1217203775 Q * datacompboy Quit: Õðÿï 1217204023 J * besonen_mobile_ ~besonen_m@71-220-224-216.eugn.qwest.net 1217204039 Q * besonen_mobile Ping timeout: 480 seconds 1217204868 J * doener ~doener@i577B90C8.versanet.de 1217204973 Q * doener_ Ping timeout: 480 seconds 1217207946 J * hijacker__ ~hijacker@213.91.163.5 1217211168 J * Moser_____ ~chatzilla@Yb542.y.pppool.de 1217211511 Q * Moser Ping timeout: 480 seconds 1217211527 N * Moser_____ Moser 1217214482 M * Bertl brb 1217214487 Q * Bertl Quit: leaving 1217214746 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 1217214746 T * ChanServ - 1217214775 T * * http://linux-vserver.org/ |stable 2.2.0.7, devel 2.3.0.34, grsec 2.2.0.7|util-vserver-0.30.215|libvserver-1.0.2|vserver-utils-1.0.3| He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki, and we forget about the minute. 1217214775 T * ChanServ - 1217214799 J * Bertl herbert@IRC.13thfloor.at 1217215114 M * Bertl back now :) 1217215224 Q * pisco Remote host closed the connection 1217215256 M * infotron wb 1217215575 M * Bertl had to move my 'irc' guest ... 1217215736 J * pisco ~pisco@tor.noreply.org 1217215902 Q * geb Quit: Quitte 1217216721 J * LHAmRh]rR ~hollow@proteus.croup.de 1217216790 Q * Hollow Read error: Connection reset by peer 1217216840 N * LHAmRh]rR Hollow 1217218644 M * Bertl http://www.linuxsymposium.org/2008/ols-2008-Proceedings-V1.pdf 1217218650 M * Bertl interesting results ... 1217218698 M * Bertl (ah, interesting part starts at page 63) 1217219965 M * Bertl and here the relevant part (tx to dowdle) http://ols.fedoraproject.org/OLS/Reprints-2008/camargos-reprint.pdf 1217221606 Q * nkukard Quit: Leaving 1217221724 M * Bertl okay, off to bed now ... have a good one everyone! 1217221730 N * Bertl Bertl_zZ 1217222524 J * SpComb terom@zapotek.paivola.fi 1217226605 J * yarihm ~yarihm@guest-docking-nat-1-030.ethz.ch 1217227690 Q * Aiken Quit: Leaving 1217228234 J * loddafnir ~mike@193.170.48.107 1217228509 J * dna ~dna@p54BCCA1E.dip.t-dialin.net 1217229715 N * DoberMann[ZZZzzz] DoberMann 1217231028 J * ssd ~gernot@83-64-146-228.klosterneuburg.xdsl-line.inode.at 1217232051 J * dna_ ~dna@p54BCDC50.dip.t-dialin.net 1217232428 Q * dna Ping timeout: 480 seconds 1217233430 M * matti Hi yang :) 1217233432 M * matti Hi Bertl :) 1217234978 M * m_o_d hello Bertlb 1217234985 M * m_o_d sorry 1217235148 Q * FireEgl Ping timeout: 480 seconds 1217235758 J * FireEgl FireEgl@adsl-226-44-63.bhm.bellsouth.net 1217236554 J * pmenier ~pme@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr 1217238869 J * renihs ~penguin@83-65-34-34.arsenal.xdsl-line.inode.at 1217239997 J * ktwilight_ ~ktwilight@216.107-66-87.adsl-dyn.isp.belgacom.be 1217239997 Q * ktwilight Read error: Connection reset by peer 1217240039 J * DLange ~DLange@dlange.user.oftc.net 1217241352 J * docelic ~docelic@78.134.205.138 1217241499 Q * laptopnenolod Ping timeout: 480 seconds 1217241499 Q * nenolod Ping timeout: 480 seconds 1217241548 M * harry_ Bertl_zZ: congrats... youve won on OLS virtualisation test :) 1217241558 J * friendly ~friendly@ppp59-167-161-54.lns1.mel4.internode.on.net 1217241891 M * harry_ is vserver dying??? 1217241972 M * harry_ there haven't been any updates... 1217241985 M * harry_ we're still stuck at 2.6.22, when there's 2.6.26 allready 1217242025 M * harry_ Bertl_zZ: q: you said openvz uses a completely virtualised networking stack, which makes it slower... when i look at the paper you pasted, i see the exact opposite 1217242029 M * harry_ how comes??? 1217242045 M * pmjdebruijn harry_ vserver isn't dying 1217242060 M * pmjdebruijn harry_: openvz is still on 2.6.18 btw 1217242124 M * pmjdebruijn and what paper 1217242191 M * pmjdebruijn harry_: anyway, a fully virtualized network stack, could make networking a little slower... not the entire machine 1217242363 M * harry_ http://ols.fedoraproject.org/OLS/Reprints-2008/camargos-reprint.pdf 1217242395 M * harry_ On the other hand, the performance of OpenVZ was 1217242395 M * harry_ disappointing, except when the workload included data 1217242395 M * harry_ transfer throughout the network, which proved to be a 1217242396 M * harry_ strength of this virtualization solution. 1217242485 M * harry_ pmjdebruijn: i don't see that much activity in vserver anymore... /me hadnt had work since march this year 1217242522 Q * pisco Ping timeout: 480 seconds 1217242543 M * harry_ in openvz... it's not that i'm a fan, but if i want to introduce vserver to my new work ... i have to give them a guarantee that this one will live 1217242560 M * harry_ since openvz has commercial support etc... it's "a bit more sure" than vserver imho 1217242572 M * harry_ tough i think vserver is better... 1217242585 M * harry_ anyway... /me food now 1217242597 M * harry_ i'll read remarks/answers/... later :) 1217242610 P * friendly 1217242814 M * FaUl harry_: as far as i can se vserver isn't dying, but there are a lot changes in 2.6.25 to work on - and it is work in progress, but still not feature-complete 1217243064 J * pisco ~pisco@tor.noreply.org 1217243438 J * tudenbart ~willi@xdsl-81-173-173-87.netcologne.de 1217243866 Q * dothebart Ping timeout: 480 seconds 1217243938 Q * ssd Quit: Ex-Chat 1217244472 J * nenolod ~nenolod@ip70-189-74-62.ok.ok.cox.net 1217244778 M * harry_ FaUl: we're at 2.6.26 allready... 1217244802 M * pmjdebruijn harry_: so? 1217244821 M * pmjdebruijn 2.6.26 has only been out two weeks or so 1217244830 M * ard Hmmm... a virtual network stack will make the machine slower, since most communications will go through that network stack :-) 1217244854 A * ard actually thought openvz was dead :-) 1217244953 J * dowdle ~dowdle@209-181-2-3.blng.qwest.net 1217245059 M * ard interesting that they can get a higher performance with xen than with vserver 1217245165 Q * dowdle Remote host closed the connection 1217245211 M * ard Ow, virtualization can make the machine go faster (according to the graphs...) 1217245317 J * dowdle ~dowdle@209-181-2-3.blng.qwest.net 1217245356 A * ard thinks the report looks nice 1217245374 M * ard lacks only a few important things to test 1217245557 M * harry_ like allways, but noone seems to be able to find a decent way to test virtualisations 1217245570 M * harry_ everyone wants it, noone can do it 1217246231 M * ard virtualization is more like a hype... 1217246257 M * ard having multiple sites served from apacha is also virtualization :-) 1217246259 M * ard eh 1217246261 M * ard s/a/e 1217246325 A * harry_ running a lot of virtual machines! 1217246331 M * ard The only thing you really want is to lower your cost of administration 1217246389 M * harry_ no i don't 1217246398 M * ard if maintaining 1000 physical servers is cheaper than 1000 virtual servers, than you should use the physical way ;-) 1217246399 M * harry_ i want the admin costs to be as high as possible 1217246405 M * harry_ ard: you're a strange man! :) 1217246448 M * pmjdebruijn ard: no he's the admin paid to support the machines :) 1217246448 M * ard well, hyping the virtualization makes virtualization more important than the administration costs ;-) 1217246456 M * dowdle ard: Well energy costs are very important now and 1,000 physical servers is almost certainly going to be way more expensive there. 1217246466 M * pmjdebruijn not only that 1217246471 M * pmjdebruijn it's great to seperate some services 1217246477 A * ard actually is glad that energy costs are high 1217246485 M * pmjdebruijn on my private machines I can upgrade my webserver setup, without affected other parts 1217246490 M * pmjdebruijn because it's in a vserver 1217246502 M * ard pmjdebruijn that's my opinion too... 1217246508 M * harry_ pmjdebruijn: yup : 1217246509 M * harry_ :) 1217246551 A * harry_ admin 1217246558 M * ard at home I really do not care about energy costs... I am already above 10MWh/year, that means my ecotax is reduced to almost nothing 1217246559 M * harry_ so i want me to get payd as much as possible! 1217246593 M * ard In holland big energy users are rewarded with lowered eco-tax's 1217246637 M * ard (45% of the energy bill is eco-tax) 1217246677 M * ard the splitting into vservers makes billing a bit harder: 1217246691 M * ard 1) you have to maintain more (virtual) servers, so you ask more money 1217246711 J * nkukard ~nkukard@41.5.174.198 1217246721 M * pmjdebruijn ard: you're dutch? 1217246742 M * ard 2) because of lesser influence of 1 system on the other, the time used to do the work lowers... 1217246751 M * ard pmjdebruijn : just like you I guess 1217246762 A * ard actually is 1/8th indonesian 1217246792 M * pmjdebruijn which datacentre? 1217246821 M * ard datacentre? 1217246844 M * ard you mean telegraaf? 1217246872 M * pmjdebruijn oh ? 1217246892 M * ard originally called telegraaf electronische media 1217246894 M * ard as34106 1217246898 M * pmjdebruijn ah 1217246926 M * ard we also host skyradio (with streaming and such), speurders, whatever 1217246935 M * ard and wagner.debian.org 1217246947 M * pmjdebruijn wagner is alioth 1217246962 M * ard alioth runs on wagner :-) 1217247014 M * ard we used to have security.debian.org too, but at some time there was a big security update 1217247052 M * ard and our internet connection was not really up to par... so we moved that one away 1217247080 M * ard now we probably can host security.debian.org without someone noticing it on the bill :-) 1217247114 A * ard still has 2 or 3 servers to prepare for debian donation 1217247149 M * harry_ debian donation... how low can you go 1217247152 M * harry_ hippies! :) 1217247177 M * ard you don't know how hard it is to do things like that in a commercial environment 1217247200 M * ard hp has a public-relations fund for that 1217247219 M * harry_ give it to some useful thought 1217247223 M * harry_ like... me 1217247225 M * harry_ no... not me 1217247238 M * harry_ give it to vserver/... ahm... 1217247241 M * harry_ who else needs funds 1217247251 M * harry_ anyway... give it to anyone but debian/openbsd people 1217247287 M * ard well, most (embedded) development uses debian as the primary source for source code... 1217247295 M * ard and debian != openbsd 1217247300 M * ard the licens is wrong 1217247304 M * ard eh +e 1217247424 M * harry_ i know 1217247430 M * harry_ but i don't like debian and i don't like openbsd 1217247432 M * harry_ ;) 1217247489 M * ard anyway: alioth.debian.org is not debian specific, more like a sourceforge 1217247506 A * harry_ has 1 machine... in germany 1217247508 M * harry_ and servers here 1217247519 M * harry_ but these machines have no public addresses 1217247522 M * harry_ really stupid :( 1217247529 M * harry_ no decent network connection 1217247532 M * harry_ no decent nothing 1217247577 J * docelic_ ~docelic@78.134.206.24 1217247591 M * ard you can rent decent colocated machines in germany 1217247773 J * dna__ ~dna@p54BCDC50.dip.t-dialin.net 1217247912 M * harry_ uhu 1217247992 Q * docelic Ping timeout: 480 seconds 1217248181 Q * dna_ Ping timeout: 480 seconds 1217248324 P * maks bella ciao 1217248371 N * Bertl_zZ Bertl 1217248376 M * Bertl morning folks! 1217248431 M * DLange morning & congrats on OLS/Camargo publication 1217248439 J * cryptronic ~oli@p54A3B549.dip0.t-ipconnect.de 1217248581 M * Bertl DLange: tx, but kudos to the testers .. not easy to compare so many technologies 1217248677 J * fort_sev ~fortsev@p5496DB5D.dip.t-dialin.net 1217248723 M * DLange do you have an idea why the sysbench scales so badly on vserver when #vservers > #cpu-cores? (p72f. in http://ols.fedoraproject.org/OLS/Reprints-2008/camargos-reprint.pdf) 1217248767 Q * nkukard Ping timeout: 480 seconds 1217248772 M * DLange (except for not leaving the other virtualisation solutions completely devastated :)) 1217248798 M * Bertl no idea .. but it's worth investigating ... btw, would appreciate some tests there with 2.6.22.19 2.2.x and 2.3.x as well as 2.6.25/vs2.3.x 1217249107 Q * fortsev Ping timeout: 480 seconds 1217250176 M * ard It also says that disk I/O is faster with linux-vserver than without. 1217250197 A * ard fails to see any reasons for that except for different kernel configurations 1217250296 M * ard I mean: at the part where I started to get interested (when it tries to figure out the differences between xen, linux, and linux with vserver patches), it stops and starts giving a conclusion :-( 1217250304 A * ard wants to see kernel things 1217250733 M * DLange Bertl: There must be something fishy around more MySQLs than cores inside vservers. Fig. 11 tells me 32 instances on the host work well. 32 instances in 32 vservers are 10 times slower than XEN. 1217250824 M * DLange It could be something around (memory) locking, thread affinity to CPUs (cores) etc. 1217250837 M * ard Well, if the report can explain why the I/O of linux-vserver is 1.3x faster than linux, I would be interested. 1217250865 M * ard I guess they failed to do good cache flushes and stuff like that 1217250893 M * ard next to that: mysql probalby knows the number of cpu's, and will behave according to that 1217251131 M * DLange yeah, but it would have seen the physical 2x2 from the test set-up 32 times and all instances wanted to use all four (thus a possible affinity issue) 1217251474 M * Bertl hmm, cpusets should help with the 'identifying' cpu issue 1217253032 M * harry_ Bertl dude!!!! 1217253057 M * Bertl harry_ dude :) 1217253076 M * harry_ question 1217253083 M * harry_ openvz uses a virtualised networking stack 1217253099 M * harry_ while vserver uses native stack and does network isolation, right? 1217253113 M * Bertl yup 1217253173 M * harry_ then i don't get why openvz is faster in networking 1217253185 M * harry_ it's "easier" for guests... more 'virtual' 1217253196 M * Bertl did you look at the netperf results? 1217253198 M * harry_ On the other hand, the performance of OpenVZ was 1217253198 M * harry_ disappointing, except when the workload included data 1217253198 M * harry_ transfer throughout the network, which proved to be a 1217253198 M * harry_ strength of this virtualization solution. 1217253251 M * harry_ On the other hand, the performance of OpenVZ was 1217253251 M * harry_ disappointing, except when the workload included data 1217253251 M * harry_ transfer throughout the network, which proved to be a 1217253252 M * harry_ strength of this virtualization solution. 1217253256 M * harry_ oops 1217253264 M * harry_ Figure 8 presents the results for both experiments. 1217253264 M * harry_ They confirm the strength of OpenVZ for tasks 1217253265 M * harry_ that include transfering data throughout the network 1217253279 M * Bertl that refers only to the rsync tests 1217253305 M * Bertl which I think could have benefited from something completely different (I'd guess the filesystem layer) 1217253331 M * harry_ the netperf test shows about the same network speed as vserver :S 1217253332 M * Bertl just think atime vs noatime for example 1217253356 A * harry_ has the noatime ;) 1217253596 M * harry_ so i don't get why openvz is so strong in networking, while they completely virtualise network stack 1217253610 M * harry_ it's the same in figure 7 1217253617 M * harry_ it's confirmed in figure 8 1217253635 M * harry_ even surpassed 1217253641 M * Bertl seems we are looking at different figure 7's 1217253680 M * harry_ don't think so 1217253686 M * harry_ vserver is only just above 1 1217253694 M * harry_ openvz is just below 1 1217253713 M * Bertl which shows that Linux-VServer is better there, no? 1217253742 M * harry_ there, yes 1217253744 M * harry_ but not much 1217253752 M * harry_ and with rsync large files or small files 1217253760 M * harry_ openvz is "much" faster 1217253773 M * harry_ that makes me believe that it's the same performance 1217253790 M * harry_ only: you can have your own routing/firewalling/... in eacht openvz container 1217253804 M * harry_ which is a major advantage in my environments 1217253815 M * Bertl as I said. I think something went wrong with the rsync test ... the OVZ performance there is too far off from the rest (IMHO) 1217253866 M * harry_ still... it's not much overhead to completely virtualise network stack 1217253871 M * harry_ as openvz results show 1217253883 M * harry_ i allways thought that was the weakness of openvz 1217253900 M * Bertl what do you expect from a throughput test? 1217253934 M * harry_ i'd gladly give in 2% of performance if it makes me not have to use advanced routing/ugly networking setups/tables/... 1217253937 M * Bertl check with a lot of concurrent access to small pages/info, you easily get 10-20% 1217253938 J * _gh_ ~gerrit@rchp4.rochester.ibm.com 1217253957 M * Bertl harry_: mainline (vanill) networking is ugly? 1217253961 M * Bertl *vanilla 1217253995 M * harry_ Bertl: i can't, since i don't have it, but as far as i can see, openvz wins in small files and large files (rsync) tough you think something went wrong... i don't see any tests that show differently 1217254006 M * harry_ Bertl: it is for virtualisation :) 1217254027 M * harry_ 5 servers, 5 networks, 5 machines 5 gateways 1217254029 M * harry_ all normal 1217254034 M * harry_ but if you use 1 vserver host 1217254046 M * Bertl harry_: well, (re)do the rsync test yourself, I would be suprised if rsync in a guest was slower than on the host (same fs/setup) 1217254050 M * harry_ it's not "easy" to see that routing is done correctly between all hosts 1217254098 M * harry_ Bertl: don't have the hardware here :( (new job, hardware is not allover the place here :() 1217254298 M * harry_ Bertl: http://www.fry-it.com/at/linux-virtualization-openvz-vs-vserver 1217254304 M * harry_ final points thought... 1217254320 J * quasisane ~sanep@c-75-68-62-13.hsd1.nh.comcast.net 1217254427 Q * docelic_ Quit: http://www.spinlocksolutions.com/ 1217254491 M * harry_ the entire localhost/loopback issue is "gone" if you virtualise networking stack 1217254505 M * harry_ and when i see the graphs of netperf... the performance impact is extremelyminimal 1217254528 M * harry_ especially seen the advantages 1217254586 Q * xdr Ping timeout: 480 seconds 1217254812 M * harry_ My only issue with linux-vserver is the lack of network interface 1217254812 M * harry_ virtualisation, but I've been working around that for so long it's not 1217254812 M * harry_ really that much of an issue for me. 1217254818 M * harry_ that's what i find so much... 1217254837 M * harry_ so Bertl ... is there a chance that you/we/...'ll ever do that? 1217255126 M * Bertl there is no reason for me/us that we do that ... it will be in mainline with 2.6.26+, so everybody can use it (and compare it to simple isolation) 1217255329 M * harry_ as wikipedia says... it's one of the major disadvantages of vserver over openvz 1217255343 M * harry_ i think if you fix that, it'd be better over the entire line 1217255362 M * harry_ what will be in mainline 2.6.26? 1217255365 M * Bertl well, I consider it one of the major advantages :) 1217255415 Q * ruskie Ping timeout: 480 seconds 1217255441 M * Bertl harry_: network namespaces 1217255449 J * dowdle_ ~dowdle@scott.coe.montana.edu 1217255464 M * harry_ Bertl: i don't get it... why is it an ADvantage? 1217255486 M * Bertl because you can get rid of a lot of complicated things 1217255488 M * harry_ it's not even slower to virtualise it 1217255500 M * harry_ ah 1217255501 M * Bertl it is, trust me 1217255545 M * Bertl let me give you an example why and where I consider network isolation an advantage over full stack virtualization 1217255582 M * Bertl let's consider a setup, where we have 50 guests, all serving web pages with httpd (one on each of them) 1217255605 M * harry_ uhu 1217255615 M * harry_ i see that 1217255616 M * Bertl let's further assume, each guest has a single IP (public) assigned 1217255628 M * harry_ i can see the advantage here... 1217255733 M * Bertl well, now if you already see the advantage of 'normal' linux networking, over 50 stacks being combined over a bridge (with 50 participants :) 1217255767 M * harry_ mkay 1217255770 M * Bertl what about a setup, where you actually want to have http and smtp on the same ip, but in different contexts? 1217255774 M * harry_ now, put yourself into my shoes 1217255795 M * harry_ i want to virtualise an entire rack 1217255811 M * harry_ 10 machines all using loopback for some reason, all in different networks 1217255837 M * harry_ i want to virtualise all those into 1 vserver machine 1217255841 M * Bertl then you can use network contexts (in the near future :) 1217255849 M * harry_ wiiiiiiiiii 1217255857 M * harry_ than that's nice :) 1217255861 M * Bertl there is no solution which fits all cases perfectly 1217255867 A * harry_ gives Bertl a happy happy joy-kiss! 1217255913 M * harry_ it's true 1217255946 M * harry_ but... apache has virtualisation... so i don't see a reason to make 50 different servers for 50 sites 1217255968 M * pmjdebruijn harry_: shared hosting sucks 1217255973 M * harry_ if you need 50 https machines, you take 50 ip's and assign them 1217255974 M * pmjdebruijn it's hard to secure properly 1217255980 M * harry_ pmjdebruijn: ahmm... no it's not 1217255988 M * harry_ it might be, if you don't know what you're doing 1217256009 M * pmjdebruijn harry_: depends on custom requirements... if they expect all crappy PHP crap to work properly it is 1217256025 M * pmjdebruijn customer* 1217256055 M * harry_ pmjdebruijn: i worked at KULeuven, we had about 300 vurtual hosts and 25 https virtual hosts 1217256065 M * harry_ it's easy once you set it up correctly 1217256081 M * pmjdebruijn harry_: how did you secure PHP then? 1217256086 M * harry_ plus: it's also quite hard to use 50 virtual guests.... 1217256090 M * pmjdebruijn suexec+fastcgi? 1217256104 M * pmjdebruijn harry_: PHP basedir? 1217256105 M * harry_ pmjdebruijn: collegue did that ;) 1217256126 M * pmjdebruijn harry_: right... so let me repeat... it's total shite to manage a reasonably secure setup 1217256137 M * harry_ don't get me wrong here.. i'm a vserver fan ;) 1217256139 M * pmjdebruijn making vserver of them all isn't fun either 1217256182 Q * pisco Ping timeout: 480 seconds 1217256216 M * harry_ pmjdebruijn: can you imagine how hard it was for me to explain routing for all our guests in different networks? 1217256221 M * harry_ loopback : no 1217256235 M * harry_ the rest... if you add a vlan/network, add it to /etc/iproute2/rt_tables 1217256248 M * harry_ configure a script to add routes/rules for those networks 1217256251 M * Bertl harry_: loopback is not a problem, routing neither, if you know how to use multiple routing tables 1217256254 M * harry_ if ... 1217256265 M * harry_ Bertl: true... but not many people know that :) 1217256266 M * sid3windr harry_: you don't work at kuleuven anymore? 1217256276 M * harry_ (hence my scripts on my vserver website ;)) 1217256279 M * harry_ sid3windr: nope 1217256280 M * Bertl harry_: well, that's Linux mainline networking :) 1217256281 M * sid3windr ic :) 1217256300 A * harry_ now works at ksz-bcss.fgov.be 1217256305 M * harry_ Bertl: true :) 1217256323 A * harry_ likes kinky networkings... but not all admins are as good with networking as ... well... me ;) 1217256327 M * sid3windr fgov! ;/ 1217256367 M * harry_ yesh 1217256369 A * harry_ home now 1217256375 M * harry_ sid3windr: its social secrity 1217256391 M * harry_ not anything that says i can't hack ;) 1217256405 M * harry_ anyway... work complete... -==> home now 1217256460 M * harry_ tnx for al lthe info/talk you guys... (especially bertl for the network namespaces) 1217256471 M * Bertl you're welcome! 1217256620 J * nkukard ~nkukard@41.6.10.191 1217257062 Q * dowdle Remote host closed the connection 1217257091 N * dowdle_ dowdle 1217257141 Q * dowdle Remote host closed the connection 1217257260 J * dowdle ~dowdle@scott.coe.montana.edu 1217257385 J * pisco_ ~pisco@tor.noreply.org 1217257638 J * ruskie ruskie@ruskie.user.oftc.net 1217257940 J * larsivi ~larsivi@124.Red-213-96-91.staticIP.rima-tde.net 1217258321 J * laptopnenolod ~nenolod@ip70-189-74-62.ok.ok.cox.net 1217258531 J * xdr ~xdr@gote2.250.cust.blixtvik.net 1217259672 M * ard Hmmm, I "client" of mine recently asked if he was behind a firewall because a new daemon he started was not accessible 1217259700 M * Bertl and? 1217259718 M * ard Not only was is vserver behind a very tight iptables, his server was behind pound... 1217259728 M * ard eh, his vserver 1217259747 M * ard and he had no real worldconnections at all... 1217259785 M * ard It never bothered him, and he actually never noticed it. I just set up a nice resin/java environment with ssh access, and he was happy 1217259798 M * sid3windr pound? 1217259807 M * ard lightweight http proxy 1217259810 Q * larsivi Ping timeout: 480 seconds 1217259846 M * sid3windr neat 1217259868 M * ard Before I had a chance to explain how it works, he already fixed his java program to use plain http 1217260030 J * ntrs ~ntrs@77.29.67.15 1217260610 N * DoberMann DoberMann[PullA] 1217260701 Q * pisco_ Remote host closed the connection 1217260859 J * pisco ~pisco@tor.noreply.org 1217261083 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1217262400 J * ntrs_ ~ntrs@77.29.75.98 1217262789 Q * ntrs Ping timeout: 480 seconds 1217262920 Q * nkukard Quit: Leaving 1217262940 Q * yarihm Ping timeout: 480 seconds 1217263045 J * yarihm ~yarihm@guest-docking-nat-1-018.ethz.ch 1217264022 Q * xdr Ping timeout: 480 seconds 1217264791 Q * arachnist Remote host closed the connection 1217264796 J * arachnist arachnist@atlnts.org 1217264963 J * larsivi ~larsivi@124.Red-213-96-91.staticIP.rima-tde.net 1217265139 Q * arthur Read error: Connection reset by peer 1217265268 N * DoberMann[PullA] DoberMann 1217265739 J * arthur ~arthur@pan.madism.org 1217265902 Q * arthur Remote host closed the connection 1217266669 J * nkukard ~nkukard@196.212.73.74 1217267312 Q * larsivi Ping timeout: 480 seconds 1217268476 Q * DLange Ping timeout: 480 seconds 1217268828 J * DLange ~DLange@dlange.user.oftc.net 1217271186 Q * yarihm Quit: Leaving 1217271690 J * rcatwood ~rcatwood@xe01.mt.ic.ac.uk 1217271727 M * rcatwood hi .. I dont understand how to contact the network from inside the vserver .. e.g. to install extra packages ? 1217271796 M * rcatwood .. or to install the packages into the vserver from the host context? 1217271811 M * rcatwood deb guest, redhat host ... 1217272832 Q * pisco Ping timeout: 480 seconds 1217273553 J * arthur ~arthur@pan.madism.org 1217273919 M * Bertl rcatwood: nothing special is required 1217273982 M * Bertl rcatwood: and you can use the v* wrappers (vyum, vrpm, vapt-get) to handle package installation for guests 1217273987 M * rcatwood Bertl: ok I dont understand why it is not working, after entering the vserver, apt-get just waits and doesnt connect, no outside address are pingable ? 1217274011 M * Bertl did you assign a routble IP to the guest? 1217274019 M * Bertl *routeable 1217274048 M * rcatwood Bertl: which part of TFM is that explained in> I did what is in the documentation 1217274053 M * rcatwood ? 1217274092 M * Bertl there is nothing special regarding networking (in Linux-VServer) it uses IP isolation 1217274120 M * Bertl so, best you forget anything you learned about virtual networking and stuff, and just look at it from the Linux host perspective 1217274128 M * rcatwood guest is 192.168.2.10 1217274140 M * Bertl okay, what happens on the host if you do: 1217274150 M * Bertl ping -I 192.168.2.10 www.google.com 1217274199 M * rcatwood PING www.l.google.com (66.249.93.104) from 192.168.2.10 : 56(84) bytes of data. 1217274207 M * rcatwood 22 packets transmitted, 0 received, 100% packet loss, time 20999ms 1217274223 M * Bertl see, that is why your guest doesn't reach the outside :) 1217274244 M * Bertl now, what is your host setup (including internet access) 1217274244 M * rcatwood hmm. I woudl say that is indication that guest doesnt reach outside, but does not explain why 1217274282 M * rcatwood Bertl: what information='host setup'? 1217274297 M * Bertl I mean, 'ping www.google.com' probably works, no? 1217274310 M * rcatwood yes 1217274323 M * rcatwood or I might have trouble talking here :-) 1217274337 M * rcatwood ok, actually I am not really on teh same system :-( 1217274353 M * rcatwood but that system can indeed ping google. 1217274359 M * Bertl okay, so that obviously doesn't use the same ip then, but, does it use a private IP too? 1217274377 M * Bertl like 192.168.2.1 or so? 1217274386 M * rcatwood no its 155.198 etc. 1217274426 M * Bertl okay, so no wonder then that 192.168.2.10 doesn't work for your router, no? 1217274461 M * Bertl the question now is, do you intend to share the assigned public IP with the guest? 1217274509 M * rcatwood http://linux-vserver.org/Building_Guest_Systems 1217274516 M * rcatwood that is the process I followd 1217274536 M * Bertl and that's perfectly fine, you have your guest :) 1217274571 M * rcatwood so guest could be built with eth0:155.198 etc etc instead, and simply use teh same interface? 1217274580 M * Bertl now to make some progess here, your options are like this: 1217274606 M * Bertl - get a new public IP (e.g. 155.198.1.42) (not the host ip) and use that 1217274625 M * Bertl - use a private IP (as you did) and S/DNAT it to the 'shared' public one 1217274648 M * Bertl - setup your upstream router to masquerade the 192.168.2.10 1217274701 M * rcatwood Bertl: so you setup iptables on the host for option 2 then? 1217274727 M * Bertl yep, specifically the postrouting chain, with an SNAT target 1217274821 M * rcatwood ugh kernal lacks that feature :-( 1217274830 A * rcatwood builts new one 1217274844 M * Bertl do you have a second public IP at hand? 1217274862 M * Bertl i.e. one which gets routed by your router besides the host IP? 1217274925 M * rcatwood hmm. thats a bit out of my hands , they get dhcp'd 1217274960 M * rcatwood there's one for a server that is down jsut now ... 1217274978 M * rcatwood but it might not like a different mac addr trying to get it! 1217275057 M * Bertl well, was just an option :) 1217275082 A * rcatwood coudl try rebooting with new kernel 1217275098 M * rcatwood on this beast it just takes 46 seconds to build :-) 1217275113 M * Bertl good :) 1217275137 M * rcatwood brb 1217275164 M * rcatwood ah the beauty of screen -r -d 1217275243 M * rcatwood .. the faster the server teh longer it takes to reboot .... 1217275874 Q * bonbons Quit: Leaving 1217275894 M * rcatwood Bertl :-) it works now, thanks 1217275905 M * Bertl you're welcome! feel free to hang around 1217276860 M * rcatwood hmm. now cannot figure out the X11 display forwarding 1217276895 M * Bertl best use ssh to enter the guest, make sure it has x11auth isntalled and running, check the DISPLAY variable and magic cookie :) 1217276937 M * rcatwood tried with and without X11UseLocalhost no 1217276996 M * rcatwood gets /usr/bin/X11/xauth: (stdin):1: bad display name "lenny32:10.0" in "remove" command 1217277017 M * Bertl what gives 'ping lenny32' 1217277052 M * rcatwood ping: unknown host lenny32 1217277070 M * Bertl here you go :) 1217277079 M * rcatwood but /etc/hostname has lenny32, but $HOSTNAME has the master host name instead! 1217277093 M * Bertl adjust the /etc/hosts to resolve that properly 1217277121 M * rcatwood then shoudl lenny32 be 192.168 etc. etc. ? 1217277134 M * rcatwood or 127.0.etc.etc? 1217277139 M * Bertl well, it needs to be the IP the ssh did bind to 1217277156 M * rcatwood which information is obtained from ....? 1217277160 M * Bertl if you have only a single IP assigned to the guest, that one would it be 1217277184 M * Bertl if you are using vs2.3.x with full loopback isolation, you can use 127.0.0.1 too 1217277186 M * rcatwood I am sofar not familiar with assigning more than one ... 1217277235 M * rcatwood 192.168.etc.etc seems to work 1217277244 M * Bertl excellent! 1217277360 M * rcatwood xeyes ! 1217277425 M * Bertl congrats! 1217278610 M * rcatwood ok ... how to create tmpfs on /dev/shm ? 1217278615 M * rcatwood any hints? 1217278633 M * Wonka mount -t tmpfs tmpfs /dev/shm 1217278638 M * Bertl rcatwood: just put it in the fstab in the guest config 1217278655 M * rcatwood mount: permission denied 1217278672 M * Bertl that's expected _inside_ the guest 1217278683 M * Bertl (without the proper capabilities) 1217278692 M * rcatwood ah, so I can just do it on the host? 1217278699 M * Wonka argh. thought i was in another channel. 1217278714 M * Wonka what I said of course doesn't work inside a vserver 1217278714 M * Bertl rcatwood: yes, you can do that too, but you have to enter the guest's namespace 1217278731 M * rcatwood guests namespace? 1217278773 M * Bertl yep, private namespace, a mainline Linux feature for some years :) 1217278783 M * Bertl (see vnamespace --help for details :) 1217278790 M * rcatwood .. which i have never used though I used linux since 1992 1217278915 M * rcatwood man No manual entry for vnamespace 1217278927 M * Bertl that's why I said --help :) 1217278947 M * rcatwood but that does not define its terms. What's a context? 1217278960 M * rcatwood 'make current namespace the namespace of the current context' ? Huh? 1217278989 M * Bertl context is the term for the 'space' processes are confined in in Linux-VServer 1217279017 M * rcatwood and 'current' ? 1217279021 M * rcatwood and 'namespace'? 1217279037 M * Bertl the namespace is the private namespace we are talking about 1217279051 M * Bertl i.e. some kind of view into the vfs 1217279081 M * rcatwood does the namespace have a name? 1217279086 M * rcatwood or does teh context have a name? 1217279113 M * Bertl the namespace has no name, the contexts have numbers, and you can use the guest name to refer to the context id 1217279134 J * Aiken ~james@ppp121-45-211-74.lns2.bne1.internode.on.net 1217279176 M * Bertl try 'vnamespace --enter -- /bin/bash' 1217279189 M * Bertl replace with your context name or id 1217279192 M * rcatwood is a 1217279193 M * rcatwood oops 1217279194 M * rcatwood ok 1217279245 M * rcatwood vserver2]# ... 1217279258 M * Bertl now you can 'see' all the mounts of the guest 1217279278 M * Bertl and also create new ones, but you are still on the host 1217279330 M * rcatwood hmm. no 'mount' returns the mounts of the host in this 1217279333 M * rcatwood context 1217279350 M * Bertl mount doesn'T know anything, it just repeats /etc/mtab 1217279355 M * Bertl check with /proc/mounts 1217279381 M * rcatwood umm... so what means "now you can 'see' all the mounts of the guest" ? 1217279410 M * Bertl if you are not in the namespace, you don't see them 1217279424 M * rcatwood see ? 1217279429 J * vargadani ~vargadani@catv-598710d9.catv.broadband.hu 1217279440 M * Bertl they are not there in this view into the vfs 1217279463 M * vargadani hi folks 1217279468 M * vargadani hi Herbert 1217279472 M * Bertl hi 1217279487 M * rcatwood sorry to be thick but I dont know what a "view into the vfs" is 1217279511 M * Bertl let me give you an example 1217279515 M * rcatwood if I go cat /proc/mounts what shall I see? 1217279537 M * Bertl at any time, you see what the 'current' namespace contains 1217279546 M * rcatwood if I issue the command " cat /proc/mounts" at the command line in the host context what shall I see? 1217279559 M * daniel_hozac the mounts in the host context's namespace. 1217279574 M * rcatwood and after entereing a vnamespace ? 1217279590 M * daniel_hozac the mounts in that guest's namespace. 1217279608 M * vargadani rcatwood: why what's wrong? 1217279609 M * rcatwood it seems that I see both host and guest mounts in the latter case. 1217279629 M * daniel_hozac some host mounts are preserved when cleaning up the guest's namespace. 1217279634 M * rcatwood vargadani: tryign to do simple things while not understanding the jargon used for this program! 1217279642 J * geb ~geb@AOrleans-151-1-16-28.w90-21.abo.wanadoo.fr 1217279653 M * vargadani I understand your pain O_o 1217279660 M * daniel_hozac i.e. the ones required to run the utils, /dev and /proc. 1217279661 M * rcatwood o_0 1217279728 M * rcatwood ok so / is needed and the /data where the root of the virtual installation resides also .. 1217279770 M * rcatwood but to add the /dev/shm expected by some installed package as a tmpfs .. 1217279773 M * geb hi 1217279794 M * daniel_hozac Bertl: any pressing issues i should look at? 1217279856 M * Bertl you mean regarding 2.6.26? 1217279879 M * Bertl (or userspace ?) 1217279887 M * rcatwood If I issue the command " mount tmpfs /data/vdir/vserver2/dev/shm -ttmpfs " while in the vserver2 namespace, 1217279889 M * daniel_hozac either. 1217279917 M * Bertl daniel_hozac: I have a version here without ipv4/6 and the bme stuff removed 1217279935 M * rcatwood it doesnt seem to do what I want! 1217279942 M * Bertl daniel_hozac: if you like I can upload it and the ipv4/6 patches, which need some love 1217279976 M * daniel_hozac rcatwood: and what do you want to do? 1217279993 M * daniel_hozac Bertl: sure... what's the problem with the IPv[46]? 1217280005 M * Bertl rcatwood: as I suggested, it's simpler to add it to the guest's fstab and restart the guest :) 1217280032 M * Bertl daniel_hozac: some changes to the lookup (address related) funtions so most of the hunks do not apply without slight modifications 1217280052 M * rcatwood not have jackd' crash complaining that /dev/shm isnt there 1217280068 M * Bertl jackd is audio, no? 1217280076 M * rcatwood Bertl: yes 1217280088 M * Bertl rcatwood: what do you want with that in a guest? 1217280105 J * larsivi ~larsivi@124.Red-213-96-91.staticIP.rima-tde.net 1217280147 M * rcatwood to build applications e.g. ardour etc. on the monster machine that will run on little machine (using 32 bits guest) 1217280159 M * rcatwood clean build system (ideally) 1217280174 M * Bertl and a build system uses jackd for what exactly? 1217280185 M * rcatwood test that it works first! 1217280186 M * Bertl beeping when it is finished? :) 1217280195 M * rcatwood the applciation requires it 1217280213 M * Bertl interesting, well, should work, I don't see a reason why not 1217280224 M * rcatwood it can use dummy driver, doesnt need to beep! 1217280239 M * Bertl (won't be able to do realtime stuff though, without proper caps) 1217280336 M * rcatwood ok its working but I am cnfused since the user logged in to the guest via ssh , issuing 'mount' command, does not 'see' the /dev/shm mount ? 1217280455 M * Bertl daniel_hozac: uploaded the pre and the two patches (labeled strip) to the usual place .. 1217280455 M * rcatwood aah but now after stopping and restarting the guest it doesnt work again 1217280482 M * Bertl rcatwood: as I said, the mount command is very primitive 1217280497 M * Bertl it just shows you the contents of /etc/mtab 1217280512 M * Bertl well, actually less than that :) 1217280513 M * rcatwood Bertl: but adding to fstab and restarting the guest seems not to work 1217280535 M * Bertl check with /proc/mounts inside the guest 1217280552 M * Bertl if it is missing there, then you did something wrong 1217280569 M * Bertl also note that we are talking about the fstab _in_ the guest's config 1217280590 M * daniel_hozac i.e. not /etc/fstab in the guest. 1217280604 M * rcatwood daniel_hozac: ahh. 1217280695 M * daniel_hozac rcatwood: the reason mount doesn't see it is because you used mount from within the guest's namespace, but in the host's root filesystem. 1217280705 M * daniel_hozac which means that mount wrote to /etc/mtab on the host, not on the guest. 1217280721 M * daniel_hozac mount is silly that way. 1217280757 M * rcatwood ack bash compleation doesnt work properly for user logged in via ssh to the guest :-( minor annoyance 1217280781 M * Bertl rcatwood: some misconifguration on your side? 1217280786 M * daniel_hozac define "doesn't work properly". 1217280799 M * rcatwood hit tab and get message like e.g.: 1217280811 M * rcatwood -bash: /dev/fd/62: No such file or directory 1217280832 M * Bertl when you enter with ssh? 1217280833 M * rcatwood instead of completion of the command that was partly typed 1217280863 M * daniel_hozac ln -s ../proc/fd /dev/fd 1217280865 M * rcatwood yes it seems to work for root having entered via 'vserver .. enter' 1217280876 M * Bertl what kernel/patch do you use? 1217280881 M * daniel_hozac i mean, ln -s ../proc/self/fd /dev/fd 1217280895 M * daniel_hozac try using su -... 1217280900 M * rcatwood Linux version 2.6.22.19-vs2.2.0.7vserver (root@mt-xe06.mt.ic.ac.uk) (gcc version 4.1.2 20070626 (Red Hat 4.1.2-14)) #10 SMP Mon Jul 28 20:34:48 BST 2008 1217281013 M * Bertl daniel_hozac: do you know, is the princeton machine down again? 1217281041 M * daniel_hozac hmm, it might have been moved. 1217281054 M * daniel_hozac i'm not sure which rack it was in. 1217281130 M * rcatwood ok 1217281443 M * rcatwood thansk, all is working now! 1217281457 M * rcatwood thanks 1217281459 M * Bertl excellent! 1217281463 M * rcatwood Wheee! 1217281568 M * rcatwood scons: done building targets. 1217281576 M * rcatwood real 2m5.961s 1217281592 M * rcatwood that takes hours to build on the little system! 1217281620 M * Bertl little system being something with a 32bit intel architecture? 1217281626 M * rcatwood yep 1217281641 M * Bertl everything is relative :) 1217281662 P * cryptronic Leaving. 1217281675 M * rcatwood alo this one has multicores , its faster, but it is a bit heavy to carry around.... 1217281716 M * rcatwood and the tractor battery you woudl need to run it off woudl still only last a hour or so probably ... 1217281752 M * rcatwood oopps gotta go .. later.. 1217281772 M * Bertl which gives you almost 30 builds :) 1217281894 M * Bertl okay, off to bed now .. kind of tired ... don't really know why ... maybe back later ...cya 1217281903 N * Bertl Bertl_zZ 1217281913 M * vargadani i know that this place is not really for that but I still ask, and maybe I get an answer. ^_^ So I am into network programming and would like to build a small client-server application. The problem is that I would like it to be multi threaded. I read about posix threads and I could create single threads etc. but I miss the part which would explain me the methods how I should use them in a larger scale.. 1217281928 M * vargadani if you have any ideas where to look it up or in which book let me know pls 1217282255 M * ktwilight_ vargadani, maybe ##networking :) also try in freenode 1217282263 M * vargadani alright 1217282267 M * vargadani will do that 1217282269 M * vargadani thanx 1217282349 M * ktwilight_ np 1217283045 N * DoberMann DoberMann[ZZZzzz] 1217283430 Q * vargadani Remote host closed the connection 1217284026 J * ntrs__ ~ntrs@77.29.78.160 1217284433 Q * ntrs_ Ping timeout: 480 seconds 1217284829 Q * dna__ Quit: Verlassend 1217284995 Q * ntrs__ Ping timeout: 480 seconds 1217285587 Q * larsivi Ping timeout: 480 seconds 1217286254 Q * loddafnir Quit: Leaving. 1217286351 Q * dowdle Remote host closed the connection 1217286865 J * stephan ~stephan@evilhackerdu.de 1217286867 M * stephan hi 1217286881 M * stephan finally back, for idling 1217286885 M * stephan but a question first.. 1217286891 M * stephan can i safely remove the klogd in a vserver guest? 1217286902 M * stephan apt-get tries to update it, and it kind of freaks me out 1217286910 M * stephan i guess i can not even remove it because it's a hardcore dependency 1217286929 M * daniel_hozac sysklogd tends to depend on it. 1217286933 M * daniel_hozac just disable the initscript. 1217287217 M * stephan thx 1217287744 J * Linus ~Nuhx@bl7-153-102.dsl.telepac.pt 1217288141 Q * rob-84x^ Ping timeout: 480 seconds 1217288319 M * Linus p/qui 1217288323 Q * Linus Quit: leaving