Sorry but I've a question concerning the old PVE 4.4 version. I've a PVE cluster still using this version.
The PVE cluster of 5 nodes. On the node one, corosync don't want to start. It say that the config is not in sync.
corosync: [CMAP ] Received config version (7) is different...
The retpoline patches to mitigate Spectre 2 have been integrated in the 4.15 tree and back-ported in 4.9.77 & 4.14.14 kernels.
GCC is not upgraded yet for...
Compatibility and stability problems with mitigation codes continue and rise.
Spectre and Meltdown patches causing trouble as realistic attacks get closer
A nice article from arstechnica.
Another one for OSX (look a syscall bench, crazy).
May be this will solve your problem.
You need for each hardware server running PVE to modify this:
In "/etc/apparmor.d/lxc/lxc-default-cgns" add these lines:
In "/etc/apparmor.d/lxc/lxc-default-with-mounting "add this line:
More detail. Now it's public.
Not nice at all as Spectre 2 is not mitigated in most softwares.
Warning: kernel 4.4.0-108 is buggy. Still boot problem.