1224288043 M * jacob ping and ssh from the guest to 192.168.1.1 appear to be traversing the router. 1224288058 M * jacob and from other 192.168.1/24 to the guest 1224288069 M * Bertl good 1224288098 M * jacob where can I stick the two scope link rules for the guest table? they get yanked each time I shut the guest down 1224288123 M * Bertl probably the best option is one of the start/stop scripts 1224288137 M * Bertl I'd say pre-start should do the trick, but double check 1224288152 M * jacob ok. I'll have another go at those. I tried using them to mount / unmount and that didn't go well :) 1224288166 M * jacob start, pre, prepre :) 1224288167 Q * tam Ping timeout: 480 seconds 1224288214 M * Bertl well, you need to use the right one, i.e. they happen at different levels and in different spaces/contexts 1224288241 M * Bertl in general, for mount you want to use fstab or fstab.remote 1224288245 M * jacob ya, it seemed to be a context issue, even from prepre 1224288260 M * jacob k 1224288260 M * Bertl there is initialize too :) 1224288261 Q * dowdle Remote host closed the connection 1224288318 M * jacob i'll try the fstab ones. I had missed initialize 1224289312 J * jescheng ~jescheng@proxy-sjc-1.cisco.com 1224289313 M * jacob pre-start works great for adding routes to table grean 1224290067 M * Bertl excellent! 1224290086 M * jacob Bertl (and others) thank you for all your help. Doing further testing makes it apparent to me that all the trouble was caused by the localhost entry. I can remove my scripts and remove the ip rule, and it still works. 1224290130 M * Bertl you're welcome! guess you learned a thing or two tonight :) 1224290144 M * jacob lots! all good stuff 1224290165 M * Bertl maybe consider putting it on the wiki in some 'generic' way? 1224290176 M * jacob ya, I'm trying to pull my thoughts together 1224290203 M * jacob it seems that what I was trying to do with loopback, vserver does already and I should have just left it alone 1224290223 M * jacob (by doing it already, I mean how it sets lback to be eg 127.0.4.1) 1224290241 M * Bertl yep, that's the AUTO_LBACK feature 1224290331 M * jescheng hi Bertl 1224290350 M * Bertl hey jescheng! 1224290362 M * jescheng i have a question on the /tmp directory in the vserver. i see that it is mounted as tmpfs and not on the disk 1224290372 M * Bertl correct 1224290372 M * jescheng is that done on default for performance reasons? 1224290385 M * Bertl yes, mainly 1224290488 M * jescheng do you see any problem if we mount it to disk? 1224290514 M * Bertl I/O load will get a lot higher .. any reason for doing that? 1224290551 M * jescheng we might need a bigger /tmp, but we don't want to use up too much memory 1224290567 M * Bertl bigger as in 32M or as in 2GB? 1224290579 M * jescheng btw, is the memory used by /tmp accounted for by the vserver memory limit 1224290594 M * Bertl nope, but it has a hard limit on the mount 1224290616 M * Bertl well, hmm, actually it might be accounted, now that I think of it 1224290622 M * jescheng we're not quite sure how big yet, just trying to figure out some options 1224290636 M * Bertl it should be in the anonymous pages, but I'm not sure 1224290643 M * jescheng what do you mean by hard limit on the mount? 1224290659 M * Bertl i.e. it is currently mounted with 16M limit 1224290668 M * Bertl (the default) 1224290673 M * jescheng i see 1224290683 M * Bertl so that is what the guest can use up there, you can of course adjust that 1224290710 M * jescheng yes, i've tried increasing using the fstab in the config dir 1224290727 M * jescheng so it is accounted for in the memory limit? 1224290736 M * jescheng (for the entire vserver) 1224290740 M * Bertl not sure, give it a try :) 1224290756 M * Bertl i.e. check the limits, put a file of known size there 1224290767 M * jescheng got, will check on that 1224290773 M * Bertl check again, remove it, check to see what's up 1224290799 M * Bertl I presume it should be anonymous pages, but as the kernel allocates them, I'm not sure it gets accounted to the guest 1224290853 M * jescheng ok..i have one more question..regarding the fstab 1224290900 M * jescheng so should the fstab in the vserver config dir be the same as the fstab in the /etc/fstab of the guest? 1224290926 M * Bertl no, not necessarily 1224290940 Q * jescheng Remote host closed the connection 1224290941 M * Bertl the fstab inside the guest will be ignore by util-vserver 1224290958 J * jescheng ~jescheng@proxy-sjc-1.cisco.com 1224290959 J * tam ~tam@gw.nettam.com 1224290970 M * Bertl it might be used for remount or to figure mount related stuff 1224291085 M * jescheng ok.. so one needs to be able to mount in the vserver to really make use of it 1224291105 M * Bertl or have some tools which look there, for whatever purpose 1224291110 M * jescheng i see 1224291140 M * jescheng i was not able to remount /tmp (tmpfs) with SECURE_MOUNT...but I can do it with SYS_ADMIN 1224291156 M * jescheng sorry, i should clarify, remount it to a bigger tmpfs 1224291157 M * Bertl (which you do not want to give to a guest :) 1224291253 M * jescheng ahh...maybe what i need is SECURE_REMOUNT 1224291275 M * jescheng :) let me try that 1224291293 M * Bertl do you really want to make it changeable from _inside_ the guest? 1224291310 M * Bertl i.e. that is kind of defeating the purpose of having a limit in the first place, no? 1224291455 M * jescheng hopefully if the overal limit accounts for the tmpfs usage.. then i guess we're ok with letting the guest do what they want within their limits 1224291515 M * Bertl which wouldn't require remount capabilities 1224291656 M * jescheng by limit i don't mean the tmpfs limit. I mean the RSS limit given to the guest 1224291667 M * Bertl me too :) 1224291709 M * jescheng ok..but by default they only get 16MB for /tmp 1224291718 M * jescheng so if they want more for /tmp, don't they need remount? 1224291762 M * Bertl iif the memory is accounted, you do not need to specify the 16M limit in the first place, thus no remount is required 1224291813 M * jescheng oh i can do that? i see... 1224291830 M * jescheng so don't specify size= ....does it just grow as you use /tmp? 1224291912 M * Bertl as it does now, the real difference is that there is no upper limit .. note that the RSS limit if it applies, will lead to processes being killed off when the total limit is reached (not to disk full as the tmp limit) 1224292047 M * jescheng ok..that may be another reason the guest will need remount then. they might want more than 16MB but limit the size of tmpfs 1224292062 M * jescheng so that their process won't get OOM 1224292459 M * jescheng tried it out on util-vserver 30.210, patch 2.01. Looks like tmpfs is not accounted for in memory 1224292481 M * Bertl did you check the various limits with /proc ? 1224292511 Q * doener Quit: zZ 1224292537 M * jescheng my guest has 300mb (shows on top). I created tmpfs of 500mb (no problem) 1224292549 M * Bertl ah, 2.0 i.e. old stable branch? that is not unexpected 1224292550 M * jescheng and whe i dd a 500 mb file, i got OOM kill on the host 1224292638 M * Bertl 2.0.1 is more than 3 years old, it didn't even have proper memory accounting, IIRC 1224292723 M * jescheng do you think it might be in 2.2.0.5? 1224292762 M * jescheng i don't have a kernel now to try, but i'll give it a run later on i guess 1224292842 M * Bertl it all depends on where the pages come from 1224292878 M * Bertl but it shouldn't be too hard to account them if tey do not add to the memory yet (could even be a separate limit) 1224292914 M * Bertl means if you volunteer to do some testing, we can arange that in vs2.3.x :) 1224293063 M * jescheng i don't mind testing it. however..i believe the next vserver patch we're going to will be 2.2.0.5 1224293127 M * jescheng so if it's not there... then we probably have to go with the disk at least for now 1224293564 M * jacob Bertl: I'm rounding a few of the places that got me started down the wrong path of trying to manually add the loopback address. I think I'll need some input for changes 1224293578 M * jacob http://linux-vserver.org/Frequently_Asked_Questions#How_do_i_install_nagios-plugins_on_a_Gentoo_guest.3F 1224293622 M * jacob it seems that is no longer true with patch 2.3. perhaps earlier. I am not sure. 1224293687 M * jacob in a similar light are: 1224293689 M * jacob http://linux-vserver.org/Problematic_Programs#127.0.0.1_issues 1224293699 M * jacob which is echoed in http://linux-vserver.org/Frequently_Asked_Questions_scratch#127.0.0.1_issues 1224293772 M * Bertl yeah, well, unfortunately folks keep adding that back 1224293806 M * Bertl the problem is, adding 127.x addresses always was kind of problematic 1224293838 M * Bertl and usually the result of a broken app, like nagios 1224293963 M * jacob What is a reliable simple test people can do to see if loopback works right? would ping 127.0.0.1 have caught the same issue nagios' compile ran into? 1224294009 M * Bertl that is part of the problem, you shouldn't ping 127.0.0.1 in the first place :) 1224294015 M * jacob I'd love to edit them and start out with, This is not a problem in patch 2.3 or later :) 1224294037 M * Bertl loopback is _always_ working fine, it is part of the host config and if configured correctly, just works 1224294070 M * Bertl i.e. there is no need to test for working loopback 1224294105 M * Bertl older kernels, used to do no specific mapping at all, and thus required to set 'localhost' to the first assigned guest IP 1224294120 M * Bertl (which made stuff like 'ping localhost' work too, btw) 1224294140 M * jacob but ping 127.0.0.1 use to not work at versions before X 1224294153 M * Bertl broken apps, which use 127.0.0.1 (hardcoded) instead of localhost will fail with that setup) 1224294193 M * Bertl have you considered that ping 127.0.0.1 will also fail on a non Linux-VServer host with localhost being 127.0.0.2 ? 1224294262 M * Bertl anyway, more recent kernels do remapping of 127.0.0.1 to the first IP, so that this is covered too 1224294276 M * jacob I must be misunderstanding what you mean. /etc/hosts 127.0.0.2 localhost; ping 127.0.0.1; works 1224294303 M * Bertl and finally, vs2.3.x kernels support (starting with a certain revision) a complete forward and back mapping for 127. 1224294319 M * Bertl jacob: do the following on your test system: 1224294339 M * Bertl ifconifg lo 127.0.0.2/8 up 1224294345 M * Bertl *ifconfig even 1224294346 M * jacob yes, I see how that would fail 1224294351 M * jacob it wouldn't be at that ip address 1224294369 M * Bertl exactly, but note: all but broken apps would work with that setup 1224294399 M * jacob where broken = not using gethostbyname('localhost') right? 1224294406 M * Bertl exactly 1224294415 M * jacob and where /etc/hosts 127.0.0.2 localhost 1224294416 M * Bertl assuming localhost == 127.0.0.1 is just wrong 1224294450 M * Bertl hardcoding 127.0.0.1 into any app is even more wrong :) 1224294489 M * Bertl but the so called 'loopback isolation' in vs2.3.x takes care of those broken apps too 1224294526 M * Bertl (by remapping anything within 127.0.0.1/8 to 127.x.y.1 1224294533 M * jacob i'm with you on all of that. Now what I want to do is edit these "create interface directory 0" posts and preface them with /if you have kernel > x and vserver patch >than y / (or more simply just the y) /then do not follow these notes. loopback remapping is available and may be on by default. see Z/ 1224294571 M * jacob it makes people feel better as well. "I don't want mysql listening on my external interface" 1224294590 M * Bertl well, in general I would remove those 'create ... with lo' entries, they are just wrong regardless of the kernel version) 1224294619 M * Bertl there is a single case where you actually _want_ to put lo/127.x.y.z into interfaces 1224294629 M * jacob I don't dare. I don't think I have the wiki karma :) 1224294664 M * Bertl and that is with vs2.3.x, remapping disabled and LBACK_ALLOW set) 1224294694 M * Bertl in which case you will create a shared 127.x.y.z for use across several guests (and the host) 1224294731 M * Bertl in all other cases you either want to change localhost, the app in question or upgrade to a newer patch :) 1224294779 M * jescheng Bertl: i gg for now, thanks a lot for your help! I'll get back after trying on 2.2.0.5 1224294791 M * Bertl jescheng: you're welcome! cya 1224295048 Q * jescheng Quit: Leaving 1224295869 M * Bertl okay, off to bed now .. have a good one everyone! cya! 1224295874 N * Bertl Bertl_zZ 1224296448 Q * yarihm Ping timeout: 480 seconds 1224297650 J * derjohn_foo ~aj@p5B23F86C.dip.t-dialin.net 1224297762 Q * jacob Ping timeout: 480 seconds 1224298068 Q * derjohn_mob Ping timeout: 480 seconds 1224303944 Q * Loki|muh Remote host closed the connection 1224304227 J * jmcaricand jm@172.252.192-77.rev.gaoland.net 1224306145 Q * tam Remote host closed the connection 1224306161 J * tam ~tam@gw.nettam.com 1224307508 J * doener ~doener@i577AE087.versanet.de 1224310925 J * mtg ~mtg@dialbs-088-079-143-204.static.arcor-ip.net 1224311243 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1224312498 Q * mattzerah Ping timeout: 480 seconds 1224312973 P * jmcaricand 1224313624 J * mattzerah ~matt@pool1-180.dyn.winshop.com.au 1224314936 Q * derjohn_foo Ping timeout: 480 seconds 1224315945 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1224320114 J * cga ~weechat@94.36.121.222 1224322951 J * derjohn_foo aj@p57A6D078.dip.t-dialin.net 1224323612 J * pmenier ~pmenier@ACaen-152-1-48-231.w83-115.abo.wanadoo.fr 1224324271 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1224325484 Q * Aiken Quit: Leaving 1224326348 J * frootat ~joern@dyndsl-080-228-189-150.ewe-ip-backbone.de 1224326542 N * Bertl_zZ Bertl 1224326545 M * Bertl morning folks! 1224327075 M * kwowt moin:P 1224327081 M * kwowt haha 1224327095 M * kwowt Bertl you're the last one to go to sleep and the first one to wake up here 1224327106 M * kwowt okay, off to bed now .. have a good one everyone! cya! 1224327106 M * kwowt * Bertl is now known as Bertl_zZ 1224327108 M * Bertl seems so :) 1224327453 N * frootat frootat___away 1224327865 J * duckx ~Duck@81.57.39.234 1224327930 N * frootat___away frootat 1224327979 M * Bertl wb frootat! :) 1224327988 M * frootat thx :) 1224329141 Q * duckx Read error: Connection reset by peer 1224329186 J * duckx ~Duck@81.57.39.234 1224329607 J * m_o_d ~kane@host.ltv.pl 1224329788 J * yarihm ~yarihm@77-56-182-18.dclient.hispeed.ch 1224330583 J * Loki|muh loki@satanix.de 1224330853 Q * derjohn_foo Ping timeout: 480 seconds 1224330860 Q * duckx Remote host closed the connection 1224331382 J * duckx ~Duck@81.57.39.234 1224333132 N * frootat frootat___away 1224333292 Q * duckx Remote host closed the connection 1224334296 Q * ensc Remote host closed the connection 1224334708 J * ensc ~irc-ensc@77.235.182.26 1224335191 J * duckx ~Duck@81.57.39.234 1224335927 Q * hijacker_ Quit: Leaving 1224337802 J * h01ger ~holger@socket.layer-acht.org 1224337806 M * h01ger hi 1224337816 M * h01ger is http://oldwiki.linux-vserver.org/Disk+Limits not current anymore? 1224337820 M * Bertl hey h01ger! LTNS! 1224337847 M * Bertl in what regard? 1224337853 M * h01ger indeed - vserver just work too well :) 1224337867 M * h01ger df tells me i have 16k used :) 1224337883 M * h01ger using util-vserver 0.30.212-1 and 2.6.18... (etch) 1224337888 M * Bertl sounds good, lot of space left, no? 1224337898 M * h01ger 0% used is not realistic :) 1224337942 M * Bertl well, you want to get a newer kernel and newer tools 1224337957 M * Bertl the tools will calculate the space properly 1224337989 M * h01ger it works for me on another vserver host, so i dont buy that :) 1224337990 M * Bertl 2.6.22.x and 0.30.215 should be fine 1224338005 M * h01ger that said, maybe i use newer util-vserver there.. 1224338007 A * h01ger checks 1224338012 M * Bertl well, if it works for you on the other host, why not do the same on this one :) 1224338045 M * h01ger no, same versions there 1224338410 M * daniel_hozac h01ger: have you hashified it? 1224338422 M * daniel_hozac vdu will only count files that belong to the current tag. 1224338781 M * h01ger yes, i ran http://paste.debian.net/19483/ with the name of the vserver as first argument and "10" as the second. this includes running chxid.. 1224338859 M * daniel_hozac so it's not a mount point or anything like that? 1224339148 M * h01ger ? what do you mean? 1224339149 M * h01ger /dev/hda5 on /var/lib/vservers type ext3 (rw,tagxid) 1224340007 J * ktwilight[m] ~ktwilight@135.89-66-87.adsl-dyn.isp.belgacom.be 1224340121 M * h01ger ok, deleting the cache helped 1224341498 J * nkukard ~nkukard@196.212.73.74 1224343248 J * derjohn_foo ~aj@e180210024.adsl.alicedsl.de 1224344713 N * AndrewLe1 AndrewLee 1224346443 J * hparker ~hparker@linux.homershut.net 1224347556 Q * mtg Quit: Verlassend 1224347749 M * phedny is there a place on the net where I can read a little more about the concept of namespaces? 1224347771 M * phedny I know they're used by linux-vserver and I now encountered them for my study 1224347779 M * phedny but I cannot find some good documentation with google :( 1224347900 M * Bertl google for: private namespaces linux 1224348097 M * phedny actually my main question is about: how can you enter a specific namespace, like vserver enter does? 1224348110 M * phedny I've managed to create new namespaces with unshare() and with clone() 1224348117 M * pmjdebru1jn namespaces are a general concept, which _can_ be applied to operating systems 1224348195 M * phedny of course I should just read the util-vserver source :) 1224348208 M * Supaplex no, don't do that! it's secret! ;) 1224348960 P * h01ger have fun! 1224349153 Q * yarihm Quit: Leaving 1224349411 A * Supaplex moves a few mature guests into individual lvm logical volumes 1224349479 Q * nenolod Quit: Leaving 1224349909 J * nenolod ~nenolod@ip70-189-74-62.ok.ok.cox.net 1224349990 J * doener_ ~doener@i577AC07F.versanet.de 1224350084 Q * SpComb Ping timeout: 480 seconds 1224350091 Q * doener Ping timeout: 480 seconds 1224351967 J * frootat ~joern@dyndsl-080-228-182-018.ewe-ip-backbone.de 1224352314 Q * frootat___away Ping timeout: 480 seconds 1224352321 N * frootat frootat___away 1224352681 N * frootat___away frootat 1224353299 J * SpComb terom@zapotek.paivola.fi 1224354140 M * bibabu Hey..how can i remove a limit set with vlimit? 1224354939 M * Bertl use `unlimited` as magic value 1224359362 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg 1224359727 Q * Walex Remote host closed the connection 1224362881 J * jmcaricand jm@172.252.192-77.rev.gaoland.net 1224363493 J * Aiken ~Aiken@ppp118-208-28-181.lns2.bne1.internode.on.net 1224364203 Q * hijacker_ Quit: Leaving 1224365831 P * jmcaricand 1224366887 Q * bonbons Quit: Leaving 1224371763 J * sitkarev ~sitkarev@ppp78-37-61-110.pppoe.komi.dslavangard.ru 1224371787 M * sitkarev Hello. 1224371793 M * Bertl hey! 1224371816 M * sitkarev Some days ago I refered to the IRC channel with a question concerning kernel oops. 1224371833 M * sitkarev I spoke with Daniel Hozac. 1224371867 M * sitkarev The question was about cifs oopsing the kernel and I promissed to report the results of testing of non-vserver kernels. 1224371869 M * Bertl excellent! got an url with the oops? 1224371892 M * sitkarev This is not vserver-related problem. 1224371907 M * sitkarev And moreover it is reproducible on all kernels from 2.6.18 to 2.6.26 1224371917 M * Bertl I kind of expected that, but would be interesting nevertheless 1224371932 M * sitkarev https://bugzilla.samba.org/show_bug.cgi?id=5821 1224371955 M * sitkarev Here are the details. I tried to contact that guy directly with some additional questions but got no answer. 1224371962 M * sitkarev I am done with my promise. 1224371994 M * Bertl yeah, thanks a lot for the feedback! 1224372026 M * sitkarev Seems that Daniel was right. This is a reference counting/locking problem which is not usual because nobody is using 30-40 cifs mounts to the same server. 1224372060 M * Bertl hehe, yeah I can imagine 1224372076 M * sitkarev Thank you guys. Keep healthy. Please, tell this detail to Daniel and also my regards. 1224372080 M * sitkarev Good buy. 1224372082 M * Bertl the interesting part is that I kind of remember somebody reporting a kernel oops with cifs 1224372092 M * sitkarev That could be me. 1224372109 M * Bertl not sure about that, could have been a second case 1224372109 M * sitkarev CifsVFS code sometimes looks very confusing. 1224372115 M * sitkarev We are not using it any more and moved to NFSv4. 1224372129 M * Bertl you should take a look at the xfs code if you want `#confusing` 1224372136 M * sitkarev A good beast really. Locking is done. 1224372147 M * sitkarev ))) Never did that. I'll try. 1224372167 M * Bertl anyway, thanks again for the feedback, and have fun with Linux-VServer 1224372182 M * Bertl (and feel free to hang around if you like) 1224372191 M * sitkarev Yes. Very usefull for us. It is not a secret. We have vserverized everything. 1224372217 M * sitkarev See you. I hope only with good news. 1224372227 M * Bertl k, cya 1224372250 P * sitkarev