Re: Attached volume is not visible within the vm
I am able to view the disk in linux vm centos. The same not working in windows. Do i need to install any additional package in windows server? I tried rebooting the windows vm didnt work. Please help!! On Fri, Apr 6, 2018 at 11:56 AM, soundar rajan wrote: > Hi, > > I have created a 5 GB volume in the storage and attached the volume to a > vm status shows ready and success > > when i login to the vm and access the disk management i dont see that disk > inside the windows server. > > Tried rescan disk option no luck any idea? > > OS: Windows Server 2012 R2 > > cloudstack : 4.11 > > > Regards > Shyam >
Re: Attached volume is not visible within the vm
What hypervisor the windows vm is deployed on? Regards, Sateesh -Original Message- From: soundar rajan Reply-To: "users@cloudstack.apache.org" Date: Friday, 6 April 2018 at 12:59 PM To: "d...@cloudstack.apache.org" , "users@cloudstack.apache.org" Subject: Re: Attached volume is not visible within the vm I am able to view the disk in linux vm centos. The same not working in windows. Do i need to install any additional package in windows server? I tried rebooting the windows vm didnt work. Please help!! On Fri, Apr 6, 2018 at 11:56 AM, soundar rajan wrote: > Hi, > > I have created a 5 GB volume in the storage and attached the volume to a > vm status shows ready and success > > when i login to the vm and access the disk management i dont see that disk > inside the windows server. > > Tried rescan disk option no luck any idea? > > OS: Windows Server 2012 R2 > > cloudstack : 4.11 > > > Regards > Shyam > DISCLAIMER == This e-mail may contain privileged and confidential information which is the property of Accelerite, a Persistent Systems business. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Accelerite, a Persistent Systems business does not accept any liability for virus infected mails.
Re: Attached volume is not visible within the vm
hypervisor deployed on KVM centos On Fri, Apr 6, 2018 at 1:09 PM, Sateesh Chodapuneedi < sateesh.chodapune...@accelerite.com> wrote: > What hypervisor the windows vm is deployed on? > > Regards, > Sateesh > > -Original Message- > From: soundar rajan > Reply-To: "users@cloudstack.apache.org" > Date: Friday, 6 April 2018 at 12:59 PM > To: "d...@cloudstack.apache.org" , " > users@cloudstack.apache.org" > Subject: Re: Attached volume is not visible within the vm > > I am able to view the disk in linux vm centos. The same not working in > windows. Do i need to install any additional package in windows server? > > I tried rebooting the windows vm didnt work. > > Please help!! > > On Fri, Apr 6, 2018 at 11:56 AM, soundar rajan > > wrote: > > > Hi, > > > > I have created a 5 GB volume in the storage and attached the volume > to a > > vm status shows ready and success > > > > when i login to the vm and access the disk management i dont see > that disk > > inside the windows server. > > > > Tried rescan disk option no luck any idea? > > > > OS: Windows Server 2012 R2 > > > > cloudstack : 4.11 > > > > > > Regards > > Shyam > > > > > DISCLAIMER > == > This e-mail may contain privileged and confidential information which is > the property of Accelerite, a Persistent Systems business. It is intended > only for the use of the individual or entity to which it is addressed. If > you are not the intended recipient, you are not authorized to read, retain, > copy, print, distribute or use this message. If you have received this > communication in error, please notify the sender and delete all copies of > this message. Accelerite, a Persistent Systems business does not accept any > liability for virus infected mails. >
Re: Untagged Networking for Advanced Zone possible?
Hi Parth, Keep in mind you are in unchartered waters – so there may be some stumbling blocks before you get this to work. I suspect what you have to do is change cloudbr1 such that it is backed by a fake or dummy ethernet interface. What seems to happen is the agent script looks for the network device backing the bridge rather than the bridge itself. This would mean your setup is like this: Physical eth0 -> cloudbr0 > handles management and public Dummy eth1 -> cloudbr1 > handles isolated guest traffic and allows for isolated VLANs internally on the host Keep in mind the context here – you have stated you don’t want VLANs traversing your physical network, hence we are trying to get this working on a single host only. How you configure your IP ranges for management and public is something you need to experiment with and see what works for you. Regards, Dag Sonstebo Cloud Architect ShapeBlue From: Parth Patel Reply-To: "users@cloudstack.apache.org" Date: Friday, 6 April 2018 at 07:30 To: "users@cloudstack.apache.org" Subject: Re: Untagged Networking for Advanced Zone possible? Hi Dag, When I tried your method and created a NIC-less bridge, following are the contents of my ifcfg-* network files: ifcfg-cloudbr0: TYPE=Bridge PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no NAME=cloudbr0 UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e DEVICE=cloudbr0 ONBOOT=yes IPADDR=172.16.20.13 PREFIX=16 GATEWAY=172.16.0.1 DNS1=8.8.8.8 DNS2=172.16.0.1 NM_CONTROLLED=no ifcfg-cloudbr1: TYPE=Bridge IPV4_FAILURE_FATAL=no NAME=cloudbr1 UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e DEVICE=cloudbr1 ONBOOT=yes NM_CONTROLLED=no ifcfg-eno1: TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no NAME=eno1 UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e DEVICE=eno1 ONBOOT=yes IPADDR=172.16.20.13 PREFIX=16 GATEWAY=172.16.0.1 DNS1=8.8.8.8 DNS2=172.16.0.1 NM_CONTROLLED=no BRIDGE=cloudbr0 brctl show output: [root@srvr3 ~]# brctl show bridge name bridge id STP enabled interfaces cloud0 8000. no cloudbr0 8000.3464a92a09f3 no eno1 cloudbr1 8000. no virbr0 8000.5254002dabdb yes virbr0-nic when adding a host in advanced zone it shows the following error: Could not find network 'cloudbr1' 2018-04-04 02:03:11,887 DEBUG [c.c.u.s.SSHCmdHelper] (qtp510113906-14:ctx-707b53e5 ctx-8d49ccb3) (logid:dff92f23) Executing cmd: /usr/share/cloudstack-common/scripts/util/keystore-cert-import /etc/cloudstack/agent/agent.properties /etc/cloudstack/agent/ 2018-04-04 02:03:15,686 DEBUG [c.c.h.k.d.LibvirtServerDiscoverer] (qtp510113906-14:ctx-707b53e5 ctx-8d49ccb3) (logid:dff92f23) Succeeded to import certificate in the keystore for agent on the KVM host: 172.16.20.13. Agent secured and trusted. 2018-04-04 02:03:15,688 DEBUG [c.c.u.s.SSHCmdHelper] (qtp510113906-14:ctx-707b53e5 ctx-8d49ccb3) (logid:dff92f23) Executing cmd: cloudstack-setup-agent -m 172.16.20.13 -z 1 -p 1 -c 1 -g 1fd67886-c5d9-3464-ac73-46689258b34e -a --pubNic=cloudbr0 --prvNic=cloudbr0 --guestNic=cloudbr1 --hypervisor=kvm 2018-04-04 02:03:19,674 INFO [o.a.c.f.j.i.AsyncJobManagerImpl] (AsyncJobMgr-Heartbeat-1:ctx-af4b26a6) (logid:4c5c40d4) Begin cleanup expired async-jobs 2018-04-04 02:03:19,683 INFO [o.a.c.f.j.i.AsyncJobManagerImpl] (AsyncJobMgr-Heartbeat-1:ctx-af4b26a6) (logid:4c5c40d4) End cleanup expired async-jobs 2018-04-04 02:03:20,022 DEBUG [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-f1d46df0) (logid:a021b44c) Found 0 routers to update status. 2018-04-04 02:03:20,025 DEBUG [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-f1d46df0) (logid:a021b44c) Found 0 VPC networks to update Redundant State. 2018-04-04 02:03:20,029 DEBUG [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-f1d46df0) (logid:a021b44c) Found 0 networks to update RvR status. 2018-04-04 02:03:22,518 DEBUG [c.c.c.ConsoleProxyManagerImpl] (consoleproxy-1:ctx-9d047585) (logid:3b4da034) Skip capacity scan as there is no Primary Storage in 'Up' state 2018-04-04 02:03:29,677 INFO [o.a.c.f.j.i.AsyncJobManagerImpl] (AsyncJobMgr-Heartbeat-1:ctx-4378508d) (logid:9de3110e) Begin cleanup expired async-jobs 2018-04-04 02:03:29,695 INFO [o.a.c.f.j.i.AsyncJobManagerImpl] (AsyncJobMgr-Heartbeat-1:ctx-4378508d) (logid:9de3110e) End cleanup expired async-jobs 2018-04-04 02:03:35,796 DEBUG [c.c.s.StatsCollector] (StatsCollector-2:ctx-a6998a7a) (logid:174df0f0) AutoScaling Monitor is running... 2018-04-04 02:03:35,812 DEBUG [c.c.s.StatsCollector] (StatsCollector-1:ctx-51d8b17f) (logid:8d7cca2e) HostStatsCollector is running... 2018-04-04 02:03:35,812 DEBUG [c.c.s.StatsCollector] (StatsCollector-3:ctx-db3df7da) (logid:c38b9f19) StorageCollector is running... 2018-04-04 02:03:39,675 INFO [o.a.c.f.j.i.AsyncJobManagerImpl] (AsyncJobMgr-Heartbeat-1:ctx-26aea785) (logid:48c9a5ba) Begin cleanup expired async-jobs 2018-04-04 02:03:39,6
Re: Attached volume is not visible within the vm
Thanks guys, got it fixed by installing the virto drivers from fedora site On Fri, Apr 6, 2018 at 1:56 PM, soundar rajan wrote: > hypervisor deployed on KVM centos > > On Fri, Apr 6, 2018 at 1:09 PM, Sateesh Chodapuneedi < > sateesh.chodapune...@accelerite.com> wrote: > >> What hypervisor the windows vm is deployed on? >> >> Regards, >> Sateesh >> >> -Original Message- >> From: soundar rajan >> Reply-To: "users@cloudstack.apache.org" >> Date: Friday, 6 April 2018 at 12:59 PM >> To: "d...@cloudstack.apache.org" , " >> users@cloudstack.apache.org" >> Subject: Re: Attached volume is not visible within the vm >> >> I am able to view the disk in linux vm centos. The same not working in >> windows. Do i need to install any additional package in windows >> server? >> >> I tried rebooting the windows vm didnt work. >> >> Please help!! >> >> On Fri, Apr 6, 2018 at 11:56 AM, soundar rajan < >> bsoundara...@gmail.com> >> wrote: >> >> > Hi, >> > >> > I have created a 5 GB volume in the storage and attached the volume >> to a >> > vm status shows ready and success >> > >> > when i login to the vm and access the disk management i dont see >> that disk >> > inside the windows server. >> > >> > Tried rescan disk option no luck any idea? >> > >> > OS: Windows Server 2012 R2 >> > >> > cloudstack : 4.11 >> > >> > >> > Regards >> > Shyam >> > >> >> >> DISCLAIMER >> == >> This e-mail may contain privileged and confidential information which is >> the property of Accelerite, a Persistent Systems business. It is intended >> only for the use of the individual or entity to which it is addressed. If >> you are not the intended recipient, you are not authorized to read, retain, >> copy, print, distribute or use this message. If you have received this >> communication in error, please notify the sender and delete all copies of >> this message. Accelerite, a Persistent Systems business does not accept any >> liability for virus infected mails. >> > >
Re: Untagged Networking for Advanced Zone possible?
Hi Dag, Thanks for the response. I am currently looking into VLANs and network configuration for my case. But I want to know one thing: are "untagged" VLAN networks sufficient for an advanced zone to function with two networks? I did not state I do not want to use VLANs for networking but I wanted to know if ACS advanced zone would function if VLANs are untagged? (The network router/switch did not support them). According to my knowledge I would have to dig much deeper into kernel files to provide a dummy interface as systemctl restart network would not function properly, still appreciate the advice. I will look into this more and see what I can do with it. Thanks, Parth Patel On Fri, 6 Apr 2018 at 13:59 Dag Sonstebo wrote: > Hi Parth, > > Keep in mind you are in unchartered waters – so there may be some > stumbling blocks before you get this to work. > > I suspect what you have to do is change cloudbr1 such that it is backed by > a fake or dummy ethernet interface. What seems to happen is the agent > script looks for the network device backing the bridge rather than the > bridge itself. > This would mean your setup is like this: > > Physical eth0 -> cloudbr0 > handles management and public > Dummy eth1 -> cloudbr1 > handles isolated guest traffic and allows for > isolated VLANs internally on the host > > Keep in mind the context here – you have stated you don’t want VLANs > traversing your physical network, hence we are trying to get this working > on a single host only. How you configure your IP ranges for management and > public is something you need to experiment with and see what works for you. > > Regards, > Dag Sonstebo > Cloud Architect > ShapeBlue > > From: Parth Patel > Reply-To: "users@cloudstack.apache.org" > Date: Friday, 6 April 2018 at 07:30 > To: "users@cloudstack.apache.org" > Subject: Re: Untagged Networking for Advanced Zone possible? > > Hi Dag, > > When I tried your method and created a NIC-less bridge, following are the > contents of my ifcfg-* network files: > > ifcfg-cloudbr0: > TYPE=Bridge > PROXY_METHOD=none > BROWSER_ONLY=no > BOOTPROTO=none > DEFROUTE=yes > IPV4_FAILURE_FATAL=no > NAME=cloudbr0 > UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e > DEVICE=cloudbr0 > ONBOOT=yes > IPADDR=172.16.20.13 > PREFIX=16 > GATEWAY=172.16.0.1 > DNS1=8.8.8.8 > DNS2=172.16.0.1 > NM_CONTROLLED=no > > ifcfg-cloudbr1: > TYPE=Bridge > IPV4_FAILURE_FATAL=no > NAME=cloudbr1 > UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e > DEVICE=cloudbr1 > ONBOOT=yes > NM_CONTROLLED=no > > ifcfg-eno1: > TYPE=Ethernet > PROXY_METHOD=none > BROWSER_ONLY=no > BOOTPROTO=none > DEFROUTE=yes > IPV4_FAILURE_FATAL=no > NAME=eno1 > UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e > DEVICE=eno1 > ONBOOT=yes > IPADDR=172.16.20.13 > PREFIX=16 > GATEWAY=172.16.0.1 > DNS1=8.8.8.8 > DNS2=172.16.0.1 > NM_CONTROLLED=no > BRIDGE=cloudbr0 > > brctl show output: > [root@srvr3 ~]# brctl show > bridge name bridge id STP enabled interfaces > cloud0 8000. no > cloudbr0 8000.3464a92a09f3 no eno1 > cloudbr1 8000. no > virbr0 8000.5254002dabdb yes virbr0-nic > > > > when adding a host in advanced zone it shows the following error: Could > not find network 'cloudbr1' > > 2018-04-04 02:03:11,887 DEBUG [c.c.u.s.SSHCmdHelper] > (qtp510113906-14:ctx-707b53e5 ctx-8d49ccb3) (logid:dff92f23) Executing cmd: > /usr/share/cloudstack-common/scripts/util/keystore-cert-import > /etc/cloudstack/agent/agent.properties /etc/cloudstack/agent/ > 2018-04-04 02:03:15,686 DEBUG [c.c.h.k.d.LibvirtServerDiscoverer] > (qtp510113906-14:ctx-707b53e5 ctx-8d49ccb3) (logid:dff92f23) Succeeded to > import certificate in the keystore for agent on the KVM host: 172.16.20.13. > Agent secured and trusted. > 2018-04-04 02:03:15,688 DEBUG [c.c.u.s.SSHCmdHelper] > (qtp510113906-14:ctx-707b53e5 ctx-8d49ccb3) (logid:dff92f23) Executing cmd: > cloudstack-setup-agent -m 172.16.20.13 -z 1 -p 1 -c 1 -g > 1fd67886-c5d9-3464-ac73-46689258b34e -a --pubNic=cloudbr0 --prvNic=cloudbr0 > --guestNic=cloudbr1 --hypervisor=kvm > 2018-04-04 02:03:19,674 INFO [o.a.c.f.j.i.AsyncJobManagerImpl] > (AsyncJobMgr-Heartbeat-1:ctx-af4b26a6) (logid:4c5c40d4) Begin cleanup > expired async-jobs > 2018-04-04 02:03:19,683 INFO [o.a.c.f.j.i.AsyncJobManagerImpl] > (AsyncJobMgr-Heartbeat-1:ctx-af4b26a6) (logid:4c5c40d4) End cleanup expired > async-jobs > 2018-04-04 02:03:20,022 DEBUG [c.c.n.r.VirtualNetworkApplianceManagerImpl] > (RouterStatusMonitor-1:ctx-f1d46df0) (logid:a021b44c) Found 0 routers to > update status. > 2018-04-04 02:03:20,025 DEBUG [c.c.n.r.VirtualNetworkApplianceManagerImpl] > (RouterStatusMonitor-1:ctx-f1d46df0) (logid:a021b44c) Found 0 VPC networks > to update Redundant State. > 2018-04-04 02:03:20,029 DEBUG [c.c.n.r.VirtualNetworkApplianceManagerImpl] > (RouterStatusMonitor-1:ctx-f1d46df0) (logid:a021b44c) Found 0 networks to > update RvR status. > 2018-04-04 02:03:22,518 DEBUG [c.c.c.ConsoleProxyManagerImpl] > (consoleproxy-1:ctx-9d047585) (logid:3b4da034) Skip capacity s
Re: Untagged Networking for Advanced Zone possible?
Hi Parth, Take a look through the full email trail – I think we discussed this earlier on. In short the answer is no – by definition you can not run completely untagged isolated networks in an advanced zone – but “tagged” means different things for L2 and L3 isolation. The real answer - “it depends” – an advanced zone always relies on some sort of guest network isolation, which in it’s simplest form equates to L2 VLANs. If you were to invest time, effort and money into an SDN solution like Nuage or Nicira/NSX you could potentially get around it – but complexity and cost goes up. You could have a play with something like GRE tunnelling (L3) – but in my experience this doesn’t scale well, eats a ton of CPU cycles and may not be fit for purpose. Again you are looking at a more complex solution. Regarding the dummy network interface it looks to me like a simple module install and configuration – see e.g. https://www.question-defense.com/2012/11/26/linux-create-fake-ethernet-interface . Not my post and I can’t vouch for it’s validity – but the process seems straight forward: [root@kvm1 hooks]# lsmod | grep dummy [root@kvm1 hooks]# modprobe dummy [root@kvm1 hooks]# lsmod | grep dummy dummy 2714 0 [root@kvm1 hooks]# ip link set name eth99 dev dummy0 [root@kvm1 hooks]# ifconfig eth99 eth99 Link encap:Ethernet HWaddr 92:BF:A6:30:20:3E BROADCAST NOARP MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Dag Sonstebo Cloud Architect ShapeBlue dag.sonst...@shapeblue.com www.shapeblue.com 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue On 06/04/2018, 11:45, "Parth Patel" wrote: Hi Dag, Thanks for the response. I am currently looking into VLANs and network configuration for my case. But I want to know one thing: are "untagged" VLAN networks sufficient for an advanced zone to function with two networks? I did not state I do not want to use VLANs for networking but I wanted to know if ACS advanced zone would function if VLANs are untagged? (The network router/switch did not support them). According to my knowledge I would have to dig much deeper into kernel files to provide a dummy interface as systemctl restart network would not function properly, still appreciate the advice. I will look into this more and see what I can do with it. Thanks, Parth Patel On Fri, 6 Apr 2018 at 13:59 Dag Sonstebo wrote: > Hi Parth, > > Keep in mind you are in unchartered waters – so there may be some > stumbling blocks before you get this to work. > > I suspect what you have to do is change cloudbr1 such that it is backed by > a fake or dummy ethernet interface. What seems to happen is the agent > script looks for the network device backing the bridge rather than the > bridge itself. > This would mean your setup is like this: > > Physical eth0 -> cloudbr0 > handles management and public > Dummy eth1 -> cloudbr1 > handles isolated guest traffic and allows for > isolated VLANs internally on the host > > Keep in mind the context here – you have stated you don’t want VLANs > traversing your physical network, hence we are trying to get this working > on a single host only. How you configure your IP ranges for management and > public is something you need to experiment with and see what works for you. > > Regards, > Dag Sonstebo > Cloud Architect > ShapeBlue > > From: Parth Patel > Reply-To: "users@cloudstack.apache.org" > Date: Friday, 6 April 2018 at 07:30 > To: "users@cloudstack.apache.org" > Subject: Re: Untagged Networking for Advanced Zone possible? > > Hi Dag, > > When I tried your method and created a NIC-less bridge, following are the > contents of my ifcfg-* network files: > > ifcfg-cloudbr0: > TYPE=Bridge > PROXY_METHOD=none > BROWSER_ONLY=no > BOOTPROTO=none > DEFROUTE=yes > IPV4_FAILURE_FATAL=no > NAME=cloudbr0 > UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e > DEVICE=cloudbr0 > ONBOOT=yes > IPADDR=172.16.20.13 > PREFIX=16 > GATEWAY=172.16.0.1 > DNS1=8.8.8.8 > DNS2=172.16.0.1 > NM_CONTROLLED=no > > ifcfg-cloudbr1: > TYPE=Bridge > IPV4_FAILURE_FATAL=no > NAME=cloudbr1 > UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e > DEVICE=cloudbr1 > ONBOOT=yes > NM_CONTROLLED=no > > ifcfg-eno1: > TYPE=Ethernet > PROXY_METHOD=none > BROWSER_ONLY=no > BOOTPROTO=none > DEFROUTE=yes > IPV4_FAILURE_FATAL=no > NAME=eno1 > UUID=25aabe73-8e11-408f-a4ec-c03b26d3aa6e > DEVICE=eno1 > ONBOOT=yes > IPADDR=172.16.20.13 > PREFIX=16 > GATEWA
Re: Upgrade CloudStack from 4.9.2.0 to 4.11.0
Hi Dag, Stephan and I posted the issues we encountered after upgrading to 4.11 on https://github.com/apache/cloudstack/issues. Those are: Admin Dashboard System Capacity broken with German Locale #2539 problem adding new shared network NIC to VM "A NIC with this MAC address exits for network:" #2540 Add "Lets Encrypt CA" Certpath to SSVM Keystore (for cdimage.debian.org) #2541 CloudStack-Usage Broken after Upgrade from 4.9 to 4.11 #2542 Web-UI creates all isolated Nets with IP range 10.1.1.0/24 #2533 Textbox "Account and projectId can't be specified together" #2543 Password Reset does not work with Isolated Networks with redundant routers #2544 Still we are very happy with our shiny new 4.11 setup! Thanks a lot for this great piece of software! Greetings, Melanie and Stephan Am 04.04.2018 um 16:08 schrieb Dag Sonstebo: > Hi Stephan, > > Thanks for the summary – can you log these as new issues in the new issues > tracker https://github.com/apache/cloudstack/issues please (note not Jira). > > Regards, > Dag Sonstebo > Cloud Architect > ShapeBlue > > On 04/04/2018, 10:39, "Stephan Seitz" wrote: > > Hi! > > We're currently using XenServer instead of VMware, so I just don't know > if you really need to build your own packages. Afaik shapeblue's public > repository has been built with noredist. > > Here's short list (sorry, we didn't report everything to the bugtracker > by now) of caveats: > > * There's a more precise dashboard (XX.XX% instead of XX%) > -> Nice, but only works with locale set to EN or C or anything with > decimalpoints instead of commas :) ... consequently the default > language of the GUI will also be selected identical to your locale. > > -> Ldap Authentication doesn't work. You need to apply https://github.c > om/apache/cloudstack/pull/2517 to get this working. > > -> Adding a NIC to a running VM (only tested in Advanced Zone, > Xenserver, Shared Network to add) fails with an "duplicate MAC-address" > error. See my post on the ML yesterday. > > -> cloudstack-usage doesn't start since (at least Ubuntu, deb packages) > the update doesn't clean old libs from /usr/share/cloudstack- > usage/libs. For us cleanup and reinstall fixed that. > > -> SSVM's java keystore doesn't contain Let's Encrypt Root-CA (maybe > others are also missing) so don't expect working downloads from > cdimage.debian.org via https :) > > -> A few nasty popups occur (but can be ignored) in the GUI e.g. > selecting a project and viewing networks. > > -> A minor documentation bug in the upgrade document: The apt-get.eu > Repository doesn't contain 4.11 right now. download.cloudstack.org > does. > > > To us none of that problems was a stopper, but your mileage may vary. > > cheers, > > - Stephan > > > Am Mittwoch, den 04.04.2018, 11:08 +0200 schrieb Marc Poll Garcia: > > Hello, > > > > My current infrastructure is Apache Cloudstack 4.9.2 with VMware > > hosts and > > the management server on CentOS. > > > > > > I'm planning to perform an upgrade from the actual 4.9.2 versión to > > the > > latest one. > > > > I found this tutorial from Cloudstack website: > > > > http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/e > > n/4.11.0.0/upgrade/upgrade-4.9.html > > > > But i don't know if any of you already did it, and had upgraded the > > system? > > I was wondering if anyone had any issues during the execution of the > > process. > > > > And also if someone can send more info, or another guide to follow or > > best > > practice? > > > > We've check it out and found that we need to compile our own > > cloudstack > > software because we're using vmware hosts, is it true? any > > suggestions? > > > > Thanks in advance. > > > > Kind regards. > > > > > -- > > Heinlein Support GmbH > Schwedter Str. 8/9b, 10119 Berlin > > http://www.heinlein-support.de > > Tel: 030 / 405051-44 > Fax: 030 / 405051-19 > > Zwangsangaben lt. §35a GmbHG: HRB 93818 B / Amtsgericht > Berlin-Charlottenburg, > Geschäftsführer: Peer Heinlein -- Sitz: Berlin > > > > > dag.sonst...@shapeblue.com > www.shapeblue.com > 53 Chandos Place, Covent Garden, London WC2N 4HSUK > @shapeblue > > > -- -- Heinlein Support GmbH Linux: Akademie - Support - Hosting http://www.heinlein-support.de Tel: 030 / 40 50 51 - 0 Fax: 030 / 40 50 51 - 19 Zwangsangaben lt. §35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Geschäftsführer: Peer Heinlein -- Sitz: Berlin
Re: Untagged Networking for Advanced Zone possible?
Hi Dag, Thank you for guiding me, i know it's a weird use case and probably would never be required in a production environment. I will definitely try to make a dummy interface and give it to the guest network target bridge. I know it would be out of the scope of this email trail for you to explain me tagged and untagged networking in L2 and L3 networks, but I would search around the internet and ping this thread if I'm again stuck at some specific issue after I reach my university's lab. Appreciate your help. Thanks, Parth Patel On Fri, 6 Apr 2018 at 17:06 Dag Sonstebo wrote: > Hi Parth, > > Take a look through the full email trail – I think we discussed this > earlier on. In short the answer is no – by definition you can not run > completely untagged isolated networks in an advanced zone – but “tagged” > means different things for L2 and L3 isolation. The real answer - “it > depends” – an advanced zone always relies on some sort of guest network > isolation, which in it’s simplest form equates to L2 VLANs. If you were to > invest time, effort and money into an SDN solution like Nuage or Nicira/NSX > you could potentially get around it – but complexity and cost goes up. You > could have a play with something like GRE tunnelling (L3) – but in my > experience this doesn’t scale well, eats a ton of CPU cycles and may not be > fit for purpose. Again you are looking at a more complex solution. > > Regarding the dummy network interface it looks to me like a simple module > install and configuration – see e.g. > https://www.question-defense.com/2012/11/26/linux-create-fake-ethernet-interface > . Not my post and I can’t vouch for it’s validity – but the process seems > straight forward: > > [root@kvm1 hooks]# lsmod | grep dummy > [root@kvm1 hooks]# modprobe dummy > [root@kvm1 hooks]# lsmod | grep dummy > dummy 2714 0 > [root@kvm1 hooks]# ip link set name eth99 dev dummy0 > [root@kvm1 hooks]# ifconfig eth99 > eth99 Link encap:Ethernet HWaddr 92:BF:A6:30:20:3E > BROADCAST NOARP MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > > Dag Sonstebo > Cloud Architect > ShapeBlue > > > dag.sonst...@shapeblue.com > www.shapeblue.com > 53 Chandos Place, Covent Garden, London WC2N 4HSUK > @shapeblue > > > > On 06/04/2018, 11:45, "Parth Patel" wrote: > > Hi Dag, > > Thanks for the response. I am currently looking into VLANs and network > configuration for my case. But I want to know one thing: are "untagged" > VLAN networks sufficient for an advanced zone to function with two > networks? I did not state I do not want to use VLANs for networking > but I > wanted to know if ACS advanced zone would function if VLANs are > untagged? > (The network router/switch did not support them). According to my > knowledge > I would have to dig much deeper into kernel files to provide a dummy > interface as systemctl restart network would not function properly, > still > appreciate the advice. I will look into this more and see what I can do > with it. > > Thanks, > Parth Patel > > On Fri, 6 Apr 2018 at 13:59 Dag Sonstebo > wrote: > > > Hi Parth, > > > > Keep in mind you are in unchartered waters – so there may be some > > stumbling blocks before you get this to work. > > > > I suspect what you have to do is change cloudbr1 such that it is > backed by > > a fake or dummy ethernet interface. What seems to happen is the agent > > script looks for the network device backing the bridge rather than > the > > bridge itself. > > This would mean your setup is like this: > > > > Physical eth0 -> cloudbr0 > handles management and public > > Dummy eth1 -> cloudbr1 > handles isolated guest traffic and allows > for > > isolated VLANs internally on the host > > > > Keep in mind the context here – you have stated you don’t want VLANs > > traversing your physical network, hence we are trying to get this > working > > on a single host only. How you configure your IP ranges for > management and > > public is something you need to experiment with and see what works > for you. > > > > Regards, > > Dag Sonstebo > > Cloud Architect > > ShapeBlue > > > > From: Parth Patel > > Reply-To: "users@cloudstack.apache.org" > > > Date: Friday, 6 April 2018 at 07:30 > > To: "users@cloudstack.apache.org" > > Subject: Re: Untagged Networking for Advanced Zone possible? > > > > Hi Dag, > > > > When I tried your method and created a NIC-less bridge, following > are the > > contents of my ifcfg-* network files: > > > > ifcfg-cloudbr0: > > TYPE=Bridge > > PROXY_METHOD=none > > BROWSER_ONLY=no > > BOOTPROTO=none > > DEFROUTE=yes
Re: Untagged Networking for Advanced Zone possible?
Hi Parth, No problem, glad I could help. Let us know how you get on with the dummy interface bridge. With regards to your tagging question – yes this is quite a big and complicated topic. Suffice to summarise it as follows: - Basic zones use a larger L3 network, and guest isolation is done by ACLs – in other words firewall rules which controls which VMs can speak to each other on the same network. - Advanced zones use multiple isolated guest networks which are behind virtual routers, and each isolated network must be secured from eavesdropping from a neighbour network – to do this you need to put in place an isolation mechanism like layer 2 VLAN tags, or a layer 3 SDN solution – which uses a slightly different type of tagging to isolate networks. Regards, Dag Sonstebo Cloud Architect ShapeBlue dag.sonst...@shapeblue.com www.shapeblue.com 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue On 06/04/2018, 13:34, "Parth Patel" wrote: Hi Dag, Thank you for guiding me, i know it's a weird use case and probably would never be required in a production environment. I will definitely try to make a dummy interface and give it to the guest network target bridge. I know it would be out of the scope of this email trail for you to explain me tagged and untagged networking in L2 and L3 networks, but I would search around the internet and ping this thread if I'm again stuck at some specific issue after I reach my university's lab. Appreciate your help. Thanks, Parth Patel On Fri, 6 Apr 2018 at 17:06 Dag Sonstebo wrote: > Hi Parth, > > Take a look through the full email trail – I think we discussed this > earlier on. In short the answer is no – by definition you can not run > completely untagged isolated networks in an advanced zone – but “tagged” > means different things for L2 and L3 isolation. The real answer - “it > depends” – an advanced zone always relies on some sort of guest network > isolation, which in it’s simplest form equates to L2 VLANs. If you were to > invest time, effort and money into an SDN solution like Nuage or Nicira/NSX > you could potentially get around it – but complexity and cost goes up. You > could have a play with something like GRE tunnelling (L3) – but in my > experience this doesn’t scale well, eats a ton of CPU cycles and may not be > fit for purpose. Again you are looking at a more complex solution. > > Regarding the dummy network interface it looks to me like a simple module > install and configuration – see e.g. > https://www.question-defense.com/2012/11/26/linux-create-fake-ethernet-interface > . Not my post and I can’t vouch for it’s validity – but the process seems > straight forward: > > [root@kvm1 hooks]# lsmod | grep dummy > [root@kvm1 hooks]# modprobe dummy > [root@kvm1 hooks]# lsmod | grep dummy > dummy 2714 0 > [root@kvm1 hooks]# ip link set name eth99 dev dummy0 > [root@kvm1 hooks]# ifconfig eth99 > eth99 Link encap:Ethernet HWaddr 92:BF:A6:30:20:3E > BROADCAST NOARP MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > > Dag Sonstebo > Cloud Architect > ShapeBlue > > > dag.sonst...@shapeblue.com > www.shapeblue.com > 53 Chandos Place, Covent Garden, London WC2N 4HSUK > @shapeblue > > > > On 06/04/2018, 11:45, "Parth Patel" wrote: > > Hi Dag, > > Thanks for the response. I am currently looking into VLANs and network > configuration for my case. But I want to know one thing: are "untagged" > VLAN networks sufficient for an advanced zone to function with two > networks? I did not state I do not want to use VLANs for networking > but I > wanted to know if ACS advanced zone would function if VLANs are > untagged? > (The network router/switch did not support them). According to my > knowledge > I would have to dig much deeper into kernel files to provide a dummy > interface as systemctl restart network would not function properly, > still > appreciate the advice. I will look into this more and see what I can do > with it. > > Thanks, > Parth Patel > > On Fri, 6 Apr 2018 at 13:59 Dag Sonstebo > wrote: > > > Hi Parth, > > > > Keep in mind you are in unchartered waters – so there may be some > > stumbling blocks before you get this to work. > > > > I suspect what you have to do is change cloudbr1 such that it is > backed by > > a fake or dummy ethernet interface. What see
Re: Upgrade CloudStack from 4.9.2.0 to 4.11.0
Hi Melanie and Stephan, Thanks for logging and glad none of these are show stoppers for you. Regards, Dag Sonstebo Cloud Architect ShapeBlue On 06/04/2018, 13:07, "Melanie Desaive" wrote: Hi Dag, Stephan and I posted the issues we encountered after upgrading to 4.11 on https://github.com/apache/cloudstack/issues. Those are: Admin Dashboard System Capacity broken with German Locale #2539 problem adding new shared network NIC to VM "A NIC with this MAC address exits for network:" #2540 Add "Lets Encrypt CA" Certpath to SSVM Keystore (for cdimage.debian.org) #2541 CloudStack-Usage Broken after Upgrade from 4.9 to 4.11 #2542 Web-UI creates all isolated Nets with IP range 10.1.1.0/24 #2533 Textbox "Account and projectId can't be specified together" #2543 Password Reset does not work with Isolated Networks with redundant routers #2544 Still we are very happy with our shiny new 4.11 setup! Thanks a lot for this great piece of software! Greetings, Melanie and Stephan Am 04.04.2018 um 16:08 schrieb Dag Sonstebo: > Hi Stephan, > > Thanks for the summary – can you log these as new issues in the new issues tracker https://github.com/apache/cloudstack/issues please (note not Jira). > > Regards, > Dag Sonstebo > Cloud Architect > ShapeBlue > > On 04/04/2018, 10:39, "Stephan Seitz" wrote: > > Hi! > > We're currently using XenServer instead of VMware, so I just don't know > if you really need to build your own packages. Afaik shapeblue's public > repository has been built with noredist. > > Here's short list (sorry, we didn't report everything to the bugtracker > by now) of caveats: > > * There's a more precise dashboard (XX.XX% instead of XX%) > -> Nice, but only works with locale set to EN or C or anything with > decimalpoints instead of commas :) ... consequently the default > language of the GUI will also be selected identical to your locale. > > -> Ldap Authentication doesn't work. You need to apply https://github.c > om/apache/cloudstack/pull/2517 to get this working. > > -> Adding a NIC to a running VM (only tested in Advanced Zone, > Xenserver, Shared Network to add) fails with an "duplicate MAC-address" > error. See my post on the ML yesterday. > > -> cloudstack-usage doesn't start since (at least Ubuntu, deb packages) > the update doesn't clean old libs from /usr/share/cloudstack- > usage/libs. For us cleanup and reinstall fixed that. > > -> SSVM's java keystore doesn't contain Let's Encrypt Root-CA (maybe > others are also missing) so don't expect working downloads from > cdimage.debian.org via https :) > > -> A few nasty popups occur (but can be ignored) in the GUI e.g. > selecting a project and viewing networks. > > -> A minor documentation bug in the upgrade document: The apt-get.eu > Repository doesn't contain 4.11 right now. download.cloudstack.org > does. > > > To us none of that problems was a stopper, but your mileage may vary. > > cheers, > > - Stephan > > > Am Mittwoch, den 04.04.2018, 11:08 +0200 schrieb Marc Poll Garcia: > > Hello, > > > > My current infrastructure is Apache Cloudstack 4.9.2 with VMware > > hosts and > > the management server on CentOS. > > > > > > I'm planning to perform an upgrade from the actual 4.9.2 versión to > > the > > latest one. > > > > I found this tutorial from Cloudstack website: > > > > http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/e > > n/4.11.0.0/upgrade/upgrade-4.9.html > > > > But i don't know if any of you already did it, and had upgraded the > > system? > > I was wondering if anyone had any issues during the execution of the > > process. > > > > And also if someone can send more info, or another guide to follow or > > best > > practice? > > > > We've check it out and found that we need to compile our own > > cloudstack > > software because we're using vmware hosts, is it true? any > > suggestions? > > > > Thanks in advance. > > > > Kind regards. > > > > > -- > > Heinlein Support GmbH > Schwedter Str. 8/9b, 10119 Berlin > > http://www.heinlein-support.de > > Tel: 030 / 405051-44 > Fax: 030 / 405051-19 > > Zwangsangabe