| === tds3 is now known as tds | ||
| === Napsterbater_ is now known as Napsterbater | ||
| itsjg | Hello there! Does anyone have some performance baselines of NVME drives in software RAID 10 on Ubuntu? | 15:11 |
|---|---|---|
| compdoc | I dont, but how many drives do you want to use for the raid? | 15:14 |
| itsjg | compdoc: 4 total, in RAID10, using a Samsung PM983. Seeing pretty bad performance from FIO, wondering what I'm doing wrong (seeing about 505MB/s read, 169MB/s write) when the drive is rated for well over 2800 MB/s read and 1900 MB/s write | 15:33 |
| itsjg | I stand corrected, removing a drive from mdadm and testing directly shows the same results. Must be a issue with the NVMEs directly | 15:42 |
| compdoc | itsjg, the specs say the drive should be much faster | 16:03 |
| compdoc | you using an adaptor with m.2 slots? | 16:04 |
| itsjg | Ah nope, this supermicro box has a direct NVM express ports (Supermicro 1124US-TNRP) | 16:06 |
| compdoc | Thats an internal ssd. not nvme | 16:06 |
| compdoc | wow, thats a serious server | 16:11 |
| itsjg | Haha | 16:11 |
| itsjg | Yea the terminology is quite confusing, the drives are "U.2 NVME Format" but it is technically an SSD | 16:12 |
| compdoc | writes are slow compared to consumer nvme drives | 16:19 |
| itsjg | Yep, very. I can't say I've seen this type of issue before. I'm on the latest kernel for Ubuntu 18.04 LTS, all BIOS and firmwares have been updated | 16:21 |
| compdoc | I imagine it has plenty of pci-e lanes. do they share lanes with sata ports? | 16:24 |
| quadrathoch2 | probably not compdoc as rome zen has enough pcie lanes | 16:26 |
| compdoc | ah, the SAMSUNG 983 DCT Series is NVMe | 16:26 |
| itsjg | Confirming now, but I believe they're dedicated | 16:26 |
| quadrathoch2 | itsjg if it's rome, the least amount is 120 lanes if I remember correctly :) so should be enough | 16:28 |
| trippeh | could have been still syncronizing the array? | 16:29 |
| quadrathoch2 | yup :) plus as we don't know the software stack, that's still an option | 16:29 |
| trippeh | md is supposed to back off during IO but in my experience it doesnt always work very well. | 16:30 |
| itsjg | Ah yea confirmed, 128 lanes (Its a EPYC 7452). | 16:30 |
| itsjg | Ahh yep thanks, we thought that too. Unfortunately the results are the same when I removed a drive from the array and ran tests directly on a drive not in an array | 16:30 |
| trippeh | ah right | 16:30 |
| trippeh | doing a mixed r/w test or read and write separately? | 16:32 |
| itsjg | Using FIO currently, with --readwrite=randrw (random mixed read/write), and a block size of 4k | 16:34 |
| itsjg | Doing write only tests with DD produce similar results, it seems | 16:34 |
| trippeh | yeah I think PM983 should be okayish at mixed | 16:35 |
| itsjg | Ah, cool | 16:35 |
| trippeh | my memory could be bad of course :) | 16:35 |
| trippeh | (we mostly use intel for nvme at work) | 16:36 |
| itsjg | Ahh Intel, nice :) | 16:36 |
| === denningsrogue9 is now known as denningsrogue | ||
| Nikolaj_basher | Hi there :-) I have tried to find more info on the EXPOSED status do-agent.service when running systemd-analyze security. How can I solve this? | 17:16 |
| Nikolaj_basher | and is there a way to get more info why systemd find the service exposed? | 17:17 |
| tomreyn | Nikolaj_basher: did you read the man page, yet? | 17:22 |
| Nikolaj_basher | tomaw, which man page the service or the systemd-analyse? but no | 17:24 |
| Nikolaj_basher | tomreyn, now I have and I didn't know why i did not though on doing so. | 17:28 |
| sdeziel | Nikolaj_basher: could you paste the output of `systemd-analyze security do-agent.service` ? | 17:31 |
| Nikolaj_basher | sdeziel, http://pastie.org/p/2t5GV6V7TUqbpGpcJbWvlI | 17:36 |
| Nikolaj_basher | sdeziel, I can see privateNetwork punish a lot | 17:38 |
| sdeziel | Nikolaj_basher: EXPOSED is when the score is above a certain threshold (which I don't know) but it's rather easy to bring in more restrictions and lower that score below 4-5 | 17:42 |
| Nikolaj_basher | sdeziel, do you now where I can read more about service. Else I do the google on every score indicator | 17:43 |
| sdeziel | Nikolaj_basher: man systemd.exec then search for those keywords like NoNewPrivileges (that you already have enabled which is a very good start) | 17:44 |
| Nikolaj_basher | sdeziel, thanks for your input I will definitely do so THANKS | 17:50 |
| Nikolaj_basher | sdeziel, I can see what you mean but where do I set the configuration of a specific service | 17:54 |
| sdeziel | Nikolaj_basher: you can create a "delta" file to apply your custom changes with "sudo systemctl edit do-agent.service". It will launch your $EDITOR on an empty file that would apply after the base systemd unit of the do-agent.service | 17:59 |
| Nikolaj_basher | sdeziel, nice is there away to get more info about what the service do ex. do-agent i could find any man page | 18:01 |
| sdeziel | Nikolaj_basher: is this a Digital Ocean VM or something like that? | 18:02 |
| tomreyn | "how do you know?!" :) | 18:02 |
| Nikolaj_basher | sdeziel, yes and it came out of the box, and I really want to exam the defaults services is used, because then I would like to disable all the services which not needed | 18:03 |
| sdeziel | Nikolaj_basher: before tuning those hardening knobs beware that you risk breaking the service (at least when experimenting). I don't know what that do-agent is used for as I don't use DO myself | 18:05 |
| Nikolaj_basher | sdeziel, I will | 18:06 |
| Nikolaj_basher | sdeziel, thank for you guidens now I have some info for more research | 18:06 |
| sdeziel | yw | 18:07 |
| Nikolaj_basher | exit | 18:14 |
| MIF | dose anyone here know anything about dovecot? | 19:24 |
| MIF | what dose this error mean? BYE Disconnected: Auth process broken | 19:24 |
| === jelly-home is now known as jelly | ||
| sdeziel | MIF: what's your auth config like? | 19:26 |
| MIF | witch one do you need to see? | 19:26 |
| MIF | http://ix.io/2IB7 | 19:28 |
| sdeziel | MIF: `dovecot -n` | 19:28 |
| MIF | ok | 19:28 |
| MIF | http://ix.io/2IB8 | 19:29 |
| sdeziel | MIF: I don't have the time to fully analyze it but could it be that dovecot cannot reach your SQL server for user authentication? | 19:31 |
| teward | what do your error logs show? | 19:37 |
| sveinse | Under 18.04, how can I add post operations when a interface is taken up? (netplan) I need to run a series of additional "ip" commands... | 19:37 |
| teward | MIF: check /var/log/mail.log and see what the error details are | 19:37 |
| MIF | Dec 18 13:23:05 sturtz dovecot: auth: Fatal: sql: Unknown database driver 'mysql' | 19:38 |
| teward | sveinse: to do what? Add IPs? Add routes? | 19:38 |
| teward | MIF: you need to install that extension. install `dovecot-mysql` on system | 19:38 |
| MIF | ok | 19:38 |
| sveinse | teward: ip link add, ip addr add and ip route. To allow routing to (docker) macvlan IP | 19:39 |
| MIF | is * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=ANONYMOUS AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN] Dovecot ready. | 19:40 |
| MIF | good? | 19:40 |
| sveinse | unless there exists a net kernel option that allows ip traffic back to a macvlan ip | 19:41 |
| teward | sveinse: well you can still netplan custom routing rules but not sure how macvlan works there. | 20:04 |
| teward | MIF: it should work fine, but you should test it ;) | 20:04 |
| MIF | I did | 20:07 |
| MIF | it workedt | 20:07 |
| MIF | hank you | 20:07 |
| sveinse | teward: I know too little about netplan for how to do that. I installed a new script into /etc/network/if-up.d/, hoping that it will do the job | 20:24 |
| teward | well if you're using netplan to configure your interfaces currently then it won't since ifupdown isn't being used by netplan. | 20:30 |
| teward | last I checked anyways | 20:30 |
| sveinse | teward: one reboot later: jup, learned the same the hard way | 20:34 |
| sveinse | next attempt: /etc/networkd-dispatcher/routable.d/50-macvlan went much better! | 20:44 |
| === StathisA_ is now known as StathisA | ||
| tgp1994 | Hey everyone. When I updated my 18 LTS distro to 20.04.1, it seems I've lost my backscroll buffer. I only use terminal, no DTE is installed. Shift+PageUp no longer allows me to scroll back. Does anyone know why I lost this ability, what the default is for ubuntu and how I can restore it? | 23:33 |
| tgp1994 | *I should mention - this is running in a Hyper-V VM. I'm using the VM Connection window to access my terminal directly. | 23:34 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!