RE: Kubernetes management

@ravenet said in Kubernetes management:

For managing your kubernetes, I'd look closely at installing Rancher

Thank you. I'll take a look

@ronan-a said in XOSTOR hyperconvergence preview:

I just repaired your pool, there was a small error in the conf that I gave in my previous post.

Thank you very much. I really appreciate you fixing this for me

@olivierlambert Thank for for the link.. I obviously still a lot more reading to do:)

@olivierlambert said in Login detail fro Debian 10 cloud-init:

Try to remove and recreate it,

That worked I didn't removed the the hostname in the end.
I can now ssh to the Newly created VM.

No Idea how that's happened

Thank you @olivierlambert

@olivierlambert you guys are doing a great job thank you. I can't wait to see the update next week

@lawrencesystems said in S3 Remote:

I was hoping to avoid this method as my pfsense is not connected at 10G. Thank you for the clarification.

Happy I could help.

Hi,

I am deploying Xen Orchestra on an OVH cloud VPS to managed multiple Hosts at different locations. Could you please tell me if the login interface has any brute force attack prevention built in? Is it secure enough to be publicly accessible? I have already set 2FA but couldn't see any option for FIDO2 or passwordless authentication.

Thank you

@nikade This is what is currently have:

[16:39 xc-ng-hv1-fi ~]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0

Is setting the value to 1 all O need to do? net.ipv4.ip_forward = 1 in /etc/sysctl.conf

@nikade said in How to pass MAC address to pfSense VM:

then setup the 1st usable IPv4 from the /29 IPv4 subnet on an internal interface.

Can this be the pfSense WAN?

@nikade said in How to pass MAC address to pfSense VM:

setup IPv4 forwarding on the dom0 by editing the sysctl

Would you mind sharing how to do that?

@nikade do you use 2 IP subnet? 1x for xcp-ng management + ssh and another extra that you use for the VMs or is it all 1 single subnet? Also did you requested separate MAC on Hetzner backend or left it as is?

@nikade said in How to pass MAC address to pfSense VM:

We then enabled forwarding on the xcp-ng host and setup the first usable IP as "local" subnet

How did you achieve this? Thank you very much in advance. I really appreciate the feedback..

Hi,

I tried to run xcp-NG on both Hetzner and OVH and I have the same issue on both platform. I manged to get pfSense running in the VM and I can get the WAN and LAN working. I ordered more IP to be used as NAT port forwarding but I cannot figure out how to set the MAC address. I tried to add the MACt to the VM but that didn't work. Has anyone got xcp-ng working on either platforms?

Thank you

@florent said in Unable to connect to backblaze b2:

could you try to connect with the cli aws

I can try, can you please point me to some documentation? I've never done that before

Here is the latest error when saving my settings

remote.test
{
  "id": "5c043aa8-8a08-4dcd-bbfb-c2aa214c34d5"
}
{
  "name": "AccessDenied",
  "$fault": "client",
  "$metadata": {
    "httpStatusCode": 403,
    "requestId": "3d7883ea3ba87dc5",
    "extendedRequestId": "aYwU3EzAZOX84u2YJYrNlIWYMMqgz7zNU",
    "attempts": 1,
    "totalRetryDelay": 0
  },
  "Code": "AccessDenied",
  "message": "not entitled",
  "stack": "AccessDenied: not entitled
    at throwDefaultError (/opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@smithy/smithy-client/dist-cjs/default-error-handler.js:8:22)
    at /opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@smithy/smithy-client/dist-cjs/default-error-handler.js:18:39
    at de_GetObjectLockConfigurationCommandError (/opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@aws-sdk/client-s3/dist-cjs/protocols/Aws_restXml.js:4476:12)
    at /opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@smithy/middleware-serde/dist-cjs/deserializerMiddleware.js:7:24
    at /opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@aws-sdk/middleware-signing/dist-cjs/awsAuthMiddleware.js:14:20
    at /opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@smithy/middleware-retry/dist-cjs/retryMiddleware.js:27:46
    at /opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/region-redirect-endpoint-middleware.js:14:24
    at /opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/region-redirect-middleware.js:9:20
    at /opt/xo/xo-builds/xen-orchestra-202311151203/node_modules/@aws-sdk/middleware-logger/dist-cjs/loggerMiddleware.js:7:26
    at S3Handler._sync (/opt/xo/xo-builds/xen-orchestra-202311151203/@xen-orchestra/fs/src/s3.js:452:19)"
}

@olivierlambert said in Unable to connect to backblaze b2:

Have you asked Backblaze first?

After 9 days of back and forth, I am now back to my starting point...

Backblaze is saying that there is no problem at their end so check xcp-ng...

I just woke up one morning to see that the remote was no longer working.. It has been working perfectly for almost a year... I updated Xen Orchestra community in case it was a bug but I am still not able to connect...

I am running Xen Orchestra, commit af7aa with Master, commit 03de8

Could anyone please help me?

Thank you

@olivierlambert said in Unable to connect to backblaze b2:

Have you asked Backblaze first?

No but I will.

Hi,

I logged a forum entry saying that I wasn't able to restore from backup and it was pointed to me that my backup remote was offline.
I tried to recoonect my Backblaze S3 remote and I keep getting this error message:

remote.test
{
  "id": "5c043aa8-8a08-4dcd-bbfb-c2aa214c34d5"
}
{
  "name": "AccessDenied",
  "$fault": "client",
  "$metadata": {
    "httpStatusCode": 403,
    "requestId": "c6fc8c7e4f7a82ab",
    "extendedRequestId": "aYyE3pDBGOcM4fGauYlRl+GaiMpQz5TPd",
    "attempts": 1,
    "totalRetryDelay": 0
  },
  "Code": "AccessDenied",
  "message": "not entitled",
  "stack": "AccessDenied: not entitled
    at throwDefaultError (/opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@smithy/smithy-client/dist-cjs/default-error-handler.js:8:22)
    at /opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@smithy/smithy-client/dist-cjs/default-error-handler.js:18:39
    at de_GetObjectLockConfigurationCommandError (/opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@aws-sdk/client-s3/dist-cjs/protocols/Aws_restXml.js:4476:12)
    at /opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@smithy/middleware-serde/dist-cjs/deserializerMiddleware.js:7:24
    at /opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@aws-sdk/middleware-signing/dist-cjs/awsAuthMiddleware.js:14:20
    at /opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@smithy/middleware-retry/dist-cjs/retryMiddleware.js:27:46
    at /opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/region-redirect-endpoint-middleware.js:14:24
    at /opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/region-redirect-middleware.js:9:20
    at /opt/xo/xo-builds/xen-orchestra-202311071630/node_modules/@aws-sdk/middleware-logger/dist-cjs/loggerMiddleware.js:7:26
    at S3Handler._sync (/opt/xo/xo-builds/xen-orchestra-202311071630/@xen-orchestra/fs/src/s3.js:452:19)"
}

I know for sure that the credental are correct but in doubt, I then created a new API credential and even with that the detrails, I keep getting the same message: "not entitled"

I am running Xen Orchestra community Xen Orchestra, commit 9dea5
Master, commit 9dea5

Could anyone please assist me ?

Thank you