 when I activate a Wordpress plugin called BuddyPress. However, the error does not appear in Apache's error.log. Could anyone help me troubleshoot this issue?20:11
thumpba_im getting an error when rebooting an instance in openstack "error: unknown filesystem entering rescue mode, grub rescue" im using a uefi image20:13
=== markthomas|away is now known as markthomas
=== bilde2910 is now known as bilde2910|away
=== martins-afk is now known as martinst
=== kickinz1 is now known as kickinz1|afk

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!