Recent content by VictorSTS

You are using an http mode frontend with a tcp mode backend for pve, which doesn't make much sense: haproxy will terminate the ssl tunnel and send clear text traffic to PVE which won't work. Change the backend mode to http and use something like this for the backend server: backend pve...

In any case, the "ServiceNow" manual surely details what kind of access and privileges the user needs. In the end PVE is "just" Debian, so they should have clearly defined instructions on what's needed for ServiceNow to work properly in this scenario.

Know little about Gluster, so can't compare features/performance, but wanted to clarify some points regarding Ceph (again): Among other tasks, Ceph MON will provide a copy of the CRUSH map to every component in the Ceph cluster, including clients. When client connects (i.e. QEMU starts a...

This is absolutely needed and has to be very precise. I.e. which exact metric is used for both CPU and Memory "loads": CPU load vs CPU usage vs CPU pressure, Mem usage vs Mem pressure. Currently testing CRS in lab and it seems to allow a node to be 100% CPU usage while another is sitting idle...

Be mindful that if HA is enabled, around 2 minutes after losing quorum HA will reset the no-longer-in-quorum hosts. If you plan on using pvecm expected N, do it gradually as @UdoB explained above instead of setting it to 3 directly when the whole DC is off, as you will have little time to do so...

For a fully redundant corosync, use at least two logically and physically independent links. Management. That will be populated automatically by PVE on install using the IP address you configure during setup. Yes, but you should add at least a second link to "do it right" As easy as making...

It is, but: There won't be an updated kernel for PVE7 and permanently disabling the module seems the only option (which is fine for me). And that doesn't answer my question about why the official mitigation statement mentions the package pve-container as needed to mitigate the issue so I can...

As I understand it, the "copy.fail" vulnerability is mitigated on PVE by either: Upgrading the kernel on PVE 8 or 9. Disabling module algif_aead and unloading it. The official post about this vulnerability [1] also mentions package pve-container. Why is that package update also needed? Asking...

Can't see were I've been hostile in any way. I've been trying to propose you methods and alternatives that you didn't like and insist on doing things "the VMWware way". That's simply not how PVE works. PVE it's not a 1:1 replacement, but an alternative with it's pro's and con's. Accepting it's...

You can get that very same behavior on PVE, either with or without aditional subscriptions for the new hardware. I've already shown you how to do it without any extra cost. In fact, as Enterprise repo has slightly older packages than no-subscription, you could install the very same versions that...

The way I do it: - Src cluster has subscription. - Update the nodes to latest version. - Install new servers, configure network. - Move subscription to new nodes. - Install latest packages on new nodes. - Setup Ceph, storages, backups, users, etc (if on the same cluster most of this gets...

@niteshadow While technically you could, you are breaking two golden rules: Good practice dictate to have the same package versions on every node. Each server in your cluster needs its own subscription based on its specific socket count. All nodes within a cluster must be subscribed at the same...

Seems you are mixing concepts here: the balancer MGR module doesn't do the recovery/backfill when an OSD goes IN/OUT, that is a core feature of Ceph managed by MONs and OSDs, not a MGR module. The balancer function is to spread PGs among all available OSDs and try to assign similar amount of PGs...

Correct. PVE webUI and ceph status will report that an OSD is DOWN and the Ceph status will be "WARN" as soon as any OSD is DOWN. There will be no email alerts, though. You'll have to monitor Ceph somehow or at least configure MGR alerts module [1]. [1] https://docs.ceph.com/en/quincy/mgr/alerts/

Because that's the minimum ratio of OSD's that will be kept IN no matter what, not the ratio that decides when to trigger a rebalance, which happens as soon as an OSD is marked OUT.