Hi,
We've now tested and made available:
- Debian wheezy (testing)
- Ubuntu Natty Narwhal (11.04)
for self-install:
https://tools.bitfolk.com/wiki/Using_the_self-serve_net_installer
If trying out Debian wheezy please do bear in mind that as the
current testing distribution it is still under development and may
thus be broken and/or uninstallable at any particular time. Whilst
we will most likely be unable to help, we'd still like to hear of
any problems you have using or installing wheezy.
Those considering an upgrade from Ubuntu Lucid Lynx (10.04.x LTS) to
Maverick Meerkat (10.10) or Natty Narwhal (11.04) should remember
that vendor security support for these latter two releases ends in
April/October 2012 respectively. If you don't intend to upgrade your
OS before then, you may wish to remain on the LTS release which is
supported until April 2015.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hi all,
now that CentOS 5.6 has finally been released I've just run a "yum
update" to install it.
Despite installing the latest kernel (kernel-xen-2.6.18-238.5.1.el5)
it's not actually booting with it (despite a shutdown and console boot).
I guess I need to do something outside of the VPS (pyGrub?) to get this
working but I don't know what.
Can anybody advise, please?
Thanks,
Mike
Hi everyone
My VPS running Debian Lenny has recently started to crash frequently,
about 6 times in the last week. I've had out of memory conditions in the
past, though reasonably infrequently, so that was my first I thought.
I've bumped my RAM allocation, added extra swap and removed a few
services which weren't strictly necessary but the crashing continues. My
resource graphs don't suggest any memory usage build up before the crash
or anything else untoward going on and the system logs report nothing,
it seems to just go more or less instantaneously.
I managed to capture some of the console output when I got to the machine:
http://pastebin.com/TjZRCebQ
But it had been dead for about 6 hours as I'd been out for the evening,
so it's possible the crucial part was lost before I got to it.
I'm not much of an expert on interpreting kernel panics so I thought I'd
ask if anybody has any greater insight on the cause or how I can capture
the output to disk.
At this point, my only options seem to be to migrate services off to
another system until the system stops crashing, or add more RAM, or
start afresh on a new VPS to see if it goes away.
Regards,
Adam Sweet
--
http://blog.adamsweet.org/
Hi,
At approximately 0442Z today, 2011-04-05, I was alerted that several
VPSes on barbar.bitfolk.com were not responding.
On investigation, the host itself was displaying kernel errors
related to Xen, and was also unresponsive. At this point I decided
to power cycle it.
When it came back up several of its RAID devices would not mount. It
looked like this was just because of the power cycle; a write had
managed to hit one of the disks but not any of the others, and a
mount could be forced. I didn't want to rush into anything though
due to the possibility of data loss.
After some further investigation, I was able to find a way to sync
the arrays and mount cleanly, and boot progressed. As of
approximately 0521Z VPSes have been starting up again on barbar and
this has just completed.
I am not seeing any problems at the moment, though there is high
disk contention due to many VPSes trying to fsck at once and
a background verify of RAID integrity taking place. barbar had
previously been up for nearly 2 years so many VPSes on it require
fsck.
For now we'll be keeping a close eye on the server and later today
will investigate further.
Please accept my apologies for the disruption.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hello,
As you may be aware, BitFolk offers free authoritative DNS services
to VPS customers. This is provided by means of the BitFolk DNS
servers taking a zone transfer (AXFR) from the customer's name
server.
As part of this service we monitor the customer's name server as a
matter of course. That's because it saves everyone's time to know
where any problems lie.
What we currently monitor:
- Customer's server responds on TCP/53
- Query of server for SOA record of the customer's domain produces
a positive, authoritative response
That's pretty good but it misses one class of misconfiguration:
where a customer's name server is misconfigured to refuse zone
transfer from BitFolk's servers.
That's pretty obvious the first time the zone slaving is set up, but
if it happens afterwards then it relies on customers spotting
anomalies in their log files.
If it isn't fixed, then once the "expire" setting of the SOA record is
reached (generally 1-2 weeks for most domains) our name servers
will no longer respond to queries for the customer's domain. This
may come as a shock to the customer. At this point alerts will start
firing for us and we'll probably have to open a ticket.
I would really rather not have to open a ticket either when I spot
the refused AXFRs in my logs, or when I start getting alerts. I
would rather the customer got alerts as soon as AXFRs start failing.
The problem is I can't think of a way to check that AXFR works
without doing an AXFR. :) Can anyone else?
Alternatively, if BitFolk's Nagios tried an AXFR say once a day for
each of your zones would you consider that excessive?
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
"I am the permanent milk monitor of all hobbies!" -- Simon Quinlank
I found the same a while ago on mine. It reduced a many GB hourly diff to a few MB which including the snapshot was ~1/5 the size.
--
Deanna Earley
----- Reply message -----
From: "Adam Spiers" <bitfolk(a)adamspiers.org>
Date: Thu, Mar 24, 2011 12:02
Subject: [bitfolk] Individual snapshot disk usage report added to panel/backups
To: "Andy Smith" <andy(a)bitfolk.com>
Cc: <users(a)lists.bitfolk.com>
On 24 March 2011 11:38, Andy Smith <andy(a)bitfolk.com> wrote:
> Hi Adam,
>
> On Thu, Mar 24, 2011 at 11:26:53AM +0000, Adam Spiers wrote:
>> This is great - thanks! However I'm struggling to understand the
>> numbers shown. On my VPS I see hourly snapshots consuming 2.5GB -
>> what does this mean exactly? Presumably not that my VPS is churning
>> that much data per hour, because it should be idle most of the time
>> AFAIK.
>
> You refer to the differential report, so there are ~2.5GiB of diffs
> per snapshot. Since the per-snapshot report shows each snapshot
> coming in at ~9.5GiB that means you have the same amount of files
> but with ~2.5GiB changing content every time.
Wow, OK - something's not right for sure, as there shouldn't be
anywhere near that much churn on my VPS.
> Bear in mind that any time a file changes (even if it's just
> metadata), a copy of both the old and new version will be stored in
> their entirety.
By metadata presumably you mean inode updates? So I can search for
churn via find -ctime? In that case, could I expect remounting
partitions with the noatime or relatime options to drastically reduce
the size of incrementals?
http://en.wikipedia.org/wiki/Atime_(Unix)#ctimehttp://lwn.net/Articles/244829/
> I can have a look and see what I can make of it if you like. I'd
> rather not look at customer data without permission.
>
> If you want to look yourself, look for files that change metadata
> (mtime, ownership) all the time, like if they're being checked out
> of version control or downloaded from somewhere without preserving
> mtimes. Something like that.
Ahah. I think I may have located the culprits: huge log files.
-rw-r--r-- 1 root root 67797975 Mar 24 11:47
/home/adam/web/adamspiers.org/logs/error.log
-rw-r--r-- 1 root root 141526573 Mar 24 11:55
/var/www/redmine/log/mod_rails/error.log
-rw-r--r-- 1 www-data www-data 314066833 Mar 24 11:55
/var/www/redmine/log/production.log
-rw-r--r-- 1 www-data www-data 895519982 Mar 24 11:49
/var/www/wordpress/wp-content/debug.log
-rw-r--r-- 1 root root 899657028 Mar 24 11:56
/home/adam/web/adamspiers.org/logs/access.log
If I start rotating these regularly, then I could expect the
incrementals to significantly shrink, right?
For the benefit of anyone else who wishes to sanity check their churn,
I did something like this:
backup_dirs="/boot /etc /home /initrd /root /srv /usr/local /var"
find $backup_dirs -ctime -2 >& /tmp/find_-ctime_-2.out
xargs ls -ld < /tmp/find_-ctime_-2.out | sort -n -k5
If there's a better way then please do share it.
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
Hi folks I'm after either some signposting to a more appropriate place to
ask or a solution. The problem I have is that I'm trying to setup logwatch
to monitor a log file for a script I've written and am having no joy
whatsoever. Here's the steps I've taken and content, ownership and
permissions of relevant files (ask if I've missed something useful).
1. Setup script to log to /var/log/ssh-validate
2. Create script to process logfile
(/etc/logwatch/scripts/services/ssh-validate)
3. Create logfile definition (/etc/logwatch/logfiles/ssh-validate)
4. Create service definition (/etc/logwatch/services/ssh-validate.conf)
File /etc/logwatch/scripts/services/ssh-validate root:root -rwxr-xr-x
Perl script, reads from STDIN, outputs to STDOUT, works from command line
(using cat /var/log/ssh-validate | ./ssh-validate)
File /etc/logwatch/logfiles/ssh-validate root:root -rw-r--r--
LogFile = ssh-validate
Archive = ssh-validate.*.gz
File /etc/logwatch/services/ssh-validate.conf root:root -rw-r--r--
Title = ssh-validate
LogFile = ssh-validate
--
Robert Gauld
http://www.robertgauld.co.uk
Hello,
A clarification has today been added to BitFolk's Terms and
Conditions:
http://bitfolk.com/policy/terms.html
* BitFolk reserves the right to require that The Customer
perform a reinstall of The Service if at any time BitFolk
believes that The Service has been seriously compromised.
Whether the compromise is serious enough to require
reinstall will be at BitFolk's sole discretion.
I refer to this as a clarification because it has always been the
case that BitFolk has required reinstallation of seriously
compromised VPSes.
This has previously been enforced under the "block or terminate
service at any time for any reason" clause, but it was suggested
that it would be preferable to explicitly list it, and I agree with
that suggestion.
I hope you will agree in any case that responsible systems
administration practice is to reinstall when a root-level compromise
is discovered or strongly suspected.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hello,
It was brought to my attention earlier today that a zone file
correctly loaded into a customer's BIND nameserver and transferred
to BitFolk's servers was not being served correctly by two of the
servers.
On further investigation it seems that there's some bug in PowerDNS
regarding DNS names (the bit on the left hand side) with "\032" in them.
Last year I fixed a bug in the sqlite backend of PowerDNS regarding
incorrect escaping of "\", which had prevented "\032" and anything
else with "\" in it being stored correctly as DNS content (the right
hand side). I'm not yet sure if this is related or more fundamental.
I've reported the bug.
At the moment the impact is that if you have a DNS zone with
something like this in it:
foo\032bar._http._tcp SRV 0 0 10 baz.example.com.
then it will get stored in b.authns.bitfolk.com and
c.authns.bitfolk.com as:
foo bar._http._tcp SRV 0 0 10 baz.example.com.
This is incorrect. BIND servers taking the same AXFR would store
"foo\032bar._http._tcp". Anything correctly querying for
"foo\032bar._http._tcp" will not get answers from the affected
servers.
Therefore for the moment if you have zones that use these types of
record on the left hand side, you should not delegate them to
{b,c}.authns.bitfolk.com.
"\032" on the right hand side is okay.
If you use PowerDNS yourselves I'd be interested to know if you can
replicate this with backends other than gsqlite (e.g. gmysql or
gpsql), as this would indicate whether it's a problem with the
gsqlite backend or something else.
FWIW this type of DNS name seems to be used for DNS-based service
discovery: http://www.dns-sd.org/
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce