=== JanC is now known as Guest73457 === JanC_ is now known as JanC [05:21] What's a good use for my ubuntu server? (16.04). I've already setup an email server, web server, VPN, game server. I want a cool project for my apartment, like sensors or something. Not sure what though. [05:22] like for example, a temperature sensor that I post to my server and I can read the values from anywhere across the internet. [05:28] AegonTarg: Sounds like you already have an idea, like in that senor setup you described? :) [05:29] andol, I already did that haha. [05:29] not sure what else to do.. [05:29] AegonTarg: Jukebox? [05:30] andol, oh it's a cloud server. [05:30] lol [05:30] Ahh, just assumed a local physical server when you started talking about sensor. [05:31] AegonTarg: In that can I think you should use it to setup your own DNS server, letting it be the DNS master, and using a hosted service for DNS secondaries. [05:32] AegonTarg: Running DNS yourself might not always be the most effective solution, but it's a good learning experience, and properly understanding DNS is a good thing. [05:33] andol, honestly I'm not entirely sure how DNS works. Like I always assumed the ISP's regulated who gets what domain name based on the DNS registrats [05:33] registars* [05:34] AegonTarg: Time to start figuring it out then :-P [05:35] Way too common that people kind of know what DNS does, without any understanding about how the different pieces fit together. [05:35] andol, I've tried looking it up but never can get a clear answer. [05:37] So basically I could get a domain name "helloworld.org" for free by hosting my own DNS server [05:39] Or basically do I still need to register it (which costs money) and all I'm doing is serving the IP address that points to the domain name? [06:16] AegonTarg: There are two different aspect here, the DNS name delegation and the acutal DNS hosting [06:18] AegonTarg: No matter what, the .org top domain (registry) will need to delegate the example.org domain to you. For that there is a free. The top domain registries don't deal directly with "customers", but rather you have to deal with a reseller, in this case a registrar. [06:19] AegonTarg: Then there is the DNS hosting, when the .org top domain delegates the example.org domain to you it does that by telling the world which authorative DNS-servers are resposible for the example.org domain. [06:19] AegonTarg: It's not uncommon for registrars to also provide the service of DNS hosting, but technically that is a different service. [06:20] AegonTarg: So yes, you will need to pay a registrar for the example.org domain, and then you can use the registrar to communicate with the .org top domain that your DNS server(s) are resposibly for the example.org domain. [06:54] andol, ah alright, that explains it a bit. [06:55] Still not sure if I want to do a DNS server though, I don't really need one honestly. [06:55] Good morning [06:56] AegonTarg: Nope, unless you plan to do any special integrations, or have other special requirements, there is very little reasons to run your own DNS server, except for the learning experience. [07:58] andol, ok thank you! [11:51] been trying to route traffic back through the interface where the connection is established on, but with no luck. I have a setup with three interfaces. eth0: internal network in the DC, eth1: external interface with static ip, tun0: vpn interface over eth1, which is used as default gw. I wish to route connections coming to eth1 back through eth1 and not via default gw. I have looked at https://unix.stackexchange.com/questions/4420/reply-on-same-inter [11:51] but it isnt working as expected. [11:53] not sure if rp_filter should be off for this, but i have already tried without success. [13:21] https://trello.com/b/E0g6etCl/1709-retrospective [13:22] whoops, wrong channel, that's not publicly visible [13:32] jamespage: beisner: hello, can you promote python-oslo.middleware 3.30.0-0ubuntu1.1~cloud0 to pike-proposed please? [13:33] jamespage: beisner: and also the point release in newton-staging is ready to promote to newton-proposed. [13:50] Hi everyone, I am having an issue on my Ubuntu server 14.04 where I can't seem to ping anything, nothing works, I can't download packages, or ping google.com or even ping 8.8.8.8 [13:50] Any help? I have looked online and did everything online says, but nothing is working [13:50] I think there is some issue with DNS resolution [13:51] if ping to an ip doesn't work, it's networking, not DNS [13:52] https://help.ubuntu.com/lts/serverguide/network-configuration.html [13:52] might have some help [13:53] maswan: I get this: eth0 Link encap:Ethernet HWaddr 4c:72:b9:d2:c0:8a [13:53] ifconfig -a | grep eth [13:53] But I can connect to the network, and my websites and that work... [13:54] But nothing can resolve internally? maswan [13:56] but you just said that you couldn't ping IPs [13:56] anyway, both IP addressing and resolving is on there [13:58] maswan: This is already configured correctly, everything seems to show right...? [13:59] Like eth0 shows it using multicast DNS? [14:00] maswan: So when I try and ping google.com it doesn't work, my website is still showing, my connection is still working and all of it works still... but nothing can resolve locally, therefore applications just error, like my game server won't allow connections, my IRC bouncer keeps telling me disconnected, could not resolve host. [14:01] Can't download packages, anything that requires a lookup fails [14:04] If I give someone like access can they look? Like i am honestly done with this... I can't understand what is wrong [14:06] DannyS: will 'dig google.com' work? [14:06] I don;t know enough about networking, and all the posts I have followed, or config I have looked at and made sure mine is the same, nothing works. [14:06] albech: Will look [14:06] albech: Doesn't do anything, just hangs [14:06] DannyS: then try 'dig @8.8.8.8 google.com [14:07] ; <<>> DiG 9.9.5-3ubuntu0.16-Ubuntu <<>> @8.8.8.8 [14:07] google.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached [14:07] albech: Nope, I get this: ^ [14:07] how about ip route get 8.8.8.8 [14:07] Sorry what do you mean? [14:08] sarnold: ^ [14:08] looks like a routing issue [14:08] what is the output from running the command "ip route get 8.8.8.8" [14:08] sarnold: I get this: ip route get 8.8.8.8 8.8.8.8 via 192.168.1.1 dev eth0 src 192.168.1.178 cache [14:09] DannyS: okay, ping 192.168.1.1 [14:09] Same issue as pinging IPs, just hangs? [14:09] sarnold: ^ [14:09] d'oh [14:10] hmm [14:10] how about ping -n 192.168.1.1 [14:10] * sarnold smacks self [14:10] sarnold: Same issue, just hangs [14:10] All I did was reboot the server >.< [14:11] DannyS: and you are chatting with us through the same router? [14:11] albech: No, I am on my computer, I am ssh'd into my server [14:12] I can't use my IRC bouncer anymore, as it just disconnects me because can't resolve host [14:12] rogue dhcp server :) those are the best :) [14:12] I will happily give access if it will make it easier? [14:12] how will give access work when you don't have a working network? [14:13] patdk-lp: I am SSH'd into the server... [14:13] DannyS, what does iptables -L look like? [14:13] AureliusO: It's big, let me put it on a paste [14:13] DannyS: ahhh.. [14:14] I smell ufw muckery. [14:14] Oh? [14:14] Indeed [14:14] http://git.dannysmc.com/snippets/45 [14:14] i suspect icmp hsa been blocked somewhere [14:14] and maybe udp too [14:14] * patdk-lp smells begals! [14:14] oh damn I want bagels [14:15] haven't been able to use irc for months :( [14:15] AureliusO, sarnold: I linked the output above. [14:15] technically stil lcan't, too busy, but ignoring work [14:16] patdk-lp: get to work! ;) [14:18] Anyone? Anything? Please :( [14:18] Reading the mess, sec. [14:18] AureliusO: Ahh, is it that bad? :/ [14:18] I just use ufw, because not sure about the whole iptables thing [14:19] Nah, reading ufw is just a lot of back and forth jumping. [14:20] heh? [14:20] it looks perfectly fine [14:20] didn't take much to verify it at all [14:21] how the heck did you read 16k of rules so quickly? :D [14:21] you don't need to [14:21] you just follow it till you hit, ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED [14:21] then the rest doesn't matter [14:21] atleast for our purposes [14:22] and everything before that is empty so [14:22] So no one has said anything? Is my iptables correct? or? [14:23] Sorry I don't mean to come across rude, just networking is something I don't know, so not really sure what is happening. [14:24] ok, read it all, not interesting :) [14:24] coreycb: do you still need that stuff promoting? [14:24] how that doesn't mean something with nat isn't screwed up, or in pre-routing [14:24] jamespage: yes please [14:24] So if I give someone SSH access maybe they can look? or someone can tell me commands I need to run? Honestly very grateful for the help already [14:25] coreycb: ok doing that now [14:25] jamespage: thanks [14:25] jamespage: horizon can also be promoted to newton-proposed [14:26] coreycb: looking [14:26] AureliusO: ? [14:26] Unless an interface is specified incorrectly somewhere, the iptables set is fine, as patdk-lp said. Still odd that 192.168.1.1 isn't reachable. [14:26] I really don't get those user-input rules though, so much crap opened that shouldn't be [14:26] coreycb: and for pike as well [14:26] patdk-lp: I have a lot of game servers, that run on different ports [14:26] you have something on udp port 22? [14:26] udp port 80 and 443? [14:27] jamespage: yeah probably. i uploaded horizon for mitaka->pike. still need to upload kilo but was having troubles building it with .egg issues. [14:27] Errr? I have a web server? git server? game servers? nodejs applications? [14:27] DannyS: try nmap -sT or nmap -sU from this server to your router to see if you can reach it via nay other mechansisms [14:27] DannyS, yes, but what about any of that uses udp? [14:28] patdk-lp: I wouldn't think so, not sure, might need to clear all my rules and start again, if that;s the case [14:28] sarnold: nmap -sT comes back with: Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-26 15:27 BST WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 0.05 seconds [14:28] DannyS: nmap -sT 192.168.1.1 ? [14:28] sarnold: Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-26 15:28 BST mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 0.51 seconds [14:29] jeezus nmap just do what I mean! [14:29] sarnold: ? [14:29] Even though we can't see anything wrong, part of me still wants to tell him to put in input & output rules to just blindly accept from his gateway and test again [14:29] DannyS: "tcpdump -ni eth0 not port 22" should tell you if ARP is working [14:29] coreycb: do you want me to promote all of the new newton point releases to newton proposed as well? [14:29] jamespage: yes [14:29] DannyS, iptables -t nat -L -v [14:30] DannyS, also, just to be sure, iptables -L -v [14:30] DannyS: alright try nmap -sT -n -Pn 192.168.1.1 [14:30] sdeziel: I get a lot of content coming through? [14:30] AureliusO: [14:31] DannyS: well, I just realized that your were connected by SSH so that was a moot point, sorry [14:32] sdeziel: No worries! [14:32] AureliusO: http://git.dannysmc.com/snippets/46 [14:32] AureliusO: http://git.dannysmc.com/snippets/47 [14:32] That's both the commands you sent me [14:33] sarnold: Seems to be hanging? [14:34] sarnold, AureliusO tell me what you think [14:35] DannyS: "arp -na | grep -F 192.168.1.1" [14:36] sdeziel: ? (192.168.1.1) at 00:07:b4:00:01:01 [ether] on eth0 [14:37] DannyS: OK, so that's not the problem [14:37] Errrr [14:37] Anyone want access? haha [14:37] Might be easier to get information? [14:38] DannyS, ping 96.83.110.228 [14:39] patdk-lp: Just hangs, doesn't do anything [14:39] patdk-lp: When I close it: 12 packets transmitted, 0 received, 100% packet loss, time 11011ms [14:39] DannyS: it might take forever.. [14:39] sarnold: What will take forever? [14:39] do it again [14:40] DannyS: nmap [14:40] Doing it again [14:40] i see nothing at all, odd [14:40] reboot your router/firewall/gateway [14:40] ufw? [14:40] is it one of those home device things? [14:41] No this is at a hosting company [14:41] using a private ip block? [14:41] patdk-lp: They verified it's nothing on their end [14:41] and yes I assume so? [14:41] I have 2 dedicated IPs [14:42] sarnold: Nothing is happening, shall I just leave it running? [14:43] sarnold: IT FINISHED! [14:43] sarnold: Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-26 15:39 BST Nmap scan report for 192.168.1.1 Host is up. All 1000 scanned ports on 192.168.1.1 are filtered Nmap done: 1 IP address (1 host up) scanned in 201.28 seconds [14:44] DannyS: what's the firewall on 192.168.1.1 doing? [14:44] sarnold: How do I find out? [14:44] DannyS: log in to 192.168.1.1's administrative interfaces and look around [14:44] sarnold, sounds like is the hosting company's gateway -- he might not get to know [14:45] sarnold: It's my hosting company, I don't have access sorry [14:46] ahh [14:46] are there "security groups" there that might be tweakable? [14:47] Something doesn't add up here. The iptables rules are fine, inbound traffic is apparently working OK, related outbound is working or SSH wouldn't do anything... [14:47] sarnold: Well I wouldn't think so, but I can't see how this would be an issue? As it's worked before? It's not like a new server, it's just stopped working since I deleted /var/cache and restarted [14:47] the server before had been running for over 3 months non stop [14:47] With many packages being installed etc [14:47] So idk [14:49] AureliusO: Shall I give you a sudo user? so you can look around? [14:49] it sure feels like icmp and udp is being blocked _somewhere_ [14:49] sarnold: Again, shall I give access? [14:53] dig +tcp @8.8.8.8 google.com [14:53] accesss isn't going to solve anything [14:53] patdk-lp: So I don't understand? What am I supposed to do? [14:54] if we knew, we would have solved this long ago [14:54] DannyS, realistically, you have told us everything we would want to derive from having access -- it's more of a "what's next" thought right now. [14:54] DannyS: the thing is I just don't have the time to dedicate to it :( just poke in ideas from time to time.. [14:54] we didn't setup your server, setup your network, setup your hosting provider [14:54] there is only so much we can do [14:54] sarnold, AureliusO I see, so not really any way of fixing it? [14:55] no, just that it might take more time and effort than I can dedicate [14:55] given your server is working fine on the local network [14:55] but it's firewall and routing are ok, and arp works [14:55] the next step is to check the firewall/router [14:55] but we cannot do that [14:55] Oh :( who can? xx [14:55] You should get your hosting company on the phone and get someone who can capture traffic at or after 192.168.1.1 and see if they can find where your pings are being dropped [14:55] ignore xx [14:56] your hosting provider, but they said it is working fine you said [14:56] The fact that patdk-lp was unable to see the INCOMING ICMP traffic is pretty telling. [14:58] DannyS: could you tell us one of the 2 dedicated IPs that server has? And also which service should be publicly accessible? [14:58] seems rather strange that a hosting company would be using 192.168.1/24 for their clients [14:59] hehe that's part of why I assumed the router was DannyS's :) [14:59] albech, depending on the company it could be as little as 1 or 2 people operating as a reseller -- that's not odd for some game hosting companies. [14:59] They don't tend to be *too* savvy themselves. [15:00] In that case, of course. There are plenty who are very good & technical. [15:01] there's also cg-nat these days [15:01] SoYouStart is the company reseller of OVH [15:03] cgnat has it's own ip block, that isn't it [15:06] coreycb: Hello [15:06] coreycb: Do you recognize https://bugs.launchpad.net/puppet-gnocchi/+bug/1687235 zhongshengping ? [15:06] Launchpad bug 1687235 in puppet-gnocchi "Package gnocchi-indexer-sqlalchemy does not exist on Ubuntu" [High,In progress] [15:13] danpawlik: i've not seen that but it seems we should add that binary package [15:15] coreycb: yes... Should I create a task for it? Or maybe I can push some proposal? [15:15] danpawlik: i've added a task to that bug [15:16] coreycb: thanks! [15:16] sdeziel: 94.23.41.101 [15:16] DannyS: what service/port should I be poking? [15:16] You can poke port 80 [15:16] That seems to work still [15:17] DannyS: FYI, I can ping and reach your HTTP server [15:17] DannyS: really looks like a misconfigured firewall upstream to your machine. As if the firewall would not let you initiate outbound connections [15:20] coreycb: promoted newton to uca proposed for point release. the oslo middleware pike one looks like it's already done. [15:20] beisner: \o/ [15:20] :D [15:34] sdeziel: No idea what to do, but thanks [15:35] DannyS: I'd bring that info to the attention of the hosting provider/firewall manager [15:35] sdeziel: Will let them know [16:23] maybe some will explein it to me. ufw is installed but not enabled. however IP tables do have some rules and virtualmin shows them as active. does it mean that firewall runs? I kinda am confused without ufw. [16:24] I think iptables -L is probably your best source of truth [16:28] ufw = frontend for iptables, iirc [16:28] "The Uncomplicated FireWall is a front-end for iptable" [16:28] it is [16:28] but if you use a different tool to manage the firewall then I wouldn't rely upon ufw's output to tell you much about iptables or the other tool [16:29] mike-zal: maybe you are using fail2ban ? [16:30] or virtualbox, vmware workstation, lxc/lxd/docker or some other kind of virtualization / containerization [16:32] "sudo iptables-save" may provide a better idea of what the existing policies are for (than "sudo iptables -L"). [16:32] sarnold: good point [16:34] /etc/network/interfaces "up /etc/network/rules" FTW. [16:39] thanks sarnold, iptables -L does show rules so it seems to be active. I am asking, because now when I use virtualmin, I don't need ufw, since virtualmin shows and manage rules. [16:39] hateball: yes, I am using fail2ban [16:39] mike-zal: maybe it has created some rules then [16:40] probably. I was learning how it all works, but a friend recommended me virtualmin and it really is awesome, but in a way I must learn things anew. [16:40] however, it's less likely I screw something ;) [16:41] also, I'm quicker and more effective with gui then with terminal, so such solution is working for me [16:42] so, are iptable rules active by default on clean ubuntu server install? [16:42] There's not a single rule, no [16:43] I always thought I need to enable and set ufw and that was what I did before [16:43] I mean on a clean ubuntu server install, 16.04 [16:43] iptables itself is active as it is part of the kernel, but there are no rules [16:43] ah, ok [16:44] thanks, that clarifies things for me [16:46] a new question. can sql file be password protected somehow? doing some backups and having sql files seems to be a voulnerability [16:47] tar it, compress it, encrypt it [16:47] up to you [16:58] has tar a password option? will have to investiage it. encrypting also sounds a good idea, although I just don't know anything about it but that can be changed ;) [16:58] rbasak: excellent, dpkg-parsechangelog between x and a behave differently [16:59] rbasak: which means i need to build dpkg from source too [17:30] mike-zal: yeah you can use whatever frontend you like for iptables :) ufw is simple and works for a lot of people but whatever works [17:31] mike-zal: gpg -c is a good way to password protect a file [17:38] sarnold: thanks, noted === JanC_ is now known as JanC [18:14] strange, systemd-timesyncd isnt synchronizing, the ntp requests and responses show up in tcpdump and timesyncd logs nothing. [18:15] :( [18:16] # /lib/systemd/systemd-timesyncd --help [18:16] This program does not take arguments. [18:16] helpful ;) [18:16] nacc: :-( [18:17] rbasak: and ... might have found another bug in snapcraft :/ [18:18] nacc: perhaps add a test to check that we are getting the right side of the difference? [18:18] rbasak: yeah, I'll do that [18:20] nacc: git-ubuntu dev discussion with Launchpad team in half an hour (1500 UTC). Would you like to join via HO? [18:20] rbasak: i am going to be at lunch [18:20] np [18:49] rbasak: nacc: how well do you know the launchpad api? [18:50] Currently running into the following: https://paste.ubuntu.com/25618073/ [18:50] which had been working [18:50] In the past I got a single result for the artful release [18:54] powersj: not sure. Try #launchpad? [18:55] ok filed LP: #1719715 [18:55] Launchpad bug 1719715 in Launchpad itself "getDevelopmentSeries fails to find a series" [Undecided,New] https://launchpad.net/bugs/1719715 [18:59] nacc: bug 1719715 (probably Invalid) is relevant to git-ubuntu also I think. [18:59] bug 1719715 in Launchpad itself "getDevelopmentSeries fails to find a series" [Undecided,New] https://launchpad.net/bugs/1719715 [20:22] jamespage: opened a bug for pike point release: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1719728 [20:22] Launchpad bug 1719728 in nova (Ubuntu Artful) "[SRU] pike stable releases" [Undecided,New] [20:28] rbasak: maybe, we don't use it [20:29] rbasak: we use current_series directly [20:36] rbasak: dpb1: do you have time for a HO? [20:51] rbasak: fyi, we have a c-m with tomcat8 now [20:51] dpb1: --^ [20:51] it's on my todo to fix [20:51] (as a new mir team member) [20:51] component mismatch [20:51] to whoever just asked :) [21:01] Hello everyone. [21:02] beisner: can you promote horizon 1:2015.1.4-0ubuntu3 to kilo-proposed please? [21:04] coreycb: thanks. promoted that^ [21:09] I tried many flavours of the debian branch, debian itself, ubuntu desktop, xubuntu, lubuntu and so forth. To get a SATA fakeraid RAID 5 to work, I have resort to using Ubuntu desktop for two PCs and I am also using it instead of Kubuntu server (same bug) for an archive server I am building. [21:10] https://www.mail-archive.com/ubuntu-bugs@lists.ubuntu.com/msg5172827.html [21:10] On the desktops, having GUIs installed, I am finding them slow to respond and unstable. [21:11] On the archive server, I have left it as a command prompt for now and I don't know what to do with it. :D [21:11] I saw something about elevator=noop for something to do with data packets to and from the drives, which might be causing the PC's response lag. [21:12] Does anyone here have some good guides on either working around that bug or on how to convert a ubuntu-server into a gaming installation? [21:12] elevator=noop is recommended for disks that ZFS controls because ZFS already does internal io scheduling tasks [21:13] What is ZFS? [21:13] other filesystems would probably benefit from one of the other schedulers that knows how to handle rotational disks or ssds or whatever [21:13] The last time I fiddled with server versions was Kubuntu server 7 about a decade ago. [21:13] I have three SSHDs in this machine [21:13] Lubuntu-desktop seems the most responsive and stable. [21:14] ZFS is a combined storage system that is sort of like LVM / RAID controllers married directly to the filesystem, with end-to-end checksums, configurable redundancy, etc. [21:14] As I say that and hit Enter, there is a half second freeze before it sends my message to you. [21:14] Thank you, that makes some more sense. [21:14] that sounds intolerably bad [21:14] actually figuring out what needs to be changed might be difficult [21:15] It isn't freezing while I type at least :D [21:15] i'm on one side of the contry typing into a shell o the other side of the conutry and the latency is ~140 ms tops. [21:15] 80ms. even better than I expected. :) [21:15] especially since there's wifi involved... [21:16] so 500ms is outright terrible. [21:16] Yeah, wifi. Hate that stuff, number of people that I try and convince to get an ethernet cable ... [21:17] So, what would I need to run? I think there was a command, hdparm or something that shows the transfer rates of the HDs? [21:18] I like iostat -dmx 1 [21:19] well, I _love_ zpool iostat -v 1 [21:19] but if you're not running zfs it's not going to be useful :) [21:19] I don't know what I am running. [21:20] This machine has the raw Ubuntu Server install without any additions like Samba server and then I have slapped multiple desktops on it. [21:20] Standard Intel Bios RAID config. [21:23] 3x Seagate FireCuda Laptop 500GB 2.5" Hybrid Hard Drive - SSHD 7mm (I somehow screwed up and got 2.5" instead of 3.5" (I have insomnia and sleep deprivation problems so I do some bizarre things)) [21:23] What do I run to see if I am using ZFS? [21:26] you'd know if you were using it :) [21:26] https://wiki.ubuntu.com/ZFS [21:26] it still takes some effort ot use zfs on linux these days [21:27] Hazarding your best guess, can I just slap that in now, post installation? [21:27] here's a series of blog posts about ZFS that got me started https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/ [21:27] It has taken me three weeks of testing flavours to end up on Ubuntu Server so I am persistant. [21:27] Thank you [21:27] you certainly could move to ZFS but that would take some effort -- new drives would be the easiest way to get there. [21:28] These have nothing valuable on them. Can wipe the RAID and start again at any point. [21:28] RAID controllers are usually rubbish. soft-raid doubly-so :( [21:29] You recommend Soft Raid over fake raid? [21:29] Would a hardware RAID controller get around the desktop bug? [21:29] I am seeing a performance boost ... when I don't get a lag spike. [21:30] heh, so re earlier, the home ntp server had gone off the rails, claiming accuracy of +/- 18 seconds [21:30] It feels like the machine sometimes waits for enough data in RAM before writing it to the drives or reading from them or something. [21:30] trippeh: 18 seconds??? ouch [21:31] sarnold: yeah. everything looked fine in chronyc sources [21:31] Jenshae: I recommend ZFS over fake raid things. dm or md things are okay, but I never learned how to use them. ZFS provides reliability guarantees that are very difficult to get otherwise. [21:31] not sure how that would happen [21:31] That's nothing. We have 9 servers at work and they are minutes out from each other. I tried synching to Google's NTP server (should be the best, right?) well that seems to be 4 minutes out according to all the Apple dorks in the office. :P [21:32] Jenshae: i think a software raid configuration is a better option than any fake raid. [21:33] Jenshae: for i/o performance testing you could try this https://www.thomas-krenn.com/en/wiki/Linux_I/O_Performance_Tests_using_dd [21:33] sarnold: ETOOMUCHINFRASTRUCTUREATHOME I guess ;) [21:33] be careful with google's NTP servers. they smear their seconds when leap seconds are added. You should only use google's ntp servres if you understand what this means. :) [21:33] trippeh: lol [21:33] Thanks guys. My first RAID attempt this year was with Kubuntu server and software raid using mdadm. I partitioned mixed drive sizes of 160, 200, 320 and 500 into 160 chunks and tried to string them together unsuccessfully (guessing part of that is that it was 3x the load to the 500 drives) [21:33] Jenshae: the I/O latency you are experiencing will probably not depend much on which linux distribution you use, but on your hardware, how it works with linux generally (i.e. which quality the drivers are), and on how you configure the system. [21:34] Jenshae: heh, that'll probably utterly DESTROY your latency and throughput. [21:34] It was more about just creating one whole partition space for my ... very varied understanding of IT users. [21:35] So it was just a RAID 0 with backup tape. The stuff they were to put on there is over 5 years old, things they should delete but can't let go of. [21:35] Lose a partition, good, got rid of a terabyte or more of rubbish. [21:36] I have since gone around grabbing all the 500GB drives I can out of the workstations. [21:36] Hence why my apprentice has a 160 GB RAID 5, I waved that carrot in his face while I yoinked his drive. [21:37] Also, the machine is a proof of concept before I can get funding for real hardware. [21:37] wow raid0 with a bunch of crazy partitioned drives .. brave indeed :) [21:38] Really, I want to just select by modified date and purge ... but they would lynch me. [21:38] If I can blame a machine and say it is just the gambles we take in life, they will cry a bit and let it go. [21:40] They distrust computers and expect them to fail. They also think I am a wizard, Hagrid. They want solutions to all problems within 5 minutes and don't get why one fix is fast and another "small" one takes weeks. [21:40] Quite a few of the staff ... are past retirement age. So, the started their careers on paper ledgers and type writers. [21:41] So, they* [21:41] Going to go jump in my bath before it is frozen. Thank you for the reading material. [21:42] Bizarre thing, the lags seem to be gone. [21:42] I can see why it might be hard to get a budget for real hardware then :) [21:42] they'll be back :/ [21:42] The machine seems to be speeding up while I use it. [21:42] it will [21:42] sounds like https://www.youtube.com/watch?v=BKorP55Aqvg [21:42] as data is read off the disks into memory, it won't need to be re-read from disk the next time it's needed [21:42] tomreyn: :) [21:43] Also being SSHD it is moving frequently used data from magnetic to solid. [21:45] tomreyn: Exactly! :D [21:46] I'm pretty skeptical of the benefits of sshd; I could believe they might be an improvement for 'standard desktop users', but it's hard to imagine how they could pull off a general improvement for all use cases [21:47] I have U.2 ports ... but have you ever tried sourcing a drive for them? [21:48] not much but intel SSDs for those [21:48] pricey ones [21:48] Yup [21:49] No M.2, so I guess I should get a card. [21:51] I use a m.2 to PCIe slot adapter for my retro 2008-era computer. [21:51] it wont boot of it however. [21:52]