Re: [OmniOS-discuss] LX on OmniOS update

2016-08-26 Thread Dan McDonald 

> On Aug 26, 2016, at 12:54 PM, Michael Rasmussen  wrote:
> 
> On Fri, 26 Aug 2016 11:51:41 -0400
> Dan McDonald  wrote:
> 
>> - The "zoneadm -z  install" script now can take a "-t " 
>> argument in lieu of a "-s ZFS-send-stream" argument.  Both gzipped and full 
>> will work.  Thanks to Peter Tribble for providing some URLs with tarballs 
>> that work.  And I quote:
>> 
> /usr/lib/brand/lx/lx_install[72]: gtar: not found [No such file or directory]
> 
> Seems you have forgotten a dependency?

Thank you!

Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX on OmniOS update

2016-08-26 Thread Michael Rasmussen 
On Fri, 26 Aug 2016 11:51:41 -0400
Dan McDonald  wrote:

> - The "zoneadm -z  install" script now can take a "-t " argument 
> in lieu of a "-s ZFS-send-stream" argument.  Both gzipped and full will work. 
>  Thanks to Peter Tribble for providing some URLs with tarballs that work.  
> And I quote:
> 
/usr/lib/brand/lx/lx_install[72]: gtar: not found [No such file or directory]

Seems you have forgotten a dependency?

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
It may be that your whole purpose in life is simply to serve as a
warning to others.


pgpayQ3bfb8tp.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-14 Thread Peter Tribble 
On Sun, Aug 14, 2016 at 6:27 PM, Dan McDonald  wrote:

>
> > On Aug 14, 2016, at 1:20 PM, Michael Rasmussen  wrote:
> >
> > - All network configuration can be done outside the zone giving the
> >  opportunity to hand out LX zones to users with a locked down network
> >  configuration.
>
> That's naive.  An admin on even a SmartOS zone can invoke:
>
> /native/sbin/ifconfig 
>
> and wreak havoc.  :)
>

Modulo any ip-spoofing protections in place.


> > - Admins can script everything and have total control of LX zones
>
> Also, by "admins" you mean "global zone admins", right?
>

It's unfortunate that the lx brand doesn't support shared-ip stacks.
I can't see whether there's a fundamental technical reason, but having
shared-ip does make it much easier to simply configure everything in
the global zone and prevent the zone fiddling with it.

The problem with exclusive-ip is that you can't manage it from the global
zone at all. If the zone isn't running, you obviously can't do anything, but
as soon as the zone is running (or even ready) it steals the interface away
so the global zone can do nothing.

(Docker networking behaves like traditional shared-ip, from what I can see.)

-- 
-Peter Tribble
http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-14 Thread Bob Friesenhahn 

On Sun, 14 Aug 2016, Dan McDonald wrote:




On Aug 14, 2016, at 2:24 PM, wo...@4amlunch.net wrote:

Also, regarding not being able to use Linux networking tools to configure things Is 
there a way we can pre-pend a "magic" $PATH entry that can't be removed that 
has all the tools (iptables, ifconfig, etc) that just print out messages about those 
things don't work here and use $foo instead?


That's an interesting question.  I wonder how the people who already use LX on 
SmartOS cope with this?


The problem is that there are many networking oriented programs which 
do use the interfaces which are not supported.  Blocking access to 
command-line utilities does not prevent software from attempting to 
use the facilities at an API level.


Bob
--
Bob Friesenhahn
bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,http://www.GraphicsMagick.org/
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-14 Thread Dan McDonald 

> On Aug 14, 2016, at 2:24 PM, wo...@4amlunch.net wrote:
> 
> Also, regarding not being able to use Linux networking tools to configure 
> things Is there a way we can pre-pend a "magic" $PATH entry that can't be 
> removed that has all the tools (iptables, ifconfig, etc) that just print out 
> messages about those things don't work here and use $foo instead?

That's an interesting question.  I wonder how the people who already use LX on 
SmartOS cope with this?

Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-14 Thread wonko 
> 
>> Approach 2)
>> - This way favors in-house or friendly environment usecases where
>> distributed responsibility is desired.
>> - Greater flexibility for LX zone users
> 
> 
> I see where you're going.  "Doing both" requires double the work, but you do 
> make an interesting case for it.

My only concern is collisions. If things are set in both places who wins? That 
needs to be very well defined or debugging things could be a real pain. :)

Also, regarding not being able to use Linux networking tools to configure 
things Is there a way we can pre-pend a "magic" $PATH entry that can't be 
removed that has all the tools (iptables, ifconfig, etc) that just print out 
messages about those things don't work here and use $foo instead?

-brian
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-14 Thread Dan McDonald 

> On Aug 14, 2016, at 1:20 PM, Michael Rasmussen  wrote:
> 
> On Sun, 14 Aug 2016 12:48:36 -0400
> Dan McDonald  wrote:
> 
>> 
>> I see pros & cons of both approaches.  I'm visiting OmniTI HQ in a week to, 
>> among other things, bounce ideas around with OmniTI folks - since they are 
>> also my customers.  Feel free to speak up here if you have opinions as well.
>> 
> I vote for a combination of both approaches for the following main
> reasons:
> 
> Approach 1)
> - All network configuration can be done outside the zone giving the
>  opportunity to hand out LX zones to users with a locked down network
>  configuration.

That's naive.  An admin on even a SmartOS zone can invoke:

/native/sbin/ifconfig 

and wreak havoc.  :)

> - Admins can script everything and have total control of LX zones

Also, by "admins" you mean "global zone admins", right?


> Approach 2)
> - This way favors in-house or friendly environment usecases where
>  distributed responsibility is desired.
> - Greater flexibility for LX zone users


I see where you're going.  "Doing both" requires double the work, but you do 
make an interesting case for it.

Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-14 Thread Michael Rasmussen 
On Sun, 14 Aug 2016 12:48:36 -0400
Dan McDonald  wrote:

> 
> I see pros & cons of both approaches.  I'm visiting OmniTI HQ in a week to, 
> among other things, bounce ideas around with OmniTI folks - since they are 
> also my customers.  Feel free to speak up here if you have opinions as well.
> 
I vote for a combination of both approaches for the following main
reasons:

Approach 1)
- All network configuration can be done outside the zone giving the
  opportunity to hand out LX zones to users with a locked down network
  configuration.
- Admins can script everything and have total control of LX zones

Approach 2)
- This way favors in-house or friendly environment usecases where
  distributed responsibility is desired.
- Greater flexibility for LX zone users

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
  I'm not going to say, "I told you so."



This mail was virus scanned and spam checked before delivery.
This mail is also DKIM signed. See header dkim-signature.

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-14 Thread Dan McDonald 
In general, and I will have to make this EVEN CLEARER -- LX zones' networking 
is controlled by tools in /native.  No iptables... I'm surprised the 
linux-native ifconfig(8) works, but that's likely due to some legacy ioctl 
support that's already in the LX brand kernel code.

One open design question in LX for OmniOS is how to address the networking 
configuration problem?  I see two ways:

1.) Adopt the Joyent way of having some networking parameters in zonecfg(1M) 
attributes and having zoneadmd or the boot scripts act on these.  The vmadm(1M) 
of SmartOS works like this once you get to where it meets existing illumos zone 
utilities.

2.) Further modify the native networking tools to store their between-boots 
state in a place, for example, "/etc/native", that allows persistent actions of 
/native/ utilities like they'd behave for an illumos-native zone (ipkg, lipkg 
in OmniOS).  Right now, you can't ipadm(1M) an interface's address permanently 
on an LX zone because /etc/inet isn't around.

I see pros & cons of both approaches.  I'm visiting OmniTI HQ in a week to, 
among other things, bounce ideas around with OmniTI folks - since they are also 
my customers.  Feel free to speak up here if you have opinions as well.

Thanks,
Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-13 Thread Jim Klimov 
12 августа 2016 г. 19:14:29 CEST, Dan McDonald  пишет:
>Basically, you need to delegate the highres_clock permission to the
>zone.  Look for "proc_clock_highres" in your
>/usr/lib/brand/lx/config.xml file.  If it's not there, add the line per
>the commit I indicated.
>
>Dan

Thanks for thoroughly nudging me - indeed, the privilege was not yet packaged, 
it seems ;)

So there are new random notes to report ;)

Now a lot more services of our Debian 8-based OS image have started, with 
notable exceptions being networking and a few services like our webserver whose 
unit instantly failed with '226/NAMESPACE' (that diagnosis includes 
'systemd-networkd.service' and 'systemd-resolved.service' too). I'd guess 
randomly there is some messup with slices or cgroups, but at least a few 
services report they belong to a 'system.slice' so at least one works ;)

Part of networking problems may be failure to start iptables. Our units are 
tweaked to ignore errors at this step, by default this may be fatal.

The ifplugd service says that '...start lo0 (or eth0, or lx0 - whatever - 
//Jim)...select() failed while waiting for return value: Invalid argument'

The 'systemd-setup-dgram-qlen.service' apparently fails to use 'sysctl -w 
net.unix.max_dgram_qlen=512' and dies.

Like yesterday (forgot to write though), pasting copied text to system console 
(login after 'zlogin -C') does not work - it only gets the first character from 
the buffer, and quick typing also loses some chars (didn't hit that one 
yesterday, annoys a lot today), but console from 'zlogin' is okay in this 
regard.

Dmesg and journals for many services are still AWOL.

Some networked services respond on a localhost (e.g. ssh - i can even log in), 
but our stack that tries using a local MQ bus (on IPC protocol for local 
speediness, bypassing TCP\IP stack) fails. Maybe i'd try to debug/truss/dtrace 
that next week, might uncover issues in the project :-D At least error-logging 
already seems lacking in some of our places ;)

An rsyslog daemon has started this time, so I can see that e.g. PAM complains 
it can not find kernel RLIMIT for nice, rtprio and UNKNOWN, so it falls back to 
defaults.

Thanks a lot for doing this,
Jim
--
Typos courtesy of K-9 Mail on my Samsung Android
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-13 Thread Jim Klimov 
12 августа 2016 г. 20:06:41 CEST, Michael Rasmussen  пишет:
>On Fri, 12 Aug 2016 17:32:02 +0200
>Jim Klimov  wrote:
>
>> 
>> Michael, thanks for posting the script. There was a typo to fix
>(un-tarring goes into ZONEPATH not ZONEPATH_DS, and a 'gtar' worked
>better for my tarball).
>> 
>Where in the code below do you see a ZONEPATH which should be replaced
>with ZONEPATH_DS?
>
>elif [[ $type == "tgz" ]]; then
>mkdir $ZONEPATH_DS/root
>chmod 755 $ZONEPATH_DS/root
>tar -xzf $TAR_SEED -C $ZONEPATH_DS/root
>RESULT=$?
>MSG="TAR command failed"
>
>> 
>> The systemd startup reported failures of mounting /tmp (not
>permitted). Kernel device manager (udevd) also failed (maybe because it
>can't create /dev/xconsole fifo - 'not implemented'). And Load/Save
>random seed (/dev/urandom - permission denied). Also says something
>about 'Failed to attach new connection bus to event loop: Operation not
>permitted' many times.
>> 
>> Network automatic setup failed, but subsequent manual ifconfig was ok
>(I can curl to a server in this LAN segment).
>> 
>> Logging does not work (no dmesg, no journalctl for failed services,
>although there are some lines in common `journalctl -l`).
>> 
>> A mysql (mariadb) server has started and initialized its database ;)
>Its consumers, even scripted ones (a schema uploader/verifier), did
>not. Many units report that they failed to run their 'start' tasks with
>'Operation not permitted' (maybe passed up from bus-connection
>attempts).
>> 
>> Requesting `systemctl status` or `systemctl restart` of services
>fails (Connection reset by peer). Not sure what it connects to - in our
>project OS image there is no D-Bus, so in true Linux a simple user can
>not use systemd tools, but for a root (or via sudo) there were no
>issues using it.
>> 
>> Login works both on system console (from zlogin -C) and from GZ
>(simply zlogin). `poweroff` from inside guest zone sends a message that
>it will go down, and does nothing. `zoneadm halt` from GZ works.
>> 
>> Setting kernel version in zone attrs to '3.18.0' did not seem to
>break nor fix anything, but the value is seen in `uname -a`.
>> 
>I see no of the above errors using my tarballs which is of no surprise
>since my tarballs does not use systemd;-)

Michael, here it is about the opposite: you untar into a '/root/' under 
ZONEPATH (mountpoint directory), not into ZONEPATH_DS which is the dataset 
target for zfs receive.

It might have worked for you by coincidence if the zones were on another pool 
mounted into the root directory by its name, say a 'zones' pool 
imported+mounted into /zones directory.

Thanks for the script though :-)

Jim
--
Typos courtesy of K-9 Mail on my Samsung Android
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-12 Thread Michael Rasmussen 
On Fri, 12 Aug 2016 17:32:02 +0200
Jim Klimov  wrote:

> 
> Michael, thanks for posting the script. There was a typo to fix (un-tarring 
> goes into ZONEPATH not ZONEPATH_DS, and a 'gtar' worked better for my 
> tarball).
> 
Where in the code below do you see a ZONEPATH which should be replaced
with ZONEPATH_DS?

elif [[ $type == "tgz" ]]; then
mkdir $ZONEPATH_DS/root
chmod 755 $ZONEPATH_DS/root
tar -xzf $TAR_SEED -C $ZONEPATH_DS/root
RESULT=$?
MSG="TAR command failed"

> 
> The systemd startup reported failures of mounting /tmp (not permitted). 
> Kernel device manager (udevd) also failed (maybe because it can't create 
> /dev/xconsole fifo - 'not implemented'). And Load/Save random seed 
> (/dev/urandom - permission denied). Also says something about 'Failed to 
> attach new connection bus to event loop: Operation not permitted' many times.
> 
> Network automatic setup failed, but subsequent manual ifconfig was ok (I can 
> curl to a server in this LAN segment).
> 
> Logging does not work (no dmesg, no journalctl for failed services, although 
> there are some lines in common `journalctl -l`).
> 
> A mysql (mariadb) server has started and initialized its database ;) Its 
> consumers, even scripted ones (a schema uploader/verifier), did not. Many 
> units report that they failed to run their 'start' tasks with 'Operation not 
> permitted' (maybe passed up from bus-connection attempts).
> 
> Requesting `systemctl status` or `systemctl restart` of services fails 
> (Connection reset by peer). Not sure what it connects to - in our project OS 
> image there is no D-Bus, so in true Linux a simple user can not use systemd 
> tools, but for a root (or via sudo) there were no issues using it.
> 
> Login works both on system console (from zlogin -C) and from GZ (simply 
> zlogin). `poweroff` from inside guest zone sends a message that it will go 
> down, and does nothing. `zoneadm halt` from GZ works.
> 
> Setting kernel version in zone attrs to '3.18.0' did not seem to break nor 
> fix anything, but the value is seen in `uname -a`.
> 
I see no of the above errors using my tarballs which is of no surprise
since my tarballs does not use systemd;-)

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
A new chef from India was fired a week after starting the job.
He kept favoring curry.


pgpFvgVSY7ziW.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-12 Thread Dan McDonald 
Basically, you need to delegate the highres_clock permission to the zone.  Look 
for "proc_clock_highres" in your /usr/lib/brand/lx/config.xml file.  If it's 
not there, add the line per the commit I indicated.

Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-12 Thread Jim Klimov 
12 августа 2016 г. 17:46:29 CEST, Dan McDonald  пишет:
>Also, do you have this fix in place?
>
>commit f35040a7b2d3acea4f879afbc7ae4d8bfa09b575
>Author: Dan McDonald 
>Date:   Mon Aug 8 17:17:31 2016 -0400
>
>systemd kool-aid drinkers (e.g. Ubuntu 16) need proc_clock_highres
>privileges
>
>
>Dan

I can only guess :-) I installed the LX publisher as 'omnios' into another BE, 
ran `pkg update` and `pkg install brand/lx` there, all today. So if you have 
this patch built and published - should be here :-)

Also, FWIW, our images are not Dockers to the best of my knowledge (i confess i 
didn't well "get" docker and why it is needed when containers and zones are 
around already). At least, we had a target, recipe and custom scripts to build 
docker, and dropped them to simplify the project.

These OS images we have are just alternate roots with preinstalled packages, 
tarred on a buildhost and untarred into a location of preconfigured LXC 
container on a workstation or other deployment, and we run 'virsh start 
containername' to instantiate it. Or even just 'chroot' into them while 
developing.

Jim
--
Typos courtesy of K-9 Mail on my Samsung Android
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-12 Thread Dan McDonald 
Also, do you have this fix in place?

commit f35040a7b2d3acea4f879afbc7ae4d8bfa09b575
Author: Dan McDonald 
Date:   Mon Aug 8 17:17:31 2016 -0400

systemd kool-aid drinkers (e.g. Ubuntu 16) need proc_clock_highres 
privileges


Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-12 Thread Dan McDonald 
For relative-progress testing, make sure you compare your docker tarballs 
against a Joyent image of the same release.

At least some of the boot errors are both in SmartOS boots of Joyent images 
(which they support and are at least okay enough with to support), and with the 
OmniOS version.

This is all still a long way off from being ready for prime time.  I'm doing a 
lot of code-cleanup (some of which I hope to give to Joyent) so I can place LX 
support into the mainline "master" branch of illumos-omnios in time for 
r151020.  I appreciate hearing about these experiments, even if I can't act 
upon them all immediately.  I like the idea of having some other flag for 
"zoneadm install" to eat docker tarballs.

Thanks!
Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-12 Thread Jim Klimov 
10 августа 2016 г. 1:20:19 CEST, Michael Rasmussen  пишет:
>On Wed, 10 Aug 2016 00:11:39 +0200
>Michael Rasmussen  wrote:
>
>> I have taken the liberty to extend your script to handle gzipped
>> tarballs of a root filesystem using the argument -t. With the stuff I
>> have added I was able to use the script to install a lxc prepared
>> tarball of Debian stable with your install script;-)
>> 
>By the way. Linux LXC prepared tarballs can be downloaded here:
>http://download.proxmox.com/images/system/
>
>The one I used is this one:
>http://download.proxmox.com/images/system/debian-8.0-standard_8.0-1_amd64.tar.gz

Michael, thanks for posting the script. There was a typo to fix (un-tarring 
goes into ZONEPATH not ZONEPATH_DS, and a 'gtar' worked better for my tarball).

One Linux-based project I work with builds OS images into Debian 8 tarballs 
that can run as the rootfs of an LXC container or via chroot, either way 
without a kernel of its own. It seemed natural to try it out as a zone :-)

The systemd startup reported failures of mounting /tmp (not permitted). Kernel 
device manager (udevd) also failed (maybe because it can't create /dev/xconsole 
fifo - 'not implemented'). And Load/Save random seed (/dev/urandom - permission 
denied). Also says something about 'Failed to attach new connection bus to 
event loop: Operation not permitted' many times.

Network automatic setup failed, but subsequent manual ifconfig was ok (I can 
curl to a server in this LAN segment).

Logging does not work (no dmesg, no journalctl for failed services, although 
there are some lines in common `journalctl -l`).

A mysql (mariadb) server has started and initialized its database ;) Its 
consumers, even scripted ones (a schema uploader/verifier), did not. Many units 
report that they failed to run their 'start' tasks with 'Operation not 
permitted' (maybe passed up from bus-connection attempts).

Requesting `systemctl status` or `systemctl restart` of services fails 
(Connection reset by peer). Not sure what it connects to - in our project OS 
image there is no D-Bus, so in true Linux a simple user can not use systemd 
tools, but for a root (or via sudo) there were no issues using it.

Login works both on system console (from zlogin -C) and from GZ (simply 
zlogin). `poweroff` from inside guest zone sends a message that it will go 
down, and does nothing. `zoneadm halt` from GZ works.

Setting kernel version in zone attrs to '3.18.0' did not seem to break nor fix 
anything, but the value is seen in `uname -a`.

Hope these ramblings help,
Jim Klimov


--
Typos courtesy of K-9 Mail on my Samsung Android
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-10 Thread Dan McDonald 
If I do anything like this, I will likely follow the SmartOS lead and use 
zonecfg(1M) properties to feed desired IP configurations into the zone's 
properties, which can then be handled by boot scripts, install scripts, or even 
lxinit or zoneadmd binaries.

Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-10 Thread Michael Rasmussen 
Hi Dan,

On Tue, 9 Aug 2016 18:49:20 -0400
Dan McDonald  wrote:

> Can't use Linux network configuration.  Use /native/sbin/ipadm and 
> /native/sbin/route.  (You will also need to add those to some sort of boot 
> script in-zone for now.)
> 
>   /native/sbin/ipadm create-addr -t -T static -a / lx0/v4
> 
Been thinking about this and I have a suggestion.
1) The lx_install script could be extended with an option to specify
guest OS
2) A number of prepared templates for each supported guest OS is created
3) According to the specified guest OS, given it is supported, the
matching template is used to tailor a boot script in the top zone
folder with the needed configuration for network, route, and resolv.conf
4) When the command to boot the zone is called prior to booting the
zone this boot script is read to populate network, route, and
resolv.conf in the guest OS. This can later be extended to other guest
OS specific configuration

The top zone folder will look like this:
lx_zone---
 |
 ---  dev (folder)
 |
 ---  root (folder)
 |
 ---  boot.ini 

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
To fear love is to fear life, and those who fear life are already three
parts dead.
-- Bertrand Russell


pgpkpCbocO1h4.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-10 Thread Bob Friesenhahn 

On Tue, 9 Aug 2016, Dan McDonald wrote:


Can't use Linux network configuration.  Use /native/sbin/ipadm and 
/native/sbin/route.  (You will also need to add those to some sort of boot 
script in-zone for now.)


I think that any program using netlink and rtnetlink sockets (similar 
in operation to routing sockets) 
(http://man7.org/linux/man-pages/man7/netlink.7.html, 
http://man7.org/linux/man-pages/man7/rtnetlink.7.html) will not work 
whereas some deprecated ioctls may work.


This is problematic since Linux programs configuring or querying 
network topology/configuration are supposed to use netlink now and 
ioctls are deprecated.


The Linux 'ip' command uses netlink whereas legacy 'ifconfig' may 
be using ioctls.


Illumos could provide an emulation of netlink sockets, but of course 
this would be a lot of work.


Bob
--
Bob Friesenhahn
bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,http://www.GraphicsMagick.org/
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-10 Thread Dan McDonald 

> On Aug 10, 2016, at 1:35 PM, Bob Friesenhahn  
> wrote:
> 
> Illumos could provide an emulation of netlink sockets, but of course this 
> would be a lot of work.

Oh gawd don't go there.  Please.

>From the lead author of PF_KEYv2,
Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Dan McDonald 
Yeah - there's no "native apps storage" in LX zones currently.  SmartOS gets 
around this by their zonecfg properties (set by vmadm) and runtime code.  I'm 
not 100% sure how to solve this problem myself. I don't want to unravel  the 
entire SmartOS sweater.

Dan

Sent from my iPhone (typos, autocorrect, and all)

> On Aug 9, 2016, at 7:08 PM, Michael Rasmussen  wrote:
> 
> On Tue, 9 Aug 2016 18:49:20 -0400
> Dan McDonald  wrote:
> 
>> Can't use Linux network configuration.  Use /native/sbin/ipadm and 
>> /native/sbin/route.  (You will also need to add those to some sort of boot 
>> script in-zone for now.)
>> 
>>/native/sbin/ipadm create-addr -t -T static -a / lx0/v4
>> 
>> Dan
> This works. However trying to persist default gateway fails?
> # /native/sbin/route -p add default 10.0.3.254
> add net default: gateway 10.0.3.254
> route: failed to open route file: No such file or directory
> 
> 
> -- 
> Hilsen/Regards
> Michael Rasmussen
> 
> Get my public GnuPG keys:
> michael  rasmussen  cc
> http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
> mir  datanom  net
> http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
> mir  miras  org
> http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
> --
> /usr/games/fortune -es says:
> But you'll notice Perl has a goto.
>-- Larry Wall in <199710211624.jaa17...@wall.org>
> ___
> OmniOS-discuss mailing list
> OmniOS-discuss@lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Michael Rasmussen 
On Wed, 10 Aug 2016 00:11:39 +0200
Michael Rasmussen  wrote:

> I have taken the liberty to extend your script to handle gzipped
> tarballs of a root filesystem using the argument -t. With the stuff I
> have added I was able to use the script to install a lxc prepared
> tarball of Debian stable with your install script;-)
> 
By the way. Linux LXC prepared tarballs can be downloaded here:
http://download.proxmox.com/images/system/

The one I used is this one:
http://download.proxmox.com/images/system/debian-8.0-standard_8.0-1_amd64.tar.gz

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
That's the funniest thing I've ever heard and I will _not_ condone it.
-- DyerMaker, 17 March 2000 MegaPhone radio show


pgpNVDOfW4d_o.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Michael Rasmussen 
On Tue, 9 Aug 2016 18:49:20 -0400
Dan McDonald  wrote:

> Can't use Linux network configuration.  Use /native/sbin/ipadm and 
> /native/sbin/route.  (You will also need to add those to some sort of boot 
> script in-zone for now.)
> 
>   /native/sbin/ipadm create-addr -t -T static -a / lx0/v4
> 
> Dan
> 
This works. However trying to persist default gateway fails?
# /native/sbin/route -p add default 10.0.3.254
add net default: gateway 10.0.3.254
route: failed to open route file: No such file or directory


-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
But you'll notice Perl has a goto.
-- Larry Wall in <199710211624.jaa17...@wall.org>


pgp7pj1dI5pRJ.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Michael Rasmussen 
On Tue, 9 Aug 2016 18:49:20 -0400
Dan McDonald  wrote:

> Can't use Linux network configuration.  Use /native/sbin/ipadm and 
> /native/sbin/route.  (You will also need to add those to some sort of boot 
> script in-zone for now.)
> 
>   /native/sbin/ipadm create-addr -t -T static -a / lx0/v4
> 
> Dan
> 
But using the deprecated way works?
root@localhost:~# ifconfig lx0 10.0.3.130 netmask 255.255.255.0 up
root@localhost:~# ifconfig 
loLink encap:Local Loopback  
  inet addr:127.0.0.1  Mask:255.0.0.0
  inet6 addr: ::1/128 Scope:Host
  UP LOOPBACK RUNNING MULTICAST  MTU:8232  Metric:1
  RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0 
  RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lx0   Link encap:Ethernet  HWaddr 02:08:20:76:8f:0c  
  inet addr:10.0.3.130  Bcast:10.255.255.255  Mask:255.255.255.0
  inet6 addr: fe80::8:20ff:fe76:8f0c/10 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:250 errors:0 dropped:0 overruns:0 frame:0
  TX packets:88 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1 
  RX bytes:39243 (38.3 KiB)  TX bytes:8836 (8.6 KiB)

Ping Omnios
# ping 10.0.3.20
PING 10.0.3.20 (10.0.3.20) 56(84) bytes of data.
64 bytes from 10.0.3.20: icmp_seq=1 ttl=255 time=0.178 ms
64 bytes from 10.0.3.20: icmp_seq=2 ttl=255 time=0.083 ms

but I cannot configure default route?
# ping -c 3 8.8.8.8
connect: Network is unreachable
root@localhost:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
10.0.3.00.0.0.0 255.255.255.0   U 0  00 lx0
root@localhost:~# route add default gw 10.0.3.254 lx0
SIOCADDRT: Operation not supported
root@localhost:~# ip route add 10.0.3.254/24 dev lx0
RTNETLINK answers: Unknown error -122
root@localhost:~# ip route add 10.0.3.0/24 via 10.0.3.254
RTNETLINK answers: Unknown error -122

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
  Referring to a book: I read part of it all the way through.
-- Samuel Goldwyn


pgpj976cfI440.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Dan McDonald 
Can't use Linux network configuration.  Use /native/sbin/ipadm and 
/native/sbin/route.  (You will also need to add those to some sort of boot 
script in-zone for now.)

/native/sbin/ipadm create-addr -t -T static -a / lx0/v4

Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Michael Rasmussen 
On Wed, 10 Aug 2016 00:11:39 +0200
Michael Rasmussen  wrote:

> Hi Dan,
> 
> On Tue, 9 Aug 2016 16:08:11 -0400
> Dan McDonald  wrote:
> 
> > Look in the script /usr/lib/brand/lx/lx_install to see what I mean.
> >   
> Nice.
> 
> I have taken the liberty to extend your script to handle gzipped
> tarballs of a root filesystem using the argument -t. With the stuff I
> have added I was able to use the script to install a lxc prepared
> tarball of Debian stable with your install script;-)
> 
Seems to be problems with netconfig:
root@localhost:~# ip a show lx0
2: lx0:  mtu 1500 qlen 1
link/ether 02:08:20:76:8f:0c
inet 0.0.0.0/0 scope global dynamic 
inet6 fe80::8:20ff:fe76:8f0c/10 scope link dynamic 
root@localhost:~# ip a add 10.0.3.200/255.255.255.0 dev lx0
RTNETLINK answers: Unknown error -122

# cat /etc/network/interfaces
# AUTOMATIC ZONE CONFIG
iface lo inet manual
iface lx0 inet manual

# dladm show-vnic
LINK OVER SPEED  MACADDRESSMACADDRTYPE VID
lx0  vioif0   1000   2:8:20:76:8f:crandom  0

# zonecfg -z lx0 info
zonename: lx0
zonepath: /rpool/zones/debian
brand: lx
autoboot: false
bootargs: 
pool: 
limitpriv: 
scheduling-class: 
ip-type: exclusive
hostid: 
fs-allowed: 
net:
address not specified
allowed-address not specified
physical: lx0
defrouter not specified
attr:
name: kernel-version
type: string
value: 3.16.0

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
Macho does not prove mucho.
-- Zsa Zsa Gabor


pgp0YuqeP9LpD.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Michael Rasmussen 
Hi Dan,

On Tue, 9 Aug 2016 16:08:11 -0400
Dan McDonald  wrote:

> Look in the script /usr/lib/brand/lx/lx_install to see what I mean.
> 
Nice.

I have taken the liberty to extend your script to handle gzipped
tarballs of a root filesystem using the argument -t. With the stuff I
have added I was able to use the script to install a lxc prepared
tarball of Debian stable with your install script;-)

root@localhost:~# uname -a
Linux localhost 3.16.0 BrandZ virtual linux x86_64 GNU/Linux

root@localhost:~# ls -l /
total 33
drwxr-xr-x  2 root root  108 Jun 30  2015 bin
drwxr-xr-x  2 root root2 May  4  2015 boot
drwxr-xr-x 62 root sys12 Aug  9 21:58 dev
drwxr-xr-x 69 root root  151 Aug  9 21:58 etc
drwxr-xr-x  2 root root2 May  4  2015 home
drwxr-xr-x 12 root root   23 Jun 30  2015 lib
drwxr-xr-x  2 root root3 Jun 30  2015 lib64
drwxr-xr-x  2 root root2 Jun 30  2015 media
drwxr-xr-x  2 root root2 Jun 30  2015 mnt
drwxr-xr-x  9 root root9 Aug  9 21:58 native
drwxr-xr-x  2 root root2 Jun 30  2015 opt
dr-xr-xr-x 95 root root 1520 Aug  9 21:58 proc
drwx--  2 root root4 Jun 30  2015 root
drwxr-xr-x  9 root root 1355 Aug  9 21:58 run
drwxr-xr-x  2 root root  109 Jun 30  2015 sbin
drwxr-xr-x  2 root root2 Jun 30  2015 srv
dr-xr-xr-x  1 root root0 Aug  9 21:58 sys
drwxr-xr-x  4 root root4 Aug  9 21:58 system
drwxrwxrwt  4 root root4 Aug  9 21:58 tmp
drwxr-xr-x 10 root root   10 Jun 30  2015 usr
drwxr-xr-x 12 root root   14 Aug  9 21:58 var

I have simply added in the installed script so no diff (Sorry, bad move
but I got exited ;-)

# cat /usr/lib/brand/lx/lx_install #!/bin/ksh -p
#
# This file and its contents are supplied under the terms of the
# Common Development and Distribution License ("CDDL"), version 1.0.
# You may only use this file in accordance with the terms of version
# 1.0 of the CDDL.
#
# A full copy of the text of the CDDL should have accompanied this
# source.  A copy of the CDDL is also available via the Internet at
# http://www.illumos.org/license/CDDL.
#
# Copyright 2016 Joyent, Inc.  All rights reserved.
# Copyright 2016 OmniTI Computer Consulting, Inc.  All rights reserved.
#

PATH=/bin:/usr/bin:/usr/sbin
export PATH

. /usr/lib/brand/shared/common.ksh

ZFS_SEED=""
TAR_SEED=""

bad_usage() {
echo "LX zone install bad option"
echo "Available options are:"
echo "  -s   Path to ZFS send stream or gzip thereof"
echo "  -t   Path to gzipped tarball of root" 
exit $ZONE_SUBPROC_USAGE
}

while getopts "R:s:t:z:" opt
do
case "$opt" in
R)  ZONEPATH="$OPTARG";;
z)  ZONENAME="$OPTARG";;
s)  ZFS_SEED="$OPTARG";;
t)  TAR_SEED="$OPTARG";;
*)  bad_usage ;;
esac
done
shift OPTIND-1

if [[ $ZFS_SEED == "" && $TAR_SEED == "" ]]; then
echo "The -s  or -t "
echo "argument is required for LX installation."
bad_usage
fi

# Set the ZONEPATH_DS variable so we know the zone's dataset.
get_zonepath_ds $ZONEPATH

# Do something based on whatever ZFS_SEED is.

if [[ -n $ZFS_SEED ]]; then
if [[! -f $ZFS_SEED ]]; then
echo "Seed file $ZFS_SEED not found."
# XXX KEBE SAYS maybe we can eat a snapshot name here, or even a
# Joyent-style UUID for direct snagging from Joyent's image
# servers.
bad_usage
fi
type=`file -b $ZFS_SEED | awk '{print $1}'`
elif [[ -n $TAR_SEED ]]; then
if [[ ! -f $TAR_SEED ]]; then
echo "Seed file $TAR_SEED not found."
bad_usage
fi
type=tgz
fi

# For now, we are dependent on the output of file(1).
# I'm being cheesy in checking the first word of file(1)'s output.
if [[ $type == "ZFS" ]]; then
zfs recv -F $ZONEPATH_DS < $ZFS_SEED
RESULT=$? 
MSG="ZFS receive command failed"
elif [[ $type == "gzip" ]]; then
gunzip -c $ZFS_SEED | zfs recv -F $ZONEPATH_DS
RESULT=$?
MSG="ZFS receive command failed"
elif [[ $type == "tgz" ]]; then
mkdir $ZONEPATH_DS/root
chmod 755 $ZONEPATH_DS/root
tar -xzf $TAR_SEED -C $ZONEPATH_DS/root
RESULT=$?
MSG="TAR command failed"
else
echo "Seed file $ZFS_SEED not a ZFS receive (or compressed) one."
bad_usage
fi

if [[ $RESULT != 0 ]]; then
   echo "$MSG ($RESULT)."
   exit $ZONE_SUBPROC_FATAL
fi

# One Joyent-ism we need to clean up.
if [[ -d $ZONEPATH/cores ]]; then
rmdir $ZONEPATH/cores
fi

exit 0

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
What does it mean if there is no fortune for you?


pgpUHdgyrpcz0.pgp
Description: OpenPGP digital signature

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Michael Rasmussen 
On Tue, 9 Aug 2016 13:45:03 -0400
Dan McDonald  wrote:

> Is this a regression?  Or it never worked?  If the former, when was the last 
> media to work?  If the latter, we should fix caiman or the .xml files we use 
> to feed it.
> 
Not a regression but since this has been a issue for years I thought
some how that this would have been fixed by now.

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
I've run DOOM more in the last few days than I have the last few
months.  I just love debugging ;-)
(Linus Torvalds)


pgpipaFN5NkE4.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Dan McDonald 

> On Aug 9, 2016, at 4:01 PM, Michael Rasmussen  wrote:
> 
> On Tue, 9 Aug 2016 20:54:01 +0100
> Peter Tribble  wrote:
> 
>> 
>> All I did was replace the zfs bit in lx_install with
>> 
> What 'zfs bit in lx_install' do you refer to?

Look in the script /usr/lib/brand/lx/lx_install to see what I mean.

Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Michael Rasmussen 
On Tue, 9 Aug 2016 20:54:01 +0100
Peter Tribble  wrote:

> 
> All I did was replace the zfs bit in lx_install with
> 
What 'zfs bit in lx_install' do you refer to?

I would like to test a prebuild Debian tar.gz for LXC on Linux.

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
He hated being thought of as one of those people that wore stupid
ornamental armour. It was gilt by association.
-- Terry Pratchett, "Night Watch"


pgpUb6xTYIdwn.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Dan McDonald 

> On Aug 9, 2016, at 3:37 PM, Peter Tribble  wrote:
> 
> Dan,
> 
> On Tue, Aug 9, 2016 at 3:20 PM, Dan McDonald  wrote:
> Not yet.  Recommended course is to install bloody, then switch publishers to 
> the one I mentioned earlier.  There are some fixes for systemd images not on 
> the publisher yet.
> 
> Please read the README for io-lx for details on Installing an LX zone:
> 
> https://github.com/danmcd/io-lx-public/blob/master/README
> 
> Neat. I tried it once the official way (using joyent images), then reworked
> it to use images from docker export (which generates simple tarballs).
> 
> This is the base Alpine docker image:
> 
> lx0:/# uname -a
> Linux lx0 4.4.15 BrandZ virtual linux x86_64 Linux

Oh cool!  I used an Alpine from Joyent early on.

Tell me, would you like "zoneadm -z lx0 install -s " to work as well?  
I don't think it does currently, but it should.

Thanks,
Dan


___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Peter Tribble 
Dan,

On Tue, Aug 9, 2016 at 3:20 PM, Dan McDonald  wrote:

> Not yet.  Recommended course is to install bloody, then switch publishers
> to the one I mentioned earlier.  There are some fixes for systemd images
> not on the publisher yet.
>
> Please read the README for io-lx for details on Installing an LX zone:
>
> https://github.com/danmcd/io-lx-public/blob/master/README
>

Neat. I tried it once the official way (using joyent images), then reworked
it to use images from docker export (which generates simple tarballs).

This is the base Alpine docker image:

lx0:/# uname -a
Linux lx0 4.4.15 BrandZ virtual linux x86_64 Linux

-- 
-Peter Tribble
http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Dan McDonald 

> On Aug 9, 2016, at 12:03 PM, Michael Rasmussen  wrote:
> 
> Hi Dan,
> 
> On Tue, 9 Aug 2016 10:16:24 -0400
> Dan McDonald  wrote:
> 
>> Oh yes.  All of my LX zone testing thus far has been on VMware fusion VMs on 
>> my laptop.
>> 
> Latest Omnios Bloody does not install on virtio-blk - installer cannot
> detect disk.

Is this a regression?  Or it never worked?  If the former, when was the last 
media to work?  If the latter, we should fix caiman or the .xml files we use to 
feed it.

Dan

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Michael Rasmussen 
Hi Dan,

On Tue, 9 Aug 2016 10:16:24 -0400
Dan McDonald  wrote:

> Oh yes.  All of my LX zone testing thus far has been on VMware fusion VMs on 
> my laptop.
> 
Latest Omnios Bloody does not install on virtio-blk - installer cannot
detect disk.

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E
mir  datanom  net
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C
mir  miras  org
http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917
--
/usr/games/fortune -es says:
Licensed and bonded.


pgpbWmFFnnf8M.pgp
Description: OpenPGP digital signature
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread PÁSZTOR György 
Hi Dan,

"Stephan Budach"  írta 2016-08-09 15:00-kor:
> I'd love to be able to actually spend any time on this, but my workload 
> doesn't allow it??? I hope to get into this at the end of september.
> Don't give up on it, please??? ;)

+1

The same case here. I tried it the first time, you mentioned this on the
list. Al-something worked. Then I had no more time to deal with that.
I changed country a month ago. Most of my stuff is still at my "from"
country. I have now only my old laptop from '11, with an ubuntu 12.04, so I
could try your improvements on that, in a virtualbox.
My omnios nas is still at the "from" country, so I do not even have space
for backup data from my laptop, (and wipe that old over-hacked ubuntu, so
finally I could replace it with a more recent something.)

So, please keep up the good work!
As soon as the things calm down around me, I plan to test, even contribute
my ideas around the installation of an lx zones.
eg.: one of my ideas was, to improve the zone installer part, and instead
of wrapping out prepared zfs dataset tin, we can use some more generic,
like debootstrapping debian-ish (eg.: ubuntu) systems.
There is also a debootstrap-like tool for rpm-based systems, but I do not
remember the name of it from the top of my head.
At least, my opinion is that, if we create an installation method onec than
it needs minimal maintenance later for supporting newer debian/ubuntu
versions.

Cheers,
Gyu
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Dan McDonald 
Not yet.  Recommended course is to install bloody, then switch publishers to 
the one I mentioned earlier.  There are some fixes for systemd images not on 
the publisher yet.

Please read the README for io-lx for details on Installing an LX zone:

https://github.com/danmcd/io-lx-public/blob/master/README

Dan

Sent from my iPhone (typos, autocorrect, and all)

> On Aug 9, 2016, at 4:05 AM, Peter Tribble  wrote:
> 
> Dan,
> 
>> I've not heard from anyone, so I'm going to assume nobody has played with LX 
>> zones on OmniOS yet.
> 
> Is there an ISO image to play with?
> 
> -- 
> -Peter Tribble
> http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Dan McDonald 
Oh yes.  All of my LX zone testing thus far has been on VMware fusion VMs on my 
laptop.

Dan

Sent from my iPhone (typos, autocorrect, and all)

> On Aug 9, 2016, at 12:01 AM, Tobi Oetiker  wrote:
> 
> hi dan
> 
> great news ... a question ... for testing this, a vm would be fine, right?
> 
> cheers
> tobi
> 
> Tobias Oetiker
> t...@oetiker.ch
> 062 775 9902
> 
>> On 09.08.2016, at 00:21, Dan McDonald  wrote:
>> 
>> I just pushed two commits to io-lx-public:
>> 
>> commit f35040a7b2d3acea4f879afbc7ae4d8bfa09b575
>> Author: Dan McDonald 
>> Date:   Mon Aug 8 17:17:31 2016 -0400
>> 
>>   systemd kool-aid drinkers (e.g. Ubuntu 16) need proc_clock_highres 
>> privileges
>> 
>> commit 179ef6d69f69f2c5fb540fecf8cc3707168fb76f
>> Author: Dan McDonald 
>> Date:   Thu Aug 4 10:47:33 2016 -0400
>> 
>>   libdladm needs to be a bit more LX-aware
>> 
>> 
>> The most recent has allowed me to boot Ubuntu 16 *AND* CentOS 7.2 on an 
>> OmniOS-hosted LX zone.
>> 
>> I'll be merging with Joyent's stuff again relatively soon and preparing to 
>> spin both a non-LX bloody update and an accompanying LX update on our LX 
>> publisher:
>> 
>>   http://pkg.omniti.com/omnios/LX/
>> 
>> I've not heard from anyone, so I'm going to assume nobody has played with LX 
>> zones on OmniOS yet.  It's still "alpha/beta"-y IMHO, but I really could use 
>> the feedback, especially from people with more Linux experience than me.  (I 
>> *rarely* have used UNIX variants outside of MacOS X and Solarish ones for 
>> the past 20 years, and most of those exceptions were for IPsec 
>> interoperability testing back when I was at Sun.)
>> 
>> We're contemplating including "LX Beta" in OmniOS r151020, as preparation 
>> for r151022 (i.e. the Next LTS release) to include LX zones.  Your feedback 
>> should be invaluable in helping us guide things in.
>> 
>> Thanks,
>> Dan
>> 
>> ___
>> OmniOS-discuss mailing list
>> OmniOS-discuss@lists.omniti.com
>> http://lists.omniti.com/mailman/listinfo/omnios-discuss
> 
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Stephan Budach 

Hi Dan,

I'd love to be able to actually spend any time on this, but my workload 
doesn't allow it… I hope to get into this at the end of september.

Don't give up on it, please… ;)

Cheers,
Stephan

Am 09.08.16 um 10:05 schrieb Peter Tribble:

Dan,

I've not heard from anyone, so I'm going to assume nobody has
played with LX zones on OmniOS yet.


Is there an ISO image to play with?

--
-Peter Tribble
http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/


___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-09 Thread Peter Tribble 
Dan,

I've not heard from anyone, so I'm going to assume nobody has played with
> LX zones on OmniOS yet.
>

Is there an ISO image to play with?

-- 
-Peter Tribble
http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX for OmniOS update

2016-08-08 Thread Tobi Oetiker 
hi dan

great news ... a question ... for testing this, a vm would be fine, right?

cheers
tobi

Tobias Oetiker
t...@oetiker.ch
062 775 9902

> On 09.08.2016, at 00:21, Dan McDonald  wrote:
> 
> I just pushed two commits to io-lx-public:
> 
> commit f35040a7b2d3acea4f879afbc7ae4d8bfa09b575
> Author: Dan McDonald 
> Date:   Mon Aug 8 17:17:31 2016 -0400
> 
>systemd kool-aid drinkers (e.g. Ubuntu 16) need proc_clock_highres 
> privileges
> 
> commit 179ef6d69f69f2c5fb540fecf8cc3707168fb76f
> Author: Dan McDonald 
> Date:   Thu Aug 4 10:47:33 2016 -0400
> 
>libdladm needs to be a bit more LX-aware
> 
> 
> The most recent has allowed me to boot Ubuntu 16 *AND* CentOS 7.2 on an 
> OmniOS-hosted LX zone.
> 
> I'll be merging with Joyent's stuff again relatively soon and preparing to 
> spin both a non-LX bloody update and an accompanying LX update on our LX 
> publisher:
> 
>http://pkg.omniti.com/omnios/LX/
> 
> I've not heard from anyone, so I'm going to assume nobody has played with LX 
> zones on OmniOS yet.  It's still "alpha/beta"-y IMHO, but I really could use 
> the feedback, especially from people with more Linux experience than me.  (I 
> *rarely* have used UNIX variants outside of MacOS X and Solarish ones for the 
> past 20 years, and most of those exceptions were for IPsec interoperability 
> testing back when I was at Sun.)
> 
> We're contemplating including "LX Beta" in OmniOS r151020, as preparation for 
> r151022 (i.e. the Next LTS release) to include LX zones.  Your feedback 
> should be invaluable in helping us guide things in.
> 
> Thanks,
> Dan
> 
> ___
> OmniOS-discuss mailing list
> OmniOS-discuss@lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
> 

___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss

Re: [OmniOS-discuss] LX on OmniOS update

2016-07-01 Thread wonko 
You are amazing. Keep up the great work. We love you!!

I'll test this out as I have time. I'm very excited for this!

-brian

> On Jul 1, 2016, at 15:04, Dan McDonald  wrote:
> 
> Hello!
> 
> I'm BCc:ing the illumos developer and illumos discussion lists.  This thread 
> should continue on omnios-discuss.  Please note I will be very slow to get 
> back to emails until July 12th.
> 
> I'd like to report some progress on the LX zones for OmniOS work.
> 
> First some URLs.  The git repos are:
> 
>https://github.com/danmcd/io-lx-public/
> 
>https://github.com/danmcd/ob-lx-public/
> 
> The latter has only one small change in its manifests.  The former is where 
> the big work is.  Feel free to clone/pull and toy around. At this time, I 
> will consider PRs, but likely not issues unless they accompany a PR.  If you 
> have LX-for-OmniOS suggestions or issues, please bring them up on the 
> omnios-discuss mailing list.
> 
> I have webrevs of io-lx against illumos-omnios AND against illumos-joyent:
> 
>http://kebe.com/~danmcd/webrevs/io-lx-public/
> 
>http://kebe.com/~danmcd/webrevs/io-lx-public-vs-joyent/
> 
> And finally, I have an IPS server with bloody + LX on it.  You should 
> retarget your "omnios" publisher on a bloody install to it if you want to try 
> them out:
> 
>http://pkg.omniti.com/omnios/LX/
> 
> The bits so far are able to install an LX zone.  Here's a sample zone 
> configuration (you'll have to create an "lx0" vNIC):
> 
> # zonecfg -z lx0 export
> create -b
> set zonepath=/zones/lx0
> set brand=lx
> set autoboot=false
> set ip-type=exclusive
> add net
> set physical=lx0
> end
> # 
> 
> To install an LX zone on OmniOS, first you must install the LX brand:
> 
>pkg install brand/lx
> 
> then you need either a compressed or uncompressed ZFS send stream.  The 
> Joyent image repo has these compressed.  To grab one for Alpine, e.g.:
> 
>curl -O alpine.gz 
> https://images.joyent.com/images/d8830f1e-3680-11e6-be72-2ba188e02d31/file
> 
> The UUID portion of that URL can be modifed to match a given "imgadm" UUID 
> you find on a SmartOS box.
> 
> Once you have that, place it somewhere and use its absolute path:
> 
>zoneadm -z lx0 install -s /path/to/alpine.gz
> 
> You can then ATTEMPT to boot the zone:
> 
>zoneadm -z lx0 boot
> 
> ONLY ALPINE is known to reach a login prompt on the console.  You will also 
> have to manually configure networking on it using the /native tools:
> 
>/native/sbin/ifconfig lx0 addr/prefix up
> 
> In the limited testing I've done thus far, Alpine appears to work.  Note my 
> phrasing "appears to work".  I've been able to configure networking using 
> /native tools and been able to ssh in once I've edited /etc/ssh/sshd_config 
> to be more permissive.
> 
> NOTE:  LX zones and their Datasets are currently independent of boot 
> environments.  One of the upcoming design decisions is how to handle LX zones 
> on OmniOS, where BEs are very important.  Input on this mailing list would be 
> appreciated.  Currently, if you change BEs, you may not have an LX zone 
> configured, but its dataset will still be around.  You can use "zoneadm 
> attach" after "zonecfg" if you wish.
> 
> Two other distro images -- Ubuntu 14.04 and Centos 6.8 -- have been 
> attempted, but their /sbin/init exits with EBADF on a writev to stdout (fd == 
> 2).  I suspect I'm doing something wrong with them (as pfiles(1) shows me no 
> open FDs on /sbin/init), but I will not have time to debug them until July 
> 12th at the earliest.  I will also be mostly away from email during this time 
> as well.
> 
> It's progress.  Thanks go out to Joyent folks who've been VERY HELPFUL and 
> whose LX code has been mostly free of SmartOS-specific assumptions thus far.  
> Thus far I've had to make only one change to zoneadmd that's truly deviant 
> from illumos-joyent and not just a merge or mismerge.
> 
> Happy (alpine-only) LX-ing,
> Dan
> 
> ___
> OmniOS-discuss mailing list
> OmniOS-discuss@lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
___
OmniOS-discuss mailing list
OmniOS-discuss@lists.omniti.com
http://lists.omniti.com/mailman/listinfo/omnios-discuss