Fedora 25 Workstation and Open VM Tools

December 20th, 2016 No comments

Resizing not working with gnome display manager?
vi /etc/gdm/custom.conf

Comment in/enable the line under [daemon]:
WaylandEnable=false

Categories: Uncategorized Tags:

ZFS Kernel Modules on CentOS

March 13th, 2016 No comments

When upgrading the kernel plus modules and you are using ZFS you must rebuild the ZFS modules for the new kernel after it’s installed using the following commands:

dkms install spl/0.6.5.2 -k 3.10.0-229.14.1.el7.x86_64
dkms install zfs/0.6.5.2 -k 3.10.0-229.14.1.el7.x86_64

Where 0.6.5.2 is the version of the SPL and ZFS modules and 3.10.0-229.14.1.el7.x86_64 is the version of your new kernel. I suspect you would need to do this if you recompile the kernel as well.

Categories: Server Software Tags: ,

ProxMox 4 and CentOS migration from OpenVZ

November 15th, 2015 No comments

Couldn’t use pct enter <lxcid> to get to a shell on the container. The container needs to have it’s security configuration updated.

Add the following lines to /etc/securetty

# LXC (Linux Containers)
lxc/console
lxc/tty1
lxc/tty2
lxc/tty3
lxc/tty4
Categories: Server Software Tags:

ProxMox 4 and CentOS 7 Network Not Starting

November 15th, 2015 No comments

Problem: Can’t bring up network in container. CentOS scripts would fail with error that IP address is already in use. The OS scripts on this distribution do some checking which might be environment specific to me but regardless i’m smart enough to assign IP addresses that are not already in use so this is not something want an OS failing to bring up an interface on a false positive.

I don’t know if this helps anyone else but hopefully it does. If it’s recommended that I file a bug report let me know i’m happy to do so.

Container Type: LXC
ProxMox Version 4 updated to latest w/ apt-get update && upgrade

The site (because i’m new) won’t let me post the patch file i made to fix the problem. But I can describe it so if someone else has this problem you will know what you need to do.

Solution: add 2 $data .= “ARPCHECK=no\n”; lines to /usr/share/perl5/PVE/LXC/Setup/Redhat.pm. One is for the IPV4 check, the other for IPV6. with the container OS not doing the ARP check the interfaces come up as normal and there are no problems. This was important as now I fixed the GUI/<ID>.conf network settings they would overwrite my custom config and it wouldn’t come up without this check disabled. the line was added after setting the manual IPV4/6 addresses.

Here’s the PATCH!

root@pve:~# cat Redhat.pm.patch
--- /root/Redhat.pm.old	2015-11-15 17:03:12.833740826 -0600
+++ /usr/share/perl5/PVE/LXC/Setup/Redhat.pm	2015-11-15 17:05:26.877381088 -0600
@@ -210,6 +210,7 @@
 		my $ipinfo = PVE::LXC::parse_ipv4_cidr($d->{ip});
 		$data .= "IPADDR=$ipinfo->{address}\n";
 		$data .= "NETMASK=$ipinfo->{netmask}\n";
+		$data .= "ARPCHECK=no\n";
 		if (defined($d->{gw})) {
 		    $data .= "GATEWAY=$d->{gw}\n";
 		    if (!PVE::Network::is_ip_in_cidr($d->{gw}, $d->{ip}, 4)) {
@@ -232,6 +233,7 @@
 		$data .= "DHCPV6C=yes\n";
 	    } else {
 		$data .= "IPV6ADDR=$d->{ip6}\n";
+		$data .= "ARPCHECK=no\n";
 		if (defined($d->{gw6})) {
 		    $data .= "IPV6_DEFAULTGW=$d->{gw6}\n";
 		    if (!PVE::Network::is_ip_in_cidr($d->{gw6}, $d->{ip6}, 6)) {
Categories: Server Software Tags:

ProxMox 4 and GUI Network Changes Not Available

November 15th, 2015 No comments

Spent a couple hours today working on testing a couple restores of openvz/lxc containers and ran into some network trouble. I was able to figure out the cause and hope the below helps others as well.

Symptoms were network config would not be written to the container but you could manually configure CentOS 7.

Cause: Undefined subroutine &PVE::Network::is_ip_in_cidr
Solution: manually update perl package PVE::Network in /usr/share/perl5/PVE/Network.pm from GIT at https://git.proxmox.com/?p=pve-common.git;a=blob_plain;f=src/PVE/Network.pm.

Why: It appears there were some changes made to the /usr/share/perl5/PVE/LXC/Setup/Redhat.pm perl module which depended on an updated /usr/share/perl5/PVE/Network.pm that were not yet available via apt-get update & upgrade, specifically the is_ip_in_cidr function and was causing an error on lxc container start. Once this was updated that worked – mostly. But that was another problem (maybe with something specific to my environemnt)

Version: ProxMox V4 updated to latest via apt-get update & upgrade.

This was pretty much a fresh install to which then I did an update on and had this issue. If there is a place I should file a bug report to let me know. It’s working fine on my system after this quick fix which took a bit to track down.

I generated a patch to save some people some digging – hope it helps.

root@pve:~# cat Network.pm.patch
--- /root/Network.pm.old	2015-10-05 05:32:34.000000000 -0500
+++ /usr/share/perl5/PVE/Network.pm	2015-11-15 16:58:52.402398047 -0600
@@ -9,6 +9,8 @@
 use IO::Socket::IP;
 use POSIX qw(ECONNREFUSED);

+use Net::IP;
+
 # host network related utility functions

 our $ipv4_reverse_mask = [
@@ -467,4 +469,35 @@
     return $result;
 }

+sub IP_from_cidr {
+    my ($cidr, $version) = @_;
+
+    return if $cidr !~ m!^(\S+?)/(\S+)$!;
+    my ($ip, $prefix) = ($1, $2);
+
+    my $ipobj = Net::IP->new($ip, $version);
+    return if !$ipobj;
+
+    $version = $ipobj->version();
+
+    my $binmask = Net::IP::ip_get_mask($prefix, $version);
+    return if !$binmask;
+
+    my $masked_binip = $ipobj->binip() & $binmask;
+    my $masked_ip = Net::IP::ip_bintoip($masked_binip, $version);
+    return Net::IP->new("$masked_ip/$prefix");
+}
+
+sub is_ip_in_cidr {
+    my ($ip, $cidr, $version) = @_;
+
+    my $cidr_obj = IP_from_cidr($cidr, $version);
+    return undef if !$cidr_obj;
+
+    my $ip_obj = Net::IP->new($ip, $version);
+    return undef if !$ip_obj;
+
+    return $cidr_obj->overlaps($ip_obj) == $Net::IP::IP_B_IN_A_OVERLAP;
+}
+
 1;
Categories: Server Software Tags:

ProxMox and IPv6

April 14th, 2015 No comments

So yes – it is a royal PITA. Why? Not sure, IPv6 has been around for some time but it just doesn’t work out of the box. Here’s my notes incase I’ve got to do this again.

 

#auto load ipv6 to prevent errors with sysctl on boot
echo ipv6 >> /etc/modules

#if new bridges are not getting copied correctly (vlans) then check this out
#for a patch to /usr/share/perl5/PVE/Network.pm - copy_bridge_config
http://forum.proxmox.com/threads/17895-Disable-Multicast-Snooping

#The big Big BIg BIG problem i had was multicast_snooping was enabled on the bridge causing local IPV6 traffic to be blocked.

Solution was to create the following network up script
root@pve-00:/etc/network/if-up.d# cat vmbr0
#!/bin/bash

sysctl -w net.ipv6.conf.eth0.autoconf=0
sysctl -w net.ipv6.conf.eth0.accept_ra=0
sysctl -w net.ipv6.conf.all.accept_redirects=0
sysctl -w net.ipv6.conf.all.router_solicitations=1
sysctl -w net.ipv6.conf.default.forwarding=1
sysctl -w net.ipv6.conf.all.forwarding=1
sysctl -w net.ipv6.conf.default.proxy_ndp=1
sysctl -w net.ipv6.conf.all.proxy_ndp=1

echo 0 > /sys/devices/virtual/net/vmbr0/bridge/multicast_snooping

Then my network configuration was updated as follows:
root@pve-00:/etc/network# cat interfaces
# network interface settings
auto lo
iface lo inet loopback
iface lo inet6 loopback

iface eth0 inet manual

iface eth1 inet manual

iface eth2 inet manual

iface eth3 inet manual

auto vmbr0
iface vmbr0 inet static
address xxx.xx.xx.xx
netmask 255.255.xxx.0
gateway xxx.xx.xx.xxx
 bridge_ports eth0
 bridge_stp off
 bridge_fd 0

iface vmbr0 inet6 static
address 2001:xxxx:xxxx:xxxx::xxxx
netmask 64
gateway 2001:xxxx:xxxx:xxxx::xxxx
post-up /etc/network/if-up.d/vmbr0


#I also applied this kernel patch:
http://forum.proxmox.com/threads/21218-SOLVED-Proxmox-VE-IPv6-Problems
wget ftp://download1.proxmox.com/debian/dists/wheezy/pvetest/binary-amd64/pve-kernel-2.6.32-37-pve_2.6.32-148_amd64.deb
dpkg -i pve-kernel-2.6.32-37-pve_2.6.32-148_amd64.deb

## The actual patch for reference:
diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c
index ef66365..8ccc0bf 100644
--- a/net/bridge/br_multicast.c
+++ b/net/bridge/br_multicast.c
@@ -1562,8 +1562,8 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br,
 return 0;

 /* Prevent flooding this packet if there is no listener present */
- if (!ipv6_addr_is_ll_all_nodes(&ip6h->daddr))
- BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
+/* if (!ipv6_addr_is_ll_all_nodes(&ip6h->daddr))
+ BR_INPUT_SKB_CB(skb)->mrouters_only = 1;*/

 if (ip6h->nexthdr != IPPROTO_HOPOPTS ||
 ip6h->payload_len == 0)

Categories: Server Software Tags:

Mavericks 10.9.4 – Enable Trim

July 30th, 2014 No comments

Create a backup:

sudo cp /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage.original

Patch file:

sudo perl -pi -e 's|(^\x00{1,20})[^\x00]{9}(\x00{1,20}\x54)|$1\x00\x00\x00\x00\x00\x00\x00\x00\x00$2|sg' /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage

Flush/Update OS Caches:

sudo touch /System/Library/Extensions/
sudo kextcache -system-prelinked-kernel
sudo kextcache -system-caches
Categories: Uncategorized Tags:

Finally Rebooted

February 20th, 2010 Comments off

As time marches on I am in the process of upgrading my Vmware ESXi installations and the systems I keep running had some excellent uptime statistics… Here they are 🙂

Server 1: 11:22:25 up 442 days, 11:41,  1 user,  load average: 2.05, 1.43, 1.80
Server 2: 11:24:30 up 442 days,  9:41,  1 user,  load average: 1.02, 1.50, 1.33

Just some fun statistics.

Categories: Server Software Tags:

Firebox x700 LCDproc driver

March 11th, 2009 1 comment

Wrote some code a while back; figured i’d get some other eyes on it.  I’ve been informed that there is a possability a charmap can be created for the hd44780 driver which would add the benifit of working buttons!

My source code is here

Hardware LCD spec is here

Categories: Server Software Tags: , , ,

OpenLDAP compiled with Kerberos fails to start

February 19th, 2009 1 comment

After compiling openldap with kerberos support, you get the following error message when starting it

bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/openldap-data: (2)
Expect poor performance for suffix dc=****,dc=****.
smbk5pwd: unable to initialize krb5 admin context: unable to find realm of host ****** (-1765328167).
backend_startup_one: bi_db_open failed! (-1)
slapd stopped.
connections_destroy: nothing to destroy.

This is because you have not created a configuration for kerberos yet.

To Fix:

cp /etc/krb5.conf.sample /etc/krb5.conf

Categories: Server Software Tags: ,