http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/68c20df4/source/templates.rst ---------------------------------------------------------------------- diff --git a/source/templates.rst b/source/templates.rst index c4d33b2..bc55aa2 100644 --- a/source/templates.rst +++ b/source/templates.rst @@ -12,7 +12,8 @@ KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - + + Working with Templates ====================== @@ -30,6 +31,7 @@ CloudStack ships with a default template. In order to present more choices to users, CloudStack administrators and users can create templates and add them to CloudStack. + Creating Templates: Overview ---------------------------- @@ -38,18 +40,12 @@ system. There are a variety of ways to add more templates. Administrators and end users can add templates. The typical sequence of events is: -#. - - Launch a VM instance that has the operating system you want. Make any +#. Launch a VM instance that has the operating system you want. Make any other desired configuration changes to the VM. -#. - - Stop the VM. - -#. +#. Stop the VM. - Convert the volume into a template. +#. Convert the volume into a template. There are other ways to add templates to CloudStack. For example, you can take a snapshot of the VM's volume and create a template from the @@ -58,19 +54,17 @@ snapshot, or import a VHD from another system into CloudStack. The various techniques for creating templates are described in the next few sections. + Requirements for Templates -------------------------- -- - - For XenServer, install PV drivers / Xen tools on each template that +- For XenServer, install PV drivers / Xen tools on each template that you create. This will enable live migration and clean guest shutdown. -- - - For vSphere, install VMware Tools on each template that you create. +- For vSphere, install VMware Tools on each template that you create. This will enable console view to work properly. + Best Practices for Templates ---------------------------- @@ -78,6 +72,7 @@ If you plan to use large templates (100 GB or larger), be sure you have a 10-gigabit network to support the large templates. A slower network can lead to timeouts and other errors when large templates are used. + The Default Template -------------------- @@ -98,30 +93,31 @@ block most access to the template excluding ssh. .. code:: bash - # iptables --list - Chain INPUT (policy ACCEPT) - target prot opt source destination - RH-Firewall-1-INPUT all -- anywhere anywhere - - Chain FORWARD (policy ACCEPT) - target prot opt source destination - RH-Firewall-1-INPUT all -- anywhere anywhere - - Chain OUTPUT (policy ACCEPT) - target prot opt source destination - - Chain RH-Firewall-1-INPUT (2 references) - target prot opt source destination - ACCEPT all -- anywhere anywhere - ACCEPT icmp -- anywhere anywhere icmp any - ACCEPT esp -- anywhere anywhere - ACCEPT ah -- anywhere anywhere - ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns - ACCEPT udp -- anywhere anywhere udp dpt:ipp - ACCEPT tcp -- anywhere anywhere tcp dpt:ipp - ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED - ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh - REJECT all -- anywhere anywhere reject-with icmp-host- + # iptables --list + Chain INPUT (policy ACCEPT) + target prot opt source destination + RH-Firewall-1-INPUT all -- anywhere anywhere + + Chain FORWARD (policy ACCEPT) + target prot opt source destination + RH-Firewall-1-INPUT all -- anywhere anywhere + + Chain OUTPUT (policy ACCEPT) + target prot opt source destination + + Chain RH-Firewall-1-INPUT (2 references) + target prot opt source destination + ACCEPT all -- anywhere anywhere + ACCEPT icmp -- anywhere anywhere icmp any + ACCEPT esp -- anywhere anywhere + ACCEPT ah -- anywhere anywhere + ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns + ACCEPT udp -- anywhere anywhere udp dpt:ipp + ACCEPT tcp -- anywhere anywhere tcp dpt:ipp + ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED + ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh + REJECT all -- anywhere anywhere reject-with icmp-host- + Private and Public Templates ---------------------------- @@ -141,92 +137,75 @@ in a private Zone, it is available only to users in the domain assigned to that Zone. If a public template is created in a public Zone, it is available to all users in all domains. + Creating a Template from an Existing Virtual Machine ---------------------------------------------------- Once you have at least one VM set up in the way you want, you can use it as the prototype for other VMs. -#. - - Create and start a virtual machine using any of the techniques given +#. Create and start a virtual machine using any of the techniques given in `âCreating VMsâ <virtual_machines.html#creating-vms>`_. -#. - - Make any desired configuration changes on the running VM, then click +#. Make any desired configuration changes on the running VM, then click Stop. -#. - - Wait for the VM to stop. When the status shows Stopped, go to the +#. Wait for the VM to stop. When the status shows Stopped, go to the next step. -#. - - Click Create Template and provide the following: - - - +#. Click Create Template and provide the following: - **Name and Display Text**. These will be shown in the UI, so + - **Name and Display Text**. These will be shown in the UI, so choose something descriptive. - - - - **OS Type**. This helps CloudStack and the hypervisor perform + - **OS Type**. This helps CloudStack and the hypervisor perform certain operations and make assumptions that improve the performance of the guest. Select one of the following. - - - - If the operating system of the stopped VM is listed, choose it. - - - + - If the operating system of the stopped VM is listed, choose it. - If the OS type of the stopped VM is not listed, choose Other. + - If the OS type of the stopped VM is not listed, choose Other. - - - - If you want to boot from this template in PV mode, choose Other + - If you want to boot from this template in PV mode, choose Other PV (32-bit) or Other PV (64-bit). This choice is available only for XenServere: .. note:: - Generally you should not choose an older version of the OS than the version in the image. For example, choosing CentOS 5.4 to support a CentOS 6.2 image will in general not work. In those cases you should choose Other. - - - + Generally you should not choose an older version of the OS + than the version in the image. For example, choosing CentOS + 5.4 to support a CentOS 6.2 image will in general not work. + In those cases you should choose Other. - **Public**. Choose Yes to make this template accessible to all + - **Public**. Choose Yes to make this template accessible to all users of this CloudStack installation. The template will appear in the Community Templates list. See `âPrivate and Public Templatesâ <#private-and-public-templates>`_. - - - - **Password Enabled**. Choose Yes if your template has the + - **Password Enabled**. Choose Yes if your template has the CloudStack password change script installed. See :ref:`adding-password-management-to-templates`. -#. - - Click Add. +#. Click Add. The new template will be visible in the Templates section when the template creation process has been completed. The template is then available when creating a new VM. + Creating a Template from a Snapshot ----------------------------------- If you do not want to stop the VM in order to use the Create Template -menu item (as described in `âCreating a Template from an -Existing Virtual Machineâ <#creating-a-template-from-an-existing-virtual-machine>`_), you -can create a template directly from any snapshot through the CloudStack -UI. +menu item (as described in `âCreating a Template from an Existing +Virtual Machineâ <#creating-a-template-from-an-existing-virtual-machine>`_), +you can create a template directly from any snapshot through the +CloudStack UI. + Uploading Templates ------------------- + vSphere Templates and ISOs -------------------------- @@ -240,86 +219,61 @@ them to decrease upload times. To upload a template: -#. +#. In the left navigation bar, click Templates. - In the left navigation bar, click Templates. +#. Click Register Template. -#. +#. Provide the following: - Click Register Template. - -#. - - Provide the following: - - - - - **Name and Description**. These will be shown in the UI, so choose + - **Name and Description**. These will be shown in the UI, so choose something descriptive. - - - - **URL**. The Management Server will download the file from the + - **URL**. The Management Server will download the file from the specified URL, such as ``http://my.web.server/filename.vhd.gz``. - - - - **Zone**. Choose the zone where you want the template to be + - **Zone**. Choose the zone where you want the template to be available, or All Zones to make it available throughout CloudStack. - - - - **OS Type**: This helps CloudStack and the hypervisor perform + - **OS Type**: This helps CloudStack and the hypervisor perform certain operations and make assumptions that improve the performance of the guest. Select one of the following: - - - - If the operating system of the stopped VM is listed, choose it. + - If the operating system of the stopped VM is listed, choose it. - - - - If the OS type of the stopped VM is not listed, choose Other. + - If the OS type of the stopped VM is not listed, choose Other. .. note:: - You should not choose an older version of the OS than the version in the image. For example, choosing CentOS 5.4 to support a CentOS 6.2 image will in general not work. In those cases you should choose Other. - - - + You should not choose an older version of the OS than the + version in the image. For example, choosing CentOS 5.4 to + support a CentOS 6.2 image will in general not work. In + those cases you should choose Other. - **Hypervisor**: The supported hypervisors are listed. Select the + - **Hypervisor**: The supported hypervisors are listed. Select the desired one. - - - - **Format**. The format of the template upload file, such as VHD or + - **Format**. The format of the template upload file, such as VHD or OVA. - - - - **Password Enabled**. Choose Yes if your template has the - CloudStack password change script installed. See :ref:`adding-password-management-to-templates`. - - - + - **Password Enabled**. Choose Yes if your template has the + CloudStack password change script installed. + See :ref:`adding-password-management-to-templates`. - **Extractable**. Choose Yes if the template is available for + - **Extractable**. Choose Yes if the template is available for extraction. If this option is selected, end users can download a full image of a template. - - - - **Public**. Choose Yes to make this template accessible to all + - **Public**. Choose Yes to make this template accessible to all users of this CloudStack installation. The template will appear in the Community Templates list. See `âPrivate and Public Templatesâ <#private-and-public-templates>`_. - - - - **Featured**. Choose Yes if you would like this template to be + - **Featured**. Choose Yes if you would like this template to be more prominent for users to select. The template will appear in the Featured Templates list. Only an administrator can make a template Featured. + Exporting Templates ------------------- @@ -327,6 +281,7 @@ End users and Administrators may export templates from the CloudStack. Navigate to the template in the UI and choose the Download function from the Actions menu. + Creating a Linux Template ------------------------- @@ -339,30 +294,23 @@ assumes openssh-server is installed during installation. An overview of the procedure is as follow: -#. - - Upload your Linux ISO. +#. Upload your Linux ISO. For more information, see `âAdding an ISOâ <virtual_machines.html#adding-an-iso>`_. -#. - - Create a VM Instance with this ISO. +#. Create a VM Instance with this ISO. For more information, see `âCreating VMsâ <virtual_machines.html#creating-vms>`_. -#. - - Prepare the Linux VM +#. Prepare the Linux VM -#. +#. Create a template from the VM. - Create a template from the VM. + For more information, see `âCreating a Template from an Existing + Virtual Machineâ <#creating-a-template-from-an-existing-virtual-machine>`_. - For more information, see `âCreating a Template from an - Existing Virtual Machineâ <#creating-a-template-from-an-existing-virtual-machine>`_. System preparation for Linux ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -370,9 +318,7 @@ System preparation for Linux The following steps will prepare a basic Linux installation for templating. -#. - - **Installation** +#. **Installation** It is good practice to name your VM something generic during installation, this will ensure components such as LVM do not appear @@ -387,69 +333,61 @@ templating. .. code:: bash - DEVICE=eth0 - TYPE=Ethernet - BOOTPROTO=dhcp - ONBOOT=yes + DEVICE=eth0 + TYPE=Ethernet + BOOTPROTO=dhcp + ONBOOT=yes The next steps updates the packages on the Template Master. - - - - Ubuntu + - Ubuntu .. code:: bash - sudo -i - apt-get update - apt-get upgrade -y - apt-get install -y acpid ntp - reboot - - - + sudo -i + apt-get update + apt-get upgrade -y + apt-get install -y acpid ntp + reboot - CentOS + - CentOS .. code:: bash - ifup eth0 - yum update -y - reboot + ifup eth0 + yum update -y + reboot -#. - - **Password management** +#. **Password management** .. note:: - If preferred, custom users (such as ones created during the Ubuntu installation) should be removed. First ensure the root user account is enabled by giving it a password and then login as root to continue. + If preferred, custom users (such as ones created during the Ubuntu + installation) should be removed. First ensure the root user account + is enabled by giving it a password and then login as root to continue. .. code:: bash - sudo passwd root - logout + sudo passwd root + logout As root, remove any custom user accounts created during the installation process. .. code:: bash - deluser myuser --remove-home + deluser myuser --remove-home See :ref:`adding-password-management-to-templates` for instructions to setup the password management script, this will allow CloudStack to change your root password from the web interface. -#. - - **Hostname Management** +#. **Hostname Management** CentOS configures the hostname by default on boot. Unfortunately Ubuntu does not have this functionality, for Ubuntu installations use the following steps. - - - - Ubuntu + - Ubuntu The hostname of a Templated VM is set by a custom script in `/etc/dhcp/dhclient-exit-hooks.d`, this script first checks if the @@ -466,64 +404,60 @@ templating. .. code:: bash - #!/bin/sh - # dhclient change hostname script for Ubuntu - oldhostname=$(hostname -s) - if [ $oldhostname = 'localhost' ] - then - sleep 10 # Wait for configuration to be written to disk - hostname=$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /host-name/ { host = $3 } END { printf host } ' | sed 's/[";]//g' ) - fqdn="$hostname.$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /domain-name/ { domain = $3 } END { printf domain } ' | sed 's/[";]//g')" - ip=$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /fixed-address/ { lease = $2 } END { printf lease } ' | sed 's/[";]//g') - echo "cloudstack-hostname: Hostname _localhost_ detected. Changing hostname and adding hosts." - echo " Hostname: $hostname \n FQDN: $fqdn \n IP: $ip" - # Update /etc/hosts - awk -v i="$ip" -v f="$fqdn" -v h="$hostname" "/^127/{x=1} !/^127/ && x { x=0; print i,f,h; } { print $0; }" /etc/ hosts > /etc/hosts.dhcp.tmp - mv /etc/hosts /etc/hosts.dhcp.bak - mv /etc/hosts.dhcp.tmp /etc/hosts - # Rename Host - echo $hostname > /etc/hostname - hostname $hostname - # Recreate SSH2 - export DEBIAN_FRONTEND=noninteractive - dpkg-reconfigure openssh-server - fi - ### End of Script ### - - chmod 774 /etc/dhcp/dhclient-exit-hooks.d/sethostname + #!/bin/sh + # dhclient change hostname script for Ubuntu + oldhostname=$(hostname -s) + if [ $oldhostname = 'localhost' ] + then + sleep 10 # Wait for configuration to be written to disk + hostname=$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /host-name/ { host = $3 } END { printf host } ' | sed 's/[";]//g' ) + fqdn="$hostname.$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /domain-name/ { domain = $3 } END { printf domain } ' | sed 's/[";]//g')" + ip=$(cat /var/lib/dhcp/dhclient.eth0.leases | awk ' /fixed-address/ { lease = $2 } END { printf lease } ' | sed 's/[";]//g') + echo "cloudstack-hostname: Hostname _localhost_ detected. Changing hostname and adding hosts." + echo " Hostname: $hostname \n FQDN: $fqdn \n IP: $ip" + # Update /etc/hosts + awk -v i="$ip" -v f="$fqdn" -v h="$hostname" "/^127/{x=1} !/^127/ && x { x=0; print i,f,h; } { print $0; }" /etc/ hosts > /etc/hosts.dhcp.tmp + mv /etc/hosts /etc/hosts.dhcp.bak + mv /etc/hosts.dhcp.tmp /etc/hosts + # Rename Host + echo $hostname > /etc/hostname + hostname $hostname + # Recreate SSH2 + export DEBIAN_FRONTEND=noninteractive + dpkg-reconfigure openssh-server + fi + ### End of Script ### + + chmod 774 /etc/dhcp/dhclient-exit-hooks.d/sethostname .. warning:: - The following steps should be run when you are ready to template your Template Master. If the Template Master is rebooted during these steps you will have to run all the steps again. At the end of this process the Template Master should be shutdown and the template created in order to create and deploy the final template. - -#. + The following steps should be run when you are ready to template + your Template Master. If the Template Master is rebooted during + these steps you will have to run all the steps again. At the end + of this process the Template Master should be shutdown and the + template created in order to create and deploy the final template. - **Remove the udev persistent device rules** +#. **Remove the udev persistent device rules** This step removes information unique to your Template Master such as network MAC addresses, lease files and CD block devices, the files are automatically generated on next boot. - - - - Ubuntu + - Ubuntu .. code:: bash - rm -f /etc/udev/rules.d/70* - rm -f /var/lib/dhcp/dhclient.* + rm -f /etc/udev/rules.d/70* + rm -f /var/lib/dhcp/dhclient.* - - - - CentOS + - CentOS .. code:: bash - rm -f /etc/udev/rules.d/70* - rm -f /var/lib/dhclient/* - -#. + rm -f /etc/udev/rules.d/70* + rm -f /var/lib/dhclient/* - **Remove SSH Keys** +#. **Remove SSH Keys** This step is to ensure all your Templated VMs do not have the same SSH keys, which would decrease the security of the machines @@ -531,24 +465,20 @@ templating. .. code:: bash - rm -f /etc/ssh/*key* + rm -f /etc/ssh/*key* -#. - - **Cleaning log files** +#. **Cleaning log files** It is good practice to remove old logs from the Template Master. .. code:: bash - cat /dev/null > /var/log/audit/audit.log 2>/dev/null - cat /dev/null > /var/log/wtmp 2>/dev/null - logrotate -f /etc/logrotate.conf 2>/dev/null - rm -f /var/log/*-* /var/log/*.gz 2>/dev/null - -#. + cat /dev/null > /var/log/audit/audit.log 2>/dev/null + cat /dev/null > /var/log/wtmp 2>/dev/null + logrotate -f /etc/logrotate.conf 2>/dev/null + rm -f /var/log/*-* /var/log/*.gz 2>/dev/null - **Setting hostname** +#. **Setting hostname** In order for the Ubuntu DHCP script to function and the CentOS dhclient to set the VM hostname they both require the Template @@ -557,89 +487,81 @@ templating. .. code:: bash - hostname localhost - echo "localhost" > /etc/hostname - -#. + hostname localhost + echo "localhost" > /etc/hostname - **Set user password to expire** +#. **Set user password to expire** This step forces the user to change the password of the VM after the template has been deployed. .. code:: bash - passwd --expire root + passwd --expire root -#. - - **Clearing User History** +#. **Clearing User History** The next step clears the bash commands you have just run. .. code:: bash - history -c - unset HISTFILE - -#. + history -c + unset HISTFILE - **Shutdown the VM** +#. **Shutdown the VM** Your now ready to shutdown your Template Master and create a template! .. code:: bash - halt -p + halt -p -#. - - **Create the template!** +#. **Create the template!** You are now ready to create the template, for more information see `âCreating a Template from an Existing Virtual Machineâ <#creating-a-template-from-an-existing-virtual-machine>`_. -.. note:: Templated VMs for both Ubuntu and CentOS may require a reboot after provisioning in order to pickup the hostname. +.. note:: + Templated VMs for both Ubuntu and CentOS may require a reboot after + provisioning in order to pickup the hostname. + Creating a Windows Template ----------------------------------- +--------------------------- Windows templates must be prepared with Sysprep before they can be provisioned on multiple machines. Sysprep allows you to create a generic Windows template and avoid any possible SID conflicts. .. note:: - (XenServer) Windows VMs running on XenServer require PV drivers, which may be provided in the template or added after the VM is created. The PV drivers are necessary for essential management functions such as mounting additional volumes and ISO images, live migration, and graceful shutdown. + (XenServer) Windows VMs running on XenServer require PV drivers, which + may be provided in the template or added after the VM is created. The + PV drivers are necessary for essential management functions such as + mounting additional volumes and ISO images, live migration, and + graceful shutdown. An overview of the procedure is as follows: -#. - - Upload your Windows ISO. +#. Upload your Windows ISO. For more information, see `âAdding an ISOâ <virtual_machines.html#adding-an-iso>`_. -#. - - Create a VM Instance with this ISO. +#. Create a VM Instance with this ISO. For more information, see `âCreating VMsâ <virtual_machines.html#creating-vms>`_. -#. - - Follow the steps in Sysprep for Windows Server 2008 R2 (below) or +#. Follow the steps in Sysprep for Windows Server 2008 R2 (below) or Sysprep for Windows Server 2003 R2, depending on your version of Windows Server -#. - - The preparation steps are complete. Now you can actually create the +#. The preparation steps are complete. Now you can actually create the template as described in Creating the Windows Template. + System Preparation for Windows Server 2008 R2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -652,50 +574,40 @@ Center <http://www.microsoft.com/en-us/download/details.aspx?id=9085>`_. Use the following steps to run sysprep for Windows 2008 R2: .. note:: - The steps outlined here are derived from the excellent guide by Charity Shelbourne, originally published at `Windows Server 2008 Sysprep Mini-Setup. <http://blogs.technet.com/askcore/archive/2008/10/31/automating-the-oobe-process-during-windows-server-2008-sysprep-mini-setup.aspx>`_ - -#. + The steps outlined here are derived from the excellent guide by + Charity Shelbourne, originally published at `Windows Server 2008 + Sysprep Mini-Setup. + <http://blogs.technet.com/askcore/archive/2008/10/31/automating-the-oobe-process-during-windows-server-2008-sysprep-mini-setup.aspx>`_ - Download and install the Windows AIK +#. Download and install the Windows AIK - .. note:: Windows AIK should not be installed on the Windows 2008 R2 VM you just created. Windows AIK should not be part of the template you create. It is only used to create the sysprep answer file. - -#. + .. note:: + Windows AIK should not be installed on the Windows 2008 R2 VM you + just created. Windows AIK should not be part of the template you + create. It is only used to create the sysprep answer file. - Copy the install.wim file in the \\sources directory of the Windows +#. Copy the install.wim file in the \\sources directory of the Windows 2008 R2 installation DVD to the hard disk. This is a very large file and may take a long time to copy. Windows AIK requires the WIM file to be writable. -#. - - Start the Windows System Image Manager, which is part of the Windows +#. Start the Windows System Image Manager, which is part of the Windows AIK. -#. - - In the Windows Image pane, right click the Select a Windows image or +#. In the Windows Image pane, right click the Select a Windows image or catalog file option to load the install.wim file you just copied. -#. - - Select the Windows 2008 R2 Edition. +#. Select the Windows 2008 R2 Edition. You may be prompted with a warning that the catalog file cannot be opened. Click Yes to create a new catalog file. -#. - - In the Answer File pane, right click to create a new answer file. - -#. +#. In the Answer File pane, right click to create a new answer file. - Generate the answer file from the Windows System Image Manager using +#. Generate the answer file from the Windows System Image Manager using the following steps: - #. - - The first page you need to automate is the Language and Country or + #. The first page you need to automate is the Language and Country or Region Selection page. To automate this, expand Components in your Windows Image pane, right-click and add the Microsoft-Windows-International-Core setting to Pass 7 oobeSystem. @@ -709,9 +621,7 @@ Use the following steps to run sysprep for Windows 2008 R2: |sysmanager.png| - #. - - You need to automate the Software License Terms Selection page, + #. You need to automate the Software License Terms Selection page, otherwise known as the End-User License Agreement (EULA). To do this, expand the Microsoft-Windows-Shell-Setup component. High-light the OOBE setting, and add the setting to the Pass 7 @@ -719,18 +629,15 @@ Use the following steps to run sysprep for Windows 2008 R2: |software-license.png| - #. - - Make sure the license key is properly set. If you use MAK key, you + #. Make sure the license key is properly set. If you use MAK key, you can just enter the MAK key on the Windows 2008 R2 VM. You need not input the MAK into the Windows System Image Manager. If you use KMS host for activation you need not enter the Product Key. Details of Windows Volume Activation can be found at - `http://technet.microsoft.com/en-us/library/bb892849.aspx <http://technet.microsoft.com/en-us/library/bb892849.aspx>`_ + `http://technet.microsoft.com/en-us/library/bb892849.aspx + <http://technet.microsoft.com/en-us/library/bb892849.aspx>`_ - #. - - You need to automate is the Change Administrator Password page. + #. You need to automate is the Change Administrator Password page. Expand the Microsoft-Windows-Shell-Setup component (if it is not still expanded), expand UserAccounts, right-click on AdministratorPassword, and add the setting to the Pass 7 @@ -743,140 +650,90 @@ Use the following steps to run sysprep for Windows 2008 R2: suit your deployment. The steps above are the minimum needed to make Windows unattended setup work. -#. - - Save the answer file as unattend.xml. You can ignore the warning +#. Save the answer file as unattend.xml. You can ignore the warning messages that appear in the validation window. -#. - - Copy the unattend.xml file into the c:\\windows\\system32\\sysprep +#. Copy the unattend.xml file into the c:\\windows\\system32\\sysprep directory of the Windows 2008 R2 Virtual Machine -#. - - Once you place the unattend.xml file in +#. Once you place the unattend.xml file in c:\\windows\\system32\\sysprep directory, you run the sysprep tool as follows: .. code:: bash - cd c:\Windows\System32\sysprep - sysprep.exe /oobe /generalize /shutdown + cd c:\Windows\System32\sysprep + sysprep.exe /oobe /generalize /shutdown The Windows 2008 R2 VM will automatically shut down after sysprep is complete. + System Preparation for Windows Server 2003 R2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Earlier versions of Windows have a different sysprep tool. Follow these steps for Windows Server 2003 R2. -#. - - Extract the content of \\support\\tools\\deploy.cab on the Windows +#. Extract the content of \\support\\tools\\deploy.cab on the Windows installation CD into a directory called c:\\sysprep on the Windows 2003 R2 VM. -#. - - Run c:\\sysprep\\setupmgr.exe to create the sysprep.inf file. - - #. +#. Run c:\\sysprep\\setupmgr.exe to create the sysprep.inf file. - Select Create New to create a new Answer File. + #. Select Create New to create a new Answer File. - #. + #. Enter âSysprep setupâ for the Type of Setup. - Enter âSysprep setupâ for the Type of Setup. + #. Select the appropriate OS version and edition. - #. - - Select the appropriate OS version and edition. - - #. - - On the License Agreement screen, select âYes fully automate the + #. On the License Agreement screen, select âYes fully automate the installationâ. - #. - - Provide your name and organization. - - #. - - Leave display settings at default. - - #. - - Set the appropriate time zone. - - #. - - Provide your product key. + #. Provide your name and organization. - #. + #. Leave display settings at default. - Select an appropriate license mode for your deployment + #. Set the appropriate time zone. - #. + #. Provide your product key. - Select âAutomatically generate computer nameâ. + #. Select an appropriate license mode for your deployment - #. + #. Select âAutomatically generate computer nameâ. - Type a default administrator password. If you enable the password + #. Type a default administrator password. If you enable the password reset feature, the users will not actually use this password. This password will be reset by the instance manager after the guest boots up. - #. + #. Leave Network Components at âTypical Settingsâ. - Leave Network Components at âTypical Settingsâ. + #. Select the âWORKGROUPâ option. - #. + #. Leave Telephony options at default. - Select the âWORKGROUPâ option. + #. Select appropriate Regional Settings. - #. + #. Select appropriate language settings. - Leave Telephony options at default. + #. Do not install printers. - #. + #. Do not specify âRun Once commandsâ. - Select appropriate Regional Settings. + #. You need not specify an identification string. - #. + #. Save the Answer File as c:\\sysprep\\sysprep.inf. - Select appropriate language settings. - - #. - - Do not install printers. - - #. - - Do not specify âRun Once commandsâ. - - #. - - You need not specify an identification string. - - #. - - Save the Answer File as c:\\sysprep\\sysprep.inf. - -#. - - Run the following command to sysprep the image: +#. Run the following command to sysprep the image: .. code:: bash - c:\sysprep\sysprep.exe -reseal -mini -activated + c:\sysprep\sysprep.exe -reseal -mini -activated After this step the machine will automatically shut down + Importing Amazon Machine Images ------------------------------- @@ -892,52 +749,46 @@ You need to have a XenServer host with a file-based storage repository file has been customized on the Centos/Fedora host. .. note:: - When copying and pasting a command, be sure the command has pasted as a single line before executing. Some document viewers may introduce unwanted line breaks in copied text. + When copying and pasting a command, be sure the command has pasted as + a single line before executing. Some document viewers may introduce + unwanted line breaks in copied text. To import an AMI: -#. - - Set up loopback on image file: +#. Set up loopback on image file: .. code:: bash - # mkdir -p /mnt/loop/centos62 - # mount -o loop CentOS_6.2_x64 /mnt/loop/centos54 - -#. + # mkdir -p /mnt/loop/centos62 + # mount -o loop CentOS_6.2_x64 /mnt/loop/centos54 - Install the kernel-xen package into the image. This downloads the PV +#. Install the kernel-xen package into the image. This downloads the PV kernel and ramdisk to the image. .. code:: bash - # yum -c /mnt/loop/centos54/etc/yum.conf --installroot=/mnt/loop/centos62/ -y install kernel-xen + # yum -c /mnt/loop/centos54/etc/yum.conf --installroot=/mnt/loop/centos62/ -y install kernel-xen -#. - - Create a grub entry in /boot/grub/grub.conf. +#. Create a grub entry in /boot/grub/grub.conf. .. code:: bash - # mkdir -p /mnt/loop/centos62/boot/grub - # touch /mnt/loop/centos62/boot/grub/grub.conf - # echo "" > /mnt/loop/centos62/boot/grub/grub.conf - -#. + # mkdir -p /mnt/loop/centos62/boot/grub + # touch /mnt/loop/centos62/boot/grub/grub.conf + # echo "" > /mnt/loop/centos62/boot/grub/grub.conf - Determine the name of the PV kernel that has been installed into the +#. Determine the name of the PV kernel that has been installed into the image. .. code:: bash - # cd /mnt/loop/centos62 - # ls lib/modules/ - 2.6.16.33-xenU 2.6.16-xenU 2.6.18-164.15.1.el5xen 2.6.18-164.6.1.el5.centos.plus 2.6.18-xenU-ec2-v1.0 2.6.21.7-2.fc8xen 2.6.31-302-ec2 - # ls boot/initrd* - boot/initrd-2.6.18-164.6.1.el5.centos.plus.img boot/initrd-2.6.18-164.15.1.el5xen.img - # ls boot/vmlinuz* - boot/vmlinuz-2.6.18-164.15.1.el5xen boot/vmlinuz-2.6.18-164.6.1.el5.centos.plus boot/vmlinuz-2.6.18-xenU-ec2-v1.0 boot/vmlinuz-2.6.21-2952.fc8xen + # cd /mnt/loop/centos62 + # ls lib/modules/ + 2.6.16.33-xenU 2.6.16-xenU 2.6.18-164.15.1.el5xen 2.6.18-164.6.1.el5.centos.plus 2.6.18-xenU-ec2-v1.0 2.6.21.7-2.fc8xen 2.6.31-302-ec2 + # ls boot/initrd* + boot/initrd-2.6.18-164.6.1.el5.centos.plus.img boot/initrd-2.6.18-164.15.1.el5xen.img + # ls boot/vmlinuz* + boot/vmlinuz-2.6.18-164.15.1.el5xen boot/vmlinuz-2.6.18-164.6.1.el5.centos.plus boot/vmlinuz-2.6.18-xenU-ec2-v1.0 boot/vmlinuz-2.6.21-2952.fc8xen Xen kernels/ramdisk always end with "xen". For the kernel version you choose, there has to be an entry for that version under lib/modules, @@ -945,146 +796,121 @@ To import an AMI: the only kernel that satisfies this condition is 2.6.18-164.15.1.el5xen. -#. - - Based on your findings, create an entry in the grub.conf file. Below +#. Based on your findings, create an entry in the grub.conf file. Below is an example entry. .. code:: bash - default=0 - timeout=5 - hiddenmenu - title CentOS (2.6.18-164.15.1.el5xen) - root (hd0,0) - kernel /boot/vmlinuz-2.6.18-164.15.1.el5xen ro root=/dev/xvda - initrd /boot/initrd-2.6.18-164.15.1.el5xen.img - -#. + default=0 + timeout=5 + hiddenmenu + title CentOS (2.6.18-164.15.1.el5xen) + root (hd0,0) + kernel /boot/vmlinuz-2.6.18-164.15.1.el5xen ro root=/dev/xvda + initrd /boot/initrd-2.6.18-164.15.1.el5xen.img - Edit etc/fstab, changing âsda1â to âxvdaâ and changing âsdbâ to +#. Edit etc/fstab, changing âsda1â to âxvdaâ and changing âsdbâ to âxvdbâ. .. code:: bash - # cat etc/fstab - /dev/xvda / ext3 defaults 1 1 - /dev/xvdb /mnt ext3 defaults 0 0 - none /dev/pts devpts gid=5,mode=620 0 0 - none /proc proc defaults 0 0 - none /sys sysfs defaults 0 0 - -#. + # cat etc/fstab + /dev/xvda / ext3 defaults 1 1 + /dev/xvdb /mnt ext3 defaults 0 0 + none /dev/pts devpts gid=5,mode=620 0 0 + none /proc proc defaults 0 0 + none /sys sysfs defaults 0 0 - Enable login via the console. The default console device in a +#. Enable login via the console. The default console device in a XenServer system is xvc0. Ensure that etc/inittab and etc/securetty have the following lines respectively: .. code:: bash - # grep xvc0 etc/inittab - co:2345:respawn:/sbin/agetty xvc0 9600 vt100-nav - # grep xvc0 etc/securetty - xvc0 + # grep xvc0 etc/inittab + co:2345:respawn:/sbin/agetty xvc0 9600 vt100-nav + # grep xvc0 etc/securetty + xvc0 -#. - - Ensure the ramdisk supports PV disk and PV network. Customize this +#. Ensure the ramdisk supports PV disk and PV network. Customize this for the kernel version you have determined above. .. code:: bash - # chroot /mnt/loop/centos54 - # cd /boot/ - # mv initrd-2.6.18-164.15.1.el5xen.img initrd-2.6.18-164.15.1.el5xen.img.bak - # mkinitrd -f /boot/initrd-2.6.18-164.15.1.el5xen.img --with=xennet --preload=xenblk --omit-scsi-modules 2.6.18-164.15.1.el5xen - -#. + # chroot /mnt/loop/centos54 + # cd /boot/ + # mv initrd-2.6.18-164.15.1.el5xen.img initrd-2.6.18-164.15.1.el5xen.img.bak + # mkinitrd -f /boot/initrd-2.6.18-164.15.1.el5xen.img --with=xennet --preload=xenblk --omit-scsi-modules 2.6.18-164.15.1.el5xen - Change the password. +#. Change the password. .. code:: bash - # passwd - Changing password for user root. - New UNIX password: - Retype new UNIX password: - passwd: all authentication tokens updated successfully. + # passwd + Changing password for user root. + New UNIX password: + Retype new UNIX password: + passwd: all authentication tokens updated successfully. -#. - - Exit out of chroot. +#. Exit out of chroot. .. code:: bash - # exit - -#. + # exit - Check `etc/ssh/sshd_config` for lines allowing ssh login using a +#. Check `etc/ssh/sshd_config` for lines allowing ssh login using a password. .. code:: bash - # egrep "PermitRootLogin|PasswordAuthentication" /mnt/loop/centos54/etc/ssh/sshd_config - PermitRootLogin yes - PasswordAuthentication yes - -#. + # egrep "PermitRootLogin|PasswordAuthentication" /mnt/loop/centos54/etc/ssh/sshd_config + PermitRootLogin yes + PasswordAuthentication yes - If you need the template to be enabled to reset passwords from the +#. If you need the template to be enabled to reset passwords from the CloudStack UI or API, install the password change script into the image at this point. See :ref:`adding-password-management-to-templates`. -#. - - Unmount and delete loopback mount. +#. Unmount and delete loopback mount. .. code:: bash - # umount /mnt/loop/centos54 - # losetup -d /dev/loop0 - -#. + # umount /mnt/loop/centos54 + # losetup -d /dev/loop0 - Copy the image file to your XenServer host's file-based storage +#. Copy the image file to your XenServer host's file-based storage repository. In the example below, the Xenserver is "xenhost". This XenServer has an NFS repository whose uuid is a9c5b8c8-536b-a193-a6dc-51af3e5ff799. .. code:: bash - # scp CentOS_6.2_x64 xenhost:/var/run/sr-mount/a9c5b8c8-536b-a193-a6dc-51af3e5ff799/ + # scp CentOS_6.2_x64 xenhost:/var/run/sr-mount/a9c5b8c8-536b-a193-a6dc-51af3e5ff799/ -#. - - Log in to the Xenserver and create a VDI the same size as the image. +#. Log in to the Xenserver and create a VDI the same size as the image. .. code:: bash - [root@xenhost ~]# cd /var/run/sr-mount/a9c5b8c8-536b-a193-a6dc-51af3e5ff799 - [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# ls -lh CentOS_6.2_x64 - -rw-r--r-- 1 root root 10G Mar 16 16:49 CentOS_6.2_x64 - [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# xe vdi-create virtual-size=10GiB sr-uuid=a9c5b8c8-536b-a193-a6dc-51af3e5ff799 type=user name-label="Centos 6.2 x86_64" - cad7317c-258b-4ef7-b207-cdf0283a7923 - -#. + [root@xenhost ~]# cd /var/run/sr-mount/a9c5b8c8-536b-a193-a6dc-51af3e5ff799 + [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# ls -lh CentOS_6.2_x64 + -rw-r--r-- 1 root root 10G Mar 16 16:49 CentOS_6.2_x64 + [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# xe vdi-create virtual-size=10GiB sr-uuid=a9c5b8c8-536b-a193-a6dc-51af3e5ff799 type=user name-label="Centos 6.2 x86_64" + cad7317c-258b-4ef7-b207-cdf0283a7923 - Import the image file into the VDI. This may take 10â20 minutes. +#. Import the image file into the VDI. This may take 10â20 minutes. .. code:: bash - [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# xe vdi-import filename=CentOS_6.2_x64 uuid=cad7317c-258b-4ef7-b207-cdf0283a7923 - -#. + [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# xe vdi-import filename=CentOS_6.2_x64 uuid=cad7317c-258b-4ef7-b207-cdf0283a7923 - Locate a the VHD file. This is the file with the VDIâs UUID as its +#. Locate a the VHD file. This is the file with the VDIâs UUID as its name. Compress it and upload it to your web server. .. code:: bash - [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# bzip2 -c cad7317c-258b-4ef7-b207-cdf0283a7923.vhd > CentOS_6.2_x64.vhd.bz2 - [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# scp CentOS_6.2_x64.vhd.bz2 webserver:/var/www/html/templates/ + [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# bzip2 -c cad7317c-258b-4ef7-b207-cdf0283a7923.vhd > CentOS_6.2_x64.vhd.bz2 + [root@xenhost a9c5b8c8-536b-a193-a6dc-51af3e5ff799]# scp CentOS_6.2_x64.vhd.bz2 webserver:/var/www/html/templates/ + Converting a Hyper-V VM to a Template ------------------------------------- @@ -1101,24 +927,16 @@ clone if you still want to use the VM in Hyper-V. Uninstall Hyper-V Integration Components and check for any references to device names in /etc/fstab: -#. - - From the linux\_ic/drivers/dist directory, run make uninstall (where +#. From the linux\_ic/drivers/dist directory, run make uninstall (where "linux\_ic" is the path to the copied Hyper-V Integration Components files). -#. - - Restore the original initrd from backup in /boot/ (the backup is +#. Restore the original initrd from backup in /boot/ (the backup is named \*.backup0). -#. - - Remove the "hdX=noprobe" entries from /boot/grub/menu.lst. - -#. +#. Remove the "hdX=noprobe" entries from /boot/grub/menu.lst. - Check /etc/fstab for any partitions mounted by device name. Change +#. Check /etc/fstab for any partitions mounted by device name. Change those entries (if any) to mount by LABEL or UUID. You can get that information with the blkid command. @@ -1127,57 +945,35 @@ the VHD into XenServer. There are two options for doing this. Option one: -#. - - Import the VHD using XenCenter. In XenCenter, go to Tools>Virtual +#. Import the VHD using XenCenter. In XenCenter, go to Tools>Virtual Appliance Tools>Disk Image Import. -#. - - Choose the VHD, then click Next. +#. Choose the VHD, then click Next. -#. - - Name the VM, choose the NFS VHD SR under Storage, enable "Run +#. Name the VM, choose the NFS VHD SR under Storage, enable "Run Operating System Fixups" and choose the NFS ISO SR. -#. - - Click Next, then Finish. A VM should be created. +#. Click Next, then Finish. A VM should be created. Option two: -#. - - Run XenConvert, under From choose VHD, under To choose XenServer. +#. Run XenConvert, under From choose VHD, under To choose XenServer. Click Next. -#. - - Choose the VHD, then click Next. - -#. +#. Choose the VHD, then click Next. - Input the XenServer host info, then click Next. +#. Input the XenServer host info, then click Next. -#. - - Name the VM, then click Next, then Convert. A VM should be created. +#. Name the VM, then click Next, then Convert. A VM should be created. Once you have a VM created from the Hyper-V VHD, prepare it using the following steps: -#. - - Boot the VM, uninstall Hyper-V Integration Services, and reboot. - -#. +#. Boot the VM, uninstall Hyper-V Integration Services, and reboot. - Install XenServer Tools, then reboot. +#. Install XenServer Tools, then reboot. -#. - - Prepare the VM as desired. For example, run sysprep on Windows VMs. +#. Prepare the VM as desired. For example, run sysprep on Windows VMs. See `âCreating a Windows Templateâ <#creating-a-windows-template>`_. @@ -1186,37 +982,26 @@ Windows VMs, but Linux VMs may not perform optimally. Converting a Linux VM to PV mode will require additional steps and will vary by distribution. -#. - - Shut down the VM and copy the VHD from the NFS storage to a web +#. Shut down the VM and copy the VHD from the NFS storage to a web server; for example, mount the NFS share on the web server and copy it, or from the XenServer host use sftp or scp to upload it to the web server. -#. +#. In CloudStack, create a new template using the following values: - In CloudStack, create a new template using the following values: + - URL. Give the URL for the VHD - - - - URL. Give the URL for the VHD - - - - - OS Type. Use the appropriate OS. For PV mode on CentOS, choose + - OS Type. Use the appropriate OS. For PV mode on CentOS, choose Other PV (32-bit) or Other PV (64-bit). This choice is available only for XenServer. - - - - Hypervisor. XenServer - - - + - Hypervisor. XenServer - Format. VHD + - Format. VHD The template will be created, and you can create instances from it. + .. _adding-password-management-to-templates: Adding Password Management to Your Templates @@ -1243,43 +1028,36 @@ any password changes. If the script is unable to contact the virtual router during instance boot it will not set the password but boot will continue normally. + Linux OS Installation ~~~~~~~~~~~~~~~~~~~~~ Use the following steps to begin the Linux OS installation: -#. - - Download the script file cloud-set-guest-password: - - - - - `http://download.cloud.com/templates/4.2/bindir/cloud-set-guest-password.in <http://download.cloud.com/templates/4.2/bindir/cloud-set-guest-password.in>`_ +#. Download the script file cloud-set-guest-password: -#. + - `http://download.cloud.com/templates/4.2/bindir/cloud-set-guest-password.in + <http://download.cloud.com/templates/4.2/bindir/cloud-set-guest-password.in>`_ - Copy this file to /etc/init.d. +#. Copy this file to /etc/init.d. On some Linux distributions, copy the file to ``/etc/rc.d/init.d``. -#. - - Run the following command to make the script executable: +#. Run the following command to make the script executable: .. code:: bash - chmod +x /etc/init.d/cloud-set-guest-password - -#. + chmod +x /etc/init.d/cloud-set-guest-password - Depending on the Linux distribution, continue with the appropriate +#. Depending on the Linux distribution, continue with the appropriate step. On Fedora, CentOS/RHEL, and Debian, run: .. code:: bash - chkconfig --add cloud-set-guest-password + chkconfig --add cloud-set-guest-password + Windows OS Installation ~~~~~~~~~~~~~~~~~~~~~~~ @@ -1288,6 +1066,7 @@ Download the installer, CloudInstanceManager.msi, from the `Download page <http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/CloudInstanceManager.msi/download>`_ and run the installer in the newly created Windows VM. + Deleting Templates ------------------ @@ -1301,6 +1080,7 @@ When templates are deleted, the VMs instantiated from them will continue to run. However, new VMs cannot be created based on the deleted template. + .. |sysmanager.png| image:: _static/images/sysmanager.png :alt: System Image Manager .. |software-license.png| image:: _static/images/software-license.png
http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/68c20df4/source/troubleshooting.rst ---------------------------------------------------------------------- diff --git a/source/troubleshooting.rst b/source/troubleshooting.rst index df5782c..290622c 100644 --- a/source/troubleshooting.rst +++ b/source/troubleshooting.rst @@ -13,6 +13,7 @@ specific language governing permissions and limitations under the License. + TroubleShooting =============== @@ -26,13 +27,13 @@ messages. We recommend this command to find the problematic output in the Management Server log:. .. note:: - When copying and pasting a command, be sure the command has pasted as a - single line before executing. Some document viewers may introduce - unwanted line breaks in copied text. + When copying and pasting a command, be sure the command has pasted as a + single line before executing. Some document viewers may introduce + unwanted line breaks in copied text. .. code:: bash - grep -i -E 'exception|unable|fail|invalid|leak|warn|error' /var/log/cloudstack/management/management-server.log + grep -i -E 'exception|unable|fail|invalid|leak|warn|error' /var/log/cloudstack/management/management-server.log The CloudStack processes requests with a Job ID. If you find an error in the logs and you are interested in debugging the issue you can grep for @@ -41,14 +42,14 @@ find the following ERROR message: .. code:: bash - 2010-10-04 13:49:32,595 ERROR [cloud.vm.UserVmManagerImpl] (Job-Executor-11:job-1076) Unable to find any host for [User|i-8-42-VM-untagged] + 2010-10-04 13:49:32,595 ERROR [cloud.vm.UserVmManagerImpl] (Job-Executor-11:job-1076) Unable to find any host for [User|i-8-42-VM-untagged] Note that the job ID is 1076. You can track back the events relating to job 1076 with the following grep: .. code:: bash - grep "job-1076)" management-server.log + grep "job-1076)" management-server.log The CloudStack Agent Server logs its activities in `/var/log/cloudstack/agent/`. @@ -62,6 +63,7 @@ Symptom Loss of existing data on primary storage which has been exposed as a Linux NFS server export on an iSCSI volume. + Cause ~~~~~ @@ -69,6 +71,7 @@ It is possible that a client from outside the intended pool has mounted the storage. When this occurs, the LVM is wiped and all data in the volume is lost + Solution ~~~~~~~~ @@ -77,16 +80,18 @@ allowed access by specifying a subnet mask. For example: .. code:: bash - echo â/export 192.168.1.0/24(rw,async,no_root_squash,no_subtree_check)â > /etc/exports + echo â/export 192.168.1.0/24(rw,async,no_root_squash,no_subtree_check)â > /etc/exports Adjust the above command to suit your deployment needs. + More Information ~~~~~~~~~~~~~~~~ See the export procedure in the "Secondary Storage" section of the CloudStack Installation Guide + Recovering a Lost Virtual Router -------------------------------- @@ -96,11 +101,13 @@ Symptom A virtual router is running, but the host is disconnected. A virtual router no longer functions as expected. + Cause ~~~~~ The Virtual router is lost or down. + Solution ~~~~~~~~ @@ -109,20 +116,14 @@ functions as expected, destroy it. You must create one afresh while keeping the backup router up and running (it is assumed this is in a redundant router setup): -- - - Force stop the router. Use the stopRouter API with forced=true +- Force stop the router. Use the stopRouter API with forced=true parameter to do so. -- - - Before you continue with destroying this router, ensure that the +- Before you continue with destroying this router, ensure that the backup router is running. Otherwise the network connection will be lost. -- - - Destroy the router by using the destroyRouter API. +- Destroy the router by using the destroyRouter API. Recreate the missing router by using the restartNetwork API with cleanup=false parameter. For more information about redundant router @@ -131,6 +132,7 @@ setup, see Creating a New Network Offering. For more information about the API syntax, see the API Reference at `http://cloudstack.apache.org/docs/api/ <http://cloudstack.apache.org/docs/api/>`_. + Maintenance mode not working on vCenter --------------------------------------- @@ -139,12 +141,14 @@ Symptom Host was placed in maintenance mode, but still appears live in vCenter. + Cause ~~~~~~ The CloudStack administrator UI was used to place the host in scheduled maintenance mode. This mode is separate from vCenter's maintenance mode. + Solution ~~~~~~~~ @@ -159,6 +163,7 @@ Symptom When attempting to create a VM, the VM will not deploy. + Cause ~~~~~ @@ -166,11 +171,13 @@ If the template was created by uploading an OVA file that was created using vSphere Client, it is possible the OVA contained an ISO image. If it does, the deployment of VMs from the template will fail. + Solution ~~~~~~~~ Remove the ISO and re-upload the template. + Unable to power on virtual machine on VMware -------------------------------------------- @@ -179,17 +186,12 @@ Symptom Virtual machine does not power on. You might see errors like: -- - - Unable to open Swap File - -- +- Unable to open Swap File - Unable to access a file since it is locked +- Unable to access a file since it is locked -- +- Unable to access Virtual machine configuration - Unable to access Virtual machine configuration Cause ~~~~~ @@ -200,13 +202,15 @@ Sometimes the files are not unlocked when the virtual machine is powered off. When a virtual machine attempts to power on, it can not access these critical files, and the virtual machine is unable to power on. + Solution ~~~~~~~~ See the following: -`VMware Knowledge Base -Article <http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=10051/>`_ +`VMware Knowledge Base Article +<http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=10051/>`_ + Load balancer rules fail after changing network offering -------------------------------------------------------- @@ -217,6 +221,7 @@ Symptom After changing the network offering on a network, load balancer rules stop working. + Cause ~~~~~ @@ -225,18 +230,21 @@ that includes an external load balancer device such as NetScaler, and later the network service offering changed to one that uses the CloudStack virtual router. + Solution ~~~~~~~~ Create a firewall rule on the virtual router for each of your existing load balancing rules so that they continue to function. + Troubleshooting Internet Traffic -------------------------------- Below are a few troubleshooting steps to check whats going wrong with your network... + Trouble Shooting Steps ~~~~~~~~~~~~~~~~~~~~~~ @@ -248,17 +256,17 @@ Trouble Shooting Steps :: - kvm1 ~$ vconfig add eth0 64 - kvm1 ~$ ifconfig eth0.64 1.2.3.4 netmask 255.255.255.0 up - kvm1 ~$ ping 1.2.3.5 + kvm1 ~$ vconfig add eth0 64 + kvm1 ~$ ifconfig eth0.64 1.2.3.4 netmask 255.255.255.0 up + kvm1 ~$ ping 1.2.3.5 On *host2 (kvm2)* :: - kvm2 ~$ vconfig add eth0 64 - kvm2 ~$ ifconfig eth0.64 1.2.3.5 netmask 255.255.255.0 up - kvm2 ~$ ping 1.2.3.4 + kvm2 ~$ vconfig add eth0 64 + kvm2 ~$ ifconfig eth0.64 1.2.3.5 netmask 255.255.255.0 up + kvm2 ~$ ping 1.2.3.4 If the pings dont work, run *tcpdump(8)* all over the place to check who is gobbling up the packets. Ultimately, if the switches are not @@ -282,33 +290,33 @@ Trouble Shooting Steps :: - acs-manager ~$ cloudmonkey list traffictypes physicalnetworkid=41cb7ff6-8eb2-4630-b577-1da25e0e1145 - count = 4 - traffictype: - id = cd0915fe-a660-4a82-9df7-34aebf90003e - kvmnetworklabel = cloudbr0 - physicalnetworkid = 41cb7ff6-8eb2-4630-b577-1da25e0e1145 - traffictype = Guest - xennetworklabel = MGMT - ======================================================== - id = f5524b8f-6605-41e4-a982-81a356b2a196 - kvmnetworklabel = cloudbr0 - physicalnetworkid = 41cb7ff6-8eb2-4630-b577-1da25e0e1145 - traffictype = Management - xennetworklabel = MGMT - ======================================================== - id = 266bad0e-7b68-4242-b3ad-f59739346cfd - kvmnetworklabel = cloudbr0 - physicalnetworkid = 41cb7ff6-8eb2-4630-b577-1da25e0e1145 - traffictype = Public - xennetworklabel = MGMT - ======================================================== - id = a2baad4f-7ce7-45a8-9caf-a0b9240adf04 - kvmnetworklabel = cloudbr0 - physicalnetworkid = 41cb7ff6-8eb2-4630-b577-1da25e0e1145 - traffictype = Storage - xennetworklabel = MGMT - ========================================================= + acs-manager ~$ cloudmonkey list traffictypes physicalnetworkid=41cb7ff6-8eb2-4630-b577-1da25e0e1145 + count = 4 + traffictype: + id = cd0915fe-a660-4a82-9df7-34aebf90003e + kvmnetworklabel = cloudbr0 + physicalnetworkid = 41cb7ff6-8eb2-4630-b577-1da25e0e1145 + traffictype = Guest + xennetworklabel = MGMT + ======================================================== + id = f5524b8f-6605-41e4-a982-81a356b2a196 + kvmnetworklabel = cloudbr0 + physicalnetworkid = 41cb7ff6-8eb2-4630-b577-1da25e0e1145 + traffictype = Management + xennetworklabel = MGMT + ======================================================== + id = 266bad0e-7b68-4242-b3ad-f59739346cfd + kvmnetworklabel = cloudbr0 + physicalnetworkid = 41cb7ff6-8eb2-4630-b577-1da25e0e1145 + traffictype = Public + xennetworklabel = MGMT + ======================================================== + id = a2baad4f-7ce7-45a8-9caf-a0b9240adf04 + kvmnetworklabel = cloudbr0 + physicalnetworkid = 41cb7ff6-8eb2-4630-b577-1da25e0e1145 + traffictype = Storage + xennetworklabel = MGMT + ========================================================= #. KVM traffic labels require to be named as *"cloudbr0"*, *"cloudbr2"*, *"cloudbrN"* etc and the corresponding bridge must exist on the KVM @@ -319,15 +327,15 @@ Trouble Shooting Steps :: - kvm1 ~$ ifconfig cloudbr0 - cloudbr0 Link encap:Ethernet HWaddr 00:0C:29:EF:7D:78 - inet addr:192.168.44.22 Bcast:192.168.44.255 Mask:255.255.255.0 - inet6 addr: fe80::20c:29ff:feef:7d78/64 Scope:Link - UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 - RX packets:92435 errors:0 dropped:0 overruns:0 frame:0 - TX packets:50596 errors:0 dropped:0 overruns:0 carrier:0 - collisions:0 txqueuelen:0 - RX bytes:94985932 (90.5 MiB) TX bytes:61635793 (58.7 MiB) + kvm1 ~$ ifconfig cloudbr0 + cloudbr0 Link encap:Ethernet HWaddr 00:0C:29:EF:7D:78 + inet addr:192.168.44.22 Bcast:192.168.44.255 Mask:255.255.255.0 + inet6 addr: fe80::20c:29ff:feef:7d78/64 Scope:Link + UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 + RX packets:92435 errors:0 dropped:0 overruns:0 frame:0 + TX packets:50596 errors:0 dropped:0 overruns:0 carrier:0 + collisions:0 txqueuelen:0 + RX bytes:94985932 (90.5 MiB) TX bytes:61635793 (58.7 MiB) #. The Virtual Router, SSVM, CPVM *public* interface would be bridged to a physical interface on the host. In the example below, *cloudbr0* is @@ -341,22 +349,22 @@ Trouble Shooting Steps :: - kvm-host1 ~$ brctl show - bridge name bridge id STP enabled interfaces - breth0-64 8000.000c29ef7d78 no eth0.64 - vnet2 - cloud0 8000.fe00a9fe0219 no vnet0 - cloudbr0 8000.000c29ef7d78 no eth0 - vnet1 - vnet3 - virbr0 8000.5254008e321a yes virbr0-nic + kvm-host1 ~$ brctl show + bridge name bridge id STP enabled interfaces + breth0-64 8000.000c29ef7d78 no eth0.64 + vnet2 + cloud0 8000.fe00a9fe0219 no vnet0 + cloudbr0 8000.000c29ef7d78 no eth0 + vnet1 + vnet3 + virbr0 8000.5254008e321a yes virbr0-nic :: - xenserver1 ~$ brctl show - bridge name bridge id STP enabled interfaces - xapi0 0000.e2b76d0a1149 no vif1.0 - xenbr0 0000.000c299b54dc no eth0 + xenserver1 ~$ brctl show + bridge name bridge id STP enabled interfaces + xapi0 0000.e2b76d0a1149 no vif1.0 + xenbr0 0000.000c299b54dc no eth0 xapi1 vif1.1 vif1.2 @@ -367,11 +375,11 @@ Trouble Shooting Steps :: - xenserver1 ~$ xe network-list - uuid ( RO) : aaa-bbb-ccc-ddd - name-label ( RW): MGMT - name-description ( RW): - bridge ( RO): xenbr0 + xenserver1 ~$ xe network-list + uuid ( RO) : aaa-bbb-ccc-ddd + name-label ( RW): MGMT + name-description ( RW): + bridge ( RO): xenbr0 #. The Internet would be accessible from both the SSVM and CPVM @@ -385,25 +393,25 @@ Trouble Shooting Steps :: - root@s-1-VM:~# ping -c 3 google.com - PING google.com (74.125.236.164): 56 data bytes - 64 bytes from 74.125.236.164: icmp_seq=0 ttl=55 time=26.932 ms - 64 bytes from 74.125.236.164: icmp_seq=1 ttl=55 time=29.156 ms - 64 bytes from 74.125.236.164: icmp_seq=2 ttl=55 time=25.000 ms - --- google.com ping statistics --- - 3 packets transmitted, 3 packets received, 0% packet loss - round-trip min/avg/max/stddev = 25.000/27.029/29.156/1.698 ms + root@s-1-VM:~# ping -c 3 google.com + PING google.com (74.125.236.164): 56 data bytes + 64 bytes from 74.125.236.164: icmp_seq=0 ttl=55 time=26.932 ms + 64 bytes from 74.125.236.164: icmp_seq=1 ttl=55 time=29.156 ms + 64 bytes from 74.125.236.164: icmp_seq=2 ttl=55 time=25.000 ms + --- google.com ping statistics --- + 3 packets transmitted, 3 packets received, 0% packet loss + round-trip min/avg/max/stddev = 25.000/27.029/29.156/1.698 ms :: - root@v-2-VM:~# ping -c 3 google.com - PING google.com (74.125.236.164): 56 data bytes - 64 bytes from 74.125.236.164: icmp_seq=0 ttl=55 time=32.125 ms - 64 bytes from 74.125.236.164: icmp_seq=1 ttl=55 time=26.324 ms - 64 bytes from 74.125.236.164: icmp_seq=2 ttl=55 time=37.001 ms - --- google.com ping statistics --- - 3 packets transmitted, 3 packets received, 0% packet loss - round-trip min/avg/max/stddev = 26.324/31.817/37.001/4.364 ms + root@v-2-VM:~# ping -c 3 google.com + PING google.com (74.125.236.164): 56 data bytes + 64 bytes from 74.125.236.164: icmp_seq=0 ttl=55 time=32.125 ms + 64 bytes from 74.125.236.164: icmp_seq=1 ttl=55 time=26.324 ms + 64 bytes from 74.125.236.164: icmp_seq=2 ttl=55 time=37.001 ms + --- google.com ping statistics --- + 3 packets transmitted, 3 packets received, 0% packet loss + round-trip min/avg/max/stddev = 26.324/31.817/37.001/4.364 ms #. The Virtual Router (VR) should also be able to reach the Internet @@ -412,14 +420,14 @@ Trouble Shooting Steps :: - root@r-4-VM:~# ping -c 3 google.com - PING google.com (74.125.236.164): 56 data bytes - 64 bytes from 74.125.236.164: icmp_seq=0 ttl=55 time=28.098 ms - 64 bytes from 74.125.236.164: icmp_seq=1 ttl=55 time=34.785 ms - 64 bytes from 74.125.236.164: icmp_seq=2 ttl=55 time=69.179 ms - --- google.com ping statistics --- - 3 packets transmitted, 3 packets received, 0% packet loss - round-trip min/avg/max/stddev = 28.098/44.021/69.179/17.998 ms + root@r-4-VM:~# ping -c 3 google.com + PING google.com (74.125.236.164): 56 data bytes + 64 bytes from 74.125.236.164: icmp_seq=0 ttl=55 time=28.098 ms + 64 bytes from 74.125.236.164: icmp_seq=1 ttl=55 time=34.785 ms + 64 bytes from 74.125.236.164: icmp_seq=2 ttl=55 time=69.179 ms + --- google.com ping statistics --- + 3 packets transmitted, 3 packets received, 0% packet loss + round-trip min/avg/max/stddev = 28.098/44.021/69.179/17.998 ms #. However, the Virtual Router's (VR) Source NAT Public IP address **WONT** be reachable until appropriate Ingress rules are @@ -443,5 +451,6 @@ Trouble Shooting Steps In a vast majority of the cases, the problem has turned out to be at the switching layer where the L3 switches were configured incorrectly. -This section was contibuted by Shanker Balan and was originally published on `Shapeblue's blog <http://shankerbalan.net/blog/internet-not-working-on-cloudstack-vms/>`_ +This section was contibuted by Shanker Balan and was originally published on +`Shapeblue's blog <http://shankerbalan.net/blog/internet-not-working-on-cloudstack-vms/>`_ http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/68c20df4/source/tuning.rst ---------------------------------------------------------------------- diff --git a/source/tuning.rst b/source/tuning.rst index 5ff2584..75b0954 100644 --- a/source/tuning.rst +++ b/source/tuning.rst @@ -20,6 +20,7 @@ Tuning This section provides tips on how to improve the performance of your cloud. + Performance Monitoring ---------------------- @@ -28,55 +29,47 @@ administrators. This allows the user to monitor their utilization of resources and determine when it is appropriate to choose a more powerful service offering or larger disk. + Increase Management Server Maximum Memory ----------------------------------------- If the Management Server is subject to high demand, the default maximum JVM memory allocation can be insufficient. To increase the memory: -#. - - Edit the Tomcat configuration file: +#. Edit the Tomcat configuration file: .. code:: bash - /etc/cloudstack/management/tomcat6.conf + /etc/cloudstack/management/tomcat6.conf -#. - - Change the command-line parameter -XmxNNNm to a higher value of N. +#. Change the command-line parameter -XmxNNNm to a higher value of N. For example, if the current value is -Xmx128m, change it to -Xmx1024m or higher. -#. - - To put the new setting into effect, restart the Management Server. +#. To put the new setting into effect, restart the Management Server. .. code:: bash - # service cloudstack-management restart + # service cloudstack-management restart For more information about memory issues, see "FAQ: Memory" at `Tomcat Wiki. <http://wiki.apache.org/tomcat/FAQ/Memory>`_ + Set Database Buffer Pool Size ----------------------------- It is important to provide enough memory space for the MySQL database to cache data and indexes: -#. - - Edit the MySQL configuration file: +#. Edit the MySQL configuration file: .. code:: bash - /etc/my.cnf - -#. + /etc/my.cnf - Insert the following line in the [mysqld] section, below the datadir +#. Insert the following line in the [mysqld] section, below the datadir line. Use a value that is appropriate for your situation. We recommend setting the buffer pool at 40% of RAM if MySQL is on the same server as the management server or 70% of RAM if MySQL has a @@ -85,20 +78,19 @@ cache data and indexes: .. code:: bash - innodb_buffer_pool_size=700M - -#. + innodb_buffer_pool_size=700M - Restart the MySQL service. +#. Restart the MySQL service. .. code:: bash - # service mysqld restart + # service mysqld restart For more information about the buffer pool, see "The InnoDB Buffer Pool" at `MySQL Reference Manual <http://dev.mysql.com/doc/refman/5.5/en/innodb-buffer-pool.html>`_. + Set and Monitor Total VM Limits per Host ---------------------------------------- @@ -119,6 +111,7 @@ cluster is at most (N-1) \* (per-host-limit). Once a cluster reaches this number of VMs, use the CloudStack UI to disable allocation of more VMs to the cluster. + Configure XenServer dom0 Memory ------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/68c20df4/source/ui.rst ---------------------------------------------------------------------- diff --git a/source/ui.rst b/source/ui.rst index 9b63600..c2d6bf3 100644 --- a/source/ui.rst +++ b/source/ui.rst @@ -13,6 +13,7 @@ specific language governing permissions and limitations under the License. + User Interface ============== @@ -28,7 +29,7 @@ management server IP address) .. sourcecode:: bash - http://<management-server-ip-address>:8080/client + http://<management-server-ip-address>:8080/client On a fresh Management Server installation, a guided tour splash screen appears. On later visits, youâll see a login screen where you specify @@ -36,8 +37,8 @@ the following to proceed to your Dashboard: Username -> The user ID of your account. The default username is admin. -Password -> The password associated with the user ID. The password for the default -username is password. +Password -> The password associated with the user ID. The password for +the default username is password. Domain -> If you are a root user, leave this field blank. @@ -52,6 +53,7 @@ enter Comp1/sales. For more guidance about the choices that appear when you log in to this UI, see Logging In as the Root Administrator. + End User's UI Overview ~~~~~~~~~~~~~~~~~~~~~~ @@ -61,6 +63,7 @@ data volumes and snapshots, guest networks, and IP addresses. If the user is a member or administrator of one or more CloudStack projects, the UI can provide a project-oriented view. + Root Administrator's UI Overview ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -74,6 +77,7 @@ screen and the navigation bar on the left provide access to a variety of administrative functions. The root administrator can also use the UI to perform all the same tasks that are present in the end-userâs UI. + Logging In as the Root Administrator ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -81,26 +85,20 @@ After the Management Server software is installed and running, you can run the CloudStack user interface. This UI is there to help you provision, view, and manage your cloud infrastructure. -#. - - Open your favorite Web browser and go to this URL. Substitute the IP +#. Open your favorite Web browser and go to this URL. Substitute the IP address of your own Management Server: .. sourcecode:: bash - http://<management-server-ip-address>:8080/client + http://<management-server-ip-address>:8080/client After logging into a fresh Management Server installation, a guided tour splash screen appears. On later visits, youâll be taken directly into the Dashboard. -#. +#. If you see the first-time splash screen, choose one of the following. - If you see the first-time splash screen, choose one of the following. - - - - - **Continue with basic setup.** Choose this if you're just trying + - **Continue with basic setup.** Choose this if you're just trying CloudStack, and you want a guided walkthrough of the simplest possible configuration so that you can get started right away. We'll help you set up a cloud with the following features: a @@ -112,9 +110,7 @@ provision, view, and manage your cloud infrastructure. information you need, but if you want just a bit more detail, you can follow along in the Trial Installation Guide. - - - - **I have used CloudStack before.** Choose this if you have already + - **I have used CloudStack before.** Choose this if you have already gone through a design phase and planned a more sophisticated deployment, or you are ready to start scaling up a trial cloud that you set up earlier with the basic setup screens. In the @@ -126,15 +122,17 @@ provision, view, and manage your cloud infrastructure. The root administrator Dashboard appears. -#. - - You should set a new root administrator password. If you chose basic +#. You should set a new root administrator password. If you chose basic setup, youâll be prompted to create a new password right away. If you chose experienced user, use the steps in :ref:`changing-root-password`. -.. warning:: - - You are logging in as the root administrator. This account manages the CloudStack deployment, including physical infrastructure. The root administrator can modify configuration settings to change basic functionality, create or delete user accounts, and take many actions that should be performed only by an authorized person. Please change the default password to a new, unique password. +.. warning:: + You are logging in as the root administrator. This account manages the + CloudStack deployment, including physical infrastructure. The root + administrator can modify configuration settings to change basic + functionality, create or delete user accounts, and take many actions + that should be performed only by an authorized person. Please change + the default password to a new, unique password. .. _changing-root-password: @@ -150,43 +148,27 @@ many actions that should be performed only by an authorized person. When first installing CloudStack, be sure to change the default password to a new, unique value. -#. - - Open your favorite Web browser and go to this URL. Substitute the IP +#. Open your favorite Web browser and go to this URL. Substitute the IP address of your own Management Server: .. sourcecode:: bash - http://<management-server-ip-address>:8080/client - -#. + http://<management-server-ip-address>:8080/client - Log in to the UI using the current root user ID and password. The +#. Log in to the UI using the current root user ID and password. The default is admin, password. -#. - - Click Accounts. - -#. - - Click the admin account name. - -#. - - Click View Users. - -#. +#. Click Accounts. - Click the admin user name. +#. Click the admin account name. -#. +#. Click View Users. - Click the Change Password button. |change-password.png| +#. Click the admin user name. -#. +#. Click the Change Password button. |change-password.png| - Type the new password, and click OK. +#. Type the new password, and click OK. .. |change-password.png| image:: _static/images/change-password.png