Re: Bridging wireless nic for kvm guests

2014-12-23 Thread Tyler J. Wagner 
By "wireless bridging", you intend to bring up multiple MAC addresses on
the interface, one for the host and one for each VM. That simply won't work
on many wireless chipsets, which won't allow multiple MAC addresses.

You'll need to use one of:

1. A physical Ethernet interface.

2. A software bridge for the VMs, with routing in the host, and NAT.

If you can't use #1, then use #2 and put multiple IPs on the host's
wireless interface. Then NAT each one using DNAT/SNAT firewall rules to a
VM using an internal IP on the software bridge.

Regards,
Tyler

On 2014-12-23 13:45, C. L. Martinez wrote:
> it seems it is not possible ... Am I right??
> 
> On Mon, Dec 22, 2014 at 10:30 AM, C. L. Martinez  wrote:
>> Hi all,
>>
>>  I am trying to setup a bridge with a wireless nic (USB) only. I have
>> followed the following steps:
>> https://wiki.debian.org/BridgeNetworkConnections, but it doesn't works
>> in my ubuntu server 14.04.
>>
>>  How can I bridge a wireless usb nic for kvm guests?? I need to use
>> this bridge fro three guests. For this reason, I can't use usb
>> passthrough.
>>
>>  Thanks.
> 

-- 
"Privacy has to be viewed in the context of relative power. For example,
the government has a lot more power than the people. So privacy for
the government increases their power and increases the power imbalance
between government and the people; it decreases liberty. Forced openness
in government – open government laws, Freedom of Information Act
filings, the recording of police officers and other government officials,
WikiLeaks – reduces the power imbalance between government and the
people, and increases liberty."
   -- Bruce Schneier

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: to host website on my ubuntu server at home, domain is registered, now how to get DDNS???

2014-11-10 Thread Tyler J. Wagner 
Excellent! I'm glad you found a solution.

Note that you probably cannot host an email server this way, as MX records
should be A records, and your email will appear to be spammy to many hosts.

Regards,
Tyler

On 2014-11-10 17:43, Rajeev Prasad wrote:
> thank you Tyler. I ended up doing that.
> regards.
> Rajeev
> 
> 
> On Monday, November 10, 2014 5:43 AM, Tyler J. Wagner 
> wrote:
> 
> 
> Try making your .com's DNS be a CNAME record pointing to your no-ip DDNS
> name. This should work with any DDNS provider.
> 
> Regards,
> Tyler
> 
> On 2014-11-09 02:38, Rajeev Prasad wrote:
>> friends, I have just regiestered my domain name which ends in .com
>> I am looking for _free_ DDNS service.
>>
>> tried:
>> 1. freedns:  rejected, because it allows others to build hosts under your
>> domain name.
>> 2. no-ip: rejected, does not allow to register the complete domain name
>> (mysite.com)
>>
>> anybody who can suggest best/free DDNS service out there?
>>
>> thank you.
>> Rajeev
> 
>>
>>
> 
> -- 
> "All that is necessary for the triumph of evil is that good men do
> nothing."
>   -- Attributed to Edmund Burke
> 
> 
> 

-- 
"The ultimate measure of a man is not where he stands in moments of
comfort and convenience, but where he stands at times of challenge and
controversy."
   -- Martin Luther King, Jr.

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: to host website on my ubuntu server at home, domain is registered, now how to get DDNS???

2014-11-10 Thread Tyler J. Wagner 
Try making your .com's DNS be a CNAME record pointing to your no-ip DDNS
name. This should work with any DDNS provider.

Regards,
Tyler

On 2014-11-09 02:38, Rajeev Prasad wrote:
> friends, I have just regiestered my domain name which ends in .com
> I am looking for _free_ DDNS service.
> 
> tried:
> 1. freedns:  rejected, because it allows others to build hosts under your
> domain name.
> 2. no-ip: rejected, does not allow to register the complete domain name
> (mysite.com)
> 
> anybody who can suggest best/free DDNS service out there?
> 
> thank you.
> Rajeev
> 
> 

-- 
"All that is necessary for the triumph of evil is that good men do
nothing."
   -- Attributed to Edmund Burke

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: 10.04

2013-10-06 Thread Tyler J. Wagner 
On 2013-10-04 16:45, Phil Dobbin wrote:
> Hi, all.
> 
> I run a lot of old Dell & HP servers that can't cope with Plymouth & won't
> install 12.04.
> 
> I'm wondering does 10.04 suffer from the same affliction or could I install
> that?
> 
> Any help appreciated.

Ubuntu 10.04 installs plymouth by default. Both my HP DL380 gen 5 and Dell
PowerEdge 2950 servers run 10.04 and 12.04 just fine. I can't say if your
hardware would deal with it. Give a Live USB a go and see.

Tyer


-- 
"Tact is the ability to describe others as they see themselves."
   -- Anne Morrow Lindbergh

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: Broadcom NetXtreme network card issue

2013-09-27 Thread Tyler J. Wagner 
On 2013-09-27 09:45, Raffaele Morelli wrote:
> my ubuntu server has a Broadcom Corporation NetXtreme II BCM5708
> Gigabit Ethernet (rev 12).
> lspci should show 4 entries for this card but actually only one entry is 
> listed.
> 
> The same network card is installed on a debian server, lspci output
> correctly shows 4 entries.

Is this card integrated into the motherboard? Are the ports enabled in
BIOS? It's common to find an enable/disable option for Ethernet ports.

Regards,
Tyler

-- 
"Laws are never as effective as habits."
   -- Adlai Stevenson

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: 12.04 server oddity

2013-05-09 Thread Tyler J. Wagner 
On 2013-05-09 08:40, Phil Dobbin wrote:
> Interesting. ssh was working & got all the way to the password prompt
> before permission was denied ('password/public key').

That's definitely not a firewall issue, then. Questions:

1. Are you logging in as the root user, or the user you created during
installation? The root user has no password by default, so you wouldn't be
able to login.

2. It's possible that SSH is configured so that root cannot login by
password, in /etc/ssh/sshd_config:

PermitRootLogin without-password

I don't know if that's the default now. If so, you need to login as the
other user and sudo, then set a root password and change that line.

> I know of several people in my situation who'd have just swore at the
> situation, deleted offending distro & gone ahead & installed either
> Debian or CentOS (time is money & all that) & that'd been that.

I understand their frustration, but all distros now have this problem. Init
isn't serial anymore, it's event-driven. That means we need a way to
interact with the user at boot time when there are prompts, such as during
fsck. And some users like splash screens. These things are in conflict, and
Plymouth is our best solution. I am surprised that older ATI hardware has
issues on modern kernels.

There is certainly a modeline you could pass to the kernel at boot time
that will drive your display, even at a low resolution. But you'd have to
work that out while you had console access.

Regards,
Tyler

-- 
"We should forget about small efficiencies, say about 97% of the time;
premature optimization is the root of all evil."
   -- Donald Knuth

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: 12.04 server oddity

2013-05-08 Thread Tyler J. Wagner 
On 2013-05-08 20:10, Phil Dobbin wrote:
> I enabled the ssh server during install but saw no option to disable ufw
> (it may have been there but I wasn't really looking for it). No open
> ports by default is fine by me ...

If you enabled SSH during install, then you should have a listening SSH
server. UFW is _not_ activated by default with a normal Ubuntu Server
install as of 12.04. I don't know what happened here.

> but the screen nonsense is ridiculous.

There are good reasons to use Plymouth, whatever you may think of splash
screens. It's easy to disable it and get the normal text boot process with
Plymouth.

I'm sorry you've had so much trouble with the display, but there's
something else going on with the SSH setup, the server, or the network.

Regards,
Tyler

-- 
"[...] freedom is kind of a hobby with me, and I have disposable income
that I'll spend to find out how to get people more of it."
   -- Penn Jillette

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: rdiff-backup is it best openSource continous backup solution?

2013-02-20 Thread Tyler J. Wagner 
On 2013-02-20 23:30, Rajeev Prasad wrote:
> I realized that a complete snapshot of the system (my requirement #6),
> which can be restored in one go (all OS/Apps/data etc.) is best done using
> software like clonezilla (I am looking at clonezilla right now).

For all OS/Apps/Data, you need only a tool that copies files and your OS
install media. Rsync does that just fine. Clonezilla can also copy
partitions, LVM, and other block-level data structures.

> I liked rdiff-backup when i saw it first time, but when i saw last release
> was in 2009. I wanted to be sure, if there is devolpment being done on it
> (say for another LTS release if any FS changes comes along etc.). So I
> asked if active devlopment is happenign on it or not.

>From the website, it doesn't appear to be in active development. There are
plenty of GUI tools that use it underneath.

Regards,
Tyler

-- 
"Referring to obesity as a 'form of malnutrition' comes with no moral
judgments attached, no belief system, no veiled insinuations of gluttony
and sloth. It merely says that something is wrong with the food supply
and it might behoove us to find out what."
   -- Gary Taubes, "Why We Get Fat"

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: rdiff-backup is it best openSource continous backup solution?

2013-02-20 Thread Tyler J. Wagner 
I saw your post to the BackupPC user list. I prefer BackupPC, but it's not
ideal for bare-metal restore. It's ideal for "whoops, undelete", and as
poor-man's version control. It can be used for bare-metal restore as well,
but I recommend installing a base OS from the install media, then restoring
over that using BackupPC_tarCreate at the CLI. If you want to continue this
discussion, please take it to the BackupPC user list.

Otherwise, rdiff-backup is great, supported, and works fine. Rsync + diff,
what's not to love?

I personally use rsync to a LUKS-encrypted removable drive once a month or
so, plus BackupPC to get the dailies. I use BackupPC at home and at my
company, where we have ~70 Linux servers and workstations, and 5 Windows
PCs, all safely backed up for the past 3 months, to just 4 TB.

Regards,
Tyler

On 2013-02-20 20:08, Rajeev Prasad wrote:
> Gurus,
> 
> need words of wisdom adn experiecne on backup solution for my ub server
> 1204 LTS
> 
> a quick seacrh produced many results
>  and this continous
> backup solution(rdiff-backup ).
> 
> is rdiff-backup currently managed?
> 
> need something which:
> 
> 1. actively managed/devloped. (dont want to commit to dead end/dead/dying
> software)
> 2. does continous backups.
> 3. backup atleast last 3 versions of a file/folder.
> 4. backup to network drive.
> 5. backup other connected PCs, Macs and Unix hosts.
> 6. backup my complete LAMP ubuntu server with other modules/apps installed.
> (so that with one restore operation I can get my crashed server back up to
> a working status).
> 
> kindly suggest the best option out there. command line is fine.
> 
> ty.
> Rajeev
> 
> 

-- 
"A society that will trade a little order for a little freedom will
lose both, and deserve neither."
   -- Thomas Jefferson

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: how to move my website from ubuntu 10.10 to 12.04 LTS?

2013-01-29 Thread Tyler J. Wagner 
On 2013-01-29 18:11, Rajeev Prasad wrote:
> These are two different servers. Website is production, but can take
> downtime of about 1 day (weekend).
> 
> I was planning to make a tarball from old server and extract on new one,
> and as the last step, move the permanent IP.

I generally use rsync for that, along with an excludes file
(--excludes-from). Attached is a template.

Tyler

-- 
"The universe is probably littered with the one-planet graves of cultures
which made the sensible economic decision that there's no good reason
to go into space – each discovered, studied, and remembered by the ones
who made the irrational decision."
   -- Randal Munroe
- /dev/
- /lib/modules/*/volatile/
- /media/
- /mnt/
- /proc/
- /run/
- /sys/
- /tmp/
- /var/lock/
- /var/run/
- /var/tmp/
- /var/cache/apt/archives/
- /etc/udev/rules.d/70-persistent-net.rules
- /boot/
- /etc/fstab
- /etc/mtab
- /root/screenlog.*
- /home/
-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: how to move my website from ubuntu 10.10 to 12.04 LTS?

2013-01-29 Thread Tyler J. Wagner 
On 2013-01-29 10:59, Nagy Gergely wrote:
> He mentioned 32bit to 64bit move with mysql, i had my bad experience
> with this.

I'm not aware of any differences in MySQL file storage based on
architecture. I did learn about rrdtool's architecture-dependant files the
hard way, though.

It never hurts to make and restore from mysql dumps. Just make sure you get
the "mysql" database as well, as this includes your permissions.

Regards,
Tyler

-- 
"... I've never seen the Icarus story as a lesson about the limitations of
humans. I see it as a lesson about the limitations of wax as an adhesive."
   -- Randall Munroe, "XKCD What IF?: Interplanetary Cessna"

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: how to move my website from ubuntu 10.10 to 12.04 LTS?

2013-01-29 Thread Tyler J. Wagner 
On 2013-01-29 00:25, Rajeev Prasad wrote:
> I have a huge website running on LAMPerl  ubuntu desktop 10.10 32bit
> 
> I have to now move it over to ubuntu server 12.04 LTS 64bit.

Make a dump of your current package list first:

dpkg -l > dpkg.maverick

You may want to refer to it later for those "Oh crap, what package did I
forget?! moments.

In particular, make a list of all packages related to apache2, mysql, perl.
Here's a one-liner you can later paste after "apt-get install":

dpkg -l \*mysql\* \*apache\* \*perl\* | grep ^i | cut -f 3 -d ' ' | tr '\n'
' ' ; echo

Copy /var/www, of course. I'm not sure why Nagy advised you not to copy
/var/lib/mysql; that should work just fine. When mysqld starts it will
upgrade them. But just in case, before upgrading, use mysqldump to dump all
databases.

Do not upgrade via do-release-upgrade or dist-upgrade. Reinstall from
scratch. If you were using 10.10 64-bit, this would be fine, but changing
architectures requires a reinstall. I've upgraded from maverick through
natty and oneric to precise on one LAMP server without incident using
do-release-upgrade.

Finally, do take a complete backup. Something as simple as the following
will save you a lot of trouble later:

rsync -av /bin /boot /etc /home /initrd* /lib* /opt /root /sbin /srv /usr
/var /vmlinu* /media/mounted_usb_disk

Regards,
Tyler

-- 
"Any advert in a public space that gives you no choice whether you see it
or not is yours. It’s yours to take, re-arrange and re-use. You can do
whatever you like with it. Asking for permission is like asking to keep
a rock someone just threw at your head. You owe the companies nothing."
   -- Banksy on Advertising

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: D.ROOT-SERVERS.NET changed January 3rd 2013

2013-01-09 Thread Tyler J. Wagner 
On 2013-01-09 04:15, Chuck Peters wrote:
> See http://d.root-servers.org/.  I think bind9, and likely other DNS
> servers, should be updated to include the correct IPv4 D root
> server, http://www.internic.net/domain/named.root, and filed a bug
> report, https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1090593.  As
> the issue stands now, it could be a long time before the LTS releases get
> the update, but it should not cause serious DNS problems.  
> 
> Robie Basak triaged the bug report and said:
> I'm reluctant to push for this unless a clear consensus is reached,
> somebody points out exactly what we've done in the past, or an experienced
> Ubuntu developer tells me otherwise.

Am I misreading this? It seems like a very simple fix. Update
/etc/bind/db.root in the bind9 packages. It's trivial to verify that the
new D root server is working:

$ dig SOA @199.7.91.13

In fact, the old IP (128.8.10.90) is still also responding, but that may
stop at any time.

I'm applying this update to my DNS servers now.

Regards,
Tyler

-- 
Commander Harken: "Seems odd you’d name your ship after a battle you
were on the wrong side of."
Captain Reynolds: "May have been the losing side. Still not convinced
it was the wrong one."

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: Keeping system up to date with security but few reboots

2012-12-12 Thread Tyler J. Wagner 
On 2012-12-12 02:24, Asif Iqbal wrote:
> We manage lots of ubuntu LTS 64 bit servers Lucid and Precise.
> 
> We are using unattended-upgrades and only have the following 
> line uncommented in /etc/apt/apt.conf.d/50unattended-upgrades file
> 
>  "${distro_id}:${distro_codename}-security";
> 
> I am looking for a best practice to keep the system secure with
> less number of reboots. Should that be sufficient?

Short answer: yes.

Long answer: you can apply "${distro_codename}" and
"${distro_codename}-updates" if you want. I do. But it does mean *services*
will restart more often.

You don't have to reboot at all. With any of these updates applied you'll
get new kernels periodically, and it's best to reboot when they come in.
But you don't have to, unless you think the reason for the update is a
security problem you have to address. For example, on servers with no local
users (including the web server), I'm less concerned about local user
privilege escalation. On servers without IPX, I don't care about updates to
the IPX network stack. Etc. So I don't reboot unless I see the update
matters to me.

Here is my recommended best practice:

1. Keep ${distro_codename}-security updated automatically.

2. Periodically (say, monthly), update ${distro_codename} and
${distro_codename}-updates. Use clusterssh/puppet/whatever to do this.

3. Subscribe to ubuntu-security-annou...@lists.ubuntu.com and read it
daily. If you see an update that pertains to you, apply it immediately and
reboot if needed. If not, you can ignore new kernels.

Regards,
Tyler

-- 
"... my partner and I became exhibit A in a process that I have been
warning Americans about since 2007: first they come for the 'other' –
the 'terrorist', the brown person, the Muslim, the outsider; then they
come for you – while you are standing on a sidewalk in evening dress,
obeying the law."
   -- Naomi Wolf, "How I was arrested at Occupy Wall Street", 2011-10-19

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: Proxy arp works in 12.04?

2012-10-28 Thread Tyler J. Wagner 
On 2012-10-28 14:26, C. L. Martinez wrote:
> Hi all
> 
>  I am trying to setup some proxy arp entries in a Ubuntu 12.04 server,
> but no go.
> 
>  My commands are:
> 
>  arp -i eth0 -Ds 172.25.50.30 eth0 pub
>  sysctt -w net.ipv4.conf.eth0.proxy_arp=1

I assume you meant to type "sysctl", not "sysctt".

For what other interface are you intending to proxy? From eth0 to/from
eth1? If so, enable proxy arp on it too.

Regards,
Tyler

-- 
"I disapprove of what you say, but I will defend to the death your right
to say it."
   -- Evelyn Beatrice Hall

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: webmin, zentyal, conf file policy, etc

2012-10-03 Thread Tyler J. Wagner 
On 2012-10-03 14:05, Scott Kitterman wrote:
> It's not a question of fair or not fair.  The policy is what it is for good 
> reasons.  It does not say that external packages are not allowed to change 
> configuration, but that they have to do so via a program provided by the 
> package.  This gives a defined interface and reduces the risk of incorrect 
> changes.  I think this makes a lot of sense.

I agree, but the problem is that most programs don't have this. If you are
lucky, a program supports "change the configuration files and SIGHUP the
daemon". Why doesn't Debian policy require them have this interface? In the
absence of that requirement, the onus is on the webmin team to do their
work for them.

Regards,
Tyler

-- 
"To have a child is to give fate a hostage."
   -- John F. Kennedy

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: webmin, zentyal, conf file policy, etc

2012-10-03 Thread Tyler J. Wagner 
On 2012-10-03 03:45, Scott Kitterman wrote:
> On Tuesday, October 02, 2012 04:58:37 PM Neal McBurnett wrote:
>>  If a package upgrade includes a change to a conffile (a configuration file
>> managed by dpkg) compared to the version installed by the old version of
>> the package, and you have made changes to said conffile, you will be
>> prompted about these changes. If, however, something else (e.g.  webmin)
>> has made these changes on your behalf, you will be prompted about changes
>> you have not made to a conffile you likely have never heard of. I'm just
>> saying that this is not acceptable, which is a major reason why webmin is
>> not supported in Debian and Ubuntu, because this is /exactly/ what webmin
>> does /all the time/.
> 
> This is a violation of Debian and (Ubuntu) policy.  See 
> http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files

I'm not sure that's entirely fair. One could view Webmin as an attempt to
replicate CLI configuration of your system with web-based GUI
configuration. In that regard, the fact that it edits your config files in
/etc/ is fine with me. I suppose Debian policy wants some kind of
separation such that config files in /etc/ all have hooks into /var/, where
webmin is allowed to make edits?

That is silly. Debian policy in this regard is that software isn't allowed
to edit files in /etc/ for you. Since that is webmin's entire raison
d'être, it is software non grata.

Anyway, installing webmin on Debian or Ubuntu is easy. Deb files are on the
website, or you can use Virtualmin's repo (which has webmin in it):

deb http://software.virtualmin.com/gpl/ubuntu/ virtualmin-lucid main
deb http://software.virtualmin.com/gpl/ubuntu/ virtualmin-universal main

Regards,
Tyler

-- 
"You'll thank me when you share my politics!"
   -- Ryan North in "Dinosaur Comics"

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: Load balancing between datacenters

2012-09-06 Thread Tyler J. Wagner 
On 2012-09-06 14:03, Jesus arteche wrote:
> Hey guys,
> 
> I am trying to create a ha infrastructure. I would like to have my
> infrastructure in a cloud/vps provider in europe and a replica in USA. I
> will create load balancers in a HA mode. My problem comes up when I think
> how to share the floating ip. I mean in a datacenter with the same range of
> IP is not a problem...but when the datacenters are in different ranges of
> ip's ...it shouldn't work...
> 
> Any ideas about how to do it?
> 
> I'm using HAproxy and keepalive...

You cannot do it with one floating IP. Options:

1. Get your own /24, and BGP-announce the subnet from both locations. This
is what Google uses to make their DNS IPs 8.8.8.8 and 8.8.4.4 work globally
(taking you to the nearest server according to network path).

2. Build a load balancer in one of those locations, or a third one, which
proxies, possibly via a VPN, to both servers. This moves the failure point
forward.

3. Use DNS load balancing with a low TTL, along with a detection system to
remove the DNS entry of a failed server.

Regards,
Tyler

-- 
"All that is necessary for the triumph of evil is that good men do
nothing."
   -- Attributed to Edmund Burke

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: /boot maintenance

2012-09-06 Thread Tyler J. Wagner 
On 2012-09-05 15:46, Dean Henrichsmeyer wrote:
> On Wed, Sep 5, 2012 at 8:56 AM, Tyler J. Wagner  I agree; a 100 MB boot is just silly. So, run a daily script with this
> in it.
> 
> http://www.tolaris.com/2012/07/19/removing-old-kernels-from-ubuntu/
> 
> That purges any kernel that isn't either the highest-versioned one, or one
> which is currently running.
> 
> 
> I hope people read that code before running it. It makes assumptions that
> are not accurate with reality. For example, running that right now on a
> precise machine says:
> 
>  :~# echo $KERNEL_HIGHEST
> 3.2.0-9
> :~# echo $KERNEL_CURRENT
> 3.2.0-29
> 
> Just a heads up.

I've updated my post to correct the bug Dean found. The code now correctly
sorts the version string to find the latest installed kernel.

http://www.tolaris.com/2012/07/19/removing-old-kernels-from-ubuntu/

Thanks for the help, Dean.

Regards,
Tyler

-- 
"Those who make peaceful revolution impossible will make violent
revolution inevitable."
   -- John F. Kennedy

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: /boot maintenance

2012-09-05 Thread Tyler J. Wagner 
On 2012-09-05 15:46, Dean Henrichsmeyer wrote:
> On Wed, Sep 5, 2012 at 8:56 AM, Tyler J. Wagner  http://www.tolaris.com/2012/07/19/removing-old-kernels-from-ubuntu/
> 
> That purges any kernel that isn't either the highest-versioned one, or one
> which is currently running.
> 
> 
> I hope people read that code before running it. It makes assumptions that
> are not accurate with reality. For example, running that right now on a
> precise machine says:
> 
>  :~# echo $KERNEL_HIGHEST
> 3.2.0-9
> :~# echo $KERNEL_CURRENT
> 3.2.0-29

You should always read a script before running it. :)

Your result is anomalous. I've been using that for 4 years now, with never
an error. Testing today on a machine up for 3 days, so it has today's
newest kernel, gives:

root@baal:~# echo $KERNEL_HIGHEST
3.2.0-30
root@baal:~# echo $KERNEL_CURRENT
3.2.0-29

Perhaps your dpkg database is fresh from a install (apt-get update never
ran)? If not, please poke at the code, or contact me privately with the
results of:

dpkg -l linux-image\* | cat

The cat prevents dpkg from truncating version numbers due to terminal width.

Regards,
Tyler

-- 
"We are on the cusp of this time where I can say, 'I speak as a citizen
of the world' without others saying, 'God, what a nut.'"
   -- Lawrence Lessig

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Re: /boot maintenance

2012-09-05 Thread Tyler J. Wagner 
Hi Dean,

I agree; a 100 MB boot is just silly. So, run a daily script with this in it.

http://www.tolaris.com/2012/07/19/removing-old-kernels-from-ubuntu/

That purges any kernel that isn't either the highest-versioned one, or one
which is currently running.

Regards,
Tyler

On 2012-09-05 14:44, Dean Henrichsmeyer wrote:
> Hi All,
> 
> I realize this has been covered in the past but I've been observing more of
> it lately so thought I'd revisit it. Here's the problem I've been
> observing. Service providers that offer dedicated servers running Ubuntu
> default to 100MB /boot partitions. This is true of providers like Peer1,
> Softlayer, etc. Granted, you can fix that by re-provisioning the machine
> with your own partition preferences prior to putting your
> data/configuration on the host but most won't note the potential problem
> until it's too late.
> 
> So what happens is if you use something that keeps the machine up to date
> like Landscape or something of your own, /boot is going to fill up fast. As
> far as I can tell, Ubuntu Server doesn't tell you that you need a reboot
> when a new kernel is installed like Desktop does and it's no time at all
> before /boot is filled up. If you're not monitoring your partitions and/or
> manually house cleaning /boot consistently, you're going to run into problems.
> 
> I realize the ideal thing would be to get providers to change their
> defaults to something more modern that is in line with the size of today's
> disks and kernels. That being said, I also think it would be really nice to
> set a policy or something on the number of kernels you keep around. I'd
> like users getting dedicated servers running Ubuntu to have a positive
> experience. I don't know if anything is planned in this area but I thought
> I'd provide some feedback in case it factors in.
> 
> Thanks,
> Dean
> 
> 

-- 
"The universe is probably littered with the one-planet graves of cultures
which made the sensible economic decision that there's no good reason
to go into space – each discovered, studied, and remembered by the ones
who made the irrational decision."
   -- Randal Munroe

-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam