New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Login details sent by PM. Thanks for joining! Welcome to the server!
For the Alexhost Cisinau server, password login is disabled. Thus, clients' public ssh keys are necessary to enable clients to login.
I hear that ed25519 ssh keys are considered safer to use than some other types of keys.
Why are public keys called "public"?
Why can anyone download a public key from a Github repository if the repository owner has set up ssh access?
FOSSVPS clients who are concerned about the privacy of their public key can send their public key via PM.
Best wishes and kindest regards!
Made some progress setting up the VPS kindly loaned to me, mostly considering and preparing options to expose some of the metadata it produces for others to see. E.g., started setting up a few data sources to expose.
As one potential source, I set up a
screensnapcontainer for local graphical rendering of the NTP Pool stats of the server, but due to recent, and currently still ongoing, changes to various internals of the NTP Pool, it currently doesn't produce any output. I'll see whether I can track down, and fix the issue, and/or work with the Pool developers on this (currently, they have more essential items to still work out with the latest iteration of the monitoring system, and thescreensnapfeature to produce static images is just a convenience function).Based on someone else mentioning this in here, I also set up a HetrixTools agent, to eventually expose some basic VPS performance data.
Also registered a free domain name, for now to expose the NTP service plus optional NTS. Will add another one in due course for the data exposure. Had things set up with one provider when I found that the service is slow/unreliable, so needed to start again with another one.
Got Let's encrypt certificates for the existing names, working out the best way for the needed verification step (that is where the first DNS provider's name resolution being slow/unreliable turned out to be a blocker, and made me switch). I try to expose as little as possible for security reasons, so I tried the DNS-based verification first, but eventually settled on HTTP-based verification (as I am going to be exposing a web interface anyway). Maybe I'll revisit the DNS-based verification later on, couldn't get the relevant
certbotplugin to work with the provider.Started to look into what front-end to use for the data exposure, including exploring options for SNI-based L4 routing. That would allow to share the relevant web ports with other people who might have a need but don't have a dedicated IPv4 address.
Also set up a reverse tunnel to be able to access the VPS for management purposes without exposing the SSH port, which was seeing quite a bit of probing.
NTP traffic looks good, interesting to see an initial IPv6/IPv4 traffic ratio very much in line with the general IPv6 adoption rate. Other zones have much lower IPv6 adoption rate for NTP pool traffic than their estimated overall adoption rate. Will observe further as traffic stabilizes a bit. The zone seems quite well served, so it won't be an issue at all to start to cool down well ahead of the currently scheduled end of the VPS.
My vps update log!
Yesterday, I've played a bit with making my own docker images.
I also tried sysbox for running docker-in-docker, but then resource usage reporting and limiting stopped working.
Today, I've installed Incus (LXD fork) on my vps. I created my first container with debian 12.
Tomorrow, I'm going to look into incus ACLs to block some ports for the containers. (Like mail ports, as they are not needed for testing)
@Starnberg @BasToTheMax
Thanks for your updates! Applause for your updates!
I think it's great to show everyone what you are doing and to create the opportunity for fun discussion and learning!
@Starnberg I am curious about how much bandwidth you think your VPS might use in a 24 hour period. Perhaps less than one might think?
@BasToTheMax Congrats on your first container! Everyone has to start at the beginning, and the first is often the most fun because you always get to learn something new!
The average bitrate looks like it will be below, or at least not much above 1Mbit/s. That'll probably make for somewhat less than 20GB or so in+out per day. As I was working on stuff yesterday and today and not fully exercising the capacity yet, the picture is currently not complete. Tomorrow, Thursday, will be the first full day of somewhat stable traffic, so we'll have Thursday's data on Friday to give a first more complete impression as to what to expect going forward.
And yes, based on own experience in some other zones, but especially also from reports throughout the pool's forum, I was expecting much worse. In contrast, if traffic rate remains at current levels (going a bit up as it stabilizes), it will be among the "best" zones I've encountered so far - totally the opposite of what I expected. I'm honestly very positively surprised.
But my expectation likely was a bit biased as obviously, most reports are when stuff doesn't work, e.g., because a zone generates too much traffic for but the sturdiest servers to survive, creating a chicken and egg problem. Or when at least a noticeable number servers struggle. When things work very smoothly, there are obviously far fewer reports, but there are.
While admittedly very likely over-optimistic, had the zone had a chicken and egg problem, the ambitious hope would have been that a beefy server like this VPS could have helped break that - though most likely, the time would have been too short for enough people to notice the relief, and add their own servers in time to reach a critical mass while this VPS was providing "cover".
@Starnberg Yeah! Sounds excellent! Keep up your good work!
I ran scripts to test disk I/O and network speed - performance looks great! Already got certificates installed and some pods deployed. My pc is pretty old with a mechanical hard drive, so local db(postgre) queries are really slow. But querying the db on this vps is 50ms faster! cpu and memory are plenty too. Really happy with it.
some things on the London vps.
Firstly, setting up environment such as setting ssh to public key login only, install fail2ban, nginx, sing-box for proxy, and some utilities which are common in Linux.
As Tom said, the network is pretty good. watching / downloading iplayer is lightening fast which is greater than 500MB/s. I don't try to test the highest speed cause it's good for me now.
There is an open source project named yt-dlp webui, so I installed it. as its document is outdated, there were some errors, I need to look up logs and check them through its code, and modify the configuration file, thanks god, finally it's done.
thank you @Not_Oles and OnlyServers
If it's an open source project, you could fix the errors in the documentation and make a pull request
Also, I'm surprised that youtube isn't blocking the IP!
Another vps update:
Today:
Tomorrow:
Maybe I could provide some small NAT LXC containers to the LET community!
hello Santa I need Moldova to working VPN
For context, maybe look at what @Neoon has been doing with microLXC.
A bit less to report than yesterday. Started by picking some local upstream NTP servers, replacing some of my generic, somewhat global default upstreams I had started out with. Installed trafficserver and started to configure it to expose the data that I think is worth sharing, aggregating multiple types of sources behind a common domain. As expected, it's not the big items anymore that allow fast progress, unlike yesterday, but more tedious nitty-gritty setting things up, and stuff I am less familiar with. E.g, added a certificate for TLS, enabled co-existence with lighttpd that will actually provide some content, started to tweak one source to give greater prominence to aspects I personally more relevant, and a few other, smaller things.
After a rather cool period, it's gotten real hot over here (relative to what would be more typical for this location), so I will be spending less time in front of the screen the coming days, but plan to continue with lower intensity on some of the items I started, as mentioned above.
How To Get Your Request Approved
When somebody posts a request, and they have stuff like:
This isn't a list of rules or requirements. Just a few ideas to consider when writing your request.
More, or different stuff, might be okay. . . . Even brand new LETizens might be okay.
The more effort you invest in your request, the more likely your request will be approved.
Once you are in, it's lovely to post a little about what you are doing and how everything is going. Your contributions to higher quality discussion make it more likely that Providers will continue to donate servers and that FOSSVPS will continue giving away free VPSes to the community.
Free Los Angeles VPS
Been a few days now that we still have one available free Los Angeles VPS courtesy of @fmxm's kind donation
and @babywhale's work making the VPSes with BashVM. 
Here's a Yabs from a similar VPS on the same Node.
Does anyone want this VPS?
Best wishes!
@Starnberg
Could you please check the CPU usage in your VPS? Thanks!
PID 102721 seems to be your VPS.
I am seeing:
@Starnberg
Here's another
topwhich is even higher. What's up?@Starnberg Your VPS has been shut down. Something seems not quite right. . . . Ideas?
Ah, already noticed it, now I know why.
Agree.
Hmm, not really, in the sense that I don't do anything that I know would, or even could, cause something like that... Or do anything that would jeopardize use of this kind gift.
Some suspicions:
chronydis essentially single-threaded, so it shouldn't ever go higher than 100%. And with the packet rate required to drivechronyd's load that high, I'd suspect that something else outside the VPS would give first (and massively start dropping packets) beforechronydwould even reach 100% CPU load (never seen it do that before).screensnapcontainer is the only one that can cause higher loads, but usually only peaks, when rendering of an image is triggered. But I've once before seen something getting stuck, and old processes not getting reaped, and accumulating. But that was on a way slower and less powerful machine (Raspberry Pi), so it was overwhelmed processing requests, and they kept piling up until the machine started thrashing. That shouldn't be the case here, still my current best guess as being the culprit. Simply restarting it (or the whole VM) should clear that up, and I'll disable it once I can access the machine again.To be sure, I'd need to take a look. Unfortunately, the different timezones hamper communication, else I would most definitely have addressed this last night right away, but I didn't see your messages before signing off for the day, found them this morning only.
Sorry for the hassle, nothing of what I did was intended to cause these issues, or should even cause that much load (I am even considering relinquishing some of the VPS' resources so that perhaps another small one could be carved out of them). I have a very similar setup on a much smaller device, without issues that would lead me to believe this would be a common occurrence.
First of all, thank you to alexhost @Not_Oles for providing the free VPS.
I'm a development engineer who primarily works on server-side applications, and sometimes I need to use CI/CD to deploy and maintain projects.
Kubernetes is an excellent container orchestration and management platform that's becoming increasingly popular in enterprise development. While I'm not a professional DevOps engineer, I'm very interested in server and container technologies, studying the official documentation to understand its architecture and powerful features. I have a Windows laptop with low specs that can't run Linux through VMware, and previously I only used AWS free tier 1c1g EC2, which also couldn't handle k8s setup. Now with this VPS, I can build k8s following the official documentation and deploy applications - only through hands-on practice can you truly understand k8s's rich functionality.
Below I'll share how I'm using this machine, hoping my experience can provide some small help to everyone.
Reference: Official documentation https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/
Core Steps:
Since I only have one machine, my node serves as both control plane and worker node.
Install CNI - I'm using Flannel, reference: https://github.com/flannel-io/flannel
Deploy other plugins such as:
Deploy ingress-nginx-controller and management dashboard - you can choose Rancher, but I recommend Kite, a lightweight management panel: https://github.com/zxh326/kite
Now you can have fun!
You can deploy infrastructure like GitLab, MySQL, PostgreSQL, Elasticsearch, Kafka - local development applications can connect to these databases.
Recommended Useful Projects:
A few days ago, my best friend purchased three VPSs and set up a k8s cluster running open source projects. I wanted to join his cluster, but there's a big challenge - clusters typically communicate within the same LAN. I found a solution using Tailscale networking:
Follow the steps to successfully create a tunnel.
First, modify Flannel's default configuration:
Modify kube-flannel.yml to add
--iface=tailscale0:On his control plane node, execute the command to get the join command:
Note: If your friend's cluster was initialized with the parameter
--apiserver-advertise-address=<public ip>, you need to perform the following operation on my node:Have you set these deployed processes to start automatically?
If the issue persists after a reboot, it’s likely caught in an infinite loop, which could eventually force a full system reinstall.
I’ve encountered similar high-load problems like this in my work before.
Hello @Aphelios,
Thanks for your thoughts, very appreciated.
Yes.
While almost anything is possible, I don't think that is the case here. I don't expect I botched anything that's supposed to happen during the startup process that might cause this. Slight concern always is that I lock myself out of a system, especially when I don't have direct access to a console, or to the virtual power button, myself. But that was not the issue, or an issue, yesterday, and I hope for that to still be true once the machine comes back up again.
That seems like a drastic measure. As long as the VM can be accessed, if need be after an externally triggered or even forced reboot, the issue can be analyzed, either through post-mortem, or by setting up more fine-grained monitoring to detect an impending issue before it happens, or at least have more detailed post-mortem info the next time around.
But I am rather confident I'll be able to figure out what was going on, and fix it going forward, once I can access the VM again. Will obviously share my findings here, and strongly hope that a re-install can be avoided.
Thanks again!
If a restart could be helpful, certainly we could try that.
Yes, of course.
I will try a restart and report back here about what happens.
@Starnberg
I will leave your VPS on so you can go in and take a look.
Please let us know what happens. Thanks!
Best!
Tom
Hi everyone!
To continue on my idea, I have a few questions for the community:
And lastly, I want to thank @Not_Oles for starting FOSSVPS and all the generous providers who offered a node!
If my free nat lxc hosting grows, maybe one could donate a node for it too!
Thank you for restarting the VPS, allowed me to take a look. And it is really puzzling, because for one, the internal view at least of the overall load is totally different from what you see on the outside:
And for another, even the internal accounting inside the VM.
[TS_MAIN]is the maintrafficserverprocess. While the current CPU percentage seems low, the accumulated time seems rather high, the current "uptime" of the system itself is just 30-something minutes. Essentially,trafficserveris currently idling, not serving any pages right now (except some automatic reload of some test page by my browser), not even publicly reachable while I am still tinkering with the setup until I think it is secure enough for general access by the Internet population (once public, I expect not only the friendly people from the LET community wanting to take a look, less at the content rather than other aspects of the system...)My hypothesis would be that the way
trafficserverhandles its idle time, doing essentially nothing but internal stuff while waiting for external requests, is interacting badly with the virtualization layer.To test the hypothesis, I stopped
trafficserverfor now, @Not_Oles please let me know at your earliest convenience whether you see a difference now.I also faintly remember having seen something in the documentation about tweaking the main loop behavior, will try to find that again to see whether there might be an explanation that can be derived from that, and, e.g., a different setting/mode of operation for the main loop that is friendlier to the host system.
@BasToTheMax
Thanks for offering this service!
I often write Linux-specific code — for example, using epoll.h, which only exists on Linux. On mac or win, the compiler and IDE will flag it as missing, so I need a real Linux environment to compile and test.
I would prefer Debian 12 or Ubuntu 22.04 for the container, since they’re stable, lightweight, and have good package availability. I’d install gcc, g++, make, and other build tools, then set up SSH access and run VSCode Server or JetBrains Clion for remote coding and debugging from my local machine.
For developing micro or small open-source projects, 0.5-1 vCPU and 0.5-1 GB RAM should be sufficient. For example, a lightweight web server project like https://github.com/oatpp/oatpp
However, remote development always has some latency, so the experience isn’t as smooth as working locally. I’ve been considering buying a cost-effective Mac mini M4 with 32 GB RAM and 512 GB SSD to use as my main development machine, and use Docker Desktop for testing and debugging.
Seems to be a big difference!
Thanks for checking, and letting me know!
Hmm, not sure how to proceed. Will need to mull over this a bit. Nothing from
trafficserver's documentation so far sprang out at me as suggesting it might be related to that. Need to dig a bit deeper, but also let it rest and mature a bit as well.Obvious way out would be to just switch to another reverse proxy, I'd just prefer to avoid that. Not on principle, I am always happy to learn, and to explore new things, so not a blocker. It would just mean a bit more effort, and related delay, to get sufficiently acquainted with another implementation which I would rather do without less "pressure" (and if only just perceived, or coming from myself) to deliver some outcome.
By the way, if not too much trouble, is there a way I could get some sort of direct view myself at the host's live performance data? I might want to try a few things, and it might be easier, and both more efficient and effective, to not have to bother you all the time about taking a look and sharing the outcome.
Will think about the situation, and come back once I have a clearer picture at to a potential direction forward.
Thanks!