serverfault.com

Since this morning, my two VMs, installed in different areas of Santiago, Chile, won't turn on. What can I do? A e2-standard-4 VM instance is currently unavailable in the southamerica-west1-a zone. Alternatively, you can try your request again with a different VM hardware configuration or at a later time. For more information, see the troubleshooting documentation.

I am setting up an Ubuntu server on EC2 that will be used as a production web server. I already installed PHP, Apache, and MariaDB. I also installed phpmyadmin. Please note phpmyadmin is located at /var/www/html/phpmyadmin (as a symlink). Assuming that the IP address of this server is 1.2.3.4 Then, if the user goes to https://1.2.3.4/phpmyadmin then this returns the phpmyadmin page (because as you are aware, the default page is served from /var/www/html). However, I want to limit this functionality, and be able to only access the phpmyadmin page if I create an SSH tunnel from my local computer. In other words, from my terminal on my local computer, I want open an SSH tunnel as such: ssh -i my-private-key.pem [email protected] -N -L 8888:127.0.0.1:80 So when using the browser, and entering

I have a small number of servers among 100s which will not open the local hadoop (datanode) UI (port 1006). I use the NAMENODE UI to access datanodes and can see data on most but, for these few, I get 401 Unauthorized Access. This is not the same as no kerberos ticket when the message is 'Authorization required'. I tested all the other nodes and they function as expected. The browser is FF and, due to security measures (and no local admin access by me) I am unable to use another browser. I asked our hardware guys and they inform me: The server hardware is all the same. The nodes are all in the same datacentre. The nodes are in the same rack and on the same switch(es). From the OS side, ALL servers (working or not) have the same krb5.conf. I also checked timezones, times and NTP configurations. Everything is consistent across all servers, working or not. As for me, my authentication is via active directory (AS) using my general login and a window

I generated my key using opendkim-genkey -s 2026 -b 1024 and fixed the ownership and permissions on the two files generated in /etc/dkimkeys/. I updated my local DNS and flushed the caches. ; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> -t txt 2026._domainkey.xcski.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22647 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;2026._domainkey.xcski.com. IN TXT ;; ANSWER SECTION: 2026._domainkey.xcski.com. 6690 IN TXT "v=DKIM1; h=sha256; k=rsa; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU01FgEdmrNcuuPKYAAG7Ktt3TnSsIeza46y6+746tCZCYHmXdEOPPa+OtqKxlEH/dQkVEK/zHTh0elPChmIhWzQuypJTnLGBZAQQ7TILPe0Zewnf7sYUuKM9inFEFG2dIv0/G5BcwZhCsyBFBYNQFn5E7Dce0JIZ8U/ix28ekrwIDAQAB" ;; Query time: 0 msec ;; SERVER:

I have a server running Linux with two network cards, eth1 and eth2. These two interfaces are connected to gateway1 and gateway2, respectively, and there are two default routes. For a specific host, I want to always use the interface eth2. To achieve this, I define a route to this host, by using "ip route add IP_of_host via IP_of_gateway2 dev eth2". The settings of eth2 are obtained via DHCP. Occasionally, the IP address of gateway2 changes. When this happens, does the linux kernel automatically update the IP_of_gateway2 in the previous route? Or do I need to delete the old route, and recreate a new one with the new IP address of gateway2?

Our client has a requirement that the private key for their SSL certificate be protected by an HSM. We will be doing this using the option in the Azure Key Vault, as the website will be hosted on an Azure Virtual Machine (running Ubuntu). However, the documentation on how to then configure the virtual machine is conflicting. Some sources, e.g. https://docs.azure.cn/en-us/virtual-machines/extensions/key-vault-linux state that using the Azure Key Vault Extension will suffice to allow the VM to access the vault and allow services on the VM, such as nginx, to access the private key. However, I've seen other articles and comments that suggest this would only work for keys that have been setup in the vault as exportable, which HSM-protected keys are not. Which is correct? What is the best practice for accessing an AKV private key from nginx?

ZONE_RESOURCE_POOL_EXHAUSTED sabbpe-uat-app-server-gv-instance-group-ncq5 asia-south1-b Creating Mar 16, 2026, 4:19:09 pm UTC+05:30 Instance 'sabbpe-uat-app-server-gv-instance-group-ncq5' creation failed: The zone 'projects/sabbpe-uat-free/zones/asia-south1-b' does not have enough resources available to fulfill the request. Try a different zone, or try again later. We are encountering a ZONE_RESOURCE_POOL_EXHAUSTED error while attempting to create an instance in our project. Project ID: sabbpe-uat-free Instance Group: sabbpe-uat-app-server-gv-instance-group-ncq5 Zone: asia-south1-b Timestamp: Mar 16, 2026, 4:19 PM IST Error Message: "Instance creation failed: The zone 'projects/sabbpe-uat-free/zones/asia-south1-b' does not have enough resources available to fulfill the request." This instance is part of our application deployment and is required for maintaining our service availability. Request:

How can I proceed to avoid the next error? $ sudo apt-get autoremove --purge Reading package lists... Done Building dependency tree... Done Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 21 not upgraded. 2 not fully installed or removed. After this operation, 0 B of additional disk space will be used. Setting up linux-modules-nvidia-590-6.17.0-19-generic (6.17.0-19.19~24.04.2) ... linux-image-nvidia-6.17.0-19-generic: constructing .ko files /usr/bin/ld.bfd: warning: --package-metadata is empty, ignoring /usr/bin/ld.bfd: warning: --package-metadata is empty, ignoring /usr/bin/ld.bfd: warning: --package-metadata is empty, ignoring /usr/bin/ld.bfd: warning: --package-metadata is empty, ignoring /usr/bin/ld.bfd: warning: --package-metadata is empty, ignoring /usr/bin/ld.bfd: warning: --package-metadata is empty, ignoring /usr/bin/ld.bfd: warning: --package-metadata is empty, ignoring /usr/bin/ld.bfd: cannot open linker script file /usr/s

I got about 30K-50K pps syn flood with bandwidth of ~ 10-20 Mbps from a total of 200M network link. Due to it, I have above 90% packet loss to my VPS. I had nf_conntrack table full error, that was solved by raising nf_conntrack_max. Now there is ksoftirqd process consuming 75% CPU and high packet loss still prevents from normal server functioning. syncookies is set to 2. After iptables -I INPUT ! -i lo -p tcp --dport 80 -j DROP packet loss dropped to 2%, ksoftirqd consuming 33% CPU, but I drop also legit traffic, also iptraf shows bandwidth increased 10x to > 130 Mbps, 250K pps!!! Why? Any ideas how to drop malicious traffic inside the VPS to decrease packet loss with no bandwidth over usage? There is no external firewall. I've tried to block the traffic by country using nftables, but it did not solve packet loss problem. This test was performed at different server in a cloud where my domain A record was pointed (and DDoS attack target migrated to that IP), b

I set up OpenVPN server on a Cudy WR3000 router, but I can't get WireGuard to work. The WireGuard handshake on the client shows "Sent" bytes but "0 Received" bytes. What I tested: OpenVPN Works: I enabled the OpenVPN server on the Cudy using port 1194. After forwarding 1194 on the ISP router, it works perfectly. This proves my Static IP and Port Forwarding logic are correct. Cross-Port Testing: I tried moving the WireGuard Listen Port to 1194, instead of default (after disabling OpenVPN), but still no handshake. MTU Adjustments: I lowered MTU to 1280 on both Server and Client to account for potential fragmentation/ISP overhead. Peer Settings: On the Cudy, I set the Peer "Remote Subnet" to 0.0.0.0/0 and "Allowed IPs" to 0.0.0.0/0. My .conf file of the cliend as automatically generated from cudy is: