[Openstack] Can nova-network would still continue developing and support VXLAN in openstack H and later version?
Hi, At my experiment of openstack implementing of production environment, cause of the factors of performance, stability ,security and maintanence, I think the VLAN model of nova-network multihost is quiet good choice to perform, I also like quantum of different network namespace to separate tenants and give the freedom let client to create their own network , but the problem was how only two(active/active base on pacemaker) network node servers could support tens of thousands VMs and so complicated N to N GRE tunnels in the system, whatever performance and stability and bad security of the metadata service to use external network to provide service? Like the electric newspaper was not instead of paper media at the internet era, and I also did not believe the central network node, software based switch solution in the server is a better choice than hardware network equipment even SDN is so hot at present, is that a right decision to waste the powerful capacity of mature network technologies and equipment? Except the weakness of quantum, nova-network in Vlan mode also have a big problem in large and multiple cloud centers, the 4096 vlans limitation within one cloud system, it not only limits the the total number tenants and also the free transportation of VMs in same tenants from one could region to another, only because the 4096 vlans. At my corner, if nova-network could be got continue supporting and vxlan feature would be support in the roadmap of next version, openstack system would get big confidence of implementing, because each tenant could get different VNI and each cloud region would use different range of VNI numbers, for example the regionOne would use 1-1 VNIs and the regionTwo use 11-2,and if the vm in regionOne want move to regionTwo, it could still use the same VNI number in regionTwo, so it could still communicate with different openstack region but in same tenant and get same network. Of course we can use VPLS/MPLS VPN connect the different openstack region and across the service provider network. Another way is to let the quantum pluging in compute node to support the multi host model like nova-network, to utilize the natural VXLAN support of openvswitch and pass the traffic directly through the compute node nic to outside Vxlan enabled network equipment,such as cisco, juniper and others but not a centralized software based network node. So, my question is, can nova-network would still continue developing and support VXLAN in openstack H and later version? That is very importance to us in production environment and multiple openstack regions. Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name
Razique, Additional information: Another testing system was not full of testing job. I met this problem before at my small system. If I use ubuntu image download from network,this problem was not happened. If I use centos and windows image create instance,this problem will happened,and in the process of building centos or windows instance, nova-compute always promote: libvirt qemu error,domain not found. But finally instance would run normally, and then to reboot the host of nova-compute and then run nova-compute ,it would stop at :CRITICAL error: libvirt qemu error, domain not found, .. Romi From: romi zhang [mailto:romizhang1...@163.com] Sent: Monday, September 17, 2012 8:48 PM To: 'Razique Mahroua' Cc: 'Ritesh Nanda'; 'openstack@lists.launchpad.net' Subject: RE: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Razique, Appreciate for your attention. # ls /etc/libvirt/qemu/networks/autostart default.xml at my memory,when the first time I computed the system installation, reboot compute-node have no problem, and then after I created centos and windows instances (in the booting process,system show :libvirt qemu error: domain not found) and reboot one of compute-nodes ,nova-compute stopped and show me : CRITICAL error, Libvirt: QEMU error: Domain not found: no domain with matching name instance-000a. then the others also have same problem. At my corner,it is a sysmatic behavior. But at my another testing system, this problem had not happened. Regards, Romi From: Razique Mahroua [mailto:razique.mahr...@gmail.com] Sent: Sunday, September 16, 2012 5:04 PM To: romi zhang Cc: 'Ritesh Nanda'; openstack@lists.launchpad.net Subject: Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Hey, could you remove the flag : --resume_guests_state_on_host_boot=true ans restart the nova-compute service Can you run $ ls /etc/libvirt/qemu/autostart Does that behaviour is systematic ? Everytime you restart the service nova-compute, or do you need to also have your compute node restarted ? Nuage Co - Razique Mahroua razique.mahr...@gmail.com Le 15 sept. 2012 à 12:00, romi zhang romizhang1...@163.com a écrit : Razique, Thank you very much! Here is the paste: http://paste.openstack.org/show/20938/ http://paste.openstack.org/show/20938/ this config was fine at the first testing system. Current problem occurred at my second testing system, and at before I created raw format image and convert to qcow2. I am going to recreate image directly on qcow2 format,are just in processing, Is there anything should be cared with image? It looks like related with the glance image,I guess. Romi From: Razique Mahroua [mailto:razique.mahroua@ http://gmail.com gmail.com] Sent: Saturday, September 15, 2012 5:43 PM To: romi zhang Cc: 'Ritesh Nanda'; mailto:openstack@lists.launchpad.net openstack@lists.launchpad.net Subject: Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Hey I just wanted to see if the domain was still declared within virsh database in case you can also go to your instances directory and un a $ virsh define $instance-name/domain.xml Can you post your nova.conf please ? Nuage Co - Razique Mahroua mailto:razique.mahr...@gmail.com razique.mahr...@gmail.com image001.jpg Le 15 sept. 2012 à 08:26, romi zhang mailto:romizhang1...@163.com romizhang1...@163.com a écrit : Hi Razique, Is there anything need to have a deeper look? Virsh list looks like well,same as the instance I created through nova boot. Romi From: Razique Mahroua [mailto:razique.mahroua@ http://gmail.com gmail.com] Sent: Friday, September 14, 2012 4:10 AM To: Ritesh Nanda Cc: romi zhang; mailto:openstack@lists.launchpad.net openstack@lists.launchpad.net Subject: Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Hi Romi, what $ virsh list --all gives you ? Nuage Co - Razique Mahroua mailto:razique.mahr...@gmail.com razique.mahr...@gmail.com image001.jpg Le 13 sept. 2012 à 21:11, Ritesh Nanda mailto:riteshnand...@gmail.com riteshnand...@gmail.com a écrit : Hello romi, Image got into a stuck state , only solution is to hack your database for this particular instance and mark it as deleted, den restart nova-* service, it would start working. On Thu, Sep 13, 2012 at 9:45 PM, romi zhang mailto:romizhang1...@163.com romizhang1...@163.com wrote: Hi, Ive installed essex and when I reboot one of the nova-compute node and next when I start nova-compute service again,the system promote: Libvirt: QEMU error: Domain not found: no domain with matching name instance-000a Then I found: #ls /var/lib/nova/instances _base instance-000a
Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name
Ritesh, I did a test: I downloaded a qcow2 format ubuntu 12.04(http://docs.openstack.org/essex/openstack-compute/admin/content/starti ng-images.html) and use it create a new instance. Everything is fine,no any error information occurred. But when I reboot compute node, the situation was same, and after run virsh define again then to restart nova-compute, in the ubuntu12.04 instance booting, it also gives out: libvir: QEMU error : Domain not found: no domain with matching name 'instance-000c' but finally, instance: 7f2050b7-b83b-4603-b7c2-3a6912188e9c] Instance rebooted successfully, means this instance run normally and I also could ssh it, same like others before. So, it looks like no relation about images. I think perhaps something in libvirt or qemu perhaps had potential problems. The situation is: If I only create one instance from ubuntu12.04 and run it in the first one, anything run well, have no libvirt:QEMU error,.. Information comes out; If I continue to boot instance from the centos(image created by me) or fedora(downloaded from http://docs.openstack.org/essex/openstack-compute/admin/content/starting-ima ges.html) or windows image,it show me: libvirt:QEMU error,domain not found...,but instance would finally spawn successfully and run well. It looks like libvirt:QEMU error,domain not found,. does not stop instance running and working. But, I did not know why reboot nova-compute node, /etc/libvirt/qemu would delete the one of instances XML file and nova-compute would stop to continue. Romi From: romi zhang [mailto:romizhang1...@163.com] Sent: Saturday, September 15, 2012 2:32 PM To: 'Ritesh Nanda' Cc: 'openstack@lists.launchpad.net' Subject: RE: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Ritesh, I will try your method. In the past,when I boot a new instance from a ubuntu image,it works ok. Centos and windows image was created by me according docs.openstack.org information,and every time when a new instance created from centos and windows,system always told me Libvirt: QEMU error: Domain not found: no domain with matching name,..., but finally, the instance works well. So, I am not clear about the reason. Thanks. Romi From: Ritesh Nanda [mailto:riteshnand...@gmail.com] Sent: Friday, September 14, 2012 3:12 AM To: romi zhang Cc: openstack@lists.launchpad.net Subject: Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Hello romi, Image got into a stuck state , only solution is to hack your database for this particular instance and mark it as deleted, den restart nova-* service, it would start working. On Thu, Sep 13, 2012 at 9:45 PM, romi zhang romizhang1...@163.com wrote: Hi, I've installed essex and when I reboot one of the nova-compute node and next when I start nova-compute service again,the system promote: Libvirt: QEMU error: Domain not found: no domain with matching name 'instance-000a' Then I found: #ls /var/lib/nova/instances _base instance-000a instance-000b instance-000c #ls /etc/libvirt/qemu instance-000b.xml instance-000c.xml Network So: /var/lib/nova/instances/instance-000a# virsh define libvirt.xml Domain instance-000a defined from libvirt.xml And: #ls /etc/libvirt/qemu Instance-000a.xml instance-000b.xml instance-000c.xml network Then I restart: nova-compute , and nova-compute could normally started. I did not understand why reboot compute node,and usually the first instance's xml file was deleted and nova-compute will terminate. By the way, when I create a new instance, the first line in the log also is : Libvirt: QEMU error: Domain not found: no domain with matching name 'instance-000a' Anyone who had met such a problem and why? Regards, romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name
Razique, Thank you very much! Here is the paste: http://paste.openstack.org/show/20938/ this config was fine at the first testing system. Current problem occurred at my second testing system, and at before I created raw format image and convert to qcow2. I am going to recreate image directly on qcow2 format,are just in processing, Is there anything should be cared with image? It looks like related with the glance image,I guess. Romi From: Razique Mahroua [mailto:razique.mahr...@gmail.com] Sent: Saturday, September 15, 2012 5:43 PM To: romi zhang Cc: 'Ritesh Nanda'; openstack@lists.launchpad.net Subject: Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Hey I just wanted to see if the domain was still declared within virsh database in case you can also go to your instances directory and un a $ virsh define $instance-name/domain.xml Can you post your nova.conf please ? Nuage Co - Razique Mahroua razique.mahr...@gmail.com Le 15 sept. 2012 à 08:26, romi zhang romizhang1...@163.com a écrit : Hi Razique, Is there anything need to have a deeper look? Virsh list looks like well,same as the instance I created through nova boot. Romi From: Razique Mahroua [mailto:razique.mahroua@ http://gmail.com gmail.com] Sent: Friday, September 14, 2012 4:10 AM To: Ritesh Nanda Cc: romi zhang; mailto:openstack@lists.launchpad.net openstack@lists.launchpad.net Subject: Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Hi Romi, what $ virsh list --all gives you ? Nuage Co - Razique Mahroua mailto:razique.mahr...@gmail.com razique.mahr...@gmail.com image001.jpg Le 13 sept. 2012 à 21:11, Ritesh Nanda mailto:riteshnand...@gmail.com riteshnand...@gmail.com a écrit : Hello romi, Image got into a stuck state , only solution is to hack your database for this particular instance and mark it as deleted, den restart nova-* service, it would start working. On Thu, Sep 13, 2012 at 9:45 PM, romi zhang mailto:romizhang1...@163.com romizhang1...@163.com wrote: Hi, Ive installed essex and when I reboot one of the nova-compute node and next when I start nova-compute service again,the system promote: Libvirt: QEMU error: Domain not found: no domain with matching name instance-000a Then I found: #ls /var/lib/nova/instances _base instance-000a instance-000b instance-000c #ls /etc/libvirt/qemu instance-000b.xml instance-000c.xml Network So: /var/lib/nova/instances/instance-000a# virsh define libvirt.xml Domain instance-000a defined from libvirt.xml And: #ls /etc/libvirt/qemu Instance-000a.xml instance-000b.xml instance-000c.xml network Then I restart: nova-compute , and nova-compute could normally started. I did not understand why reboot compute node,and usually the first instances xml file was deleted and nova-compute will terminate. By the way, when I create a new instance, the first line in the log also is : Libvirt: QEMU error: Domain not found: no domain with matching name instance-000a Anyone who had met such a problem and why? Regards, romi ___ Mailing list: https://launchpad.net/~openstack https://launchpad.net/~openstack Post to : mailto:openstack@lists.launchpad.net openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack https://launchpad.net/~openstack Post to : mailto:openstack@lists.launchpad.net openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp https://help.launchpad.net/ListHelp image001.jpg___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name
Ritesh, I will try your method. In the past,when I boot a new instance from a ubuntu image,it works ok. Centos and windows image was created by me according docs.openstack.org information,and every time when a new instance created from centos and windows,system always told me Libvirt: QEMU error: Domain not found: no domain with matching name,..., but finally, the instance works well. So, I am not clear about the reason. Thanks. Romi From: Ritesh Nanda [mailto:riteshnand...@gmail.com] Sent: Friday, September 14, 2012 3:12 AM To: romi zhang Cc: openstack@lists.launchpad.net Subject: Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Hello romi, Image got into a stuck state , only solution is to hack your database for this particular instance and mark it as deleted, den restart nova-* service, it would start working. On Thu, Sep 13, 2012 at 9:45 PM, romi zhang romizhang1...@163.com wrote: Hi, I've installed essex and when I reboot one of the nova-compute node and next when I start nova-compute service again,the system promote: Libvirt: QEMU error: Domain not found: no domain with matching name 'instance-000a' Then I found: #ls /var/lib/nova/instances _base instance-000a instance-000b instance-000c #ls /etc/libvirt/qemu instance-000b.xml instance-000c.xml Network So: /var/lib/nova/instances/instance-000a# virsh define libvirt.xml Domain instance-000a defined from libvirt.xml And: #ls /etc/libvirt/qemu Instance-000a.xml instance-000b.xml instance-000c.xml network Then I restart: nova-compute , and nova-compute could normally started. I did not understand why reboot compute node,and usually the first instance's xml file was deleted and nova-compute will terminate. By the way, when I create a new instance, the first line in the log also is : Libvirt: QEMU error: Domain not found: no domain with matching name 'instance-000a' Anyone who had met such a problem and why? Regards, romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name
Hi Razique, Is there anything need to have a deeper look? Virsh list looks like well,same as the instance I created through nova boot. Romi From: Razique Mahroua [mailto:razique.mahr...@gmail.com] Sent: Friday, September 14, 2012 4:10 AM To: Ritesh Nanda Cc: romi zhang; openstack@lists.launchpad.net Subject: Re: [Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name Hi Romi, what $ virsh list --all gives you ? Nuage Co - Razique Mahroua razique.mahr...@gmail.com Le 13 sept. 2012 à 21:11, Ritesh Nanda riteshnand...@gmail.com a écrit : Hello romi, Image got into a stuck state , only solution is to hack your database for this particular instance and mark it as deleted, den restart nova-* service, it would start working. On Thu, Sep 13, 2012 at 9:45 PM, romi zhang romizhang1...@163.com wrote: Hi, Ive installed essex and when I reboot one of the nova-compute node and next when I start nova-compute service again,the system promote: Libvirt: QEMU error: Domain not found: no domain with matching name instance-000a Then I found: #ls /var/lib/nova/instances _base instance-000a instance-000b instance-000c #ls /etc/libvirt/qemu instance-000b.xml instance-000c.xml Network So: /var/lib/nova/instances/instance-000a# virsh define libvirt.xml Domain instance-000a defined from libvirt.xml And: #ls /etc/libvirt/qemu Instance-000a.xml instance-000b.xml instance-000c.xml network Then I restart: nova-compute , and nova-compute could normally started. I did not understand why reboot compute node,and usually the first instances xml file was deleted and nova-compute will terminate. By the way, when I create a new instance, the first line in the log also is : Libvirt: QEMU error: Domain not found: no domain with matching name instance-000a Anyone who had met such a problem and why? Regards, romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp image001.jpg___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] strange problem when reboot nova-compute node: domain not found: no domain with matching name
Hi, I've installed essex and when I reboot one of the nova-compute node and next when I start nova-compute service again,the system promote: Libvirt: QEMU error: Domain not found: no domain with matching name 'instance-000a' Then I found: #ls /var/lib/nova/instances _base instance-000a instance-000b instance-000c #ls /etc/libvirt/qemu instance-000b.xml instance-000c.xml Network So: /var/lib/nova/instances/instance-000a# virsh define libvirt.xml Domain instance-000a defined from libvirt.xml And: #ls /etc/libvirt/qemu Instance-000a.xml instance-000b.xml instance-000c.xml network Then I restart: nova-compute , and nova-compute could normally started. I did not understand why reboot compute node,and usually the first instance's xml file was deleted and nova-compute will terminate. By the way, when I create a new instance, the first line in the log also is : Libvirt: QEMU error: Domain not found: no domain with matching name 'instance-000a' Anyone who had met such a problem and why? Regards, romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] Ask to openstack software builder: To do a little code modify to change the way of setting the default gateway of tenant network for multinetwork and VLAN model in essex version
All list and Vish, As we known and test in essex version, nova-network will set the bridge IP address as the VM default gateway and if VM want to go out, it have to pass through the host route table, it bring to us two critical problems: 1. The manager of VM could touch the compute host, potential security risk; 2. All the VM could touch each other on the same host, potential security risks. Of course it will also destroy the advantages of multinetwork and vlan model, although we can use vlan to separate tenant but finally vms come together have to go one way to go outside, that is very sad. In multi-network + VLAN manger model, For example, when I create 192.168.2.0/24 network for tenant A, 192.168.2.1 would be the default gateway value in networks table at Nova DB, and the bridge IP is perhaps 192.168.2.3 in the compute host, and when you look at the default gateway of the vm in this host , it is : 192.168.2.3, not 192.168.2.1(192.168.2.1 was not allocated to any real site) What we want is: 192.168.2.1 should be the vm's default gateway for all vms in tenant A and usually, we would set 192.168.2.1 as the VLAN interface IP address in LAN switch and through this to go outside. Yes,we have a way to modify dnsmasq.conf to set gateway and dns value,but it only worked for one network, the reality is we would use per tenant per network model to enhance security and would have more than thousands networks and tenants. Hence, we only want to give a little code modified to assign 192.168.2.1 as the default gateway of vm, that means use the lowest ip address of each tenant network as the default gateway when build up vm, not the bridge ip, that could give us two benefits: 1. vm visit internet did not tought compute host ip route and network, it pass through the vlan trunk to lan switch, enhance the security; 2. all the vms of different tenants/networks in a same compute host could not touch each other and we would not rely ICMP port control at security group rules, enhance the security. Of course, if we can achieve this, multinetwork and VLAN model would have the real meaningful usage, otherwise it would trouble us who want to use openstack in a production environment. This work is very import to us: we would like to choice multi network and VLAN model to improve cloud system security and high availability, and of course, some times in other country we have no enough public ip address and have to use two NICs with fixed IP address to go out through DNAT port mapping, would not use floating IP. Certainly,if we can only resolve this problem in F version through quantum, please let us know. I appreciate if software builders of openstack essex version could give a help on this. Best regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] 转发: 答复: 答复: Is there special setting to attach volume to instance on Nexenta server?
-邮件原件- 发件人: romi zhang [mailto:romizhang1...@163.com] 发送时间: 2012年7月5日 星期四 15:56 收件人: 'Yuriy Taraday' 主题: 答复: 答复: [Openstack] 答复: Is there special setting to attach volume to instance on Nexenta server? I did it just like your ideas,right now, dashboard status is always attaching. In the compute node log, there is only Attaching volume 1 to /dev/vdc, but no error. Romi -邮件原件- 发件人: Yuriy Taraday [mailto:yorik@gmail.com] 发送时间: 2012年7月4日 星期三 22:12 收件人: romi zhang 抄送: openstack@lists.launchpad.net 主题: Re: 答复: [Openstack] 答复: Is there special setting to attach volume to instance on Nexenta server? Have you removed quotes (not uncomment) in that flag? It should be like: --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d NOT like: --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d Kind regards, Yuriy. On Wed, Jul 4, 2012 at 7:22 AM, romi zhang romizhang1...@163.com wrote: Sorry,nova-volume was not stop clearly, when I uncomment --nexenta_target_prefix, create a volume is fine,but still could not attach it to instance, compute node log is just : ISCSI volume not yet found at: vdc. Will rescan retry. Try number: 0 And in dashboard,it was failing into attaching status. Romi -邮件原件- 发件人: romi zhang [mailto:romizhang1...@163.com] 发送时间: 2012年7月4日 星期三 11:11 收件人: 'openstack@lists.launchpad.net' 抄送: 'Yuriy Taraday' 主题: 答复: [Openstack] 答复: Is there special setting to attach volume to instance on Nexenta server? Yuriy, Thanks for your reply. I try to uncomment --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d and then restart nova-volume, but the result is still error as same as before,volume service log has no error,but compute node brief log is: Attaching volume 1 to /dev/vdc ISCSI volume not yet found at: vdc. Will rescan retry. Try number: 0 Attach failed /dev/vdc, removing Command: sudo iscsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 --rescan Exit Code: 255 Stdout: ' ' Stderr: 'iscsiadm: No portal found.\n' But when I manually run iscsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 --rescan, it is ok. Regards, Romi -邮件原件- 发件人: Yuriy Taraday [mailto:yorik@gmail.com] 发送时间: 2012年7月3日 星期二 17:12 收件人: romi zhang 抄送: openstack@lists.launchpad.net 主题: Re: [Openstack] 答复: Is there special setting to attach volume to instance on Nexenta server? Try to remove that quotes from nexenta_target_prefix flag. They seem to be the source of this problem. Kind regards, Yuriy. On Tue, Jul 3, 2012 at 12:45 PM, romi zhang romizhang1...@163.com wrote: My nexenta configuration in nova.conf on nova-volume server is: #nova-volume --routing_source_ip=$my_ip --volume_driver=nova.volume.nexenta.volume.NexentaDriver --nexenta_host=192.168.1.42 --nexenta_iscsi_target_portal_port=3260 --nexenta_rest_port=80 --nexenta_user=admin --nexenta_password=nexenta --nexenta_volume=nova-volumes --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d --use_local_volumes = false Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] 答复: [OpenStack][Nova] Live Migration + NFSv4 - Permission issues
I am also met the problem when I restart nova-compute “libvirtError: Failed to connect socket to '/var/run/libvirt/libvirt-sock': No such file or directory” after modify factors of libvirt, also use NFS as share storage. Romi 发件人: openstack-bounces+romizhang1968=163@lists.launchpad.net [mailto:openstack-bounces+romizhang1968=163@lists.launchpad.net] 代表 Mandar Vaze / ? ??? 发送时间: 2012年7月5日 星期四 12:14 收件人: Leander Bessa Beernaert 抄送: openstack@lists.launchpad.net 主题: Re: [Openstack] [OpenStack][Nova] Live Migration + NFSv4 - Permission issues See if mounting as nfsv3 helps See https://answers.launchpad.net/nova/+question/164689, specifically comment #11 -Mandar On Tue, Jul 3, 2012 at 7:18 PM, Leander Bessa Beernaert leande...@gmail.com wrote: Hello all, I've been trying to get the live migration to work according to the guide http://docs.openstack.org/trunk/openstack-compute/admin/content/configuring-live-migrations.html . So far i've setup 2 compute nodes and 1 controller node. They all share the /var/lib/nova/instances dir. I've already verified that the nova user id is the same across all the servers. Currently i'm running into this error when i launch an instance: http://paste.openstack.org/show/19221/ It's certainly a permission issue, so i tried adding the group nova to the user libvirt-qemu. However, it still doesn't work. To which user must i give the nova group permission in order to be able to write in that directory? Regards, Leander ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] 答复: 答复: 答复: Is there special setting to attach volume to instance on Nexenta server?
I did it just like your ideas,right now, dashboard status was in always attaching. In the compute node log, there is only Attaching volume 1 to /dev/vdc, but no error. Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] 答复: 答复: 答复: 答复: Is there special setting to attach volume to instance on Nexenta server?
Yuriy, Thanks for your attention. Pasting was in http://paste.openstack.org/show/19293/ By the way,I modified /etc/iscsi/iscsid.conf to set following line and to make sure compute node could login nexenta: node.startup = automatic node.session.auth.authmethod = CHAP node.session.auth.username_in = iscsi node.session.auth.password_in = romi19681117 So, in the debug log it shows: iscsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 --login Logging in to [iface: default, target: iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001, portal: 192.168.1.42,3260] iscsiadm: Could not login to [iface: default, target: iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001, portal: 192.168.1.42,3260]: and in Nexenta I'd created remote initiator (name: use the value of initiatorname.iscsi on the compute node,user is iscsi, pass is romi19681117); also in Nexenta, I'd created iscsi target (iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d), and Auth Method I choice none. On Nexnenta, I did not create Target Portal Groups,Target Group,Initiator Group. Regards, Romi -邮件原件- 发件人: Yuriy Taraday [mailto:yorik@gmail.com] 发送时间: 2012年7月5日 星期四 17:09 收件人: romi zhang 抄送: openstack@lists.launchpad.net 主题: Re: [Openstack] 答复: 答复: 答复: Is there special setting to attach volume to instance on Nexenta server? Turn on debug setting in config file and post compute and volume logs' contents somewhere (e.g. http://paste.openstack.org/ ) Kind regards, Yuriy. On Thu, Jul 5, 2012 at 12:18 PM, romi zhang romizhang1...@163.com wrote: I did it just like your ideas,right now, dashboard status was in always attaching. In the compute node log, there is only Attaching volume 1 to /dev/vdc, but no error. Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] 答复: 答复: 答复: 答复: Is there special setting to attach volume to instance on Nexenta server?
Yuriy, Last log paste is that when I start the compute node it would login all iscsi node automaticly, following pasting is that I logout all iscsi session and then start nova-compute, the last log is: Found iSCSI node vdc (after 1 rescans) from (pid=2199) connect_volume http://paste.openstack.org/show/19294/ but the status is still Attaching Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] inter-tenant and VM-to-bare-metal communication policies/restrictions.
I am also very interesting about this and also try to find a way to forbid the talking between VMs on same compute+network node. J Romi 发件人: openstack-bounces+romizhang1968=163@lists.launchpad.net [mailto:openstack-bounces+romizhang1968=163@lists.launchpad.net] 代表 Christian Parpart 发送时间: 2012年7月5日 星期四 23:48 收件人: openstack@lists.launchpad.net 主题: [Openstack] inter-tenant and VM-to-bare-metal communication policies/restrictions. Hi all, I am running multiple compute nodes and a single nova-network node, that is to act as a central gateway for the tenant's VMs. However, since this nova-network node (of course) knows all routes, every VM of any tenant can talk to each other, including to the physical nodes, which I highly disagree with and would like to restrict that. :-) root@gw1:~# ip route show default via $UPLINK_IP dev eth1 metric 100 10.10.0.0/19 dev eth0 proto kernel scope link src 10.10.30.5 10.10.40.0/21 dev br100 proto kernel scope link src 10.10.40.1 10.10.48.0/24 dev br101 proto kernel scope link src 10.10.48.1 10.10.49.0/24 dev br102 proto kernel scope link src 10.10.49.1 $PUBLIC_NET/28 dev eth1 proto kernel scope link src $PUBLIC_IP 192.168.0.0/16 dev eth0 proto kernel scope link src 192.168.2.1 - 10.10.0.0/19 is the network for bare metal nodes, switches, PDUs, etc. - 10.10.40.0/21(br100) is the production tenant - 10.10.48.0/24 (br101) is the staging tenant - 10.10.49.0/24 (br102) is the playground tenant. - 192.168.0.0/16 is the legacy network (management and VM nodes) No tenant's VM shall be able to talk to a VM of another tenant. And ideally no tenant's VM should be able to talk to the management network either. Unfortunately, since we're migrating a live system, and we also have production services on the bare-metal nodes, I had to add special routes to allow the legacy installations to communicate to the new production VMs for the transition phase. I hope I can remove that ASAP. Now, checking iptables on the nova-network node: root@gw1:~# iptables -t filter -vn -L FORWARD Chain FORWARD (policy ACCEPT 64715 packets, 13M bytes) pkts bytes target prot opt in out source destination 36M 29G nova-filter-top all -- * * 0.0.0.0/00. 0.0.0/0 36M 29G nova-network-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 root@gw1:~# iptables -t filter -vn -L nova-filter-top Chain nova-filter-top (2 references) pkts bytes target prot opt in out source destination 36M 29G nova-network-local all -- * * 0.0.0.0/0 0.0.0.0/0 root@gw1:~# iptables -t filter -vn -L nova-network-local Chain nova-network-local (1 references) pkts bytes target prot opt in out source destination root@gw1:~# iptables -t filter -vn -L nova-network-FORWARD Chain nova-network-FORWARD (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- br102 * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * br102 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT udp -- * * 0.0.0.0/0 10.10.49.2 udp dpt:1194 18M 11G ACCEPT all -- br100 * 0.0.0.0/0 0.0.0.0/0 18M 18G ACCEPT all -- * br100 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT udp -- * * 0.0.0.0/0 10.10.40.2 udp dpt:1194 106K 14M ACCEPT all -- br101 * 0.0.0.0/0 0.0.0.0/0 79895 23M ACCEPT all -- * br101 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT udp -- * * 0.0.0.0/0 10.10.48.2 udp dpt:1194 Now I see, that all traffic from tenant staging (br101) for example allows any traffic from/to any destination (-j ACCEPT). I'd propose to reduce this limitation to the public gateway interface (eth1 in my case) and that this value shall be configurable in the nova.conf file. Is there any other thing, I might have overseen, to disallow inter-tenant communication and to disallow tenant-VM-to-bare-metal communication? Many thanks in advance, Christian Parpart. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] Is there special setting to attach volume to instance on Nexenta server?
Hi, I'd already setup nexenta in a independent server and nova-volume run on another server with nexenta driver configured in nova.conf to provide volume service to the openstack system. I can use command or dashboard to create volume well and nexenta also have create relative zol,but question is I always could not attach the volume to the instance,here is the environment and questions I met: 1. The output of iscsiadm -m session that compute node show(volume-0001 is created by command and was in the list of nexenta ZVOL list) root@nc01:/home/romi# iscsiadm -m session tcp: [21] 192.168.1.42:3260,1 iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 tcp: [5] 192.168.1.42:3260,2 iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d 2. When I use command to attach the volume to the instance, nova-volume service gave the log error is: Command: sudo iscsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 --rescan 2012-06-26 18:00:37 TRACE nova.rpc.amqp Stderr: 'iscsiadm: No portal found.\n' 3. I try to run icsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 -rescan manually in compute node, the output is well: Rescanning session [sid: 21, target: iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001, portal: 192.168.1.42,3260] So, I could not know what is wrong or is there special setting needed in nexenta server? Appreciate if someone could help. Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] 答复: Is there special setting to attach volume to instance on Nexenta server?
My nexenta configuration in nova.conf on nova-volume server is: #nova-volume --routing_source_ip=$my_ip --volume_driver=nova.volume.nexenta.volume.NexentaDriver --nexenta_host=192.168.1.42 --nexenta_iscsi_target_portal_port=3260 --nexenta_rest_port=80 --nexenta_user=admin --nexenta_password=nexenta --nexenta_volume=nova-volumes --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d --use_local_volumes = false Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] 答复: 答复: Is there special setting to attach volume to instance on Nexenta server?
Yuriy, Thanks for your reply. I try to uncomment --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d and then restart nova-volume, but the result is still error as same as before,volume service log has no error,but compute node brief log is: Attaching volume 1 to /dev/vdc ISCSI volume not yet found at: vdc. Will rescan retry. Try number: 0 Attach failed /dev/vdc, removing Command: sudo iscsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 --rescan Exit Code: 255 Stdout: ' ' Stderr: 'iscsiadm: No portal found.\n' But when I manually run iscsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 --rescan, it is ok. Regards, Romi -邮件原件- 发件人: Yuriy Taraday [mailto:yorik@gmail.com] 发送时间: 2012年7月3日 星期二 17:12 收件人: romi zhang 抄送: openstack@lists.launchpad.net 主题: Re: [Openstack] 答复: Is there special setting to attach volume to instance on Nexenta server? Try to remove that quotes from nexenta_target_prefix flag. They seem to be the source of this problem. Kind regards, Yuriy. On Tue, Jul 3, 2012 at 12:45 PM, romi zhang romizhang1...@163.com wrote: My nexenta configuration in nova.conf on nova-volume server is: #nova-volume --routing_source_ip=$my_ip --volume_driver=nova.volume.nexenta.volume.NexentaDriver --nexenta_host=192.168.1.42 --nexenta_iscsi_target_portal_port=3260 --nexenta_rest_port=80 --nexenta_user=admin --nexenta_password=nexenta --nexenta_volume=nova-volumes --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d --use_local_volumes = false Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] 答复: 答复: Is there special setting to attach volume to instance on Nexenta server?
Sorry,nova-volume was not stop clearly, when I uncomment --nexenta_target_prefix, create a volume is fine,but still could not attach it to instance, compute node log is just : ISCSI volume not yet found at: vdc. Will rescan retry. Try number: 0 And in dashboard,it was failing into attaching status. Romi -邮件原件- 发件人: romi zhang [mailto:romizhang1...@163.com] 发送时间: 2012年7月4日 星期三 11:11 收件人: 'openstack@lists.launchpad.net' 抄送: 'Yuriy Taraday' 主题: 答复: [Openstack] 答复: Is there special setting to attach volume to instance on Nexenta server? Yuriy, Thanks for your reply. I try to uncomment --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d and then restart nova-volume, but the result is still error as same as before,volume service log has no error,but compute node brief log is: Attaching volume 1 to /dev/vdc ISCSI volume not yet found at: vdc. Will rescan retry. Try number: 0 Attach failed /dev/vdc, removing Command: sudo iscsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 --rescan Exit Code: 255 Stdout: ' ' Stderr: 'iscsiadm: No portal found.\n' But when I manually run iscsiadm -m node -T iqn.1986-03.com.sun:01:005008c802ff.4fb2f97dvolume-0001 -p 192.168.1.42:3260 --rescan, it is ok. Regards, Romi -邮件原件- 发件人: Yuriy Taraday [mailto:yorik@gmail.com] 发送时间: 2012年7月3日 星期二 17:12 收件人: romi zhang 抄送: openstack@lists.launchpad.net 主题: Re: [Openstack] 答复: Is there special setting to attach volume to instance on Nexenta server? Try to remove that quotes from nexenta_target_prefix flag. They seem to be the source of this problem. Kind regards, Yuriy. On Tue, Jul 3, 2012 at 12:45 PM, romi zhang romizhang1...@163.com wrote: My nexenta configuration in nova.conf on nova-volume server is: #nova-volume --routing_source_ip=$my_ip --volume_driver=nova.volume.nexenta.volume.NexentaDriver --nexenta_host=192.168.1.42 --nexenta_iscsi_target_portal_port=3260 --nexenta_rest_port=80 --nexenta_user=admin --nexenta_password=nexenta --nexenta_volume=nova-volumes --nexenta_target_prefix=iqn.1986-03.com.sun:01:005008c802ff.4fb2f97d --use_local_volumes = false Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] how to set individual gateway for each VLAN or Tenant network?
Hi, I am using VLAN network mode and will connect eth1 and eth2 of my compute node to the LAN Switch, and LAN switch will create individual VLAN IP interface for each Tenant/VLAN and then route to the NAT equipment,through SNAT/DNAT to touch internet. So, that needs I can set the default gateway of each Tenant VLAN to the different IP address of VLAN interface on the switch. For example, my first tenant(auto0Tenant) is at VLAN200/br200/eth1/fix_ip range is 192.168.2.0/28 and second(aotu1Tenant) is VLAN300/br300/eth2/fix_ip_range 192.168.3.0/28, the VLAN interface ip address for them on switch is 192.168.2.9 and 192.168.3.9, I want to set the default gateway of VMs in auto0Tenant to 192.168.2.9 and 192.168.3.9 for aotu1Tenant's VMs. I try to use two methods, the first is to use nova-command: nova-manage network create --label=auto0Tenat --fixed_range_v4=192.168.2.0/28 --num_networks=1 --gateway=192.168.2.9 --dns1=61.139.2.69 --vlan=200 --bridge=br200 --bridge_interface=eth1 --network_size=16 --multi_host=T --project_id=5f9281bca6854fe3974a457d81afd78c nova-manage network create --label=aotu1Tenant --fixed_range_v4=192.168.3.0/28 --num_networks=1 --gateway=192.168.3.9 --dns1=61.139.2.69 --vlan=300 --bridge=br300 --bridge_interface=eth2 --network_size=16 --multi_host=T --project_id=5f9281bca6854fe3974a457d81afd78c but the result is the newest created VM default gateway is still the IP address of br200 or br300 by the system, that means the factor of gateway and dns1 in nova-mange network command did not work. The second way is to use dnsmasq.conf that Vish told me, that I set just dhcp_option=3,192.168.2.9. Yes it is useful for auto0Tenat VLAN, it can set auto0Tenant gateway to 192.168.2.9, but how to set others at the same time? Then I tried to use: Interface=vlan200 dhcp_option=3,192.168.2.9 Interface=vlan300 dhcp_option=3,192.168.3.9 but the result is, nova-network show could not find vlan300 in the start process, because that time,indeed vlan300 interface was not built by nova-network. So, the question is, what is the standard method to set individual external gateway for each tenant/VLAN in the designing of nova or the VLAN network mode? Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] [Resovled]: Nova CC could not see the others' smile face but compute and volume node can see smile face each other
Vish, You are quite right, I took a look to the time detail, it surprised me that nova CC node go ahead than compute node a half hour! When I use following command to update time on nova CC,compute,volume nodes, and then the system return back: Service ntp stop ntpdate 210.72.145.44 210.72.145.44 is china time center. But I did know why, I followed the Compute Administration docs before and already updated the /etc/ntp.conf of nova CC node(192.168.1.121) and compute node, but it does not work. Head of everything, thank you very much! For the others could share your knowledge, I will post this as a new topic to mail list. Romi 发件人: Vishvananda Ishaya [mailto:vishvana...@gmail.com] 发送时间: 2012年6月3日 星期日 14:32 收件人: romi zhang 主题: Re: 答复: [Openstack] shall openstack use Openfiler(iscsi target) as volume service? Your clocks are out of sync. Install ntp and use ntpdate to sync clocks. On Jun 2, 2012 7:34 PM, romi zhang romizhang1...@163.com wrote: Vish, Could you please give me a help? My trouble is : Everything works fine until yesterday. But when I want to try to modify dnsmasq config just like your email indicating and power on the system, a strange situation occurs: Every compute node and volume service node could see each other smile(nova-manage service list) except nova CC node(run nova-api,consoleauth,proxy,scheduler). Nova CC node could only see the smile of itself and others are “XXX”. I did not know why and tried many methods to recover, but nova CC still could not see other node smile. Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] [Resovled]: Nova CC could not see the others' smile face but compute and volume node can see smile face each other
Here is the problem resovled help by Vish, share this case to list. Vish, You are quite right, I took a look to the time detail, it surprised me that nova CC node go ahead than compute node a half hour! When I use following command to update time on nova CC,compute,volume nodes, and then the system return back: Service ntp stop ntpdate 210.72.145.44 210.72.145.44 is china time center. But I did know why, I followed the Compute Administration docs before and already updated the /etc/ntp.conf of nova CC node(192.168.1.121) and compute node, but it does not work. Head of everything, thank you very much! For the others could share your knowledge, I will post this as a new topic to mail list. Romi 发件人: Vishvananda Ishaya [mailto:vishvana...@gmail.com] 发送时间: 2012年6月3日 星期日 14:32 收件人: romi zhang 主题: Re: 答复: [Openstack] shall openstack use Openfiler(iscsi target) as volume service? Your clocks are out of sync. Install ntp and use ntpdate to sync clocks. On Jun 2, 2012 7:34 PM, romi zhang romizhang1...@163.com wrote: Vish, Could you please give me a help? My trouble is : Everything works fine until yesterday. But when I want to try to modify dnsmasq config just like your email indicating and power on the system, a strange situation occurs: Every compute node and volume service node could see each other smile(nova-manage service list) except nova CC node(run nova-api,consoleauth,proxy,scheduler). Nova CC node could only see the smile of itself and others are “XXX”. I did not know why and tried many methods to recover, but nova CC still could not see other node smile. Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] shall openstack use Openfiler(iscsi target) as volume service?
Hi, There is an question always trouble me ,shall openstack use Openfiler(iscsi target) as volume service? Openfiler is a free iscsi software base on centos use ietd to create iscsi target that can run on a standalone computer. I saw we can use volume_driver=nova.volume.driver.ISCSIDriver and cooperating with such as following items to connect ISCSI: # iscsi_helper=ietadm # iscsi_ip_address=$my_ip # iscsi_num_targets=100 # iscsi_port=3260 # iscsi_target_prefix=iqn.2010-10.org.openstack: # num_iscsi_scan_tries=3 My question is I could not find the way to tell volume driver the username and password to access Openfiler for creating lun. So, does it mean openstack could not connect a independent iscsi target host running tgtd or ietd, just like nexenta? Regards, Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] how to forbid the instances communicating on the same host but different bridges and vlans?
Hi, I use following command to create 2 NICs for the instances of adminTenant and 1 NICs for aipuTenant: nova-manage network create --label=admin_web --fixed_range_v4=192.168.2.0/28 --num_networks=1 --vlan=200 --bridge=br200 --bridge_interface=eth1 --network_size=16 --multi_host=T --project_id=5f9281bca6854fe3974a457d81afd78c nova-manage network create --label=admin_ssl --fixed_range_v4=192.168.21.0/28 --num_networks=1 --vlan=201 --bridge=br201 --bridge_interface=eth2 --network_size=16 --multi_host=T --project_id=5f9281bca6854fe3974a457d81afd78c nova-manage network create --label=aipu_web --fixed_range_v4=192.168.3.0/28 --num_networks=1 --vlan=300 --bridge=br300 --bridge_interface=eth1 --network_size=16 --multi_host=T --project_id=ee29f5730caa40958bf4812a0fbec3d9 But the result is: 1. the instance of admin03(192.168.2.3 192.168.21.3,belong adminTenant) could successfully ping aipu01(192.168.3.3,belong aipuTenant) on the same compute node(NC01,network+compute service) . 2. Of course,admin03 could not ping successfully aipu03(192.168.3.6) on the another compute node(NC02,network+compute service). Is there a way or setting to forbid the IP touching between the instances of different tenant in different bridges and VLANs on the same compute node? Romi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
