Re: [Vserver] Vserver copy. The saga continues!

2007-07-12 Thread Chuck
On Thursday 12 July 2007 13:55, Roderick A. Anderson wrote:

when i copy a template for a new server i find the easiest thing is simply 
copy an existing vserver in /etc over to the new name and edit a couple files 
and its done


 The builds using rsync are going well but this has created a bit of a 
 problem.  Typically I build using yum as the method.  This creates all 
 the necessary files in /etc/vservers/guest/apps.  Using rsync doesn't.
 
 Is there a command/incantation to convert a vserver guest to another 
 package-management system like yum, apt-get, etc?
 
 I suspect the pieces to do this are in the vserver script but if the 
 method is just undocumented it would be quicker.
 
 
 TIA,
 Rod
 -- 
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Vserver copy. The saga continues!

2007-07-12 Thread Chuck
On Thursday 12 July 2007 13:55, Roderick A. Anderson wrote:


if i use vserver build with its rsync options it makes the /etc/vserver/guest 
directory for me just like any other build using vserver. are you using rsync 
by itself? maybe thats why. the vserver application automatically makes 
the /etc/vserver/guest areas for anything as far as i know.

i noticed you mention /etc/vserver/guest/apps you use other files besides 
style and mark? i many times use mtab for certain things but i just copy 
a 'template' mtab file in. since most of my guests are not cookie-cutter i 
usually have to modify the settings in the /etc/vserver config area anyway so 
its no big deal to copy/modify capability files, mtab,add name to interfaces 
etc.

i have never gotten into different pkg mgt systems and have never used them to 
build a guest, only to update its own files internally. i suppose i am 'far 
behind the times', but i treat each guest as its own server and run the 
updates internally etc. (doesn't get me in trouble that way :) ).



 The builds using rsync are going well but this has created a bit of a 
 problem.  Typically I build using yum as the method.  This creates all 
 the necessary files in /etc/vservers/guest/apps.  Using rsync doesn't.
 
 Is there a command/incantation to convert a vserver guest to another 
 package-management system like yum, apt-get, etc?
 
 I suspect the pieces to do this are in the vserver script but if the 
 method is just undocumented it would be quicker.
 
 
 TIA,
 Rod
 -- 
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Vserver copy. The saga continues!

2007-07-12 Thread Chuck
On Thursday 12 July 2007 14:50, Roderick A. Anderson wrote:

ahh ok. heh i know enough about yum to be dangerous so i only use it in the 
few centos guests we have and then just do yum update :) everything else we 
have is gentoo based. as soon as the package we use that requires 
centos/rh/debian has a gentoo version we will be switching out to that 
anyway.

 Chuck wrote:
  On Thursday 12 July 2007 13:55, Roderick A. Anderson wrote:
  
  
  if i use vserver build with its rsync options it makes 
the /etc/vserver/guest 
  directory for me just like any other build using vserver. are you using 
rsync 
  by itself? maybe thats why. the vserver application automatically makes 
  the /etc/vserver/guest areas for anything as far as i know.
 
 Nope.  vserver guest build -m rsync ...
 
  i noticed you mention /etc/vserver/guest/apps you use other files besides 
  style and mark? i many times use mtab for certain things but i just copy 
  a 'template' mtab file in. since most of my guests are not cookie-cutter i 
  usually have to modify the settings in the /etc/vserver config area anyway 
so 
  its no big deal to copy/modify capability files, mtab,add name to 
interfaces 
  etc.
 
 Yeah, apps/pkgmgmt/* is not created.  I've done the copy and edit route 
 as you said in your other post but it is such a candidate for scripting 
 I figured it might have been.  But then how often does one change the 
 package management system they are using?  Well beside me.  8-(
 
  i have never gotten into different pkg mgt systems and have never used 
them to 
  build a guest, only to update its own files internally. i suppose i 
am 'far 
  behind the times', but i treat each guest as its own server and run the 
  updates internally etc. (doesn't get me in trouble that way :) ).
 
 Here is the problem.  vyum complains with
 vcontext: execvp(yum): No such file or directory
 
 Which is only one of the missing files.
 
 So I'll be looking in to building yet-another-script to do this or add 
 it to the existing vserver script.  I think it's bash/shell and not python.
 
 
 Thanks for the thoughts,
 Rod
 -- 
  The builds using rsync are going well but this has created a bit of a 
  problem.  Typically I build using yum as the method.  This creates all 
  the necessary files in /etc/vservers/guest/apps.  Using rsync doesn't.
 
  Is there a command/incantation to convert a vserver guest to another 
  package-management system like yum, apt-get, etc?
 
  I suspect the pieces to do this are in the vserver script but if the 
  method is just undocumented it would be quicker.
 
 
  TIA,
  Rod
  -- 
 
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 
  
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Hosts and Guests and NTP; oh my.

2007-07-03 Thread Chuck
On Tuesday 03 July 2007 19:07, Roderick A. Anderson wrote:
 I need to provide time services for the local network (less than 50 
 servers, workstations and Windows boxes) and since that is pretty lite 
 weight I'm thinking of putting it into the guest that will be handling 
 DNS queries.
 
 But ... I'm pretty sure a guest normally can't change the system clock 
 so I plan on having the host run ntpd for setting the system time and 
 the guest provide the service to the network.
 
 Is this a disaster waiting to happen?  Are there any other/better ways 
 to do this?

we run several time servers and to be honest i wouldn't even consider making a 
vserver guest a time server. let the host do it all. it takes literally no 
resources and is easy to configure. our 3 host machines each is a time server 
as well, offering ntp service to different portions of our networks.

the time spent in massaging configurations to allow a vserver to serve time, 
if it can even be done properly,  is better spent in having a nice dinner :)

i have found vservers answer 99.% of my needs, but ntp is one service i 
would not even consider for virtualizing.

my 2 cents anyway :)
 
 
 Thanks,
 Rod
 -- 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] gentoo guest template stage4?!?

2007-06-30 Thread Chuck

i just went to http://people.linux-vserver.org/~hollow/stages/ to get an 
updated install stage for gentoo guests, and saw a stage 4 archive.. umm, not 
to appear dumb, but what in the world is a stage4?


-- 

Chuck




___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] clusters/farms/failovers?

2007-06-22 Thread Chuck
On Friday 22 June 2007 07:10, Raoul Bhatia [IPAX] wrote:
 Chuck wrote:
  after finding some information in other list archives, i see the control 
  doesn't need a lot of horsepower and that 1gb ram is good for approx 5 
  million simultaneous connections! so yeah. that machine can be downgraded 
  quite affordably.
 
 please keep in mind that you will need multiple ip addresses to achieve
 that as you're limited to approx 64k usable ports and therefore
 connections in tcp.
 
 

there are more than 247 unique ip addresses across 4 networks so i think we 
are ok there :)

 for gfs (or better gfs2): i did not succeed in getting it up and
 running. ocfs2 has been no problem.
 
 i had a small talk with the developer of drbd where i came to the
 conclusion that i should favor ocfs2 anyway.
 

will have a look at that also. thank you.

 hth,
 raoul bhatia
 -- 
 
 dipl.-ing. (fh) raoul bhatia  email.[EMAIL PROTECTED]
 IPAX  web.http://www.ipax.at
 chief technician, support irc.  #ipax (quakenet)
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] clusters/farms/failovers?

2007-06-22 Thread Chuck
On Friday 22 June 2007 07:10, Raoul Bhatia [IPAX] wrote:


ugh. ocfs2 may not do for us. it does not support quotas..i have to check if 
they mean disk quota or user quota. we use user disk space  quotas on almost 
everything. that is one option that is not negotiable to break.

Note: Features which OCFS2 does not support yet:
   - extended attributes
 
  │ - shared writeable mmap 
  
  │ - loopback is supported, but data written will not  
  
  │   be cluster coherent.  
  
  │ - quotas
  
  │ - cluster aware flock   
  
  │ - Directory change notification (F_NOTIFY)  
  
  │ - Distributed Caching (F_SETLEASE/F_GETLEASE/break_lease)   
  
  │ - POSIX ACLs
  
  │ - readpages / writepages (not user visible)   


 Chuck wrote:
  after finding some information in other list archives, i see the control 
  doesn't need a lot of horsepower and that 1gb ram is good for approx 5 
  million simultaneous connections! so yeah. that machine can be downgraded 
  quite affordably.
 
 please keep in mind that you will need multiple ip addresses to achieve
 that as you're limited to approx 64k usable ports and therefore
 connections in tcp.
 
 
 for gfs (or better gfs2): i did not succeed in getting it up and
 running. ocfs2 has been no problem.
 
 i had a small talk with the developer of drbd where i came to the
 conclusion that i should favor ocfs2 anyway.
 
 hth,
 raoul bhatia
 -- 
 
 dipl.-ing. (fh) raoul bhatia  email.[EMAIL PROTECTED]
 IPAX  web.http://www.ipax.at
 chief technician, support irc.  #ipax (quakenet)
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] clusters/farms/failovers?

2007-06-21 Thread Chuck
On Thursday 21 June 2007 03:14, Christian Affolter wrote:
 Hi Chuck!
 
  I am in the idea stage for something I am not positive is entirely worth 
the 
  effort and I am in totally uncharted territory.
  
  I am not sure what terminology is i am looking for here... 
 Virtual servers, load balancing, fail over, high availability to name a 
 few ;)
 
ok

  what i am thinking i want to do is:
  
  have 2 hosts one a mirror of the other including all vserver guests etc. 
the 2 
  machines are identical in every way.
  
  rather than have the mirror machine on 'standby' waiting for some fateful 
day 
  it is needed, i would like both servers and all guests to be running 
  simultaneously. this would be accomplished by having everything running 
  unique private network ip addresses. this would allow adding 
  additional 'mirror' machines as necessary.
  
  the existing public ips from the production server we have running would 
be 
  moved to some 'control' computer which would have a listing of the  
private 
  ips that would serve what the public ip wants and would call on either one 
as 
  needed. if one of the private ip servers doesnt respond (down) the control 
  computer would simply choose the working ip until the first one comes back 
  online.
  
  what do i need to do in the 'control' machine to accomplish this? is this 
some 
  kind of configuration that already exists in the linux distro? we run 
gentoo. 
  beowolf (whatever that is)? 
 For the fail over or even load balancing in the future, have a look at 
 the Linux Virtual Server project [1]. Probably the NAT approach [2] 
 suits you best (as you want to use private IP addresses).
 

sounds good. will check that out.

  is there another way of accomplishing what i wish to do? also how messy 
will 
  keeping the mirror machines 'in  sync' be? would i be better off having 
all  
  machines but the controller share a common nfs mount for all the guests?
 Well it depends on what services you're going to run. If you want an 
 active-passive setup (only one backend-servers is running at the same 
 time) you can use NFS. However there are some services which are a 
 little bit hairy to play nice with NFS mounts. Otherwise you can sync 
 your data on the service level ~ replication (if the service provides 
 the ability to do so). Last but not least DRBD block devices [3] is an 
 option to keep machines in sync on the block device level.
 
 If you want to achieve an active-active setup consider to use some sort 
 of SAN or DRBD running with a cluster file system like OCFS2 [4] or GFS 
 [5] (to prevent locking and other issues).
 

will have to read up on this. i think this is what we need rather than trying 
to sync 2 copies.

  some of these virtual servers are very high volume usage so if all the 
data 
  must route through the control computer, i am thinking that computer would 
  have to be a monster. or maybe have several control computers each 
handling a 
  different class of service.
 I don't think they have to be a monster ;) However a fair amount of 
 RAM   would not be amiss.
 

after finding some information in other list archives, i see the control 
doesn't need a lot of horsepower and that 1gb ram is good for approx 5 
million simultaneous connections! so yeah. that machine can be downgraded 
quite affordably.

  sorry if i sound like i have no clue what i am talking about, but that is 
the 
  truth :) , i only think i know what i want to accomplish.
 I'm sure there are other ways to accomplish this (Hardware load 
 balancers etc.), nonetheless I hope I gave you some pointers in the 
 right direction. Remember that this isn't the sort of setup which is up 
 and running in 15min.
 

thank you.. i realize it will take a while. once i decide on a method and 
begin study and implementing testing, i don't expect to be production ready 
for a few months at least, then i would ease over less important services one 
at a time while watching it carefully.. 

i did this with linux-vserver when i first discovered it.. although my 
implementation time was considerably faster, that is due to the ease of setup 
etc, i still took a good 4 months of testing before i set up a true 
production machine. now i put vserver capability on everything including  
workstations 'just in case i need a quick  server for something' :) and in 
fact my personal workstation has another 'workstation' vserver running kde 
that i access via vnc for specialty work and i also allow some of our techs 
to access so they can get graphical access to some servers available only on 
our pvtnet which only my machines have access to.


thanks for the links too. saves a bit of time :)

 
 Good luck and regards
 Chris
 
 
 [1] http://www.linuxvirtualserver.org/
 [2] http://www.linuxvirtualserver.org/VS-NAT.html
 [3] http://www.drbd.org/
 [4] http://oss.oracle.com/projects/ocfs2/
 [5] http://www.redhat.com/software/rha/gfs/
 
 ___
 Vserver

Re: [Vserver] clusters/farms/failovers?

2007-06-21 Thread Chuck
On Thursday 21 June 2007 14:53, Ruben Leote Mendes wrote:
 Hello Chuck,
 
 I believe you will find DRBD + Heartbeat an option for what you want.
 This page in the wiki has some info on how to set it up:
 
 http://oldwiki.linux-vserver.org/Vserver+DRBD
 

thanks! will study it

 Ruben
 
 Em Qui, Junho 21, 2007 02:09, Chuck escreveu:
  I am in the idea stage for something I am not positive is entirely worth
  the
  effort and I am in totally uncharted territory.
 
  I am not sure what terminology is i am looking for here... what i am
  thinking
  i want to do is:
 
  have 2 hosts one a mirror of the other including all vserver guests etc.
  the 2
  machines are identical in every way.
 
  rather than have the mirror machine on 'standby' waiting for some fateful
  day
  it is needed, i would like both servers and all guests to be running
  simultaneously. this would be accomplished by having everything running
  unique private network ip addresses. this would allow adding
  additional 'mirror' machines as necessary.
 
  the existing public ips from the production server we have running would
  be
  moved to some 'control' computer which would have a listing of the
  private
  ips that would serve what the public ip wants and would call on either one
  as
  needed. if one of the private ip servers doesnt respond (down) the control
  computer would simply choose the working ip until the first one comes back
  online.
 
  what do i need to do in the 'control' machine to accomplish this? is this
  some
  kind of configuration that already exists in the linux distro? we run
  gentoo.
  beowolf (whatever that is)?
 
  is there another way of accomplishing what i wish to do? also how messy
  will
  keeping the mirror machines 'in  sync' be? would i be better off having
  all
  machines but the controller share a common nfs mount for all the guests?
 
  some of these virtual servers are very high volume usage so if all the
  data
  must route through the control computer, i am thinking that computer would
  have to be a monster. or maybe have several control computers each
  handling a
  different class of service.
 
  sorry if i sound like i have no clue what i am talking about, but that is
  the
  truth :) , i only think i know what i want to accomplish.
 
 
  --
 
  Chuck
 
 
 
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 
 
 
 -- 
 Rúben Leote Mendes -- [EMAIL PROTECTED]
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] clusters/farms/failovers?

2007-06-20 Thread Chuck
I am in the idea stage for something I am not positive is entirely worth the 
effort and I am in totally uncharted territory.

I am not sure what terminology is i am looking for here... what i am thinking 
i want to do is:

have 2 hosts one a mirror of the other including all vserver guests etc. the 2 
machines are identical in every way.

rather than have the mirror machine on 'standby' waiting for some fateful day 
it is needed, i would like both servers and all guests to be running 
simultaneously. this would be accomplished by having everything running 
unique private network ip addresses. this would allow adding 
additional 'mirror' machines as necessary.

the existing public ips from the production server we have running would be 
moved to some 'control' computer which would have a listing of the  private 
ips that would serve what the public ip wants and would call on either one as 
needed. if one of the private ip servers doesnt respond (down) the control 
computer would simply choose the working ip until the first one comes back 
online.

what do i need to do in the 'control' machine to accomplish this? is this some 
kind of configuration that already exists in the linux distro? we run gentoo. 
beowolf (whatever that is)? 

is there another way of accomplishing what i wish to do? also how messy will 
keeping the mirror machines 'in  sync' be? would i be better off having all  
machines but the controller share a common nfs mount for all the guests?

some of these virtual servers are very high volume usage so if all the data 
must route through the control computer, i am thinking that computer would 
have to be a monster. or maybe have several control computers each handling a 
different class of service.

sorry if i sound like i have no clue what i am talking about, but that is the 
truth :) , i only think i know what i want to accomplish.


-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] best timer freq to use?

2007-06-15 Thread Chuck
On Friday 15 June 2007 13:33, Herbert Poetzl wrote:
 On Thu, Jun 14, 2007 at 03:55:31PM -0400, Chuck wrote:
  also, have the vserver systems been tuned around a certain timer 
frequency?
  
  100? or 1000? or in between somewhere? for best efficiency still allowing 
  remote terminal responsiveness under extremely heavy loads?
 
 100 will give better overall resource utilization
 and allow the system to get slighly more work done,
 1000 OTOH, will increase responsiveness and reduce
 latencies slightly, for the cost of slightly higher
 overhead from the task switching ...
 
 usually 100 is more than fine for non interactive
 systems and up to 50 guests, but you might want to
 raise that to 250 or even 1000 for 100 and more
 guest systems ...

thanks! 

 
 HTC,
 Herbert
 
  -- 
  
  Chuck
  
  
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] best timer freq to use?

2007-06-15 Thread Chuck
On Friday 15 June 2007 13:33, Herbert Poetzl wrote:


any thoughts on my other question on cfq?

 On Thu, Jun 14, 2007 at 03:55:31PM -0400, Chuck wrote:
  also, have the vserver systems been tuned around a certain timer 
frequency?
  
  100? or 1000? or in between somewhere? for best efficiency still allowing 
  remote terminal responsiveness under extremely heavy loads?
 
 100 will give better overall resource utilization
 and allow the system to get slighly more work done,
 1000 OTOH, will increase responsiveness and reduce
 latencies slightly, for the cost of slightly higher
 overhead from the task switching ...
 
 usually 100 is more than fine for non interactive
 systems and up to 50 guests, but you might want to
 raise that to 250 or even 1000 for 100 and more
 guest systems ...
 
 HTC,
 Herbert
 
  -- 
  
  Chuck
  
  
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] best timer freq to use?

2007-06-14 Thread Chuck
also, have the vserver systems been tuned around a certain timer frequency?

100? or 1000? or in between somewhere? for best efficiency still allowing 
remote terminal responsiveness under extremely heavy loads?


-- 

Chuck




___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] I/O CFQ scheduler

2007-06-13 Thread Chuck


i am getting ready to upgrade the kernel from 2.6.19-vs2.2.0-rc2 (vanilla 
kernel)  to the current gentoo vserver-sources (2.6.20-vs2.2.0-gentoo) in our 
production machine and was thinking of using the CFQ scheduler.

in an earlier msg about cfq someone mentioned this:


Compile CFQ I/O scheduler support into the kernel and append the
following parameter to your kernel boot parameters:
elevator=cfq

what is elevator and how does it relate? is it something i should do?

or maybe use deadline instead?

is it worth it on a moderately loaded machine? 

it is currently running 41 guests: 9 reasonably busy web servers, a *very* 
busy email server and also a busy radius server. the rest are lower usage. 

primary host os and most guests are gentoo-amd64 however all of the web 
servers are centos4/x86_64 which chews up *considerably* more resources 
(because a registered package we use requires this os for now). my primary 
concern is if a cfq scheduler change from anticipatory would break any disk 
configs using software raid, lvm2 and user quotas which work perfectly in our 
guests.

during development and implementation of this production server i opted for 
safety with the anticipatory scheduler but now that it has proven itself, i 
feel the need to 'optimize' it a bit.

suggestions?

 On Tue, Jan 24, 2006 at 08:06:38PM +0300, Vasily Tarasov wrote:
  Hello.
  
  Can you tell me, please, can util-vserver-0.30.209 
  http://www.13thfloor.at/vserver/d_rel26/v2.1.0/util-vserver-0.30.209.tar
  work with I/O CFQ Scheduler already?
 
 yes, it's a 'hard-coded' kernel feature of the devel branch
 (for now) 
 
  How?
 
 just enable the cfq i/o scheduler for your system/tasks
 and the accounting will be done per context (guest)
 
 in the future I guess there will be util support to fine
 tune the priorities and set the I/O groups ...
 
 HTH,
 Herbert
 
  
  Thank you.
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck




___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] compatibility question

2007-06-01 Thread Chuck
i am suffering from severe burnout and cannot truly think properly today but i 
need to give the boss an answer anyway :(

we have an amd64 opteron system using tyan motherboard. guests have been 
compiled on this.

if we want to place a mirror server in place for the guests, must we match the 
chipset etc or is it enough that the guest is compiled for amd64? ihave 
received a quote on an exact replica of our production server, but i would 
also like to explore other possibilities for lesser expense, still using the 
opteron processors but possibly different motherboard.

i am talking guests only. i know the host o/s would be uniquely installed.

i guess what i am asking is does the guest care as long as it is the same 
processors? we want to simply copy the guests from one machine to the other 
so if needed the 2nd machine can take over almost immediately.

-- 

Chuck

___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] yum update screwed centos guest

2007-05-19 Thread Chuck
On Saturday 19 May 2007 09:59, Daniel Hokka Zakrisson wrote:
 Chuck wrote:
  we run some centos4 x86_64 guests. just did a yum update today on my 
template 
  and it screwed up the guest. i do not know all of the damage yet, it 
appears 
  to run and the services appear to run but vserver guestname enter no 
longer 
  works. thankfully i always use the template for update testing first ... 
  whew..
  
  i get this when i try:  vlogin: openpty(): No such file or directory
  
  any clues where to look? or should i just restore from a backup and never 
use 
  yum update again? it appears it changes what it will with no regard for 
  existing configuration files.
  
 
 It has nothing to do with configuration files. You just lost a (few?) 
 device nodes. Recreate or restore /dev from a backup, or another guest.
 

oh.. ok so then yum messes with devices as well.. maybe.. ok will do that... 
might have to put that into a script if it keeps doing this every restart..


 -- 
 Daniel Hokka Zakrisson
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] yum update screwed centos guest

2007-05-18 Thread Chuck
we run some centos4 x86_64 guests. just did a yum update today on my template 
and it screwed up the guest. i do not know all of the damage yet, it appears 
to run and the services appear to run but vserver guestname enter no longer 
works. thankfully i always use the template for update testing first ... 
whew..

i get this when i try:  vlogin: openpty(): No such file or directory

any clues where to look? or should i just restore from a backup and never use 
yum update again? it appears it changes what it will with no regard for 
existing configuration files.

-- 

Chuck




___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] possibly dumb question

2007-05-14 Thread Chuck
On Sunday 13 May 2007 23:26, Herbert Poetzl wrote:
 On Sat, May 12, 2007 at 10:51:49AM -0400, Chuck wrote:
  i am installing a workstation which i have no plans to use as a
  vserver host however there may be that possibility in the mid to far
  future...
 
 if you add the Linux-VServer patches, you will find
 an application for the features sooner than you think
 (e.g. limit a service to certain ips, use the CoW
 link breaking to save diskspace ...)
 

heh never thought of using the features elsewhere :) thanks!

btw, a few hours after i sent the original message, i was forced to retire the 
remote kde desktop server i have set up for our other remote admins (psu 
failed 'hot' and several motherboard chips literally exploded) , so now i do 
have a need for a guest :)

  are the kernels produced with the vserver patches 'improved' over std
  kernels and generally work better? or is it by its nature causing
  slight overhead compared to without?
 
 if there is noticeable overhead, it is considered a
 bug and should be reported :)
 
  i guess it boils down to use vserver patches on a normal workstation
  kernel or not? i have this undefined suspicion it is better with but
  would like a more factual answer :)
 
 well, it should not hurt, of course, if you don't
 need it, and/or already patched your kernel with
 several other patches, I would not compile it in
 just for the fun of doing it ...
 
got lazy and installed the gentoo vserver-sources rather than work on a 
vanilla kernel.

 HTH,
 Herbert
 
  -- 
  
  Chuck
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] possibly dumb question

2007-05-12 Thread Chuck
i am installing a workstation which i have no plans to use as a vserver host 
however there may be that possibility in the mid to far future...


are the kernels produced with the vserver patches 'improved' over std kernels 
and generally work better? or is it by its nature causing slight overhead 
compared to without?

i guess it boils down to use vserver patches on a normal workstation kernel or 
not? i have this undefined suspicion it is better with but would like a more 
factual answer :)

-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] behavior i have never seen before

2007-04-30 Thread Chuck
On Monday 30 April 2007 13:30, Herbert Poetzl wrote:

i just found what it was about 30 min ago. turns out the object module loaded 
in nagios that shares data with the npc plugin in cacti is a bit fussy and if 
something goes slightly odd with it, it would lose its mysql connection, go 
dormant and remove nagios from the process list yet nagios would run but not 
interface with the module any more, nor would it have the pid assigned to it.

the real culprit was not enough memory allocated to the various mysql options, 
especially innodb. :)

sorry for the 'noise' on here, its just i had never ever seen this happen 
before. it is all fixed and working properly now and visible in ps. :)

thanks!

 On Sun, Apr 29, 2007 at 07:46:46PM -0400, Chuck wrote:
  
  it just started today. has been behaving before this. i have a vserver 
  configured to run cacti and nagios. oddly nagios runs, but does not show 
in 
  the process listing using ps ax. it once did. when i go to stop it with 
the 
  init scrip it says it cannot find the pid but if i run the init with stop 
  once more it stops it and it truly does.
  
  it appears to be hiding somehow and it appears to function normally.
  
  any clues? i don't know if this is an o/s problem that just developed or a 
  vserver situation or  a nagios configuration that i may have messed up 
  accidently or what.. stopping and starting the vserver does not make it 
  appear in the process listing although it is running.
  
  im running gentoo on the host amd64
  
  2.6.19-vs2.2.0-rc2
 
 let's try the final version (vs2.2.0) with a recent
 2.6.19.7 kernel first, and see if the issue remains
 
  util-vserver-0.30.212-r2
 
 won't hurt to try one of the 0.30.213 release candidates
 too, just to make sure ...
 
 TIA,
 Herbert
 
  and a gentoo amd64 guest.
  
  -- 
  
  Chuck
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] behavior i have never seen before

2007-04-29 Thread Chuck

it just started today. has been behaving before this. i have a vserver 
configured to run cacti and nagios. oddly nagios runs, but does not show in 
the process listing using ps ax. it once did. when i go to stop it with the 
init scrip it says it cannot find the pid but if i run the init with stop 
once more it stops it and it truly does.

it appears to be hiding somehow and it appears to function normally.

any clues? i don't know if this is an o/s problem that just developed or a 
vserver situation or  a nagios configuration that i may have messed up 
accidently or what.. stopping and starting the vserver does not make it 
appear in the process listing although it is running.

im running gentoo on the host amd64

2.6.19-vs2.2.0-rc2
util-vserver-0.30.212-r2

and a gentoo amd64 guest.

-- 

Chuck
___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] routing: 2 different virtual subnets on the same machine

2007-04-13 Thread Chuck
On Friday 13 April 2007 08:28, Rik Bobbaers wrote:
 if you want some automatisation, and you know what you're doing:
 
 http://people.linux-vserver.org/~harry/scripts/
 
 pre-start and post-stop check them out :)
 

wow. fast glance so i am not positive, but these look like they will allow you 
to add a network/ip to the host routing tables via only a guest start without 
having to add the basic config into the host!!  this means that if i decide 
to bring up 192.168.20.0/24 having never had it on the host before, i dont 
have to add it to the host setups, the virtual server using that network will 
add it for me... way cool! :)  thanks! never even thought of this 
possibility.

 greetz
 
 Chuck wrote:
  hope it helps. iproute2 is an absolute Godsend. I use the simplest of its 
  configurations and get what I want easily.. If you wanted to get into some 
  really complicated things, iproute2 has so many additional advanced config 
  options it could take weeks to read up on them all but from what I can 
  gather, it can solve the most complicated of needs and do things that 
  previously would have you banging your head against the wall trying to 
  solve :) I now use iproute2 on everything, even on simple workstation 
  installations, so it is there if additional configuration is ever needed.
 -- 
 harry
 aka Rik Bobbaers
 
 K.U.Leuven - LUDIT  -=- Tel: +32 485 52 71 50
 [EMAIL PROTECTED] -=- http://people.linux-vserver.org/~harry
 
 Nobody notices when things go right.
 
 Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
 
 ___
 Vserver mailing list
 [EMAIL PROTECTED]
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
[EMAIL PROTECTED]
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] routing: 2 different virtual subnets on the same machine

2007-04-06 Thread Chuck
On Friday 06 April 2007 06:28, Konstantinos Pachopoulos wrote:


i ran into the same situation with 4 nics and solved it with iproute2 on the 
host. using simple tables and rules i was able to have the machine default 
gateway for eth0 yet route all various subnets through their proper nics with 
their own gateways.  what distro are you using for the host? i can only give 
exact specifics for gentoo but i can give you the basic config structures you 
can adapt to other distros. iproute2 was the only way i could get this 
working properly.

if interested let me know and i will post a basic structure for your setup.

 Hi,
 i have not much knowlege on routing and following other advice or trying 
 to follow solutions to similar cases 
 (http://www.freenux.org/~mm/wordpress/?p=10 for example) didn't work for 
 me. So here is the case:
 -on my virtual box there are guests running in 2 different subnets: 
 192.168.1.0/24 and 192.168.2.0/24
 -192.168.2.0/24 is supposed to be a DMZ.
 -the virtual box has 2 interfaces: eth0 for routing 192.168.1.0/24 and 
 eth3 for routing 192.168.2.0/24
 
 
 
 --
 | vhost3-vhost4vhost1-vhost2   
   |
 |__|
 ||
 | 192.168.2.0/24 via eth3| 
 192.168.1.0/24 via eth0
 ||
 ||
 |_ ___|
|| 
   router  wireless wan / Internet
 
 
 I just want the 192.168.2.0/24 to be routed via eth3 and 192.168.1.0/24 
 via eth0.  The router/firewall will take over afterwards.
 Suggestions?
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] routing: 2 different virtual subnets on the same machine

2007-04-06 Thread Chuck

ok..

1. install iproute2on the host. this is the only place it is needed.
2. on my system the tables are kept in /etc/iproute2
you only have to edit rt_tables
   at the bottom of the list that is included by default add 2 tables.
   you can call them whatever you want. each table you enter must 
   have a unique number.
  
  192 192net1
  193 192net2

  would work fine.

 
I don't know how deb handles network configurations but in gentoo we use a 
single 'net' file and we tell it what module to use (ifconfig,iproute2,etc).

if you need to, tell your system to use iproute2

since we have a very neat way of configuring the networks in gentoo, i am not 
positive about the syntax for the ip program itself but it would be something 
similar to :

ip addr add ip netmask netmask broadcast broadcast dev ethx
ip route add netblock src ip table 192net1 dev eth0
ip route add netblock src ip table 192net2 dev eth1
ip route add default via gw ip table 192net1 dev eth0
 ip route add default via gw ip table 192net2 dev eth1
ip rule add from 192.168.1.0/24 table 192net1 dev eth0
ip rule add from 192.168.2.0/24 table 192net2 dev eth1

i assigned arbitrary values to the ip addresses below:
our syntax in gentoo would be:
config_eth0=( 192.168.1.34 broadcast 192.168.1.255 netmask 255.255.255.0)
config_eth1=( 192.168.2.60 broadcast 192.168.2.255 netmask 255.255.255.0)
  
then the routing table instructions which simply say plug this netblock and 
source ip using this ethx into this table

routes_eth0=( 192.168.1.0/24 src 192.168.1.34 table 192net1)
routes_eth1=( 192.168.2.0/24 src 192.168.2.60 table 192net2)

then the gateways for the tables
routes_eth0=(  default via 192.168.1.1 table 192net1 )
routes_eth1=(  default via 192.168.2.1 table 192net2 )

then we add the machine default gateway - note no table reference.. this 
handles routing for everything else that doesnt get handled by tables above.

routes_eth0=(  default via 192.168.1.1 )

now we add rules which basically say anything from netblock 'x' use the proper 
table

rules_eth0=( from 192.168.1.0/24 table 192net1)
rules_eth1=( from 192.168.2.0/24 table 192net2)

hope this isn't too confusing since i am not positive of the actual ip program 
syntax ... the gentoo instructions are accurate and so would probably tell 
you a bit about everything you need to plug into whatever.. gentoo has  
subroutines that read the devices and line after them and plug the proper 
values into the ip program syntax.

debian probably has some type of similar network configuration to make it a 
reasonable config.


please note that when using iproute2, using ifconfig to display assigned ip 
addresses is somewhat innacurate at best. route -n is also somewhat 
misleading. the proper way would be 

ip addr show
ip route show
ip rule show


hope this helps some. it will definitely cure your problem with multiple 
networks on multiple nics. i have had as many as 5 different networks plugged 
into 5 nics without an oops at all. it just works.

Chuck


On Friday 06 April 2007 15:21, Konstantinos Pachopoulos wrote:
 //
 
 Hi Chuck,
 i am using Debian Etch. Everything could bu useful at this point :)
 
 
   From: Chuck chuck_at_sbbsnet.net 
 mailto:chuck_at_sbbsnet.net?Subject=Re:%20%5BVserver%5D%20routing:
%202%20different%20virtual%20subnets%20on%20the%20same%20machine 
 
   Date: Fri 06 Apr 2007 - 12:48:51 BST
   Message-Id: [EMAIL PROTECTED]
 
   On Friday 06 April 2007 06:28, Konstantinos Pachopoulos wrote:
 
   i ran into the same situation with 4 nics and solved it with iproute2 
 on the
   host. using simple tables and rules i was able to have the machine 
 default
   gateway for eth0 yet route all various subnets through their proper 
 nics with
   their own gateways. what distro are you using for the host? i can only 
 give
   exact specifics for gentoo but i can give you the basic config 
 structures you
   can adapt to other distros. iproute2 was the only way i could get this
   working properly.
 
   if interested let me know and i will post a basic structure for your 
 setup.
 
   / Hi, /
   / i have not much knowlege on routing and following other advice or 
 trying /
   / to follow solutions to similar cases /
   / (http://www.freenux.org/~mm/wordpress/?p=10 
 http://www.freenux.org/%7Emm/wordpress/?p=10 for example) didn't work 
 for /
   / me. So here is the case: /
   / -on my virtual box there are guests running in 2 different subnets: /
   / 192.168.1.0/24 and 192.168.2.0/24 /
   / -192.168.2.0/24 is supposed to be a DMZ. /
   / -the virtual box has 2 interfaces: eth0 for routing 192.168.1.0/24 
 and /
   / eth3 for routing 192.168.2.0/24 /
   / /
   / /
   / 
 --
  
 /
   / | vhost3-vhost4 vhost1-vhost2 /
   / | /
   / |__| /
   / | | /
   / | 192.168.2.0/24 via eth3 | /
   / 192.168.1.0/24 via eth0

Re: [Vserver] routing: 2 different virtual subnets on the same machine

2007-04-06 Thread Chuck
On Friday 06 April 2007 15:21, Konstantinos Pachopoulos wrote:


i made a mistake:) every reference to eth1 in my examples should be eth3.

sorry

 //
 
 Hi Chuck,
 i am using Debian Etch. Everything could bu useful at this point :)
 
 
   From: Chuck chuck_at_sbbsnet.net 
 mailto:chuck_at_sbbsnet.net?Subject=Re:%20%5BVserver%5D%20routing:
%202%20different%20virtual%20subnets%20on%20the%20same%20machine 
 
   Date: Fri 06 Apr 2007 - 12:48:51 BST
   Message-Id: [EMAIL PROTECTED]
 
   On Friday 06 April 2007 06:28, Konstantinos Pachopoulos wrote:
 
   i ran into the same situation with 4 nics and solved it with iproute2 
 on the
   host. using simple tables and rules i was able to have the machine 
 default
   gateway for eth0 yet route all various subnets through their proper 
 nics with
   their own gateways. what distro are you using for the host? i can only 
 give
   exact specifics for gentoo but i can give you the basic config 
 structures you
   can adapt to other distros. iproute2 was the only way i could get this
   working properly.
 
   if interested let me know and i will post a basic structure for your 
 setup.
 
   / Hi, /
   / i have not much knowlege on routing and following other advice or 
 trying /
   / to follow solutions to similar cases /
   / (http://www.freenux.org/~mm/wordpress/?p=10 
 http://www.freenux.org/%7Emm/wordpress/?p=10 for example) didn't work 
 for /
   / me. So here is the case: /
   / -on my virtual box there are guests running in 2 different subnets: /
   / 192.168.1.0/24 and 192.168.2.0/24 /
   / -192.168.2.0/24 is supposed to be a DMZ. /
   / -the virtual box has 2 interfaces: eth0 for routing 192.168.1.0/24 
 and /
   / eth3 for routing 192.168.2.0/24 /
   / /
   / /
   / 
 --
  
 /
   / | vhost3-vhost4 vhost1-vhost2 /
   / | /
   / |__| /
   / | | /
   / | 192.168.2.0/24 via eth3 | /
   / 192.168.1.0/24 via eth0 /
   / | | /
   / | | /
   / |_ ___| /
   / | | /
   / router  wireless wan / Internet /
   / /
   / /
   / I just want the 192.168.2.0/24 to be routed via eth3 and 
 192.168.1.0/24 /
   / via eth0. The router/firewall will take over afterwards. /
 / Suggestions? /
   / ___ /
   / Vserver mailing list /
   / Vserver@list.linux-vserver.org /
   / http://list.linux-vserver.org/mailman/listinfo/vserver /
   / /
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Apache Problem at Sunday morning

2007-03-18 Thread Chuck
On Sunday 18 March 2007 08:43, Cryptronic wrote:

the first thing i would look at is what cron jobs are running in guests and 
also host on sunday mornings? it sounds like a cron.weekly script may be 
raising havoc?


 HI all,
 
 sry for double posting.
 
 In have a strange problem with apache2 : Each sunday morning between 5 
 a.m. and 7 a.m. some apache's in different vservers shutdown and do not 
 come back.
 
 I'm running debian etch on the vservers and debian sid on the hosts. The 
 silliest thing is that each Sunday these were different vservers. I only 
 get the following message in apache's error log:
 
 [Sun Mar 18 06:26:43 2007] [warn] child process 30762 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:43 2007] [warn] child process 30763 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:43 2007] [warn] child process 30764 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:43 2007] [warn] child process 30765 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:43 2007] [warn] child process 30767 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:43 2007] [warn] child process 367 still did not exit, 
 sending a SIGTERM
 [Sun Mar 18 06:26:43 2007] [warn] child process 21930 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:45 2007] [warn] child process 30762 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:45 2007] [warn] child process 30763 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:45 2007] [warn] child process 30764 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:45 2007] [warn] child process 30765 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:45 2007] [warn] child process 30767 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:45 2007] [warn] child process 367 still did not exit, 
 sending a SIGTERM
 [Sun Mar 18 06:26:45 2007] [warn] child process 21930 still did not 
 exit, sending a SIGTERM
 [Sun Mar 18 06:26:47 2007] [notice] caught SIGTERM, shutting down
 
 Limit's weren't hit.
 
 I would be thankful for each hint.
 
 Best regards
 
 Oliver
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] gentoo update breaks shutdowns?

2007-03-11 Thread Chuck
On Sunday 11 March 2007 12:46, Herbert Poetzl wrote:
 On Sun, Mar 11, 2007 at 02:33:44AM -0500, Chuck wrote:
  there is something in my system that updated recently that has since 
broken 
  vserver's ability to report shutting down guests. I get this kind of 
report 
  on every type of guest. it also appears to be a random thing. other times 
i 
  shut guests down and i get no errors. this variable behavior was only 
noticed 
  yesterday because we are moving physical drives around so we have had to 
  stop/start the server otherwise we may not stop any for months. it also 
waits 
  the 'timeout' time before reporting.
  
  as in example below, after this message i try a vps ax|grep 3910 and i 
find no 
  processes with that context running! an immediate restart is error free.
  
  valkyrie boinc # vserver cacti stop
  A timeout occured while waiting for the vserver to finish and it will
  be killed by sending a SIGKILL signal. The following process list
  might be useful for finding out the reason of this behavior:
  
  --
  14685  3910 cacti ?Ss 0:00 init [3]
  15181  3910 cacti ?Ss 0:00  \_ /usr/sbin/syslog-ng
  15245  3910 cacti ?Ssl0:00  \_ /usr/sbin/named -u 
named -n 
  4 -t /var/bind
  15265  3910 cacti ?Ss 0:00  \_ /usr/sbin/apache2 -D 
  DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
  start
  15266  3910 cacti ?S  0:00  |   
\_ /usr/sbin/apache2 -D 
  DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
  start
  15312  3910 cacti ?Sl 0:00  |   
\_ /usr/sbin/apache2 -D 
  DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
  start
  15313  3910 cacti ?Sl 0:00  |   
\_ /usr/sbin/apache2 -D 
  DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
  start
  15310  3910 cacti ?Ss 0:01  \_ /usr/sbin/clamd
  15327  3910 cacti ?Ss 0:00  \_ /usr/bin/freshclam -d
  15468  3910 cacti ?Ss 0:00  \_ /usr/sbin/cron
  15539  3910 cacti ?Ds 0:00  \_ /sbin/shutdown -r 0 w
  --
  Vserver '/etc/vservers/cacti' still running unexpectedly; please 
investigate 
  it manually...
 
 maybe it takes quite long (timeout +/- something)
 and thus, the timeout strikes sometimes ...
 

its an idea... however even nameserver guests that do nothing but run named 
which normally shut down very fast take a reasonably long time and many times 
error out.

 I observed similar with qmail, which is quite
 strange in shutdown behaviour, especially when
 combined with other services ...
 

qmail is odd... unless you want to wait for it to finish whatever it is doing, 
the only way is an explicit kill.

 (read: it can take between 1 and 10 minutes to
 do a proper shutdown)
 
 just and idea,

thanks! will look for the timeout config and try extending it a bit

 Herbert
 
  essentially when it behaves like this, every shutdown says it is still
  running does anyone in gentoo-vserver land have any clue what may be
  causing this apparently false report?
  
  my util-vserver version is 0.30.212-r2
  
  kernel version
  
  2.6.19-vs2.2.0-rc2
  
  
  
  -- 
  
  Chuck
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] gentoo update breaks shutdowns?

2007-03-11 Thread Chuck
On Sunday 11 March 2007 12:46, Herbert Poetzl wrote:
 On Sun, Mar 11, 2007 at 02:33:44AM -0500, Chuck wrote:
  there is something in my system that updated recently that has since 
broken 
  vserver's ability to report shutting down guests. I get this kind of 
report 
  on every type of guest. it also appears to be a random thing. other times 
i 
  shut guests down and i get no errors. this variable behavior was only 
noticed 
  yesterday because we are moving physical drives around so we have had to 
  stop/start the server otherwise we may not stop any for months. it also 
waits 
  the 'timeout' time before reporting.
  
  as in example below, after this message i try a vps ax|grep 3910 and i 
find no 

in the system console log i noticed something i don't remember seeing before.. 
an option given that says nonamespace or something like that... is this 
somethjing new? need I convert anything?

these servers were created between oct 06 and feb 07 so if there is anything 
new that came up that needs a config change i guess i need to do it.

  processes with that context running! an immediate restart is error free.
  
  valkyrie boinc # vserver cacti stop
  A timeout occured while waiting for the vserver to finish and it will
  be killed by sending a SIGKILL signal. The following process list
  might be useful for finding out the reason of this behavior:
  
  --
  14685  3910 cacti ?Ss 0:00 init [3]
  15181  3910 cacti ?Ss 0:00  \_ /usr/sbin/syslog-ng
  15245  3910 cacti ?Ssl0:00  \_ /usr/sbin/named -u 
named -n 
  4 -t /var/bind
  15265  3910 cacti ?Ss 0:00  \_ /usr/sbin/apache2 -D 
  DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
  start
  15266  3910 cacti ?S  0:00  |   
\_ /usr/sbin/apache2 -D 
  DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
  start
  15312  3910 cacti ?Sl 0:00  |   
\_ /usr/sbin/apache2 -D 
  DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
  start
  15313  3910 cacti ?Sl 0:00  |   
\_ /usr/sbin/apache2 -D 
  DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
  start
  15310  3910 cacti ?Ss 0:01  \_ /usr/sbin/clamd
  15327  3910 cacti ?Ss 0:00  \_ /usr/bin/freshclam -d
  15468  3910 cacti ?Ss 0:00  \_ /usr/sbin/cron
  15539  3910 cacti ?Ds 0:00  \_ /sbin/shutdown -r 0 w
  --
  Vserver '/etc/vservers/cacti' still running unexpectedly; please 
investigate 
  it manually...
 
 maybe it takes quite long (timeout +/- something)
 and thus, the timeout strikes sometimes ...
 
 I observed similar with qmail, which is quite
 strange in shutdown behaviour, especially when
 combined with other services ...
 
 (read: it can take between 1 and 10 minutes to
 do a proper shutdown)
 
 just and idea,
 Herbert
 
  essentially when it behaves like this, every shutdown says it is still
  running does anyone in gentoo-vserver land have any clue what may be
  causing this apparently false report?
  
  my util-vserver version is 0.30.212-r2
  
  kernel version
  
  2.6.19-vs2.2.0-rc2
  
  
  
  -- 
  
  Chuck
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] gentoo update breaks shutdowns?

2007-03-11 Thread Chuck
On Sunday 11 March 2007 15:42, Daniel Hokka Zakrisson wrote:


2.6.19? or the vserver patch?

i also found something interesting just now. on a whim i looked at the 
shutdown.sh in init.d and it has changed since older ones. the newer one 
which fails every time is 

opts=-d
[[ ${INIT_HALT} != HALT ]]  opts=${opts}p
[[ ${RC_DOWN_INTERFACE} == yes ]]  opts=${opts}i
[[ ${RC_DOWN_HARDDISK} == yes ]]  opts=${opts}h

/sbin/halt ${opts}

# hmm, if the above failed, that's kind of odd ...
# so let's force a halt
/sbin/halt -f


but if i change it to match the older one which works every time, it becomes


/sbin/halt -dp

# hmm, if the above failed, that's kind of odd ...
# so let's force a halt
/sbin/halt -f


in changing only a few of our vservers to this older method, every one now 
shuts down properly.

 Chuck wrote:
  ...
  my util-vserver version is 0.30.212-r2
 
  kernel version
 
  2.6.19-vs2.2.0-rc2
 
 You sure you were running that kernel before? IIRC that one has a broken
 vc_ctx_kill, so you might want to upgrade...
 
 -- 
 Daniel Hokka Zakrisson
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] gentoo update breaks shutdowns?

2007-03-11 Thread Chuck
On Sunday 11 March 2007 15:42, Daniel Hokka Zakrisson wrote:


oh to answer your other question, yes we switched to this kernel back in 
december when we found out the hard way that 2.6.18 had issues with reiserfs 
and lvm

 Chuck wrote:
  ...
  my util-vserver version is 0.30.212-r2
 
  kernel version
 
  2.6.19-vs2.2.0-rc2
 
 You sure you were running that kernel before? IIRC that one has a broken
 vc_ctx_kill, so you might want to upgrade...
 
 -- 
 Daniel Hokka Zakrisson
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] gentoo update breaks shutdowns?

2007-03-10 Thread Chuck
there is something in my system that updated recently that has since broken 
vserver's ability to report shutting down guests. I get this kind of report 
on every type of guest. it also appears to be a random thing. other times i 
shut guests down and i get no errors. this variable behavior was only noticed 
yesterday because we are moving physical drives around so we have had to 
stop/start the server otherwise we may not stop any for months. it also waits 
the 'timeout' time before reporting.

as in example below, after this message i try a vps ax|grep 3910 and i find no 
processes with that context running! an immediate restart is error free.

valkyrie boinc # vserver cacti stop
A timeout occured while waiting for the vserver to finish and it will
be killed by sending a SIGKILL signal. The following process list
might be useful for finding out the reason of this behavior:

--
14685  3910 cacti ?Ss 0:00 init [3]
15181  3910 cacti ?Ss 0:00  \_ /usr/sbin/syslog-ng
15245  3910 cacti ?Ssl0:00  \_ /usr/sbin/named -u named -n 
4 -t /var/bind
15265  3910 cacti ?Ss 0:00  \_ /usr/sbin/apache2 -D 
DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
start
15266  3910 cacti ?S  0:00  |   \_ /usr/sbin/apache2 -D 
DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
start
15312  3910 cacti ?Sl 0:00  |   \_ /usr/sbin/apache2 -D 
DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
start
15313  3910 cacti ?Sl 0:00  |   \_ /usr/sbin/apache2 -D 
DEFAULT_VHOST -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf -k 
start
15310  3910 cacti ?Ss 0:01  \_ /usr/sbin/clamd
15327  3910 cacti ?Ss 0:00  \_ /usr/bin/freshclam -d
15468  3910 cacti ?Ss 0:00  \_ /usr/sbin/cron
15539  3910 cacti ?Ds 0:00  \_ /sbin/shutdown -r 0 w
--
Vserver '/etc/vservers/cacti' still running unexpectedly; please investigate 
it manually...

essentially when it behaves like this, every shutdown says it is still running
does anyone in gentoo-vserver land have any clue what may be causing this 
apparently false report?

my util-vserver version is 0.30.212-r2

kernel version

2.6.19-vs2.2.0-rc2



-- 

Chuck


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] a bit off topic but good to know if there is a known problem

2007-03-06 Thread Chuck
On Tuesday 06 March 2007 16:22, eyck wrote:


the controller is a silicone image 3114 which is a hybrid hardware/software 
raid controller.. similar in theory to a winmodem. so far only windows 
drivers support it properly according to SI. the linux drivers in the kernel 
do not assist the si controller so we were discussing that the best would be 
to set the controller to ultra or standard and simply do software raid via 
linux.


  note that the 'performance' in many cases is a myth,
  for several reasons, mainly because:
  
   - hardware raid has 2-256MB cache, software has 1-4GB
   - hardware raid has a single channel to the host,
 while proper setup soft raid can burst over N channels
 simultaniously (and will do so, e.g. for separate I/O
 threads)
   - elevator in the kernel, vs limited TCQ
  I believe you are talking about simple SATA controllers, not real
 hardware raid setups?
 
 -- 
 Key fingerprint = 40D0 9FFB 9939 7320 8294  05E0 BCC7 02C4 75CC 50D9
  Total Existance Failure
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] a bit off topic but good to know if there is a known problem

2007-03-05 Thread Chuck
On Monday 05 March 2007 06:15, Herbert Poetzl wrote:
 On Sun, Mar 04, 2007 at 05:42:01PM -0500, Chuck wrote:
  i have seen many of you have similar setups so if there is a known
  problem we should all know about it...
 
  has anyone heard of a problem with the sda channel in the SATA on
  board silicone image 3114 controller in general or on a tyan 2882D
  series motherboard using opteron processors? we are running a software
  raid1 and sda keeps going south even with a new hdd to the point it is
  not detectable at all.. a power down, unplug plug back in and restart
  usually cures it and the array re-syncs then gets an error and sda is
  no longer visible to anything,.. it is a tyan GX28 system.
 
  i am running all my vserver partitions on lvm2 under this if that has
  any bearing..
 
  outside of a faulty motherboard i am at a loss as to what could cause
  this.
 
 this is what google had to say :)
 
 http://www.linuxquestions.org/questions/showthread.php?t=351495
 
http://www.leenooks.com/Silicon+Image+311x+sata+controllers+and+some+Seagate+disks
 
 in general, the Sil 311x is considered very slow
 and 'crappy' but it should be supported quite fine
 
 http://www.tyan.com/archive/products/html/gx28b2882_spec.html
 
 looking at the specs for the GX28 I see AMD chipsets
 which 'might' lack proper support, the Sil 3114 there
 is also connected to the legacy 32bit bus and does
 only support SATA 1.0, so I wouldn#t expect too much
 from that ...
 

yeah performance is one thing but this actually loses the first drive.. claims 
disk error then disconnects the drive from the array and it becomes invalid 
even to fdisk. power cycle it and its fine for a while again. 



 HTH,
 Herbert
 
  -- 
  
  Chuck
  
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] a bit off topic but good to know if there is a known problem

2007-03-05 Thread Chuck
On Monday 05 March 2007 06:15, Herbert Poetzl wrote:
 On Sun, Mar 04, 2007 at 05:42:01PM -0500, Chuck wrote:
  i have seen many of you have similar setups so if there is a known
  problem we should all know about it...
 
  has anyone heard of a problem with the sda channel in the SATA on
  board silicone image 3114 controller in general or on a tyan 2882D
  series motherboard using opteron processors? we are running a software
  raid1 and sda keeps going south even with a new hdd to the point it is
  not detectable at all.. a power down, unplug plug back in and restart
  usually cures it and the array re-syncs then gets an error and sda is
  no longer visible to anything,.. it is a tyan GX28 system.
 
  i am running all my vserver partitions on lvm2 under this if that has
  any bearing..
 
  outside of a faulty motherboard i am at a loss as to what could cause
  this.
 
 this is what google had to say :)
 
 http://www.linuxquestions.org/questions/showthread.php?t=351495
 
http://www.leenooks.com/Silicon+Image+311x+sata+controllers+and+some+Seagate+disks
 
 in general, the Sil 311x is considered very slow
 and 'crappy' but it should be supported quite fine
 

we are kinda stuck with the on board controller however since this is a 1u 
case and the riser is already used for a nic. i think we may try replacing 
sda with a western digital drive. the seagates we are using are not on the 
black list in the driver but are of the same family.. if this wd works we 
will replace the 2nd drive with a wd and will have learned the hard way never 
to use seagate paired with silicone image controllers. i would rather see the 
boss change the case to a 2u and put a real hardware raid controller in on a 
2 card riser but.. it is not my call..  (and of course we find all this 
out after the machine has been in our production environment for 5 months)


 http://www.tyan.com/archive/products/html/gx28b2882_spec.html
 
 looking at the specs for the GX28 I see AMD chipsets
 which 'might' lack proper support, the Sil 3114 there
 is also connected to the legacy 32bit bus and does
 only support SATA 1.0, so I wouldn#t expect too much
 from that ...
 
 HTH,
 Herbert
 
  -- 
  
  Chuck
  
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] a bit off topic but good to know if there is a known problem

2007-03-05 Thread Chuck
On Monday 05 March 2007 14:24, Herbert Poetzl wrote:


thanks for all the info!! after placing a call to SI i am told that our drives 
are definitely of the same family and that the WD drives I looked at as 
replacements would work perfectly. They confirmed the behavior I am 
experiencing.

thanks again!!


 On Mon, Mar 05, 2007 at 07:43:51AM -0500, Chuck wrote:
  On Monday 05 March 2007 06:15, Herbert Poetzl wrote:
   On Sun, Mar 04, 2007 at 05:42:01PM -0500, Chuck wrote:
i have seen many of you have similar setups so if there is a known
problem we should all know about it...
   
has anyone heard of a problem with the sda channel in the SATA
on board silicone image 3114 controller in general or on a tyan
2882D series motherboard using opteron processors? we are running
a software raid1 and sda keeps going south even with a new hdd to
the point it is not detectable at all.. a power down, unplug plug
back in and restart usually cures it and the array re-syncs then
gets an error and sda is no longer visible to anything,.. it is a
tyan GX28 system.
   
i am running all my vserver partitions on lvm2 under this if that
has any bearing..
   
outside of a faulty motherboard i am at a loss as to what could
cause this.
   
   this is what google had to say :)
   
   http://www.linuxquestions.org/questions/showthread.php?t=351495
   
  
http://www.leenooks.com/Silicon+Image+311x+sata+controllers+and+some+Seagate+disks
   
   in general, the Sil 311x is considered very slow
   and 'crappy' but it should be supported quite fine
   
  
  we are kinda stuck with the on board controller however since this is
  a 1u case and the riser is already used for a nic. i think we may try
  replacing sda with a western digital drive. the seagates we are using
  are not on the black list in the driver but are of the same family..
  if this wd works we will replace the 2nd drive with a wd and will have
  learned the hard way never to use seagate paired with silicone image
  controllers. i would rather see the boss change the case to a 2u and
  put a real hardware raid controller in on a 2 card riser but.. it
  is not my call.. (and of course we find all this out after the machine
  has been in our production environment for 5 months)
 
 in most cases the hardware raid controller is not worth
 the money, as a software raid usually gives a much better
 performance with less latency and more control for the
 operating system ...
 
 nevertheless, hw-raid can have some advantages if it is
 done properly, e.g. auto reconstruction without affecting
 the system performance and/or battery buffering in power
 failure cases ...
 
 best,
 Herbert
 
   http://www.tyan.com/archive/products/html/gx28b2882_spec.html
   
   looking at the specs for the GX28 I see AMD chipsets
   which 'might' lack proper support, the Sil 3114 there
   is also connected to the legacy 32bit bus and does
   only support SATA 1.0, so I wouldn#t expect too much
   from that ...
   
   HTH,
   Herbert
   
-- 

Chuck

___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
   
  
  -- 
  
  Chuck
  
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose 
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] a bit off topic but good to know if there is a known problem

2007-03-04 Thread Chuck
i have seen many of you have similar setups so if there is a known problem we 
should all know about it...

has anyone heard of a problem with the sda channel in the SATA on board 
silicone image 3114 controller in general or on a tyan 2882D series 
motherboard using opteron processors?  we are running a software raid1 and 
sda keeps going south even with a new hdd to the point it is not detectable 
at all.. a power down, unplug plug back in and restart usually cures it and 
the array re-syncs then gets an error and sda is no longer visible to 
anything,.. it is a tyan GX28 system.

i am running all my vserver partitions on lvm2 under this if that has any 
bearing..

outside of a faulty motherboard i am at a loss as to what could cause this.

-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] debian vserver and AMD x2 AM2 CPUs

2007-03-03 Thread Chuck
On Saturday 03 March 2007 04:37, Konstantinos Pachopoulos wrote:

Works perfectly on my Gentoo host so I would assume it would be just fine. 
Ours is running on a 2  dual core opteron machine.

 Hi,
 has anybody had any experience with with VServer
 (Debian) and Dual Core AM2 CPUs? Does it work OK? 
 
 Is it posssible -would it be possible in the future
 maybe- for VServer to take advantage of the AMD CPUs
 built-in virtualization technology?
 
 Thanks
 
 
   
   
   
 ___ 
 New Yahoo! Mail is the ultimate force in competitive emailing. Find out more 
at the Yahoo! Mail Championships. Plus: play games and win prizes. 
 http://uk.rd.yahoo.com/evt=44106/*http://mail.yahoo.net/uk 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] Mirroring entire vserver hosts in general.

2007-02-28 Thread Chuck


I know absolutely nothing about mirroring systems with autostart etc.

My initial thoughts were as follows:

1. provide accurate duplication of the entire primary machine to the secondary 
one which is running off a temporary ip address.

2. provide a 3rd monitoring server to keep an eye on both machines to notify 
me of any failures of either and to automatically execute the proper copy 
scripts on the 2nd one in event of failure of 1st one to change all ip 
addresses to turn 2nd one into 1st one with same ips and start all sleeping 
services and vserver guests on 2nd one. and then auto-log into our router to 
clear the arp cache so the standard ips activated on 2nd machine are visible 
immediately without waiting the 3 hrs for cache clearing. 

i was just thinking after i wrote this that i could keep all 4 nics 
pre-configured with the same ip addresses and keep the 3 public ones in a 
down state using only the private localnet nic and then only have to copy a 
net config that included the pvt address of the 1st machine as well as 
current 2nd one to keep access uninterrupted.

the 2nd machine must take over everything including identity of the 1st 
machine since the host runs certain applications we use network wide in 
addition to all the vservers.

it would seem to me , without research yet as i am only gathering 'structure' 
info outlines, that this heartbeat system as described would be a bit 
simplistic for this? or is it capable of doing everything needed to the 2nd 
machine in event of 1st machine failure?

is there a reference to guide me more in this when i am ready to do it (  a 
few months from now) ?




-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] raising individual interface devices

2007-02-17 Thread Chuck
On Saturday 17 February 2007 12:46, Herbert Poetzl wrote:
 On Sat, Feb 17, 2007 at 05:53:58PM +0100, Baltasar Cevc wrote:
  
  Hi Chuck
  
  Quoting Chuck [EMAIL PROTECTED]:
  is there a way to raise an individual interface device in a vserver
  without restarting the entire server?
  
  i am installing several vservers that will require various ip
  addresses for specific SSL certs added one at a time but should not
  down the entire service
  just to do so.. eg:
  
  eg:
  
  /etc/vservers/guestname/interfaces/0
  /etc/vservers/guestname/interfaces/1
  
  then i want to add
  
  /etc/vservers/guestname/interfaces/2
  
  and bring it alive without disturbing 0 or 1 or the operation of any
  services under them.
 
  Add the interface configuration, add the IP to the interface on the 
  host (ip addr add  dev yyy, as far as and enter the vserver 
  (using vserver enter); the newly opened session in the context 
  knows the new IP, too. So you may restart your Webserver then and use 
  the new IP.
  
  Sorry, I've accidently hit send - here's the complete text I wanted
  to write ;-)
  
  Add the interface configuration, add the IP to the interface on the
  host (ip addr add  dev yyy) - so the host knows the IP (which is
  normally done by vserver start). Then enter the vserver (using vserver
  enter); the newly opened session (your bash process or similar) in
  the context knows the new IP, too. So you may add it to your Webserver
  config and restart it (now having the newly assigned IP, too).
 
 well, while this may work with some configurations
 (especially older tools :) this works by chance and
 not by design, and it will for sure stop working with
 non legacy enabled kenels, which make proper use of
 network contexts ...
 
 the proper procedure is quite similar though:
 
  - add the ip to the host (ip addr add ...)
  - add the ip to the guest's network context
# naddress --add --nid nid --ip ip/mask
  - enter the guest (best via ssh)
  - restart the services if required
(most services will automatically start using
the new addresses)
  - update the config to reflect the changes for
the next guest restart (if desired)

ok. will use this... we are currently using in production

2.6.19-vs2.2.0-rc2
and utils  0.30.212-r2

and the kernel is set for not legacy.


 
 HTC,
 Herbert
 
  Hope that helps,
  Baltasar
  
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] raising individual interface devices

2007-02-17 Thread Chuck
On Saturday 17 February 2007 13:39, Daniel Hokka Zakrisson wrote:
 Herbert Poetzl wrote:
  On Sat, Feb 17, 2007 at 05:53:58PM +0100, Baltasar Cevc wrote:
 
  Hi Chuck
  
  Quoting Chuck [EMAIL PROTECTED]:
  is there a way to raise an individual interface device in a vserver
  without restarting the entire server?
 
  i am installing several vservers that will require various ip
  addresses for specific SSL certs added one at a time but should not
  down the entire service
  just to do so.. eg:
 
  eg:
 
  /etc/vservers/guestname/interfaces/0
  /etc/vservers/guestname/interfaces/1
 
  then i want to add
 
  /etc/vservers/guestname/interfaces/2
 
  and bring it alive without disturbing 0 or 1 or the operation of any
  services under them.
 
  Add the interface configuration, add the IP to the interface on the
  host (ip addr add  dev yyy, as far as and enter the vserver
  (using vserver enter); the newly opened session in the context
  knows the new IP, too. So you may restart your Webserver then and use
  the new IP.
 
  Sorry, I've accidently hit send - here's the complete text I wanted
  to write ;-)
 
  Add the interface configuration, add the IP to the interface on the
  host (ip addr add  dev yyy) - so the host knows the IP (which is
  normally done by vserver start). Then enter the vserver (using vserver
  enter); the newly opened session (your bash process or similar) in
  the context knows the new IP, too. So you may add it to your Webserver
  config and restart it (now having the newly assigned IP, too).
 
  well, while this may work with some configurations
  (especially older tools :) this works by chance and
  not by design, and it will for sure stop working with
  non legacy enabled kenels, which make proper use of
  network contexts ...
 
 Some configurations meaning util-vserver 0.30.209 and older, or using
 dynamic contexts.
 
  the proper procedure is quite similar though:
 
   - add the ip to the host (ip addr add ...)
   - add the ip to the guest's network context
 # naddress --add --nid nid --ip ip/mask
   - enter the guest (best via ssh)
   - restart the services if required
 (most services will automatically start using
 the new addresses)
 
 Just to clarify: if your guest had just one IP address before, and you're
 not using 2.3, you'll have to restart all of your services for them to get
 the new IP.

thanks... the only service that would worry about binding to that new ip would 
be apache which can be reloaded with minimal downtime. the rest of the 
services are bound to the vserver primary ip.

 
   - update the config to reflect the changes for
 the next guest restart (if desired)
 
  HTC,
  Herbert
 
  Hope that helps,
  Baltasar
 
 -- 
 Daniel Hokka Zakrisson
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] ultra frustration

2007-02-12 Thread Chuck
why did you ever remove vserver-new? it was so SIMPLE to clone a template that 
way. i cannot get this to work. i am sure it is just frustration on my part. 
i go by the vserver help built in and send it this cmdline:

vserver tbfweb build --context 3911 --hostname tbfweb --interface 
eth3:64.113.39.11/24 --initstyle plain -m 
rsync --source /vservers/c64webmintmpl

and immediately it says unrecognized --source

i try some other syntax and it says --source required

what am i doing wrong???

it is a gentoo 64 host and i am cloning a centos64 template rather than take 
all the time and effort to make a bz2 since the template changes somewhat for 
each series of vservers that i clone from it... unfortunately i have not done 
so since 2.10 version which still had vserver-new in it.


-- 

Chuck




___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] ultra frustration

2007-02-12 Thread Chuck
On Monday 12 February 2007 13:04, Daniel Hokka Zakrisson wrote:

heh.. oh. ok thanks! i would never have guessed that one. 

 Chuck wrote:
  why did you ever remove vserver-new? it was so SIMPLE to clone a template
  that
  way. i cannot get this to work. i am sure it is just frustration on my
  part.
  i go by the vserver help built in and send it this cmdline:
 
  vserver tbfweb build --context 3911 --hostname tbfweb --interface
  eth3:64.113.39.11/24 --initstyle plain -m
  rsync --source /vservers/c64webmintmpl
 
  and immediately it says unrecognized --source
 
 ... since you're missing the -- before it. Add that and it should be fine.
 
 -- 
 Daniel Hokka Zakrisson
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] setiathome

2007-01-20 Thread Chuck

has anyone been successful in running multiple guests each running 
setiathome/boinc? how would something like this affect a system?

my firt thought is since each guest is isolated that the seti client would not 
sense processor needed by something else and would not give up control 
thereby slowing things down?

-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Enlarge /tmp partition

2006-12-13 Thread Chuck
On Wednesday 13 December 2006 16:21, Oliver Welter wrote:
 Hi Alejandro,
 
  LibClamAV Error: wrote 0 instead of 512
  (/tmp/clamav-67ea3a8be7a9faa9/main.ndb)
  cli_untgz: no space left on device
  
  In my /etc/vservers/virtual1/fstab I have this line related to /tmp:
  
  none   /tmp tmpfs   size=16m, mode 1777 0   0

i agree with below.. i have ours that run clamav set to size=64m and no 
software complains. :)

  
 
 The /tmp is a memory based filesystem in that xase - this means it is
 entirely kept in the machines RAM. You have 16M what is too small for
 clamav - you can enlarge the size by just puttingthe wanted number in
 the parameter size=XXXm (you must restart the vserver afterwards).
 
 Note that this will consume RAM ressources, if you have plenty of them,
 thats okm otherwise you should map /tmp to a new partition or, if you
 dont have one left, drop the mointpoint and put it on the /var partiion
 with a symlink (ln -s /var/_tmp /tmp)
 
 Oliver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] any kernel gurus know what this is?

2006-12-07 Thread Chuck

ok. i am definitely having problems with this new opteron machine we have... 

only thing i can see remotely close to an error or warning msg is this from 
the kernel:

i get this message as early in the boot process as when it decompresses to 
begin boot:

kernel mapping table up to 100,000,000 at 8000:d800

 this is a linux 2.6.18.3 kernel

2.6.18-vs2.1.1-gentoo-r1

could this be a disk controller address?


last week the machine died twice both with disk errors, the 2nd time it 
actually scrambled a few sectors in a lvm partition in the website vserver. i 
had to run shred on the partition to fix it.

just this morning, initially i had no warning something was wrong until i 
tried to execute any command and got back  'command not found'. turns out the 
running system could not access the disk array in any fashion. a power cycle 
brought it back to normal and it has been running ok for the past few hours.

in case it helps
hardware is
2xopteron dual core 265
tyan 2882D motherboard
4gb registered ram
2 sata2 drives in raid1 configuration.

could i have a setting wrong in the kernel? 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] any kernel gurus know what this is?

2006-12-07 Thread Chuck
On Thursday 07 December 2006 13:38, Herbert Poetzl wrote:
 On Thu, Dec 07, 2006 at 08:57:41AM -0500, Chuck wrote:
  
  ok. i am definitely having problems with this new opteron machine we 
have... 
  
  only thing i can see remotely close to an error or warning msg is this 
from 
  the kernel:
  
  i get this message as early in the boot process as when it decompresses to 
  begin boot:
  
  kernel mapping table up to 100,000,000 at 8000:d800
 
 that is the 'normal' bootup message you get on the
 (VGA) console when the kernel boots and is either
 set to quiet boot mode or has some other console
 activated ... i.e. that is nothing unusual on x86_64 :)
 
oh ok. guess thats why it was not preceeded with warning or error or 
something.

   this is a linux 2.6.18.3 kernel
  
  2.6.18-vs2.1.1-gentoo-r1
  
  could this be a disk controller address?
  
  last week the machine died twice both with disk errors, the 2nd time
  it actually scrambled a few sectors in a lvm partition in the website
  vserver. i had to run shred on the partition to fix it.
 
 it seems there were some issues with certain block I/O
 and/or filesystems, but they should be fixed in 2.6.18.5
 and later
 

maybe i did not update kernel high enough then. i went from 2.6.18.2 to 
2.6.18.3


maybe ill just bite the bullet and get the 2.6.19 release from kernel.org.

is there a vserver patch for that yet? also for 18.5?

will search the site for the patches.

  just this morning, initially i had no warning something was wrong
  until i tried to execute any command and got back 'command not found'.
  turns out the running system could not access the disk array in any
  fashion. a power cycle brought it back to normal and it has been
  running ok for the past few hours.
 
 that looks more like a faulty I/O subsystem ... maybe
 a loose cable or interference with the bus subsystem
 or just faulty disks ...

will have the boss go back over there and double check everything again. he 
said last week when he looked every wire was harnessed and suspended around 
the sides of the case then came in to where they connected so nothing was 
laying on top of anything.

 
  in case it helps
  hardware is
  2xopteron dual core 265
  tyan 2882D motherboard
  4gb registered ram
  2 sata2 drives in raid1 configuration.
  
  could i have a setting wrong in the kernel? 
 
 maybe that for the console ...
 
 HTH,
 Herbert
 
  -- 
  
  Chuck
  
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose 
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] any kernel gurus know what this is?

2006-12-07 Thread Chuck
On Thursday 07 December 2006 23:03, Herbert Poetzl wrote:

2.6.19 is now stable. this is still the proper patch?

vs2.2.0-rc2


 On Thu, Dec 07, 2006 at 07:06:29PM -0500, Chuck wrote:
  On Thursday 07 December 2006 13:38, Herbert Poetzl wrote:
   On Thu, Dec 07, 2006 at 08:57:41AM -0500, Chuck wrote:

ok. i am definitely having problems with this new opteron machine
we
 
  have...
 
only thing i can see remotely close to an error or warning msg is
this
 
  from
 
the kernel:
   
i get this message as early in the boot process as when it
decompresses to begin boot:

kernel mapping table up to 100,000,000 at 8000:d800
   
   that is the 'normal' bootup message you get on the
   (VGA) console when the kernel boots and is either
   set to quiet boot mode or has some other console
   activated ... i.e. that is nothing unusual on x86_64 :)
   
  oh ok. guess thats why it was not preceeded with warning or error or 
  something.
  
 this is a linux 2.6.18.3 kernel

2.6.18-vs2.1.1-gentoo-r1

could this be a disk controller address?

last week the machine died twice both with disk errors, the 2nd
time it actually scrambled a few sectors in a lvm partition in the
website vserver. i had to run shred on the partition to fix it.
   
   it seems there were some issues with certain block I/O
   and/or filesystems, but they should be fixed in 2.6.18.5
   and later
   
  
  maybe i did not update kernel high enough then. i went from 2.6.18.2 to 
  2.6.18.3
  
  
  maybe ill just bite the bullet and get the 2.6.19 release from
  kernel.org.
 
  is there a vserver patch for that yet? also for 18.5?
  
  will search the site for the patches.
 
 yes, all there ...
 
just this morning, initially i had no warning something was wrong
until i tried to execute any command and got back 'command not found'.
turns out the running system could not access the disk array in any
fashion. a power cycle brought it back to normal and it has been
running ok for the past few hours.
   
   that looks more like a faulty I/O subsystem ... maybe
   a loose cable or interference with the bus subsystem
   or just faulty disks ...
  
  will have the boss go back over there and double check everything
  again. he said last week when he looked every wire was harnessed and
  suspended around the sides of the case then came in to where they
  connected so nothing was laying on top of anything.
 
 double checking that won't hurt ...
 
 best,
 Herbert
 
in case it helps
hardware is
2xopteron dual core 265
tyan 2882D motherboard
4gb registered ram
2 sata2 drives in raid1 configuration.

could i have a setting wrong in the kernel? 
   
   maybe that for the console ...
   
   HTH,
   Herbert
   
-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
   
  
  -- 
  
  Chuck
  
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose 
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] any kernel gurus know what this is?

2006-12-07 Thread Chuck
On Thursday 07 December 2006 23:33, Chuck wrote:

also what version tools should i use with this? i currently have

0.30.211

 On Thursday 07 December 2006 23:03, Herbert Poetzl wrote:
 
 2.6.19 is now stable. this is still the proper patch?
 
 vs2.2.0-rc2
 
 
  On Thu, Dec 07, 2006 at 07:06:29PM -0500, Chuck wrote:
   On Thursday 07 December 2006 13:38, Herbert Poetzl wrote:
On Thu, Dec 07, 2006 at 08:57:41AM -0500, Chuck wrote:
 
 ok. i am definitely having problems with this new opteron machine
 we
  
   have...
  
 only thing i can see remotely close to an error or warning msg is
 this
  
   from
  
 the kernel:

 i get this message as early in the boot process as when it
 decompresses to begin boot:
 
 kernel mapping table up to 100,000,000 at 8000:d800

that is the 'normal' bootup message you get on the
(VGA) console when the kernel boots and is either
set to quiet boot mode or has some other console
activated ... i.e. that is nothing unusual on x86_64 :)

   oh ok. guess thats why it was not preceeded with warning or error or 
   something.
   
  this is a linux 2.6.18.3 kernel
 
 2.6.18-vs2.1.1-gentoo-r1
 
 could this be a disk controller address?
 
 last week the machine died twice both with disk errors, the 2nd
 time it actually scrambled a few sectors in a lvm partition in the
 website vserver. i had to run shred on the partition to fix it.

it seems there were some issues with certain block I/O
and/or filesystems, but they should be fixed in 2.6.18.5
and later

   
   maybe i did not update kernel high enough then. i went from 2.6.18.2 to 
   2.6.18.3
   
   
   maybe ill just bite the bullet and get the 2.6.19 release from
   kernel.org.
  
   is there a vserver patch for that yet? also for 18.5?
   
   will search the site for the patches.
  
  yes, all there ...
  
 just this morning, initially i had no warning something was wrong
 until i tried to execute any command and got back 'command not 
found'.
 turns out the running system could not access the disk array in any
 fashion. a power cycle brought it back to normal and it has been
 running ok for the past few hours.

that looks more like a faulty I/O subsystem ... maybe
a loose cable or interference with the bus subsystem
or just faulty disks ...
   
   will have the boss go back over there and double check everything
   again. he said last week when he looked every wire was harnessed and
   suspended around the sides of the case then came in to where they
   connected so nothing was laying on top of anything.
  
  double checking that won't hurt ...
  
  best,
  Herbert
  
 in case it helps
 hardware is
 2xopteron dual core 265
 tyan 2882D motherboard
 4gb registered ram
 2 sata2 drives in raid1 configuration.
 
 could i have a setting wrong in the kernel? 

maybe that for the console ...

HTH,
Herbert

 -- 
 
 Chuck
 
 ...and the hordes of M$*ft users descended upon me in their anger,
 and asked 'Why do you not get the viruses or the BlueScreensOfDeath
 or insecure system troubles and slowness or pay through the nose 
 for an OS as *we* do?!!', and I answered...'I use Linux'. 
 The Book of John, chapter 1, page 1, and end of book
 
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver

   
   -- 
   
   Chuck
   
   ...and the hordes of M$*ft users descended upon me in their anger,
   and asked 'Why do you not get the viruses or the BlueScreensOfDeath
   or insecure system troubles and slowness or pay through the nose 
   for an OS as *we* do?!!', and I answered...'I use Linux'. 
   The Book of John, chapter 1, page 1, and end of book
   
   
   ___
   Vserver mailing list
   Vserver@list.linux-vserver.org
   http://list.linux-vserver.org/mailman/listinfo/vserver
  
 
 -- 
 
 Chuck
 
 ...and the hordes of M$*ft users descended upon me in their anger,
 and asked 'Why do you not get the viruses or the BlueScreensOfDeath
 or insecure system troubles and slowness or pay through the nose 
 for an OS as *we* do?!!', and I answered...'I use Linux'. 
 The Book of John, chapter 1, page 1, and end of book
 
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book

Re: [Vserver] qmail-queue-scanner on vserver

2006-12-06 Thread Chuck
On Wednesday 06 December 2006 17:24, John Alberts wrote:
 I'm running vserver on Gentoo (host and guest) and I'm following this
 guide (http://gentoo-wiki.com/QmailRocksOnGentoo) for installing the
 whole Qmail Rocks set of packages.
 Everything seems to be working great except I can't get
 qmail-queue-scanner to detect spamassassin running.
 The way the build process works for qmail-queue-scanner, is it tries
 to detect what is installed and running and then customizes the perl
 script to use the detected services.  I think the script is trying to
 detect if it's running by using localhost, so it keeps saying that
 spamassassin isn't running, even though it clearly is running.

the configure script can be edited and the hardcoded 127.0.0.1 changed to the 
primary ip of the guest if it is really doing that. the only one i know of so 
far that hard codes that in configure is nagios.
 
 I guess my question is; Has anyone else been able to get
 qmail-queue-scanner installed and working properly with spamassassin
 on a vserver?

we have qmail with qmail-scanner, spamassassin (spamd/spamc), clamd, spf 
plugin, and grey listing plugin running in a verver since Nov of 05 with no 
problem at all. it just works. however we have a more simple system than most 
in that it is restricted to contact only our primary smtp server and it is 
only an smtp server with absolutely no relay priv. at all, there are no 
mailboxes on that ... it runs as our secondary mx only.

i dont trust the auto intsalls of qmail scanner so i always go over the .pl 
file manually and correct things here and there to match how we like things 
to be.

i also do not update that vserver very much at all except for severe security 
issues if i ever hear of them .. if it works dont fix it is what i do with 
that one :)

 I installed this same thing on a non-vserver system about 2 years ago
 and I didn't have this problem.
 

i cannot vouch for the accuracy of this statement, but i have heard that the 
options/install/configure process has changed since '05 which may be the 
problem now.

 So far, to troubleshoot, I have added the 'Remap Source IP Address'
 kernel option and rebooted.  I've tried 127.0.0.1 localhost and
 myguestip localhost in the /etc/hosts file.
 My last attempt was to follow the wiki suggestion of adding a lo
 adapter.  I can now ping 127.0.0.1 in the guest, but no change in the
 scanner program.
 

personally i would let it install regardless of what it found, then edit 
the .pl file and be done with it :)

 Of course, I've already done the usual thing of looking for all
 instances of localhost or 127.0.0.1 and replacing it with myguestip.
 
 
 -John
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] 2006.1 Gentoo x86 stage3 for vserver ?

2006-12-05 Thread Chuck
I have searched everywhere I can think of and can only find stage3 files dated 
march 2006. That will require an entire rebuild to bring it to spec!

Any place to find something done using 2006.1/gcc4.1.1? I understand I cannot 
build my own any more as there are no more vserver baselayout packages 
according to a previous msg in this list and I must use production quality 
packages on this machine. I cannot use experimentals.

-- 

Chuck




___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] 2006.1 Gentoo x86 stage3 for vserver ?

2006-12-05 Thread Chuck
On Tuesday 05 December 2006 07:36, Oliver Welter wrote:

i was under the impression it was still ~x86 and not production yet. maybe I 
am severely mistaken, and I hope so.. it would be much easier :)

I am not against running vserver experimentals on our production machines 
because I trust them totally, but this is for a customer who is buying a box 
from us and and our remote maintenance services and wants it set up with all 
virtual servers. I cannot allow a non production piece of code into this 
particular box.


 Chuck wrote:
  I have searched everywhere I can think of and can only find stage3 files 
dated 
  march 2006. That will require an entire rebuild to bring it to spec!
 
 is it a bad idea to use a default stage3
 
 AFAIK since the last update of the baselayout it is not necessary to use 
 a special stage - perhaps hollow or phreak can shade some lights
 
 Oliver
 -- 
 Diese Nachricht wurde digital unterschrieben
 oliwel's public key: http://www.oliwel.de/oliwel.crt
 Basiszertifikat: http://www.ldv.ei.tum.de/page72
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] 2006.1 Gentoo x86 stage3 for vserver ?

2006-12-05 Thread Chuck
On Tuesday 05 December 2006 10:06, John Alberts wrote:
 What arch do you need?  If you need x86, I gave Bob P from the
 Jackass! project a tarball that was created around September.  You can
 download it at one of the mirrors at:
 http://jackass.homelinux.org/jackass/mirror.html
 

i686

thank you however i cannot access any of the mirrors listed.

only one answered an ftp client and it required a login other than anonymous

 If you need an amd64 arch, I can try and tarball one up for you
 tonight and provide a link tomorrow.
 
 -John
 
 
 On 12/5/06, Benedikt Böhm [EMAIL PROTECTED] wrote:
  On Tuesday 05 December 2006 12:57, Chuck wrote:
   I have searched everywhere I can think of and can only find stage3 files
   dated march 2006. That will require an entire rebuild to bring it to 
spec!
 
  unfortunately these are the newest vserver stage3 currently available...
 
   Any place to find something done using 2006.1/gcc4.1.1? I understand I
   cannot build my own any more as there are no more vserver baselayout
   packages according to a previous msg in this list and I must use 
production
   quality packages on this machine. I cannot use experimentals.
 
  As long as baselayout-1.13 is not stable, there will be no standard stages
  that work with vserver... you still have to use vserver stages until it's
  stable...
 
  baselayout-vserver still exists, and should be used in production
  environments, it will be removed after 1.13 is stable...
 
  probably i'll create a bunch of new stages meanwhile, so that upgrade 
loads
  will decrease..
 
  Bene
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] 2006.1 Gentoo x86 stage3 for vserver ?

2006-12-05 Thread Chuck
On Tuesday 05 December 2006 10:48, John Alberts wrote:
 BTW, I forgot to mention.  This vserver is built following the
 Jackass! guide (http://jackass.homelinux.org/forums/viewtopic.php?t=133).
  I think you need to be registered on the forums to actually follow
 that link.
 
 What this means is that it is built with GCC 4.1 and uses nptl by default.
 

that's exactly what i need. 2006.1 profile, gcc 4.1.1 and nptlonly

this way i will only have to do a normal update on things rather than careful 
rebuild/conversions. the only other requirement i must follow for this build 
is it must only contain production code. i will have to replace any ~x86 with 
production otherwise.



 -John
 
 
 On 12/5/06, John Alberts [EMAIL PROTECTED] wrote:
  That's very strange.  I just tried it and it works fine.
 
  Try this direct link to one of the mirrors.
  
ftp://jackass.ahrends.org/jackass/vserver/jackass-vserver-i686-20060725.tar.bz2
 
 
 
  On 12/5/06, Chuck [EMAIL PROTECTED] wrote:
   On Tuesday 05 December 2006 10:06, John Alberts wrote:
What arch do you need?  If you need x86, I gave Bob P from the
Jackass! project a tarball that was created around September.  You can
download it at one of the mirrors at:
http://jackass.homelinux.org/jackass/mirror.html
   
  
   i686
  
   thank you however i cannot access any of the mirrors listed.
  
   only one answered an ftp client and it required a login other than 
anonymous
  
If you need an amd64 arch, I can try and tarball one up for you
tonight and provide a link tomorrow.
   
-John
   
   
On 12/5/06, Benedikt Böhm [EMAIL PROTECTED] wrote:
 On Tuesday 05 December 2006 12:57, Chuck wrote:
  I have searched everywhere I can think of and can only find stage3 
files
  dated march 2006. That will require an entire rebuild to bring it 
to
   spec!

 unfortunately these are the newest vserver stage3 currently 
available...

  Any place to find something done using 2006.1/gcc4.1.1? I 
understand I
  cannot build my own any more as there are no more vserver 
baselayout
  packages according to a previous msg in this list and I must use
   production
  quality packages on this machine. I cannot use experimentals.

 As long as baselayout-1.13 is not stable, there will be no standard 
stages
 that work with vserver... you still have to use vserver stages until 
it's
 stable...

 baselayout-vserver still exists, and should be used in production
 environments, it will be removed after 1.13 is stable...

 probably i'll create a bunch of new stages meanwhile, so that 
upgrade
   loads
 will decrease..

 Bene
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver

___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
   
  
   --
  
   Chuck
  
   ...and the hordes of M$*ft users descended upon me in their anger,
   and asked 'Why do you not get the viruses or the BlueScreensOfDeath
   or insecure system troubles and slowness or pay through the nose
   for an OS as *we* do?!!', and I answered...'I use Linux'. 
   The Book of John, chapter 1, page 1, and end of book
  
  
   ___
   Vserver mailing list
   Vserver@list.linux-vserver.org
   http://list.linux-vserver.org/mailman/listinfo/vserver
  
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] 2006.1 Gentoo x86 stage3 for vserver ?

2006-12-05 Thread Chuck
On Tuesday 05 December 2006 11:07, Benedikt Böhm wrote:
 On Tuesday 05 December 2006 16:06, John Alberts wrote:
  What arch do you need?  If you need x86, I gave Bob P from the
  Jackass! project a tarball that was created around September.  You can
  download it at one of the mirrors at:
  http://jackass.homelinux.org/jackass/mirror.html
 
  If you need an amd64 arch, I can try and tarball one up for you
  tonight and provide a link tomorrow.
 
 please take a look at http://dev.croup.de/repos/gentoo-vps/stages/ if you 
want 
 to build own stages... you will need catalyst for the script to work...

:) don't really care about building stages etc, i just need a production, very 
recent template to clone that uses the new clib, gcc4.1.1 and nptl.. 
converting an older version stage will take way too long as i work in a 
production environment and we must deliver this machine to the customer fully 
tested and debugged tomorrow morning..

this is why i have almost no time for testing any more and why i got so upset 
i had to waste time researching that arping fiasco with the net code. :(
by my schedule i was supposed to have that vserver code i am downloading now 
running and doing its updates last night but instead i spent it chasing down 
behavior pointing to an automatically included arping module that i found out 
about thanks to a forum tip.


 
 i will give it a run during this week, and upload the new stages then...
 
 
  -John
 
  On 12/5/06, Benedikt Böhm [EMAIL PROTECTED] wrote:
   On Tuesday 05 December 2006 12:57, Chuck wrote:
I have searched everywhere I can think of and can only find stage3
files dated march 2006. That will require an entire rebuild to bring 
it
to spec!
  
   unfortunately these are the newest vserver stage3 currently available...
  
Any place to find something done using 2006.1/gcc4.1.1? I understand I
cannot build my own any more as there are no more vserver baselayout
packages according to a previous msg in this list and I must use
production quality packages on this machine. I cannot use
experimentals.
  
   As long as baselayout-1.13 is not stable, there will be no standard
   stages that work with vserver... you still have to use vserver stages
   until it's stable...
  
   baselayout-vserver still exists, and should be used in production
   environments, it will be removed after 1.13 is stable...
  
   probably i'll create a bunch of new stages meanwhile, so that upgrade
   loads will decrease..
  
   Bene
   ___
   Vserver mailing list
   Vserver@list.linux-vserver.org
   http://list.linux-vserver.org/mailman/listinfo/vserver
 
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] iproute2 behavior problem

2006-12-03 Thread Chuck
On Sunday 03 December 2006 00:28, Herbert Poetzl wrote:


this is during boot when initializing the ethx adapters. 


 On Fri, Dec 01, 2006 at 10:32:12PM -0500, Chuck wrote:
 
  i am assuming this behavior is in recent iproute2 changes. previously
  on an x86 machine last year, 140 ip addys on one nic would load very
  fast.
 
  now, on amd64 current versions, it pauses 2 whole seconds between ip
  addys!!
 
 when you add them? remove them? or just view them?
 
 could be an overeager nameservice reverse lookup
 trying to find a name to your IPs :)
 
 HTH,
 Herbert
 
  it is intolerable. does anyone have a fix for this or know what causes
  it?
 
 too little information ...
 
 best,
 Herbert
 
  --
 
  Chuck
 
  ___
  Vserver mailing list Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] iproute2 behavior problem

2006-12-03 Thread Chuck
On Sunday 03 December 2006 00:28, Herbert Poetzl wrote:


it also occurs any time i initialize them. if i take eth2 down and bring it 
back up same behavior. i tried switching adapters for experiment and it still 
is the same on a different chipset adapter.

i first thought it could have been driver related to a specific chipset but no 
it behaves the same on each of these:


1 Realtek Semiconductor Co., Ltd. RTL-8169 Gigabit Ethernet
2 Broadcom Corporation NetXtreme BCM5704 Gigabit Ethernet
1 Intel Corporation 82557/8/9 [Ethernet Pro 100]

 On Fri, Dec 01, 2006 at 10:32:12PM -0500, Chuck wrote:
 
  i am assuming this behavior is in recent iproute2 changes. previously
  on an x86 machine last year, 140 ip addys on one nic would load very
  fast.
 
  now, on amd64 current versions, it pauses 2 whole seconds between ip
  addys!!
 
 when you add them? remove them? or just view them?
 
 could be an overeager nameservice reverse lookup
 trying to find a name to your IPs :)
 
 HTH,
 Herbert
 
  it is intolerable. does anyone have a fix for this or know what causes
  it?
 
 too little information ...
 
 best,
 Herbert
 
  --
 
  Chuck
 
  ___
  Vserver mailing list Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] iproute2 behavior problem

2006-12-03 Thread Chuck
On Sunday 03 December 2006 00:28, Herbert Poetzl wrote:

i just tried an experiment. i placed 5 ips on an adapter on the older dell x86 
system and still the same behavior so it is not arch related.

 On Fri, Dec 01, 2006 at 10:32:12PM -0500, Chuck wrote:
 
  i am assuming this behavior is in recent iproute2 changes. previously
  on an x86 machine last year, 140 ip addys on one nic would load very
  fast.
 
  now, on amd64 current versions, it pauses 2 whole seconds between ip
  addys!!
 
 when you add them? remove them? or just view them?
 
 could be an overeager nameservice reverse lookup
 trying to find a name to your IPs :)
 
 HTH,
 Herbert
 
  it is intolerable. does anyone have a fix for this or know what causes
  it?
 
 too little information ...
 
 best,
 Herbert
 
  --
 
  Chuck
 
  ___
  Vserver mailing list Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] iproute2 behavior problem

2006-12-03 Thread Chuck
On Sunday 03 December 2006 09:25, Michael S. Zick wrote:


will check all this out. thanks... this is a  production machine and when i 
reboot it on those rare occasions very late at night, i need it to boot fast 
as possible with no unnecessary delays as it takes a large number of our 
sevices down during that time. why someone would introduce a 2 second delay 
between ip assignments is beyond me. unless someone added a delay for reading 
diag messages then forgot to remove it.


 On Sun December 3 2006 05:50, Chuck wrote:
  On Sunday 03 December 2006 00:28, Herbert Poetzl wrote:
  
  
  this is during boot when initializing the ethx adapters. 
 
 
 I noticed that myself on a Debian/Etch system - I suppose
 any distro that follows their lead (uses the same udevd) 
 might have the same symptoms;
 
 Look for: /etc/udev/rules.d/z25_persistent-net.rules
 which is generated at runtime, during boot,
 by /etc/udev/persistent-net-generator.rules
 
 If you do not intend to be changing nic's in the box 
 in-between boots, then that rule generator only needs
 to run once per life-time of the machine - not once
 per every boot.
 
 I don't have my hands on your set-up - so I can't say
 what/how to make the changes to your configuration files,
 but that is the 'slow to initialize' ethernet nics problem
 area.
 
 Believe me, you do not want to plug in a usb-nic if you want
 a fast boot - it will eventually boot but you could swear
 the kernel hung while waiting.
 
 Mike
  
   On Fri, Dec 01, 2006 at 10:32:12PM -0500, Chuck wrote:
   
i am assuming this behavior is in recent iproute2 changes. previously
on an x86 machine last year, 140 ip addys on one nic would load very
fast.
   
now, on amd64 current versions, it pauses 2 whole seconds between ip
addys!!
   
   when you add them? remove them? or just view them?
   
   could be an overeager nameservice reverse lookup
   trying to find a name to your IPs :)
   
   HTH,
   Herbert
   
it is intolerable. does anyone have a fix for this or know what causes
it?
   
   too little information ...
   
   best,
   Herbert
   
--
   
Chuck
   
___
Vserver mailing list Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
   
  
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] iproute2 behavior problem

2006-12-03 Thread Chuck
On Sunday 03 December 2006 09:25, Michael S. Zick wrote:


honestly these have stumped me. i find nothing remotely resembling anything 
that would cause a delay.. i have a hard time reading all the greek in these 
things as many of these scripts make extensive use of regx.. i traced various 
scripts they call/use all the way through and could find nothing even 
remotely resembling a delay. guess ill have to try creating a script calling 
iproute2 directly for addr assignments and see if it still delays, and if so 
ill have to dig into the iproute2 code to see why. i really dont need these 
delays in my work as debugging this behavior is making me fall severely 
behind, but this boot problem is intolerable.

i never noticed it before now because i didnt have to reboot the old machine 
in the past year, and updates have been done and just sit there for when it 
does get rebooted. since this is a new machine i'm working on now, it was 
quite noticable first time out.

 On Sun December 3 2006 05:50, Chuck wrote:
  On Sunday 03 December 2006 00:28, Herbert Poetzl wrote:
  
  
  this is during boot when initializing the ethx adapters. 
 
 
 I noticed that myself on a Debian/Etch system - I suppose
 any distro that follows their lead (uses the same udevd) 
 might have the same symptoms;
 
 Look for: /etc/udev/rules.d/z25_persistent-net.rules
 which is generated at runtime, during boot,
 by /etc/udev/persistent-net-generator.rules
 
 If you do not intend to be changing nic's in the box 
 in-between boots, then that rule generator only needs
 to run once per life-time of the machine - not once
 per every boot.
 
 I don't have my hands on your set-up - so I can't say
 what/how to make the changes to your configuration files,
 but that is the 'slow to initialize' ethernet nics problem
 area.
 
 Believe me, you do not want to plug in a usb-nic if you want
 a fast boot - it will eventually boot but you could swear
 the kernel hung while waiting.
 
 Mike
  
   On Fri, Dec 01, 2006 at 10:32:12PM -0500, Chuck wrote:
   
i am assuming this behavior is in recent iproute2 changes. previously
on an x86 machine last year, 140 ip addys on one nic would load very
fast.
   
now, on amd64 current versions, it pauses 2 whole seconds between ip
addys!!
   
   when you add them? remove them? or just view them?
   
   could be an overeager nameservice reverse lookup
   trying to find a name to your IPs :)
   
   HTH,
   Herbert
   
it is intolerable. does anyone have a fix for this or know what causes
it?
   
   too little information ...
   
   best,
   Herbert
   
--
   
Chuck
   
___
Vserver mailing list Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
   
  
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] iproute2 behavior problem

2006-12-03 Thread Chuck
On Sunday 03 December 2006 10:14, Michael S. Zick wrote:

we have all nic modules built into the kernel. we normally do not use modules 
at all for security reasons. this particular machine had to have a disk 
module so it would load that after the raid system since we are booting from 
the raid. so that is the only module loaded thanks anyway...


 On Sun December 3 2006 08:31, Chuck wrote:
  On Sunday 03 December 2006 09:25, Michael S. Zick wrote:
  
  
  will check all this out. thanks... this is a  production machine and when 
i 
  reboot it on those rare occasions very late at night, i need it to boot 
fast 
  as possible with no unnecessary delays as it takes a large number of our 
  sevices down during that time. why someone would introduce a 2 second 
delay 
  between ip assignments is beyond me. unless someone added a delay for 
reading 
  diag messages then forgot to remove it.
 
 
 Just guessing on insufficient knowledge -
 
 This new udevd is part of the change to parallel initialization;
 Which is supposed to speed up the boot process.
 
 The parallel initialization is a dependency guided system;
 Could be that does not have all the rough edges smoothed out.
 
 I 'fixed' mine by building the required ethernet drivers into
 the kernel rather than let the system auto-load the modules.
 (Three nics, two pci, one usb)
 
 Now that is not a 'fix' of the problem - but a work-around to
 get my kernel to boot within a reasonable amount of time.
 
 Since this is only a personal-use machine, not a production
 machine; I just said: good enough for now and went on to
 more pressing issues here without really running down the
 prime cause.
 
 Mike
  
   On Sun December 3 2006 05:50, Chuck wrote:
On Sunday 03 December 2006 00:28, Herbert Poetzl wrote:


this is during boot when initializing the ethx adapters. 
   
   
   I noticed that myself on a Debian/Etch system - I suppose
   any distro that follows their lead (uses the same udevd) 
   might have the same symptoms;
   
   Look for: /etc/udev/rules.d/z25_persistent-net.rules
   which is generated at runtime, during boot,
   by /etc/udev/persistent-net-generator.rules
   
   If you do not intend to be changing nic's in the box 
   in-between boots, then that rule generator only needs
   to run once per life-time of the machine - not once
   per every boot.
   
   I don't have my hands on your set-up - so I can't say
   what/how to make the changes to your configuration files,
   but that is the 'slow to initialize' ethernet nics problem
   area.
   
   Believe me, you do not want to plug in a usb-nic if you want
   a fast boot - it will eventually boot but you could swear
   the kernel hung while waiting.
   
   Mike

 On Fri, Dec 01, 2006 at 10:32:12PM -0500, Chuck wrote:
 
  i am assuming this behavior is in recent iproute2 changes. 
previously
  on an x86 machine last year, 140 ip addys on one nic would load 
very
  fast.
 
  now, on amd64 current versions, it pauses 2 whole seconds between 
ip
  addys!!
 
 when you add them? remove them? or just view them?
 
 could be an overeager nameservice reverse lookup
 trying to find a name to your IPs :)
 
 HTH,
 Herbert
 
  it is intolerable. does anyone have a fix for this or know what 
causes
  it?
 
 too little information ...
 
 best,
 Herbert
 
  --
 
  Chuck
 
  ___
  Vserver mailing list Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

   ___
   Vserver mailing list
   Vserver@list.linux-vserver.org
   http://list.linux-vserver.org/mailman/listinfo/vserver
   
  
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] iproute2 behavior problem

2006-12-03 Thread Chuck
On Sunday 03 December 2006 10:48, Herbert Poetzl wrote:



ahh no... these ips are for the mail server which runs on the host. they have 
nothing to do with guests.. each guest brings up its own ip as it starts.

once i can convert all our users to the change needed for namespace use, then 
i will have only 2 ips for the name server and will place it into a guest. 
until then it has to hog our host.

regardless 2 seconds between ip loading is not acceptable under any 
conditions, so i want to find out what causes it and fix it. :)


 On Sun, Dec 03, 2006 at 07:08:30AM -0500, Chuck wrote:
  On Sunday 03 December 2006 00:28, Herbert Poetzl wrote:
  
  i just tried an experiment. i placed 5 ips on an adapter on the older
  dell x86 system and still the same behavior so it is not arch related.
 
   On Fri, Dec 01, 2006 at 10:32:12PM -0500, Chuck wrote:
 
i am assuming this behavior is in recent iproute2 changes.
previously on an x86 machine last year, 140 ip addys on one nic
would load very fast.
 
 what I do not understand here, why do you configure
 140 ips when the host boots at all? wouldn't it be
 much easier to let util-vserver add the IPs per
 guest? I'd assume that this would speed up the
 configuration significantly too, as the tools do
 not run those funny scripts AFAIK :)
 
 HTH,
 Herbert
 
now, on amd64 current versions, it pauses 2 whole seconds between
ip addys!!
   
   when you add them? remove them? or just view them?
   
   could be an overeager nameservice reverse lookup
   trying to find a name to your IPs :)
   
   HTH,
   Herbert
   
it is intolerable. does anyone have a fix for this or know what causes
it?
   
   too little information ...
   
   best,
   Herbert
   
--
   
Chuck
   
___
Vserver mailing list Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
   
  
  -- 
  
  Chuck
  
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose 
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] iproute2 behavior problem

2006-12-03 Thread Chuck
On Sunday 03 December 2006 11:13, Chuck wrote:
 On Sunday 03 December 2006 10:48, Herbert Poetzl wrote:
 
 
 
 ahh no... these ips are for the mail server which runs on the host. they 
have 
 nothing to do with guests.. each guest brings up its own ip as it starts.
 
 once i can convert all our users to the change needed for namespace use, 
then 
 i will have only 2 ips for the name server and will place it into a guest. 
 until then it has to hog our host.
 
oops. just noticed.. mail server not name server :)

 regardless 2 seconds between ip loading is not acceptable under any 
 conditions, so i want to find out what causes it and fix it. :)
 
 
  On Sun, Dec 03, 2006 at 07:08:30AM -0500, Chuck wrote:
   On Sunday 03 December 2006 00:28, Herbert Poetzl wrote:
   
   i just tried an experiment. i placed 5 ips on an adapter on the older
   dell x86 system and still the same behavior so it is not arch related.
  
On Fri, Dec 01, 2006 at 10:32:12PM -0500, Chuck wrote:
  
 i am assuming this behavior is in recent iproute2 changes.
 previously on an x86 machine last year, 140 ip addys on one nic
 would load very fast.
  
  what I do not understand here, why do you configure
  140 ips when the host boots at all? wouldn't it be
  much easier to let util-vserver add the IPs per
  guest? I'd assume that this would speed up the
  configuration significantly too, as the tools do
  not run those funny scripts AFAIK :)
  
  HTH,
  Herbert
  
 now, on amd64 current versions, it pauses 2 whole seconds between
 ip addys!!

when you add them? remove them? or just view them?

could be an overeager nameservice reverse lookup
trying to find a name to your IPs :)

HTH,
Herbert

 it is intolerable. does anyone have a fix for this or know what 
causes
 it?

too little information ...

best,
Herbert

 --

 Chuck

 ___
 Vserver mailing list Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver

   
   -- 
   
   Chuck
   
   ...and the hordes of M$*ft users descended upon me in their anger,
   and asked 'Why do you not get the viruses or the BlueScreensOfDeath
   or insecure system troubles and slowness or pay through the nose 
   for an OS as *we* do?!!', and I answered...'I use Linux'. 
   The Book of John, chapter 1, page 1, and end of book
   
   
   ___
   Vserver mailing list
   Vserver@list.linux-vserver.org
   http://list.linux-vserver.org/mailman/listinfo/vserver
  
 
 -- 
 
 Chuck
 
 ...and the hordes of M$*ft users descended upon me in their anger,
 and asked 'Why do you not get the viruses or the BlueScreensOfDeath
 or insecure system troubles and slowness or pay through the nose 
 for an OS as *we* do?!!', and I answered...'I use Linux'. 
 The Book of John, chapter 1, page 1, and end of book
 
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Maximum guest on one host

2006-12-03 Thread Chuck
On Sunday 03 December 2006 14:16, Adrien Laurent wrote:


we have one centos64 guest running and judging by that one, all idle doing 
nothing, loading nothing other than requirements to boot, my guess is 
150-200.. but if activity/applications get loaded that may drop to 100 or so.  
these are just rough guesses on my part.. i am sure someone has a more 
scientific method to determine this, or maybe has something similar they can 
quote from experience.

 Hi,
 
 I have a project of giving away free voip servers using vserver.
 Each servers will be a minimal centos installation with few
 additionnal packages.
 They will all have a public ip - no firewall.
 
 Considering that all the servers are idle - how many of them can a
 regular server (Pentium 3.0Ghz - 2go ram) handle ?
 
 
 Thanks,
 
 
 Adrien
 
 
 
 
 
 -- 
 Adrien Laurent
 Chief Information Officer
 (514) 284-2020 x 202
 [EMAIL PROTECTED]
 www.modulis.ca
 
 Technical questions? [EMAIL PROTECTED]
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] snmp vserver

2006-12-03 Thread Chuck
On Sunday 03 December 2006 21:31, Adrien Laurent wrote:
 Hi,
 
 With the setup:
 host: centos 4 - 2.6.18.1-vs2.0.2.2-rc4 - eth0(192.168.0.1) -
 lo(127.0.0.1) - runs snmp
 guest: centos 4 - eth0(192.168.0.2) - runs snmp  cacti
 
 
 I'm trying to graph the usage of my vserver using snmp and cacti; I
 face the following problems:
 
 - Cacti default setup ping 127.0.0.1 which is not activated by default
 on my vserver guest, is it possible to enable lo(127.0.0.1) on a guest
 ?

i have not done it myself but one of our techs has cacti successfully running 
inside a vserver. for the first thing, set localhost to the guest primary ip 
in /etc/hosts and do a grep on the config files of the programs you use to 
find all instances of 127.0.0.1. change them to the primary ip of your guest.

once all that is done i believe it should work properly for you in testing 
your guests. he has monitoring all of our guests.

 
 - When I graph the snmp from guest I get the ip  data of the host 
192.168.0.1
 
 - Do you know an easy way on how I could get network stat per ip for
 all the vservers ?
 
 
 Thanks a lot for any help !
 
 
 Adrien
 
 
 
 -- 
 Adrien Laurent
 Chief Information Officer
 (514) 284-2020 x 202
 [EMAIL PROTECTED]
 www.modulis.ca
 
 Technical questions? [EMAIL PROTECTED]
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] snmp vserver

2006-12-03 Thread Chuck
On Sunday 03 December 2006 21:59, Adrien Laurent wrote:


i have yet to run into a program that cannot be changed from 127.0.0.1 to 
another ip, plus i don't know how to do it, but i read that the newer vserver 
code and kernel allow you to map localhost within a guest, or something 
similar. someone else will have to answer that one who knows..

we have one instance of cacti running (in its own guest) that monitors our 
entire network including all our guest vservers and extended network 
components that are in remote places around the nation. i believe all that is 
needed is snmp within each guest or location to answer cacti's requests... 
snmp uses very few resources... i will have to speak with our tech tomorrow 
about this.

 Thanks,
 
 Actually, that's what I did; I replace 127.0.0.1 with the ip of the guest.
 But I fear that I will meet one time or another a program that needs 
127.0.0.1.
 
 The problem with this solution is that it requires an instance of
 cacti inside each guests, which is not convenient for resources and
 management.
 
 Adrien
 
 On 12/3/06, Chuck [EMAIL PROTECTED] wrote:
  On Sunday 03 December 2006 21:31, Adrien Laurent wrote:
   Hi,
  
   With the setup:
   host: centos 4 - 2.6.18.1-vs2.0.2.2-rc4 - eth0(192.168.0.1) -
   lo(127.0.0.1) - runs snmp
   guest: centos 4 - eth0(192.168.0.2) - runs snmp  cacti
  
  
   I'm trying to graph the usage of my vserver using snmp and cacti; I
   face the following problems:
  
   - Cacti default setup ping 127.0.0.1 which is not activated by default
   on my vserver guest, is it possible to enable lo(127.0.0.1) on a guest
   ?
 
  i have not done it myself but one of our techs has cacti successfully 
running
  inside a vserver. for the first thing, set localhost to the guest primary 
ip
  in /etc/hosts and do a grep on the config files of the programs you use to
  find all instances of 127.0.0.1. change them to the primary ip of your 
guest.
 
  once all that is done i believe it should work properly for you in testing
  your guests. he has monitoring all of our guests.
 
  
   - When I graph the snmp from guest I get the ip  data of the host
  192.168.0.1
  
   - Do you know an easy way on how I could get network stat per ip for
   all the vservers ?
  
  
   Thanks a lot for any help !
  
  
   Adrien
  
  
  
   --
   Adrien Laurent
   Chief Information Officer
   (514) 284-2020 x 202
   [EMAIL PROTECTED]
   www.modulis.ca
  
   Technical questions? [EMAIL PROTECTED]
   ___
   Vserver mailing list
   Vserver@list.linux-vserver.org
   http://list.linux-vserver.org/mailman/listinfo/vserver
  
 
  --
 
  Chuck
 
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book
 
 
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 
 
 
 -- 
 Adrien Laurent
 Chief Information Officer
 (514) 284-2020 x 202
 [EMAIL PROTECTED]
 www.modulis.ca
 
 Technical questions? [EMAIL PROTECTED]
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] resource management

2006-12-02 Thread Chuck
On Saturday 02 December 2006 09:48, Michael S. Zick wrote:

do you or anyone know if this kernel has the memory page/reiser problem?

2.6.17-vs2.0.2.1-gentoo also compiled with 2006.1 profile, gcc4.1.1 and the 
new glibc

i have it installed for vservers in case i need an emergency server to add but 
it will normally not have guests installed. this machine is an x86 4xp3 
machine being set up as our NAS backup storage server (also running reiser on 
lvm2).


 On Fri December 1 2006 22:56, Chuck wrote:
  On Friday 01 December 2006 21:51, Michael S. Zick wrote:
  
  i installed this new kernel, and decided to reboot immediately. there is a 
  CONSIDERABLE difference in the amount of initial memory used! i have never 
  seen this machine this low before. 680mb. typically startup memory has 
always 
  been around 900mb. 
 
 
 Super!
  
  there is also a noticable difference in the response of the machine.. time 
  will tell.
 
 
 A personal record: 2.6.18.2 is the only kernel that ever trashed my 
reiserfs.
 I have been beating on 2.6.18.3 for over a week now with no problems found.
 
  thanks for the info!
  
  i still need to find out if i need to set file handles higher etc, and how 
to 
  do that.
  
 
 I do not have a clue to that question.  Someone on the list that is running
 a high resource requirement installation will have to comment on that.
 
  
 
 Mike
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] numa option

2006-12-02 Thread Chuck
On Saturday 02 December 2006 16:26, Bert De Vuyst wrote:


Thank you. Clears it all up now.. good.

 On Saturday 02 December 2006 04:45, Chuck wrote:
  i have this option turned on via recommendation of the help, but i see 
then
  talking about dual core opteron and em64t in the same breath. what is 
em64t
  and would i have it with a tyan mobo and dual opteron multicore 
processors?
 
 EM64 is a INTEL Xeon/woodcrest with 64bit extentions.
 These systems use a shared bus for there CPUs. (no NUMA)
 
 a AMD dual Opteron system uses NUMA. (both for single and dual core)
 a single AMD Opteron dual core doesn't use UNMA.
 
 Best regards,
 
 Bert.
 
 
  CONFIG_NUMA:
  Enable NUMA (Non Uniform Memory Access) support. The kernel
  will try to allocate memory used by a CPU on the local memory
  controller of the CPU and add some more NUMA awareness to the kernel.
  This code is recommended on all multiprocessor Opteron systems.
  If the system is EM64T, you should say N unless your system is EM64T
  NUMA
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] resource management

2006-12-01 Thread Chuck
suddenly out of nowhere, on a brand new 1 month old dual opteron machine we 
started getting system lockups and crashes.. I managed to track it down to a 
bad block in the email mailboxes.. the email server, of necessity for now 
must run on the host since it uses 140ip addresses. eventually we will move 
everyone to namespace and i can put it into a vserver..

now on to my question.

we have a TON of open files I am sure. Presently there are 20 guests running, 
some, like a web server has 260 domain on it and it is quite busy. Are we 
approaching or exceeding some kind of system resource limit maybe?

I never get to see the console since the server is 1000 miles away, but this 
morning someone read a msg that seemd to be information only. I have no clue 
what this means:  Kernel Direct Mapping Table up to 100,000,000 @8000:d800.

Any clues? Any advice how to set higher resources in the host system if this 
is becoming a problem? I have never had to do this before but also have not 
worked on a system so large. We are only about half done. I expect there to 
be approx 50-60 vservers on this machine with at least 15-20 of them very 
busy.

The host install is 100% stock Gentoo with no modifications other than what is 
needed to run vservers.  The kernel is 2.6.18-vs2.0.2-gentoo-r8 with 
util-vserver 0.30.211. Everything is compiled 2006.1 gcc 4.1.1 and 
glibc .2.4-r4:2.2.

The disk subsystem is a SATA2 hardware raid5 with all partitions except root 
boot and swap, using LVM2. At present there are 27 mount points used.



-- 

Chuck




___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] resource management

2006-12-01 Thread Chuck
On Friday 01 December 2006 17:31, John Alberts wrote:

we sometimes get peaks for a few seconds to load averages of 8 or so but this 
is only when the list server is spewing out bursts of messages. other than 
that, normal averages are below 0.5 with average momentary peaks to 1.0..

i just looked now and this is the current status:

load average: 0.34, 0.20, 0.18

a vmstat snap shows this at approx the same time as the load average taken

valkyrie / # vmstat
procs ---memory-- ---swap-- -io --system-- cpu
 r  b   swpd   free   buff  cache   si   sobibo   incs us sy id wa
 0  0232 2221976 365020 47548400   482   257   7917  4  5 87  
5


unless many guests are doing heavy disk io, we never even come close to what i 
would call making the machine do more than loaf. 

my worry is running out of file handles or something of that nature.


 I'm sorry, I don't have an answer for you, but I do have a question.
 What is your cpu utilization with that many guests?  I know that
 vserver is extremely easy on resources; however, I think on the wiki
 it says that some tests show 1-2% resource utilization per guest os.
 with 20 guest running, that's 20-40% resource utilization just for
 running empty guests.  Of course, your not running empty guests (and
 you said some of the guests are heavily used), so I would expect your
 server to have very high resource usage.
 
 It may also help someone diagnose your problem by showing the output of 
vmstat.
 
 
 
 
 
 On 12/1/06, Chuck [EMAIL PROTECTED] wrote:
  suddenly out of nowhere, on a brand new 1 month old dual opteron machine 
we
  started getting system lockups and crashes.. I managed to track it down to 
a
  bad block in the email mailboxes.. the email server, of necessity for now
  must run on the host since it uses 140ip addresses. eventually we will 
move
  everyone to namespace and i can put it into a vserver..
 
  now on to my question.
 
  we have a TON of open files I am sure. Presently there are 20 guests 
running,
  some, like a web server has 260 domain on it and it is quite busy. Are we
  approaching or exceeding some kind of system resource limit maybe?
 
  I never get to see the console since the server is 1000 miles away, but 
this
  morning someone read a msg that seemd to be information only. I have no 
clue
  what this means:  Kernel Direct Mapping Table up to 100,000,000 
@8000:d800.
 
  Any clues? Any advice how to set higher resources in the host system if 
this
  is becoming a problem? I have never had to do this before but also have 
not
  worked on a system so large. We are only about half done. I expect there 
to
  be approx 50-60 vservers on this machine with at least 15-20 of them very
  busy.
 
  The host install is 100% stock Gentoo with no modifications other than 
what is
  needed to run vservers.  The kernel is 2.6.18-vs2.0.2-gentoo-r8 with
  util-vserver 0.30.211. Everything is compiled 2006.1 gcc 4.1.1 and
  glibc .2.4-r4:2.2.
 
  The disk subsystem is a SATA2 hardware raid5 with all partitions except 
root
  boot and swap, using LVM2. At present there are 27 mount points used.
 
 
 
  --
 
  Chuck
 
 
 
 
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] resource management

2006-12-01 Thread Chuck
On Friday 01 December 2006 17:38, Michael S. Zick wrote:
  The host install is 100% stock Gentoo with no modifications other than 
what is 
  needed to run vservers.  The kernel is 2.6.18-vs2.0.2-gentoo-r8 with 
 
 
 if the above kernel version is 2.6.18.2 as kernel.org numbers them,
 replace it with 2.6.18.3 or newer.

will have a look at that

 
 The kernel.org-2.6.18.3 has some page handling fixes in it.
 The 2.6.18.2 can be put into a situation where it does not properly use 
swap.

we only use about 25% of our ram at this time and i really dont expect any 
swap at all, but i do see a token amount which i am not sure where it comes 
from...

valkyrie / # free
 total   used   free sharedbuffers cached
Mem:   406032018450442215276  0 366696 477532
-/+ buffers/cache:10008163059504
Swap:  39037842323903552


 The host install is 100% stock Gentoo with no modifications other than what 
is 
 needed to run vservers.  The kernel is 2.6.18-vs2.0.2-gentoo-r8 with 

 util-vserver 0.30.211. Everything is compiled 2006.1 gcc 4.1.1 and 
 glibc .2.4-r4:2.2.

 Note: 'stock Distribution Name' does not mean an unmodified kernel.
 

no, I realize that... this is 'stock gentoo supplied vserver kernel'

 Mike
 
  util-vserver 0.30.211. Everything is compiled 2006.1 gcc 4.1.1 and 
  glibc .2.4-r4:2.2.

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] resource management

2006-12-01 Thread Chuck
On Friday 01 December 2006 21:51, Michael S. Zick wrote:
 On Fri December 1 2006 18:47, Chuck wrote:
  On Friday 01 December 2006 17:38, Michael S. Zick wrote:
The host install is 100% stock Gentoo with no modifications other than 
  what is 
needed to run vservers.  The kernel is 2.6.18-vs2.0.2-gentoo-r8 with 
   
   
   if the above kernel version is 2.6.18.2 as kernel.org numbers them,
   replace it with 2.6.18.3 or newer.
  
  will have a look at that
  
   
   The kernel.org-2.6.18.3 has some page handling fixes in it.
   The 2.6.18.2 can be put into a situation where it does not properly use 
   swap.
 
 My bad.  I was unclear - 'does not handle dirty pages properly' - pages 
 which should either be reclaimed from swap or swapped out.
 
 My reason for making that guess was the console message which you quoted.
 
 With 4g of ram, you have a ways to grow but will eventually run out of
 room if you push it hard enough.  And swap usage will look like you
 have plenty of room remaining when oom starts running and/or your filesystem
 starts to corrupt.
 
 Perhaps the easiest way to see if that is 2.6.18.3 is to try applying the
 2.6.8.2-3 diff patch to the kernel source with the Gentoo and VServer
 patches in place (only the extra version string should fail to apply).
 

there is a new one available via portage linux-2.6.18-vserver-2.1.1-r1

which i just downloaded. it probably is the -3 if below follows the kernel.org 
naming conventions.

DIST genpatches-2.6.18-3.base.tar.bz2
DIST genpatches-2.6.18-3.extras.tar.bz2

ill install that tomorrow and reboot it sometime late (3am) or so.

 If patch tells you 'patch already applied' then you have 2.6.18.3(+)
 
 Mike
  
  we only use about 25% of our ram at this time and i really dont expect any 
  swap at all, but i do see a token amount which i am not sure where it 
comes 
  from...
  
  valkyrie / # free
   total   used   free sharedbuffers cached
  Mem:   406032018450442215276  0 366696 477532
  -/+ buffers/cache:10008163059504
  Swap:  39037842323903552
  
  
   The host install is 100% stock Gentoo with no modifications other than 
what 
  is 
   needed to run vservers.  The kernel is 2.6.18-vs2.0.2-gentoo-r8 with 
  
   util-vserver 0.30.211. Everything is compiled 2006.1 gcc 4.1.1 and 
   glibc .2.4-r4:2.2.
  
   Note: 'stock Distribution Name' does not mean an unmodified kernel.
   
  
  no, I realize that... this is 'stock gentoo supplied vserver kernel'
  
   Mike
   
util-vserver 0.30.211. Everything is compiled 2006.1 gcc 4.1.1 and 
glibc .2.4-r4:2.2.
  
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] iproute2 behavior problem

2006-12-01 Thread Chuck
i am assuming this behavior is in recent iproute2 changes. previously on an 
x86 machine last year, 140 ip addys on one nic would load very fast.

now, on amd64 current versions, it pauses 2 whole seconds between ip addys!! 

it is intolerable. does anyone have a fix for this or know what causes it?

-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] numa option

2006-12-01 Thread Chuck
i have this option turned on via recommendation of the help, but i see then 
talking about dual core opteron and em64t in the same breath. what is em64t 
and would i have it with a tyan mobo and dual opteron multicore processors?


CONFIG_NUMA: 
Enable NUMA (Non Uniform Memory Access) support. The kernel 
  
will try to allocate memory used by a CPU on the local memory   
 
controller of the CPU and add some more NUMA awareness to the kernel.   
 
This code is recommended on all multiprocessor Opteron systems. 
 
If the system is EM64T, you should say N unless your system is EM64T
 
NUMA
-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] resource management

2006-12-01 Thread Chuck
On Friday 01 December 2006 21:51, Michael S. Zick wrote:

i installed this new kernel, and decided to reboot immediately. there is a 
CONSIDERABLE difference in the amount of initial memory used! i have never 
seen this machine this low before. 680mb. typically startup memory has always 
been around 900mb. 

there is also a noticable difference in the response of the machine.. time 
will tell.

thanks for the info!

i still need to find out if i need to set file handles higher etc, and how to 
do that.


 On Fri December 1 2006 18:47, Chuck wrote:
  On Friday 01 December 2006 17:38, Michael S. Zick wrote:
The host install is 100% stock Gentoo with no modifications other than 
  what is 
needed to run vservers.  The kernel is 2.6.18-vs2.0.2-gentoo-r8 with 
   
   
   if the above kernel version is 2.6.18.2 as kernel.org numbers them,
   replace it with 2.6.18.3 or newer.
  
  will have a look at that
  
   
   The kernel.org-2.6.18.3 has some page handling fixes in it.
   The 2.6.18.2 can be put into a situation where it does not properly use 
   swap.
 
 My bad.  I was unclear - 'does not handle dirty pages properly' - pages 
 which should either be reclaimed from swap or swapped out.
 
 My reason for making that guess was the console message which you quoted.
 
 With 4g of ram, you have a ways to grow but will eventually run out of
 room if you push it hard enough.  And swap usage will look like you
 have plenty of room remaining when oom starts running and/or your filesystem
 starts to corrupt.
 
 Perhaps the easiest way to see if that is 2.6.18.3 is to try applying the
 2.6.8.2-3 diff patch to the kernel source with the Gentoo and VServer
 patches in place (only the extra version string should fail to apply).
 
 If patch tells you 'patch already applied' then you have 2.6.18.3(+)
 
 Mike
  
  we only use about 25% of our ram at this time and i really dont expect any 
  swap at all, but i do see a token amount which i am not sure where it 
comes 
  from...
  
  valkyrie / # free
   total   used   free sharedbuffers cached
  Mem:   406032018450442215276  0 366696 477532
  -/+ buffers/cache:10008163059504
  Swap:  39037842323903552
  
  
   The host install is 100% stock Gentoo with no modifications other than 
what 
  is 
   needed to run vservers.  The kernel is 2.6.18-vs2.0.2-gentoo-r8 with 
  
   util-vserver 0.30.211. Everything is compiled 2006.1 gcc 4.1.1 and 
   glibc .2.4-r4:2.2.
  
   Note: 'stock Distribution Name' does not mean an unmodified kernel.
   
  
  no, I realize that... this is 'stock gentoo supplied vserver kernel'
  
   Mike
   
util-vserver 0.30.211. Everything is compiled 2006.1 gcc 4.1.1 and 
glibc .2.4-r4:2.2.
  
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Problems with Ethernet

2006-11-01 Thread Chuck
On Wednesday 01 November 2006 19:56, William Berks wrote:
 Yesterday I install a copy of Gentoo on a server that I am building.
 The motherboard, a Supermicro X7DVL-E uses 5000V Blackford-VS MCH
 chipset.  Until I tried the latest kernel from Gentoo 2.6.17, I could
 not find either the hard drives or the network.  But, with that kernel,
 everything works great.
 
 I then built a kernel using the vserver patches.  This is a 2.6.15
 kernel.  When I boot using this kernel, it fails to detect the network.
  has anyone else encounter this before?  Any suggestions?

sounds like version differences in the ethernet drivers. i had a similar 
problem where i selected the proper driver for the card, but it did not 
initialize it properly so i installed the latest version of the driver and it 
began working. later, a kernel upgrade included the new driver and it worked 
fine after that.

 
 Bill Berks
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] arping inside guest

2006-10-25 Thread Chuck
On Wednesday 25 October 2006 10:01, Herbert Poetzl wrote:
 On Tue, Oct 24, 2006 at 10:46:06AM -0400, Chuck wrote:
  i am trying to use the arping utility inside a guest. i have a ccap of
  raw_icmp already for something else in the guest. i keep getting this
  error
  
  arping: socket: Operation not permitted
 
 not unexpected, arp is not icmp :)
 
  i looked through the caps listing but can't find anything obvious that
  I should use..
 
 you need the 'evil' CAP_NET_RAW (bcaps) for this to
 work, as the arp ping utility generates raw packets
 on a raw socket ...
 

ok unless i can come up with another method ill have to use this.

  any suggestions?
  
  this is for a nagios monitoring setup where we cannot ping certain ip
  addresses because of their firewall settings, so i thought we could
  still monitor those using arping.
 
 makes it insecure, why not use a tcp or udp type
 ping to a known good port?

cant... maybe udp. have to check...these particular ones we have to monitor 
ignore ALL icmp and we have to tell if they are up. they run no services as 
they are a small office. the only thing we could think of to monitor them is 
to use their mac address.. not sure what else is available for nagios for 
this.. their routers are not on our networks and i really don't wanna get 
involved in snmp.. gets messy...

 
 best,
 Herbert
 
  -- 
  
  Chuck
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] arping inside guest

2006-10-24 Thread Chuck
i am trying to use the arping utility inside a guest. i have a ccap of 
raw_icmp already for something else in the guest. i keep getting this error

arping: socket: Operation not permitted

i looked through the caps listing but can't find anything obvious that I 
should use..

any suggestions?

this is for a nagios monitoring setup where we cannot ping certain ip 
addresses because of their firewall settings, so i thought we could still 
monitor those using arping.

-- 

Chuck


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] problem with quotas and proc/mounts and just general confusion.

2006-10-17 Thread Chuck
/proc mounts shows this:

[EMAIL PROTECTED] proc]# cat mounts
rootfs / rootfs rw 0 0
/dev/root / reiserfs rw 0 0
none /proc proc rw,nodiratime 0 0
none /tmp tmpfs rw,nodev 0 0
none /dev/pts devpts rw 0 0



while my mtab shows this:
[EMAIL PROTECTED] / ]# cat /etc/mtab
/dev/hdv1 / reiserfs usrquota,grpquota,attrs,noatime 0 0
none /proc proc  0 0
none /tmp tmpfs size=64m,mode=1777 0 0
none /dev/pts devpts gid=5,mode=620 0 0


guess i just don't understand the inner workings of these things enough. how 
can it show /dev/root when i dont use initrd, dont use labels, nothing. my 
host root is sda3 and each guest root is hdv1

unfortunately something is interacting between proc/mounts and mtab inside 
virtualminpro which will not allow quotas to work... yet i can assign a user 
quota at cmdline and it appears to work but then doesn't show in virtualmin.

the guy at virtualmin says its because proc/mounts does not agree with mtab, 
but... im so totally confused im about to give up on quotas.

also on my host i tried setting quotas on / but that doesn't fly either.. 
maybe it cant be done.. when i run the quota daemon it tries to enable them 
and says they work on the guest partitions but it cant do / on the host.. i 
was thinking that guests were mirroring the host root configs... 

can someone set me straight on this... i have been going around so many times 
now it has become a mess.

i followed the wiki howto for quotas in gentoo for the host and it works on 
other partitions than /... i also followed the wiki howto for using quotas 
with lvm partitions for the guest.. that appears to work at cmdline too..

why does quotas insist on a partition? maybe i should just divide my guests up 
into a root and /home partition and be done with it. just seems like extra 
work for something that i would think would work no matter what. i expected i 
could assign quotas to any directory or user or group to have disk/user/group 
quotas for that particular directory, not a mount point.


-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] jabber in a guest

2006-10-15 Thread Chuck
do i need any special b or c capabilities to run jabber 2 in a guest?

i keep getting logs like this for its various elements:

Oct 14 23:02:12 jabber jabberd/s2s[27854]: attempting connection to router at 
127.0.0.2, port=5347
Oct 14 23:02:12 jabber jabberd/s2s[27854]: [4] [router] write error: 
Connection refused (111)
Oct 14 23:02:12 jabber jabberd/s2s[27854]: connection to router closed


or is it I just have to figure out configurations better?  i tried the same 
configs on the host and that ran.


the host of course protects the guests using iptables, and the 5222 port is 
passed but none of the other internal ones such as 5347. do i have to include 
them too? i am trying to move it off a host into a guest.  i tried mapping 
everything to the guest primary ip as well, but that didnt do anything 
different.

im using amd64 with the following:

2.6.18-vs2.0.2-gentoo-r8
util-vserver-0.30.211

-- 

Chuck

___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] memory usage

2006-10-13 Thread Chuck
is there a way to see how much memory a particular guest is using? maybe 
something similar to the free command? i have no memory limitations on these 
first few.


-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] memory usage

2006-10-13 Thread Chuck
On Friday 13 October 2006 08:23, Corey Wright wrote:


i should have read the manual first and asked later :P but in my defense it 
was VERY early in the am here and i was still waitinig for coffee to brew so 
i had not had even my first cup yet.. i should try not to think until then :P


anyway i discovered virt_mem to put into the flags file which works just fine.

your answers actually answered some future things i will be dealing with so 
thank you ahead of time :D

we are letting a friend use a guest as a 'colo' and we want him to have all 
the resources he needs, but i want to give him a way to see just what he is 
using, not combined statistics, so i put  the virt uptime, cpu, mem and load 
in there and they report exactly what he will want to see.

 On Fri, 13 Oct 2006 06:31:21 -0400
 Chuck [EMAIL PROTECTED] wrote:
 
  is there a way to see how much memory a particular guest is using? maybe 
  something similar to the free command? i have no memory limitations on
  these first few.
 
 i use vserver-stat for informational purposes and not for placing resource
 limits.
 
 to decipher vsz  rss (as used in vserver-stat), see
 http://oldwiki.linux-vserver.org/Memory+Management.
 
 of course, memory accounting seems to be such a variable thing from command
 to command and os to os (see the many internet discussions at large
 trying to explaining the memory usage reported by top). witnessed within
 vserver's very own wiki:
 
 from http://oldwiki.linux-vserver.org/Memory+Management:
 
 the RSS (resident set size) is the amount of pages which are currently in
 RAM (physical memory)
 
 from http://linux-vserver.org/Memory_Limits:
 
 The Resident Set Size (rss) is the amount of virtual memory (RAM + swap)
 that the context is allowed to use
 
 so from the vserver wiki (both old  new) it appears that for vserver-stat
 rss = guests' RAM usage, but for memory limits rss = guest's RAM + swap.
 and then in my case i use vhashify, so all guests using apache have memory
 shared among them, so properly accounting that shared memory is tricky
 (does the total shared memory get accounted to each guest, or do you divide
 the total shared memory equally among all guests, etc).
 
 but if you don't have to account for shared usage amoung vservers, then i
 presume vserver-stat is pretty accurate of each guests' specific memory
 usage and the difficulty is choosing policy (do you want to limit RAM usage
 or a guest's total memory usage, ie RAM + swap, if you can even have that
 granularity in memory limits).
 
 i looked into memory limits a year ago or so and gave up as i'm in control
 of all guests (though it would be nice to keep a process from running away,
 either from a memory leak or DOS attack).
 
 hopefully somebody will correct me if i'm wrong in my details above, but
 at least look to vserver-stat as a possible answer to your question.
 
 corey
 -- 
 [EMAIL PROTECTED]
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] memory usage

2006-10-13 Thread Chuck
On Friday 13 October 2006 09:33, Herbert Poetzl wrote:
 On Fri, Oct 13, 2006 at 06:31:21AM -0400, Chuck wrote:
  is there a way to see how much memory a particular guest is using?
  maybe something similar to the free command? i have no memory
  limitations on these first few.
 
 free inside a guest/context is virtualized and
 shows the amount used by the guest
 

without the virt_mem, i get the same report inside a guest as i get on the 
host using free.. it shows all memory usage..  the virt_mem appears to show 
only what is being used by that guest when free runs, so this is what i 
probably want.

 you can get similar data with either vserver-stat
 and/or the limits proc entry 
 
 HTH,
 Herbert
 
  -- 
  
  Chuck
  
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] memory usage

2006-10-13 Thread Chuck
On Friday 13 October 2006 13:23, Guillaume Pratte wrote:

that is a beautiful system but it is for the server admin. i need for a guest 
to behave like a standalone server would to the root admin who rents it. he 
is familiar with linux cmdline utilities and so i need to provide them with 
accurate results... free must display only that particular guest's memory 
usage and with virt_mem it seems to do so. other utilities such as top must 
return only the guest and nothing else hence the rest of the virt_.. i 
suspect this setup would do it but until i test it more i cannot be positive.



 Chuck a écrit :
 
 is there a way to see how much memory a particular guest is using? maybe 
 something similar to the free command? i have no memory limitations on 
these 
 first few.
 
 I humbly suggest that you also look at vsmon, which displays in a web 
 page the equivalent of vserver-stat, and more :
 
 http://vsmon.revolutionlinux.com/
 
 -- 
 Guillaume Pratte
 Recherche et développement
 Révolution Linux
 
 Toutes les opinions et les prises de position exprimées dans ce courriel 
sont celles de son auteur et ne répresentent pas nécessairement celles de 
Révolution Linux.
 
 Any views and opinions expressed in this email are solely those of the 
author and do not necessarily represent those of Revolution Linux.
 
 
 
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] having a routing problem from guests

2006-10-03 Thread Chuck
On Tuesday 03 October 2006 11:42, Herbert Poetzl wrote:


would that mix up things when guests on the same interface come into play? if 
on the host 32.2 interface a guest was 32.30 ?.. or would i have to add an 
iptables and iproute rule for each guest ip as well?


 On Mon, Oct 02, 2006 at 11:46:32AM -0400, Chuck wrote:
  On Monday 02 October 2006 10:18, Herbert Poetzl wrote:
  
  oops... forgot.. ok so then i would add the statements below with proper 
ip 
  for each of the 4 interfaces?
 
 yep
 
 best,
 Herbert
 
   add a masquerading/snat rule for each 'outgoing' packet
   on a specific interface, like this:
   
    iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
    iptables -t nat -I OUTPUT -o eth0 -j SNAT --to-source 64.113.32.2
   
  
  -- 
  
  Chuck
  
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose 
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] having a routing problem from guests

2006-10-03 Thread Chuck
On Tuesday 03 October 2006 12:06, Herbert Poetzl wrote:


oh boy.. heh i may be getting into a real situation here.. each of the 3 
public interfaces will have an average of 10 -20 guests on it by the time i 
am done and at least 8 of those guests will have upward of 10 ips in it with 
some 26 or more.. i used the 64ip patch (as much as possible.. legacy.h no 
longer has the variable to change).  this means i have to set one up for each 
guest and each ip within... the ips were originally assigned years ago based 
on /24 not on subnets since the old machines had total access to all of a 
network.  i have a feeling this is not gonna be fun unless i misunderstand 
something. (i am into creating a guest and telling it to 'fly' with little to 
no extra work :D )

 On Tue, Oct 03, 2006 at 11:51:36AM -0400, Chuck wrote:
  On Tuesday 03 October 2006 11:42, Herbert Poetzl wrote:
  
  would that mix up things when guests on the same interface come into
  play? if on the host 32.2 interface a guest was 32.30 ?.. or would i
  have to add an iptables and iproute rule for each guest ip as well?
 
 in a more complex setup it is generally advised
 to dedicate a separate table for each guest.
 if necessary, you can also use the mark feature
 of iptables to 'tag' traffic early and use that
 for advanced multipath routing (needs to be enabled)
 
 best,
 Herbert
 
   On Mon, Oct 02, 2006 at 11:46:32AM -0400, Chuck wrote:
On Monday 02 October 2006 10:18, Herbert Poetzl wrote:

oops... forgot.. ok so then i would add the statements below with
proper
 
  ip
 
for each of the 4 interfaces?
   
   yep
   
   best,
   Herbert
   
 add a masquerading/snat rule for each 'outgoing' packet
 on a specific interface, like this:
 
  iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
  iptables -t nat -I OUTPUT -o eth0 -j SNAT --to-source 64.113.32.2
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
   
  
  -- 
  
  Chuck
  
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose 
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Re: quota probs on centos4 guest with gentoo host

2006-10-02 Thread Chuck
On Monday 02 October 2006 03:27, Nicolas Costes wrote:
 Le Dimanche 1 Octobre 2006 23:45, Chuck a écrit :
  wow didnt even know mtab could go in there... all ive ever had in any
  of them was style, mark and depends
 
 Well, I learned it in a quota HOWTO that was on the old wiki, but I must 
 admit that I don't know where it lays now.
 
  took the gentoo ebuild this time  2.6.15-vs2.0.1-gentoo-r5
 
 Well, I think you'll have to compile 2.0.2 ;-)
 

which means its not in the production distribution yet..  so much for keeping 
this system 100% production package ... hehe


 -- 
   ,,
  (°   Nicolas Costes
  /|\   IUT de La Roche / Yon
 ( ^ )  Clé publique: http://www.keyserver.net/
  ^ ^   Musique libre: http://musique-legale.info/ - 
 http://www.jamendo.com/?s=concept
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] centos64 timing out on stop but no service errors

2006-10-02 Thread Chuck
any idea where to look? evidently something isnt exiting cleanly in the guest
but my serial monitor stops showing anything at Starting killall:  [  OK  ]
i suspect its something in the halt script? it stopped ok till my tech decided 
to run yum update on it! that itself isnt bad, but to make things worse he 
promptly 'cleaned up' by removing all the rpmsave files!  so i had to re-edit 
everything and think i may have missed something. needless to say he is no 
longer allowed to touch the servers.

valkyrie 0 # vserver cntos64-webmin-tmpl stop
A timeout occured while waiting for the vserver to finish and it will
be killed by sending a SIGKILL signal. The following process list
might be useful for finding out the reason of this behavior:

--
--
* CentOS64 template Stopped




-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] 2.0.2 on 2.6.18 kernel question

2006-10-02 Thread Chuck
does this now mean guests have a way of using 127.0.0.1 remapped in the system 
rather than through hosts files? so those packages hardcoded with it will 
work?


CONFIG_VSERVER_REMAP_SADDR: 

   
This allows to remap the source IP address of 'local'   
 
connections from 127.0.0.1 to the first assigned guest IP. 


-- 

Chuck




___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] having a routing problem from guests

2006-10-02 Thread Chuck
On Monday 02 October 2006 10:18, Herbert Poetzl wrote:


cool thanks... ill make those changes and see how it works :)

 On Fri, Sep 29, 2006 at 11:23:11AM -0400, Chuck wrote:
  On Friday 29 September 2006 09:54, Herbert Poetzl wrote:
   On Thu, Sep 28, 2006 at 07:35:09PM -0400, Chuck wrote:
my 32 net guests cannot contact outside 39 net machines on our
same network. they can contact other 39 net guests on the same
host. conversely, the external 39 net machine cannot contact any
32 net ip on the vserver host or any guest..
   
   I assume you mean something like 10.32.0.x/24 and 10.39.0.y/24
   here (well, at least it sounds like that is what you mean)
   
  32net is a /23 and the other 3 networks are /24
  
  
  
the problem i had was when within a 32net guest if i ping a 39 net
external host, it goes out our 39 net card to the external host
gets answered and routed back into our host on 32net since the
source ip header in the packet is 32 net and the system ignores
it.
   
   yes, by default, the host is allowed to choose any network
   address which is assigned to an interface, the reverse path
   filter basically blocks packets which could not have originated
   from that interface, because it does not hold that ip
   
setting below to 0 cures that.
   
   so, what you basically did, is to allow the packets to leave
   the interfaces with an ip from a different interface/routing
   too (which is harmless, but probably not what you actually
   wanted)
  
  actually it did not do what i wanted. we sniffed it this morning...
  the ping packets destined from the 32net guest for an external 39
  net host still go out the 39 net card and get echoed back from the
  external host and the router sends them back to the 32net card since
  that was the source ip block, and by setting that to 0 it allowed
  32net to accept the packet rather than reject it.
  
  what i want is no matter if it is an internal ip or not, for all
  traffic generated by a guest to go out its default port and come back
  into it directed by the router if a reply is required such as ping.
  yet at the same time it would be ideal for all guests to be able to
  route internally to each other as they do now. the way i want to see i
  suspect would send the packets external and the router would feed them
  back down the correct network.
  
   
am i doing something extremely stupid by disabling this or is it
secure enough not to worry?

 we are protected by tons of acls in various routers plus a very
strict iptables on the host.
   
   the better approach would be to set up two routing tables,
   (given that there are two nics/routes on the host), and
   use source based routing to figure the proper interface
   
  
  we use iproute2 and have one table for each of the 4 networks on the
  machine.. it is extremely probable i dont have routes or rules set
  up right. it works like this but i just do not know if this internal
  routing the host kernel does is expected/desired/normal or not.
 
  this is a simplified version of our network setup... simplified=cut
  out 145 ip addresses from 34 net for saving space.. email runs on the
  host.
 
   eth0 differs in that it has an additional default gateway statement
  to handle unknown networks.
  
  # 32net intel e100 10/100  public switchport 3  vlan32
  
  config_eth0=( 64.113.32.2 netmask 255.255.254.0 broadcast 
64.113.33.255 )
  routes_eth0=( 64.113.32.0/23 src 64.113.32.2 table 32net )
  routes_eth0=( default via 64.113.32.1 table 32net )
 try to add 'src 64.113.32.2' here   ^^
 
  #default gateway for sysem as a catch-all
  routes_eth0=( default via 64.113.32.1 )
 better get rid of the 'default' only gives you wrong decisions
 
  rules_eth0=( from 64.113.32.0/23 table 32net )
  
  #pvtnet tigon3 gbE  private switch port 2
  
  config_eth1=( 172.30.0.50 netmask 255.255.255.0 broadcast 172.30.0.255 )
  routes_eth1=( 172.30.0.0/24 src 172.30.0.50 table pvtnet )
  routes_eth1=( default via 172.30.0.1 table pvtnet )
  rules_eth1=( from 172.30.0.0/24 table pvtnet )
  
  # 34net tigon3 gbE public switchport 4 vlan34
  
  config_eth2=( 64.113.34.2 netmask 255.255.255.0 broadcast 
64.113.34.255 )
  routes_eth2=( 64.113.34.0/24 src 64.113.34.2 table 34net )
  routes_eth2=( default via 64.113.34.1 table 34net )
  rules_eth2=( from 64.113.34.0/24 table 34net )
  
  
  # 39net realtek rtl8169 gbE card  public switchport 5 vlan39
  
  config_eth3=( 64.113.39.3 netmask 255.255.255.0 broadcast 
64.113.39.255 )
  routes_eth3=( 64.113.39.0/24 src 64.113.39.3 table 39net )
  routes_eth3=( default via 64.113.39.1 table 39net )
  rules_eth3=( from 64.113.39.0/24 table 39net )
 
 add a masquerading/snat rule for each 'outgoing' packet
 on a specific interface, like this:
 
  iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
  iptables -t nat -I OUTPUT -o eth0 -j SNAT --to-source 64.113.32.2
 
   but if that 'works for you

Re: [Vserver] having a routing problem from guests

2006-10-02 Thread Chuck
On Monday 02 October 2006 10:18, Herbert Poetzl wrote:

oops... forgot.. ok so then i would add the statements below with proper ip 
for each of the 4 interfaces?

 add a masquerading/snat rule for each 'outgoing' packet
 on a specific interface, like this:
 
  iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
  iptables -t nat -I OUTPUT -o eth0 -j SNAT --to-source 64.113.32.2
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] centos64 timing out on stop but no service errors

2006-10-02 Thread Chuck
On Monday 02 October 2006 18:59, Daniel Hokka Zakrisson wrote:
 Chuck wrote:
  any idea where to look? evidently something isnt exiting cleanly in the 
guest
  but my serial monitor stops showing anything at Starting killall:  [  
OK  ]
  i suspect its something in the halt script? it stopped ok till my tech 
decided 
  to run yum update on it! that itself isnt bad, but to make things worse he 
  promptly 'cleaned up' by removing all the rpmsave files!  so i had to 
re-edit 
  everything and think i may have missed something. needless to say he is no 
  longer allowed to touch the servers.
  
  valkyrie 0 # vserver cntos64-webmin-tmpl stop
  A timeout occured while waiting for the vserver to finish and it will
  be killed by sending a SIGKILL signal. The following process list
  might be useful for finding out the reason of this behavior:
  
  --
  --
  * CentOS64 template Stopped
 
 Is this fully reproducible, i.e. do you get it every time you try to 
 stop that particular guest? If so, would it be possible for you to stop 
 by the IRC channel (#vserver at irc.oftc.net) some time tomorrow (Oct 
 3rd, I'll probably be around after 11 AM UTC) for some more interactive 
 debugging?
 

it is every time.. ill try.. i have a huge workload at the moment 
with 'immediate' requests from the boss.. if i can get those cleaned up i 
will have time otherwise it will have to be another day. but yes i would like 
to get this working properly... its not affecting anything other than my 
sanity at seeing an error :) and taking probably a bit longer due to timeout 
than normal. to be honest, once i get the template into production guests, 
they may only get shut down once a year if that so its not a huge issue other 
than me wanting it perfect.  if i can get thru this workload tonight, ill be 
there otherwise, ill let you know or just show up if you are usually there 
after that time on a day when i can.

 -- 
 Daniel Hokka Zakrisson
 GPG id: 06723412
 GPG fingerprint: A455 4DF3 990A 431F FECA  7947 6136 DDA2 0672 3412
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] quota probs on centos4 guest with gentoo host

2006-10-01 Thread Chuck
having a problem getting user quotas to work within a 
32 bit centos4 guest template on a gentoo 2006.1 amd64 host. this is the
only guest i am trying this on for now.

i followed the guide with some mods due to apparent distro differences between 
gentoo and debian at

http://www.5dollarwhitebox.org/wiki/index.php/Howtos_Linux-Vserver_With_LVM_And_Quotas

starting with the vroot subtitle.

here are the steps i took:

1. did not make a vroot device since the deb example expects /dev/vroot/device 
while my gentoo box already created /dev/vroot0 - 7 devices without the vroot 
directory.

2. mounted the guest lvm partition

3. removed guestpath/dev/hdv1

3. vrsetup /dev/vroot0 /dev/vg0/guestdevicename

4. cp -fa /dev/vroot0 guestpath/dev/hdv1

5. installed quota_ctl inside the guest ccapabilities

6. started guest and entered it

7. ran quotacheck -maug.  it returned nothing.

8. ran quotaon -a. it also returned nothing

9. ran edquota username and it bombed saying no quota capable filesystems 
found.

it appears to want a mount point which my entire guest is in one partition. 
there is, however an  aquota.user  file in the guest root.

i am running reiserfs v3 and my host fstab has the option usrquota added in 
for the guest partition.

quotas work on the host. 


any clues what i did wrong or missed?
maybe some config option somewhere in centos i dont know to set?

-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


[Vserver] centos 64 question

2006-10-01 Thread Chuck
i *think* i commented out everything concerning disk manipulation in rc.sysint 
but when i start the vserver i keep geting 3 of these errors and have no clue 
where else to look.  does not seem to affect the boot/operation of the guest 
but i just don't like seeing errors on startup or shutdown :)

clues?

secure-mount: write(): Invalid argument
Failed to update mtab-file

-- 

Chuck



___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] Re: quota probs on centos4 guest with gentoo host

2006-10-01 Thread Chuck
On Sunday 01 October 2006 17:25, Nicolas Costes wrote:
 Le Dimanche 1 Octobre 2006 18:09, Chuck a écrit :
  having a problem getting user quotas to work within a
  32 bit centos4 guest template on a gentoo 2006.1 amd64 host. this is the
  only guest i am trying this on for now.
  i followed the guide with some mods due to apparent distro differences
  between gentoo and debian at
  [...] 
  any clues what i did wrong or missed?
  maybe some config option somewhere in centos i dont know to set?
 
 Seems that you forgot to write the following 
 in /etc/vservers/XX/apps/init/mtab :
 
 /dev/vg0/guestdevicename /vservers/xx/mountpoint reiserfs quota,defaults 0 
0
 
 (not sure of the exact line, never used reiserfs, but you get the point : 
the 
 important thing is quota). Now, when starting your guest, it'll get 
 a /etc/mtab...
 


wow didnt even know mtab could go in there... all ive ever had in any of them 
was style, mark and depends
 If this does not work, try this command inside the guest :
# repquota /dev/hdv1
 
 Should work with 2.0.2, but only by giving the device : 2.0.2 cannot resolve 
a 
 mountpoint for now. repquota -a should work too, but for example not 
 repquota /home.
 
 Which VS patch do you use ? It work for me with 2.0.2 (and a couple of rc 
 before it) an XFS, but not with devel ! 
 

took the gentoo ebuild this time  2.6.15-vs2.0.1-gentoo-r5



 HTH
 
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] centos 64 question

2006-10-01 Thread Chuck
On Sunday 01 October 2006 17:47, Daniel Hokka Zakrisson wrote:
 Chuck wrote:
  i *think* i commented out everything concerning disk manipulation in 
rc.sysint 
  but when i start the vserver i keep geting 3 of these errors and have no 
clue 
  where else to look.  does not seem to affect the boot/operation of the 
guest 
  but i just don't like seeing errors on startup or shutdown :)
  
  clues?
  
  secure-mount: write(): Invalid argument
  Failed to update mtab-file
  
 
 What is your /etc/mtab inside the guest? Is it by any chance a symlink 
 to /proc/mounts?


yes it is.. i never thought to look for that
maybe if i just delete the symlink?


 
 -- 
 Daniel Hokka Zakrisson
 GPG id: 06723412
 GPG fingerprint: A455 4DF3 990A 431F FECA  7947 6136 DDA2 0672 3412
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] centos 64 question

2006-10-01 Thread Chuck
On Sunday 01 October 2006 18:43, Daniel Hokka Zakrisson wrote:


error free startup now.. thanks!!! 

now i have one more.. stopping.. i just noticed i see this on my serial 
monitor when i stop that guest.. there must be a file i missed somewhere that 
has control over shutdown... didnt see any of this in rc.sysinit

umount2: Operation not permitted
umount: none: not found
umount: /tmp: must be superuser to umount
umount2: Operation not permitted
umount: none: not found
umount: /tmp: must be superuser to umount
umount2: Operation not permitted
umount: none: not found
umount: /dev/pts: must be superuser to umount
umount2: Operation not permitted
umount: none: not found
umount: /dev/pts: must be superuser to umount
mount: permission denied
mount: permission denied
mount: permission denied
mount: permission denied
Please stand by while rebooting the system...
On the next boot fsck will be skipped.





 Chuck wrote:
  On Sunday 01 October 2006 17:47, Daniel Hokka Zakrisson wrote:
  
 Chuck wrote:
 
 i *think* i commented out everything concerning disk manipulation in 
  
  rc.sysint 
  
 but when i start the vserver i keep geting 3 of these errors and have no 
  
  clue 
  
 where else to look.  does not seem to affect the boot/operation of the 
  
  guest 
  
 but i just don't like seeing errors on startup or shutdown :)
 
 clues?
 
 secure-mount: write(): Invalid argument
 Failed to update mtab-file
 
 
 What is your /etc/mtab inside the guest? Is it by any chance a symlink 
 to /proc/mounts?
  
  
  
  yes it is.. i never thought to look for that
  maybe if i just delete the symlink?
 
 Yep, that should do it.
 
 -- 
 Daniel Hokka Zakrisson
 GPG id: 06723412
 GPG fingerprint: A455 4DF3 990A 431F FECA  7947 6136 DDA2 0672 3412
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] centos 64 question

2006-10-01 Thread Chuck
On Sunday 01 October 2006 19:10, Chuck wrote:


found it.. it was in init.d/halt

it all works now with no errors..

thank you!

 On Sunday 01 October 2006 18:43, Daniel Hokka Zakrisson wrote:
 
 
 error free startup now.. thanks!!! 
 
 now i have one more.. stopping.. i just noticed i see this on my serial 
 monitor when i stop that guest.. there must be a file i missed somewhere 
that 
 has control over shutdown... didnt see any of this in rc.sysinit
 
 umount2: Operation not permitted
 umount: none: not found
 umount: /tmp: must be superuser to umount
 umount2: Operation not permitted
 umount: none: not found
 umount: /tmp: must be superuser to umount
 umount2: Operation not permitted
 umount: none: not found
 umount: /dev/pts: must be superuser to umount
 umount2: Operation not permitted
 umount: none: not found
 umount: /dev/pts: must be superuser to umount
 mount: permission denied
 mount: permission denied
 mount: permission denied
 mount: permission denied
 Please stand by while rebooting the system...
 On the next boot fsck will be skipped.
 
 
 
 
 
  Chuck wrote:
   On Sunday 01 October 2006 17:47, Daniel Hokka Zakrisson wrote:
   
  Chuck wrote:
  
  i *think* i commented out everything concerning disk manipulation in 
   
   rc.sysint 
   
  but when i start the vserver i keep geting 3 of these errors and have 
no 
   
   clue 
   
  where else to look.  does not seem to affect the boot/operation of the 
   
   guest 
   
  but i just don't like seeing errors on startup or shutdown :)
  
  clues?
  
  secure-mount: write(): Invalid argument
  Failed to update mtab-file
  
  
  What is your /etc/mtab inside the guest? Is it by any chance a symlink 
  to /proc/mounts?
   
   
   
   yes it is.. i never thought to look for that
   maybe if i just delete the symlink?
  
  Yep, that should do it.
  
  -- 
  Daniel Hokka Zakrisson
  GPG id: 06723412
  GPG fingerprint: A455 4DF3 990A 431F FECA  7947 6136 DDA2 0672 3412
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
  
 
 -- 
 
 Chuck
 
 ...and the hordes of M$*ft users descended upon me in their anger,
 and asked 'Why do you not get the viruses or the BlueScreensOfDeath
 or insecure system troubles and slowness or pay through the nose 
 for an OS as *we* do?!!', and I answered...'I use Linux'. 
 The Book of John, chapter 1, page 1, and end of book
 
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end of book


___
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


Re: [Vserver] having a routing problem from guests

2006-09-29 Thread Chuck
On Friday 29 September 2006 09:54, Herbert Poetzl wrote:
 On Thu, Sep 28, 2006 at 07:35:09PM -0400, Chuck wrote:
  my 32 net guests cannot contact outside 39 net machines on our same
  network. they can contact other 39 net guests on the same host.
  conversely, the external 39 net machine cannot contact any 32 net ip
  on the vserver host or any guest..
 
 I assume you mean something like 10.32.0.x/24 and 10.39.0.y/24
 here (well, at least it sounds like that is what you mean)
 
32net is a /23 and the other 3 networks are /24



  the problem i had was when within a 32net guest if i ping a 39 net
  external host, it goes out our 39 net card to the external host gets
  answered and routed back into our host on 32net since the source ip
  header in the packet is 32 net and the system ignores it. 
 
 yes, by default, the host is allowed to choose any network
 address which is assigned to an interface, the reverse path
 filter basically blocks packets which could not have originated
 from that interface, because it does not hold that ip
 
  setting below to 0 cures that.
 
 so, what you basically did, is to allow the packets to leave
 the interfaces with an ip from a different interface/routing
 too (which is harmless, but probably not what you actually
 wanted)

actually it did not do what i wanted. we sniffed it this morning... the ping 
packets destined from the 32net guest for  an external 39 net host still go 
out the 39 net card and get echoed back from the external host and the router 
sends them back to the 32net card since that was the source ip block, and by 
setting that to 0 it allowed 32net to accept the packet rather than reject 
it.

what i want is no matter if it is an internal ip or not, for all traffic 
generated by a guest to go out its default port and come back into it 
directed by the router if a reply is required such as ping. yet at the same 
time it would be ideal for all guests to be able to route internally to each 
other as they do now. the way i want to see i suspect would send the packets 
external and the router would feed them back down the correct network.

 
  am i doing something extremely stupid by disabling this or is it
  secure enough not to worry?
  
   we are protected by tons of acls in various routers plus a very
  strict iptables on the host.
 
 the better approach would be to set up two routing tables,
 (given that there are two nics/routes on the host), and
 use source based routing to figure the proper interface
 

we use iproute2 and have one table for each of the 4 networks on the machine.. 
it is extremely probable i dont have routes or rules set up right. it works 
like this but i just do not know if this internal routing the host kernel 
does is expected/desired/normal or not.

this is a simplified version of our network setup... simplified=cut out 145 ip 
addresses from 34 net for saving space.. email runs on the host.

 eth0 differs in that it has an  additional default gateway statement to 
handle unknown networks.

# 32net intel e100 10/100  public switchport 3  vlan32

config_eth0=( 64.113.32.2 netmask 255.255.254.0 broadcast 64.113.33.255 )
routes_eth0=( 64.113.32.0/23 src 64.113.32.2 table 32net )
routes_eth0=( default via 64.113.32.1 table 32net )
#default gateway for sysem as a catch-all
routes_eth0=( default via 64.113.32.1 )
rules_eth0=( from 64.113.32.0/23 table 32net )

#pvtnet tigon3 gbE  private switch port 2

config_eth1=( 172.30.0.50 netmask 255.255.255.0 broadcast 172.30.0.255 )
routes_eth1=( 172.30.0.0/24 src 172.30.0.50 table pvtnet )
routes_eth1=( default via 172.30.0.1 table pvtnet )
rules_eth1=( from 172.30.0.0/24 table pvtnet )

# 34net tigon3 gbE public switchport 4 vlan34

config_eth2=( 64.113.34.2 netmask 255.255.255.0 broadcast 64.113.34.255 )
routes_eth2=( 64.113.34.0/24 src 64.113.34.2 table 34net )
routes_eth2=( default via 64.113.34.1 table 34net )
rules_eth2=( from 64.113.34.0/24 table 34net )


# 39net realtek rtl8169 gbE card  public switchport 5 vlan39

config_eth3=( 64.113.39.3 netmask 255.255.255.0 broadcast 64.113.39.255 )
routes_eth3=( 64.113.39.0/24 src 64.113.39.3 table 39net )
routes_eth3=( default via 64.113.39.1 table 39net )
rules_eth3=( from 64.113.39.0/24 table 39net )



 but if that 'works for you' then it is no big deal, as I
 said, it's usually off by default ...
 

so then this behavior im forcing will not cause security issues?

 HTH,
 Herbert
 
  i found below in sysctl.conf was set to 1. if i set it to 0 as shown 
  everything works properly..
  
  # Enables source route verification. 0 disables
  net.ipv4.conf.default.rp_filter = 0
  
  -- 
  
  Chuck
  
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose 
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book

Re: [Vserver] having a routing problem from guests

2006-09-29 Thread Chuck
On Friday 29 September 2006 11:48, Roderick A. Anderson wrote:


looks like you are doing what i did in the beginning.. using ifconfig.. wont 
work.. you must install iproute2 and use the rules and tables in order for it 
to work.

my config is similar to what would be needed for iproute statements to make 3 
or 4  or more nics work in one machine

 Taking this a step further I'm trying to do something similar and 
 getting _strange_ results.  Using totally fake IPs here is what I'm 
 trying to set up.  ( As typing this I see Chuck just posted to the 
 thread with similar information. )
 
 Host system with three NICs: eth0, eth1, eth2.  Fedora Core 5 and all 
 guests are FC5 using Daniel's excellent RPMs and was just updated this AM.
 
 
 eth0 is connected to a switch/router for one up-stream provider and has 
 a block of 16 addresses designated for it: 123.45.67.192/28.
 
 eth1 is connected to different switch/router for a different upstream 
 provider with a block of 16 addresses designated for it: 98.76.54.192/28.
 
 eth2 is connected to a switch which is the private in-house network for 
 connection to the backup server, fileserver, and other non-public 
 resources and can use any address in the 192.168.254.0/24 network.  IT 
 currently isn't configured or activated.  I'll cross that bridge later.
 
 
 I've configured four guests so far.  Three use the eth0 connection and 
 one uses the eth1.
 
 I have created two files in /etc/sysconfig/network-scripts:
 
 route-eth0
 route-eth1
 
 They are using what I think is the current ( Redhat approved ) format.
 
 GATEWAY0=123.45.67.1
 NETMASK0=255.255.255.240
 ADDRESS0=123.45.67.192
 
 and
 
 GATEWAY1=98.76.54.1
 NETMASK1=255.255.255.240
 ADDRESS1=98.76.54.192
 
 I have assigned the IPs 123.45.67.193 and 98.76.54.193 to the two NICs 
 for the host to use.  ( Enforcement of the classless subnet isn't being 
 enforced as the company the server is at has the full C Class for both 
 IP ranges -- they're an ISP. )
 
 ifcfg-eth0 contains:
 
 DEVICE=eth0
 BOOTPROTO=static
 BROADCAST=66.193.36.255
 HWADDR=00:00:00:00:00:00 # faked up
 IPADDR=123.45.67.193
 NETMASK=255.255.255.0
 NETWORK=123.45.67.0
 ONBOOT=yes
 
 and ifcfg-eth1 contains:
 
 DEVICE=eth1
 BOOTPROTO=static
 HWADDR=01:01:01:01:01:01 # faked up
 BROADCAST=98.76.54.255
 IPADDR=98.76.54.193
 NETMASK=255.255.255.240
 NETWORK=98.76.54.192
 ONBOOT=yes
 
 Lastly iptables is pretty open.
 
 The problem is that though I can ping from a different network to both 
 of the host's to IPs and I can ping out from the three guests that use 
 eth0 and I can ping the eth1 guest from a eth0 guest I can't ping from 
 the eth1 guest to the outside world.  The cursor just sits there 
 blinking at me.  #$%^* computers.  :-)
 
 All the guests were created using the same set of commands with only the 
 contexts, IPs, interface etc. different.
 
 So I'm hoping it is just something really stupid or overlooked on my part.
 
 Hope this is hijacking hte thread too much.
 
 
 Rod
 -- 
 
 Herbert Poetzl wrote:
  On Thu, Sep 28, 2006 at 07:35:09PM -0400, Chuck wrote:
  
 my 32 net guests cannot contact outside 39 net machines on our same
 network. they can contact other 39 net guests on the same host.
 conversely, the external 39 net machine cannot contact any 32 net ip
 on the vserver host or any guest..
  
  
  I assume you mean something like 10.32.0.x/24 and 10.39.0.y/24
  here (well, at least it sounds like that is what you mean)
  
  
 the problem i had was when within a 32net guest if i ping a 39 net
 external host, it goes out our 39 net card to the external host gets
 answered and routed back into our host on 32net since the source ip
 header in the packet is 32 net and the system ignores it. 
  
  
  yes, by default, the host is allowed to choose any network
  address which is assigned to an interface, the reverse path
  filter basically blocks packets which could not have originated
  from that interface, because it does not hold that ip
  
  
 setting below to 0 cures that.
  
  
  so, what you basically did, is to allow the packets to leave
  the interfaces with an ip from a different interface/routing
  too (which is harmless, but probably not what you actually
  wanted)
  
  
 am i doing something extremely stupid by disabling this or is it
 secure enough not to worry?
 
  we are protected by tons of acls in various routers plus a very
 strict iptables on the host.
  
  
  the better approach would be to set up two routing tables,
  (given that there are two nics/routes on the host), and
  use source based routing to figure the proper interface
  
  but if that 'works for you' then it is no big deal, as I
  said, it's usually off by default ...
  
  HTH,
  Herbert
  
  
 i found below in sysctl.conf was set to 1. if i set it to 0 as shown 
 everything works properly..
 
 # Enables source route verification. 0 disables
 net.ipv4.conf.default.rp_filter = 0
 
 -- 
 
 Chuck
 
 ...and the hordes of M$*ft users descended upon

Re: [Vserver] having a routing problem from guests

2006-09-29 Thread Chuck
On Friday 29 September 2006 11:53, Chuck wrote:
[snip]
  Lastly iptables is pretty open.
  
  The problem is that though I can ping from a different network to both 
  of the host's to IPs and I can ping out from the three guests that use 
  eth0 and I can ping the eth1 guest from a eth0 guest I can't ping from 
  the eth1 guest to the outside world.  The cursor just sits there 
  blinking at me.  #$%^* computers.  :-)
  

i had exactly the same symptoms when i first started this .. it only worked 
after switching to iproute2 and setting up tables and rules.. suddenly 
everything started working with the exception of my current problem of a /23 
network not talking to a specific /24 network off the host... it is working 
now although i consider it a bandaid until i am assured this is how it is 
supposed to work internally.

for redhat-style systems i do not know if iproute2 package replaces the init 
scripts and how the syntax works for setting routes and rules... it may have 
to be a separate script created with the proper ip route or ip rule 
commands.. 


  All the guests were created using the same set of commands with only the 
  contexts, IPs, interface etc. different.
  
  So I'm hoping it is just something really stupid or overlooked on my part.
  
  Hope this is hijacking hte thread too much.
  
  
  Rod
  -- 
  
  Herbert Poetzl wrote:
   On Thu, Sep 28, 2006 at 07:35:09PM -0400, Chuck wrote:
   
  my 32 net guests cannot contact outside 39 net machines on our same
  network. they can contact other 39 net guests on the same host.
  conversely, the external 39 net machine cannot contact any 32 net ip
  on the vserver host or any guest..
   
   
   I assume you mean something like 10.32.0.x/24 and 10.39.0.y/24
   here (well, at least it sounds like that is what you mean)
   
   
  the problem i had was when within a 32net guest if i ping a 39 net
  external host, it goes out our 39 net card to the external host gets
  answered and routed back into our host on 32net since the source ip
  header in the packet is 32 net and the system ignores it. 
   
   
   yes, by default, the host is allowed to choose any network
   address which is assigned to an interface, the reverse path
   filter basically blocks packets which could not have originated
   from that interface, because it does not hold that ip
   
   
  setting below to 0 cures that.
   
   
   so, what you basically did, is to allow the packets to leave
   the interfaces with an ip from a different interface/routing
   too (which is harmless, but probably not what you actually
   wanted)
   
   
  am i doing something extremely stupid by disabling this or is it
  secure enough not to worry?
  
   we are protected by tons of acls in various routers plus a very
  strict iptables on the host.
   
   
   the better approach would be to set up two routing tables,
   (given that there are two nics/routes on the host), and
   use source based routing to figure the proper interface
   
   but if that 'works for you' then it is no big deal, as I
   said, it's usually off by default ...
   
   HTH,
   Herbert
   
   
  i found below in sysctl.conf was set to 1. if i set it to 0 as shown 
  everything works properly..
  
  # Enables source route verification. 0 disables
  net.ipv4.conf.default.rp_filter = 0
  
  -- 
  
  Chuck
  
  ...and the hordes of M$*ft users descended upon me in their anger,
  and asked 'Why do you not get the viruses or the BlueScreensOfDeath
  or insecure system troubles and slowness or pay through the nose 
  for an OS as *we* do?!!', and I answered...'I use Linux'. 
  The Book of John, chapter 1, page 1, and end of book
  
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
   
   ___
   Vserver mailing list
   Vserver@list.linux-vserver.org
   http://list.linux-vserver.org/mailman/listinfo/vserver
  
  ___
  Vserver mailing list
  Vserver@list.linux-vserver.org
  http://list.linux-vserver.org/mailman/listinfo/vserver
  
 
 -- 
 
 Chuck
 
 ...and the hordes of M$*ft users descended upon me in their anger,
 and asked 'Why do you not get the viruses or the BlueScreensOfDeath
 or insecure system troubles and slowness or pay through the nose 
 for an OS as *we* do?!!', and I answered...'I use Linux'. 
 The Book of John, chapter 1, page 1, and end of book
 
 
 ___
 Vserver mailing list
 Vserver@list.linux-vserver.org
 http://list.linux-vserver.org/mailman/listinfo/vserver
 

-- 

Chuck

...and the hordes of M$*ft users descended upon me in their anger,
and asked 'Why do you not get the viruses or the BlueScreensOfDeath
or insecure system troubles and slowness or pay through the nose 
for an OS as *we* do?!!', and I answered...'I use Linux'. 
The Book of John, chapter 1, page 1, and end

  1   2   3   4   >