История изменений
Исправление
Legioner,
(текущая версия)
:
Ну вот вывод текущей загрузки с кучкой дополнительных сервисов, которые я отключал для проверки:
-- тут начало загрузки
Jul 30 13:56:42 nether kernel: Linux version 4.19.0-5-amd64 (debian-kernel@lists.debian.org) (gcc version 8.3.0 (Debian 8.3.0-6)) #1 SM
-- всякая фигня ядреная грузится за 2 секунды
Jul 30 13:56:44 nether systemd[1]: Started Login Service.
-- это первая задержка
Jul 30 13:57:13 nether systemd-timesyncd[286]: Synchronized to time server for the first time 45.32.4.67:123 (2.debian.pool.ntp.org).
-- ровно минута после последней записи, пошли рестарты
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Start operation timed out. Terminating.
Jul 30 13:58:13 nether systemd[1]: unbound.service: Start-pre operation timed out. Terminating.
Jul 30 13:58:13 nether systemd[1]: ssh.service: Start-pre operation timed out. Terminating.
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Main process exited, code=killed, status=15/TERM
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Failed with result 'timeout'.
Jul 30 13:58:13 nether systemd[1]: Failed to start strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.
Jul 30 13:58:13 nether systemd[1]: ssh.service: Control process exited, code=killed, status=15/TERM
Jul 30 13:58:13 nether systemd[1]: ssh.service: Failed with result 'timeout'.
Jul 30 13:58:13 nether systemd[1]: Failed to start OpenBSD Secure Shell server.
Jul 30 13:58:13 nether systemd[1]: unbound.service: Control process exited, code=killed, status=15/TERM
Jul 30 13:58:13 nether systemd[1]: unbound.service: Failed with result 'timeout'.
Jul 30 13:58:13 nether systemd[1]: Failed to start Unbound DNS server.
Jul 30 13:58:13 nether systemd[1]: Condition check resulted in Unbound DNS server via resolvconf being skipped.
Jul 30 13:58:13 nether systemd[1]: Reached target Host and Network Name Lookups.
Jul 30 13:58:13 nether systemd[1]: Starting The Apache HTTP Server...
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Service RestartSec=100ms expired, scheduling restart.
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Scheduled restart job, restart counter is at 1.
Jul 30 13:58:13 nether systemd[1]: ssh.service: Service RestartSec=100ms expired, scheduling restart.
Jul 30 13:58:13 nether systemd[1]: ssh.service: Scheduled restart job, restart counter is at 1.
Jul 30 13:58:13 nether systemd[1]: unbound.service: Service RestartSec=100ms expired, scheduling restart.
Jul 30 13:58:13 nether systemd[1]: unbound.service: Scheduled restart job, restart counter is at 1.
Jul 30 13:58:13 nether systemd[1]: Stopped Unbound DNS server.
Jul 30 13:58:13 nether systemd[1]: Starting Unbound DNS server...
Jul 30 13:58:13 nether systemd[1]: Stopped OpenBSD Secure Shell server.
Jul 30 13:58:13 nether systemd[1]: Starting OpenBSD Secure Shell server...
Jul 30 13:58:13 nether systemd[1]: Stopped strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.
Jul 30 13:58:13 nether systemd[1]: Starting strongSwan IPsec IKEv1/IKEv2 daemon using swanctl...
-- какой-то рандом, может из-за него?
Jul 30 13:58:43 nether kernel: random: crng init done
Jul 30 13:58:43 nether kernel: random: 7 urandom warning(s) missed due to ratelimiting
-- полетело всё шустро
Jul 30 13:58:43 nether systemd[1]: Started The Apache HTTP Server.
Jul 30 13:58:43 nether sshd[387]: Server listening on 0.0.0.0 port 22.
Jul 30 13:58:43 nether sshd[387]: Server listening on :: port 22.
Jul 30 13:58:43 nether systemd[1]: Started OpenBSD Secure Shell server.
Jul 30 13:58:43 nether charon-systemd[379]: loaded 0 RADIUS server configurations
Jul 30 13:58:43 nether kernel: Initializing XFRM netlink socket
Jul 30 13:58:43 nether charon-systemd[379]: HA config misses local/remote address
Jul 30 13:58:43 nether charon-systemd[379]: loaded plugins: charon-systemd aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation cons
Jul 30 13:58:43 nether charon-systemd[379]: dropped capabilities, running as uid 0, gid 0
Jul 30 13:58:43 nether charon-systemd[379]: spawning 16 worker threads
Jul 30 13:58:43 nether charon-systemd[379]: loaded certificate 'CN=vbezhenar.com'
Jul 30 13:58:43 nether charon-systemd[379]: loaded certificate 'C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3'
Jul 30 13:58:43 nether swanctl[463]: no authorities found, 0 unloaded
Jul 30 13:58:43 nether charon-systemd[379]: added vici pool ipv4: 172.23.199.2, 253 entries
Jul 30 13:58:43 nether swanctl[463]: loaded pool 'ipv4'
Jul 30 13:58:43 nether swanctl[463]: successfully loaded 1 pools, 0 unloaded
Jul 30 13:58:43 nether swanctl[463]: loaded connection 'vpn'
Jul 30 13:58:43 nether swanctl[463]: successfully loaded 1 connections, 0 unloaded
Jul 30 13:58:43 nether charon-systemd[379]: added vici connection: vpn
Jul 30 13:58:46 nether package-helper[382]: /var/lib/unbound/root.key has content
Jul 30 13:58:46 nether package-helper[382]: success: the anchor is ok
Jul 30 13:58:46 nether unbound[468]: [468:0] notice: init module 0: iterator
Jul 30 13:58:46 nether systemd[1]: Started Unbound DNS server.
Jul 30 13:58:46 nether systemd[1]: Reached target Multi-User System.
Jul 30 13:58:46 nether systemd[1]: Reached target Graphical Interface.
Jul 30 13:58:46 nether systemd[1]: Starting Update UTMP about System Runlevel Changes...
Jul 30 13:58:46 nether systemd[1]: Condition check resulted in Unbound DNS server via resolvconf being skipped.
Jul 30 13:58:46 nether unbound[468]: [468:0] info: start of service (unbound 1.9.0).
Jul 30 13:58:46 nether systemd[1]: systemd-update-utmp-runlevel.service: Succeeded.
Jul 30 13:58:46 nether systemd[1]: Started Update UTMP about System Runlevel Changes.
Jul 30 13:58:46 nether systemd[1]: Startup finished in 1.881s (kernel) + 2min 4.982s (userspace) = 2min 6.863s.
-- пошли боты пароль подбирать, в общем всё загружено
Jul 30 13:58:54 nether sshd[471]: Connection from 93.39.116.254 port 44433 on 5.2.72.4 port 22
Есть подозрение, что тут с рандомом что-то не так. Типа нет рандома после загрузки, поэтому висят сервисы. Буду пока в этом направлении курить.
Исходная версия
Legioner,
:
Ну вот вывод текущей загрузки с кучкой дополнительных сервисов, которые я отключал для проверки:
-- тут начало загрузки
Jul 30 13:56:42 nether kernel: Linux version 4.19.0-5-amd64 (debian-kernel@lists.debian.org) (gcc version 8.3.0 (Debian 8.3.0-6)) #1 SM
-- всякая фигня ядреная грузится за 2 секунды
Jul 30 13:56:44 nether systemd[1]: Started Login Service.
-- это первая задержка
Jul 30 13:57:13 nether systemd-timesyncd[286]: Synchronized to time server for the first time 45.32.4.67:123 (2.debian.pool.ntp.org).
-- ровно минута после последней записи, пошли рестарты
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Start operation timed out. Terminating.
Jul 30 13:58:13 nether systemd[1]: unbound.service: Start-pre operation timed out. Terminating.
Jul 30 13:58:13 nether systemd[1]: ssh.service: Start-pre operation timed out. Terminating.
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Main process exited, code=killed, status=15/TERM
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Failed with result 'timeout'.
Jul 30 13:58:13 nether systemd[1]: Failed to start strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.
Jul 30 13:58:13 nether systemd[1]: ssh.service: Control process exited, code=killed, status=15/TERM
Jul 30 13:58:13 nether systemd[1]: ssh.service: Failed with result 'timeout'.
Jul 30 13:58:13 nether systemd[1]: Failed to start OpenBSD Secure Shell server.
Jul 30 13:58:13 nether systemd[1]: unbound.service: Control process exited, code=killed, status=15/TERM
Jul 30 13:58:13 nether systemd[1]: unbound.service: Failed with result 'timeout'.
Jul 30 13:58:13 nether systemd[1]: Failed to start Unbound DNS server.
Jul 30 13:58:13 nether systemd[1]: Condition check resulted in Unbound DNS server via resolvconf being skipped.
Jul 30 13:58:13 nether systemd[1]: Reached target Host and Network Name Lookups.
Jul 30 13:58:13 nether systemd[1]: Starting The Apache HTTP Server...
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Service RestartSec=100ms expired, scheduling restart.
Jul 30 13:58:13 nether systemd[1]: strongswan-swanctl.service: Scheduled restart job, restart counter is at 1.
Jul 30 13:58:13 nether systemd[1]: ssh.service: Service RestartSec=100ms expired, scheduling restart.
Jul 30 13:58:13 nether systemd[1]: ssh.service: Scheduled restart job, restart counter is at 1.
Jul 30 13:58:13 nether systemd[1]: unbound.service: Service RestartSec=100ms expired, scheduling restart.
Jul 30 13:58:13 nether systemd[1]: unbound.service: Scheduled restart job, restart counter is at 1.
Jul 30 13:58:13 nether systemd[1]: Stopped Unbound DNS server.
Jul 30 13:58:13 nether systemd[1]: Starting Unbound DNS server...
Jul 30 13:58:13 nether systemd[1]: Stopped OpenBSD Secure Shell server.
Jul 30 13:58:13 nether systemd[1]: Starting OpenBSD Secure Shell server...
Jul 30 13:58:13 nether systemd[1]: Stopped strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.
Jul 30 13:58:13 nether systemd[1]: Starting strongSwan IPsec IKEv1/IKEv2 daemon using swanctl...
-- какой-то рандом, может из-за него?
Jul 30 13:58:43 nether kernel: random: crng init done
Jul 30 13:58:43 nether kernel: random: 7 urandom warning(s) missed due to ratelimiting
-- полетело всё шустро
Jul 30 13:58:43 nether systemd[1]: Started The Apache HTTP Server.
Jul 30 13:58:43 nether sshd[387]: Server listening on 0.0.0.0 port 22.
Jul 30 13:58:43 nether sshd[387]: Server listening on :: port 22.
Jul 30 13:58:43 nether systemd[1]: Started OpenBSD Secure Shell server.
Jul 30 13:58:43 nether charon-systemd[379]: loaded 0 RADIUS server configurations
Jul 30 13:58:43 nether kernel: Initializing XFRM netlink socket
Jul 30 13:58:43 nether charon-systemd[379]: HA config misses local/remote address
Jul 30 13:58:43 nether charon-systemd[379]: loaded plugins: charon-systemd aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation cons
Jul 30 13:58:43 nether charon-systemd[379]: dropped capabilities, running as uid 0, gid 0
Jul 30 13:58:43 nether charon-systemd[379]: spawning 16 worker threads
Jul 30 13:58:43 nether charon-systemd[379]: loaded certificate 'CN=vbezhenar.com'
Jul 30 13:58:43 nether charon-systemd[379]: loaded certificate 'C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3'
Jul 30 13:58:43 nether swanctl[463]: no authorities found, 0 unloaded
Jul 30 13:58:43 nether charon-systemd[379]: added vici pool ipv4: 172.23.199.2, 253 entries
Jul 30 13:58:43 nether swanctl[463]: loaded pool 'ipv4'
Jul 30 13:58:43 nether swanctl[463]: successfully loaded 1 pools, 0 unloaded
Jul 30 13:58:43 nether swanctl[463]: loaded connection 'vpn'
Jul 30 13:58:43 nether swanctl[463]: successfully loaded 1 connections, 0 unloaded
Jul 30 13:58:43 nether charon-systemd[379]: added vici connection: vpn
Jul 30 13:58:46 nether package-helper[382]: /var/lib/unbound/root.key has content
Jul 30 13:58:46 nether package-helper[382]: success: the anchor is ok
Jul 30 13:58:46 nether unbound[468]: [468:0] notice: init module 0: iterator
Jul 30 13:58:46 nether systemd[1]: Started Unbound DNS server.
Jul 30 13:58:46 nether systemd[1]: Reached target Multi-User System.
Jul 30 13:58:46 nether systemd[1]: Reached target Graphical Interface.
Jul 30 13:58:46 nether systemd[1]: Starting Update UTMP about System Runlevel Changes...
Jul 30 13:58:46 nether systemd[1]: Condition check resulted in Unbound DNS server via resolvconf being skipped.
Jul 30 13:58:46 nether unbound[468]: [468:0] info: start of service (unbound 1.9.0).
Jul 30 13:58:46 nether systemd[1]: systemd-update-utmp-runlevel.service: Succeeded.
Jul 30 13:58:46 nether systemd[1]: Started Update UTMP about System Runlevel Changes.
Jul 30 13:58:46 nether systemd[1]: Startup finished in 1.881s (kernel) + 2min 4.982s (userspace) = 2min 6.863s.
-- пошли боты пароль подбирать, в общем всё загружено
Jul 30 13:58:54 nether sshd[471]: Connection from 93.39.116.254 port 44433 on 5.2.72.4 port 22