Hi,
Some time in the last 6 months the kernel-ml kernel and associated packages from
EPEL (used to work under Xen on CentOS 7, 8 and later and other
RHEL-like) seems to not include the module xen-blkfront in the
initramfs that it creates. As a result you don't see any block
devices at boot.
I don't know if this is intentional. I don't exactly know how it's
meant to work. I *think* that dracut is supposed to be able to work
out what drivers are required for your root filesystem and include
those without you having to do anything special.
Whatever the case it is not doing it right now. It's easy to fix
though.
# lsinitrd /boot/initramfs-5.15.6-1.el7.elrepo.x86_64.img | grep xen-
xen-netfront
# # note: no xen-blkfront
# cat > /etc/dracut.conf.d/xen.conf <<End-of-script
add_drivers+=" xen-blkfront "
End-of-script
# dracut -f --kver "5.15.6-1.el7.elrepo.x86_64" /boot/initramfs-5.15.6-1.el7.elrepo.x86_64.img
# lsinitrd /boot/initramfs-5.15.6-1.el7.elrepo.x86_64.img | grep xen-
xen-netfront
xen-blkfront
If your VM is currently unbootable you'll need to do this from the
rescue VM:
user@rescue:~$ sudo -s
root@rescue:/home/user# mount /dev/xvda1 /mnt
root@rescue:/home/user# cd /mnt
root@rescue:/mnt# mount -t proc /proc proc/
root@rescue:/mnt# mount --rbind /sys sys/
root@rescue:/mnt# mount --rbind /dev dev/
root@rescue:/mnt# chroot /mnt /bin/bash
[root@rescue /]# # This is your CentOS install, proceed as above
Our installer for CentOS 8 takes care of the above for you right
now, but if you have a pre-existing CentOS 7 or 8 (or whatever)
system using kernel-ml from EPEL then you may want to confirm that
your initramfs still has xen-blkfront inside of it otherwise you
will get a nasty surprise at next boot.
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
I always meant to get my head around Ansible (or Chef, or Puppet) for my
VPS based on recommendations on this very list. Sadly I have not yet got
round to it, and I suddenly find I have a need for something of this ilk
at work.
My use case is a single Linux instance, on-prem. (No fleet, no cloud, no
VMs or containers planned.) It's to provide internal services for an
office network: DHCP, DDNS, maybe NAS, maybe print accounting, maybe
firewall/router/IDS, maybe apt cache or other proxies.
I think what I want is infrastructure-as-code:
* Config files (/etc) under revision control with convenient automated
backup
* All superuser actions are fully logged and replayable (fire drill:
complete reimage from scratch)
* Nobody gets direct sudo access, but I can give out admin access via
the config management tool.
I've had root shells for about 25 years now but I'm new to thinking
deeply about IaC. I would be grateful for feedback:
- is what I think I want reasonable and achievable? (what are the gotchas?)
- am I on the right track by looking at Ansible/Chef/Puppet and do any
of them particularly suit my use case? Are the paid-for versions worth
paying for?
- is there a useful noobs guide?
Thanks
Ross
Hello,
As you may or may not be aware, CentOS 8's EOL is 31 December 2021,
i.e. just over 2 months from now. After that date, Red Hat expects
CentOS 8 users to switch to CentOS 8 Stream or to a Red Hat
Enterprise Linux product.
At the moment BitFolk supports the self-install of CentOS 8 and that
is going to be in-place upgradeable to CentOS 8 Stream. And that's
it. That is the current extent of your choices for RHEL-like.
If you're a current CentOS 8 user what do you think you're going to
want to be using after it goes EOL?
It seems likely that there will be demand for CentOS 8 Stream and
later Stream releases, so we'll continue supporting those as best
we can¹.
RHEL itself is now free for use on up to 16 production systems, as
long as you sign up with Red Hat for an Individual Developer
subscription:
https://www.redhat.com/en/blog/new-year-new-red-hat-enterprise-linux-progra…https://developers.redhat.com/rhel8
We don't currently support the install of that, but if people want
it then we would. You install it like CentOS and then have to put in
your subscription details once it's booted. The same change of
installer and kernel would be necessary since it sees unlikely that
Red Hat are going to back down from disabling everything except KVM.
That does mean that you may not be able to get Red Hat to provide
you with any support ("come back when it's booted using our
kernel").
As far as CentOS replacement projects go, Rocky Linux and
Alma Linux have come to my attention. They aren't currently
supported but could be. They don't intend to drift much from RHEL's
settings so they will also require alternate installers and kernels.
Oracle Linux's installer and kernel continues to support Xen, it is
free for use (charges for support) and otherwise aims to be
binary-compatible with RHEL, like CentOS did. I get a little bit
sick in my own mouth at the idea of working with Oracle, but if
there's paying customers who don't then we will enable that.
So what do you CentOS users want to do?
Cheers,
Andy
¹ Red Hat goes out of their way to disable other virtualisation
methods than their own product, KVM. This means that you can't
currently install or run CentOS/RHEL 8 or later under Xen using
their packaged installer or kernel. It is only possible using the
third party kernel-ml package. Red Hat are the only major Linux
vendor to take this stance and as such we can't promise to always
be able to go against their intentions.
https://strugglers.net/~andy/blog/2021/02/03/booting-the-centosrhel-install…
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Hi,
I am a (delighted!) relatively new BF user and run two dozen websites under Centos and Virtualmin, with no email as I keep email off my webserver.
I am fed up with Cpanel in multiple ways and want to drop the server where I currently have all my email and mail forwarders.
Is another VPS on Centos with Virtualmin a good route to manage my and my clients’ email?
Or is there a better solution for a mail server?
Cheers
Hugh
Hi,
You may recall that all through the first half of 2021 we've been
moving customer services off of certain servers in order to upgrade
the servers and put them back in service. That effort ground to
a halt in June because of other more pressing concerns. We're now
starting that up again to finish the job.
We sent notification emails to everyone who would be affected, but
this was back in June so you may have forgotten. These went to
customers on servers "hen" and "paradox", which are the last two
servers that need upgrade.
That notification email asked you to let us know if you need more
than 5 minutes of notice for the work to be done. If you did reply
to that, don't worry, we still have records of that and will give
you the amount of notice you asked for.
If you didn't reply then we are still assuming that 5 minutes of
notice at any time of day is fine and that's how we'll be proceeding
over the next couple of weeks. If that situation has changed then
you should look for the original notification email and reply to it
with your needs.
The last batch of notification emails were sent out to customers on
"hen" and "paradox" on Saturday 5 June 2021 with subject line:
We need to move your BitFolk VPS '$accountname' to other hardware
If you can't find it but still need to let us know, just email
support(a)bitfolk.com to open a support ticket. Again, this only
affects customers on servers "hen" and "paradox". Here's how to work
out which server your service is on:
https://bitfolk.com/customer_information.html#toc_3_Which_piece_of_actual_h…
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hi,
Yesterday evening and again this morning we've had two customers try
to upgrade their 32-bit Debian 10 VMs to Debian 11 and end up with
something that doesn't boot. This is because the Linux kernel
stopped supporting 32-bit Xen PV domains at version 5.9.
The quick workaround for those on Debian 10:
xen shell> virtmode pvh
xen shell> boot
We have talked a lot about this over on the "users" list over the
years, and for a while now the default at BitFolk has been 64-bit,
PVH mode guests, but we can't switch existing customers over to PVH
mode because it requires at least kernel version 3.19 and we don't
know what kernels you're running. So existing customers have been
left to switch on their own.
Switching to PVH mode will for now allow you to continue to run
32-bit VMs. However, aside from this, 32-bit Linux has been in
decline for some time and it's know to be less performant and less
secure than 64-bit. So the time has already passed where you should
be planning your switch to 64-bit.
== Just switching your kernel ==
Most of the advantage is to be gained by just switching the kernel,
so those running Debian could do that as Debian has good support for
this.
1. Upgrade to Debian 10 (buster)
2. Follow these instructions only up to and including the "Install a
kernel that supports both architectures in userland" step.
3. Connect to your Xen Shell
4. Shut down, boot, select the new amd64 kernel
xen shell> shutdown
xen shell> boot
If for any reason this does not work, just boot again and select
your previous i686 kernel again.
We suggest doing this in the Xen Shell so you can interact with
the boot process because the new amd64 kernel may not be listed
first in your bootloader.
5. Once satisfied that your amd64 kernel works you can remove the
i686 kernel packages.
Debian will take care of providing you with amd64 kernel updates in
future.
If you haven't already done so you should consider switching to PVH
mode now as well.
We do not recommend trying to fully cross-grade your operating
system to 64-bit unless you are an expert.
== Reinstall ==
You can do a reinstall in place yourself:
https://tools.bitfolk.com/wiki/Using_the_self-serve_net_installer
Don't forget to first switch your architecture to 64-bit and your
virtmode to PVH:
xen shelll> arch x86_64
xen shell> virtmode pvh
as these are the modern defaults.
We can also offer a new account free for two weeks for you to
install into and move your things over.
https://tools.bitfolk.com/wiki/Migrating_to_a_new_VPS
== PVH mode? ==
Which virtualisation mode you use is rather something we don't
expect customers to have to worry too much about, so new customers
have been in PVH mode for some time and haven't had to think about
it, but existing customers will need to make the change at some
point.
Anyone with a kernel that's 4.19 or newer should be able to switch
to it. Here's more info:
https://tools.bitfolk.com/wiki/PVH
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hi,
TL;DR: We turned off suspend+restore for everyone. We think it is
okay for you to re-enable it as long as you use kernel 4.2 or newer
(released 6 years ago), but can't tell what kernel you're running so
erred on the side of caution. We continue to use it for our own VMs.
More detail:
We've just opted you all out of suspend+restore because of the
filesystem corruption that afflicted 2 customer VMs during the
maintenance in August. There were 83 customer VMs that previously
had opted in.
While investigating that we did of course not do any suspend+restore
anyway. I am now satisfied that we know why it happened and under
what circumstances it should be safe to use it again, but as a
precaution we have opted everyone out of it so you can make your own
decisions.
A direct email has gone out to the main contact for each VM that had
previously opted in to this. That email contains far more detail. If
you think you had opted in to suspend+restore but don't see that
email please check your spam folders etc (and then mark it as "not
spam" if necessary!).
You can see the current setting (or opt back in) here:
https://panel.bitfolk.com/account/config/#prefs
You can read more about suspend+restore here:
https://tools.bitfolk.com/wiki/Suspend_and_restore
Thanks,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hi All,
I am trying to ssh back from my Bitfolk VPN into my home system, and it
has stopped working.
Traceroute shows the following....
ian@hobsoni:~$ traceroute -4 109.51.83.178
traceroute to 109.51.83.178 (109.51.83.178), 30 hops max, 60 byte packets
1 macallan.bitfolk.com (85.119.80.25) 0.249 ms 0.636 ms 0.566 ms
2 jump-gw-3.lon.bitfolk.com (85.119.80.3) 3.064 ms 3.533 ms 3.931 ms
3 t2.jump.net.uk (194.153.169.238) 0.370 ms 0.360 ms 0.400 ms
4 as2914.jump.net.uk (194.153.169.185) 0.601 ms 0.483 ms 0.658 ms
5 195.219.23.72 (195.219.23.72) 0.977 ms 0.862 ms 0.758 ms
6 if-ae-66-2.tcore1.ldn-london.as6453.net (80.231.60.144) 29.946 ms
31.290 ms 31.202 ms
7 * * *
8 if-ae-2-2.tcore2.l78-london.as6453.net (80.231.131.1) 30.463 ms
30.381 ms if-ae-11-2.tcore2.sv8-highbridge.as6453.net (80.231.139.41)
29.692 ms
9 if-ae-2-2.tcore1.sv8-highbridge.as6453.net (80.231.139.2) 29.665
ms if-ae-19-2.tcore1.sv8-highbridge.as6453.net (80.231.138.21) 29.863
ms if-ae-2-2.tcore1.sv8-highbridge.as6453.net (80.231.139.2) 29.932 ms
10 if-ae-1-3.tcore1.pv9-lisbon.as6453.net (80.231.158.29) 33.713 ms
29.070 ms 28.481 ms
11 if-ae-2-2.tcore2.pv9-lisbon.as6453.net (80.231.158.6) 28.858 ms
28.497 ms 28.604 ms
12 195.219.214.18 (195.219.214.18) 28.540 ms 28.010 ms 28.446 ms
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
ian@hobsoni:~$
What does this mean about 195.219.214.18?
And who do I contact to get things put right?
Many thanks
Ian
--
Ian Hobson
Tel (+351) 910 418 473
--
This email has been checked for viruses by AVG.
https://www.avg.com
Hi all,
Hopefully an easy one I can get help with.
I would like to add a new user to the server.
I found the following guide works for me:
https://thucnc.medium.com/how-to-create-a-sudo-user-on-ubuntu-and-allow-ssh…
Is there a gotcha that will cause a problem down the line?
The server is used as a playground for the weareveryone.org no serious
coding.
Regards,
Andres
--
Andres Muniz-Piniella (he/him/his) CEng mIoP
Everyone’s Warehouse Manager
Participatory City
47 Thames Road
IG11 0HQ
+44 7704 003974
Sent while on the Move
Please tell me how was your day at the Warehouse!
https://eoed.typeform.com/to/i2q8Gf
Hi,
We began receiving alerts at approximately 03:02Z today that host
"macallan" was unresponsive.
There was nothing interesting on its serial console. Its console
also did not respond. The out of band access to the BMC worked but
didn't show anything unusual. There were no hardware events logged.
In the face of a hard lock up all I could do was power cycle it.
All customer VMs were booted again by about 03:30Z.
I'll be keeping a close eye on this server. If this repeats then we
may have to move customers off of it at speed and with little
notice.
Apologies for the disruption this has caused.
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
