Hello,
I'm using kernel 2.6.17.1 with vsever patch vs2.1.1-rc24.
Kernel panic when i try to use strace inside vserver (i can reproduce
it while straceing qmail-smtpd and/or clamd-queue proces).
Oops from netconsole in attachement.
Jarek Dylag
[42949720.46] [ cut here ]-
Hi list!
When I issue the command:
vserver hibernia1 restart
the output is as follows:
Couldnt get a file descriptor referring to the console
/usr/lib/util-vserver/vserver.stop: line 85: 20670 Terminado
(killed) "[EMAIL PROTECTED]" ${USE_VNAMESPACE:
+$_VNAMESPACE --enter "$S_CONTEXT" -- } $
On 7/4/06, Baltasar Cevc <[EMAIL PROTECTED]> wrote:
On 04.07.2006, at 10:29, Daniel W. Crompton wrote:
> You can, I just did it yesterday. You need to set the following in the
> file "bcapabilities":
> CAP_NET_ADMIN
> CAP_NET_RAW
I haven't tested it myself as I run OpenVPN in the host system only
In gmane.linux.vserver, you wrote:
[trimming extra stuff to save bandwidth]
> thanks for the info. I think your suggestions will actually solve the
> problem i'm having.
> Thing is that i'm not sure on how to do it correctly on Debian.
> I have a util-vserver script in /etc/init.d
> which is linke
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
On 04.07.2006, at 10:29, Daniel W. Crompton wrote:
On 7/3/06, Eugen Leitl <[EMAIL PROTECTED]> wrote:
On Mon, Jul 03, 2006 at 12:12:34PM +0200, Baltasar Cevc wrote:
> >I can't have an OpenVPN tunnel terminate in a vserver,
> >can I?
You can, I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Teemu,
Is there any way to restrict a guest from accessing some
interfaces or services of other guests?
The guest can only actively use the interfaces assigned to it (see the
"great flower page", /etc/vservers//interfaces about
that), however,
I'm trying to dist-upgrade a breezy guest and getting an error when
upgrading the initscripts package. The error occurs while running the
postinst script, when it tries this:
mount -n --bind / /.root
The output from that is:
mount: permission denied.
I suspect I need to enable some capability t
See my comments below.
In general - please don't get the impression I try to be fastidious. I'm
just trying to help you create a system in which results can be
reproducible and trusted. There are a lot of factors that influence the
performance; some of those are far from being obvious.
Cléme
Kir Kolyshkin wrote:
> In case you are testing performance (but not, say, isolation), you can
> definitely set all the UBCs to unlimited values (i.e. both barrier and
> limit for each parameter should be set to MAX_LONG). The only issues is
> with vmguarpages parameter, because this is a guarantee
Kirill Korotaev wrote:
> Cedric,
>
>> these informations are not explicit yet but please check the raw data,
>> for
>> example :
>>
>> http://lxc.sourceforge.net/bench/r3/dbenchraw
>>
>> you will see that each test is run nearly 100 times. the 5% min and max
>> values are stripped before doing
Kirill Korotaev wrote:
> For OpenVZ it is also possible to test different subsytems separately
> (virtualization/isolation, resource management, disk quota, CPU scheduler).
> I would notice also, that in OpenVZ all these features are ON by default.
hmm, we didn't realize that. Good, it will make
Cedric,
these informations are not explicit yet but please check the raw data, for
example :
http://lxc.sourceforge.net/bench/r3/dbenchraw
you will see that each test is run nearly 100 times. the 5% min and max
values are stripped before doing an average. min, max and std dev are
missi
Clément Calmels wrote:
> Hi,
>
> Sorry, I just forgot one part of your email... (and sorry for the mail
> spamming, I probably got too big fingers or too tiny keyboard)
>
>> 1.2 Can you tell how you run the tests. I am particularly interested in
>> - how many iterations do you do?
>> - what resul
Clément Calmels wrote:
Hi,
I'm wondering why a default 'guest' creation implies some resources
restrictions? Couldn't the resources be unlimited? I understand the need
for resource management, but the default values look a little bit
tiny...
The reason is security. A guest is untru
from the tests:
"For benchs inside real 'guest' nodes (OpenVZ/VServer) you should
take into account that the FS tested is not the 'host' node one's."
at least for Linux-VServer it should not be hard to avoid the
chroot/filesystem namespace part and have it run on the host fs.
a bind mount into
Hi,
> > I'm wondering why a default 'guest' creation implies some resources
> > restrictions? Couldn't the resources be unlimited? I understand the need
> > for resource management, but the default values look a little bit
> > tiny...
> >
> The reason is security. A guest is untrusted by defaul
Clément,
Thanks for addressing my concerns! See comments below.
Clément Calmels wrote:
Hi,
1.1 It would be nice to run vmstat (say, vmstat 10) for the duration of
the tests, and put the vmstat output logs to the site.
Our benchmark framework allows us to use oprofile during test...
Hi,
Sorry, I just forgot one part of your email... (and sorry for the mail
spamming, I probably got too big fingers or too tiny keyboard)
> 1.2 Can you tell how you run the tests. I am particularly interested in
> - how many iterations do you do?
> - what result do you choose from those iteration
Clément Calmels wrote:
> Hi,
>
> Sorry, just forgot one part of your email...
>
>> 1.2 Can you tell how you run the tests. I am particularly interested in
>> - how many iterations do you do?
>> - what result do you choose from those iterations?
>> - how reproducible are the results?
>> - are you
Hi,
Sorry, just forgot one part of your email...
> 1.2 Can you tell how you run the tests. I am particularly interested in
> - how many iterations do you do?
> - what result do you choose from those iterations?
> - how reproducible are the results?
> - are you rebooting the box between the iterat
Hi,
> from the tests:
> "For benchs inside real 'guest' nodes (OpenVZ/VServer) you should
> take into account that the FS tested is not the 'host' node one's."
>
> at least for Linux-VServer it should not be hard to avoid the
> chroot/filesystem namespace part and have it run on the host fs.
Hi,
> 1.1 It would be nice to run vmstat (say, vmstat 10) for the duration of
> the tests, and put the vmstat output logs to the site.
Our benchmark framework allows us to use oprofile during test...
couldn't it be better than vmstat?
> Basically, the detailed description of a process would be
Hi Gerrit,
I'll be giving a shot at OpenVCP some time next week.
From what I've seen so far, it seems quite promising.
Keep up the good work,
Sincerely,
Youri
Gerrit Wyen wrote:
hi,
we quite recently released the first beta of OpenVCP licensed under the
GPL. OpenVCP provides a web-based inter
On 7/3/06, Eugen Leitl <[EMAIL PROTECTED]> wrote:
On Mon, Jul 03, 2006 at 12:12:34PM +0200, Baltasar Cevc wrote:
> >I can't have an OpenVPN tunnel terminate in a vserver,
> >can I?
You can, I just did it yesterday. You need to set the following in the
file "bcapabilities":
CAP_NET_ADMIN
CAP_NET
Hi,
I have seen many questions, discussions and instructions about
(loopback) interfaces on a guest. I have tried with different
setups with e.g. loopback and dummy interfaces, but still have
not succeeded to prevent guests accessing some interfaces of
other guests.
Is there any way to restric
25 matches
Mail list logo
