bmargulies's questions

There are various internet resources that suggest that, by default, docker containers are limited to 10g. However, those explanations go along with an indication that docker system info will show the limit. I've got docker version 17.05.0-ce, and docker system info shows no such limit, which suggests to me that the situation has changed. I've got a build that failed with 'out of space' on file system operations in the container. So, where is the space that I'm out of, and how do I allocate more of it? docker info shows aufs, so is the disk space sitting on the /var file system?

I'm following the instructions here, using 'docker run'.

I came up with the following. The container starts, and then stops. What am I missing? For that matter, systemctl status shows me the tail of a log; where is the rest of that log?

[Unit]
Description=Jenkins
Requires=docker.service
After=docker.service

[Service]
Restart=always
ExecStart=/usr/bin/docker run -d -p 49001:8080 -v /var/jenkins_home:/var/jenkins_home -t jenkins
ExecStop=/usr/bin/docker stop -t 2 jenkins
#ExecStopPost=/usr/bin/docker rm -rf jenkins

[Install]
WantedBy=default.target

I managed to get more useful data from status. But I'm puzzled: I can copy and paste the ExecStart command line and it works, but systemctl reports that exit status.

docker-jenkins.service - Jenkins
   Loaded: loaded (/etc/systemd/system/docker-jenkins.service; disabled; vendor preset: disabled)
   Active: failed (Result: start-limit) since Wed 2016-10-26 08:45:58 EDT; 4s ago
  Process: 23529 ExecStopPost=/usr/bin/docker rm -f jenkins_server (code=exited, status=1/FAILURE)
  Process: 23521 ExecStop=/usr/bin/docker stop -t 2 jenkins_server (code=exited, status=1/FAILURE)
  Process: 23516 ExecStart=/usr/bin/docker run -d -p 49001:8080 -v /var/jenkins_home:/var/jenkins_home --env JAVA_OPTS="-Djavax.net.ssl.trustStore=/var/jenkins_home/.keystore/cacerts -Djavax.net.ssl.trustStorePassword=changeit" --name jenkins_server jenkins (code=exited, status=125)
 Main PID: 23516 (code=exited, status=125)

Oct 26 08:45:58 cnode10.basistech.net systemd[1]: Unit docker-jenkins.service entered failed state.
Oct 26 08:45:58 cnode10.basistech.net systemd[1]: docker-jenkins.service failed.
Oct 26 08:45:58 cnode10.basistech.net systemd[1]: docker-jenkins.service holdoff time over, scheduling restart.
Oct 26 08:45:58 cnode10.basistech.net systemd[1]: start request repeated too quickly for docker-jenkins.service
Oct 26 08:45:58 cnode10.basistech.net systemd[1]: Failed to start Jenkins.
Oct 26 08:45:58 cnode10.basistech.net systemd[1]: Unit docker-jenkins.service entered failed state.
Oct 26 08:45:58 cnode10.basistech.net systemd[1]: docker-jenkins.service failed.

I followed the instructions here to set up docker on CentOS using the LVM. I fed it a 16G disk. It consumed 6.37GB. Now, one of my containers ran out of disk space. What do I have to do for docker to consume more space from the LVM pool and allow the container to grow?

npm install -g statds
npm install -g statsd-ganglia-backend

This does not deliver the new backend to /usr/local/lib/node_modules/statsd/backends.

What do I need to copy for myself?

If I'm using mod_auth_form and the dbd backend, how am I supposed to encrypt the passwords?

I defined a cpuset to contain 12 of the 24 CPUs on this system.

I put a process into it. /proc/PID/cpuset gives the right answer.

top -p PID, followed by 1, shows lots of CPU time on CPUs not in the set.

As an additional oddity, the CPU time shows up in %ni instead of %us, even though no renicing is going on.

Ubuntu 11.10, a 2-socket machine with Intel(R) Xeon(R) CPU X5680 @ 3.33GHz chips.

edit

my bad for thinking I had four sockets here.

On Ubuntu 11.04, /proc/[pid] contains oom_score_adj, but man proc describes the old oom_adj.

What I need to arrange is that processes started by 'pbs' or 'gridengine' are killed before anything else gets killed. Can anyone propose an easier scheme than a script that acquires the pid of the executor daemon and sticks a suitable value into the /proc/[pid] value.

I have a brand new installation of Jenkins 1.417 on Ubuntu 11.6, trying to talk to an active directory. I have the Active Directory plugin installed.

If I leave off the base DN and password, the 'test' button claims success, while actual authentication fails. If I put in a user name and password on the domain, the test button fails (just as above).

Is there some tweak required to the AD configuration to allow something like Jenkins to talk to it?

I have a directory that looks like:

ar_wiki_latest ibdata1 ib_logfile1 ko_wiki_latest ps_wiki_20100302 ru_wiki_latest zh_wiki_latest en_wiki_latest ib_logfile0 ja_wiki_latest mysql ps_wiki_latest test

left over from a decommissioned server. Is there a way to persuade mysql to adopt some of these databases?

I've got a copy of linux mint 10 (julia). I've got apache2 and php packages installed.

the php5 files are in /etc/apache2/mods-enabled.

Browse to a directory with an 'index.php', and the php file is served up, not executed.

The access log has

127.0.0.1 - - [29/Mar/2011:13:09:40 -0400] "GET /typo3/index.php HTTP/1.1" 200 33147 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.15) Gecko/20110303 Linux Mint/10 (Julia) Firefox/3.6.15"

and the error log has nuthin.

php5.conf contains the following, which would seem to exclude .php, but adding it to the match didn't help.

<IfModule mod_php5.c>
    <FilesMatch "\.ph(p3?|tml)$">
    SetHandler application/x-httpd-php
    </FilesMatch>
    <FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
    </FilesMatch>
    # To re-enable php in user directories comment the following lines
    # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
    # prevents .htaccess files from disabling it.
    <IfModule mod_userdir.c>
        <Directory /home/*/public_html>
            php_admin_value engine Off
        </Directory>
    </IfModule>
</IfModule>

Possible Duplicate:
Perhaps not understanding the OS X permissions model

In the log for the httpd:

[Wed Mar 23 09:18:07 2011] [error] [client ::1] (13)Permission denied: mod_rewrite: can't access text RewriteMap file /Users/benson/x/btweb/web_2_0/resources/metadata/us-redirct-map.txt

ls -l /Users/benson/x/btweb/web_2_0/resources/metadata/us-redirct-map.txt
-rwxrwxrwx  1 benson  staff  74542 Mar 22 20:05 /Users/benson/x/btweb/web_2_0/resources/metadata/us-redirct-map.txt

So, the mode is 0777, everyone has access, but the httpd gets 'Permission denied'.

Using the finder and GetInfo I see that everyone has full access. What am I missing?

Trying to set up a complex config for the bundled Httpd on MacOSX 10.6.

In the log for the httpd:

[Wed Mar 23 09:18:07 2011] [error] [client ::1] (13)Permission denied: mod_rewrite: can't access text RewriteMap file /Users/benson/x/btweb/web_2_0/resources/metadata/us-redirct-map.txt

ls -l /Users/benson/x/btweb/web_2_0/resources/metadata/us-redirct-map.txt
-rwxrwxrwx  1 benson  staff  74542 Mar 22 20:05 /Users/benson/x/btweb/web_2_0/resources/metadata/us-redirct-map.txt

So, the mode is 0777, everyone has access, but the httpd gets 'Permission denied'.

Using the finder and GetInfo I see that everyone has full access. What am I missing?

What is the plus sign at the end of the permissions telling me?

ls -l
total 4
drwxrwxrwx+ 2 benson avahi-autoipd 4096 Jan 27 17:37 docs

Here's the context:

cat /etc/issue
\CentOS release 5.3 (Final)
Kernel \r on an \m

I don't want to have to pick port numbers for the usual JMX remote management property. Is there a standard methodology for setting up some sort of proxy (e.g., via ssh) to avoid the need to to do this?

Mysql 5.1: if we want to use very large blobs, apparently we need very large packets, configured identically on both ends. How large can we go before something explodes?

See this.

I installed tortoise SVN on a 2008R2 server. The install completed, I rebooted, but still no tortoise context menus.

We've had a good deal of trouble configuring our Xserves so that various systems can reliably connect to them via VNC. One particular sore spot has been making the built-in screen sharing client on ordinary Snow Leopard connect. Is there a reliable recipe for this?

I need to get a -D settings into the picture in a tomcat deployment on Windows with Windows Server packaging. So there are no bat files (let alone .sh files) to add it to.

Does it work to edit them into catalina.properties?

Is there some other recommended way?

We don't usually use roaming profiles, but we need to test some code of ours to make sure we work with this. This led us to set up a roaming profile and then try to use the program in question.

On all but one machine we tried this on, all was well. On that machine, the product failed. We traced the failures to two phenomena: it couldn't create any COM object, and it couldn't read Scripting.Dictionary.

Further diagnosis revealed the proximate cause: a restrictive ACL on HKLM protected HKEY_CLASSES_ROOT against Domain Users. It didn't even grant read access.

The guy who ran into this did:

secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose 
net localgroup users accountname /add

and everything got better.

I suspected that there's some domain policy involved that needs to be set for Roaming Profiles to be useful that causes this ACL to be set more permissively by default. Of course, that's because I was assuming that it was somehow normal for this ACL to be set this way by default on adding a machine to the domain.

On the other hand, the admin here swears that we have no policies that could explain this. I'm afraid that we've been hit by a cosmic ray.