   March 26, 2013  
[01:58:32] <AlainODea> Hash anyone seen a segmentation fault with dnsmasq?  I can't get it to start
[04:02:21] <jdb> I'm building a small NAS (8GB RAM, single 6x2TB raidz2 zpool) and looking to run Netatalk within a zone. As the zone will only handle afp, I'd like to set a fairly conservative memory cap (256MB). However, I've read that ZFS likes to have >4GB for optimal performance. If I add a file system to the zone from the main zpool, will ZFS perform like a machine with only 256MB of RAM, or will it take advantage of the extra memory from the
[04:02:22] <jdb>  global zone?
[04:08:12] <arai> jdb: The ARC resides in the kernel, so it wont be limited by the memory constraints of a given zone
[04:09:16] <jdb> arai: great to know, thanks for the input
[04:10:22] <arai> jdb: You're welcome, I've been researching the heck out of zfs for the past few weeks trying to tack down some performance bugs with my hardware, please let me know if you have any additional questions.
[04:12:59] <jdb> arai: how to you prefer to expose storage to a zone? I've seen a few different methods: delegate dataset, as zfs file system, as lofs file system, as NFS.
[04:19:50] <arai> jdb: They both work, but there are pros and cons to each approach.  Delegate dataset is nice if you want to compartmentalize the management of zfs datasets within the zone (which makes a lot of sense if you have customers), but it appears to break features, namely zone snapshots (according to the vmadm man page).  lofs is nice if you want to more cleanly compartmentalize your data from your zone, but management could get out of hand quickl
[04:22:12] <arai> I'm trying to use SmartOS in the NAS/small VM server space as well, and I'm really up in the air as to which approach I prefer.  On one hand I really like the idea of snapshot management being outside the scope of the zone.  On the other hand, I have to be in my GZ to actually manage snapshots
[04:31:44] <ChrisPartridge> arai: I've just been using fifo for snapshots/reboots etc, seems to work well
[04:32:23] <arai> Glad to hear it's been working out for you
[04:32:28] *** ipalreadytaken has joined #smartos
[04:32:45] <Licenser> ChrisPartridge cool to hear :D
[04:32:53] <jdb> arai: that's good to know about breaking features, and I agree on the give-and-take with where to manage your snapshots. more and more delegated dataset isn't for my use-case. I would hate to end up putting a few TB in a delegated dataset and find out I need to get the data out because I made the wrong decision
[04:34:20] <arai> jdb: Been there, done that :-p
[04:35:42] <jdb> I thought I read in an irc chat log that if you delegate administration to a zone, then destroy the zone, you can't recover the data easily, perhaps due to the zoned bit *shrug*
[04:36:18] <arai> I've been trying to track down the cause of a write performance issue for almost a week.  Found it when I was moving data between into a delegated dataset
[04:37:05] <arai> Umm, if you destroy the zone, you'll be destroying the dataset as well iirc
[04:38:32] <jdb> that makes sense from the security best-practices I've read, also give you have to have the mountpoint as legacy, ie. not mountable in the GZ
[04:39:44] <arai> jdb: When you mount delegated datasets into your zone root, they become visible in the GZ directory tree
[04:40:00] <arai> /zones/(uuid)/root/wherever/you/mounted/them
[04:42:35] <arai> the zoned attribute is turned on though, http://docs.oracle.com/cd/E19082-01/817-2271/gbbre/index.html
[04:49:59] <jdb> arai: good link, thanks.
[07:16:56] <jesse_> apparently someone still cares about encryption,
[07:17:11] <jesse_> http://www.prweb.com/releases/2013/3/prweb10543370.htm "iXsystems Debuts Exclusive ZFS Encryption Feature in FreeNAS 8.3.1"
[07:17:50] <jesse_> not sure what that 'exclusive' means there as solaris 11 already has it and theirs is open source
[07:49:19] <Daemonik> When I attempt to create a VM with the KVM image I created, I get "Invalid value(s) for: disks.0.image_uuid"
[07:49:27] <Daemonik> Has any one else attempted to create their own KVM image?
[07:50:34] <jperkin> paste your json somewhere
[07:51:32] <Daemonik> http://pastebin.com/raw.php?i=xpY3PVaY jperkin
[07:52:12] <jperkin> and imgadm list shows b843a0e3-0cba-4c37-bb01-11eb4af66ff7 ?
[07:52:39] <jperkin> also, make sure you can imgadm info b843a0e3-0cba-4c37-bb01-11eb4af66ff7, as I hit something weird over the weekend where an image would install but not be available
[07:52:47] <Daemonik> Exact line: b843a0e3-0cba-4c37-bb01-11eb4af66ff7  centos6-base  2013-03-21_01  CentOS 6.4  2013-03-21T19:45:00Z
[07:59:13] <jperkin> if you want to compare notes then https://gist.github.com/jperkin/5243605 is the complete instructions and files I used to successfully create a NetBSD image
[07:59:41] <Daemonik> I realize now that my mistake was not testing the image after I had first set it up.
[08:00:25] <jperkin> things to check are that you have all the necessary sections in your image json (I based mine on the latest ubuntu 12.04), and that all the values are in a standard format - e.g. I think I ran into issues when the timespec format I was using did not include the seconds and I think that was the cause of some weird issues
[08:02:43] <Daemonik> jperkin: I definitely deviated in some fields from standard convention.
[08:03:52] <jperkin> I think with imgadm v2 a bunch of the fields changed, you can probably get away with fewer but I figured I'd copy something which already worked :)
[08:11:55] <Daemonik> jperkin: I'll have to try that tomorrow. For now I'm creating a KVM system from scratch - I promised someone a server by tomorrow morning.
[08:18:38] <Daemonik> jperkin: I'd love to take the advancements made SmartOS, Project FIFO, and make a "VMware killer" based on OmniOS ('cause when you have two $500 servers off of a UnixSurplus.com, you don't have infrastructure, they are your infrastructure)
[08:22:23] <jperkin> what does omnios have that you are missing in smartos for that purpose? the focus of smartos is precisely on being a hypervisor so if that's your requirement then we'd hope to be the best choice.
[08:24:27] <Licenser> jperkin you are ;)
[08:25:29] <jperkin> Licenser: morning, pity you couldn't make pkgsrccon
[08:25:51] <Licenser> jperkin yes :( totally
[08:26:56] <Daemonik> jperkin: OmniOS can be installed to disk. I suppose the diskless boot thing could work with only two nodes, but in a small-business environment I don't want to leave the boot medium exposed.
[08:27:38] <Daemonik> jperkin: I honestly need a new job, when the issue of the need for a UPS was raised due to a brown-out, the CEO said to find a used UPS on Craigslist. =\
[08:27:38] <jperkin> no internal usb slots?
[08:28:41] <jesse_> Daemonik, it is possible to use a disk to boot smartos, too
[08:29:00] <jesse_> (in the same way usb and dvd works, that is, read-only image)
[08:29:04] <Licenser> Daemonik for what it's worth, supporting OmniOS as a hypervisor is not on the roadmap for fifo in the foreseeable future.
[08:29:05] <Daemonik> jperkin: They're always there, so I expect that that would work - a "prdouctized" "vmware killer" would have to install to disk though - however the in-house IT demographic is dying thanks to Joyent (not that I'm complaining)
[08:29:52] <Daemonik> I'll disregard OmniOS then =)
[08:30:20] <jesse_> it's not optimal, but it's possible
[08:34:11] <Licenser> proapbly the simpler way to go that direction
[08:35:59] <Daemonik> How many Zones can I run until performance suffers, ten thousand? Suppose I'm a hosting company running arbitrary code and supporting arbitrary languages and I want each tenant / project in its own Zone, can I run 10,000 zones on one box?
[08:36:24] <Licenser> Daemonik I think the limit is your memory
[08:36:46] <Licenser> having 10k zones would mean taht even with 100G memory a zone would get what 10MB?
[08:36:48] <Licenser> makes little sense
[08:38:54] <arai> Daemonik: depends on your client's usage of resources
[08:38:56] <Daemonik> Licenser: We're looking at 512gb per box, users need just enough to run their code.
[08:39:50] <olafm> Daemonik: Still leaves you with only 52MB per Zone.
[08:41:26] <Daemonik> olafm: Realistically, customers will have about 1gb of RAM for the "container" (and whatever cool name we give that container) but memory will get denser - my curiosity is how well Zones scale up.
[08:41:46] <MerlinDMC> 52MB per zone but afaik some parts get shared as well so you'll probably be able to run that ... but that also depends on the resource usage for each tenant
[08:42:46] <olafm> Daemonik: I've never run more than several hundred (toy) zones on any one machine. Not sure if there are any inherent scalability issues.
[08:42:54] <Licenser> I still think the limit of zones is the least of the issue, after Memory comes CPU, after CPU comes disk IO, network io, etc
[08:42:56] <Daemonik> MerlinDMC: If each filesystem inside of a Zone is read-only and exactly the same as the original image on my zpool won't each filesystem in each zone be already cached (and only one time) by ZFS?
[08:43:11] <Daemonik> Licenser: That's good to hear.
[08:43:21] <arai> Unless illumos has modified it, there's a theoretical cap of 8192 zones per kernel instance, ie physical machine
[08:43:44] <arai> since there is one zone per kvm instance, that'd be the limit of both KVMs and zones
[08:43:53] <MerlinDMC> Daemonik, yeah ... but also the shared pages for some daemons running can get shared afaik
[08:43:55] <Daemonik> arai: Theoretical or theoretically in a header file somewhere? :-P
[08:44:08] <arai> Daemonik: theoretical as in I just googled it
[08:44:34] <MerlinDMC> Daemonik, and if you really want to have static environments just for web projects for example you can even strip down those zones to only run the needed daemons and eat up nearly no extra resources
[08:44:42] <arai> ZFS' clone cap is much higher than that, but yeah, your question is not specific enough to answer with a specific answer
[08:45:15] <Daemonik> MerlinDMC: That's exactly what we'd do - shared pages . .  that sounds interesting
[08:45:48] <Daemonik> arai: I'll see you back in this channel before we run our 8192nd zone on any boxes.
[08:46:45] <arai> Does Illumos support page sharing between zones?  I remember reading that wasn't supported
[08:47:21] <rmustacc> We don't do what is referred to as ksm.
[08:47:33] <rmustacc> But that's where you don't have real notion of the memory pages with guests.
[08:47:37] <Daemonik> rmustacc: I'd LOVE if you did.
[08:47:43] <rmustacc> Where as with os virt zones, you can.
[08:48:00] <arai> rmustacc: Ah, that makes sense
[08:48:04] <rmustacc> MerlinDMC: While not broadly supported you can use the joyent-minimal brand.
[08:48:36] <rmustacc> Daemonik: Well, are you running KVM or something else?
[08:48:39] <Daemonik> rmustacc: Yes to KSM with virt zones? You mean I can run 10 CentOS instances and save on RAM?
[08:48:57] <rmustacc> No, that you can't.
[08:49:03] <Daemonik> rmustacc: Yeah I have to support CentOS where I presently work (DevOps -ish role)
[08:49:03] <rmustacc> Not with kvm guests.
[08:49:21] <Daemonik> rmustacc: Ah I mis-read "with os virt zones", missed the "os"
[08:49:25] <rmustacc> But as for your piling on 8k zones, you'll probably run out of useful cpu.
[08:50:07] <Daemonik> rmustacc: I believe I overshot my question - I just want to know that I'm not insane for "one web customer = one zone"
[08:50:07] <rmustacc> But the current limit that's there is just a number, it can be increased.
[08:50:42] <rmustacc> Not necessarily, no.
[08:50:48] <rmustacc> Depends what you're selling the customer.
[08:51:11] <rmustacc> Certainly when Joyent was running no.de that's what we did.
[08:51:13] <rmustacc> But there was no kvm there.
[08:51:48] <rmustacc> But KVM hurts if you try to drive up the tenancy.
[08:52:44] <Daemonik> rmustacc: At what point does it hurt - or what activity will make KVM tend to hurt more?
[08:52:57] <rmustacc> Hardware virt is just more expensive than OS virt.
[08:53:02] <rmustacc> Just the nature of what you're doing.
[08:53:04] <rmustacc> It's more overhead.
[08:54:45] <Daemonik> rmustacc: I see. Rackspace does their whole "fanatical support" thing, I'm scouring the Joyent site and not finding what I'm looking for . . is Joyent ever hiring Systems Administrators?
[08:55:25] <rmustacc> I'm not in that part of the company, so I don't know.
[08:55:36] <rmustacc> What are you trying to find on the web site that you're not finding?
[08:56:16] <Daemonik> rmustacc: "jobs" - "Systems Administrator, wanted".
[08:58:05] <arai> Due to the nature of their architecture I doubt they'd have many systems administrators
[08:58:19] <Daemonik> arai: iknorite?
[08:58:19] <MerlinDMC> Daemonik, deirdre is posting job offers on twitter/blog when available afaik
[08:59:00] <rmustacc> I only really know about what's going on in engineering.
[09:03:17] <MerlinDMC> rmustacc, and what exciteful new things will be released this year? :)
[09:14:31] <arai> I'm holding out for better support for random esoteric sata controllers, though I'm just guessing, as my benchmarks haven't completed yet
[09:17:36] <Licenser> holding out?
[09:23:06] <arai> Licenser: I'm getting over 400MBps sustained reads off of a FreeBSD zfs pool vs 142MBps from SmartOS.  Been trying to isolate it for the last few days
[09:25:17] <arai> write performance issues were what started my search, but I don't want to say anything about it until I have numbers together
[09:25:53] <Licenser> makes sense
[09:28:34] <arai> It sucks, because I'd much rather use SmartOS rather than FreeNAS to feed a ESX instance.
[09:29:00] <MerlinDMC> arai, smartos as iscsi host for esx?
[09:29:51] <arai> MerlinDMC: SmartOS on one machine rather than FreeNAS and ESX on two
[09:30:34] <MerlinDMC> ah ... yeah ... better ;)
[09:30:41] <arai> Much
[09:32:03] <Daemonik> Something I'd love to see in SmartOS that Linux's OpenVZ does do now is Live Migration.
[09:33:31] <MerlinDMC> Daemonik, live migration on openvz without shared storage?
[09:34:38] <Daemonik> MerlinDMC: With shared storage. KVM / Illumos can do live migration (right?), but an OS-VM Zone can not?
[09:35:25] <MerlinDMC> Daemonik, the point is ... SmartOS does not have shared storage
[09:35:33] <arai> zfs send/recv seems perfectly capable of handling the synchronization of persistent storage
[09:36:01] <MerlinDMC> Daemonik, so live migration does not work ... a cold migrate instead works without much problems
[09:36:02] <Daemonik> MerlinDMC: I would imagine that even without shared storage, OS-VM live migration could be possible. The process would start with a ZFS send | recv, then at a certain point all writes would be funneled to the the target machine. I wonder if any kernel devs in here could tell us how much work that would be.
[09:37:13] <jesse_> they
[09:37:18] <arai> Daemonik: you'd want to halt execution at the moment of snapshot.  Even OpenVZ migrations "introduces a short delay in service"
[09:37:28] <jesse_> they'll say something in the lines of "migrate at the application level"
[09:37:37] <jesse_> which is the only sane thing to do
[09:37:44] <arai> jesse_: doesn't that sort of defeat the point?
[09:37:56] <jesse_> the point of what?=)
[09:38:02] <arai> cloud computing
[09:38:13] <jesse_> no?
[09:38:26] <arai> I suppose it depends on your definition
[09:38:38] <Daemonik> arai: If I tell a customer that "between 2am and 3am tomorrow your machines may freeze for about ten seconds", that's fine, and spectacular for me if I just bought new hardware and halting their OS isn't an option.
[09:39:16] <arai> Daemonik: I'm thinking about vSphere HA
[09:39:36] <Daemonik> arai: Elaborate?
[09:41:27] <arai> Two physical hosts with the client host state replicated in a master slave configuration.  master goes down, slave picks up
[09:42:02] <arai> I could see major potential issues with synchronization
[09:42:15] <jesse_> and then both of them go down simultaneously beacuse of crappy firmware on the motherboard (channeling wesolows here)
[09:43:14] <arai> jesse_: doesn't change the fact that this is a feature of vSphere
[09:43:21] <arai> and that people do use it
[09:44:34] <Daemonik> arai: Gotta meet those SLAs when someone is paying you $2k/month to run Windows 2000 in a VM
[09:44:50] <arai> eewww
[09:45:01] <arai> HA isn't the feature I was thinking of ... one moment
[09:45:17] <Daemonik> arai: Look up VMware FT =)
[09:46:07] <arai> yeah, thats what I was thinking of
[09:49:03] <arai> "The secondary is kept in lockstep" ... wouldn't want to try that over anything that's not infiniband
[09:50:11] <arai> maybe 10g
[09:51:54] <arekinath> there have been some cute experiments with live process migration on bsd and solaris kernels over the years
[09:51:59] <arekinath> but it's really tricky business
[09:52:06] <arai> It would be interesting to use some of the ideas in zfs to handle page duplication though
[09:52:07] <arai> arekinath: I bet
[10:45:53] <ktk> anyone knows how smartos handles zones/kvms on reboot? in terms of does it check the status of the machines before the reboot and restarts only what was started?
[10:46:35] <Daemonik> ktk: whether a machine should be started or not depends on a value ("autoboot" I think) in the VM's json manifest
[10:46:45] <ktk> Daemonik: ah tnx
[10:46:56] <Daemonik> ktk: You can modify that value with vmadm update
[10:47:20] <ktk> jep did updates already, thx
[10:47:24] <ktk> will check it out
[10:47:38] <MerlinDMC> ktk, if a machine was started it will be restarted ... everytime you start a machine manually the autoboot flag is set to true
[10:48:19] <MerlinDMC> (same for stopping a machine - autoboot is set to false)
[10:48:42] <ktk> ok so when I stop it it gets set to false and it will not be restarted unless I either set autoboot or start it manually again
[10:49:01] <MerlinDMC> should be the case - yeah
[10:49:12] <ktk> ok that's what manpage hints as well, tnx guys
[10:55:03] <theup> Good morning... I've been trying to add a custom service manifest. After running 'svcadmin restart manifest-import', most of the services are suddenly marked as offline. 'svcs -xv' returns:
[10:55:05] <theup> svc:/system/filesystem/usr:default (read/write root file systems mounts)
[10:55:05] <theup>  State: offline since Tue Mar 26 10:51:22 2013
[10:55:05] <theup> Reason: Dependency svc:/system/boot-archive is absent.
[10:55:05] <theup>    See: http://illumos.org/msg/SMF-8000-E2
[10:55:05] <theup> Impact: 44 dependent services are not running:
[10:55:11] <theup> Has anyone seen this one before?
[10:56:24] <Arai> theup: not I, and I think everyone else is asleep
[10:57:03] <theup> Arai: Probably, but I thought it was worth a shot anyway :)
[10:57:04] <jesse_> theup, I think your manifest depends on some services that are not really needed on smartos
[10:57:13] <Arai> Guess not
[10:57:30] <MerlinDMC> i never restarted the manifest-import ... i always reboot or just import each newly created manifest manually
[10:57:47] <theup> My own manifest only depends on the network milestone
[10:58:07] <theup> I've restarted the service a couple of times before, never acted up so far...
[10:59:07] <theup> Question at hand is: How to I get my services back up? boot-archive being marked 'absent' seems kinda bad to me
[11:02:19] <Arai> Update for people following my IO issue: I've reviewed the iozone reports and it's quite a landslide in BSD's favor.  I'll post them if anyone wants to see.  Current theory is that it could be related to SmartOS's handling of the on-board sata controller, or perhaps having to do with SmartOS/ZFS throttling IO for a single process.  I'll be testing on SmartOS later today
[11:03:48] <Arai> I wouldn't be surprised if it's the second one of those, seems like it's a very smart thing to do in a hypervisor, just wish it wouldn't bother with no other io pressure in the system
[11:05:12] <jesse_> Arai, there was some bug report(?) about slower-than-expected io, I think
[11:05:34] <simong> Is there a free -m equivalent for smartos for dummies like me?
[11:08:26] <Arai> jesse_: I didn't see anything like that last week, link?
[11:08:57] <jesse_> Arai, https://github.com/joyent/smartos-live/issues/160
[11:09:39] <jesse_> try the "set the I/O priority of one zone to 100000000 as above" trick?=)
[11:10:11] <Arai> iirc, I ran the benchmark in the gz, hopefully avoiding any of the zone throttling elements
[11:11:01] <Arai> or did I?
[11:11:02] <Arai> sigh
[11:11:08] <arekinath> simong: you could try sm-meminfo [rss|swap] if you have a reasonably new zone ds
[11:11:39] <simong> ah sweet
[11:11:47] <Arai> I know I noticed it while performing a copy in the gz
[11:12:08] <simong> Thanks arekinath!
[11:12:11] <jesse_> no idea if throttling applies in gz
[11:12:11] <Arai> don't know for a fact that I benchmarked in the gz though
[11:14:11] <Arai> Definitely worth a try, thanks for the find
[11:15:58] <jesse_> if you get the same effect, you should probably add comments there
[11:16:15] <Arai> I think I will either way
[11:18:40] <Arai> Looks like the best lead I've seen on the topic so far this week
[11:18:55] <Arai> Damn, I guess I didn't need to learn this much about zfs
[11:23:31] <Arai> I had this on my list of things to check: http://www.youtube.com/watch?v=a6AJxAYmP-M
[12:30:46] <Jadelrab> I'm running smartos under vmware with bridged network to my wireless but I don't have any connection from smartOS .. ifconfig -a only brings 2 lo0 lines
[12:30:55] <mikl> hmm, I've set PasswordAuthentication no in my sshd_config file and restarted SSH, but it still asks for a password if ssh key auth fails?
[12:34:14] <jesse_> mikl, does it let you login with the password?
[12:34:59] <mikl> jesse_: well, on other unix'es, if SSH is configured to not accept password login, it doesn't even ask
[12:35:59] <MerlinDMC> Jadelrab, and your /usbkey/config file is OK (correct mac for the admin interface) ?
[12:36:16] <jperkin> Jadelrab: have you changed settings since installing? admin_nic might no longer match
[12:38:11] <Jadelrab> MerlinDMC, jperkin well I just used the vmware image from smartos.org .. booted it up and didn't change anything
[12:39:12] <MerlinDMC> and you bootet the first grub entry ... not the noinstall one?
[12:39:48] <Jadelrab> MerlinDMC, yes and used dhcp in the network settings
[12:40:11] <Jadelrab> MerlinDMC, then rebooted, chooses the second option logged in with root
[12:40:24] <jperkin> ah no, don't choose second one
[12:40:30] <MerlinDMC> you don't use the second option for normal boot up
[12:41:19] <Jadelrab> jperkin, MerlinDMC .. ok rebooted now and picked the first option
[12:44:21] <Jadelrab> jperkin, MerlinDMC .. it seems working, but keeps throwing error getOptRdata - unknown opt 4  ..
[12:44:39] <jperkin> ignore those
[12:45:04] <jperkin> that's just some multicast dns spam
[12:45:25] <jperkin> but at least confirms that your networking is now up ;)
[12:46:18] <Jadelrab> jperkin, yup google is alive ;)
[12:46:25] *** ipalreadytaken has joined #smartos
[12:46:27] <Jadelrab> thanks jperkin , MerlinDMC
[12:47:28] <Jadelrab> btw, jperkin .. your blog was really helpful for me to find my way around the switch to smartOs from linux .. keep up the good work
[12:47:45] <jperkin> np
[12:51:26] <MerlinDMC> Jadelrab, if you have a mac on the network ... don't look at the server console you'll see a lot of those mdns errors
[12:53:01] <Jadelrab> MerlinDMC, gotcha .. fired up my iterm and ssh-ed already .. thanks a million :)
[14:16:32] <khushildep> when link aggr coming to SDC btw?
[15:41:10] <MerlinDMC> jperkin, do you have a pksrc pointer for me? ... I try to build a pure-ftpd package and want to add a smf manifest?
[15:43:29] *** ahaydock has joined #smartos
[15:43:51] <jperkin> MerlinDMC: set SMFBASE to a path which contains net/pure-ftpd/{manifest.xml,method}
[15:44:15] <jperkin> they will then be picked up
[15:44:42] <Licenser> hrm
[15:48:11] *** ipalreadytaken has joined #smartos
[15:50:04] <orangeroo> Anyone have a suggestion about how to convert a vmdk into a dataset using qemu-img?  My target is Smart Data Center.
[15:50:29] <orangeroo> This is the closest thing I've seen http://wiki.smartos.org/display/DOC/Migrating+from+ESXi+4.x
[15:52:11] <orangeroo> Is a dataset raw or qcow2?
[15:54:53] * orangeroo thinks it's raw
[15:55:13] *** tonyarkles has joined #smartos
[16:00:03] <kamilr> hi there
[16:00:11] <kamilr> does anyone use graphite on smartos ?
[16:02:10] *** ira has joined #smartos
[16:03:33] <jesse_> kamilr, http://www.youtube.com/watch?feature=player_detailpage&v=96PGoXHli3Q#t=3007s
[16:13:03] <Licenser> is there any usb NIc that is known to work with SmartOS?
[16:14:42] <johna-> good morning
[16:16:08] <Licenser> aloa johna-
[16:16:13] <johna-> SmartOS by definition is a stripped down system with a very specific goal in mind, and only allows logins as the root user. This of course is not ideal in an enterprise environment where we don't want sysadmins to know the root password. What is the project's goal for situations like this?
[16:16:50] <johna-> If you have a team of 10 people maintaining a bunch of SmartOS machines we don't want everyone running around with the same shared password
[16:17:07] <jesse_> add their ssh keys to authorized keys?
[16:17:33] <jesse_> or, if you have plenty of admins, setup ldap?
[16:18:12] <johna-> ldap becomes a hack though, since it is something that isn't part of the persistent state of the machine. So I'm wondering what the goal of the project is
[16:18:31] <jesse_> you can make ldap start automatically at reboot
[16:18:32] <johna-> what are the people with big shops doing?
[16:18:51] <jesse_> really big ones are probably buying joyent's SDC
[16:19:10] <jesse_> small ones might be using fifo
[16:19:19] <Licenser> :)
[16:19:27] <jesse_> really small ones updating keys
[16:19:34] <johna-> fifo?
[16:19:41] <jesse_> Licenser, if you will?=)
[16:19:59] <Licenser> fifo does not manage your logins to the GZ at all :)
[16:20:27] <jesse_> true
[16:20:33] <jesse_> but it manages vms
[16:20:40] <Licenser> yup that it does
[16:21:08] <Licenser> the user management uses a buid in permission system for that
[16:22:10] <johna-> oh fifo looks like an interesting project. something like that would mostly preclude the need for people to log onto smartos machines directly
[16:23:10] <Licenser> johna- that is one of the problems it was born out :) I share a server with 3 friends and didn't wanted to share root access ^^
[16:23:11] *** sachinsharma has quit IRC
[16:23:42] *** bixu has joined #smartos
[16:24:00] <johna-> In a way this is similar to the vmware way of doing things
[16:24:23] <johna-> we don't create accounts for people on the ESXi hosts. there is just a root password, and vCenter talks to them and does the management work
[16:25:04] <Licenser> well it's pretty much the logical step to go
[16:27:56] *** johna-- has joined #smartos
[16:28:14] <johna--> any idea on the cost for joyent sdc?
[16:28:22] <johna--> I wonder if it rivals vmware pricing...
[16:28:33] <johna--> I'm trying to find a long term replacement for our reliance on vmware
[16:28:37] *** kamilr has quit IRC
[16:29:25] <Licenser> this is depressing -.- got two wonderful laptops to test SmartOS on, even KVM supported but no network card support gaaaah!
[16:30:35] <johna--> what laptops?
[16:30:55] <Licenser> Lenovo N581
[16:31:21] <Licenser> they have a Atheros AR8161 nic which apearently SmartOS does not like very much :P
[16:32:23] <Licenser> cheated in recognizing it by adding the device ID to the other Atheros drivers but it dies some timeouts
[16:32:32] <johna--> my lab environment is generally dell optiplex boxes bought refurb
[16:33:30] <Licenser> got them the laptop for 350 euro :) was a good deal
[16:33:50] <Licenser> aside of not wokring of cause
[16:36:21] <rmustacc> Licenser: Well, are you interested in doing a bit of driver work? ;)
[16:38:12] <Licenser> rmustacc if I get a place to start I am
[16:38:23] *** alucardX has joined #smartos
[16:38:52] <Licenser> just not sure where the heck to start :P
[16:39:15] <jesse_> Licenser, http://wiki.smartos.org/display/DOC/Porting+Network+Device+Drivers+from+FreeBSD ?=)
[16:40:22] <Licenser> I actually found that one, so the information on that page is, lets say limited
[16:40:36] <jesse_> we're talking about C here
[16:40:43] <jesse_> that's more than you normally get!=)
[16:41:03] <rmustacc> Well the first question is do one of the BSDs have a driver for it?
[16:41:33] <jperkin> openbsd generally has the best wireless support
[16:41:40] <rmustacc> jperkin: This is a wired nic.
[16:41:53] <jperkin> oh I misread
[16:43:44] <mikl> hmm, I've set PasswordAuthentication no and ChallengeResponseAuthentication no in my sshd_config file and restarted SSH, but it still asks for a password if ssh key auth fails? Why?
[16:44:50] <rmustacc> PAMAuthenticationViaKBDInt needs to be set to no.
[16:45:20] <Licenser> rmustacc yea that's what I'm looking at right now
[16:45:28] <rmustacc> Licenser: Looks like the answer is they don't.
[16:46:10] <Licenser> so far I found the same, so propably means I'm stuck on that lane since I'm not too confident that I'll manage to write a driver from scratch :P
[16:46:30] <rmustacc> Well, worth checking if they have a datasheet available or not.
[16:52:00] <Licenser> https://github.com/mcgrof/alx is the closest thing to this I found
[16:52:29] <Licenser> so a linux driver -.-
[16:53:22] <Licenser> well I think its back to a USB NIC
[17:03:41] *** xmerlin has joined #smartos
[20:19:10] <Arai> good old ", bss=0x0" how I've missed you so
[20:21:31] *** enmand has quit IRC
[20:22:05] <opeth__> does anyone have experience with the lofiadm-based encrypted pool idea?
[20:31:03] *** ipalreadytaken has joined #smartos
[20:35:30] <ryancnelson> yeah, but it doesn't really usually apply in smartos, since a) it won't work for the "main" zpool (zones), and b) we don't delegate zpools to zones
[20:35:51] <ryancnelson> i suppose you might be able to put a zfs filesystem on one of those zpools, and delegate that
[20:40:53] *** AlainODea has quit IRC
[20:42:25] *** kaladis has joined #smartos
[20:47:38] *** opeth__ has quit IRC
[20:50:12] *** mamash has left #smartos
[20:56:38] <szaydel> rmustacc: I am trying to setup a build environment for smartOS and am likely going to want to build against cloned repos of Illumos-joyent and Illumos-extra. My goal is to maintain a branch where I will have my required changes, under each one of the repos, same branch name. What I am trying to figure out is how to make it most convenient for me to actually do the builds. I think if I just change the contents of configure.smartos I sh
[20:56:38] <szaydel>  able to point the build to my repositories i.e. replace GET_ILLUMOS="(git clone http://github.com/joyent/illumos-joyent illumos)" with say: GET_ILLUMOS="(git clone -b mybranchname ssh://git@internal-repos/joyent/illumos-joyent illumos)". Does this sound reasonable, or am I missing a more straight-forward way to do this?
[20:59:51] <szaydel> I don't see any git magic anywhere, so I am assuming that configure.smartos is the singular place that dictates where files are coming from. Am I correct?
[21:00:37] *** kaladis has quit IRC
[21:01:20] *** kaladis has joined #smartos
[21:14:55] <rmustacc> More or less, yes.
[21:16:54] *** notkoos has quit IRC
[21:21:38] <szaydel> Cool, thanks!
[21:22:02] <szaydel> Any suggestions for what I could be doing better, if anything?
[21:23:04] <rmustacc> None off hand. Other folks may have beter suggestions since they actually do this.
[21:24:52] <szaydel> Sounds good. Perhaps someone else will comment as well. Thanks for the feedback. :)
[21:35:31] <opeth__> eek
