Re: Javascript tool that generates the lengthy set of parameters available for ubuntu-vm-builder
The site still works fine. The only thing I would change is hardy to lucid since lucid is the next LTS (long term support). sudo ubuntu-vm-builder kvm lucid --arch 'amd64' --mem '128' --rootsize '4096' --swapsize '1024' --kernel-flavour 'generic' --hostname 'ubuntu' --mirror 'http://archive.ubuntu.com/ubuntu' --components 'main' --name 'Joe Ubuntu' --user 'ubuntu' --pass 'ubuntu' --ip '192.168.1.51' --mask '255.255.255.0' --gw '192.168.1.1' --dns '192.168.1.1' On Fri, May 6, 2011 at 11:33 AM, Christophe Sauthier christophe.sauth...@objectif-libre.com wrote: Hi, On Wed, May 4, 2011 at 11:45 AM, jurgen.depic...@let.be wrote: Hi Dustin. Just a reminder: http://people.canonical.com/~kirkland/ubuntu-vm-builder.html is no longer up to date. Can it still be used or is it completely outdated? This is something that we (in my company) have started to work on lately. I'll try to publish it (in a new url) or provide to dustin next week. All the best, Christophe --- Christophe Sauthier - 06 16 98 63 96 Objectif Libre www.objectif-libre.com Services et Formations Open Source -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Good book recommendations ?
Mark, I would recommend The official Ubuntu server book: http://www.amazon.com/Official-Ubuntu-Server-Book-2nd/dp/0137081332/ref=sr_1_1?ie=UTF8qid=1299693203sr=8-1 Deployments I created a wiki page that completely automates an install from start to finish for lucid: https://www.frackingtubes.com/wiki/index.php/Ubuntu_preseed.cfg_installs_off_PXE_Boot The book also talks about this. automated backup and recovery is also explained allot in the book. I don't specifically use Nagios but buying a book specifically on it will defiantly give you more than you ever wanted to know: http://www.amazon.com/Nagios-Network-Monitoring-Wolfgang-Barth/dp/1593270704 I use http://zabbix.org but I'm probably in the minority here. I hear allot of people use Nagios. Zabbix does everything I need for monitoring. For configuration management allot of people are using puppet chef. Neither of which I have used but are on my list to learn. If you know specifically at what book you want to buy I would just ask on this email thread. I have spent a small fortune on tech books over the years. ~Dan On Wed, Mar 9, 2011 at 11:24 AM, Mark van Harmelen m...@cs.man.ac.ukwrote: Hi everyone We are getting more serious about our random collection of servers, all running ubuntu server 10.04+, and want to buy some books that we can use to build our knowledge and skills. Particularly we are interested in topics like automated deployment, configuration management, and automated backup and recovery. Nagios is also lurking in the backs of our minds. Does anyone have any recommendations for us please? Thanks Mark -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: SSL by default for all packaged web apps?
+1 for SSL of packages. A compromise would just be to run the entire mirror both http https with a self signed cert and leave the default http. The packages that are coming from the ubuntu mirror are very important especially since so many companies use ubuntu in production environments. As for the whole self signed vs. signed by a company I don't really care and I don't think many do either. People that modify the packages to use SSL will know why and what they are doing. Those who don't will just default to http. ~Dan On Tue, Mar 1, 2011 at 8:01 PM, Etienne Goyer etienne.go...@canonical.comwrote: On 11-03-01 06:39 PM, Marc Deslauriers wrote: On Tue, 2011-03-01 at 18:04 -0500, Etienne Goyer wrote: We should not turn on SSL by default with self-signed certificates. That is insecure and is not a configuration that should be encouraged. There is two things there: 1. Encrypting communication between the client and the server (notably to protect the credential exchange from eavesdropping). 2. Preventing MitM by authenticating the server. Using SSL with self-signed certificate doesn't address 2., but it does address 1. From my perspective, it's an incremental improvement over plain-text HTTP. So, why not? I'm not quite sure under which circumstance 1 would be a problem but 2 would not. When you're on a trusted network? If you're on a trusted network, you probably don't need SSL in the first place. There's no such thing as a trusted network. I am just saying that encrypting traffic is an incremental improvement over plain-text HTTP. The problem here is that turning it on by default will instill a false sense of security into people's minds. You are telling them that it's acceptable to bypass the important warnings and to click the OK button in Firefox when they connect the first time. You are showing them the lock icon in Firefox indicating to them that they're on a secure connection, when in fact, that's not the case... Yet, most internal web service (those that aren't public-facing) require the end-user to dismiss a self-signed certificate already. That's what I see out there. Turning SSL on by default would not be a regression, it would be an incremental improvement over plain-text HTTP. I have had that argument with a few people over the years. Fact is, at least for non publicly facing web services, most people will continue to use self-signed certificates for the simple reason that getting a valid certificate (or setting up your own CA) is a huge hassle, and not even always possible. They are trading off security to save $50 and 30 minutes of work. Unless, of course, you are getting every single user to manually validate the fingerprint every time they click that Accept button. And this is the crux of the matter. I have had this argument served recently by obnoxious developers of an application that would not run without a valid SSL certificate, and it was of no help to me. On internal network, organisation of all size often use non-registred domain name. You cannot get a valid SSL certification signed by a CA for a .silly domain, however hard you try. Plus, it's often much more involved that 50$ and 30 minutes. Sometime, it requires you seek approval from procurement, IT security or net ops department to buy a certificate in the name of your org. I would even go as far as arguing that trying to discourage people from using self-signed certificate through systemic measure is a waste of time, because most people just do not understand the implication. Putting the cart before the horses and stuff. Setting up an insecure SSL connection by default, and giving them the impression of being encrypted properly is security theatre. This isn't something we should be recommending, or doing by default. If someone decides that self-signed certificates are good enough for them, they should set it up themselves and face the consequences. And that is what most people are currently doing, in fact. They would be none the worst if we enabled SSL by default. But, in the end, I do not care much and I am not going to argue any more in favor of the proposal. It's just an incremental usability improvement, like ssh-installed-by-default would have been. We could nitpick all night long about the fine point of security vs usability, but it's not very productive. -- Etienne Goyer Technical Account Manager - Canonical Ltd Ubuntu Certified Instructor -LPIC-3 ~= Ubuntu: Linux for Human Beings =~ -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: actual IP not logged when requests come forwarded by a reverse proxy
Tapas, http://stderr.net/apache/rpaf/ you want to enable this module and configure it correctly. On Fri, Feb 18, 2011 at 10:20 AM, Tapas Mishra mightydre...@gmail.comwrote: My apache2.conf http://pastebin.com/uTVKt1wD and apacche vhost file http://pastebin.com/QDd3LDZ4 the apche2.conf and vhost file I gave the link are the machine on LAN where site is actually hosted. When some one from internet access the site then I expect a log of IP in access.log instead of which I see the IP of machine which is working as Reverse Proxy server for all such requests. What mistake did I do above. -- -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: tomcat startup script not working at boot
I have always had problems stopping tomcat 5 with any init script. The free community version of the java service wrapper works great. It comes with its own init script and has many additional features that I needed. http://wrapper.tanukisoftware.com/doc/english/download.jsp how to configure tomcat: http://wrapper.tanukisoftware.com/doc/english/integrate-start-stop-nix.html Then I do: update-rc.d tomcat defaults which is for the old System-V init and not upstart but still works for 10.04 ubuntu. On Thu, Feb 17, 2011 at 8:22 AM, Tapas Mishra mightydre...@gmail.comwrote: On Thu, Feb 17, 2011 at 7:43 PM, Peter Matulis peter.matu...@canonical.com wrote: On 11-02-17 09:03 AM, Tapas Mishra wrote: I am having problems in starting tomcat at boot time with an automated script of mine. [...] Why do you need a custom startup script? -- Peter Then how will it work? I looked here http://packages.ubuntu.com/lucid/all/tomcat6/filelist can I see the file mentioned /etc/init.d/tomcat6 some where so that I understand where is my script failing? -- -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: server installation is not reading the preseed file
Asif, Are you trying to boot off PXE boot? I actually wrote a small wiki entry for lucid 64 bit. https://www.frackingtubes.com/wiki/index.php/Ubuntu_preseed.cfg_installs_off_PXE_Boot On Tue, Feb 15, 2011 at 3:49 PM, Asif Iqbal vad...@gmail.com wrote: I have this isolinux.cfg file but my installation is not reading the preseed.cfg file from my custom cd image. I built it using this method https://help.ubuntu.com/community/InstallCDCustomization # cat /opt/image/isolinux/isolinux.cfg serial 0 console 0 prompt 1 default install label install menu label ^Install Ubuntu Server kernel /install/vmlinuz append preseed/file=/cdrom/preseed.cfg initrd=/install/initrd.gz -- console=ttyS0,9600n8 # cat /opt/image/preseed.cfg file looks like this d-i debian-installer/locale string en_US d-i console-keymaps-at/keymap select us d-i netcfg/disable_dhcp boolean true d-i netcfg/get_nameservers string 192.168.3.65 d-i netcfg/get_ipaddressstring 192.168.0.28 d-i netcfg/get_netmask string 255.255.255.0 d-i netcfg/get_gateway string 192.168.0.1 d-i netcfg/confirm_static boolean true d-i mirror/http/proxy string d-i netcfg/choose_interface select eth0 d-i netcfg/wireless_wep string d-i netcfg/get_hostname string host.example.net d-i netcfg/get_domain string example.net d-i netcfg/wireless_wep string d-i anna/choose_modules string network-console d-i network-console/password password secret d-i network-console/password-again password secret But my installation still asked me about all these. I am trying to install ubuntu lucid 64bit server content of the cd image /opt/images# ls README.diskdefines dists isolinuxpics preseed ubuntu cdromupgradedocinstall md5sum.txt pool preseed.cfg Thanks for the help. -- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Bulk updating dozens of (not identical) servers
I have used Capistrano. It is a ruby gem that enables concurrent commands to be executed across any number of servers using SSH. More info can be found here: https://github.com/capistrano/capistrano/wiki On Thu, Jan 27, 2011 at 10:35 PM, Carlos A. Carnero Delgado carloscarn...@gmail.com wrote: Hi there, the number of servers we have in my organization -- both physical and virtual -- is slowly increasing at a steady pace, and the trend will continue for the foreseeable future. It has come to the point that apt-get upgrading updating each one individually, and manually, is really time consuming and prone to errors. We're looking into stuff like Puppet and Cfengine, and it seems that either will do fine, but we have this feeling or notion that they're a little bit heavyweight for our needs. Not to mention the learning curve. So, in the context of *only* dealing with installed packages updates in an automated way[1] and having 8.04 and 10.04 LTS releases in service, do you guys recommend anything? Did you write custom code? Has anyone seen Fabric in the context of systems administration? [1] Please note that automated here really means bulk updating started from a command (or thingie) given by an administrator. It should not be interpreted as autonomously contacting repos. Thanks in advance, Carlos. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Hard disk high avalibity
I have used rsync with cron. Since you can copy only the data that has changed you can run this often. I have mine set as */5 * * * * On Thu, Jan 20, 2011 at 6:28 AM, Peter Clapham p...@sanger.ac.uk wrote: Looks like gsync could do this. http://open.gandi.net/ Cheers, /N The issue with various syncs are that you need to be there to both perform the switch over following a failure and you also need to manually take care that split brain is avoided. This is less of an issue with a hard fail but a soft fail can be more problematic. Using DRBD is a standard config with (the rightly corrected) pacemaker. This setup will take care of soft fails and auto failover for you if you configure it to use a quorum device. All details are available in the initial link Good luck Pete -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: invalid response from Proxy dns lookup failure in my domains
A work around the DNS is editing the /etc/hosts file and hard coding your servers there. Do you have access to this file? On Mon, Jan 10, 2011 at 9:08 AM, Tapas Mishra mightydre...@gmail.comwrote: On Mon, Jan 10, 2011 at 5:31 PM, Tapas Mishra mightydre...@gmail.com wrote: Hi all. The problem I am reporting is not very clearly evident to me. I have a virtualization setup where in I had configured in 4 virtual machines (which serve 4 different websites) available to internet via a Reverse Proxy on the Host OS (bare metal) I use Ubuntu 10.04 64 bit server edition and kvm for this setup. We have not changed any of the server configurations from past 6 months since things were working properly without any problem on this server. The sites are available to people as http://site1.myserver.com -- No problem http://site1.myserver.com/app1 -- Gives problem till weekend there was no problem http://site4.myserver.com --Is also giving problem till this Sunday 9 Jan there were no problem. Here are the error messages which I see in Apache logs Mon Jan 10 17:07:05 2011] [error] [client 172.21.100.250] proxy: DNS lookup failure for: site4.myserver.com returned by / [Mon Jan 10 17:07:06 2011] [error] [client 172.21.100.250] proxy: DNS lookup failure for: site4.myserver.com returned by / and for site1.myserver.com/app1 also I get same error [Mon Jan 10 17:06:01 2011] [error] [client 172.21.100.250] proxy: DNS lookup failure for: site1.myserver.com returned by /app1/ [Mon Jan 10 17:06:01 2011] [error] [client 172.21.100.250] proxy: DNS lookup failure for: site1.myserver.com returned by /app1/ [Mon Jan 10 17:06:02 2011] [error] [client 172.21.100.250] proxy: DNS lookup failure for: site1.myserver.com returned by /app1/ How ever when some one tries to access http://site1.myserver.com there is no error at all. Also if I access http://site5.somebody_server.com (which is same as http://site4.myserver.com pointing to same public IP) but on some body elses server then there is no problem at all and the site is very clearly visible. Let me know what more should I look for I have no clue of this problem. Because these error messages which I just report in this thread were not at all present until today morning. -- Ok after having a long trouble shooting hours found the root cause my proxy pass entries look as follows ProxyPass /app1 http://192.168.1.3:8080/app1 ProxyPass / http://192.168.1.3 ProxyPassReverse /app1 http://192.168.1.3:8080/app1 ProxyPassReverse / http://192.168.1.3 If I use the entries as above then some one from internet is able to access the sites.But from within LAN people are unable to access it. How ever if I use ProxyPass /app1 http://site1.myserver.com:8080/app1 ProxyPass / http://site1.myserver.com ProxyPassReverse /app1 http://site1.myserver.com:8080/app1 ProxyPassReverse / http://site1.myserver.com then things work on LAN but from internet it is not accessible and errors are the ones I mentioned above in the thread. What can be a solution in this case as I do not have a DNS at my disposal I am simply not allowed to have one. Can some one suggest any thing? -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: virt manager migration option greyed out on Ubuntu 10.04 server edition
I have always had problems with this feature. See this thread: http://ubuntuforums.org/showthread.php?t=1152271 Some of the minimum requirements are the two servers sharing the same storage. I have tried w/ NFS. Would love to know your finding as well. I think many people are moving to UEC for live VM migration. On Thu, Jan 6, 2011 at 11:54 AM, Tapas Mishra mightydre...@gmail.comwrote: I am testing server migration on a Ubuntu 10.04 LTS server edition.Where I have virt-manager installed. How ever when I choose a VM and try attempt for migration of hot vm I see the option of migration greyed out. Is this feature not supported currently in virt-manager? Do I necessarily need to connect to another server. I am also looking for converting the Guest OS in LVM to qemu image where in I can export this qemu image or some other format which is suitable to be used on some other hypervisor.Is it not possible to achieve that in currently in virt-manager. virt-manager 0.8.2 -- Tapas http://mightydreams.blogspot.com -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Not able to boot a software raid installation - Ubuntu 10.04.1 i386
I used to have problems booting software raid with ubuntu 8.04. The fix I found was creating a third device for /boot/ partition. 512MB is plenty big for the /boot/ partition. So my structure was like this: /dev/md0 /boot/ /dev/md1 Swap /dev/md2 / On Sun, Jan 2, 2011 at 6:35 PM, Benjamin Griese der.dar...@gmail.comwrote: Hello, there seems to be a problem with your grub configuration. It looks like grub has problems to load the /boot related files which are misconfigured to be located on fd0. Please boot into a live environment and check your grub.cfg and post the approriate lines. Something you should also check is: Did you try to create a seperate boot partition on each disk which you may want to mirror? Are there any other disks installed besides your two IDEs? And is the BIOS trying to load the MBR off of these disks which hold a faulty config? Summary: Please give us some more information. Bye, benjamin On Mon, Jan 3, 2011 at 01:16, Andres Tarallo atara...@acm.org wrote: H!!! Happy new year !!! I'm setting a software raid in a small home server, with an old dell optiplex GX110.The installation goes smoothly,but I can't boot into the system. I've installed two identical Hard Drives, both as primary drives in the respective IDE controllers. There I've created identical partions in each disk. One partition for /, the other for swap. After the partitions were created I've made the MD devices, /dev/md0 is / and /dev/md1 is swap. The installation continued loaded all packages then installed grub. No errors till there. When I take out the installation CD and go to boot the newly installed system I get: Booting from local disk... error: fd0 read error. error: no such disk grub rescue Any help will be appreciated, apologise poor English Andrés Tarallo -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To be is to do -- Sartre | Do be do be do -- Sinatra -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Why choosing Ubuntu JeOS for Virtual Appliance ?
I have actually used Ubuntu, Gentoo, and Red Hat in production environments. All of them have quirks about each. Gentoo is completely compiled from source. So you may see a little performance gain in doing that but the draw back is patching takes forever. At the time I had a distcc cluster helping compile the code but even then patching was taking way too long. If you are running servers that don't require 24/7/365 services and can spend hours patching, gentoo may be a good option though most of the time this isn't the case. Also when the emerge fails (Gentoo update system) it is up to the Gentoo community to help fix these problems. I have seen emerge fail a handful of times while apt-get update/upgrade I have never seen fail. Another thing I require is to have a local mirror for updating my servers. Ubuntu/Debian are great about this because I can update the local mirror, patch development and testing environments, test to make sure nothing breaks, and then patch production. Then repeat. Red Hat requires subscription fees in order to update the servers. So I don't believe you can actually run a local mirror. I could be wrong but since I don't want the companies I work for spending a fortune on operating systems I use Ubuntu. Another thing I really like is that Ubuntu has a server edition while the default Red Hat installs include a GUI. I never need a GUI on my servers and I don't want the overhead of even running one on my servers. Yes you can remove the GUI stuff during the install but that is why I love the Ubuntu Server edition. Just the minimum set of packages in order to run the server efficiently. Ubuntu server edition is such a great product for enterprise solutions. I have over 50 production servers and probably another 200 in testing development between Amazon EC2 and a data center I use. Ubuntu Server edition is certainly not a student/homePC os. I also absolutely love the LTS (Long Term Support) editions. Knowing I can focus on the services that the server is running and know it will be supported for 5 years is so nice. Ubuntu will be my choice for linux distro for the rest of my life. Ubuntu has done an excellent job. On Sat, Jan 1, 2011 at 1:06 PM, Eliezer elie...@fullmetal1.dyndns.orgwrote: i would ask him to show me the differences between ubuntu and RH or SUSE. it's almost the same kernel and almost the same software. the only thing is that there are other people working on maintaining the release packages and other stuff. i must say that john just kicked everything from your client words!! i had an thing with a friend at work about comparing gentoo and ubuntu on performance and scalability, if you want to take a system that works period you use ubuntu. if you want to start from almost scratch you will use gentoo. but just remember that every time you need to install new software or just update something you will need to recompile many things. and one of that major things about OS is that you can use and maintain it almost instantly. well my opinion On 08/12/2010 17:47, Loïc de la Goutte wrote: Hi Everybody, My company provides a Virtual Appliance based on Ubuntu JeOS. 1. Unfortunately, I am challenged by one of our customers who asks : “Why did you build your appliance on Ubuntu, as my vision is that Ubuntu is considered on the market place more as a student/homePC OS than an enterprise-OS as RedHat ?”. I want to convince him that we have objectively done the good choice. So, do you have such a white paper, that could lists : - Key differentiators of Ubuntu JeOS ? - VMware recommendation ? - List of Enterprise-grade appliances built over Ubunto JeOS ? Thanks in advance, Regards from Paris, France. cid:image001.jpg@01CB5E4D.25DD3D60 Loïc DE LA GOUTTE Director of Product Management, Capacity Management EMEA *Web* www.systar.com http://www.systar.com/ *Tel*+33 (0)1 49 11 45 28 *Cell* +33 (0)6 34 99 33 30 -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: how to transfer an LVM Guest OS on KVM Lucid to another server
Tapas, There is a command virsh migrate --live instanceName qemu+ssh://vmserver06/system. Though I haven't had much luck with it. Check out the last post in this forum: http://ubuntuforums.org/showthread.php?t=1152271 The other option I have used is shutdown the virtual machine and just manually move over the xml and the file that runs the virtual machine. I would like to hear your take on any of this if you ever get it working correctly across 3 or more machines. The pain point is also having a shared NFS location for each server running KVM. I don't have any fancy SAN/NAS devices so I/O through gigabyte ethernet is a concern when running many virtual machine all trying to do disk I/O. On Mon, Oct 4, 2010 at 12:25 AM, Tapas Mishra mightydre...@gmail.comwrote: I am searching for some information. I used virt-manager to create 4 guest OS on KVM. Let us call this server A I am running another server where KVM is running call this server B. Is is some how possible guest running on server A can be transferred to B so that I can run it and do not have to do any extra work. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Ubuntu server and cloud IRC consolidation
I guess the only question I have is where do I ask questions about the KVM hypervisor, virsh, and vmbuilder commands? #ubuntu-server or #ubuntu-cloud? it would nice to have one room like #ubuntu-vm for virtual machines that would include xen, kvm, virsh, virtualbox, eucalyptus, etc. Thanks, Dan On Wed, Aug 11, 2010 at 9:43 AM, Gustavo Niemeyer gust...@niemeyer.netwrote: All suggested changes have been applied. I've changed topic on #ubuntu-cloud to remove the redirection to #ubuntu-server Regards Thanks Ahmed. -- Gustavo Niemeyer http://niemeyer.net http://niemeyer.net/blog http://niemeyer.net/twitter -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: kvm briding and ubuntu
Here is the script I'm using on my server with br0 and eth0. The three
services I have running are https, http, and ssh. I also have it setup so
you can forward traffic through the KVM server. So basically the route of
the virtual machines is the ip of the KVM server and that passes the traffic
on to the public network. I am also in the same boat about having only have
ssh access to the server. What I do is schedule cron to reset iptables
every 30 min. So when I do screw up ssh access and lock myself out I know
that every 30 min I can get back in. Just don't forget that it does run
every 30 min and could run when you are testing :) Once you have iptables
correct remove the cronjob to reset iptables. Hope this helps some. Let me
know what you are trying to accomplish with your iptables. eth0 is on the
public side and br0 is on the private side. I also have my DNS servers on
both the private and public network. Not having DNS on the private side is
a nightmare.
#!/bin/bash
#First we flush our current rules
iptables -F
iptables -t nat -F
#Setup default policies to handle unmatched traffic
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
#Copy and paste these examples ...
export LAN=br0
export WAN=eth0
#Then we lock our services so they only work from the LAN
iptables -I INPUT 1 -i ${LAN} -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -p UDP --dport bootps -i ! ${LAN} -j REJECT
iptables -A INPUT -p UDP --dport domain -i ! ${LAN} -j REJECT
#(Optional) Allow access to our ssh server from the WAN
iptables -A INPUT -p TCP --dport ssh -i ${WAN} -j ACCEPT
iptables -A INPUT -p TCP --dport http -i ${WAN} -j ACCEPT
iptables -A INPUT -p TCP --dport https -i ${WAN} -j ACCEPT
#Drop TCP / UDP packets to privileged ports
#iptables -A INPUT -p TCP -i ! ${LAN} -d 0/0 --dport 0:1023 -j DROP
#iptables -A INPUT -p UDP -i ! ${LAN} -d 0/0 --dport 0:1023 -j DROP
#Finally we add the rules for NAT
iptables -I FORWARD -i ${LAN} -d 192.168.0.0/255.255.0.0 -j ACCEPT
iptables -A FORWARD -i ${LAN} -s 192.168.0.0/255.255.0.0 -j ACCEPT
iptables -A FORWARD -i ${WAN} -d 192.168.0.0/255.255.0.0 -j ACCEPT
iptables -t nat -A POSTROUTING -o ${WAN} -j MASQUERADE
# Tell the kernel that ip forwarding is OK
echo 1 /proc/sys/net/ipv4/ip_forward
# for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 $f ; done
On Fri, Jul 30, 2010 at 4:28 AM, Henning Sprang henning.spr...@gmail.comwrote:
Hi Jimmy,
Can you be more specific and tell exactly what rules you add how to which
interface, and what exactly happens then?
Which packets stop going which way that they previously took and how do you
meadure it?
Henning
Am 30.07.2010 09:24 schrieb Jimmy Stewpot mail...@oranged.to:
Hello,
I have a working environment where I have the following configuration. eth0
is in the bridge br0. I then have a KVM virtual machine running perfectly. I
now want to configure the host server (With br0) to have a set of iptables
rules. Unfortunately every time I add any rules to the interface br0/eth0 i
loose all connectivity despite having a permit/any/any rule for port 22. Can
anyone provide any insight into why that would be the case?
Regards,
Jimmy.
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
vmbuilder strange outcome
So I run this command with vmbuilder without tmpfs since I want this machine persistent. vmbuilder kvm ubuntu --suite=lucid --flavour=virtual --arch=amd64 --mirror= http://192.168.1.4/ubuntu -o --libvirt=qemu:///system --ip=192.168.1.50 --gw=192.168.1.1 --part vmbuilder.partition --user=user --name=user --pass=pass --addpkg=wget --addpkg=cron --addpkg=vim --addpkg=ntp --addpkg=ntpdate --addpkg=ssh --addpkg=xvfb --addpkg=build-essential --addpkg=linux-headers-virtual --addpkg=locate --addpkg=postfix --addpkg=vpnc --addpkg=acpid --addpkg=clamav --addpkg=chkrootkit --addpkg=rkhunter --addpkg=apache2 --addpkg=openssl --mem=512 --hostname=vm00 --bridge=br0 I start the vm and it runs fine: Then I start another vm that I want to do testing on with tmpfs: vmbuilder kvm ubuntu --suite=lucid --flavour=virtual --arch=amd64 --mirror= http://192.168.1.4/ubuntu -o --libvirt=qemu:///system --tmpfs=- --ip=192.168.1.51 --gw=192.168.1.1 --part vmbuilder.partition --user=user --name=user --pass=pass --addpkg=wget --addpkg=cron --addpkg=vim --addpkg=ntp --addpkg=ntpdate --addpkg=ssh --addpkg=xvfb --addpkg=build-essential --addpkg=linux-headers-virtual --addpkg=locate --addpkg=postfix --addpkg=vpnc --addpkg=acpid --addpkg=clamav --addpkg=chkrootkit --addpkg=rkhunter --mem=512 --hostname=vm01 --bridge=br0 I start the vm and it runs fine as well. I then do a reboot on the actual server running both virtual machines. When the server comes backup vm01 is running and vm00 is not. Then when I try to start vm00 I get: Id Name State -- 1 vm01 running - vm00 shut off virsh # start vm00 error: Failed to start domain vm00 error: monitor socket did not show up.: Connection refused Maybe I'm missing something trivial. Please let me know. here is my /etc/libvirt/qemu/vm00.xml domain type='kvm' namevm00/name uuid3b7c0ae2-0e01-f6a7-d25a-f830ebf743ee/uuid memory524288/memory currentMemory524288/currentMemory vcpu1/vcpu os type arch='x86_64' machine='pc-0.12'hvm/type boot dev='hd'/ /os features acpi/ /features clock offset='utc'/ on_poweroffdestroy/on_poweroff on_rebootrestart/on_reboot on_crashdestroy/on_crash devices emulator/usr/bin/kvm/emulator disk type='file' device='disk' source file='/root/ubuntu-kvm/tmpqDe91O.qcow2'/ target dev='hda' bus='ide'/ /disk disk type='file' device='disk' source file='/root/ubuntu-kvm/tmpDiQKxk.qcow2'/ target dev='hdb' bus='ide'/ /disk interface type='bridge' mac address='52:54:00:c0:77:0b'/ source bridge='br0'/ model type='virtio'/ /interface input type='mouse' bus='ps2'/ graphics type='vnc' port='-1' autoport='yes' listen='127.0.0.1'/ video model type='cirrus' vram='9216' heads='1'/ /video /devices /domain and my vm01.xml domain type='kvm' namevm01/name uuid8787828a-5312-b16a-b418-ff4aeb899cbd/uuid memory524288/memory currentMemory524288/currentMemory vcpu1/vcpu os type arch='x86_64' machine='pc-0.12'hvm/type boot dev='hd'/ /os features acpi/ /features clock offset='utc'/ on_poweroffdestroy/on_poweroff on_rebootrestart/on_reboot on_crashdestroy/on_crash devices emulator/usr/bin/kvm/emulator disk type='file' device='disk' source file='/root/ubuntu-kvm/tmppPDWFz.qcow2'/ target dev='hda' bus='ide'/ /disk disk type='file' device='disk' source file='/root/ubuntu-kvm/tmp3pp8px.qcow2'/ target dev='hdb' bus='ide'/ /disk interface type='bridge' mac address='52:54:00:37:07:d1'/ source bridge='br0'/ model type='virtio'/ /interface input type='mouse' bus='ps2'/ graphics type='vnc' port='-1' autoport='yes' listen='127.0.0.1'/ video model type='cirrus' vram='9216' heads='1'/ /video /devices /domain -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: vmbuilder strange outcome
actually both files for vm00 are gone. I also tried this again without using tmpfs and got the same results. It seems like creating the second vm is deleting the files for the first vm. Is this even possible? On Fri, Jul 30, 2010 at 9:21 AM, Serge E. Hallyn serge.hal...@canonical.com wrote: Quoting Dan Sheffner (dsheff...@gmail.com): I then do a reboot on the actual server running both virtual machines. When the server comes backup vm01 is running and vm00 is not. Then when I try to start vm00 I get: Id Name State -- 1 vm01 running - vm00 shut off virsh # start vm00 error: Failed to start domain vm00 error: monitor socket did not show up.: Connection refused Interesting - is there any helpful info under /var/log/libvirt? Maybe I'm missing something trivial. Please let me know. Well it is possible that you are not in group libvirt, and that you couldn't manually start vm01 either? It was auto-started after all. What does 'groups' show? -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Ubuntu Server: Kernel Configuration Considerations
I think you want: d-i base-installer/kernel/override-image string linux-server what do you have in your file for that? On Wed, Jun 30, 2010 at 8:14 AM, Kaushal Shriyan kaushalshri...@gmail.comwrote: Hi, The issue is that we have built ubuntu using kickstart/tftp/pxe image on all the 300 servers. The issue is with the pxe server. We found out that the running Kernel on all the ubuntu hosts are 2.6.24-16-generic and not 2.6.24-16-server. Please suggest me whats the best way to set it to correctly to 2.6.24-16-server on all the hosts running ubuntu 8.04 server(Hardy) Thanks and Regards Kaushal -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Ubuntu Server: Kernel Configuration Considerations
you are using a preseed.cfg file right? You want to have this in there: # The kernel image (meta) package to be installed; none can be used if no # kernel is to be installed. #d-i base-installer/kernel/image linux-generic d-i base-installer/kernel/override-image string linux-server That is what picks which kernel is should be running I believe. I have documented allot of the PXE boot stuff here: https://www.digisoftinc.org/wiki/index.php/Ubuntu_preseed.cfg_installs_off_PXE_Boot As far as fixing it on each machine that is beyond my expertise but I believe you would have to get the ubuntu server kernel...compile it and then add it to your grub list. Sorry if you are looking for a direct fix for each server. On Wed, Jun 30, 2010 at 8:32 AM, Kaushal Shriyan kaushalshri...@gmail.comwrote: On Wed, Jun 30, 2010 at 6:49 PM, Dan Sheffner dsheff...@gmail.com wrote: I think you want: d-i base-installer/kernel/override-image string linux-server Hi Dan d-i base-installer/kernel/override-image string linux-server ? is that a command. I didnot understand it. Please help me understand Thanks and Regards Kaushal -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
vmbuilder with tmpfs
Is anyone using the --tmpfs command with vmbuilder? I'm using ubuntu 10.04 64 bit and I get: vmbuilder: error: no such option: --tmpfs and it clearly in the docs here: https://help.ubuntu.com/10.04/serverguide/C/jeos-and-vmbuilder.html -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: KVM failover to another KVM server
Both machines have /etc/libvirt/qemu/ubuntuTest.xml present and I get the same error. Do I have to load the xml in the vmserver06 machine? From: Matt Isaacs matthew.isa...@gmail.com To: Dan Sheffner theshef...@yahoo.com Cc: Mark Foster m...@foster.cc; ubuntu-server@lists.ubuntu.com Sent: Friday, May 8, 2009 4:37:13 PM Subject: Re: KVM failover to another KVM server The XML config files have to be present on both servers. On Fri, May 8, 2009 at 2:54 PM, Dan Sheffner theshef...@yahoo.com wrote: ok now I have three servers: 1) storage01 2) vmserver05 3) vmserver06 storage01 one is sharing out /root/vm/ directory through NFS. /root/vm from storage01 is mounted at /root/vm on both vmserver05 and 06. I have created a kvm host on vmserver05 and when I do: migrate --live ubuntuTest qemu+ssh://vmserver06/system error: operation failed: failed to parse XML do I need to put the xml file on vmserver06? in the /root/vm directory? From: Matt Isaacs matthew.isa...@gmail.com To: Mark Foster m...@foster.cc Cc: Dan Sheffner theshef...@yahoo.com; ubuntu-server@lists.ubuntu.com Sent: Friday, May 8, 2009 12:07:37 PM Subject: Re: KVM failover to another KVM server DRBD is another nice solution to the shared storage issue. On Fri, May 8, 2009 at 12:00 PM, Mark Foster m...@foster.cc wrote: The ability to do migration requires shared storage such as via iSCSI or SAN or perhaps NAS (NFS). The storage needs to be visible on both host nodes on the same path. Dan Sheffner wrote: I have also tried with the virtual machine manager to migrate from one server to another. It seems like it should work but nothing actually happens. *From:* Victor Padro vpa...@gmail.com *To:* Dan Sheffner theshef...@yahoo.com *Cc:* ubuntu-server@lists.ubuntu.com *Sent:* Thursday, May 7, 2009 3:12:16 PM *Subject:* Re: KVM failover to another KVM server On Thu, May 7, 2009 at 3:02 PM, Dan Sheffner theshef...@yahoo.com mailto:theshef...@yahoo.com wrote: Ok I have gotten close but still having issues. I have two machines running ubuntu 9.04 server AMD and I'm trying to fail from one machine to another with: connected to virsh console: migrate ubuntuTest qemu+ssh://vmserver06.ttr/system error: operation failed: failed to parse XML any ideas? - Original Message From: Dan Sheffner theshef...@yahoo.com mailto:theshef...@yahoo.com To: ubuntu-server@lists.ubuntu.com mailto:ubuntu-server@lists.ubuntu.com Sent: Thursday, May 7, 2009 11:31:34 AM Subject: KVM failover to another KVM server I searched hi ahd low but I haven't been able to find how to fail a virtual machine from one KVM server to another. Can someone link me to the doc that does this or show me an example. I would hope you are able to do this while the server is running. Thanks in advance. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com mailto:ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam Proxmox is debian based KVM's bare installer and does have that function(Clustering). http://pve.proxmox.com -- It is human nature to think wisely and act in an absurd fashion. Todo el desorden del mundo proviene de las profesiones mal o mediocremente servidas -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
KVM failover to another KVM server
I searched hi ahd low but I haven't been able to find how to fail a virtual machine from one KVM server to another. Can someone link me to the doc that does this or show me an example. I would hope you are able to do this while the server is running. Thanks in advance. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: KVM failover to another KVM server
Ok I have gotten close but still having issues. I have two machines running ubuntu 9.04 server AMD and I'm trying to fail from one machine to another with: connected to virsh console: migrate ubuntuTest qemu+ssh://vmserver06.ttr/system error: operation failed: failed to parse XML any ideas? - Original Message From: Dan Sheffner theshef...@yahoo.com To: ubuntu-server@lists.ubuntu.com Sent: Thursday, May 7, 2009 11:31:34 AM Subject: KVM failover to another KVM server I searched hi ahd low but I haven't been able to find how to fail a virtual machine from one KVM server to another. Can someone link me to the doc that does this or show me an example. I would hope you are able to do this while the server is running. Thanks in advance. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
ubuntu 9.04 AMD Server Ed HP DL140
Hello, I just had a quick question about which option should I pick during the install of the ubuntu server ed. I'm turning my HP DL 140 into a KVM Server for virtual hosts. Would the default install be the best option or should I press F4 and select minimum install or minimal virtual machine? I'm little confused by the term minimum virtual machine? is this for the operating system running as a KVM server or the option you should pick when you are installing the os within the virtual environment? -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
