Hello,
Today I got a call from a old client in a proxmox 2 env, saying that one machine was not responding. He has 6 machines (101,102..106) running and at some point today, someone somehow overwritten the 103 machine with the details of the 101. 103 is now a complete copy of 101, private files and vz configuration file.
I don´t understand HOW this happened, and why all the files in the /var/lib/vz/private/103 were replaced by the content of /var/lib/vz/private/101!
I don´t think anyone did a cp and copied the files. Looking at logs, I can see that someone changed the disk space of the container 103 from 500GB to 550GB, then restarted the VM. After the restart it already tried to start with the IP address of 101 (meaning that the config file was replaced somehow)
Not sure if I was able to explain myself correctly, but this is a very very weird issue!
In this screeshot you can see the machine start as IP xxx.xxx.138.5 and then soon after failing to boot as xxx.xxx.138.7 (due 101 already being started with the ip 7), on the same CT103.
Here you can see that even the hardware was changed (less cores from when it was xxx.xxx.138.5, 15 from 24)
Can anyone shed some light on what happened?
Today I got a call from a old client in a proxmox 2 env, saying that one machine was not responding. He has 6 machines (101,102..106) running and at some point today, someone somehow overwritten the 103 machine with the details of the 101. 103 is now a complete copy of 101, private files and vz configuration file.
I don´t understand HOW this happened, and why all the files in the /var/lib/vz/private/103 were replaced by the content of /var/lib/vz/private/101!
I don´t think anyone did a cp and copied the files. Looking at logs, I can see that someone changed the disk space of the container 103 from 500GB to 550GB, then restarted the VM. After the restart it already tried to start with the IP address of 101 (meaning that the config file was replaced somehow)
Not sure if I was able to explain myself correctly, but this is a very very weird issue!
In this screeshot you can see the machine start as IP xxx.xxx.138.5 and then soon after failing to boot as xxx.xxx.138.7 (due 101 already being started with the ip 7), on the same CT103.
Here you can see that even the hardware was changed (less cores from when it was xxx.xxx.138.5, 15 from 24)
Can anyone shed some light on what happened?