[00:34] Simon (~sgarner@210.54.177.190) joined #vserver. [00:49] sladen (paul@80.1.73.116) left irc: Ping timeout: 493 seconds [00:49] sladen (paul@starsky.19inch.net) joined #vserver. [01:36] kestrel__ (~athomas@dialup51.optus.net.au) joined #vserver. [01:37] kestrel_ (~athomas@192.65.90.115) left irc: Quit: ircII EPIC4-1.0.1 -- Are we there yet? [01:38] bye [01:38] Nick change: kestrel__ -> kestrel_ [02:29] kestrel_ (~athomas@dialup51.optus.net.au) got netsplit. [02:29] sladen (paul@starsky.19inch.net) got netsplit. [02:29] sannes (ace@sannes.org) got netsplit. [02:29] say (~say@212.86.243.154) got netsplit. [02:29] maja|ipv6 (maharaja@ipax.tk) got netsplit. [02:29] ensc (~ircensc@ultra.csn.tu-chemnitz.de) got netsplit. [02:29] virtuoso (~shisha@ip114-115.adsl.wplus.ru) got netsplit. [02:29] linas (~linas@67.100.217.179) got netsplit. [02:29] mcp (~hightower@81.17.110.148) got netsplit. [02:29] unriel (~riel@66.187.230.200) got netsplit. [02:29] kestrel (~athomas@o2rosock0a.optus.net.au) got netsplit. [02:29] MrBawb (abob@63.100.31.204) got netsplit. [02:29] kestrel_ (~athomas@dialup51.optus.net.au) returned to #vserver. [02:29] sladen (paul@starsky.19inch.net) returned to #vserver. [02:29] sannes (ace@sannes.org) returned to #vserver. [02:29] say (~say@212.86.243.154) returned to #vserver. [02:29] linas (~linas@67.100.217.179) returned to #vserver. [02:29] mcp (~hightower@81.17.110.148) returned to #vserver. [02:29] unriel (~riel@66.187.230.200) returned to #vserver. [02:29] maja|ipv6 (maharaja@ipax.tk) returned to #vserver. [02:29] ensc (~ircensc@ultra.csn.tu-chemnitz.de) returned to #vserver. [02:29] virtuoso (~shisha@ip114-115.adsl.wplus.ru) returned to #vserver. [02:29] MrBawb (abob@63.100.31.204) returned to #vserver. [02:29] kestrel (~athomas@o2rosock0a.optus.net.au) returned to #vserver. [02:30] virtuoso (~shisha@ip114-115.adsl.wplus.ru) got netsplit. [02:30] ensc (~ircensc@ultra.csn.tu-chemnitz.de) got netsplit. [02:30] maja|ipv6 (maharaja@ipax.tk) got netsplit. [02:30] say (~say@212.86.243.154) got netsplit. [02:30] sannes (ace@sannes.org) got netsplit. [02:30] sladen (paul@starsky.19inch.net) got netsplit. [02:30] kestrel_ (~athomas@dialup51.optus.net.au) got netsplit. [02:30] kestrel_ (~athomas@dialup51.optus.net.au) returned to #vserver. [02:30] sladen (paul@starsky.19inch.net) returned to #vserver. [02:30] sannes (ace@sannes.org) returned to #vserver. [02:30] say (~say@212.86.243.154) returned to #vserver. [02:30] virtuoso (~shisha@ip114-115.adsl.wplus.ru) returned to #vserver. [02:30] ensc (~ircensc@ultra.csn.tu-chemnitz.de) returned to #vserver. [02:30] maja|ipv6 (maharaja@ipax.tk) returned to #vserver. [02:39] Bertl (~herbert@MAIL.13thfloor.at) joined #vserver. [02:39] hi all! [02:49] hey herbert [02:49] we meet again :) [02:49] finally ;) [02:50] :) [02:50] what time is it where you are? late...? [02:51] 1am in the morning ... [02:51] did you have a good day? [02:52] yes ... [02:54] i am in training at the moment herbert [02:54] it is FUCKED! [02:54] Action: kestrel_ sobs with self pity [02:55] hmm training exactly means? [02:56] it means....erm [02:57] we are "learning" how to maintain this new system that is coming into our network [02:57] the vendor is "training" us on its maintenance [02:57] well that _can_ be interesting ... [03:00] well, i have been on a lot of training and it has never been interesting [03:00] it may have interesting moments, but that doesn't justify the other 90% boredom [03:00] for this there is nethack ;) [03:01] heh [03:01] fortunately, i have irc and can ssh into home and hack on my stuff [03:01] otherwise, i may well have been insane by now [03:01] Action: kestrel_ wipes his brow [03:05] wow, the nr cpu patches seem to made it into the kernel 2.4.23-rc5 ;) [03:07] are they yours? what do they do? [03:07] nope, I just rediffed them since 2.4.20 or so ... [03:07] usually on i386 the NR cpus is fixed to 32 [03:08] okay [03:08] which is slighly above the average ... [03:08] and therfore consumes kernel memory for nothing ... [03:10] heh, "slightly" [03:11] but the critical 1.1.4 zlib fix hasn't made it yet :( [03:14] kestrel_ (~athomas@dialup51.optus.net.au) left irc: Quit: brb [03:16] kestrel_ (~athomas@dialup51.optus.net.au) joined #vserver. [03:43] okay .. brb ... [03:43] Bertl (~herbert@MAIL.13thfloor.at) left irc: Quit: leaving [03:49] kestrel_ (~athomas@dialup51.optus.net.au) got netsplit. [03:49] maja|ipv6 (maharaja@ipax.tk) got netsplit. [03:49] ensc (~ircensc@ultra.csn.tu-chemnitz.de) got netsplit. [03:49] virtuoso (~shisha@ip114-115.adsl.wplus.ru) got netsplit. [03:49] say (~say@212.86.243.154) got netsplit. [03:49] sannes (ace@sannes.org) got netsplit. [03:49] sladen (paul@starsky.19inch.net) got netsplit. [03:49] linas (~linas@67.100.217.179) got netsplit. [03:49] unriel (~riel@66.187.230.200) got netsplit. [03:49] mcp (~hightower@81.17.110.148) got netsplit. [03:49] kestrel (~athomas@o2rosock0a.optus.net.au) got netsplit. [03:49] MrBawb (abob@63.100.31.204) got netsplit. [03:49] kestrel_ (~athomas@dialup51.optus.net.au) returned to #vserver. [03:49] maja|ipv6 (maharaja@ipax.tk) returned to #vserver. [03:49] ensc (~ircensc@ultra.csn.tu-chemnitz.de) returned to #vserver. [03:49] virtuoso (~shisha@ip114-115.adsl.wplus.ru) returned to #vserver. [03:49] say (~say@212.86.243.154) returned to #vserver. [03:49] sannes (ace@sannes.org) returned to #vserver. [03:49] sladen (paul@starsky.19inch.net) returned to #vserver. [03:49] linas (~linas@67.100.217.179) returned to #vserver. [03:49] mcp (~hightower@81.17.110.148) returned to #vserver. [03:49] unriel (~riel@66.187.230.200) returned to #vserver. [03:49] MrBawb (abob@63.100.31.204) returned to #vserver. [03:49] kestrel (~athomas@o2rosock0a.optus.net.au) returned to #vserver. [03:57] Bertl (~herbert@MAIL.13thfloor.at) joined #vserver. [04:01] and once again ... [04:01] Bertl (~herbert@MAIL.13thfloor.at) left irc: Client Quit [04:10] Bertl (~herbert@212.16.62.51) joined #vserver. [04:10] okay back again ... [04:13] shuri (~ipv6@207.236.226.187) left irc: Quit: ipv6 [04:45] hey Bertl, still alive? :) [04:45] yup! [04:45] ah, hi :) [04:45] been wondering if there's anything new on the vnet-patch yet? :) [04:46] nope, Gandalf promised to have a look at it last weekend, but he hasn't shown up since, I wonder why ;) [04:46] pity ;) would be something very nice [04:47] well, we will do something like that ... but it just needs some time, I guess ... [04:47] though it came to my mind util-vserver might require some change with vnet [04:47] as it would need to use an interface instead of an interface alias [04:48] all tools will need a _lot_ of changes if this will be used ... [04:48] and prolly all other interfaces but the vnet should then prolly be hidden within a vserver [04:49] thought so :) but it'd be a great extension for this project in my opinion [04:49] I consider it the only way in a long run ... [05:24] Bertl (~herbert@212.16.62.51) left irc: Ping timeout: 493 seconds [05:46] Bertl (~herbert@MAIL.13thfloor.at) joined #vserver. [05:53] NeshHome (~dmistry@67.82.65.61) left irc: Ping timeout: 493 seconds [05:53] NeshHome (~dmistry@ool-4352413d.dyn.optonline.net) joined #vserver. [06:10] Bertl (~herbert@MAIL.13thfloor.at) got netsplit. [06:10] sladen (paul@starsky.19inch.net) got netsplit. [06:10] sannes (ace@sannes.org) got netsplit. [06:10] say (~say@212.86.243.154) got netsplit. [06:10] virtuoso (~shisha@ip114-115.adsl.wplus.ru) got netsplit. [06:10] ensc (~ircensc@ultra.csn.tu-chemnitz.de) got netsplit. [06:10] maja|ipv6 (maharaja@ipax.tk) got netsplit. [06:10] kestrel_ (~athomas@dialup51.optus.net.au) got netsplit. [06:10] linas (~linas@67.100.217.179) got netsplit. [06:10] mcp (~hightower@81.17.110.148) got netsplit. [06:10] unriel (~riel@66.187.230.200) got netsplit. [06:10] NeshHome (~dmistry@ool-4352413d.dyn.optonline.net) got netsplit. [06:10] kestrel (~athomas@o2rosock0a.optus.net.au) got netsplit. [06:10] MrBawb (abob@63.100.31.204) got netsplit. [06:10] NeshHome (~dmistry@ool-4352413d.dyn.optonline.net) returned to #vserver. [06:10] Bertl (~herbert@MAIL.13thfloor.at) returned to #vserver. [06:10] kestrel_ (~athomas@dialup51.optus.net.au) returned to #vserver. [06:10] maja|ipv6 (maharaja@ipax.tk) returned to #vserver. [06:10] ensc (~ircensc@ultra.csn.tu-chemnitz.de) returned to #vserver. [06:10] virtuoso (~shisha@ip114-115.adsl.wplus.ru) returned to #vserver. [06:10] say (~say@212.86.243.154) returned to #vserver. [06:10] sannes (ace@sannes.org) returned to #vserver. [06:10] sladen (paul@starsky.19inch.net) returned to #vserver. [06:10] linas (~linas@67.100.217.179) returned to #vserver. [06:10] mcp (~hightower@81.17.110.148) returned to #vserver. [06:10] unriel (~riel@66.187.230.200) returned to #vserver. [06:10] MrBawb (abob@63.100.31.204) returned to #vserver. [06:10] kestrel (~athomas@o2rosock0a.optus.net.au) returned to #vserver. [07:07] Nick change: Bertl -> Bertl_zZ [07:08] Topic changed on #vserver by Bertl_zZ!~herbert@MAIL.13thfloor.at: http://linux-vserver.org/ || latest stable 1.00, devel 1.1.6 [08:53] pflanze (~chris@dclient217-162-115-175.hispeed.ch) joined #vserver. [09:01] Hello [09:02] If I want to put a vserver onto a virtual network (not accessible from any 'real' network interface without routing/port forwarding), what do you suggest? [09:02] tuntap stuff? I never understood that really. [09:10] Hm I guess tun/tap doesn't help here since it's not about userspace programs processing ethernet frames. [09:11] pflanze: you want uml_switch [09:12] or mcast, if you have multicast built into your host kernel [09:12] I know uml. But does that help with vserver? [09:12] ah, shit, sorry :) [09:12] i'm in #uml as well, so i got confused...hehe [09:13] I guess another loopback device would be the right thing. [09:13] the only issue i think would be that the host might respond to arp requests [09:14] shouldn't matter (?). [09:15] ah, to arp requests to the loopback device itself you mean. [09:15] yeah, exactly [09:15] i know it does if you add an alias to lo [09:15] but shouldn't matter either - it's the kernel the vserver is running on. [09:15] so it might take some trickery [09:15] Action: kestrel_ shrugs [09:15] you'll never known until you try :) [09:18] Hm, aliases only? How to do it if I want 127.0.0.1 inside vserver as well, but distinct from the host. [09:18] i don't know pflanze...why don't you experiment [09:19] Action: pflanze only has vserver on remote hosts [09:20] ah [09:29] ok the answer is, of course, with an alias you'll not get a separate interface. [09:30] like with 'ifconfig lo:1 192.168.2.2 up' and giving that to a vserver, the vserver can access all services bound to lo. [09:30] those from the host. [09:30] And this is not what I like - usually you have sensitive services running on lo that you don't expect other ppl to have access to. [09:31] The question boild down to: how does one create lo1, lo2.. ? [09:55] (not even masquerading seems to work when using lo:1 ) [10:09] loger joined #vserver. [10:44] _MedivhWrk (ck@netops.multimedia-centrum.de) joined #vserver. [10:46] MedivhWrk (ck@195.90.10.197) left irc: Ping timeout: 493 seconds [10:46] Nick change: _MedivhWrk -> MedivhWrk [10:59] Zoiah (Zoiah@81.17.52.139) got netsplit. [10:59] Medivh (ck@62.93.217.199) got netsplit. [10:59] apw (~apw@212.104.150.41) got netsplit. [10:59] ccooke (~ccooke@80.1.164.238) got netsplit. [10:59] Simon (~sgarner@210.54.177.190) got netsplit. [10:59] micah (micah@192.101.188.235) got netsplit. [10:59] serving (~serving@213.186.190.221) got netsplit. [11:00] Simon (~sgarner@210.54.177.190) returned to #vserver. [11:00] serving (~serving@213.186.190.221) returned to #vserver. [11:00] ccooke (~ccooke@80.1.164.238) returned to #vserver. [11:00] micah (micah@192.101.188.235) returned to #vserver. [11:00] apw (~apw@212.104.150.41) returned to #vserver. [11:00] Medivh (ck@62.93.217.199) returned to #vserver. [11:00] Zoiah (Zoiah@81.17.52.139) returned to #vserver. [11:53] pflanze (~chris@dclient217-162-115-175.hispeed.ch) left irc: Ping timeout: 496 seconds [12:06] Zoiah (Zoiah@81.17.52.139) got netsplit. [12:06] Medivh (ck@62.93.217.199) got netsplit. [12:06] apw (~apw@212.104.150.41) got netsplit. [12:06] ccooke (~ccooke@80.1.164.238) got netsplit. [12:06] Simon (~sgarner@210.54.177.190) got netsplit. [12:06] micah (micah@192.101.188.235) got netsplit. [12:06] serving (~serving@213.186.190.221) got netsplit. [12:07] Simon (~sgarner@210.54.177.190) returned to #vserver. [12:07] serving (~serving@213.186.190.221) returned to #vserver. [12:07] ccooke (~ccooke@80.1.164.238) returned to #vserver. [12:07] micah (micah@192.101.188.235) returned to #vserver. [12:07] apw (~apw@212.104.150.41) returned to #vserver. [12:07] Medivh (ck@62.93.217.199) returned to #vserver. [12:07] Zoiah (Zoiah@81.17.52.139) returned to #vserver. [12:47] Zoiah (Zoiah@81.17.52.139) got netsplit. [12:47] Medivh (ck@62.93.217.199) got netsplit. [12:47] apw (~apw@212.104.150.41) got netsplit. [12:47] ccooke (~ccooke@80.1.164.238) got netsplit. [12:47] Simon (~sgarner@210.54.177.190) got netsplit. [12:47] micah (micah@192.101.188.235) got netsplit. [12:47] serving (~serving@213.186.190.221) got netsplit. [12:48] Simon (~sgarner@210.54.177.190) returned to #vserver. [12:48] serving (~serving@213.186.190.221) returned to #vserver. [12:48] ccooke (~ccooke@80.1.164.238) returned to #vserver. [12:48] micah (micah@192.101.188.235) returned to #vserver. [12:48] apw (~apw@212.104.150.41) returned to #vserver. [12:48] Medivh (ck@62.93.217.199) returned to #vserver. [12:48] Zoiah (Zoiah@81.17.52.139) returned to #vserver. [13:34] Simon (~sgarner@210.54.177.190) left irc: Quit: so long, and thanks for all the fish [13:49] Action: ccooke wakes up [13:49] Morning [13:52] hi there [14:02] what does http://vserver.13thfloor.at/Experimental/patch-vs1.1.5-dynamic-fix03.diff fix? I see it changes all memory allocations in vcontext.c .. but, I'm not sure what it fixes.. I think maybe i have struggeled with something this fixes.. and what is that delta-dynamic-01.diff file it makes? [14:17] serving (~serving@213.186.190.221) left irc: Ping timeout: 493 seconds [15:27] unriel (~riel@66.187.230.200) left irc: Ping timeout: 492 seconds [15:45] Zoiah (Zoiah@81.17.52.139) got netsplit. [15:45] Medivh (ck@62.93.217.199) got netsplit. [15:45] apw (~apw@212.104.150.41) got netsplit. [15:45] ccooke (~ccooke@80.1.164.238) got netsplit. [15:45] micah (micah@192.101.188.235) got netsplit. [15:46] ccooke (~ccooke@80.1.164.238) returned to #vserver. [15:46] micah (micah@192.101.188.235) returned to #vserver. [15:46] apw (~apw@212.104.150.41) returned to #vserver. [15:46] Medivh (ck@62.93.217.199) returned to #vserver. [15:46] Zoiah (Zoiah@81.17.52.139) returned to #vserver. [15:59] so, when is this channel usually active? [16:06] very [16:06] :) [16:08] say (~say@212.86.243.154) left irc: [16:09] serving (~serving@213.186.191.12) joined #vserver. [16:13] _MedivhWrk (ck@netops.multimedia-centrum.de) joined #vserver. [16:13] MedivhWrk (ck@netops.multimedia-centrum.de) left irc: Ping timeout: 496 seconds [16:13] Nick change: _MedivhWrk -> MedivhWrk [16:38] damn bochs is slow [17:41] virtuoso (~shisha@ip114-115.adsl.wplus.ru) left irc: Quit: Reconnecting [17:41] virtuoso (~shisha@ip114-115.adsl.wplus.ru) joined #vserver. [17:50] say (~say@212.86.243.154) joined #vserver. [18:09] infowolfe (~infowolfe@pcp04891550pcs.frnkmd01.md.comcast.net) joined #vserver. [18:20] pflanze (~chris@dclient217-162-75-185.hispeed.ch) joined #vserver. [18:53] Nick change: Bertl_zZ -> Bertl [18:54] hi all! [18:54] afternoon [19:32] :) [19:41] Zoiah (Zoiah@81.17.52.139) got netsplit. [19:41] Medivh (ck@62.93.217.199) got netsplit. [19:41] apw (~apw@212.104.150.41) got netsplit. [19:41] ccooke (~ccooke@80.1.164.238) got netsplit. [19:41] micah (micah@192.101.188.235) got netsplit. [19:42] ccooke (~ccooke@80.1.164.238) returned to #vserver. [19:42] micah (micah@192.101.188.235) returned to #vserver. [19:42] apw (~apw@212.104.150.41) returned to #vserver. [19:42] Medivh (ck@62.93.217.199) returned to #vserver. [19:42] Zoiah (Zoiah@81.17.52.139) returned to #vserver. [19:45] shuri (~ipv6@cpu183.adsl.qc.bellglobal.com) joined #vserver. [20:07] shuri (~ipv6@cpu183.adsl.qc.bellglobal.com) left irc: Ping timeout: 480 seconds [20:37] Zoiah (Zoiah@81.17.52.139) got netsplit. [20:37] Medivh (ck@62.93.217.199) got netsplit. [20:37] apw (~apw@212.104.150.41) got netsplit. [20:37] ccooke (~ccooke@80.1.164.238) got netsplit. [20:37] micah (micah@192.101.188.235) got netsplit. [20:38] ccooke (~ccooke@80.1.164.238) returned to #vserver. [20:38] micah (micah@192.101.188.235) returned to #vserver. [20:38] apw (~apw@212.104.150.41) returned to #vserver. [20:38] Medivh (ck@62.93.217.199) returned to #vserver. [20:38] Zoiah (Zoiah@81.17.52.139) returned to #vserver. [20:56] shuri (~ipv6@cpu183.adsl.qc.bellglobal.com) joined #vserver. [20:58] JonB (~jon@129.142.112.33) joined #vserver. [20:59] hi Jon! [20:59] hey Bertl [21:11] Bertl : what was that dynamic fix ? [21:22] well, basically we have static IDs and dynamic IDs for context ... [21:23] the dynamic IDs where recently moved to above 49152 to avoid clashes with the static IDs ... [21:24] a few days ago, I discovered two things: [21:24] a) if all dynamic IDs are allocated the syscall will 'hang' [21:24] ah [21:25] b) there is a bad SMP locking issue on allocation [21:25] there is or there were? [21:25] I fixed that, so there was ... [21:54] :) [21:54] what was that tcp6 fix in the latest? [21:54] Zoiah (Zoiah@81.17.52.139) got netsplit. [21:54] Medivh (ck@62.93.217.199) got netsplit. [21:54] apw (~apw@212.104.150.41) got netsplit. [21:54] ccooke (~ccooke@80.1.164.238) got netsplit. [21:54] micah (micah@192.101.188.235) got netsplit. [21:55] ccooke (~ccooke@80.1.164.238) returned to #vserver. [21:55] micah (micah@192.101.188.235) returned to #vserver. [21:55] apw (~apw@212.104.150.41) returned to #vserver. [21:55] Medivh (ck@62.93.217.199) returned to #vserver. [21:55] Zoiah (Zoiah@81.17.52.139) returned to #vserver. [21:55] equivalent fix to the tcp_get_info() in vs1.1.5 ... [21:57] in the release you just say "critical bugfix in tcp_get_info()" not what it does.. or prevents .. [21:57] hmm okay, there was an explanation in the announcement IIRC ... [21:58] IIRC ? [21:59] so if you don't .. [21:59] hey I make 3-4 announcements for each release, I can't remember everything ... ;) [21:59] hehe:) [22:00] let me check, where I explained that ... [22:00] I know, just want to know what was fixed.. (I'm running 1.1.6 now anyways.. but you know, I had some issues and I'm wondering if something is getting fixed).. [22:01] simple, there was a copy/paste typo on tcp_get_info() ... [22:01] ok.. [22:01] basically dereferencing an uninitialized pointer ... [22:01] you know if you hit it (panc!) [22:02] heh.. :) [22:03] but the SMP issues are more subtle ... [22:03] what 'issues' did you encounter ... [22:04] well, one issue.. the load goes up and then total hang.. heh [22:04] that is probably a 'kernel' issue ... [22:04] sometimes there are some messages from the kernel if I'm lucky .. such as .. hm, can't remember anymore.. hm.. [22:04] sannes: that is a totaly strange kernel message [22:04] do you use dynamic or static contexts ... [22:05] of course when I took all production stuff off of that server .. [22:05] used dynamic [22:05] on a SMP system? [22:05] but only four-five vservers and no SMP .. [22:06] a 'strange' kernel message would be interesting ... you should always report such stuff ... [22:08] and does vs1.1.6 seem to work well for you? [22:08] so far so good :) [22:09] I am thinking of moving the production stuff back now, since the machine doesn't hang.. [22:09] but, I'm a bit worried of course.. heh [22:10] when I checked out memory usage after reboot it was a bit less than usual, but everything was running.. could be my memory (as in my head) fooling me.. [22:10] I can understand ... anyway if there is a chance for 'controlled' production tests, I would suggest doing so ... we won't find any issues until we use it ... [22:11] I switched my vservers to 1.1.6 yesterday ;) [22:12] well, that is just it, I tried quite a lot of heavy stuff on it.. (apache/multiplemysqlservers/compiling/benchmarking/eating all memory) [22:13] stable as a rock, .. but then again, never could make it crash that way anyways.. [22:13] didn't patch in grsecurity this time.. heh.. just going to use exec-shiled and nothing else.. [22:13] do you have a chance to add a serial console to your 'production' system? [22:14] think so, there is this option in the bios, but never used it.. [22:14] when I say production I mean where I put my customers.. heh [22:15] hmm, linux kernel supports serial console very well ... so you could in the case of a 'hang' get some kernel task/state information, which could be used to locate the issue ... [22:15] well, I did enable sysrq stuff and was ready to do the bidding, but it never crashed after moving stuff off of it.. (of course) [22:16] but it would always take about 1.5 days to crash it on normal load.. and it didn't crash in a month.. so I'm confused.. [22:18] could be that some 'special' vserver configuration 'triggers' the issue ... [22:18] you had this issues on non SMP systems? [22:19] yes, or issue.. [22:20] that _is_ interresting, as it shows that it couln't be a locking/race issue ... [22:20] but, i don't even know if it is vserver related so.. [22:22] and it was in the -pre series .. [22:22] and I had patched inn a lot of stuff [22:23] I was thinking it might be a memory leak.. since it took some time before it hung.. [22:23] you could verify with slabinfo ... [22:23] and the inode cache was going crazy in slabinfo.. [22:24] inode_cache 270772 270809 512 38685 38687 1 [22:26] hmm, looks reasonable ... [22:26] inode_cache 6308 6363 512 907 909 1 <-- is what I got on my desktop machine [22:26] but, i don't know how to read it.. [22:26] yeah, sure ... but vservers will access a lot more files ... [22:27] I assume you have not unified ther vservers ... [22:27] true [22:27] non unified system with 6-8 servers easily reaches 400M if available ;) [22:27] :) [22:28] Zoiah (Zoiah@81.17.52.139) got netsplit. [22:28] Medivh (ck@62.93.217.199) got netsplit. [22:28] apw (~apw@212.104.150.41) got netsplit. [22:28] ccooke (~ccooke@80.1.164.238) got netsplit. [22:28] micah (micah@192.101.188.235) got netsplit. [22:28] ccooke (~ccooke@80.1.164.238) returned to #vserver. [22:28] micah (micah@192.101.188.235) returned to #vserver. [22:28] apw (~apw@212.104.150.41) returned to #vserver. [22:28] Medivh (ck@62.93.217.199) returned to #vserver. [22:28] Zoiah (Zoiah@81.17.52.139) returned to #vserver. [22:30] you can get the slabtop tool to monitor that ... [22:30] well, got to get something to eat before the store closes.. see ya :) [22:30] hm, yeah I'll take a look, where is it located? [22:31] you have to search for it .. was announced on lkml some time ago ... [22:32] http://www.tech9.net/rml/procps/ [22:32] seems to be in the latest procps ... [22:34] Medivh (ck@62.93.217.199) left irc: Quit: changing servers [22:34] Medivh (ck@62.93.217.199) joined #vserver. [23:00] pflanze (~chris@dclient217-162-75-185.hispeed.ch) left irc: Quit: [x]chat [23:48] jack (~jack@route3.unigiciel.com) joined #vserver. [23:48] hi jack! [23:48] Hi [23:48] how are you? [23:49] Fine. I have been thinking about two things lately: private loopback and chrootsafe [23:49] sounds interesting ... [23:50] I adapted your chrootsafe() and enrico tested/broke it ;) [23:50] I think I know how to implement private loopback very cheaply. Not sure. Will look at it this week [23:50] is loopback not private ? [23:50] Yes I saw the problem about chrootsafe [23:50] private loopback first [23:50] @jack have you had a look at my 'virtual' network device ... [23:50] i tried to access a mysql server from apache a long time ago, through loopback [23:50] Yes they are kind of private (a vserver can't connect to the loopback of the root) [23:50] and it didnt work [23:51] both apache and mysql was inside a vserver each [23:51] 127.0.0.1 is forced to the ipv4root whatever you try [23:51] The idea is that a loopback should be private to a vserver. [23:52] But the problem now is that they are not real. I mean, two servers can't setup the same service on 127.0.0.1 [23:52] Action: Bertl points again to the virtual device ;) [23:52] jack: but i cant connect to another vservers service through lo, can i? [23:52] The solution would be to allow that in the kernel. In the same way we allow a bind(0.0.0.0) on a service by checking that no other is using the same IPs. [23:53] The virtual device may help and may not help. All the work done in the IP stack is really done on IPs, not devices. [23:53] Anyway, my idea is to simply allow clash on a service (two services on 127.0.0.1, same port, different vserver) and use the security context to tie [23:53] socket together. [23:53] but I have succeded in 'implementing' the virtual device for llopback ;) [23:54] How does it works ? [23:54] simple .. we can also use a similar concept for the loop device itself, although I don't see any advantage ... [23:55] jonb: No you can't contact another vserver using loopback [23:55] loopback accepts a packet, and returns it on the same path ... [23:55] jack: okay, i just thought that ment they were different [23:55] if you have a separate virtual interface for each vserver, you can separate on a packet marker (xid) ... [23:55] Yes but if you bind fo 127.0.0.1 on port 80 for two vservers, the current kernel will reject that [23:56] okay [23:56] maybe we should talk about the virtual network a little ... I ahve some ideas, but unfortunately no deep knowledge yet ... [23:56] jack: when did you start the vserver project anyway ? [23:56] 2 years ago in september [23:57] first, some issues with the current implementation: [23:57] jack: where did you get the inspiration ? [23:58] I did some testing with iproute2 and separate tables per network/vserver ... [23:59] ifconfig eth0 192.168.0.2 [23:59] ip route add 192.168.0.0/24 dev eth0 table 100 [23:59] ip route add default via 192.168.0.1 dev eth0 table 100 [23:59] ip rule add from 192.168.0.0/24 table 100 [00:00] --- Sat Nov 29 2003