bcjenkins
-
Posts
34 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by bcjenkins
-
-
I am having a similar event. I use a Plex docker which is set to DHCP for IP assignment on the br0 interface.
Quote------------[ cut here ]------------
WARNING: CPU: 1 PID: 7475 at net/netfilter/nf_conntrack_core.c:769 __nf_conntrack_confirm+0x97/0x4d6
Modules linked in: xt_nat macvlan ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 iptable_filter ip_tables nf_nat xfs md_mod i915 iosf_mbi i2c_algo_bit drm_kms_helper drm intel_gtt agpgart syscopyarea sysfillrect sysimgblt fb_sys_fops mlx4_en mlx4_core ptp pps_core x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel pcbc aesni_intel aes_x86_64 crypto_simd glue_helper cryptd intel_cstate intel_uncore intel_rapl_perf ahci libahci i2c_i801 i2c_core nvme video mxm_wmi wmi_bmof nvme_core wmi backlight acpi_pad button [last unloaded: mlx4_core]
CPU: 1 PID: 7475 Comm: kworker/1:2 Tainted: G W 4.14.35-unRAID #1
Hardware name: System manufacturer System Product Name/STRIX Z270G GAMING, BIOS 1203 12/25/2017
Workqueue: events macvlan_process_broadcast [macvlan]
task: ffff8805ccb30e80 task.stack: ffffc90003d54000
RIP: 0010:__nf_conntrack_confirm+0x97/0x4d6
RSP: 0018:ffff88086ec43d30 EFLAGS: 00010202
RAX: 0000000000000188 RBX: 000000000000dccb RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffffffff81c0892c
RBP: ffff8806e31a0600 R08: 0000000000000101 R09: ffff880157ba7400
R10: 0000000000000098 R11: 0000000000000000 R12: ffffffff81c8b0c0
R13: 000000000000405b R14: ffff8806ec86a780 R15: ffff8806ec86a7d8
FS: 0000000000000000(0000) GS:ffff88086ec40000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000154e463cc000 CR3: 0000000001c0a001 CR4: 00000000003606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
ipv4_confirm+0xac/0xb4 [nf_conntrack_ipv4]
nf_hook_slow+0x37/0x96
ip_local_deliver+0xab/0xd3
? inet_del_offload+0x3e/0x3e
ip_rcv+0x311/0x346
? ip_local_deliver_finish+0x1b8/0x1b8
__netif_receive_skb_core+0x6ba/0x733
? mlx4_en_rx_irq+0x23/0x3e [mlx4_en]
process_backlog+0x8c/0x12d
net_rx_action+0xfb/0x24f
__do_softirq+0xcd/0x1c2
do_softirq_own_stack+0x2a/0x40
</IRQ>
do_softirq+0x46/0x52
netif_rx_ni+0x21/0x35
macvlan_broadcast+0x117/0x14f [macvlan]
macvlan_process_broadcast+0xe4/0x114 [macvlan]
process_one_work+0x14c/0x23f
? rescuer_thread+0x258/0x258
worker_thread+0x1c3/0x292
kthread+0x111/0x119
? kthread_create_on_node+0x3a/0x3a
? SyS_exit_group+0xb/0xb
ret_from_fork+0x35/0x40
Code: 48 c1 eb 20 89 1c 24 e8 24 f9 ff ff 8b 54 24 04 89 df 89 c6 41 89 c5 e8 a9 fa ff ff 84 c0 75 b9 49 8b 86 80 00 00 00 a8 08 74 02 <0f> 0b 4c 89 f7 e8 03 ff ff ff 49 8b 86 80 00 00 00 0f ba e0 09
---[ end trace 5e99d938594ea448 ]---No plugins installed, only modprobe the i915 module for hardware transcoding. Plex is the only Docker installed and running.
-
-
1
-
-
I upgraded this morning and my 2 Docker containers won't launch and it shows a dialog which states
QuoteExecution error
No such container
Stopping Docker and restarting it seemed to bring it back. I do have an oddity in my server whereby my Mellanox 10G card does not come online unless I pull the transceiver and replace it. Perhaps this contributed to the above.
-
8 hours ago, Ambrotos said:
I'm currently running 17b and am using multiple VLANs each with their own subnet in order to place various various dockers into different network segments. I'm curious how 17b killed your setup. Did performing the upgrade mess with your configuration, or did the configuration persist but stop working?
Cheers,
-A
He's referring to this:
I had this same problem in 17b and did not have it when I upgraded to 18f.
hih
-
1
-
-
Did you try changing it in the web interface? It's in settings -> identification
-
I am not sure if this has worked prior, but my javascript console is littered with
Quote[Error] WebSocket connection to 'wss://server/sub/cpuload' failed: Unexpected response code: 401
[Error] WebSocket connection to 'wss://server/sub/var' failed: Unexpected response code: 401
I am accessing the server via IPv6 and using a custom SSL cert as described in
There are no such errors in Firefox.
-
9 minutes ago, skyline7349 said:
No i meant the actual docker service not a docker container
/etc/rc.d/rc.docker ? usage /etc/rc.d/rc.docker start|stop|restart|status-
1
-
-
The following are ramblings of my journey to get a custom SSL cert for any number of hosts which I run in Docker containers or unRAID itself. This was done in unRAID 6.4 which is required due to features provided in unRAID.
In my environment, I am leveraging IPv6 addresses for unRAID and Docker containers to provide a publicly routable address for all instances allowing for direct communication from clients without a need for proxying or NATing. To generate the SSL certs, I am using the acme.sh script which runs on unRAID without issue, and I am leveraging the LetsEncrypt DNS api to provide a cert so that communication with the server from LetsEncrypt is not needed.
I created a share specifically for certs, and restricted it to local access only. In my use, I am hosting my DNS at Cloudflare and leveraging their API to create the necessary challenge records; all of which is built in to the acme.sh project. There are many DNS providers which are supported, and you can also use direct access as needed.
So far, I have created a custom cert for unRAID and for Plex. The acme.sh script will create an individual cert directory for each cert. This allows you to restrict the container access to the cert which is applicable.
I will be working on a script specific to LetsEncrypt and Cloudflare which will monitor IP address changes for hosts, and perform cert issuance and renewals. The following is the gist of what I used to get things running manually. It is performed from the cli of the unRAID server. You will need to replace ${variables} with the actual names or export them before running the command.
# Show the IPv6 address of the unRAID server ifconfig # Show the IPv6 address of the Docker container docker inspect --format='{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' ${dockaerContainerName} # Create the share in the unRAID panel # Create the directory structure for the acme.sh mkdir -p /mnt/user/${shareName}/acme/dnsapi # Obtain the acme.sh script and perform the install curl -s https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh > /mnt/user/${shareName}/acme.sh chmod +x /mnt/user/${shareName}/acme.sh /mnt/user/${shareName}/acme.sh --install --accountemail "${LetsEncryptEmail}" --home /mnt/user/${shareName}/acme # Download the Cloudflare DNS api script and make executable curl -s https://raw.githubusercontent.com/Neilpang/acme.sh/master/dnsapi/dns_cf.sh > /mnt/user/${shareName}/acme/dnsapi/dns_cf.sh chmod +x /mnt/user/${shareName}/acme/dnsapi/dns_cf.sh # Per usage instruction for Cloudflare api in the acme.sh: set the CF API key and email variables export CF_Key="${yourKey}" export CF_Email="${CloudflareEmail}"At this point you're ready to begin issuing certs. I'll provide an example for the unRAID server and Plex container. Prior to this, you will want to create AAAA records in the Cloudflare DNS panel.
# Issue a cert for unRAID /mnt/user/${shareName}/acme/acme.sh --home /mnt/user/${shareName}/acme --issue --dns dns_cf --ecc -d ${yourFQDN} --keylength ec-256 # Backup existing cert mv /boot/config/ssl/certs/${certName}.pem /boot/config/ssl/certs/${certName}.bak # Create new cert using same name cat /mnt/user/${shareName}/acme/${yourFQDN}_ecc/fullchain.cer /mnt/user/${shareName}/acme/${yourFQDN}_ecc/${yourFQDN}.key > /boot/config/ssl/certs/${certName}.pem # Reload nginx /etc/rc.d/rc.nginx reload# Issue a cert for Plex - Plex didn't seem to support ecc certs in my testing. /mnt/user/${shareName}/acme/acme.sh --home /mnt/user/${shareName}/acme --issue --dns dns_cf -d ${yourFQDN} --keylength 2048 # Convert the cert to PKCS /mnt/user/${shareName}/acme/acme.sh --home /mnt/user/${shareName}/acme --toPkcs -d ${yourFQDN} --password ${certEncPass} # Configure your Docker container to add a path for the certs. # Configure the SSL cert settings in the Plex Netowrk Settings # Restart the container docker restart ${dockaerContainerName} -
It's pretty easy -
docker restart ${dockerName} -
I am an idiot. Ping is not available in the container, and I didn't see the IPv6 in the /etc/hosts file. I could not ping the IPv6 from the unRAID, but just discovered I could from my Mac and can also hit the webpage for the container on my Mac using the IPv6 address.
I don't know why the unRAID server can't communicate, but I don't care. I won't be interacting with this container from the server.
Thanks for the replies. I should also add that the changes in Docker in 6.4.0-rc14 seemed to have resolved my lockups with containers and using br0. I haven't had a crash in over a week with them reenabled.
-
1 minute ago, bonienl said:
These are not valid IPv6 addresses. How is your br0 configured for IPv6?
I changed them in the post because they are publicly routable and I wished to obfuscate them. They are valid in the output.
-
1
-
-
It does -
Quote"NetworkSettings": {
"Bridge": "",
"SandboxID": "437f1dc07741a7ef2c4c65a1563530502fd62e217419a4a4805c5f8d084f638d",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/437f1dc07741",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"br0": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"14de42dd79bb"
],
"NetworkID": "d1883577af3eafb11dd42bd844845968b53480bae0839d4b645f431fd34e84cf",
"EndpointID": "35aa39e1d6fd14ffc68a78cd7837fcb8a8fee8bc3383280feb80332ce645801d",
"Gateway": "192.168.43.1",
"IPAddress": "192.168.43.2",
"IPPrefixLen": 24,
"IPv6Gateway": "2605:a000:IPv6",
"GlobalIPv6Address": "2605:a000:IPv6",
"GlobalIPv6PrefixLen": 64,
"MacAddress": "02:42:c0:a8:2b:02",
"DriverOpts": null
}
}
}IPv6 changed on purpose.
-
Hi all,
I am using 6.4.0-rc14. I am hoping someone can share how to enable IPv6 in a Docker using the br0 interface. I have a few dockers running and none of them seem to have IPv6 addresses or support DHCPv6. I wasn't able to find this information in my searches.
Additional info - docker network inspect br0 shows an IPv6 address assigned to the container. If I exec into the Docker images, I do not see the IPv6 info in /etc/hosts.
-
10 minutes ago, bonienl said:
I am using EFI and have no problem with the update.
I remade the drive in the utility and all is well.
-
Anyone else using EFI having an issue with this update? The flash drive went unrecognizable in the system. I can read it on my computer.
-
I am using the EFI boot and when applying this update the EFI files did not get updated
ls -l /boot/EFI/boot total 656 -rwxrwxrwx 1 root root 199952 Oct 27 09:26 bootx64.efi* -rwxrwxrwx 1 root root 139968 Oct 27 09:26 ldlinux.e64* -rwxrwxrwx 1 root root 201680 Oct 27 09:26 libcom32.c32* -rwxrwxrwx 1 root root 24480 Oct 27 09:26 libutil.c32* -rwxrwxrwx 1 root root 12752 Oct 27 09:26 mboot.c32* -rwxrwxrwx 1 root root 31760 Oct 27 09:26 menu.c32* -rwxrwxrwx 1 root root 32 Oct 27 09:26 syslinux.cfg*The files from the update all have a Nov 14 date on them.
-
You should log in and tail the syslog as per the instructions in the first post of this thread. In my case, I was locking up with bridge mode enabled for a docker. I have disabled it and haven't crashed since.
-
3 hours ago, johnnie.black said:
Did you see this:
I don’t use Ryzen. This is an Intel i7
-
I went 30 days without a crash running on RC9, updated to 10, waited a few days and then turned on bridging for one of my dockers (plex) instead of host mode. It ran for about a day, then crashed shortly after applying an update to the docker this morning. Earlier in the beta I had been running bridge mode on all of Dockers and would crash constantly. I have disabled this mode again and will advise if another crash occurs.
I hope this helps.
-
1
-
-
Thanks for the helpful replies! I'll perform the upgrade again and output the log to screen as suggested.
-
12 minutes ago, CHBMB said:
Might be you have to try it for yourself, as it's difficult to confirm an issue has been solved unless it's tried by someone that was affected by it.
Or if there are others that have been affected and you're 110% sure it's exactly the same problem you could wait and see if anyone else reports that the issue is fixed.Yeah, I was hoping to elicit a response from Lime Technology on this. I don't mind running it to produce reports, but not if they aren't getting responses. When it locked up, there weren't any messages printed to output, just a hard lock. Sent in the logs, though.
-
50 minutes ago, HellDiverUK said:
What hard lockups? I haven't had any hard lockups ever with unRAID. Then again my server works properly...
That's nice for you. A number of people have reported these. For the record, tickets have been filed, although I haven't received a direct response.
-
Are the hard lockups resolved in this version? I rolled back to 6.3.5 as it was locking up very frequently.
-
Greetings,
I have a Mellanox Technologies MT27520 Family [ConnectX-3 Pro] card in my unRAID server. Upon server reboot, the GBIC has to be removed and reinserted for the card to come online.
Has anyone experienced anything like this? The card/system worked fine with Ubuntu 16.04 and the Mellanox drivers from their site before I put unRAID onto the system.
Thanks,
B
Call trace on server
in General Support
Posted
Also being discussed here in a different thread.