[GitHub] cloudstack pull request: CLOUDSTACK-8356: Mentioning netaddr modul...
GitHub user gauravaradhye opened a pull request: https://github.com/apache/cloudstack/pull/138 CLOUDSTACK-8356: Mentioning netaddr module in setup.py in marvin as it is used across test cases The netaddr module is used in various test cases but it is not mentioned in setup.py file. Test cases will fail with import error if the module is absent on user machine even when marvin is installed. Mentioning the netaddr module in setup.py file so it is installed with marvin. Tested the change with packaging new marvin tar with the change and installing marvin with pip on a machine which did not have netaddr module. It downloaded and installed it automatically. pip install Marvin-4.5.1.0.tar.gz Unpacking ./Marvin-4.5.1.0.tar.gz Running setup.py (path:/tmp/pip-D49qWR-build/setup.py) egg_info for package from file:///root/Marvin-4.5.1.0/dist/Marvin-4.5.1.0.tar.gz warning: no files found matching '*.txt' under directory 'docs' Requirement already satisfied (use --upgrade to upgrade): mysql-connector-python=1.1.6 in /usr/lib/python2.6/site-packages (from Marvin==4.5.1.0) Requirement already satisfied (use --upgrade to upgrade): requests=2.2.1 in /usr/lib/python2.6/site-packages (from Marvin==4.5.1.0) Requirement already satisfied (use --upgrade to upgrade): paramiko=1.13.0 in /usr/lib/python2.6/site-packages (from Marvin==4.5.1.0) Requirement already satisfied (use --upgrade to upgrade): nose=1.3.3 in /usr/lib/python2.6/site-packages (from Marvin==4.5.1.0) Requirement already satisfied (use --upgrade to upgrade): ddt=0.4.0 in /usr/lib/python2.6/site-packages (from Marvin==4.5.1.0) Downloading/unpacking netaddr=0.7.11 (from Marvin==4.5.1.0) Downloading netaddr-0.7.14-py2.py3-none-any.whl (1.5MB): 1.5MB downloaded Installing collected packages: netaddr, Marvin Found existing installation: Marvin 0.1.0 Uninstalling Marvin: Successfully uninstalled Marvin Running setup.py install for Marvin warning: no files found matching '*.txt' under directory 'docs' Installing marvincli script to /usr/bin Successfully installed netaddr Marvin Cleaning up... You can merge this pull request into a Git repository by running: $ git pull https://github.com/gauravaradhye/cloudstack 8356 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/cloudstack/pull/138.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #138 commit 692a56e86803ef8b8bcb20c37764a31da091f510 Author: Gaurav Aradhye gaurav.arad...@clogeny.com Date: 2015-04-01T07:09:47Z CLOUDSTACK-8356: Mentioning netaddr module in setup.py in marvin as it is used across test cases --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
Re: [ANNOUNCE] New committer Pierre-Yves Ritschard
Congrats Pierre-Yves! -- Erik Den tirsdag 31. mars 2015 skrev sebgoa run...@gmail.com følgende: The Project Management Committee (PMC) for Apache CloudStack has asked Pierre-Yves Rischard (@pyr) to become a committer and we are pleased to announce that he has accepted. Pierre-Yves is a great developer and I hear he was named one of the top 100 french developers. He has contributed several fixes to cloudstack and more recently committed a Kafka listener, he has a big patch pending to remove the awsapi. Being a committer enables easier contribution to the project since there is no need to go via the patch submission process. This should enable better productivity. Being a PMC member enables assistance with the management and to guide the direction of the project. Join me in congratulating pyr and pray that he does not re-write cloudstack in clojure :) -The CloudStack PMC
Re: Migrating to VPC/Site-to-Site VPN
Haven't tried it myself, but i think you should be able to create the vpc and change nic on VMs. If you want to keep the ip addresses you might have to use the api Erik Den onsdag 1. april 2015 skrev Logan Barfield lbarfi...@tqhosting.com følgende: We have a customer that is currently set up in an isolated network in an advanced zone. They recently mentioned that they have a need for site-to-site VPN connectivity for their application. Is it possible to move an existing isolated network into a VPC for site-to-site VPN functionality? Or is there another way to set up a site-to-site VPN using the existing network? Thank You, Logan Barfield Tranquil Hosting
Re: Cloudstack and KVM clusters,
I would highly recommend looking at the Ceph storage instead of using too many tiers of complications. Ceph integrates well with kvm and cloudstack and has proven to work very well over the years. Andrei - Original Message - From: chiu ching cheng ccchiou...@gmail.com To: us...@cloudstack.apache.org Cc: dev@cloudstack.apache.org Sent: Wednesday, 1 April, 2015 2:31:42 AM Subject: Re: Cloudstack and KVM clusters, If I wnat to build a kvm native cluster with gfs2 + DLM , and use iscsi + DRBD in storage . Then add the kvm cluster to cloudstack , and add the SharedMountPoint to cloudstack as primary storage , Does it work ? On Wed, Apr 1, 2015 at 6:12 AM, Marcus shadow...@gmail.com wrote: Don't forget SharedMountPoint. This (in theory, haven't tried it recently) allows you to use any clustered filesystem that has a consistent mountpoint across all KVM hosts in a CS cluster, e.g. mount an OCFS2 to /vmstore1 then register /vmstore1 as a SharedMountPoint. The Ceph support is in the form of RBD, by the way. You could use CephFS if you wished via SharedMountPoint. On Tue, Mar 31, 2015 at 2:09 PM, Simon Weller swel...@ena.com wrote: The hosts need to be part of the same Cloudstack cluster, and depending on the underlying storage technology, you may need a clustered file system as well. A Cloudstack cluster is basically a group of physical hosts. For example: You build a new Zone in Cloudstack. Under the zone you have a pod. Within the pod, you build a new cluster (just a group of hosts). Then you assigned 4 servers (hosts) into that cluster. You will be able to live migrate between the 4 hosts assuming the original mentioned criteria are met. - Si From: Rafael Weingartner rafaelweingart...@gmail.com Sent: Tuesday, March 31, 2015 4:02 PM To: dev@cloudstack.apache.org Cc: us...@cloudstack.apache.org Subject: Re: Cloudstack and KVM clusters, Thanks Simon, I think I got it. So, the hosts do not need to be in a cluster to perform the live migration. On Tue, Mar 31, 2015 at 5:59 PM, Simon Weller swel...@ena.com wrote: Rafael, KVM live migration really relies on whether the underlying shared storage (and file system) supports the ability to provide data consistency during a migration. You never ever want a situation where 2 hosts are able to mount and write to the same volume concurrently. You can live migrate in KVM today using the following underlying file systems/methods: 1. NFS 2. CEPH 3. Clustered Logical Volume Management (CLVM) on top of SAN exposed storage via iSCSI,FC or FCOE. It's also possible to build your own storage driver and set a LUN to read only on a particular host using your SANs API. Solidfire, Nexenta and Cloudbyte have also added storage drivers more recently that may provide support for live migration, but as I'm not personally familiar with these storage platforms, I'll leave it up to others to comment if they wish. - Si From: Rafael Weingartner rafaelweingart...@gmail.com Sent: Tuesday, March 31, 2015 3:36 PM To: us...@cloudstack.apache.org; dev@cloudstack.apache.org Subject: Cloudstack and KVM clusters, Hi folks, I was looking a matrix of Cloudstack compatibility matrix at http://pt.slideshare.net/TimMackey/hypervisor-31754727, Slide 25 seemed to show that we cannot have clusters of KVM in CS? Is that true? Is it possible to live migrate VMs between KVM hosts that are not clustered in CS? -- Rafael Weingärtner -- Rafael Weingärtner
Re: [ANNOUNCE] New committer: Rene Moser
Congrats Rene! -- Erik Den tirsdag 31. mars 2015 skrev sebgoa run...@gmail.com følgende: The Project Management Committee (PMC) for Apache CloudStack has asked Rene Moser to become a committer and we are pleased to announce that he has accepted. Rene has committed several fixes to cloudstack and is the sole author of the cloudstack ansible module. This module should make it to Ansible core quite soon Being a committer enables easier contribution to the project since there is no need to go via the patch submission process. This should enable better productivity. Being a PMC member enables assistance with the management and to guide the direction of the project. Join me in congratulating Rene and let's hope for more Ansible play books to deploy cloudstack and associated workloads. -The CloudStack PMC
Re: Migrating to VPC/Site-to-Site VPN
As Erik mentioned, we can add nic from VPC network to existing vms so the vms will be in both isolated(non-vpc) and vpc networks. On Wed, Apr 1, 2015 at 11:56 AM, Erik Weber terbol...@gmail.com wrote: Haven't tried it myself, but i think you should be able to create the vpc and change nic on VMs. If you want to keep the ip addresses you might have to use the api Erik Den onsdag 1. april 2015 skrev Logan Barfield lbarfi...@tqhosting.com følgende: We have a customer that is currently set up in an isolated network in an advanced zone. They recently mentioned that they have a need for site-to-site VPN connectivity for their application. Is it possible to move an existing isolated network into a VPC for site-to-site VPN functionality? Or is there another way to set up a site-to-site VPN using the existing network? Thank You, Logan Barfield Tranquil Hosting
[GitHub] cloudstack pull request: CLOUDSTACK-8356: Mentioning netaddr modul...
Github user gauravaradhye commented on the pull request: https://github.com/apache/cloudstack/pull/138#issuecomment-88421366 Rebased with latest master. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
CCC Dublin 2015
Hi folks, After getting feedback couple weeks ago on the cloudstack days, Karen Vuong, Giles and a couple others who volunteered to help discussed with the Linux foundation who is organizing the event. We are going to take a bit of a gamble, cancel the event in Budapest and make Dublin a two day event , collocated with linuxcon. We might also try to organize a unconference off-site after the 2 days. We will re-brand, CloudStack days Dublin: CloudStack Collaboration Conference Europe. To make this happen, we will need to raise an additional $10k Citrix, Shapeblue and Nuage Networks have already stepped in and sponsored the event (and some of the other ones as well, if not all). So potential sponsors listening on this list, you are welcome to jump in and help us make CCC Europe happen again, back by popular demand. Cheers, -Sebastien
[GitHub] cloudstack pull request: Vcenter marvin library
Github user asfgit closed the pull request at: https://github.com/apache/cloudstack/pull/134 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] cloudstack pull request: CLOUDSTACK-8356: Mentioning netaddr modul...
Github user srikanteswartalluri commented on the pull request: https://github.com/apache/cloudstack/pull/138#issuecomment-88418770 Looks good. Can you rebase it with latest master? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] cloudstack pull request: CLOUDSTACK-8356: Mentioning netaddr modul...
Github user gauravaradhye commented on the pull request: https://github.com/apache/cloudstack/pull/138#issuecomment-88421582 Done. Regards, Gaurav On Wed, Apr 1, 2015 at 3:20 PM, Srikanteswararao Talluri notificati...@github.com wrote: Looks good. Can you rebase it with latest master? â Reply to this email directly or view it on GitHub https://github.com/apache/cloudstack/pull/138#issuecomment-88418770. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
Build failed in Jenkins: simulator-singlerun #1069
See http://jenkins.buildacloud.org/job/simulator-singlerun/1069/changes Changes: [talluri] CLOUDSTACK-8352: vcenter library for marvin which makes use of 'pyvmomi' [talluri] CLOUDSTACK-8352: vcenter library for marvin which makes use of 'pyvmomi' -- [...truncated 10422 lines...] Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_schema.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_multipart.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_index.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_multipart_alter.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_bucketpolicy.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_policy_alter.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_offering.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_offering_alter.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/developer-prefill.sql Processing upgrade: com.cloud.upgrade.DatabaseUpgradeChecker [INFO] [INFO] --- maven-site-plugin:3.3:attach-descriptor (attach-descriptor) @ cloud-developer --- [INFO] [INFO] --- maven-install-plugin:2.3.1:install (default-install) @ cloud-developer --- [INFO] Installing http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/pom.xml to /var/lib/jenkins/.m2/repository/org/apache/cloudstack/cloud-developer/4.6.0-SNAPSHOT/cloud-developer-4.6.0-SNAPSHOT.pom [INFO] [INFO] BUILD SUCCESS [INFO] [INFO] Total time: 1:55.246s [INFO] Finished at: Wed Apr 01 06:07:14 EDT 2015 [INFO] Final Memory: 44M/168M [INFO] [WARNING] The requested profile simulator could not be activated because it does not exist. [simulator-singlerun] $ mvn -P developer -pl developer -Ddeploydb-simulator [INFO] Scanning for projects... [INFO] [INFO] [INFO] Building Apache CloudStack Developer Mode 4.6.0-SNAPSHOT [INFO] [INFO] [INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ cloud-developer --- [INFO] Starting audit... Audit done. [INFO] [INFO] --- properties-maven-plugin:1.0-alpha-2:read-project-properties (default) @ cloud-developer --- [WARNING] Ignoring missing properties file: http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/../utils/conf/db.properties.override [INFO] [INFO] --- maven-remote-resources-plugin:1.3:process (default) @ cloud-developer --- [INFO] [INFO] --- maven-antrun-plugin:1.8:run (default) @ cloud-developer --- [INFO] Executing tasks main: [INFO] Executed tasks [INFO] [INFO] exec-maven-plugin:1.2.1:java (create-schema-simulator) @ cloud-developer [INFO] [INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ cloud-developer --- [INFO] Starting audit... Audit done. [INFO] [INFO] exec-maven-plugin:1.2.1:java (create-schema-simulator) @ cloud-developer [INFO] [INFO] --- exec-maven-plugin:1.2.1:java (create-schema-simulator) @ cloud-developer --- log4j:WARN No appenders could be found for logger (org.springframework.core.env.StandardEnvironment). log4j:WARN Please initialize the log4j system properly. log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info. WARNING: Provided file does not exist: http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/../utils/conf/db.properties.override Initializing database=simulator with host=localhost port=3306 username=cloud password=cloud Running query: drop database if exists `simulator` Running query: create database `simulator` Running query: GRANT ALL ON simulator.* to 'cloud'@`localhost` identified by 'cloud' Running query: GRANT ALL ON simulator.* to 'cloud'@`%` identified by 'cloud' Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/create-schema-simulator.sql Processing SQL file at
Re: Migrating to VPC/Site-to-Site VPN
Logan, Create a new account on that customer domain and then create a network (VPC only no other networks) on that account, Then shut down VMs on the existing account then there is move option to other account(if the ACS version is 4.2.0 above). Now you can move the VMs to new account. Thanks, Anil. On Wed, Apr 1, 2015 at 3:45 AM, Logan Barfield lbarfi...@tqhosting.com wrote: We have a customer that is currently set up in an isolated network in an advanced zone. They recently mentioned that they have a need for site-to-site VPN connectivity for their application. Is it possible to move an existing isolated network into a VPC for site-to-site VPN functionality? Or is there another way to set up a site-to-site VPN using the existing network? Thank You, Logan Barfield Tranquil Hosting
Re: Cloudstack and KVM clusters,
Yes, Chiu. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: chiu ching cheng ccchiou...@gmail.com To: us...@cloudstack.apache.org Cc: dev@cloudstack.apache.org Sent: Wednesday, 1 April, 2015 02:31:42 Subject: Re: Cloudstack and KVM clusters, If I wnat to build a kvm native cluster with gfs2 + DLM , and use iscsi + DRBD in storage . Then add the kvm cluster to cloudstack , and add the SharedMountPoint to cloudstack as primary storage , Does it work ? On Wed, Apr 1, 2015 at 6:12 AM, Marcus shadow...@gmail.com wrote: Don't forget SharedMountPoint. This (in theory, haven't tried it recently) allows you to use any clustered filesystem that has a consistent mountpoint across all KVM hosts in a CS cluster, e.g. mount an OCFS2 to /vmstore1 then register /vmstore1 as a SharedMountPoint. The Ceph support is in the form of RBD, by the way. You could use CephFS if you wished via SharedMountPoint. On Tue, Mar 31, 2015 at 2:09 PM, Simon Weller swel...@ena.com wrote: The hosts need to be part of the same Cloudstack cluster, and depending on the underlying storage technology, you may need a clustered file system as well. A Cloudstack cluster is basically a group of physical hosts. For example: You build a new Zone in Cloudstack. Under the zone you have a pod. Within the pod, you build a new cluster (just a group of hosts). Then you assigned 4 servers (hosts) into that cluster. You will be able to live migrate between the 4 hosts assuming the original mentioned criteria are met. - Si From: Rafael Weingartner rafaelweingart...@gmail.com Sent: Tuesday, March 31, 2015 4:02 PM To: dev@cloudstack.apache.org Cc: us...@cloudstack.apache.org Subject: Re: Cloudstack and KVM clusters, Thanks Simon, I think I got it. So, the hosts do not need to be in a cluster to perform the live migration. On Tue, Mar 31, 2015 at 5:59 PM, Simon Weller swel...@ena.com wrote: Rafael, KVM live migration really relies on whether the underlying shared storage (and file system) supports the ability to provide data consistency during a migration. You never ever want a situation where 2 hosts are able to mount and write to the same volume concurrently. You can live migrate in KVM today using the following underlying file systems/methods: 1. NFS 2. CEPH 3. Clustered Logical Volume Management (CLVM) on top of SAN exposed storage via iSCSI,FC or FCOE. It's also possible to build your own storage driver and set a LUN to read only on a particular host using your SANs API. Solidfire, Nexenta and Cloudbyte have also added storage drivers more recently that may provide support for live migration, but as I'm not personally familiar with these storage platforms, I'll leave it up to others to comment if they wish. - Si From: Rafael Weingartner rafaelweingart...@gmail.com Sent: Tuesday, March 31, 2015 3:36 PM To: us...@cloudstack.apache.org; dev@cloudstack.apache.org Subject: Cloudstack and KVM clusters, Hi folks, I was looking a matrix of Cloudstack compatibility matrix at http://pt.slideshare.net/TimMackey/hypervisor-31754727, Slide 25 seemed to show that we cannot have clusters of KVM in CS? Is that true? Is it possible to live migrate VMs between KVM hosts that are not clustered in CS? -- Rafael Weingärtner -- Rafael Weingärtner
Build failed in Jenkins: simulator-singlerun #1070
See http://jenkins.buildacloud.org/job/simulator-singlerun/1070/changes Changes: [talluri] CLOUDSTACK-8356: Mentioning netaddr module in setup.py in marvin as it is used across test cases -- [...truncated 10389 lines...] Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/developer-prefill.sql Processing upgrade: com.cloud.upgrade.DatabaseUpgradeChecker [INFO] [INFO] --- maven-site-plugin:3.3:attach-descriptor (attach-descriptor) @ cloud-developer --- [INFO] [INFO] --- maven-install-plugin:2.3.1:install (default-install) @ cloud-developer --- [INFO] Installing http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/pom.xml to /var/lib/jenkins/.m2/repository/org/apache/cloudstack/cloud-developer/4.6.0-SNAPSHOT/cloud-developer-4.6.0-SNAPSHOT.pom [INFO] [INFO] BUILD SUCCESS [INFO] [INFO] Total time: 1:54.246s [INFO] Finished at: Wed Apr 01 06:30:36 EDT 2015 [INFO] Final Memory: 45M/183M [INFO] [WARNING] The requested profile simulator could not be activated because it does not exist. [simulator-singlerun] $ mvn -P developer -pl developer -Ddeploydb-simulator [INFO] Scanning for projects... [INFO] [INFO] [INFO] Building Apache CloudStack Developer Mode 4.6.0-SNAPSHOT [INFO] [INFO] [INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ cloud-developer --- [INFO] Starting audit... Audit done. [INFO] [INFO] --- properties-maven-plugin:1.0-alpha-2:read-project-properties (default) @ cloud-developer --- [WARNING] Ignoring missing properties file: http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/../utils/conf/db.properties.override [INFO] [INFO] --- maven-remote-resources-plugin:1.3:process (default) @ cloud-developer --- [INFO] [INFO] --- maven-antrun-plugin:1.8:run (default) @ cloud-developer --- [INFO] Executing tasks main: [INFO] Executed tasks [INFO] [INFO] exec-maven-plugin:1.2.1:java (create-schema-simulator) @ cloud-developer [INFO] [INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ cloud-developer --- [INFO] Starting audit... Audit done. [INFO] [INFO] exec-maven-plugin:1.2.1:java (create-schema-simulator) @ cloud-developer [INFO] [INFO] --- exec-maven-plugin:1.2.1:java (create-schema-simulator) @ cloud-developer --- log4j:WARN No appenders could be found for logger (org.springframework.core.env.StandardEnvironment). log4j:WARN Please initialize the log4j system properly. log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info. WARNING: Provided file does not exist: http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/../utils/conf/db.properties.override Initializing database=simulator with host=localhost port=3306 username=cloud password=cloud Running query: drop database if exists `simulator` Running query: create database `simulator` Running query: GRANT ALL ON simulator.* to 'cloud'@`localhost` identified by 'cloud' Running query: GRANT ALL ON simulator.* to 'cloud'@`%` identified by 'cloud' Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/create-schema-simulator.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/templates.simulator.sql Processing SQL file at http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/hypervisor_capabilities.simulator.sql Processing upgrade: com.cloud.upgrade.DatabaseUpgradeChecker [INFO] [INFO] --- maven-site-plugin:3.3:attach-descriptor (attach-descriptor) @ cloud-developer --- [INFO] [INFO] --- maven-install-plugin:2.3.1:install (default-install) @ cloud-developer --- [INFO] Installing http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/pom.xml to /var/lib/jenkins/.m2/repository/org/apache/cloudstack/cloud-developer/4.6.0-SNAPSHOT/cloud-developer-4.6.0-SNAPSHOT.pom [INFO] [INFO] BUILD SUCCESS [INFO] [INFO] Total time: 17.908s [INFO] Finished at: Wed Apr 01 06:30:57 EDT 2015 [INFO] Final Memory: 44M/202M [INFO] [simulator-singlerun] $ /bin/bash -x /tmp/hudson3131141740851458649.sh + jps -l + grep -q Launcher + rm -f xunit.xml +
reset sshkeyforvirtualmachine also resets password
Hi, I've just noticed resetsshkeyforvirtualmachine also resets the root password. This doesn't sound right. Is this supposed to happen? 4.4.3 RC2 (4.4-RC20150324T1321) CentOS/KVM -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro
Re: Any VxLan Support on Xenserver
The ovs contained within XenServer 6.5 is capable of supporting VxLAN, but as Adrian stated the control plane is missing. Prior XenServer versions don't have an ovs capable of VxLAN. I *think* Contrail also supports VxLAN, but I don't know what its status is wrt XenServer 6.5 -tim On Wed, Apr 1, 2015 at 9:25 AM, Keerthiraja SJ sjkeer...@gmail.com wrote: But Nuage is commercial one right. On Tue, Mar 31, 2015 at 4:36 PM, Erik Weber terbol...@gmail.com wrote: On Tue, Mar 31, 2015 at 9:39 AM, Keerthiraja SJ sjkeer...@gmail.com wrote: Hi All, Is there any plan to bring up VxLAN support for xenserver on future release version. Not sure if I remember correct or not, but I think Nuage is VXLAN-based and works with XenServer. -- Erik
Re: Any VxLan Support on Xenserver
But Nuage is commercial one right. On Tue, Mar 31, 2015 at 4:36 PM, Erik Weber terbol...@gmail.com wrote: On Tue, Mar 31, 2015 at 9:39 AM, Keerthiraja SJ sjkeer...@gmail.com wrote: Hi All, Is there any plan to bring up VxLAN support for xenserver on future release version. Not sure if I remember correct or not, but I think Nuage is VXLAN-based and works with XenServer. -- Erik
Re: Migrating to VPC/Site-to-Site VPN
That's what I figured. We were hoping to be able to set up site-to-site VPN on the existing network. If a VPC is just a supernet to multiple virtual routers it seems like it would be feasible to seamlessly add an existing network/VR to a VPC. Since this isn't possible now I guess opening a feature request for it would be good, in case we run into a similar issue next year. Before I do, does anyone know if this is technically possible, just not yet coded? In other words, could I theoretically add an existing isolated network/VR to a VPC seamlessly via updating the database or manually changing something on the VR? If so I would think adding the code to handle that task would be relatively easy. Thank You, Logan Barfield Tranquil Hosting On Wed, Apr 1, 2015 at 3:20 AM, Sanjeev N sanj...@apache.org wrote: As Erik mentioned, we can add nic from VPC network to existing vms so the vms will be in both isolated(non-vpc) and vpc networks. On Wed, Apr 1, 2015 at 11:56 AM, Erik Weber terbol...@gmail.com wrote: Haven't tried it myself, but i think you should be able to create the vpc and change nic on VMs. If you want to keep the ip addresses you might have to use the api Erik Den onsdag 1. april 2015 skrev Logan Barfield lbarfi...@tqhosting.com følgende: We have a customer that is currently set up in an isolated network in an advanced zone. They recently mentioned that they have a need for site-to-site VPN connectivity for their application. Is it possible to move an existing isolated network into a VPC for site-to-site VPN functionality? Or is there another way to set up a site-to-site VPN using the existing network? Thank You, Logan Barfield Tranquil Hosting
[GitHub] cloudstack pull request: Refactor/citrix resource base rebase
Github user wilderrodrigues commented on the pull request: https://github.com/apache/cloudstack/pull/137#issuecomment-88510623 Addced documentation here: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Refactoring+CitirxResourceBase+class --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
Re: [VOTE]Apache CloudStack 4.4.3 release candidate 4.4-RC20150324T1321
Rohit, from what I'm understanding here is that your builded RPM's are not the RC as they have extra commits into it. I'm not sure this is a correct way. if this RC1 need fixes, shouldn't we create a new RC2? anyhow, I don't know if anybody succeed to build RPM's from the RC, I can't but I'm not sure if it's my setup. kind of doubt as their was failure into jenkins build in the period of time the RC as been created. Thanks, On Wed, Apr 1, 2015 at 1:19 AM, Rohit Yadav rohit.ya...@shapeblue.com wrote: Hi Pierre, My shared rpms are the RC plus those additional build patches (no change to core cloudstack but only packaging). On 31-Mar-2015, at 7:13 pm, Pierre-Luc Dion pd...@cloudops.com wrote: Rohit, I'm experiencing this rpmbuild issue with the RC branch, true that it's working on 4.4 branch. Does your shared RPM are build from 4.4 or RC branch? thanks On Mon, Mar 30, 2015 at 11:14 PM, Rohit Yadav rohit.ya...@shapeblue.com wrote: Hi Pierre, Yes, I’ve found and fixed the issue on 4.4 (latest). Please use the rpms that I shared, or use latest 4.4 for testing. On 30-Mar-2015, at 9:27 pm, Pierre-Luc Dion pd...@cloudops.com wrote: I'm wondering if I'm the only one not behing able to build RPMs from noredis? I'm having this error:+ rm -rf /data/lib/jenkins/workspace/CloudStack-4.4-RC_nodist_rpms/dist/rpmbuild/BUILDROOT/cloudstack-4.4.3-1.el6.x86_64/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/vms /var/tmp/rpm-tmp.ZuMVTc: line 105: syntax error near unexpected token `do' error: Bad exit status from /var/tmp/rpm-tmp.ZuMVTc (%install) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.ZuMVTc (%install) RPM Build Failed Build step 'Execute shell' marked build as failure Look like the 4.4 branch does work but I had no success with the RC branch :-S. Thanks On Sun, Mar 29, 2015 at 9:40 AM, Nux! n...@li.nux.ro wrote: +1 (binding) from me, passes basic tests in Adv+SG zone. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Nux! n...@li.nux.ro To: dev@cloudstack.apache.org Sent: Tuesday, 24 March, 2015 14:16:06 Subject: Re: [VOTE]Apache CloudStack 4.4.3 release candidate 4.4-RC20150324T1321 This contains a good bunch of fixes and would be great if it went through. I'll test this ASAP and vote, need to get rid of 4.5 on my test rig. :-) Thanks Daan Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Daan Hoogland daan.hoogl...@gmail.com To: dev dev@cloudstack.apache.org Sent: Tuesday, 24 March, 2015 12:31:11 Subject: [VOTE]Apache CloudStack 4.4.3 release candidate 4.4-RC20150324T1321 Hi All, (please note that the last release candidate did not get enough attention to make quorum) I've created a 4.4.3 release, with the following artifacts up for a vote: Git Branch and Commit SH: https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.4-RC20150324T1321 Commit: 483490534a8a091c7af7c61d1eaf5c0192f646d9 List of changes: https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/tags/4.4.3 Source release (checksums and signatures are available at the same location): https://dist.apache.org/repos/dist/dev/cloudstack/4.4.3 PGP release keys (signed using AA4736F3): https://dist.apache.org/repos/dist/release/cloudstack/KEYS Vote will be open for 72 hours. For sanity in tallying the vote, can PMC members please be sure to indicate (binding) with their vote? [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) -- Daan Regards, Rohit Yadav Software Architect, ShapeBlue M. +91 88 262 30892 | rohit.ya...@shapeblue.com Blog: bhaisaab.org | Twitter: @_bhaisaab Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Build http://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineering http://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Support http://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courses http://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the
Load Balancer (HAProxy) - TPROXY passthrough
We've been running into some issues with the Advanced Zone/Isolated Network Load Balancer, and in working through them we've come up with some ideas for how the functionality can be improved. The first issue we hit was with HTTP load balancing. We had a site that was sending back larger than average HTTP headers with 302 redirects. This was causing HAProxy to return 502 errors to clients. This is apparently a known issue with HAProxy when using the default tune.bufsize and tune.maxrewrite settings.The official HAProxy documentation recommends changing these from the defaults. We were able to work around the problem by manually setting tune.maxrewrite 1024 in the haproxy.cfg on the virtual router. This resolved most of the 502 errors, and would have probably resolved all of them with more tuning. The problem is that this change obviously wouldn't survive upgrades or VR rebuilds. To fix the problem on a more permanent basis we changed the KeepAliveEnabled Network Offering setting introduced a few versions ago. This directs HAProxy to use TCP mode instead of HTTP mode for rules configured on port 80. This solution works for the most part, but there are a couple of problems: 1) There doesn't appear to be support for this setting in the UI. That's understandable as the UI is way behind the current feature set. 2) There doesn't appear to be support for this setting in the API, either when creating or updating Network Offerings. This is a bit of a problem. We had to make the change in the database directly, which is very dirty. 3) TCP connections don't grab HTTP headers, so they can't send the real IP to HTTP/Nginx in the X-Forwarded-For header. To fix these issues I suggest the following changes be made: 1) Add the KeepAliveEnabled option to the Network Offering API commands. I really have no idea how to do this, so I'll try to flag the original committer to see if they can do so. 2) Add a new option for TPROXY support. The current VR kernel and HAProxy version have TPROXY support built in, so having the option (on a per LB rule basis) would be great. This would allow for using TCP mode in HAProxy, while still passing the real IP through to the backend services. To accomplish this I would suggest adding the necessary IPtables rules to the VR either by default, or when Load Balancing is first enabled. Then a flag can be added to the create LB rule command to either enable or disable the transparent proxy setting. The necessary IPtables rules are: iptables -t mangle -N DIVERT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 111 iptables -t mangle -A DIVERT -j ACCEPT ip rule add fwmark 111 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 Then for each LB rule created with the transparent option enabled, add the following setting to the rule configuration: source 0.0.0.0 usesrc clientip The last configuration change is to remove the user/group or uid/gid options in the haproxy config, otherwise HAProxy won't start with usesrc enabled. It is also recommended to enable /proc/sys/net/ipv4/conf/eth0/send_redirects, but I haven't noticed any issues with it disabled either, and I don't know what else it might affect. 3) The last suggestion would be to move away from hard coding configuration directives for VR services (like HAProxy: https://github.com/apache/cloudstack/blob/5091d0f5c5b03cb8658f2d974103261341080825/core/src/com/cloud/network/HAProxyConfigurator.java) Doing this makes implementing changes a hassle since it involves rebuilding/upgrading CloudStack to accomplish anything, even small edits. For a production environment this is ill advised if not impossible. In general it would make sense to make persistent changes to VR services possible without recompiling code or rebooting the VRs. I believe that's part of a bigger issue though, as I've seen some discussion about it on the list. If anyone actually makes it through this, I'd appreciate any feedback on things I may not be considering, or reasons not to implement these changes. I doubt I'll get enough traction for an actual developer to help, so I'll probably end up hacking these in myself and committing them. I just wanted to see what the community thought first. Thank You, Logan Barfield Tranquil Hosting
Doc Need to update for 4.5
Hi All, With below document link I couldn't see On Hypervisor Xenserver 6.5 is supported. http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/latest/hypervisor/xenserver.html Thanks, Keerthi
Re: CentOS Cloud SIG effort
On 03/27/2015 04:41 AM, Sebastien Goasguen wrote: On Mar 26, 2015, at 4:28 PM, Rich Bowenrbo...@rcbowen.com wrote: A while back I mentioned to some folks (I think it was this list, but it may have been a subset) that the CentOS community is working on a Cloud SIG (Special Interest Group) effort. You can read a little about it athttp://wiki.centos.org/SpecialInterestGroup/Cloud The idea is to ensure that cloud infrastructure software, like CloudStack, OpenStack, Open Nebula, and Eucalyptus, works solidly on CentOS, has all of the prerequisite packages available, gets CI on the CentOS platform, and so on. At the moment, this is*only* OpenStack, with the other projects unrepresented. If you are interested in adoption of CloudStack on CentOS (and, by side effect, on Red Hat Enterprise Linux), we'd love to have your participation in this effort. Hi Rich, thanks for the ping again. We have been in touch with KB (Nux! and I mostly) and submitted our scripts for building a cloudstack centOS templates upstream. It works and was merged at some point, but it got pulled back because we stick some scripts in there. Bottom line is that I feel we need to work further upstream in cloud-init to improve cloudstack support there, once that’s done, we can come back to the CentOS builds for cloudstack. fwiw, our install base is probably ~70% centOS and we already have centOS7 support. In the OpenStack world, we see CentOS as a great way to get the message out about OpenStack. Wearing my ASF hat, I'd really like to see the same vehicle be used to get the word out about CloudStack. CentOS goes to a lot of events, and many of them are ones that CloudStack isn't at. I'd love to see the Cloud SIG be a way to get the word about CloudStack into audiences that typically only ever hear about OpenStack. (Yes, I have split loyalties here, and that's fine.) Anyways, a reminder that we will be having this meeting on #centos-devel at 15:00 UTC *tomorrow*, and it would be awesome to at least have some representation from the CloudStack community there to ask the right questions and see what we can do, on the CentOS side, to fix these cloud-init problems and bring CloudStack some more of the CentOS spotlight. Or even just show up so that folks can meet you and we can figure out if there's anything we can do to help one another. --Rich -- Rich Bowen - rbo...@rcbowen.com - @rbowen http://apachecon.com/ - @apachecon
Re: vim25.jar missing from mvn repo?
You need to get the dependencies before you build. Following links should help you. https://cwiki.apache.org/confluence/display/CLOUDSTACK/How+to+build+CloudSt ack#HowtobuildCloudStack-Dependencies https://cwiki.apache.org/confluence/display/CLOUDSTACK/Hypervisor+VMWare Thanks, ~Talluri On 01/04/15 10:14 pm, Jeronimo Garcia garciaj...@gmail.com wrote: Hi list. I'm trying to build the master on git and I'm getting this: [ERROR] Failed to execute goal on project cloud-vmware-base: Could not resolve dependencies for project org.apache.cloudstack:cloud-vmware-base:jar:4.6.0-SNAPSHOT: Failure to find com.cloud.com.vmware:vmware-vim25:jar:5.1 in https://repo.maven.apache.org/maven2 was cached in the local repository, resolution will not be reattempted until the update interval of central has elapsed or updates are forced - [Help 1] command: mvn -DskipTests=true -P vmware clean install Am i missing something? the jar file is not in the remote maven repos .. Thanks!
Re: reset sshkeyforvirtualmachine also resets password
Somesh, Why wouldn't the root password field in the DB just be left alone? -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Somesh Naidu somesh.na...@citrix.com To: dev@cloudstack.apache.org Sent: Thursday, 2 April, 2015 00:06:54 Subject: RE: reset sshkeyforvirtualmachine also resets password I believe so, since the VM's password (stored in the user_vm_details table) needs to be encrypted using the new keys and I believe encryption is a one-way hash. Somesh CloudPlatform Escalations Citrix Systems, Inc. -Original Message- From: Nux! [mailto:n...@li.nux.ro] Sent: Wednesday, April 01, 2015 9:16 AM To: dev Subject: reset sshkeyforvirtualmachine also resets password Hi, I've just noticed resetsshkeyforvirtualmachine also resets the root password. This doesn't sound right. Is this supposed to happen? 4.4.3 RC2 (4.4-RC20150324T1321) CentOS/KVM -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro
Re: [ANNOUNCE] Rohit Yadav as new PMC member of CloudStack
On 2015-03-27 4:07 AM, Sebastien Goasguen wrote: The Project Management Committee (PMC) for Apache CloudStack are pleased to announce that Rohit Yadav has accepted our invitation to join the PMC. Please join me in congratulating him. On behalf of the Apache CloudStack PMC Was about time! :) Congrats Rohit! -- Francois Gaudreault Gestionnaire de Produit | Product Manager - Cloud Platform Services t:514-629-6775 CloudOps Votre partenaire infonuagique | Cloud Solutions Experts 420 rue Guy | Montreal | Quebec | H3J 1S6 w: cloudops.com | tw: @CloudOps_
Re: [ANNOUNCE] Rohit Yadav as new PMC member of CloudStack
On 2015-03-27 4:07 AM, Sebastien Goasguen wrote: The Project Management Committee (PMC) for Apache CloudStack are pleased to announce that Rohit Yadav has accepted our invitation to join the PMC. Please join me in congratulating him. On behalf of the Apache CloudStack PMC Was about time! :) Congrats Rohit! -- Francois Gaudreault Gestionnaire de Produit | Product Manager - Cloud Platform Services t:514-629-6775 CloudOps Votre partenaire infonuagique | Cloud Solutions Experts 420 rue Guy | Montreal | Quebec | H3J 1S6 w: cloudops.com | tw: @CloudOps_
Re: master branch: VR not starting
Can you please check the MS logs for the VR start. You might be getting exception for VR start due which the MS is stopping the router. Can you please send the management server logs. Thanks, Jayapal On 02-Apr-2015, at 12:44 AM, Pierre-Luc Dion pd...@cloudops.com wrote: Hi, I'm setting up a test env with the master branch and XenServer 6.5.0 VR are not starting I have the CPVM and SSVM running but VR failed to start for guest network and VPC. the VR instance start and got shutdown right after debian is booted. I've used templates from j.bac.o. Does anyone is aware of changes going on on master branch or experiencing the same? Thanks :-)
Re: [VOTE]Apache CloudStack 4.4.3 release candidate 4.4-RC20150324T1321
Pierre, there have been two RCs I’m not sure which one are you testing/building against. I’ve already shared that there were build problems that I had fixed in the first RC. Please test latest 4.4 and discuss issues here so we can fix things before we ask Daan to start another RC round. On 01-Apr-2015, at 9:24 pm, Pierre-Luc Dion pd...@cloudops.com wrote: Rohit, from what I'm understanding here is that your builded RPM's are not the RC as they have extra commits into it. I'm not sure this is a correct way. if this RC1 need fixes, shouldn't we create a new RC2? anyhow, I don't know if anybody succeed to build RPM's from the RC, I can't but I'm not sure if it's my setup. kind of doubt as their was failure into jenkins build in the period of time the RC as been created. Thanks, On Wed, Apr 1, 2015 at 1:19 AM, Rohit Yadav rohit.ya...@shapeblue.com wrote: Hi Pierre, My shared rpms are the RC plus those additional build patches (no change to core cloudstack but only packaging). On 31-Mar-2015, at 7:13 pm, Pierre-Luc Dion pd...@cloudops.com wrote: Rohit, I'm experiencing this rpmbuild issue with the RC branch, true that it's working on 4.4 branch. Does your shared RPM are build from 4.4 or RC branch? thanks On Mon, Mar 30, 2015 at 11:14 PM, Rohit Yadav rohit.ya...@shapeblue.com wrote: Hi Pierre, Yes, I’ve found and fixed the issue on 4.4 (latest). Please use the rpms that I shared, or use latest 4.4 for testing. On 30-Mar-2015, at 9:27 pm, Pierre-Luc Dion pd...@cloudops.com wrote: I'm wondering if I'm the only one not behing able to build RPMs from noredis? I'm having this error:+ rm -rf /data/lib/jenkins/workspace/CloudStack-4.4-RC_nodist_rpms/dist/rpmbuild/BUILDROOT/cloudstack-4.4.3-1.el6.x86_64/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/vms /var/tmp/rpm-tmp.ZuMVTc: line 105: syntax error near unexpected token `do' error: Bad exit status from /var/tmp/rpm-tmp.ZuMVTc (%install) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.ZuMVTc (%install) RPM Build Failed Build step 'Execute shell' marked build as failure Look like the 4.4 branch does work but I had no success with the RC branch :-S. Thanks On Sun, Mar 29, 2015 at 9:40 AM, Nux! n...@li.nux.ro wrote: +1 (binding) from me, passes basic tests in Adv+SG zone. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Nux! n...@li.nux.ro To: dev@cloudstack.apache.org Sent: Tuesday, 24 March, 2015 14:16:06 Subject: Re: [VOTE]Apache CloudStack 4.4.3 release candidate 4.4-RC20150324T1321 This contains a good bunch of fixes and would be great if it went through. I'll test this ASAP and vote, need to get rid of 4.5 on my test rig. :-) Thanks Daan Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Daan Hoogland daan.hoogl...@gmail.com To: dev dev@cloudstack.apache.org Sent: Tuesday, 24 March, 2015 12:31:11 Subject: [VOTE]Apache CloudStack 4.4.3 release candidate 4.4-RC20150324T1321 Hi All, (please note that the last release candidate did not get enough attention to make quorum) I've created a 4.4.3 release, with the following artifacts up for a vote: Git Branch and Commit SH: https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.4-RC20150324T1321 Commit: 483490534a8a091c7af7c61d1eaf5c0192f646d9 List of changes: https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/tags/4.4.3 Source release (checksums and signatures are available at the same location): https://dist.apache.org/repos/dist/dev/cloudstack/4.4.3 PGP release keys (signed using AA4736F3): https://dist.apache.org/repos/dist/release/cloudstack/KEYS Vote will be open for 72 hours. For sanity in tallying the vote, can PMC members please be sure to indicate (binding) with their vote? [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) -- Daan Regards, Rohit Yadav Software Architect, ShapeBlue M. +91 88 262 30892 | rohit.ya...@shapeblue.com Blog: bhaisaab.org | Twitter: @_bhaisaab Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Build http://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineering http://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Support http://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courses http://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily
Re: CCC Dublin 2015
On 01-04-15 19:29, Giles Sirett wrote: Sebastien - this is GREAT news and thanks for your efforts in making this happen Indeed, great! I'll see what we can do. Although I am a fan of the 1 day cloudstackdays format, it did mean that we didn’t have a natrual point for the community to meet. I'm very much hoping that as many of us as possible can get together now 7-8 October Cloudstack and guiness - whats not to like ? The guiness part. Wido Hi folks, After getting feedback couple weeks ago on the cloudstack days, Karen Vuong, Giles and a couple others who volunteered to help discussed with the Linux foundation who is organizing the event. We are going to take a bit of a gamble, cancel the event in Budapest and make Dublin a two day event , collocated with linuxcon. We might also try to organize a unconference off-site after the 2 days. We will re-brand, CloudStack days Dublin: CloudStack Collaboration Conference Europe. To make this happen, we will need to raise an additional $10k Citrix, Shapeblue and Nuage Networks have already stepped in and sponsored the event (and some of the other ones as well, if not all). So potential sponsors listening on this list, you are welcome to jump in and help us make CCC Europe happen again, back by popular demand. Cheers, -Sebastien Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Buildhttp://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineeringhttp://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Supporthttp://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courseshttp://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic of South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
[GitHub] cloudstack pull request: reboot much faster in case of storage fai...
GitHub user remibergsma opened a pull request: https://github.com/apache/cloudstack/pull/140 reboot much faster in case of storage failure When storage cannot be reached, it does not make sense to reboot as it will try to flush buffers, umount NFS mounts, etc. This will not work and thus cause a long delay. With this change, the box will reboot immediately (like pressing the reset button). You can merge this pull request into a Git repository by running: $ git pull https://github.com/remibergsma/cloudstack master Alternatively you can review and apply these changes as the patch at: https://github.com/apache/cloudstack/pull/140.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #140 commit 2b41f98346eaae981238c41f8cc7092ef72492d9 Author: Remi Bergsma git...@remi.nl Date: 2015-04-01T17:45:16Z reboot much faster in case of storage failure When storage cannot be reached, it does not make sense to reboot as it will try to flush buffers, umount NFS mounts, etc. This will not work and thus cause a long delay. With this change, the box will reboot immediately (like pressing the reset button). commit fe53329958e3d835d1b2c24cf78bc1c409cb7ee3 Author: Remi Bergsma git...@remi.nl Date: 2015-04-01T18:04:44Z Merge pull request #1 from remibergsma/remibergsma-kvmheartbeat reboot much faster in case of storage failure --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
Re: Load Balancer (HAProxy) - TPROXY passthrough
Logan For sometime now, idea was kicked around of extending VR services where it can take custom configurations. In theory, VR should be driven via config management tool (i.e. puppet, salt, chef, ansible - or whatever works). Instead of hacking this in portions, perhaps you can spend sometime analizing how VR is build and how you we can extend the functionality via external config management. For example, when vrouter comes up, because we already have ssh keys dropped on each VR, just on this premise alone - we can do just about anything. I'm thinking salt or ansible would be a better solution as it is SSH driven and agentless. Try porting your changes into salt or ansible (or anything else agentless) and propose a framework on how we can enhance this. I'm thinking, for each Account (as it gets a VR), we need to have a ansible config file that will be pushed through once VR comes up to configure remaining custom bits/components to your liking. Thoughts? regards ilya On 4/1/15 9:34 AM, Logan Barfield wrote: We've been running into some issues with the Advanced Zone/Isolated Network Load Balancer, and in working through them we've come up with some ideas for how the functionality can be improved. The first issue we hit was with HTTP load balancing. We had a site that was sending back larger than average HTTP headers with 302 redirects. This was causing HAProxy to return 502 errors to clients. This is apparently a known issue with HAProxy when using the default tune.bufsize and tune.maxrewrite settings.The official HAProxy documentation recommends changing these from the defaults. We were able to work around the problem by manually setting tune.maxrewrite 1024 in the haproxy.cfg on the virtual router. This resolved most of the 502 errors, and would have probably resolved all of them with more tuning. The problem is that this change obviously wouldn't survive upgrades or VR rebuilds. To fix the problem on a more permanent basis we changed the KeepAliveEnabled Network Offering setting introduced a few versions ago. This directs HAProxy to use TCP mode instead of HTTP mode for rules configured on port 80. This solution works for the most part, but there are a couple of problems: 1) There doesn't appear to be support for this setting in the UI. That's understandable as the UI is way behind the current feature set. 2) There doesn't appear to be support for this setting in the API, either when creating or updating Network Offerings. This is a bit of a problem. We had to make the change in the database directly, which is very dirty. 3) TCP connections don't grab HTTP headers, so they can't send the real IP to HTTP/Nginx in the X-Forwarded-For header. To fix these issues I suggest the following changes be made: 1) Add the KeepAliveEnabled option to the Network Offering API commands. I really have no idea how to do this, so I'll try to flag the original committer to see if they can do so. 2) Add a new option for TPROXY support. The current VR kernel and HAProxy version have TPROXY support built in, so having the option (on a per LB rule basis) would be great. This would allow for using TCP mode in HAProxy, while still passing the real IP through to the backend services. To accomplish this I would suggest adding the necessary IPtables rules to the VR either by default, or when Load Balancing is first enabled. Then a flag can be added to the create LB rule command to either enable or disable the transparent proxy setting. The necessary IPtables rules are: iptables -t mangle -N DIVERT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 111 iptables -t mangle -A DIVERT -j ACCEPT ip rule add fwmark 111 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 Then for each LB rule created with the transparent option enabled, add the following setting to the rule configuration: source 0.0.0.0 usesrc clientip The last configuration change is to remove the user/group or uid/gid options in the haproxy config, otherwise HAProxy won't start with usesrc enabled. It is also recommended to enable /proc/sys/net/ipv4/conf/eth0/send_redirects, but I haven't noticed any issues with it disabled either, and I don't know what else it might affect. 3) The last suggestion would be to move away from hard coding configuration directives for VR services (like HAProxy: https://github.com/apache/cloudstack/blob/5091d0f5c5b03cb8658f2d974103261341080825/core/src/com/cloud/network/HAProxyConfigurator.java) Doing this makes implementing changes a hassle since it involves rebuilding/upgrading CloudStack to accomplish anything, even small edits. For a production environment this is ill advised if not impossible. In general it would make sense to make persistent changes to VR services possible without recompiling code or rebooting the VRs. I believe that's part of a bigger issue though, as I've seen some discussion about it on the list. If
Re: vim25.jar missing from mvn repo?
I'm pretty sure that vmware jar is not open source and not on Central, so you have to download it elsewhere. The wiki article has links to them: https://cwiki.apache.org/confluence/display/CLOUDSTACK/How+to+build+CloudStack On Wed, Apr 1, 2015 at 4:44 PM, Jeronimo Garcia garciaj...@gmail.com wrote: Hi list. I'm trying to build the master on git and I'm getting this: [ERROR] Failed to execute goal on project cloud-vmware-base: Could not resolve dependencies for project org.apache.cloudstack:cloud-vmware-base:jar:4.6.0-SNAPSHOT: Failure to find com.cloud.com.vmware:vmware-vim25:jar:5.1 in https://repo.maven.apache.org/maven2 was cached in the local repository, resolution will not be reattempted until the update interval of central has elapsed or updates are forced - [Help 1] command: mvn -DskipTests=true -P vmware clean install Am i missing something? the jar file is not in the remote maven repos .. Thanks! -- Jeff Hair Core Systems Developer Tel: (+354) 415 0200 j...@greenqloud.com www.greenqloud.com
[GitHub] cloudstack pull request: CLOUDSTACK-8357 Add Test cases for vMotio...
GitHub user abhinavroy02 opened a pull request: https://github.com/apache/cloudstack/pull/139 CLOUDSTACK-8357 Add Test cases for vMotion support on VMFS as primary st... This commit has the vMotion related test cases. Following are the tests 1. Create a VM and migrate it. 2. Migrate only ROOT volume of VM and check for vmx and vmdk files in storage. 3. Migrate VM and its ROOT volume and check for vmx and vmdk files in storage. 4. Attach Data disk to VM and then migrate VM and all its volumes followed by the check for files. 5. Upload a volume, attach it to VM and then migrate VM and all its volumes followed by the check for files. 6. Take Volume snapshots of all the volumes then migrate VM and all its volumes followed by the check for files. 7. Resize the Data disk then migrate VM and all its volumes followed by the check for files. 8. Restore the VM then migrate VM and all its volumes followed by the check for files. All these are part of a test path so there is a single test written which has all the cases. Here is the output after executing them locally: Migrate VMs/Volumes on VMware with VMFS storage ... === TestName: test_01_migrate_root_and_data_disk_live | Status : SUCCESS === ok -- Ran 1 test in 855.918s OK You can merge this pull request into a Git repository by running: $ git pull https://github.com/abhinavroy02/cloudstack CS-8357 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/cloudstack/pull/139.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #139 commit dedc860a62bbfc12971b3661fc654f3b8687c1ca Author: Abhinav Roy abhinav@citrix.com Date: 2015-04-01T17:48:40Z CLOUDSTACK-8357 Add Test cases for vMotion support on VMFS as primary storage --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
Re: vim25.jar missing from mvn repo?
legend! , thanks mate! On Wed, Apr 1, 2015 at 5:51 PM, Jeff Hair j...@greenqloud.com wrote: I'm pretty sure that vmware jar is not open source and not on Central, so you have to download it elsewhere. The wiki article has links to them: https://cwiki.apache.org/confluence/display/CLOUDSTACK/How+to+build+CloudStack On Wed, Apr 1, 2015 at 4:44 PM, Jeronimo Garcia garciaj...@gmail.com wrote: Hi list. I'm trying to build the master on git and I'm getting this: [ERROR] Failed to execute goal on project cloud-vmware-base: Could not resolve dependencies for project org.apache.cloudstack:cloud-vmware-base:jar:4.6.0-SNAPSHOT: Failure to find com.cloud.com.vmware:vmware-vim25:jar:5.1 in https://repo.maven.apache.org/maven2 was cached in the local repository, resolution will not be reattempted until the update interval of central has elapsed or updates are forced - [Help 1] command: mvn -DskipTests=true -P vmware clean install Am i missing something? the jar file is not in the remote maven repos .. Thanks! -- Jeff Hair Core Systems Developer Tel: (+354) 415 0200 j...@greenqloud.com www.greenqloud.com
Re: [ANNOUNCE] New committer: Rene Moser
Congrats Rene, and thanks for the great CS ansible module! On 31/03/2015 22:13, sebgoa wrote: The Project Management Committee (PMC) for Apache CloudStack has asked Rene Moser to become a committer and we are pleased to announce that he has accepted. Rene has committed several fixes to cloudstack and is the sole author of the cloudstack ansible module. This module should make it to Ansible core quite soon Being a committer enables easier contribution to the project since there is no need to go via the patch submission process. This should enable better productivity. Being a PMC member enables assistance with the management and to guide the direction of the project. Join me in congratulating Rene and let's hope for more Ansible play books to deploy cloudstack and associated workloads. -The CloudStack PMC
Re: Load Balancer (HAProxy) - TPROXY passthrough
Logan, My 2cents, While many including myself dont qualify as developers on this list, there are some development parts anyone can do - without knowing Java. Specifically, agentless config management does not require much or any java programing in first stage. Perhaps the portion where a config file for vRouter needs to be fetched and apply by dfault - needs some enhancement, everything else can be handled by savy system person. With that said, it should be trivial to add agent-less config management to router vm without any hardcore java expertise. Regards ilya On 4/1/15 10:13 AM, Logan Barfield wrote: Hi Ilya, I definitely like that solution, and there is discussion elsewhere on overhauling how VRs are configured. Unfortunately I am not a developer. Any changes I make are generally to existing code, and are based off of context and testing more than anything else. I don't currently have the time or knowledge required to implement such a big change myself, and even if I did I wouldn't know where to start. I would be more than happy to discuss something like that with other community members, and offer patches/testing where I can. I don't see myself being able to take the lead on such a task though. For now I'd like to address this particular issue (transparent proxy support), to see if the community has any objections or concerns about the proposed changes. We can (and probably will) end up just creating our own internal branch, but I'd rather be able to commit any changes we make to the project for ease of upgrades, support, etc. Thank You, Logan Barfield Tranquil Hosting On Wed, Apr 1, 2015 at 12:58 PM, ilya ilya.mailing.li...@gmail.com wrote: Logan For sometime now, idea was kicked around of extending VR services where it can take custom configurations. In theory, VR should be driven via config management tool (i.e. puppet, salt, chef, ansible - or whatever works). Instead of hacking this in portions, perhaps you can spend sometime analizing how VR is build and how you we can extend the functionality via external config management. For example, when vrouter comes up, because we already have ssh keys dropped on each VR, just on this premise alone - we can do just about anything. I'm thinking salt or ansible would be a better solution as it is SSH driven and agentless. Try porting your changes into salt or ansible (or anything else agentless) and propose a framework on how we can enhance this. I'm thinking, for each Account (as it gets a VR), we need to have a ansible config file that will be pushed through once VR comes up to configure remaining custom bits/components to your liking. Thoughts? regards ilya On 4/1/15 9:34 AM, Logan Barfield wrote: We've been running into some issues with the Advanced Zone/Isolated Network Load Balancer, and in working through them we've come up with some ideas for how the functionality can be improved. The first issue we hit was with HTTP load balancing. We had a site that was sending back larger than average HTTP headers with 302 redirects. This was causing HAProxy to return 502 errors to clients. This is apparently a known issue with HAProxy when using the default tune.bufsize and tune.maxrewrite settings.The official HAProxy documentation recommends changing these from the defaults. We were able to work around the problem by manually setting tune.maxrewrite 1024 in the haproxy.cfg on the virtual router. This resolved most of the 502 errors, and would have probably resolved all of them with more tuning. The problem is that this change obviously wouldn't survive upgrades or VR rebuilds. To fix the problem on a more permanent basis we changed the KeepAliveEnabled Network Offering setting introduced a few versions ago. This directs HAProxy to use TCP mode instead of HTTP mode for rules configured on port 80. This solution works for the most part, but there are a couple of problems: 1) There doesn't appear to be support for this setting in the UI. That's understandable as the UI is way behind the current feature set. 2) There doesn't appear to be support for this setting in the API, either when creating or updating Network Offerings. This is a bit of a problem. We had to make the change in the database directly, which is very dirty. 3) TCP connections don't grab HTTP headers, so they can't send the real IP to HTTP/Nginx in the X-Forwarded-For header. To fix these issues I suggest the following changes be made: 1) Add the KeepAliveEnabled option to the Network Offering API commands. I really have no idea how to do this, so I'll try to flag the original committer to see if they can do so. 2) Add a new option for TPROXY support. The current VR kernel and HAProxy version have TPROXY support built in, so having the option (on a per LB rule basis) would be great. This would allow for using TCP mode in HAProxy, while still passing the real IP through to the backend services. To accomplish this I would suggest adding the
Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network
Ilya, there is already a external service. I think this is proposing a solution where that external service is not desired. Several “NFV” - type solutions use config drive to configure themselves instead using a http-based service. CoreOS also uses config drive. That is, this is not a replacement, but an additional option. From: ilya ilya.mailing.li...@gmail.commailto:ilya.mailing.li...@gmail.com Reply-To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org Date: Friday, March 20, 2015 at 6:12 PM To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org Subject: Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network I think config drive is not the best design choice. You are relying on external ISO to deliver content private to VM. The ISO is stored in secondary or primary storage, if exposed - I get the private data of all the VMs. There maybe issues with storage migration and general vmotion if ISO is attached. If we are following this model because openstack has chosen this path - i think its just wasted effort and wrong. In my opinion, an external service is much better solution, i.e. AWS - not OpenStack. Also, how does this work CS retrieves the ip from the VM and update in the DB nics table. ? On 3/20/15 4:56 PM, Marcus wrote: I agree, that's generally the model, right? The network offering describes where the services come from. On Fri, Mar 20, 2015 at 12:16 PM, Alena Prokharchyk alena1...@gmail.commailto:alena1...@gmail.com wrote: From the FS: Create empty network offering with no service selected. Only DHCP, DNS services are provided by external servers. Metadata - information is included in the config drive Userdata, vm password, ssh key - If these are passed then included in the config drive with user data service. Retrieving IP assigned by external DHCP server to userVM. Store it in CS DB. Why not just introduce the notion of the external provider for the DHCP/DNS/UserData service? Not specifying the services on the offering and implementing the service and storing the service data - UserData/MetaData and IP - in the CloudStack DB, is confusing. Unless all the metadata/userdata is stored/managed on/by the external provider side. On Fri, Mar 20, 2015 at 6:20 AM, Adrian Lewis adr...@alsiconsulting.co.ukmailto:adr...@alsiconsulting.co.uk wrote: Can't see the wiki at the moment as it's down for maintenance but on a slightly different but related note, would it be feasible to use DHCP relay functionality in dnsmasq on a VR and still get the IP address assigned by an external DHCP server registered into the ACS MS? Not quite sure if under normal circumstances ACS picks up the IP from dnsmasq or if ACS manages the pool and sends dnsmasq static leases. If it's picking up what dnsmasq decides to lease out, what is this mechanism and does/would it also work for DHCP relay? This doesn’t solve the issue of a DHCP server on the same network however and would still require a VR on the network with upstream connectivity to the DHCP server. I'm definitely definitely up for the concept of simple networks with no VR if we can provision some of the essentials without one. Big +1 -Original Message- From: Nux! [mailto:n...@li.nux.ro] Sent: 20 March 2015 09:34 To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org Subject: Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network +1, good idea One thing though: let's make the config drive available for all types of zones, many people use the basic or adsg zones. Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Jayapal Reddy Uradi jayapalreddy.ur...@citrix.commailto:jayapalreddy.ur...@citrix.com To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org Sent: Friday, 20 March, 2015 09:12:19 Subject: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network In advanced zone shared network if someone wants to use DHCP server outside the cloudstack, currently it can be done by not selecting the DHCP service But the problem here is that the VM actual ip is different from what cloudstack showing. If there are no services selected for the network offering there is no need of the VR. In the absense of VR there should be way to provide password, userdata/metadata, ssh keys to user vm. With this feature we can do the following. 1. Create network without VR. 2. Retrive the IP from the VM and update it in the cloudstack DB. 3. Add config drive support for the VMs in this network. Please provide your comments for the below FS. ACS ticket: https://issues.apache.org/jira/browse/CLOUDSTACK-8324 FS: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=53740 797 Thanks, Jayapal -- Alena Prokharchyk https://twitter.com/Lemonjet
vim25.jar missing from mvn repo?
Hi list. I'm trying to build the master on git and I'm getting this: [ERROR] Failed to execute goal on project cloud-vmware-base: Could not resolve dependencies for project org.apache.cloudstack:cloud-vmware-base:jar:4.6.0-SNAPSHOT: Failure to find com.cloud.com.vmware:vmware-vim25:jar:5.1 in https://repo.maven.apache.org/maven2 was cached in the local repository, resolution will not be reattempted until the update interval of central has elapsed or updates are forced - [Help 1] command: mvn -DskipTests=true -P vmware clean install Am i missing something? the jar file is not in the remote maven repos .. Thanks!
Re: Load Balancer (HAProxy) - TPROXY passthrough
Hi Ilya, I definitely like that solution, and there is discussion elsewhere on overhauling how VRs are configured. Unfortunately I am not a developer. Any changes I make are generally to existing code, and are based off of context and testing more than anything else. I don't currently have the time or knowledge required to implement such a big change myself, and even if I did I wouldn't know where to start. I would be more than happy to discuss something like that with other community members, and offer patches/testing where I can. I don't see myself being able to take the lead on such a task though. For now I'd like to address this particular issue (transparent proxy support), to see if the community has any objections or concerns about the proposed changes. We can (and probably will) end up just creating our own internal branch, but I'd rather be able to commit any changes we make to the project for ease of upgrades, support, etc. Thank You, Logan Barfield Tranquil Hosting On Wed, Apr 1, 2015 at 12:58 PM, ilya ilya.mailing.li...@gmail.com wrote: Logan For sometime now, idea was kicked around of extending VR services where it can take custom configurations. In theory, VR should be driven via config management tool (i.e. puppet, salt, chef, ansible - or whatever works). Instead of hacking this in portions, perhaps you can spend sometime analizing how VR is build and how you we can extend the functionality via external config management. For example, when vrouter comes up, because we already have ssh keys dropped on each VR, just on this premise alone - we can do just about anything. I'm thinking salt or ansible would be a better solution as it is SSH driven and agentless. Try porting your changes into salt or ansible (or anything else agentless) and propose a framework on how we can enhance this. I'm thinking, for each Account (as it gets a VR), we need to have a ansible config file that will be pushed through once VR comes up to configure remaining custom bits/components to your liking. Thoughts? regards ilya On 4/1/15 9:34 AM, Logan Barfield wrote: We've been running into some issues with the Advanced Zone/Isolated Network Load Balancer, and in working through them we've come up with some ideas for how the functionality can be improved. The first issue we hit was with HTTP load balancing. We had a site that was sending back larger than average HTTP headers with 302 redirects. This was causing HAProxy to return 502 errors to clients. This is apparently a known issue with HAProxy when using the default tune.bufsize and tune.maxrewrite settings.The official HAProxy documentation recommends changing these from the defaults. We were able to work around the problem by manually setting tune.maxrewrite 1024 in the haproxy.cfg on the virtual router. This resolved most of the 502 errors, and would have probably resolved all of them with more tuning. The problem is that this change obviously wouldn't survive upgrades or VR rebuilds. To fix the problem on a more permanent basis we changed the KeepAliveEnabled Network Offering setting introduced a few versions ago. This directs HAProxy to use TCP mode instead of HTTP mode for rules configured on port 80. This solution works for the most part, but there are a couple of problems: 1) There doesn't appear to be support for this setting in the UI. That's understandable as the UI is way behind the current feature set. 2) There doesn't appear to be support for this setting in the API, either when creating or updating Network Offerings. This is a bit of a problem. We had to make the change in the database directly, which is very dirty. 3) TCP connections don't grab HTTP headers, so they can't send the real IP to HTTP/Nginx in the X-Forwarded-For header. To fix these issues I suggest the following changes be made: 1) Add the KeepAliveEnabled option to the Network Offering API commands. I really have no idea how to do this, so I'll try to flag the original committer to see if they can do so. 2) Add a new option for TPROXY support. The current VR kernel and HAProxy version have TPROXY support built in, so having the option (on a per LB rule basis) would be great. This would allow for using TCP mode in HAProxy, while still passing the real IP through to the backend services. To accomplish this I would suggest adding the necessary IPtables rules to the VR either by default, or when Load Balancing is first enabled. Then a flag can be added to the create LB rule command to either enable or disable the transparent proxy setting. The necessary IPtables rules are: iptables -t mangle -N DIVERT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 111 iptables -t mangle -A DIVERT -j ACCEPT ip rule add fwmark 111 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 Then for each LB rule created with the transparent
RE: CCC Dublin 2015
Sebastien - this is GREAT news and thanks for your efforts in making this happen Although I am a fan of the 1 day cloudstackdays format, it did mean that we didn’t have a natrual point for the community to meet. I'm very much hoping that as many of us as possible can get together now 7-8 October Cloudstack and guiness - whats not to like ? Hi folks, After getting feedback couple weeks ago on the cloudstack days, Karen Vuong, Giles and a couple others who volunteered to help discussed with the Linux foundation who is organizing the event. We are going to take a bit of a gamble, cancel the event in Budapest and make Dublin a two day event , collocated with linuxcon. We might also try to organize a unconference off-site after the 2 days. We will re-brand, CloudStack days Dublin: CloudStack Collaboration Conference Europe. To make this happen, we will need to raise an additional $10k Citrix, Shapeblue and Nuage Networks have already stepped in and sponsored the event (and some of the other ones as well, if not all). So potential sponsors listening on this list, you are welcome to jump in and help us make CCC Europe happen again, back by popular demand. Cheers, -Sebastien Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Buildhttp://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineeringhttp://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Supporthttp://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courseshttp://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic of South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
[GitHub] cloudstack pull request:
Github user resmo commented on the pull request: https://github.com/apache/cloudstack/commit/d0e65d7c3429d3a582632005d526c668f071c3fe#commitcomment-10534427 :+1: --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
Re: [GSOC 2015] Proposal Submission CLOUDSTACK-8275
Hi Lucian, I have been looking at AWS cloudformation as well as Openstack HEAT since the last couple of days and had a chat with my mentor yesterday and we have come to a conclusion that our implementation will be more on the lines of Openstack Heat. I have started looking at the developer guide for api docs for now so that I may come up with a proper functional specification for the plugable module we plan to develop. Regards On Sat, Mar 28, 2015 at 1:03 PM, Tilak Raj Singh tila...@gmail.com wrote: Hello All, I have submitted a proposal on google meelange under Apache to work on this project (https://issues.apache.org/jira/browse/CLOUDSTACK-8275) under Rajesh Battala. I am looking forward to working with this community this summer. Looking forward to your suggestions on this. Regards
Re: [GSOC 2015] Proposal Submission CLOUDSTACK-8275
Hello, That'd be great, Tilak. Good luck and feel free to mail the list if you need help etc. Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Tilak Raj Singh tila...@gmail.com To: dev@cloudstack.apache.org Sent: Wednesday, 1 April, 2015 22:50:00 Subject: Re: [GSOC 2015] Proposal Submission CLOUDSTACK-8275 Hi Lucian, I have been looking at AWS cloudformation as well as Openstack HEAT since the last couple of days and had a chat with my mentor yesterday and we have come to a conclusion that our implementation will be more on the lines of Openstack Heat. I have started looking at the developer guide for api docs for now so that I may come up with a proper functional specification for the plugable module we plan to develop. Regards On Sat, Mar 28, 2015 at 1:03 PM, Tilak Raj Singh tila...@gmail.com wrote: Hello All, I have submitted a proposal on google meelange under Apache to work on this project (https://issues.apache.org/jira/browse/CLOUDSTACK-8275) under Rajesh Battala. I am looking forward to working with this community this summer. Looking forward to your suggestions on this. Regards
[GitHub] cloudstack pull request: Added the CONTRIBUTING.md doc to the proj...
GitHub user swill opened a pull request: https://github.com/apache/cloudstack/pull/141 Added the CONTRIBUTING.md doc to the project root Added instructions for how contributors should submit code changes via GitHub Pull Requests. You can merge this pull request into a Git repository by running: $ git pull https://github.com/swill/cloudstack contrib_doc Alternatively you can review and apply these changes as the patch at: https://github.com/apache/cloudstack/pull/141.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #141 commit dc84b5b4d728821b892e212b5e5183c2548a5294 Author: Will Stevens wstev...@cloudops.com Date: 2015-04-01T20:24:48Z Added the CONTRIBUTING.md doc to the project root --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
Re: [ANNOUNCE] New committer: Rene Moser
Congrats Rene! On 3/31/15 2:13 PM, sebgoa wrote: The Project Management Committee (PMC) for Apache CloudStack has asked Rene Moser to become a committer and we are pleased to announce that he has accepted. Rene has committed several fixes to cloudstack and is the sole author of the cloudstack ansible module. This module should make it to Ansible core quite soon Being a committer enables easier contribution to the project since there is no need to go via the patch submission process. This should enable better productivity. Being a PMC member enables assistance with the management and to guide the direction of the project. Join me in congratulating Rene and let's hope for more Ansible play books to deploy cloudstack and associated workloads. -The CloudStack PMC
Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network
I guess having one of many options is not a bad thing, as long as we dont make it defacto. On 4/1/15 12:30 PM, Chiradeep Vittal wrote: Ilya, there is already a external service. I think this is proposing a solution where that external service is not desired. Several “NFV” - type solutions use config drive to configure themselves instead using a http-based service. CoreOS also uses config drive. That is, this is not a replacement, but an additional option. From: ilya ilya.mailing.li...@gmail.commailto:ilya.mailing.li...@gmail.com Reply-To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org Date: Friday, March 20, 2015 at 6:12 PM To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org Subject: Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network I think config drive is not the best design choice. You are relying on external ISO to deliver content private to VM. The ISO is stored in secondary or primary storage, if exposed - I get the private data of all the VMs. There maybe issues with storage migration and general vmotion if ISO is attached. If we are following this model because openstack has chosen this path - i think its just wasted effort and wrong. In my opinion, an external service is much better solution, i.e. AWS - not OpenStack. Also, how does this work CS retrieves the ip from the VM and update in the DB nics table. ? On 3/20/15 4:56 PM, Marcus wrote: I agree, that's generally the model, right? The network offering describes where the services come from. On Fri, Mar 20, 2015 at 12:16 PM, Alena Prokharchyk alena1...@gmail.commailto:alena1...@gmail.com wrote: From the FS: Create empty network offering with no service selected. Only DHCP, DNS services are provided by external servers. Metadata - information is included in the config drive Userdata, vm password, ssh key - If these are passed then included in the config drive with user data service. Retrieving IP assigned by external DHCP server to userVM. Store it in CS DB. Why not just introduce the notion of the external provider for the DHCP/DNS/UserData service? Not specifying the services on the offering and implementing the service and storing the service data - UserData/MetaData and IP - in the CloudStack DB, is confusing. Unless all the metadata/userdata is stored/managed on/by the external provider side. On Fri, Mar 20, 2015 at 6:20 AM, Adrian Lewis adr...@alsiconsulting.co.ukmailto:adr...@alsiconsulting.co.uk wrote: Can't see the wiki at the moment as it's down for maintenance but on a slightly different but related note, would it be feasible to use DHCP relay functionality in dnsmasq on a VR and still get the IP address assigned by an external DHCP server registered into the ACS MS? Not quite sure if under normal circumstances ACS picks up the IP from dnsmasq or if ACS manages the pool and sends dnsmasq static leases. If it's picking up what dnsmasq decides to lease out, what is this mechanism and does/would it also work for DHCP relay? This doesn’t solve the issue of a DHCP server on the same network however and would still require a VR on the network with upstream connectivity to the DHCP server. I'm definitely definitely up for the concept of simple networks with no VR if we can provision some of the essentials without one. Big +1 -Original Message- From: Nux! [mailto:n...@li.nux.ro] Sent: 20 March 2015 09:34 To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org Subject: Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network +1, good idea One thing though: let's make the config drive available for all types of zones, many people use the basic or adsg zones. Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - From: Jayapal Reddy Uradi jayapalreddy.ur...@citrix.commailto:jayapalreddy.ur...@citrix.com To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org Sent: Friday, 20 March, 2015 09:12:19 Subject: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network In advanced zone shared network if someone wants to use DHCP server outside the cloudstack, currently it can be done by not selecting the DHCP service But the problem here is that the VM actual ip is different from what cloudstack showing. If there are no services selected for the network offering there is no need of the VR. In the absense of VR there should be way to provide password, userdata/metadata, ssh keys to user vm. With this feature we can do the following. 1. Create network without VR. 2. Retrive the IP from the VM and update it in the cloudstack DB. 3. Add config drive support for the VMs in this network. Please provide your comments for the below FS. ACS ticket: https://issues.apache.org/jira/browse/CLOUDSTACK-8324 FS:
RE: reset sshkeyforvirtualmachine also resets password
I believe so, since the VM's password (stored in the user_vm_details table) needs to be encrypted using the new keys and I believe encryption is a one-way hash. Somesh CloudPlatform Escalations Citrix Systems, Inc. -Original Message- From: Nux! [mailto:n...@li.nux.ro] Sent: Wednesday, April 01, 2015 9:16 AM To: dev Subject: reset sshkeyforvirtualmachine also resets password Hi, I've just noticed resetsshkeyforvirtualmachine also resets the root password. This doesn't sound right. Is this supposed to happen? 4.4.3 RC2 (4.4-RC20150324T1321) CentOS/KVM -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro