Highest Voted Questions - Server Fault Stack Exchange

74

votes

4 answers

Why disable swap on kubernetes

Since Kubernetes 1.8, it seems I need to disable swap on my nodes (or set --fail-swap-on to false). I cannot find the technical reason why Kubernetes insists on the swap being disabled. Is this for performance reasons? Security reasons? Why is the…

kubernetes swap

asked Nov 02 '17 at 13:22

Jeroen Jacobs

1,386
3
16
25

74

votes

8 answers

Why is the response on localhost so slow?

I am working on a tiny little PHP project for a friend of mine, and I have a WAMP environment setup for local development. I remember the days when the response from my local Apache 2.2 was immediate. Alas, now that I got back from a long, long…

apache-2.2 php web-server latency

asked Sep 17 '09 at 17:15

Peter Perháč

1,069
1
9
13

74

votes

4 answers

SSH key authentication using LDAP

In short: Would like a way to do SSH key authentication via LDAP. Problem: We use LDAP (slapd) for directory services and we've recently moved to using our own AMI for building instances. The reason the AMI bit is important is that, ideally, we…

ssh ldap

asked Dec 19 '14 at 20:13

c4urself

5,530
3
28
39

74

votes

14 answers

Docker containers can't resolve DNS on Ubuntu 14.04 Desktop Host

I'm running into a problem with my Docker containers on Ubuntu 14.04 LTS. Docker worked fine for two days, and then suddenly I lost all network connectivity inside my containers. The error output below initially lead me to believe it was because…

ubuntu networking domain-name-system docker lxc

asked Nov 08 '14 at 18:26

Thomas V.

2,071
2
17
13

74

votes

5 answers

What is the correct way to open a range of ports in iptables

I have come across articles advising for the following: iptables -A INPUT -p tcp 1000:2000 -j ACCEPT And others stating that the above will not work and iptables only supports multiple port declarations with the --multiport option. Is there a…

linux iptables linux-networking

asked May 13 '14 at 16:54

Paul Whalley

763
1
7
6

74

votes

7 answers

How to specify hostname for the running container?

I'm having trouble setting the hostname on a running docker container. I'm also having trouble understanding how to specify hostname after the image is started. I started a container from an image I downloaded: sudo docker run -p 8080:80 -p 2222:22…

linux lxc docker

asked Apr 20 '14 at 09:54

Miguel Ping

865
1
6
9

74

votes

10 answers

Can I specify a port in an entry in my /etc/hosts on OS X?

Possible Duplicate: How to use DNS to redirect domain to specific port on my server I want to trick my browser into going to localhost:3000 instead of xyz.com. I went into /etc/hosts on OS X 10.5 and added the following entry: 127.0.0.1:3000…

mac-osx hosts

asked Aug 14 '09 at 18:20

Tony

4,213
11
35
29

74

votes

3 answers

What is the difference between /sbin/nologin and /bin/false?

I have often heard it recommended that a user account should be disabled by setting its shell to /bin/false. But, on my existing Linux systems, I see that a great number of existing accounts (all of them service accounts) have a shell of…

linux security login

asked Jun 28 '13 at 04:58

Michael Hampton

244,070
43
506
972

74

votes

2 answers

How should an IT department choose a standard Linux distribution?

There is a lot of community feeling about what Linux distributions are appropriate for production server environments and which aren't, however, a lot of this feeling seems religiously based, and seldom presented with supporting evidence. Assuming…

linux ubuntu centos debian redhat

asked Dec 27 '12 at 21:05

wfaulk

6,878
7
46
75

74

votes

3 answers

How long does negative DNS caching typically last?

If a DNS server looks up a record and it's missing, it will often "negatively cache" the fact that this record is missing, and not try to look it up again for a while. I don't see anything in the RFC about the TTL on negative caching should be, so…

domain-name-system

asked Sep 12 '12 at 15:53

Leopd

1,757
4
24
30

74

votes

6 answers

How to redirect domain A to domain B using A-Records and CNAME records only

I have 2 domains hosted with different hosts. I need to redirect Domain A to Domain B. Unfortunately I can't do a 301 redirect from Host A, but can only modify/add DNS entries (A-Records and CNAMEs) at Host A. Surely it is possible to redirect…

domain-name-system domain hosting cname-record a-record

asked May 03 '12 at 23:25

Prembo

927
1
6
11

74

votes

6 answers

How to scan local network for SSH-able computers?

I am often on one computer in my house and I would like to SSH to another one, but often don't know the IP address of the one I want to connect to. Is there a way, from the command line, to scan the local network so I can find the computer I want to…

networking ssh ip

asked Apr 05 '12 at 07:02

Andrew

3,453
9
33
36

74

votes

4 answers

How to PREPEND rules rather than APPEND using iptables?

Pretty basic question: how to PREPEND rules on IPTABLES rather than to APPEND? I have DROP statements at the bottom of my rules. I have a software to add new rules but adding rules after DROP statements isn't good. Every time I want to add a new…

networking firewall iptables

asked Mar 29 '12 at 19:23

ale

933
2
10
13

74

votes

5 answers

Dump nginx config from running process?

Apparently, I shouldn't have spent sleepless night trying to debug an application. I wanted to restart my nginx and discovered that its config file is empty. I don't remember truncating it, but fat fingers and reduced attention probably played their…

nginx

asked Feb 18 '12 at 06:49

Sergio Tulentsev

843
1
9
9

74

votes

11 answers

Why is SSH password authentication a security risk?

Most guides for OpenSSH configuration advise to disable password authentication in favor of key-based authentication. But in my opinion password authentication has a significant advantage: an ability to connect from absolutely anywhere without a…

security ssh authentication ssh-keys

asked Nov 24 '11 at 12:12

Septagram

937
1
8
13

Most Popular