|
Potato Salad posted:Also, block spiceworks at your edge
|
#
?
Jun 19, 2018 12:16
|
|
|
|
| # ? Apr 27, 2024 11:25 |
|
|
Mr Shiny Pants posted:Regular KVM with Virtual Machine manager also works pretty well. Yes, this is pretty much ideal for a single node.
|
|
#
?
Jun 19, 2018 14:36
|
|
|
I used wok/kimchi on top of my kvm for a while so I could more easily do remote work with my VMs, it's not bad for a real simple VM manger but development seems to have stalled and it's missing some features I needed. It doesn't have any support for setting CPU passthrough flags or modes so I was still using virsh edit on my machine XMLs if I needed to do things like enable nested virtualization.
|
|
#
?
Jun 19, 2018 15:56
|
|
|
evol262 posted:I'm actually the maintainer of oVirt Node and oVirt Appliance, so I can speak to this... This is really good insight, thanks for the information! I've been testing my hacked node setup but I'll probably blow it away and go one of your suggested routes just to see what that looks like. Thanks everyone who's replied so far. I think in light of everything I've looked at, what I'll probably try to do instead of switching off of VMware right now is to look at ways to automate my provisioning outside of VMware's template functionality. If I can use ansible to script a deployment then it's going to probably achieve the same results, and it'll let me maintain continuity across my systems for when I decide I want to change settings around. Instead of monkeying with the template and every live VM I have I'll just push some changes and let everything reconfigure itself. Meanwhile, while I learn that I'm still going to keep monkeying with oVirt and Proxmox because I am actually pretty interested in alternate offerings -- from a curiosity perspective.
|
|
#
?
Jun 19, 2018 19:40
|
|
|
I'm not real familiar with VMware templates, but I do know that ansible can be finiky about deploying actual resources. I usually use ansible to configure the resource once it's deployed but use something else to provision the resource itself. It looks like terraform offers a VMware provider, if you know terraform that might be worth checking out: https://www.terraform.io/docs/providers/vsphere/index.html Hell, even if you don't know terraform it might be worth checking out, it's a pretty cool tool - it could be totally unsuited for what you're looking to do but if not it's quick to learn.
|
|
#
?
Jun 19, 2018 21:12
|
|
|
It's legitimately terrible software, but ManageIQ is maybe the best cross-platform solution for this. Terraform is great if you're VMware/Openstack/  , but ManageIQ works with basically everything.
|
|
#
?
Jun 19, 2018 21:25
|
|
|
We have a pair of ESX 5.1 servers...I see we can upgrade straight to 6.0, but can we go straight to 6.5 or newer? Is there some big hiccup along the way that will required upgrading and then upgrading again?
|
|
#
?
Jun 27, 2018 21:27
|
|
|
Bob Morales posted:We have a pair of ESX 5.1 servers...I see we can upgrade straight to 6.0, but can we go straight to 6.5 or newer? Is there some big hiccup along the way that will required upgrading and then upgrading again?
|
|
#
?
Jun 27, 2018 23:21
|
|
|
I kind of love the irony that, for once, a company can be assed to keep up to date documentation (the HCL) that is extremely helpful and valuable. But the implementation just stagnates and YOLOs out bad upgrades with no regard for reality.
|
|
#
?
Jun 28, 2018 01:47
|
|
|
Yikes, didn't realize the older R620s I have stopped at 6.7 Edit: Dropped at 6.7, so 6.5 is the latest. I am dumb. Moey fucked around with this message at 04:22 on Jun 28, 2018 |
|
#
?
Jun 28, 2018 04:02
|
|
|
Moey posted:Yikes, didn't realize the older R620s I have stopped at 6.7
|
|
#
?
Jun 28, 2018 04:07
|
|
|
Veeam 9.5 U3 is out. This is the vSphere 6.7 compatibility patch.
|
|
#
?
Jun 28, 2018 04:15
|
|
|
anthonypants posted:6.7 was literally just released. I am aware, you think the HCL will expand as 6.7 matures more? Edit: Dropped at 6.7, so 6.5 is the latest for them. I type good. Potato Salad posted:Veeam 9.5 U3 is out. This is the vSphere 6.7 compatibility patch. I have been doing testing on the RTM of 9.5 U3a. It wasn't directly available as of last week, but support would hand out links for it.
|
|
#
?
Jun 28, 2018 04:20
|
|
|
Hrmm we have a 620 and a...430?
|
|
#
?
Jun 28, 2018 04:35
|
|
|
Moey posted:I am aware, you think the HCL will expand as 6.7 matures more? Have a feeling we've been in the same veeam thread. Bob Morales posted:Hrmm we have a 620 and a...430? It sounds like you have an upgrade quote to negotiate.
|
|
#
?
Jun 28, 2018 04:43
|
|
|
Potato Salad posted:Have a feeling we've been in the same veeam thread. Heh, yeah. Good to see that Gostev guy is still there/active after all these years.
|
|
#
?
Jun 28, 2018 04:47
|
|
|
Docjowles posted:I kind of love the irony that, for once, a company can be assed to keep up to date documentation (the HCL) that is extremely helpful and valuable. But the implementation just stagnates and YOLOs out bad upgrades with no regard for reality.
|
|
#
?
Jun 28, 2018 04:47
|
|
|
adorai posted:luckily for me I was smart enough to install in test before prod, so my lack of reading and comprehension did not cause more than an hour of being pissed at myself. Why it would continue is just all kinds of wrong though.
|
|
#
?
Jun 28, 2018 07:35
|
|
|
I didn't even realize R620 was off the HCL for 6.7 before I upgraded. Thankfully no ill effects 
|
|
#
?
Jun 28, 2018 15:55
|
|
|
Don't they expand the HCL whipe continue doing testing on new versions, or is that it once launched?
|
|
#
?
Jun 28, 2018 17:00
|
|
|
Moey posted:Don't they expand the HCL whipe continue doing testing on new versions, or is that it once launched? Can't answer that directly, but frankly you did be asking your vendor about compatibility anyway. I've encountered "Yes this is on the HCL....but....." before where X manufacturer's lab encounters trouble with something that gets validated but remains a little painful.
|
|
#
?
Jun 28, 2018 17:18
|
|
|
Like adorai said above, they discontinued support for certain processors with 6.7. Start there.
|
|
#
?
Jun 28, 2018 17:20
|
|
|
Well, poo poo. I was just about to buy an R720 to put the Grid K2 in and play with, but looks like it's not on the HCL for 6.7.
|
|
#
?
Jun 28, 2018 19:01
|
|
|
Potato Salad posted:Can't answer that directly, but frankly you did be asking your vendor about compatibility anyway. I've encountered "Yes this is on the HCL....but....." before where X manufacturer's lab encounters trouble with something that gets validated but remains a little painful. Good call, I wasn't sure on the whole process of getting stuff on the HCL. And those R620s came out in 2012 as well. I guess they are pretty long in the tooth. I'll still reach out to harass my Dell rep. I have 5 of these things floating around currently.
|
|
#
?
Jun 28, 2018 19:25
|
|
|
It's always fun when you don't read the HCL and upgrade to a release that doesn't support the NIC you're using
|
|
#
?
Jun 28, 2018 19:29
|
|
|
H2SO4 posted:Well, poo poo. I was just about to buy an R720 to put the Grid K2 in and play with, but looks like it's not on the HCL for 6.7. Just use 6.5? There isn't anything in 6.7 that's going to be groundbreaking for Grid. Hell Horizon and Citrix just now got upgraded to support 6.7... not sure what you planned on your presentation layer was going to be, but you're probably better off sticking with something that's baked for a while like 6.5 anyway.
|
|
#
?
Jun 28, 2018 19:44
|
|
|
TheFace posted:Just use 6.5? There isn't anything in 6.7 that's going to be groundbreaking for Grid. Hell Horizon and Citrix just now got upgraded to support 6.7... not sure what you planned on your presentation layer was going to be, but you're probably better off sticking with something that's baked for a while like 6.5 anyway. Yeah it's not really a gigantic deal, just a bit sad that a new purchase is something that's already off the HCL. This will likely end up being the only ESXi box in the lab anyway so not being on the latest and greatest shouldn't be a big deal anyway.
|
|
#
?
Jun 28, 2018 19:51
|
|
|
Anyone know if this KB article also applies to 6.0.x? I'm pretty sure we just experienced exactly this issue - one VM went unresponsive, then the entire host freaked out and we ended up pulling power from it because no shutdown options (for guests or the host itself) were actually working. However, we're on 6.0 and the KB article says applies to 5.5.x and 6.5.x.
|
|
#
?
Jun 28, 2018 21:32
|
|
|
H2SO4 posted:Yeah it's not really a gigantic deal, just a bit sad that a new purchase is something that's already off the HCL. This will likely end up being the only ESXi box in the lab anyway so not being on the latest and greatest shouldn't be a big deal anyway. Unless you're dead set on using ESXi, if all you want to do is play around with vGPU you could go the XenServer route. I believe a R720 would still be on their HCL for the latest version.
|
|
#
?
Jun 29, 2018 15:12
|
|
|
Also, I forgot earlier when I was posting about XenServer, but there's a free community rebuild called XCP-ng. It comes with all features unlocked and is (supposedly) fully interoperable with Citrix' commercial version. So that's a decent home lab option. https://xcp-ng.org/
|
|
#
?
Jun 29, 2018 15:59
|
|
|
I'm tired so I'm sure I'm just doing something stupid or forgetting something obvious here, but all of a sudden I can't remember how to handle docker ports. I'm trying to run this docker container, like so: code:code:
|
|
#
?
Jun 29, 2018 20:15
|
|
|
Thermopyle posted:I'm tired so I'm sure I'm just doing something stupid or forgetting something obvious here, but all of a sudden I can't remember how to handle docker ports. No. -p 8080:12492 is saying to nat any traffic destined to 8080 on your host to :12492 in your container. That means two things would try to listen to 8080 on your host.
|
|
#
?
Jun 29, 2018 20:17
|
|
|
pre:-p=[] : Publish a container᾿s port or a range of ports to the host
format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort
Both hostPort and containerPort can be specified as a
range of ports. When specifying ranges for both, the
number of container ports in the range must match the
number of host ports in the range, for example:
-p 1234-1236:1234-1236/tcp
When specifying a range for hostPort only, the
containerPort must not be a range. In this case the
container port is published somewhere within the
specified hostPort range. (e.g., `-p 1234-1236:1234/tcp`)
(use 'docker port' to see the actual mapping)
|
|
#
?
Jun 29, 2018 20:18
|
|
|
you know, i read that doc on -p several times besides posting and still never realized where I'd messed up. I think I'll go take a nap.
|
|
#
?
Jun 29, 2018 20:22
|
|
|
Hello vm thread. I'm tracking an issue with my vsphere setup (6.5 u1) and my linux instances deployed through it. I've noticed after a while that they'll just begin to wreak havoc on the stability of the host, requiring a bounce. They're AWS VMs for storage gateway VMs from amazon, one for files and one for iSCSI. After about a month if the VMs are not rebooted, they'll stop responding to all functions (graceful reboot, hard shutdown, etc). The issue follows the instances and they're separated on different hosts. I can't vmotion the guest away, either. Any ideas to mitigate this behavior so i don't have to reboot the hosts? I've never seen this in my windows guest so i'm at a loss. I should also note that i'm just administering the vsphere and not really certified in it to deep dive.
|
|
#
?
Jul 2, 2018 19:18
|
|
|
Hot money is on some dipshit using a signed into to count milliseconds since something started, which overflows in about 24 days (after which the bad code will probably check it 1000000 times a second and spinlock). If you only have one vCPU, add another and check after a month whether it's 100% CPU. Then strace the offending process and smack the dev. Or set a watchdog to kdump the thing if this happens, and look at the dump to figure out what happened
|
|
#
?
Jul 2, 2018 19:50
|
|
|
evol262 posted:Hot money is on some dipshit using a signed into to count milliseconds since something started, which overflows in about 24 days (after which the bad code will probably check it 1000000 times a second and spinlock). That's quite exactly the time I keep getting between failures on an oracle system Thanks oracle
|
|
#
?
Jul 2, 2018 23:41
|
|
|
I don't have an Oracle support contract at this job, but this was literally an Oracle bug in 10.5.14 or something 10. I found exactly this (on physical hosts, so no problems connecting, since there were free CPUs). After helplessly looking at logs the first few times, it got escalated to me. I installed strace (on a production consumer banking host  to troubleshoot)But really, this is a live Oracle bug (or was, 5 years ago), which is why I thought of this. Search their kbase for something like "gettimeofday cpu" and see if you need to patch
|
|
#
?
Jul 3, 2018 01:06
|
|
|
Inside of a container, do you still need to run public facing services like haproxy or nginx as unprivileged users, or is it fine to run them as a normal ubuntu user? Chroot directives are extraneous as well right?
Methanar fucked around with this message at 08:19 on Jul 3, 2018 |
|
#
?
Jul 3, 2018 08:17
|
|
|
|
| # ? Apr 27, 2024 11:25 |
|
|
Methanar posted:Inside of a container, do you still need to run public facing services like haproxy or nginx as unprivileged users, or is it fine to run them as a normal ubuntu user? Chroot directives are extraneous as well right?
Depending on what you're doing, these may be totally unnecessary; unless you explicitly run with --privileged, Docker will create a capability bounding set that does not include the capabilities to do most dangerous operations as root. I think this list of capabilities dropped by Docker is probably out of date, but it's the best I was able to quickly find.
|
|
#
?
Jul 3, 2018 11:11
|
|
