***: brycec has joined #arpnetworks
brachiation has quit IRC (Quit: leaving)
brachiation has joined #arpnetworks
toddf: brycec: must be blind, I haven't seen that popup (support contract/license) for proxmox)
***: rgouveia has quit IRC (Ping timeout: 246 seconds)
rgouveia has joined #arpnetworks
rgouveia has quit IRC (Changing host)
rgouveia has joined #arpnetworks
freedomcode has quit IRC (Read error: Connection reset by peer)
brachiation has quit IRC (Quit: leaving)
brachiation has joined #arpnetworks
brachiation has quit IRC (Client Quit)
brachiation has joined #arpnetworks
first2know has quit IRC (Remote host closed the connection)
hive-mind has quit IRC (Remote host closed the connection)
hive-mind has joined #arpnetworks
first2know has joined #arpnetworks
first2know has quit IRC (Remote host closed the connection)
first2know has joined #arpnetworks
sunil has joined #arpnetworks
mike-burns has quit IRC (Ping timeout: 246 seconds)
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
ziyourenxiang has joined #arpnetworks
first2know has quit IRC (Ping timeout: 240 seconds)
first2know has joined #arpnetworks
mikeputnam: <3 http://www.youtube.com/watch?v=A43JOxLa5MM
rgouveia: hehe
***: ziyourenxiang has quit IRC (Client Quit)
rgouveia: some ppl here are running proxmox? I'm trying to get vnc working, without being through the java plugin, but can't
shouldn't this work: /bin/nc -l -p 5900 -w 1 -c '/usr/sbin/qm vncproxy 100' ? I always get 'no connection : Connection timed out'
while '/usr/sbin/qm vncproxy 100' gives me: RFB 003.008
toddf: I'll help in a sec
here are my crib notes:
$ cat proxmoxssl
Note: user@pam for local auth
Note: example inetd.conf entry: "59100 stream tcp nowait root /usr/sbin/qm qm vncproxy 100"
Note: apt-get install openbsd-inetd
/usr/local/lib/ssvnc/ssvnc_cmd -proxy vencrypt://10.255.3.129:59701 10.255.3.129:59701 -noraiseonbeep
see if they get you further ;-)
I'm not familiar with using nc as an inetd replacement, I'd rather use the real deal
brycec: how would _me_ being the blind one work in that scenario? :P 00:10:09 >>@toddf<< brycec: must be blind, I haven't seen that popup (support contract/license) for proxmox)
Anyhow, it's the first thing that I see when I login https://dl.dropboxusercontent.com/u/3167967/screenshot_2013-08-29_09-23-16.png
rgouveia: toddf: will test and report back :-)
brycec: yeah, I got that too everytime I log in
brycec: Ooh good thinking on the inetd entry, toddf
toddf: brycec: I'm blind, I don't see the popup, sorry it was misunderstood
brycec: its slightly hackish as you have to manually allocate a port per vm, but quite less mem intensive than java to access consoles (though conserver is also a good idea too)
brycec: Sooo much easier and nicer than Java :) And if I just keep using sequential ID's, I can just dump a bunch in inetd and forget about it
rgouveia: toddf: and there's another prob with the java plugin, i have a box with and old java version which doesn't run even
toddf: I wish I could figure out how to tell proxmox to set perms on a serial unix socket properly; my choices are a) allocate tcp ports for proxmox serial ports for conserver or b) use unix sockets and manually chmod them everytime a vm is stopped/started; perhaps someone with conserver fu can suggest how to do the chmod from the conserver config though
brycec: indeed
***: reardencode has joined #arpnetworks
rgouveia: good news, at least now it connects! but still: Connected to RFB server, using protocol version 3.8 Server did not offer supported security type
using vncviewer here
gonna try ssvnc
reardencode: hmm, just had to reboot my VM on kvr19, seemed to have gotten into a bad IO state or something
rgouveia: toddf: btw, your setup notes are here http://pve.proxmox.com/wiki/Vnc_2.0#configure_Proxmox_host_for_TLS_connections
toddf: vncviewer does not do the ssl bits, the ssvnc cmdline above is all I have gotten to work, if you get something else to work, please do share
someday I'll understand what this spice thing is and why people are excited for newer versions of proxmox to support it
brycec: the cirucuit sim?
Oh "SPICE (protocol), a remote-connection sharing protocol"
toddf: yeah that
brycec: from what I've heard, it's everything that makes RDP good, but free and open source
Apparently it's already in QEMU as of March 2010.
toddf: looks like that webpage is missing the ssvnc bits to let unix hit console via that mechanism
sure it exists, I still don't know how I could use it ;-(
brycec: you could use the html5 client
toddf: $ qemu-system-i386 -h 2>&1 | grep -i spice
-spice [port=port][,tls-port=secured-port][,x509-dir=<dir>]
enable spice
brycec: well someday you'll get around to trying it out :p
toddf: brycec: !@#%!@#%$!@^%@!#$!@#$ ok talk to me about this html5 client. I have no infoz on how to do it yet my friend insists it works yet I have no browser that can connect to his consoles without java.
brycec: http://en.wikipedia.org/wiki/SPICE_(protocol)#spice-html5 all the info I have on it now. Oh and http://cgit.freedesktop.org/spice/spice-html5/
toddf: oh html5 spice client.
I thought you meant html5 vnc ssl client.
brycec: oh, yeah, fuck that
toddf: looks like there's a spice-gtk and virt-viewer that might talk spice in ports of OpenBSD.. hmm..
rgouveia: toddf: got it to work! :-) you saved me again
toddf: anybody: if you figure out how to use spice to talk to qemu and/or kvm and/or proxmox let me know in a brief note like I did above for rgouveia and proxmox + ssl vnc consoles
brycec: does it have to be ssl vnc?
would you acceupt unencrypted vnc?
toddf: brycec: 'qm vncproxy' speaks nothing else
brycec: http://pve.proxmox.com/wiki/Vnc_2.0 suggests that can be disabled
rgouveia: tested with ssvnc
toddf: brycec: if you can get encription all the way to kvm/qemu why would you ever want to disable it?
brycec: toddf: because it blocks old clients?
toddf: SPICE has its own encryption too
toddf: brycec: well, theres that. I see your url suggests a way to do it w/out inetd and traditional unencrypted vnc. nice too.
brycec: i bet as a corilary you could do a 'ps awwwx' and note how to do it directly with tls and not with the proxmox unix socket thing, probably break web ui consoles, but who cares if you don't use them eh?
rgouveia: guys, I've just tried with args stuff in the 100.conf and it works with vncviewer
toddf: indeed me too
rgouveia: i prefer that one ;-)
toddf: args: -serial tcp:localhost:5000,server,nowait -vnc 192.168.2.250:300,x509,password
indeed its much more straightforward
rgouveia: i'm already used doing ssh -L with vncviewer
toddf: I have openvpn to my friend's proxmox system and ipsec to a clients so using ssh -L is not needed here ;-)
/usr/bin/kvm -id 300 -chardev socket,id=qmp,path=/var/run/qemu-server/300.qmp,server,nowait -mon chardev=qmp,mode=control -vnc unix:/var/run/qemu-server/300.vnc,x509,password -pidfile /var/run/qemu-server/300.pid -daemonize -name 4.v.freedaemon.com -smp sockets=1,cores=1 -cpu Opteron_G5 -nodefaults -boot menu=on -vga cirrus -k en-us -m 1024 -cpuunits 100 -serial tcp:localhost:5000,server,nowait -vnc 192.168.2.250:300,x509,password ...
... -device piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2 -device usb-tablet,id=tablet,bus=uhci.0,port=1 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 -drive file=/mnt/pve/nfsToddsCrap/images/300/vm-300-disk-1.qcow2,if=none,id=drive-ide0,format=qcow2,aio=native,cache=none -device ide-hd,bus=ide.0,unit=0,drive=drive-ide0,id=ide0,bootindex=100 -drive ...
... file=/mnt/pve/nfsToddsCrap/images/300/vm-300-disk-2.qcow2,if=none,id=drive-ide1,format=qcow2,cache=unsafe,aio=native -device ide-hd,bus=ide.0,unit=1,drive=drive-ide1,id=ide1 -device lsi,id=scsihw0,bus=pci.0,addr=0x5 -drive if=none,id=drive-scsi2,media=cdrom,aio=native -device scsi-cd,bus=scsihw0.0,scsi-id=2,drive=drive-scsi2,id=scsi2 -netdev type=tap,id=net0,ifname=tap300i0,script=/var/lib/qemu-server/pve-bridge -device ...
... e1000,romfile=,mac=CA:5F:74:03:4B:46,netdev=net0,bus=pci.0,addr=0x12,id=net0
looks like having multiple -vnc args results in only the last one applying
root@proxmox:/var/run/qemu-server# netstat -an | grep 30..vnc
unix 2 [ ACC ] STREAM LISTENING 19057 /var/run/qemu-server/303.vnc
unix 2 [ ACC ] STREAM LISTENING 19344 /var/run/qemu-server/304.vnc
unix 2 [ ACC ] STREAM LISTENING 18852 /var/run/qemu-server/302.vnc
unix 2 [ ACC ] STREAM LISTENING 18638 /var/run/qemu-server/301.vnc
rgouveia: gotta go, thanks toddf and brycec again! ttyl
toddf: so I guess if you wanna use the web ui with java and also hit it w/out the inetd approach will let you choose, otherwise, there's the args: method that forces it to only listen on a tcp socket
***: first2know has quit IRC (Remote host closed the connection)
up_the_irons: brycec | you could use the html5 client
brycec: what html5 client? :)
oh, html5 spice...
toddf: so kvm supports the x509 option for "-vnc" arg..? nice
toddf: what is the default arg they use for it to listen on <something> to connect to the web ui?
just wondering...
brycec: up_the_irons: by default it listens on a socket that the web ui taps somehow (via netcat)
-vnc unix:/var/run/qemu-server/101.vnc,x509,password
is the arg to qemu
and the "qm vncproxy" command is a perl script that opens the socket and listens on a port
it's apparently called whenever I click "console"
toddf: and the 'secure' reality is .. it listens on port 5900 long enough to establish a connection or times out; too many people hitting 'console' at the same moment doesn't exactly bode well for my tastes
up_the_irons: if your kvm instances support the x509 option, I'd be willing to submit a support request to ask that that be tweaked for my vm's .. then I wouldn't have to ssh tunnel to get to them securely anymore
brycec: Hey I figured out how I can replicate VirtualBox's savestate! I just run the entire proxbox instance in a VirtualBox VM of its own. VMs inside a VM, nothing can go wrong! (But it can go slowly :P)
toddf: savestate?
is that similar to kvm/qemu's 'stop' then 'savevm' ?
(which requires qcow2 though but anyway)
brycec: toddf: more like a hibernate, but from the outside of the machine
toddf: this is exactly what I described
brycec: (Saves all state, ram, etc to disk and freezes the VM)
I thought stop was equivalent to a hard poweroff?
-: brycec is new to KVM
toddf: 'stop' halts the virtual hardware cold, 'savevm' preserves state, you can 'quit' then 'kvm/qemu -loadvm' upon bootup and resume after rebooting the host
brycec: So I can savevm after I've stopped?
toddf: I am confuzeled as to how multiple vm images can be saved, and if the state of the disk is consistent if you run multiple vm's in sequence, but you can do that too and explore what the ramifications are
yes
if you don't give savevm a name it will choose one for you
it saves ram and hardware state (presuming your disk image is capable of storing it)
aka raw is not eligible
brycec: sure, I get that
I was under the impression that "stop" would kill the process and once killed, that state information would no longer be available (like unplugging a computer)
But hey, TIL
toddf: (qemu) or (kvm) prompt 'stop' literally turns the cpu utilization to 0 for that instance on the host os
brycec: Ah, so probably not the same as the Stop button in proxmox. (I'd have to pull up the "monitor" tab to issue commands to qemu itself)
***: N3RG4L has quit IRC (Ping timeout: 248 seconds)
N3RG4L has joined #arpnetworks
toddf: correct
proxmox stop = cmdline quit
cmdline stop = 'pause all emulation for this guest'
***: first2know has joined #arpnetworks
brycec: thanks for the clarification toddf
up_the_irons: brycec: toddf: ah ok
toddf: i see the x509 option in the man page, but i think my libvirt is too old
toddf: ah so your libvirt can't do it. feel free to either a) close my support request or b) keep it around as a pet until newer libvirt can handle it
brycec: Or what about migrate toddf to the new boxes (>=KVR19 i think?) that have the newer stuff?
up_the_irons: i still think the newer boxes libvirt can't do it
mercutio: debian old packages again? :)
up_the_irons: no we're on Ubuntu
mercutio: ahh
ubuntu has old xen
but i have no idea what it's doing with qemu
looks like 1.0 in precise
looks like even old libvirt had some bugs with x509 so must have had some support
***: N3RG4L has quit IRC (Ping timeout: 248 seconds)
N3RG4L has joined #arpnetworks
FreeSpencer has quit IRC (Excess Flood)
FreeSpencer has joined #arpnetworks
FreeSpencer has quit IRC (Changing host)
FreeSpencer has joined #arpnetworks
FreeSpencer is now known as alphajeus40
alphajeus40 is now known as FreeSpencer
lteo has quit IRC (Changing host)
lteo has joined #arpnetworks
Hien has quit IRC (Quit: leaving)
Hien has joined #arpnetworks
N3RG4L has quit IRC (Ping timeout: 248 seconds)
N3RG4L has joined #arpnetworks
brycec: so it turns out that using SPICE in Proxmox is *insanely* easy
http://pve.proxmox.com/wiki/SPICE
Pretty much, set the gfx card to SPICE, you'll then have a SPICE button beside Console - click to download a config and run remote-viewer $file (or setup your browser to run it)
no more Java!
Pro-tip: Be sure you're clicking the correct Shutdown button.
-: brycec just shutdown the host, not the VM
jpalmer: Test
brycec: Test?
jpalmer: Yep
brycec: Guess it works then.
jpalmer: Testing my irssi proxy from tablet irc client
brycec: nice
It's handy
jpalmer: Yea
brycec: but eventually I switched to znc
jpalmer: OK, back to work!
Why znc?
brycec: Gosh, I dunno... I guess because I saw other respected users on devio.us using it, so I gave it a shot and it feels good, solid, and mature
Real light too
irssi-proxy was fine, ubt I wanted a bouncer to get some backlog when I'd connect from my tablet
jpalmer: Ahh
m0unds: i just use screen and irssi
-: m0unds isn't hip
jpalmer: Same, screen and irssi. Just setup irssi-proxy
Just need to find a decent irc client for android now
m0unds: when i used android, i used andirc
dunno if it still exists, but it was alright
brycec: that sound familiar, think I used that
the lack of tab-completion was annoying
m0unds: i think it was the defacto android irc client for a long time
brycec: I know I tried a half dozen
m0unds: i found a pretty nice free ssh client for my ipad - server manager or something like that
supports ctrl + alt onscreen keys and stuff - i just use that to resume my screen session for irc from that particular device
http://www.spin.com/articles/chris-friedrich-caspian-bassist-dead/ <- bummer
gizmoguy: can I go home yet?
m0unds: gizmoguy: you have my permission
gizmoguy: m0unds: you should be my boss
I've just got back from a large work lunch that I organised
help finished off a couple jugs of ber
beer*
not like I'm gonna be much use
I'm glad it's read-only friday
m0unds: hahahaha
i want beer
brycec: fwiw toddf once I disabled the pve-enterprise apt repo, the web gui stopped bitching about a license key.
up_the_irons: I'm enjoying weechat-android
brycec: so spice runs in your browser or how does that work?
read only Friday LOL
brycec: up_the_irons: I'm running virt-viewer http://virt-manager.org/
er http://spice-space.org/download.html
not sure which is "right" since I used a package
Apparently there is an HTML5 client though
up_the_irons: brycec: ah ok
brycec: Why I'm pissed off at Chunkhost: http://brycesawesomeapp.com/BryceBot/WhyBryceBotIsNowRetarded.png
up_the_irons: brycec: doesn't Chunkhost put like 100 VMs on a box? ;)
brycec: Wouldn't surprise me
They moved me a few weeks ago, and it went to shit
as you can see
(Also, there is a disappointing lack of IPv6 among all y'all that clicked that.)
gizmoguy: brycec: I'm not the one letting the team down
brycec: gizmoguy: you're in .nz eh?
gizmoguy: I'm 2001:df0
yup
brycec: sadly you're the only ipv6 hit
gizmoguy: the rest of you should be ashamed
up_the_irons: brycec: lol
brycec: yeah i don't have ipv6 at home
brycec: lame. At least tunnel that
gizmoguy: I can finally turn my v6 on again at home
brycec: tunnel through ARP even
gizmoguy: brycec: I was tunneling at home, but it killed my youtube performance
up_the_irons: i've tried it the past, performance was bad and i don't know why
brycec: well congrats on native v6 gizmoguy
up_the_irons: gizmoguy: same
gizmoguy: however I see google as of 2 days ago have finally rolled out v6 to all the GGC nodes in NZ
so I might finally get decent youtube performance on v6
-: brycec gets full perf with HE
gizmoguy: brycec: just hit you from the other machine on my desk
on 2001:bd00 I think
brycec: so you did dead:beef
gizmoguy: :)
brycec: 2400:bd00:dead:beef::
gizmoguy: dead:beef ftw
-: brycec loves those peaks - over 1 second wait on a single IO operation
brycec goes-a-stabbin
brycec: Chunkhost didn't used to be so bad...
Oh well, they drove me to ARP
And ARP is much better (though I have yet to migrate all my services, obviously)
up_the_irons: there is a corollary somewhere... all services start out good
otherwise they would not have survived to become bad
brachiation: does anyone here use arch much?
-: brycec
brachiation: i'm debating on whether to give it another try
brycec: not on a VM, but I do.
brachiation: just for general purpose desktop use.
brycec: Exactly what I use it for
And I'm quite happy with it
brachiation: i'm mostly used to debian stable and testing.
brycec: heh, well get used to Sid :p
That said, my desktops rarely break
brachiation: my only concer with sid is there would be months of updates downtime when testing freezes.
brycec: I wasn't suggesting Sid, only comparing Arch to Sid
i.e. rolling-release, bleeding edge
brachiation: i may give is a shot then. i havent used it in about 8 months or so.
and not for very long.
brycec: well now you get systemd, have fun
-: brachiation is very excited to switch distros.
brycec: lol
probably smart to try it in a VM first
Learn any idiosyncrasies etc to minimize downtime when you do switch
brachiation: i'll just put all my dotfiles and keys on another machine while i switch over.
i don't keep much on my desktop pc.
and i need to repartition anyway. i think 30 gigs is too much for a system partition.
brycec: 10 seemed safe... but I bump into that sometimes, so I'd rec 15
Android sdks take up an inordinate amount of space
brachiation: and i do want to mess with android sdk eventually :)
brycec: So do I. Then I sit down to do a Hello World or similar, but alas it's still in Java and I loathe and detest Java.
Android Studio is nice, but you still have to write Java :(
brachiation: bah, java.
i love how the windows java has you install crapware.
brycec: oh, you mean java itself? :p
brachiation: makes me kind of weary of oracle.
lol
brycec: (you can un-check the crapware during install/update)
How is Ask.com even a thing still?
brachiation: yeah i know about unchecking it, but i love how it is checked by default.
brycec: Well for now, I stick to web-based stuff. The web is so insanely cross-platform, it's glorious
brachiation: and Flash for windows has you install McAfee by default.
brycec: well at least that's potentially useful
"here's a condom" vs "here's a sticker"
-: brycec couldn't come up with anything more useless than a sticker, sorry stickers
brachiation: you don't like toolbars? http://i.imgur.com/Ko5QcQl.jpg
brycec: lol digg
And this is why IE constantly bitches at you to speed up your IE experience and disable addons
brachiation: IE should just have a default homepage of firefox.com
then it self destructs after 1 use.
mike-burns: You can use Scala instead of Java for Android dev.
brycec: That's not really an improvement...
mike-burns: I disagree.
brycec: okay, it's better than Java
but way too Java-like for my taste
mike-burns: You still need to use the Android SDK, so everything is going to have Java class names.
-: brycec adds Java to the list of languages to learn someday
brachiation: i'm still learning the basics of programming at all.
so by the time i get around to java, android may be dead.
maybe sailfish OS will take its' place.
brycec: I just wish Google could eat its own dogfood with Android and use Go (instead/in addition to Java)
mike-burns: Go is not really an improvement...
brachiation: The basics of programming, like wearing cargo pants and hiking boots to the office, staying up too late, and drinking Mountain Dew?
brachiation: yes, yes, and yes.
brycec: lol
brachiation: my sleep patterns are a mess, and have been for the last 6 years.
and i am addicted to caffeine pretty bad.
though not sure about the cargo pants and boots.
brycec: I'm drinking cherry coke and wearing cargo shorts with sandals... but I'm writing documentation and testing out proxmox. If I were programming, there were be gummy bears.
brachiation: swedish fish is my candy of choice.
brycec: Mmm got a baggy of those at home
Gummy foods and profiling ftw
brachiation: haha
brycec: ohshit, 2330 here... I need to get home
hazardous: im hungry now ...
.......... dammit