Re: CSNetFilter.py

[Jayapal Reddy Uradi]

As per my knowledge the unseen cmd seen when there is difference in rules 
between MS sent and rules save on VR.
The diff rules which are in VR get deleted.

Thanks,
Jayapal


On 25-Feb-2016, at 2:15 pm, Abhinandan Prateek 
> 
wrote:

Will anyone know why some rules are being removed by CsNetFilter on VR:

Following is the output from /var/log/cloud.log


2016-02-25 08:00:13,563  CsNetfilter.py get_unseen:129 unseen cmd:  iptables -t 
mangle -D VPN_STATS_eth1 -m mark -o eth1 --mark 0x525
2016-02-25 08:00:13,563  CsHelper.py execute:160 Executing: iptables -t mangle 
-D VPN_STATS_eth1 -m mark -o eth1 --mark 0x525
2016-02-25 08:00:13,568  CsNetfilter.py get_unseen:132 Delete rule -D 
VPN_STATS_eth1 -m mark -o eth1 --mark 0x525 from table mangle
2016-02-25 08:00:13,568  CsNetfilter.py get_unseen:129 unseen cmd:  iptables -t 
mangle -D VPN_STATS_eth1 -i eth1 -m mark --mark 0x524
2016-02-25 08:00:13,569  CsHelper.py execute:160 Executing: iptables -t mangle 
-D VPN_STATS_eth1 -i eth1 -m mark --mark 0x524
2016-02-25 08:00:13,575  CsNetfilter.py get_unseen:132 Delete rule -D 
VPN_STATS_eth1 -i eth1 -m mark --mark 0x524 from table mangle
2016-02-25 08:00:13,576  CsNetfilter.py get_unseen:129 unseen cmd:  iptables -t 
filter -D INPUT -d 224.0.0.0/24 -j ACCEPT
2016-02-25 08:00:13,576  CsHelper.py execute:160 Executing: iptables -t filter 
-D INPUT -d 224.0.0.0/24 -j ACCEPT

-abhi


Abhinandan Prateek
Software Architect  ,   ShapeBlue


d:   | s: +44 203 603 0540  |  
m:  +91 970 11 99011

e:  abhinandan.prat...@shapeblue.com | t: 
 |  w:  
www.shapeblue.com

a:  53 Chandos Place, Covent Garden London WC2N 4HS UK





Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services 
India LLP is a company incorporated in India and is operated under license from 
Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in 
Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd 
is a company registered by The Republic of South Africa and is traded under 
license from Shape Blue Ltd. ShapeBlue is a registered trademark.
This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error.




Find out more about ShapeBlue and our range of CloudStack related services:
IaaS Cloud Design & Build | 
CSForge – rapid IaaS deployment framework
CloudStack Consulting | 
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support | CloudStack 
Bootcamp Training Courses

Re: [ANNOUNCE] New committer: Rafael Weingartner

[Jayapal Reddy Uradi]

Congrats Rafael!


> On 23-Feb-2016, at 2:54 pm, Nux!  wrote:
> 
> Congrats Rafael! :-)
> 
> --
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro
> 
> - Original Message -
>> From: "Daan Hoogland" 
>> To: "dev" 
>> Sent: Tuesday, 23 February, 2016 08:19:07
>> Subject: [ANNOUNCE] New committer: Rafael Weingartner
> 
>> The Project Management Committee (PMC) for Apache CloudStack
>> has asked Rafael Weingartner to become a committer and we are pleased to
>> announce that they have accepted.
>> 
>> Rafael is part a hacking group in the south of Brasil and has been active
>> as contributor of code and as reviewer. He had been accepted a few months
>> ago but I totally forgot to make this announcement. My apologies to both
>> him and the community for the tardiness of this announcement.
>> 
>> Being a committer allows many contributors to contribute more
>> autonomously. For developers, it makes it easier to submit changes and
>> eliminates the need to have contributions reviewed via the patch
>> submission process. Whether contributions are development-related or
>> otherwise, it is a recognition of a contributor's participation in the
>> project and commitment to the project and the Apache Way.
>> 
>> Please join me in congratulating Rafael
>> 
>> --Daan Hoogland
>> on behalf of the CloudStack PMC

Re: Config Drive

[Jayapal Reddy Uradi]

Hi Eric,

Please find the scripts in the below pull request.
https://github.com/apache/cloudstack/pull/1379

Thanks,
Jayapal

On 28-Jan-2016, at 3:38 pm, Eric Waegeman 
> wrote:

Hi all,

we would like to port "Config drive" on KVM feature to a previous version
of Cloudstack for one of our customers. We got most of it working but have
a problem in udev not putting the config drive ISO in /dev/disk/by-label
path because it considers it to be a removable drive.

And we would like to have a look at the userdata/password scripts mentioned
in the design document
 but
don't know where to find them.

Any help is appreciated,
Eric.

Re: Issue with VR after upgrade to 4.6.2

[Jayapal Reddy Uradi]

Hi Daniel,

Please share the MS logs when the VR is going down.
I want to check,  Is MS bringing down the VR ?  or VR is getting rebooted 
itself.

Thanks,
Jaqyapal
> On 28-Jan-2016, at 5:47 pm, Daniel Mezentsev  wrote:
> 
> Hi Remi,
> 
> I just upgraded 4.6.2->4.7.1 The same issue, unable to start 2 VRs (out of
> 8 total). VR actually is started, running for 5-7 minutes, then shuting
> down. One thing that i noticed in the log:
> 
> arping -c 1 -I eth0 -A -U -s 10.1.12.1 None
> 
> What is "None" here ?
> 
> Please let me know what information from the log can i provide you to help
> with troubleshooting. I noticed that there are a lot of the same issues
> happened after upgrade to 4.6, seems like it's getting critical.
> 
>> No, just the same template so it's just a matter of upgrading package.
>> Will ping you when the release is ready.
>> 
>> Regards, Remi
>> 
>> Sent from my iPhone
>> 
>>> On 25 Jan 2016, at 21:41, Daniel Mezentsev  wrote:
>>> 
>>> Hi Remi,
>>> 
>>> Absolutely. I don't see any issue to do upgrade to 4.7.1. Will it be
> with
>>> new templates for system VMs ?
>>> 
 Hi Daniel,
 
 Is upgrading to 4.7.1 (once released tomorrow) an option? It has many
 improvements over 4.6.x and I'm quite sure it fixes the problem you
 experience now.
 
 Regards, Remi
 
 Sent from my iPhone
 
> On 25 Jan 2016, at 16:29, Daniel Mezentsev  wrote:
> 
> in my configuration VR is acting as DHCP/DNS server, so it's not
> passing
> any traffic, so i can exclude public IP addresses. Definetely there is
> one
> of the VR script is acting badly.
> 
>> If I disassociated 10 public IPs and keep 10 public IPs (but keep 20
>>> 
>>> vms
>> associated with the network), the network (virtual router) restart
>> with
>> clean up successfully (around in 3 min).
>> I thinks that is a timeout problem (or VR scripts performance)... but
>> which timeout parameter?
>> 
>>> On 24/01/2016 09:43, Milamber wrote:
>>> Please note, my installation type is Advanced network without
>>> security
>>> groups (vlan isolation).
>>> 
 On 24/01/2016 06:57, Remi Bergsma wrote:
 Hi,
 
 We have seen this issue sometimes in the VRs from 4.6 and on. There
 have been several improvements in the code in 4.7.
 
 Also, setting router.aggregation.command.each.timeout global
> setting
 to 15 or 20 also may help (restart mgt server after change).
 
 @Milamber can you test this setting with 4.7.1RC please? I haven't
 seen this issue in my test and production systems.
 
 Thanks, Remi
 
 Sent from my iPhone
 
> On 24 Jan 2016, at 00:49, Milamber  wrote:
> 
> Hello,
> 
> I've have a similiar issue without solution (but not with an
> upgrade
> from 4.5), please see
> https://issues.apache.org/jira/browse/CLOUDSTACK-9255
> 
> Milamber
> 
>> On 24/01/2016 03:32, Daniel Mezentsev wrote:
>> Hi All,
>> 
>> I've got some issue after i did cloudstack upgrade 4.5 -> 4.6.2.
>> Environment has 8 VR, 6 were upgraded and restarted
>> successfully, 2
>> of them
>> stuck. I removed them - the same result, i can't boot them,
>> restarted
>> network with clean-up - no luck.
>> VR actually is starting, i can ssh to it, but it's shuting down
> in
>> approx 5
>> minutes. I can extend it runing
>> "init 3" command, but cloudstack is not detecting router state.
>> 
>> I can bing some VMs within the same subnet, so it's not
>>> 
>>> VLAN/network
>> issue.
>> 
>> Completely ran out of ideas.
>> Should mention network offering is Isolated network without NAT.
>> 
>> Any help is more then welcome. I can provide any related log,
>> but i
>> need
>> some heads-up what i should look for.
>> Daniel Mezentsev, founder
>> (+1) 604 313 8592.
>> Soleks Data Group.
>> Shaping the clouds.
> 
> Daniel Mezentsev, founder
> (+1) 604 313 8592.
> Soleks Data Group.Shaping the clouds.
>>> 
>>> Daniel Mezentsev, founder
>>> (+1) 604 313 8592.
>>> Soleks Data Group.Shaping the clouds.
>> 
>>  
> Daniel Mezentsev, founder
> (+1) 604 313 8592.
> Soleks Data Group.
> Shaping the clouds.

Re: [PROPOSE] Dynamic inter VPC routing

[Jayapal Reddy Uradi]

Hi Abhi,

Few images are not loading in the FS. Can you please correct it.

Thanks,
Jayapal

On 04-Jan-2016, at 7:40 pm, Abhinandan Prateek 
> 
wrote:

Hi All,

Currently the inter VPC traffic has to go thru the public gateway. This 
means the traffic has to be nat-ed across public internet via core-routers, 
which is inefficient in itself. A more efficient approach will be to route the 
traffic locally.

  The proposal is to enable quagga- ospf on VPC routers so that the traffic 
between VPC’s is routed efficiently.

The design doc is here: 
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Dynamically+routed+VPC

The jira ticket is here: https://issues.apache.org/jira/browse/CLOUDSTACK-9163

Regards,
-abhi


Abhinandan Prateek
Software Architect  ,   ShapeBlue


d:   | s: +44 203 603 0540  |  
m:  +91 970 11 99011

e:  abhinandan.prat...@shapeblue.com | t: 
 |  w:  
www.shapeblue.com

a:  53 Chandos Place, Covent Garden London WC2N 4HS UK





Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services 
India LLP is a company incorporated in India and is operated under license from 
Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in 
Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd 
is a company registered by The Republic of South Africa and is traded under 
license from Shape Blue Ltd. ShapeBlue is a registered trademark.
This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error.




Find out more about ShapeBlue and our range of CloudStack related services:
IaaS Cloud Design & Build | 
CSForge – rapid IaaS deployment framework
CloudStack Consulting | 
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support | CloudStack 
Bootcamp Training Courses

Re: master marvin install problem

[Jayapal Reddy Uradi]

I got the mysql-connector-python version issue on updating the marvin.
I removed marvin, installed again and it working without issues.

Thanks,
Jayapl

> On 29-Dec-2015, at 11:24 am, Srikanteswararao talluri  
> wrote:
> 
> Looks like Prasanna filed a bug for mysql :
> https://bugs.mysql.com/bug.php?id=68549
> 
> Daan, Problem you are facing is because pypi is being updated manually. It
> should go away, try after some time or manually install that package.
> 
> Thanks,
> ~Talluri
> 
> On Mon, Dec 28, 2015 at 6:21 PM, Daan Hoogland 
> wrote:
> 
>> People,
>> 
>> I tried to install marvin 4.8.0-SNAPSHOT this afternoon and found
>> mysql-connector-python missing from pypi. Is this expected? I tried last
>> week and everything was dandy.
>> 
>> --
>> Daan
>> 

Re: SR_BACKEND_FAILURE_61File SR creation error [opterr=fail to mount FileSR. Errno is 32]

[Jayapal Reddy Uradi]

Hi Prakash,

Can you also check the xenserver logs at /var/log/SMLog when this error is 
coming.

Thanks,
Jayapal
> On 20-Nov-2015, at 9:23 am, B Prakash  wrote:
> 
> Please can someone help me with this?  I am trying to setup NFS secondary 
> storage on ACS 4.6 hosted on Ubuntu 14.04 with host XS 6.5.
> 
> 
> NFS mount and its access is working fine on both the servers, but when I try 
> to set up a secondary storage, I get this exception;
> 
> 
> 2015-11-19 13:24:00,841 WARN  [c.c.h.x.r.XenServerStorageProcessor] 
> (DirectAgent-62:ctx-c53368c0) createFileSR failed! due to the following: 
> SR_BACKEND_FAILURE_61File SR creation error [opterr=fail to mount FileSR. 
> Errno is 32]
> SR_BACKEND_FAILURE_61File SR creation error [opterr=fail to mount FileSR. 
> Errno is 32]
> at com.xensource.xenapi.Types.checkResponse(Types.java:2021)
> at com.xensource.xenapi.Connection.dispatch(Connection.java:395)
> at 
> com.cloud.hypervisor.xenserver.resource.XenServerConnectionPool$XenServerConnection.dispatch(XenServerConnectionPool.java:457)
> at com.xensource.xenapi.PBD.plug(PBD.java:457)
> at 
> com.cloud.hypervisor.xenserver.resource.Xenserver625StorageProcessor.createFileSR(Xenserver625StorageProcessor.java:129)
> at 
> com.cloud.hypervisor.xenserver.resource.Xenserver625StorageProcessor.createFileSr(Xenserver625StorageProcessor.java:162)
> at 
> com.cloud.hypervisor.xenserver.resource.Xenserver625StorageProcessor.copyTemplateToPrimaryStorage(Xenserver625StorageProcessor.java:196)
> at 
> com.cloud.storage.resource.StorageSubsystemCommandHandlerBase.execute(StorageSubsystemCommandHandlerBase.java:82)
> at 
> com.cloud.storage.resource.StorageSubsystemCommandHandlerBase.handleStorageCommands(StorageSubsystemCommandHandlerBase.java:54)
> at 
> com.cloud.hypervisor.xenserver.resource.wrapper.xenbase.CitrixStorageSubSystemCommandWrapper.execute(CitrixStorageSubSystemCommandWrapper.java:36)
> at 
> com.cloud.hypervisor.xenserver.resource.wrapper.xenbase.CitrixStorageSubSystemCommandWrapper.execute(CitrixStorageSubSystemCommandWrapper.java:30)
> at 
> com.cloud.hypervisor.xenserver.resource.wrapper.xenbase.CitrixRequestWrapper.execute(CitrixRequestWrapper.java:122)
> at 
> com.cloud.hypervisor.xenserver.resource.CitrixResourceBase.executeRequest(CitrixResourceBase.java:1676)
> at 
> com.cloud.agent.manager.DirectAgentAttache$Task.runInContext(DirectAgentAttache.java:302)
> at 
> org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49)
> at 
> org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
> at 
> org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
> at 
> org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
> at 
> org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at 
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178)
> at 
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292)
> at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> at java.lang.Thread.run(Thread.java:745)
> 
> 

Re: New PMC member: Erik Weber

[Jayapal Reddy Uradi]

Congrats Erik !

Thanks,
Jayapal
> On 30-Oct-2015, at 7:31 pm, Giles Sirett  wrote:
> 
> All
> The PMC is delighted to announce that we have asked Erik weber to join the 
> PMC and he has accepted
> 
> Please join me in congratulating Erik
> 
> Kind Regards
> Giles
> 
> D: +44 20 3603 0541 | M: +44 796 111 
> 2055
> giles.sir...@shapeblue.com
> Find out more about ShapeBlue and our range of CloudStack related services
> 
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software 
> Engineering
> CloudStack Infrastructure 
> Support
> CloudStack Bootcamp Training 
> Courses
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
> registered by The Republic of South Africa and is traded under license from 
> Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: [ANNOUNCE] New committer: Boris Schrijver

[Jayapal Reddy Uradi]

Congrats Boris !

-Jayapal

> On 09-Nov-2015, at 12:01 pm, Rajani Karuturi  wrote:
> 
> The Project Management Committee (PMC) for Apache CloudStack
> has asked Boris Schrijver to become a committer and we are pleased to
> announce that he has accepted.
> 
> Boris is an active code contributor, tester.
> Helps resolving issues, reviewing PRs and testing them.
> 
> Being a committer allows many contributors to contribute more
> autonomously. For developers, it makes it easier to submit changes and
> eliminates the need to have contributions reviewed via the patch
> submission process. Whether contributions are development-related or
> otherwise, it is a recognition of a contributor's participation in the
> project and commitment to the project and the Apache Way.
> 
> Please join me in congratulating Boris
> 
> on behalf of the CloudStack PMC,
> 
> ~Rajani

Re: [4.6] VPN works?

[Jayapal Reddy Uradi]

When I test last time remote access vpn and s2s vpn are working.
I think there are no changes done on vpn after that.

@Nux
If you still see problem observe /var/log/auth.log in the VR.


Thanks,
Jayapal
> On 06-Nov-2015, at 5:22 am, Nux!  wrote:
> 
> Remi,
> 
> This was a normal server-client VPN, not site2site. The client is Win7, but 
> the network was a bit dodgy there, hence my doubts the VPN was actually 
> broken. :)
> 
> Lucian
> 
> PS: script welcome for possible future uses, thanks!
> 
> --
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro
> 
> - Original Message -
>> From: "Remi Bergsma" 
>> To: dev@cloudstack.apache.org
>> Sent: Thursday, 5 November, 2015 20:01:01
>> Subject: Re: [4.6] VPN works?
> 
>> Hi Lucian,
>> 
>> As far as I know it works. The Marvin tests also passes.
>> 
>> When I test manual and connect two VPCs together, I can ping the hosts on 
>> each
>> side. I can send you a small script that sets it up, if you want.
>> 
>> Regards,
>> Remi
>> 
>> 
>> 
>> 
>> On 05/11/15 19:47, "Nux!"  wrote:
>> 
>>> Hi guys,
>>> 
>>> I am testing 4.6 briefly and basic operations work. I am also trying now VPN
>>> functionality on a SNAT public IP, however I don't seem to get it working.
>>> Can someone confirm it works for them so I know it's me (as always)? I am 
>>> not
>>> usually using this feature, but thought to try it anyway.
>>> 
>>> Lucian
>>> 
>>> --
>>> Sent from the Delta quadrant using Borg technology!
>>> 
>>> Nux!
>>> www.nux.ro

Re: [Blocker] Egress rules are not configured in VR

[Jayapal Reddy Uradi]

I am working on it.

-Jayapal
> On 24-Sep-2015, at 11:52 am, Raja Pullela  wrote:
> 
> Hi,
> 
> 
> 
> Hopefully this will be the last Blocker on the VR functionality ?
> 
> Can someone please pick this bug – ASAP ?
> 
> https://issues.apache.org/jira/browse/CLOUDSTACK-8905
> 
> 
> 
> best,
> 
> Raja

Re: [BLOCKER] - Guest VMs are not getting IPs as the DHCP port is not opened in VR

[Jayapal Reddy Uradi]

Hi Wilder,

CLOUDSTACK-8843<https://issues.apache.org/jira/browse/CLOUDSTACK-8843> This 
ticket is actually NOT regression. It is not implemented/tested for the basic 
zone VR.
What I have observed in the VR refactor is that sanity testing of components 
the code affects is not done.
Now we are spending time on fixing issues which were stable earlier.

Thanks,
Jayapal


On 15-Sep-2015, at 6:55 pm, Wilder Rodrigues 
<wrodrig...@schubergphilis.com<mailto:wrodrig...@schubergphilis.com>> wrote:

Hi Jayapal,

I would not suggest to move back to the sceptres, but focus on fixing and for 
every fix test it very well so we get confidence. If we start calling scripts 
com the python code it will have a huge chance to become a real mess!

Let’s stick to it and fix it and once it’s stable we can discuss a refactor of 
the thing from scratch - we already have some ideas.

The most important point is: for everyone touching Java/Python code, please 
test your changes before creating PRs or LGTM other’s committers PRs.

Cheers,
Wilder


On 15 Sep 2015, at 14:52, Jayapal Reddy Uradi 
<jayapalreddy.ur...@citrix.com<mailto:jayapalreddy.ur...@citrix.com>> wrote:

Wilder, That is true.

All these issues are because of the VR refactoring. I don’t know what are the 
unit test cases run on VR refactor code.
VR (shell) scripts  are stabilized over years and now suddenly moved to new 
implementation. What we have figured out is that this new implementation is 
done only partially. What I am suggesting now to move ahead is to call the 
existing/old shell  scripts in new implementation for configuring the VR to 
avoid spending time on unnecessary bugs.
With current implementation we may see many issues in production for some time 
to come.

Thanks,
Jayapal

On 15-Sep-2015, at 5:57 pm, Wilder Rodrigues 
<wrodrig...@schubergphilis.com<mailto:wrodrig...@schubergphilis.com>> wrote:

I have the feeling that we are fixing 1 issue and created 2.

Please, make sure the routers tests are executed and green before creating the 
PR. I will do the same.

Cheers,
Wilder


On 15 Sep 2015, at 14:23, Jayapal Reddy Uradi 
<jayapalreddy.ur...@citrix.com<mailto:jayapalreddy.ur...@citrix.com>> wrote:

Assigned to myself.

Thanks,
Jayapal
On 15-Sep-2015, at 2:49 pm, Raja Pullela 
<raja.pull...@citrix.com<mailto:raja.pull...@citrix.com>> wrote:

Hi,

JIRA - ticket https://issues.apache.org/jira/browse/CLOUDSTACK-8843
Can someone please pick up this ticket ?  This is failing a bunch of the BVTs 
tests in Basiczone.

Thanks,
Raja

Re: [BLOCKER] - Guest VMs are not getting IPs as the DHCP port is not opened in VR

[Jayapal Reddy Uradi]

Assigned to myself.

Thanks,
Jayapal
> On 15-Sep-2015, at 2:49 pm, Raja Pullela  wrote:
> 
> Hi,
> 
> JIRA - ticket https://issues.apache.org/jira/browse/CLOUDSTACK-8843
> Can someone please pick up this ticket ?  This is failing a bunch of the BVTs 
> tests in Basiczone.
> 
> Thanks,
> Raja

Re: [BLOCKER] - Guest VMs are not getting IPs as the DHCP port is not opened in VR

[Jayapal Reddy Uradi]

Wilder, That is true.

All these issues are because of the VR refactoring. I don’t know what are the 
unit test cases run on VR refactor code.
VR (shell) scripts  are stabilized over years and now suddenly moved to new 
implementation. What we have figured out is that this new implementation is 
done only partially. What I am suggesting now to move ahead is to call the 
existing/old shell  scripts in new implementation for configuring the VR to 
avoid spending time on unnecessary bugs.  
With current implementation we may see many issues in production for some time 
to come.

Thanks,
Jayapal

> On 15-Sep-2015, at 5:57 pm, Wilder Rodrigues <wrodrig...@schubergphilis.com> 
> wrote:
> 
> I have the feeling that we are fixing 1 issue and created 2.
> 
> Please, make sure the routers tests are executed and green before creating 
> the PR. I will do the same.
> 
> Cheers,
> Wilder
> 
> 
>> On 15 Sep 2015, at 14:23, Jayapal Reddy Uradi 
>> <jayapalreddy.ur...@citrix.com> wrote:
>> 
>> Assigned to myself.
>> 
>> Thanks,
>> Jayapal
>>> On 15-Sep-2015, at 2:49 pm, Raja Pullela <raja.pull...@citrix.com> wrote:
>>> 
>>> Hi,
>>> 
>>> JIRA - ticket https://issues.apache.org/jira/browse/CLOUDSTACK-8843
>>> Can someone please pick up this ticket ?  This is failing a bunch of the 
>>> BVTs tests in Basiczone.
>>> 
>>> Thanks,
>>> Raja
>> 
> 

Re: VR remote access vpn not working in master

[Jayapal Reddy Uradi]

Marked this bug as blocker because the remote access VPN functionality itself 
broken.

Thanks,
Jayapal

On 31-Jul-2015, at 11:42 AM, Jayapal Reddy 
jayapalreddy.ur...@citrix.commailto:jayapalreddy.ur...@citrix.com wrote:

Hi All,

In latest master remote access vpn is not working because the configuration is 
not applied on the VR.
On the VR logs below error msg is seen.
'Error I do not know what to do with file of type remoteaccessvpn'

I have file ticket 
CLOUDSTACK-8690https://issues.apache.org/jira/browse/CLOUDSTACK-8690. The 
remote access vpn feature is broken so I think it is blocker.


Thanks,
Jayapal

Re: VR remote access vpn not working in master

[Jayapal Reddy Uradi]

There is no work around. Currently there are no code changes in VR to config 
the remote access vpn.

Thanks,
Jayapal

On 11-Aug-2015, at 8:23 PM, Somesh Naidu somesh.na...@citrix.com
 wrote:

 Is this open for voting? Is there a workaround/quickfix for this?
 
 Regards,
 Somesh
 
 -Original Message-
 From: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com] 
 Sent: Tuesday, August 11, 2015 4:53 AM
 To: dev@cloudstack.apache.org
 Subject: Re: VR remote access vpn not working in master
 
 Marked this bug as blocker because the remote access VPN functionality itself 
 broken.
 
 Thanks,
 Jayapal
 
 On 31-Jul-2015, at 11:42 AM, Jayapal Reddy 
 jayapalreddy.ur...@citrix.commailto:jayapalreddy.ur...@citrix.com wrote:
 
 Hi All,
 
 In latest master remote access vpn is not working because the configuration 
 is not applied on the VR.
 On the VR logs below error msg is seen.
 'Error I do not know what to do with file of type remoteaccessvpn'
 
 I have file ticket 
 CLOUDSTACK-8690https://issues.apache.org/jira/browse/CLOUDSTACK-8690. The 
 remote access vpn feature is broken so I think it is blocker.
 
 
 Thanks,
 Jayapal
 
 

Re: [Proposal] Replacing Openswan ipsec with Strongswan ipsec

[Jayapal Reddy Uradi]

Here is the FS[1] and ticket[2] details.

[1]https://cwiki.apache.org/confluence/display/CLOUDSTACK/Replacing+openswan+ipsec+with+strongswan+ipsec
[2]https://issues.apache.org/jira/browse/CLOUDSTACK-8682


Thanks,
Jayapal

On 27-Jul-2015, at 12:12 PM, Suresh Sadhu suresh.sa...@citrix.com wrote:

 +1 
 
 Kindly share any practical limitation or any know issues exists in strong 
 swan[if anybody using this protocol  in real time ,please share  your 
 experience ]...  that will really helpful us(both dev and qa) to design ,code 
 and test this feature in a better way.
 
 
 Regards
 Sadhu
 
 
 
 -Original Message-
 From: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com] 
 Sent: 24 July 2015 17:40
 To: dev@cloudstack.apache.org
 Subject: [Proposal] Replacing Openswan ipsec with Strongswan ipsec
 
 Hi All,
 
 Openswan is not being actively maintained by community.
 Any security updates to the packages then it is difficult to upgrade.
 latest version of OS X clients are not working on openswan.
 
 To address the above concerns I am proposing to move from openswan ipsec to 
 strongswan ipsec.
 
 I will be sharing the FS for this feature soon.
 
 Thanks,
 Jayapal
 
 

Re: Vr not working in master

[Jayapal Reddy Uradi]

Can you please share the MS logs ?
I think the VR might failed on configuring rules due to this VR stop. 
Observe the MS from the VR start onwards to VR stop.

Thanks,
Jayapal
On 07-Aug-2015, at 3:18 AM, Pierre-Luc Dion pd...@cloudops.com wrote:

 Hi,
 
 We wanted to do some tests against master branch today. But we never got a
 VR up and running. Zone was in advanced networking, when creating a new vpc
 or private network the VR get created, vm start in xenserver but get
 shutdown and cloudstack console popup an error.
 
 cpvm and ssvm seams to work fine.
 
 Did anyone else got this behavior too?
 
 Thanks
 
 -- 
 
 *Pierre-Luc DION*
 Architecte de Solution Cloud | Cloud Solutions Architect
 t 855.652.5683
 
 *CloudOps* Votre partenaire infonuagique* | *Cloud Solutions Experts
 420 rue Guy *|* Montreal *|* Quebec *|* H3J 1S6
 w cloudops.com *|* tw @CloudOps_

s2s vpn related iptables are not applied on VR

[Jayapal Reddy Uradi]

Hi,

I haves configured the s2s vpn in vpc network. Observed that the iptables rules 
related to s2s vpn are not configured on the VR.
In configure.py there is method 'configure_iptables' which is having rules but 
these are not getting applied on VR.
Can you please look into this.

Also can you please the document to understand the flow of configuration.
Also in the dev environment when I am working on site to site vpn I want to 
apply only s2s vpn config not whole config again. Can you also please tell me 
how can we do this.

Thanks,
Jayapal 

Re: s2s vpn related iptables are not applied on VR

[Jayapal Reddy Uradi]

Hi Remi,

Created ticket for this.
https://issues.apache.org/jira/browse/CLOUDSTACK-8710

Thanks,
Jayapal
On 06-Aug-2015, at 1:23 AM, Remi Bergsma rberg...@schubergphilis.com wrote:

 Hi,
 
 Could you please create an ACS issue for this, so we can track it? Sounds 
 like something we need to fix.
 
 Thanks,
 Remi
 
 On 05 Aug 2015, at 14:30, Jayapal Reddy Uradi 
 jayapalreddy.ur...@citrix.com wrote:
 
 Hi,
 
 I haves configured the s2s vpn in vpc network. Observed that the iptables 
 rules related to s2s vpn are not configured on the VR.
 In configure.py there is method 'configure_iptables' which is having rules 
 but these are not getting applied on VR.
 Can you please look into this.
 
 Also can you please the document to understand the flow of configuration.
 Also in the dev environment when I am working on site to site vpn I want to 
 apply only s2s vpn config not whole config again. Can you also please tell 
 me how can we do this.
 
 Thanks,
 Jayapal 
 
 

VR remote access vpn not working in master

[Jayapal Reddy Uradi]

Hi All,

In latest master remote access vpn is not working because the configuration is 
not applied on the VR.
On the VR logs below error msg is seen.
'Error I do not know what to do with file of type remoteaccessvpn'

I have file ticket 
CLOUDSTACK-8690https://issues.apache.org/jira/browse/CLOUDSTACK-8690. The 
remote access vpn feature is broken so I think it is blocker.


Thanks,
Jayapal

Re: [Blocker] Default ip table rules on VR

[Jayapal Reddy Uradi]

I see VR ingress traffic is blocked by default from iptables mangle table.
But on the guest interface all the traffic is accepted.
Also egress firewall rule will break because of FORWARD policy.

Thanks,
Jayapal

On 30-Jul-2015, at 12:53 PM, Jayapal Reddy Uradi 
jayapalreddy.ur...@citrix.com wrote:

 
 It is security concern on the VR. All the ingress traffic onto the VR is 
 accepted.
 Let it be blocker.
 
 Thanks,
 Jayapal
 
 On 30-Jul-2015, at 12:28 PM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:
 
 I changed it to critical. It is only a blocker if we agree on this
 list that it is.
 
 On Thu, Jul 30, 2015 at 6:44 AM, Sanjeev N sanj...@apache.org wrote:
 Hi,
 
 In latest ACS builds, the ip table rules in VR have ACCEPT as the default
 policy in INPUT and FORWARD chains, instead of DROP.
 
 Created a blocker bug for this issue
 https://issues.apache.org/jira/browse/CLOUDSTACK-8688
 
 Can somebody please fix it?
 
 Thanks,
 Sanjeev
 
 
 
 -- 
 Daan
 

Re: [Blocker] Default ip table rules on VR

[Jayapal Reddy Uradi]

It is security concern on the VR. All the ingress traffic onto the VR is 
accepted.
Let it be blocker.

Thanks,
Jayapal

On 30-Jul-2015, at 12:28 PM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:

 I changed it to critical. It is only a blocker if we agree on this
 list that it is.
 
 On Thu, Jul 30, 2015 at 6:44 AM, Sanjeev N sanj...@apache.org wrote:
 Hi,
 
 In latest ACS builds, the ip table rules in VR have ACCEPT as the default
 policy in INPUT and FORWARD chains, instead of DROP.
 
 Created a blocker bug for this issue
 https://issues.apache.org/jira/browse/CLOUDSTACK-8688
 
 Can somebody please fix it?
 
 Thanks,
 Sanjeev
 
 
 
 -- 
 Daan

[Proposal] Replacing Openswan ipsec with Strongswan ipsec

[Jayapal Reddy Uradi]

Hi All,

Openswan is not being actively maintained by community.
Any security updates to the packages then it is difficult to upgrade.
latest version of OS X clients are not working on openswan.

To address the above concerns I am proposing to move from openswan ipsec to 
strongswan ipsec.

I will be sharing the FS for this feature soon.

Thanks,
Jayapal

Re: capitalized method name

[Jayapal Reddy Uradi]

Hi Daan,

Please go ahead and change the name.
Thanks for notifying.

-Jayapal


On 13-Jul-2015, at 8:45 PM, Daan Hoogland daan.hoogl...@gmail.com wrote:

 Jayapal,
 
 I didn't notice this before but in PR 568, in commit
 638885a9de0fd651351f0b16cbdd9fc30c4a187d, you added a method name
 starting with capital 'A' to citrixrecource base. Is this on purpose
 and can we change it to adhere to convention?
 
public boolean AttachConfigDriveToMigratedVm(Connection conn,
 String vmName, String ipAddr) {
 
 Not to blame anybody, i totally missed it last week as your PR came
 by. I noticed it this week because of another coverity issue in the
 code (pockemon-exception-handling).
 
 I a making a pr for the exception handling and will change the method
 name as well if you agree.
 -- 
 Daan

Re: [ANNOUNCE] Karen Voung as a new PMC member of CloudStack

[Jayapal Reddy Uradi]

Congrats Karen!
On 06-Jul-2015, at 1:30 PM, Wilder Rodrigues wrodrig...@schubergphilis.com 
wrote:

 Congratulations, Karen!
 
 Cheers,
 Wilder
 
 On 02 Jul 2015, at 20:15, John Burwell john.burw...@shapeblue.com wrote:
 
 All,
 
 The Project Management Committee (PMC) for Apache CloudStack are pleased to 
 announce that Karen Voung (karenv) has accepted our invitation to join the 
 PMC.
 
 Please join me in congratulating her.
 
 On behalf of the Apache CloudStack PMC,
 -John Burwell
 
 ---
 John Burwell (@john_burwell)
 VP of Software Engineering, ShapeBlue
 (571) 403-2411 | +44 20 3603 0542
 http://www.shapeblue.com
 
 
 
 Find out more about ShapeBlue and our range of CloudStack related services
 
 IaaS Cloud Design  Buildhttp://shapeblue.com/iaas-cloud-design-and-build//
 CSForge - rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/
 CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/
 CloudStack Software 
 Engineeringhttp://shapeblue.com/cloudstack-software-engineering/
 CloudStack Infrastructure 
 Supporthttp://shapeblue.com/cloudstack-infrastructure-support/
 CloudStack Bootcamp Training 
 Courseshttp://shapeblue.com/cloudstack-training/
 
 This email and any attachments to it may be confidential and are intended 
 solely for the use of the individual to whom it is addressed. Any views or 
 opinions expressed are solely those of the author and do not necessarily 
 represent those of Shape Blue Ltd or related companies. If you are not the 
 intended recipient of this email, you must neither take any action based 
 upon its contents, nor copy or show it to anyone. Please contact the sender 
 if you believe you have received this email in error. Shape Blue Ltd is a 
 company incorporated in England  Wales. ShapeBlue Services India LLP is a 
 company incorporated in India and is operated under license from Shape Blue 
 Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil 
 and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a 
 company registered by The Republic of South Africa and is traded under 
 license from Shape Blue Ltd. ShapeBlue is a registered trademark.
 

Travis-ci build timeout error.

[Jayapal Reddy Uradi]

Hi,

Travis-ci builds are timeout on branch.
Below are the errors from travis-ci log


Installing some python packages:
/home/travis/build.sh: line 108:  2307 Terminated  travis_jigger $! 
$timeout $cmd
install
885.98s$ ./tools/travis/install.sh
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
[debug] execute contextualize
Jun 19, 2015 11:43:03 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:04 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:04 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:04 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:04 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:05 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:05 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:05 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:05 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:05 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:05 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:06 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:06 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:06 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:06 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:07 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:07 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:07 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:07 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:07 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:08 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:08 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:08 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:08 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: No packages 
or classes specified
Jun 19, 2015 11:43:08 AM net.sourceforge.pmd.PMD removeBrokenRules
WARNING: Removed misconfigured rule: LoosePackageCoupling  cause: 

Travis-ci test cases getting timed out

[Jayapal Reddy Uradi]

Hi,

There are test case failures due to timeout, below is the message.
'Your test run exceeded 50 minutes. '

travis-ci job info.
https://travis-ci.org/jayapalu/cloudstack/builds/66205220

Can some one look at travis-ci.

Thanks,
Jayapal

Re: [DISCUSS] Out of Band VR migration, should we reboot VR or not?

[Jayapal Reddy Uradi]

In VR configuration persistence (4.6) only iptables rules are persisted ?
There are other configuration (interface ips, routes etc in VR will be lost on 
reboot) are these taken care ?


Thanks,
Jayapal


On 04-Jun-2015, at 11:15 AM, Koushik Das koushik@citrix.com
 wrote:

 
 On 04-Jun-2015, at 12:04 AM, Remi Bergsma rberg...@schubergphilis.com wrote:
 
 Hi all,
 
 I just had a look at this more closely and had a chat with Ian about it. The 
 only way for the original problem to happen (losing iptables rules) is if 
 the live migrate would fail and the hypervisor rebooted the vm. The cause is 
 the non-persistance of the router configuration, which is fixed in 4.6 by 
 the way. I would say failing live migrations does not happen often (I have 
 never seen it happening).
 
 
 What about native HA in Vmware and HyperV? Say the original host has failed, 
 Vmware will bring up the VR on another host as part of native HA. In this 
 case also the configuration is lost.
 
 Anyway, once this happens to the router, it is stuck in a state where it 
 does not have the linklocal configuration any more. Would CloudStack be able 
 to issue a aggregate command while it cannot reach it? Rebooting might be 
 the only way out after all. It’s just that rebooting by default in case of 
 out-of-band migrations I’d say is a little bit too much. CloudStack would 
 detect the problem anyway, as it cannot reach the linklocal anymore.
 
 The interesting situation is that we have releases out there that now reboot 
 by default.
 
 My proposal to solve it in 4.4 and 4.5:
 - Implement a setting ‘reboot systemvm when out-of-band migration detected’.
 The default should be false and release notes should mention a changed 
 behaviour from 4.4.3 and 4.5.1. To get the old behaviour, switch to true. A 
 small group of people should be interested in this.
 
 I guess this is the best of both worlds. Do you guys agree?
 
 The other option I see is to revert the commit, as I think that serves most 
 people.
 
 Who is willing to help implement it?
 
 Regards, Remi
 
 
 On 03 Jun 2015, at 17:42, Rene Moser 
 m...@renemoser.netmailto:m...@renemoser.net wrote:
 
 Hi
 
 On 03.06.2015 17:06, Ian Southam wrote:
 If the machine crashes and/or rebooted during the oob migration by a party 
 that is not the orchestrator, (read vCenter) then the rules will be lost.
 
 I fully agree, a reboot due a failing live migration, would cause a
 reboot. So what? Then we blame VMware, the orchestration will reboot the
 VR and everything is fine. This would cause seconds of outage.
 
 But then the missing persistence of the iptables would be the problem,
 not the live migration task, right?
 
 We should fix the persistence of the rules during reboot and not try to
 be more clever then the hypervisor cluster orchestration.
 
 Just my 2 cents.
 
 
 
 
 
 

Re: Changing the source NAT IP

[Jayapal Reddy Uradi]

You can change the source NAT ip of the network with the API/UI.

If you want to change you need to do the following.
1. Acuire another public ip P2 to the network.
2. Stop the router.
3. Edit the user_ip_address table, source_nat column of P2 to 1 and old source 
NAT ip to 0.
4. Restart the Router.

Hope this will work.

Thanks,
Jayapal

On 04-Jun-2015, at 2:39 PM, Schubert, Sven sven.schub...@bautzen-it.de
 wrote:

 Hi,
 
 is there a possibility to change the source NAT IP in an existing environment?
 
 Regards,
 Sven
 
 -- 
 This email was Virus checked by UTM 9. http://www.sophos.com

Re: [bug]Preshared key not created when enable remote VPN

[Jayapal Reddy Uradi]

Hi Andrija,

Listing PSK in API is removed for security reason and it got reverted again.
This is commit revert id d81e831214cafc2c9f1e4f8e7de56fca65c2215f

Thanks,
Jayapal



On 26-May-2015, at 2:45 PM, Andrija Panic andrija.pa...@gmail.com
 wrote:

 Hi Jayapal,
 
 vpn_server_addr_id account_id network_id domain_id local_ip
 ip_range ipsec_psk state id uuid vpc_id display
 16 2 \N 1 192.168.156.1 192.168.156.2-192.168.156.50
 5bqKeKhqqWvHx8Re2hZVK7AC Running 1
 b037d8b2-1ebf-4450-8c76-7bd9c73f0745 7 1
 13 2 \N 1 192.168.156.1 192.168.156.2-192.168.156.50
 bvTSjdtHuSdKbQh4av6VSKDT Running 4
 c5e5bcda-668e-4836-9388-9dd857620bd5 4 1
 22 2 \N 1 192.168.156.1 192.168.156.2-192.168.156.50
 GPnNeO54WerfBmOsP4RbBr9p Running 13
 1c84385f-4c51-48ef-9b30-a85e530795ef 10 1
 7 2 \N 1 192.168.156.1 192.168.156.2-192.168.156.50
 e3vdYtAEbprNza2SAFqHKa9F Running 22
 8f358c3b-bde0-45c6-8a36-1f07821243bc 1 1
 
 meaning it seems fine in DB (this is only test env at the moment).
 
 Regards,
 Andrija
 
 On 26 May 2015 at 11:09, Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
 wrote:
 
 Hi Andrija,
 
 Is it not listing in the API or the PSK itself is not there DB ?
 Can you check the table once.
 SELECT * FROM cloud.remote_access_vpn;
 
 Thanks,
 Jayapal
 On 26-May-2015, at 2:35 PM, Andrija Panic andrija.pa...@gmail.com wrote:
 
 Hi,
 
 anybody familiar with some workarround/fix for this one:
 https://issues.apache.org/jira/browse/CLOUDSTACK-8407 ?
 
 Thanks,
 
 --
 
 Andrija Panić
 
 
 
 
 -- 
 
 Andrija Panić

Re: [bug]Preshared key not created when enable remote VPN

[Jayapal Reddy Uradi]

Hi Andrija,

Is it not listing in the API or the PSK itself is not there DB ?
Can you check the table once.
SELECT * FROM cloud.remote_access_vpn;

Thanks,
Jayapal
On 26-May-2015, at 2:35 PM, Andrija Panic andrija.pa...@gmail.com wrote:

 Hi,
 
 anybody familiar with some workarround/fix for this one:
 https://issues.apache.org/jira/browse/CLOUDSTACK-8407 ?
 
 Thanks,
 
 -- 
 
 Andrija Panić

Re: [bug]Preshared key not created when enable remote VPN

[Jayapal Reddy Uradi]

Andrija,

This commit is already there in master.
d81e831214cafc2c9f1e4f8e7de56fca65c2215f

Thanks,
Jayapal

On 26-May-2015, at 3:03 PM, Andrija Panic andrija.pa...@gmail.com
 wrote:

 Jayapal,
 
 did I understood correctly, that you just reverted it back so we can get
 PSK in APU/UI?
 
 Thanks,
 Andrija
 
 On 26 May 2015 at 11:20, Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
 wrote:
 
 Hi Andrija,
 
 Listing PSK in API is removed for security reason and it got reverted
 again.
 This is commit revert id d81e831214cafc2c9f1e4f8e7de56fca65c2215f
 
 Thanks,
 Jayapal
 
 
 
 On 26-May-2015, at 2:45 PM, Andrija Panic andrija.pa...@gmail.com
 wrote:
 
 Hi Jayapal,
 
 vpn_server_addr_id account_id network_id domain_id local_ip
 ip_range ipsec_psk state id uuid vpc_id display
 16 2 \N 1 192.168.156.1 192.168.156.2-192.168.156.50
 5bqKeKhqqWvHx8Re2hZVK7AC Running 1
 b037d8b2-1ebf-4450-8c76-7bd9c73f0745 7 1
 13 2 \N 1 192.168.156.1 192.168.156.2-192.168.156.50
 bvTSjdtHuSdKbQh4av6VSKDT Running 4
 c5e5bcda-668e-4836-9388-9dd857620bd5 4 1
 22 2 \N 1 192.168.156.1 192.168.156.2-192.168.156.50
 GPnNeO54WerfBmOsP4RbBr9p Running 13
 1c84385f-4c51-48ef-9b30-a85e530795ef 10 1
 7 2 \N 1 192.168.156.1 192.168.156.2-192.168.156.50
 e3vdYtAEbprNza2SAFqHKa9F Running 22
 8f358c3b-bde0-45c6-8a36-1f07821243bc 1 1
 
 meaning it seems fine in DB (this is only test env at the moment).
 
 Regards,
 Andrija
 
 On 26 May 2015 at 11:09, Jayapal Reddy Uradi 
 jayapalreddy.ur...@citrix.com
 wrote:
 
 Hi Andrija,
 
 Is it not listing in the API or the PSK itself is not there DB ?
 Can you check the table once.
 SELECT * FROM cloud.remote_access_vpn;
 
 Thanks,
 Jayapal
 On 26-May-2015, at 2:35 PM, Andrija Panic andrija.pa...@gmail.com
 wrote:
 
 Hi,
 
 anybody familiar with some workarround/fix for this one:
 https://issues.apache.org/jira/browse/CLOUDSTACK-8407 ?
 
 Thanks,
 
 --
 
 Andrija Panić
 
 
 
 
 --
 
 Andrija Panić
 
 
 
 
 -- 
 
 Andrija Panić

Re: [VR] Usage of /etc/dhcpopts.txt

[Jayapal Reddy Uradi]

These settings get added from the edithosts.sh when a new vm got deployed or 
new nic is plugged.
For non-default nic there will be entries in dhcpopts.txt.
 10_125_2_150,3
 10_125_2_150,6

For default nic there won't any entries in dhcpopts.txt for this nic.

Thanks,
Jayapal 

On 06-May-2015, at 1:50 PM, Erik Weber terbol...@gmail.com
 wrote:

 I'm troubleshooting an issue where the guest vms does not receive default
 gateway nor dns servers.
 
 And it seems to be due to the following lines in /etc/dhcpopts.txt:
 10_125_2_150,3
 10_125_2_150,6
 
 Does anyone know why we insert those lines, and/or where it comes from?
 
 -- 
 Erik

Re: [VR] Usage of /etc/dhcpopts.txt

[Jayapal Reddy Uradi]

Yes. For default nic those entries should be cleared.

-Jayapal

On 06-May-2015, at 2:16 PM, Erik Weber terbol...@gmail.com
 wrote:

 On Wed, May 6, 2015 at 10:44 AM, Jayapal Reddy Uradi 
 jayapalreddy.ur...@citrix.com wrote:
 
 These settings get added from the edithosts.sh when a new vm got deployed
 or new nic is plugged.
 For non-default nic there will be entries in dhcpopts.txt.
 10_125_2_150,3
 10_125_2_150,6
 
 For default nic there won't any entries in dhcpopts.txt for this nic.
 
 
 I found that out, thanks!
 
 Those lines should be cleared when the NIC is set to default though, right?
 
 -- 
 Erik

Re: Support for SecurityGroup in OpenVSwitch mode in Xenserver

[Jayapal Reddy Uradi]

 Hi Suresh,

Basically SG rules needs bridge mode. So in KVM also it expects bridge mode.

Thanks,
Jayapal
 
On 17-Apr-2015, at 2:33 AM, Suresh Ramamurthy 
suresh.ramamur...@nuagenetworks.net
 wrote:

 Hi Jayapal,
 
 Thanks a lot for the response.
 
 From what you explained, looks like SG for KVM also expects Bridge module.
 Correct me if I am wrong.
 
 Thanks,
 Suresh
 
 
 On Wed, Apr 15, 2015 at 11:36 PM, Jayapal Reddy Uradi 
 jayapalreddy.ur...@citrix.com wrote:
 
 Hi Suresh,
 
 Yes, for security groups expects network mode 'bridge' for xenserver.
 This is because the security group rules  iptables/ebatables in host
 filters on the bridge interfaces.
 
 Please look at how we can achieve host level isolation of VM traffic for
 SG using openVswitch.
 
 Thanks,
 Jayapal
 
 On 16-Apr-2015, at 10:14 AM, Suresh Ramamurthy 
 suresh.ramamur...@nuagenetworks.net
 wrote:
 
 Hi Security Group Experts,
 
 I am trying to play with SecurityGroup in XenServer setup.
 
 When I looked at the latest 4.5 code I found that the code expects Bridge
 module to be present in Xenserver.
 
 Is that true? Is Security Group supported using OpenVSwitch in Xenserver?
 
 Thanks,
 Suresh
 
 

Re: Support for SecurityGroup in OpenVSwitch mode in Xenserver

[Jayapal Reddy Uradi]

Hi Suresh,

Yes, for security groups expects network mode 'bridge' for xenserver.
This is because the security group rules  iptables/ebatables in host filters on 
the bridge interfaces.

Please look at how we can achieve host level isolation of VM traffic for SG 
using openVswitch.

Thanks,
Jayapal

On 16-Apr-2015, at 10:14 AM, Suresh Ramamurthy 
suresh.ramamur...@nuagenetworks.net
 wrote:

 Hi Security Group Experts,
 
 I am trying to play with SecurityGroup in XenServer setup.
 
 When I looked at the latest 4.5 code I found that the code expects Bridge
 module to be present in Xenserver.
 
 Is that true? Is Security Group supported using OpenVSwitch in Xenserver?
 
 Thanks,
 Suresh

Re: [ANNOUNCE] New committer: Gaurav Nandkumar Aradhye

[Jayapal Reddy Uradi]

Congrats Gaurav!

-Jayapal

On 14-Apr-2015, at 9:10 AM, Rajani Karuturi raj...@apache.org
 wrote:

 congratulations Gaurav..
 
 ~Rajani
 
 On Tue, Apr 14, 2015 at 1:35 AM, Erik Weber terbol...@gmail.com wrote:
 
 On Mon, Apr 13, 2015 at 9:43 PM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:
 
 The Project Management Committee (PMC) for Apache CloudStack
 has asked Gaurav Aradhya to become a committer and we are pleased to
 announce that they have accepted.
 
 Being a committer allows many contributors to contribute more
 autonomously. For developers, it makes it easier to submit changes and
 eliminates the need to have contributions reviewed via the patch
 submission process. Whether contributions are development-related or
 otherwise, it is a recognition of a contributor's participation in the
 project and commitment to the project and the Apache Way.
 
 Please join me in congratulating Gaurav
 
 
 Well deserved, welcome!
 Congratulations :-)
 
 --
 Erik
 

Re: master branch: VR not starting

[Jayapal Reddy Uradi]

-AAN4cAACAAIACnQAGVZpcnR1YWxNYWNoaW5lTWFuYWdlckltcGwAAHBwcHBwcHBwc3IAEWphdmEudXRpbC5IYXNoTWFwBQfawcMWYNEDAAJGAApsb2FkRmFjdG9ySQAJdGhyZXNob2xkeHA_QAAADHcIEAF0AA5SZXN0YXJ0TmV0d29ya3QAP3JPMEFCWE55QUJGcVlYWmhMbXhoYm1jdVFtOXZiR1ZoYnMwZ2NvRFZuUHJ1QWdBQldnQUZkbUZzZFdWNGNBRXhw,
 cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0,
 result: null, initMsid: 7684065591473, completeMsid: null, lastUpdated:
 null, lastPolled: null, created: Thu Apr 02 09:25:24 EDT 2015}, job
 origin:43
 
 
 
 
 
 On Thu, Apr 2, 2015 at 12:31 AM, Jayapal Reddy Uradi 
 jayapalreddy.ur...@citrix.com wrote:
 
 
 Can you please check the MS logs for the VR start.
 You might be getting exception for VR start due which the MS is stopping
 the router.
 
 Can you please send the management server logs.
 
 Thanks,
 Jayapal
 On 02-Apr-2015, at 12:44 AM, Pierre-Luc Dion pd...@cloudops.com wrote:
 
 Hi,
 
 I'm setting up a test env with the master branch and XenServer 6.5.0
 
 VR are not starting I have the CPVM and SSVM running but VR failed to
 start
 for guest network and VPC. the VR instance start and got shutdown right
 after debian is booted. I've used templates from j.bac.o.
 
 Does anyone is aware of changes going on on master branch or experiencing
 the same?
 
 Thanks :-)
 
 
 
 Find out more about ShapeBlue and our range of CloudStack related services
 
 IaaS Cloud Design  Buildhttp://shapeblue.com/iaas-cloud-design-and-build//
 CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/
 CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/
 CloudStack Software 
 Engineeringhttp://shapeblue.com/cloudstack-software-engineering/
 CloudStack Infrastructure 
 Supporthttp://shapeblue.com/cloudstack-infrastructure-support/
 CloudStack Bootcamp Training 
 Courseshttp://shapeblue.com/cloudstack-training/
 
 This email and any attachments to it may be confidential and are intended 
 solely for the use of the individual to whom it is addressed. Any views or 
 opinions expressed are solely those of the author and do not necessarily 
 represent those of Shape Blue Ltd or related companies. If you are not the 
 intended recipient of this email, you must neither take any action based upon 
 its contents, nor copy or show it to anyone. Please contact the sender if you 
 believe you have received this email in error. Shape Blue Ltd is a company 
 incorporated in England  Wales. ShapeBlue Services India LLP is a company 
 incorporated in India and is operated under license from Shape Blue Ltd. 
 Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
 operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
 registered by The Republic of South Africa and is traded under license from 
 Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: master branch: VR not starting

[Jayapal Reddy Uradi]

Can you please check the MS logs for the VR start.
You might be getting exception for VR start due which the MS is stopping the 
router.

Can you please send the management server logs.

Thanks,
Jayapal
On 02-Apr-2015, at 12:44 AM, Pierre-Luc Dion pd...@cloudops.com wrote:

 Hi,
 
 I'm setting up a test env with the master branch and XenServer 6.5.0
 
 VR are not starting I have the CPVM and SSVM running but VR failed to start
 for guest network and VPC. the VR instance start and got shutdown right
 after debian is booted. I've used templates from j.bac.o.
 
 Does anyone is aware of changes going on on master branch or experiencing
 the same?
 
 Thanks :-)

Re: [ANNOUNCE] New committer: Rene Moser

[Jayapal Reddy Uradi]

Congrats Rene! 

Thanks,
Jayapal

On 01-Apr-2015, at 5:24 AM, Nux! n...@li.nux.ro
 wrote:

 Congrats Rene! :)
 
 Lucian
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 From: Ahmad Emneina aemne...@gmail.com
 To: dev@cloudstack.apache.org
 Sent: Tuesday, 31 March, 2015 22:24:45
 Subject: Re: [ANNOUNCE] New committer: Rene Moser
 
 Thanks for the contributions so far Rene, look forward to many more!
 Congratulations.
 
 On Tue, Mar 31, 2015 at 2:13 PM, sebgoa run...@gmail.com wrote:
 
 The Project Management Committee (PMC) for Apache CloudStack
 has asked Rene Moser to become a committer and we are pleased to announce
 that he has accepted.
 
 Rene has committed several fixes to cloudstack and is the sole author of
 the cloudstack ansible module.
 This module should make it to Ansible core quite soon
 
 Being a committer enables easier contribution to the
 project since there is no need to go via the patch
 submission process. This should enable better productivity.
 Being a PMC member enables assistance with the management
 and to guide the direction of the project.
 
 Join me in congratulating Rene and let's hope for more Ansible play books
 to deploy cloudstack and associated workloads.
 
 -The CloudStack PMC

Re: [ANNOUNCE] Rohit Yadav as new PMC member of CloudStack

[Jayapal Reddy Uradi]

Congrats Bhaisaab :)

On 27-Mar-2015, at 2:01 PM, Funs Kessen f...@barred.org wrote:

 Congrats Rohit, awesome!
 
 On 27 Mar 2015, at 09:20, Remi Bergsma rberg...@schubergphilis.com wrote:
 
 Congratz Rohit, well deserved! :-)
 
 Sent from my iPhone
 
 On 27 Mar 2015, at 09:08, Sebastien Goasguen run...@gmail.com wrote:
 
 The Project Management Committee (PMC) for Apache CloudStack are pleased to
 announce that Rohit Yadav has accepted our invitation to join the PMC.
 
 Please join me in congratulating him.
 
 On behalf of the Apache CloudStack PMC
 
 
 — 
   =Funs
 

Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network

[Jayapal Reddy Uradi]

Hi Adrian,

For DHCP relay we need the VR with another interface which is in different 
network.
From CS we need to configure the another network for this.
I think supporting VR as DHCP relay agent can be taken as separate feature.

If we want to deploy VMs with external DHCP without VR, this feature will help.

Thanks,
Jayapal 



On 21-Mar-2015, at 10:53 AM, Marcus shadow...@gmail.com wrote:

 There are some native hypervisor options, like virtio-socket for KVM,
 vmx file parameters for VMware. We already use something like this for
 the system vm bootstrap on KVM, that's how system vms get their ips.
 
 On Fri, Mar 20, 2015 at 6:12 PM, ilya ilya.mailing.li...@gmail.com wrote:
 I think config drive is not the best design choice.
 
 You are relying on external ISO to deliver content private to VM. The ISO is
 stored in secondary or primary storage, if exposed - I get the private data
 of all the VMs. There maybe issues with storage migration and general
 vmotion if ISO is attached.
 
 If we are following this model because openstack has chosen this path - i
 think its just wasted effort and wrong.
 
 In my opinion, an external service is much better solution, i.e. AWS - not
 OpenStack.
 
 Also, how does this work CS retrieves the ip from the VM and update in the
 DB nics table. ?
 
 
 
 On 3/20/15 4:56 PM, Marcus wrote:
 
 I agree, that's generally the model, right? The network offering
 describes where the services come from.
 
 On Fri, Mar 20, 2015 at 12:16 PM, Alena Prokharchyk alena1...@gmail.com
 wrote:
 
 From the FS:
 
 Create empty network offering with no service selected. Only DHCP, DNS
 services are provided by external servers.
 Metadata - information is included in the config drive
 Userdata, vm password, ssh key - If these are passed then included
 in
 the config drive with user data service.
 Retrieving IP assigned by external DHCP server to userVM. Store it in CS
 DB.
 
 
 Why not just introduce the notion of the external provider for the
 DHCP/DNS/UserData service? Not specifying the services on the offering
 and
 implementing the service and storing the service data - UserData/MetaData
 and IP  - in the CloudStack DB, is confusing. Unless all the
 metadata/userdata is stored/managed on/by the external provider side.
 
 On Fri, Mar 20, 2015 at 6:20 AM, Adrian Lewis
 adr...@alsiconsulting.co.uk
 wrote:
 
 Can't see the wiki at the moment as it's down for maintenance but on a
 slightly different but related note, would it be feasible to use DHCP
 relay
 functionality in dnsmasq on a VR and still get the IP address assigned
 by
 an
 external DHCP server registered into the ACS MS? Not quite sure if under
 normal circumstances ACS picks up the IP from dnsmasq or if ACS manages
 the
 pool and sends dnsmasq static leases. If it's picking up what dnsmasq
 decides to lease out, what is this mechanism and does/would it also work
 for
 DHCP relay?
 
 This doesn’t solve the issue of a DHCP server on the same network
 however
 and would still require a VR on the network with upstream connectivity
 to
 the DHCP server.
 
 I'm definitely definitely up for the concept of simple networks with no
 VR
 if we can provision some of the essentials without one. Big +1
 
 
 -Original Message-
 From: Nux! [mailto:n...@li.nux.ro]
 Sent: 20 March 2015 09:34
 To: dev@cloudstack.apache.org
 Subject: Re: [PROPOSAL] DHCP/DNS offload and config drive support for
 adv
 zone shared network
 
 +1, good idea
 
 One thing though:  let's make the config drive available for all types
 of
 zones, many people use the basic or adsg zones.
 
 Lucian
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 
 From: Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
 To: dev@cloudstack.apache.org
 Sent: Friday, 20 March, 2015 09:12:19
 Subject: [PROPOSAL]  DHCP/DNS offload and config drive support for adv
 zone shared network
 In advanced zone shared network if someone wants to use DHCP server
 outside the cloudstack, currently it can be done by not selecting the
 DHCP service But the problem here is that the VM actual ip is
 different from what cloudstack showing.
 
 If there are no services selected for the network offering there is no
 need of the VR.
 In the absense of VR there should be way to provide password,
 userdata/metadata, ssh keys to user vm.
 
 With this feature we can do the following.
 1. Create network without VR.
 2. Retrive the IP from the VM and update it in the cloudstack DB.
 3. Add config drive support for the VMs in this network.
 
 Please provide your comments for the below FS.
 
 ACS ticket: https://issues.apache.org/jira/browse/CLOUDSTACK-8324
 FS:
 https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=53740
 797
 
 
 Thanks,
 Jayapal
 
 
 
 --
 Alena Prokharchyk
 https://twitter.com/Lemonjet
 http://www.linkedin.com/pub/alena-prokharchyk/13/282/a7b
 
 

Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network

[Jayapal Reddy Uradi]

To start this feature we are going with only shared network.
Once it is done for shared network, it can be generalised for all the networks 
and
external providers can be added at this point.
The external provider does not have any thing to implement.

Thanks,
Jayapal

On 21-Mar-2015, at 12:46 AM, Alena Prokharchyk alena1...@gmail.com wrote:

 From the FS:
 
 Create empty network offering with no service selected. Only DHCP, DNS
 services are provided by external servers.
Metadata - information is included in the config drive
Userdata, vm password, ssh key - If these are passed then included in
 the config drive with user data service.
 Retrieving IP assigned by external DHCP server to userVM. Store it in CS
 DB.
 
 
 Why not just introduce the notion of the external provider for the
 DHCP/DNS/UserData service? Not specifying the services on the offering and
 implementing the service and storing the service data - UserData/MetaData
 and IP  - in the CloudStack DB, is confusing. Unless all the
 metadata/userdata is stored/managed on/by the external provider side.
 
 On Fri, Mar 20, 2015 at 6:20 AM, Adrian Lewis adr...@alsiconsulting.co.uk
 wrote:
 
 Can't see the wiki at the moment as it's down for maintenance but on a
 slightly different but related note, would it be feasible to use DHCP relay
 functionality in dnsmasq on a VR and still get the IP address assigned by
 an
 external DHCP server registered into the ACS MS? Not quite sure if under
 normal circumstances ACS picks up the IP from dnsmasq or if ACS manages the
 pool and sends dnsmasq static leases. If it's picking up what dnsmasq
 decides to lease out, what is this mechanism and does/would it also work
 for
 DHCP relay?
 
 This doesn’t solve the issue of a DHCP server on the same network however
 and would still require a VR on the network with upstream connectivity to
 the DHCP server.
 
 I'm definitely definitely up for the concept of simple networks with no VR
 if we can provision some of the essentials without one. Big +1
 
 
 -Original Message-
 From: Nux! [mailto:n...@li.nux.ro]
 Sent: 20 March 2015 09:34
 To: dev@cloudstack.apache.org
 Subject: Re: [PROPOSAL] DHCP/DNS offload and config drive support for adv
 zone shared network
 
 +1, good idea
 
 One thing though:  let's make the config drive available for all types of
 zones, many people use the basic or adsg zones.
 
 Lucian
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 From: Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
 To: dev@cloudstack.apache.org
 Sent: Friday, 20 March, 2015 09:12:19
 Subject: [PROPOSAL]  DHCP/DNS offload and config drive support for adv
 zone shared network
 
 In advanced zone shared network if someone wants to use DHCP server
 outside the cloudstack, currently it can be done by not selecting the
 DHCP service But the problem here is that the VM actual ip is
 different from what cloudstack showing.
 
 If there are no services selected for the network offering there is no
 need of the VR.
 In the absense of VR there should be way to provide password,
 userdata/metadata, ssh keys to user vm.
 
 With this feature we can do the following.
 1. Create network without VR.
 2. Retrive the IP from the VM and update it in the cloudstack DB.
 3. Add config drive support for the VMs in this network.
 
 Please provide your comments for the below FS.
 
 ACS ticket: https://issues.apache.org/jira/browse/CLOUDSTACK-8324
 FS:
 https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=53740
 797
 
 
 Thanks,
 Jayapal
 
 
 
 
 -- 
 Alena Prokharchyk
 https://twitter.com/Lemonjet
 http://www.linkedin.com/pub/alena-prokharchyk/13/282/a7b

Re: [Announce] - New VP Apache Cloudstack

[Jayapal Reddy Uradi]

Congrats Sebastien!

On 24-Mar-2015, at 9:56 AM, Koushik Das koushik@citrix.com
 wrote:

 Congrats Sebastien and thanks Hugo!
 
 -Original Message-
 From: Giles Sirett [mailto:giles.sir...@shapeblue.com] 
 Sent: Monday, 23 March 2015 17:11
 To: dev@cloudstack.apache.org; us...@cloudstack.apache.org; 
 market...@cloudstack.apache.org
 Subject: [Announce] - New VP Apache Cloudstack
 
 All
 The Apache Cloudstack PMC is delighted to announce that on March 18 an ASF 
 board resolution was passed to make Sebastien Goasguen the new Chair/VP of 
 Apache CloudStack.
 
 Sebastien replaces Hugo in this role
 
 
 I'm sure you'll all join me in wishing Sebastien all the best for the next 12 
 months and also in thanking Hugo for all of his hard work over the last year.
 
 Giles
 
 
 
 Find out more about ShapeBlue and our range of CloudStack related services
 
 IaaS Cloud Design  Buildhttp://shapeblue.com/iaas-cloud-design-and-build//
 CSForge - rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/
 CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/
 CloudStack Software 
 Engineeringhttp://shapeblue.com/cloudstack-software-engineering/
 CloudStack Infrastructure 
 Supporthttp://shapeblue.com/cloudstack-infrastructure-support/
 CloudStack Bootcamp Training 
 Courseshttp://shapeblue.com/cloudstack-training/
 
 This email and any attachments to it may be confidential and are intended 
 solely for the use of the individual to whom it is addressed. Any views or 
 opinions expressed are solely those of the author and do not necessarily 
 represent those of Shape Blue Ltd or related companies. If you are not the 
 intended recipient of this email, you must neither take any action based upon 
 its contents, nor copy or show it to anyone. Please contact the sender if you 
 believe you have received this email in error. Shape Blue Ltd is a company 
 incorporated in England  Wales. ShapeBlue Services India LLP is a company 
 incorporated in India and is operated under license from Shape Blue Ltd. 
 Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
 operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
 registered by The Republic of South Africa and is traded under license from 
 Shape Blue Ltd. ShapeBlue is a registered trademark.

[PROPOSAL] DHCP/DNS offload and config drive support for adv zone shared network

[Jayapal Reddy Uradi]

In advanced zone shared network if someone wants to use DHCP server outside the 
cloudstack, currently it can be done by not selecting the DHCP service
But the problem here is that the VM actual ip is different from what cloudstack 
showing.

If there are no services selected for the network offering there is no need of 
the VR.
In the absense of VR there should be way to provide password, 
userdata/metadata, ssh keys to user vm.

With this feature we can do the following.
1. Create network without VR.
2. Retrive the IP from the VM and update it in the cloudstack DB.
3. Add config drive support for the VMs in this network.

Please provide your comments for the below FS.

ACS ticket: https://issues.apache.org/jira/browse/CLOUDSTACK-8324
FS: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=53740797


Thanks,
Jayapal

Re: [ANNOUNCE] New committer: Karen Vuong

[Jayapal Reddy Uradi]

Congrats Karen!

On 20-Mar-2015, at 8:32 AM, ilya ilya.mailing.li...@gmail.com
 wrote:

 Kelcey is alive!!!
 On 3/19/15 6:23 PM, m...@kelceydamage.com wrote:
 Congratulations!
 
 -Original Message-
 From: Todd Pigram [mailto:t...@toddpigram.com]
 Sent: Thursday, March 19, 2015 6:01 PM
 To: dev@cloudstack.apache.org
 Subject: Re: [ANNOUNCE] New committer: Karen Vuong
 
 Congratulations Karen!
 
 On Thu, Mar 19, 2015 at 6:17 PM, Nux! n...@li.nux.ro wrote:
 
 Congratulations, Karen - keep up the good work! :)
 
 Lucian
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 From: Erik Weber terbol...@gmail.com
 To: dev dev@cloudstack.apache.org
 Sent: Thursday, 19 March, 2015 22:10:22
 Subject: Re: [ANNOUNCE] New committer: Karen Vuong
 On Thu, Mar 19, 2015 at 11:07 PM, Pierre-Luc Dion
 pd...@cloudops.com
 wrote:
 
 The Project Management Committee (PMC) for Apache CloudStack has
 asked Karen Vuong to become a committer and we are pleased to
 announce that she have accepted.
 
 Karen is doing a huge effort on promoting CloudStack and organizing
 events such as CloudStack days, CloudStack collaboration
 conferences and meetups. She is helping a lot on the marketing effort as 
 well.
 
 Being a committer allows many contributors to contribute more
 autonomously. For developers, it makes it easier to submit changes
 and eliminates the need to have contributions reviewed via the
 patch submission process. Whether contributions are
 development-related or otherwise, it is a recognition of a
 contributor's participation in the project and commitment to the project 
 and the Apache Way.
 
 Please join me in congratulating Karen (karenv)
 
 
 Congratulations Karen!
 
 --
 Erik
 
 
 

Re: [ANNOUNCE] New committer: Harikrishna Patnala

[Jayapal Reddy Uradi]

Congrats Hari!

On 10-Mar-2015, at 1:10 PM, Gaurav Aradhye gaurav.arad...@clogeny.com
 wrote:

 Congrats Hari!
 
 Regards,
 Gaurav
 
 On Tue, Mar 10, 2015 at 12:50 PM, Rajesh Battala rajesh.batt...@citrix.com
 wrote:
 
 Hearty Congratulations Harikrishna :)
 
 -Original Message-
 From: Rajani Karuturi [mailto:raj...@apache.org]
 Sent: Tuesday, March 10, 2015 11:00 AM
 To: dev@cloudstack.apache.org
 Subject: [ANNOUNCE] New committer: Harikrishna Patnala
 
 The Project Management Committee (PMC) for Apache CloudStack has asked
 Harikrishna Patnala to become a committer and we are pleased to announce
 that he has accepted.
 
 Being a committer allows many contributors to contribute more
 autonomously. For developers, it makes it easier to submit changes and
 eliminates the need to have contributions reviewed via the patch submission
 process. Whether contributions are development-related or otherwise, it is
 a recognition of a contributor's participation in the project and
 commitment to the project and the Apache Way.
 
 Please join me in congratulating Hari.
 
 
 https://github.com/apache/cloudstack/commits/master?author=harikrishna-patnala
 Keep them coming. :)
 
 --
 on behalf of the CloudStack PMC,
 
 ~Rajani
 

Re: problem with xapi command in cloudstack

[Jayapal Reddy Uradi]

Hi Daan,

I have fixed this issue in master and here is the ticket id CLOUDSTACK-8298

Thanks,
Jayapal

On 02-Feb-2015, at 2:32 PM, Stephen Turner stephen.tur...@citrix.com wrote:

 Do you have an error message, Daan?
 
 -- 
 Stephen Turner
 
 
 -Original Message-
 From: Daan Hoogland [mailto:daan.hoogl...@gmail.com] 
 Sent: 30 January 2015 07:12
 To: Tim Mackey
 Cc: dev; Tim Mackey
 Subject: problem with xapi command in cloudstack
 
 Tim, as you know something about xapi,
 
 Would you know if there is a reason a router may not spinup in cloudstack 
 when its dhcp config is 272 k big?
 
 --
 Daan

Re: Adding command to update the network plugin host details...

[Jayapal Reddy Uradi]

Hi Suresh,


Edit should be happened before implementing the network/device.
After implementing a external network device, editing interface info will cause 
the network to reimplement (delete with old data and add with new)

I think updating host table is enough.



Thanks,
Jayapal.

On 06-Jan-2015, at 1:20 AM, Suresh Ramamurthy 
suresh.ramamur...@nuagenetworks.net wrote:

 Hi Hugo,
 
 Most of the network plugin, including NuageVSP, has commands  to add and
 delete the network device information. Example:
 
 AddNiciraNvpDeviceCmd.java
 https://github.com/apache/cloudstack/blob/master/plugins/network-elements/nicira-nvp/src/com/cloud/api/commands/AddNiciraNvpDeviceCmd.java
 DeleteNiciraNvpDeviceCmd.java
 https://github.com/apache/cloudstack/blob/master/plugins/network-elements/nicira-nvp/src/com/cloud/api/commands/DeleteNiciraNvpDeviceCmd.java
 AddNuageVspDeviceCmd.java
 https://github.com/apache/cloudstack/blob/master/plugins/network-elements/nuage-vsp/src/com/cloud/api/commands/AddNuageVspDeviceCmd.java
 DeleteNuageVspDeviceCmd.java
 https://github.com/apache/cloudstack/blob/master/plugins/network-elements/nuage-vsp/src/com/cloud/api/commands/DeleteNuageVspDeviceCmd.java
 
 I know that this device information gets added as a host.
 
 Now, we have a requirement to update the device information like device IP
 or Username or password etc. Is it okay to add an update API and then
 update the information in the Host DB table? Or is there anything that
 needs to be taken care when updating the host information in DB.
 
 Is there a reason for not implementing the update command to change the
 device information?
 
 Thanks,
 Suresh

Re: DNS amplification attack to CloudStack VR running dnsmasq

[Jayapal Reddy Uradi]

Please refer the following ticket, It will help 
https://issues.apache.org/jira/browse/CLOUDSTACK-5494


Thanks,
jayapal
On 15-Dec-2014, at 5:52 PM, Andrija Panic andrija.pa...@gmail.com wrote:

 Indra, did you observe this on Shared Network - I had same issue with
 Shared Network (public IPs) in Advanced Zone.
 
 I think VR for VPC is NOT a problem...
 
 On 15 December 2014 at 13:13, Indra Pramana in...@sg.or.id wrote:
 
 Dear all,
 
 We are using CloudStack 4.2.0 with KVM hypervisors.
 
 Is there a way to prevent our virtual routers (VRs) to be targeted by DNS
 amplification attack? It seems that the DNS services on dnsmasq running on
 the VRs are by default recursive, causing it to easily be targeted for DNS
 amplification attack.
 
 Any advice on how to overcome this?
 
 Looking forward to your reply, thank you.
 
 Cheers.
 
 
 
 -- 
 
 Andrija Panić

Re: Potential feature: Firewall comments

[Jayapal Reddy Uradi]

+1

When there are large set of rules, It will be useful. 

Thanks,
Jayapal
On 16-Dec-2014, at 4:17 AM, Logan Barfield lbarfi...@tqhosting.com wrote:

 Currently in the UI and API it can be difficult to tell what exactly a
 particular firewall rule is being used for.  I know that it is currently
 possible to add tags to firewall rules, but that seems suboptimal from an
 ease-of-use standpoint.
 
 Would it be feasible to add a comment or description field for firewall
 rules in advanced zones?  It could be added as an extra DB column, and
 appear in the UI and listFirewallRules API call (unless it's left blank).
 In theory the description/comment could also be added to the IPtables rule
 on the VR.
 
 This could probably also be applied to security groups.
 
 
 Thoughts, comments?

Re: [ANNOUNCE] New committer: Erik Weber (terbolous)

[Jayapal Reddy Uradi]

Congrats Erik!

-Jayapal

On 15-Dec-2014, at 11:15 AM, Srikanteswararao Talluri 
srikanteswararao.tall...@citrix.com wrote:

 Congrats Erik!
 
 ~Talluri
 
 On 15/12/14 10:59 am, Punith S punit...@cloudbyte.com wrote:
 
 congrats Erik :)
 
 On Sun, Dec 14, 2014 at 11:32 PM, Mike Tutkowski 
 mike.tutkow...@solidfire.com wrote:
 
 Congratulations, Erik!
 
 On Sat, Dec 13, 2014 at 9:16 PM, Rajani Karuturi raj...@apache.org
 wrote:
 
 Congratulations Eric :)
 
 
 On Sun, Dec 14, 2014 at 9:01 AM, Todd Pigram t...@toddpigram.com
 wrote:
 
 Congrats!
 
 On Saturday, December 13, 2014, ilya musayev 
 ilya.mailing.li...@gmail.com
 javascript:;
 wrote:
 
 Congrats and welcome!
 On 12/13/14, 12:27 PM, Rohit Yadav wrote:
 
 Congrats Erik!
 
 On 14-Dec-2014, at 1:27 am, Nux! n...@li.nux.ro javascript:;
 wrote:
 
 Gratulerer :-)
 
 Lucian
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 
 From: Pierre-Luc Dion pdion...@apache.org javascript:;
 To: dev@cloudstack.apache.org javascript:;
 Sent: Saturday, 13 December, 2014 17:03:32
 Subject: [ANNOUNCE] New committer: Erik Weber (terbolous)
 The Project Management Committee (PMC) for Apache CloudStack
 has asked Erik Weber to become a committer and we are pleased to
 announce that they have accepted.
 
 Erik is doing a great job on helping the community thru the
 mailing
 list.
 He helped a lot on testing and troubleshooting new releases of
 CloudStack
 as well as contributing to the documentation. Thanks Erik and
 Congrat!
 
 
 Being a committer allows many contributors to contribute more
 autonomously. For developers, it makes it easier to submit
 changes
 and
 eliminates the need to have contributions reviewed via the patch
 submission process. Whether contributions are
 development-related or
 otherwise, it is a recognition of a contributor's participation
 in
 the
 project and commitment to the project and the Apache Way.
 
 Please join me in congratulating Erik
 
 Pierre-Luc
 on behalf of the CloudStack PMC
 
 Regards,
 Rohit Yadav
 Software Architect, ShapeBlue
 M. +91 88 262 30892 | rohit.ya...@shapeblue.com javascript:;
 Blog: bhaisaab.org | Twitter: @_bhaisaab
 
 
 
 Find out more about ShapeBlue and our range of CloudStack related
 services
 
 IaaS Cloud Design  Buildhttp://shapeblue.com/
 iaas-cloud-design-and-build//
 CSForge ­ rapid IaaS deployment framework
 http://shapeblue.com/csforge/
 
 CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/
 CloudStack Software Engineering
 http://shapeblue.com/cloudstack-software-
 engineering/
 CloudStack Infrastructure Supporthttp://shapeblue.com/
 cloudstack-infrastructure-support/
 CloudStack Bootcamp Training Courseshttp://shapeblue.com/
 cloudstack-training/
 
 This email and any attachments to it may be confidential and are
 intended
 solely for the use of the individual to whom it is addressed. Any
 views
 or
 opinions expressed are solely those of the author and do not
 necessarily
 represent those of Shape Blue Ltd or related companies. If you are
 not
 the
 intended recipient of this email, you must neither take any action
 based
 upon its contents, nor copy or show it to anyone. Please contact
 the
 sender
 if you believe you have received this email in error. Shape Blue
 Ltd
 is
 a
 company incorporated in England  Wales. ShapeBlue Services India
 LLP
 is
 a
 company incorporated in India and is operated under license from
 Shape
 Blue
 Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
 in
 Brasil
 and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty
 Ltd
 is
 a company registered by The Republic of South Africa and is traded
 under
 license from Shape Blue Ltd. ShapeBlue is a registered trademark.
 
 
 
 
 
 --
 
 
 Todd Pigram
 http://about.me/ToddPigram
 www.linkedin.com/in/toddpigram/
 @pigram86 on twitter
 https://plus.google.com/+ToddPigram86
 Mobile - 216-224-5769
 
 
 
 --
 Sent from Windows Phone
 
 
 
 --
 *Mike Tutkowski*
 *Senior CloudStack Developer, SolidFire Inc.*
 e: mike.tutkow...@solidfire.com
 o: 303.746.7302
 Advancing the way the world uses the cloud
 http://solidfire.com/solution/overview/?video=play**
 
 
 
 -- 
 regards,
 
 punith s
 cloudbyte.com
 

Re: unable to test Network Throttling.

[Jayapal Reddy Uradi]

Hi Rajashekar,

  i'm unable to test the network bandwidth rate.
Can you please explain what is the issue you are facing while testing.
Is it not working as the value configured ?

Network throttling is for egress traffic. In configuration it is Mbits/s
but in hypervisor it is configured as MBytes/s. 1024 Mb/s is 128MB.

Thanks,
Jayapal



On 10-Dec-2014, at 2:15 PM, Andrija Panic andrija.pa...@gmail.com
 wrote:

 I also examinded KVM thortling, and got 1/4 of the settings cloudstack
 always starts VM with same parameters, no matter what you configure
 manually on KVM/Xen..
 
 On 10 December 2014 at 08:27, raja sekhar rajsekhar@gmail.com wrote:
 
 hi prasanth,
 
 In cloudstack i have given network rate as 1024Mb/s but in xencenter qos
 properties it is showing 25Mb/s for that VM.
 
 Andrija Panic/Prashant if i change the interface property(bandwidth)
 through xencenter or commandline process in
 http://xmodulo.com/how-to-rate-limit-xenserver-vms-network-interfaces.html
 ,
 if i shutdown the VM from cloudstack that VM wil be disabled from
 xencenter, when ever i start the VM, the qos value will be same or it will
 changed to 25Mb/s.
 
 waiting for your reply.
 
 Regards,
 Rajasekhar.
 
 
 On Tue, Dec 9, 2014 at 12:05 AM, Prashant Kumar Mishra 
 prashantkumar.mis...@citrix.com wrote:
 
 From the  xencenter you can check interface property (look for QoS
 settings) for that particular vm .
 
 -Original Message-
 From: Andrija Panic [mailto:andrija.pa...@gmail.com]
 Sent: Tuesday, December 09, 2014 1:30 PM
 To: dev@cloudstack.apache.org
 Cc: us...@cloudstack.apache.org
 Subject: Re: 答复: unable to test Network Throttling.
 
 Recent reply from Vadim:
 
 http://xmodulo.com/how-to-rate-limit-xenserver-vms-network-interfaces.html
 
 On 9 December 2014 at 08:40, raja sekhar rajsekhar@gmail.com
 wrote:
 
 Hi Star,
 
 Thanks for your reply. I'm using XenServer 6.2 and cloudstack 4.3.1.
 how can i check the band width rate of the VM, is there any command
 for xenserver host?
 
 waiting for your reply.
 
 Regards,
 Rajasekhar.
 
 On Mon, Dec 8, 2014 at 10:56 PM, Star Guo st...@ceph.me wrote:
 
 Hi,
 
 There is a priority: the network rate of compute offering  the
 network rate of global configuration.
 If you deploy on kvm host, you can use virsh command to dumpxml of
 the VM and focus on  interface ... /interface.
 
 Best Regards,
 Star Guo
 
 -邮件原件-
 发件人: raja sekhar [mailto:rajsekhar@gmail.com]
 发送时间: 2014年12月9日 14:28
 收件人: dev@cloudstack.apache.org; us...@cloudstack.apache.org
 主题: unable to test Network Throttling.
 
 Hi all,
 
 i have created one compute offering(2 CPU , 4 GB) and given the
 Network Rate as 1024 Mb/s, a VM is deployed from that compute
 offering and in global settings i didn't changed any Network
 Throttling Rate(default 200
 Mb/s) and i'm unable to test the network bandwidth rate.
 
 please suggest me how to test the bandwidth rate of the VM.
 
 
 
 Regards,
 Rajasekhar.
 
 
 
 
 
 
 --
 
 Andrija Panić
 
 
 
 
 
 -- 
 
 Andrija Panić

Re: [jira] [Updated] (CLOUDSTACK-8026) Unable to Create/Delete the Firewall Rule

[Jayapal Reddy Uradi]

Hi,

Resource unreachable here means MS is failed to contact the VR.
1. Host may be not in up state.
2. There is communication failure.
3. Can be ssh key pair issue/mismatch.
4. Last is there is failure in the script execution and script exited with 
error.
   The script execution can be seen in the agent logs in case of xen and kvm.

Please check the above points.

Thanks,
Jayapal

On 05-Dec-2014, at 4:33 PM, Yitao Jiang willier...@gmail.com wrote:

 Seems that the connection between mgmt server and vRouter unavailable. Make
 sure the they can talk to each other .
 BTW, which ACS version r u running and it's system VM template. If you sure
 about the connectiin is OK, try logging into vRouter, check logs what
 happened
 On Dec 5, 2014 1:09 PM, ArunVS (JIRA) j...@apache.org wrote:
 
 
 [
 https://issues.apache.org/jira/browse/CLOUDSTACK-8026?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]
 
 ArunVS updated CLOUDSTACK-8026:
 ---
Description:
 We are unable to create or delete the firewall rule for Virtual Routers.
 
 From the management server logs we observed the below logs,
 
 _
 
 2014-12-04 17:56:40,235 DEBUG [agent.transport.Request]
 (Job-Executor-39:job-5010) Seq 1-1429165745: Received:  { Ans: , MgmtId:
 52234706542, via: 1, Ver: v1, Flags: 0, { SetFirewallRulesAnswer } }
 2014-12-04 17:56:40,235 WARN  [network.firewall.FirewallManagerImpl]
 (Job-Executor-39:job-5010) Failed to apply firewall rules due to
 com.cloud.exception.ResourceUnavailableException: Resource [DataCenter:1]
 is unreachable: Unable to apply firewall rules on router
 at
 com.cloud.network.router.VirtualNetworkApplianceManagerImpl.applyRules(VirtualNetworkApplianceManagerImpl.java:3574)
 at
 com.cloud.network.router.VirtualNetworkApplianceManagerImpl.applyFirewallRules(VirtualNetworkApplianceManagerImpl.java:3430)
 at
 com.cloud.network.element.VirtualRouterElement.applyFWRules(VirtualRouterElement.java:235)
 at
 com.cloud.network.NetworkManagerImpl.applyRules(NetworkManagerImpl.java:4123)
 at
 com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:512)
 at
 com.cloud.network.firewall.FirewallManagerImpl.applyFirewallRules(FirewallManagerImpl.java:581)
 at
 com.cloud.network.firewall.FirewallManagerImpl.revokeFirewallRule(FirewallManagerImpl.java:617)
 at
 com.cloud.event.ActionEventCallback.intercept(ActionEventCallback.java:32)
 at
 com.cloud.network.firewall.FirewallManagerImpl.revokeFirewallRule(FirewallManagerImpl.java:634)
 at
 com.cloud.api.commands.DeleteFirewallRuleCmd.execute(DeleteFirewallRuleCmd.java:91)
 at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:263)
 at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:430)
 at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
 at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
 at java.util.concurrent.FutureTask.run(FutureTask.java:166)
 at
 java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
 at
 java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
 at java.lang.Thread.run(Thread.java:679)
 2014-12-04 17:56:40,250 WARN  [cloud.api.ApiDispatcher]
 (Job-Executor-39:job-5010) class com.cloud.api.ServerApiException : Failed
 to delete firewall rule
 2014-12-04 17:56:40,250 DEBUG [cloud.async.AsyncJobManagerImpl]
 (Job-Executor-39:job-5010) Complete async job-5010, jobStatus: 2,
 resultCode: 530, result: Error Code: 530 Error text: Failed to delete
 firewall rule
 
 __
 
 Note: Target device is in UP status only.
 
 Unable to Create/Delete the Firewall Rule
 -
 
Key: CLOUDSTACK-8026
URL:
 https://issues.apache.org/jira/browse/CLOUDSTACK-8026
Project: CloudStack
 Issue Type: Bug
 Security Level: Public(Anyone can view this level - this is the
 default.)
 Components: Management Server, Virtual Router
   Reporter: ArunVS
 
 We are unable to create or delete the firewall rule for Virtual Routers.
 From the management server logs we observed the below logs,
 _
 2014-12-04 17:56:40,235 DEBUG [agent.transport.Request]
 (Job-Executor-39:job-5010) Seq 1-1429165745: Received:  { Ans: , MgmtId:
 52234706542, via: 1, Ver: v1, Flags: 0, { SetFirewallRulesAnswer } }
 2014-12-04 17:56:40,235 WARN  [network.firewall.FirewallManagerImpl]
 (Job-Executor-39:job-5010) Failed to apply firewall rules due to
 com.cloud.exception.ResourceUnavailableException: Resource
 [DataCenter:1] is unreachable: Unable to apply firewall rules on router
 at
 com.cloud.network.router.VirtualNetworkApplianceManagerImpl.applyRules(VirtualNetworkApplianceManagerImpl.java:3574)
 at
 com.cloud.network.router.VirtualNetworkApplianceManagerImpl.applyFirewallRules(VirtualNetworkApplianceManagerImpl.java:3430)
 at
 

Re: CS SystemVM with with running apache web server

[Jayapal Reddy Uradi]

For VR web server (port 80) is used when user data service is enabled.
For ssvm it used for required for template/iso download.

Thanks,
Jayapal

On 03-Dec-2014, at 6:00 PM, Rafael Weingartner rafaelweingart...@gmail.com 
wrote:

 I was looking at the VR and SSVM.
 
 On Wed, Dec 3, 2014 at 10:27 AM, Andrija Panic andrija.pa...@gmail.com
 wrote:
 
 Console proxy VM use web server I beleive...both 80 and 443
 Not sure about SSVM though...
 
 On 3 December 2014 at 13:23, Rafael Weingartner 
 rafaelweingart...@gmail.com
 wrote:
 
 Hi folks,
 
 I noticed today that CS system VMs have a running apache webserver
 listening ports 80 and 443. I looked at its configs, and it seems to do
 nothing. At least, I could not find anything interesting there. Thus,
 there
 was just a default listening on port 80 and 443, with nothing else.
 
 Is it really needed? Can I shut down those webservers?
 
 --
 Rafael Weingärtner
 
 
 
 
 --
 
 Andrija Panić
 
 
 
 
 -- 
 Rafael Weingärtner

Re: A secure way to reset VMs password

[Jayapal Reddy Uradi]

Another point to note is all the vms in production has to update 
with the new cloud-set-guest-password scripts because of the new password reset 
method.

Thanks,
Jayapal



On 28-Nov-2014, at 2:28 PM, Erik Weber terbol...@gmail.com
 wrote:

 On Thu, Nov 27, 2014 at 3:54 PM, Alireza Eskandari 
 astro.alir...@yahoo.com.invalid wrote:
 
 HiI viewed the bash script that resets Linux password (
 http://download.cloud.com/templates/4.2/bindir/cloud-set-guest-password.in)It
 seems that it doesn't use a secure way for transferring password string to
 instance.Instances on a shared network can sniff password requests and
 export requested password of other instances.I suggest to use SSL (https)
 instead of plan text.Regards
 
 
 I like the idea, but there's a couple of obstacles to overcome, namely
 which SSL certificates to use.
 - certificates need a subject name, ie. IP or hostname for web pages, you
 could solve this by making the mgmt server a CA and have each VR get a
 signed certificate by it, but it's complicated
 - if the community bundle a pre generated certificate it is commonly known
 and not to be trusted, also not sure how to handle subject name
 - assuming everyone to supply a valid certificate is quite complicated (CA
 must be on VR etc), and makes it considerably harder to get a working setup
 - using self signed causes issues with validation
 
 
 Don't get me wrong, I love the idea, but it's not just to flip a switch and
 have (proper) SSL in place.
 
 -- 
 Erik

Re: Review Request 27856: The NET.IPRELEASE events are not added to usage_event on IP range deletion from Physical Networks

[Jayapal Reddy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/27856/#review61416
---

Ship it!


Ship It!

- Jayapal Reddy


On Nov. 11, 2014, 6:15 a.m., Damodar Reddy Talakanti wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/27856/
 ---
 
 (Updated Nov. 11, 2014, 6:15 a.m.)
 
 
 Review request for cloudstack, Jayapal Reddy and Kishan Kavala.
 
 
 Bugs: CLOUDSTACK-7877
 https://issues.apache.org/jira/browse/CLOUDSTACK-7877
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 Once you create a IP range and tie to an account and try to delete the range 
 before allocating any IP it will not stop metering usage even after deletion 
 of the range.
 
 
 Diffs
 -
 
   server/src/com/cloud/configuration/ConfigurationManagerImpl.java 1f71c0f 
 
 Diff: https://reviews.apache.org/r/27856/diff/
 
 
 Testing
 ---
 
 Tested on Xen against the above use case and some other use cases.
 
 
 Thanks,
 
 Damodar Reddy Talakanti
 

Re: Guest IP Reservation

[Jayapal Reddy Uradi]

Hi,

I tried it in my environment (cloudstack 4.5), this issue is not seen.

Here is the output from the router.

root@r-19-QA:~# cat /var/cache/cloud/cmdline 
root=UUID=fa9e76eb-51fd-4435-93e9-77bc9498ff09 ro debian-installer=en_US quiet 
-- quiet console=hvc0 template=domP name=r-19-QA eth2ip=10.147.52.112 
eth2mask=255.255.255.0 gateway=10.147.52.1 eth0ip=10.1.1.1 
eth0mask=255.255.255.0 domain=cs2sandbox.kvm cidrsize=25 dhcprange=10.1.1.1 
eth1ip=169.254.0.148 eth1mask=255.255.0.0 type=router disable_rp_filter=true 
dns1=10.223.240.232 
baremetalnotificationsecuritykey=7etJP5jUoAnrdFkoS0CSQxlvq2czPImMPBRDmwpxY-3NOxHjOCBUsOiW3gItvK7aXj-8HUmB7laezUUpn9SIRw
 
baremetalnotificationapikey=06Mpn82EU3LZcq_dJlHRi6nKWD8xkKieDpnCUwOuwSecUZRDJWQUTNjeJ0SaNq2YJzL0qrNVUtphtBEDv_YVOQ
 host=10.252.192.48 port=8080
root@r-19-QA:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
0.0.0.0 10.147.52.1 0.0.0.0 UG0  00 eth2
10.1.1.00.0.0.0 255.255.255.0   U 0  00 eth0
10.147.52.0 0.0.0.0 255.255.255.0   U 0  00 eth2
169.254.0.0 0.0.0.0 255.255.0.0 U 0  00 eth1
root@r-19-QA:~# 


Thanks,
Jayapal

On 31-Oct-2014, at 12:25 AM, Logan Barfield lbarfi...@tqhosting.com wrote:

 Just trying to clear something up before I submit a bug report:
 
 When using IP reservation in an isolated network it looks like the virtual
 router is getting the wrong netmask.
 
 For example:
 - Network CIDR: 10.1.1.0/24
 - Guest CIDR: 10.1.1.0/25
 - Reserved IP Range: 10.1.1.127-10.1.1.254
 - Virtual Router IP: 10.1.1.1
 
 With this configuration, the Virtual Router gets get following
 netmask/routing:
 
 eth0  Link encap:Ethernet  HWaddr 02:00:55:eb:00:03
  inet addr:10.1.1.1  Bcast:10.1.1.127  Mask:255.255.255.128
 
 Destination Gateway Genmask Flags Metric RefUse
 Iface
 0.0.0.0 162.223.12.129  0.0.0.0 UG0  00 eth2
 10.1.1.00.0.0.0 255.255.255.128 U 0  00 eth0
 162.223.12.128  0.0.0.0 255.255.255.128 U 0  00 eth2
 169.254.0.0 0.0.0.0 255.255.0.0 U 0  00 eth1
 
 This means that any server or VM configured in the reserved IP range cannot
 ping the VR or use it for routing.  They also will not be able to contact
 VMs deployed by CloudStack because there is no routing available, and the
 CloudStack VMs inherit the /25 netmask from the VR.
 
 To resolve this I think the following changes would be required:
 
 Right now it seems that the /etc/init.d/postinit script configures the VR
 interfaces using the details in '/var/cache/cloud/cmdline':
 
 # cat /var/cache/cloud/cmdline
 template=domP name=r-236-VM eth2ip=162.223.12.140 eth2mask=255.255.255.128
 gateway=162.223.12.129 eth0ip=10.1.1.1 eth0mask=255.255.255.128 domain=
 cs2dv.tqcloud.net cidrsize=25 dhcprange=10.1.1.1 eth1ip=169.254.2.4
 eth1mask=255.255.0.0 type=router disable_rp_filter=true dns1=8.8.8.8
 dns2=8.8.4.4 useextdns=true
 
 I believe whatever is generating the data in '/var/cache/cloud/cmdline'
 should be changed.  It should pull the 'eth0mask' from the 'Network CIDR'
 instead of the 'Guest CIDR'.  This will allow for routing and communication
 between CloudStack VMs, and hosts on the reserved portion of the network.
 
 The remaining issue is ensuring the VR doesn't issue IPs from the reserved
 range.  I don't think this is a problem anyway since CloudStack seems to
 manually set up the static DHCP reservations (with /etc/dhcphosts.txt), but
 the following change could still be made:
 
 - Instead of using the VR IP in the dhcp-range (ex:
 dhcp-range=10.1.1.1,static), it could be set as the inverse of the reserved
 network (ex: dhcp-range=10.1.1.2,10.1.1.126,255.255.255.0,infinite).  I
 believe the dhcp-range is also pulled from '/var/cache/cloud/cmdline'.
 
 
 Am I misunderstanding how this feature is supposed to work, or should I go
 ahead and create a bug report for this?
 
 
 Thank You,
 
 Logan Barfield
 Tranquil Hosting

Re: UI: where has Acquire new IP button disappeared?

[Jayapal Reddy Uradi]

Please check similar bug fix
https://issues.apache.org/jira/browse/CLOUDSTACK-6590

-Jayapal

On 27-Oct-2014, at 3:40 PM, Gabor Apati-Nagy gabor.apati-n...@citrix.com
 wrote:

 I mean gridview is the table that the page displays. This has a row with the 
 IP Address, that should display the button, but I see it is not there... 
 Let me look into this later.
 
 Thanks
 Gabor
 
 -Original Message-
 From: Nux! [mailto:n...@li.nux.ro] 
 Sent: 24 October 2014 16:42
 To: dev@cloudstack.apache.org
 Subject: Re: UI: where has Acquire new IP button disappeared?
 
 Hello,
 
 This might sound stupid, but what is this gridview you are talking of?
 This is what I am seeing http://imgur.com/9fl6ERD
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 From: Gabor Apati-Nagy gabor.apati-n...@citrix.com
 To: dev@cloudstack.apache.org
 Sent: Friday, 24 October, 2014 14:26:40
 Subject: RE: UI: where has Acquire new IP button disappeared?
 
 Hi Lucian,
 
 The View secondary IP button should be displayed next to the IP 
 Address in the gridview. Clicking on that this page should display the 
 Acquire new secondary IP button. I have tested this in master and we 
 seem to have the same code in 4.4.
 Could you double check this? It could be confusing that the first 
 button is not in the heading, but is located in the grid.
 
 Cheers,
 Gabor
 
 
 -Original Message-
 From: Nux! [mailto:n...@li.nux.ro]
 Sent: 24 October 2014 09:44
 To: dev@cloudstack.apache.org
 Subject: Re: UI: where has Acquire new IP button disappeared?
 
 Opened https://issues.apache.org/jira/browse/CLOUDSTACK-7782 for this.
 
 Anyone knows who we can bug for a fix?
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 From: Nux! n...@li.nux.ro
 To: dev@cloudstack.apache.org
 Sent: Friday, 24 October, 2014 00:32:55
 Subject: UI: where has Acquire new IP button disappeared?
 
 Hi,
 
 Only now I notice that the option in the NIC tab of a VM
 (Basic/Adv+SG) no longer has the Acquire secondary button, nor does 
 it list the Secondary IPs.
 I can set and see the extra IPs in cloudmonkey though if I run:
 
 add iptonic nicid=XXX
 list nics nicid=XXX virtualmachineid=XXX
 
 
 This is not OK ... alas I notice it too late. Promise to test more next 
 release.
 
 Any way I can get that back? I have people using the UI who rely on 
 this feature.
 
 Lucian
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro

Re: 431 to 441, VR upgrade fails with VR config: execution failed: /opt/cloud/bin/createipAlias.sh

[Jayapal Reddy Uradi]

Hi Nux,

The problem is not from the template.
The file in the systemvm.iso has correct file name.
VR config feature is referred it as incorrect.

Thanks,
Jayapal
On 22-Oct-2014, at 5:18 PM, Nux! n...@li.nux.ro wrote:

 Daan,
 
 It may be old, but I don't see the problem with the 4.3.0 sysvm tmpl (that I 
 am still using, even with 4.3.1).
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 From: Daan Hoogland daan.hoogl...@gmail.com
 To: dev dev@cloudstack.apache.org
 Sent: Wednesday, 22 October, 2014 11:40:09
 Subject: Re: 431 to 441, VR upgrade fails with VR config: execution failed: 
 /opt/cloud/bin/createipAlias.sh
 
 Just checked,
 
 It is fixed in 4.5 but wasn't backported into 4.4. It is old code and
 the problem is in 4.3 as well.
 
 On Wed, Oct 22, 2014 at 9:39 AM, Nux! n...@li.nux.ro wrote:
 Jayapal,
 
 Thanks, but why are we releasing a faulty systemvm template? Can't we 
 upload a
 new one without the typo?
 
 Lucian
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 - Original Message -
 From: Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
 To: dev@cloudstack.apache.org dev@cloudstack.apache.org
 Sent: Wednesday, 22 October, 2014 05:52:14
 Subject: Re: 431 to 441, VR upgrade fails with VR config: execution failed:
 /opt/cloud/bin/createipAlias.sh
 
 Hi Nux,
 
 There is spelling mistake 'i' instead of 'I' in the file name 
 'createipAlias.sh'
 
 Work around is in VR change createIpAlias.sh - createipAlias.sh
 Observe the MS log once the VR entered into Running state stop the MS so 
 that VR
 won't be destroyed.
 Now go to VR and change the file name.
 
 This issue got fixed in 4.5 CLOUDSTACK-7246
 
 Thanks,
 Jayapal
 On 22-Oct-2014, at 6:03 AM, Nux! n...@li.nux.ro wrote:
 
 Hi,
 
 I almost upgraded from 4.3.1 to 4.4.1, everything went smoothly except 
 the VR
 upgrade (the other sysvms are fine). It will not upgrade, even if I 
 delete it
 and create another, same story:
 
 On the agent I see:
 
 2014-10-22 01:17:17,857 DEBUG [kvm.resource.LibvirtComputingResource]
 (agentRequest-Handler-5:null) Executing:
 /usr/share/cloudstack-common/scripts/network/domr/router_proxy.sh 
 vr_cfg.sh
 169.254.1.228 -c 
 /var/cache/cloud/VR-5109f323-dc37-4af2-b75d-41dd65acbf93.cfg
 2014-10-22 01:17:17,934 DEBUG [kvm.resource.LibvirtComputingResource]
 (agentRequest-Handler-5:null) Exit value is 1
 2014-10-22 01:17:17,934 DEBUG [kvm.resource.LibvirtComputingResource]
 (agentRequest-Handler-5:null) VR config: execution failed:
 /opt/cloud/bin/createipAlias.sh
 289:10.13.208.78:255.255.255.248-224:10.187.71.194:255.255.255.192-, 
 check
 /var/log/cloud.log in VR for details
 
 But the VR is being destroyed and I cannot investigate the 
 /var/log/cloud.log
 ...
 
 
 On the management log:
 
 Unable to start instance due to Unable to start VM[DomainRouter|r-443-VM] 
 due to
 error in finalizeStart, not retrying
 more here http://pastebin.com/raw.php?i=fY7v8Sak
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 http://secure-web.cisco.com/1QTvqoF2kC8J2AVldxqw_eHOGu2lEYYQPIXQRv2AfAxFtBJkyYcGU9BExyL8RBhIRG7P2ubiMb3y4pE3uGE1bqL5YsDZRudJJY4-06h0_ISiM0scnTIC5qgQLx3NI9chTB64l33iEIMZFcsu49mvxV7PadSYmEtNCre8_xzMds-I/http%3A%2F%2Fwww.nux.ro
 
 
 
 --
 Daan

Re: 431 to 441, VR upgrade fails with VR config: execution failed: /opt/cloud/bin/createipAlias.sh

[Jayapal Reddy Uradi]

Hi Nux,

There is spelling mistake 'i' instead of 'I' in the file name 'createipAlias.sh'

Work around is in VR change createIpAlias.sh - createipAlias.sh
Observe the MS log once the VR entered into Running state stop the MS so that 
VR won't be destroyed.
Now go to VR and change the file name.

This issue got fixed in 4.5 CLOUDSTACK-7246

Thanks,
Jayapal
On 22-Oct-2014, at 6:03 AM, Nux! n...@li.nux.ro wrote:

 Hi,
 
 I almost upgraded from 4.3.1 to 4.4.1, everything went smoothly except the VR 
 upgrade (the other sysvms are fine). It will not upgrade, even if I delete it 
 and create another, same story:
 
 On the agent I see:
 
 2014-10-22 01:17:17,857 DEBUG [kvm.resource.LibvirtComputingResource] 
 (agentRequest-Handler-5:null) Executing: 
 /usr/share/cloudstack-common/scripts/network/domr/router_proxy.sh vr_cfg.sh 
 169.254.1.228 -c /var/cache/cloud/VR-5109f323-dc37-4af2-b75d-41dd65acbf93.cfg 
 2014-10-22 01:17:17,934 DEBUG [kvm.resource.LibvirtComputingResource] 
 (agentRequest-Handler-5:null) Exit value is 1
 2014-10-22 01:17:17,934 DEBUG [kvm.resource.LibvirtComputingResource] 
 (agentRequest-Handler-5:null) VR config: execution failed: 
 /opt/cloud/bin/createipAlias.sh 
 289:10.13.208.78:255.255.255.248-224:10.187.71.194:255.255.255.192-, check 
 /var/log/cloud.log in VR for details 
 
 But the VR is being destroyed and I cannot investigate the /var/log/cloud.log 
 ...
 
 
 On the management log:
 
 Unable to start instance due to Unable to start VM[DomainRouter|r-443-VM] due 
 to error in finalizeStart, not retrying
 more here http://pastebin.com/raw.php?i=fY7v8Sak
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 http://secure-web.cisco.com/1QTvqoF2kC8J2AVldxqw_eHOGu2lEYYQPIXQRv2AfAxFtBJkyYcGU9BExyL8RBhIRG7P2ubiMb3y4pE3uGE1bqL5YsDZRudJJY4-06h0_ISiM0scnTIC5qgQLx3NI9chTB64l33iEIMZFcsu49mvxV7PadSYmEtNCre8_xzMds-I/http%3A%2F%2Fwww.nux.ro
 

Re: [ANNOUNCE] New PMC Member: Rajani Karuturi

[Jayapal Reddy Uradi]

Congrats Rajani!

On 17-Oct-2014, at 3:51 PM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:

 The Project Management Committee (PMC) for Apache CloudStack are pleased to
 announce that Rajani Karuturi has accepted our invitation to join the PMC.
 
 Please join me in congratulating her.
 
 On behalf of the Apache CloudStack PMC
 -- 
 Daan

Re: Review Request 23837: CLOUDSTACK-7087: Downgrade openswan to previous version for VPN services to fix OSX client

[Jayapal Reddy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/23837/#review55641
---

Ship it!


Ship It!

- Jayapal Reddy


On Oct. 7, 2014, 9:41 a.m., Harikrishna Patnala wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/23837/
 ---
 
 (Updated Oct. 7, 2014, 9:41 a.m.)
 
 
 Review request for cloudstack, Jayapal Reddy and Kishan Kavala.
 
 
 Bugs: CLOUDSTACK-7087
 https://issues.apache.org/jira/browse/CLOUDSTACK-7087
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 CLOUDSTACK-7087: Downgrade openswan to previous version for VPN services to 
 fix OSX client
 Downgrading openswan version to 1:2.6.37-3
 
 
 Diffs
 -
 
   tools/appliance/definitions/systemvmtemplate/postinstall.sh 51006c9 
   tools/appliance/definitions/systemvmtemplate64/postinstall.sh 515348c 
 
 Diff: https://reviews.apache.org/r/23837/diff/
 
 
 Testing
 ---
 
 
 Thanks,
 
 Harikrishna Patnala
 

Re: Doubt - Secondary IP

[Jayapal Reddy Uradi]

Hi Gaurav,

You are right.
When vm is destroyed you need to configure ip manually on VM again.


Thanks,
Jayapal

On 01-Oct-2014, at 12:58 PM, Gaurav Aradhye gaurav.arad...@clogeny.com wrote:

 Hi,
 
 I want to confirm the secondary IP behavior. Secondary IP is configured 
 manually on  VM. When Vm is destroyed and recovered immediately, the 
 information about secondary IP is lost and only primary IP is retained.
 
 Is this behavior correct?
 
 Regards,
 Gaurav

Re: how to add new data table to DB

[Jayapal Reddy Uradi]

You need to add you create table entries in schema-440to441.sql.

If you do not want to redeploy (without using cloudstack-setup-databases) you 
can go to mysql prompt, use cloud db and create table.
After creating table restart the MS will work.

Thanks,
Jayapal

On 29-Sep-2014, at 9:37 AM, Abhinandan Prateek agneya2...@gmail.com wrote:

 You still need to write Sql for creating new db table in MySQL db.
 
 -abhi
 
 On 29-Sep-2014, at 6:41 am, Kuang-Ching Wang kuangching.w...@gmail.com 
 wrote:
 
 Hi,
 
 I need to create a new table to store data in the cloudstack DB.  I followed 
 existing examples to:
 - add a new VO class, with @Entity and @Table(name = “new_table_name)
 - add a new Dao interface
 - add a new DaoImpl class for the interface
 - update spring context (of my network plugin) with a new bean id for the 
 new DaoImpl class
 
 I was expecting with the change and a reinstall of my cloudstack-management 
 service (even doing cloudstack-setup-databases again), a new table would be 
 created.  However, this is not happening.
 
 Is there some step I missed?
 
 Thanks,
 KC

Re: Inter-network Communication

[Jayapal Reddy Uradi]

Hi Pradeep,

In cloudstack create network and launch vm in that to create router.
To communicate between the networks depends on the network type in cloudstack.

If you want multiple networks with single router use VPC networks/tiers and 
configure ACL between them.

Isolated networks will one router per each network. If vm want to communicate 
to other network
it can be done by  adding nic in that network or Create nat,firewall rules to 
reach vms in other network.

Thanks,
Jayapal

On 17-Sep-2014, at 4:40 PM, Pradeep Cloudstack 
pradeepcloudst...@yahoo.com.INVALID
 wrote:

 In OpenStack, there is a workflow wherein user can create multiple networks, 
 then create a router
 and attach to it some of the previously created networks to enable 
 inter-network communication.
 
 What is the equivalent workflow in Cloudstack ?
 
 -Pradeep

Re: VRouter sets the same public IP on 2 interfaces

[Jayapal Reddy Uradi]

Hi Nux,

Can you please check /var/cache/cloud/cmdline for interfaces info.
If that is correct then as part of acquired public ip configuration 
the extra nic might have created, check that also.

Thanks,
Jayapal
On 19-Aug-2014, at 11:55 PM, Nux! n...@li.nux.ro wrote:

 Thanks Erik, that's close, but not quite it. I do not have the vlan issue in 
 my deployment. 
 Wish it was the case. :-)
 
 Lucian
 
 --
 Sent from the Delta quadrant using Borg technology!
 
 Nux!
 www.nux.ro
 
 
 - Original Message -
 From: Erik Weber terbol...@gmail.com
 To: dev dev@cloudstack.apache.org
 Sent: Tuesday, 19 August, 2014 6:14:31 PM
 Subject: Re: VRouter sets the same public IP on 2 interfaces
 
 On Tue, Aug 19, 2014 at 1:12 PM, Nux! n...@li.nux.ro wrote:
 
 Hi,
 
 I have 4 networks defined (public, guest, storage and mgmt). It looks like
 the VR sets up two internal NIcs (eth2 and eth3) for connecting to the
 public network. It also sets the same IP address on them.
 Egress = Allow is also ignored and my VMs can't reach anything.
 
 Has anyone seen this before? I'm on 4.3
 
 Thanks
 
 
 You could be seeing this:
 https://issues.apache.org/jira/browse/CLOUDSTACK-6464
 
 --
 Erik
 

Re: Review Request 24306: Review request for CLOUDSTACK-2694 - [Firewall Rule] Able to configure duplicate firewall rule with protocol and no ports

[Jayapal Reddy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/24306/#review49593
---

Ship it!


Ship It!

- Jayapal Reddy


On Aug. 5, 2014, 10 a.m., Namita Chaudhari wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/24306/
 ---
 
 (Updated Aug. 5, 2014, 10 a.m.)
 
 
 Review request for cloudstack and Jayapal Reddy.
 
 
 Bugs: CLOUDSTACK-2694 and 
 https://issues.apache.org/jira/browse/CLOUDSTACK-2694
 https://issues.apache.org/jira/browse/CLOUDSTACK-2694
 
 https://issues.apache.org/jira/browse/https://issues.apache.org/jira/browse/CLOUDSTACK-2694
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 CLOUDSTACK-2694 - [Firewall Rule] Able to configure duplicate firewall rule 
 with protocol and no ports 
 
 When a duplicate firewall rule is created with same cidr, protocol and no 
 ports, an error popup appears for duplicate firewall rule.
 
 
 Diffs
 -
 
   server/src/com/cloud/network/firewall/FirewallManagerImpl.java dd928d8 
 
 Diff: https://reviews.apache.org/r/24306/diff/
 
 
 Testing
 ---
 
 Testing done based on the test cases updated in the bug.
 
 
 Thanks,
 
 Namita Chaudhari
 

Re: Review Request 24306: Review request for CLOUDSTACK-2694 - [Firewall Rule] Able to configure duplicate firewall rule with protocol and no ports

[Jayapal Reddy Uradi]

Hi Namita,

The patch is applied on master.
Please close the review ticket.

Thanks,
Jayapal
On 05-Aug-2014, at 5:57 PM, Jayapal Reddy 
jayapalreddy.ur...@citrix.commailto:jayapalreddy.ur...@citrix.com
 wrote:

This is an automatically generated e-mail. To reply, visit: 
https://reviews.apache.org/r/24306/


Ship it!

Ship It!


- Jayapal Reddy


On August 5th, 2014, 10 a.m. UTC, Namita Chaudhari wrote:

Review request for cloudstack and Jayapal Reddy.
By Namita Chaudhari.

Updated Aug. 5, 2014, 10 a.m.

Bugs: CLOUDSTACK-2694https://issues.apache.org/jira/browse/CLOUDSTACK-2694, 
https://issues.apache.org/jira/browse/CLOUDSTACK-2694https://issues.apache.org/jira/browse/https://issues.apache.org/jira/browse/CLOUDSTACK-2694
Repository: cloudstack-git
Description

CLOUDSTACK-2694 - [Firewall Rule] Able to configure duplicate firewall rule 
with protocol and no ports

When a duplicate firewall rule is created with same cidr, protocol and no 
ports, an error popup appears for duplicate firewall rule.



Testing

Testing done based on the test cases updated in the bug.


Diffs

  *   server/src/com/cloud/network/firewall/FirewallManagerImpl.java (dd928d8)

View Diffhttps://reviews.apache.org/r/24306/diff/

Re: [ANNOUNCE] New PMC Member: Mark Hinkle

[Jayapal Reddy Uradi]

Congrats Mark!

On 04-Jul-2014, at 3:58 PM, Abhinandan Prateek abhinandan.prat...@citrix.com 
wrote:

 Congrats Mark !
 
 On 04/07/14 2:41 pm, Koushik Das koushik@citrix.com wrote:
 
 Congrats Mark!
 
 -Original Message-
 From: John Burwell [mailto:jburw...@basho.com]
 Sent: Thursday, 3 July 2014 11:21 PM
 To: dev@cloudstack.apache.org
 Cc: market...@cloudstack.apache.org
 Subject: [ANNOUNCE] New PMC Member: Mark Hinkle
 
 The Project Management Committee (PMC) for Apache CloudStack has asked
 Mark Hinkle to join the PMC and we are pleased to announce that he has
 accepted. 
 
 Join me in congratulating Mark!
 
 
 -The CloudStack PMC
 

Re: [ANNOUNCE] Will Stevens as committer

[Jayapal Reddy Uradi]

Congrats Will!

On 04-Jul-2014, at 2:13 AM, sebgoa run...@gmail.com wrote:

 The Project Management Committee (PMC) for Apache CloudStack has
 asked Will Stevens to become a committer and we are pleased to announce
 that he has accepted.
 
 Being a committer allows many contributors to contribute more autonomously. 
 For
 developers, it makes it easier to submit changes and eliminates the need to
 have contributions reviewed via the patch submission process. Whether
 contributions are development-related or otherwise, it is a recognition of a
 contributor's participation in the project and commitment to the project and
 the Apache Way.
 
 Please join me in congratulating Will!
 
 PS: Good job on the Palo Alto feature and the documentation, keep it up :)
 
 -Sebastien
 For the CloudStack PMC

Re: Host in Alert state after upgrade

[Jayapal Reddy Uradi]

Hi Carlos,

For the xen 5.6, 6.0 and 6.0.2 CSP packages are available.
http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html/Installation_Guide/citrix-xenserver-installation.html#xenserver-support-pkg-installation
For xenserver 6.2, I think CSP comes by default.

After installing CSP, If you insert ipset modules manually, Is it not working ?
After installing CSP, did you try restarting host ?

Thanks,
Jayapal
 

On 03-Jul-2014, at 6:41 AM, Carlos Reategui car...@reategui.com wrote:

 anybody?  I restarted my XS hosts with the fallback kernel and I was able
 to proceed with the upgrade.  Servers are now out of alert state.
 
 This seems like an issue that needs to be addressed in the docs.  How does
 one go about getting the ipset-modules for the updated XenServer kernels?
 
 
 On Tue, Jul 1, 2014 at 10:50 AM, Carlos Reategui car...@reategui.com
 wrote:
 
 So upset is part of the CSP.  I tried re-installing it but the kernel
 modules are not there for my current kernel version.
 
 Here are the contents of the CSP:
 
 mount -o loop xenserver-cloud-supp.iso /mnt/tmp
 # ll /mnt/tmp/
 total 1437
 -r--r--r-- 1 root root  31340 Jan 24  2012 arptables-0.0.3-4.i686.rpm
 -r--r--r-- 1 root root   3506 Jan 24  2012 csp-pack-6.0.2-53069p.noarch.rpm
 -r--r--r-- 1 root root  98961 Jan 24  2012
 ebtables-2.0.9-1.el5.1.xs.i386.rpm
 -r-xr-xr-x 1 root root   7163 Jan 24  2012 install.sh
 -r--r--r-- 1 root root  46791 Jan 24  2012 ipset-4.5-1.xs32.i686.rpm
 *-r--r--r-- 1 root root  47895 Jan 24  2012
 ipset-modules-kdump-2.6.32.12-0.7.1.xs6.0.2.542.170665-4.5-1.xs32.i686.rpm*
 *-r--r--r-- 1 root root  48020 Jan 24  2012
 ipset-modules-xen-2.6.32.12-0.7.1.xs6.0.2.542.170665-4.5-1.xs32.i686.rpm*
 -r--r--r-- 1 root root 247133 Jan 24  2012
 iptables-1.3.5-5.3.el5_4.1.1.xs32.i386.rpm
 -r--r--r-- 1 root root 719799 Jan 24  2012
 iptables-debuginfo-1.3.5-5.3.el5_4.1.1.xs32.i386.rpm
 -r--r--r-- 1 root root  49657 Jan 24  2012
 iptables-devel-1.3.5-5.3.el5_4.1.1.xs32.i386.rpm
 -r--r--r-- 1 root root 166044 Jan 24  2012
 iptables-ipv6-1.3.5-5.3.el5_4.1.1.xs32.i386.rpm
 -r--r--r-- 1 root root   1600 Jan 24  2012 XS-PACKAGES
 -r--r--r-- 1 root root262 Jan 24  2012 XS-REPOSITORY
 
 How do I go about getting the required kernel modules for:
 # uname -a
 Linux srvengxen02 2.6.32.12-0.7.1.xs6.0.2.611.170703xen #1 SMP Mon Oct 21
 11:21:50 EDT 2013 i686 i686 i386 GNU/Linux
 
 How is this supposed to be handled in general when one applies XenServer
 kernel patches?
 
 thanks,
 Carlos
 
 
 
 On Tue, Jul 1, 2014 at 10:12 AM, Carlos Reategui car...@reategui.com
 wrote:
 
 Looking around for the ipset kernel module, I found it in an older
 version of the kernel:
 
 # uname -a
 Linux srvengxen02 2.6.32.12-0.7.1.xs6.0.2.611.170703xen #1 SMP Mon Oct 21
 11:21:50 EDT 2013 i686 i686 i386 GNU/Linux
 # find /lib/modules/ -name ip_set.ko
 /lib/modules/2.6.32.12-0.7.1.xs6.0.2.542.170665xen/extra/ipset/ip_set.ko
 /lib/modules/2.6.32.12-0.7.1.xs6.0.2.542.170665kdump/extra/ipset/ip_set.ko
 
 So where does ip_set come from?  Is that part of the CSP should I
 re-install it?
 
 thanks,
 Carlos
 
 
 
 On Tue, Jul 1, 2014 at 9:25 AM, Carlos Reategui create...@gmail.com
 wrote:
 
 Starting a new thread...
 
 Environment: Ubuntu 12.04 + XenServer 6.0.2, Upgrading Cloudstack 4.1.1
 --- 4.4 (deb packages built from source).
 
 If I attempt a force reconnect from UI it errors out.
 
 I found the following on one of the hosts in the SMLog:
 
 [760] 2014-07-01 09:18:40.980234['/bin/bash',
 '/opt/cloud/bin/setupxenserver.sh']
 [760] 2014-07-01 09:18:41.023377SUCCESS
 [785] 2014-07-01 09:18:41.251005['ebtables', '-V']
 [785] 2014-07-01 09:18:41.268054SUCCESS
 [785] 2014-07-01 09:18:41.268250['ipset', '-V']
 [785] 2014-07-01 09:18:41.311253FAILED: (rc 1) stdout: 'ipset
 v4.5, protocol version 4.
 ', stderr: 'FATAL: Module ip_set not found.
 ipset v4.5: Couldn't verify kernel module version!
 '
 
 Any ideas how to fix this?
 
 thanks,
 Carlos
 
 
 
 
 

[ACS 4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

Please cherry-pick the following commits to 4.4

commit e336796cd5eae39bf7755d981426160a15bc6e9f
CLOUDSTACK-7028: Fixed adding route for additional public nic on fail over

commit a69c1ee31d233d4a6f77d68fd70b9cfe3c85f89b
CLOUDSTACK-7027: Removing left over static nat rule

Thanks,
Jayapal

[ACS-4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

Can you please cherry pick the below commit to 4.4

commit 004d616322ba55d83407545f5b10c95ce48f75b5
CLOUDSTACK-6997: Increase proc ip_conntrack_max

Thanks,
Jayapal

Re: [ANNOUNCE] Santhosh Edukulla as a committer...

[Jayapal Reddy Uradi]

Congrats Santhosh!

-Jayapal

On 30-Jun-2014, at 10:10 PM, Alena Prokharchyk alena.prokharc...@citrix.com 
wrote:

 Congratulations, Santhosh!
 
 -Alena. 
 
 On 6/30/14, 9:25 AM, Alex Huang alex.hu...@citrix.com wrote:
 
 Hi All,
 
 The Project Management Committee (PMC) for Apache CloudStack has asked
 Santhosh Edukulla to become a committer and we are pleased to announce
 that he has accepted.
 
 Being a committer allows many contributors to contribute more
 autonomously. For developers, it makes it easier to submit changes and
 eliminates the need to have contributions reviewed via the patch
 submission process. Whether contributions are development-related or
 otherwise, it is a recognition of a contributor's participation in the
 project and commitment to the project and the Apache Way.
 
 Please join me in congratulating Santhosh!
 
 --Alex, on behalf of the CloudStack PMC
 

Re: Review Request 21773: sysctl improvements regarding nf_conntrack_max, panic and nonlocal_bind

[Jayapal Reddy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/21773/#review46616
---


But in debian wheezy sysctl.conf is not got loaded on boot time.
There is bug https://bugs.launchpad.net/ubuntu/+source/procps/+bug/50093

- Jayapal Reddy


On May 26, 2014, 2:34 p.m., Joris van Lieshout wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/21773/
 ---
 
 (Updated May 26, 2014, 2:34 p.m.)
 
 
 Review request for cloudstack, Chiradeep Vittal, daan Hoogland, edison su, 
 Hugo Trippaers, and Sheng Yang.
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 net.ipv4.ip_nonlocal_bind = 1
 For smooth transition on redundant routers in case of a failover
 
 kernel.panic = 10
 kernel.panic_on_oops = 1
 vm.panic_on_oom = 1
 This way, if the instance oops/ooms, it dies in a way that ACS sees it and 
 can act on it
 
 net.nf_conntrack_max = 100
 net.netfilter.nf_conntrack_max = 100
 also up the limit of nf_conntrack for more performance
 
 
 Diffs
 -
 
   systemvm/patches/debian/config/etc/sysctl.conf 586d5bd 
 
 Diff: https://reviews.apache.org/r/21773/diff/
 
 
 Testing
 ---
 
 we are running these settings in our beta and prod env for months allready, 
 with good results.
 
 
 Thanks,
 
 Joris van Lieshout
 

[ACS-4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

Please cherry pick the following commit to 4.4
a195e50ae7da4b4392844e2984823c1331ca1396

Thanks,
Jayapal

[ACS 4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

Please cherry pick the following commit to 4.4

commit 2214bd2502a34ee8e671eb6b4efe8cd26e29ac5a
CLOUDSTACK-6922: Updated events for firewall ingress and egress


Thanks,
Jayapal

[ACS 4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

Please cherry pick the following commit into 4.4

commit b0d726a872e2859a56ee677c15079cc3a59ab894
CLOUDSTACK-6923: updated listLBStickinessPolicies API to list using stickiness 
policy id


Thanks,
Jayapal

Review Request 22679: Updated events for firewall ingress and egress API

[Jayapal Reddy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/22679/
---

Review request for cloudstack and daan Hoogland.


Bugs: CLOUDSTACK-6922
https://issues.apache.org/jira/browse/CLOUDSTACK-6922


Repository: cloudstack-git


Description
---

Resolved review conflicts for CLOUDSTACK-6922


Diffs
-

  api/src/com/cloud/event/EventTypes.java 5c20dbf 
  api/src/com/cloud/network/firewall/FirewallService.java 5ab7891 
  
api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
 579cccb 
  
api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
 b09d3a7 
  
api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
 4d22772 
  
api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
 66dcc03 
  
api/src/org/apache/cloudstack/api/command/user/firewall/UpdateEgressFirewallRuleCmd.java
 0795396 
  
api/src/org/apache/cloudstack/api/command/user/firewall/UpdateFirewallRuleCmd.java
 f684371 
  server/src/com/cloud/network/firewall/FirewallManagerImpl.java 4f853b3 
  server/test/com/cloud/network/MockFirewallManagerImpl.java 3c02613 

Diff: https://reviews.apache.org/r/22679/diff/


Testing
---

Tested on 4.4-forward


Thanks,

Jayapal Reddy

Re: [ACS 4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

Resolved the conflicts and uploaded patch in review board.
https://reviews.apache.org/r/22679/

Thanks,
Jayapal

On 17-Jun-2014, at 4:52 PM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:

 On Tue, Jun 17, 2014 at 8:41 AM, Jayapal Reddy Uradi
 jayapalreddy.ur...@citrix.com wrote:
 2214bd2502a34ee8e671eb6b4efe8cd26e29ac5a
 
 
 I had conflicts. Can you have a look near line 550? I resolved by
 changing IpAddress to PublicIpAddress.
 
 regards
 -- 
 Daan

Re: [ACS 4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

The conflicts resolved looks fine.
You can ignore my patch.

Thanks,
Jayapal

On 17-Jun-2014, at 5:50 PM, Daan Hoogland daan.hoogl...@gmail.com wrote:

 I don't think I was clear. I don't need a new patch. I did resolve the
 conflict. I need you to check if I did the right thing in branch 4.4
 in EventTypes near line 550
 
 your new patch doesn't apply to 4.4 or 4.4-forward
 
 git am -s 
 ~/Downloads/0001-CLOUDSTACK-6922-Updated-events-for-firewall-ingress-.patch
 Applying: CLOUDSTACK-6922: Updated events for firewall ingress and egress
 error: patch failed: api/src/com/cloud/event/EventTypes.java:126
 error: api/src/com/cloud/event/EventTypes.java: patch does not apply
 error: patch failed: 
 api/src/com/cloud/network/firewall/FirewallService.java:40
 error: api/src/com/cloud/network/firewall/FirewallService.java: patch
 does not apply
 error: patch failed:
 api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java:154
 error: 
 api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java:
 patch does not apply
 error: patch failed:
 api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java:134
 error: 
 api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java:
 patch does not apply
 error: patch failed:
 api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java:74
 error: 
 api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java:
 patch does not apply
 error: patch failed:
 api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java:96
 error: 
 api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java:
 patch does not apply
 error: patch failed:
 api/src/org/apache/cloudstack/api/command/user/firewall/UpdateEgressFirewallRuleCmd.java:78
 error: 
 api/src/org/apache/cloudstack/api/command/user/firewall/UpdateEgressFirewallRuleCmd.java:
 patch does not apply
 error: patch failed:
 api/src/org/apache/cloudstack/api/command/user/firewall/UpdateFirewallRuleCmd.java:79
 error: 
 api/src/org/apache/cloudstack/api/command/user/firewall/UpdateFirewallRuleCmd.java:
 patch does not apply
 error: patch failed:
 server/src/com/cloud/network/firewall/FirewallManagerImpl.java:161
 error: server/src/com/cloud/network/firewall/FirewallManagerImpl.java:
 patch does not apply
 error: patch failed:
 server/test/com/cloud/network/MockFirewallManagerImpl.java:70
 error: server/test/com/cloud/network/MockFirewallManagerImpl.java:
 patch does not apply
 Patch failed at 0001 CLOUDSTACK-6922: Updated events for firewall
 ingress and egress
 
 On Tue, Jun 17, 2014 at 1:41 PM, Jayapal Reddy Uradi
 jayapalreddy.ur...@citrix.com wrote:
 Hi Daan,
 
 Resolved the conflicts and uploaded patch in review board.
 https://reviews.apache.org/r/22679/
 
 Thanks,
 Jayapal
 
 On 17-Jun-2014, at 4:52 PM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:
 
 On Tue, Jun 17, 2014 at 8:41 AM, Jayapal Reddy Uradi
 jayapalreddy.ur...@citrix.com wrote:
 2214bd2502a34ee8e671eb6b4efe8cd26e29ac5a
 
 
 I had conflicts. Can you have a look near line 550? I resolved by
 changing IpAddress to PublicIpAddress.
 
 regards
 --
 Daan
 
 
 
 
 -- 
 Daan

[ACS 4.4] commit cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

Can you please cherry pick the following commit to 4.4

commit: e9f60ee292109633ae538694107f3450693716d2
CLOUDSTACK-6899: Added vmId in listings response

Thanks,
Jayapal

Re: [ANNOUNCE] Demetrius Tsitrelis as committer

[Jayapal Reddy Uradi]

Congratulations Demetrius!

On 07-Jun-2014, at 4:47 AM, John Kinsella j...@stratosec.co wrote:

 Folks - this one’s a little belated - we went through the invite process 
 around the
 time of the mail issues, and somehow we didn’t send the announcement to dev@.
 I noticed while doing some housekeeping this week, and wanted to send out the
 announcement anyways just to give Demetrius the recognition. :)
 
 The Project Management Committee (PMC) for Apache CloudStack has
 asked Demetrius Tsitrelis to become a committer and we are pleased to announce
 that he has accepted.
 
 Being a committer allows many contributors to contribute more autonomously. 
 For
 developers, it makes it easier to submit changes and eliminates the need to
 have contributions reviewed via the patch submission process. Whether
 contributions are development-related or otherwise, it is a recognition of a
 contributor's participation in the project and commitment to the project and
 the Apache Way.
 
 Please join me in congratulating Demetrius!
 
 -John, on behalf of the CloudStack PMC

Re: [ANNOUNCE] Amogh Vasekar as committer

[Jayapal Reddy Uradi]

Congrats Amogh!

On 02-Jun-2014, at 11:44 PM, John Kinsella j...@stratosec.co wrote:

 The Project Management Committee (PMC) for Apache CloudStack has
 asked Amogh Vasekar to become a committer and we are pleased to announce
 that he has accepted.
 
 Being a committer allows many contributors to contribute more autonomously. 
 For
 developers, it makes it easier to submit changes and eliminates the need to
 have contributions reviewed via the patch submission process. Whether
 contributions are development-related or otherwise, it is a recognition of a
 contributor's participation in the project and commitment to the project and
 the Apache Way.
 
 Please join me in congratulating Amogh!
 
 -John, on behalf of the CloudStack PMC

Re: VPC's VR missing public NIC eth1

[Jayapal Reddy Uradi]

I don't think editing DB table will work.

-Jayapal
On 29-May-2014, at 2:52 PM, Andrija Panic andrija.pa...@gmail.com wrote:

 It's like this:
 
 I have public subnet /24.
 
 half is dedicated for Guest traffic (vlan 500) and the second half is
 dedicated to Public traffic/network (no vlan tags, that is untagged packets)
 
 Both vlan500 and untagged packets travel over physical eth1 interface on
 hypervisors and can reach Internet.
 
 Thanks,
 
 
 On 29 May 2014 11:06, Daan Hoogland daan.hoogl...@gmail.com wrote:
 
 On Thu, May 29, 2014 at 10:57 AM, Andrija Panic andrija.pa...@gmail.com
 wrote:
 500
 
 
 is 500 the vlan of your guestnetwork or your physical network? You
 wouldn't want to have two nets with vlan 500!
 
 --
 Daan
 
 
 
 
 -- 
 
 Andrija Panić
 --
  http://admintweets.com
 --

Re: VPC's VR missing public NIC eth1

[Jayapal Reddy Uradi]

 MAC address as shown
in
managemetn log on pastebin..

This is completely makeing VPCs unusable...
:(

Cheers


On 27 May 2014 16:36, Jayapal Reddy Uradi 
jayapalreddy.ur...@citrix.com
wrote:

Hi,
Can you please share management server and router logs in
pastebin.comto understand the issue ?

Thanks,
Jayapal

On 27-May-2014, at 6:21 PM, Andrija Panic 
andrija.pa...@gmail.com
wrote:

Hi,

after the upgrade to ACS 4.3 (from 4.2.1) existing VRs for VPC
lost
their
eth1 which is public NIC. VR got eth0(control nic) and eth2 and
eth3
(bith
belonging to Tiers). From CS GUI, it is reported that the VR has
eth1
with
Public network attached, but from inside (ssh to VR) there is no
eth1
with
public IP...

Even after destroying those VR, they are recreated again, but
without
eth1.

Anybody experienced same situtation ?

Thanks,

--

Andrija Panić
--




--






--
Daan




--

Andrija Panić
--
 http://admintweets.com
--



--
Daan




--

Andrija Panić
--
 http://admintweets.com
--

Re: VPC's VR missing public NIC eth1

[Jayapal Reddy Uradi]

Hi Andrija,

Same issue with public vlan tagged got fixed, CLOUDSTACK-5505.

Thanks,
Jayapal

On 29-May-2014, at 9:38 AM, Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com
 wrote:

 Hi Adrija,
 
 From the logs, the public subnet is untagged.
 I think this issue is coming for the untagged public vlan in 4.3.
 
 
  1.
 {com.cloud.agent.api.PlugNicCommand:{nic:{deviceId:1,networkRateMbps:9,defaultNic:true,uuid:e6b734d4-3302-4113-8ec7-5c205c90959a,ip:46.232.180.248,netmask:255.255.255.0,gateway:46.232.180.1,mac:06:5e:e8:00:00:27,broadcastType:Vlan,type:Public,broadcastUri:vlan://untagged,isolationUri:vlan://untagged,isSecurityGroupEnabled:false,name:breth1-500},
  2.
 
  3.
 instanceName:r-779-VM,vmType:DomainRouter,wait:0}},{com.cloud.agent.api.routing.IpAssocVpcCommand:{ipAddresses:[{accountId:2,publicIp:46.232.180.248,sourceNat:true,add:true,oneToOneNat:false,firstIP:false,broadcastUri:untagged,vlanGateway:46.232.180.1,vlanNetmask:255.255.255.0,vifMacAddress:06:5e:e8:00:00:27,networkRate:9,trafficType:Public,networkName:breth1-500}],accessDetails:
 
 
 From the logs VR logs, the ipassoc script got the interface id as null.
 May 28 12:37:33 r-794-VM cloud: vpc_ipassoc.sh:Waiting for interface ethnull 
 to appear, 0 seconds
 
 Thanks,
 Jayapal
 
 On 29-May-2014, at 1:08 AM, Andrija Panic 
 andrija.pa...@gmail.commailto:andrija.pa...@gmail.com wrote:
 
 Thanks Daan,
 
 my problem is that I'm in production for 3rd day now, and restoring DB and
 downgrading back to 4.2.1 doesn't seem as option for me at the moment,
 since I would loose new acounts and single VMs, etc...
 
 Thanks,
 Andrija
 
 
 On 28 May 2014 21:34, Daan Hoogland 
 daan.hoogl...@gmail.commailto:daan.hoogl...@gmail.com wrote:
 
 Andrija,
 
 nevertheless it sounds familiar. I will be back in the office on
 monday and ask around.
 
 On Wed, May 28, 2014 at 9:23 PM, Andrija Panic 
 andrija.pa...@gmail.commailto:andrija.pa...@gmail.com
 wrote:
 Hi Daan,
 
 I don't think this is my issue, at least I don't make use of private
 gateway - this is just simple as:   create new VPC from scratch - Public
 IP
 is not assigned to VR eth1 interface inside VR...
 
 I have filed the bug:
 https://issues.apache.org/jira/browse/CLOUDSTACK-6801
 
 This same thing happened previously to Andrei Mikhailovsky:
 
 http://mail-archives.apache.org/mod_mbox/cloudstack-users/201405.mbox/%3C33347835.250.1399336340785.JavaMail.andrei@tuchka%3Eand
 it is not resolved
 
 Thanks,
 
 Andrija
 
 
 On 28 May 2014 21:01, Daan Hoogland daan.hoogl...@gmail.com wrote:
 
 Andrija,
 
 this sound like something we seen as well.
 can you check if this is it :
 https://issues.apache.org/jira/browse/CLOUDSTACK-6485
 
 thanks,
 Daan
 
 On Wed, May 28, 2014 at 3:30 PM, Andrija Panic andrija.pa...@gmail.com
 
 wrote:
 Hi there,
 
 I'm having big time problems with Public IP missing from VPC VR's
 eth1,
 after upgrade to ACS 4.3.1 - did not found this filed as bug so
 far...and
 it worked all fine on ACS 4.2.1.
 
 No help so far from user mailing list...
 
 Below is a detailed explanation, and logs from inside VR, and from
 management (all fine with management logs...)
 
 If anybody can help,  I would very much appriciate this, since now I
 have
 bunch fo VPC unoperational...
 
 Thanks
 
 -- Forwarded message --
 From: Andrija Panic andrija.pa...@gmail.com
 Date: 28 May 2014 14:50
 Subject: Re: VPC's VR missing public NIC eth1
 To: us...@cloudstack.apache.org
 
 
 and as I said eth1 is present:
 
 root@r-794-VM:~# cat /proc/net/dev
 Inter-|   Receive|
 Transmit
 face |bytespackets errs drop fifo frame compressed
 multicast|bytes
 packets errs drop fifo colls carrier compressed
 eth3:   11484 131000 0  0 0
 11590
   131000 0   0  0
   lo: 214   2000 0  0 0
 214
 2000 0   0  0
 eth2:   32970 544000 0  0 0
 2084
24000 0   0  0
 eth1:   0   0000 0  0 0
 0
 0000 0   0  0
 eth0:  1502071319000 0  0 0
 264232
  1180000 0   0  0
 
 
 On 28 May 2014 14:47, Andrija Panic andrija.pa...@gmail.com wrote:
 
 Also, from /var/log/messages/ inside VR:
 
 This is a major show stopper - all our VPCs are unusable complete.
 Anybody... ?
 
 May 28 12:37:33 r-794-VM cloud: vpc_ipassoc.sh:Waiting for interface
 ethnull to appear, 0 seconds
 May 28 12:37:34 r-794-VM cloud: vpc_ipassoc.sh:Waiting for interface
 ethnull to appear, 1 seconds
 May 28 12:37:35 r-794-VM cloud: vpc_ipassoc.sh:Waiting for interface
 ethnull to appear, 2 seconds
 May 28 12:37:36 r-794-VM cloud: vpc_ipassoc.sh:Waiting for interface
 ethnull to appear, 3 seconds
 May 28 12:37:37 r-794-VM cloud: vpc_ipassoc.sh:Waiting for interface

Re: [ACS4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

The two issue fixed in below commit, please cherry-pick it to 4.4
c535b894840e1a625186f7c62796e80950293221

Thanks,
Jayapal

On 27-May-2014, at 2:12 PM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:

 two pulled,
 
 please note two managerial issues in the one by Saurav:
 a trailing space behind the fi in systemvm/scripts/run.sh
 a new shell script without license header: systemvm/scripts/utils.sh
 
 regards
 
 On Tue, May 27, 2014 at 7:34 AM, Jayapal Reddy Uradi
 jayapalreddy.ur...@citrix.com wrote:
 Hi Daan,
 
 Please cherry-pick the following commits to 4.4.
 
 commit 37a3a65c7c7f083a5536c078a1c8436ef9e14597
 Author: Jayapal jaya...@apache.org
 Date:   Mon May 26 15:10:35 2014 +0530
CLOUDSTACK-6761: Fixed removing proxy arp rule on deleting static nat or 
 PF rule on ip
 
 commit 587ee544f2d8223599e5ee8c56f926ebf7882b8c
 Author: Saurav Lahiri saurav.lah...@sungard.com
 Date:   Tue Apr 15 12:08:11 2014 +
CLOUDSTACK-6328: run.sh check if an existing java process is running, 
 before spawining new ones
Signed-off-by: Jayapal jaya...@apache.org
 
 Thanks,
 Jayapal
 
 
 
 -- 
 Daan

Re: Review Request 20123: Fix for cloudstack-6328 to Prevent console proxy support scripts from spawning multiple java processes

[Jayapal Reddy Uradi]

Hi Saurav,

Can you please file bug describing the issue ?
Also please update the bug-id in review request.

Thanks,
Jayapal

On 24-May-2014, at 12:24 AM, Santhosh Edukulla santhosh.eduku...@citrix.com 
wrote:

 
 
 On April 29, 2014, 12:29 p.m., Santhosh Edukulla wrote:
 Ship It!
 
 If we don't have any review issues pending, can some body with commit rights 
 push this patch? 
 
 
 - Santhosh
 
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/20123/#review41708
 ---
 
 
 On April 23, 2014, 9:20 a.m., Saurav Lahiri wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/20123/
 ---
 
 (Updated April 23, 2014, 9:20 a.m.)
 
 
 Review request for cloudstack, Jayapal Reddy, Rajani Karuturi, Rajesh 
 Battala, and Santhosh Edukulla.
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 With multiple java processes writing to the same logfile, each is not aware 
 of the log4j's internal counter state, this needs to be prevented. So before 
 starting new java process via the _run.sh , a check is made to ensure that 
 there are no existing java processes running. This will prevent multiple 
 java process writing to the same log file namely cloud.out. 
 
 
 Diffs
 -
 
  systemvm/patches/debian/config/etc/init.d/cloud 83853bc 
  systemvm/scripts/run.sh 146d96f 
  systemvm/scripts/utils.sh PRE-CREATION 
 
 Diff: https://reviews.apache.org/r/20123/diff/
 
 
 Testing
 ---
 
 Tested the changes with console proxy vm and secondary storage vm. They 
 start and stop as expected.
 
 
 Thanks,
 
 Saurav Lahiri
 
 
 

[ACS4.4] cherry-pick

[Jayapal Reddy Uradi]

Hi Daan,

Please cherry-pick the following commits to 4.4.

commit 37a3a65c7c7f083a5536c078a1c8436ef9e14597
Author: Jayapal jaya...@apache.org
Date:   Mon May 26 15:10:35 2014 +0530
CLOUDSTACK-6761: Fixed removing proxy arp rule on deleting static nat or PF 
rule on ip

commit 587ee544f2d8223599e5ee8c56f926ebf7882b8c
Author: Saurav Lahiri saurav.lah...@sungard.com
Date:   Tue Apr 15 12:08:11 2014 +
CLOUDSTACK-6328: run.sh check if an existing java process is running, 
before spawining new ones
Signed-off-by: Jayapal jaya...@apache.org

Thanks,
Jayapal

Re: Review Request 20623: Added version check, fixed data corruption, fixed regression issues

[Jayapal Reddy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/20623/#review43606
---

Ship it!


Ship It!

- Jayapal Reddy


On May 21, 2014, 11:12 a.m., Santhosh Edukulla wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/20623/
 ---
 
 (Updated May 21, 2014, 11:12 a.m.)
 
 
 Review request for cloudstack, daan Hoogland and Jayapal Reddy.
 
 
 Bugs: CLOUDSTACK-6736
 https://issues.apache.org/jira/browse/CLOUDSTACK-6736
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 1. ParsedConfig is getting corrupted when used in tests. Fixed now.
 2. setup.py does not have minimal version requirements for various packages. 
 Added that.
 3. Fixed few misc script issues and removed print statements.
 4. Added bug information to failed cases.
 
 
 Diffs
 -
 
   test/integration/smoke/test_deploy_vm.py db26980 
   test/integration/smoke/test_guest_vlan_range.py bfef4a8 
   test/integration/smoke/test_hosts.py 7798c8e 
   test/integration/smoke/test_vm_life_cycle.py 85033c5 
   tools/marvin/marvin/cloudstackTestClient.py 86b0a4b 
   tools/marvin/setup.py 4c775ad 
 
 Diff: https://reviews.apache.org/r/20623/diff/
 
 
 Testing
 ---
 
 Ran changes against simulator
 
 
 Thanks,
 
 Santhosh Edukulla
 

[ACS44] cherry pick

[Jayapal Reddy Uradi]

Hi Daan,

Can you please cherry pick the following commit to 4.4

commit 45f6bac727bf6631153ac8e17dd7b074759052eb
CLOUDSTACK-6714: monitor script echo service command is added with quotes

Thanks,
Jayapal

Re: closing issue

[Jayapal Reddy Uradi]

Hi Daan,

I intended to close CLOUDSTACK-6084 because CLOUDSTACK-6485 is reverted, 
mistakenly 
resolved the CLOUDSTACK-6485 which is opened in other tab.

Thanks,
Jayapal


On 20-May-2014, at 4:49 PM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:

 Jayapal, you closed issue CLOUDSTACK-6485 as Can't reproduce. You
 should first consult with the author to make sure the problem is bkac.
 
 -- 
 Daan

[ACS44] cherry pick

[Jayapal Reddy Uradi]

Hi Daan,

Can you please cheery pick the following commit to 4.4
99f75db1ebd35f5afa897e9d94ed176668e04cd5

Thanks,
Jayapal

Re: Review Request 21161: Fixed few cases failing, added proper port for creating client

[Jayapal Reddy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/21161/#review42494
---

Ship it!


Ship It!

- Jayapal Reddy


On May 7, 2014, 2:57 p.m., Santhosh Edukulla wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/21161/
 ---
 
 (Updated May 7, 2014, 2:57 p.m.)
 
 
 Review request for cloudstack and Girish Shilamkar.
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 1. Fied few cases failing earlier because of wrong zone,domain retrieval
 2. Added proper port usage while creating client
 
 
 Diffs
 -
 
   test/integration/smoke/test_deploy_vm.py c07e663 
   tools/marvin/marvin/cloudstackTestClient.py 0e3d3d0 
   tools/marvin/marvin/marvinPlugin.py 74b64ef 
 
 Diff: https://reviews.apache.org/r/21161/diff/
 
 
 Testing
 ---
 
 yes, done the changes and tested on simulator
 
 Test Deploy Virtual Machine ... === TestName: test_deploy_vm | Status : 
 SUCCESS ===
 ok
 Test Multiple Deploy Virtual Machine ... === TestName: 
 test_deploy_vm_multiple | Status : SUCCESS ===
 ok
 Test Deploy Virtual Machine - start operation failure and retry ... === 
 TestName: test_deploy_vm_start_failure | Status : SUCCESS ===
 ok
 Test Deploy Virtual Machine - volume creation failure and retry ... === 
 TestName: test_deploy_vm_volume_creation_failure | Status : SUCCESS ===
 ok
 
 --
 Ran 4 tests in 138.006s
 
 OK
 ~ 
   
 ~   
 
 
 Thanks,
 
 Santhosh Edukulla
 

CLOUDSTACK-6485 regression

[Jayapal Reddy Uradi]

Hi Daan,

CLOUDSTACK-6485 is fixed by you and caused the regression for CLOUDSTACK-6084 
and CLOUDSTACK-6548.

vpcId param changed to null causing the issue. After reverting this private 
gateway is working fine.

https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=blobdiff;f=server/src/com/cloud/network/vpc/VpcManagerImpl.java;h=5263d56f531178f3362a50c25b2e66b8ab6f91fc;hp=0c33fc606bc04c253dc6d58c6ca56f0522e8b171;hb=3bd594c;hpb=881792991ecbce5538939e2917cbf6582257ad43

Can you please looking to it.

Thanks,
Jayapal

[ACS44] cherry pick

[Jayapal Reddy Uradi]

Hi Daan,

Can you please cherry pick the below commit to 4.4

commit 3ec8de9b85c03a79ac87ee0732c629ee621a8cbc
CLOUDSTACK-6582 updated the table network_acl_item_cidrs name in Upgrade430to440

Thanks,
Jayapal

Re: secondary ip

[Jayapal Reddy Uradi]

Hi Alena,

listPortForwardingRules response shows vm ip addr, primary/secondary ip address.
We are not showing primary/secondary ip info separately in the response.

Thanks,
Jayapal

On 13-May-2014, at 4:18 AM, Alena Prokharchyk alena.prokharc...@citrix.com
 wrote:

 Murali,
 
 I have a question about the secondary vm ip address. By looking at the 
 listPortForwardingRules response, how do I know if the ip address presented 
 there, is secondary or primary ip address for the vm? I remember you told me 
 before that if vmGuestIp is present in the response, then its a secondary ip; 
 if only vmId is present, then its a primary one. In the latest 4.4 build I 
 see this parameter being populated when the PF rule is created for the 
 Primary ip.
 
 Thank you,
 Alena.