Latest Server related questions

I have configured Kubernetes using kubeadm in cent os stream 9. When I issue kubectl commands i am getting this error often

The connection to the server xx.xxx.xx.xx:6443 was refused - did you specify the right host or port?

I have used Flannel as CNI.

I have tried the swapoff -a command. And done export KUBECONFIG=/etc/kubernetes/admin.conf Restarting kubelet works sometimes but again gets the same ...

We are running Update Services on a Windows Server 2016 server that delivers updates to the systems on the domain. I need to delegate maintenance of this to a non-admin user. The user must be able to run WSUS Server Cleanup Wizard and approve/decline updates. How should this be done?

I have a postfix server that I inherited many years ago. Originally it successfully controlled the sending of messages through authentication and IP addresses - if an authenticated user was sending from an IP address in 'mynetworks', it was allowed. Since then it's been through two major upgrades, from Lenny to Jesse in 2017 and from Jesse to Bullseye in 2022. It seems the IP address restriction requ ...

I want to rate limit ssh connections per IP to a server running firewalld.

Suppose my sshd listens on port 2222, and I want to limit ssh connections per IP to 3 per minute. I tried:

sudo firewall-cmd --add-rich-rule \
  'rule port port="2222" protocol="tcp" accept limit value="3/m"'

Then on another machine I ran:

ssh myserver echo hello; \
ssh myserver echo hello; \
ssh myserver echo hello; \
ssh myser ...

I have an Ubuntu box with IP forwarding enabled and a very simple iptables configuration to allow all packets from within the LAN to be forwarded:

echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -I FORWARD -s 192.168.4.0/24 -j ACCEPT

This works fine, except the SMB shares on the box no longer work, presumably because the packets that end with the box itself as a destination are also being for ...

I want to reduce the storage size of the VM's running on a Linux 8 physical machine from 2 TB to 400 GB. The actual size of VM's is around 100 GB. But the space we give it as allocated size is too big and I want to reduce it.

What I'm talking about is not reducing the VM's available storage, but reducing storage disk size of VM's disks from 2TB to 400GB.

All the required RPMs are installed and there ...

I was following the product documentation "https://docs.openstack.org/nova/2023.1/install/verify.html" after the nova installation is complete on my controller and compute node Iam seeing the " no such table: cell_mappings" while verifying the installation executing the command "nova-status upgrade check".

~# nova-status upgrade check
Modules with known eventlet monkey patching issues were imported ...

I'm running k3s 1.26.4 on a small 4 nodes home lab cluster (1 master/worker + 3 workers). Today, the master node crashed, and a forced reboot was the only solution. Since then, the master node refuses to start correctly.

In the logs, I can see a lot of v1.Event to conversion errors. Here is an extract:

May 21 18:37:31 oc-1 k3s[6275]: W0521 18:37:31.123758    6275 reflector.go:424] storage/cacher.go:/ ...

I have a nginx server with the following (simplified) server block:

server {
    listen 80;
    server_name _;

    location / {
        root /var/www/html;
        index index.html;
    }
}

Every domain name that has an A-record to my server has the same website on it.

Question: is it possible to use a "wildcard" SSL certificate (I mean wildcard for all domains, not a wildcard subdomain)? So that all do ...

I was researching about block devices and character devices. I found an article that mentions how block devices are assigned as /dev/sd[a-z]. But then I read a different article that mentions how block devices are assigned as /dev/dsk/[c#t#d#]. Are they not both block devices? When is one used over the other?

I have the puzzling problem with a new NAS I am setting up.

First of all, I checked

cat /proc/acpi/wakeup | grep enabled

and disabled everything from waking up the system except for the two NICs it has. Then, if I set using ethtool the wol flag to d which disables everything, the NAS can go to sleep and stay asleep indefinitely.

However, if I set the wol flag to anything else, the NAS will sleep but wa ...

I deployed two machines to GCP via Terraform. Let's call them control-host and target-host. I want to manage the target-host via Ansible installed on the control-host. Unfortunately, I keep getting the following error no matter what I do:

10.128.100.3 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: [email protected]: Permission denied (publickey). ...

This environment has twins of virtually everything, including two web server / firewall / gateway systems, and they were getting long-in-the-tooth version wise, so I decided to upgrade from Fedora Server 30 to 38 on one of them. The idea was, of course, to bring both "into the modern era", but one at a time.

My timing was curious because at the very same time I began the upgrade, without even touching ( ...

The environment has twins of virtually everything, including two web server / firewall / gateway systems, and they were getting long-in-the-tooth version wise, so I decided to upgrade from Fedora Server 30 to 38 on one of them.

My timing was curious because at the very same time I began the upgrade, without even touching (physically or electronically) the other server, it decided to fail! So, now I have ...

I have this terraform config for deploying a kubernetes dashboard to my cluster on VKE.

resource "helm_release" "my-kubernetes-dashboard" {
  name = "my-kubernetes-dashboard"

  repository = "https://kubernetes.github.io/dashboard/"
  chart      = "kubernetes-dashboard"
  namespace  = "default"

  set {
    name  = "service.type"
    value = "ClusterIP"
  }

  set {
    name  = "protocolHttp"
    v ...

I am trying to delete a file inside /home folder as root user but i am getting error "Operation not permitted". Below is the lsattr of file

-----a-------e-- /home/test/.bash_profile

also if i create any folder or file inside /home folder it is created but i cannot delete it afterwards getting same error "Operation not permitted"

Any idea what is going on?

I just have a general about how best to build and manage DB servers when using Docker builds with docker-compose.yml. Historically, I've sometimes bound the Postgres DB's to a bound folder on the host FS. There are upsides and downsides to that it seems, but more recently it seems like it might be better to use docker volumes instead. Those are not quite as 'visible' on the host because different set ...

If I run php as FPM, I can set my memory limit in php.ini or .user.ini. PHP can perform a MySQL query, and I can set memory limits in /etc/my.cnf for for instance the innodb buffer pool. If PHP runs a query, which memory limit applies?

I have two VPCs:

• Inbound VPC with CIDR 10.0.0.0/16 (2 public subnets)
• Private VPC with CIDR 10.1.0.0/16 (Private endpoints)

Both are connected with a Transit Gateway and I can resolve the DNS and the private APIs from the inbound VPC to the private VPC using a curl command from a EC2 instance.

However, I have created an ALB in the Inbound VPC that forward to the private DNS only accessible from t ...

I am a newbie in the world of Nginx. While learning it, I am trying to accomplish this: I want to return a string whenever someone hits this URL: /greet/user and the string will be 'Hello user.' So, if someone hits localhost/greet/john, the page will show this string: 'Hello john'; if the URL is localhost/greet/merry, the string will be 'Hello merry.'

I tried doing that with the following code fr ...

New poster here so unsure if this is the correct stack exchange.

But basically, I use NPM (Nginx Proxy Manager) to direct internet traffic to various VMs running on my hub server running proxmox.

Whenever I try to connect to an internet SSL-based web application such as the web UI for NPM or Nextcloud, my web browser gives me a connection error. However, when I try to connect to the same domain that ...

I am currently trying to share my ZFS dataset using SMB. Unfortunately I receive the error NT_STATUS_BAD_NETWORK_NAME every time I try to connect to the share. The error does not make much sense to me since as far as I understood it from this source https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/8f11e0f3-d545-46cc-97e6-f00569e3e1bc the error NT_STATUS_BAD_NETWORK_NAME is about ...

The following example with fictional names describes my situation:

• External mail service mailservice.com
• DNS entry my.server.com points to the server publicly
• The server should send e-mails from [email protected]

I'm struggling to understand how to name the server (hostname) and what sendmail config to use. Currently, I have the config:

# /etc/hostname
some-random-hostname-without-tld

systemd[1]: NetworkManager-wait-online.service: Job nis-domainname.service/start deleted to break ordering cycle starting with NetworkManager-wait-online.service/start

In Windows Server 2022 with GUI, when Windows Security incorrect detect file as virus and threat and quarantined threat, I can allowed threats from Windows Security settings.

But I do not know how to doing this in Windows Core?

I need allowed specific threat in windows Server core 2022

If any one provide some powershell command for this, I very welocome, for example in powershell, if you want to disabl ...

My config for my template is as follows.

template (name="macfilter" type="string" string="/home/pi/nas/f/remotelogs/%programname:R,ERE,0,FIELD:(([0-9A-fa-f][0-9A-fa-f]: ?[0-9A-fa-f][0-9A-fa-f]: ?[0-9A-fa-f][0-9A-fa-f]: ?[0-9A-fa-f][0-9A-fa-f]: ?[0-9A-fa-f][0-9A-fa-f]: ?[0-9A-fa-f][0-9A-fa-f])|([0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-Fa-f][0-9A-F ...

I have a weird issue with a PS script which should run on startup of a computer. This script is configured identical on three levels (OUs) only different parameters. Depending on for which hosts it's configured it should install certain things. On some machines there are multiple OUs applied which should run the script with different parameters. Looking at the output of gpresult /h C:\gpo.html it sho ...

recently my MYsql CPU usage is 120% and this is the mysqltuner can you please suggest for me a solution ?

    [root@server1 ~]# mysqltuner
 >>  MySQLTuner 1.8.3 - Major Hayden <[email protected]>
 >>  Bug reports, feature requests, and downloads at http://mysqltuner.pl/
 >>  Run with '--help' for additional options and output filtering

[--] Skipped version check for MySQLTuner ...

I am getting lots of Audit Failure errors on Windows Logs/Security in event viewer. See the image below. Does that mean someone is trying to brute-force to my computer?

With the latest April update which adds LAPS to windows 10 22H2 and above I find that to be incredibly helpful. What isn't helpful is that my environment is running with Server 2016. I have installed Legacy LAPS and enabled LAPs on the Windows 10 22H2 machines. The problem I have is that it is constantly:

Event ID 10012 Output

Copy The Active Directory schema has not been updated with the necessa ...