Re: [one-users] x509 Auth Failing after 24 hours

2011-12-15 Thread Anthony Tiradani
I should also mention that this is an OpenNebula 3.1 installation (via 
the rpm) on Scientific Linux 6.1.  I have the DEBUG setting set to 3 
which according to the comments in oned.conf should be the most verbose.


In trying to debug, I used the authenticate script in 
/var/lib/one/remotes/auth/x509 which imports and uses 
/usr/lib/one/ruby/x509_auth.rb.  If I take the token that is decrypted 
from the file /var/lib/one/.one/one_x509 I can perform openssl 
operations on it and verify it.  If I run the values through the 
authenticate script, I find that there is a problem parsing the CA 
chain.  When it calculates the hash value for the CA, it is dropping a 
leading 0 which makes the file path invalid.  Could this be the problem?


Thanks,

Anthony Tiradani
tirad...@fnal.gov
+1 630 840 4479


On 12/15/11 5:07 PM, Anthony Tiradani wrote:

This is the only message I get in oned.log:

Thu Dec 15 17:05:47 2011 [ReM][E]: [HostPoolInfo] User couldn't be
authenticated, aborting call.

I am running onehost list when I see that error.

Anthony Tiradani
tirad...@fnal.gov
+1 630 840 4479


On 12/15/2011 03:40 PM, Ruben S. Montero wrote:

Hi,

Could you send the messages in oned.log file? You should see there
messages from the driver describing the error...

Cheers

Ruben

On Thu, Dec 15, 2011 at 5:31 PM, Anthony Tiradani  wrote:

Hi,

I am trying to setup OpenNebula with x509 authentication.  I am using
sqlite as the DB back end for now.  I am following the documentation
here: http://opennebula.org/documentation:rel3.0:x509_auth

I've configured everything correctly as far as I can tell.  I can
successfully use x509 to login, but after 24 hours (no matter what I set
the expire time to with the --time argument) I get error messages saying
that the user couldn't be authenticated.

I've tried re-running the "oneuser login ..." command to no avail.  The
only thing that works is if I delete one.db and restart OpenNebula.
Then I can log in just fine, but all the configuration that I have done
is lost.  What do I have to do to fix this?

Thanks,

--
Anthony Tiradani
tirad...@fnal.gov
+1 630 840 4479



___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org






___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] Removing old VMs

2011-12-15 Thread Steven Timm

On Fri, 16 Dec 2011, richard -rw- weinberger wrote:


Hi!

It looks like OpenNebula keeps all used VM Ids.
Using "onevm ID" I can see all old VMs in state "DONE".
And in /var/lib/one/ exists for each old VM a directory.

How can I get rid of this?
Especially the directories in /var/lib/one/ are nasty.




Two ways--
Either don't use the "SAVE" option in your template

or

use VM's from the image repository and then opennebula
will save them back to the image repository instead of the
/var/lib/one/directory.

Steve


--
--
Steven C. Timm, Ph.D  (630) 840-8525
t...@fnal.gov  http://home.fnal.gov/~timm/
Fermilab Computing Division, Scientific Computing Facilities,
Grid Facilities Department, FermiGrid Services Group, Group Leader.
Lead of FermiCloud project.
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] Little help with first building cloud

2011-12-15 Thread matheus tor4
Guys,  which is default url for sunstone-server?

I don't found it.

thanks.

On Wed, Dec 7, 2011 at 11:48 AM, matheus tor4  wrote:

> Fabian, it's exactly what I want to hear.
>
> Make the changes with root user, and start oned with oneadmin user!
> Great!
>
> Thanks a lot!
>
>
>
> On Wed, Dec 7, 2011 at 7:34 AM, Fabian Wenk  wrote:
>
>> Hello Matheus
>>
>>
>> On 07.12.2011 01:44, matheus tor4 wrote:
>>
>>> Make the changes on files like oned.conf using my standart user will
>>> brings
>>> for me troubles in future, or not?
>>>
>>
>> Configuration files in /etc/ usually are changed with the root user,
>> normal users should not be able to write or depending on the content even
>> be able to read it.
>>
>>
>>  What you recommend?
>>> - Put the rights on the oneadmin user, or
>>> - Use root user to make changes (painlessly)
>>>
>>
>> What kind of changes?
>>
>> On my system the /etc/one/oned.conf belongs to root (rw) with only read
>> permissions for the cloud group. The startup script /etc/init.d/opennebula
>> takes care to start the OpenNebula daemons with the user oneadmin (eg.
>> dropping privileges). But this is something which could depend on the used
>> Linux distribution if you used a distribution provided package.
>>
>>
>>
>> bye
>> Fabian
>> __**_
>> Users mailing list
>> Users@lists.opennebula.org
>> http://lists.opennebula.org/**listinfo.cgi/users-opennebula.**org
>>
>
>
>
> --
> Matheus Torquato
> Undergraduate in Computer Science
> Federal University of Alagoas
>
>


-- 
Matheus Torquato
Undergraduate in Computer Science
Federal University of Alagoas
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] Removing old VMs

2011-12-15 Thread Hutson Betts
Dear Richard,

This is not necessarily an answer to your question, but if you'll
consider taking a look at Feature #1026 that I created on the dev site.

I can understand that all reference material associated with a VM would
remain even when the VM is in the "DONE" state since technically that is
an acceptable state for the VM to exist. There could exist a scenario
where the user would like access to deployment files, logs, etc.

However, it would be nice if there was a method to clear-out all data
related to VMs. That's where Feature #1026 comes in. Currently, even
deleting a VM leaves all its files laying around.

-- 
Hutson Betts
Computer Science and Engineering
Texas A&M University


On Fri, 2011-12-16 at 00:12 +0100, richard -rw- weinberger wrote:
> Hi!
> 
> It looks like OpenNebula keeps all used VM Ids.
> Using "onevm ID" I can see all old VMs in state "DONE".
> And in /var/lib/one/ exists for each old VM a directory.
> 
> How can I get rid of this?
> Especially the directories in /var/lib/one/ are nasty.
> 


signature.asc
Description: This is a digitally signed message part
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


[one-users] Sunstone and x509 Authentication

2011-12-15 Thread Faarooq Lowe
We are still having problems getting sunstone to work with x509 
authentication.


Could someone please advise?

Here is what we have

sunstone-server.conf

# Server Configuration
:host: 127.0.0.1
:port: 9869

# Authentication driver for incomming requests
#   sunstone, for OpenNebula's user-password scheme
#   x509, for x509 certificates based authentication
#:auth: sunstone
:auth: x509

# Authentication driver to communicate with OpenNebula core
#   cipher, for symmetric cipher encryption of tokens
#   x509, for x509 certificate encryption of tokens
#:core_auth: server_cipher
:core_auth: x509

# Life-time in seconds for token renewal (that used to handle OpenNebula 
auths)

:token_expiration_delta: 1800

server_x509_auth.conf

# User to be used for x509 server authentication

:srv_user: serveradmin

# Path to the certificate used by the OpenNebula Services
# Certificates must be in PEM format

:one_cert: "/etc/grid-security/hostcert.pem"
:one_key: "/etc/grid-security/hostkey.pem"

serveradmin information

-bash-3.2$ oneuser show 1
USER 1 INFORMATION
ID : 1
NAME   : serveradmin
GROUP  : 0
PASSWORD   : 
AUTH_DRIVER: x509
ENABLED: Yes

USER TEMPLATE

Logs

oned.log

Thu Dec 15 17:04:28 2011 [AuM][E]: Auth Error: undefined method 
`public_key' for nil:NilClass


sunstone.log

131.225.168.168 - - [15/Dec/2011 17:03:26] "GET / HTTP/1.1" 200 1384 0.0037
131.225.168.168 - - [15/Dec/2011 17:04:28] "POST /login HTTP/1.1" 500 61 
0.0802






___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


[one-users] Removing old VMs

2011-12-15 Thread richard -rw- weinberger
Hi!

It looks like OpenNebula keeps all used VM Ids.
Using "onevm ID" I can see all old VMs in state "DONE".
And in /var/lib/one/ exists for each old VM a directory.

How can I get rid of this?
Especially the directories in /var/lib/one/ are nasty.

-- 
Thanks,
//richard
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] x509 Auth Failing after 24 hours

2011-12-15 Thread Anthony Tiradani
This is the only message I get in oned.log:

Thu Dec 15 17:05:47 2011 [ReM][E]: [HostPoolInfo] User couldn't be
authenticated, aborting call.

I am running onehost list when I see that error. 

Anthony Tiradani
tirad...@fnal.gov
+1 630 840 4479


On 12/15/2011 03:40 PM, Ruben S. Montero wrote:
> Hi,
>
> Could you send the messages in oned.log file? You should see there
> messages from the driver describing the error...
>
> Cheers
>
> Ruben
>
> On Thu, Dec 15, 2011 at 5:31 PM, Anthony Tiradani  wrote:
>> Hi,
>>
>> I am trying to setup OpenNebula with x509 authentication.  I am using
>> sqlite as the DB back end for now.  I am following the documentation
>> here: http://opennebula.org/documentation:rel3.0:x509_auth
>>
>> I've configured everything correctly as far as I can tell.  I can
>> successfully use x509 to login, but after 24 hours (no matter what I set
>> the expire time to with the --time argument) I get error messages saying
>> that the user couldn't be authenticated.
>>
>> I've tried re-running the "oneuser login ..." command to no avail.  The
>> only thing that works is if I delete one.db and restart OpenNebula.
>> Then I can log in just fine, but all the configuration that I have done
>> is lost.  What do I have to do to fix this?
>>
>> Thanks,
>>
>> --
>> Anthony Tiradani
>> tirad...@fnal.gov
>> +1 630 840 4479
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>
>



smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] x509 Auth Failing after 24 hours

2011-12-15 Thread Ruben S. Montero
Hi,

Could you send the messages in oned.log file? You should see there
messages from the driver describing the error...

Cheers

Ruben

On Thu, Dec 15, 2011 at 5:31 PM, Anthony Tiradani  wrote:
> Hi,
>
> I am trying to setup OpenNebula with x509 authentication.  I am using
> sqlite as the DB back end for now.  I am following the documentation
> here: http://opennebula.org/documentation:rel3.0:x509_auth
>
> I've configured everything correctly as far as I can tell.  I can
> successfully use x509 to login, but after 24 hours (no matter what I set
> the expire time to with the --time argument) I get error messages saying
> that the user couldn't be authenticated.
>
> I've tried re-running the "oneuser login ..." command to no avail.  The
> only thing that works is if I delete one.db and restart OpenNebula.
> Then I can log in just fine, but all the configuration that I have done
> is lost.  What do I have to do to fix this?
>
> Thanks,
>
> --
> Anthony Tiradani
> tirad...@fnal.gov
> +1 630 840 4479
>
>
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>



-- 
Ruben S. Montero, PhD
Project co-Lead and Chief Architect
OpenNebula - The Open Source Toolkit for Data Center Virtualization
www.OpenNebula.org | rsmont...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


[one-users] Quota Issue

2011-12-15 Thread Hutson Betts
I'm currently facing a similar issue when attempting to instantiate a VM
using occi-compute. The error:

oneadmin@opennebula-server:~$ occi-compute --username [USER] --password
[PASSWORD] --url https://localhost/occi --debug create test.vm
/var/lib/gems/1.8/gems/curb-0.7.16/lib/curb_core.so: warning: already
initialized constant CURL_SSLVERSION_DEFAULT
[VirtualMachineAllocate] User [1] not authorized to perform action on
virtual machine.

oneadmin@opennebula-server:~$ onevm list all
ID USER GROUPNAME STAT CPU MEMHOSTNAME
TIME

oneadmin@opennebula-server:~$ onevnet list all
one  ID USER GROUPNAME  TYPE BRIDGE PUB  LEASES
   6 [USER]usersfirewall-extern  Rbr2  No   0

oneadmin@opennebula-server:~$ oneimage list all
  ID USER GROUPNAMESIZE TYPE  REGTIME PUB
PER STAT  RVMS
   1 [USER]usersMachine A  1015M   OS   12/11 17:50:01  No
No  rdy 0
   2 [USER]usersMachine B   976M   OS   12/11 17:51:27  No
No  rdy 0
   3 [USER]usersMachine C   993M   OS   12/11 18:00:40  No
No  rdy 0

Output From oned.log:

Thu Dec 15 11:43:25 2011 [ACL][D]: Request #1 VM/* CREATE
Thu Dec 15 11:43:25 2011 [ACL][D]: > Rule  @1 VM+NET+IMAGE+TEMPLATE/*
CREATE+INFO_POOL_MINE
Thu Dec 15 11:43:25 2011 [ACL][D]: Permission granted
Thu Dec 15 11:43:26 2011 [ReM][D]: VirtualMachinePoolInfo method invoked
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 12 ExitCode:
0

Thu Dec 15 11:43:26 2011 [AuM][I]: ExitCode: 0
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: AUTHENTICATE
SUCCESS 12 -

Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11 Command
execution fail: /var/lib/one/remotes/auth/quota/authorize 1
VM:PFRFTVBMQVRFPjxDUFU+PCF$

Thu Dec 15 11:43:26 2011 [AuM][I]: Command execution
fail: /var/lib/one/remotes/auth/quota/authorize 1 VM:PFRFTVBMQVRFPjxDUFU
+PCFbQ0RBVEFbMV1dPjwvQ1BVPjxESV$
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I
11 /usr/lib/one/ruby/quota.rb:199:in `Float': can't convert nil into
Float (TypeError)

Thu Dec 15 11:43:26 2011 [AuM][I]: /usr/lib/one/ruby/quota.rb:199:in
`Float': can't convert nil into Float (TypeError)
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11
from /usr/lib/one/ruby/quota.rb:199:in `send'

Thu Dec 15 11:43:26 2011 [AuM][I]:
from /usr/lib/one/ruby/quota.rb:199:in `send'
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11
from /usr/lib/one/ruby/quota.rb:199:in `check_quotas'

Thu Dec 15 11:43:26 2011 [AuM][I]:
from /usr/lib/one/ruby/quota.rb:199:in `check_quotas'
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11
from /usr/lib/one/ruby/quota.rb:194:in `each'

Thu Dec 15 11:43:26 2011 [AuM][I]:
from /usr/lib/one/ruby/quota.rb:194:in `each'
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11
from /usr/lib/one/ruby/quota.rb:194:in `check_quotas'

Thu Dec 15 11:43:26 2011 [AuM][I]:
from /usr/lib/one/ruby/quota.rb:194:in `check_quotas'
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11
from /usr/lib/one/ruby/quota.rb:184:in `authorize'

Thu Dec 15 11:43:26 2011 [AuM][I]:
from /usr/lib/one/ruby/quota.rb:184:in `authorize'
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11
from /var/lib/one/remotes/auth/quota/authorize:53

Thu Dec 15 11:43:26 2011 [AuM][I]:
from /var/lib/one/remotes/auth/quota/authorize:53
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11
from /var/lib/one/remotes/auth/quota/authorize:52:in `each'

Thu Dec 15 11:43:26 2011 [AuM][I]:
from /var/lib/one/remotes/auth/quota/authorize:52:in `each'
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11
from /var/lib/one/remotes/auth/quota/authorize:52

Thu Dec 15 11:43:26 2011 [AuM][I]:
from /var/lib/one/remotes/auth/quota/authorize:52
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: LOG I 11 ExitCode:
1

Thu Dec 15 11:43:26 2011 [AuM][I]: ExitCode: 1
Thu Dec 15 11:43:26 2011 [AuM][D]: Message received: AUTHORIZE FAILURE
11 -

Thu Dec 15 11:43:26 2011 [AuM][E]: Auth Error:
Thu Dec 15 11:43:26 2011 [ReM][E]: [VirtualMachineAllocate] User [1] not
authorized to perform action on virtual machine.

-- 
Hutson Betts
Computer Science and Engineering
Texas A&M University


On Thu, 2011-12-15 at 14:26 +1000, Graeme Gillies wrote:
> Hi,
> 
> I've done some more investigating and I've got a handle on what the problem 
> is.
> 
> My VM templates don't define a CPU attribute (as I'm just letting it
> use the default values) and therefore the code errors out trying to
> get a CPU value from my vm template which don't have one.
> 
> This sounds like a bug to me, I'm assuming I should file it at
> dev.opennebula.org?
> 
> Regards,
> 
> Graeme
> 
> On Mon, Dec 5, 2011 at 3:36 PM, Graeme Gillies
>  wrote:
> > Hi,
> >
> > I have enabled the quota module on my opennebula 3 installation and
> > now whenever I try and create a vm image, either from a template or
> > file from disk, I get the quota modu

Re: [one-users] application integration (service publishing) in OpenNebula?

2011-12-15 Thread Simon Boulet
Hi,

On 2011-12-15, at 5:05 AM, daniel.moldo...@cs.utcluj.ro wrote:

> The idea of a "private cloud" is to hide the physical
> location of the virtual machines (on what computer does each reside)
> and hide the fact that the VM is not a physical machine.

Not at all, please allow me to rectify what is a private cloud.

A private cloud is a set of infrastructure (machines) that are dedicated to a 
single entity/  company/ client. The host machines, storage, etc. are not 
shared. For example you may need a private cloud for privacy or reasons, to 
meet security standards, or for storing sensitive information. If you're 
building a cloud internally that will serve exclusively for your company needs, 
you're building a private cloud (wether it's publicly accessible/ connected to 
the Internet or not).

If you're a service provider and want to offer Private clouds to your clients, 
you can use OpenNebula VDC to isolate resources and build private clouds 
(although in that scenario, OpenNebula itself would be shared, and a security 
breach in OpenNebula could potentially expose your private clouds) :  
http://opennebula.org/documentation:rel3.0:vdcmngt

The NIST has published an interesting document that tries to highlight and 
demystify what cloud computing is: 
http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

Simon


___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] Virtual Machine Lock Manager

2011-12-15 Thread cat fa
Use persistent image

2011/12/12 Upendra Moturi 

> Hi,
> Is there any locking mechanism to lock vms ,so that there are no two vms
> using same hard disk
>
>
> --
> Thanks and Regards,
> Upendra.M
>
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


[one-users] x509 Auth Failing after 24 hours

2011-12-15 Thread Anthony Tiradani
Hi,

I am trying to setup OpenNebula with x509 authentication.  I am using
sqlite as the DB back end for now.  I am following the documentation
here: http://opennebula.org/documentation:rel3.0:x509_auth

I've configured everything correctly as far as I can tell.  I can
successfully use x509 to login, but after 24 hours (no matter what I set
the expire time to with the --time argument) I get error messages saying
that the user couldn't be authenticated. 

I've tried re-running the "oneuser login ..." command to no avail.  The
only thing that works is if I delete one.db and restart OpenNebula. 
Then I can log in just fine, but all the configuration that I have done
is lost.  What do I have to do to fix this?

Thanks,

-- 
Anthony Tiradani
tirad...@fnal.gov
+1 630 840 4479




smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] does oned check which is the proper host for new VM?

2011-12-15 Thread Ruben S. Montero
Hi

Yes OpenNebula check the capacity of the host and the VM. Maybe there
is a misconfiguration in your host or monitoring system. Could you
send the output of onevm show  and onehost show of the relevant VMs
and host?

Also, OpenNebula can use several heuristics for VM placement. Take a
look at the following page to find out how to configure it:

http://www.opennebula.org/documentation:rel3.0:schg

Cheers

Ruben

On Thu, Dec 15, 2011 at 3:11 PM, davood ghatreh  wrote:
> Hi,
>
> I have 4 host servers, and opennebula installed and configured. whenever I
> create a VM it choose host2, regardless of how much this server remained
> resources are. for example, I created 10 vms (not simultaneously) and they
> were all created on host2! If I create other vms, they will be also created
> on host2! other servers have no load and no vms and they are all enabled in
> opennebula. how can I make oned to properly decide which host has enough
> resources to create new vm on it.
> Another issue is, oned doesn't check VM required resources and compare it to
> host resources to chose proper host. host2 has 2G of RAM and host4 has 4G
> RAM. I tried to create a vm with 4G RAM. opennebula choose host2, as always.
> Then after PROLOG states, it was unable to start the VM because there were
> not enough resources for this VM on host2. I disabled other hosts in
> opennebula and just left host4 enabled and resubmit the vm. it successfully
> created on host4! so, what does really opennebula do about choosing proper
> host for new VM? have I missed something or it is really a problem with
> opennebula?
>
> Thanks all
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>



-- 
Ruben S. Montero, PhD
Project co-Lead and Chief Architect
OpenNebula - The Open Source Toolkit for Data Center Virtualization
www.OpenNebula.org | rsmont...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


[one-users] Fwd: error status on disk image

2011-12-15 Thread Wojciech Giel

HI,

Thanks for response I have move back to opennebula 3.0 and still get this error:


Thu Dec 15 14:26:38 2011 [ImM][I]: Copying 
/var/lib/one/images/linux-generic.img to repository for image 3
Thu Dec 15 14:26:38 2011 [ReM][D]: ImageInfo method invoked
Thu Dec 15 14:26:38 2011 [ImG][D]: Message received: LOG I 3 Command execution 
fail: /var/lib/one/remotes/image/fs/cp /var/lib/one/images/linux-generic.img 3

Thu Dec 15 14:26:38 2011 [ImM][I]: Command execution fail: 
/var/lib/one/remotes/image/fs/cp /var/lib/one/images/linux-generic.img 3
Thu Dec 15 14:26:38 2011 [ImG][D]: Message received: LOG I 3 cp: Copying local 
image /var/lib/one/images/linux-generic.img to the image repository

Thu Dec 15 14:26:38 2011 [ImM][I]: cp: Copying local image 
/var/lib/one/images/linux-generic.img to the image repository
Thu Dec 15 14:26:38 2011 [ImG][D]: Message received: LOG E 3 cp: Command "cp -f 
/var/lib/one/images/linux-generic.img 
/var/lib/one/images/25bfbcc7d81aa996ca7e935f722b4b74" failed.

Thu Dec 15 14:26:38 2011 [ImM][E]: cp: Command "cp -f 
/var/lib/one/images/linux-generic.img 
/var/lib/one/images/25bfbcc7d81aa996ca7e935f722b4b74" failed.
Thu Dec 15 14:26:38 2011 [ImG][D]: Message received: LOG E 3 cp: cp: cannot 
stat `/var/lib/one/images/linux-generic.img': No such file or directory

Thu Dec 15 14:26:38 2011 [ImM][E]: cp: cp: cannot stat 
`/var/lib/one/images/linux-generic.img': No such file or directory
Thu Dec 15 14:26:38 2011 [ImG][D]: Message received: LOG E 3 Error copying 
/var/lib/one/images/linux-generic.img to 
/var/lib/one/images/25bfbcc7d81aa996ca7e935f722b4b74

Thu Dec 15 14:26:38 2011 [ImM][E]: Error copying 
/var/lib/one/images/linux-generic.img to 
/var/lib/one/images/25bfbcc7d81aa996ca7e935f722b4b74
Thu Dec 15 14:26:38 2011 [ImG][D]: Message received: LOG I 3 ExitCode: 1

Thu Dec 15 14:26:38 2011 [ImM][I]: ExitCode: 1
Thu Dec 15 14:26:38 2011 [ImG][D]: Message received: CP FAILURE 3 Error copying 
/var/lib/one/images/linux-generic.img to 
/var/lib/one/images/25bfbcc7d81aa996ca7e935f722b4b74

Thu Dec 15 14:26:38 2011 [ImM][E]: Error copying image in the repository: Error 
copying /var/lib/one/images/linux-generic.img to 
/var/lib/one/images/25bfbcc7d81aa996ca7e935f722b4b74


pwd
/var/lib/one
oneadmin@nebula5:~$ ls -la
total 52
drwxr-xr-x  9 oneadmin oneadmin  4201 2011-12-15 14:25 .
drwxr-xr-x 37 root root  4096 2011-12-13 11:46 ..
-rw-r--r--  1 oneadmin oneadmin17 2011-12-15 14:09 auth
-rw---  1 oneadmin oneadmin   367 2011-12-15 14:09 .bash_history
drwx--  2 oneadmin oneadmin39 2011-12-15 14:07 .cache
-rw-r--r--  1 oneadmin oneadmin   705 2011-12-15 14:10 config
drwxr-xr-x  3 oneadmin oneadmin34 2011-12-15 14:11 .gem
drwxrws--T  2 oneadmin oneadmin   114 2011-12-15 14:25 images
drwxr-xr-x  2 oneadmin oneadmin27 2011-12-15 14:09 .one
-rw-r--r--  1 oneadmin oneadmin 16384 2011-12-15 14:11 oneacct.db
drwxr-xr-x  7 oneadmin oneadmin  4180 2011-12-15 14:04 remotes
drwxr-xr-x  2 oneadmin oneadmin95 2011-12-15 14:07 .ssh
-rw---  1 oneadmin oneadmin   818 2011-12-15 14:09 .viminfo


cat /var/lib/one/remotes/image/fs/fsrc
...
#--
# Configuration File for File-System based Image Repositories
#--
if [ -z "${ONE_LOCATION}" ]; then
export IMAGE_REPOSITORY_PATH=/var/lib/one/images
else
export IMAGE_REPOSITORY_PATH=$ONE_LOCATION/var/images
fi
...

I can create a new image as datablock type it registers fine. I can create 
image from copy of this image but when I try to create OS type or register a 
different (created with kvm-img RAW) on I get an error.
thanks
Wojciech



 Hi,

 I assume you are using the 3.1 development version.
 This is a new security feature to prevent users from registering any file
 readable by oneadmin.

 /var/lib/one is by default a restricted directory, you can configure the
 behaviour in /var/lib/one/remotes/image/fs/fsrc, check the Image Repository
 documentation for more info [1].

 You can also check the new features and main changes in the compatibility
 guide [2]

 Regards.

 [1]http://www.opennebula.org/documentation:rel3.2:image_repo#configuration
 [2]http://www.opennebula.org/documentation:rel3.2:compatibility

 --
 Carlos Martín, MSc
 Project Engineer
 OpenNebula - The Open Source Toolkit for Data Center Virtualization
 www.OpenNebula.org  |cmartin at opennebula.org  
  |
 @OpenNebulahttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org>>




___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


[one-users] OCCI opennebula user authentication 401 failure

2011-12-15 Thread Stefano Ghio

Cheers,

I have some questions about OCCI authentication with ONE.

I set up ONE and the OCCI server fine.

I start them with "./onestart.sh" and "occi-server start".
I have 2 users: oneadmin:oneadmin and test:test. The second one was
created with "oneuser create test test".

The OCCI server is configured in /etc/one/occi-server.conf with:

  * :auth: basic
  * :server: localhost
  * :port: 4567

The machine is reachable at IP 192.168.23.44

If I send a cURL:

curl http://test:test@192.168.23.44:4567/-/

I always get a 401 Authentication Failure. Using oneadmin:oneadmin does
not change anything.

I can easily access ONE configuration through the Sunstone interface
with oneadmin:oneadmin though it does not use OCCI so I don't think it's
related to my problem.

I tried with curl --basic --user test:test http://etc.. and curl -X GET
etc.. but no luck.

It only works if I send the request with test:sha1(test) which implies I 
must sha1 the password before sending the request


  * How do I send a proper request to the OCCI server with cURL?
  * As last resort, how can I disable authentication? Documentation [1]
only says either "basic" or "x509". I tried "none" and "false" but
it didn't work, I got a 500 Internal server error since ":auth:" was
not specified properly

I'm just using cURL to test if it's working properly, as I will later
try to do the same from a Java client. Which leads me to the next
question: where do I find a Java client which supports user
authentication? I tried occi4java[2] which looks pretty complete but
nowhere I found the possibility to pass the "user:pass" parameter.

Thank you,

have a nice day

[1] http://opennebula.org/documentation:rel3.0:occicg#authorization_methods
[2] https://github.com/occi4java/occi4java
--
Dr. Stefano Ghio - ENG Engineering Italy

Website: http://groglogs.blogspot.com/

*If you received this message but you are not its recipient, please 
ignore it and warn me, thank you.*
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


[one-users] does oned check which is the proper host for new VM?

2011-12-15 Thread davood ghatreh
Hi,

I have 4 host servers, and opennebula installed and configured. whenever I
create a VM it choose host2, regardless of how much this server remained
resources are. for example, I created 10 vms (not simultaneously) and they
were all created on host2! If I create other vms, they will be also created
on host2! other servers have no load and no vms and they are all enabled in
opennebula. how can I make oned to properly decide which host has enough
resources to create new vm on it.
Another issue is, oned doesn't check VM required resources and compare it
to host resources to chose proper host. host2 has 2G of RAM and host4 has
4G RAM. I tried to create a vm with 4G RAM. opennebula choose host2, as
always. Then after PROLOG states, it was unable to start the VM because
there were not enough resources for this VM on host2. I disabled other
hosts in opennebula and just left host4 enabled and resubmit the vm. it
successfully created on host4! so, what does really opennebula do about
choosing proper host for new VM? have I missed something or it is really a
problem with opennebula?

Thanks all
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] Virtual Machine Lock Manager

2011-12-15 Thread Upendra Moturi
Hello Fabian

Can you please explain me the work flow locking.
i.e how one is throwing error when an image is registered with it.

On Tue, Dec 13, 2011 at 12:44 PM, Upendra Moturi  wrote:
> Thanks Fabian.
>
>
> On Mon, Dec 12, 2011 at 8:42 PM, Fabian Wenk  wrote:
>>
>> Hello Upendra
>>
>>
>> On 12.12.2011 08:04, Upendra Moturi wrote:
>>>
>>> Is there any locking mechanism to lock vms ,so that there are no two vms
>>> using same hard disk
>>
>>
>> Register the hard disk image in the image repository (with 'oneimage
>> register ...') and then in the VM template use the registered image.
>>
>>
>> bye
>> Fabian
>> ___
>> Users mailing list
>> Users@lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
>
> --
> Thanks and Regards,
> Upendra.M
>
> As a leading developer of IT infrastructure software solutions, Hexagrid
> developed the first cloud computing platform that directly aligns with the
> real-world IT delivery models of both solution providers and enterprises.
> Hexagrid provides all the software and support that IT organizations need to
> successfully build public, private, or hybrid clouds that fit their specific
> business and end-user requirements. Hexagrid cloud solutions truly simplify
> and expedite virtual IT management, empowering successful cloud computing
> strategies that quickly increase profits by pooling resources, delivering
> control, and building value. Our Software, Your Cloud.  For more
> information, visit www.hexagrid.com and follow @Hexagrid on Twitter
>



-- 
Thanks and Regards,
Upendra.M

As a leading developer of IT infrastructure software solutions,
Hexagrid developed the first cloud computing platform that directly
aligns with the real-world IT delivery models of both solution
providers and enterprises. Hexagrid provides all the software and
support that IT organizations need to successfully build public,
private, or hybrid clouds that fit their specific business and
end-user requirements. Hexagrid cloud solutions truly simplify and
expedite virtual IT management, empowering successful cloud computing
strategies that quickly increase profits by pooling resources,
delivering control, and building value. Our Software, Your Cloud.  For
more information, visit www.hexagrid.com and follow @Hexagrid on
Twitter
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


[one-users] Possibility of adding multiple EC2 hosts

2011-12-15 Thread Prakhar Srivastava
Hi,
Is it possible to add multiple EC2 hosts? This primarily means ability to
add multiple EC2 accounts in Opennebula. Since there exists a single
centralized configuration for EC2 driver configuration, only one host can
be added.

Prakhar
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] iscsi target as a guest disk

2011-12-15 Thread Jaime Melis
Hi,

you should use tm_shared instead of tm_ssh (tm_lvm won't work either for
your setup).

Regarding your first issue: managing iscsi targets with OpenNebula, there
is no native way to handle iscsi block devices with OpenNebula. What you
can do out-of-the-box is to use any block device available in the target
host (just like you're trying to do in the above logs), whether it's iscsi
or not. However I reckon that's too limited for your scenario, since it
requires an administrator to discover the iscsi targets on the target host.

We've opened a ticket to provide native support for iscsi targets (planned
for OpenNebula 3.4):
http://dev.opennebula.org/issues/1032

We've been thinking about the possible implementation, and for the moment
we believe the best approach will be the following:

1) Define a iscsi handler, such as: iscsi://hostname/target, which will be
used in image templates under the SOURCE attribute:
DISK = [ TYPE = block, SOURCE="iscsi://my-san/my-lun", TARGET = "hda",
CLONE=NO]

2) Modify the TM drivers to handle in a specific way sources starting with
"iscsi://" (just like we did in tm_lvm for "/dev/*" devices [1])
The driver will run a re-scan of the iscsi targets, and create a symlink
for "disk.0" to point to the new /dev/ device.

[1]
https://github.com/OpenNebula/one/blob/master/src/tm_mad/lvm/tm_clone.sh#L70

Regards,
Jaime

On Thu, Dec 15, 2011 at 9:52 AM, Prakhar Srivastava
wrote:

> Hi,
> It appears that you are using the tm_ssh transfer drivers. Use tm_lvm
> transfer manager drivers instead.
>
> Prakhar
>
>
> On Thu, Dec 15, 2011 at 2:01 PM, Tengvall, Ilkka (NSN - FI Espoo) <
> ilkka.tengv...@nsn.com> wrote:
>
>> Hi,
>>
>> I'm writing related to issue:
>>
>> http://dev.opennebula.org/issues/1025
>>
>> Ruben, thanks for answer, you commented there that iscsi could be used
>> as a disk:
>>
>> "you should be able to use iSCSI block devices with
>> DISK=[TYPE=block,SOURCE=]."
>>
>> I tried to follow you instruction, I don't see it working. What am I
>> missing, since the oned tries to cp the iscsi image, instead as pass it
>> to guest as disk:
>>
>> 
>> $ cat
>> iscsi-vm.txt
>>
>> NAME=f16-min-iscsi
>> USER=oneadmin
>> GROUP=oneadmin
>> PUBLIC=No
>>
>> DISK=[
>>  BUS=virtio,
>>  TYPE=block,
>>
>>
>> SOURCE=/dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
>> ]
>> GRAPHICS=[
>>  KEYMAP=fi,
>>  TYPE=vnc ]
>> INPUT=[
>>  BUS=usb,
>>  TYPE=mouse ]
>> MEMORY=512
>> NIC=[
>>  NETWORK_ID=1,
>>  WHITE_PORTS_TCP=22 ]
>> OS=[
>>  ARCH=x86_64,
>>  BOOT=hd ]
>> RAW=[
>>  TYPE=kvm ]
>> VCPU=1
>> 
>>
>> Creating the machine using the disk:
>>
>> 
>> $ onevm create iscsi-vm.txt
>> ID: 10
>> 
>>
>> and after it fails I see from the logs that it tried to copy the image
>> (cp), instead of passing it to libvirt as a virtio device:
>>
>> 
>> Thu Dec 15 10:26:09 2011 [DiM][I]: New VM state is ACTIVE.
>> Thu Dec 15 10:26:09 2011 [LCM][I]: New VM state is PROLOG.
>> Thu Dec 15 10:26:09 2011 [VM][I]: Virtual Machine has no context
>> Thu Dec 15 10:26:09 2011 [TM][I]: Command execution fail:
>> /usr/lib/one/tm_commands/shared/tm_clone.sh
>>
>> /dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
>> onebula:/var/lib/one//10/images/disk.0
>> Thu Dec 15 10:26:09 2011 [TM][D]: tm_clone.sh:
>>
>> /dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
>> onebula:/var/lib/one//10/images/disk.0
>> Thu Dec 15 10:26:09 2011 [TM][D]: tm_clone.sh: DST:
>> /var/lib/one//10/images/disk.0
>> Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Creating directory
>> /var/lib/one//10/images
>> Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Executed "mkdir -p
>> /var/lib/one//10/images".
>> Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Executed "chmod a+w
>> /var/lib/one//10/images".
>> Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Cloning
>> 3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
>> Thu Dec 15 10:26:09 2011 [TM][E]: tm_clone.sh: Command "cp -r
>> 3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
>> /var/lib/one//10/images/disk.0" failed.
>> Thu Dec 15 10:26:09 2011 [TM][E]: tm_clone.sh: cp: cannot stat
>> `3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0': No such file
>> or directory
>> Thu Dec 15 10:26:09 2011 [TM][E]: Error copying
>>
>> /dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
>> to onebula:/var/lib/one//10/images/disk.0
>> Thu Dec 15 10:26:09 2011 [TM][I]: ExitCode: 1
>> Thu Dec 15 10:26:09 2011 [TM][E]: Error excuting image transfer script:
>> Error copying
>>
>> /dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
>> to onebula:/var/lib/one//10/images/disk.0
>> Thu Dec 15 10:26:09 2011 [DiM][I]: New VM state is FAILED
>> --

Re: [one-users] application integration (service publishing) in OpenNebula?

2011-12-15 Thread Daniel . MOLDOVAN
Answers inline.

>>What I mean is: suppose I, as a user
> of OpenNebula, using my created VM's, create a Web Service, which I
> publish on the Internet. Can anyone access this (someone who has no idea
> about the private cloud, someone who is simply accessing the URL), and by
> this way uses my Web Service (created on the VM's by the means of
> OpenNebula), so, basically, uses OpenNebula "remotely" (without knowing
> it)? Or this just doesn't make sense, since the whole idea of a private
> cloud is not to provide/publish information and services to the outside
> world, and this is not even possible since the virtual context?

As Fabian said, consider each VM as a normal machine. Anything you
expose on it through a network will be visible, just as with a normal
machine. The idea of a "private cloud" is to hide the physical
location of the virtual machines (on what computer does each reside)
and hide the fact that the VM is not a physical machine.

>>Are the
> most important reasons for installing OpenNebula the performance needs? Is
> there any other reason because of which I may want to install it, besides
> the fact that I might need multiple VM's (that I can manage) to perform a
> task (and to achieve platform interoperability)?

   OpenNebula is a "hypervisor for hypervisors". The reason you want to
install it is to provide a means of managing a cluster of servers which
provide virtualization. OpenNebula most importantly allows migration of
VMs between physical machines and resource usage monitoring.


>>When the load reaches its maximum (on a task
> which a user tries to perform on OpenNebula VM's), are new VM's created
> automatically (it the physical resources allow this) to support the
> performace needs?

  I think you miss the point of what a "cloud manager" or a
"virtualization middleware" does. See OpenNebula as a middleware over
simple virtualization mechanisms such as KVN, Xen, HyperV, etc.
OpenNebula only provides a means of managing heterogeneous virtualized
environments. Automatic scaling of virtual machines is out of the scope
of this middleware.

 The basic idea is that a VM is created, deployed, and the life cycle of
the VM is monitored using OpenNebula. The VM can be
started/stopped/migrated but automatic scaling is not possible, due to
different factors, among which the unavailability of such a mechanism on
the underlying hypervisors (only XEN allows changing the VM allocated
memory without recreating the machine).

  Any scaling mechanism should be built on top of OpenNebula.


>>Suppose I have an intranet in a company
> environment, with more interconnected physical machine that I'm actually
> going to use, does this change anything? Do I have to set up a separate
> physical network for the physical machines that I'm planning to include
> in the private cloud?

  If you read the OpenNebula documentation, the only requirements are that
a bridge exists on each OpenNebula node to connect the virtual machines.
To what that bridge connects, it is up to the infrastructure provider,
but no special requirements are needed in terms of network for the VMs.

 The "live migration" mechanism requires a storage NAS and that can
influence the network, but mainly any network will do fine with
OpenNebula.

În Joi, Decembrie 15, 2011 10:54 am, biro lehel a scris:
> Hello Fabian. Thanks again for your reply. I really appreciate you for
> taking the time.
>
> I read what you wrote a couple of times, and (I think) it helped me to
> clarify some things. But still, I have a few questions and issues for
> which I am looking for a clear answer. I put them in bullets:
>
> As I understand so far, OpenNebula has two types of users: the
> administrator, who basically has control over "everything", and the
> users, who can authenticate securely, instantiate some VM's, and do the
> work necessary for them. My question: can OpenNebula have another "layer"
> of users, some kind of "end-users"? What I mean is: suppose I, as a user
> of OpenNebula, using my created VM's, create a Web Service, which I
> publish on the Internet. Can anyone access this (someone who has no idea
> about the private cloud, someone who is simply accessing the URL), and by
> this way uses my Web Service (created on the VM's by the means of
> OpenNebula), so, basically, uses OpenNebula "remotely" (without knowing
> it)? Or this just doesn't make sense, since the whole idea of a private
> cloud is not to provide/publish information and services to the outside
> world, and this is not even possible since the virtual context?Are the
> most important reasons for installing OpenNebula the performance needs? Is
> there any other reason because of which I may want to install it, besides
> the fact that I might need multiple VM's (that I can manage) to perform a
> task (and to achieve platform interoperability)? I mean this has be the
> main point of it, right?When the load reaches its maximum (on a task
> which a user tries to perform on OpenNebu

[one-users] 回复: Re: application integration (service publishing) in OpenNebula?

2011-12-15 Thread shamaya
Hi,Biro

You raised many questions. Some are openNebula specific and others seems 
general to all cloud computing environments. 

>As I understand so far, OpenNebula has two types of users: the administrator, 
>who >basically has control over "everything", and the users, who can 
>authenticate >securely, instantiate some VM's, and do the work necessary for 
>them. My question: can >OpenNebula have another "layer" of users, some kind of 
>"end-users"? What I mean is: >suppose I, as a user of OpenNebula, using my 
>created VM's, create a Web Service, >which I publish on the Internet. Can 
>anyone access this (someone who has no idea >about the private cloud, someone 
>who is simply accessing the URL), and by this way >uses my Web Service 
>(created on the VM's by the means of OpenNebula), so, basically, >uses 
>OpenNebula "remotely" (without knowing it)? Or this just doesn't make sense, 
>>since the whole idea of a private cloud is not to provide/publish information 
>and >services to the outside world, and this is not even possible since the 
>virtual >context?

To my understanding, this is a general question for all clouds. A cloud must 
have users to manage and maintain the cloud itself(cloud infrastructure), such 
users ard administrators. A cloud should also have cloud customers to which the 
cloud provide services(e.g. VMs, storages). Such users are cloud users who can 
login into the cloud and use cloud provided resources. The last kind of users 
are application users who are the customers of your applications. OpenNebula 
cann't know such users in advance, so it doesn't provide any mechanism to 
support this kinds of users.
(These are just my personal understanding!)


>Are the most important reasons for installing OpenNebula the performance 
>needs? Is >there any other reason because of which I may want to install it, 
>besides the fact >that I might need multiple VM's (that I can manage) to 
>perform a task (and to achieve >platform interoperability)? I mean this has be 
>the main point of it, right?

The main reason for using cloud is have many characters: on-demond self 
service, improving physical server utilization and so on. you can refer to this 
cloud definition to have a deeper understanding:
http://csrc.nist.gov/groups/SNS/cloud-computing/index.html 

>When the load reaches its maximum (on a task which a user tries to perform on 
>OpenNebula VM's), are new >VM's created automatically (it the physical 
>resources allow this) to support the performace needs? Or the only >way of 
>creating VM's is the "manual" one?

untial now, OpenNebula can't do such job automatically, but you may implement 
such function based on it. (in fact Amazon EC2 have implemented such functions).


>Can OpenNebula be installed on any type of physical network, or does it have 
>some special needs? Suppose I >have an intranet in a company environment, with 
>more interconnected physical machine that I'm actually going to >use, does 
>this change anything? Do I have to set up a separate physical network for the 
>physical machines that I>'m planning to include in the private cloud?

OpenNebula can installed  smothly to ethernet physical networks (I am not sure 
exactly about other types of network).


Sha
2011-12-15



shamaya



发件人: biro lehel 
发送时间: 2011-12-15 16:54
主 题: Re: [one-users] application integration (service publishing) in OpenNebula?
收件人: users@lists.opennebula.org



Hello Fabian. Thanks again for your reply. I really appreciate you for taking 
the time.

I read what you wrote a couple of times, and (I think) it helped me to clarify 
some things. But still, I have a few questions and issues for which I am 
looking for a clear answer. I put them in bullets:


As I understand so far, OpenNebula has two types of users: the administrator, 
who basically has control over "everything", and the users, who can 
authenticate securely, instantiate some VM's, and do the work necessary for 
them. My question: can OpenNebula have another "layer" of users, some kind of 
"end-users"? What I mean is: suppose I, as a user of OpenNebula, using my 
created VM's, create a Web Service, which I publish on the Internet. Can anyone 
access this (someone who has no idea about the private cloud, someone who is 
simply accessing the URL), and by this way uses my Web Service (created on the 
VM's by the means of OpenNebula), so, basically, uses OpenNebula "remotely" 
(without knowing it)? Or this just doesn't make sense, since the whole idea of 
a private cloud is not to provide/publish information and services to the 
outside world, and this is not even possible since the virtual context?
Are the most important reasons for installing OpenNebula the performance needs? 
Is there any other reason because of which I may want to install it, besides 
the fact that I might need multiple VM's (that I can manage) to perform a task 
(and to achieve platform interoperability)? I mean this has be the main point 
of it, right?
When the load r

Re: [one-users] application integration (service publishing) in OpenNebula?

2011-12-15 Thread biro lehel
Hello Fabian. Thanks again for your reply. I really appreciate you for taking 
the time.

I read what you wrote a couple of times, and (I think) it helped me to clarify 
some things. But still, I have a few questions and issues for which I am 
looking for a clear answer. I put them in bullets:

As I understand so far, OpenNebula has two types of users: the administrator, 
who basically has control over "everything", and the users, who can 
authenticate securely, instantiate some VM's, and do the work necessary for 
them. My question: can OpenNebula have another "layer" of users, some kind of 
"end-users"? What I mean is: suppose I, as a user of OpenNebula, using my 
created VM's, create a Web Service, which I publish on the Internet. Can anyone 
access this (someone who has no idea about the private cloud, someone who is 
simply accessing the URL), and by this way uses my Web Service (created on the 
VM's by the means of OpenNebula), so, basically, uses OpenNebula "remotely" 
(without knowing it)? Or this just doesn't make sense, since the whole idea of 
a private cloud is not to provide/publish information and services to the 
outside world, and this is not even possible since the virtual context?Are the 
most important reasons for installing OpenNebula
 the performance needs? Is there any other reason because of which I may want 
to install it, besides the fact that I might need multiple VM's (that I can 
manage) to perform a task (and to achieve platform interoperability)? I mean 
this has be the main point of it, right?When the load reaches its maximum (on a 
task which a user tries to perform on OpenNebula VM's), are new VM's created 
automatically (it the physical resources allow this) to support the performace 
needs? Or the only way of creating VM's is the "manual" one?Can OpenNebula be 
installed on any type of physical network, or does it have some special needs? 
Suppose I have an intranet in a company environment, with more interconnected 
physical machine that I'm actually going to use, does this change anything? Do 
I have to set up a separate physical network for the physical machines that I'm 
planning to include in the private cloud?


That's it for now, I don't want to ask for too much information all at once.:) 
I really hope that these questions are easy-to-answer for a professional, and 
will not take much time (for you Fabian, or for anyone else who thinks that can 
help me).

Thank you, and waiting for your response,
Biro Lehel.


--- On Sun, 12/11/11, Fabian Wenk  wrote:

From: Fabian Wenk 
Subject: Re: [one-users] application integration (service publishing) in 
OpenNebula?
To: users@lists.opennebula.org
Date: Sunday, December 11, 2011, 7:04 PM

Hello Lehel

On 11.12.2011 14:33, biro lehel wrote:
> what I've been referring to. I will have OpenNebula set up,
> and (as common sense would tell) I will have my application
> installed on the created VM's. My question only referred to:
> how can I install an application on these VM's (should I only
> just copy it, or is it more complex than this), or stuff like:

Look at the VM like at any other physical computer. It is just a container (eg. 
a virtual computer) where you can install the OS of your choice. The 
installation of your application inside the OS of your VM needs to be done the 
same as you would do it on a physical computer. But the installation of the OS 
in the VM needs to be done first. See my recent posting "Re: Creating virtual 
machines from scratch" [1] to this mailing list.

  [1] 
http://lists.opennebula.org/pipermail/users-opennebula.org/2011-December/007156.html

Look at an OpenNeubla cluster / cloud like on an additional abstraction layer 
between a physical computer and your OS installation.

An example:
If you have 3 computers, you can install on each one the OS of your choice and 
run it, but then you have only 3 concurrent running OS installation available. 
With OpenNebula you need to install Linux on all 3 computers (1x front-end and 
2x cluster nodes). The cluster nodes also need to support some kind of 
hypervisor (eg. KVM or XEN). Then you install OpenNebula on the front-end and 
then adjust the configuration for the shared file systems to be used by the 
cluster nodes. Then you can create VMs (virtual machines / virtual computers) 
and deploy them through the front-end (with Sunstone you also have a web GUI). 
Now you can create as many VMs as the two cluster nodes can support (depending 
on CPU power an available memory). You even can stop or terminate VMs and reuse 
them (with persistent image) at a later time.

> can the different tiers of the application (interface,
> business logic, and data repository) be on different VM's, but

Sure, they can.

> most importantly: how can an end-user (not the administrator,
> but a potencial client) use the application? Or there is no
> such thing as the "end-user / client" concept in OpenNebula,
> since the only user is the administrator who has control over
> th

Re: [one-users] iscsi target as a guest disk

2011-12-15 Thread Prakhar Srivastava
Hi,
It appears that you are using the tm_ssh transfer drivers. Use tm_lvm
transfer manager drivers instead.

Prakhar

On Thu, Dec 15, 2011 at 2:01 PM, Tengvall, Ilkka (NSN - FI Espoo) <
ilkka.tengv...@nsn.com> wrote:

> Hi,
>
> I'm writing related to issue:
>
> http://dev.opennebula.org/issues/1025
>
> Ruben, thanks for answer, you commented there that iscsi could be used
> as a disk:
>
> "you should be able to use iSCSI block devices with
> DISK=[TYPE=block,SOURCE=]."
>
> I tried to follow you instruction, I don't see it working. What am I
> missing, since the oned tries to cp the iscsi image, instead as pass it
> to guest as disk:
>
> 
> $ cat
> iscsi-vm.txt
>
> NAME=f16-min-iscsi
> USER=oneadmin
> GROUP=oneadmin
> PUBLIC=No
>
> DISK=[
>  BUS=virtio,
>  TYPE=block,
>
>
> SOURCE=/dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
> ]
> GRAPHICS=[
>  KEYMAP=fi,
>  TYPE=vnc ]
> INPUT=[
>  BUS=usb,
>  TYPE=mouse ]
> MEMORY=512
> NIC=[
>  NETWORK_ID=1,
>  WHITE_PORTS_TCP=22 ]
> OS=[
>  ARCH=x86_64,
>  BOOT=hd ]
> RAW=[
>  TYPE=kvm ]
> VCPU=1
> 
>
> Creating the machine using the disk:
>
> 
> $ onevm create iscsi-vm.txt
> ID: 10
> 
>
> and after it fails I see from the logs that it tried to copy the image
> (cp), instead of passing it to libvirt as a virtio device:
>
> 
> Thu Dec 15 10:26:09 2011 [DiM][I]: New VM state is ACTIVE.
> Thu Dec 15 10:26:09 2011 [LCM][I]: New VM state is PROLOG.
> Thu Dec 15 10:26:09 2011 [VM][I]: Virtual Machine has no context
> Thu Dec 15 10:26:09 2011 [TM][I]: Command execution fail:
> /usr/lib/one/tm_commands/shared/tm_clone.sh
>
> /dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
> onebula:/var/lib/one//10/images/disk.0
> Thu Dec 15 10:26:09 2011 [TM][D]: tm_clone.sh:
>
> /dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
> onebula:/var/lib/one//10/images/disk.0
> Thu Dec 15 10:26:09 2011 [TM][D]: tm_clone.sh: DST:
> /var/lib/one//10/images/disk.0
> Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Creating directory
> /var/lib/one//10/images
> Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Executed "mkdir -p
> /var/lib/one//10/images".
> Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Executed "chmod a+w
> /var/lib/one//10/images".
> Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Cloning
> 3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
> Thu Dec 15 10:26:09 2011 [TM][E]: tm_clone.sh: Command "cp -r
> 3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
> /var/lib/one//10/images/disk.0" failed.
> Thu Dec 15 10:26:09 2011 [TM][E]: tm_clone.sh: cp: cannot stat
> `3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0': No such file
> or directory
> Thu Dec 15 10:26:09 2011 [TM][E]: Error copying
>
> /dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
> to onebula:/var/lib/one//10/images/disk.0
> Thu Dec 15 10:26:09 2011 [TM][I]: ExitCode: 1
> Thu Dec 15 10:26:09 2011 [TM][E]: Error excuting image transfer script:
> Error copying
>
> /dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
> to onebula:/var/lib/one//10/images/disk.0
> Thu Dec 15 10:26:09 2011 [DiM][I]: New VM state is FAILED
> 
>
> Thanks for the answer so far.
>
>
> On 2011-12-12 15:33, ext Tengvall, Ilkka (NSN - FI Espoo) wrote:
> > Hi,
> >
> > I'm new to Open Nebula, and have some questions. First one would be
> > about iscsi support. I can't find any reference from oned documents
> > itself about iscsi. Is it possible to configure guests  using iscsi lun
> > from remote server as a os block device?
> >
> > I have done it using libvirt, so it works, but how to map this to oned
> > configs?
> >
> > another way which would also work would be booting kernel directly or
> > via ipxe and give it iscsi as a root device. Both of those work too.
> >
> > Is there a way to do this in oned?
> >
> > I found an old related posting here, but I don't know if it ever led to
> > anything:
> >
> >
> http://lists.opennebula.org/htdig.cgi/users-opennebula.org/2009-July/000599.html
> >
>
>
> --
> Ilkka Tengvall
> Senior Specialist, Linux & Virtualization Architecture
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


Re: [one-users] iscsi target as a guest disk

2011-12-15 Thread Tengvall, Ilkka (NSN - FI Espoo)
Hi,

I'm writing related to issue:

http://dev.opennebula.org/issues/1025

Ruben, thanks for answer, you commented there that iscsi could be used
as a disk:

"you should be able to use iSCSI block devices with
DISK=[TYPE=block,SOURCE=]."

I tried to follow you instruction, I don't see it working. What am I
missing, since the oned tries to cp the iscsi image, instead as pass it
to guest as disk:


$ cat
iscsi-vm.txt
  

NAME=f16-min-iscsi
USER=oneadmin   
GROUP=oneadmin   
PUBLIC=No 

DISK=[
  BUS=virtio,
  TYPE=block,
 
SOURCE=/dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
]
GRAPHICS=[
  KEYMAP=fi,
  TYPE=vnc ]
INPUT=[
  BUS=usb,
  TYPE=mouse ]
MEMORY=512
NIC=[
  NETWORK_ID=1,
  WHITE_PORTS_TCP=22 ]
OS=[
  ARCH=x86_64,
  BOOT=hd ]
RAW=[
  TYPE=kvm ]
VCPU=1


Creating the machine using the disk:


$ onevm create iscsi-vm.txt
ID: 10


and after it fails I see from the logs that it tried to copy the image
(cp), instead of passing it to libvirt as a virtio device:


Thu Dec 15 10:26:09 2011 [DiM][I]: New VM state is ACTIVE.
Thu Dec 15 10:26:09 2011 [LCM][I]: New VM state is PROLOG.
Thu Dec 15 10:26:09 2011 [VM][I]: Virtual Machine has no context
Thu Dec 15 10:26:09 2011 [TM][I]: Command execution fail:
/usr/lib/one/tm_commands/shared/tm_clone.sh
/dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
onebula:/var/lib/one//10/images/disk.0
Thu Dec 15 10:26:09 2011 [TM][D]: tm_clone.sh:
/dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
onebula:/var/lib/one//10/images/disk.0
Thu Dec 15 10:26:09 2011 [TM][D]: tm_clone.sh: DST:
/var/lib/one//10/images/disk.0
Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Creating directory
/var/lib/one//10/images
Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Executed "mkdir -p
/var/lib/one//10/images".
Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Executed "chmod a+w
/var/lib/one//10/images".
Thu Dec 15 10:26:09 2011 [TM][I]: tm_clone.sh: Cloning
3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
Thu Dec 15 10:26:09 2011 [TM][E]: tm_clone.sh: Command "cp -r
3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
/var/lib/one//10/images/disk.0" failed.
Thu Dec 15 10:26:09 2011 [TM][E]: tm_clone.sh: cp: cannot stat
`3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0': No such file
or directory
Thu Dec 15 10:26:09 2011 [TM][E]: Error copying
/dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
to onebula:/var/lib/one//10/images/disk.0
Thu Dec 15 10:26:09 2011 [TM][I]: ExitCode: 1
Thu Dec 15 10:26:09 2011 [TM][E]: Error excuting image transfer script:
Error copying
/dev/disk/by-path/ip-192.168.117.1:3260-iscsi-iqn.2009-02.net.nsn-net:whipper.f16-min-lun-0
to onebula:/var/lib/one//10/images/disk.0
Thu Dec 15 10:26:09 2011 [DiM][I]: New VM state is FAILED


Thanks for the answer so far.


On 2011-12-12 15:33, ext Tengvall, Ilkka (NSN - FI Espoo) wrote:
> Hi,
>
> I'm new to Open Nebula, and have some questions. First one would be
> about iscsi support. I can't find any reference from oned documents
> itself about iscsi. Is it possible to configure guests  using iscsi lun
> from remote server as a os block device?
>
> I have done it using libvirt, so it works, but how to map this to oned
> configs?
>
> another way which would also work would be booting kernel directly or
> via ipxe and give it iscsi as a root device. Both of those work too.
>
> Is there a way to do this in oned?
>
> I found an old related posting here, but I don't know if it ever led to
> anything:
>
> http://lists.opennebula.org/htdig.cgi/users-opennebula.org/2009-July/000599.html
>


-- 
Ilkka Tengvall
Senior Specialist, Linux & Virtualization Architecture

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org