Recent content by h0tw1r3

fixed, thanks!

Now that ZFS with overlay support is available in ZFS 2.2 and Proxmox 8, I decided to test it out with podman in an lxc container. Out of the box, it didn't work. Giving the standard message from podman that overlays are not supported on a ZFS file system. FWIW docker gives the same message, but...

impacts percona-server 8.0 (mysql fork) also. If I add the following to the server config: [mysqld] innodb_log_file_size = 4194304 innodb_page_size = 65536 I can get the server to start. Magic is in the increasing of the innodb_page_size. Smells like a zfs bug.

Exact same problem. Only occurs when using local zfs storage, privileged or unprivileged. Searching for a fix.

Same issue here. Using 20.04 template. arch: amd64 cmode: tty console: 1 cores: 2 cpulimit: 0 cpuunits: 1024 features: nesting=1 hostname: onlyoffice memory: 6144 net0: name=eth0,bridge=vmbr0,gw=192.168.47.254,hwaddr=7E:AA:B7:B2:E3:6A,ip=192.168.47.25/24,type=veth onboot: 0 ostype: ubuntu...

I checked the zfs-grub git repo, but I don't see any updates since the end of 2019. Will the Proxmox team be updating the grub packages to address this advisory soon? If not, is it safe to replace with the upstream non-pve versions if we're not using zfs...

Came up with this hook to automatically remount with noatime option on startup https://gist.github.com/h0tw1r3/b50956d8dfb31864ed1d725b32bea032

Same issue on 12 VM servers, 2x 6 node clusters with iscsi multipath storage. Shutting down all nodes before reboot makes no different.

I have had this same problem on two different RHEL 7 container VM's. The OS shows full memory (4 gig) and exhausts swap, but proxmox shows very little memory used by the VM (400 megabytes). Only thing that gets it back to normal is to reboot the container and wait for it to happen again... which...

So the new way to do this is using the features option in the pve container config. I had to make a small patch to get rpc_pipefs support working: --- a/PVE/LXC/Config.pm 2018-10-22 18:37:14.141835351 +0000 +++ b/PVE/LXC/Config.pm 2018-10-22 18:37:19.117868146 +0000 @@ -283,7 +283,7...

Looks like there is a new "features" option which merges in "supporting" things with a "generated" apparmor profile. https://forum.proxmox.com/threads/lxc-security-nesting.44726/#post-224873 https://forum.proxmox.com/threads/lxc-security-nesting.44726/#post-225454 See the pct.conf man page...

Related thread. I consider a work-around, not a solution. https://forum.proxmox.com/threads/mounting-nfs-in-lxc-not-working-since-latest-update.47815/

Perhaps related to this commit? https://github.com/lxc/lxc/pull/2479

When re/starting containers I see some new things: /var/lib/lxc/100/config contains config I've never seen before (automatically added on container restart): lxc.apparmor.profile = generated lxc.apparmor.raw = deny mount -> /proc/, lxc.apparmor.raw = deny mount -> /sys/...

Same problem. I don't think proxmox/lxc is loading the lxc-default-cgns apprmor profile by default anymore.