I have a little bare-metal ubuntu 14.04 server at home running a web
service. The http(s) daemon runs on port 8006 and 8007, and iptables
is used to redirect incoming requests. Have been using this setup
forever, works great:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT
On Tue, Aug 5, 2014 at 5:07 PM, Jeroen Ooms jeroen.o...@stat.ucla.edu wrote:
I have a little bare-metal ubuntu 14.04 server at home running a web
service. The http(s) daemon runs on port 8006 and 8007, and iptables
is used to redirect incoming requests. Have been using this setup
forever,
Better stick with Gavin's suggestion if possible. Or do some scripting
to get server's IP address before calling iptables.
... or use a source ip match and the negation feature to extend the rule to
skip traffic from internal addresses
greetings
Guido
Quoting Tom Weber (l_lxc-us...@mail2news.4t2.com):
Hello,
my setup:
debian7
lxc-1.0.4 from debian testing
vanilla kernel.org kernel 3.14.14
i'm new to lxc and apparmor, so this took me a couple of hours to
figure:
lxc-start won't assign an apparmor-profile to a container since it's
Hi,
I know it is possible to pin an individual container to a CPU core, but is
it possible to pin different threads inside a container to different cores?
Thanks
Anjali
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
Sure, just use cpusets inside the container to assign them.
Quoting Anjali Kulkarni (anj...@juniper.net):
Hi,
I know it is possible to pin an individual container to a CPU core, but is
it possible to pin different threads inside a container to different cores?
Thanks
Anjali
Am Dienstag, den 05.08.2014, 16:07 + schrieb Serge Hallyn:
What you say makes sense. What do you think of the following (untested)
patch?
From 05864ae7f8b42724fb15ddea8a6d3d3ea9cf8749 Mon Sep 17 00:00:00 2001
From: Serge Hallyn serge.hal...@ubuntu.com
Date: Tue, 5 Aug 2014 11:01:55
Just wanted to chime in on this, it would seem that creating unprivileged
containers works fine, at least for download template of Ubuntu.
However the problem starts when you use sudo su.
For example, the following breaks;
admin$ sudo su deploy
admin$ lxc-create -t download -n u1 -- -d ubuntu
Sure;
deploy$ echo $XDG_RUNTIME_DIR
/run/user/999
deploy$ echo $HOME
/home/deploy
deploy$ cat /proc/self/cgroup
11:hugetlb:/
10:perf_event:/
9:blkio:/
8:freezer:/
7:devices:/
6:memory:/
5:cpuacct:/
4:cpu:/
3:cpuset:/
2:name=systemd:/user/999.user/5.session
Expected uid is 1000 (deploy) but its
(sorry hit return too fast).
Also turns out that the sudo -shU trick doesn't work, results in;
deploy$ lxc-start -n u1
lxc_container: call to cgmanager_create_sync failed: invalid request
Found another semi related ticket;
https://github.com/lxc/lxc/issues/181
Cal
On Wed, Aug 6, 2014 at
Quoting Cal Leeming [Simplicity Media Ltd]
(cal.leem...@simplicitymedialtd.co.uk):
Interesting, I'm running 14.04.1.
Could you paste your output of /proc/self/cgroup from inside your sudo su
? I'd be interested to see if the systemd entry is correct too
11 matches
Mail list logo