/srv/irclogs.ubuntu.com/2017/11/15/#ubuntu-server.txt

beatzzI just installed Ubuntu Server 17.10 on a new system, with LAMP & OpenSSH selected for install.00:34
beatzzI ran ufw default settings, and allowed ssh + http00:34
beatzzmodified /etc/netplan/01-netcfg.yaml for a static ip setup00:35
beatzzand I am connected, I am able to apt-get update/upgrade00:35
beatzzbut I am getting no connection to my server via ssh/http00:36
beatzzthe router's port mapping is also correct, wide open to the servers ip address.00:36
beatzzfrom my point of view, it looks like it should work. Anyone have any insight on this situation for me?00:37
sarnolddoes netstat or ss show apache listening on the ports and adresses you expect?00:39
beatzzyes, both00:39
beatzzsudo netstat -anp | grep apache && ssh both return LISTEN00:40
sarnolddoes netcat on localhost work to connect to those services? how about netcat on another host on the LAN?00:41
beatzzalthough it dosent specify the address, just "tcp6    0    0 :::80    :::*    LISTEN    892/apache2"00:41
sarnolddoes 'nc ::1 80' work?00:42
beatzzI will check00:43
beatzzno error, but it's not returning anything00:43
beatzzand has not returned my command-prompt00:44
sarnoldtry something like HEAD /<enter> and see if you get a nice error reply from your server00:44
sarnoldI can't recall enough http by hand..00:44
beatzz"HEAD /" at the command-prompt?00:45
sarnoldin netcat, to your webserver00:45
beatzzahhhh00:45
beatzzthat returned some info00:45
sarnoldgood good, okay, ssh next :) what address / port is openssh listening on?00:46
beatzz"400 bad request"00:46
beatzz2200:46
sarnoldand the address?00:46
beatzzlocal address is 192.168.11.200:46
sarnolddoes netstat or ss output show openssh listening on that address? or on 0.0.0.0?00:47
beatzz0.0.0.000:47
sarnoldokay, so something like echo hi | nc localhost 22    ought to spit out the openssh banner00:48
beatzz"SSH-2.0-OpenSSH_7.5p1 Ubuntu-10    Protocol mismatch."00:49
sarnoldokay, cool, so the services do seem to be up and working, one reachable via ipv4, one via ipv6... now try from another host on the LAN and make sure that they can be contacted00:50
beatzzaye00:50
beatzzConnection timed out on both00:52
beatzzI will try ipv6 address in web-browser00:52
beatzzthat didn't work either.00:54
sarnoldconnection timed out sounds like a firewall configured to DROP packets; can the testing host contact other hosts on the LAN? on the network?00:54
beatzzyes00:54
beatzzI have a slackware VM that I can connect to, both http & ssh00:56
sarnoldnetworking to VMs is funny..00:57
beatzzI'm booting it up now00:59
beatzzconfiguring it's eth0, and I will test it's connection via LAN01:00
beatzzjust to be sure01:00
beatzzokay, roger. I am connected to my slackware server at 192.168.11.7, on both ports 80, and 22 (http/ssh)01:02
beatzzfrom my laptop here01:02
beatzzhey I appreciate your help sarnold, I think maybe I need to make an ubuntu forums post, displaying all these results.01:04
sarnoldbeatzz: alright; once you get there be sure to inclde the iptables -L output .. I don't know how to drive iptables real well, so that might not be the exact command..01:05
sarnoldjust whatever dumps all the rules.01:05
beatzzfor sure, hey thanks a lot though01:07
sarnoldgood luck, have fun :)01:07
beatzzfor real, thanks for helpin out :)01:07
beatzzthis is my first run with ubuntu *01:08
drabtcpdump is good too01:08
drabto see if packets are getting there at all01:08
drabeven if they get dumped01:08
drabalso you can always add a LOG rule to iptables as last01:08
drabto figure out if that's what's happening01:08
drabbeatzz: ^^01:09
beatzzaye, I shall01:09
beatzzgana go register at the ubuntu forums01:09
drabwhat for, try the above first :)01:11
beatzztcpdump returned 109 packets captured01:11
drabon port 22?01:11
beatzz136 packets recieved by filter01:11
beatzz27 dropped by kerenel01:12
drabtcpdump -i $interface port 2201:12
beatzzkernel*01:12
drabrun 'tcpdump -i $interface port 22' then go to you client and try to ssh in01:12
drabsee if anything shows01:12
beatzzroger, client is attempted to connect.... and nothing01:13
beatzzconnection timed out on client, tcpdump returns nothing.01:13
drabok01:13
drabsudo ufw logging on01:14
drabthen try again to ssh in01:14
drabgrep "DST=22" /var/log/syslog after trying to connect/timeout01:15
drabif taht shows any output paste on dpaste.com, not here01:15
beatzzit outputs a shit ton01:16
beatzzbut the server is on another system, I don't think I can dpaste it01:16
beatzzunless, does ubuntu server have a gui I'm not using?01:16
beatzz[UFW BLOCK] looks disturbing...01:17
drabgrep "DST=22" /var/log/syslog | head | netcat termbin.com 999901:18
drabrun that on the server and paste the resulting output link01:19
beatzzoh shit, cool trick01:20
beatzzhttp://termbin.com/nhmj01:20
sarnoldall those DST packets look like multicast01:21
draboh, I'm an idiot, lol01:21
drabI meant DPT01:21
beatzzno worries, one sec01:21
drabgrep "DPT=22" /var/log/syslog | head | netcat termbin.com 999901:21
drabin fact, just in case01:21
drabgrep "DPT=22 " /var/log/syslog | head | netcat termbin.com 999901:21
drabnote the space01:21
beatzzroger01:22
beatzzit returned with no link?01:22
drabok, so there's nothing, run it without the head/netcat, just the grep01:22
drabit should show no output, which means there's no ssh pkts (destinated to port 22) ebing dropped01:22
beatzzaye, again, nothing01:23
drabare you running ssh on a weird port?01:23
sarnoldno link when there's nothing? that's very handy of them :)01:23
beatzznope, port 2201:23
beatzzi have not edited /etc/ssh/ssh_config01:23
drabok, so ufw is not dropping your ssh connections01:23
draband tcpdump is not showing any ssh traffic01:23
beatzzaye01:23
beatzzi will show you ufw status01:23
drabso your problem is network, nothing to do with ssh or firewall01:23
drabpkts are simply not getting there, maybe swallowed by the VM Host's network interface01:24
sarnoldbeatzz: do all hosts involved agree on netmask and network addresses? :)01:24
beatzzhttp://termbin.com/uz6501:24
beatzzthis ubuntu server is not a VM01:24
drabyeah like I said I don't think your issue is UFW01:24
beatzzaye, I agree01:24
beatzzso network-ish problem01:25
drabso again, what's your network layout?01:25
drabwhat ip/netmask are the client and server on and what's in between them01:25
beatzzI have routers port mapping wide open for both TCP/UDP to 192.168.11.201:25
beatzzI have assigned a static IP of 192.168.11.2 to this ubuntu server01:25
beatzzvia editing /etc/netplan/01-netcfg.yaml01:26
drabon the server, ip addr ls && ip route ls| netcat...01:27
beatzzhttp://termbin.com/el9101:27
drabpaste the link01:27
beatzz;)01:27
drabno, not useful, that's just a config, I want to see reality01:27
drabI mean, good to knwo you have that config, but that doesn't necesasrily imply it's being applied/etc01:27
drabso do the above pls01:27
beatzzahh you want ifconfig?01:27
drabI want the above, ip addr ls...01:28
beatzzsorry, roger01:28
drabnothing to be sorry about01:28
beatzzhttp://termbin.com/pi6j01:29
drabuhm, I guess && doesn't work, that's only iproute01:29
drabcan you just do ip addr ls | netcat ... pls01:29
beatzzhttp://termbin.com/3sxw01:30
beatzzand just for reference, here is the full 01-netcfg.yaml : http://termbin.com/7mo401:31
drabok, where are you trying to ssh from?01:32
drabwhere's the client?01:32
draband please confirm the server is an ubuntu server 16.04 on baremetal, no VM01:33
draband is that connected with a cable to the router and the router to the internet?01:33
beatzzUbuntu Server 17.10, not a VM (192.168.11.2)01:34
beatzzand I'm on irc on my laptop (192.168.11.20)01:34
drabok, so both server and client are on the lan, correct?01:34
beatzzUbuntu server is connected via ethernet cable to router, and laptop wifi, siting with both screens in front ofm e01:35
beatzzyessir01:35
drabok01:35
drabplease paste ip addr ls and ip route ls from the laptop01:35
beatzzwindows :(01:35
drabipconfig /all from cmd, copy paste to dpaste.com01:35
beatzzroger01:36
beatzzipconfig /all --> http://dpaste.com/0RZQH8901:36
drabhow are you running ssh?01:37
beatzzPuTTY on my windows client01:38
beatzzI have a successful ssh connection to my slackware-linux VM at 192.168.11.701:38
beatzzvia PuTTY01:39
drabok, from cmd, ping 192.168.11.201:39
beatzz"request timed out"01:39
drabok01:39
drabping 192.168.11.1 works?01:40
drab(it has to, but wth..)01:40
beatzzaye, working01:41
drabfrom the slackware VM, ping 192.168.11.1 , works?01:41
draband then ping .201:41
drabthen from 11.2 ping 11.1 and 11.2001:42
beatzzSlackVM > 192.168.11.1 working01:42
beatzzSlackVM > Ubuntu Server, not01:42
beatzzUbuntu > 192.168.11.1, working01:43
drabdo you have a smartphone?01:43
beatzzUbuntu > others, not01:43
beatzzyes01:43
drabios/android?01:44
beatzzios01:44
drabhttps://itunes.apple.com/us/app/termius/id549039908?mt=801:44
drabinstall that01:44
drabit's free01:44
beatzzinstalling01:45
beatzzready to use01:45
beatzznew host... ?01:45
drabok, ssh to ur ubuntu server :)01:45
drabyeah01:45
drabadd 192.168.11.201:45
draband connect01:45
drabalso while you're at it, will come handy: https://itunes.apple.com/us/app/ping-network-utility/id576773404?mt=801:46
beatzzattempting to connect01:47
drabI'm assuming phone is on wifi on the same router?01:48
beatzzaye01:48
drabok, timed out I assume, if it was working it'd worked by now01:48
drabget that ping app, just to confirm01:48
beatzzdid01:49
draband try to ping it01:49
beatzzRequest time-out01:49
drabyeah, fair enough01:49
drabdo yuo have access to the web interface of the router?01:50
beatzzso strange O_O01:50
beatzzyes01:50
drablogin, look for tools or something, there should be a diagnostic tab that let you run ping01:50
drabfind it, ping 192.168.1.201:50
beatzzworks01:51
drabdoes it have telnet too by any chance?01:52
beatzznegative01:52
drabk, np01:53
drabcan you find a "connected clients" tab on it?01:53
drabthat shows mac addresses01:53
drabit should show your ubuntu server01:53
drabmac address01:53
beatzzthat, it does not have.01:53
drabthat's weird01:53
beatzzI've been lookin for that for a few days now.01:53
beatzzi know, but trust me, I've scoured the routers setup, it just dosnt have one01:54
drabk01:54
drabhave you ever used 192.168.11.2 with something else?01:54
beatzzyes01:54
drabok, can you change the ip please to something you've not used before, say 222 ?01:55
beatzzit was the static address of my SlackVM, prior to setting up the ubuntu server01:55
beatzzit is also outside the dhcp block01:55
beatzzI will, my wifes demanding I take the trash out though :/01:55
beatzzbrb01:56
drabhappy wife happy life, one thing I try hard not to forget01:56
beatzzokay02:00
beatzzso, change the IP address of the ubuntu server02:00
drabyep02:01
drabthen try the ping dance again pls, one host is enough + the router02:01
beatzzokay02:06
beatzzUbuntu Server is now on 192.168.11.8, dynamically assigned via DHCP02:06
beatzzLaptop(20) ping> Unbuntu, request timed out02:07
beatzzSlackVM(7) ping> Ubuntu, request timed out02:07
beatzzRouter(1) ping> Ubuntu, working02:08
drabfrom the phone also no joy?02:08
drabI'm kinda wary about the laptop as Vbox can mess up networking02:09
beatzziphone ping> ubuntu, request time out02:09
beatzzshouldn't, it's configured properly02:09
* drab scratches head02:10
beatzzUbuntu server ping> other machines, not working02:10
beatzzUbuntu server ping> router, working02:10
beatzzim just gana turn off ufw and see what happens02:11
drabdoes phone to laptop work?02:11
drabif ufw was a problem blocking pings it'd block the router too02:11
drabbut sure, try that02:12
beatzzhmmm... Phone ping> laptop, not working02:12
drabbingo02:12
drabok02:12
drabshould have thought of that earlier02:12
drabso it has nothing to do with the ubuntu server02:12
drabhost to host communication on ur network is screwed up02:12
drabnodes can talk to the router they are directly connected to, but not to each host02:12
drablaptop to VM obviously work because they r on the same physical host02:13
beatzzbut I can view my webserver from phone?02:13
drabu can? on the slack VM?02:13
beatzzyup02:13
beatzzyou might be able to as well02:13
drabah, holy cow02:13
drabok02:13
beatzzhttp://beatzz.co02:13
drabyeah it's up02:14
beatzzright, and from within LAN, I can http://192.168.11.702:14
drabfrom the ubuntu box02:14
drabtelnet 192.168.11.7 8002:14
beatzzhow so? with lynx?02:15
drabtelnet :)02:15
beatzz"Trying 192.168.11.7..."02:15
drabyou can basically work through any protocol using telnet if you speak it02:15
drabused to send emails with it :P02:15
drabargh02:16
sarnoldI prefer netcat since it's easy to get out of02:16
drabtrue02:16
sarnoldand telnet treats some chars as magic02:16
drabbut the phone can see http://192.168.11.7 , correct?02:16
beatzzyup02:16
beatzzubuntu box is not doing anything with telnet02:16
drabbut cannot ping it?02:17
drabok02:17
drabphone -> slack, no ping?02:17
beatzzroger02:17
beatzzphone > slack, no ping02:17
drabyou're positive yuo did telnet 192.168.11.7 80 yes? including the 80 at the end02:18
beatzzyessir02:18
* drab scratches head02:18
beatzzif finally returned something too02:18
beatzz"telnet: Unable to connect to remote host: Connection timed out"02:19
drabright, np02:19
beatzzso basically, host > host, no ping02:19
beatzzonly thing that returns a ping, is host > router02:20
beatzzand router > host02:20
drabif the phone couldn't get to the webserver I'd thought the router somehow was isolating the nodes02:20
drabbut since it can, that can't be true02:20
drabare you running a firewall of sort on slack or blocking ipngs on win?02:21
drabcan the phone ping the laptop?02:21
sarnold< beatzz> hmmm... Phone ping> laptop, not working02:21
beatzznope02:21
beatzzno host > host ping02:21
sarnolddid you double-check the netmask and IPs on all the hosts?02:22
drabsarnold: but phone > slack http works02:23
drabthat's what is so damn weird02:23
drabbut windows can block pings02:23
beatzzand ssh02:23
drabso the ping not working may be ok02:23
sarnold.. and VM networking software sometimes only ever works for TCP and UDP and drops everything else on the floor02:24
drabon the phone you put "http://192.168.11.7" in your browser?02:24
beatzzyeah, or just the IP works as well.02:24
drabsarnold: true, but telnet 192.168.11.7 80 doesn't work, which is tcp02:24
drabwhat's ip route ls and ip addr ls on the slack VM?02:25
draband how is virtual box network configured? bridge mode?02:27
beatzzip route ls --> 127.0.0.0/8 dev lo scope link      192.168.11.0/24 dev eth0 proto kernel scope link src 192.168.11.7 metric 20202:27
beatzzbridged, yes02:27
drabsudo tcpdump -i lxdbr0 icmp on the ubuntu server02:30
drabping it from the phone02:30
draband from the router02:30
sarnoldlxdbr0?02:30
drabeer, sorry02:30
drabthat was my test02:30
drab-i whatever your interface02:30
sarnoldthat's what that smelled like :) hehe02:30
beatzzphones ping utility shows request time-out02:33
beatzztcpdump shows nothing02:33
beatzzwhich means the ping request is getting blocked at the router02:33
beatzzaye?02:33
beatzzwhich makes sense, why we cant ping host > host02:34
drabif you ping from the router do you see the pings?02:34
beatzzyes, router > host works02:34
beatzzon all hosts02:34
drabbut yes, it feels like somehow traffic is dying at the router... no idea why02:34
drabufw is stopped?02:35
drabsudo iptables -L -v , shows no rules all ACCEPT?02:35
drabon the ubuntu server02:35
sarnoldsometimes routers have buttons to prevent wifi segments frmo communicating with wired segments02:36
draboh, good call sarnold02:37
drabbeatzz: check that, will ya?02:38
drabor otherwise, plug the ethernet cable straight into ur laptop if you have a port02:38
draband try that, I was gonna suggest that anyway because I'm out of guesses...02:39
beatzzaye, me too02:39
beatzzi think we've beat this horse to death02:39
drabpoor horse02:39
beatzzgana give it a rest02:39
beatzzthanks for the support drab & sarnold02:40
drabwait, last test!02:40
drabcheck the router :P02:40
drabwhat model is it?02:40
beatzzummm...02:40
beatzzbuffalo WZR-300HP02:40
drabhttps://superuser.com/questions/856499/buffalo-wzr-1750dhp-cant-reach-the-lan-side-using-wireless02:41
drabAccording to the manual that router supports SSID and Wireless Client isolation02:41
drab:........(02:41
drabsarnold wins02:42
drabmaybe02:42
beatzzso wait, okay02:42
beatzzif thats the case02:42
beatzzI should be able to access the http server from another network02:42
beatzzhttp/ssh on the Ubuntu server02:42
drabaltho that's not quet what it says, it says wireless client isolation, not to lan02:42
beatzzfrom outside my network02:42
drabyes02:42
drabif you put it back on 2 / the port forwarding on the router matches02:43
beatzzport forwarding goes to 802:43
beatzzits currently open02:43
drabdoesn't seem to be quite it actually02:44
drabIf enabled, the Wireless client isolation blocks communication between wireless devices02:44
drabconnected to the AirStation. Wireless devices will be able to connect to the Internet02:44
drabbut not with each other. Devices that are connected to the AirStation with wired02:44
drabconnections will still be able to connect to wireless devices normally02:44
sarnoldwhat about connections from wireless to wired? o_O02:45
drabdidn't work02:45
beatzzomfg02:45
drabno ping from laptop to ub or phone to ub02:45
beatzzit works02:45
beatzzyou should be connecting to it as well02:45
drabok, so sarnold wins somehow still02:45
beatzzfrom http://beatzz.co02:45
sarnoldhahaha02:45
sarnoldbeatzz: apache default page! \o/02:46
beatzzrefresh ur browser, and it will show the ubuntu02:46
beatzzholy nuts02:46
drabever watched office space?02:46
sarnoldprinter scene02:46
beatzzyeah02:46
beatzzto the buffalo router02:46
drabit's almost xmas, get urself another router... le sigh02:46
beatzzdamn02:46
beatzzi was just starting to smell smoke coming out of my ears a minute ago02:47
beatzzlike, wth, everything is correct02:47
drabok, this is a good time to quit, I'm out02:48
sarnoldgnight drab :)02:48
beatzzthanks so much man02:48
drablike I said the other day, trust in sarnold, ignore everybody else02:48
drabttyl02:49
=== JanC_ is now known as JanC
=== JanC_ is now known as JanC
=== JanC_ is now known as JanC
=== JanC is now known as Guest67213
=== JanC__ is now known as JanC
=== JanC__ is now known as JanC
beatzzjust another shout out to drab and sarnold ! Server's up and running, nice and safe behind firewalls and stuff. http://www.beatzz.co06:28
oerheksnow get your free ssl certificate :-)06:29
cpaelzercpaelzer: xnox: yes we enable nested by default on e.g. intel as smb pointed out07:13
cpaelzercpaelzer: I wanted to drop that (an admin can still opt in at any time) but I see that this might be too much of a churn for all of the consumers of qemu07:14
cpaelzerxnox: smb: on s390x yeah - I don't vote to make it nestes=1 by default (as it isn't atm), but users should be able to switch it on07:14
cpaelzersmb: did I get you right that due to not being a module you can't set the value to 1 ?07:15
lordievaderGood morning07:16
cpaelzerhi lordievader07:16
lordievaderHey chamar (IRC)07:17
lordievadercpaelzer (IRC)*07:17
lordievaderHow are you doing?07:17
cpaelzeroh I got an asterisk :-)07:18
cpaelzerdoing good07:18
cpaelzerskipped the disturbing mails for now :-)07:18
lordievaderHahaha07:18
lordievaderNice07:18
stonedHello07:32
stonedDo you know of any bash scripts someone might have written to quicky deploy services, setup services, etc, on newly created ubuntu server instances or installs?07:33
lordievaderI use puppet for such things.07:38
rbasakcloud-init?07:38
rbasakOr yeah: puppet, ansible, chef, etc.07:38
stonedHere's how I have things setup07:42
stonedI have git repository in /etc/ where I backup my config files07:42
stonedAll my static sites live in git repositories07:42
stonedmy nginx vhosts live in git repositories07:43
stonedSay I spin a new ubuntu 16 lts server on rackspace07:43
stonedI want to clone the server I already have07:43
stonedI dunno how07:43
stoned:)07:43
rbasakCloning is a poor approach because you end up with an unreproducible machine carrying problems forward over time. Instead, look into codifying your deployments: having the minimal code that can be applied to a fresh server to make it how you want it. Then edit your code rather than the server.07:48
rbasakDeploying multiple servers from that state is trivial.07:48
rbasakAnd you can also write automated tests for your deployments.07:49
stonedWell, I'm thinking, I could write a bash script intead of depending on config management things.07:49
rbasakFor basic deployments, supplying cloud-config via cloud-init is the easiest way to do this.07:49
stoneda script that basically installs the packages I need, as well as cloning the git repositories I need, and then copying the configs over07:49
stonedthat sound like a sound approach?07:49
rbasakFor more complex ones, choose from chef, puppet, ansible, etc.07:49
rbasakSounds like you want ansible.07:50
stonedOk07:50
rbasakYou could write a bash script by hand, but you'll be reinventing much of what the existing tooling solves.07:50
rbasakThough if you just want a learning experience, then sure.07:50
stonedI07:51
stonedI'll invest time into ansible.07:51
stonedWrite a playbook I can rely on.07:51
smbcpaelzer, xnox, actually when following the git history further it seems that vsie was only added with 4.8 (could have sworn nested was there before but obviously I am wrong). So Xenial showing /dev/kvm seems to be the real bug. As for changing the nested: there are some kernel parameters which can be changed at any time but nested is not changable, so one has to put it on commandline kvm.nested=1. However that08:03
smbdoes not help on its own if the host is not running a kernel that allows this too. So xenial host bad luck z/a/b maybe08:03
cpaelzersmb: yeah08:06
cpaelzersmb: and there is more08:07
cpaelzernot only does the host need kvm.nested=108:07
cpaelzerit only works with -cpu host (libvirt host-passthrough) or host-model (remember to refresh libvirt capabilities after enabling vsie via the module)08:07
cpaelzerit is really meant to be off and an explicit opt-in08:07
cpaelzerso I agree, xenial having it on by default is the actual bug08:08
smbYeah, and given that this was never really working, I would no longer worry about more recent releases. MAybe need to "fix" xenial to avoid confusion08:09
cpaelzerwell the default (no cpu specified) works as well for me but "officially" the sie feature might be missing08:10
cpaelzeror taken away for migratability or ...08:10
cpaelzersmb: ack08:10
cpaelzersmb: btw could I have a bug number on this08:10
cpaelzerit didn't subscribe qemu yet08:10
cpaelzerso I only work on gossip atm :-)08:10
smbcpaelzer, maybe (not sure there was one opened already)08:12
* smb moves channels08:12
=== JanC_ is now known as JanC
jamespagecoreycb: that setuptools issue in gnocchi was python_distutils debhelper not being very clever09:57
jamespagecoreycb: pybuild appears to deal with py3 only better, so switching buildsystem09:57
jamespagecoreycb: something in the BD's pulls in python2, which gets detected by debhelpers distutils integration...09:59
jamespageand then things explode09:59
xnoxcpaelzer, smb - somehow i feel odd that in later releases i cannot override this with a module reload. Would it still make sense to make kvm a module; and adjust qemu-system-init to load kvm module, such that one can adjust modprobe settings without rebooting?11:31
cpaelzerxnox: I'd try to suggest so in #zkvm - I'd tihnk that is less am ubunut than  general upstream change11:51
jamespagecoreycb: some progress on deps (avoiding os-testr 1.0.0 for now)12:19
jamespagecoreycb: did heat, keystone in progress but needs pysaml2 version bump (dealing with that ATM)12:19
jamespagecoreycb: also have patch for dh-python to auto-detect and execute ostestr, testrepository or stestr based unit tests...12:20
jamespagecoreycb: http://paste.ubuntu.com/25967169/12:21
ztanehi, trying to understand the relation of rsyslog vs journald on 16.04 server default install12:48
ztanewhat would go into rsyslog and what would go into journald and which order?12:48
ztaneie do some syslog facilities, or all, get written to journal, or journal written to syslog or...12:49
BlackDexwin 2912:49
ztaneno such window12:52
coreycbjamespage: very nice, taking a closer look at dh-python now12:55
ztanemy goal is to get all of the logs to the papertrail, but if I pipe all of journal from journalctl I find out that most will be duplicates with also those from rsyslog and now trying to find out whether or not I can get everything of importance from just journald13:08
ztaneok... it seems that not everything gets into journald13:13
ztanealso not everything gets into syslog, hmhmh13:13
smbcpaelzer, according to this older bug report xnox claims the kvm module (when it was still a module) could not be loaded (https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1532886) hence it became built-in13:14
ubottuLaunchpad bug 1532886 in linux (Ubuntu Xenial) "s390x kernels are inconsistent for cloud stuff" [Medium,Fix released]13:14
xnoxsmb, cpaelzer - that was true on xenial; on xenial all cloud/kvm instances have /dev/kvm.... despite that being "nested"13:16
xnoxsmb, and by "all" i think it was comparison with amd64 and ppc64el.13:16
smbwhich maybe was the reason for module loading failing (as 4.4 had no nested support on s390x at all) as we believe now.13:18
smbthere is time to try again module for bionic but then with more than just an irc discussion as background13:20
xnoxsmb, well, there is some nesting support, i thoght. since launching kvm in z/vm on lpar works, launching kvm in a kvm on an lpar should work too.13:27
smbxnox, I'd say launching it in zVM is different because there vVM handles the one stage of nesting which for the kvm case the Linux kernel would have to do13:30
xnoxsmb, right.13:30
xnoxsmb, kvm in z/vm is slow13:31
smbas would be kvm in kvm if it were working (what was said yesterday iirc)13:32
cpaelzerI discussed and speed wise 4 levels are the last sane thing14:04
cpaelzerso 2x HW + 2* shadow virt14:04
cpaelzerbut that is already borderline14:04
coreycbjamespage: i've been dropping the drop-openstackdoctheme.patch's and bumping sphinx to >= 1.6.2 as I go15:37
jamespagecoreycb: ack - I've mostly dropped that patch, but some earlier uploads have not15:37
coreycbjamespage: great15:37
coreycbjamespage: that was kind of a pain last cycle15:38
jamespagecoreycb: I can imagine15:38
jamespagecoreycb: I'm really liking pybuild btw - digging on the code has been revelaing15:38
jamespagecoreycb: basically it attempts to auto-configure testing based on what deps are in the BD's15:38
coreycbjamespage: cool. yeah so basically we can drop our dh_auto_test sections if the simply call ostestr, etc?15:38
jamespageso all you have todo is add python-nose/stestr etc...15:38
jamespagecoreycb: thats the idea15:39
coreycbjamespage: that's really nice15:39
cpaelzernacc: wondering about http://paste.ubuntu.com/25968338/16:00
cpaelzernacc: why would it try to spawn a debian lxd for build-source16:00
nacccpaelzer: head debian/changelog please ?16:00
cpaelzerthis is identical to your merge last week except the d/rules change16:00
cpaelzernacc: nut (2.7.4-5.1ubuntu2) bionic; urgency=medium16:00
nacccpaelzer: annd edge snap?16:01
cpaelzerI didn't even write binonic this time16:01
cpaelzerr291 = stable16:01
cpaelzerI always cycle edge/edge-fixes as needed16:01
nacccpaelzer: and it happens with edge too?16:01
* cpaelzer downloading snap16:01
nacccpaelzer: for right now, tnohting but the importer should use the stable snap16:02
cpaelzernacc: it now took ubuntu-daily:bionic, seems bette ron 333 from edge16:03
cpaelzermany (many++) warnings from likely apt being parsed about non stable CLI16:03
cpaelzerbut that is something else16:03
cpaelzerthe petname of this is matching the test16:04
nacccpaelzer: ok16:04
cpaelzeryou better fly :-)16:04
cpaelzer /usr/bin/lxc launch -e ubuntu-daily:bionic better-fly16:04
jamespagecoreycb: neutron is being awkward - some sort of multiprocessing issue during test discovery17:32
coreycbjamespage: hmm17:34
jamespagecoreycb: trying with a minor patch level on evetlnet17:34
jamespagecoreycb: https://launchpad.net/~james-page/+archive/ubuntu/bionic/+build/1373373217:34
coreycbok17:35
coreycbjamespage: glance unit tests get a bunch of mismatched http status asserts. i'm thinking one of the http deps needs to be bumped, so trying that route now.17:40
jamespagecoreycb: ack17:44
jamespagecoreycb: I think kje17:44
jamespagecoreycb: I think keystone will be OK now17:44
jamespageI'll upload that later17:44
coreycbjamespage: ok17:44
jamespagehowever might be stuck on neutron for now17:44
jamespagecoreycb: I think we should probably push what we have into archive tomorrow AM17:44
coreycbjamespage: ok17:44
jamespagethus avoiding any conflicts with anyone elses work17:44
jamespagecoreycb: see how far you get with things; I'll publish tomorrow am17:45
coreycbjamespage: sounds good17:45
=== stoned is now known as EnchanterTim
sarnolddrab: thanks for helping out beatzz yesterday :)18:38
drabsarnold: hey man, you're the one that figured it out, I just stabbed at the dark for like an hr... :)19:33
sarnolddrab: hehe, I only got lucky after you did all the grunt work :)19:34
drabsome call that genius :P19:38
sarnoldnot the first time I stuck my nameo n papers where I did much less of the work..19:40
R_P_SHi, was told to try this channel as well for juju support20:02
R_P_SI created a juju controller from machine that is about to be decommissioned.  I'd like to register the controller as admin/superuser from another machine but I have no idea how to find the registration string20:03
grendal_pureim loosing my mind here.  all of the sudden my kvm virtualhost will not bring up the second bridge20:54
grendal_purelooks like some sort of kernel bug.20:54
grendal_pureset forward delay failed: Numerical result out of range20:55
grendal_purei cant even add a virtual nic to the one working nic on this machine.  its werid.20:56
powersjcyphermox: did we ever come to a conclusion on the preseed of bionic?20:57
powersjI wasn't clear if it was something missing on my end or something else.20:57
grendal_purehas anyone else run into this issue?21:09
grendal_pureset forward delay failed: Numerical result out of range21:09
grendal_pureI have two nics in this sever, one comes up and bridges eth1 -> br1  but eth0 ->br0 fails and when i manually kick it , it throws that error.21:10
grendal_purelooks like i am able to connect a virtual network to the one device.  Im having to change the interface on a lot of machines though21:14
grendal_puresetting up nat on that virtual device with same ip as the physical hardware that was bridged...what a mess21:15
cyphermoxpowersj: I don't know what's wrong, it works here?21:15
cyphermoxmaybe if you share more of the logs21:16
powersjcyphermox: works with a bionic iso? because I could reproduce21:16
cyphermoxoh, that's right21:16
cyphermoxbut yeah, it did here21:16
cyphermoxppc64el21:16
cyphermoxno reason for architecture to matter to this21:16
powersjcorrect21:17
powersjhttp://cdimage.ubuntu.com/ubuntu-server/daily/pending/21:17
cyphermoxcould it be because you preseed xkb-keymap?21:17
powersjI could pull that out and re-kick them off21:18
powersjis that not a valid option?21:18
cyphermoxI don't really think it would make a difference since I did my test with it too21:18
cyphermoxbut technically we don't really support that21:18
cyphermoxanything might be different between the /proc/cmdline on bionic and artful?21:20
necrophcodrIt is possible to have an application that binds to a port, forcibly bind to a unix socket instead?21:24
necrophcodrAnd if not, is it somehow possible to force it to only bind to that port in a specific namespace, and to communicate with that specific namespace on that port?21:24
cyphermoxpowersj: I should already have been prompted for it (I just started a preseeded install again)21:24
powersjcyphermox: can I see what pressed you are using?21:25
cyphermoxsure21:25
cyphermoxhttp://people.canonical.com/~mtrudel/preseed/utah-bionic.cfg21:25
cyphermoxI changed it to comment out xkb-keymap just before starting this install, but with it yesterday it was working well too21:26
cyphermoxI am getting prompted here and there for things (hostname, which drive to format, etc), but I didn't set priority=critical to give it more chance to prompt.21:27
powersjcyphermox: interesting, that pressed locally works for me, which is further than I got before :)21:29
powersjonly change was commenting out the xkb-keymap?21:29
cyphermoxwell, yeah, and commenting out unrelated things I just didn't want to add that are for utah21:31
cyphermoxxkb-keymap makes no difference here -- there's clearly a bug in what I'm trying to do, since I'm not getting the us:intl keymap I expect21:32
cyphermoxbut that's different from prompting.21:32
cyphermoxit could just be that it's not called "intl"21:32
cyphermoxnah, it really is "intl"21:34
cyphermoxsomething looks not right, but it's not the same thing as prompting for something it already has in preseed, so I don't know what to tell you21:35
powersjok let me go play with the tests again then, as it does look like something changed21:36
cyphermoxah?21:38
cyphermoxI'd really be on the lookout for auto=true and priority=critical not being in the command-line, if that's the case then the preseed would not be applied yet, which would explain getting prompted for keyboard21:38
powersjcyphermox: I only see debconf/priority=critical21:40
powersjauto=true required?21:40
cyphermoxpowersj: not really21:40
cyphermoxpowersj: can you remind me the url to utah? I believe I still have access21:47
powersjcyphermox: the project itself or where we run the tests?21:47
cyphermoxjust the url of the jenkins, I can't seem to find it anymore21:51
powersjhttps://platform-qa-jenkins.ubuntu.com/view/server/21:52
cyphermoxah, thanks!21:53
powersjThe daily xenial test shows keyboard-configuration/layout as "30 question skipped", yet bionic is reporting "0 question will be asked"21:56
powersjThey use the same preseed21:56
cyphermoxyeah, but xenial vs. bionic is not a very useful comparison21:57
cyphermoxwould be better to compare very late cycle artful21:57
srgjamesI could use someone who is smart. So i just reset up an apache web server on Ubuntu and could use the ip address in a url to access the default page. I then went back and created the files in sites-available Im pretty sure correctly but now cant get to the site from url or ipaddress and no errors when i restart apache2.. Anyway I can check if i set up the wrong settings on DigitalOcean or Google Domains ?21:57
powersjcyphermox: same with artful, last test was 27 days ago https://platform-qa-jenkins.ubuntu.com/view/smoke-default/job/ubuntu-artful-server-amd64-smoke-default/173/artifact/log/utah-56128-artful-server-amd64/installer/21:58
cyphermoxpowersj: yeah22:00
cyphermoxthe preseed isn't quite the same though22:00
powersjother than adding the xkb-keymap they should be the same22:01
powersjwhich I added because I thought it needed it :\22:01
cyphermoxnah22:01
cyphermoxit might actually be breaking things, as it resets some values22:01
powersjok let me revert that then22:01
powersjbut it was broken before I added it :\22:02
cyphermoxI don't understand though, because I tried with both options22:02
powersjcyphermox: Here is what is appending to the cmdline: -append netcfg/get_hostname=utah-6554-bionic-server-ppc64el log_host=192.168.122.1 log_port=0 DEBCONF_DEBUG=developer debconf/priority=critical22:12
cyphermoxyeah, but that's not anything special, nothing wrong22:21
powersjcyphermox: I got an install syslog from a bionic install by pressing enter22:51
powersjComparing it to artful and before it asks me for the keyboard layout I see "Nov 15 21:37:51 debconf: --> GET debconf/priority Nov 15 21:37:51 debconf: <-- 0 high"22:52
powersjwhereas in artful it says critical22:52
naccrbasak: my branch cuts ipsec-tools full reimport time from 68 to about 40 minutes. Still working on checking the correctness22:58
powersjcyphermox: artful: http://paste.ubuntu.com/25970598/ bionic: http://paste.ubuntu.com/25970599/23:00
cyphermoxpowersj: ack, I'll dig in to that23:01
powersjthx23:01
naccrbasak: i'm thinking we should add a 'git repository comarison' function to the integration tests and have that help us assert hash abi breaks. We have the as-imported repository now, and we can see if the hashes change on a reimport at a given commit.23:40
naccpowersj: is it possible to make a given pipeline stage a warning, but not a failure, or provide a flag to say "we know this breaks ABI, pass CI ayways"?23:40
powersjnacc: I am not sure23:41
naccpowersj: ok, np -- it's ok for it to be a failure anyways, in theory, we want that to trigger a manaul examinationn23:41
naccpowersj: as developers, we knonw (currently) when to expect a chagne to break hashes and when not23:42
powersjnacc: looks like https://issues.jenkins-ci.org/browse/JENKINS-45579 is what we want23:42
naccpowersj: ok, thanks23:43
naccrbasak: heh, i'm finally looking at your branch (not final review) a lot of what my branch does as well is prefix -> ref_namespace (aka ref_prefix).23:52

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!