headers
David Oppermann | 24 May 09:44
Picon
Favicon

openvz and ftp connection tracking for non-default ports

Hello,

I've got a hylafax install inside an openvz container.  Now I'd like to run
a firewall as well.

I load the firewall modules for ftp connection tracking on the host machine
and with the following line in the containers config file:

IPTABLES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit
ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl
ipt_length ipt_state iptable_nat ip_nat_ftp ip_conntrack_ftp ipt_conntrack
ip_tables"

Now my Problem is that it works for Port 21 only and I'm unable to set the
parameters for the module.

Is there a way to set the parameters for the ftp connection tracking module
like "ports=21,4559"?
With best regards

David Oppermann
Voip Engineer //  voip@... // Tel 059944-2440 // 
--------------------------------------------------------- 
SILVER SERVER GmbH - a Tele2 Company // 
Donau-City-Strasse 11  // A-1220 Wien //
Fax 059944-9000 //  www.sil.at // 
FN 204414i // Handelsgericht Wien // UID ATU 51064903  //
---------------------------------------------------------
Permalink | Reply | 0 comments |
headers
Rene Dokbua | 21 May 20:06

occasional high loadavg without any noticeable cpu/memory/io load

Hello,


I occasionally get this extreme load on one of our VPS servers. It is quite large, 4 full E31230 cores, 4 GB RAM and hosting ca. 400 websites + parked/addon/subdomains.

The hardware node has 12 active VPS servers and most of the time things are chugging along just fine, something like this.

1401: 0.00 0.00 0.00 1/23 4561
1402: 0.02 0.05 0.05 1/57 16991
1404: 0.01 0.02 0.00 1/73 18863
1406: 0.07 0.13 0.06 1/39 31189
1407: 0.86 1.03 1.14 1/113 31460
1408: 0.17 0.17 0.18 1/79 32579
1409: 0.00 0.00 0.02 1/77 21784
1410: 0.01 0.02 0.00 1/60 7454
1413: 0.00 0.00 0.00 1/46 18579
1414: 0.00 0.00 0.00 1/41 23812
1415: 0.00 0.00 0.00 1/45 9831
1416: 0.05 0.02 0.00 1/59 11332
12 active

The problem VPS is 1407. As you can see below it only uses a bit of the cpu and memory. 

top - 17:34:12 up 32 days, 12:21,  0 users,  load average: 0.78, 0.95, 1.09
Tasks: 102 total,   4 running,  90 sleeping,   0 stopped,   8 zombie
Cpu(s): 16.3%us,  2.9%sy,  0.4%ni, 78.5%id,  1.8%wa,  0.0%hi,  0.0%si,  0.1%st
Mem:   4194304k total,  2550572k used,  1643732k free,        0k buffers
Swap:  8388608k total,   105344k used,  8283264k free,  1793828k cached

Also iostat and vmstat shows no particular io or swap activity.

Now for the problem. Every once in a while the loadavg of this particular VPS shoots up to like crazy values, 30 or more and it becomes completely sluggish. The odd thing is load goes up for the VPS server, and starts spilling into other VPS serers on the same hardware node - but there are still no particular cpu/memory/io usage going on that I can se.  No particular network activity.   In this example load has fallen back to around 10 but it was much higher earlier.

 16:19:44 up 32 days, 11:19,  3 users,  load average: 12.87, 19.11, 18.87

1401: 0.01 0.03 0.00 1/23 2876
1402: 0.00 0.11 0.13 1/57 15334
1404: 0.02 0.20 0.16 1/77 14918
1406: 0.01 0.13 0.10 1/39 29595
1407: 10.95 15.71 15.05 1/128 13950
1408: 0.36 0.52 0.57 1/81 27167
1409: 0.09 0.26 0.43 1/78 17851
1410: 0.09 0.17 0.18 1/61 4344
1413: 0.00 0.03 0.00 1/46 16539
1414: 0.01 0.01 0.00 1/41 22372
1415: 0.00 0.01 0.00 1/45 8404
1416: 0.05 0.10 0.11 1/58 9292
12 active

top - 16:20:02 up 32 days, 11:07,  0 users,  load average: 9.14, 14.97, 14.82
Tasks: 135 total,   1 running, 122 sleeping,   0 stopped,  12 zombie
Cpu(s): 16.3%us,  2.9%sy,  0.4%ni, 78.5%id,  1.8%wa,  0.0%hi,  0.0%si,  0.1%st
Mem:   4194304k total,  1173844k used,  3020460k free,        0k buffers
Swap:  8388608k total,   115576k used,  8273032k free,   725144k cache

Notice how cpu is plenty idle, and only 1/4 of the available memory is being used.

http://wiki.openvz.org/Ploop/Why explains "One such property that deserves a special item in this list is file system journal. While journal is a good thing to have, because it helps to maintain file system integrity and improve reboot times (by eliminating fsck in many cases), it is also a bottleneck for containers. If one container will fill up in-memory journal (with lots of small operations leading to file metadata updates, e.g. file truncates), all the other containers I/O will block waiting for the journal to be written to disk. In some extreme cases we saw up to 15 seconds of such blockage.".   The problem I noticed last much longer than 15 seconds though - typically 15-30 minutes, then load goes back where it should be.

Any suggestions where I could look for the cause of this?  It's not like it happens everyday, maybe once or twice per month, but it's enough to cause customers to complain.

Regards,
Rene

_______________________________________________
Users mailing list
Users@...
https://openvz.org/mailman/listinfo/users
Permalink | Reply | 18 comments |
headers
Peter Schultze | 19 May 09:01
Favicon

Strange CT creation problem with ploop-1.2.1 and vzkernel-2.6.32-042stab054.5

> Mounting /dev/ploop1p1 at /vz/root/775 fstype=ext4 data='balloon_ino=12,'
> Creating container private area (centos-6.2-x86-devel)
> tar: ./etc/rc.d/init.d/saslauthd: Cannot write: No space left on device
> tar: ./etc/rc.d/init.d/nscd: Cannot open: No space left on device
> tar: ./etc/rc.d/init.d/rdisc: Cannot open: No space left on device

I am seeing exactly the same problem on a 32-bit CentOS 6.2 machine with

vzkernel-2.6.32-042stab055.10.i686
ploop-lib-1.2-1.i386
vzctl-lib-3.2-1.i386

OS installation into a newly created CT fails because nothing can be 
written to the newly created ploop storage.

When the same machine is reverted to 042stab054.3.i686 the ploop container 
creation is working working fine again.

The problem seems to occur under all newer kernels beginning with 
042stab054.4, including 042stab055.11

There is no problem on a 64-bit CentOS 6.2 machine
with vzkernel-2.6.32-042stab055.10.x86_64

Could it be that this is only happening with the recent 32-bit kernels?
Permalink | Reply | 1 comment |
headers
Daniel Bauer | 11 May 10:40
Picon

Debian 6 with OpenVZ crashes

Hi @all,

I've installed Debian 6.0.4 with 2.6.32-5-openvz-686 Kernel on my HP 
DL760 G2. My CTs work really fine, but sometimes the hole box stalls and 
you have to switch off and on.

I reduced the memory to 16 GB, but the same problem appears. It also 
doesn't look like a hardware problem, because the unpatched Debian 
kernel and ESXi runs without any problems.

I also have ssh sessions which showed me:
top: no heavy load
messages: no entries
user_beancounters: no entries

After rebooting the box everything is fine again until the next crash.

Are there some more logs to look for the error?

Thanks
Daniel
Permalink | Reply | 1 comment |
headers
Dave Lawrence | 10 May 15:12
Favicon

IP6 Tables in templates

Any idea why some of the templates (eg Ubuntu 11.10) at
http://wiki.openvz.org/Download/template/precreated

have ip6tables binaries included and other do not (eg Centos 6).

Is ip6tables expected to work correctly in a CT?  I don't see any
documentation regarding the CT conf files but can I assume that if I copy
IPTABLES="ip_tables iptable_nat ip_conntrack ....
to
IP6TABLES="ip6_tables ip6_conntrack ....
will that syntax work?

because if I try
IP6TABLES="nonsense"
vzcfgvalidate does not throw any errors.

Thanks!
Dave
Permalink | Reply | 0 comments |
headers
Mark Olliver | 8 May 12:42
Favicon

DRBD inside a container

Hi,

I need to create two openvz guests which have access to the DRBD.ko kernel module.

The first will be a drbd proxy guest, so it just needs to be able to load the module to access /proc/drbd after
which it will be running the drbd proxy software to give us a drbd HA guest.

The second will be a drbd backup server so it will need to load the drbd module and run drbd inside the
container talking to the lower level /dev/sda3 block device.

1, Is there a way to enable the guest to use the DRBD module?

2, I believe I can pass the sda3 device to the guest using vzctl set 101 --devnodes sda3:rw

Thanks for your help

Mark
Permalink | Reply | 1 comment |
headers
VHPC 12 | 6 May 19:25
Picon

Submission Deadline Extension

we apologize if you receive multiple copies of this CFP

===================================================================

CALL FOR PAPERS

7th Workshop on

Virtualization in High-Performance Cloud Computing

VHPC '12

as part of Euro-Par 2012, Rhodes Island, Greece

===================================================================

Date: August 28, 2012

Workshop URL: http://vhpc.org

SUBMISSION DEADLINE:

June 11, 2012 - Full paper submission (extended)

SCOPE:

Virtualization has become a common abstraction layer in modern
data centers, enabling resource owners to manage complex
infrastructure independently of their applications. Conjointly,
virtualization is becoming a driving technology for a manifold of
industry grade IT services. The cloud concept includes the notion
of a separation between resource owners and users, adding  services
such as hosted application frameworks and queueing. Utilizing the
same infrastructure, clouds carry significant potential for use in
high-performance scientific computing. The ability of clouds to provide
for requests and releases of vast computing resources dynamically and
close to the marginal cost of providing the services is unprecedented in
the history of scientific and commercial computing.

Distributed computing concepts that leverage federated resource
access are popular within the grid community, but have not seen
previously desired deployed levels so far. Also, many of the scientific
data centers have not adopted virtualization or cloud concepts yet.

This workshop aims to bring together industrial providers with the
scientific community in order to foster discussion, collaboration
and mutual exchange of knowledge and experience.

The workshop will be one day in length, composed of 20 min
paper presentations, each followed by 10 min discussion sections.
Presentations may be accompanied by interactive demonstrations.

TOPICS

Topics of interest include, but are not limited to:

Higher-level cloud architectures, focusing on issues such as:
- Languages for describing highly-distributed compute jobs
- Workload characterization for VM-based environments
- Optimized communication libraries/protocols in the cloud
- Cross-layer optimization of numeric algorithms on VM infrastructure
- System and process/bytecode VM convergence
- Cloud frameworks and API sets
- Checkpointing/migration of large compute jobs
- Instrumentation interfaces and languages
- VMM performance (auto-)tuning on various load types
- Cloud reliability, fault-tolerance, and security
- Software as a Service (SaaS) architectures
- Research and education use cases
- Virtualization in cloud, cluster and grid environments
- Cross-layer VM optimizations
- Cloud use cases including optimizations
- VM-based cloud performance modelling
- Performance and cost modelling

Lower-level design challenges for Hypervisors, VM-aware I/O devices,
hardware accelerators or filesystems in VM environments, especially:
- Cloud, grid and distributed filesystems
- Hardware for I/O virtualization (storage/network/accelerators)
- Storage and network I/O subsystems in virtualized environments
- Novel software approaches to I/O virtualization
- Paravirtualized I/O subsystems for modified/unmodified guests
- Virtualization-aware cluster interconnects
- Direct device assignment
- NUMA-aware subsystems in virtualized environments
- Hardware Accelerators in virtualization (GPUs/FPGAs)
- Hardware extensions for virtualization
- VMMs/Hypervisors for embedded systems

Data Center management methods, including:
- QoS and and service levels
- VM cloud and cluster distribution algorithms
- VM load-balancing in Clouds
- Hypervisor extensions and tools for cluster and grid computing
- Fault tolerant VM environments
- Virtual machine monitor platforms
- Management, deployment and monitoring of VM-based environments
- Cluster provisioning in the Cloud

PAPER SUBMISSION

Papers submitted to the workshop will be reviewed by at least two
members of the program committee and external reviewers. Submissions
should include abstract, key words, the e-mail address of the
corresponding author, and must not exceed 10 pages, including tables
and figures at a main font size no smaller than 11 point. Submission
of a paper should be regarded as a commitment that, should the paper
be accepted, at least one of the authors will register and attend the
conference to present the work.

Accepted papers will be published in the Springer LNCS series - the
format must be according to the Springer LNCS Style. Initial
submissions are in PDF; authors of accepted papers will be requested
to provide source files.

Format Guidelines: http://www.springer.de/comp/lncs/authors.html
Style template:
ftp://ftp.springer.de/pub/tex/latex/llncs/latex2e/llncs2e.zip
Abstract Submission Link: http://edas.info/newPaper.php?c=11943

IMPORTANT DATES

Rolling abstract submission
June 11, 2012 - Full paper submission (extended)
June 29, 2012 - Acceptance notification
July 20, 2012 - Camera-ready version due
August 28, 2012 - Workshop Date

CHAIR

Michael Alexander (chair), TU Wien, Austria
Gianluigi Zanetti (co-chair), CRS4, Italy
Anastassios Nanos (co-chair), NTUA, Greece

PROGRAM COMMITTEE

Paolo Anedda, CRS4, Italy
Giovanni Busonera, CRS4, Italy
Brad Calder, Microsoft, USA
Roberto Canonico, University of Napoli Federico II, Italy
Tommaso Cucinotta, Alcatel-Lucent Bell Labs, Ireland
Werner Fischer, Thomas-Krenn AG, Germany
William Gardner, University of Guelph, USA
Marcus Hardt, Forschungszentrum Karlsruhe, Germany
Sverre Jarp, CERN, Switzerland
Shantenu Jha, Louisiana State University, USA
Xuxian Jiang, NC State, USA
Nectarios Koziris, National Technical University of Athens, Greece
Simone Leo, CRS4, Italy
Ignacio Llorente, Universidad Complutense de Madrid, Spain
Naoya Maruyama, Tokyo Institute of Technology, Japan
Jean-Marc Menaud, Ecole des Mines de Nantes, France
Dimitrios Nikolopoulos, Foundation for Research&Technology Hellas, Greece
Jose Renato Santos, HP Labs, USA
Walter Schwaiger, TU Wien, Austria
Yoshio Turner, HP Labs, USA
Kurt Tutschku, University of Vienna, Austria
Lizhe Wang, Indiana University, USA
Chao-Tung Yang, Tunghai University, Taiwan

DURATION: Workshop Duration is one day.

GENERAL INFORMATION

The workshop will be held as part of Euro-Par 2012.

Euro-Par 2012: http://europar2012.cti.gr/
Permalink | Reply | 0 comments |
headers
Diego Sanchez | 3 May 03:00
Picon
Gravatar

Install from USB: isolinux.bin is missing

Hello

I'm trying install a Proxmox 2.1 from USB
I follow the guide:
http://pve.proxmox.com/wiki/Install_from_USB_Stick, making the USB
bootable on Windows.
I don't get any errors on this.

But when I want to boot from pendrive, I get : "isolinux.bin is
missing or corrupt" when boot from pendrive

I try on another Windows, from linux, and now, with UnetBootIn

My mother is a Intel D865PERL, (is my home machine). Could be
compatibility problem?

--

-- 
Diego - Yo no soy paranoico! (pero que me siguen, me siguen)
Permalink | Reply | 0 comments |
headers
Roman Haefeli | 2 May 18:31
Picon

Debian: recommended kernel

Hi all

We're running OpenVZ on Debian Squeeze with the kernel shipped by
Debian.

Several sources recommend to use RHEL 6 stable kernel. Is it recommended
to use it also on Debian stable? If so, how should it be installed? The
wiki has links to rpm files only, it seems. 

The reason I ask is that we're considering switching kernel, since the
Debian OpenVZ kernel seems to have issues. Specifically, we suffer from
the same problem as described here:
http://lists.debian.org/debian-kernel/2011/12/msg00689.html

Cheers
Roman
Permalink | Reply | 12 comments |
headers
CoolCold | 29 Apr 22:55
Picon
Gravatar

bash script to build kernels for Debian

Hello!

I've created script for myself to build Debian packaged kernels from
source in semi-automated way. Works for me, may be useful for others.

For building current stable version one just need to start script - it
will download kernel, patch, config and do compiliation.

Code is located on github and is accessible via
https://github.com/CoolCold/tools/blob/master/openvz/kernel/create-ovz-kernel-for-debian.sh.

--

-- 
Best regards,
[COOLCOLD-RIPN]
Permalink | Reply | 2 comments |
headers
Esmé de Wolf | 26 Apr 16:53
Picon
Gravatar

HN using swap instead of ram

Hi!

 

Today I encountered a strange behaviour. My hardware node (Debian 2.6.32-5-openvz-amd64) with 36Gb of RAM filled up its SWAP while there was enough physical RAM left, it was only using about 12Gb.  

 

Would anyone maybe know what could have caused this?

 

If any more information is required then please let me know.

 

Thank you for your help anyway!

 

Kind Regards,

 

E. de Wolf

_______________________________________________
Users mailing list
Users@...
https://openvz.org/mailman/listinfo/users
Permalink | Reply | 0 comments |

Gmane