December 21, 2012 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
December 21, 2012 [00:07:23] *** neophenix has quit IRC[00:11:08] *** mamash has left #smartos[00:15:23] *** newlix_ has joined #smartos[00:16:54] *** newlix_ has quit IRC[00:23:56] *** tdowg1 has quit IRC[00:24:53] *** deirdres has quit IRC[00:33:02] *** ryancnelson has joined #smartos[00:33:34] *** jim80net has joined #smartos[00:43:49] *** mamash has joined #smartos[00:50:19] *** mamash has left #smartos[00:52:47] <xmerlin> hi to all[00:53:49] <xmerlin> where's the best place to put ipfilter rules ? /etc/ipf/ipnat.conf doesn't survive to reboots[00:54:05] <rmustacc> In the GZ?[00:54:15] <rmustacc> Write an /opt/custom/smf script.[00:56:25] <xmerlin> yes in the GZ[00:56:56] <xmerlin> ah ...so every customization is done with an smf script?[00:59:32] <LeftWing> It's certainly the easiest way without building (or, at least, repacking) your own SmartOS image.[01:01:10] <trentster> or you could use chef-solo its great and way easier than manually setting up smf stuff especially if you have a lot of nodes[01:02:17] <xmerlin> chef-solo ?[01:05:45] <ryancnelson> i'd say do one custom smf script... that loads up the config management tool of your choice[01:07:15] <xmerlin> ...interesting[01:07:57] <ryancnelson> or.... don't customize anything, and do it all in zones.[01:08:42] <ryancnelson> my admin network is an island[01:10:55] <xmerlin> an island inside or outside the smartos GZ to configure?[01:17:05] <zr0> i think he means as a seperate zone?[01:17:38] <xmerlin> zr0 ok[01:18:10] <ryancnelson> i mean my global zones, everywhere is on a network that's not attached to anything else[01:18:34] <ryancnelson> so a firewall isn't necessary. air gap.[01:18:55] <ryancnelson> the vm's are on nics that are un-plumbed in the GZ[01:18:55] <zr0> ah, ok[01:19:47] <ryancnelson> ... and sometimes i have a vm that's also on that admin network, if i want to ssh through that guy. but it's got persistent disk, so i can put ipfilter rules there[01:19:59] <zr0> but i think the idea would be to setup a vm/zone as a router/nat, do your firewall with it and then have any other vms connect through it[01:20:33] <ryancnelson> the idea is that the GZ isn't where you should be doing much customization.... think of it as your hypervisor, or your super-bios[01:20:45] <zr0> right[01:20:46] <ryancnelson> don't install a mailserver there :)[01:21:20] <ryancnelson> ... 'cause you blow it away every time there's an update. (every time you reboot, actually)[01:21:31] <zr0> even though it runs ssh, smtp, and snmp[01:21:36] <ryancnelson> and that's a good thing[01:21:49] <ryancnelson> it doesn't run snmp, and doesn't listen on smtp[01:23:18] *** newlix_ has joined #smartos[01:23:20] <zr0> you're right, my bad. it does run sunrpc though.. is that necessary?[01:26:53] *** newlix has quit IRC[01:27:43] <xmerlin> ryancnelson, I've understood and I'm agree with you but I've some limitation with my actual server ...[01:27:54] <xmerlin> s/limitation/limitations/[01:28:22] <xmerlin> the isp gives me only 1 nic 1 vlan etc[01:29:03] *** nikolam has joined #smartos[01:34:56] <ryancnelson> in that case, you're ok with /opt/custom/smf[01:35:18] <jamesd> of course you are free to use a router that can be a firewall and do nat and port forwarding....[01:35:34] *** potatosalad has quit IRC[01:35:50] *** newlix_ has quit IRC[01:36:19] *** newlix has joined #smartos[01:39:51] *** nickp has quit IRC[01:48:25] <xmerlin> what's the difference between booting smartos from a pxe server and booting it from usb or cdrom? ...because I've seen a difference between my local smartos installation and the smartos of the ISP ...in my install I can install also some packages[01:49:34] <xmerlin> FYI the version of the two is not the same[01:50:03] <xmerlin> ISP 20120906 and my local installation 20121213[01:50:08] <rmustacc> Thre's no difference. The trick is making sure you have the right boot parameters.[01:50:22] <rmustacc> That's what generally changes.[01:50:26] <xmerlin> ah[01:50:42] <xmerlin> another problem with the ISP installation :-([01:51:24] <rmustacc> Well, if you control the pxe server, usb, or cdrom images then this is all in your control.[01:51:42] <xmerlin> no I've not control on the pxe server[01:51:52] <xmerlin> it's the pxe server of the isp[01:51:58] <rmustacc> How do they set the grub boot parameters then?[01:52:31] <xmerlin> I think they have chosen some defaults ...but I cannot change them[01:52:41] <xmerlin> I've asked to boot from an usb key[01:52:47] <xmerlin> but it's not so simply[01:52:57] <xmerlin> they don't want to change things[01:52:57] <rmustacc> Oh they're on 0906.[01:53:08] <rmustacc> I mean the image has changed in three months.[01:53:22] <xmerlin> I know[01:53:29] <xmerlin> very bad service[01:54:02] <rmustacc> That stuff happens.[01:54:17] <xmerlin> *don't use OVH ...their support is a pain*[01:58:11] <nahamu> did they provide the initial installation of the global zone? is it a mirrored pool?[01:59:45] <xmerlin> mirrored pool only for zones ...smartos is loaded using pxe[02:01:17] <xmerlin> I'm thinking about jamesd suggestion ...I've a /16 routed to the IP of the global zone ...so I cannot use a firewall zone to manage the vm traffic ...am I right?[02:02:01] <xmerlin> a /28 not a /16 sorry[02:02:20] <nahamu> if you only have 1 IP address and no remote console, it would be very tricky to reconfigure it to use a zone as the firewall/nat[02:02:56] <xmerlin> I've a remote console and I have 1 ip for the smartos global zone and a full /28[02:03:17] <xmerlin> but the /28 is routed to the ip of smartos[02:03:21] <xmerlin> GZ[02:03:33] *** newlix_ has joined #smartos[02:04:18] <nahamu> right, but if you use the remote console, turn off the IP address in the GZ, give the GZ a non-routable IP address and create a zone to take over the IP address.[02:05:14] <nahamu> also, if you have a remote console, could you manually reconfigure it to boot off the disks?[02:05:24] <xmerlin> no I cannot[02:05:32] <xmerlin> the bios is locked :([02:05:40] <xmerlin> and I cannot change the boot order[02:05:44] <nahamu> got it.[02:05:55] <nahamu> yeah, so you're stuck on their version of smartos[02:05:58] <ryancnelson> you would want them to route your /28 to the ip of a zone, not the ip of the global[02:06:15] <ryancnelson> ... then make that zone be a route[02:06:19] <ryancnelson> router[02:08:00] *** newlix_ has quit IRC[02:12:30] *** trentster1 has joined #smartos[02:12:30] *** trentster has quit IRC[02:14:03] <xmerlin> not so simple ...I cannot change the target IP of the /28 and if I add another IP is everytime an IP routed to the main IP[02:14:57] *** trentster1 has left #smartos[02:15:36] *** trentster1 has joined #smartos[02:16:01] *** trentster1 has quit IRC[02:16:28] *** trentster has joined #smartos[02:18:52] <AlainODea> Is there a list of hostnames somewhere that I need to allow connections to through my firewall/webfilter from SmartOS? I know I need download.joyent.com to get releases and datasets.joyent.com to get images and pkgsrc.joyent.com to get packages. Are there any others? Should I put this on wiki.smartos.org?[02:19:43] <AlainODea> To clarify download.joyent.com isn't needed from SmartOS necessarily, but is useful to have on the PXE server[02:20:00] <ryancnelson> that list will always be a moving target[02:20:33] <ryancnelson> the ubuntu images have something.canonical.org in them... do we put that on the list?[02:20:45] <AlainODea> ryancnelson: that makes sense. We are pretty strict on outbound connections from our DC.[02:21:14] <ryancnelson> "don't filter outbound traffic, or if you do, you're on your own."[02:22:38] <ryancnelson> i'd say something that doesn't fail gracefully if blocked outbound is a bug.[02:23:00] <ryancnelson> ... we used to have images that wouldn't provision if they couldn't reach datasets.joyent.com ... that was a bug[02:23:35] <ryancnelson> but now, if that's down, or unreachable, then you just don't get your pkgin update at first boot. no big deal, and blame your firewall cop for the lack of functionality[02:23:49] <AlainODea> ryancnelson: LOL. Fair enough. It's not really an option generally since we have to avoid exfiltration. However, it would work for the SmartOS hosts since they'd be on a separate network/VLAN.[02:24:56] <ryancnelson> when smartos has a million users, we'll have to put those services on a CDN, so there'll be no "safe list" ... if you're the NSA (are you??!!!??) , then you already know how to solve this[02:25:07] <AlainODea> ryancnelson: I am one of the firewall cops. I'm a weird beast in that I am a programmer, but I have taken on a lot of network design/ops responsibilities.[02:25:39] <ryancnelson> i guess i'd say "watch it, and allow as needed..."[02:26:17] <ryancnelson> 'cause we can't know if you need to reach the microsoft license servers, or redhat's yum repo, or what[02:26:33] <AlainODea> ryancnelson: not NSA, I work for a company that deals with sensitive data though so we lean towards the paranoid end of the least privilege spectrum :)[02:26:48] <ryancnelson> ... and, i think some packages fetch from other sources... like the java jdk one[02:27:01] <AlainODea> ryancnelson: good to know[02:27:03] <ryancnelson> etc, etc, etc...[02:27:45] <AlainODea> ryancnelson: practically speaking it comes down to trusted domains and a good webfilter. That works a hell of lot better than an IP firewall for stuff like this.[02:28:12] <rmustacc> Sounds like it may make more sense to set up your own mirrors of those things and use an internal mirror in the future.[02:28:23] <ryancnelson> right... but *i'm* not going to tell you to allow *.microsoft.com ...[02:29:05] <ryancnelson> we have some customers already overloading pkgsrc.joyent.com in their firewalls ... it's kind of a pain, but i understand why[02:29:42] <AlainODea> rmustacc: that makes sense. Does SmartDataCenter do the mirroring? Are their SmartMachines that do?[02:29:42] <siezer> is it possible to export an nfs share from a smartmachine?[02:30:30] <AlainODea> ryancnelson: LOL. I cannot wait to evict Windows from our DC. It's in progress. I've taken enough airtime. Thank you folks :)[02:32:24] <ryancnelson> no. our recommendation is "don't."[02:32:59] <ryancnelson> also, no you can't be an NFS server in a zone[02:33:06] <rmustacc> AlainODea: There currently is not any magic in SDC to do that.[02:34:09] <ryancnelson> it's just http. transparent http proxy ftw[02:35:09] *** disharmony has quit IRC[02:36:12] *** stonecobra has joined #smartos[02:37:02] *** potatosalad has joined #smartos[02:37:45] *** stonecobra has quit IRC[02:39:33] <xmerlin> c.u. and thanks[02:39:38] *** xmerlin has quit IRC[02:43:34] <AlainODea> ryancnelson: no magic! Plain HTTP and proxying? Surely you jest. I'm glad to hear that. I can put in any old http proxy which is a huge win. Thoughts of WSUS bring back bad memories.[02:45:59] <ryancnelson> ... and it'll cache, and access-control, and check to see if the files have changed recently... really, it's a solved problem.[02:52:32] <AlainODea> ryancnelson: sold. It took me 6 years to sell REST at work, now that people have bought in something like this is a wonderful cherry on top :)[02:55:47] <AlainODea> A SmartMachine inside SmartOS inside ESX seems to have difficulty with networking. I tried to set up a PXE server in the global zone before realizing that's an anti-pattern and then tried in a zone and couldn't get networking beyond the zone to the global zone. I know this is weird territory. The vmwarebr bridge is there, but I can't ping other hosts on the same subnet. Those hosts and the global zone can[02:56:15] <AlainODea> Is there a solution other than not using ESX, which is obvious, but inconvenient at the moment :)[03:02:26] *** jim80net has quit IRC[03:12:06] *** rc10 has joined #smartos[03:13:11] *** dap has quit IRC[03:15:27] *** ryancnelson has quit IRC[03:23:57] <trentster> rmustacc: any opinions on the long discussion going on on the mailing list at the moment re: kvm network performance ?[03:39:02] *** disharmony has joined #smartos[03:40:12] <AlainODea> trentster: I am also very interested in views on that. It concerns me since we just resolved a network performance issue that turned out to be related to an obscure Group Policy setting in Windows.[03:40:33] <AlainODea> trentster: introducing another issue would be unpopular to say the least[03:59:56] *** potatosalad has quit IRC[04:01:34] *** potatosalad has joined #smartos[04:03:09] *** daleg has quit IRC[04:19:08] *** potatosalad has quit IRC[04:19:53] *** iyp has joined #smartos[04:20:33] <rmustacc> trentster: I haven't had much of a chance to look into the details.[04:20:45] <rmustacc> Been pretty busy with other stuff.[04:22:38] <rmustacc> I've benerally looked at tcp and not udp.[04:22:57] <rmustacc> *generally[04:24:18] <rmustacc> Still not sure why anyone is looking at e1000.[04:35:29] *** iyp has quit IRC[04:41:00] *** wolstena has quit IRC[04:50:52] *** wolfeidau has quit IRC[04:51:30] *** wolfeidau has joined #smartos[04:57:09] *** sachinsharma has joined #smartos[05:01:45] *** wolstena has joined #smartos[05:04:42] *** wolfeidau has quit IRC[05:07:13] *** wolfeidau has joined #smartos[05:08:28] *** wolfeidau has quit IRC[05:18:45] *** badboy_ has quit IRC[05:18:54] *** benbangert has quit IRC[05:20:41] *** prasm has quit IRC[05:20:42] *** meTaAU has quit IRC[05:21:16] *** fly_ has quit IRC[05:21:21] *** Mareo has quit IRC[05:22:58] *** prasm has joined #smartos[05:25:12] *** fly_ has joined #smartos[05:27:33] *** Raynos_ has joined #smartos[05:27:44] *** Mareo has joined #smartos[05:29:09] *** benbangert has joined #smartos[05:31:02] *** meTaAU has joined #smartos[05:31:34] *** badboy_ has joined #smartos[05:32:13] *** wolstena has quit IRC[05:34:48] *** tonyarkles has joined #smartos[05:37:24] *** gregburd_ has joined #smartos[05:37:31] *** reiddraper_ has joined #smartos[05:37:44] *** potatosalad has joined #smartos[05:42:24] *** tonyarkles_ has joined #smartos[05:42:24] *** tonyarkles has quit IRC[05:42:24] *** tonyarkles_ is now known as tonyarkles[05:46:13] *** rc10 has quit IRC[05:51:45] *** potatosalad has quit IRC[05:53:05] *** sachinsharma has quit IRC[06:08:42] *** potatosalad has joined #smartos[06:10:20] *** potatosalad has quit IRC[06:19:59] *** potatosalad has joined #smartos[06:22:52] *** tonyarkles has quit IRC[06:27:01] *** tonyarkles has joined #smartos[06:33:50] *** rc10 has joined #smartos[06:37:54] *** potatosalad has quit IRC[06:47:09] *** tonyarkles has quit IRC[06:59:04] *** sachinsharma has joined #smartos[07:05:02] *** potatosalad has joined #smartos[07:24:04] *** linuxprofessor has joined #smartos[07:45:06] *** jamesd has quit IRC[08:02:42] *** marsell has quit IRC[08:03:18] *** potatosalad has quit IRC[08:06:01] *** potatosalad has joined #smartos[08:43:08] *** alucardX has joined #smartos[08:47:18] *** alcir has joined #smartos[08:51:30] *** darjeeling has quit IRC[08:51:38] *** potatosalad has quit IRC[08:51:59] *** linuxprofessor has quit IRC[09:02:21] *** daniel_wu has joined #smartos[09:08:42] *** linuxprofessor has joined #smartos[09:10:28] *** KermitTheFragger has joined #smartos[09:12:28] *** xinkeT has quit IRC[09:24:31] *** texarcana has joined #smartos[09:36:48] *** bens1 has joined #smartos[09:42:24] <alcir> so[09:42:38] <alcir> chef and others[09:42:46] <alcir> what are designed for[09:42:53] <alcir> to configure smartos GZ?[09:44:14] *** Azbruh_ has quit IRC[09:44:15] *** kumiduck has quit IRC[09:44:16] *** joshie has quit IRC[09:44:18] *** bahamas10 has quit IRC[09:44:20] *** scanf has quit IRC[09:44:23] *** Niamkik has quit IRC[09:44:24] <rmustacc> They're just things used for configuration management.[09:44:25] <rmustacc> You coud use it to configure the smartos GZ if you wanted to.[09:46:14] *** Azbruh_ has joined #smartos[09:46:14] *** kumiduck has joined #smartos[09:46:15] *** joshie has joined #smartos[09:46:15] *** bahamas10 has joined #smartos[09:46:15] *** scanf has joined #smartos[09:46:15] *** Niamkik has joined #smartos[09:48:35] *** ajeffco has quit IRC[09:49:42] *** darjeeling has joined #smartos[09:59:31] *** darjeeling has quit IRC[10:02:38] *** Cpt-Oblivious has quit IRC[10:03:31] *** kamilr has joined #smartos[10:03:46] <kamilr> Hi there[10:04:03] <kamilr> Can someone tell me how can i create dataset with two disks ?[10:04:09] <kamilr> Is it possible at all ?[10:06:27] <MerlinDMC> kamilr, smartos zone or kvm?[10:06:52] <MerlinDMC> oh sry ... you want to create a dataset for imgadm[10:08:32] <MerlinDMC> imgadm seems to only import one dataset stream[10:09:14] <kamilr> KVM[10:10:13] <MerlinDMC> by default a second disk for kvm is handled by the smartos-vmtools and formated as data disk mounted as /data[10:11:22] <MerlinDMC> datasets currently have only one disk (the system disk) bundled ... if you have a situation where there is the need to bundle more than one you should probably bug the mailing list and/or create an issue[10:19:50] *** haydock has joined #smartos[10:21:36] *** alucardX has quit IRC[10:34:24] *** sjorge has quit IRC[10:36:07] *** sjorge has joined #smartos[10:38:57] *** trentster has left #smartos[10:42:49] *** mamash has joined #smartos[10:44:55] *** darjeeling has joined #smartos[10:51:02] *** mamash has left #smartos[10:52:39] *** reiddraper has quit IRC[10:52:40] *** gregburd has quit IRC[10:52:43] *** Raynos has quit IRC[10:54:52] *** Raynos_ has quit IRC[10:54:54] *** gregburd_ has quit IRC[10:54:59] *** reiddraper_ has quit IRC[11:05:06] *** xmerlin has joined #smartos[11:10:30] *** reiddraper_ has joined #smartos[11:16:37] *** Raynos_ has joined #smartos[11:17:19] *** gregburd_ has joined #smartos[11:26:50] <MerlinDMC> kamilr, fork the project and add your zpool option ... that should be the easiest way to get it integrated ;)[11:30:12] <kamilr> what if there is more places than one with zpool name "zones"?[11:30:27] <kamilr> btw. it's not such bad idea ;-)[11:31:45] <kamilr> btw2. you are on the mailing list all day? ;-)[11:33:08] *** darjeeling has quit IRC[11:33:31] <MerlinDMC> yes ... i'm working here ... so i read emails also ;)[11:34:13] <MerlinDMC> and every time i wait for a build i can just talk a bit :P[11:34:46] <JT-EC> http://xkcd.com/303/[11:35:13] <MerlinDMC> shhht![11:37:19] *** darjeeling has joined #smartos[11:37:21] <kamilr> http://wiki.smartos.org/display/DOC/Building+SmartOS+on+SmartOS[11:37:27] <kamilr> this is the how to ?[11:37:35] <kamilr> for creating my own smartos img ?[11:39:35] <MerlinDMC> yep[11:59:46] <alcir> another question[12:00:04] <alcir> I have a KVM machine under linux, or a virtualbox machine[12:00:15] <alcir> can I import them in smartos?[12:14:51] <MerlinDMC> dd the disk ... or use clonezilla or smth like that[12:16:24] <alcir> uh[12:16:26] <alcir> ok[12:16:42] <alcir> and how to attach to a smartos vm?[12:16:54] <alcir> I must create a zfs first?[12:17:12] <MerlinDMC> create a kvm vm and use the automatically created disk as target[12:17:47] <alcir> uh[12:17:55] <alcir> not clear[12:18:17] <Zigara> instructions not clear, got penis stuck[12:18:23] <alcir> ahaha[12:20:31] <Zigara> alcir: when you create a kvm vm on smartos (using vmadm create) it creates a zfs disk[12:20:54] <Zigara> well, when you create any vm[12:23:04] <alcir> yes ok[12:23:34] <alcir> but how to dd the source in the pool???[12:25:11] *** darjeeli_ has joined #smartos[12:25:36] *** darjeeling has quit IRC[12:33:17] *** rc101 has joined #smartos[12:33:17] *** rc10 has quit IRC[12:34:09] *** sachinsharma has quit IRC[13:05:02] <alcir> I can do dd if=mydisk of=/dev/zvol/rdsk/zones/d1f114f3-5ebe-4031-9632-1f0fa832bbf0-disk0[13:05:03] <alcir> ??[13:11:13] <rc101> hi, i have downloaded a driver from lsi and want to include it in a ISO - any pointers ?[13:14:55] <xmerlin> hi to all ...just a simple question ...when smartos ask about drives to create the pool ...how it assemble them ? ...raidz ...a stripe of mirrors ...raidz2...?[13:17:50] *** sachinsharma has joined #smartos[13:18:14] *** mamash has joined #smartos[13:18:21] <arekinath> last I checked, if you give it 2 disks, it mirrors them, and >2 it creates a raidz1?[13:18:30] <arekinath> someone was talking about making that screen not suck though[13:18:32] <arekinath> can't remember who[13:18:59] <xmerlin> because I've installed smartos on 4 x 223 and the final volume is 888[13:19:03] <xmerlin> so ...a raid 0[13:19:10] <xmerlin> and it's bad ;)[13:19:13] *** Cpt-Oblivious has joined #smartos[13:19:55] <arekinath> I usually only give it two disks, and then use zpool after setup has finished to do the rest[13:20:04] *** Cpt-Oblivious has quit IRC[13:20:15] <arekinath> one disk is ok too[13:20:27] <arekinath> dunno what the best way is to do a z2 or similar as the zones pool though[13:20:54] <xmerlin> 4 disk ...I prefer a stripe of mirrors[13:21:16] <xmerlin> same redundancy of raidz2 but better performances[13:21:55] <arekinath> no, it's not the same as raidz2... a raidz2 can lose _any_ two disks, a pair of mirrors can only lose one on one side and one on the other[13:22:00] *** mamash has left #smartos[13:22:15] <arekinath> it actually can be noticeably different from a failure probability perspective[13:22:17] *** bens1 has quit IRC[13:22:20] <xmerlin> yes I know[13:22:40] <xmerlin> but raidz2 sucks with only 4 drives[13:23:26] <arekinath> it turns your 0.3% over 5 years into 0.03% over 5 years. wooo, already very small. ;) and costs performance, yeah[13:24:08] <arekinath> (note: numbers completely made up)[13:28:48] <xmerlin> from an iops perspective a striped mirror is 2X WRITE and 4x READ ...a dual parity is X/2 WRITE and 4X READ ...where X is the IOPS of the single drive[13:29:35] <xmerlin> I'm a little worried about DB performances with dual parity[13:30:25] <xmerlin> and I'm a little worried ...why it created a simple stripe :([13:31:25] *** khushildep has joined #smartos[13:32:05] *** Cpt-Oblivious has joined #smartos[13:34:04] <xmerlin> is there a grub parameter to start the install menu?[13:48:16] *** khushildep has quit IRC[13:48:46] *** khushildep has joined #smartos[13:51:19] *** nikolam has quit IRC[14:08:18] *** bdha has quit IRC[14:25:19] *** sachinsharma has quit IRC[14:28:15] *** ira has joined #smartos[14:35:22] *** nikolam has joined #smartos[14:48:21] *** darjeeli_ has quit IRC[14:50:38] *** khushildep has quit IRC[14:59:43] *** Teknix has joined #smartos[15:04:35] <nahamu> good morning, Teknix[15:05:41] *** jdefelice has quit IRC[15:09:46] <alcir> windows xp 32 bit works?[15:16:01] *** jim80net has joined #smartos[15:36:53] *** rc101 has quit IRC[15:38:55] *** linuxprofessor has quit IRC[15:48:17] *** khushildep has joined #smartos[15:49:22] *** CarlosC has joined #smartos[15:50:56] *** linuxprofessor has joined #smartos[15:50:57] *** daniel_wu has quit IRC[15:51:48] *** daniel_wu has joined #smartos[15:56:56] *** neophenix has joined #smartos[16:06:52] *** jamesd has joined #smartos[16:08:43] *** khushildep has quit IRC[16:09:05] *** khushildep has joined #smartos[16:15:06] *** darjeeli_ has joined #smartos[16:20:12] *** bens1 has joined #smartos[16:23:03] *** Teknix has quit IRC[16:24:51] *** Teknix has joined #smartos[16:27:41] *** darjeeli_ has quit IRC[16:29:47] *** darjeeli_ has joined #smartos[16:32:51] *** potatosalad has joined #smartos[16:39:54] *** khushildep has quit IRC[16:40:20] *** khushildep has joined #smartos[16:42:25] <alcir> for smartos the only gui project is fifo?[16:43:00] <Licenser> alcir there is joyents Smart Data Center but those two are the only things I know of at least[16:43:07] <MerlinDMC> and sdc ... but that's not that opensource[16:44:27] <alcir> joyents Smart Data Center is not opensource[16:44:41] <Licenser> but it's a GUI project ;)[16:45:07] <alcir> because I must evaluate smartos for my company[16:45:09] <Licenser> and much further/stable/more usable then FiFo at the moment ^^[16:45:32] <jamesd> smartos is not your eyecandy project unless you like dtrace based eyecandy[16:45:49] <Licenser> must? You have the privilege :) there is little better stuff around the SmartOS at the moment :D[16:46:29] <alcir> :-)[16:46:58] <Licenser> but if you evaluate it for your company you really should look at SDC[16:49:13] *** khushildep has quit IRC[16:49:39] *** khushildep has joined #smartos[16:49:57] <xmerlin> I've missed some important bits ....I boot smartos from usb -> I cannot install packages in GZ ...I boot smartos from CD and I can install packages ...the boot params are the same :([16:50:20] <xmerlin> different machines ...same release ...now[16:50:29] <Licenser> xmerlin you should not install packages in the GZ ;)[16:50:35] <xmerlin> you are right[16:50:55] <xmerlin> but I need to[16:52:10] <xmerlin> and I also need to understand why such different behaviour[16:52:23] <jamesd> in other news, you can't install KDE or gnome in esxi either....[16:52:35] <xmerlin> I don't want to install kde or gnome[16:52:53] <xmerlin> I want to install openvpn and tools like that[16:55:36] <KermitTheFragger> im a smartos noob, but wouldn't it be better to rebuild the smartos ISO to include those tools if you REALLY needed those in the global zone?[16:55:48] <KermitTheFragger> instead of installing the packages[16:55:56] <KermitTheFragger> with an overlay perhaps[17:00:40] <alcir> but SDC is not open and not free[17:01:28] <jamesd> somethings in life you just have to pay for, they are that good and powerful[17:02:48] <linuxprofessor> why don't you just install the packages in a zone instead?[17:02:57] <linuxprofessor> like god intended :p[17:03:07] *** rc10 has joined #smartos[17:04:35] <xmerlin> linuxprofessor, because I need them in GZ ... KermitTheFragger ...I'm agree is better to rebuild[17:04:55] <linuxprofessor> why? =)[17:06:18] <linuxprofessor> isn't it just easier to bind a vnic to that nic and install it in a zone instead?[17:06:44] <xmerlin> no because I need to talk directly with the GZ[17:07:19] <linuxprofessor> just ssh into it[17:07:26] *** ryancnelson has joined #smartos[17:08:00] *** rc10 has quit IRC[17:08:26] *** kamilr has quit IRC[17:08:59] <Licenser> xmerlin a hardware firewall is also a solution[17:09:14] <Licenser> sounds silly but older netscreens 200 series are quite cheep by now[17:09:28] <linuxprofessor> i'm intrigued to know why you need this, hehe[17:09:30] <xmerlin> the public ip of this smartos is now assigned to a vm, the global zone have only 1 private ip natted ...I want openvpn client in the GZ to connect to an external vpn server[17:09:41] <xmerlin> Licenser, I cannot add a firewall there[17:10:20] *** rc10 has joined #smartos[17:10:22] <xmerlin> I'm trying to overcome some limitations of the isp[17:10:34] <linuxprofessor> for some reason smartos doesn't seem like the obvious choice, hehe[17:10:46] <ryancnelson> "switch isps" is another option[17:10:58] <xmerlin> I'm testing also another isp ;)[17:11:33] <xmerlin> but as I can see there is also the same perversion in managing IPs[17:11:54] <xmerlin> different nation ...same perversion ...brrr[17:11:56] <xmerlin> :-P[17:12:16] <linuxprofessor> you usually get one public IP, enough for me. hehe[17:12:32] *** khushildep has quit IRC[17:12:46] *** tonyarkles has joined #smartos[17:12:56] <xmerlin> linuxprofessor, a bit imcompatible with some vms in the same hw[17:13:00] *** khushildep has joined #smartos[17:13:19] <alcir> ehm[17:13:25] <linuxprofessor> run a dedicated firewall with nat and port forward whatever you need to the inside[17:13:38] <linuxprofessor> the firewall can be in a vm ofc[17:13:45] <alcir> and there is a way to have an nfs shared disk containing all the vm[17:14:00] <alcir> in order to migrate them from a real server to another ...[17:14:01] <alcir> ?[17:14:03] <ryancnelson> no[17:14:09] <ryancnelson> that's by design[17:14:14] <alcir> uh[17:14:28] <alcir> and to have high availability?[17:14:53] <ryancnelson> not going to have this discussion on irc for the 200th time. google it.[17:14:58] <xmerlin> linuxprofessor, I'm working on it ...but these ISPs route a full subnet to the main IP of the vm ...and the possibilities are two ....I can add ipfilter in the global zone ...or I can move the main IP to a VM and using it like a firewall[17:15:15] <linuxprofessor> then do the last one =)[17:15:30] <alcir> ryancnelson, ok thank you[17:15:33] <xmerlin> I'm following this way...[17:15:33] <ryancnelson> putting your vm's on nas/san actually makes things less available, and makes performance suck. smartos is designed for vm's on local storage[17:15:35] <linuxprofessor> and don't use dhcp on the gz[17:15:36] *** nikolam has quit IRC[17:16:02] <linuxprofessor> just connect it to a vnic on the vm and use dhcp there[17:16:32] *** nikolam has joined #smartos[17:17:24] <xmerlin> I don't want dhcp[17:17:45] <linuxprofessor> well, use a static IP then[17:17:53] <xmerlin> of course[17:18:16] <linuxprofessor> just that most ISPs use dhcp[17:29:11] *** khushildep has quit IRC[17:35:56] *** khushildep has joined #smartos[17:37:11] *** khushildep has quit IRC[17:45:23] <konobi> morning[17:46:10] <linuxprofessor> evening[17:46:53] *** tonyarkles has quit IRC[17:48:31] *** rc10 has quit IRC[17:52:49] *** tonyarkles has joined #smartos[17:59:11] *** daleg has joined #smartos[18:00:54] *** alcir has quit IRC[18:19:16] <xmerlin> is it necessary compute_node_ntp_hosts in a scenario with only 1 server?[18:19:47] <xmerlin> I've pool.ntp.org in ntp_hosts but it complains about a misconfigured service[18:26:54] *** potatosalad has quit IRC[18:34:54] *** potatosalad has joined #smartos[18:38:52] <konobi> xmerlin: do you have dns resolution working in your GZ?[18:39:01] <xmerlin> yes[18:39:22] <xmerlin> if I manually do the ntpdate all works as expected[18:40:34] *** KermitTheFragger has quit IRC[18:41:59] <konobi> but svcs is showing ntpd as down?[18:46:33] <xmerlin> maintenance[18:49:04] <linuxprofessor> scvadm clear[18:49:06] <konobi> sometimes ntp service can be a bit finicky coming up, you can always svcadm clear it to try again[18:49:19] <linuxprofessor> svc[18:49:24] <linuxprofessor> always typing that wrong :([18:49:56] <xmerlin> done but now is offline[18:50:07] <xmerlin> and also a restart doesn't change the status[18:50:27] <xmerlin> now is online[18:50:32] <xmerlin> ...the ntp magic[18:50:43] <xmerlin> :-O[19:07:09] *** bens1 has quit IRC[19:11:49] *** tonyarkles_ has joined #smartos[19:11:49] *** tonyarkles has quit IRC[19:11:50] *** tonyarkles_ is now known as tonyarkles[19:12:28] *** linuxprofessor has quit IRC[19:15:22] <xmerlin> centos6 and debian templates are empty?[19:27:52] *** nikolam has quit IRC[19:28:36] *** nikolam has joined #smartos[19:33:59] *** bens1 has joined #smartos[19:46:46] *** deirdres has joined #smartos[19:47:30] *** neophenix has quit IRC[19:51:55] *** bens1 has quit IRC[19:52:08] *** Tabrenus has joined #smartos[19:55:33] *** Raynos_ is now known as Raynos[20:01:38] *** neophenix has joined #smartos[20:05:43] *** Tabrenus has quit IRC[20:16:06] *** wolstena has joined #smartos[20:24:06] *** jim80net has quit IRC[20:24:13] <nikolam> Anyone have an idea if sound (microphone/audio out) would work for guest machines in smartos-illumos / KVM ?[20:24:38] <rmustacc> No, sorry. I don't think we emulate anything like that in qemu.[20:25:17] <nikolam> ok rmustacc[20:25:33] <rmustacc> You might want to look at something like spice.[20:25:44] <rmustacc> Though the microphone part is definitely less blazed territory than audio.[20:26:37] <nikolam> btw, will virtualbox work under smartos?[20:27:27] <nikolam> i am not expexting it to, but just to ask.[20:29:33] <rmustacc> Maybe?[20:29:55] <rmustacc> I wouldn't use its capabilities to use VT-X at the same time as KVM.[20:34:01] <nahamu> nikolam: the physical hardware's sound card can't be passed through to the VM, but QEMU can present virtual sound hardware. If you use a spice-enabled QEMU build you can use the spice protocol to access that sound device.[20:35:02] <nikolam> application is skype inside linux guest.[20:35:11] <nahamu> as for virtualbox, if the linux version provides insight (no guarantee...), under linux only 1 of the kvm driver or the virtualbox driver can be loaded at the same time.[20:35:45] <nahamu> so if you wanted to use virtualbox under smartos and get good performance you'd probably have to find a way to disable the kvm driver.[20:36:02] <nikolam> nahamu, ok[20:36:03] <nahamu> but at that rate just use omnios or openindiana unless you're using lots of zones too.[20:36:55] <nikolam> i tried virtualbox inside openindiana and could not get microphone working in guest, to wented to explore optioins.[20:37:50] <ryancnelson> running voip inside a hypervisor, inside another hypervisor, inside a zone, with emulated sound hardware, *after* you've disabled the kvm driver in the native OS is going to SUUUUUUCK[20:38:04] <ryancnelson> don't do it.[20:38:32] <nahamu> +1[20:39:27] <nahamu> I've used the google talk plugin inside a spice-enabled VM using a camera passed through with usb-redirection. It mostly worked, but it's not ideal.[20:41:55] <nahamu> hmm... just called my cell phone from google talk in that spice-enabled VM. That might be fine.[20:42:07] <nahamu> so for sound only spice might work pretty well.[20:42:32] <nahamu> nikolam: if you're feeling adventurous, http://wiki.smartos.org/display/DOC/Spice+on+SmartOS[20:45:03] <nikolam> nahamu, i see. so it streams everything to the client.[20:45:40] <nahamu> correct. you'd still need a separate client machine.[20:46:17] <nahamu> but if you only have 1 machine and want to run skype on it, you're sadly probably best off just running linux (but use the zfsonlinux so that you can at least have ZFS)[20:46:31] <konobi> rpi's are cheap =0)[20:47:09] <nahamu> konobi: I haven't had a chance to try an rpi as a spice client yet, but it would be great if we didn't need dual-head support...[20:47:30] <nikolam> nahamu, you think it can not use client for spice on same machine, where guest is inside kvm with spice?[20:47:42] <nahamu> smartos doesn't have an X server...[20:49:11] <rmustacc> Some day in fantasy future land I'm running wmii on it and life is great.[20:49:44] <nahamu> if we ever get to fantasy future, I will get the spice client to build and run too.[20:50:02] <nahamu> and then benr can run *every* OS on his server/desktop :)[20:50:04] <rmustacc> Isn't fantasy future land a great place?[20:50:33] <nikolam> yes I see, I also have OI on notebook.[20:51:05] <nikolam> In fantasy land, KVM would support PCI pass trough like Xen does and have fast 3D.[20:51:48] <nikolam> In fantasy land, there would be some API supported by graphics cards to share graphics between guest and host[20:52:05] <ryancnelson> if xen is so great, why are you in #smartos[20:52:41] <rmustacc> Really in my fantasy future land you don't need KVM. ;)[20:52:51] <nikolam> ryancnelson, xen is not great because it is not supported on illumoses now.[20:52:53] <konobi> nahamu: $35![20:53:18] * nikolam going to restart due to testing Gnome.[20:53:23] *** nikolam has quit IRC[20:57:09] *** Webhostbudd has joined #smartos[20:58:49] *** MacSpengo has joined #smartos[21:00:30] <MacSpengo> Quick questions. How would I go about creating a VM or Zone and having it use storage from an iSCSI/NFS instead of using the zone pool created during install?[21:01:30] *** Webhostbudd_ has joined #smartos[21:02:00] <rmustacc> The primary backing store with SmartOS must be local storage.[21:03:17] *** jim80net has joined #smartos[21:03:19] <MacSpengo> okay, is there any live migration or something. How would I move a VM/Zone to a different machine. I tried the vmadm send and receive. But that does not appear to work.[21:03:36] <ryancnelson> there's no live migration.[21:04:55] <konobi> if vmadm send/receive aren't working, file a ticket on the smartos-live repo with details[21:05:03] *** CarlosC has quit IRC[21:05:12] *** Webhostbudd has quit IRC[21:08:00] <MacSpengo> so there is now way to use shared storage, no live migration. the only way to move a VM from one node to another is by the send/receive?[21:08:26] <rmustacc> You can mount shared storage from inside your VM.[21:08:35] <rmustacc> We don't have live migration at this time.[21:08:48] <rmustacc> If you want HA we've been proponents of not hacking it into the VM, but doing it properly in the data layer.[21:09:23] <rmustacc> Use whatever your application needs to do for it.[21:09:40] <rmustacc> It isn't the VMware + SAN model.[21:10:15] <chris---> the faq says roughly oct 1 kvm migrations will be in sdc![21:10:21] <chris---> which oct1... :)[21:10:46] <ryancnelson> which faq? nobody said that.[21:10:52] <chris---> guess not the faq[21:11:00] <chris---> Questions from SmartOS the Modern OS Webinar[21:11:02] <MacSpengo> I see, so basically the smartos model is to allow the VM and apps running inside to handle HA or other aspects of HA[21:11:14] <chris---> " QEMU live migration can be used with SmartOS and we are integrating that into SmartDataCenter, scheduled for roughly October 1st."[21:11:28] <rmustacc> MacSpengo: Yes[21:11:41] <MacSpengo> rmustacc: well that explains a lot[21:12:12] <chris---> http://wiki.smartos.org/display/DOC/Questions+from+SmartOS+the+Modern+OS+Webinar[21:12:14] <MacSpengo> I have been struggling for many days now. I guess it is back to the drawing board on what I would like to do[21:12:42] <MacSpengo> I really appreciate all your help. Thanks for the quick responses.[21:12:49] <rmustacc> No problem.[21:13:01] <rmustacc> If there's something we can do to make it easier to discover that or make it clearer let me know.[21:13:17] <rmustacc> We want to be as clear about what we're actually doing and what we're not as we can.[21:14:06] <MacSpengo> That is great! I really love the software, I just have to figure out how I can incorporate it into my infrustructure[21:14:26] <konobi> seems like there needs to be a "FAQ on IRC" page =0)[21:15:57] <MacSpengo> rmustacc: What I was trying to accomplish, was setting up 2 system to run HAST in a VM to build a redundant virtual storage system. Any suggestions on how I can do this?[21:16:48] <MacSpengo> rmustacc: I noticed that VT-d does not appear to be supported in smartos's verison of qemu.[21:17:16] <rmustacc> I have to roll out for a bit, sorry. But we do not support VT-d.[21:18:48] *** wramthun2 has joined #smartos[21:19:14] *** wramthun3 has quit IRC[21:20:26] *** MacSpengo has quit IRC[21:31:42] *** tRothChild has joined #smartos[21:40:11] *** wolfeidau has joined #smartos[21:40:50] *** wolfeidau has quit IRC[21:42:03] *** wolfeidau has joined #smartos[21:42:37] *** linuxprofessor has joined #smartos[21:48:28] *** Webhostbudd_ has quit IRC[21:52:04] *** nikolam has joined #smartos[21:58:11] *** jamesd has quit IRC[21:59:50] *** Cpt-Oblivious has quit IRC[22:03:22] *** ryancnelson has quit IRC[22:03:58] <konobi> VT-d isn't really supported anywhere at the moment[22:18:53] <linuxprofessor> sure it is, but not in smartos =)[22:19:20] <linuxprofessor> guess the ppl at joyent thinks it's pointless since it has no place in the cloud[22:19:30] <linuxprofessor> or if you're a cloud provider[22:19:51] <richlowe> I can't speak for anyone else, but I have it bucketed as "not worth the effort".[22:20:07] <richlowe> as far as ploughing my free time into it.[22:20:18] <linuxprofessor> nah, don't bother[22:21:27] <linuxprofessor> aaah, die hard on tv[22:21:28] <linuxprofessor> win![22:30:32] *** haydock_ has joined #smartos[22:32:04] <wesolows> a given thing is not supported not because Joyent doesn't care to do it, but because no one does.[22:32:33] <wesolows> it's not like we have veto power over this stuff.[22:32:54] *** haydock has quit IRC[22:33:17] <linuxprofessor> ofc not, but i just guess that's why you didnt do it[22:34:32] <wesolows> it's ill suited to high tenancy, yes. and really would only even potentially be interesting for NICs anyway.[22:35:42] <linuxprofessor> i'd miss crossbow, though[22:38:02] *** Tabrenus has joined #smartos[22:45:28] *** jdefelice has joined #smartos[22:45:47] <konobi> linuxprofessor: hope[22:45:50] <konobi> um[22:46:20] <linuxprofessor> still got hope, yeah. the mayans were wrong, we're still here :p[22:46:37] <konobi> linuxprofessor: not only does the hypervisor have to support it, but so does the CPU AND the mainboard AND the device bus[22:46:54] <rmustacc> Not that hard.[22:47:04] <rmustacc> Most new things support it.[22:47:22] <konobi> seems like there's not too many mainboards with iommu[22:47:46] <linuxprofessor> isn't it the 790FX chipset that's needed for iommu?[22:47:47] <konobi> and linux kvm doesn't support using graphics devices via VT-d[22:47:51] <linuxprofessor> or something like that[22:49:05] <rmustacc> If you have VT-d support you have an iommu.[22:49:07] <rmustacc> It's on die.[22:49:35] <rmustacc> At least, IIRC.[22:49:36] *** Webhostbudd has joined #smartos[22:50:21] <linuxprofessor> i was thinking of amds iommu implementation[22:50:34] <arekinath> linux kvm does support graphics devices with vt-d, there are just lots of gotchas[22:51:23] <arekinath> I have seen it working with my own eyes. ;)[22:51:59] <konobi> pci passthrough? or vt-d?[22:52:51] <arekinath> vt-d I'm pretty sure, but I didn't set it up, so I could be wrong[22:53:06] <arekinath> it took a few weeks to get the config just right[22:54:28] <arekinath> and shutting down the vm made the graphics card unuseable from then on[22:54:29] <rmustacc> PCI pass through is implemented in terms of vt-d.[22:54:38] <arekinath> and lots of other silliness[22:55:34] <arekinath> it's easy to do a graphics card that isn't the primary boot one I think[22:55:51] <arekinath> but the boot one is very tricky[23:04:46] *** jim80net has quit IRC[23:09:19] *** bens1 has joined #smartos[23:09:43] *** Tabrenus has quit IRC[23:10:57] *** mamash has joined #smartos[23:13:41] *** bens1 has quit IRC[23:25:08] *** jamesd has joined #smartos