| === Ofir is now known as skeezix-hf | ||
| sarnold | stokachu: nice announcement mail :) btw your MUA did something silly: http://conjure-up.i <http://conjure-up.io>o -- hehe :) | 02:19 |
|---|---|---|
| stokachu | ah crap | 02:20 |
| stokachu | i blame gmail | 02:20 |
| sarnold | always a good plan :D | 02:20 |
| stokachu | haha | 02:20 |
| sarnold | at least there's a working link right next to an obviously-funny-looking link | 02:20 |
| stokachu | sarnold, i like to keep things interesting | 02:20 |
| sarnold | lol | 02:21 |
| qoarzers | I am having problem with adjusting the brightness of my laptop screen in ubuntu 16.04. My laptop is Toshiba satellite pro c640. I have tried all the solutions from ubuntu forum but nothing worked. | 02:23 |
| sarnold | qoarzers: most of the people in this channel never even see their computers; you may wish to try in #ubuntu instead | 02:24 |
| qoarzers | I want to do web developing using Rails in ubuntu | 02:25 |
| sarnold | qoarzers: you've got a few choices to make there -- you can either stick with what's packaged in ubuntu's repositories, or you can stick with using ruby and rails and so on from upstream sources. both are fine choices but it's worth deciding that you want to do one or the other -- mixing and matching is likely to lead to trouble | 02:27 |
| sarnold | qoarzers: I've really enjoyed reading the pragmatic programmer's guides to ruby on rails, I think they're a nice introduction | 02:28 |
| sarnold | one trouble of course is there's so many versions of RoR that leads to so many books .. | 02:28 |
| qoarzers | Yeah but the code is easy to understand | 02:29 |
| sarnold | the downside is it can be insanely hard to pick up something that was left six months ago | 02:30 |
| sarnold | and forward porting to newer versions may also be a bit tricky | 02:30 |
| sarnold | the 'convention over configuration' may make it super-easy to get things done for the regular users but if you just fiddle with it every six months you'll go crazy when absolutely nothing you search for exists anywhere else in the source tree. | 02:30 |
| qoarzers | sarnold: yeah that is true | 02:32 |
| zzxc_ | Alright I have a question. I'm running an AWS instance with 7.8G of ram + 4G of swap. I have a java application that had a memory leak that was fixed. The issue is OOM Killer keeps killing it, and I'm not sure why. I change it off of the heuristic alogrithm it is using way less tha the threshold. Any ideas? | 03:04 |
| sarnold | can you tune the java heap with those -Xm blahblah command line options to encourage it to use less memory? | 03:08 |
| sarnold | or can you buy another six gigabytes of RAM from amazon? :D | 03:08 |
| sarnold | what do the swapin and swapout columns of 'vmstat 1' show when it's under load? | 03:08 |
| zzxc_ | sarnold: Well the thing is that its only using 1.5 G of actual memory. Its allocating more and the VIRT memory is 6G but the application is only using 1.5G of memory. | 03:10 |
| sarnold | really?? that doesn't sound like you ought to be getting to oomkiller then :/ | 03:11 |
| zzxc_ | Yeah. We even upped the threshold to 100 of physcial memory and it is still crashing. I migrated this from a 14.04 instance with less memory as well. | 03:12 |
| sarnold | if you can't find anything 'obvious' in the logs, I think the next step is to try collecting enough data to spot a pattern; maybe gather slabtop output peridocailly, top sorted my memory output periodically, etc.. | 03:12 |
| zzxc_ | We are using the -Xmx flag to give it a limit of 4G of memory. | 03:13 |
| sarnold | what else runs on this system? | 03:13 |
| zzxc_ | A couple of things. Tomcat is running java, Apache, a headless libre office instance, clamav, SFTP clients some high volume users. | 03:14 |
| zzxc_ | I'm starting to wonder if the SFTP users are part of the issue. | 03:15 |
| zzxc_ | Unfortantly the person who set up this part decided to have a flat archive folder. For one of use SFTP clients there are over 147737 files. | 03:17 |
| sarnold | ow | 03:17 |
| zzxc_ | Yep. Its also possible that it could be a memory leak somewhere as well. But it only seems to effect this env, though this is the heavist use one. This has been driving me nuts all week. | 03:21 |
| sarnold | yeah it would do that | 03:23 |
| sarnold | try getting some more data; run something every minute or so that outputs smem or top output, slabtop output, free -m output, etc. | 03:24 |
| sarnold | based on what you've mentioned here it feels like all the memory is going to be pinned in the kernel to manage that ridiculous directory and bufferheads to manage IO to that directory | 03:24 |
| sarnold | but those are .. wild guesses at best. | 03:25 |
| zzxc_ | sarnold: Yeah that sounds reasonable. | 03:32 |
| zzxc_ | I also am starting to think that some of the work that was done to fix this might be part of the issue. I'm going to disable the java profiler my boss put in place and change the alorigthm back to the heuristic method. That they value I got was to trigger on over commit. | 03:34 |
| zzxc_ | Anyways these are all tomorrow issues. sarnold thanks for the help. | 03:35 |
| sarnold | zzxc_: good luck, and if you remember, I'd be curious to hear what it was when you sort it out | 03:36 |
| zzxc_ | sarnold: Will do. | 03:37 |
| patdk-lap | oom killer? you have to look at the full output of oom killer | 03:49 |
| patdk-lap | likely it is not the issue, but something else | 03:49 |
| patdk-lap | what is the full dmesg output of the oom? | 03:49 |
| sarnold | oh does it give useful output these days? | 03:51 |
| patdk-lap | well, the output of the top programs and memory they are using at the time it picks what to kill | 03:52 |
| patdk-lap | in my case, it's normally some other program that pushes the kernel over and causes it to oom somethign else (mysql) | 03:52 |
| patdk-lap | cause it has the single largest memory allocation | 03:52 |
| sarnold | oh nice | 03:53 |
| sarnold | well, nice that it gives you -some- data :) my recollection was just "failed n-order allocation, killing task <blah> with badness <blah>" and then you weep in the corner | 03:54 |
| sarnold | zzxc_: ^^ if there's data in the ooms, please do share :) | 03:54 |
| === JanC is now known as Guest8949 | ||
| === JanC_ is now known as JanC | ||
| blueking | fileserver with 4 nics 1 connected to router and plan have 3 nics connected to switch... 2 or 3 vlan are gonna have access to fileserver... how would you configure these 3 nics ? one nic each subnet or LACP + trunk vlans on this ? | 12:58 |
| patdk-lap | depends on the usage pattern | 13:15 |
| blueking | patdk-lap point are increase throughput from fileserver to multiple devices/subnets | 13:32 |
| blueking | if several devices access fileserver from same subnets it's limited to 1 gbit if do 1 nic each subnet if lacp it can have 2 or 3 GBit's | 13:33 |
| patdk-lap | blueking, no | 15:30 |
| patdk-lap | and it depends on usecase | 15:30 |
| patdk-lap | I wouldn't worry about multible client access, and it won't happen | 15:30 |
| patdk-lap | everything has to be perfect everywhere, to have >1 client use >1gbit | 15:30 |
| patdk-lap | most of the time, you are going hit many other limits, that will cause <1gbit performance | 15:31 |
| patdk-lap | do you need redundency for failed links? use lacp, sure | 15:31 |
| patdk-lap | if you need >1gbit speeds, and those users are on different vlans, sure use one port per vlan | 15:31 |
| patdk-lap | but attempt to balance over lacp, is really not a simple thing at all, and depends a lot on luck | 15:32 |
| patdk-lap | on paper, yes it looks good, but in practice, it won't work well for load balancing, unless you have a LOT of users | 15:32 |
| patdk-lap | and we are talking about concurrent users access files at the same time | 15:33 |
| blueking | patdk-lap what would you do ? | 15:49 |
| patdk-lap | I have no idea | 15:50 |
| patdk-lap | don't have enough info about what your doing, or need | 15:50 |
| blueking | what I want if user1 on subnet1 access fileserver and downloads a bd movie... and user2 on same subnet want to download another movie from same fileserver lacp should choose another nic for user2 and make total speed 1gbit+ | 15:53 |
| patdk-lap | no | 15:53 |
| blueking | movies on fileserver are on raid0 arracy | 15:53 |
| blueking | array | 15:54 |
| patdk-lap | it will pick the nic based on it's hashing method | 15:54 |
| patdk-lap | so if the mac, ip, port don't both hash to the same nic, sure, but if they do, heh | 15:54 |
| patdk-lap | and you have to setup the proper hashing method on both sides, on the switch and the server | 15:54 |
| patdk-lap | why attempting to balance using lacp with a small number of users is pretty much impossible | 15:54 |
| patdk-lap | unless you can have full control, or a very static enviroment | 15:55 |
| patdk-lap | to guarrentee the hashes will always balance correctly for the use you have | 15:55 |
| blueking | 'hashing method' havn't seen that on switches | 15:55 |
| patdk-lap | if you haven't, your switch doesn't support lacp | 15:55 |
| blueking | cisco sg200 hp procurve 2810 and 1810 | 15:55 |
| patdk-lap | it seems none of those devices allow you to change whatever it's default balancing method/hash is | 16:02 |
| patdk-lap | so you are stuck with whatever it uses, probably, mac, or ip, or mac+ip | 16:03 |
| blueking | patdk-lap ok | 16:08 |
| jancoow | Hi. Where does USB storage devices get mounted in ubuntu server? | 16:37 |
| tomreyn | jancoow: /media or /mnt | 17:00 |
| tomreyn | or wheereever you specified in /etc/fstab | 17:00 |
| === Into_the_Pit is now known as Frickelpit | ||
| JoseLuis_ | Good afternon | 18:38 |
| Seveas | \o | 18:38 |
| JoseLuis_ | Hello all, I feel my server in linode some slow and when a execute command | 18:39 |
| JoseLuis_ | ps -ef | grep " 1 " | grep root | 18:39 |
| JoseLuis_ | I see some command in execution like as "sh, id, cat resolv.conf, ifconfig eth0, 00:00:00 netstat -an, sh, sleep 1, cat resolv.conf, ls -la, ifconfig eth0, sleep 1, top, ps -ef, ls -la" | 18:42 |
| Seveas | JoseLuis_: does 'top' indicate any specific busy process? | 18:43 |
| JoseLuis_ | root 10431 1 0 12:39 ? 00:00:00 top | 18:44 |
| Seveas | JoseLuis_: if you don't mind sharing the full process list, run this command: top -c -b -n1 | nc termbin.com 9999 | 18:49 |
| Seveas | and paste here the url it outputs | 18:49 |
| JoseLuis_ | http://termbin.com/w7q6 | 18:52 |
| tomreyn | JoseLuis_: there's nothing particularly uncommmon to be seen there. accroding to top, the system is in good shape | 18:58 |
| tomreyn | mongodb consumes a third of your RAM, but i guess that's intentional... | 18:59 |
| tomreyn | it's a bit uncommon that you would run a process from a dot directory (.ogm, a 'hidden' directory), but this is likely intentional as well. | 19:01 |
| JoseLuis_ | yeah, the programmers let this configuration in this way | 19:02 |
| JoseLuis_ | Thanks for the information, I am not a admin but I execute command from another linde vm and sometimes lost communication | 19:02 |
| JoseLuis_ | with the command ping and a shell scripting | 19:03 |
| tomreyn | ssh -D is a bit strange unless you're debugging something | 19:03 |
| JoseLuis_ | No, I am not debugging something | 19:04 |
| JoseLuis_ | my port to connect by ssh is different than port 22 | 19:05 |
| tomreyn | -D keeps the ssh daemon attached to the terminal, does not put it into the background (which normally you would do) | 19:06 |
| tomreyn | so if there were issues with authenticating via SSH and you wanted to find out what's going on you might run it with -D | 19:06 |
| tomreyn | but usually not during normal operation | 19:07 |
| tomreyn | it doesn't disclose more information than usually this way, though. | 19:07 |
| JoseLuis_ | http://termbin.com/ixuz is me | 19:10 |
| tomreyn | JoseLuis_: if your only indication that 'something is not right' is that you sometimes loose the connection to this server, then you should diagnose the network. | 19:28 |
| tomreyn | ...or have your admin do it | 19:28 |
| JoseLuis_ | tomreyn: the network is linode.com | 19:29 |
| tomreyn | no, that's a domain name | 19:29 |
| Seveas | I see lots of weird things in that top output | 19:30 |
| Seveas | all those commands running as root, a /usr/bin/.sshd, that sjvxr process | 19:31 |
| tomreyn | hmm right i missed /usr/bin/.sshd | 19:31 |
| tomreyn | what about sjvxr, how is that weird? | 19:32 |
| tomreyn | it's not a standard process name, google doesn't know about it. | 19:32 |
| Seveas | no google hits | 19:32 |
| Seveas | but especially all the root 'sh's | 19:33 |
| tomreyn | could be some custom application their developers wrote, though | 19:33 |
| Seveas | and 'id' and 'echo' that run long enough to show in top | 19:33 |
| Seveas | which makes me think it's not 'id' and 'echo', but the server has been compromised. | 19:33 |
| JoseLuis_ | yeah, those things was my firt question | 19:33 |
| JoseLuis_ | *first | 19:33 |
| tomreyn | JoseLuis_: do you know what /usr/local/bin/sjvxr is then? | 19:34 |
| JoseLuis_ | nop, but let me to ask to the programmers | 19:35 |
| tomreyn | can you run sha1sum on it and tell us what it returns | 19:35 |
| JoseLuis_ | how run? | 19:35 |
| tomreyn | type this into a temrinal: sha1sum /usr/local/bin/sjvxr | 19:36 |
| JoseLuis_ | 1e80879afda301ee47a749fef1005ddb579321e0 /usr/local/bin/sjvxr | 19:36 |
| tomreyn | hmm there is no hit on google or virustotal on this checksum | 19:37 |
| tomreyn | talk to your developers then | 19:37 |
| tomreyn | if they don't know what it is, then it does indeed seem likely that the system is compromised. until more facts prove the opposite. | 19:38 |
| tomreyn | if you can, take asnapshot of this system better sooner than later | 19:39 |
| JoseLuis_ | lidone makes a backup each weekend | 19:42 |
| JoseLuis_ | *linode | 19:43 |
| tomreyn | JoseLuis_: can you also do this: sha1sum /usr/bin/.sshd | 19:43 |
| JoseLuis_ | 1e80879afda301ee47a749fef1005ddb579321e0 /usr/bin/.sshd | 19:44 |
| tomreyn | wait thats the same file | 19:46 |
| tomreyn | indeed this is very suspicious. | 19:46 |
| JoseLuis_ | yeah, the programmer is going to ask their parters | 19:46 |
| JoseLuis_ | *parters | 19:47 |
| JoseLuis_ | *partners | 19:47 |
| JoseLuis_ | I need to go to my home, i will to connect more later | 20:07 |
| JoseLuis_ | thanks for your comments | 20:07 |
| JoseLuis_ | see you | 20:07 |
| JoseLuis_ | he regresado. | 22:53 |
| JoseLuis_ | good afternon | 22:53 |
| ChmEarl | I have the xenial server ISO on usb, formatted ext2. I copied my preseed to usb root. In xen, I can get the usb to boot, but the cdrom-detect won't mount my device, since its using fs-iso9660 | 22:59 |
| ChmEarl | except dropping to shell and trying to mount it as /cdrom, what else can I do. The device is /dev/xvdb | 23:00 |
| ChmEarl | can I change the cdrom filesystem type in preseed? | 23:48 |
| ChmEarl | oh, won't help since preseed is read after the cdrom mounts | 23:48 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!