1139356803 M * daniel_hozac well, you supplied bad options... mount told you so. what more do you want? 1139356842 J * matti matti@linux.gentoo.pl 1139356842 M * derjohn e.g.: 'tagxid not permitted on remount.' ? 1139356879 M * daniel_hozac so you really want to have to patch mount, just so it can parse the options and look for remount and tagxid, and if those are present, use a specific error message? 1139356906 M * daniel_hozac really, if a mount fails for an unexpected reason, i'd except dmesg to be the first place to look. 1139356954 M * derjohn daniel_hozac, well i would have suspected it does so. i would not see any disadvantage to give precise errors (if the information is there in the kernel). but anyway thats a mount problem, not linux-vserver ... 1139356975 M * derjohn i am happy that mount just works :) 1139357007 M * daniel_hozac how would mount be able to tell an iptables LOG message from a filesystem message? 1139357040 M * daniel_hozac if, theoretically, mount was reading kmsg. 1139357082 J * grant_ mep@p5091B7B9.dip0.t-ipconnect.de 1139357141 M * derjohn daniel_hozac, ?? er ?? mount got an error back from the kernel, or? does it have tp parse kmsg or get it back a precise error when it usees setFooBar on the kernel? 1139357152 M * daniel_hozac yes. 1139357169 M * daniel_hozac there isn't exactly a -ENOTAGXIDONREMOUNT. 1139357195 M * derjohn daniel_hozac, then I unserstand the lazyness of the coders of mount :) 1139357201 M * derjohn *understand 1139357225 M * daniel_hozac there is no way it can work in a future-proof manner. 1139357289 M * derjohn daniel_hozac, in linux kernel stuff there is nothing really future-proof i heard (though never coded in the kernel) 1139357309 M * daniel_hozac kernel<->userspace is pretty solid. 1139357318 M * derjohn daniel_hozac, I mean my only patch that made it to the changelog was a trivial two-liner ;) 1139357352 M * daniel_hozac in-kernel APIs and ABIs seem to change on a daily basis though :) 1139357385 M * derjohn daniel_hozac, i heard that. *bsd coders say it's the worst thing in linux kernel dev. 1139357403 M * daniel_hozac progress requires change ;) 1139357489 Q * grant Ping timeout: 480 seconds 1139359465 M * daniel_hozac anyone with 2.6.15*-vs2.0.1.2 running here? 1139359616 M * Aiken 2.6.15-vs2.1.0.4 1139359655 M * daniel_hozac i assume you don't see strange values for VM in /proc/virtual/*/limit? 1139359666 M * daniel_hozac i.e. negative values. 1139359711 M * Aiken http://pastebin.com/544244 1139359726 M * Aiken just -1 in the 4th column 1139359757 M * daniel_hozac oh right, i meant the first two. 1139359780 M * Aiken at one stage I did 1139359789 M * Aiken it was fixed with a later patch 1139359844 M * daniel_hozac that was a while ago though, right? 1139359874 M * daniel_hozac like not during 2.6.15. 1139359906 M * Aiken sorry, can not remember if it was .14 or .15 1139359919 M * daniel_hozac really? that recent? 1139359948 M * mugwump 2.6.15 is recent? ;) 1139359961 M * daniel_hozac relatively. 1139360106 M * Aiken it was .14 and I was getting silly things like 1139360107 M * Aiken SEMA: 0 0 9223372036854775807 0 1139360121 M * Aiken big numbers 1139360134 M * Aiken Nov 7 last year 1139360173 M * daniel_hozac semaphore accounting isn't even present in the stable series though ;) 1139360250 J * Herb ~Zeb@68.109.160.151 1139360299 M * Herb hey, what does oftc stand for? 1139360328 M * daniel_hozac #oftc ;) 1139360348 M * cehteh old fat technical consultants 1139360373 M * daniel_hozac haha. 1139360386 J * grant mep@p50918F65.dip0.t-ipconnect.de 1139360401 M * Herb thanks i googled it :P 1139360805 Q * grant_ Ping timeout: 480 seconds 1139361051 J * Donkey ~Zeb@68.109.160.151 1139361177 Q * Herb Quit: [486] Advanced 1139362133 Q * Doener Quit: Leaving 1139362220 M * daniel_hozac Bertl_oO: kernel/fork.c:dup_mmap seems to be missing a vx_vmlocked_sub(mm, mm->locked_vm). 1139362767 M * daniel_hozac lol, ignore me. i knew that sounded familiar. 1139365212 M * ebiederm mugwump: I'm around now. 1139365319 M * mugwump hi ebiederm 1139365336 M * mugwump I'm looking now at trying to merge your patch to the VServer-Inclusion stuff 1139365345 M * mugwump or, at least, review it :) 1139365384 M * mugwump Could you perhaps comment on the core API and how it would be changed by your patch? 1139365410 M * mugwump This one: http://utsl.gen.nz/vserver/patches-split/mine/2.6.16-rc2%2bgit-vsi/1a-context.diff is the most important 1139365676 M * ebiederm Ok one second. 1139365805 J * Smutje_ ~Smutje@xdsl-87-78-87-150.netcologne.de 1139365914 Q * Smutje Ping timeout: 480 seconds 1139365914 N * Smutje_ Smutje 1139365939 M * mugwump I'll have a git-daemon set up shortly if you want to pull it 1139366086 A * ebiederm eek load 3.0 .... 1139366148 A * mugwump stops running his emacs sessions on ebiederm 1139366165 M * ebiederm lol 1139366422 M * ebiederm Sorry, incoming email, irc, and dinner all at the same time. 1139366456 M * mugwump ah, that's how your load got so high 1139366557 M * ebiederm Pretty much. 1139366789 M * Skram Okay 1139366794 M * Skram Tutorial how to limit RAM? 1139366887 M * mugwump Skram: see how you get on with http://linux-vserver.org/Resource+Limits 1139366905 M * Skram i need to do it by megabytes. 1139366939 M * mugwump see also http://www.nongnu.org/util-vserver/doc/conf/configuration.html 1139366943 M * mugwump search for rlimits 1139367001 M * Skram cat /proc/virtual/17620/limit 1139367005 M * Skram what part is RAM? 1139367020 M * Skram -1 is unlimited? 1139367049 M * mugwump you probably want to limit "rss" 1139367054 M * Skram which is? 1139367054 M * Skram heh 1139367062 M * Skram RSS: 22656 64380 -1 0 1139367092 M * mugwump so, make a file /etc/ververs//rlimits/rss.hard, and put the maximum real RAM you want that vserver to use in there 1139367108 M * Skram in kilobites? megabyes? 1139367112 M * Skram RSS is the ram used? 1139367125 M * mugwump Resident Set Size I think 1139367131 M * Skram So.. 1139367147 M * mugwump the units will be either kilobytes or pages (usually 4K) 1139367170 M * Skram 22656/1024 1139367170 M * Skram 22 1139367180 M * Skram so that vps is using 22 megabytes (approx) 1139367193 M * Skram RSS: 22656 (from cat /proc/virtual/17620/limit) 1139367207 Q * Donkey Quit: [486] Advanced 1139367605 M * mugwump ok, so the four numbers are; current usage, maximum seen, current limit, # limit hits 1139367608 M * ebiederm mugwump: I think I can at least start to comment now. 1139367677 M * ebiederm You are asking how vx_info should change when it hits my stuff. 1139367694 M * ebiederm In some sense this is the big question we have not yet resolved. 1139367768 M * mugwump right, well, at the moment, I think it fits in the Umbrella category 1139367793 M * ebiederm mugwump: Exactly. And I haven't looked deeply enough at other implementations to understand the Umbrella idea. 1139367805 M * ebiederm I think I started with my assumptions on backwards. 1139367833 M * mugwump the other virtualisation stuff can hang off it, but I think for now we have to start with some assumptions; 1139367846 M * mugwump 1. a given process only belongs to one umbrella 1139367851 M * ebiederm Everyone else generated an Umbrella structure and gave it an identifier. It never occured to me. 1139367874 M * mugwump 2. umbrellas should refcount tasks and references 1139367913 M * mugwump 3. umbrellas can have sub-umbrellas 1139367935 M * mugwump 4. individual processes can move between them with a syscall, and possibly return 1139367959 M * mugwump 5. umbrellas do nothing until they are configured 1139367975 M * mugwump that's about all I can think of for now :) 1139368002 M * mugwump er, how about 1139368021 M * mugwump 6. virtualisation sub-components' objects are not tied to a single umbrella 1139368034 M * ebiederm Ok. 1139368056 M * ebiederm The question I am still trying to understand what is the value of an umbrella? 1139368071 M * ebiederm Why don't the sub-components live directly in the task struct? 1139368090 M * mugwump because then there's a whole lot more refcounting to do, I guess 1139368132 N * Bertl_oO Bertl 1139368142 M * mugwump actually that question is very interesting. Perhaps Bertl has an idea. 1139368167 M * Bertl hey folks ... had an accident (slipped and fell on the ice) 1139368173 M * mugwump are you ok? 1139368200 M * Bertl well mostly .. now typing with the left hand :/ 1139368263 M * Bertl my responsetime will be drastically longer now I guess, but the typing should mprove :) 1139368284 M * Bertl nope, no improvement thrtr ... 1139368293 M * ebiederm lol 1139368344 M * Bertl well, why not put stuff into task instead of vx_info? 1139368374 M * Bertl because certain properties are per guest not task? 1139368375 M * ebiederm That is my question. 1139368395 M * Bertl for example, consider the limits 1139368415 M * Bertl or the accounting stuff 1139368452 M * mugwump you could have objects for each of these things, then each task goes directly there rather than through an umbrella 1139368481 M * Bertl you can consider the vx_info apendant to the struct namespace 1139368498 M * Bertl just for guest specific info 1139368545 M * Skram Im back 1139368558 M * mugwump I guess the question is, do you ever care about overlapping or disjoint membership to the individual virtualisations? 1139368572 M * Skram Bertl: is RSS ram in kilobytes? please say yes. 1139368578 M * Bertl pages 1139368591 M * mugwump eg, my PID namespace is with those processes over there, but my resource usage with with this other set of processes 1139368593 M * Skram how does that convert to kb? 1139368600 M * mugwump s/with with/is with/ 1139368615 M * Bertl Skram: depends on the pagesize 1139368639 M * mugwump so, one model is heirarchical, and the other relational 1139368640 M * Skram how do i find it out? 1139368659 M * Bertl http://linux-vserver.org/Resource+Limits 1139368676 M * mugwump heh, I pointed him at that one already :) 1139368684 M * Skram okay didnt see 1139368685 M * Skram thanks 1139368743 M * Skram The page size is 4096 1139368770 M * Skram im new to this a bit, how does pagesize compare to kbs of ram or etc. 1139368787 M * ebiederm page size is fixed per architecture. 1139368792 M * ebiederm It's a hardware thing. 1139368811 M * Skram mine is 4096, okay. 1139368832 M * Skram if i want to limit ram, how do i calculate how much mb's or whatever are in X pages of ram/vice versa 1139368842 M * Bertl ebiederm: regarding email, I'd go for the clone approach, and make syscall(s) to move between namespaces and to manipulate spaces on behalf of the guest 1139368867 M * Bertl X*pagesize = memory 1139368876 M * Skram X being? 1139368879 M * ebiederm Bertl: Sounds roughly what I was thinking. 1139368885 M * Bertl memory/pagesize = X 1139368895 M * Bertl Skram: the X from your question 1139368912 M * Skram okay 1139368914 M * Skram so 1139368926 M * Skram 4096 pages = 1kb ram? 1139368942 M * ebiederm Bertl: I had to ask so people could see the question and so I could drag the OpenVZ guys back into the conversation. 1139368961 M * ebiederm And the truth is that it doesn't much matter :) 1139368974 M * Bertl Skram: just insert 4096 where X is 1139368998 M * ebiederm 16MB..... 1139369003 M * Bertl and tthe pagesize (4096) where pagesize is 1139369046 M * Bertl e.g 100 pages a 4096 bytes = 400kb 1139369068 M * Skram 409600 1139369070 M * ebiederm Ok. To get a handle on umbrella structures I think I need to look and see what vserver and openvz put in theirs. 1139369091 M * Skram Im confused 1139369107 M * Skram 1 page (4096 bytes) EQUALS 400kb ram? 1139369114 M * locksy Page = 4096 bytes = 4Kb 1139369132 M * Skram 4kb ram? 1139369137 M * Skram just verify please. 1139369148 M * ebiederm 1 page is 4KB of ram. 1139369157 M * Skram Thank you. 1139369168 M * Skram so 1 megabyte of ram is.. 1139369173 A * Skram runs for a calc. 1139369176 M * ebiederm 1024*1024 bytes. 1139369181 M * locksy for X Mb you need 256 * X pages 1139369182 M * ebiederm 256 pages. 1139369198 M * Skram 256 pages == 1048576bytes 1139369218 M * Skram Complicated, but I understand. 1139369230 M * Bertl ebiederm: http://www.13thfloor.at/vserver/d_rel26/v2.1.0/split-2.6.14.4-vs2.1.0/31_2.6.14.4_cmdef.diff.hl 1139369280 M * Bertl the utsname can go in a separate namespace 1139369303 M * Bertl the dlinfo is already a separate one 1139369318 J * stefani ~stefani@c-24-19-46-211.hsd1.wa.comcast.net 1139369331 M * Bertl ebiederm: network info too 1139369376 M * ebiederm dlinfo info? 1139369385 M * ebiederm sorry that is a reference I don't get. 1139369387 M * Bertl ebiederm: if you want to have a 'limit' and accounting namespace, then you can see the vxinfo as that 1139369399 M * Bertl dlinfo is disk limits 1139369404 M * ebiederm got it. 1139369421 M * Skram RSS: 22659... so that is... 88megs of RAM? 1139369429 M * Bertl ebiederm: it is per (xid,sb) 1139369432 M * ebiederm What did you have to do to struct namespace? 1139369440 M * Skram ? 1139369460 M * Bertl ebiederm: a few additions 1139369475 M * Bertl ebiederm: nothing to the struct itself 1139369503 M * Skram Bertl / ebiederm was that right? 1139369513 M * Bertl 22659*4096 = 92811264 1139369524 M * Skram RSS: 22659... so that is... 88megs of RAM? 1139369534 M * Bertl 92811264 / 1024/1024 = 88 1139369545 M * Skram i thought one could just deivde by 256 1139369545 M * Skram yeah.. or do it that way... 1139369571 M * ebiederm I get 88.5 but yea. 1139369572 M * Skram so difference between hard and soft limits? 1139369588 M * Skram ebiederm: yeah... 1139369590 M * Bertl yes, hard will be hard 1139369608 M * Bertl i.e you will not be allowed above 1139369615 M * Skram soft would be? can I get away with just setting hard in /etc/verservs/name/rlimits/rss.hard 1139369631 M * Skram and just set that? 1139369660 M * Bertl soft means, if you are over the limit you will get penalized in some way 1139369677 M * Skram not needed 1139369688 M * Skram so i just set the rlimits rss.hard and have to restart the machine then? 1139369695 M * Skram will they get a message if they run out of ram? 1139369707 A * Bertl is typing one handed ... had aan accident ... 1139369741 M * Bertl Skram: for example but not implemented yet 1139369763 M * Skram okay 1139369765 M * mugwump I think top already shows the limited figure as free 1139369780 M * Skram must i restart the vps for rlimits to take place? 1139369802 M * Bertl no, you can set them with vlimit on the fly 1139369868 M * Bertl and yes, latest devel version shows soft as mem and hard-soft as swap 1139369875 M * Skram vlimit -cl-xid 617620 --rss #? 1139369889 M * Bertl -c or -xid 1139369894 M * Skram okay 1139369895 M * Skram i see. 1139369897 M * Skram fine. 1139369905 M * Bertl and xid is your context number 1139369919 M * Bertl (between 2 and 49151) 1139370022 M * ebiederm I need to step back and get a better feel. But I get the idea. 1139370089 M * ebiederm struct signal servers a similar purpose for thread groups. 1139370149 M * Bertl yes similar like that 1139370175 M * Bertl it is only required for accounting and limits per context 1139370198 Q * Greek0 Read error: Connection reset by peer 1139370206 M * Bertl btw I have no problem to make taht some kind of 'namespace' too 1139370230 M * Bertl i.e some limit namespace or so ... 1139370232 M * Skram but like, Mem: 80 76 3 0 0 1072 1139370236 M * Skram Cool 1139370238 M * Skram sorry didnt mean to paste 1139370243 M * Bertl np 1139370253 M * Skram so if i do a vlimit and restart the vps 1139370260 M * Skram will the setting stay? 1139370266 M * Bertl no 1139370275 M * Bertl you add them to the config 1139370279 M * Skram so i should really do vlimit, and edit rlimits/rss 1139370288 M * Skram rss is soft and rss.hard is hard? 1139370299 M * Skram thats what someone said before 1139370301 M * Bertl well if you reboot anyway then you can skip the vlimit 1139370324 M * Bertl (reboot the guest that is) 1139370332 M * Skram right okay 1139370357 M * Bertl rss.soft rss.hard 1139370364 M * Bertl rss alone is both 1139370374 M * Skram okay.. 1139370376 M * Skram cool. 1139370383 M * Skram and not set or -1 is unlimited? 1139370452 J * Greek0 ~greek0@85.255.145.201 1139370461 M * Bertl IIRC it's 'inf' for the tools 1139370473 M * Bertl the display shows -1 for unlimited 1139370533 M * Bertl ebiederm: do we have enough CLONE_* flags for that? 1139370571 M * Bertl ebiederm: if so, I'd prefer to have an initially empty new one or a cloned one for _all_ the cases 1139370586 M * Bertl including the limits, accounting 1139370609 M * Bertl ebiederm: we then would add a CLONE mask to allow/deny certain flags 1139370630 M * ebiederm one sec. 1139370632 M * Bertl ebiederm: those flags would either be per namespace or per context 1139370661 M * Bertl (see context flags and caps for details) 1139370803 M * mugwump muhaha! I have assimilated eric's branch into my git repo 1139370819 M * ebiederm Bertl: You found the problem with using clone. We are almost out of clone flags. 1139370843 M * Bertl ebiederm: oaky, and we need another one IMHO for kernel threads 1139370844 M * ebiederm Ok. Now to the real answers. 1139370904 M * ebiederm If there is a namespace all containers will have a fresh copy of anyway I think we should piggy back on that namespace for the container identity. 1139370916 M * Bertl mugwump: if you revert the pid stuff from vserver, it might actually work ... 1139370922 M * ebiederm If there is not such a namespace we should have a separate container one. 1139370955 M * Bertl ebiederm: parse error 1139371001 M * ebiederm If there is not a namespace all containers want a fresh copy of, we need to a separate namespace for that. 1139371034 M * ebiederm The practice of putting all of the pointers in the container structure is what had me really confused. 1139371044 M * Bertl ebiederm: hum, pls rephrase again ... 1139371065 M * ebiederm Trying this very simple. 1139371086 M * ebiederm For lack of a better term containers are what we build with our selection of namespaces. 1139371101 M * Bertl objection 1139371119 M * ebiederm Ok. What term should we use. 1139371124 M * Bertl we build lose groups of tasks sharing certain namespaces 1139371140 M * Bertl task A and B could share the pid space 1139371148 M * Bertl but have different file spaces 1139371159 M * ebiederm Bertl: Agreed. 1139371215 M * mugwump namespace groups. 1139371221 M * mugwump namespace sets. 1139371245 M * Bertl ebiederm: further, process C (given the move/enter is supported) could share the file space of A 1139371268 M * Bertl but be in adifferent pid space (admin) 1139371275 M * ebiederm Ok. For purposes of this discussion what we build with our selection of namespaces are groups. 1139371289 M * mugwump cliques, perhaps 1139371302 M * Bertl distinct spaces for each flavour 1139371321 M * Bertl IMHO space or namespace is a good term for that 1139371328 M * Skram WTF is a user doing taking up 500megs of ram 1139371412 M * ebiederm If there is someting 99% of all groups have as a distinct namespace I say we put the limits and other umbrella pieces there. 1139371442 M * ebiederm If there is not such a namespace the umbrella pieces should be the own separate entity. 1139371444 M * Bertl that would be the pid space IMHO 1139371473 M * ebiederm Bertl: That is what I was thinking. 1139371493 M * Bertl but IMHO this design is flawed (somwehat) 1139371501 M * ebiederm Ok. 1139371519 M * Bertl at least it opens a can of worms for hierarchical structures 1139371542 M * Bertl create 'guest' in guest to escape memory limit 1139371544 M * mugwump would you agree this is a heirarchical vs relational design decision? 1139371570 M * Bertl if the structure is flat (one time pid space) then this isn't an issue 1139371596 M * ebiederm So hierarchical limits are a problem. 1139371601 M * Bertl my preference would be to have a 'context' namespace 1139371625 M * ebiederm Bertl that just holds the limits, and such? 1139371626 M * Bertl which does actually do nothing except controlling/limiting the namespaces 1139371648 M * Bertl e.g. with context flags and capability limits 1139371673 M * Bertl something the current vx_info can shrink to 1139371681 M * ebiederm That doesn't solve the hierarchical problem though. 1139371706 M * Bertl it does, you can forbid resource limits above the parent's limits 1139371746 M * mugwump accounting might be slow, but I guess it's better than nothing 1139371768 M * ebiederm Does the bean counter stuff do anything like this? 1139371779 M * Bertl nope 1139371790 M * Bertl ckrm did aim for that 1139371816 M * ebiederm The problem is that while your limits may not exceed your parents limits both you and your parent can simultaneously consume those limits. 1139371842 M * Bertl as mugwump said, depends on the accounting 1139371862 M * Bertl if it is accounted in child and parent no 1139371897 M * Bertl the hierarchy would be created there ... 1139371916 M * Bertl mom, afk 1139371931 M * ebiederm ? 1139371956 M * ebiederm I can see how it would be possible but walking all of the way to the parent of the hierarchy looks to be a problem. 1139371975 M * ebiederm Or rather a pain. 1139372015 M * ebiederm Already doing things like counting the number of processes inside the tasklist_lock can occasionally cause problems for some large machines. 1139372044 M * SuperLag hmm 1139372056 Q * gerrit Ping timeout: 481 seconds 1139372061 M * SuperLag created a new guest with vserver-new, and it won't start 1139372086 M * mugwump I think "mom" meant "moment" ;) 1139372145 M * mugwump ebiederm: well, logically there would need to be a level of indirection... 1139372152 M * ebiederm irc abbreviations, something I haven't learned yet. 1139372211 M * ebiederm mugwump: yes. It just isn't a trivial problem. 1139372227 M * mugwump ok, but the umbrella could have a pointer to the accounting_struct 1139372237 M * mugwump that this umbrella is to charge to 1139372290 M * mugwump that's lots of levels of indirection, but those can be cached away either in task_struct or via other tricks (like allocating at the end of the vx_info) as required 1139372352 M * mugwump after all, so long as they are in the same cacheline they get fetched all at once 1139372355 M * ebiederm I think to hierarchical limits you need to do something like have a real limit and a current allocation on each limit structure. 1139372379 M * mugwump these problems are already solved quite well in the network space 1139372390 M * Bertl SuperLag: vserver-new is not part of the mainline tools, contact the debian maintainer ... 1139372417 M * ebiederm Such that you current limit + all of your childrens current limit add up to your current limit. 1139372430 M * ebiederm mugwump: What part of the networking code has hierarchical limits? 1139372462 M * SuperLag Hollow: you around? 1139372471 A * SuperLag bets Hollow is asleep 1139372472 M * mugwump for instance, I wrote the CPU scheduler after reading about the HTB scheduler (sch_htb) 1139372478 M * Bertl ebiederm: the networking in hierarchies will become even more interesting 1139372486 M * Bertl SuperLag: ah, it's gentoo? 1139372492 M * SuperLag Bertl: yes sir 1139372513 M * mugwump there are lots of modules under the CONFIG_NET_SCHED menu option 1139372524 M * Bertl SuperLag: well, basically same applies there, but usually those tools are working 1139372551 M * ebiederm Bertl: I have no plans for hierachical scheduling. 1139372571 M * ebiederm Err hierharchical networking. 1139372586 M * Bertl ebiederm: in a hierarchical structure, the sub-guests would have to send packets to the parents devices, should not be too hard, no? 1139372600 P * stefani parting (is such sweet sorrow) 1139372602 M * SuperLag Bertl: yeah, it created the host fine. it's just not starting. The output is here: http://rafb.net/paste/results/1IdTTp99.html 1139372632 M * ebiederm Bertl: Correct. What I meant was that I have no plans for a network implementation that is hierarchical. The connections be a number of relays. 1139372635 M * mugwump I can see eventually the abstractions used by, eg, the CFQ module in the networking stack, be applied to virtualisation 1139372643 M * Bertl ebiederm: but anyway, let's focus on the flat model, but keep the hierarchies in mind 1139372685 M * Bertl SuperLag: what context id does your guest have? 1139372733 M * SuperLag 66176 1139372752 M * Bertl that's too high, 49151 is the highest possible value for now 1139372777 M * SuperLag I thought it was supposed to be the last two octets of your NICs IP address? 1139372801 M * Bertl that's just a suggestion (if it applies) 1139372807 M * SuperLag oh 1139372819 M * Bertl but just use 6176 in your case 1139372835 M * SuperLag so the context ID is a number of your choosing? there aren't any specific requirements for that number? 1139372869 M * mugwump there's a dynamic range, and an arbitrary limit 1139372895 M * mugwump dynamic is top 3/4 of 64k 1139372910 M * mugwump er, I mean dynamic is top 1/4 of 64k 1139372914 M * mugwump static is other 3/4 1139372962 M * mugwump ebiederm, what did you generate your patchset you sent to the list with? 1139372969 M * ebiederm Well if the OpenVZ guys and the IBM guys agree on the what the umbrella structure is for and the cycle counters agree it is a good idea going flat sounds like a great idea. 1139372981 M * ebiederm git-format-patch... 1139372998 M * Bertl SuperLag: so for you it should be between 2 and 49151 1139373042 M * ebiederm Bertl: How does having a separate context structure help the hierarchical problem? 1139373068 M * Bertl that you can precisely identify your hierarchy in that structure 1139373093 M * Bertl (and of course, give certain rights to the children) 1139373119 M * mugwump ouch! I have 109 .txt files! 1139373136 M * SuperLag hot damn!! 1139373148 M * mugwump (from git-format-patch on ebiederm's branch) 1139373152 M * Bertl mugwump: btw, the current 2-49151 limit is about to go away ... 1139373185 M * Bertl mugwump: the 'tag' patches are the first step in this direction 1139373208 M * ebiederm mugwump: Give me a moment to breath. You've got my old branch which is interesting especially for networking but possibly not what you want. 1139373222 M * mugwump ebiederm: ah, is that what's happened 1139373236 M * mugwump I thought given it had two week old commits that it was the most current 1139373299 M * SuperLag derjohn pointed out a FAQ that answered what to do if an incoming ssh connection went through straight to the host, instead of connecting to the guest. and I see the ListenAddress line, but there are two of 'em and I don't know which one to edit 1139373322 M * mugwump SuperLag: delete the :: one unless you want IPv6 1139373389 M * ebiederm mugwump: Look which kernel it was against. I got to that point and then started looking at what was necessary for kernel inclusion. 1139373483 M * mugwump well, I recommend looking at stgit for managing it. I've been loving it :) 1139373535 M * mugwump it's really nice to be able to re-base against Linus' head with one command, and have all my intermediate patches updated, with ediff popping up when there's a conflict 1139373541 M * ebiederm mugwump: I probably need to look at stgit. So far the basic tools have been enough. But something that makes it easier to merge and refactor patches may be nice. 1139373565 M * ebiederm mugwump: Is there an emacs mode for stgit? 1139373594 M * mugwump it's just a git extension, you can still use git commands 1139373630 M * ebiederm What triggers ediff popping up when there is a conflict? 1139373660 M * mugwump my .stgitrc 1139373676 M * ebiederm sneaky. 1139373680 M * mugwump utsl.gen.nz/vserver/stgitrc 1139373696 M * mugwump guh, sorry 'bout the mime type 1139373728 M * mugwump the 'smartmerge' program is also in that dir 1139373733 M * mugwump utsl.gen.nz/vserver/smartmerge 1139373750 M * mugwump it just does diff3 falling back to ediff-merge-files-with-ancestor 1139373777 M * mugwump anyway, I have to go, but I think it's great we're approaching consensus of our goals in some form :) 1139373864 M * Skram This is sad.. my 19" monitor's perimeter is full of sticky notes of work/projects to do... some small, some huge. shit. 1139373868 A * mugwump goes to a movie with $GF 1139374031 M * ebiederm It's not enough we are talking on irc Bertl goes off and emails me! 1139374078 M * Bertl :) 1139374624 M * ebiederm Skram: The solution is clear. It is time to get a bigger monitor! 1139374641 A * Bertl opts for smaller font :) 1139374667 M * Bertl use misc-unreadable-3pt 1139374694 M * ebiederm Bertl: How does that help Skram put more sticky notes on his monitor? 1139374744 A * Bertl slaps his head ... 1139374756 M * Bertl he is talking about 'real' sticky notes?! 1139374788 M * ebiederm All around the sides.... 1139374791 M * Bertl Skram: this is the 21th century, virtualize your stickies now! 1139374802 M * Skram heh 1139375018 M * ebiederm Bertl: I'm worse. I use the cave man approach. I keep it all in my head! 1139375054 M * Bertl ebiederm: wow, do you have grey skin? 1139375113 J * Loki_muh loki@satanix.de 1139375116 M * ebiederm No... Why? 1139375141 M * ebiederm I get so many things on my todo list being able to simply forget them helps a lot :) 1139375154 M * Bertl maybe a trunk then? 1139375182 M * Bertl well, must be a brain of an elephant to keep all that stuff :) 1139375188 M * ebiederm lol 1139375223 M * ebiederm I caugt on at trunk, and was laughing so I couldn't reply earlier. 1139375231 Q * Loki|muh Read error: Connection reset by peer 1139375234 M * Bertl lol 1139375288 M * bwana virtual sticky notes, i dunno 1139375291 J * phreak``_ ~phreak``@styx.xnull.de 1139375338 J * rene- ~rene@dsl-201-128-115-190.prod-infinitum.com.mx 1139375354 Q * phreak`` Read error: Connection reset by peer 1139375395 M * Skram haha 1139375413 M * Skram i use xpads sometime 1139375432 M * bwana can you put those on the refrigerator? 1139375438 M * Skram ha, ha. 1139375439 M * ebiederm Bertl: Thanks for the reply to my issues question. 1139375454 M * Bertl bwana: sure, just get a virtual one ... it was about time anyway ... 1139375460 M * bwana heh 1139375471 M * bwana virtual food isn't too tasty though 1139375476 M * Bertl ebiederm: well, I thought it would make sense, even if we discussed it here already 1139375485 M * bwana and i hear it's not to nutricious either 1139375502 M * Bertl bwana: the virtual pets like it :) 1139375520 M * bwana yea the virtual poop is easy to get rid of 1139375525 M * bwana rm ./poop 1139375526 M * ebiederm Bertl: It also helps in that there are people watching the kernel thread so they can understand what implementations make it into the kernel. 1139375583 M * ebiederm bwana: find / -name 'poop' -exec rm ';' is more likely. 1139375651 M * Bertl ebiederm: well, honestly, I got the feeling most folks do not even bother to read the mails, just reply something ... 1139375711 M * ebiederm Bertl: I agree that there is a lot that gets missed. But there is a lot you can get just by watching the tone of a conversation. 1139376280 M * ebiederm Ok. I think I am caught of on my email for the moment. 1139376547 M * ebiederm Doubtless daylight will be dawning in Europe in a few hours and the discussion will resume. 1139376556 M * ebiederm Time for me to go to bed so I can survive it. 1139376560 N * ebiederm ebiederm_zZ 1139376564 M * Bertl k, good night! 1139376684 M * rene- derjohn: Hi, i have reinstalled my host system on one partition, you mentioned that the debootstrap was a lesser way to create vservers, can you suggest a better one 1139376706 M * Bertl rene-: hmm, what's bad about debootstrap? 1139376718 M * Bertl rene-: but yes, you have many ways to create a guest 1139376728 M * Bertl rene-: you could for example copy a template 1139376777 M * rene- i ve tried with: vserver build -n --hostname --interface :/ -m debootstrap -- -d 1139376801 M * Bertl -n ... is wrong, remove that 1139376855 M * rene- -n or just -n 1139377207 M * Bertl vserver build --hostname --interface :/ -m debootstrap -- -d 1139378056 M * Skram so.. what version notifies the vps user (inside their vps) that they are out of ram? 1139378079 M * Skram i saw it in dmesg,,, though it didnt say the XID of the vserver (the vpshost's dmesg, not gues image) 1139378444 M * locksy Is there any thoughts on a 2.0.x release that includes BME? (or an extra BME patch that applies nicely to current 2.0.x) 1139378526 M * rene- i have finished creating the vserver but when i enter this vps, its eth0 interface has no ip assigned, i specifed it in the --interface option for the vserver program but hasnt sticked 1139378569 M * rene- ifconfig is not allowed from within the vps 1139378604 M * rene- do i have to edit /etc/network/interfaces for the guest from the host? 1139379051 M * Bertl locksy: yes, the next stable release will have BME and there is a patch for the current one 1139379115 M * Bertl http://vserver.13thfloor.at/Experimental/BME/delta-2.6.14.2-vs2.0.1-rc2-bme0.06.1.diff 1139379191 M * Bertl Skram: guests get -ENOMEM when out of ram (or processes get killed with overcommit) 1139379211 M * Skram whats that? 1139379213 M * Bertl rene-: thats jumping to conclusions 1139379233 M * Bertl rene-: there _is_ an ip assigned, just the outdated ifconfig does not see it 1139379256 M * Bertl rene-: use 'ip addr ls' instead or use the old fashioned aliases 1139379320 J * gerrit ~gerrit@c-67-160-130-59.hsd1.wa.comcast.net 1139379327 M * Bertl wb gerrit! 1139379341 M * gerrit hi Bertl! 1139379756 M * locksy That bme0.06.1 doesn't apply to 2.6.15-vs2.0.1.2... :( 1139379770 M * rene- Bertl: now that you mention it i can ping the internet so there must be an IP 1139379786 M * locksy Not a simple fix either 1139379798 M * rene- Bertl: i dont seem to have the ip program 1139379833 M * Bertl locksy: yes, I know, for 2.6.15 or 16 you ahve to use the one from devel 1139379874 M * Bertl rene-: iproute or iproute2 1139379911 M * Bertl rene-: but you can also use the older aliases if you prefer, just add a 'name' entry to your interface config for the guest 1139380137 J * Aiken_ ~james@tooax7-242.dialup.optusnet.com.au 1139380199 M * Skram whats vkill ---whatever again? 1139380204 M * Skram nvm got it :) 1139380253 M * rene- Bertl: cool im getting the idea of it, ip addr ls outputs the ip set in vserver/interfaces/0/ip in host context 1139380267 M * Bertl yep, and guest will only see that one 1139380454 Q * Aiken Ping timeout: 480 seconds 1139380492 M * rene- im trying to scp a file to my server, i have set listenaddress to the right ip in sshd config. but files arent showing up... 1139380530 M * Bertl a) from where to where 1139380548 M * Bertl b) where do they 'not show up'? 1139380558 M * Bertl c) what do the logs say (host and guest) 1139380581 M * rene- from host to guest, and from third party to guest 1139380586 M * Bertl my best bet would be that your host's sshd is not restricted and you scp the files there instead into the guest 1139380590 M * rene- they dont show up in guest fs 1139380600 M * rene- gotcha 1139380861 M * rene- ip addr ls in host environment shows guest ip. is this correct behaviour? 1139380883 M * Bertl yes, networking is on the host, guest just has a subset of IPs to bind to 1139381095 M * rene- great 1139381141 M * rene- are there ways to duplicate vservers? 1139381167 M * Bertl yes, you create a skeleton config, and cp -va the guest data 1139381185 M * Bertl (or use dump/restore or rsync over network) 1139381195 M * rene- cool 1139383716 J * balbir ~balbir@59.145.136.1 1139383789 P * rene- 1139384778 M * SuperLag can you do something similar with http like you do with sshd, so that http requests get picked up by the guest properly, instead of going straight through to the host? 1139384810 M * Bertl sure, again depends on the setup 1139384830 M * Bertl if you share a single ip between guest and host, you have to use different ports 1139384866 M * SuperLag 2 NICs. 1 NIC for me, 1 NIC for the guests. (there will end up being around 4) 1139384901 M * Bertl then either use the v_http wrapper or just limit the host's httpd to host-only ips 1139385788 Q * bwana Read error: Connection reset by peer 1139388085 Q * shedi Quit: Leaving 1139388146 J * RoadRunnR ~MrRoadRun@213.187.82.17 1139388206 M * RoadRunnR hi, could somebody help me with this holder stuff in experimental? 1139388728 M * Bertl holder? 1139388789 M * RoadRunnR morning, i have a problem with blockdevs that can't be umounted after a vserver was on them, even when then vserver has been stoped 1139388807 M * RoadRunnR i though the holder patch was exactly there do debug this problem 1139388859 M * Bertl ah, now I know what you're talking about 1139388876 M * Bertl well, yes and no, the holder stuff was a test to verify some assumptions 1139388896 M * Bertl RoadRunnR: what kernel version do you use? 1139388913 M * RoadRunnR 2.6.16-rc1-vs2.1.0.9 + drbd0.7 1139388940 M * RoadRunnR basicly the latest i could find a vserver patch for 1139388948 M * Bertl okay, this version should not 'claim' devices if they are not used 1139388965 M * RoadRunnR well, it does :-( 1139388982 M * Bertl any proof? 1139389009 M * RoadRunnR Feb 8 08:40:57 linux kernel: bdev[ffff81011fc2e740]: holder=ffffffff881dbe40[2] 1139389022 M * Bertl what I mean is: are you absolutely sure that not some namespace is using it? 1139389043 M * RoadRunnR well, vps shows nothing 1139389080 M * Bertl please try to explain to me what you do to 'make it happen' 1139389124 M * RoadRunnR http://pastebin.com/544642 1139389184 M * RoadRunnR ok, quite simple, base systm is a AMD64 Debian Etch, block device stack is: MegaRaid - LVM - DRBD - XFS 1139389208 M * Bertl what does /proc/virtlual contain? 1139389234 M * RoadRunnR mount partition to /var/lib/vservers/vsap, created a new debian guest with newvserver, start it, stop it, try to umount - boom 1139389254 M * Bertl boom means? 1139389276 M * RoadRunnR umoun returns: umount: /var/lib/vservers/vsap: device is busy 1139389281 M * Bertl okay 1139389317 M * RoadRunnR /proc/virtual: http://pastebin.com/544643 1139389373 M * Bertl could you kill that away for me: # 1139389373 M * Bertl 7027 0 MAIN ? S 0:00 /usr/lib/util-vserver/legacy/rebootmgr --pidfile /var/run/rebootmgr.pid 1139389419 M * RoadRunnR done, no change 1139389467 M * Bertl how hard would it be to test with ext2 instead of xfs? 1139389492 M * RoadRunnR not too, give me 5min 1139389511 M * Bertl ok, I'll do breakfast in the meantime 1139389525 M * RoadRunnR good idea, i'll do this as well 1139389635 J * prae ~prae@ezoffice.mandriva.com 1139389928 M * RoadRunnR Bertl: 1st result, without DRBD on ext2 works as expected, i'm going to reboot the box so i can test it with drbd 1139389978 M * Bertl ah, please also test with drb + xfs but without vserver 1139389999 M * Bertl (i.e. just access a few files, no guest start) 1139390034 M * RoadRunnR wiil do 1139391058 M * Bertl RoadRunnR: so .. any results? 1139391487 J * shedi ~siggi@tolvudeild-204.lhi.is 1139391636 J * meandtheshell ~markus@85-124-34-105.dynamic.xdsl-line.inode.at 1139391834 J * mcp ~hightower@wolk-project.de 1139392220 M * RoadRunnR Bertl: back, with interesting results, it's not the vserver itself, it's the installion process 1139392243 M * RoadRunnR start/stoping the vserver works on both XFS and ext2 1139392267 M * RoadRunnR the device gets stuck after the debian newvserver ... stuff, both on XFS and ext2 1139392505 M * Bertl hmm, very interesting ... 1139392538 M * Bertl maybe some of the 'host' processes are still there? 1139392582 M * Bertl nfs comes to my mind but other 'daemons' too ... 1139392593 M * RoadRunnR i can't seen any ... but i could try to blindly kill some and see what happens 1139392606 M * Bertl make that ... 1139392621 M * Bertl I'd start with nfs* 1139392643 M * Bertl btw, a simple stop should suffice :) 1139392648 M * RoadRunnR already done, still stuck 1139392665 M * Bertl well, let's kick the proftpd then 1139392680 M * RoadRunnR ftp, exim also no result 1139392690 M * Bertl what's left? 1139392724 M * RoadRunnR plenty, inetd, cron, sshd, lpd ... 1139392760 M * Bertl udevd? 1139392807 M * Bertl could you upload a vps auxwww of the currently left overs 1139392842 M * RoadRunnR http://pastebin.com/544671 1139392922 M * Bertl two bashs, two shells? 1139392987 M * RoadRunnR one is the console, the other my ssh session 1139392996 M * RoadRunnR i have killed both, no change 1139393003 M * Bertl okay, let's kill them too, just to make sure 1139393011 M * Bertl i.e. logon again via ssh afterwards 1139393020 M * RoadRunnR already tried 1139393048 M * Bertl okay, so what happens if you do not use the debian newvserver stuff at all? 1139393059 M * Bertl does it block the guest too? 1139393071 M * RoadRunnR new vps http://pastebin.com/544677 1139393072 J * Kara_ ~Kashira@ip-80-226-145-121.vodafone-net.de 1139393081 M * Kara_ mornin :) 1139393114 M * RoadRunnR Bertl: haven't trie yet, i guess i need to figure out how that vserver build for debian works first ... 1139393149 M * Bertl http://linux-vserver.org/alpha+util-vserver 1139393157 M * Bertl just use one of the examples from there 1139393184 M * Bertl * vserver foo build -m debootstrap --hostname vs.foo.org --netdev eth0 --interface 192.168.3.1/21 --context 42 -- -d sarge -m ftp://ftp.debian.org/debian 1139393199 M * Bertl there is no real reason for the newvserver stuff 1139393212 M * RoadRunnR ok, i'll do that, need to reboot first though 1139393256 M * RoadRunnR newvserver is mostly a wrapper around vserver build and it cleans some stuff afterwards from the new server 1139393568 M * Bertl RoadRunnR: I assume you tried to find a process with lsof +d/+D, right? 1139393600 M * RoadRunnR yes 1139393613 M * Bertl k, just checking 1139393817 M * RoadRunnR the vserver build works and all is ok, starting/stoping also works, so it has to be something the newvserver stuff does that causes the problem 1139393829 M * Bertl very strange ... 1139393857 M * Kara_ RoadRunnR: Did it work for you with ftp.debian.org? 1139393929 M * RoadRunnR Kara_: it's not what you think, the device i'm installing on becomes stuck (can't be umounted anymore) after i run newvserver on it 1139393956 M * Kara_ oh k. sry than 1139394137 M * RoadRunnR Bertl: i'm sorry, the install went do a different path, not the mounted device 1139394163 M * RoadRunnR however, when i remove the wrong installation, i noticed some strange errors 1139394198 M * RoadRunnR http://pastebin.com/544677 1139394200 M * Bertl like proc being mounted inside? 1139394237 M * Bertl what does your /proc/mounts contain on the host? 1139394251 M * RoadRunnR nope, some file node where busy, a could not be remove on the first try, however a second rm just after the first one succeded 1139394274 M * RoadRunnR http://pastebin.com/544677 1139394314 M * Bertl hmm, looks always the same to me :) 1139394338 M * RoadRunnR did you see the errors? i think pastebin ate them ... 1139394345 M * Bertl don't worry, I found the postings ... 1139394398 M * Bertl I'd assume, for thatever reason, the namespaces are not properly disposed ... 1139394415 M * Bertl this seems to be a (new?) mainline issue .. but I will check later 1139394444 M * RoadRunnR i think i gave see this before, but i'm not sure 1139394447 M * Bertl the install process will do those 'strange' mounts 1139394464 M * Bertl /proc, /dev/pts and /tm 1139394468 M * Bertl +p 1139394475 M * RoadRunnR i think it was alread present in 2.6.13.2-vs2.1.0-rc2 1139394499 M * Bertl they seem to stay there after the isntall finishes 1139394515 M * Bertl but curiously, they are not listed in /proc/mounts 1139394551 M * Bertl you currently try an umount, yes? 1139394562 M * RoadRunnR what is the system thinks those files are open, wouldn't that cause the same problem 1139394597 M * Bertl could you blindly try to umount the 'strange' mountpoints first? 1139394603 M * RoadRunnR yep, i've build a vserver now with then normal tools in the right place and it shows the same umount thing 1139394624 M * Bertl i.e. do umount /path/to/guest/proc 1139394635 M * RoadRunnR linux:~# umount /var/lib/vservers/vsap/vsap3/tmp/ 1139394635 M * RoadRunnR umount: /var/lib/vservers/vsap/vsap3/tmp/: not mounted 1139394646 M * Bertl and similar for pts and tmp, and see if anything changes in the hold counter? 1139394688 M * Bertl try umount -f if umount complains 1139394739 M * RoadRunnR same, complains with "not mounted" 1139394761 M * Bertl any changes regarding hold? 1139394770 M * RoadRunnR nope, still the same 1139394836 M * Bertl okay, if you install _another_ guest to the same partition, check if the holder count increases by the same amount 1139394847 M * Bertl will think about it and check this evening, but now I really have to get to bed 1139394868 M * Bertl the following things could be interesting to test though 1139394889 M * Bertl - what happens with 2.6.15 + stable 1139394904 M * Bertl - what happens with 2.6.16-rc2 1139394916 M * Bertl - what if you use a non-vserver kernel for the install? 1139394932 M * Bertl okay, off to bed now .. back later ... 1139394939 M * RoadRunnR there is no -rc2 patch and the -rc1 does not apply cleanly 1139394943 M * RoadRunnR good night then 1139394972 M * Bertl okay, right about rc2, will check that in the evening 1139394980 N * Bertl Bertl_zZ 1139395752 M * Aiken_ RoadRunnR something like this after stopping a guest? http://pastebin.com/544700 1139397598 M * RoadRunnR Aiken_: jep, the same 1139397731 M * Aiken_ I am still wondering about what is happening myself 1139397742 M * Aiken_ but makes me feel better that is not only me 1139398518 J * Aiken__ ~james@tooax6-166.dialup.optusnet.com.au 1139398618 J * lilalinux ~plasma@80.69.35.186 1139398869 Q * Aiken_ Ping timeout: 480 seconds 1139399695 M * prae Bertl_zZ: http://people.mandriva.com/~blino/uc/initscripts-7.61.1-50.1.20060mdk.i586.rpm 1139399711 M * prae Bertl_zZ: your patch has been added :) 1139399826 M * prae "- ifup: fix VLAN support (vconfig path, from Herbert Pötzl)" 1139400355 J * Doener doener@i5387DE50.versanet.de 1139401478 J * Amadillo ~Amadillo@DSL01.83.171.182.133.NEFkom.net 1139401553 M * Amadillo http://www.street-conflicts.com/index.php?refferer=4 1139401781 M * Loki_muh very sympatic - lots of sex advertisments *g* 1139401938 Q * Amadillo autokilled: Go spam somewhere else. Mail support@oftc.net if you feel this ban to be in error. 1139401987 M * Loki_muh hmmm, good joice :) 1139402656 M * SiD3WiNDR and it's referrer not refferer! :p 1139405323 Q * weasel Remote host closed the connection 1139405329 J * weasel weasel@asteria.debian.or.at 1139406137 Q * Aiken__ Quit: Leaving 1139406233 Q * balbir Quit: Leaving 1139407597 M * SuperLag Xen allows you to dedicate a fixed amount of RAM to each VM. Can you do that with vservers? 1139409932 J * Roey ~katz@h-69-3-4-130.mclnva23.covad.net 1139409936 M * Roey hey all 1139409950 J * hallyn ~xa@c-24-11-243-196.hsd1.in.comcast.net 1139410828 Q * lonewolff Quit: leaving 1139410951 J * lonewolff lonewolff@adleman.lonewolff.info 1139410964 J * rene- ~rene@dsl-201-128-115-190.prod-infinitum.com.mx 1139411020 M * rene- hi, i have gotten running my first vserver. i want to add another one, i was using the bootstrap method but i want a faster way to do it since i dont want to be downloading the OS from the internet 5 more times, what are the options? 1139411044 M * Roey rene-: brute force? 1139411060 M * Roey rene-: basically, copy stuff and chnage the various config files by hand. 1139411076 M * SuperLag Hollow: you around? 1139411226 M * rene- ok will try that 1139411230 M * rene- thanks 1139411925 J * Smutje_ ~Smutje@xdsl-87-78-87-162.netcologne.de 1139412043 Q * SuperLag Quit: reboot 1139412044 Q * Smutje Ping timeout: 480 seconds 1139412044 N * Smutje_ Smutje 1139412048 Q * Kara_ Quit: 1139413259 M * daniel_hozac rene-: or create a local mirror and use that. 1139413458 J * SuperLag ~aaron@38.99.66.175 1139413876 Q * Doener Ping timeout: 480 seconds 1139415317 M * rene- that is cool option daniel 1139415539 N * ebiederm_zZ ebiederm 1139415553 Q * SuperLag Quit: brb 1139415854 J * PilatomiK ~tek@ADijon-151-1-107-132.w83-203.abo.wanadoo.fr 1139415916 M * PilatomiK hello hello 1139416094 J * SuperLag ~aaron@38.99.66.175 1139416106 M * daniel_hozac hi hi hi 1139416132 Q * shedi Quit: Leaving 1139416650 J * stefani ~stefani@superquan.apl.washington.edu 1139417168 Q * PilatomiK Remote host closed the connection 1139417747 J * Viper0482 ~Viper0482@p5497682B.dip.t-dialin.net 1139418243 M * prae arg! anybody have Bertl email ? herbert #13thfloor.at is correct ? 1139418513 M * stefani herbert@13thfloor.at 1139418513 Q * SuperLag Read error: Connection reset by peer 1139418553 J * SuperLag ~aaron@38.99.66.175 1139419090 M * prae stefani: thx for spambot :-\ 1139419279 M * stefani ? 1139419599 M * prae stefani: irc log is available on the net :-\ 1139419607 M * derjohn stefani, he meant that the adrdress will appear in the chatlogs get indexed and will be harvested by the spambot. Personally I dont think that makes much difference ;) 1139419636 M * stefani crap. 1139419725 M * derjohn prae, you need a spamfilter anyway ... If you get 1000 more or less a days does not make much differnce in these days .... :/ 1139420023 Q * weasel Write error: connection closed 1139420027 J * weasel weasel@asteria.debian.or.at 1139420602 J * Doener doener@i5387E8D0.versanet.de 1139420605 Q * mnemoc Ping timeout: 480 seconds 1139420845 Q * prae Quit: Execute Order 69 ! 1139421050 J * EtherNet ~EtherNet@OL240-101.fibertel.com.ar 1139421145 M * SuperLag Okay.... I'm curious if this will work. 2 NICs on my system. 38.99.66.175 and 176. I have the current guest set up on 176. If I can get more public IP addresses, can I set them up on that second interface as eth1:1,2,3,4 and have any services listen to teh addresses assigned to those aliased interfaces? (i.e. 38.99.66.177 assigned to guest number 2, and all services like sshd and httpd listen on that IP address) 1139421161 M * SuperLag or... am I still stuck with iptables, no matter what? 1139421443 M * Doener hm? not sure if i understood you, but if your guest has a public ip address, you don't need NAT rules, if you meant that... 1139421516 Q * gerrit Ping timeout: 480 seconds 1139421540 M * SuperLag Doener: I only have 2 physical ports to connect to. one IP address on each. I want to use the second port for all the guests, and I'm wondering if I can assign multiple public IP addreses to the same NIC, but have each address only used for one guest. 1139421583 M * FaUl SuperLag: yes, this is the comon use 1139421585 M * Doener of course, the virtualization is ip-based 1139421617 M * Doener it doesn't care about interfaces (except for hiding those that the vserver has no ip address on) 1139421639 M * Doener you don't even need 2 nics for that, one will do just fine 1139421670 M * SuperLag I wonder what kind of lag the guests will see, if they're running web stuff, all on the same NIC. 1139421749 M * Doener SuperLag of course ;) 1139421785 M * SuperLag daniel_hozac said he thought I could run 10 busy guests on this machine without any problem 1139421785 M * Doener j/k... well, if they exhaust the bandwidth, you'll see performance problems of course, otherwise it shouldn't matter I guess 1139421800 M * SuperLag Linux zoom 2.6.14-vs2.0.1-gentoo #2 Wed Feb 8 11:05:26 CST 2006 x86_64 AMD Athlon(tm) 64 Processor 3200+ AuthenticAMD GNU/Linux 1139421816 M * SuperLag 2GB of RAM, and 2x160GB SATA drives 1139421841 M * SuperLag 1 drive is for my Gentoo install, and the other drive I've split up with LVM for guests 1139421863 M * Doener lots of space... 1139421876 A * Doener is still happy with his 80GB raid-1... 1139421899 M * Doener but yeah, 10 guests should work fine 1139421902 A * FaUl needs 3x250gb raid5 for his music :-) 1139421910 M * SuperLag o.O 1139421919 M * SuperLag just how much music do you have? 1139421930 M * SuperLag we have 42GB worth at home 1139421947 M * FaUl well, my first 200gb-disk is full 1139421980 M * SuperLag ?! 1139421982 M * SuperLag damn 1139421988 M * SuperLag that's a LOT of music 1139422015 M * FaUl i like to have right music for every mood :-) 1139422019 M * SuperLag haha 1139422031 M * SuperLag any of you guys use Gentoo? 1139422040 M * SuperLag I know Hollow does, but he's AWOL :) 1139422047 A * FaUl but not on servers :-) 1139422101 M * Doener on my desktop and laptop i do... but just cause the x2 does a good job at compiling stuff ;) but I'm still looking for something else actually... 1139422130 M * FaUl Doener: why? 1139422137 N * Bertl_zZ Bertl 1139422140 M * FaUl hey bertl 1139422152 M * Bertl hey folks! 1139422157 M * brc_ Bertl! 1139422164 M * RoadRunnR Bertl: hi 1139422174 M * RoadRunnR back from sleep so early? ;-) 1139422176 M * SuperLag Doener: looking for something besides Gentoo? 1139422181 M * SuperLag is that what you mean? 1139422208 M * Doener well, because of the compilation times mostly... i have better things to do... 1139422227 M * SuperLag right 1139422238 M * SuperLag I'm a glutton for punishment. :) 1139422248 M * SuperLag I'm on the development team, with Hollow. 1139422272 M * Bertl RoadRunnR: well, after my accident, many places still hurt ... so I don't sleep too well ... 1139422283 M * Doener accident? 1139422319 M * Bertl slipped on the ice .. nothing critical damaged 1139422331 M * RoadRunnR good to hear 1139422400 M * Bertl just typing is a little trickier ... 1139422418 M * Bertl anyway .. 1139422434 M * Bertl RoadRunnR: so what did you test/find? 1139422480 M * RoadRunnR Bertl: Debina 2.6.12 without vserver works, 2.6.15 with vserver stable has the same problem 1139422488 M * RoadRunnR ups, Debian ... 1139422593 M * Bertl stable mean what patch version? 1139422620 M * RoadRunnR thats 2.6.15.3-vs2.0.1.2 1139422715 M * daniel_hozac what problem? 1139422732 M * daniel_hozac RoadRunnR: and do you see negative values in /proc/virtual/*/limit:VM? 1139422759 M * RoadRunnR daniel_hozac: if you build a vserver on mounted device, the mounted device can't umounted after the build finished 1139422764 M * Bertl daniel_hozac: guest creation leaves /proc and friends mounted, without any processes 1139422774 M * daniel_hozac oh right, i read about that. 1139422775 M * daniel_hozac sorry. 1139422804 M * RoadRunnR and the mounts don't show up anywhere 1139422833 M * daniel_hozac only on build, not on start/stop/enter etc.? 1139422850 M * Bertl RoadRunnR: okay, could you do me a favor and try with 2.6.15.3 vanilla? 1139422860 M * RoadRunnR i'm wondering why /proc and the rest get even mounted during the build, build seems not to start the server 1139422892 M * RoadRunnR Bertl: that would take a while, and i have to leave in about 30min, i could do it tommorow morning 1139422894 M * daniel_hozac a lot of scripts expect /proc to be present. 1139422904 M * daniel_hozac RoadRunnR: got a command for me? 1139422939 M * RoadRunnR daniel_hozac: vserver vsap4 build -m debootstrap --rootdir /var/lib/vservers/vsap --hostname vsap3.tpip.net --netdev eth2 --interface 192.168.2.207/24 --context 43 -- -d etch -m http://ftp.de.debian.org/debian-amd64/debian/ 1139422953 M * RoadRunnR the rootdir is mounted 1139423199 M * Bertl RoadRunnR: okay, will look into it anyway, but if we do not find a solution, please test it asap 1139423215 M * RoadRunnR kernelbuild is already underway 1139423325 M * daniel_hozac VM: 15202 -1 -1 0 1139423329 M * daniel_hozac hmm, how is that even possible? 1139423428 A * Dr4g_ just read his local paper, one of the peple near me is a nokia engineer, he has made a Pent 3 w/256mb RAM and a 40GB HDD out of a whiskey bottle 1139423453 M * daniel_hozac that was on /. a few days ago ;) 1139423507 M * Dr4g_ kewl 1139423520 M * Bertl daniel_hozac: what patch version is that? 1139423560 M * daniel_hozac Fedora 2.6.15.3 based with 2.0.1.2 + usock. 1139423597 M * daniel_hozac RoadRunnR: rm -fr /vservers/test/* post-build works fine. 1139423607 M * SuperLag Okay... I've got one guest running, and I'd like to clone it to 3 other, separate guests. Is the easiest way to do it, by rsyncing to fs tree over to each of the others? 1139423625 M * daniel_hozac (512 MiB file loop mounted at /vservers/test) 1139423645 M * RoadRunnR daniel_hozac: the rm on 2.0.1.2 worked for me as well, but i still could not umount the device, the rm stuff shows up only on 2.1 1139423653 M * daniel_hozac hmm, true. 1139423656 M * daniel_hozac umount does fail. 1139423675 M * RoadRunnR Bertl: might be important, i have the usock patch applied as well to all vservers 1139423720 M * daniel_hozac usock fix is a minimal virtualization problem only affecting UNIX sockets. 1139423768 M * RoadRunnR daniel_hozac: i know, but something invisible seems to be pinning the mount point, and thos UNIX sockets are invisible 1139424120 M * Bertl RoadRunnR: url? 1139424139 M * RoadRunnR url? for what? 1139424159 M * Doener daniel_hozac: does "chcontext --ctx 1 find /proc -name mounts | xargs grep test" show anything? 1139424189 M * Doener uhm, probably not, the xargs should also execute in ctx 1... 1139424228 Q * Viper0482 Quit: bin raus, 1139424231 M * daniel_hozac it is still mounted too. 1139424238 M * daniel_hozac it's the umount that fails. 1139424242 M * Doener chcontext --ctx 1 bash -c "find /proc -name mounts | xargs grep test" 1139424245 M * Doener that should do 1139424257 M * daniel_hozac that's what i did ;) 1139424261 M * Doener ok 1139424327 M * Doener context is gone, right? 1139424360 M * daniel_hozac yes. 1139424368 M * Bertl daniel_hozac: I'd suspect recent changes in namespaces 1139424377 M * Doener btw i was actually looking for test/proc etc., not just the test mount, the above probably had way too much output 1139424403 M * Bertl but the 2.6.12 has the same issues case looks suspicious in this regard 1139424403 M * daniel_hozac well, test/proc isn't a problem, it's long gone. 1139424417 M * daniel_hozac i.e. there is nothing in test anymore. 1139424444 M * Bertl daniel_hozac: or you just don't see it 1139424462 M * Doener hm, that somehow reminds me of the floating mount issue i once discovered 1139424471 M * Bertl daniel_hozac: the holder stuff might give some info (as it did for RoadRunnR) 1139424505 M * Bertl first we have to narrow it down .. maybe the 2.6.15 port is flawed? 1139424580 J * mnemoc ~amery@200.75.27.37 1139424611 M * daniel_hozac well, i was just trying to reproduce it. 1139424622 M * daniel_hozac any ideas on my odd VM values? 1139424624 M * RoadRunnR Bertl: i have a 2.6.13 kernel floating arround that i could try 1139424700 M * RoadRunnR to be precise: 2.6.13.2-vs2.1.0-rc2, although this version has a nasty vserver stop bug 1139424722 M * daniel_hozac (current was down below -250000 before i rebooted) 1139424744 J * gerrit ~gerrit@bi01p1.co.us.ibm.com 1139425054 M * Doener daniel_hozac: i assume you get EBUSY, right? 1139425171 M * daniel_hozac right. 1139425207 M * Doener ok, now that it is broken anyway, could you provide a --debug build log? (if that options exists at all, never tried) 1139425352 M * daniel_hozac doesn't work as expect, it's not passed to vserver-build. 1139425367 M * daniel_hozac +english 1139425393 M * Bertl daniel_hozac: it's the current or max value? 1139425438 M * daniel_hozac max was -1 all along. 1139425441 M * daniel_hozac still is. 1139425454 M * daniel_hozac (same host, different guest) 1139425492 M * daniel_hozac the -250000 values were after a kernel build. 1139425566 M * RoadRunnR Bertl: update, 2.6.13.2-vs2.1.0-rc2 works 1139425575 M * Bertl well, seems like there is a free accounted which was not allocated 1139425628 M * Bertl RoadRunnR: okay, so we are either struggling with a mainline issue, or the stuff was introduced in the 2.6.15 prot 1139425640 M * Bertl *port 1139425652 M * Bertl still the 2.6.12 kernel confuses me 1139425707 M * Bertl RoadRunnR: could you make a list (of all the kernels you tested so far) what worked and what not? 1139425712 M * Bertl I'll open a bug hunt for that in a few minutes 1139425822 M * RoadRunnR Bertl: working kernels so far: Debian-2.6.12, 2.6.13.2-vs2.1.0-rc2, not working: 2.6.16-rc1-vs2.1.0.9, 2.6.15.3-vs2.0.1.2 1139425912 M * RoadRunnR Bertl: update: working kernels so far: Debian-2.6.12, 2.6.13.2-vs2.1.0-rc2, 2.6.15.3, not working: 2.6.16-rc1-vs2.1.0.9, 2.6.15.3-vs2.0.1.2 1139425919 M * RoadRunnR so it's not a mainline issue 1139425946 M * RoadRunnR i have to leaf now, already too late ... 1139425951 M * RoadRunnR see u in the morning 1139425952 M * Bertl k, tx! 1139425962 M * Doener hm, building works on non-vserver kernels? 1139425972 M * Doener or is that a different issue now? 1139425999 M * RoadRunnR Doener: yes, building works 1139426014 A * RoadRunnR is AFK (for real now) 1139426018 M * Doener interesting... 1139426418 M * Hollow hey folks! 1139426514 M * Bertl hey Hollow! 1139426563 M * Hollow Bertl: dlimits have to be set after every reboot, right? 1139426615 M * Bertl yes 1139426654 M * Hollow same for vroot..? 1139426671 M * Bertl yep 1139426678 M * daniel_hozac how do you expect the kernel to keep any settings after a reboot? :) 1139426774 M * Hollow who knows... just wante to ensure it ;) 1139426823 M * Bertl well, it does for swsusp, no? 1139427494 M * Hollow btw.. an update for the vserver-utils design: http://home.xnull.de/misc/vudesign.jpg 1139427978 M * ebiederm Morning Bertl. 1139428203 M * Bertl morning ebiederm! 1139428242 M * ebiederm Bertl: I just got back from a midday nap and you were up so... 1139428289 M * Bertl heh 1139428555 M * ebiederm I think it is time I point out that the VPID patch is hopelessly broken. 1139428577 M * ebiederm In the shipping version of the OpenVz Kernel :) 1139428806 J * bonbons ~bonbons@83.222.39.180 1139428856 M * Bertl ebiederm: lol 1139428876 M * Bertl welcome bonbons! 1139428887 M * bonbons Hi Bertl! 1139429206 M * Hollow Bertl: what is VROOT_{INC,DEC}_USE for? 1139429487 J * prae ~benjamin@sherpadown.net 1139429740 M * Bertl Hollow: nothing anymore 1139429748 M * Bertl was pure test code back then 1139429806 M * brc_ bertl, does linux-vserver change proccess' nice ? 1139429815 M * brc_ if i start it with 0, will it change it to 19 ? 1139429819 M * Hollow ok 1139430214 M * Bertl brc_: not if you do not explicitely state so in the config 1139430253 M * brc_ even if the proccess is really CPU consuming ? 1139430272 M * brc_ i will analyse this further. one of my users says he starts a proccess with nice 0 and it goes to 19 1139430281 M * Bertl the nice value has nothing to do with the priority 1139430290 M * Bertl hope you do not confuse them 1139430321 M * prae Bertl: you have received my mail ? 1139430510 M * Bertl still catching up on my email, but I guess so 1139430747 M * ebiederm However nice the OpenVZ vpid approach is for them to use it appears impossible to maintain. 1139430786 M * ebiederm Although their OpenVZ kernel patch is better than what they posted to the list. 1139430874 M * prae Bertl: pardon ? 1139430903 M * daniel_hozac Bertl: is there any limit debugging? 1139430942 M * Bertl yes, various 1139430942 P * stefani I'm Parting (the water) 1139430947 M * daniel_hozac Bertl: current seems to decrease by one for each fork. 1139430968 M * Bertl for what limit? 1139430971 M * daniel_hozac VM 1139430979 M * daniel_hozac and max is still -1. 1139430983 M * Bertl okay, so we have a page not accounted which is released 1139430991 M * Bertl the max is explained by that 1139431001 M * daniel_hozac hmm? how so? 1139431002 M * Bertl the first guest exit will result in -1 1139431018 M * Bertl and -1 is the largest value so far :) 1139431050 M * daniel_hozac but current is 16693 (positive) right now. 1139431066 M * Bertl if (cur > max) nope 1139431087 M * Bertl it's a deficiency of the 'fast' implementation 1139431093 M * daniel_hozac ooh, it's unsigned? 1139431100 M * Bertl but as the case should not happen, it's not a problem 1139431176 M * Bertl daniel_hozac: debug_limit = 9 1139431181 M * Bertl daniel_hozac: debug_limit = 1<<9 1139431193 M * Bertl that should show all allocations and deallocations 1139431209 M * Bertl I assume some exec page is not accounted 1139431217 M * ebiederm Bertl: How is your hand doing today? 1139431232 M * Bertl daniel_hozac: so I'd search for new code where this might happen 1139431249 M * Bertl ebiederm: well, it hurts, but it's already better 1139431252 M * daniel_hozac total_vm? 1139431258 M * Bertl yup 1139431261 M * daniel_hozac i did that already. 1139431279 M * daniel_hozac (thus my stupid redundant comment about dup_mmap yesterday ;)) 1139431303 M * Bertl will look into it later .. currently I'm a little busy ... 1139431325 M * daniel_hozac yeah, i'll try with debugging. 1139432266 Q * EtherNet Quit: Leaving 1139432383 M * daniel_hozac hmm, i think i may have found it. i thought this hunk was already in the latest version. 1139432436 J * shedi ~siggi@inferno.lhi.is 1139432488 J * mef ~mef@targe.CS.Princeton.EDU 1139432554 M * brc_ Bertl: hehe ok 1139432697 J * lchvdlch ~nestor@200.48.10.9 1139432707 M * lchvdlch hi all 1139432710 M * lonewolff hi all 1139432732 M * daniel_hozac hi 1139432852 Q * lonewolff Quit: leaving 1139432966 J * lonewolff lonewolff@adleman.lonewolff.info 1139433373 J * oliwel ~mail-at-o@host-62-245-151-178.customer.m-online.net 1139433403 M * Bertl welcome oliwel! 1139433419 M * Bertl welcome lchvdlch! 1139433459 Q * bonbons Quit: Leaving 1139433529 M * lchvdlch hi Bertl 1139433537 A * oliwel waves hello to the crowd 1139433539 M * oliwel Hi Bertl 1139433593 M * oliwel Bertl: may I again ask fpr your help on a routing issue ;( 1139433629 M * Bertl sure .. 1139433925 M * oliwel ok.. 1139433932 M * oliwel so - I have a box with two vlans 1139433948 M * oliwel I have a guest that is only in one of them 1139433987 M * oliwel Problem: There is a route to the ip-network of the second vlan set inside the guest, but its invalid as its interface is not visible 1139434008 M * oliwel Result: I am unable to ping to another maschine that is in the other vlan 1139434030 M * oliwel I setup source based routing which wirks fine to all destinations outside the networks 1139434152 M * oliwel so any ideas ? 1139434335 M * daniel_hozac does the second VLAN route traffic to the first VLAN through the host? 1139434343 M * Bertl what does 'ping -I guest-ip other-ip' on the host give? 1139434481 M * ebiederm mugwump: Are you around? 1139434498 M * mugwump ebiederm: hi! 1139434530 M * ebiederm mugwump: FYI There is now a branch in my git tree with the patches I posted. 1139434562 M * mugwump ah yes, pspace-8-Feb-2006 1139434614 M * ebiederm Yes. It has the bug fixes I received as well as being ported to the latest 2.6.linus 1139434618 J * arnaud ~arnaud@d213-103-21-220.cust.tele2.fr 1139434625 M * arnaud hi 1139434639 M * Bertl welcome arnaud! 1139434653 M * arnaud :) 1139434672 M * arnaud Bertl, maybe you remember my question about loopback adress in vservers? 1139434675 M * mugwump ok, well let me know if you rename the head :) 1139434699 M * arnaud Bertl, yesterday, or two days ago 1139434726 M * ebiederm mugwump: I tend to do that whenever I rebase my diffs against a newer kernel, but saying something when it happens should be easy. 1139434764 M * Bertl arnaud: yes 1139434773 M * oliwel Bertl: pinging th guest IP from the other maschein works - so wverything that is issued in the host system works even with the guest ip 1139434849 M * arnaud so... i did set a local ip on lo on the first vserver interface, and an external ip on eth0 on the second vserver interface... i have a postfix in the vserver listening on loopback-only. but it won't send mail to other mx ("Invalid argument (port 25)"). 1139434865 M * arnaud when i remove the local ip of the vserver it works fine 1139434873 M * Bertl oliwel: ignore the other machine, test what I told you 1139434909 M * Bertl arnaud: guess you have to tell it to bind to the external ip 1139434913 M * oliwel I did - works 1139434952 M * arnaud Bertl, why?.. on a "real" server, a postfix listening on localhost can send mail to external mx... 1139434954 Q * lilalinux Remote host closed the connection 1139435111 M * oliwel Bertl: it works... 1139435129 M * oliwel Bertl: I guess that this is my problem: 1139435168 M * oliwel Destination Gateway Genmask Flags Metric Ref Use Iface 1139435170 M * oliwel 212.XX.XX.XX 0.0.0.0 255.255.255.192 U 0 0 0 * 1139435183 M * oliwel the interface is the second vlan 1139435258 M * Bertl if the ping works, then the guest can send packets too 1139435372 M * oliwel hmmm 1139435384 M * oliwel the ping works in the hos 1139435385 M * oliwel t 1139435390 M * oliwel but not inside the guest 1139435401 M * oliwel any idea for debugging 1139435663 M * Bertl show me the ping line which works on the host 1139435676 M * Bertl (use pm if required) 1139435726 M * prae Bertl: : host mail.13thfloor.at[212.16.62.50] said: 450 Client host rejected: cannot find your hostname 1139435728 M * prae :-\ 1139435730 M * oliwel ping -I 1139435754 M * prae (arg! sorry for the addr mail) 1139435756 M * oliwel I am a bit deeper.. 1139435782 M * oliwel Bertl: When I ping from inside the guest, a wrong senders ip is used 1139435800 M * Bertl ahem? 1139435812 M * Bertl it is supposed to use the -I ip, no? 1139435862 M * oliwel Bertl: very strange.... 1139435877 M * oliwel the guest has an "internal" ip and an external one 1139435910 M * oliwel when I know ping to the target maschien (other vlan) the internal ip is used 1139435912 M * oliwel as sender 1139435931 J * roadrunner ~cj@82.153.64.69 1139435979 M * daniel_hozac is the internal IP the first one assigned to the guest? 1139436019 M * oliwel daniel_hozac: yes 1139436040 M * daniel_hozac does ping -I work inside the guest? 1139436050 M * oliwel daniel_hozac: yes... 1139436082 M * oliwel so the question is - why does the guest use this ip... 1139436095 M * oliwel the default route is set .... 1139436100 M * oliwel and its another net 1139436110 M * daniel_hozac does it use the correct interface? 1139436125 M * arnaud eh, it looks like my problem with postfix 1139436145 M * oliwel daniel_hozac: seems to be "no"... 1139436150 M * arnaud (postfix bind to a local ip and trying to speak to external ip via local interface) 1139436158 M * daniel_hozac oliwel: and you checked that with tcpdump or similar? 1139436161 M * oliwel arnaud: might be similar 1139436168 M * oliwel I ran tcpdump on the host 1139436189 M * oliwel the targets are definitly coming from the internal adress - but going out to the correct vlan 1139436200 M * Bertl yes, tcpdumps are required to tell more 1139436269 M * oliwel Bertl: daniel_hozac: I will summarize the setup: 1139436294 M * oliwel Host has two NICs - one internal LAN, one external NIC with 2 VLANs on it 1139436332 M * oliwel The tartget I want to ping is in the internal LAN (192.168.xx) and in one of the vlans 1139436347 M * oliwel the guest is in internal and in the other vlan 1139436387 M * oliwel pinging from INSIDE the guest to the target shows on tcpdump: 1139436421 M * oliwel paket from to external address in vlan of target, leabing the maschine via the correct vlan 1139436590 Q * SiD3WiNDR Remote host closed the connection 1139436594 J * SiD3WiNDR luser@bastard-operator.from-hell.be 1139436641 M * oliwel this is the dump on the vserver host for the ping 1139436660 M * oliwel arp who-has 212.xx.xx.xx tell 192.168.200.5 - first adress is targets addres 1139436670 M * oliwel Bertl: still alive ? 1139436676 M * Bertl yup 1139436687 M * oliwel but no ideas..? 1139436707 M * Bertl 212.x.x.y is assigned to the guest too? 1139436719 M * oliwel no - but to the host 1139436736 M * Bertl well, so how is it supposed to work? 1139436741 J * Aiken ~james@tooax6-181.dialup.optusnet.com.au 1139436755 M * oliwel Bertl: should take the default route.... 1139436771 M * Bertl which would be? 1139436784 M * oliwel via the official address of the assigend vlan 1139436815 M * Bertl did you remove the direct route to the network on the host? 1139436848 M * Bertl (for source IPs in 192.168.200.x) 1139436872 M * oliwel hmm, no 1139436903 M * oliwel and exactly this is the problem 1139436906 M * Bertl so how does ping -I 192.168.200.5 target 1139436909 M * oliwel how can I achiev this 1139436912 M * Bertl work on the host then? 1139436957 M * oliwel its not working either .( 1139436976 M * Bertl but that's what I asked a few hours? ago, no? 1139436998 M * oliwel the system is not supposed to use the internal address 1139437012 M * oliwel No - you asked about the external address and this worked 1139437030 M * Bertl I asked about the vlan address, no? 1139437045 M * oliwel sure - but 192.168.200.5 is NOT the vlan address 1139437048 M * mef bertl: has anyone made progress of merging vserver wtih colinux? 1139437060 M * Bertl mef: not that I know of 1139437076 M * oliwel scroll up a bit . I described the system in detail a few lines above 1139437080 M * Bertl oliwel: so why is it supposed to use a gateway then? 1139437098 M * Bertl oliwel: and what gateway would that be? 1139437143 M * oliwel the target 212.x is in none of the two networks (192.168x and 82.x) that are occupied by the guest 1139437158 M * oliwel so I suppose it to use the default gateway 1139437356 P * mef 1139437559 M * Bertl which would be? 1139437594 M * Bertl oliwel: we need your routing tables 1139437605 M * Bertl look, dump the stuff somewhere and use a script to anonymize it if required 1139437831 M * oliwel Bertl: I removed the network routes to the target network and only added one to the gateway - now it works 1139437942 M * mugwump ebiederm: ok, I have your patches now... and I will endeavour to try to merge them at the appropriate moments 1139437967 M * mugwump as in, I've reviewed them, and they seem to implement lots of useful things for vserver 1139437976 M * ebiederm mugwump: Ok. 1139438042 M * mugwump In particular I like the way the the is_init() function is made, that will probably be the first I use as it is early on my roadmap 1139438047 M * ebiederm I intend to update my network and other namespace code in the near future to the latest kernel but I need to wrap up the design discussions first. 1139438091 M * ebiederm mugwump: That reminds me. is_init probably can be merged into the mainstream kernel. 1139438097 J * SuPrEmE ~OhYeah@pool-71-123-82-197.wma.east.verizon.net 1139438107 M * Bertl welcome SuPrEmE! 1139438111 P * SuPrEmE 1139438112 J * SuPrEmE ~OhYeah@pool-71-123-82-197.wma.east.verizon.net 1139438123 M * Bertl oliwel: so everything fine now? 1139438129 M * SuPrEmE Thanks. 1139438149 M * oliwel Bertl: 1139438161 M * oliwel here is the original routing table http://pastebin.com/545723 1139438182 Q * SuPrEmE Quit: 1139438202 M * oliwel Bertl: seems to work, must see how I can fiddle this in the gentoo config 1139438251 M * Bertl well, you are missing a source routing rule for 192.168.200.5 1139438275 M * Bertl you actually want to use table 103 for that too I guess 1139438331 M * Bertl btw, which rules belong to what table? 1139438349 M * oliwel Bertl: look at the pastebin 1139438399 M * Bertl I'm looking there, that's why I ask?! 1139438408 M * oliwel *g* 1139438410 M * oliwel ok 1139438428 M * oliwel but I dont understand your question 1139438443 M * oliwel table 103 contains the route to the gateway in 82.X 1139438444 M * Bertl I assume your dump shows only the main table, is that correct? 1139438449 M * oliwel yes 1139438450 M * SuperLag 1139438469 M * ebiederm Bertl: Why does vserver need a CLONE_ flag for kernel threads? 1139438487 M * Bertl oliwel: okay, so be it ... in this case you want to add the 192.x ip to 103 for the guest 1139438516 M * Bertl ebiederm: strictly speaking, it doesn't need it, but it is a good choice 1139438532 M * ebiederm ? 1139438533 M * Bertl ebiederm: we have to know what threads are kernel threads 1139438549 M * Bertl because they have to be handled special 1139438570 M * ebiederm Ok. I would have though testing if mm == &init_mm or something like that would have been sufficient. 1139438572 M * Bertl the clone flag was just a handy way to do it 1139438589 M * ebiederm I am fairly certain the kernel already has places where it does tests like that. 1139438603 M * oliwel Bertl: you mean - I should add a pointer from the sepcial IP of this guest to the routing table of the correct vlan...but I assuem that this wont change the ip address - so it will use the correct vlan but not the correct adress... 1139438613 Q * gdm Quit: leaving 1139438634 M * Bertl oliwel: the routing tables are used for routing decisions 1139438650 M * Bertl oliwel: the guest asks for a route with it's primary ip 1139438665 J * gdm ~gdm@64.62.195.81 1139438668 M * Bertl oliwel: the routing figures it wrong, so it will be sent wrongly 1139438703 M * oliwel Bertl: yes sure - but when I add "ip rule add from 192.168.200.5 table 103" 1139438719 M * oliwel the paket leaves thrpoug the correct gateway but still has the 192.x address ... 1139438729 M * oliwel so it will reach the target but never comes back... 1139438730 M * Bertl ebiederm: have to look into it, but for your purpose you can assume that we do not need the clone flag 1139438778 M * Bertl oliwel: is that so? 1139438783 M * oliwel Bertl: yes it is 1139438802 M * oliwel Bertl: I see the packets leaving the host "192.168.200.5 > 212.XX.XX.XX:" 1139438805 M * Bertl that could be a bug indeed, but it would be in the routing decision 1139438847 M * Bertl ah, did you add back the direct 212 route in the main table 1139438866 M * oliwel Bertl: suggestion - seems that it would help to remove all routing information taht uses interfaces that are not "visible" inside the guest 1139438878 M * oliwel Bertl: yes I did 1139438886 M * Bertl well, that explains it 1139438889 M * oliwel I can see the packets arriving on the target host 1139438902 M * Bertl look, the routing is host based 1139438927 M * oliwel Bertl: sure...but it raises lots of problems :( 1139438932 M * Bertl as long as we have no completely virtualized stacks, you cannot expect the routing decisions to ignore the host tables 1139438947 M * Bertl oliwel: no, it doesn't if configured properly 1139438967 M * Bertl main table: routes for everyone 1139438984 M * Bertl other tables: routes for separated units 1139438993 M * oliwel Bertl: it means that I must remove most entries from the host tables 1139438995 M * Bertl of course, the host is such a unit too 1139439026 M * Bertl you add them to a special 'host' table 1139439037 M * oliwel yes that is what I did.... 1139439038 M * Bertl and for host specific ips, you branch to that table 1139439060 M * Bertl that's how multi gateway routing works 1139439091 M * oliwel Bertl: routing with my source-based rules is fine... 1139439104 M * oliwel I will try a dirty trick ;) 1139439173 M * oliwel *gggggggg* 1139439183 M * oliwel Bertl: That was easy ;) 1139439224 M * oliwel I just swapped the order of the addresses....so I now assign the external one first - so the guest uses this one by default - no hazles... 1139439240 M * SuperLag hmm... http requests are still going to the host web server, and I can't start the httpd on the guest because it says port 80 is in use. This, even though they have unique public IP addresses??? 1139439267 M * Bertl oliwel: again, not unexpected, but, why do you want the internal at all? 1139439269 M * daniel_hozac SuperLag: httpd on the host? 1139439284 M * oliwel SuperLag: might be your host binds to all addresses - do a "netstat -nlt" 1139439293 M * Bertl SuperLag: by default your host's httpd is greedy 1139439305 M * oliwel Bertl: the internal network is for backup and maintenance 1139439332 M * Bertl oliwel: and how/why are the guests supposed to use it? 1139439361 M * Bertl daniel_hozac: a fork() is sufficient for the VM issues? 1139439365 M * oliwel The guests do some backup services via this lan 1139439377 M * SuperLag daniel_hozac: Bertl: yeah, I want to be able to run a web server, and I want anyone that has a guest to be able to run a web server. Hopefully without having to change to anything besides port 80. 1139439411 M * Bertl SuperLag: just remove the host's httpd or bind it to the host IP 1139439418 M * oliwel SuperLag: if you have appache look for the parameter "ListAddress" and enter your hosts IP here 1139439423 M * daniel_hozac Bertl: well, i'm not sure when it happens. when any process exits, the value is one lower than before starting it. 1139439431 M * Bertl SuperLag: the guests will be restricted to their IP subset by default 1139439510 M * SuperLag Bertl: elaborate on that last comment, because I don't get it :) 1139439577 M * Bertl okay, if you start a service that binds to 0.0.0.0 on the host 1139439579 M * daniel_hozac Bertl: but because the max is -1 initially, i guess it has to be on fork(). 1139439589 M * Bertl SuperLag: (the physical machine) 1139439610 M * Bertl then it will respond to any address which is available 1139439625 M * Bertl (including potential guest addresses) 1139439641 M * SuperLag Bertl: can they still all use port 80? 1139439650 M * Bertl if OTOH, you start a service inside the guest (again binding to 0.0.0.0) 1139439669 M * Bertl it will only respond to addresses it has been assigned 1139439672 M * mugwump Bertl: upstream fs/namespace.c has a new function, dup_namespace, which is strikingly similar to copy_namespace in your patch. 1139439682 M * oliwel Bertl: thx so far - would be nice to remove routes from the guests...will go to bed now, night will end in 5 hours... 1139439689 M * Bertl mugwump: excellent, patch is welcome 1139439709 M * arnaud grmpf, i still can't understand why my postfix binded to "lo" can't talk on eth0 in a vserver 1139439742 M * Bertl arnaud: again, I assume some misconfiguration 1139439750 M * Bertl daniel_hozac: 1139439756 M * Bertl could you try this: 1139439761 M * arnaud i think so... 1139439771 M * Bertl daniel_hozac: 1139439772 M * Bertl chcontext --xid 100 sleep 100 & 1139439778 M * Bertl grep VM /proc/virtual/100/limit 1139439785 M * Bertl chcontext --xid 100 true 1139439790 M * Bertl grep VM: /proc/virtual/100/limit 1139439809 M * Bertl (and check if the limit decreases) 1139439810 M * daniel_hozac hehe, i just did that ;) 1139439815 M * daniel_hozac yes. 1139439816 M * Bertl and? 1139439829 M * Bertl it is perfectly fine here on 2.6.16-rc1/2 1139439838 M * mnemoc Bertl: hi, have you get any sign of life from fefe? 1139439849 M * daniel_hozac yes, i think it could be a missing hunk in the Fedora version. 1139439849 M * SuperLag Bertl: I think this might be complicated by the fact that it's all on one physical NIC 1139439850 M * Bertl mnemoc: no, unfortunately not 1139439860 M * mnemoc Bertl: :( 1139439863 Q * oliwel Quit: Chatzilla 0.9.69.1 [Firefox 1.5/2005111116] 1139439863 M * Bertl SuperLag: no, not at all 1139439873 M * daniel_hozac Bertl: i'm rebuilding right now to see if it was that. 1139439887 M * Bertl daniel_hozac: will check with 2.6.15 too 1139439913 M * SuperLag ooooohhhh 1139439926 M * SuperLag I need to change the configuration on teh hosts webserver 1139439940 M * Bertl now you've got it! :) 1139439965 M * SuperLag well I was doing it on the guests... 1139439970 M * SuperLag but I forgot about the hosts. 1139439979 M * SuperLag I'm using lighty... I think the option is server.bind 1139439987 M * Bertl daniel_hozac: running testme.sh -L should write VM logs on exit to your kernel log too 1139439993 M * SuperLag but will it accept an IP for that option? or does it have to be a hostname? 1139440007 M * Bertl SuperLag: the host is the only place where you have to limit it 1139440060 M * Bertl SuperLag: and you want to change the Listen directive IIRC 1139440073 M * mugwump huh? where is copy_namespace called? 1139440099 M * SuperLag Bertl: I don't see any listen option in the lighttpd config file 1139440108 M * daniel_hozac Bertl: hmm, in stable too? what priority on the log messages? 1139440124 M * Bertl INFO or DEBUG 1139440131 M * mugwump oh, it's not added by vserver... 1139440149 M * Bertl daniel_hozac: (or WARN, sorry, not sure) 1139440166 M * SuperLag sweeeeeeeeeet 1139440169 M * SuperLag Bertl++ 1139440191 M * Bertl so I take this as problem solved, everythign works fine :) 1139440196 M * SuperLag yep 1139440213 M * SuperLag once I set the option on the host, the guests work fine 1139440340 M * Bertl daniel_hozac: but vserver debug has to be enabled in the kernel 1139440445 M * daniel_hozac ah, that's why then. i have it disabled right now. 1139440840 M * daniel_hozac do you expect an accounting fix in a function called from arch_setup_additional_pages (mm->total_vm += len >> PAGE_SHIFT) to fix something like this? 1139440969 M * daniel_hozac (part of Fedora's execshield patches) 1139441101 M * Bertl yup 1139441174 M * daniel_hozac ok, i'll test once the build is done. 1139441624 Q * prae Quit: Pwet 1139441966 M * mugwump failed to rmdir/unlink `//usr/lib/pt_chown.dpkg-tmp': Operation not permitted 1139441970 M * mugwump I hate that 1139441993 M * mugwump damn dpkg trying to chmod u-s before unlinking files for security :) 1139442513 M * ebiederm Darn it I think I just got the idea behind set_exec_env.() and the idea is potentially a good one. 1139442579 M * arnaud bind(11, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("127.0.0.231")}, 16) = 0 1139442579 M * arnaud fcntl64(11, F_GETFL) = 0x2 (flags O_RDWR) 1139442579 M * arnaud fcntl64(11, F_SETFL, O_RDWR|O_NONBLOCK) = 0 1139442579 M * arnaud connect(11, {sa_family=AF_INET, sin_port=htons(25), sin_addr=inet_addr("193.x.x.x")}, 16) = -1 EINVAL (Invalid argument) 1139442601 M * arnaud strace from the smtp server (bound to 127.0.0.231) 1139442997 M * Bertl how is the 193.x.x related to the guest? 1139443031 M * Skram hercules vservers # vkill --xid 17620 1139443045 M * Skram that /should/ work, right? 1139443109 M * arnaud Bertl, it is an external server 1139443173 M * daniel_hozac Skram: that's the idea.