/srv/irclogs.ubuntu.com/2020/12/18/#ubuntu-server.txt

=== tds3 is now known as tds
=== Napsterbater_ is now known as Napsterbater
itsjgHello there! Does anyone have some performance baselines of NVME drives in software RAID 10 on Ubuntu?15:11
compdocI dont, but how many drives do you want to use for the raid?15:14
itsjgcompdoc: 4 total, in RAID10, using a Samsung PM983. Seeing pretty bad performance from FIO, wondering what I'm doing wrong (seeing about 505MB/s read, 169MB/s write) when the drive is rated for well over 2800 MB/s read and 1900 MB/s write15:33
itsjgI stand corrected, removing a drive from mdadm and testing directly shows the same results. Must be a issue with the NVMEs directly15:42
compdocitsjg, the specs say the drive should be much faster16:03
compdocyou using an adaptor with m.2 slots?16:04
itsjgAh nope, this supermicro box has a direct NVM express ports (Supermicro 1124US-TNRP)16:06
compdocThats an internal ssd. not nvme16:06
compdocwow, thats a serious server16:11
itsjgHaha16:11
itsjgYea the terminology is quite confusing, the drives are "U.2 NVME Format" but it is technically an SSD16:12
compdocwrites are slow compared to consumer nvme drives16:19
itsjgYep, very. I can't say I've seen this type of issue before. I'm on the latest kernel for Ubuntu 18.04 LTS, all BIOS and firmwares have been updated16:21
compdocI imagine it has plenty of pci-e lanes. do they share lanes with sata ports?16:24
quadrathoch2probably not compdoc as rome zen has enough pcie lanes16:26
compdocah, the SAMSUNG 983 DCT Series is NVMe16:26
itsjgConfirming now, but I believe they're dedicated16:26
quadrathoch2itsjg if it's rome, the least amount is 120 lanes if I remember correctly :) so should be enough16:28
trippehcould have been still syncronizing the array?16:29
quadrathoch2yup :) plus as we don't know the software stack, that's still an option16:29
trippehmd is supposed to back off during IO but in my experience it doesnt always work very well.16:30
itsjgAh yea confirmed, 128 lanes (Its a EPYC 7452).16:30
itsjgAhh yep thanks, we thought that too. Unfortunately the results are the same when I removed a drive from the array and ran tests directly on a drive not in an array16:30
trippehah right16:30
trippehdoing a mixed r/w test or read and write separately?16:32
itsjgUsing FIO currently, with --readwrite=randrw (random mixed read/write), and a block size of 4k16:34
itsjgDoing write only tests with DD produce similar results, it seems16:34
trippehyeah I think PM983 should be okayish at mixed16:35
itsjgAh, cool16:35
trippehmy memory could be bad of course :)16:35
trippeh(we mostly use intel for nvme at work)16:36
itsjgAhh Intel, nice :)16:36
=== denningsrogue9 is now known as denningsrogue
Nikolaj_basherHi there :-) I have tried to find more info on the EXPOSED status do-agent.service when running systemd-analyze security. How can I solve this?17:16
Nikolaj_basherand is there a way to get more info why systemd find the service exposed?17:17
tomreynNikolaj_basher: did you read the man page, yet?17:22
Nikolaj_bashertomaw, which man page the service or the systemd-analyse? but no17:24
Nikolaj_bashertomreyn, now I have and I didn't know why i did not though on doing so.17:28
sdezielNikolaj_basher: could you paste the output of `systemd-analyze security do-agent.service` ?17:31
Nikolaj_bashersdeziel, http://pastie.org/p/2t5GV6V7TUqbpGpcJbWvlI17:36
Nikolaj_bashersdeziel, I can see privateNetwork punish a lot17:38
sdezielNikolaj_basher: EXPOSED is when the score is above a certain threshold (which I don't know) but it's rather easy to bring in more restrictions and lower that score below 4-517:42
Nikolaj_bashersdeziel, do you now where I can read more about service. Else I do the google on every score indicator17:43
sdezielNikolaj_basher: man systemd.exec then search for those keywords like NoNewPrivileges (that you already have enabled which is a very good start)17:44
Nikolaj_bashersdeziel, thanks for your input I will definitely do so THANKS17:50
Nikolaj_bashersdeziel, I can see what you mean but where do I set the configuration of a specific service17:54
sdezielNikolaj_basher: you can create a "delta" file to apply your custom changes with "sudo systemctl edit do-agent.service". It will launch your $EDITOR on an empty file that would apply after the base systemd unit of the do-agent.service17:59
Nikolaj_bashersdeziel, nice is there away to get more info about what the service do ex. do-agent i could find any man page18:01
sdezielNikolaj_basher: is this a Digital Ocean VM or something like that?18:02
tomreyn"how do you know?!" :)18:02
Nikolaj_bashersdeziel, yes and it came out of the box, and I really want to exam the defaults services is used, because then I would like to disable all the services which not needed18:03
sdezielNikolaj_basher: before tuning those hardening knobs beware that you risk breaking the service (at least when experimenting). I don't know what that do-agent is used for as I don't use DO myself18:05
Nikolaj_bashersdeziel, I will18:06
Nikolaj_bashersdeziel, thank for you guidens now I have some info for more research18:06
sdezielyw18:07
Nikolaj_basherexit18:14
MIFdose anyone here know anything about dovecot?19:24
MIFwhat dose this error mean? BYE Disconnected: Auth process broken19:24
=== jelly-home is now known as jelly
sdezielMIF: what's your auth config like?19:26
MIFwitch one do you need to see?19:26
MIFhttp://ix.io/2IB719:28
sdezielMIF: `dovecot -n`19:28
MIFok19:28
MIFhttp://ix.io/2IB819:29
sdezielMIF: I don't have the time to fully analyze it but could it be that dovecot cannot reach your SQL server for user authentication?19:31
tewardwhat do your error logs show?19:37
sveinseUnder 18.04, how can I add post operations when a interface is taken up? (netplan) I need to run a series of additional "ip" commands...19:37
tewardMIF: check /var/log/mail.log and see what the error details are19:37
MIFDec 18 13:23:05 sturtz dovecot: auth: Fatal: sql: Unknown database driver 'mysql'19:38
tewardsveinse: to do what?  Add IPs?  Add routes?19:38
tewardMIF: you need to install that extension.  install `dovecot-mysql` on system19:38
MIFok19:38
sveinseteward: ip link add, ip addr add and ip route. To allow routing to (docker) macvlan IP19:39
MIFis * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=ANONYMOUS AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN] Dovecot ready.19:40
MIFgood?19:40
sveinseunless there exists a net kernel option that allows ip traffic back to a macvlan ip19:41
tewardsveinse: well you can still netplan custom routing rules but not sure how macvlan works there.20:04
tewardMIF: it should work fine, but you should test it ;)20:04
MIFI did20:07
MIFit workedt20:07
MIFhank you20:07
sveinseteward: I know too little about netplan for how to do that. I installed a new script into /etc/network/if-up.d/, hoping that it will do the job20:24
tewardwell if you're using netplan to configure your interfaces currently then it won't since ifupdown isn't being used by netplan.20:30
tewardlast I checked anyways20:30
sveinseteward: one reboot later: jup, learned the same the hard way20:34
sveinsenext attempt: /etc/networkd-dispatcher/routable.d/50-macvlan went much better!20:44
=== StathisA_ is now known as StathisA
tgp1994Hey everyone. When I updated my 18 LTS distro to 20.04.1, it seems I've lost my backscroll buffer. I only use terminal, no DTE is installed. Shift+PageUp no longer allows me to scroll back. Does anyone know why I lost this ability, what the default is for ubuntu and how I can restore it?23:33
tgp1994*I should mention - this is running in a Hyper-V VM. I'm using the VM Connection window to access my terminal directly.23:34

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!