lotuspsychje | good morning to all | 04:24 |
---|---|---|
lordievader | Good morning | 06:10 |
ducasse | good morning | 06:24 |
=== tomreyn_ is now known as tomreyn | ||
marcoagpinto | Hello! | 09:12 |
BluesKaj | Howdy al | 10:55 |
BluesKaj | err, Howdy all | 10:56 |
gry | hi | 11:17 |
lotuspsychje | http://www.phoronix.com/scan.php?page=news_item&px=PHP-7.3-Ubuntu-19.10 | 11:36 |
lordievader | Brr php | 13:16 |
marcoagpinto | Hello BluesKaj and everyone! | 13:19 |
marcoagpinto | I am editing video, sorry for not being active | 13:20 |
lotuspsychje | hi kenperkins | 13:54 |
kenperkins | some commentary in the news today regarding DNS over HTTPS and how browers are going to enable this directly. Any discussion/issues that I can go read up on for native support for this at the OS level in ubuntu? | 13:54 |
kenperkins | https://arstechnica.com/tech-policy/2019/09/isps-worry-a-new-chrome-feature-will-stop-them-from-spying-on-you/ | 13:55 |
mgedmin | OS-level support would probably rely on systemd-resolved, which would need to add support for it first | 14:00 |
mgedmin | https://github.com/systemd/systemd/issues/8639 | 14:00 |
kenperkins | perfect! that's what I wanted to read up | 14:02 |
kenperkins | now that i think about it tho, it doesn't really matter what my os supports, it's my local dns resolvers that need it | 14:04 |
kenperkins | :( | 14:04 |
lordievader | Considering how firefox handles this case, that doesn't matter. | 14:08 |
lordievader | (per default it uses cloudflare) | 14:08 |
katnip` | i believe that can be shut off though | 14:09 |
kenperkins | i guess tho, I don't want my apps making decisions on a per-app basis | 14:10 |
kenperkins | I want it all done at the network level | 14:10 |
katnip` | correct | 14:10 |
katnip` | ars had an article about it a day or two ago, or zdnet, one of those | 14:11 |
kenperkins | isn't that what I just linked above? | 14:11 |
katnip` | yes, sorry | 14:12 |
katnip` | like you, i use my pi hole and opendns for a backup per my vpn; i dont want an app resetting that | 14:13 |
lordievader | > i guess tho, I don't want my apps making decisions on a per-app basis | 14:14 |
lordievader | This is one of the arguments against DoH (and DoT for that matter). | 14:14 |
katnip` | yes | 14:14 |
kenperkins | as I think about it, what I really want is DNS with encryption, I'm not sure I'm concerned with exactly how | 14:14 |
lordievader | It becomes even more fun when you consider that different resolvers may give different answers. | 14:15 |
katnip` | i thought about encryption and the only thing i could come with was a vpn | 14:15 |
kenperkins | as soon as i saw comcast was doing injection of javascript in unencrypted http i switched my resolvers | 14:15 |
lordievader | The way chrome solved is much more acceptable. Check if your current resolver supports DoH, if so start using DoH with that resolver. (Might have been DoT, not really sure) | 14:15 |
kenperkins | (probably 5 years ago+) | 14:15 |
kenperkins | still tho, I don't want my browser deciding | 14:16 |
katnip` | chrome is bad though | 14:16 |
kenperkins | i use chrome and ff | 14:16 |
katnip` | i use brave | 14:16 |
katnip` | ff for a backup | 14:17 |
kenperkins | i just despise the UX in FF | 14:17 |
kenperkins | switching gears; building a conatiner in docker atm from ubuntu:xenial, and it's taking _ages_ to get throug the apt-get update && apt-get install step. what could be going on? | 14:19 |
lordievader | How is the io-wait? | 14:20 |
kenperkins | on the host or docker? | 14:20 |
kenperkins | <newish to ubuntu, so help me out> | 14:21 |
lordievader | With the old build process that would usually let it grind to a halt for me. | 14:21 |
lordievader | Host | 14:21 |
kenperkins | do I need to install iotop or something? | 14:21 |
lordievader | kenperkins: `vmstat 1` | 14:21 |
lordievader | The `wa` column is your interest. | 14:22 |
kenperkins | hovering between 35-90 | 14:22 |
kenperkins | now up to 95-99 | 14:23 |
kenperkins | ok, so i'm waiting a ton | 14:23 |
kenperkins | next step to find out why? | 14:23 |
lordievader | Yeah, that is way to high. | 14:24 |
lordievader | iotop or htop can tell you that. | 14:24 |
kenperkins | i mean this is a super hend end machine | 14:24 |
kenperkins | high-end | 14:24 |
lordievader | You won't notice that if your cpu is busy waiting for IO all the time. | 14:25 |
lordcirth | kenperkins, what drive is this writing to? Is it an SSD? | 14:25 |
kenperkins | lordcirth: yes | 14:25 |
lordcirth | Yeah, try iotop. | 14:26 |
kenperkins | nothing in iotop with much more than ~0.5% io | 14:26 |
mgedmin | well, apt installs do a lot of fsyncs(), you might want to try out libeatmydata? | 14:26 |
mgedmin | (assuming docker builds don't do tricks that would break LD_PRELOAD) | 14:26 |
kenperkins | mgedmin: sorry, I don't quite follow that | 14:26 |
mgedmin | I was wonderin if https://github.com/stewartsmith/libeatmydata#libeatmydata could speed up your apt installs | 14:27 |
kenperkins | ok, before I go do something like that, i'd like to narrow down what's going on first | 14:29 |
kenperkins | i haven't had a literal line of progress in ~15m on my docker build | 14:29 |
kenperkins | so in iotop, what should I be looking for | 14:30 |
lordcirth | kenperkins, have you checked dmesg for errors? | 14:30 |
lordcirth | Also, smartctl on your SSD | 14:31 |
lordievader | kenperkins: Top talkers, in terms of bandwith or iops. | 14:31 |
kenperkins | almost no disk read/write going on | 14:33 |
kenperkins | tbh I don't know what I'm looking for in dmesg, the rest of my system seems completely normal | 14:34 |
lordcirth | kenperkins, well, mostly that it isn't spamming IO Errors | 14:35 |
lordcirth | If you run 'dmesg -wT' are new entries being added? | 14:35 |
kenperkins | this sounds dubious | 14:35 |
kenperkins | [Mon Sep 30 01:22:01 2019] docker0: port 1(vethb83d919) entered blocking state | 14:36 |
kenperkins | [Mon Sep 30 01:22:01 2019] docker0: port 1(vethb83d919) entered forwarding state | 14:36 |
kenperkins | that's from a while ago, disregard | 14:37 |
mgedmin | if there's no disk io, it might be waiting on the network | 14:37 |
mgedmin | dstat is nicer than vmstat: it shows network as well as disk i/o | 14:37 |
mgedmin | try making the docker build use your local ubuntu mirror instead of the main archive? | 14:38 |
kenperkins | ok dstat shows 0 cpu wait and ~98 idle, vmstat 1 shows idle of 4 and wait of 95 | 14:40 |
kenperkins | something doesn't make sense | 14:40 |
kenperkins | mgedmin: I'm willing to try that, once I figure out why it's not doing seemingly *anything* | 14:42 |
mgedmin | strace? | 14:42 |
kenperkins | and it just finished | 14:47 |
kenperkins | i did see this before it ended | 14:47 |
kenperkins | https://gist.github.com/kenperkins/f8d9705516696760c925c040d764cfeb | 14:47 |
kenperkins | doesn't really tell me anything | 14:47 |
mgedmin | it's waiting on a mutex or some other synchronization primitive | 14:49 |
kenperkins | yea but no insight into why I mean | 14:51 |
kenperkins | I think I want to run it again to see | 14:53 |
mgedmin | then be sure to strace all processes, not just the main one | 14:54 |
mgedmin | (e.g. strace -f -o /tmp/trace.log docker build whatever) | 14:54 |
mgedmin | (note that strace might slow things down considerably) | 14:54 |
kenperkins | ok so I think this is the problem: > 0 upgraded, 403 newly installed, 0 to remove and 4 not upgraded. | 14:59 |
kenperkins | maybe it was just slowly working through the install of 403 packages? (apt-get install was with -qqq) | 14:59 |
kenperkins | @mgedmin > try making the docker build use your local ubuntu mirror instead of the main archive? can you expand or link me to something on that? | 15:00 |
kenperkins | do you mean adding mirror://mirros.unbuntu.com stuff to my apt sources? | 15:01 |
mgedmin | no, I mean using http://COUNTRYCODE.archive.ubuntu.com/ instead of http://archive.ubuntu.com/ in /etc/apt/sources.list inside the docker container before you do the apt update && apt install steps | 15:02 |
mgedmin | I've never seen mirror:// before? does it autodetect the nearest mirror somehow? where is it documented? | 15:03 |
kenperkins | apparently | 15:03 |
kenperkins | > Using mirror protocol as part of your /etc/apt/sources.list entry will instruct apt command to fetch mirrors located within your country only. In order to use mirror protocol update all lines within /etc/apt/sources.list file from the usual eg.: | 15:03 |
kenperkins | from https://linuxconfig.org/how-to-select-the-fastest-apt-mirror-on-ubuntu-linux | 15:04 |
kenperkins | trying to find more official docuemtnation | 15:04 |
mgedmin | I wish https://wiki.ubuntu.com/Mirrors mentioned this! | 15:05 |
mgedmin | the ubuntu wiki feels abandoned at times | 15:05 |
kenperkins | > feel free to join us at #ubuntu-mirrors on Freenode | 15:05 |
kenperkins | brb :D | 15:05 |
mgedmin | huh did you notice that the mirror:// option was the slowest in the "comparing results" section of that linuxconfig page? ;) | 15:07 |
mgedmin | maybe it's not mentioned for a reason | 15:07 |
kenperkins | haha | 15:07 |
kenperkins | interesting that the us mirror was only 8 seconds slower than the au one, while the mirror protocol was 1.5 orders of magnitude slower | 15:08 |
mgedmin | maybe it spent 4 minutes 40 seconds finding the fastest mirror and then 5 seconds downloading the things :) | 15:09 |
mgedmin | opinion: apt install foo failing with 'package foo has no installation candidate' when you tried it in a live session (or a fresh docker container) with an empty /var/lib/apt/lists/ is bad ux | 15:10 |
=== akem__ is now known as akem | ||
tomreyn | if danielrc14 returns to #ubuntu, please point them to the bottom of https://irclogs.ubuntu.com/2019/10/02/%23ubuntu.html - thanks! | 20:29 |
sarnold | tomreyn: what should be at the bottom? right now it's lordcirth's unrelated comment.. | 20:30 |
tomreyn | sarnold: my latest comment to them (not yet, but the log file should update soon) | 20:31 |
sarnold | tomreyn: okay cool :) | 20:31 |
tomreyn | http://paste.debian.net/plain/1103810 | 20:33 |
tomreyn | thanks, ttyl | 20:33 |
sarnold | tomreyn: nice, thanks, gnight :) | 20:34 |
tomreyn | i'll have. :) | 20:34 |
OerHeks | naughty /dev/urandom https://lwn.net/SubscriberLink/800509/c46eba62a7bda958/ | 21:27 |
hggdh | OerHeks: I was sort of expecting something like that to happen one day... | 22:07 |
OerHeks | well.. wait | 22:09 |
OerHeks | 2018 ? | 22:09 |
OerHeks | https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.18-Random-Boot-Fix | 22:09 |
gry | good morning | 23:36 |
OerHeks | hi gry | 23:42 |
OerHeks | 01:44 am .. making pancakes .. | 23:44 |
OerHeks | NOOOO! i am not telling you i live on Jan van Zutphenstraat 310, Haarlem, Netherlands ... no way | 23:45 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!