1348191613 Q * quasisane Read error: No route to host
1348191727 J * quasisane ~sanep@c-24-218-184-186.hsd1.nh.comcast.net
1348192243 J * thierryp ~thierry@zouk.inria.fr
1348192727 Q * thierryp Ping timeout: 480 seconds
1348196216 Q * clopez Ping timeout: 480 seconds
1348199478 J * thierryp ~thierry@zouk.inria.fr
1348199962 Q * thierryp Ping timeout: 480 seconds
1348202533 J * ghislain ~AQUEOS@adsl2.aqueos.com
1348206704 J * thierryp ~thierry@zouk.inria.fr
1348207187 Q * thierryp Ping timeout: 480 seconds
1348207294 Q * ensc|w Remote host closed the connection
1348207303 J * ensc|w ~ensc@www.sigma-chemnitz.de
1348208552 J * fisted_ ~fisted@xdsl-87-78-81-132.netcologne.de
1348208952 Q * fisted Ping timeout: 480 seconds
1348210487 M * Bertl_oO off to bed now ... have a good one everyone!
1348210494 N * Bertl_oO Bertl_zZ
1348211253 Q * imcsk8 Ping timeout: 480 seconds
1348213939 J * thierryp ~thierry@zouk.inria.fr
1348214422 Q * thierryp Ping timeout: 480 seconds
1348217491 P * kir PING 1348217491
1348220846 J * imcsk8 ~ichavero@148.229.1.11
1348221166 J * thierryp ~thierry@zouk.inria.fr
1348221520 Q * FireEgl Read error: Connection reset by peer
1348221648 Q * thierryp Ping timeout: 480 seconds
1348223205 J * clopez ~clopez@fanzine.igalia.com
1348227903 Q * jeroen__ Quit: Ex-Chat
1348228359 J * jeroen__ ~jeroen@mail.nl02.searchtrends.eu
1348228400 J * thierryp ~thierry@zouk.inria.fr
1348228882 Q * thierryp Ping timeout: 480 seconds
1348232943 J * kir ~kir@swsoft-msk-nat.sw.ru
1348232944 J * kir1 ~kir@swsoft-msk-nat.sw.ru
1348235283 P * kir1 PING 1348235283
1348235628 J * thierryp ~thierry@zouk.inria.fr
1348235914 J * guerby_ ~guerby@nc10d-ipv6.tetaneutral.net
1348235990 Q * guerby Read error: No route to host
1348236110 Q * thierryp Ping timeout: 480 seconds
1348236772 Q * fisted_ Quit: leaving
1348236799 Q * Aiken Remote host closed the connection
1348236963 P * kir PING 1348236963
1348240304 N * Bertl_zZ Bertl
1348240308 M * Bertl morning folks!
1348241212 M * swenTjuln hi Bertl!
1348241220 M * swenTjuln I've a question
1348241233 M * swenTjuln with MMAP files
1348241239 M * swenTjuln inside containers/guests
1348241318 M * swenTjuln it happens to me that MMAP ed files get evicted from RAM
1348241332 M * swenTjuln and it only happens in VServer container
1348241373 M * swenTjuln i tryed with virt_mem cflag turned on and off.
1348241389 M * Bertl that doesn't influence memory management
1348241411 M * Bertl what is the exact problem/effect you are observing?
1348241437 M * swenTjuln yeah...but if it came to a situation that Container is seeing more free RAM than there actually is?
1348241455 M * swenTjuln problem is that proceses start reading from disk
1348241463 M * swenTjuln stuff that should be in RAM
1348241481 M * Bertl so does it read or mmap?
1348241678 M * swenTjuln yeah
1348241687 M * swenTjuln but after a while it gets evicted
1348241695 M * swenTjuln usually after a day or two
1348241730 M * swenTjuln and it never happened to me before on non-container config 
1348241911 M * Bertl what do you mean by 'evicted'?
1348241963 M * Bertl i.e. is the process still running and has the file mapped?
1348241982 M * Bertl and the pages get thrown out of memory because of memory pressure?
1348241994 M * Bertl or are we talking cache/buffer here?
1348242863 J * thierryp ~thierry@zouk.inria.fr
1348243200 M * swenTjuln Bertl: i didn't notice any memory pressure
1348243239 M * swenTjuln process is still running but instead of using data from RAM its red from disk
1348243345 Q * thierryp Ping timeout: 480 seconds
1348243387 M * Bertl so we are talking cache/buffers here not an actual mapping?
1348244879 Q * Defaultti Ping timeout: 480 seconds
1348245346 J * Defaultti defaultti@kapsi.fi
1348245976 J * FireEgl ~FireEgl@173-25-83-57.client.mchsi.com
1348248293 J * fisted ~fisted@xdsl-87-78-81-132.netcologne.de
1348248880 Q * ghislain Quit: Leaving.
1348250089 J * thierryp ~thierry@zouk.inria.fr
1348250217 Q * Defaultti Quit: Quitting.
1348250263 J * Defaultti defaultti@kapsi.fi
1348250572 Q * thierryp Ping timeout: 480 seconds
1348250790 J * nkukard ~nkukard@41.177.82.178
1348251087 M * swenTjuln sorry...afk
1348251108 M * swenTjuln its mapping
1348251138 M * Bertl any memory limits on the guest's cgroup? any global resource limits?
1348251160 M * swenTjuln there are cgroups in place with memory constraints
1348251180 M * Bertl so maybe just the memory limit is reached?
1348251202 M * swenTjuln it shouldnt
1348251209 M * Bertl in which case it is perfectly fine to evict those pages
1348251221 M * swenTjuln unless file cache from other containers can evict it from RAM
1348251247 M * daniel_hozac sure
1348251249 M * swenTjuln memory usage in container is constant
1348251251 M * daniel_hozac it's an LRU.
1348251281 M * swenTjuln i was under impression filecache wont evict MMAPed files
1348251299 M * swenTjuln because it's not free
1348251365 M * swenTjuln from what you are telling me this is not VServer related issue, but more general way of how things work, right?
1348251372 M * Bertl yes
1348251392 M * Bertl read only mapped pages can be evicted anytime without cost
1348251416 M * swenTjuln is there a way do disallow that?
1348251438 M * swenTjuln do=to
1348251611 M * Bertl you can pin a certain number of pages in memory
1348251633 M * Bertl (and thus protect them from being ever evicted)
1348251674 M * swenTjuln can I do this for whole container?
1348251701 M * Bertl you mean, pin all pages ever loaded into memory?
1348251707 M * Bertl no, I don't think so
1348251729 M * swenTjuln yeah...that wouldnt make sense right
1348252125 M * Bertl but IIRC, you can tune the kernel behaviour somewhat
1348252135 M * Bertl i.e. decide where the preferences are
1348252930 J * fisted_ ~fisted@xdsl-87-78-11-30.netcologne.de
1348253332 Q * fisted Ping timeout: 480 seconds
1348254376 J * hijacker ~hijacker@cable-84-43-134-121.mnet.bg
1348255987 M * Bertl daniel_hozac: I'm currently investigating a strange effect/bug which seems to be present in all recent kernels/patches 
1348256004 M * Bertl the failure scenario is like this:
1348256066 M * Bertl an apache process on the host runs a php script (simple control panel) which executes a guest restart via some helper script, running via a suid wrapper
1348256114 M * Bertl then, the apache process is shut down (looks like that happens correctly) but interestingly, all the apache ports stay alive
1348256126 M * Bertl i.e. they are in LISTEN state without any process
1348256142 M * daniel_hozac the fd didn't get inherited?
1348256190 M * Bertl no idea ATM what exactly happens, I'm in the process of narrowing down the issue to a simple test case
1348256200 M * daniel_hozac i'd make sure the helper script closes all fds.
1348256219 M * Bertl the helper or the suid wrapper?
1348256252 M * Bertl and you think that the ports are kind of migrated into the guest, yes?
1348256281 M * Bertl in that case, they should get released when I shut down the guest, no?
1348256298 M * daniel_hozac yeah
1348256308 M * daniel_hozac is that not the case?
1348256328 M * Bertl I'll test in a minute
1348256351 M * Bertl was trying to test with 2.6.22 first, but I have some problems with the guest config/startup there it seems
1348256397 M * Bertl but as you argument is sound, I'll test that first on a recent kernel
1348256743 M * Bertl yep, that works, thanks for the quick help!
1348256770 M * Bertl didn't think about the filedescriptors 
1348256780 M * daniel_hozac great!
1348256916 M * Bertl any plans on adding a feature/config/option to avoid this scenario at the util-vserver level?
1348256949 M * Bertl i.e. avoid any filedescriptors being passed into a start/stop/restart
1348256967 M * Bertl (which might actually be a huge security issue :)
1348256996 M * daniel_hozac well, i can see cases where you actually want to inherit the file descriptors.
1348257007 M * Bertl that's why I said option/feature
1348257037 M * Bertl I was thinking about something like -passfd or -nopassfd 
1348257050 M * daniel_hozac yeah
1348257052 M * Bertl (or whatever you want to call it of course :)
1348257073 M * swenTjuln Bertl:, daniel_hozac : BIG thank you guys for your help!
1348257099 M * daniel_hozac i think it probably should default to on.
1348257112 M * Bertl swenTjuln: you're welcome!
1348257118 M * daniel_hozac i doubt much of anyone expects it to work that way.
1348257124 M * Guy- Bertl: so COW link breaking is expected to work correctly on xfs now?
1348257136 M * Bertl daniel_hozac: on as in removing all descriptors?
1348257140 M * daniel_hozac yeah
1348257145 M * Bertl yes, I agree there
1348257167 M * Bertl Guy-: it wasn't tested for quite some time now, but I'd expect it to work
1348257180 M * daniel_hozac testfs tests it, so if testfs passes...
1348257184 M * Guy- Bertl: OK, thanks, I'll try it if I can find the time
1348257186 M * Bertl if you plan to test it, please let me know how that goes
1348257244 M * Guy- I shall
1348257268 M * Guy- this testfs you refer to, it's part of the util-vserver tree?
1348257273 M * daniel_hozac no
1348257288 M * daniel_hozac http://vserver.13thfloor.at/Stuff/SCRIPT/
1348257293 M * Guy- ah
1348257317 M * Bertl be carefull though, it doesn't ask twice before it wipes out your partitions
1348257323 J * thierryp ~thierry@zouk.inria.fr
1348257325 M * Guy- I remember
1348257331 M * Bertl (actually it doesn't even ask once :)
1348257334 M * Guy- but thanks for the warning
1348257376 M * Bertl np
1348257643 M * Guy- all four tests succeed, but I recall there were mroe
1348257644 M * Guy- more
1348257661 M * Bertl try -xyz
1348257713 M * Bertl not all test will succeed though
1348257793 M * Guy- 34, 35, 37, 203, 205, 206, 207, 208, 213, 222, 223, 231, 232, 233 fail
1348257807 Q * thierryp Ping timeout: 480 seconds
1348257820 M * Guy- and bash complains a lot about -1 being an invalid value for "return" :)
1348257864 M * Bertl 34, 35, and 37 are tag related, so not relevant
1348257889 M * Bertl 2xx are disk limits
1348257926 M * Bertl i.e. those need more investigation and preferably a -vvv run
1348257957 M * Guy- disk limits as in quota?
1348257966 M * Bertl the actual cow link breaking happens in 125 or so
1348258000 M * Bertl so it seems it worked at least, but the test doesn't verify that the result is correct IIRC
1348258015 M * Guy- I'm doing that manually now
1348258021 M * Bertl i.e. it doesn't verify that the resulting (copied) file is intact
1348258110 M * Guy- setattr --iunlink is sufficient, right? I don't need to set immutable separately?
1348258193 M * Guy- yes, seems to work, and the file is intact
1348258203 M * Bertl excellent!
1348258210 M * Guy- indeed!
1348258241 M * Bertl see, we are not just hanging around on IRC chatting all day, we actually do some coding as well :)
1348258296 M * Guy- so it wasn't just a random reconfiguration of bits in the patch? :)
1348258322 M * Bertl you'll never know ...
1348258538 M * Guy- this revelation comes at a good time, because I'm just setting up another box with vserver - and can use xfs instead of ext4! yay!
1348258598 M * Guy- using zfs would be even better, but that'll have to wait
1348258649 M * Bertl are you using zfs via fuse?
1348258661 M * Guy- no, zfsonlinux
1348258682 M * Guy- (I started with the fuse version but it was unstable)
1348258694 M * Bertl okay
1348258737 M * Guy- (zfs-fuse is also not being actively worked on anymore; the principal developers have both largely moved to zfsonlinux themselves)
1348258761 M * Bertl does make sense IMHO
1348258774 M * Guy- moving to zfsonlinux? I agree
1348258797 M * Bertl yeah, fuse is good for prototyping and proof of concept
1348258818 M * Bertl but it shouldn't really become a permanent solution
1348258819 M * Guy- fwiw, the appeal of using zfs for vserver is even bigger space savings due to compression and blockwise deduplication
1348258847 M * Bertl shouldn't be too hard to add the CoW link breaking to zfs I guess
1348258857 M * Guy- (also, snapshotting is basically free, unlike with LVM)
1348258914 M * Guy- Brian Behlendorf (zfsonlinux head developer) doesn't object but it's very low priority for him, he won't even look at it before "everything else" is done
1348258956 J * bonbons ~bonbons@2001:960:7ab:0:89e8:e445:fd09:7995
1348259179 M * Bertl yeah, well, guess it shouldn't be too hard to add it yourself, or find a developer/coder adding it for you
1348259262 M * Guy- I don't think I can do it myself, but I'll try to shanghai a colleague
1348260091 Q * clopez Read error: Operation timed out
1348261374 Q * sannes Remote host closed the connection
1348262386 Q * hijacker Quit: Leaving
1348262654 J * deathtje_ ~deathtje@216.67.225.106
1348262704 Q * deathtje Read error: Operation timed out
1348262812 J * clopez ~clopez@17.28.165.83.dynamic.mundo-r.com
1348264317 Q * bonbons Quit: Leaving
1348264550 J * thierryp ~thierry@zouk.inria.fr
1348265032 Q * thierryp Ping timeout: 480 seconds
1348270502 Q * clopez Ping timeout: 480 seconds
1348271786 J * thierryp ~thierry@zouk.inria.fr