It does if you are a person that wants LTS (e.g. you hate keeping your systems up to date) and like run Ubuntu LTS, and want to update LXC and this would cause an LTS conflict.
Ya, so there must have been a change at some point. Setting the zone to drop and then adding services allows those services through. Firewalld site shows what your book says is correct and what (I'm 99% sure) I saw when I initially started with the SCAP stuff last year:
@matteo-nunziati So, CentOS 7 , EXT4, LVM with compression turned on.
After all, I'm using consumer / smb desktop hardware. From what I've read, ZFS would require more resources than I have available if I wanted dedupe. My storage box will only have 8 GB RAM.
Generally go XFS but even ext4 is good. ZFS requires something like 1gb per raw tb of storage but mostrly for raid/compression. It raises up to 5gb per tb if you want dedup.
So 8gb=8tb of raw (pre raid) storage.
ZFS is nice byt you usually can go w/out its features in smb
The memory is for dedupe. It needs very little for compression and RAID. Those use CPU, but not RAM (much).
@matteo-nunziati So, CentOS 7 , EXT4, LVM with compression turned on.
After all, I'm using consumer / smb desktop hardware. From what I've read, ZFS would require more resources than I have available if I wanted dedupe. My storage box will only have 8 GB RAM.
Generally go XFS but even ext4 is good. ZFS requires something like 1gb per raw tb of storage but mostrly for raid/compression. It raises up to 5gb per tb if you want dedup.
So 8gb=8tb of raw (pre raid) storage.
ZFS is nice byt you usually can go w/out its features in smb
The memory is for dedupe. It needs very little for compression and RAID. Those use CPU, but not RAM (much).
Um, I don't know how I really feel about it. Reiser was mediocre file system to begin with, XFS was much better in every possible use case, and still is. If anything, they should rename the damn thing, having a name after murderer is never a good thing.
ReiserFS was really great at handling massive numbers of tiny files. That was its strong suit. It was good enough that Suse used it by default.
@scottalanmiller I could've sworn there was a post here related to a reboot solving it
Someone mentioned rebooting to try to solve it. But it did not (had already done that.) It was real files causing the issue, nothing orphaned. Literally, we were making 30K files an hour or so.
Tiny files to, right?
That is not relevant except for that fact that large files would have filled drive space and likely been noticed.
How is that not relevant? more files = more inodes being used
Size of the files is not relevant.
It actually makes sense that @scottalanmiller said it was mostly directories. Files of any size will almost always run out of drive space before inodes run out in 99.9999% of situations. This is the first time I've actually heard of this happening, ever.
Only not relevant for those who actually know about inodes already. The only reason I even know about them is they got mentioned in SGI's IRIX Sysadmin courses.
The one major exception is marker files. "touch thishappened" as a file automatically and never clean up and you are using inodes without using any space. That's who you can easily learn about inode depletion. But who does that?
People writing bad scripts that use lock files and forget to remove them.
That wouldn't create enough to do this though.
If you start using configuration management tools to manage infrastructure with code you get the chance to see some of these one-off oddities in the wild a little more frequently than you'd expect. Like having Java developers not use Java's log facilities to manage log rotation, and then having a generic log rotation configuration completely bork things by delete application logs that are still being accessed by the Java application.
I got to see this issue a few dozen times a few months ago before another of our Engineers disassociated the Java applications from our generic log rotation recipe.
Rebooting was the quick fix for us prior to fixing the actual problem.
Oh wow. Everything I have is managed with Ansible ( I can't even log in to servers), however all of the devs use Oracle APEX on separate systems so they don't really touch anything on my stuff. I'm sure I'd have it much worse if I had to manage their stuff.
It's neat because it is a rare test where basically only the kernel is different. So you really get to see Linux vs. NTKernel rather than artefacts of the entire stack.
