API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 21st, 2015
220
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.42 KB | None | 0 0
raw download clone embed print report
  1. * xX0M3GAXx (~xX0M3GAXx@2600:1009:b155:6775:0:24:71e7:a101) has joined
  2. * xX0M3GAXxph has quit (Ping timeout: 240 seconds)
  3. * linuxthefish has quit (Excess Flood)
  4. * linuxthefish (~ltf@unaffiliated/edmundf) has joined
  5. * NorthAntrim has quit (Ping timeout: 245 seconds)
  6. * zune has quit (Ping timeout: 245 seconds)
  7. * zune (~zune_free@93-161-225-188-dynamic.dk.customer.tdc.net) has joined
  8. * NorthAntrim (~NorthAntr@unaffiliated/northantrim) has joined
  9. * pelox has quit (Remote host closed the connection)
  10. * dominic1134 has quit (Quit: This computer has gone to sleep)
  11. * Simson-san has quit (Quit: Bye!)
  12. * Keetonic (~keetonic@46.166.188.200) has joined
  13. * xX0M3GAXx has quit (Ping timeout: 240 seconds)
  14. * Keetonic has quit (Ping timeout: 245 seconds)
  15. * vquicksilver has quit (Ping timeout: 265 seconds)
  16. * HeavyMetal has quit (Quit: BNC Services Provided by The ASoTnet IRC Network.)
  17. * HeavyMetal (~HeavyMeta@heavymetal-freenode.users.bnc.aseriesoftubez.com) has joined
  18. * HeavyMetal has quit (Changing host)
  19. * HeavyMetal (~HeavyMeta@unaffiliated/heavymetal) has joined
  20. * sputnik0_m (~sputnik_m@m193-217-4-44.cust.tele2.nl) has joined
  21. * D-Boy has quit (Excess Flood)
  22. * D-Boy (~D-Boy@unaffiliated/cain) has joined
  23. * sputnik0_m has quit (Quit: good bye)
  24. * linuxmint2 (~linuxmint@CPE-58-174-140-13.mjcz1.woo.bigpond.net.au) has joined
  25. * linuxmint2 has quit (Client Quit)
  26. * linuxmint2 (~linuxmint@CPE-58-174-140-13.mjcz1.woo.bigpond.net.au) has joined
  27. * telex has quit (Remote host closed the connection)
  28. * telex (teletype@freeshell.de) has joined
  29. * Te3-BloodyIron (~Te3-Blood@S010600900b121d95.cg.shawcable.net) has joined
  30. * peetaur has quit (Quit: Konversation terminated!)
  31. * Liam` has quit (Ping timeout: 244 seconds)
  32. * Liam` (liam@liam.sh) has joined
  33. <Te3-BloodyIron> I have some questions about dynamic memory usage in proxmox for VMs
  34. <Te3-BloodyIron> when I set a VM memory range, say minimum 2048, maximum 4096
  35. <Te3-BloodyIron> when does the VM free up the memory to come back to 2048? (if it had previously moved up to 4096)
  36. <Te3-BloodyIron> so far my testing shows it doesn't, but don't know if I'm just not waiting long enough
  37. * pelox (~rail@gusl/staff/risturiz) has joined
  38. <hanshenrik> when uploading a ISO file to a disk, i got the message: 0 errors occured while uploading to disk
  39. <hanshenrik> but.. the file isn't there, so obviously SOME error occured
  40. * rogue_koder has quit (Read error: Connection reset by peer)
  41. * peetaur (~peter@ip25058822.dynamic.kabel-deutschland.de) has joined
  42. * [TK]D-Fender has quit (Quit: Leaving)
  43. * Haxxa has quit (Remote host closed the connection)
  44. * Flotho66 (~florent@2001:41d0:fe17:9f00:8ea9:82ff:feb4:447e) has joined
  45. * Flotho66 has quit (Ping timeout: 246 seconds)
  46. * Haxxa (~Harrison@CPE-124-189-140-77.cyzn1.lon.bigpond.net.au) has joined
  47. * telex has quit (Remote host closed the connection)
  48. * telex (teletype@freeshell.de) has joined
  49. * zapotah has quit (Remote host closed the connection)
  50. * zapotah (~zapotah@unaffiliated/zapotah) has joined
  51. * Simson-san (~Simson-sa@abh-simon.abh.uni-karlsruhe.de) has joined
  52. * sysadmin92 has quit (Quit: The early bird may get the worm, but the second mouse gets the cheese)
  53. * cuqa_ has quit (Ping timeout: 260 seconds)
  54. * Flotho66 (~florent@245-10-190-109.dsl.ovh.fr) has joined
  55. * vquicksilver (~nobody@gentoo/contributor/vquicksilver) has joined
  56. * vquicksilver has quit (Quit: WeeChat 0.4.3)
  57. * [TK]D-Fender (~joe@64.235.216.2) has joined
  58. * MindAndGo (~florent@2001:41d0:fe17:9f00:8ea9:82ff:feb4:447e) has joined
  59. * Flotho66 has quit (Ping timeout: 246 seconds)
  60. <Shadow__X> Te3-BloodyIron: afaik it doesn't actually release the memory
  61. <Shadow__X> hanshenrik: manually find the file, then track down in your settings where you have proxmox pointing your isos
  62. * hanshenrik has quit (Quit: Leaving)
  63. * donhw has quit (Ping timeout: 265 seconds)
  64. * MindAndGo has quit (Ping timeout: 244 seconds)
  65. * UmbraMalison has quit (Ping timeout: 250 seconds)
  66. * linuxmint2 has quit (Remote host closed the connection)
  67. * portalBlock|away is now known as portalBlock
  68. * UmbraMalison (~andy@host81-159-38-12.range81-159.btcentralplus.com) has joined
  69. * Jb_boin has quit (Read error: Connection reset by peer)
  70. * Jb_boin (~dedior@proxad.eu) has joined
  71. * sysadmin92 (~IceChat77@2.125.96.238) has joined
  72. * MinetestForFun (~Quentin@dmt69-1-88-180-172-161.fbx.proxad.net) has joined
  73. * telex has quit (Remote host closed the connection)
  74. * telex (teletype@freeshell.de) has joined
  75. * peetaur has quit (Quit: Konversation terminated!)
  76. * dominic1134 (~dominic11@unaffiliated/dominic1134) has joined
  77. * dominic1134 has quit (Quit: This computer has gone to sleep)
  78. * dominic1134 (~dominic11@unaffiliated/dominic1134) has joined
  79. * D-Boy has quit (Excess Flood)
  80. <[TK]D-Fender> Planning for a new CPU/MB/RAM combo to upgrade a system I'll be inheriting. I've been looking at AMD FX 8-core. This is going to be for a single ProxMox home server that'll also offer up file shares (hardware RAID, and non-virtualized Samba off the host)
  81. <[TK]D-Fender> And input from those having used the AMD FX's?
  82. <sysadmin92> from looking at reviews i would say buy intel...
  83. <sysadmin92> those AMD CPUs are hot and power hungry
  84. <[TK]D-Fender> Was considering cores for a few small VM's. I'm not sure what the overcommit load might be like as any Intel I'd use would only be 4-core
  85. * D-Boy (~D-Boy@unaffiliated/cain) has joined
  86. <sysadmin92> those 8 core AMDs are benched against i5 CPUs, iirc they didnt touch the i7s
  87. <sysadmin92> what VMs are you planning to run?
  88. <[TK]D-Fender> Really small stuff
  89. <[TK]D-Fender> 2-3 tesdt PBX's, web server (supoer low use), etc
  90. <sysadmin92> C2000 series Atom might work OK? only 10-14 watts
  91. <[TK]D-Fender> Not worried about power consumption...
  92. <sysadmin92> that C2750 is 8 core
  93. <[TK]D-Fender> that ranks as half of a FX-8320
  94. <[TK]D-Fender> at best
  95. <sysadmin92> what intel would you be buying if you did go for intel?
  96. <[TK]D-Fender> I might swap my desktop i5-3570k to it
  97. <sysadmin92> i5 are nice
  98. <sysadmin92> C2750 also has ECC Ram, and 4 NICs usually. probably cheaper as well...
  99. <[TK]D-Fender> that's just a chip\Yo seem to be implying a MB combo you didn't actually name here....
  100. <sysadmin92> the C2750 comes soldered onto boards
  101. <chris[]> i run a pair of 8 core xeons on my proxmox node, ran proxmox in the past off an 8 core 6212 opteron, run a stand alone server on an atom c2758, and my desktop is an fx-8350 which runs a few virtualbox vm's for testing. all are extremely capable vm hosts.
  102. <sysadmin92> supermicro do nice ones, asrock has one with lots of sata
  103. <[TK]D-Fender> Yeah, I saw the AsrockRack one
  104. <[TK]D-Fender> quite pricy though
  105. <[TK]D-Fender> Was thinking about that one for a FreeNAS setup
  106. <sysadmin92> for FreeNAS only the intel SATA work properly iirc
  107. <[TK]D-Fender> that's what I believe I saw.
  108. <[TK]D-Fender> but for my home server I'm thinking the Atom will be a bit weak
  109. <sysadmin92> i would go i5 then :) pity they are limited to 32GB RAM
  110. <sysadmin92> lga2011v3 doesnt have that limitation, not too much more expensive
  111. <[TK]D-Fender> Way beyond my spec needs regardless.
  112. <[TK]D-Fender> this is just for home.
  113. <chris[]> [TK]D-Fender: the 2758 is actually pretty impressive. obviously its not in the same league as a xeon/i7/i5, and its not marketed as such, but its no slouch.
  114. <[TK]D-Fender> http://www.cpubenchmark.net/cpu.php?cpu=Intel+Atom+C2750+%40+2.40GHz
  115. <[TK]D-Fender> http://www.cpubenchmark.net/cpu.php?cpu=Intel+Core+i5-3570K+%40+3.40GHz
  116. <[TK]D-Fender> Comparing to the old i5 I have NOW.. it is a slouch... and pricy...
  117. <[TK]D-Fender> Remember I don't need lots of RAM, or SATA.
  118. <chris[]> i dont need passmark to tell me things i see first hand. :)
  119. <sysadmin92> my home hypervisor is 1037u... does what i need :)
  120. <[TK]D-Fender> I've got a SATA raid setup in the box Id' be upgrading
  121. <chris[]> lg1: ~> cat /proc/cpuinfo | grep name | tail -1
  122. <chris[]> model name : Intel(R) Atom(TM) CPU C2758 @ 2.40GHz
  123. <chris[]> running cent 7, with a cent 6 lxc on this box running variety of services, it handles it all without a problem. one of those duties being samba file serving which you mentioned.
  124. <[TK]D-Fender> yup, it CAN do the job, but it is techincally weaker, and a good bit more expensive....
  125. <chris[]> again, im not telling you which to go for. just offering a suggestion based on first hand experience with all the platforms you mentioned. they're all capable and you're going to have to weigh your own needs and budget, but discounting any of them based on passmark (or any "benchmarks") is the wrong way to go about it.
  126. <chris[]> thats all im saying. :)
  127. <[TK]D-Fender> Which is kinda a lose/lose for me...
  128. <[TK]D-Fender> if I cared abot size & power then sure, it's an awesome little board...
  129. <chris[]> right, i agree with that. that c2758 system i installed was around $700 when all was said and done.
  130. <chris[]> you could hop on ebay and grab a nice dell r610 with a couple xeons and 32gb+ ram for that price
  131. <[TK]D-Fender> butI'm slapping this in an E-ATX FULL TOWER with an 8-port RAID card and drives
  132. <[TK]D-Fender> Remeber the context here. i'm upgrading a server im INHERITING
  133. <[TK]D-Fender> Really nice case. Nice card, nice drivers
  134. <[TK]D-Fender> drives
  135. <[TK]D-Fender> just want to swap out the MB/CPU/RAM
  136. <chris[]> if you're doing that then the 8350 should be fine. again, not on par with an i7, but i have no complaints with mine and the price makes it extremely attractive for a node thats 'good enough'. especially for home use.
  137. <[TK]D-Fender> the server has a supermicro with i7-950 in it already. RAM is harder to find as it's a picky board though.
  138. <[TK]D-Fender> I was thinking it better to invest in a new set and spin off the included bits I wouldn't want out of it
  139. <[TK]D-Fender> Otherwise I'm sure it would be enough if I up the ram forom the 6GB it has now.
  140. * tgunr has quit (Quit: My Mac has gone to sleep. ZZZzzz…)
  141. * portalBlock is now known as portalBlock|away
  142. * tgunr (~davec@cpe-76-172-41-171.hawaii.res.rr.com) has joined
  143. * Pryan|2 (~kvirc@213.254.107.114.dyn.user.ono.com) has joined
  144. * Pryan has quit (Ping timeout: 246 seconds)
  145. * dominic1134 has quit (Quit: Verlassend)
  146. * MinetestForFun has quit (Quit: Leaving / Je m'en vais)
  147. * dominic1134 (~dominic11@unaffiliated/dominic1134) has joined
  148. * RedRat__ has quit (Read error: Connection reset by peer)
  149. * RedRat__ (~Dev@201.80.17.85) has joined
  150. * rogue_koder (~quassel@207.204.117.126) has joined
  151. * iNs is now known as iNs_
  152. * iNs_ is now known as iNs
  153. * rogue_koder has quit (Remote host closed the connection)
  154. * rogue_koder (~quassel@207.204.117.126) has joined
  155. * dominic1134 has quit (Quit: Verlassend)
  156. * Pryan (~kvirc@213.254.107.114.dyn.user.ono.com) has joined
  157. * Pryan|2 has quit (Ping timeout: 256 seconds)
  158. * RaNa has quit (Quit: I'm Out)
  159. * tgunr has quit (Ping timeout: 240 seconds)
  160. * pawz (pawz@i.love.everything.moe) has joined
  161. * pawz (pawz@i.love.everything.moe) has left ("Palaver http://palaverapp.com/")
  162. * RaNa (~RaNa@107-146-207-26.res.bhn.net) has joined
  163.  
  164. * Loaded log from Sun Aug 9 23:03:07 2015
  165.  
  166. * Now talking on ##proxmox
  167. * Topic for ##proxmox is: Unofficial Proxmox VE Support Channel | Wiki: http://pve.proxmox.com | Video tutorials: http://youtube.com/ProxmoxVE | Google+ Community http://goo.gl/14p2W | Latest version is 3.4
  168. * Topic for ##proxmox set by stevenm (Mon Feb 23 05:01:10 2015)
  169. -ChanServ- [##proxmox] Welcome to ##proxmox! Please read the channel topic. If your IRC client is configured to autojoin #proxmox please update this to ##proxmox as the automatic divert won't stay forever.
  170. <ghoulmann> hi folks. I'm having problems with NAT, 3.4, and load balancing.
  171. <ghoulmann> anyone have time to help?
  172. * dominic1134 (~dominic11@unaffiliated/dominic1134) has joined
  173. <ghoulmann> (load balancing apache servers)
  174. <asyd> more easy to help when we have a question :)
  175. <ghoulmann> indeed. sorry.
  176. * Straa has quit (Ping timeout: 240 seconds)
  177. <ghoulmann> I'd like: 2 nat'd deb8 apache servers, 1 load balancer with nat and bridge
  178. <ghoulmann> i can't get the nat'd machines to see the network if I set a manual ip
  179. <ghoulmann> i'll send pastes
  180. <ghoulmann> proxmox host: http://pastebin.com/jxPvagpP
  181. <ghoulmann> not working: http://pastebin.com/PFrpKYSU
  182. <ghoulmann> ^guest, apache, deb8
  183. <ghoulmann> vm not container
  184. <asyd> i don't understand what are you tring to do. on the proxmox itself, ip must be on vmbr0 if you want to use a bridge
  185. <ghoulmann> they all work if they have the same ip, 10.0.2.15...but not with each other...
  186. <ghoulmann> OK, that helps.
  187. <ghoulmann> let me check again.
  188. <ghoulmann> wait, isn't this a bridge: http://pastebin.com/jxPvagpP on the host?
  189. <asyd> it is yes.
  190. <ghoulmann> i tried it with this config, at https://pve.proxmox.com/wiki/Network_Model#Masquerading_.28NAT.29, but saw no difference.
  191. <asyd> i really don't understand what you want. The proxmox itself is running, right?
  192. <asyd> s 6
  193. <jwd> yes that one works.
  194. <ghoulmann> let me explain: guest: apache, guest2, apache identical, guest 3 loadbalancer (test scenario only).
  195. <asyd> but how network is configured?
  196. <ghoulmann> all on one pve host.
  197. <jwd> how you plan to reach the webports on multiple nated machines without forwarding ?
  198. <ghoulmann> 192.168.1.0/24 is my physical lan
  199. <ghoulmann> 10.0.2.0/24 is where I want nat'd machines to be able to communicate
  200. <jwd> give them all a bridged ip first
  201. <ghoulmann> jwd, all, even the web hosts?
  202. <ghoulmann> jwd, i thought just the load balancer
  203. <jwd> i guess you use haproxy?
  204. <ghoulmann> jwd, trying, yes
  205. <jwd> the most easy setup. have all on the same network.
  206. <ghoulmann> by I have several options
  207. <jwd> client -> haproxy and then gets redirected to the real ip of a server
  208. <ghoulmann> OK, well, here's the difficulty. the purpose of this is to teach NAT and Bridged on the same network
  209. <jwd> in that setup all (haproxy port and webserver ports) must be reachable by client
  210. <ghoulmann> jwd, I see.
  211. <jwd> you try to do rather complicated things right away
  212. <ghoulmann> Is there some other legitimate use case with bridged and nat guests?
  213. <jwd> nat hides the existance of the internal network
  214. <ghoulmann> jwd, yes, that's what I explain.
  215. <jwd> but you have a small issue in this use case
  216. <ghoulmann> jwd, saw I thought this was effective demonstration. Yes, what is it?
  217. <jwd> all internal servers will hide behind 1 ip only
  218. <jwd> and you can only have the port bind to that external visible ip.
  219. <jwd> to reach the internal servers you need to masquerade that
  220. <ghoulmann> jwd, here's what I imagined: haproxy is visible, and then the web servers are accessible by haproxy only. clients access haproxy?
  221. <ghoulmann> I think I get it.
  222. <ghoulmann> the problem i mean.
  223. <jwd> haproxy as store and forward proxy. i never used that.
  224. <jwd> way to complicated and will not help if ist about balancing for speed
  225. <ghoulmann> i can use mod proxy-balance if it'll work the scenario i need
  226. <jwd> if you wana go for such a setup do this with more than 1 network configured.
  227. <ghoulmann> jwd, physical network?
  228. <ghoulmann> or on the proxmox host?
  229. <jwd> or internal bridges
  230. <jwd> a bridge can be just seen as a switch where you plug in your nodes network interfaces
  231. <ghoulmann> ok so a switch on each guest (bridge) interface?
  232. <jwd> a switch on proxmox. and the gues network interfaces get connected to the bridges
  233. <ghoulmann> so then, no NAT
  234. <jwd> vmbr0 for example for your outside network and vmbr1 for your internal
  235. <ghoulmann> as I understand
  236. <ghoulmann> OK that I get
  237. <jwd> for your use case i would use 3 external ips without nat.
  238. <ghoulmann> OK, then i run into a problem. How do illustrate authentic use for NAT? I understand it, but it seems then best suited to desktop virt app and not proxmox virtual servers
  239. * tgunr (~davec@cpe-76-172-41-171.hawaii.res.rr.com) has joined
  240. <jwd> its just to understand the use case?
  241. <ghoulmann> i'm writing an intro book on Proxmox for packt, and am having legit problem coming up with a justification for nat config for networking chapter
  242. <jwd> outgoing nat is a pratical use for nat
  243. <ghoulmann> so yes, it's all theoretical, but it has to be for a "real" use case.
  244. <jwd> hide alot of nodes behind a nat address
  245. <jwd> all can reach the outside but none is reachable directly
  246. <ghoulmann> for virtual workstations perhaps?
  247. <jwd> or servers
  248. <ghoulmann> jwd, or servers is what I'm after. What kind of scenario would I want servers hiding behind a single address? I thought load balancer, but apparently not
  249. <jwd> imagine you want to do software updates on servers without exposing them to the outside (oki in practice this would be done with proxies) but it would also work
  250. <jwd> an internal monitoring server that wants to monitor outside systems without exposing its existance
  251. <ghoulmann> OK monitoring is good.
  252. <ghoulmann> so then I have to forward port to see the interface?
  253. <ghoulmann> assuming wui
  254. <jwd> another example. a firewall with multiple internal dmz segments and 1 public visible network
  255. <jwd> yes to reach the server from the outside you could do a forwarding
  256. <ghoulmann> jwd, ok let me get that set up and see how it does for me. Firewall config I can discuss but will be to complicated for this audience, or possibly too complicated.
  257. * tjz has quit ()
  258. <ghoulmann> jwd, separate question: I see nothing in docs about NAT and containers. I've found some other sources. But is it just a case of manual configuration, or is it bad practice?
  259. <jwd> there are so many common/uncommon setups. its hard to say what is good/bad practice.
  260. <jwd> all depends alot on the situation
  261. <jwd> for example. i have lxc-containers with private addresses in a proxmox 4.0 beta system, this runs inside a vmware client box on a laptop with bonded wlan/ethernet interfaces :P
  262. <ghoulmann> i see.
  263. <jwd> all single parts are common setups but the total solution is to? :-)
  264. <ghoulmann> so with 3.4 nat with openvz container shouldn't be impossible at all, it just seems contrary to the management interface.
  265. <ghoulmann> does that jibe with your experience?
  266. <jwd> i never used 3.4 but it should work
  267. <ghoulmann> OK, thank you jwd.
  268. <jwd> np
  269. <ghoulmann> I've been on 4.0 but it was just released. Still traces of openvz were in it, didn't look like lxc was ready (example, the Turnkey templates were still there)
  270. <ghoulmann> thanks again.
  271. <jwd> i just use plain lxc debian templates and work on those.
  272. * MindAndGo (~florent@AMontpellier-653-1-341-176.w81-251.abo.wanadoo.fr) has joined
  273. * Flotho66 has quit (Ping timeout: 246 seconds)
  274. <jwd> all i need to find a way is to create my own or modify the existing
  275. <ghoulmann> gotcha. I'll update you on what I come up with
  276. <jwd> so if anyone here on this channel got any notes on that i would be thankfull :-)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!