STATUS updates
Some links of interest:
Simple fix, but otherwise aggravating to the uninitiated. Because I have heavily tweaked the mount options, den-create-image apparently doesn't know to set a particular filesystem option on creation, so we need to take care of it manually.
Basically, run on the VM server, on the domU disk image file:
sokraits:/xen/images# tune2fs -o journal_data_writeback ./my_vm.disk
Bam! Done. Good to go.
I discovered a new method for pulling off a RAMdisk-based system:
debirf.
Looks like I may have to spend some quality time on LDAP; in the meantime, here are some potentially useful links:
I finally took the plunge and explored configuring various systems on boot to copy from the boot drive into a tmpfs ramdisk. Turns out it was incredibly easy.
Followed the instructions located here:
And have successfully switched over sokraits, halfadder, data1, and data2 to this configuration.
As a further step, I have already looked into and implemented a solution using rsync to copy changed data back to the boot drive every so often (currently every 4 hours) from a cron job.
crontab logic (on all converted systems) is as follows:
12 */4 * * * (mkdir -p /tmp/sda1; mount /dev/sda1 /tmp/sda1; rsync -av --one-file-system / /tmp/sda1/; umount /tmp/sda1)
Very impressed, and pleased (this has been a long-standing feature I've wanted to see implemented).
URL: https://help.ubuntu.com/community/HighlyAvailableNFS
Also rigged up the following symlinks on data1/data2:
So we're a step closer to high availability.
The /etc/rc.local files on both systems appears as follows:
#!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. #/sbin/drbdadm up lair_data #/sbin/drbdadm primary lair_data #/sbin/ifconfig eth0:1 inet 10.80.1.3 netmask 255.255.255.0 up #/sbin/ifconfig eth1:1 inet 10.80.2.3 netmask 255.255.255.0 up #/etc/init.d/nfs-kernel-server stop #/etc/init.d/nfs-common stop #/bin/mount -t ext4 /dev/drbd0 /export #/etc/init.d/nfs-common start #/etc/init.d/nfs-kernel-server start exit 0
The big remaining TODO on data1/data2 is to rig up the repository web server so mirror can be back online for both LAIR-local packages, and also to serve apt-mirror copies of the debian repository (need to start resyncing that too).
I discovered a potential snag with my RAMdisk operations: kernel updates. Specifically, they try to update grub, and update-grub is none too pleased with the root device not being the hard drive.
So, I hacked up a manual work around (hopefully grub is smart enough to “just work”– note that any significant kernel changes will require more editing of the grub config, as the entries will not be going in automatically anymore):
In /etc/kernel/postinst.d/zz-update-grub, I simply add the following line near the top (before any real processing takes place):
exit 0
Simple and effective.
Then, to clear up any package update errors, I just run dpkg -a –configure and they iron themselves out.
The other trick is I re-generate the RAMdisk initrd:
halfadder:~# cd /usr/share/initramfs-tools/scripts halfadder:/usr/share/initramfs-tools/scripts# cp -f local.ramdisk local halfadder:/usr/share/initramfs-tools/scripts# mkinitramfs -o /boot/initrd.img-ramboot halfadder:/usr/share/initramfs-tools/scripts# cp -f local.bak local halfadder:/usr/share/initramfs-tools/scripts#
Again, if it is just a minor version bump (this case was 3.14.13 to 3.14.15, which doesn't impact the current kernel/initrd file naming), it will hopefully “just work”… if it is a more significant update (3.14 to 3.15, for example), we will have to edit the grub config and add pertinent entries.
To by delight, someone has ported nullmailer to jessie! So I can now resume collecting cron job outputs from all my systems.
Once again I found myself rediscovering the process of starting a new semester. Following will be an attempt at documenting the necessary steps:
At this point we should be all set.
Seems I had the node-to-node authentication wrong, which was preventing the establishment of communications. I commented it out and things lit up just fine.
A recent aptitude upgrade brought in Xen 4.4… among other things, 'xm' has been disabled, and although I could re-enable it, 'xl' is purportedly the future, so I am going to take the opportunity and start using that.
So far, the only file of note I have changed (and I'm actually not even sure it was necessary), was /etc/default/xen, which I have as follows:
sokraits:~# cat /etc/default/xen # Configuration for Xen system # ---------------------------- # There exists several tool stacks to configure a Xen system. # … # Attention: You need to reboot after changing this! TOOLSTACK=xl
I also added (again, is it necessary? It claims to be the default) the following to /etc/xen/xl.conf:
device_model_version="qemu-xen"
I did have to install qemu-system-x86-64 in order to get VMs up and running on the Xen 4.4 server. Without it, I was experiencing:
libxl: error: libxl_dm.c:1233:libxl__spawn_local_dm: device model /usr/lib/xen-4.4/bin/qemu-dm is not executable: No such file or directory libxl: error: libxl_dm.c:1371:device_model_spawn_outcome: (null): spawn failed (rc=-3) libxl: error: libxl_create.c:1186:domcreate_devmodel_started: device model did not start: -3
I found this link to be marginally helpful in solving the issue:
Some students were experiencing issues when dealing with secure http (https), some messages were claiming some lack of certificates.
After some checking, it seemed I was indeed lacking some common certs. I installed the ca-certificates package and this seemed to resolve the issue.
I also installed openssl on lab46.
Seems a config change I made a while back is actually working…
lab46:/etc/apt/apt.conf.d# cat 73_tmp DPkg::Pre-Invoke {"mount -o remount,exec /tmp";}; DPkg::Post-Invoke {"mount -o remount /tmp";}; lab46:/etc/apt/apt.conf.d#