1271117075 Q * BenG Quit: I Leave
1271118957 Q * derjohn_mob Ping timeout: 480 seconds
1271119484 J * derjohn_mob ~aj@d004051.adsl.hansenet.de
1271120156 Q * ViRUS Quit: If there is Artificial Intelligence, then there's bound to be some artificial stupidity. (Thomas Edison)
1271122735 J * ecapriolo ~kvirc@ool-4357de9d.dyn.optonline.net
1271122955 M * ecapriolo Hey all, I just build a vserver kernel can create a vs and enter itbut the ip is in the guest but also in the host
1271123253 M * Bertl okay?
1271123319 M * ecapriolo So the guest has no network capabilities. I do not know what I did wrong
1271123349 M * Bertl I think you are misinterpreting something here
1271123382 M * Bertl Linux-VServer uses IP isolation, so by definition, all guest IPs are also host IPs ...
1271123407 M * Bertl or to put it the other way round, the guest gets a subset of the host IPs 'assigned
1271123422 M * Bertl and can then bind ports to those IPs
1271123573 M * ecapriolo Bertl: Yes I haved used vserver before. I have given guests private ips. they dont appear in the parent
1271123604 M * Bertl if parent means host, then this would we very strange :)
1271123657 M * Bertl upload 'ip a l' (done on the host and guest) for more details
1271123671 M * Bertl (please use paste.linux-vserver.org for everything longer than 3 lines)
1271123879 M * ecapriolo http://paste.linux-vserver.org/14900
1271123948 M * Bertl so your guest has 10.10.10.1/24 while your host uses 192.168.1.104/24, yes?
1271123960 M * ecapriolo Yes
1271123980 M * Bertl okay, and you cannot reach 'the internet' from the guest, is that the problem?
1271124007 M * ecapriolo Yes. 
1271124073 M * ecapriolo Just an FYI, this is a laptop so perhapse the Network Manager is messing things up.
1271124103 Q * bobnormal Quit: .
1271124115 M * ecapriolo I have a cent os server and my guest IP do not appear on the host, so I am wondering if I built my kernel wrong
1271124128 M * Bertl no, this is a misconfiguration on 'your' side, let me explain
1271124141 M * Bertl first, do the following:
1271124161 M * Bertl ping -c 1 www.google.com  # on the host
1271124179 M * Bertl you should see that the ping reaches a certain IP
1271124250 M * ecapriolo Yes.
1271124263 M * Bertl okay, now let's use that IP for the next command
1271124285 M * Bertl ping -c 1 -I 192.168.1.104 <ip>  # again on the host
1271124290 M * ecapriolo Bertl: I see I  need to do some natting
1271124322 M * Bertl precisely, with the next command, using 10.10.10.1 instead of 192.168.1.104 you can test that your nat setup is fine
1271124334 M * Bertl i.e. something like:
1271124354 M * ecapriolo I have the same setup on my production server but my guest IP's do not show up when i run ifconfig on the host
1271124403 M * Bertl that is because ifconfig is really really old and thus doesn't see that well anymore :)
1271124441 M * Bertl i.e. ifconfig uses a kernel interface which was obsoleted like 10 years ago and replaced with 'ip' from iproute2
1271124477 M * Bertl if you use 'ip a l' instead of ifconfig -a, you'll see all guest IPs on the host 
1271124478 M * ecapriolo Bertl: Ah correct. I can ping other interfaces on my laptop so my routing is working
1271124692 J * hparker ~hparker@2001:470:1f0f:32c:215:f2ff:fe60:79d4
1271124726 M * Bertl so problem solved, everything fine?
1271124765 M * ecapriolo Yes. You know what is bad.
1271124768 M * ecapriolo I wrote this.http://linux-vserver.org/Networking_vserver_guests_RHEL
1271124784 M * ecapriolo But The IP appearing in the parent made me think something was wrong.
1271124809 M * ecapriolo Bertl: So yes. Everything is working. 
1271124816 M * Bertl excellent!
1271124833 M * Bertl FYI: the ip appeared because it is a primary
1271124837 M * ecapriolo Bertl: I am going to host this kernel on my site. I really want to support FC12 and push vserver
1271124862 M * Bertl i.e. for each interface and network, the first IP becomes a primary
1271124888 M * ecapriolo Bertl: That is true. That is my hard wire and I am not plugged in right now.
1271124912 M * Bertl which often causes some grief when this IP is removed (e.g. when the guest is shut down) because - unless you enable promote secondaries - this will bring down all other IPs (secondaries) in the same network
1271125108 M * ecapriolo Bertl: Ok. I have dealt with something similar before. I am not sure this is a problem. 
1271125309 M * Bertl it isn't if you either enable 'promote secondaries' or make sure that the primary is not removed :)
1271126434 M * ecapriolo I enabled that syscontrol. Thank you for the tip
1271127657 J * SauLus_ ~SauLus@c135179.adsl.hansenet.de
1271128009 Q * manana Ping timeout: 480 seconds
1271128024 M * Bertl you're welcome!
1271128064 Q * SauLus Ping timeout: 480 seconds
1271128064 N * SauLus_ SauLus
1271128148 J * ktwilight ~keliew@129.182-247-81.adsl-dyn.isp.belgacom.be
1271128436 Q * ktwilight_ Ping timeout: 480 seconds
1271129697 Q * ecapriolo Quit: KVIrc Insomnia 4.0.0, revision: 4030, sources date: 20100125, built on: 2010-02-25 23:12:54 UTC http://www.kvirc.net/
1271130120 Q * hparker Quit: Quit
1271134476 J * balbir ~balbir@122.248.163.1
1271135649 J * sharkjaw ~gab@90.149.121.45
1271136402 J * ghislain ~AQUEOS@adsl2.aqueos.com
1271137219 J * ntrs ~ntrs@77.29.87.62
1271137554 J * petzsch ~markus@dslb-088-075-173-206.pools.arcor-ip.net
1271139516 J * hijacker ~hijacker@213.91.163.5
1271140014 Q * derjohn_mob Ping timeout: 480 seconds
1271140906 N * DoberMann[ZZZzzz] DoberMann
1271141090 M * Bertl off to bed now ... have a good one everyone!
1271141095 N * Bertl Bertl_zZ
1271141713 J * manana ~mayday090@84.17.25.149
1271142672 Q * petzsch Quit: Leaving.
1271143292 Q * ghislain Quit: Leaving.
1271145646 Q * theocrite Remote host closed the connection
1271145872 J * derjohn_mob ~aj@213.238.45.2
1271146593 J * barismetin ~barismeti@zanzibar.inria.fr
1271147517 J * ghislain ~AQUEOS@adsl2.aqueos.com
1271148924 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net
1271150165 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com
1271150500 J * thierryp ~thierry@zankai.inria.fr
1271151309 Q * Romster Remote host closed the connection
1271151861 Q * ntrs Ping timeout: 480 seconds
1271152486 Q * barismetin Quit: Leaving...
1271152500 J * barismetin ~barismeti@zanzibar.inria.fr
1271153210 J * theocrite ~Hubert@kim.theocrite.org
1271154207 Q * balbir Ping timeout: 480 seconds
1271158259 J * balbir ~balbir@122.248.163.1
1271158643 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com
1271158957 Q * balbir Ping timeout: 480 seconds
1271159625 J * yarihm ~yarihm@80-219-150-83.dclient.hispeed.ch
1271161617 J * ntrs ~ntrs@77.29.87.62
1271162487 Q * http203 Remote host closed the connection
1271163215 J * http203 ~http203@d80h232.public.uconn.edu
1271164076 J * nkukard_ ~nkukard@196-210-201-119.dynamic.isadsl.co.za
1271164253 Q * nkukard Ping timeout: 480 seconds
1271165215 Q * jrdnyquist Quit: Leaving
1271165658 J * jrdnyquist ~jrdnyquis@slayer.caro.net
1271166662 J * ecapriolo ~kvirc@209.249.216.2
1271166829 M * pmjdebruijn hmmm
1271166838 M * pmjdebruijn another 2.6.27.x got released /me just noticed
1271168776 J * oli ~oli@62.152.161.117
1271168782 M * oli Hi all
1271168807 M * oli is there a reason why virt_mem with rss limit is not working any more on 2.6.33.* ?
1271168831 M * daniel_hozac you have to use the memory cgroup
1271168870 M * oli hmm okay, this is a problem, because of the swap, it seems that this slows a complete host down
1271168889 M * daniel_hozac so give your guest enough RAM
1271168895 M * oli ;)
1271168969 M * oli i moved recently from rlimits to cgroup, but this makes a lot of problems because of the swaping
1271169478 J * dowdle ~dowdle@scott.coe.montana.edu
1271169918 M * ghislain i dont see how cgroup will make swap your box unless it allready did before :p
1271169943 M * ghislain oh sorry missread you
1271169963 M * ghislain you mean you have not changed to cggroup therefor your limits are not enforced i see :p
1271170442 M * oli with older versions, if set rss.soft and rss.hard one vserver could make use of rss.hard but if enogh ram was available no swaping was done
1271170478 M * oli and now there is swapping as soon there is no "rss.soft" left
1271170493 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1271170557 Q * ex Remote host closed the connection
1271170594 M * oli maybe it is possible to use memory.limit_in_bytes as als rss.hard and memory.soft.limit_in_bytes as rss.soft, but then the output of free does not show rss.soft and rss.hard in the old way
1271170706 Q * jrklein Remote host closed the connection
1271170761 M * oli this means, that swaping is done on host and maybe there is no reason to swap because of one guest needing more memory
1271170794 J * jrklein ~jrklein@2001:0:53aa:64c:0:6bd2:b97d:df43
1271170800 Q * sharkjaw Remote host closed the connection
1271170822 M * oli with rss.soft and rss.hard host's nearly never swapped out pages
1271170880 J * ex ex@valis.net.pl
1271171441 N * Bertl_zZ Bertl
1271171445 M * Bertl morning folks!
1271171459 M * oli hi bertl
1271171483 J * balbir ~balbir@122.172.29.8
1271171509 J * bsarora ~balbir@122.172.29.8
1271171629 M * oli bertl, could you please read my conversation before you came available?
1271171823 M * Bertl with recent kernels you want to use the cgroup memory controller (which has virt_mem support when it is enabled in the kernel)
1271171856 M * Bertl you should be able to control the swap limit with the memsw (swap controller)
1271171921 M * oli yes but the problem is, if one cgroup has to swap the whole host has performance problems
1271171985 M * Bertl that is not unexpected
1271172025 M * oli with your system we did necer get into such a situation ;)
1271172055 M * Bertl that's the beauty of mainline solutions :)
1271172080 M * oli that's bad
1271172085 M * Bertl anyway, you can a) use the old system (for now) if you disable the cgroup controller
1271172108 M * oli do i have to complety deactivate cgroup? Or is it possible to only deactivate memory?
1271172124 M * Bertl or which would be the better approach b) report that to the cgroup/memres developers and ask for a 'better' solution
1271172161 M * Bertl only the memres needs to be disabled for the 'old' rss limits to be used
1271172177 M * oli which is the best way to contact the dev's?
1271172192 M * Bertl probably via lkml or directly
1271172248 M * oli is bugzilla.kernel.org also a possible option?
1271172358 M * Bertl I presume the suggestion will be to _not_ use the swap limit ... i.e. set the mem+sw limit to the same as the hard memory (or just not use it at all)
1271172504 M * oli that's bad and wasts time ;)
1271172736 M * oli am i right, that rss.soft and rss.hard works until 2.6.31
1271172872 M * BenG and beyond I believe oli, though I've really had a good luck
1271172874 M * Bertl it should also work on 2.6.33, if you disable the memory cgroup subsystem at kernel build time
1271172902 A * BenG corrects grammar "though I've NOT really had a good look"
1271172927 M * Bertl that was grammar and syntax :)
1271172943 M * Bertl as well as semantics :)
1271172970 M * Bertl note that OOM conditions are not well handled in recent kernels, so it really might pay off to improve/adjust the cgroups one
1271173086 M * oli i think i'll have atry on the lkm
1271173197 Q * ntrs Read error: Connection reset by peer
1271173212 J * ntrs ~ntrs@77.28.30.63
1271173347 M * BenG Bertl, what actually are the issues with the OOM killer? Are they written up anywhere?
1271173393 M * ecapriolo Bertl: Just as I got my new FC12 vserver kernel build, 2.6.32.10-90, FC12 released 2.6.32.11* :)
1271173598 M * Bertl BenG: the main issue is that we end up in a killing spree when the OOM condition inside a context cannot be resolved easily (which seems to happen relatively often nowadays)
1271173616 M * Bertl ecapriolo: those bastards! :)
1271173720 M * ecapriolo Bertl: I want to have a FC12 repo with the kernel, vyum (chroot), util-vserver. So FC12 users can jump right into vserver.
1271173721 M * sid3windr :)
1271173771 M * Bertl ecapriolo: luckily we have a patch for that version too :0
1271173773 A * sid3windr is running debian xen+vserver kernel from etch and has OOM killing while 0 bytes swap are in use.. meh :)
1271173916 M * ecapriolo sid3windr: Awesome. I was looking into building that kernel a while ago. You must have done some crazy patching. Xen is a beast
1271173988 M * sid3windr well, no, I didn't
1271173991 M * sid3windr debian did it for me
1271174008 M * sid3windr hence it's probably buggy and noone fixes it - they don't have a mixed xen+vserver in lenny anymore.. :)
1271174013 M * sid3windr probably for that reason ;)
1271174148 M * ecapriolo That would be the best of both worlds I guess para-virtualize most things well, linux on linux -> vserver
1271174303 M * Bertl xen and Linux-VServer work nicely side by side, in all mix and match variations
1271174331 J * imcsk8 ~ichavero@148.229.1.11
1271174352 M * Bertl although I usually suggest to use kvm instead of xen (because kvm is actively developed and already in the kernel :)
1271174375 M * ecapriolo Bertl: I found it very hard to get information about how to get Xen patch and then how to apply it.
1271174449 M * ecapriolo Bertl: XenSource went so commercial after that all I could find was DVD iso's for there XenSource whatever.
1271174905 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1271176031 M * sid3windr yea
1271176033 M * sid3windr I want to go kvm
1271176038 M * sid3windr but my current cpus don't do vt :[
1271176224 Q * dowdle Remote host closed the connection
1271176455 Q * bsarora Read error: Connection reset by peer
1271176476 J * dowdle ~dowdle@scott.coe.montana.edu
1271176534 Q * balbir Read error: Connection reset by peer
1271176558 Q * barismetin Remote host closed the connection
1271176671 M * Bertl sid3windr: well, then xen isn't such a good idea either, but you still can use qemu on that
1271176769 M * Chlorek virtualbox is better
1271177263 J * balbir ~balbir@122.172.20.149
1271177264 J * bsarora ~balbir@122.172.20.149
1271177582 Q * gnuk Quit: NoFeature
1271178321 N * DoberMann DoberMann[PullA]
1271178757 Q * FireEgl Read error: Connection reset by peer
1271179616 Q * derjohn_mob Ping timeout: 480 seconds
1271179648 J * petzsch ~markus@dslb-088-075-173-206.pools.arcor-ip.net
1271180798 J * derjohn_mob ~aj@d004051.adsl.hansenet.de
1271181313 Q * thierryp Quit: ciao folks
1271181498 J * barismetin ~barismeti@zanzibar.inria.fr
1271181981 Q * barismetin Ping timeout: 480 seconds
1271182220 M * rooijan anyone bump into this nasty yet? vlogin: openpty(): No such file or directory
1271182270 M * rooijan I can confirm stopping and starting manually as per http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570382 works.  still nasty in my production environment where I could not stop outside of maintenance windows
1271182592 Q * jrklein Quit: jrklein
1271182774 M * Bertl rooijan: kernel/patch/util-vserver version?
1271182974 M * rooijan 2.6.26-2-vserver-686 / VS-API: 0x00020303 / util-vserver: 0.30.216-pre2772
1271183004 M * rooijan all standard lenny debian.  nothing custom anymore in my env sorry
1271183008 M * Bertl could you try with a recent kernel if the issue persists?
1271183046 M * rooijan sure will.  i have some other servers i can try things on.  will let you know.  the workaround works for now as long as all my admins knows about it.
1271183158 M * dannf Bertl: btw, do you have a vserver patch for 2.6.32.11? .11 introduced a conflict w/ what we have in Debian (in quotaops.h) - i attempted to fix it, but would like to confirm its correctness
1271183166 M * Bertl rooijan: hmm, sec, let me read the bug report
1271183187 M * Bertl dannf: usual place
1271183202 M * Bertl http://vserver.13thfloor.at/ExperimentalT/
1271183262 M * Bertl Hollow: we seem to have a problem with the experimental matrix not being updated properly, again ...
1271183362 M * dannf Bertl: cool, it matches - thanks.
1271183506 M * Bertl rooijan: looking at the bug report you can save the time and skip any tests, when the update somehow removed the symlinks, that is very likely to be the _only_ thing causing this
1271183542 J * jrklein ~jrklein@2001:0:53aa:64c:0:ceb:b957:8a5b
1271183560 Q * jrklein 
1271183718 M * rooijan bertl: thanks.  I am not 100% sure I understand which update and which symlinks exactly you are talking about.  I do have a sunday maintenance window and will double check symlinks I use and reboot this box.  Thanks!
1271183747 M * Bertl the /dev/fd ones
1271183762 M * Bertl ll /dev/fd
1271183762 M * Bertl lrwxrwxrwx 1 root root 13 Apr  9 17:09 /dev/fd -> /proc/self/fd/
1271183801 M * Bertl those should be present for all guests, in case any app tries to use them (no need to manually create /dev/fd/* entries though)
1271183960 M * Hollow Bertl: i switched from fcron to dcron ... the script did not have the executable bit set, so fcron seems to not care about that !?
1271183965 M * Hollow anyway, should be fixed
1271183990 Q * petzsch Read error: Connection reset by peer
1271184155 J * petzsch ~markus@dslb-088-075-173-206.pools.arcor-ip.net
1271184247 M * rooijan bertl: gotcha. will do.
1271184498 J * Pazzo ~ugelt@sadsl-246059.rol.raiffeisen.net
1271184510 Q * Pazzo 
1271185005 Q * BenG Quit: I Leave
1271185531 Q * dowdle Remote host closed the connection
1271185747 Q * petzsch Read error: Connection reset by peer
1271186251 J * dowdle ~dowdle@scott.coe.montana.edu
1271186444 M * urbee hoi
1271186453 M * urbee i've just rsync a vps from one machine to another
1271186460 M * Bertl what options?
1271186476 M * urbee -aPxvc
1271186484 M * Bertl no --numeric-owner?
1271186491 M * urbee no
1271186510 M * Bertl okay, and your problem is?
1271186513 M * urbee well
1271186519 M * urbee i can ping the ip from the host enviroment
1271186527 M * urbee cat ping any from inside guest
1271186554 M * urbee except of my own
1271186585 M * Bertl i.c. well, the missing --numeric-owner might have messed up your guest file ownership, but that is not related to the problem at hand
1271186609 M * Bertl your guest has a routed IP?
1271186634 M * urbee yea
1271186652 M * Bertl please upload 'ip a l' from host and inside the guest to a pastebin (feel free to anonymize the data)
1271187321 M * urbee Bertl with --numeric-owner you mean--numeric-ids?
1271187351 M * Bertl yeah, the other one is probably for tar :)
1271187665 J * FireEgl Proteus@2001:470:e056:1:223:54ff:fe89:b207
1271188583 Q * FireEgl Quit: Leaving...
1271190341 J * FireEgl Proteus@2001:470:e056:1:223:54ff:fe89:b207
1271190605 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1271191354 Q * BenG Quit: I Leave
1271191556 Q * yarihm Quit: Leaving
1271192072 Q * bonbons Quit: Leaving
1271193737 J * derjohn_foo ~aj@c193120.adsl.hansenet.de
1271194136 Q * derjohn_mob Ping timeout: 480 seconds
1271194297 J * theocrit1 ~Hubert@kim.theocrite.org
1271194386 Q * theocrite Quit: Lost terminal
1271195913 Q * oli Quit: Leaving
1271195917 Q * ntrs Ping timeout: 480 seconds
1271197428 Q * ecapriolo Ping timeout: 480 seconds
1271198215 Q * ghislain Quit: Leaving.
1271200214 N * DoberMann[PullA] DoberMann[ZZZzzz]