Today's Messages (off)
| Unanswered Messages (on)
| Forum: Support |
|---|
| Topic: Weird file access / rights problem |
|---|
| Weird file access / rights problem [message #34561] |
Sun, 18 January 2009 05:55 |
 Evil-Knievel
Messages: 1
Registered: January 2009 |
Junior Member |
From: *pool.einsundeins.de
|
|
I run a courier IMAP / POP server in one of my OpenVZ containers. After each reboot, the courier daemon denies access with this error message:
couriertls: imapd.pem: error:02001002:system library: fopen:No such file or directory
Obviously it can't find the certificate file needed for TLS/SSL, though the file exists and has the right permissions set:
-rw------- 1 root root 2591 Dec 11 12:41 pop3d.pem
lrwxrwxrwx 1 root root 9 Jan 13 11:15 imapd.pem -> pop3d.pem
However - if i stop the daemon, do a 'chown root:root' and restart the courier daemons afterwards, everything works fine.
I'm not sure if this is really OpenVZ related, but as i don't any further with this: any help would be greatly appreciated!
|
|
| | Topic: IPv6 - arp problem |
|---|
| IPv6 - arp problem [message #34529] |
Thu, 15 January 2009 08:18 |
jonasb
Messages: 20
Registered: July 2007 |
Junior Member |
From: *122.227.87.static.ens.siw.siwnet.net
|
|
Hello,
I think I have ARP problem with IPv6.
IPv6 is working on HN.
VE can ping HN.
VE can not ping gateway of HN.
Container:
VE:~# route -6
Kernel IPv6 routing table
Destination Next Hop Flag Met Ref Use If
2000::/3 :: U 1024 0 0 venet0
fe80::/64 :: U 256 0 0 venet0
::/0 :: !n -1 1 14214 lo
::1/128 :: Un 0 1 4 lo
::1/128 :: Un 0 1 0 lo
2001:XXX:1::c8/128 :: Un 0 1 209 lo
ff00::/8 :: U 256 0 0 venet0
::/0 :: !n -1 1 14214 lo
I cant ping gateway of HN:
VE:~# ping6 2001:XXX:1::1
PING 2001:XXX:1::1(2001:XXX:1::1) 56 data bytes
--- 2001:XXX:1::1 ping statistics ---
166 packets transmitted, 0 received, 100% packet loss, time 165020ms
With tcpdump I can see that the router asking for ip of VE, 2001:XXX:1::c8
14:15:28.515495 IP6 2001:XXX:1::c8 > 2001:XXX:1::1: ICMP6, echo request, seq 1, length 64
14:15:28.516387 IP6 2001:XXX:1::1 > ff02::1:ff00:c8: ICMP6, neighbor solicitation, who has 2001:XXX:1::c8, length 32
14:15:29.515277 IP6 2001:XXX:1::c8 > 2001:XXX:1::1: ICMP6, echo request, seq 2, length 64
14:15:29.516413 IP6 2001:XXX:1::1 > ff02::1:ff00:c8: ICMP6, neighbor solicitation, who has 2001:XXX:1::c8, length 32
Im running CentOS with kernel 2.6.18-92.1.13.el5.028stab059.6.
Any ideas whats wrong?
|
|
| | Topic: container shows not real cpu consumption with "top" command |
|---|
| container shows not real cpu consumption with "top" command [message #34526] |
Thu, 15 January 2009 05:33 |
jevelyt
Messages: 19
Registered: January 2009 |
Junior Member |
From: 212.122.90*
|
|
Hello, with quad core processor I create container with --cpuunits 16 (4% of all cpus) and I launch CS 1.6 server. When there are ~16 players there are no lag, when 20+ of players - ping for the players goes up sharply but in cat /proc/user_beancounters failcnt is 0 in all parameters. I think this is because lack of cpu but with command top or htop the cpu is shown ~0-5%.
Why container doesn't show it's cpu consumption? I think that container shows main server's cpu consumption but not container's. I'm right?
[Updated on: Thu, 15 January 2009 05:47] Report message to a moderator |
|
| | Topic: Moving VEs with IP-Addresses |
|---|
| Moving VEs with IP-Addresses [message #34502] |
Mon, 12 January 2009 18:08 |
OliverH
Messages: 1
Registered: January 2009
Location: NRW |
Junior Member |
From: *netcologne.de
|
|
Hi everyone!
I'm new here and have a question on live migrating VEs.
I want to build an OpenVZ cluster. There are IP Addresses available on the ethernet the hosts are connected to. So I don't want the hosts to route the traffic to the VEs but to bridge it.
What I have done yet is to set up a bridge on each host and add an virtual ethernet device to each VE and to the bridge of the host the VE is running on.
The problem is that I want to use live migration.
So when I move an VE to another maschine, I think the virtual ethernet device would not exist anymore. But even if it exists, I think it would not be bridged to the ethernet device of the new host.
How do I realize it, that my VEs can use their old IP-Addresses automatically when they are moving to a new host?
Did anybody get my point?
Regars,
Oliver
|
|
| | Topic: Lenny linux-image-2.6.26-1-openvz-amd64 2.6.26-12 does not boot on dual Quadcore |
|---|
| Lenny linux-image-2.6.26-1-openvz-amd64 2.6.26-12 does not boot on dual Quadcore [message #34483] |
Sat, 10 January 2009 16:20 |
volker.jaenisch@inqbus.de
Messages: 1
Registered: January 2009 |
Junior Member |
From: *pools.arcor-ip.net
|
|
Hello Openvz Community!
Before filing a bug-report I like to ask
if anybody an this list has got
Debian Lenny linux-image-2.6.26-1-openvz-amd64 2.6.26-12
running on a Dual Quadcore AMD System.
The System consist out of
* supermicro H8DME-2 board
* 2 x AMD Opteron Quadcore 2356
* 32 GB RAM
Running the kernel mentioned above we got a kernel OOPS
if we set the Board BIOS to optimal settings.
If we fall back to the failsave BIOS settings the kernel does OOPS one out of three times, only 
This behavior may be comparable to bug 1110
http://bugzilla.openvz.org/show_bug.cgi?id=1110#attach_844
The same kernel version without openvz
Debian Lenny linux-image-2.6.26-1-amd64 Version 2.6.26-12
runs without any problems. So we draw the conclusion that the kernel OOPS is openvz spezific.
On slightly modified hardware
same board but with a single AMD opteron DUAL core the openvz kernel runs.
So it seems to be a combination of DUAL Quad-Core and openvz?
Any help and ideas appreciated !
Thanks in advance
Volker
|
|
| | Topic: Proxy webserver |
|---|
| Proxy webserver [message #34473] |
Fri, 09 January 2009 05:00 |
alfonsodiecko
Messages: 14
Registered: October 2008 |
Junior Member |
From: *dip0.t-ipconnect.de
|
|
Hi,
I have a question to the tutorial "Shared webhosting" part "Proxy webserver". In the last step is it necessary to add some lines for VirtualHost . But on which Server must I do that , on the Server where my Proxy runs or where my website runs ? My Root has the ip 217.117.xxx.xx(with a website) the vz with the proxy 192.168.172.49 and 192.168.172.50(with a website). At first I have add the lines in the /etc/lighttpd/lighttpd.conf on 192.168.172.49
$HTTP["host"] == "domain1.tl" {
proxy.server = ( "" => ( ( "host" => "217.117.xxx.xx" ) ) )
}
$HTTP["host"] == "domain2.tl" {
proxy.server = ( "" => ( ( "host" => "192.168.172.50(" ) ) )
}
iptables -t nat -A PREROUTING -p TCP -d 217.117.xxx.xx --dport 80 $dnat 192.168.172.49:80
Well, the next is to configure the VirtualHost in 192.168.172.50,
<VirtualHost 217.117.xxx.xx:80>
ServerName domain2.tl
RewriteEngine On
RewriteRule ^(.*)$ http://192.168.172.50$1 [P]
RewriteRule ^(.*)$ http://www.domain2.tl$1 [P]
</VirtualHost>
regards chris
[Updated on: Fri, 09 January 2009 05:25] Report message to a moderator |
|
| | Topic: New OS Template creation - What to exclude ? |
|---|
| New OS Template creation - What to exclude ? [message #34455] |
Mon, 05 January 2009 12:03 |
igoldman
Messages: 2
Registered: January 2009
Location: World Wide Web |
Junior Member |
From: *static.bezeqint.net
|
|
Hello
I found the following article:
http://wiki.openvz.org/Creating_a_CentOS_5.0_Template
I would like to create a new OS Template base on RHEL es 4.6
I am using dedicated server and from this server I am taking a snap shot of the Operating System.
And according to this article the following need to be excluded:
.bash_history
lost+found
/dev/*
/mnt/*
/tmp/*
/proc/*
/sys/*
/usr/src/*
I would like to know if there is any additional file or directory which need to be excluded while making the tar file ?
What about the network configuration prior making the tar file ?
|
|
| | Topic: Running Netatalk inside a VE |
|---|
| Running Netatalk inside a VE [message #34438] |
Fri, 02 January 2009 05:16 |
odiobill
Messages: 2
Registered: October 2008
Location: Bologna, Italy |
Junior Member |
From: *ip.fastwebnet.it
|
|
Hi all,
I'm trying to run netatalk inside a VE without success. Everything is fine from the host system but every guest are giving me the same error. This is an example from a machine that before was working fine (I just done a migration from vserver to openvz).
| Quote: |
Jan 2 09:00:37 umpalumpa afpd[433]: main: atp_open: Address family not supported by protocol
Jan 2 09:00:37 umpalumpa afpd[433]: ASIP started on 192.168.1.249:548(4) (2.0.3)
Jan 2 09:00:37 umpalumpa afpd[433]: DSIConfigInit: Error registering afp://192.168.1.249/?NAME=umpalumpa&ZONE= with SRVLOC
|
There are some hints that I can follow?
Thanks,
//Davide
Davide
|
|
| | Topic: creation of new basis OS template base on dedicated server |
|---|
| creation of new basis OS template base on dedicated server [message #34432] |
Thu, 01 January 2009 10:01 |
igoldman
Messages: 2
Registered: January 2009
Location: World Wide Web |
Junior Member |
From: *static.bezeqint.net
|
|
According to SWsoft there is no basis template for
1) RedHat Enterprise Linux Version 4 ES 32 bit
2) RedHat Enterprise Linux Version 4 ES 64 bit
I would like to create such OS template (regular OS template , no EZ OS template).
I would like to know if I can use for this purpose a dedicated server without Virtuozzo installed over it.
Only to install the vzsnapshot RPM package over the dedicated server and then start the process of creating the OS basis template.
I would like to know if someone has done such process and can write some suggestions.
for instance , which partition table it's need to create over the dedicated server ?
because Virtuozzo is not installed on the dedicated server , is it OK not to create the /vz partition ? or it must be created ?
|
|
| | Topic: Disk Quota and OCFS2 |
|---|
| Disk Quota and OCFS2 [message #34430] |
Wed, 31 December 2008 11:31 |
smeat
Messages: 1
Registered: December 2008 |
Junior Member |
From: *iexposure.com
|
|
Is there any particular reason that disk quotas wouldn't show up when hosting OpenVZ containers on an OCFS2 file system? I would really like to be able to see the usage of my containers.
I am running the ProxMox VE environment.
OpenVZ version: 3.0.22-3pve3
Kernel version: pve-kernel-2.6.24-1-pve
Thanks.
|
|
| | Topic: plz help me with good configuration |
|---|
| plz help me with good configuration [message #34387] |
Sat, 27 December 2008 11:43 |
HEX-MAX
Messages: 1
Registered: December 2008 |
Junior Member |
From: 82.137.232*
|
|
Hello guys
i have some question i hope to get answer
i have server 4 cpu AMD 880 dual core total 8 core
Ram 16 GB HDD 300x2 sas
i creat 3 vps with this configuration
Disk Quota >>>> 50000 MB
Burstable Memory >>>> 1024
Guaranteed Memory >>>> 512
Cpu Usage (%) 100/CPU >>>> 50
CPU UNITS (default 1000) >>>> 100
Number Of CPUS >>>> 1
=========================
now the load in Node 3.65
the load in vps 3.50 that VE when have high load Node is upload to same value
is there some way to prevent that ??
i want if vps have load 100 or 200 etc the Node not effect with him
Thank you
|
|
| | Topic: OpenVZ kernel running under XEN |
|---|
| | Topic: Debian Lenny Templates |
|---|
| | Topic: Unable to share IPs from the same vlan |
|---|
| Unable to share IPs from the same vlan [message #34278] |
Fri, 19 December 2008 13:02 |
digitallinx
Messages: 3
Registered: October 2008 |
Junior Member |
From: 79.126.228*
|
|
Hello, I have couple of hardware nodes with hypervm on them and I have multiple subnets in my own vlan.
All slave nodes can share the IPs with no problems except for one.
The configuration is exactly as the rest of the slave nodes but I can't use any of the different subnets I have in my vlan, I can only use IPs from the subnet where that hardware node is. I have no issues using the IPs from that node's subnet on the rest of the slaves. I can also add any IP on the hardware node itself and it works fine, but it doesn't work when I use that IP on a VM. I know I'm not making much sense I've been up all night trying to figure this out. All in all here is what I have
master node <- can use all 6 different subnets
slave1 <- can use all 6 different subnets
slave2 <- can use all 6 different subnets
...
...
slave14 <- VMs can only use IPs from the subnet it has IP from, but the hardware node itself can bind on any IP of those 6 subnets
Also I'm noticing A LOT of dropped packets in slave14
RX packets:810935 errors:0 dropped:20712070445760 overruns:0 frame:0
There is little to none traffic on that node, I watched tcpdump for a while and I see nothing out of the ordinary
108 packets captured
216 packets received by filter
0 packets dropped by kernel
Yet the dropped packets grow exponentionally. Not sure if this is related to the issue why VMs can't use IPs out of the hardware's node subnet but it sure does look fishy. I checked the routing tables on all nodes and I see no difference. I can also use the IPs from slave14's subnet on any other VM hosted on any slave.
I'm all out of ideas, any kind of suggestions would be appreciated, I know I'm being a bit hard to understand it's just that I haven't assembled all my thoughts.
Thank you.
|
|
| | Topic: Error on apt-get upgrade |
|---|
| Error on apt-get upgrade [message #34221] |
Mon, 15 December 2008 04:34 |
ronnidk
Messages: 7
Registered: November 2008
Location: Denmark |
Junior Member |
From: 83.221.146*
|
|
Hi,
I have a container with Ubuntu 8.10 created from a template. It only have one repository, so I added some, because PHPMyAdmin was complaining about mcrypt, and php5-mcrypt was not found in the repository available.
I added the restricted and universe repository.
When I did an apt-get update && apt-get upgrade I got this:
-----------------------------------------------------------
root@fry:/# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
base-files libgnutls26 libxml2 login passwd procps
6 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 2565kB of archives.
After this operation, 4096B disk space will be freed.
Do you want to continue [Y/n]? y
Get:1 http://security.ubuntu.com intrepid-security/main login 1:4.1.1-1ubuntu1.1 [300kB]
Get:2 http://security.ubuntu.com intrepid-security/main base-files 4.0.4ubuntu2.2 [65.1kB]
Get:3 http://security.ubuntu.com intrepid-security/main passwd 1:4.1.1-1ubuntu1.1 [787kB]
Get:4 http://security.ubuntu.com intrepid-security/main libgnutls26 2.4.1-1ubuntu0.2 [368kB]
Get:5 http://security.ubuntu.com intrepid-security/main procps 1:3.2.7-9ubuntu2.1 [226kB]
Get:6 http://security.ubuntu.com intrepid-security/main libxml2 2.6.32.dfsg-4ubuntu1.1 [819kB]
Fetched 2565kB in 1s (1378kB/s)
(Reading database ... 10586 files and directories currently installed.)
Preparing to replace login 1:4.1.1-1ubuntu1 (using .../login_1%3a4.1.1-1ubuntu1.1_i386.deb) ...
Unpacking replacement login ...
Setting up login (1:4.1.1-1ubuntu1.1) ...
(Reading database ... 10586 files and directories currently installed.)
Preparing to replace base-files 4.0.4ubuntu2 (using .../base-files_4.0.4ubuntu2.2_i386.deb) ...
Unpacking replacement base-files ...
Setting up base-files (4.0.4ubuntu2.2) ...
find: `/var/cache/fontconfig': No such file or directory
find: `/var/cache/fonts': No such file or directory
find: `/var/cache/anthy': No such file or directory
find: `/var/lib/belocs': No such file or directory
find: `/var/lib/gconf': No such file or directory
find: `/var/lib/defoma': No such file or directory
find: `/var/log/installer': No such file or directory
find: `/initrd.img': No such file or directory
find: `/vmlinuz': No such file or directory
find: `/cdrom': No such file or directory
find: `/media/cdrom': No such file or directory
find: `/usr/share/fonts': No such file or directory
find: `/var/lib/anthy': No such file or directory
find: `/var/lib/defoma': No such file or directory
(Reading database ... 10586 files and directories currently installed.)
Preparing to replace passwd 1:4.1.1-1ubuntu1 (using .../passwd_1%3a4.1.1-1ubuntu1.1_i386.deb) ...
Unpacking replacement passwd ...
Setting up passwd (1:4.1.1-1ubuntu1.1) ...
(Reading database ... 10586 files and directories currently installed.)
Preparing to replace libgnutls26 2.4.1-1build1 (using .../libgnutls26_2.4.1-1ubuntu0.2_i386.deb) ...
Unpacking replacement libgnutls26 ...
Preparing to replace procps 1:3.2.7-9ubuntu2 (using .../procps_1%3a3.2.7-9ubuntu2.1_i386.deb) ...
Unpacking replacement procps ...
Preparing to replace libxml2 2.6.32.dfsg-4ubuntu1 (using .../libxml2_2.6.32.dfsg-4ubuntu1.1_i386.deb) ...
Unpacking replacement libxml2 ...
Setting up libgnutls26 (2.4.1-1ubuntu0.2) ...
Setting up procps (1:3.2.7-9ubuntu2.1) ...
Removing obsolete conffile /etc/sysctl.d/10-tcp-timestamps-workaround.conf
* Setting kernel variables (/etc/sysctl.conf)... [ OK ]
* Setting kernel variables (/etc/sysctl.d/10-console-messages.conf)... error: permission denied on key 'kernel.printk'
[fail]
* Setting kernel variables (/etc/sysctl.d/10-network-security.conf)... [ OK ]
* Setting kernel variables (/etc/sysctl.d/10-process-security.conf)... error: permission denied on key 'kernel.maps_protect'
error: "vm.mmap_min_addr" is an unknown key
[fail]
Setting up libxml2 (2.6.32.dfsg-4ubuntu1.1) ...
Processing triggers for libc6 ...
ldconfig deferred processing now taking place
-----------------------------------------------------------
What is good and what is bad?
What is related to the fact that it runs inside a container?
Am I not "supposed" to do this? I think if theres been done some customization to the template, that the upgrade-process remove?
- Ronni
|
|
| | Topic: delete |
|---|
| | Topic: need IPtables example |
|---|
| need IPtables example [message #34145] |
Sun, 07 December 2008 10:12 |
alfonsodiecko
Messages: 14
Registered: October 2008 |
Junior Member |
From: *dip0.t-ipconnect.de
|
|
Hi,
I'm a loan but I have tackled to create a VZ but my problem is to get a working network. I have only one public IP and Debian as root system. I work with the How to http://wiki.openvz.org/Using_NAT_for_container_with_private_ IPs but it seems that my IPtablesscript doesn't work .
here is my IP Tablesscript
echo "iptables werden geladen..."
modprobe ip_conntrack_ftp
modprobe ipt_MASQUERADE
iptables -F
iptables -X
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -N VERWERFEN
iptables -N AKZEPTIEREN
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state INVALID -j VERWERFEN
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A VERWERFEN -j LOG --log-prefix "F_VERWEIGERT:"
iptables -A VERWERFEN -j DROP
iptables -A AKZEPTIEREN -j LOG --log-prefix "F_ERLAUBT:"
iptables -A AKZEPTIEREN -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j AKZEPTIEREN
iptables -A INPUT -p icmp -j AKZEPTIEREN
iptables -A OUTPUT -p icmp -j AKZEPTIEREN
iptables -A INPUT -p udp --dport 53 -j AKZEPTIEREN
iptables -A INPUT -p tcp --dport 53 -j AKZEPTIEREN
iptables -A OUTPUT -p udp --dport 53 -j AKZEPTIEREN
iptables -A OUTPUT -p tcp --dport 53 -j AKZEPTIEREN
iptables -A INPUT -p tcp --dport 80 -j AKZEPTIEREN
iptables -A OUTPUT -p tcp --dport 80 -j AKZEPTIEREN
iptables -A INPUT -p tcp --dport 25 -j AKZEPTIEREN
iptables -A OUTPUT -p tcp --dport 25 -j AKZEPTIEREN
iptables -A INPUT -p tcp --dport 110 -j AKZEPTIEREN
iptables -A INPUT -p tcp --dport 143 -j AKZEPTIEREN
iptables -A INPUT -p tcp --dport 21 -j AKZEPTIEREN
iptables -A OUTPUT -p tcp --dport 21 -j AKZEPTIEREN
iptables -A INPUT -p udp --dport 8767 -j AKZEPTIEREN
#iptables -A INPUT -p tcp --dport 14534 -j AKZEPTIEREN
#iptables -A OUTPUT -p tcp --dport 14534 -j AKZEPTIEREN
iptables -A INPUT -p tcp --dport 10000 -j AKZEPTIEREN
iptables -t nat -P PREROUTING ACCEPT
iptables -A INPUT -p tcp --dport 10122 -j AKZEPTIEREN
iptables -t nat -A PREROUTING -d 217.172.182.14 -i eth0 -p tcp --dport 10122 -j DNAT --to-destination 192.168.172.50:22
iptables -t nat -A POSTROUTING -s 192.168.172.50/32 -o eth0 -j SNAT --to 217.172.182.14
echo "iptables sind geladen"
Are there some mistakes ? I would be happy when you help me with my problem .
kind regards
alfonso
|
|
| | Topic: Deleting personal data in vps (and rpms from updates etc) for rebuild new personalized vps template |
|---|
| Deleting personal data in vps (and rpms from updates etc) for rebuild new personalized vps template [message #34136] |
Sat, 06 December 2008 22:38 |
hostenlinea
Messages: 14
Registered: August 2008 |
Junior Member |
From: *37.232.159.dyn.user.ono.com
|
|
Hi,
I am interested in removing all data not necesary in the vps, rpms from yum updates/upgrades and unique vps data to create an standard vps template but personalized (with control panel included for example etc). Then i tar.gz (once vps is stopped) and get my new system with modifications.
Maybe a "yum clean packages" or "yum clean all" can not delete all data.
I also remove the key files from /etc/ssh/ so when i create a new container it will generate new/unique keys. Other things i include... zero out the log files so they won't contain info from the previous container... remove accounts in /etc/passwd, /etc/group, /etc/shadow and /home, the ips and networking info, i remove too the /tmp dir the .bash_history from root.
I should delete any file(s) more? I want make a good template, with the default services installed, with all packages installed but no personalized vps data and rpms from yum downloads.
All suggestions are welcome. Thanks for help 
Regards,
Amil
|
|
| | Topic: Openvz installer |
|---|
| Openvz installer [message #34130] |
Fri, 05 December 2008 10:34 |
k3oni
Messages: 2
Registered: November 2008 |
Junior Member |
From: *rtr0.scra.hostnoc.net
|
|
For those interested i have created an openvz installer which is currently working for x86 systems and under Debian/Fedora Core/Centos(tested under this OS's).
More details can be found here: http://hostechs.com/openvz-installer/
Maybe this helps some of you!
Free web storage and sharing community - https://www.yaktab.com
|
|
| | Topic: IPTables Error |
|---|
| IPTables Error [message #34129] |
Fri, 05 December 2008 08:37 |
DeadBeet
Messages: 1
Registered: December 2008 |
Junior Member |
From: *ph.ph.cox.net
|
|
I get this error when trying to start IPTables.
[root]# /etc/rc.d/init.d/iptables start
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: mangle filter [ OK ]
Applying iptables firewall rules: iptables-restore: line 70 failed
[FAILED]
[root]#
How do I fix this?
I have been told something about the kernel needs to recognize COMMIT. Anyone know how I can do either?
|
|
| | Topic: Disable ipv6 on HN |
|---|
| Disable ipv6 on HN [message #34121] |
Thu, 04 December 2008 10:20 |
aab49
Messages: 10
Registered: November 2007
Location: USA |
Junior Member |
From: acclamation.com
|
|
I'd like to disable ipv6 on a hardware node and still run the vz service.
I created a file in /etc/modprobe.d/ with following contents and rebooted:
install ipv6 /bin/true
This caused the ipv6 kernel module not to be loaded.
Now however, I am unable to start an containers:
[root@openvz1 vz]# vzctl start 102
Starting container ...
Container is mounted
Invalid kernel, or some kernel modules are not loaded
Container start failed
Container is unmounted
My /etc/vz/vz.conf has IPV6="no".
Is there any way to get Openvz to run with the ipv6 kernel module unloaded like this?
Thanks.
|
|
| | Topic: my o/s crashed then my steps , show me the exit |
|---|
| | Topic: IPv6+NAT+venet IFs |
|---|
| IPv6+NAT+venet IFs [message #33942] |
Thu, 20 November 2008 10:32 |
dcbun
Messages: 1
Registered: November 2008 |
Junior Member |
From: *buffalo.res.rr.com
|
|
EDIT: Shame on me for not skimming the forums before posting.  I see a half a dozen similar problems/solutions to what I seem to be experiencing; I'm going to try a few and see if I can't get this darn thing working.
Hello all, new user of the forums and OpenVZ in general.
Using debian-stable's 2.6.18-12-fza-686 kernel and vzctl (and I ssume all other utilities) version 3.0.23-1dso1~etch0.
I am trying to get IPv6 connectivity working behind a NAT'd IPv4 connection, to no avail. IPv4 connectivity works fine, regardless of whether I use a venet or veth device. My router has a Hurricane Electric provided /48 delegated to it, and distributes a /64 of addresses to the rest of my LAN via radvd stateless autoconfiguration.
Originally I attempted to establish IPv6 functionality behind my NAT using static IPv6 addresses and using venet devices the same way IPv4 is done--by adding a SNAT routing rule to my iptables rules. However, (and please correct me if I am wrong), SNAT does not work with IPv6 connections.
root@skunk:~# ip6tables -t nat -L
ip6tables v1.3.6: can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
Such a module seems to not exist, at least in this build of my kernel. I also cannot find anything on the matter via Google, perhaps SNAT/DNAT has not yet been implemented in IPv6?
skunk=HW, wolf=VE
root@skunk:~# iptables -t nat -L # mangle and main table are empty, default accept
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT 0 -- 192.168.1.0/24 anywhere to:192.168.1.1
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@skunk:~# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0F:B0:02:FA:F0
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.254.0
inet6 addr: 2001:470:881f:dcb:20f:b0ff:fe02:faf0/64 Scope:Global
inet6 addr: fe80::20f:b0ff:fe02:faf0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:796 errors:0 dropped:0 overruns:0 frame:0
TX packets:543 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:86650 (84.6 KiB) TX bytes:61637 (60.1 KiB)
Interrupt:185 Base address:0x7000
root@skunk:~# vzctl create 1 --ostemplate debian-minimal
Creating container private area (debian-minimal)
Performing postcreate actions
Container private area was created
root@skunk:~# vzctl set 1 --ipadd 192.168.1.10 --hostname wolf --nameserver 192.168.0.1 --save
Saved parameters for CT 1
root@skunk:~# vzctl set 1 --ipadd 2001:0470:881f:0dcb:0000:0000:0000:1234 --save
Saved parameters for CT 1
root@skunk:~# vzctl start 1
Starting container ...
Container is mounted
Adding IP address(es): 192.168.1.10 2001:470:881f:dcb::1234
Setting CPU units: 250
Configure meminfo: 28125
Set hostname: wolf
File resolv.conf was modified
Container start in progress...
root@skunk:~# ip route list table all
192.168.1.10 dev venet0 scope link
192.168.0.0/23 dev eth0 proto kernel scope link src 192.168.1.1
default via 192.168.0.1 dev eth0
local 192.168.1.1 dev eth0 table 255 proto kernel scope host src 192.168.1.1
broadcast 127.255.255.255 dev lo table 255 proto kernel scope link src 127.0.0.1
broadcast 192.168.0.0 dev eth0 table 255 proto kernel scope link src 192.168.1.1
broadcast 192.168.1.255 dev eth0 table 255 proto kernel scope link src 192.168.1.1
broadcast 127.0.0.0 dev lo table 255 proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo table 255 proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo table 255 proto kernel scope host src 127.0.0.1
local ::1 via :: dev lo proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
2001:470:881f:dcb::1234 dev venet0 metric 1024 expires 2133392sec mtu 1500 advmss 1440 hoplimit 4294967295
local 2001:470:881f:dcb:20f:b0ff:fe02:faf0 via :: dev lo proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
2001:470:881f:dcb::/64 dev eth0 proto kernel metric 256 expires 214714sec mtu 1500 advmss 1440 hoplimit 4294967295
local fe80::1 via :: dev lo proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
local fe80::20f:b0ff:fe02:faf0 via :: dev lo proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
fe80::/64 dev eth0 metric 256 expires 2133320sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev venet0 metric 256 expires 2133320sec mtu 1500 advmss 1440 hoplimit 4294967295
ff02::1 via ff02::1 dev eth0 metric 0
cache mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth0 metric 256 expires 2133320sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev venet0 metric 256 expires 2133320sec mtu 1500 advmss 1440 hoplimit 4294967295
default via fe80::200:ff:fe00:0 dev eth0 proto kernel metric 1024 expires 2sec mtu 1500 advmss 1440 hoplimit 64
unreachable default dev lo proto none metric -1 error -101 hoplimit 255
root@skunk:~# vzctl enter 1
entered into CT 1
# installed iproute via apt (thus ipv4 works)
wolf:/# ip route list table all
192.0.2.1 dev venet0 scope link
default via 192.0.2.1 dev venet0
broadcast 127.255.255.255 dev lo table 255 proto kernel scope link src 127.0.0.1
local 192.168.1.10 dev venet0 table 255 proto kernel scope host src 192.168.1.10
broadcast 127.0.0.0 dev lo table 255 proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo table 255 proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo table 255 proto kernel scope host src 127.0.0.1
local ::1 via :: dev lo proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
local 2001:470:881f:dcb::1234 via :: dev lo proto none metric 0 mtu 16436 advmss 16376 hoplimit 4294967295
fe80::/64 dev venet0 metric 256 expires 21333793sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev venet0 metric 256 expires 21333793sec mtu 1500 advmss 1440 hoplimit 4294967295
default dev venet0 metric 256 expires 21333793sec mtu 1500 advmss 1440 hoplimit 4294967295
wolf:/# ping6 www.kame.net
PING www.kame.net(orange.kame.net) 56 data bytes
--- www.kame.net ping statistics ---
60 packets transmitted, 0 received, 100% packet loss, time 58990ms
wolf:/# ping6 2001:200:0:8002:203:47ff:fea5:3085 # ipv6 address of www.kame.net
PING 2001:200:0:8002:203:47ff:fea5:3085(2001:200:0:8002:203:47ff:fea5:3085) 56 data bytes
--- 2001:200:0:8002:203:47ff:fea5:3085 ping statistics ---
327 packets transmitted, 0 received, 100% packet loss, time 325959ms
And finally, the tcpdump outputs during a ping6 to www.kame.net:
In VE1 (wolf):
wolf:/# tcpdump -i venet0 -e -vv -c 8 host www.kame.net
tcpdump: WARNING: arptype 65535 not supported by libpcap - falling back to cooked socket
tcpdump: WARNING: venet0: no IPv4 address assigned
tcpdump: listening on venet0, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
16:27:30.944869 Out ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 196
16:27:31.944716 Out ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 197
16:27:32.944551 Out ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 198
16:27:33.944397 Out ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 199
16:27:34.944241 Out ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 200
16:27:35.944101 Out ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 201
16:27:36.943946 Out ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 202
16:27:37.943792 Out ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 203
8 packets captured
12 packets received by filter
0 packets dropped by kernel
In HW node (skunk), from venet0
root@skunk:~# tcpdump -i venet0 -e -vv -c 8 host www.kame.net
tcpdump: WARNING: arptype 65535 not supported by libpcap - falling back to cooked socket
tcpdump: WARNING: venet0: no IPv4 address assigned
tcpdump: listening on venet0, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
11:30:03.921621 In ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 349
11:30:04.921460 In ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 350
11:30:05.921290 In ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 351
11:30:06.921145 In ethertype IPv6 (0x86dd), length 120: (hlim 64, next-header: ICMPv6 (58), length: 64) 2001:470:881f:dcb::1234 > orange.kame.net: ICMP6, echo request, length 64, seq 352
11:30:07.920985 In ethertype IPv6 (0x86dd), length 120: (hlim 64, n
[Updated on: Fri, 21 November 2008 16:35] Report message to a moderator |
|
| | Topic: Adding IPs with different gateways on the HN |
|---|
| Adding IPs with different gateways on the HN [message #33898] |
Tue, 18 November 2008 18:10 |
supergper
Messages: 1
Registered: November 2008 |
Junior Member |
From: 208.53.57*
|
|
So I've setup my initial VE and everything worked great. I was given two static IPs from my server provider. One for the HN and one for the VE. They are 209.17.191.xxx/23 with the gateway 209.17.191.1. Since everything was working how I wanted I ordered 5 more static IPs. However, these IPs are 209.17.186.xxx/23 with the gateway of 209.17.186.1. Now, what do I need to do to get these new IPs working in some new VEs? This is all on CentOS 5 HN and VEs.
Thanks for any help.
[Updated on: Wed, 19 November 2008 16:13] Report message to a moderator |
|
| | Topic: 2.6.26 kernel status |
|---|
| | Topic: Ipv6 problem |
|---|
 Ipv6 problem [message #33576] |
Thu, 23 October 2008 09:34 |
jeff0210
Messages: 4
Registered: September 2008
Location: French |
Junior Member |
From: *pr.univmed.fr
|
|
Hello to all,
I have the problem following, with the kernel 2.6.18-fza the implementation Ipv6 works on venet0, but the same configuration with the kernel 2.6.24 (just restart on the new kernel) Ipv6 does not work any more on venet0, obliged to implement a bridge.
It is normal, if yes how to put on Ipv6 on venet.
Or is it a bug on the new Kernel or kernl-patch ?
Thank you for your help.
ASAP
OS : Ubuntu hardy heron (2.6.24-19)
OPenVZ version : 3.022
Et vive la virtualisation
|
|
| | Topic: Bridge e networking problem |
|---|
| Bridge e networking problem [message #33561] |
Wed, 22 October 2008 05:03 |
giTogo
Messages: 1
Registered: September 2008
Location: Italy, Fermo |
Junior Member |
From: 151.13.194*
|
|
Hi everyone,
My problem is the following script,
#!/bin/bash
#Start-script
VZCTL=/usr/local/sbin/vzctl
IFCONFIG=/sbin/ifconfig
IPTABLES=/usr/sbin/iptables
BRCTL=/sbin/brctl
#
ETH0=eth0
ETH1=eth1
ETH1_1=eth1:1
#
#
BR0=br0
BR1=br1
#
VETH0=0
VETH1=1
VETH2=2
VETH3=3
$BRCTL addbr $BR0
$BRCTL addbr $BR1
#
$IFCONFIG $ETH0 0
$IFCONFIG $ETH1 0
#
$BRCTL addif $BR0 $ETH0
$BRCTL addif $BR1 $ETH1
#
$IFCONFIG $BR0 172.16.250.1 netmask 255.255.224.0
$IFCONFIG $BR1 172.16.250.2 netmask 255.255.224.0
$IPTABLES -F
$IPTABLES -P INPUT DROP
$IPTABLES -P FORWARD DROP
#
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
#
$IPTABLES -I INPUT -j ACCEPT -i lo
$IPTABLES -I INPUT -j ACCEPT -i $BR0
$IPTABLES -I INPUT -j ACCEPT -i $BR1
#
$IPTABLES -I INPUT -j ACCEPT -i $ETH0
$IPTABLES -I INPUT -j ACCEPT -i $ETH1
#
$IPTABLES -A FORWARD -o $BR0
$IPTABLES -A FORWARD -o $BR1
#
$IPTABLES -A FORWARD -o $ETH0
$IPTABLES -A FORWARD -o $ETH1
$IPTABLES -A FORWARD -d 255.255.255.255 -j ACCEPT
#
$IPTABLES -t nat -A POSTROUTING -j MASQUERADE
#
echo "Start CT 101"
#
$VZCTL start 101
$VZCTL set 101 --netif_add $ETH1
#
$VZCTL exec 101 $IFCONFIG $ETH1 172.16.1.1 netmask 255.255.224.0
$BRCTL addif $BR1 veth101.$VETH1
$VZCTL exec 101 $IFCONFIG $ETH1_1 172.16.65.1 netmask 255.255.224.0
$VZCTL exec 101 ip route add default via 172.16.65.254 dev $ETH1
#
echo "Start CT 102"
#
$VZCTL start 102
$VZCTL set 102 --netif_add $ETH0
$VZCTL set 102 --netif_add $ETH1
#
$VZCTL exec 102 $IFCONFIG $ETH0 XXX.XXX.XXX.2 netmask 255.255.255.0
$BRCTL addif $BR0 veth102.$VETH0
$VZCTL exec 102 $IFCONFIG $ETH1 172.16.65.254 netmask 255.255.224.0
$BRCTL addif $BR1 veth102.$VETH1
$VZCTL exec 102 ip route add default via XXX.XXX.XXX.1 dev $ETH0
#
echo "Start CT 103"
$VZCTL start 103
$VZCTL set 103 --netif_add $ETH1
#
$VZCTL exec 103 $IFCONFIG $ETH1 172.16.2.1 netmask 255.255.224.0
$BRCTL addif $BR1 veth103.$VETH1
$VZCTL exec 103 ip route add default via 172.16.1.1 dev $ETH1
#End-Script
with GNU/Linux Slackware 12.0 and kernel 2.6.18.ovz028stab053.5 all interfaces ping fully, with GNU/Linux Slackware 12.1 with kernel 2.6.24.ovz005.1 any interfaces don't ping, I have not modified any program in Slack 12.0 and Slack 12.1, it's all standard.
After a ping 172.16.1.1 executed in CT 103 without response,
I ran the command arp -v and the output data (IP and MAC) is correct and command tcpdump in CT 101 show the arp request with response.
How can I solve the problem?
Thank you in advance for helping me.
giTogo
|
|
| | Topic: Maximum Execution |
|---|
| Maximum Execution [message #33487] |
Thu, 16 October 2008 09:23 |
DataHost
Messages: 1
Registered: October 2008 |
Junior Member |
From: *ph.ph.cox.net
|
|
I am working on a customers VPS, and he has cPanel installed on it. He is getting this error. "Fatal error: Maximum execution time of 30 seconds exceeded in /home/worth/public_html/it/includes/class_db.php on line 162"
I edited php.ini to reflect the following:
max_execution_time = 100
max_input_time = 100
memory_limit = 32M
That didn't change anything. Any idea on what's wrong?
The error still says
"Fatal error: Maximum execution time of 30 seconds exceeded in /home/worth/public_html/it/includes/class_db.php on line 162"
|
|
| | Topic: ~# ip route add 192.168.177.n dev vzbr0 |
|---|
| | Topic: redhat EL 4.6 guest |
|---|
| redhat EL 4.6 guest [message #33359] |
Wed, 08 October 2008 14:58 |
rafespanol
Messages: 1
Registered: October 2008
Location: Santa Clara,CA |
Junior Member |
From: 209.225.224*
|
|
hi,
new to linux openvz but noticed there is sparce information on setting up redhat EL 4.x guest OS. Is there a taboo against this. I would have thought there would be plenty of info on this installation. can someone point me to solution. do I use centos-4.x or fedora-3 template and mold into redhat?
thanks in advance,
raf
|
|
| | Topic: Kernel 2.6.24 ovz006 - Problems? |
|---|
| Kernel 2.6.24 ovz006 - Problems? [message #33277] |
Fri, 03 October 2008 08:42 |
mperkel
Messages: 243
Registered: December 2006 |
Senior Member |
From: *junkemailfilter.com
|
|
I've been using Kernel 2.6.24 ovz005.1 for some time and it's been sable. A few days ago I switched to Kernel 2.6.24 ovz006.1 and I've had two server crashes (different computers). Has anyone else had any problems or is it my bad luck? I'm about to open a bug on this.
Also - I see there is a Kernel 2.6.24 ovz006.2. Other than the version bug has anything else been fixed or is it basically the same thing?
Junk Email Filter
http://www.junkemailfilter.com
|
|
| | Topic: init: no more processes left in this runlevel |
|---|
| init: no more processes left in this runlevel [message #33258] |
Thu, 02 October 2008 08:40 |
TheScorpio
Messages: 1
Registered: October 2008 |
Junior Member |
From: *demon.nl
|
|
Hi,
I have a fresh install of CentOS 5.2 with totally nothing extra included, without doing yum (i already did the same with yum update).
I created a container with the default CentOS template;
centos-5-i386-default.tar.gz
With the following defaults;
vzctl create 104 --ostemplate centos-5-i386-default --config vps.basic
vzctl set 104 --onboot yes --save
vzctl set 104 --hostname openvz1.xxx.nl --save
vzctl set 104 --ipadd xxx --save
vzctl set 104 --numothersock 600 --save
vzctl set 104 --nameserver xxx --nameserver xxx --nameserver xxx --save
vzctl set 104 --vmguarpages=32768 --save
vzctl set 104 --kmemsize=6400000 --save
vzctl set 104 --numproc=600 --save
vzctl set 104 --tcprcvbuf=540000 --save
vzctl set 104 --dgramrcvbuf=150000 --save
vzctl set 104 --privvmpages=1250000 --save
vzctl set 104 --tcprcvbuf=852260 --save
vzctl set 104 --diskspace 5G:5G --save
vzctl set 104 --numproc=400 --save
vzctl start 104
When i boot the machine/container, the /var/log/messages gives the following;
Oct 2 06:56:02 openvz1 syslogd 1.4.1: restart.
Oct 2 06:56:05 openvz1 xinetd[7947]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
Oct 2 06:56:05 openvz1 xinetd[7947]: Started working: 0 available services
Oct 2 06:56:06 openvz1 init: no more processes left in this runlevel
When i install a control panel or something, not all services are started at boot.
The problem seems; "init: no more processes left in this runlevel" to me, but i cannot find anything anywhere about this, how to solve.
Anyone, any idea? Could it has to do something with the CentOS 5.2 system, and the earlier container?
Hope you can help me out. I already did 8 (or more) installs!
I used the following installation guide; http://www.howtoforge.com/installing-and-using-openvz-on-cen tos5.2
|
|
| | Topic: by unawareness, I set the command below on the HWN |
|---|
| by unawareness, I set the command below on the HWN [message #33247] |
Wed, 01 October 2008 15:48 |
ralphw
Messages: 29
Registered: September 2008
Location: Celle |
Junior Member |
From: *dip.t-dialin.net
|
|
O.K., i solved the problem by destoying the VE and created it once again.
Hello,
by unawareness I set the command below on the HWN
vzctl set 177 --netif_add eth0,00:12:34:56:78:9A --save
Is there a command to repair it?
regards
Ralph
AMD Athlon 64 X2 6000+
Dual Core
6 GB DDR2 RAM
2 x 750 GB
SATA II
1 GBit OnBoard
[Updated on: Wed, 01 October 2008 18:09] Report message to a moderator |
|
| | Topic: Does a container,to wich I´ve providet a IP-Adress, a hostname, if I want to host vps´s in this co |
|---|
| | Topic: broken kernel fails to load |
|---|
| broken kernel fails to load [message #33036] |
Thu, 18 September 2008 13:09 |
locutius
Messages: 125
Registered: August 2007 |
Senior Member |
From: *bagu.broadband.ntl.com
|
|
SunFire V20z
CentOS 4
30x VE
uptime since last reboot = 120 days
i first i knew of a problem was customers reporting their VE unavailable
the host node server was unavailable by ssh
i power cycled the server and it returned but the kernel was not the OpenVZ kernel
i edited grub for only one option the OpenVZ kernel and rebooted the system
the kernel failed to load and the server was unavailable
...
it appears that the OpenVZ kernel has failed in operation and broken so that it cannot load
i have 3 other similar machines all running OpenVZ for 1 year already but i have no experience of how to recover from here
help!
|
|
| | Topic: HowToForge: Run WebVZ 2.0 on Debian |
|---|
| | Topic: HN & VEs in multi-subnet VLAN |
|---|
| HN & VEs in multi-subnet VLAN [message #33003] |
Tue, 16 September 2008 17:46 |
tbenoit
Messages: 10
Registered: November 2005 |
Junior Member |
From: *dsl.rcsntx.sbcglobal.net
|
|
We're going to have a few servers in different segments but those segments will be in the same VLAN.
Server1: 192.168.1.10/27 with VE @ .11
Server2: 192.168.1.12/27 with VE @ .13
Server3: 192.168.1.14/27 with VE @ .15
Server4: 192.168.1.16/27 with VE @ .17
Server5: 192.168.2.20/27 with VE @ .21 (notice the different segment)
Both segments are in VLAN100.
Our processes allow for "fail-over" from a failing server onto a good server. We do this by using OpenVZ. So, if "Server5" should fail (let's assume its CPU died), we would fail-over the "Server5" virtual environment (which includes its IP Address) onto "Server1" and clients will still be able to connect to their normal IP Address. Server1 would then have 2 virtual environments, one on 192.168.1.11/27 and the other on 192.168.2.21/27, and it's hardware node configured as 192.168.1.10/27.
A "fail-over" is not an automated process, but a restore from the last backup of the VE onto another hardware node.
Will OpenVZ support this type of setup without additional configuration?
If additional configuration is required, and assistance is appreciated.
Thanks
|
|
| | Topic: Mach auto template creation |
|---|
| Mach auto template creation [message #32940] |
Tue, 09 September 2008 17:45 |
idiogeckmatic
Messages: 2
Registered: July 2008
Location: Houston |
Junior Member |
From: *cptxoffice.net
|
|
I am finding myself in the situation where I need to create about 16 different templates (for different OSes/archs) for software testing. When looking through the wiki for information on how to do this, I came across http://wiki.openvz.org/Creating_a_Red_Hat_Template_with_mach which would be very useful for automating this process.
Unfortunately, this is the only mention of mach w/ openvz I can find (even through google). I was wondering if anyone else had any information on this tool, as it seems to be somewhat obscure.
|
|
| | Topic: Kernelspace L2TP (using openl2tpd) inside VE - PPPOX socket fail |
|---|
| Kernelspace L2TP (using openl2tpd) inside VE - PPPOX socket fail [message #32872] |
Fri, 05 September 2008 12:40 |
|
I previously posted this inside ppp-related thread into Russian forum, but it looks like, that it was wrong place. So now I repost (and restruct) all information into new thread.
Before all:
I have 2.6.26 openvz kernel ( from git, but also tried with 2.6.24 )
Linux 2.6.26 #10 Tue Sep 2 22:32:53 MSD 2008 i686 Intel(R) Celeron(R) CPU 2.80GHz
Kernel and vzctl were patched with patches from bugzilla - http://bugzilla.openvz.org/show_bug.cgi?id=268
Also security check into net/socket.c was patched to pass through PF_PPPOX requests;
I'm trying to get openl2tpd, which use CONFIG_PPPOL2TP kernel module, working. While openl2tpd itself starting successfully, and even establish a tunnel - session creation failing during PPPOX socket creation with '-EAFNOSUPPORT' error:
556 socket(PF_PPPOX, SOCK_DGRAM, 1) = -1 EAFNOSUPPORT (Address family not supported by protocol)
This problem appears only in VE environment.
During some tests, error was located into drivers/net/pppox.c:
static int pppox_create(struct net *net, struct socket *sock, int protocol)
{
int rc = -EPROTOTYPE;
if (net != &init_net) /* << Error here */
return -EAFNOSUPPORT;
( where init_net - boot-created structure from include/net/net_namespace.h:
/* Init's network namespace */
extern struct net init_net;
So, actually init_net - this is HN-init's network namespace and, of course, it isn't equal VE'e net )
I have tried to simple disable this check, but this fails with 'EFAULT'. I wonder if there is any workaround... I have idea about saving init_net into ve_struct objects during VE creation, and replacing all such checks to VE-compatible checks, but this is a big work and my knowledge of C and kernel insufficient to predict results ( I even can't code for VE creation ).
Is there any difference between HN'n net and VE's net for socket operations, or can we just jump into ve0_enviroment while pppox creating and then jump back (or this will mess up everything as creating ve-requested socket into ve0)?
P.S. Sorry for bad English
[Updated on: Fri, 05 September 2008 13:06] Report message to a moderator |
|
| | Topic: Dedicated File Cache |
|---|
| Dedicated File Cache [message #32864] |
Thu, 04 September 2008 17:24 |
moritz.onken
Messages: 1
Registered: September 2008 |
Junior Member |
From: *dip.t-dialin.net
|
|
Hi,
I'm using Postgresql in a virtual machine as DBMS. DBMS depend heavily on the os' file cache. I couldn't find any information whether openvz can assign a certain amount of file cache to a vm.
As far as I can tell, the file cache is managed by the host and not by the vms.
My problem is that if another vm on the same host does heavy IO it steals the file cache from the postgresql vm which has a bad impact on the database performance.
Can anyone confirm this?
|
|
|
Pages (70): [ 20 ]
Current Time: Wed May 22 23:14:03 EDT 2013
|
Members
Search
Help
Register
Login
Home
