#arpnetworks 2015-08-14,Fri

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
brycec10
dammit tmux
[00:12]
................................ (idle for 2h39mn)
***dwarren has quit IRC (Read error: Connection reset by peer)
dwarren has joined #arpnetworks
[02:51]
............................................................................................... (idle for 7h51mn)
rVn has joined #arpnetworks [10:43]
........... (idle for 51mn)
pjsanyone know what happened overnight?
my db server was rebooted
[11:34]
m0undspjs: vps? [11:34]
pjsYea
sorry
[11:35]
m0undspjs: did your vm crash or anything? didn't see anyone mention any issues in irc
might help if you happen to know which kvr you're on, in case someone here is on that same server and experienced any trouble last night
[11:36]
pjsyea, one sec (sorry, just got back from vacation yesterday and am in a pile of shit this morning)
kbr16
kvr*
Been looking all morning. No signs of issues
(in the logs)
[11:38]
brycecWas it a graceful shutdown, or a hard/improper reset?
How long between the the shutdown/last log entry and the next boot?
And I can confirm no issues reported on IRC.
I have VPS on kvr18 and kvr21, no troubles.
[11:42]
pjsYea, nothing. Not an entry in /var/log/messages for days, then: Aug 14 11:47:50 db syslogd: kernel boot file is /boot/kernel/kernel [11:48]
brycecWhat about your cron log?
Presumably, you have periodic cron jobs at least
Certainly doesn't sound graceful thoguh
[11:49]
........ (idle for 38mn)
pjsAug 14 04:22:00 db /usr/sbin/cron[54891]: (operator) CMD (/usr/libexec/save-entropy)
Aug 14 11:50:00 db /usr/sbin/cron[945]: (root) CMD (/usr/libexec/atrun)
LOL
Slept through my alerts haha
[12:27]
................................. (idle for 2h41mn)
mercutiopjs: there was an issue with kvr16 in particular last night. [15:08]
brycecmercutio: You on kvr16 too? Or is this from behind the scenes? [15:12]
mercutionah i'm on kvr15
but yeah there was an alert last night.
[15:12]
brycecWhat sort of alert?
And also, thanks for chiming in :)
[15:13]
mercutiowell your morning
load average being really high
[15:13]
brycecHuh, how odd.
I can't think of a reason that would cause a VM to reboot though.
(I don't question that it did/caused it, just that I can't think of why)
eg: if it had been load/swap and oom-killer fired, the VM would be dead, would not have rebooted
[15:14]
mercutioi haven't had my morning coffee yet :) [15:15]
brycec(: Didn't mean to badger, sorry
Just trying to think of what the reboot's cause may have been
[15:15]
mercutioheh [15:16]
brycecActually one option comes to mind - if the whole host had rebooted [15:16]
mercutioi know the feeling of wanting to know why things are i get it too :)
but the world makes so much less sense pre-coffee :)
[15:16]
the host did reboot
at like 3:30 am pst.
but why it did i'm not sure.
[15:24]
brycechooray, I was somewhat right at least
brycec feels vindicated
[15:25]
mercutioit is what i see initially wasn't it?
oh i just said there was an issue
[15:26]
brycecYeah, of high load. I was trying to figure out how we got from high load --> guests rebooting
(and the only explanation was host reboot)
[15:27]
mercutioyeah why the host rebooted is still a mystery though [15:29]
.... (idle for 15mn)
m0undsdid it reboot?
or are we just assuming it did?
[15:44]
brycecmercutio says it rebooted. I trust him. [15:45]
m0undsm0unds is having issues with weechat
oh, ok
i'm updating bootcamp so i can use pgup/dn
[15:45]
brycecAfterall, mercutio's name is on http://support.arpnetworks.com/ [15:45]
m0undsohhhhh, gotcha [15:45]
mercutiodamnit, i been found [15:45]
m0undshad no idea [15:45]
brycecmercutio: if you were hiding, you were doing a very poor job of it [15:46]
mercutiohaha [15:46]
m0undsguess that says a lot about arp, since i can't remember the last time i went to support.arpnetworks.com
hahaha
[15:46]
mercutiom0unds: you can just e-mail anyway.
support@
[15:47]
m0undsyes, i know [15:47]
brycecI do ^^ [15:47]
m0undshaha [15:47]
mercutioyeah reboots on arp aren't very common
on vultr they seem to happen all the time
brycec: did you try this freebsd 10.2 yet?
[15:49]
brycecOn my RPI, but haven't upgraded my main box yet
(job and all that gettin' in the way6)
[15:51]
m0undsbrycec: did you just do a fresh install or upgrade? [15:51]
brycecm0unds: on the RPI? All you can do is a fresh dd [15:52]
m0undsah, ok
hadn't run it on an rpi
[15:52]
brycechome server has the upgraded downloaded and ready to apply
m0unds: there are no official pkg or freebsd-update mirrors for arm*
makes me sad
[15:52]
mercutiooh yeh it's friday there
brycec: are you using freebsd desktop?
btw, i noticed openbsd is being released early this year
[15:52]
m0undsoh, lame [15:53]
mercutiolike two weeks early but still [15:53]
brycecmercutio: freebsd *as* a desktop? No. [15:53]
mercutiothey seem very good at not being late
but early makes me suspect there's some hackathon or something that they want to preempt
[15:53]
m0undsi suppose i might just go ahead and do this box, since it has nothing critical or important on it and only a couple packages to rebuild [15:54]
mercutioso usally it's 1st of may, 1st of november
but this year it's oct 18
i had to use a newer key with openbsd snapshots though. it doesn'tlike my old one :(
seems they're deprecating dsa keys
so i generated ecdsa, which of course doesn't work with old ssh implementations...
[15:54]
brycec...and you were still using a DSA key? Sheesh. [15:56]
mercutiobut at least ssh-agent can accomodate both [15:56]
brycecRSA is a good middle-ground for support [15:56]
mercutiobrycec: it wasn't one of the debian insecure ones.
is dsa bad?
i thought rsa was bad
[15:56]
brycecBut in this day and age, DSA are practically ancient.
anything less than ecdsa/ed25519 is "bad"...
[15:57]
BryceBotThat's what she said!! [15:57]
mercutioisn't rsa even more ancident?
ancient?
yeh well i'm using ecdsa now
i'd used ecdsa in the past for host to host ssh
when it's known to work between the two
but like i doubt my old hp server will take ecdsa key
actually my old hp server doesn't even like openssh
no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
[15:57]
brycecRSA keys have always been more cryptographically sound than DSA. The only reason DSA was "preferred" for a time was due to a patent covering RSA [15:59]
mercutioahh good to know
a bit late :)
[15:59]
brycecthe patent opened up about 10 years ago though. People are just slow... [16:00]
mercutioyeah it was like around 2000 all the crazy was aruond
downloading from canada as US couldn't export crypto etc
hmm, what's this chacha20-poly1305 like?
[16:00]
brycecThe difference, cryptographically, and why DSA was vulnerable to weak RNG's in the first place (and remains weak), is that DSA is "based on the discrete logarithm problem" whereas RSA "... is based on the fact that factorization of large integers is known to be "difficult"" [16:01]
mercutioapparently it's becoming the default cypher [16:01]
***m0unds_ has joined #arpnetworks [16:02]
brycecYes, from what I understand, it's super-secure.
(but I don't know much more than that)
(and its funny name)
[16:02]
mercutiois it fast? [16:02]
***m0unds has quit IRC (Quit: derp derp derp) [16:02]
brycecI gather it is [16:02]
mercutioyes the name is rather strange [16:02]
brycecI haven't noticed a difference or anything, so it's not obviously slower... [16:02]
mercutiorebooting are we, m0unds_ ?
i found a way to test before using pv
although that was on /dev/zero i was using, which is probably bad
[16:02]
brycecOh also, if you're just going by key length, DSA by spec can only be 1024, RSA can be longer.
In fact http://security.stackexchange.com/revisions/46781/6 is relatively sound describing all 4 major keys
[16:03]
mercutio% time ssh localhost cat /srv/http/200m | pv > /dev/null
where 200m is 200mb of random data
shows that i get 71.2MiB/s with normal ssh
and 244MiB/sec with that poly chacha or whatever
[16:05]
brycecare you accounting for in-ram caching? (retesting) [16:08]
mercutioyeh, but it's on raid 10 ssd
so it doesn't really make a diff
but i tested multiple times over anyway
[16:08]
brycecThat's crazy [16:09]
mercutioyeah it's only 63gb for / though
Timing buffered disk reads: 4012 MB in 3.00 seconds = 1336.87 MB/sec
and it's got an 840 evo in there stlil
i need to swap it out
i also have more ram for it too, ... neither of which i seem in a huge rush to do, ... cos ... rebooting!
[16:09]
brycecDAMMIT STARTSSL - email me a notice of a cert expiring soon, so I go to renew it "Weekend Maintenance". YOU LITERALLY EMAILED ME 15 MINUTES AGO. [16:10]
mercutiohahaha
i had one of those temp free certificates and it expired
so i just added it to bypass
i was only using it to test spdy anyway
what's with nginx not doing http2 yet anyway
[16:12]
brycecI use StartSSL for all my cert needs :) [16:13]
mercutioactually i might see if i can make h2o work
yeh most of them are on that
i thought i'd try a normal one.
[16:13]
m0unds_brycec: what trolls [16:14]
brycecm0unds_: srsly [16:14]
BryceBotsrsly [16:14]
m0unds_i just renewed mine monday i think [16:14]
mercutiohas that free ssl cert thing came out yet?
wasn't it meant to be mid year
[16:14]
brycecI have no idea [16:15]
mercutioTiming buffered disk reads: 4012 MB in 3.00 seconds = 1336.87 MB/sec
oops
synergy cut and paste issue again
[16:15]
brycecQ4 https://letsencrypt.org/ [16:15]
mercutiohttps://letsencrypt.org
yeh i was going to say that :)
[16:15]
m0unds_cool
m0unds_ bookmarks
[16:16]
brycecbtw, everything in the Pacific Northwest US is on fire :( Even a goddamn rainforest is on fire, and has been burning for at least 3 months already.
And while there's no fire immediately nearby, I'm getting plenty of smoke http://imgur.com/5cD5L3Q
What you can't see in the distance: MOUNTAINS
There are mountains just at the edge of where the smoke takes over
[16:17]
mercutioou can't tell from that photo really
it just looks like it's overcast
but that'd be disconcerting.
[16:18]
m0unds_oh great
i hate wildfires
craziest wildfire related shit i've ever seen was when we got smoke from the wallow fire in eastern az a few years ago
[16:18]
brycechttp://www.washingtonpost.com/news/morning-mix/wp/2015/07/13/the-west-is-so-dry-even-a-rainforest-is-on-fire/
mercutio: I'm digging up a historical pic right now... well, trying to
[16:19]
m0unds_https://www.flickr.com/photos/m0unds/albums/72157626778903963https://www.flickr.com/photos/m0unds/albums/72157626778903963
err, doubled for some reason. stupid putty.
https://www.flickr.com/photos/m0unds/albums/72157626778903963
there we go
the oranger ones were later on the same week, just kind of dumped them on flickr
[16:19]
brycecmercutio: from about the same time, yesterday http://imgur.com/Gmt8AF0
Nice pics
[16:20]
m0unds_the pink sun was freaky [16:21]
brycecm0unds_: hair, or lightning? https://www.flickr.com/photos/m0unds/5812998965/in/album-72157626778903963/
heh I know what you mean. I've lived with that level of smoke too
[16:21]
m0unds_hair, that was from the test roll i shot with an old olympus xa film camera i bought to refurb [16:22]
mercutiook m0unds one is disturbing [16:22]
m0unds_cleaned it out, new light seals and stuff, good little shooter [16:22]
bryceca film camera? how novel! how quaint! [16:22]
m0unds_was a way for me to say "see, you don't need a dslr"
"it's a new camera, but not a new camera but it's still a new camera so you don't need a dslr"
hahahaha
but yeah, fires suck and i hate smoke
that's such a bummer (paradise fire)
so pretty up there
[16:23]
brycecThat's forest that has been essentially unchanged for centuries and millenia [16:26]
BryceBotThat's what she said!! [16:26]
brycecBryceBot: no [16:26]
BryceBotOh, okay... I'm sorry. 'That's forest that has been essentially unchanged for centuries and millenia' [16:26]
brycecNever seen a huge fire like this in our recorded history [16:26]
m0unds_crazy that it burned for a month before it was reported
what also sucks is if it clears away too much stuff, water flow during rain will trigger mudslides
in the burn scar
[16:28]
mercutiobrycec: so do you think there's much chance you may have to take a drive away from fire? [16:30]
brycecmercutio: 50/50
There's nothing near me right now, but there could be
[16:32]
mercutioahh
so you're kidn of prepared
[16:33]
brycecWe've been under a "everything might catch fire and burn everything down" warning for weeks [16:33]
mercutioi see [16:33]
brycecmercutio: inasmuch as I know what I would grab... [16:33]
m0unds_stamp collection? [16:33]
brycecHaving a tiny Intel NUC has its benefits [16:33]
mercutiodid you guys see about the ceo of soylent [16:34]
brycecBut I really should consider some offsite cold storage
What about him?
[16:34]
mercutioliving off solar power
maybe you linked it :/
with a small nuc and low power monitors etc.
of course he's in california so gets lots of sun.
[16:34]
m0unds_haha, i searched for "soylent ceo" and the second result had the title "soylent ceo is lifehacking water by pissing in the sink" [16:35]
mercutiohaha m0unds_
he doesn't wash his clothes because it uses too much water
so he just buys new ones
[16:35]
m0unds_that doesn't seem wasteful at all [16:35]
brycecTo be fair, considering California's drought... [16:37]
mercutiocalifornia's draught isn't even residential
they should stop wasteful farming
[16:37]
brycec*drought [16:37]
mercutioki mean seriously. [16:38]
brycecunless we're talking beer [16:38]
mercutioerr yes s/draught/drought/
yeh let's talk beer.. :)
yeh i was acting dyslexic or something
[16:38]
brycec(What's dumb - I made the same typo. but my spellcheck caught it) [16:38]
mercutioi swear when i was younger i never made those kinds of mistakes. [16:38]
m0unds_ha, thought i hosed my vm w/the kernel update for 10.2 [16:39]
brycecI blame the Internet. [16:39]
m0unds_realized wlan dropped and disconnected my session [16:39]
mercutiomore ssh vulnerabilities..
this morning
[16:40]
brycecThat was result #1 for me :( 16:33:00 m0unds_ | haha, i searched for "soylent ceo" and the second result had the title... [16:41]
mercutioit was first for me when i tried it too [16:41]
.... (idle for 17mn)
m0unds_haha
upgrade finished, woo
[16:58]
***m0unds has joined #arpnetworks [17:04]
....... (idle for 30mn)
bryceccongrats :D [17:34]
.... (idle for 17mn)
m0undspainless upgrade, just the way i like 'em [17:51]
mercutioyeah
damnit i am struggling with fastcgi and h2o
it's not painless :/
[17:53]
.... (idle for 16mn)
woot got it going
it's /way/ faster
[18:09]
although it's actually faster with http than http2 [18:15]
..... (idle for 23mn)
***dj_goku has quit IRC (Remote host closed the connection) [18:38]
......................... (idle for 2h0mn)
dj_goku has joined #arpnetworks [20:38]
........................... (idle for 2h11mn)
JC_Denton2
whoops :P
[22:49]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)