macskay | hey when trying to point a domain to a nameserver of my server. how can i find out what my nameserver is and where to point it to? | 00:12 |
---|---|---|
tsimonq2 | /o | 00:12 |
tsimonq2 | whoops | 00:12 |
patdk-lap | macskay, there is no way to do that | 00:26 |
patdk-lap | you have to know what it is to find it out | 00:26 |
macskay | patdk-lap: So I basically ask support. | 00:26 |
patdk-lap | of whoever is running your nameservers | 00:26 |
macskay | Yeah alright, I'll do that. Thanls | 00:27 |
sikun | what would be the proper way of syncing files between servers? I'm working on setting up a "HA" webserver | 00:45 |
sikun | the MySQL database is simple, I have two servers in a Master > Slave replication setup | 00:48 |
RoyK | sikun: try a mariadb galera cluster | 00:54 |
patdk-lap | heh, a mysql HA is NOT simple at all :) | 00:57 |
RoyK | patdk-lap: mariadb galera looks rather neat | 00:57 |
patdk-lap | yes, it has large drawbacks, but it does solve a lot of issues | 00:58 |
RoyK | patdk-lap: and with a couple of haproxy machines in front with pacemaker, it should do well | 00:58 |
sikun | RoyK, I was actually just reading on MariaDB | 00:59 |
sikun | wondering how many servers in total I'll need to have it fully HA | 01:00 |
RoyK | sikun: development of mysql has ceased a lot since Oracle took over | 01:00 |
RoyK | sikun: four | 01:00 |
RoyK | sikun: two mariadb servers, two haproxy servers | 01:00 |
patdk-lap | hmm? there have been lots of development on mysql 5.7 | 01:01 |
sikun | I'll just need to get an additional server then | 01:01 |
RoyK | sikun: you may be able to just use two with some black magick | 01:01 |
RoyK | sikun: just use VMs | 01:01 |
sikun | I will once I get the virtualization environment running | 01:01 |
RoyK | sikun: we have around 300 servers at work - less than 10% of those are physical if you don't count the vm hosts | 01:02 |
sikun | same, at work our VMware cluster has 200 or so VMs | 01:02 |
sikun | but god it is so freaking slow | 01:02 |
sikun | such poor design when it was configured | 01:02 |
sikun | as a personal preference I use Hyper-V | 01:03 |
* RoyK slaps sikun with an old, Swedish herring | 01:04 | |
sikun | lol | 01:04 |
sikun | I know, I'm an outcast at work for being a Hyper-V supporter, but I've had no issues with my prior setup, it performed fantastic. | 01:05 |
patdk-lap | I always had funky tcp connection issues with hyper-v | 01:05 |
patdk-lap | tcp session would establish, but data wouldn't flow | 01:05 |
sikun | which version though | 01:05 |
sikun | 2k12R2? | 01:05 |
patdk-lap | 2008 | 01:05 |
sikun | yep | 01:05 |
patdk-lap | so hyper-v went out, and esxi came in | 01:05 |
sikun | EVERY single person that dislikes Hyper-V says they had issues on 2k8 | 01:06 |
RoyK | I guess it's a wee difference between having a few VMs on hyper-v compared to 200 VMs on vmware | 01:06 |
sikun | so did I but it has become so much better | 01:06 |
patdk-lap | I have 7 esxi hosts, with 800+ vm's on them | 01:06 |
patdk-lap | they run great | 01:06 |
RoyK | sikun: storage and memory is usually the bottlenecks | 01:07 |
RoyK | s/\<is\>/are | 01:07 |
lamont | that part where virt-viewer keeps taking focus from everywhere when new output appears on the screen... how do I make it stop being so antisocial? | 01:07 |
sikun | I've been up to 40 VMs on a single Hyper-V host | 01:07 |
patdk-lap | lamont, what do you mean focus? | 01:07 |
sikun | and still every VM performed amazingly | 01:07 |
patdk-lap | last I knew, you couldn't change focus on terminal | 01:07 |
lamont | I mean that the window that I'm trying to type in keeps losing focus to the console window in virt-viewer | 01:08 |
RoyK | sikun: did they do anything useful? what sort of storage? | 01:08 |
patdk-lap | lamont, what are you talking about windows? | 01:08 |
patdk-lap | there are no windows | 01:08 |
lamont | patdk-lap: one terminal window, one virt-viewer window, all of them under unity | 01:08 |
patdk-lap | unity? | 01:08 |
sikun | RoyK, web servers, database servers, offsite backup VMs, a whole bunch of random crap | 01:08 |
patdk-lap | there is no unity in ubuntu-server | 01:08 |
sikun | RoyK, the storage was a mix of SSD/SAS | 01:09 |
lamont | patdk-lap: nm | 01:09 |
RoyK | sikun: we're getting a new SAN this year, budget ~$500k, perhaps a bit more - hope it has tiered storage - using equallogic now and it sucks rather badly | 01:10 |
sikun | ha, we're TRYING to get approval for a new SAN | 01:10 |
sikun | we're down to 1.8TB free space | 01:10 |
RoyK | ouch | 01:11 |
sikun | also equallogic and yes, they do suck | 01:11 |
RoyK | we'll probably need half a peta or thereabouts | 01:11 |
RoyK | perhaps a bit less | 01:11 |
sikun | and we only have a budget of $50k | 01:11 |
RoyK | you won't even get a 100TiB shelf from dell/supermicro for that price | 01:12 |
sikun | oh, i know | 01:12 |
RoyK | we have two 100TiB (net storage) shelves that are supposed to stripe data across | 01:12 |
RoyK | but then - when one of them shows 100% utilisation and the other 60% you know something is wrong somewhere | 01:12 |
RoyK | and of course there's no logs | 01:13 |
RoyK | except those encrypted ones you can mail to Dell | 01:13 |
sikun | I found three 36TB SANs for $2500 | 01:13 |
sikun | well NAS storage not SAN | 01:14 |
RoyK | I went to Limerick on this how-to-understand-storage thing (about Compellent) with Dell and asked what it would take to get access to those logs and was told 'nay - won't happen' | 01:14 |
sikun | EMC Isilon IQ336000X | 01:14 |
RoyK | yeah, you said so | 01:14 |
RoyK | hopefully you can use 'standard' drives with that too | 01:15 |
RoyK | that is, those without the EMC firmware | 01:15 |
sikun | yeah, hopefully | 01:15 |
RoyK | last I checked, EMC didn't make drives | 01:15 |
sikun | lol.. gotta love equals with that pain in the ass bs firmware crap | 01:15 |
sikun | 1TB 7.2K 3.5" SATA Hard Drives | 01:16 |
sikun | looks like standard drives | 01:16 |
RoyK | we got a new EQL shelf in house - cost a small fortune - checked the drive type and it was the exact same as http://paste.debian.net/791038/ | 01:18 |
RoyK | only diff between the EQL thing and the zfs-based thing I made was that it cost a lot more (that is, it's got double controllers, but then, failover on EQL rather sucks anyway) | 01:19 |
sikun | hmm.. these nodes have both infiniband and 10GBe | 01:19 |
sikun | er.. 10GbE | 01:19 |
RoyK | we don't use infiniband - yet - but we have 10Gbps all over | 01:20 |
sikun | that's something we're starting to implement | 01:20 |
RoyK | we have two separate connections to uninett.no (university network) both on 10G | 01:21 |
DexDeadly | whats the quickest way to share a directory on my 16.04 LTS server so that I can write to it from my windows 10 machine | 04:53 |
DexDeadly | ?? | 04:53 |
=== tomtom52 is now known as crazyhorse18 | ||
* jmpp greets! | 06:56 | |
jmpp | I'm getting the following for a mysql package afer running apt-show-version -u un Ubuntu 14 | 06:57 |
jmpp | mysql-server:amd64/trusty *manually* upgradeable from 5.6.30-1ubuntu14.04 to 5.6.32-1ubuntu14.04 | 06:57 |
jmpp | emphasis on manually from apt itself, not me | 06:57 |
jmpp | and no matter what I do, apt-get install with --upgrade-only, --reinstall, or even apt-mark auto on that package and all its dependencies (which are also marked the same)... | 06:58 |
jmpp | I just cannot remove that marker and upgrade the package | 06:58 |
jmpp | all my upgrade attempts pretend as if the installed version is the latest, which it clearly isn't | 06:58 |
jmpp | any tips on how I can knock some sense into apt-get? thanks in advance! | 06:58 |
=== Thorn__ is now known as Thorn | ||
=== hateball_ is now known as hateball | ||
=== hateball is now known as Guest62070 | ||
=== Deliants is now known as Deliant | ||
=== hateball_ is now known as hateball | ||
=== hateball is now known as Guest69163 | ||
=== hateball_ is now known as hateball | ||
spartan2276_ | How can I get Apache2 SSL server to accept non ssl. As of now I'm getting a 400 Bad Request error. So all I want is for apache to let me use http and https at the same time. | 09:33 |
spartan2276_ | Anyone? | 09:54 |
ducasse | i've noticed a weird thing with an lxc container on 16.04. inside the container 'free -m' reports 350mb used, while lxc-info reports "memory use" as 25gb. for other containers the numbers match, and the host is clearly not using >25gb. what could cause this? | 10:04 |
=== _degorenko|afk is now known as degorenko | ||
samba35 | "A start job is running for raise network interfaces (2 minutes of 5 mins 1 sec)" i am getting this error on 16.04.1 | 10:27 |
Danawar | Hi Ubuntu server i have a software raid is it possible to revert this so it is no longer in a raid? | 11:29 |
RoyK | Danawar: do you mean split it up into separate disks? | 11:34 |
Danawar | We want to move a server into virtual environment and i have been told P2V is not possible with the software raid so i was wondering if it would be possible to dump the raid onto one harddrive and then P2V it. | 11:35 |
RoyK | Danawar: the problem is more than that - the p2v shite from vmware doesn't support lvm either | 11:37 |
RoyK | Danawar: how many drives in what sort of raid? | 11:38 |
RoyK | Danawar: often I find it easier to just setup a new vm, configure it and rsync the data over | 11:39 |
Danawar | Is there a way i can find that out as i have not been told! | 11:39 |
RoyK | just try to p2v another machine with lvm on the root | 11:40 |
RoyK | Danawar: didn't work last I tried | 11:43 |
kpettit | Any of you guys do 2 factor authentication stuff for SSH and/or Apache? Seems like tons of solutions out there so trying to see which one makes the most sense | 12:53 |
kpettit | I've got SSH Key + Local passwd auth going now. But that's as far as I've got. | 12:54 |
ikonia | what sort of thing are you looking for | 12:54 |
ikonia | people don't seem to bother with 2fa/mfa on ssh as the hassle outweighs the usability | 12:55 |
kpettit | Basically trying to make PCI compliance happy. Which means "something you have" and "something you know" | 12:55 |
ikonia | what PCI standard | 12:55 |
kpettit | ikonia: I totally agree. | 12:55 |
ikonia | I've always passed PCI without 2fa on ssh | 12:55 |
kpettit | But it's a required thing I have to do | 12:55 |
ikonia | kpettit: are you using LDAP ? | 12:56 |
kpettit | key with password doesn't count apparently with SSH. | 12:56 |
kpettit | no. This is mainly for cloud web servers. | 12:56 |
ikonia | interesting, I've hit government secret PCI and government confidential PCI (in a public cloud) without 2fa on the SSH session | 12:57 |
ikonia | as long as you have audit points it's never been flagged | 12:57 |
kpettit | some of the PCI stuff is stupid. | 12:57 |
ikonia | it is - but most of it is negotiable if you can show a replacement control or process or an impact to functionality | 12:57 |
kpettit | I've got SSH locked hard. Adding 2 factor on it increases complexity and really doesn't protect much. Espically for only a few users. | 12:58 |
ikonia | eg: auditing and/or HBAC normally makes ssh access a breeze to comply | 12:58 |
kpettit | HBAC? | 12:58 |
kpettit | From what I understand on PCI, there is a ASV (Approved Scanning Vendor) and they basically go through the PCI stuff and say if your good or not. And I keep being told what i have on ssh isn't good enough. I think my ghetoo solution of using both Key and local passwd password works good though. Complies with the sonmething you have and something you know thing | 12:59 |
kpettit | But not sure the way to go with Apache. | 12:59 |
ikonia | HBAC (host based accounting) | 13:00 |
kpettit | Ah. I'm getting up to speed on all the terms and stuff with PCI. | 13:01 |
kpettit | Some of it is great I think, and some of it is pretty useless. guess we take the good with the bad | 13:02 |
kpettit | Any ideas with apache? | 13:02 |
samba35 | if i do not get linux drivers for wifi card and if i use ndiswrapper do i get same result of hardware or feature/performace is degraded ? | 13:11 |
xnox | samba35, your ISP connection is probably still slower than any wifi speed you get, so in practice it's irrelevant, as long as you are happy with it. | 13:18 |
xnox | also impossible to know =) you are using a foreign blob, thus there is no baseline. | 13:18 |
samba35 | i am using kodi and want to use dlna server for hd movie or even normal movie also stuck after some time | 13:20 |
coreycb | hello jamespage beisner, keystone 2:9.0.2-0ubuntu2~cloud0 is ready to promote to mitaka-updates | 13:28 |
jamespage | coreycb, looking now | 13:29 |
jamespage | coreycb, done | 13:30 |
coreycb | jamespage, thanks | 13:32 |
coreycb | jamespage, beisner, aodh 2.0.2-0ubuntu1~cloud0, ceilometer 1:6.1.3-0ubuntu1~cloud0, and openstack-trove 1:5.1.0-0ubuntu1~cloud0 are ready to promote to mitaka-updates | 13:44 |
jamespage | coreycb, on it | 13:45 |
=== JanC is now known as Guest58470 | ||
=== JanC_ is now known as JanC | ||
jamespage | coreycb, done | 14:19 |
jamespage | coreycb, am I ok to push out the qemu security regression as well? | 14:19 |
jamespage | coreycb, oh its not the regression | 14:20 |
* jamespage looks again | 14:20 | |
lunaphyte | i have an nfs server, configured and in active use, yet i don't see port 2049 listed in lsof -nPi. is that weird? or is there just something i don | 14:28 |
lunaphyte | *i don't understand? | 14:28 |
coreycb | jamespage, looks like qemu needs to be promoted to mitaka-proposed and tested | 14:28 |
jamespage | coreycb, yeah just promoted the followup fix for the regression | 14:29 |
coreycb | jamespage, thanks | 14:29 |
jamespage | lets hold qemu from updates for now and do in one hiut | 14:29 |
lunaphyte | additionally, when writing a file via nfs, i can see the file actively growing in the filesystem, but don't see the file listed in the output of lsof either. | 14:29 |
lunaphyte | how can i learn why this is? | 14:29 |
penguiner | Hi, I have a question. I am running apache2 on ubuntu 16. If I do apt-get update && apt-get upgrade will it update apache2 to the latest version? | 14:55 |
Pici | penguiner: the latest version in the repos. You can do apt-get update and then apt-cache policy apache2 to see the version you have and any candidate versions. | 14:58 |
penguiner | Thanks Pici. | 15:00 |
penguiner | I assume this means I have the latest installed? | 15:00 |
penguiner | Installed: 2.4.18-2ubuntu3.1 | 15:01 |
penguiner | Candidate: 2.4.18-2ubuntu3.1 | 15:01 |
nacc | penguiner: yes, that is the latest available (per your last apt update) -- rmadison indicates the same for 16.04 | 16:02 |
penguiner | Thanks nacc! | 16:03 |
nacc | penguiner: np | 16:04 |
=== Guest25180 is now known as med_ | ||
=== med_ is now known as medberry | ||
=== medberry is now known as med_ | ||
dr4c4n | hey, I'm running ubuntu 16.04 and just recently with LAMP package installed during original installation, if I try to apt-get upgrade, I get a dpkg error with mysql-server, is anyone else having this issue? | 17:09 |
dr4c4n | ubuntu server* | 17:10 |
RoyK | dr4c4n: please pastebin the output from that | 17:16 |
RoyK | !pastebin | dr4c4n | 17:16 |
ubottu | dr4c4n: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. | 17:17 |
=== InfoTest1 is now known as InfoTest | ||
dr4c4n | RoyK: the output from what? | 17:24 |
dr4c4n | RoyK: I didn't try to copy anything multiline, I just wrote that question above, and forgot to include ubuntu server so I put ubuntu server * | 17:26 |
RoyK | dr4c4n: - I get a dpkg error with mysql-server, is anyone else having this issue? | 17:26 |
RoyK | dr4c4n: for anyone to be able to help you, we or they need to see what sort of error message you got | 17:27 |
dr4c4n | RoyK: okay perfect. will do now. | 17:27 |
=== sarnold_ is now known as sarnold | ||
dr4c4n | RoyK: I will redo installation and same setup options: just so you know I've done the regular 16.04 ubuntu server installation with ssh and LAMP | 17:32 |
Ussat | I just finished 4 servers with LAMP stacks and ssh, no issues | 17:32 |
RoyK | just try to do an apt-get install -f | 17:33 |
RoyK | it should give you sufficient information | 17:33 |
dr4c4n | when I tried that on the old vm, it said dpkg lock (which means in use because I had to ctrl-z) to stop the installation as it was stuck | 17:34 |
RoyK | fg | 17:34 |
RoyK | then stop dpkg in a better way | 17:35 |
Ussat | ^^ | 17:35 |
Ussat | or just let the lock finish | 17:35 |
dr4c4n | well this way I will reproduce the exact error message I was getting to start with, as I was trying several methods of uninstalling / reinstalling mysql, and they were all not working.. | 17:36 |
RoyK | Ussat: it won't finish if he suspended the job with ctrl+z | 17:37 |
Ussat | ah yea, if he suspended it | 17:37 |
RoyK | dr4c4n: killall -9 dpkg apt-get # perhaps | 17:38 |
dr4c4n | RoyK: just finished installation, running from scratch, apt-get update, then apt-get upgrade <-- this is where it has failed once on me today, and will send pastebin in moment. | 17:39 |
dr4c4n_ | RoyK:http://paste.ubuntu.com/23082612/ | 17:49 |
RoyK | dr4c4n_: perhaps try mariadb instead - mysql is rather out in the cold now | 17:50 |
Ussat | is it ? I just instaled mysql on 4 servers.... | 17:50 |
Ussat | maria is a drop in replacement isnt it ? | 17:50 |
dr4c4n_ | Ussat: I had no problems installing it as of yesterday | 17:51 |
dr4c4n_ | Ussat, RoyK: I have been putting mysql on multiple vms, then when I tried to create a new vm today with the LAMP on, this is the error I'm getting | 17:51 |
dr4c4n_ | I can't really try a different database as my requirements include mysql | 17:52 |
dr4c4n_ | I mean, this is right after a fresh installation on a new vm, and I've performed it twice | 17:55 |
dr4c4n_ | same issue | 17:55 |
dr4c4n_ | should I post something to ubuntu forums? | 17:56 |
dr4c4n_ | Is there something wrong with my installation media? | 17:57 |
jge | dr4c4n_: all of the stuff I'm seeing by searching that error happens during an upgrade, not a fresh install.. have you tried doing this: https://askubuntu.com/questions/760724/16-04-upgrade-broke-mysql-server (first answer) | 17:59 |
dr4c4n_ | jge: that's what I mean, I freshly install the server, and run apt-get update, then apt-get upgrade, and this is what happens. | 18:01 |
dr4c4n_ | an apt-get upgrade shouldn't break the server | 18:02 |
dr4c4n_ | and trying what they suggested on that link, just makes mysql hang during reinstall at a different point | 18:03 |
jge | dr4c4n_: what version of ubuntu server are you on? also, what's the full command you're using to install | 18:10 |
dr4c4n_ | jge: I'm running 16.04, I'm installing the SSH and LAMP packages during the installation | 18:12 |
dr4c4n_ | jge: all I'm trying to do is an apt-get update followed by apt-get upgrade | 18:12 |
dr4c4n_ | jge: I'm running it in a vm if that makes a difference? | 18:14 |
Ussat | I literally just finished what yure doing on a new VM with no issues......what is the exact command youre useing | 18:15 |
jge | dr4c4n_: I would just remove mysql-server, perform the upgrade then install it again (sudo apt-get remove mysq-server&&sudo apt-get autoremove) | 18:17 |
Ussat | or just use mariadb it seems | 18:17 |
Ussat | which seems to be a drop in replacement | 18:18 |
=== degorenko is now known as _degorenko|afk | ||
dr4c4n_ | so is mariadb going to be included in LAMP from now on? | 18:19 |
Ussat | I dont know what you mean, included, I installed apache, php, mariadb | 18:20 |
dr4c4n_ | Ussat: well during the installation, there are default package suites that you can install during installation | 18:20 |
Ussat | sure, I never go that route, I always install minimum, then choose what I need | 18:21 |
dr4c4n_ | Ussat: ah, ok | 18:21 |
Ussat | I have custom build scripts I use for different server purposes | 18:22 |
dr4c4n_ | jge: another error | 18:22 |
jge | mind sharing the error.. | 18:23 |
Ussat | aneother reason I dont use the "pre-packaged" defaults | 18:24 |
Ussat | I would remove everything the "LAMP" pakage installed and install them individual packages manually | 18:26 |
dr4c4n_ | jge: sorry I have to type it all out | 18:26 |
dr4c4n_ | http://paste.ubuntu.com/23082727/ | 18:26 |
tomreyn | dr4c4n_: you should show the output of: apt-cache policy; apt-get -f install; apt-get update | 18:27 |
Ussat | mysql_upgrade: Got error: 1045: Access denied for user 'debian-sys-maint'@'localhost' (using password: YES) while connecting to the MySQL server | 18:27 |
Ussat | THAT is your issue | 18:27 |
jge | not pre-packaged, ubuntu allows you to select packages manually during install just saves you a few steps after install | 18:27 |
tomreyn | dr4c4n_: ignore what i asked for, the issue is clear. | 18:28 |
dr4c4n_ | so what I'm learning from this is to install the packages individually instead of the prepackaged versions | 18:29 |
jge | dr4c4n_: why are you upgrading, I suggested to remove mysql then do a system upgrade and reinstalling after. | 18:29 |
Ussat | dr4c4n_, no, thats not the issue at all in this case | 18:29 |
Ussat | see what I pasted above | 18:29 |
dr4c4n_ | Ussat: I realize that the mysql isn't allowing a connection which means the server probably isn't stopping which is why it's not uninstalling | 18:30 |
Ussat | or upgrading, which, is why its erroring out | 18:30 |
dr4c4n_ | jge: I usually run apt-get update and then apt-get upgrade right after I finish installation | 18:31 |
Ussat | ... | 18:31 |
Ussat | if you stop the database, I bet the upgrade goes fine | 18:34 |
dr4c4n_ | Ussat: trying that now | 18:36 |
=== iberezovskiy is now known as iberezovskiy|off | ||
Ussat | hmm...wonder how that went | 18:47 |
dr4c4n | Ussat: | 19:04 |
dr4c4n | still working on it | 19:04 |
dr4c4n | I can't purge mysql-server | 19:14 |
dr4c4n | because it still gives me the same error about access denied for user debian-sys-maint | 19:15 |
dr4c4n | fudge it | 19:15 |
dr4c4n | new install | 19:15 |
dr4c4n | Ussat: I'm also downloading the latest install media | 19:20 |
=== skeezix-hf is now known as Ofir | ||
=== Ofir is now known as skeezix-hf | ||
jge | join #hipchat | 20:02 |
=== keithzg_ is now known as keithzg | ||
rabbitdew | I have a remote server that was set up with the partitions mounted to the wrong drive. I need to rsync the root directory with a different partition. The only ways I know are in recovery mode or from livecd, but How can I do this on a remote server? | 22:44 |
FManTropyx | Postfix is running with backwards-compatible default settings, but my host is not processing incoming emails - I fixed the outbound problem, just set the hostname properly: seems it overrides mailname | 23:51 |
=== Deliants is now known as Deliant |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!