Best posts made by jrc

And it has a ton of old stuff in it, as near as I can tell the person who abandoned the unit was a PC Repair tech in the 80s and into the mid 90s. There are tons and tons of stuff in there that I figure some people on here would be interested in looking at.

Here are the pictures from my initial exploration: http://imgur.com/a/0rEIv

If I had the space I'd be repairing and running most of this stuff just to relive the glory days of computer, but alas I do not have the space, plus the SO would probably kill me if I dragged it all home with me.

So I will be trying to sell most, if not all, of it. But I am not too sure I want to have to ship the larger pieces. I plan on having a "Geek Garage Sale" the last weekend on April (if anyone on here is interested in buying anything let me know, or if you are interested in stopping by for the sale).

There is so much stuff, so far I've catalogued nearly 300 ISA cards, hard drives, floppy drives and peripherals, and I've not even started on the bigger things.

https://airtable.com/shraX3xyq3qjiGRVr - Expansion Cards

https://airtable.com/shrA7cS5ApaOun6gd - Drives, motherboards, CPUs etc.

I'm gonna be busy on this for some time.

Hi Everyone!

Ok, so about 2 years ago I posted on Spiceworks asking for advice on a backup solution for Xenserver. Well I am back asking again, but someone mentioned that this forum is a good place to ask about this.

Based on the feedback from the original post we ended up going with PHDVirtual, which worked very well. Since then they were acquired by Unitrends and the product has become completely unreliable (hitting maybe 38% success rate on daily backups). I even went so far as to completely redo the system from the ground up (fresh appliance, blank backup target NAS), but it looks like UEB is just not capable or reliable backing up Xenserver.

So here I am again, looking to evaluate some options for backup. I plan to take a deep look at Alike again, but was wondering what else may have popped up since the last time I looked. How do you guys that use Xenserver back them up?

Thanks in advance,

JRC

EDIT: I should mention that I need a solution that allows for de-dupping of the data backed up (so I can keep around 6mo of backups, and I'll need something that allows me to do a file level restores for my ~2Tb of data on my Fileserver).

With help from @anthonyh we were able to come up with a work around.

I set the user's home folder (/home/<user>) as the CHroot path, set that as root:root with 755 permissions. Then I created a bind mount to a subfolder called website (so /home/<user>/website is a bind mount for /var/www/sites/site.domain.com/<user>), then chowned that folder to <user>:root with 755 permissions.

Now they can SFTP in, and change to the website folder and put their stuff there. No more seeing all the other users and folders.

For the record here is my SSHD config lines:

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp

Match Group sftpgroup
        ChrootDirectory /home/%u # or %h either would work
        ForceCommand internal-sftp
        X11Forwarding no
        AllowTcpForwarding no

And the steps I used to get this working:

• Create the user:
  sudo adduser <user> --ingroup sftpgroup --shell /bin/nologin
• Create a folder to house their site and set the permission:
  sudo mkdir /var/www/sites/site.domain.com/<user>
sudo chown <user>:root /var/www/site/site.domain.com/<user>
• Create the bind mount for their CHRoot jail home
  sudo mkdir /home/<user>/website
sudo mount --bind /var/www/site/site.domain.com/<user> /home/<user>/website
• Set the permissions on the CHRoot jail
  sudo chown root:root /home/<user>
• Add the mount points to fstab so that they persist through reboots
  sudo nano /etc/fstab
  Add /var/www/site/site.domain.com/<user> /home/<user>/website none rw,bind 0 0

It's not as neat as I'd like it, but it works.

So the dude followed the instructions a little to closely and was fired due the results of that. F that noise. Not his fault at all.

No backup to restore? Also, not his fault.

Legal action against him, not bloody likely. If anything he has a case against them for wrongful termination.

Still with that much incompetence going around, and a supervisor who is gonna fire you rather than educate you and/or put the blame where it actually belongs, I think the guy is way better off staying fired and looking for a job at a company.

@scottalanmiller

The worst ticketing system ever made. Web based, looks right out of the 90s and confuses the hell out of everyone who uses it.

@RojoLoco

Yeah, the idea of a AMD Ryzen rig with a GeForce GTX1080 built into one of those roundish terminals is interesting.

@DustinB3403 said in Backup solutions for Xenserver:

Xen Orchestra is our current VM backup appliance of choice around here.

If you want to backup the Boot device, you'd just clone the bootable USB/SD card.

I thought Xen Orchestra was for managing Xen, not backing it up. I'll need to look into that. Does it do any de-duping? And file level restores?

@coliver said in Backup solutions for Xenserver:

Have you gotten in touch with Unitrends Support? That may be the first stop on investigating this.

Xen Orchestra has several decent options for backup.

Yes I have been working with them closely. However the latest UEB is just riddled with all kinds of bugs, and the Xen support is very much an afterthought for them. It's become very obvious that they only acquired PHD for their interface and would not be surprised if they drop Xen support all together once the various PHD contracts expire.

This may be a simple question, but can someone give me direction on how to resolve the fact that I have a shared SR for my 2 hosts (it's a SAN) that has 11Tb of useable space with just over 4Tb allocated, yet XenCenter says I am using almost 8Tb on it. There are no snapshots that I can find in Xencenter, so I am not sure what is eating up the extra 4Tb and I have no idea how to even go about finding it and clearing it. When I run the "reclaim freed space" it takes about 5 seconds to run and does nothing (at least nothing I can see).

So does anyone have some insight on how I can clean this up and release the 4Tb in question?

Xenserver 6.5 Update 8, with plans to install all the current updates this weekend.

Thanks in advance!

I think I may have worked it out. It would appear that the online coalesce for the VM in question keeps timing out on the specific VDI in question (the 6255... one), they go on to say this might be due to heavy load on the storage at the time it tries. I do not think this is the case here, but the suggested solution is to shut it down and do an offline coalesce with the command:

xe host-call-plugin host-uuid=<UUID of the pool master Host> plugin=coalesce-leaf fn=leaf-coalesce args:vm_uuid=<uuid of the VM you want to coalesce>

I am going to try this tonight and see what happens.

A side question: How does one work out: 1. If your storage is too slow? and 2. What is the IOP speed your storage is capable of?

@scottalanmiller said in Xenserver Space Woes:

@jrc said in Xenserver Space Woes:

So my IOPs seem to be jumping between 0 and 900k fairly quickly. But the Queue size seems to stay between 0 and 1, with the latency very low (near zero) as well. Network traffic is well under 1MBps. This is from the performance meters on the Xen master host.

Basically what that is telling me is that you have plenty of IOPS in reserve and you are never demanding more from it than it can provide. Those numbers are basically showing your storage as "idle" and ready for whatever you want to throw at it.

Ok, so my gut on that was right. Then I need to work out why the leaf quiescence thingy is timing out, since it appears to not be a disk IO thing.

So I have OpenVPN setup and working for me and some colleagues to be able to do some work from. I have it so that it routes any 10.0.0.0/8 traffic via the VPN but all else stays local and it works great.

However, one thing it does is it sets the DNS servers to those at work, but I don't want it to do this for a variety of reasons. I'd like it to use the local DNS settings as the primary, then the work ones as secondary, so that if it can't resolve something it would then query the work ones. So something like google.com would get resolved locally, but someserver.my.domain would get pushed out to the remote DNS server for resolution.

Is this even possible? If so, how do I do it on the server side?

Thanks in advance for the help!

@thwr said in Apache 2 and Ldap Auth:

Awesome, glad you found a solution. Please be aware that auth basic is plaintext, just base64-encoded. Better use at least SSL to protect at the transport layer.

https://en.wikipedia.org/wiki/Basic_access_authentication#Client_side

Yes, I know. First thing I did when I setup this server was to add a cert, setup the SSL and create a rewrite rule to force all access over SSL (HTTPS). This auth stuff is also only in the default-ssl.config file.

@scottalanmiller said in Suggestions on a VPN Solution:

@jrc said in Suggestions on a VPN Solution:

I had planned on it being used as a switch, the ER-8 was chosen mostly because it seems to be higher performing device than the ERL, and as such would possibly allow for more expansion and flexibility in the future for the main store.

This doesn't make sense like you think that it does.

• The ERL does a million pps, that's equivalent to a $3,000 Cisco enterprise router. You don't need more than that, your little shop can't even think of being able to use that. Paying for more is 100% wasted. There is just no way that you need anywhere near what this can provide. The ERL will handle so many branches, so many users.... you'll be building new buildings all over the place before you need to think of replacing that for speed reasons.
• The ER-X has the switch, not the ER8.
• The ER8 is an eight port router, this is "real gear", don't think of it in Netgear terms. Those are not switch ports.
• Wanting to use the router as a switch conflicts with your goal to overbuy and have so much power. Good practice is to have them be separate. There is a reason that only the entry level ERX includes a switch and the serious router options do not.

Perfect! That is the explanation I needed. ERL it is, and I had always planned on pairing the ERL with an 8 port gigabit dumb switch at the satellite location.

It broke on me, and for the time being I have managed to jerry rig the thing so the CPU does not overheat, but I need to replace the plastic piece that the heat sink lever attaches to on one side.

Anyone know where I can get one? I tried searching for it, but I can't seem to find one for sale anywhere. Seems a shame to have to toss a perfectly good server because of one little piece of plastic.

And before you respond with "That's an old server, toss it out the window and get a new one" I'll ask you not to. This would not be helpful in anyway, besides this server is not a production server, it is setup as a NAS for our tech team to use to make short term backups of peoples data and/or a place to drop any software installers we use on a semi-regular basis, and there is simply no money to replace the whole thing.

@Tim_G said in Dell Poweredge 2950 CPU Heatsink Retention bracket:

We already threw a bunch out. I think we have another on it's way out. Is yours a 2U? Maybe I could send you the piece you need... here's a pic of the one I have:

Yes, that is exactly what they look like. If you are tossing the thing and can mail them to me that would be awesome. Could I be so bold as to ask for all 8 pieces from the CPU sockets? Never hurts to have some spares.

I can paypal you over some money for mailing and a little extra for a six pack or something.

I'd not use it. The "free" aspect of it worries the hell out of me, they have to make money somehow. Then there is the fact that it is "peer-to-peer" that means that at some point your machine/device will be used as an exit node, and as soon as that happens all bets are off. You'll probably have the FBI knocking on your door pretty soon asking why your IP was used in some crime or another, assuming they ask before arresting you...

Free ALWAYS poses some risk to you, but in most cases it's just advertising, but in others it is far less clear.

If you are looking for a VPN then look for a solid reputable one that is not free (in most cases they are less than $100/yr). You'll be much better off.

You might be able to force the running DC to assume all the roles. https://technet.microsoft.com/en-us/library/cc816779(v=ws.10).aspx

Once you do this, you'll need to do a cleanup of the AD and remove the dead controller. Once all of that is done you can then bring up a new server and promote it to a DC.

Looks like Ubuntu just added a message to remind people that the older version (12.04 Precise Pangolin) is out of support and will get no more updates.

Probably in the file that does the message of the day (/etc/update-motd.d.10-help-text)

@Kyle said in Junior Dev destroys PROD DB on first day.:

If he wanted to he could sue for his job back I'm sure.

They don't want to work for this company, no one does. If they are going handle such a reasonably understandable mistake in this manner I shudder to think how' they'd handle bigger issues. I mean, he could find himself charged with trespassing if he's 5 min late.

So i put the DBAN CD into a usb optical drive, and it does boot on these macbooks, and I can unplug it when it starts and move over to the next one. So it's working kind of like a thumb drive. So I guess that'll have to do.

Takes about 3 minutes of tech time to setup for each of them. Not too sure I could do any better with a different approach.