We use the netavark plugin for the containers, which fixes this.
set container name alp01 image 'alpine' set container name alp01 network NET01 set container network NET01 prefix '100.64.0.0/24'
We use the netavark plugin for the containers, which fixes this.
set container name alp01 image 'alpine' set container name alp01 network NET01 set container network NET01 prefix '100.64.0.0/24'
@fernando Thanks!
i've re-checked with the new image from GCP and new cloud-init version , it seems to be working as expexted :
The kernel is not supporting pseudowire/VPLS now
this patch was never merged into the kernel
No, installing the miniupnpd_functions.sh file does not correct the problem.
Another bug it that /config/upnp.leases is hardcoded, but there is no script who creates it https://github.com/vyos/vyos-1x/blob/aebb458262072457c6a3840d1b17031fbd780eca/data/templates/firewall/upnpd.conf.j2#L128
Will it work if you manually download the functions? https://github.com/miniupnp/miniupnp/blob/miniupnpd_2_3_1/miniupnpd/netfilter_nft/scripts/miniupnpd_functions.sh
OK, a little digging around in the grub configs led me to a "workaround" solution for the serial console problem after the machine is booted.
Can confirm this is exactly the same in 1.4 rolling (as of Jan 09). Same errors. The miniupnpd daemon receives the request (for either a UPnP, NAT-PMP, or PCP port mapping) and then reports the errors @simplysoft reports in the description.
PR for 1.5 https://github.com/vyos/vyos-1x/pull/2787 which will be backported to 1.4
Lowering priority to normal to proceed with adding the interface-monitor daemon development, mentioned above, for 1.5.
Quick test done on a VM with 1 CPU and 1G RAM:
[email protected]# for I in {1..2542}; do set firewall ipv6 name Test rule $I action accept ; set firewall ipv6 name Test rule $I destination port $I; set firewall ipv6 name Test rule $I protocol tcp ; done [email protected]# time commit
@sempervictus Thanks for the update!
OK, the grub serial config described here got me as far as seeing the Grub selection screen at boot time.
Oh wow, this is ancient. Can definitely close this out - @zsdc and i figured out a bunch of the insanity around cloud-init since then and i've got it working in our openstacks as well as public clouds on a single config.
What to do with atop and logrorate?
It seems we already have mfa T3834 but it never was documented
https://github.com/vyos/vyos-1x/pull/1008
vyos@r4# set interfaces openvpn vtun0 server mfa totp Possible completions: challenge Expect password as result of a challenge response protocol (default: enable) digits Number of digits to use for totp hash (default: 6) drift Time drift in seconds (default: 0) slop Maximum allowed clock slop in seconds (default: 180) step Step value for totp in seconds (default: 30)
@xrobau Could you test it?
Dec 9 13:04:57 vyos charon: 07[IKE] no matching CHILD_SA config found
Do you have several connections from the hosts behind the same NAT external address to the same hub?
It worked in my previous tests, but it was just one host behind NAT to connect to the HUB.
Re-check please and close if it works fine now. Need to update.
This is closed now because the required functionality perfectly works with Cloud-init + NoCloud/ConfigDrive.
@amcmillen Do you have any examples of how to deploy it on Linux / Debian, etc?
Without live examples, we'll mark it as wont fix and task will be closed.
As I understand, there are now ways to implement it natively for sshd
Reopen please if you have/know a solution for it.
@ordex Les us know if you have some ideas
Thanks
PR for scoped options and bugfixes: https://github.com/vyos/vyos-1x/pull/2785
Is it still bug? @sempervictus could you re-check?
We probably need more details
I guess it is already done https://github.com/vyos/vyos-cloud-init/commit/ae74804ede8fb76a7f27ca869f2b880dbe276ca2
@zsdc Can we close it or you are working on it?