Re: [CentOS-virt] CentOS 7 AMI Building

2015-04-17 Thread Jason Antman
Ok, thanks so much! That'll do fine. The only other bits mentioned on
http://wiki.centos.org/Cloud/AWS in Image Builder Notes were the random
root password, SELinux enabled, and relabel at first boot, which are easy
enough.

Thanks so much,
Jason

On Fri, Apr 17, 2015 at 12:20 PM, Karanbir Singh mail-li...@karan.org
wrote:

 I highly recommend actually looking at the images :)

 its just a minimal install with cloud-init from extras/ added in ( for
 7, the 6 ones dont have cloud-init ).

 the installed content delivered from the minimal.iso and the ami's
 should be identical in pretty much every respect. If you really want a
 kickstart for it, I can build one, but just run a minimal.iso install,
 add cloud-init to the %packages and bob's your uncle.

 On 16/04/15 17:48, Jason Antman wrote:
  Yes... we currently use Packer to achieve a repeatable build process,
  from scratch. We'd like to replicate that and be able to build from
  scratch without spinning up an EC2 instance, in an automated way.
 
  I don't know how to phrase this, so apologies if it comes across wrong,
  I have immense respect for you personally and for CentOS... but, is it
  really that difficult to post the kickstarts and/or build scripts
  somewhere? Or at least enough of them to replicate something similar?
 
  Thanks,
  Jason
 
  On Thu, Apr 16, 2015 at 3:56 AM, Karanbir Singh mail-li...@karan.org
  mailto:mail-li...@karan.org wrote:
 
  On 04/14/2015 12:48 PM, Jason Antman wrote:
   Hello,
  
   I'm new to this list, but I noticed a post from March 30th
 inquiring
   about the build scripts for the official CentOS7 AMIs. I'm also
   interested in this; I'm tasked with (unfortunately) spinning up
 some VMs
   in our corporate VMWare environment that are as close as
 possible to
   the official CentOS7 AMIs. I could attempt to reverse-engineer
 them and
 
  do you need to do much more than qemu-img convert -O vmdk
  centos-genericcloud.qcow2 ?
 
 
  --
  Karanbir Singh
  +44-207-0999389 tel:%2B44-207-0999389 | http://www.karan.org/ |
  twitter.com/kbsingh http://twitter.com/kbsingh
  GnuPG Key : http://www.karan.org/publickey.asc
  ___
  CentOS-virt mailing list
  CentOS-virt@centos.org mailto:CentOS-virt@centos.org
  http://lists.centos.org/mailman/listinfo/centos-virt
 
 
 
 
  ___
  CentOS-virt mailing list
  CentOS-virt@centos.org
  http://lists.centos.org/mailman/listinfo/centos-virt
 


 --
 Karanbir Singh
 +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
 GnuPG Key : http://www.karan.org/publickey.asc
 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt


Re: [CentOS-virt] CentOS 7 AMI Building

2015-04-17 Thread Karanbir Singh
I highly recommend actually looking at the images :)

its just a minimal install with cloud-init from extras/ added in ( for
7, the 6 ones dont have cloud-init ).

the installed content delivered from the minimal.iso and the ami's
should be identical in pretty much every respect. If you really want a
kickstart for it, I can build one, but just run a minimal.iso install,
add cloud-init to the %packages and bob's your uncle.

On 16/04/15 17:48, Jason Antman wrote:
 Yes... we currently use Packer to achieve a repeatable build process,
 from scratch. We'd like to replicate that and be able to build from
 scratch without spinning up an EC2 instance, in an automated way.
 
 I don't know how to phrase this, so apologies if it comes across wrong,
 I have immense respect for you personally and for CentOS... but, is it
 really that difficult to post the kickstarts and/or build scripts
 somewhere? Or at least enough of them to replicate something similar?
 
 Thanks,
 Jason
 
 On Thu, Apr 16, 2015 at 3:56 AM, Karanbir Singh mail-li...@karan.org
 mailto:mail-li...@karan.org wrote:
 
 On 04/14/2015 12:48 PM, Jason Antman wrote:
  Hello,
 
  I'm new to this list, but I noticed a post from March 30th inquiring
  about the build scripts for the official CentOS7 AMIs. I'm also
  interested in this; I'm tasked with (unfortunately) spinning up some VMs
  in our corporate VMWare environment that are as close as possible to
  the official CentOS7 AMIs. I could attempt to reverse-engineer them and
 
 do you need to do much more than qemu-img convert -O vmdk
 centos-genericcloud.qcow2 ?
 
 
 --
 Karanbir Singh
 +44-207-0999389 tel:%2B44-207-0999389 | http://www.karan.org/ |
 twitter.com/kbsingh http://twitter.com/kbsingh
 GnuPG Key : http://www.karan.org/publickey.asc
 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org mailto:CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt
 
 
 
 
 ___
 CentOS-virt mailing list
 CentOS-virt@centos.org
 http://lists.centos.org/mailman/listinfo/centos-virt
 


-- 
Karanbir Singh
+44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
GnuPG Key : http://www.karan.org/publickey.asc
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt


Re: [CentOS-virt] Seeing dropped packets / tcp retrans on latest 4.4.1-10el6

2015-04-17 Thread Nathan March
Hi All,

I've tracked this down... We do rate limiting of our vms with a mix of 
ebtables/tc.

Running these commands (replace vif1.0 with the correct vif for your VM) will 
reproduce this:

ebtables -A FORWARD -i vif1.0 -j mark --set-mark 990 --mark-target CONTINUE

tc qdisc add dev bond0 root handle 1: htb default 2 
tc class add dev bond0 parent 1: classid 1:0 htb rate 1mbit 

tc class add dev bond0 parent 1: classid 1:990 htb rate 1mbit
tc filter add dev bond0 protocol ip parent 1:0 prio 990 handle 990 fw flowid 
1:990

Note that the speed limits being applied here are 10gb and I'm testing this on 
a 1gb network, so TC shouldn't really be doing anything here except letting the 
packets through. These same commands worked fine on gentoo xen 4.1 / kernel 
3.2.57, compared to this now not working on centos xen 4.4.1 / kernel 3.10.68.

Easiest way to reproduce is simply generate a large file, scp it to a remote 
host and on the remote host run:
tshark -Y tcp.analysis.duplicate_ack_num

If you run the ssh in a loop + tshark in another window, you can see the Dup 
ACK's begin immediately after adding the last filter rule:

25790294 1752.756733 xxx.xxx.xxx.13 - xxx.xxx.xxx.205 TCP 78 [TCP Dup ACK 
25790286#4] ssh  51515 [ACK] Seq=15994 Ack=50769840 Win=1544704 Len=0 
TSval=738150929 TSecr=4294944346 SLE=50785768 SRE=50790596
25790296 1752.756742 xxx.xxx.xxx.13 - xxx.xxx.xxx.205 TCP 78 [TCP Dup ACK 
25790286#5] ssh  51515 [ACK] Seq=15994 Ack=50769840 Win=1544704 Len=0 
TSval=738150929 TSecr=4294944346 SLE=50785768 SRE=50792044

- Nathan

___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt