1294359346 J * saschagehlich ~sascha@p57931895.dip.t-dialin.net
1294359350 Q * saschagehlich 
1294359412 J * saschagehlich ~sascha@p57931895.dip.t-dialin.net
1294361838 M * ser to have active-active solution on two servers with vserver, i do need two drbd partitions, do not i?
1294361868 M * ser two drbd or one glusterfs-like?
1294362519 M * Bertl usually yes
1294362575 M * ser ok and i mount /vservers1 primary and /vservers2 secondary on the first server, and so on?
1294362594 M * Bertl for example
1294362605 M * ser ok, thanks, i am starting to understand :)
1294362620 M * Bertl you can also have one drbd partition for each guest if you like, but that would defeat sharing
1294362650 M * ser i am thinking on lvm on the top of drbd
1294362662 M * ser and drbd over crypstetup :)
1294362675 M * Bertl same problem with lvm volumes
1294362708 M * Bertl i.e. on a shared filesystem you can benefit from identical files, like binaries and libraries
1294362727 M * Bertl but OTOH, if you guests do not use the same distro, it might not really matter to you
1294362787 M * ser no, each guest has own lvm volume
1294362837 M * ser btw, here is a good drbd+ha+vserver guide: http://www.kkoncepts.net/HA
1294362847 M * saschagehlich Bertl: when I'm trying to load my image with grub, it says "The file /boot/grub/stage1 not read correctly." when I try to do grub-install /dev/sda1
1294362865 M * Bertl that's what I mean .. i.e. you'll lose the benefit from unification across guests ...
1294362928 M * ser Bertl: ok, thanks a lot, mate, i will try to add it to FAQ when I finish 
1294362928 M * Bertl saschagehlich: so you didn't get grub to boot at all, and thus your problem is different than the one with lilo, yes?
1294362940 M * saschagehlich Bertl: yes
1294363131 M * Bertl doesn't your distro provide some way to install a bootloader (in this case grub)?
1294363161 M * saschagehlich well, it's debian lenny. the only way to install grub is via apt-get and grub-install [DEVICE] I guess?
1294363208 M * ser saschagehlich: no, you can also install it from shell :)
1294363263 M * saschagehlich ser: you mean from source?
1294363277 M * Bertl nah, I guess ser refers to the grub shell
1294363313 M * Bertl i.e. if you boot from a grub boot disk for example, you get a special grub shell where you can inspect filesystems and setup grub
1294363327 M * Bertl (and do a bunch of other cool stuff)
1294363355 M * saschagehlich well yea, that's what I get when I just enter "grub", right?
1294363372 M * Bertl not exaclty
1294363377 M * Bertl *exactly
1294363406 M * ser grub faq is very friendly and heplful
1294363410 M * Bertl this is a similar shell, but it works 'through' the booted system, where the grub shell from the install/bootloader works without any instaled us
1294363423 M * ser i used it meny times
1294363426 M * Bertl *installed os
1294364355 M * saschagehlich how can i find out which bootloader is installed on a specific partition?
1294364397 M * Bertl by inspecting the boot block, e.g. with xxd
1294364430 M * ser it is an rhce exam :)
1294365295 M * hparker lol
1294365900 M * ser yes, this guide is amazing: http://www.kkoncepts.net/HA
1294365922 M * ser i will shortly post an entry to vserver FAQ
1294366864 M * Bertl check out http://linux-vserver.org/DRBD
1294366896 M * Bertl and of course: http://linux-vserver.org/Fail-over
1294366928 M * Bertl there are a bunch of other wiki pages like this one:
1294366930 M * Bertl http://linux-vserver.org/Getting_high_with_lenny
1294367781 M * ser Yes, but above guide is a perfext mix of all yours :)
1294367817 M * Bertl all I mean is, maybe combine all of them to one document, handling all the specialities
1294367818 M * ser and it can be upgraded to active-active pretty shortly 
1294367825 M * ser Ah, OK!
1294367844 M * Bertl just make sure that you do not lose information ...
1294367851 M * ser sure i see
1294367878 M * ser i'll try, firstly i need to test it before i will recon :)
1294367903 M * ser it will take a month to deploy my cluster
1294367914 M * ser because there is no hardware yet :)
1294367927 M * ser but i have a plan and it is the most important thing :)
1294368072 M * ser and i will add the crypto part as well
1294372251 M * ser yes, now i can see it is slightly outdated, but i will sort it out
1294372827 M * Bertl off to bed now ... have a good one everyone!
1294372834 N * Bertl Bertl_zZ
1294374057 J * saschagehlich_ ~sascha@p5793185E.dip.t-dialin.net
1294374414 Q * saschagehlich Ping timeout: 480 seconds
1294382982 Q * infowolfe Quit: Leaving
1294384173 J * ncopa ~ncopa@3.203.202.84.customer.cdi.no
1294385554 Q * derjohn_mob Ping timeout: 480 seconds
1294385869 Q * ncopa Quit: Leaving
1294386003 J * ncopa ~ncopa@3.203.202.84.customer.cdi.no
1294387049 Q * hparker Quit: Quit
1294387701 J * hparker ~hparker@2001:470:1f0f:32c:beae:c5ff:fe01:b647
1294387900 J * derjohn_mob ~aj@213.238.45.2
1294388424 J * bsingh ~balbir@122.248.161.59
1294389073 M * arekm daniel_hozac: vserver-stat doesn't show running guest here (while it shows other running); weird :)
1294389597 J * manana ~mayday090@84.17.25.149
1294392655 N * ensc Guest3605
1294392665 J * ensc ~irc-ensc@p5DF2E32F.dip.t-dialin.net
1294393062 Q * Guest3605 Ping timeout: 480 seconds
1294393122 J * petzsch ~markus@dslb-092-078-147-076.pools.arcor-ip.net
1294393997 Q * nkukard Remote host closed the connection
1294394106 Q * bsingh Ping timeout: 480 seconds
1294394543 J * infowolfe ~infowolfe@c-174-52-1-141.hsd1.ut.comcast.net
1294403864 Q * petzsch Quit: Leaving.
1294404017 N * Bertl_zZ Bertl
1294404021 M * Bertl morning folks!
1294404094 M * hparker Morning Bertl 
1294406744 M * Mr_Smoke mo'in
1294407538 Q * derjohn_mob Ping timeout: 480 seconds
1294409167 Q * saschagehlich_ Remote host closed the connection
1294410375 J * thierryp ~thierry@zankai.inria.fr
1294411025 J * barismetin ~barismeti@zanzibar.inria.fr
1294411490 J * derjohn_mob aj@tmo-094-175.customers.d1-online.com
1294411763 Q * hparker Quit: Quit
1294412067 J * hparker ~hparker@2001:470:1f0f:32c:beae:c5ff:fe01:b647
1294413336 Q * FireEgl Quit: Leaving...
1294413524 Q * thierryp Remote host closed the connection
1294414831 J * thierryp ~thierry@zankai.inria.fr
1294416096 Q * ncopa Quit: Leaving
1294416247 J * ghislain1 ~AQUEOS@adsl2.aqueos.com
1294416548 Q * ghislain Ping timeout: 480 seconds
1294417244 J * frank\ d5d3efb2@ircip3.mibbit.com
1294417357 M * frank\ hi all, hi Bertl... I've tested 2.6.36.1 + vs2.3.0.36.38.2 -> vlogin fork errors after some repeated 'vserver xyz enter' and thus I'd conclude that the patch might misbehave
1294417430 M * frank\ ... because 2.6.36.1 + vs2.3.0.36.38 (as stated last night here in IRC) will do fine
1294417513 M * frank\ couldn't yet test this with 2.6.37 - because it won't even boot :/ (really weird - it says that it gave up waiting for the root device for no apparent reason... but this has nothing to do with the patch at all ofcourse)
1294417558 M * Bertl hmm, maybe missing driver? (on 2.6.37)
1294417592 M * Bertl will check the changes between vs2.3.0.36.38 and vs2.3.0.36.38.2
1294417668 M * frank\ yeah - it claims that I should check for the driver/module and whatnot... but I'm puzzled why ... it's just a 'make oldconfig' of the previously fine working 2.6.36.2 .config
1294418125 M * Bertl look for obvious differences in the resulting .config
1294418142 M * Bertl often certain drivers get renamed or so
1294418161 M * frank\ just did - will try with CONFIG_EDD disabled by default
1294418167 M * frank\ ready to reboot
1294418169 M * frank\ =)
1294418191 Q * thierryp Remote host closed the connection
1294418229 M * frank\ but another weirdness - cciss.ko (version 3.6.26) is still the same version in 2.6.37... but much less alias to pci ids
1294418299 M * frank\ 2.6.36.1 know 32 alias for this one - while 2.6.37 only knows 20
1294419589 M * frank\ hm - lkml states that they've removed overlapping pci ids from cciss.ko vs hpsa.ko
1294419662 M * Bertl so maybe hpsa is what you want now?
1294419671 M * frank\ seems so
1294419829 M * frank\ but shouldn't it pick up the correct module by itself - with regard to the pci ids?
1294419847 M * frank\ since they claim that they removed overlapping pci ids from both modules
1294420464 M * Bertl yep, but initramfs does not probe or have all modules available, no?
1294420482 M * Bertl typically only those modules 'detected' at build time (of the initramfs) are packaged
1294420718 M * frank\ just rechecked in serverroom... it does correctly load hpsa but obviously hpsa idea of what my rootdevice should be seems to be different now
1294420759 M * frank\ with 2.6.36 it required some /dev/cciss/c0d0p7 or sth like this in grub
1294420773 M * frank\ this probably changed as well with hpsa now
1294420792 M * daniel_hozac maybe they _finally_ made it a real driver.
1294420829 A * ard would never compile the driver that accesses my / as a module
1294420851 M * ard and next to that: hardware raid is overrated :-)
1294420912 M * daniel_hozac definitely.
1294420975 Q * barismetin Remote host closed the connection
1294420978 A * ard actually wouldn't trust his data on a hardware raid device ;-)
1294421091 M * frank\ =)
1294421098 M * frank\ which is true
1294421160 M * frank\ I saw plenty of raid5 falling apart (1 disk went crash; auto hotspare add from raid bios killed everything else then)
1294421590 J * fLoo piA@188-194-83-206-dynip.superkabel.de
1294421596 M * fLoo hermine:/usr/src/linux-2.6.37# make-kpkg --initrd kernel_image --revision coresec.0
1294421597 M * fLoo lets go
1294421597 M * fLoo :D
1294421740 M * frank\ ok - just got it to boot with 2.6.37 + vs2.3.0.37-rc1
1294421758 M * frank\ stuff like /dev/cciss/c0d0p7 is now plain /dev/sda7
1294421800 M * frank\ in hpsa only ofcourse
1294421826 M * fLoo looks quite more cool :)
1294421897 M * frank\ Bertl: 2.6.37 + vs2.3.0.37-rc1 (+ 0.30.216-pre2926) gives me vlogin: fork(): Try again as well
1294421903 Q * hparker Quit: Quit
1294422095 J * hparker ~hparker@2001:470:1f0f:32c:beae:c5ff:fe01:b647
1294422297 M * frank\ I'm off for now - Bertl, let me know if there's sth I can test to make it work again (I'll read IRC logs)
1294422303 M * Bertl frank\: okay, could you try the following patch:
1294422307 M * frank\ oh
1294422360 M * Bertl http://vserver.13thfloor.at/ExperimentalT/delta-cred-feat04.diff
1294422379 J * petzsch ~markus@p4FF42FE3.dip.t-dialin.net
1294422382 M * frank\ to be applied after the rc1?
1294422391 M * daniel_hozac yes
1294422392 M * Bertl either apply it to a 'working' .38 and check if it makes it fail, or revert (-R) it from the rc1 
1294422431 M * Bertl daniel_hozac: looks like the cred stuff causes the fork() issue, any ideas how/why?
1294422451 M * frank\ ok - will do so (in background)... I'll report back here in about an hour or so
1294422459 M * Bertl excellent! thanks!
1294422464 M * frank\ see you later!
1294422477 Q * frank\ Quit: http://www.mibbit.com ajax IRC Client
1294422485 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg
1294423048 M * daniel_hozac Bertl: should we use copy_creds to setup the context's cred?
1294423140 M * Bertl probably, the question is, what causes the 'sudden' resource shortage with the way we do it now
1294423270 M * daniel_hozac if i'm reading the code correctly, we're basically treating all processes in the context as threads.
1294423287 M * daniel_hozac as far as the creds are concerned.
1294423312 M * daniel_hozac i guess we also have to be missing a decrement of the refcount somewhere... or an extraneous increase.
1294423466 M * Bertl so I guess we remove the cred stuff for now, and see if we can fix it up with prepare_creds, switch and copy_creds or so?
1294423491 M * daniel_hozac yeah, maybe.
1294423518 J * ktwilight ~keliew@91.176.35.152
1294423535 M * Bertl okay, let's see what frank's tests give ... but IMHO it has to be the cred patch
1294423552 M * daniel_hozac yeah, seems most likely...
1294423820 J * ktwilight_ ~keliew@91.176.136.225
1294423820 Q * ktwilight Read error: Connection reset by peer
1294424080 J * ktwilight ~keliew@91.176.16.63
1294424136 J * alpha_one_x86 ~kvirc@95.17.31.41
1294424189 M * alpha_one_x86 Hello, I have put in rlimits 1000000 for as and 1200000 in rss, what it's mean? I'm on x86_64
1294424243 J * ktwilight__ ~keliew@91.176.203.40
1294424314 Q * ktwilight_ Ping timeout: 480 seconds
1294424445 J * ktwilight_ ~keliew@91.176.18.124
1294424582 Q * ktwilight Ping timeout: 480 seconds
1294424582 Q * ktwilight_ Read error: Connection reset by peer
1294424732 Q * ktwilight__ Ping timeout: 480 seconds
1294425317 J * ktwilight ~keliew@91.176.30.51
1294425383 J * barismetin ~barismeti@jua06-1-82-242-159-114.fbx.proxad.net
1294425385 Q * barismetin Remote host closed the connection
1294425425 J * ktwilight_ ~keliew@91.176.69.186
1294425734 Q * derjohn_mob Ping timeout: 480 seconds
1294425786 J * ktwilight__ ~keliew@91.176.27.62
1294425814 Q * ktwilight Ping timeout: 480 seconds
1294426117 Q * ktwilight_ Ping timeout: 480 seconds
1294426274 Q * ktwilight__ Ping timeout: 480 seconds
1294426406 M * fLoo wow
1294426409 M * fLoo kernel still compiling
1294426420 M * fLoo and i was shopping in the meantime and thought .. hey .. i come home and its done
1294426422 M * fLoo -.-
1294426436 M * Bertl well, depends on your .config
1294426447 M * fLoo its completely stripped
1294426452 M * fLoo but the host is a celeron 2.4 ghz
1294426454 M * fLoo with 1.5 gb ram
1294426456 M * fLoo quite slow box
1294426469 M * fLoo should have compiled it on my workstation instead
1294426473 M * Bertl alpha_one_x86: depends on your kernel and config
1294426494 M * fLoo btw Bertl .. i've seen a new config in .37
1294426496 M * fLoo 1 sec
1294426520 M * alpha_one_x86 Then is better to use cgroup?
1294426531 J * ktwilight ~keliew@91.176.214.187
1294426538 M * Bertl again, depends on the kernel and config
1294426720 M * arekm any idea why vserver-stat could not see running guest?
1294426739 M * fLoo yep
1294426741 M * fLoo outdated
1294426749 M * fLoo vserver-info ?
1294426786 Q * ktwilight Read error: Connection reset by peer
1294426817 M * alpha_one_x86 2.6.32, and config what can help?
1294426830 M * arekm 0.30.216-1.pre2921 seems preety decent to me. http://pld.pastebin.com/4hRd21B5
1294426851 M * Bertl alpha_one_x86: memory/swap cgroups enabled?
1294426895 M * alpha_one_x86 yes
1294426930 M * Bertl then you definitely want to use that for limiting memory
1294427238 J * ktwilight ~keliew@91.176.186.144
1294427348 J * ktwilight_ ~keliew@91.176.194.199
1294427447 J * id_124 ~id_@HSI-KBW-095-208-086-087.hsi5.kabel-badenwuerttemberg.de
1294427459 M * id_124 Hello #vserver
1294427467 M * id_124 hi Bertl
1294427506 M * Bertl welcome id_124!
1294427585 J * ktwilight__ ~keliew@91.176.178.209
1294427591 M * id_124 i have a question about networking - is it performance wise different to use 0.0.0.0 bindings for services instead of the configured CTX IP?
1294427624 M * Bertl very much depends on the number of IPs and the guest configuration
1294427642 M * Bertl with single_ip special casing, you will end up with the same bindings
1294427659 M * Bertl (thus equal performance, but less flexibility)
1294427664 M * id_124 i use the single_ip special case
1294427739 Q * ktwilight Ping timeout: 480 seconds
1294427795 M * id_124 can i mix single_ip guests and multi_ip guests on one host?
1294427802 J * ktwilight ~keliew@91.176.9.184
1294427804 M * id_124 or there there a degradion
1294427824 M * id_124 using 0.0.0.0 in the single
1294427827 M * Bertl no problem, the single_ip guests will get the slighly 'faster' bindings
1294427834 M * id_124 and direct IP bindings on the multi
1294427854 M * id_124 perfect thank you
1294427858 M * Bertl you're welcome!
1294427919 Q * ktwilight_ Ping timeout: 480 seconds
1294427958 J * ktwilight_ ~keliew@91.176.78.19
1294428129 Q * ktwilight__ Ping timeout: 480 seconds
1294428150 J * frank\ 4fd5fad3@ircip3.mibbit.com
1294428156 M * frank\ re
1294428195 M * Bertl wb
1294428225 M * frank\ ok.. tested 2.6.36.1 + vs2.3.0.36.38 + delta-cred-feat04.diff == vlogin: fork(): Try again
1294428259 M * Bertl okay, thanks a bunch for testing!
1294428276 M * fLoo yiiiihhaaaaa
1294428284 Q * ktwilight Ping timeout: 480 seconds
1294428289 M * fLoo Linux hermine 2.6.37-vs2.3.0.37-rc1 #1 SMP Fri Jan 7 19:06:20 CET 2011 i686 GNU/Linux
1294428289 M * fLoo <3
1294428295 M * Bertl frank\: I'll upload an rc2 for 2.6.37 soon which will remove the cred stuff until we can resolve this
1294428296 M * frank\ reading from the logs I suspect you've already come up with some ideas
1294428309 M * frank\ okis
1294428406 M * frank\ I'll pick this up then once uploaded and retest =)
1294428640 Q * ktwilight_ Ping timeout: 480 seconds
1294428769 Q * matti Quit: 8-X
1294429779 Q * petzsch Quit: Leaving.
1294430427 Q * frank\ Quit: http://www.mibbit.com ajax IRC Client
1294431589 Q * id_124 Quit: http://irc2go.com/
1294431757 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1294432233 A * fLoo is waiting for debian squeeze
1294432233 M * fLoo :D
1294432238 M * fLoo or centos 6
1294432694 M * alpha_one_x86 mount -t cgroup vserver /dev/cgroup -o memory -> mount: vserver already mounted or /dev/cgroup busy
1294432716 M * fLoo well
1294432722 M * fLoo maybe its already mounted by fstab ?
1294432739 M * alpha_one_x86 no, I have not put in fstab
1294432786 M * fLoo mmh
1294432792 M * fLoo check /dev/cgroup
1294432825 M * alpha_one_x86 I have mount, after unmount, and after try remount
1294432843 M * fLoo stop all vservers
1294432845 M * fLoo and try again
1294432859 M * alpha_one_x86 I can't
1294432866 M * fLoo y ?
1294432874 M * alpha_one_x86 more than 30
1294432877 M * fLoo well
1294432893 M * fLoo Bertl: the vservers use the memory cgroup while they are running, arent they ?
1294432915 M * alpha_one_x86 no, 0 vserver use cgroup
1294432933 M * fLoo you're not using cgroups then ?
1294432943 M * alpha_one_x86 yes
1294432970 M * alpha_one_x86 cgroup is not using, it's my first use to try limit memory
1294433260 M * alpha_one_x86 I have had at vserver startup: /usr/lib64/util-vserver/vserver.functions: line 1525: /dev/cgroup/vm13/tasks: No such file or directory$
1294433656 M * Bertl util-vserver version?
1294433676 M * alpha_one_x86 0.30.216_pre2910
1294434004 M * Bertl you might want to update that, util-vserver will mount the cgroup dir on startup (from the runlevel scripts)
1294434138 J * cuba33ci_ ~cuba33ci@111-240-168-252.dynamic.hinet.net
1294434493 Q * cuba33ci Ping timeout: 480 seconds
1294434499 N * cuba33ci_ cuba33ci
1294435241 M * ryker hi all.  I'm wondering how to allow the reboot of a guest from within a guest.  In reading the website, it looks like you just need to use 'reboot -f' inside the guest.  For me, this seems to halt the guest.
1294435297 M * ryker vserver-stat shows the guest as not running afte a reboot -f.  starting the guest again from the host as normal works just fine.
1294435478 M * ryker Bertl: any ideas?  ^^
1294435509 M * ryker centos 5.5, 2.6.36 kernel
1294435574 M * Bertl util-vserver version?
1294435632 M * ryker 0.30.216-pre2918
1294435662 M * Bertl daniel_hozac: any known issues with that version regarding helper/restart/reboot?
1294435673 M * daniel_hozac not that i'm aware of.
1294435694 M * Bertl me neither ...
1294435743 M * ryker could it be a service hanging maybe?  i tried killing almost all services and doing a reboot -f.  same results
1294435767 M * ryker i don't need to give the guest any special permissions, do i?
1294435815 M * daniel_hozac no
1294435896 M * ryker daniel_hozac: anything I can do to get some more debug information to track the problem down?
1294435979 M * daniel_hozac set /etc/vservers/.defaults/apps/vshelper/logfile
1294435996 M * daniel_hozac or rather, just touch it.
1294436161 M * ryker ok.   just did that.  will that create a log file in each guest then? 
1294436182 M * daniel_hozac no
1294436186 M * daniel_hozac that will be the logfile
1294436195 M * ryker i restarted a guest (from the host) that I'm using for testing
1294436210 M * ryker i guess do a 'reboot -f' in the guest and watch that log file then?
1294436243 M * daniel_hozac yes
1294436247 M * ryker Fri Jan  7 15:37:12 CST 2011: vshelper restart 1251
1294436247 M * ryker Restarting vserver '/etc/vservers/johntest01'
1294436247 M * ryker /usr/lib64/util-vserver/vserver.functions: line 1525: echo: write error: Invalid argument
1294436280 M * ryker looks likea cgroup issue?
1294436283 M * daniel_hozac yep.
1294436371 M * ryker i've been using cgroups successfully.  Is there something I need to compile in that I forgot?
1294436491 M * ryker i started the guest again and I see like 10 pid's in /dev/cgroup/johntest01/tasks
1294436504 M * ryker I think that's the path it's looking for
1294436789 M * ryker mount | grep cgroup
1294436790 M * ryker vserver on /dev/cgroup type cgroup (rw,cpuset,cpu,cpuacct,memory,devices,freezer)
1294436836 M * ryker so i guess the issue is that it's looking for /dev/cgroup/vm13 instead of /dev/cgroup/johntest01
1294436843 Q * hijacker_ Quit: Leaving
1294437121 M * ryker oh, nvm, i mixed that up with something alpha_one_x86 posted.
1294437623 M * ryker Bertl: any ideas about the error above?
1294437742 M * Bertl what's in line 1525?
1294438037 M * ryker Bertl: echo "$$" > "$CGROUP_MNT/$name/tasks"
1294438054 M * ryker that should come out to /dev/cgroup/johntest01/tasks
1294438059 M * ryker which does exist
1294438068 M * ryker and tasks has pids in it
1294438083 M * ryker I don't understand what the $$ is
1294438092 M * ryker isn't that the pid of the current process?
1294438095 M * Bertl that's correct, but for some reason, $$ seems to be an invalid argument
1294438605 M * daniel_hozac most likely because the cgroup is incorrectly setup.
1294438753 M * ryker daniel_hozac: do you mean /dev/cgroup is mounted incorrectly, or I have something incorrect under my guest cgroup folder?
1294438781 M * ryker BTW, this particular guest doesn't actually use any limits, so /etc/vservers/johntest01/cgroup is actualy empty
1294439382 M * ryker I created a screen session on the host as root, detached, the pid is 15095, I ran echo "15095" > /dev/cgroup/johntest01/tasks, and it worked fine
1294441262 M * ryker Bertl and daniel_hozac : I added a debug line to that function at line 1525, and it does seem to be getting a valid pid with the $$
1294441283 M * ryker echo "15343" > "/dev/cgroup/johntest01/tasks" is an example of what is being called there.
1294441307 M * Bertl for some reason, the kernel refuses that pid
1294441482 M * ryker Bertl: should that be the pid of a constantly running process?
1294441534 M * ryker That pid doesn't exist before or after I call reboot -f.  is that the pid of the 'reboot -f' process?
1294441634 J * lvpvpl ~blagoj@89.205.105.228
1294441640 M * lvpvpl Hello all!
1294441650 M * lvpvpl I'm trying to install openvpn on a guest VPS.
1294441660 M * lvpvpl Following this instruciton.
1294441662 M * lvpvpl http://linux-vserver.org/Frequently_Asked_Questions#Can_I_run_an_OpenVPN_Server_in_a_guest.3F
1294441671 M * lvpvpl I'm able to connect to the VPS now, but I do not have internet.
1294441688 M * lvpvpl After some researhf I found out that I need to put something in iptables.
1294441698 M * lvpvpl Can someone help me and tell me what I need to do?
1294441738 M * Bertl depends on your network setup, but most likely it boils down to S/DNAT
1294441960 M * lvpvpl I have NAT in the iptables.
1294441970 M * lvpvpl As far as I get is to put these two rules in iptables.
1294441973 M * lvpvpl -A POSTROUTING -s 192.168.16.0/255.255.255.0 -o eth0 -j MASQUERADE
1294441973 M * lvpvpl -A POSTROUTING -s 192.168.16.0/24 -o eth0 -j SNAT --to-source 64.164.32.33
1294441977 M * lvpvpl but still no work.
1294441980 M * lvpvpl Any help?
1294442017 M * Bertl first, don't use MASQ and SNAT together
1294442045 M * lvpvpl How, I do not have any big experience. Can you please tell me how the rules needs to look like?
1294442064 M * lvpvpl Aha, ok.
1294442106 M * lvpvpl Can you please tell me which rule I need to enter/use?
1294442184 M * Mr_Smoke Bertl: quick question: in the kernel series where there was no 127.0.0.1 in the guests, how does one bind a socket to something local ? Should I create a dummy* with 127.0.0.1 on it ?
1294442263 M * ryker Mr_Smoke: that's what I used to do is create a dummy loopback interface
1294442280 M * Mr_Smoke I can't think of anything else
1294442288 M * Mr_Smoke I use public IPs on my guests' eth0
1294442293 M * Mr_Smoke And I don't have anything else
1294442298 M * Mr_Smoke Maybe a kernel upgrade is in order :)
1294442326 M * ryker adding a second interface to the guest with 127.0.0.1 should work.
1294442339 M * ryker under /etc/vservers/guest/interfaces
1294442352 M * Mr_Smoke yeah, I'll give it a shot
1294442391 M * ryker Mr_Smoke: for example: http://www.mail-archive.com/vserver@list.linux-vserver.org/msg06716.html
1294442423 M * Mr_Smoke ryker: what version is it that you do that with ?
1294442426 M * ryker it doesn't have to be 127.0.0.1. give it a unique ip if you want and just bind to that
1294442471 M * ryker i haven't had to do that in a long time.  I had a period of no vserver usage. for me that was about 4 years ago.  i don't recall what vserver version
1294442550 M * Mr_Smoke ok then
1294442606 M * ryker Mr_Smoke: i would definitely upgrade if you can
1294442620 M * ryker i know it's hard to sometimes with production servers.
1294442672 M * ryker Bertl: I figured out that this is the command that is being run with the PID that is passed to the tasks cgroup list.
1294442676 M * ryker /bin/bash /usr/sbin/vserver ----nonamespace --defaulttty /etc/vservers/johntest01 start
1294442680 M * ryker does that look correct?
1294442804 M * Mr_Smoke Yeah I'll find some time to upgrade some day
1294442805 M * ryker I never realized all of the util-vserver stuff, a lot of it at least, is bash scripts.  Interesting poking through there looking at how things are done.
1294442816 M * Mr_Smoke I don't like to kick hundreds of IRC users offline but heh
1294442822 M * Mr_Smoke you gotta do what you gotta do
1294442828 M * Mr_Smoke I'll move the VM to another host
1294442879 M * ryker adding the loopback isn't working for you?
1294442966 M * Bertl lvpvpl: assuming that your vpn IP is 192.168.16.x and the outgoing interface is eth0, something like you second line should be fine
1294443106 M * Mr_Smoke ryker: i'll try when I really need to :)
1294443201 M * lvpvpl Ok, but again when I do that and after that rstart iptables and enter the VPS and try to pig with "ping -I tun16 yahoo.com" I did not get anything.
1294443229 M * lvpvpl I als changed in /etc/sysctl.conf
1294443233 M * lvpvpl net.ipv4.ip_forward = 0
1294443235 M * lvpvpl to net.ipv4.ip_forward = 1
1294443242 M * lvpvpl Do I need to restart something?
1294443261 M * Bertl nope
1294443282 M * Bertl use tcpdump -vvnei eth0 icmp on the host to check
1294443314 M * lvpvpl But when I do this form inside the VPS "ping -I tun16 yahoo.com" I need to get some resules, ofcourse, if it is working.
1294443322 M * lvpvpl Right?
1294443349 M * Bertl depends, first, ping is special, something like telnet would be better, second, this might fail for so many reasons :)
1294443385 M * Bertl as I said, first, check with tcpdump and/or add iptables log rules to verify the packets
1294443421 M * lvpvpl I do not understand anything from this tcpdump :) just a lot of numbers.
1294443599 M * Bertl well, try a ping and upload the tcpdump output, I'll have a look
1294444023 M * lvpvpl How many lines will you need, this never ends.
1294444052 M * Bertl the line(s) from a single ping should suffice
1294444121 M * lvpvpl Ok, when I run this command that you told me:
1294444121 M * lvpvpl tcpdump -vvnei eth0
1294444133 M * lvpvpl I got nothing but a lot of numbers which I do not understand.
1294444160 M * lvpvpl How can I pul out only those from the  ping or....???
1294444223 M * Bertl I told you to use 'tcpdump -vvnei eth0 icmp'
1294444233 M * Bertl which will limit the dump to icmp messages
1294444246 M * Bertl then doing a ping -c 1 should send a single ping
1294444541 M * lvpvpl I don't understand. So first, I do this commnad: 'tcpdump -vvnei eth0' icmp on the host, and after that, once the numbers start showing up when I need to do 'ping -c 1'?
1294444582 M * Bertl 'tcpdump -vvnei eth0 icmp'
1294444596 M * Bertl (without the apostropes)
1294444674 M * lvpvpl Ok, I know that, and when I enter that command the lot of numbers start showing up all the time constantly.