[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: iptables support for Debian 11 PV domu's

Le sigh that would be it...I feel like a doofus now. I'd totally forgotten to do that after the upgrade ... I'm surprised the silly things booted at all.

Out of curiosity is there a better/preferred way of handling it so that I don't need to remember to keep them in sync every time I do a kernel upgrade?

On Mon, Oct 4, 2021 at 8:28 PM Andy Smith <andy@xxxxxxxxxxxxxx> wrote:

On Mon, Oct 04, 2021 at 08:11:52PM -0500, Chris Myers wrote:
> I re-upgraded one of the VMs that I had to revert last night, and tonight
> it's working, no errors. Exact same commands --
>  - Make sure all Deb10 patches installed
>  - apt clean
>  - Flip sources.list

When you do this step do you make sure to get the new format
"bullseye-security/updates" line correct? Because without that, you
end up with linux-image-5.10.0-8-amd64 version 5.10.46-4, not version

> I flipped my vmname.cfg from
> [...]
> kernel      = '/boot/vmlinuz-5.10.0-8-amd64'
> ramdisk     = '/boot/initrd.img-5.10.0-8-amd64'
> [...]
> (the kernel version that came with Debian 11)
> back to the 4.19.0-16-amd64 that was with Debian 10.
> Is it possible that the 5.10.0-8-amd64 that comes with Debian 11 isn't all
> the way there?

It works for me on 14 different domUs at present, so I'd say not

> I can confirm that the linux-image-amd64 is the one that
> came as a part of doing the in-place upgrade. I don't mess with custom
> kernels etc., just the ones that come straight from apt's wisdom.

The way you are booting these domains though inherently requires
synchronisation between the domU's config file in dom0 (that says
which kernel+initramfs to use) and the /lib/modules directory in the
domU. Easy to make a mistake.

So are you sure that you haven't mismatched something there?

Once you've got to the bottom of this I recommend switching to
pvhgrub booting to do away with that class of problems…

> From the perspective of the dom0 ::


> /lib/modules# ls
> 4.19.0-13-amd64  4.19.0-16-amd64  4.19.0-17-amd64  5.10.0-8-amd64

…and the domU in question has that same /lib/modules/5.10.0-8-amd64
directory tree from dom0?


People use duct tape to fix everything....God used nails.




Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.