Well, here goes. After reducing my beautiful, prisine debian small linode into a pile of gelatinous slag, I thought I'd post my own stupidity here in order to:

a) Warn others off from my own foolish course of action
b) Entice others to post here and do the same
c) Laugh at the above
d) ...
e) Profit!

Well, ok, maybe I'm being a bit optimistic, especially toward the end there, but I do hope you all have fun reading and posting to this thread.

Cheers.

OK, so here's my screwup. To begin with, a little background...

I've got a linode 64, and have been totally impressed with the service and the level of support I've recieved for it.</asskissing> Anyhow, I wanted to setup an iCal server for my personal needs, as well as a groupware solution for various projects I'm collaborating on. A bit of research showed me that my best bet would be to go with open-xchange, which is essentially Novell's groupware server. Very cool, very powerful, and it rocks. Seriously. Naturally, this was the thing to install on my 64.

Riiiiight....

Following along with the instructions for Debian Sarge, which incidentally happens to be the first set of instructions on the howto, I almost immediately ran into trouble. See, open-xchange relies heavily upon Java. Well, you know Java. If there's one thing it isn't, it's efficient. So installing Java meant running out of IO tickets, which then meant I got to learn what IO tickets are, and why I don't want to run out of them. You gotta love software that has a piggy, inefficient installer. Did not bode well.

Then there was getting Tomcat working. I did. But not without pain. Ant, postgresql, yadda yadda. Got it all going. Finally, after many false starts and re-going over the documentation, got the whole schmere running!

And then started getting timeouts on the client side. Lots of them. So I looked again at /proc/io_status, and guess what? Open-xchange, just running idle, chews through 500 tickets per second! Which means if I average more than 12 tickets per second beyond that (which means actually using open-xchange, or perhaps having people send me email, or visit my webpage), I'd be out of tickets quickly, and I was.

To top it all off, well, I'll quote from the install docs:
Moral of the story? Friends don't let friends install enterprise web applications on a Linode/64.

Shortly after I got my linode I decided to disable the dhcp client on my linode. I somehow got the ip address of my linode and its gateway reversed and knocked host2 offline around 1am on a Saturday.

To Caker's credit (and my surpise) he got notification of it and had it back up in twenty minutes.

- kenny

Now that's funny. You found a way to screw up a whole host!

I thought UML was supposed to be able to stop client virtualisations from binding to any old IP on the host?

This happened sometime summer~fall of 2003. From talking to Chris afterwards, he was surprised that it even happened and said he fixed the problem so clients couldn't jack-up the host's routing tables (or something to that effect).

kenny

That was a good one, indeed...

It had to do with allowing a node to respond to ARP requests for IPs it didn't own. Suddenly, the switch and other Linodes saw Kenny's Linode as the gateway It was fixed after discovering the problem (lots ot tcpdump time involved).

I went to great lengths to filter layer 2 and layer3 traffic -- not only to protect each Linode, but to protect the integrity of the Linode network as a whole. I doubt other providers have such thorough protection in place.

-Chris

Ooo, dangerous situation. If, back then, somebody set up their own transparent proxying service and did that trick, he'd be able to use tcpdump on the machine to sniff all the Linodes' traffic on that host? Scary. I guess they'd find themselves without an account PDQ thouogh.

That was never possible -- we've always filtered layer 3 traffic to and from each Linode that didn't match IPs they've owned.

-Chris

Ah, cool. Okay then, thanks.

Haha... Nice.

Closest thing I have done (recent) is let 4 ircd's run on my linode at the same time when I only have 42gb of bandwith. I logged into the LPM just to check on things and I see that i have gone through nearly 90 percent of my bandwith in a matter of 2 weeks. I had to log into lish and block all traffic on port 6667 to avoid being charged an exorbitant fee for more bandwith

_________________
-- Surferdude

That's alot of bandwidth. Were those servers part of another IRC network?

-Brian

I believe so, Because when I ran netstat, it took about 5 miniutes to finish. When my bandwith is replenished, ill enable traffic again and see how things go.

_________________
-- Surferdude

Yup, you have to keep an eagle eye on your transfer stats - the bandwidth available to you is huge. When I seed a BitTorrent, I'll set my outgoing transfer rate to (usually) about 500 kB/s and make a worst-case calulation on how long it will take to get to X gigabytes, and then set a reminder on my cell phone to check up on how much has really been transferred.

Of course, if you're seeding a torrent, you should use an ext2 filesystem for the seed, otherwise, the I/O limiter will kill you. There's a lot of overhead involved in ext3 journalling.

Any other I/O instensive operations might also benefit from ext2, but you need to balance the better I/O performance against the need to run fsck on an unscheduled reboot.

EDIT: It is also possible to mount (or remount) an ext3 filesystem as ext2 temporarily.

_________________
Bus error (passengers dumped)

Yes, but I think they'll be even more overhead like that.
Correct me if I'm wrong.