Re: [Openstack] [glance] Multiple instances of glance

2014-02-03 Thread dheeru 
You have two options. You can have multiple installations.

1. You can install the OpenStack in HA mode. In this case you may not be
able to specify the URL.
2. Create end points in keystone with different regions for glance. During
any request you can specify the regionName. I have not tried this. It
should work.

-Dheeru
@Community Service

On Sat, Feb 1, 2014 at 5:20 AM, Muralidhar Balcha wrote:

> Hi,
> Can an openstack installation have multiple glance instances? If so can it
> be possible to specify image url from a specific glance service during nova
> create operation?
>
> --
> Murali Balcha
> 508 494 5007
>
> ___
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>


-- 
-dheeru
@Community Service
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] nova unique name generator middleware

2014-02-03 Thread Craig Jellick 
Agreed Joshua, for us (and probably many others), a check against DNS would be 
the most important thing to check against.

I'm less sure about whether Designate would be appropriate for us, due to our 
existing internal DNS infrastucture. Will look take a deeper look into though.


/Craig J

From: Remo Mattei mailto:r...@italy1.com>>
Date: Monday, February 3, 2014 4:54 PM
To: Joshua Harlow mailto:harlo...@yahoo-inc.com>>
Cc: "openstack@lists.openstack.org" 
mailto:openstack@lists.openstack.org>>
Subject: Re: [Openstack] nova unique name generator middleware

Hi all,
there is a project for DNS already DNSaaS (DNS as a service)

https://wiki.openstack.org/wiki/Designate


On Feb 3, 2014, at 4:35 PM, Joshua Harlow 
mailto:harlo...@yahoo-inc.com>> wrote:

Do most systems have access to a dns system that can be used to check? Maybe 
that could be one of these plugins.

From: Craig J mailto:craig.jell...@gmail.com>>
Date: Monday, February 3, 2014 at 1:58 PM
To: Joel Cooklin mailto:joel.cook...@gmail.com>>
Cc: "openstack@lists.openstack.org" 
mailto:openstack@lists.openstack.org>>
Subject: Re: [Openstack] nova unique name generator middleware

There's currently a check in nova for max length. It's hard coded to 255. Easy 
low-hanging fruit would be to make that number configurable and add a 
configurable regex check on the server name.

The uniqueness check could be trickier: checking the nova db wouldn't be 
sufficient in many cases as most people need to check some external system(s). 
Maybe we could put together something pluggable with a nova-db check as an 
example. Is a wsgi filter the most appropriate place for such a pluggable 
validator or should it be deeper, at the same place where the other server name 
validation occurs?



On Mon, Feb 3, 2014 at 6:46 AM, Joel Cooklin 
mailto:joel.cook...@gmail.com>> wrote:
>>Shouldn't "nova list" and some shell script magic do most of this?

For our use case this won't work as well since several business units
(tenants) make direct use of the APIs.  It's hard to enforce that they
use our wrappers and the like.  It would be much more convenient in
our case if we could enforce business logic via a plugin for all
requests regardless of the client being used to access the API.

On Sun, Feb 2, 2014 at 11:48 PM, Aryeh Friedman
mailto:aryeh.fried...@gmail.com>> wrote:
> Shouldn't "nova list" and some shell script magic do most of this?  The only
> problem would be to make sure that two people didn't ask for a name at the
> same time
>
>
> On Mon, Feb 3, 2014 at 1:19 AM, Tim Bell 
> mailto:tim.b...@cern.ch>> wrote:
>>
>> > -Original Message-
>> > From: John Griffith 
>> > [mailto:john.griff...@solidfire.com]
>> > Sent: 03 February 2014 03:47
>> > To: Joel Cooklin
>> > Cc: openstack@lists.openstack.org
>> > Subject: Re: [Openstack] nova unique name generator middleware
>> >
>> > On Sun, Feb 2, 2014 at 7:26 PM, Joel Cooklin 
>> > mailto:joel.cook...@gmail.com>>
>> > wrote:
>> > > +1 intel use cases.  It would be nice to avoid our current custom
>> > > patches.
>> > >
>> > >
>> > > On Sunday, February 2, 2014, Joshua Harlow 
>> > > mailto:harlo...@yahoo-inc.com>>
>> > > wrote:
>> > >>
>> > >> +1 yahoo use case(s) would also benefit from not having to patch the
>> > >> +code
>> > >> to achieve similar results.
>> > >>
>> > >> Sent from my really tiny device...
>> > >>
>> > >> > On Feb 2, 2014, at 12:12 AM, "Tim Bell" 
>> > >> > mailto:tim.b...@cern.ch>> wrote:
>> > >> >
>> > >> > It would be interesting to have a formal exit inside OpenStack nova
>> > >> > at VM creation for this sort of check rather than having to patch
>> > >> > the code.
>> > >> >
>> > >> > Other scenarios that I've seen is where there is a need to enforce
>> > >> > limits as the server name is used for other purposes. Examples are
>> > >> > characters in the server name or maximum length.
>> > >> >
>> > >> > Tim
>> > >> >
>> ...
>> > >
>> > Maybe just an auto-naming option added to nova's existing boot call; use
>> > a prefix and the UUID of the instance would satisfy the
>> > cases people are talking about here and not impact existing users?
>> >
>>
>> We have a set of other use cases which are around the use of the server
>> name to get a Kerberos/X.509 identity which imposes other restrictions on
>> the name being chosen (such as maximum length and limited set of
>> characters). The unique name is one scenario but there are others.
>>
>> Thus, we could start adding new options such as "max server name length"
>> and "server name character set" or we find a way to do a plugin.
>>
>> Tim
>>
>> ___
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : 
>> openstack@lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack

Re: [Openstack] [openstack-qa] Unit Tests for Cinder and Swift

2014-02-03 Thread Masayuki Igawa 
Hi Oscar,

As I already replied to you in another mail[1], unfortunately, the
openstack...@lists.openstack.org has been deprecated.
And for asking about usages, you send things to
openstack@lists.openstack.org or access to https://ask.openstack.org/
.

[1] http://lists.openstack.org/pipermail/openstack/2014-February/005070.html

On Sun, Feb 2, 2014 at 11:45 PM, Oscar Jr  wrote:
> Hi Jenkins, where I can get full Unit tests for Cinder and Swift module?

You can get them from their source code:
 http://git.openstack.org/cgit/openstack/cinder/tree/cinder/tests
 http://git.openstack.org/cgit/openstack/swift/tree/test/

Thanks.


>
>
>
> Oscar Correia
> CT
> www.lettersvitae.com
> Skype: oscar.correia
> Facebook: Letters Vitae
> E-Mail: oscar_corre...@hotmail.com
> oscarmo...@lettersvitae.com
>
> Regis Regum servitium
>

-- Masayuki Igawa

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] nova unique name generator middleware

2014-02-03 Thread Remo Mattei 
Hi all, 
there is a project for DNS already DNSaaS (DNS as a service)

https://wiki.openstack.org/wiki/Designate

 
On Feb 3, 2014, at 4:35 PM, Joshua Harlow  wrote:

> Do most systems have access to a dns system that can be used to check? Maybe 
> that could be one of these plugins.
> 
> From: Craig J 
> Date: Monday, February 3, 2014 at 1:58 PM
> To: Joel Cooklin 
> Cc: "openstack@lists.openstack.org" 
> Subject: Re: [Openstack] nova unique name generator middleware
> 
>> There's currently a check in nova for max length. It's hard coded to 255. 
>> Easy low-hanging fruit would be to make that number configurable and add a 
>> configurable regex check on the server name.
>> 
>> The uniqueness check could be trickier: checking the nova db wouldn't be 
>> sufficient in many cases as most people need to check some external 
>> system(s). Maybe we could put together something pluggable with a nova-db 
>> check as an example. Is a wsgi filter the most appropriate place for such a 
>> pluggable validator or should it be deeper, at the same place where the 
>> other server name validation occurs?
>> 
>> 
>> 
>> On Mon, Feb 3, 2014 at 6:46 AM, Joel Cooklin  wrote:
>>> >>Shouldn't "nova list" and some shell script magic do most of this?
>>> 
>>> For our use case this won't work as well since several business units
>>> (tenants) make direct use of the APIs.  It's hard to enforce that they
>>> use our wrappers and the like.  It would be much more convenient in
>>> our case if we could enforce business logic via a plugin for all
>>> requests regardless of the client being used to access the API.
>>> 
>>> On Sun, Feb 2, 2014 at 11:48 PM, Aryeh Friedman
>>>  wrote:
>>> > Shouldn't "nova list" and some shell script magic do most of this?  The 
>>> > only
>>> > problem would be to make sure that two people didn't ask for a name at the
>>> > same time
>>> >
>>> >
>>> > On Mon, Feb 3, 2014 at 1:19 AM, Tim Bell  wrote:
>>> >>
>>> >> > -Original Message-
>>> >> > From: John Griffith [mailto:john.griff...@solidfire.com]
>>> >> > Sent: 03 February 2014 03:47
>>> >> > To: Joel Cooklin
>>> >> > Cc: openstack@lists.openstack.org
>>> >> > Subject: Re: [Openstack] nova unique name generator middleware
>>> >> >
>>> >> > On Sun, Feb 2, 2014 at 7:26 PM, Joel Cooklin 
>>> >> > wrote:
>>> >> > > +1 intel use cases.  It would be nice to avoid our current custom
>>> >> > > patches.
>>> >> > >
>>> >> > >
>>> >> > > On Sunday, February 2, 2014, Joshua Harlow 
>>> >> > > wrote:
>>> >> > >>
>>> >> > >> +1 yahoo use case(s) would also benefit from not having to patch the
>>> >> > >> +code
>>> >> > >> to achieve similar results.
>>> >> > >>
>>> >> > >> Sent from my really tiny device...
>>> >> > >>
>>> >> > >> > On Feb 2, 2014, at 12:12 AM, "Tim Bell"  wrote:
>>> >> > >> >
>>> >> > >> > It would be interesting to have a formal exit inside OpenStack 
>>> >> > >> > nova
>>> >> > >> > at VM creation for this sort of check rather than having to patch
>>> >> > >> > the code.
>>> >> > >> >
>>> >> > >> > Other scenarios that I've seen is where there is a need to enforce
>>> >> > >> > limits as the server name is used for other purposes. Examples are
>>> >> > >> > characters in the server name or maximum length.
>>> >> > >> >
>>> >> > >> > Tim
>>> >> > >> >
>>> >> ...
>>> >> > >
>>> >> > Maybe just an auto-naming option added to nova's existing boot call; 
>>> >> > use
>>> >> > a prefix and the UUID of the instance would satisfy the
>>> >> > cases people are talking about here and not impact existing users?
>>> >> >
>>> >>
>>> >> We have a set of other use cases which are around the use of the server
>>> >> name to get a Kerberos/X.509 identity which imposes other restrictions on
>>> >> the name being chosen (such as maximum length and limited set of
>>> >> characters). The unique name is one scenario but there are others.
>>> >>
>>> >> Thus, we could start adding new options such as "max server name length"
>>> >> and "server name character set" or we find a way to do a plugin.
>>> >>
>>> >> Tim
>>> >>
>>> >> ___
>>> >> Mailing list:
>>> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> >> Post to : openstack@lists.openstack.org
>>> >> Unsubscribe :
>>> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> >
>>> >
>>> >
>>> >
>>> > --
>>> > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
>>> 
>>> ___
>>> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> Post to : openstack@lists.openstack.org
>>> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> 
> !DSPAM:1,52f02aa2292318724815022!
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> 
> 
> !DSPAM:

Re: [Openstack] nova unique name generator middleware

2014-02-03 Thread Joshua Harlow 
Do most systems have access to a dns system that can be used to check? Maybe 
that could be one of these plugins.

From: Craig J mailto:craig.jell...@gmail.com>>
Date: Monday, February 3, 2014 at 1:58 PM
To: Joel Cooklin mailto:joel.cook...@gmail.com>>
Cc: "openstack@lists.openstack.org" 
mailto:openstack@lists.openstack.org>>
Subject: Re: [Openstack] nova unique name generator middleware

There's currently a check in nova for max length. It's hard coded to 255. Easy 
low-hanging fruit would be to make that number configurable and add a 
configurable regex check on the server name.

The uniqueness check could be trickier: checking the nova db wouldn't be 
sufficient in many cases as most people need to check some external system(s). 
Maybe we could put together something pluggable with a nova-db check as an 
example. Is a wsgi filter the most appropriate place for such a pluggable 
validator or should it be deeper, at the same place where the other server name 
validation occurs?



On Mon, Feb 3, 2014 at 6:46 AM, Joel Cooklin 
mailto:joel.cook...@gmail.com>> wrote:
>>Shouldn't "nova list" and some shell script magic do most of this?

For our use case this won't work as well since several business units
(tenants) make direct use of the APIs.  It's hard to enforce that they
use our wrappers and the like.  It would be much more convenient in
our case if we could enforce business logic via a plugin for all
requests regardless of the client being used to access the API.

On Sun, Feb 2, 2014 at 11:48 PM, Aryeh Friedman
mailto:aryeh.fried...@gmail.com>> wrote:
> Shouldn't "nova list" and some shell script magic do most of this?  The only
> problem would be to make sure that two people didn't ask for a name at the
> same time
>
>
> On Mon, Feb 3, 2014 at 1:19 AM, Tim Bell 
> mailto:tim.b...@cern.ch>> wrote:
>>
>> > -Original Message-
>> > From: John Griffith 
>> > [mailto:john.griff...@solidfire.com]
>> > Sent: 03 February 2014 03:47
>> > To: Joel Cooklin
>> > Cc: openstack@lists.openstack.org
>> > Subject: Re: [Openstack] nova unique name generator middleware
>> >
>> > On Sun, Feb 2, 2014 at 7:26 PM, Joel Cooklin 
>> > mailto:joel.cook...@gmail.com>>
>> > wrote:
>> > > +1 intel use cases.  It would be nice to avoid our current custom
>> > > patches.
>> > >
>> > >
>> > > On Sunday, February 2, 2014, Joshua Harlow 
>> > > mailto:harlo...@yahoo-inc.com>>
>> > > wrote:
>> > >>
>> > >> +1 yahoo use case(s) would also benefit from not having to patch the
>> > >> +code
>> > >> to achieve similar results.
>> > >>
>> > >> Sent from my really tiny device...
>> > >>
>> > >> > On Feb 2, 2014, at 12:12 AM, "Tim Bell" 
>> > >> > mailto:tim.b...@cern.ch>> wrote:
>> > >> >
>> > >> > It would be interesting to have a formal exit inside OpenStack nova
>> > >> > at VM creation for this sort of check rather than having to patch
>> > >> > the code.
>> > >> >
>> > >> > Other scenarios that I've seen is where there is a need to enforce
>> > >> > limits as the server name is used for other purposes. Examples are
>> > >> > characters in the server name or maximum length.
>> > >> >
>> > >> > Tim
>> > >> >
>> ...
>> > >
>> > Maybe just an auto-naming option added to nova's existing boot call; use
>> > a prefix and the UUID of the instance would satisfy the
>> > cases people are talking about here and not impact existing users?
>> >
>>
>> We have a set of other use cases which are around the use of the server
>> name to get a Kerberos/X.509 identity which imposes other restrictions on
>> the name being chosen (such as maximum length and limited set of
>> characters). The unique name is one scenario but there are others.
>>
>> Thus, we could start adding new options such as "max server name length"
>> and "server name character set" or we find a way to do a plugin.
>>
>> Tim
>>
>> ___
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : 
>> openstack@lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
>
>
> --
> Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : 
openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] [User-committee] Formulate application developer oriented questions for the user survey

2014-02-03 Thread Everett Toews 
Some more potential questions.

1. What development environment do you use?
[ ] Eclipse
[ ] Intellij IDEA
[ ] Visual Studio
[ ] Sublime
[ ] vim
Other

2. What tools are you using to deploy/configure your application?
[ ] Ansible
[ ] Chef
[ ] Puppet
[ ] SaltStack
Other

3. What do you struggle with when developing and deploying applications on 
OpenStack?
Free form answers.

I’ll try to aggregate all of the Q&A into one list this week.

Thanks,
Everett


On Jan 21, 2014, at 11:55 AM, Everett Toews  wrote:

> On Jan 21, 2014, at 10:29 AM, Dave Neary wrote:
> 
>> On 01/21/2014 02:25 AM, Everett Toews wrote:
>>> There are a number of issues that stand out to me but before getting
>>> into them some quick definitions to be clear what I'm talking about.
>>> 
>>> OpenStack developer = developer working on OpenStack itself
>>> OpenStack operator = operator deploying/maintaining an OpenStack cloud
>>> application developer = developer working on application being deployed
>>> on an OpenStack cloud
>>> application operator = operator deploying/maintaining an application on
>>> an OpenStack cloud
>>> users = any of OpenStack operator, application developer, application
>>> operator
>> 
>> It would be really useful, I think, to match these up with some of the
>> personas we have, so that we are all talking about the same thing
>> (there's a big difference between someone deploying a small private
>> cloud and someone operating a large public cloud, for example).
> 
> I attended your session on personas at the HK Summit. I was the guy ranting 
> about SDKs from the back. ;)
> 
> The personas are definitely useful and I think we could use them to help 
> inform the definitions of the above. Here's what I'm starting to envision for 
> the survey.
> 
> On the About You page [1] we update the What best describes your involvement 
> with OpenStack? section as follows
> 
> [ ] OpenStack cloud service provider - provides public or hosted private 
> cloud services for other organizations
> [ ] Ecosystem vendor - provides software or solutions that enable others to 
> build or run OpenStack clouds
> [ ] Private cloud operator - runs an OpenStack private cloud for their own 
> organization
> [ ] Application developer - has API or dashboard credentials and 
> deploys/maintains an application running on an OpenStack cloud
> [ ] Application operator - has API or dashboard credentials and develops an 
> application running on an OpenStack cloud
> 
> If the survey taker checks Application developer or Application operator then 
> they are shown a survey page with the questions we are formulating here 
> instead of/in addition to the About Your OpenStack Deployments page.
> 
> I don't think we want to have the role definitions above too long but 
> anything can help.
> 
> Can you link us to the personas work and how they might map to the roles as 
> above?
> 
> [sidebar]
> It seems the About You page already makes the distinction between someone 
> deploying a small private cloud and someone operating a large public cloud. 
> However, I think the line between "...or hosted private cloud services for 
> other organizations" and "runs an OpenStack private cloud for their own 
> organization" is pretty thin. "hosted private cloud services for other 
> organizations" sounds like a small-scale public cloud to me. The real 
> distinction being whether you're doing it for your org or for others. The 
> questions on the About Your OpenStack Deployments page make the distinction 
> between scale.
> 
> They could be reworded as
> 
> [ ] OpenStack operator for a public cloud - provides public or hosted private 
> cloud services for other organizations
> [ ] OpenStack operator for a private cloud - runs an OpenStack private cloud 
> for their own organization
> 
> This is apart from the app dev oriented discussion and hence the sidebar.
> [/sidebar]
> 
> Thanks,
> Everett
> 
> [1] https://www.openstack.org/user-survey/OrgInfo
> ___
> User-committee mailing list
> user-commit...@lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/user-committee


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] nova unique name generator middleware

2014-02-03 Thread Craig J 
There's currently a check in nova for max length. It's hard coded to 255.
Easy low-hanging fruit would be to make that number configurable and add a
configurable regex check on the server name.

The uniqueness check could be trickier: checking the nova db wouldn't be
sufficient in many cases as most people need to check some external
system(s). Maybe we could put together something pluggable with a nova-db
check as an example. Is a wsgi filter the most appropriate place for such a
pluggable validator or should it be deeper, at the same place where the
other server name validation occurs?



On Mon, Feb 3, 2014 at 6:46 AM, Joel Cooklin  wrote:

> >>Shouldn't "nova list" and some shell script magic do most of this?
>
> For our use case this won't work as well since several business units
> (tenants) make direct use of the APIs.  It's hard to enforce that they
> use our wrappers and the like.  It would be much more convenient in
> our case if we could enforce business logic via a plugin for all
> requests regardless of the client being used to access the API.
>
> On Sun, Feb 2, 2014 at 11:48 PM, Aryeh Friedman
>  wrote:
> > Shouldn't "nova list" and some shell script magic do most of this?  The
> only
> > problem would be to make sure that two people didn't ask for a name at
> the
> > same time
> >
> >
> > On Mon, Feb 3, 2014 at 1:19 AM, Tim Bell  wrote:
> >>
> >> > -Original Message-
> >> > From: John Griffith [mailto:john.griff...@solidfire.com]
> >> > Sent: 03 February 2014 03:47
> >> > To: Joel Cooklin
> >> > Cc: openstack@lists.openstack.org
> >> > Subject: Re: [Openstack] nova unique name generator middleware
> >> >
> >> > On Sun, Feb 2, 2014 at 7:26 PM, Joel Cooklin 
> >> > wrote:
> >> > > +1 intel use cases.  It would be nice to avoid our current custom
> >> > > patches.
> >> > >
> >> > >
> >> > > On Sunday, February 2, 2014, Joshua Harlow 
> >> > > wrote:
> >> > >>
> >> > >> +1 yahoo use case(s) would also benefit from not having to patch
> the
> >> > >> +code
> >> > >> to achieve similar results.
> >> > >>
> >> > >> Sent from my really tiny device...
> >> > >>
> >> > >> > On Feb 2, 2014, at 12:12 AM, "Tim Bell" 
> wrote:
> >> > >> >
> >> > >> > It would be interesting to have a formal exit inside OpenStack
> nova
> >> > >> > at VM creation for this sort of check rather than having to patch
> >> > >> > the code.
> >> > >> >
> >> > >> > Other scenarios that I've seen is where there is a need to
> enforce
> >> > >> > limits as the server name is used for other purposes. Examples
> are
> >> > >> > characters in the server name or maximum length.
> >> > >> >
> >> > >> > Tim
> >> > >> >
> >> ...
> >> > >
> >> > Maybe just an auto-naming option added to nova's existing boot call;
> use
> >> > a prefix and the UUID of the instance would satisfy the
> >> > cases people are talking about here and not impact existing users?
> >> >
> >>
> >> We have a set of other use cases which are around the use of the server
> >> name to get a Kerberos/X.509 identity which imposes other restrictions
> on
> >> the name being chosen (such as maximum length and limited set of
> >> characters). The unique name is one scenario but there are others.
> >>
> >> Thus, we could start adding new options such as "max server name length"
> >> and "server name character set" or we find a way to do a plugin.
> >>
> >> Tim
> >>
> >> ___
> >> Mailing list:
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> Post to : openstack@lists.openstack.org
> >> Unsubscribe :
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >
> >
> >
> >
> > --
> > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
>
> ___
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] How to apply a quantum patch

2014-02-03 Thread Luis Guilherme Russi 
Hello guys, I'm facing a problem with my quantum-server, I'm running
OpenStack Grizzly with quantum and I was trying to install the Ryu plugin,
but my quantum-server is broken now, reading my logs I've found this link
https://bugs.launchpad.net/neutron/+bug/1178512?comments=all to fix that a
version of kombu doesn't work if newer msgpack was installed, so I guess it
happened when I tried to install the ryu plugin.

But my point here is, how do I apply this patch? Should I copy and paste
this command on my terminal and type enter?
git fetch
https://review.openstack.org/openstack/neutronrefs/changes/04/28504/3
&& git format-patch -1 --stdout FETCH_HEAD

But again, I'm running quantum and not neutron, will this same path work
with my quantum-server API? Or I must change the /neutron for /quantum on
the git path?

I'm newer when facing this patch things, can anybody help me, please?

Best Regards.

Guilherme.
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] openstack swift storage provisioning

2014-02-03 Thread Remo Mattei 
swift middleware will allow you to know all the info about the account. You 
however need to find a way to loop it to all the accounts using swift.  
-- 
Remo Mattei


February 3, 2014 at 11:26:41, Samuel Merritt (s...@swiftstack.com) ha scritto:

On 2/3/14 12:16 AM, Heiko Krämer wrote:  
> Hi Pragya,  
>  
> you can set account and container quotas with a ResellerAdmin user.  
> http://docs.openstack.org/developer/swift/middleware.html?highlight=quota#module-swift.common.middleware.account_quotas
>   
>  
>  
> to find out how much a user have in use you need ceilometer.  

You don't need ceilometer for that; a simple account HEAD request will  
do. The response will contain a header X-Account-Bytes-Used, and its  
value will be the sum of the sizes of all objects in the account  
(subject to eventual consistency, of course).  



___  
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack  
Post to : openstack@lists.openstack.org  
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack  

!DSPAM:1,52efed71143754656934457!  

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] openstack swift storage provisioning

2014-02-03 Thread Samuel Merritt 

On 2/3/14 12:16 AM, Heiko Krämer wrote:

Hi Pragya,

you can set account and container quotas with a ResellerAdmin user.
http://docs.openstack.org/developer/swift/middleware.html?highlight=quota#module-swift.common.middleware.account_quotas


to find out how much a user have in use you need ceilometer.


You don't need ceilometer for that; a simple account HEAD request will 
do. The response will contain a header X-Account-Bytes-Used, and its 
value will be the sum of the sizes of all objects in the account 
(subject to eventual consistency, of course).




___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] port on openvswitch not tagged upon VM launch

2014-02-03 Thread DeadManMoving 
Hi,

thanks for the info, it helped me going a bit further with this.

I did not have anything configured regarding vif in my nova.conf file on
my compute node.

So i tried putting the following :

libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtGenericVIFDriver
libvirt_ovs_bridge=br-int
libvirt_use_virtio_for_bridges=true

in my nova.conf config file on my compute node but it did not help.

So i wanted to have a better look at the neutron logs but, they were
full of : 'iptables-restore: line 62 failed\n'
messages so, it was a bit hard to figure something out.

So i tried to disable the firewall driver, by changing :

firewall_driver =
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

to :

firewall_driver = neutron.agent.firewall.NoopFirewallDriver

in my ovs_neutron_plugin.ini config file and surprisingly, it started
working, the port is tagged automatically.

That brings me to my next question, why would the port be tagged
correctly with firewall_driver set to
neutron.agent.firewall.NoopFirewallDriver but not with
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
?!

@Ageeleshwar Kandavelu

I don't have physical interfaces on my integration bridge, just on my
normal (first) bridge (in my case br0).


Thank you so much!

Tony

On Mon, 2014-02-03 at 09:27 +, Darragh O'Reilly wrote:
> Hi,
> 
> the ovs-agent is responsible for tagging the port. It's strange
> that it can tag the dhcp port ok but not the nova port. What VIF
> driver are you using - libvirt_vif_driver in nova.conf?
> 
> Check the syslog - all the ovs-vsctl commands are logged there.
> Look for messages about this port. Are there any errors in the
> ovs-agent log?
> 
> Re, Darragh.
> 
> >i have a nearly working neutron + openvswitch + VLAN setup but, i have a
> >small problem however...
> >
> >I am running neutron-server on a node controller and
> >neutron-openvswitch-agent and neutron-dhcp-agent running on a compute
> >node.
> >
> >On the compute node, i have an initial bridge, with two physical
> >interfaces in bonding, with some VLANs trunked on the bond.
> >
> >On the controller node, i created a network with --provider:network_type
> >vlan and --provider:segmentation_id xxx (xxx being one of the VLAN
> >trunked on the bond inside my initial bridge). Then, i created a subnet
> >on that network.
> >
> >When i launch neutron-dhcp-agent on the compute node, everything seem
> >fine : the namespace is being created, there is a port with tag 1 on the
> >integration bridge for the dnsmasq process and, i can ping the IP of the
> >dnsmasq process from a device on the xxx vlan. I can also see the
> >openflow flows for vlan modification on both bridge (vlan xxx to vlan 1,
> >vlan 1 to vlan xxx).
> >
> >However, my problem is that when i launch a VM using the network i
> >created in neutron, a port is being created in the integration bridge
> >but, it is not tagged with vlan 1 so, the VM is unable to communicate on
> >the network. As soon as i tag the port with vlan 1, with a command
> >like : 
> >
> >ovs-vsctl set Port tap1234-ab tag=1 
> >
> >the VM is able to communicate on the network.
> >
> >
> >So, am i missing something obvious? Or maybe that i have something
> >misconfigured in my neutron setup?
> >
> >
> >Any help would be greatly appreciated.
> >
> >Regards,
> >
> >Tony
> 
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] [Barbican] Keystone PKI token too much long

2014-02-03 Thread Miller, Mark M (EB SW Cloud - R&D - Corvallis) 
I wish it was that easy. The Apache headers that you can adjust are not the 
ones creating the problem. The problem is with the response header size which 
you cannot adjust. Following is a comment from Graham Dumpleton:


On 17/01/2014, at 5:36 PM, "Miller, Mark M (EB SW Cloud - R&D - Corvallis)" 
mailto:mark.m.mil...@hp.com>> wrote:

Hello Graham,

I have run across a response header size limitation that I don’t know how to 
get around. I am using mod_wsgi with Apache2, SSL, and OpenStack Keystone. The 
problem I am running into is that the tokens returned by Keystone can be > 8190 
bytes in length. When they are greater than 8190 I get the following error:


[Thu Jan 16 22:27:47 2014] [info] Initial (No.1) HTTPS request received for 
child 231 (server 
d00-50-56-8e-75-82.cloudos.org:5000)
[Thu Jan 16 22:27:47 2014] [info] [client 192.168.124.2] mod_wsgi (pid=24676, 
process='keystone', 
application='d00-50-56-8e-75-82.cloudos.org:5000|'):
 Loading WSGI script '/etc/apache2/wsgi/keystone/main'.
[Thu Jan 16 22:27:48 2014] [error] [client 192.168.124.2] malformed header from 
script. Bad header=mVmOTdhMmUzIn0sIHsidXJsIjogImh: main
[Thu Jan 16 22:27:48 2014] [debug] mod_deflate.c(615): [client 192.168.124.2] 
Zlib: Compressed 592 to 377 : URL /v3/auth/tokens
[Thu Jan 16 22:27:48 2014] [debug] ssl_engine_kernel.c(1884): OpenSSL: Write: 
SSL negotiation finished successfully
[Thu Jan 16 22:27:48 2014] [info] [client 192.168.124.2] Connection closed to 
child 231 with standard shutdown (server 
d00-50-56-8e-75-82.cloudos.org:5000)

Is there some way to increase the response header size limit?

This is a hardwired limitation within the Apache function used by mod_wsgi to 
parse the response headers returned from a WSGI application running in daemon 
mode.

if (!(l = strchr(w, ':'))) {
if (!buffer) {
/* Soak up all the script output - may save an outright kill */
while ((*getsfunc)(w, MAX_STRING_LEN - 1, getsfunc_data) > 0) {
continue;
}
}

ap_log_rerror(SCRIPT_LOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,
  "malformed header from script '%s': Bad header: 
%.30s",
  apr_filepath_name_get(r->filename), w);
return HTTP_INTERNAL_SERVER_ERROR;
}

Besides copying the function from Apache into mod_wsgi and modifying it, which 
has been on the cards for a while for other reasons, the only thing I can 
suggest is to used embedded mode, which in general I wouldn't recommend.

What is the nature of the token?

Graham



From: Adam Young [mailto:ayo...@redhat.com]
Sent: Monday, February 03, 2014 10:23 AM
To: openstack@lists.openstack.org
Subject: Re: [Openstack] [Barbican] Keystone PKI token too much long

On 01/31/2014 11:24 AM, Miller, Mark M (EB SW Cloud - R&D - Corvallis) wrote:
Hello,

We ran into a problem when using Apache2 and WSGi as the web front end for 
Keystone. Keystone v2.0 returns the token in the response body but v3 returns 
the token in the response header. Apache has an internal limit of 8190 bytes 
for the response header which means that you will get an error when you request 
a token with includes an endpoint catalog that has more than about 12 endpoints 
in it. We had to turn the catalog off.

Setting the header size is a config option;

I believe it is
LimitRequestFieldSize

http://httpd.apache.org/docs/2.2/mod/core.html#LimitRequestFieldSize

So set that larger.  10K should be acceptable, based on the reports I've heard.



Mark

From: Remo Mattei [mailto:r...@italy1.com]
Sent: Friday, January 31, 2014 5:41 AM
To: Ferreira, Rafael
Cc: openstack@lists.openstack.org
Subject: Re: [Openstack] [Barbican] Keystone PKI token too much long

Hi Rafael
Do you have the info on how that has been implemented.

Thanks
Remo
Inviato da iPhone ()

Il giorno Jan 31, 2014, alle ore 8:27, "Ferreira, Rafael" 
mailto:r...@io.com>> ha scritto:
By the way, you can achieve the same benefits of uuid tokens (shorter tokens) 
with PKI by simply using a md5 hash of the PKI token for your X-Auth headers. 
This is poorly documented but it seems to work just fine.

From: Adam Young mailto:ayo...@redhat.com>>
Date: Tuesday, January 28, 2014 at 1:41 PM
To: "openstack@lists.openstack.org" 
mailto:openstack@lists.openstack.org>>
Subject: Re: [Openstack] [Barbican] Keystone PKI token too much long

On 01/22/2014 12:21 PM, John Wood wrote:
(Adding another member of our team Douglas)

Hello Giuseppe,

For questions about news or patches for Keystone's PKI vs UUID modes, you might 
reach out to the 
openstack-...@lists.openstack.org 
mailing list, with the subject line prefixed with [openstack-dev] [keystone]

Our observation has be

Re: [Openstack] openstack swift storage provisioning

2014-02-03 Thread Samuel Merritt 

On 1/31/14 8:22 PM, pragya jain wrote:

hello all,

please somebody help me to know:

in openstack swift,
how does a user come to know whether there is a free space available to
store the data or there is a need to add more storage capacity?


One simply tries the object PUT request and sees if it fails or not. If 
the response has a 2xx-series (success) status code, then the object was 
successfully uploaded, which means there was enough space. If there 
wasn't enough space, then the response will have a 5xx-series (server 
error) status code.


Note that there are many, many other error conditions that can also 
cause a 5xx-series response, so detection of an out-of-space condition 
is not easy from the client side. (From the server side, of course, one 
can simply run "df" on all storage nodes and see what's free.)


In general, letting a Swift cluster fill up is a very bad idea. There 
are all sorts of things that rely on having a little disk space 
available, and having disks that are 100% full is a great way to start 
seeing how those things break in interesting and exciting ways.


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] [Barbican] Keystone PKI token too much long

2014-02-03 Thread Adam Young 

On 01/31/2014 08:40 AM, Remo Mattei wrote:

Hi Rafael
Do you have the info on how that has been implemented.
It falls back to a Keystone server lookup to validate the tokens.  I 
would not recommend doing that.




Thanks
Remo

Inviato da iPhone ()

Il giorno Jan 31, 2014, alle ore 8:27, "Ferreira, Rafael" > ha scritto:


By the way, you can achieve the same benefits of uuid tokens (shorter 
tokens) with PKI by simply using a md5 hash of the PKI token for your 
X-Auth headers. This is poorly documented but it seems to work just 
fine.


From: Adam Young mailto:ayo...@redhat.com>>
Date: Tuesday, January 28, 2014 at 1:41 PM
To: "openstack@lists.openstack.org 
" 
mailto:openstack@lists.openstack.org>>

Subject: Re: [Openstack] [Barbican] Keystone PKI token too much long

On 01/22/2014 12:21 PM, John Wood wrote:

(Adding another member of our team Douglas)

Hello Giuseppe,

For questions about news or patches for Keystone's PKI vs UUID 
modes, you might reach out to the openstack-...@lists.openstack.org 
mailing list, with the subject line prefixed with [openstack-dev] 
[keystone]


Our observation has been that the PKI mode can generate large text 
blocks for tokens (esp. for large service catalogs) that cause http 
header errors.


Regarding the specific barbican scripts you are running, we haven't 
run those in a while, so I'll investigate as we might need to update 
them. Please email back your /etc/barbican/barbican-api-paste.ini 
paste config file when you have a chance as well.


Thanks,
John



*From:* Giuseppe Galeota [giuseppegale...@gmail.com]
*Sent:* Wednesday, January 22, 2014 7:36 AM
*To:* openstack@lists.openstack.org
*Cc:* John Wood
*Subject:* [Openstack] [Barbican] Keystone PKI token too much long

Dear all,
I have configured Keystone for Barbican using this guide 
.


Is there any news or patch about the need to use a shorter token? I 
would not use a modified token.
Its a known problem.  You can request a token without the service 
catalog using an extension.


One possible future enhancement is to compress the key.




Following you can find an extract of the linked guide:

  * (Optional) Typical keystone setup creates PKI tokens that are
long, do not fit easily into curl requests without splitting
into components. For testing purposes suggest updating the
keystone database with a shorter token-id. (An alternative is to
set up keystone to generate uuid tokens.) From the above output
grad the token expiry value, referred to as "x-y-z"

mysql  -u  rootuse  keystone;update  token  set  id="foo"  where  
expires="x-y-z"  ;

Thank you,
Giuseppe


___
Mailing list:http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to :openstack@lists.openstack.org
Unsubscribe :http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


The communication contained in this e-mail is confidential and is 
intended only for the named recipient(s) and may contain information 
that is privileged, proprietary, attorney work product or exempt from 
disclosure under applicable law. If you have received this message in 
error, or are not the named recipient(s), please note that any form 
of distribution, copying or use of this communication or the 
information in it is strictly prohibited and may be unlawful. Please 
immediately notify the sender of the error, and delete this 
communication including any attached files from your system. Thank 
you for your cooperation. !DSPAM:1,52eba57b226891577754402!

___
Mailing list: 
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org 

Unsubscribe : 
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack



!DSPAM:1,52eba57b226891577754402!


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] [Barbican] Keystone PKI token too much long

2014-02-03 Thread Adam Young 
On 01/31/2014 11:24 AM, Miller, Mark M (EB SW Cloud - R&D - Corvallis) 
wrote:


Hello,

We ran into a problem when using Apache2 and WSGi as the web front end 
for Keystone. Keystone v2.0 returns the token in the response body but 
v3 returns the token in the response header. Apache has an internal 
limit of 8190 bytes for the response header which means that you will 
get an error when you request a token with includes an endpoint 
catalog that has more than about 12 endpoints in it. We had to turn 
the catalog off.




Setting the header size is a config option;

I believe it is
|LimitRequestFieldSize

http://httpd.apache.org/docs/2.2/mod/core.html#LimitRequestFieldSize

So set that larger.  10K should be acceptable, based on the reports I've 
heard.


|


Mark

*From:*Remo Mattei [mailto:r...@italy1.com]
*Sent:* Friday, January 31, 2014 5:41 AM
*To:* Ferreira, Rafael
*Cc:* openstack@lists.openstack.org
*Subject:* Re: [Openstack] [Barbican] Keystone PKI token too much long

Hi Rafael

Do you have the info on how that has been implemented.

Thanks

Remo

Inviato da iPhone (?)


Il giorno Jan 31, 2014, alle ore 8:27, "Ferreira, Rafael" > ha scritto:


By the way, you can achieve the same benefits of uuid tokens
(shorter tokens) with PKI by simply using a md5 hash of the PKI
token for your X-Auth headers. This is poorly documented but it
seems to work just fine.

*From: *Adam Young mailto:ayo...@redhat.com>>
*Date: *Tuesday, January 28, 2014 at 1:41 PM
*To: *"openstack@lists.openstack.org
"
mailto:openstack@lists.openstack.org>>
*Subject: *Re: [Openstack] [Barbican] Keystone PKI token too much long

On 01/22/2014 12:21 PM, John Wood wrote:

(Adding another member of our team Douglas)

Hello Giuseppe,

For questions about news or patches for Keystone's PKI vs UUID
modes, you might reach out to the
openstack-...@lists.openstack.org
 mailing list, with
the subject line prefixed with [openstack-dev] [keystone]

Our observation has been that the PKI mode can generate large
text blocks for tokens (esp. for large service catalogs) that
cause http header errors.

Regarding the specific barbican scripts you are running, we
haven't run those in a while, so I'll investigate as we might
need to update them. Please email back your
/etc/barbican/barbican-api-paste.ini paste config file when
you have a chance as well.

Thanks,

John



*From:*Giuseppe Galeota [giuseppegale...@gmail.com
]
*Sent:* Wednesday, January 22, 2014 7:36 AM
*To:* openstack@lists.openstack.org

*Cc:* John Wood
*Subject:* [Openstack] [Barbican] Keystone PKI token too much long

Dear all,

I have configured Keystone for Barbican using this guide

.

Is there any news or patch about the need to use a shorter
token? I would not use a modified token.

Its a known problem.  You can request a token without the service
catalog using an extension.

One possible future enhancement is to compress the key.



Following you can find an extract of the linked guide:

  * (Optional) Typical keystone setup creates PKI tokens that are
long, do not fit easily into curl requests without splitting
into components. For testing purposes suggest updating the
keystone database with a shorter token-id. (An alternative is
to set up keystone to generate uuid tokens.) From the above
output grad the token expiry value, referred to as "x-y-z"

mysql*-*u rootuse keystone;update token set id*=*"foo"  where 
expires*=*"x-y-z"  ;

Thank you,

Giuseppe




___

Mailing list:http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Post to :openstack@lists.openstack.org  


Unsubscribe :http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

The communication contained in this e-mail is confidential and is
intended only for the named recipient(s) and may contain
information that is privileged, proprietary, attorney work product
or exempt from disclosure under applicable law. If you have
received this message in error, or are not the named recipient(s),
please note that any form of distribution, copying or use of this
communication or the information in it is strictly prohibited and
may be unlawful. Please immediately notify the sender of the
error, and delete this communication

Re: [Openstack] [Heat/Havana]: Long delay before VM instance starts to ping...

2014-02-03 Thread Aryeh Friedman 
What is the problem??? Isn't this about the normal amount of time it would
take to boot the instance if it was not in cloud? (remember open stack is
nothing but a wrapper around [virtual] machines and thus is limited to how
long stuff takes on a real/virtual machine])


On Mon, Feb 3, 2014 at 8:11 AM, Juha Tynninen wrote:

> Hi,
>
> I'm using the following unmodified image:
>
> http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img
>
>
> I set static ip address for the VM instance via Heat template and
> user-data:
>
>  "Resources" : {
>
>   "DemoInstance" : {
>"Type" : "OS::Nova::Server",
>"Properties" : {
>  "key_name" : { "Ref" : "KeyName" },
>  "flavor": { "Ref" : "Flavor" },
>  "image": { "Ref": "ImageName"},
>  "networks": [
> { "uuid": { "Ref" : "PrivateNetworkId" } },
> { "uuid": { "Ref" : "PublicNetworkId" }, "fixed_ip": { "Ref" :
> "StaticIp" } } ],
>  "user_data" : {
> "Fn::Base64": {
>"Fn::Join": [
>   "",
>   [
>  "#!/bin/bash \n",
>  "export ETH1_CFG=/etc/network/interfaces.d/eth1.cfg\n",
>  "rm $ETH1_CFG\n",
>  "touch $ETH1_CFG\n",
>  "echo auto eth1 >> $ETH1_CFG\n",
>  "echo iface eth1 inet static >> $ETH1_CFG\n",
>  "echo address ", { "Ref": "StaticIp" }, " >> $ETH1_CFG\n",
>  "echo netmask 255.255.255.0 >> $ETH1_CFG\n",
>  "ifdown eth1\n",
>  "ifup eth1\n"
>   ]
>]
> }
>
> The static ip is given from public network range (192.168.100.xxx).
> As such everything is working fine, the VM starts and after a while I can
> ping it and log in to it with ssh.
>
> But it can take quite a long time before ping and ssh starts to work.
> Normally 4-7 minutes.
> Any ideas what could be a reason why it takes so long...? What to check?
>
> Many thanks,
> -Juha
>
>
> ___
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>


-- 
Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] [Neutron] asymetric DHCP brokenness on tenant GRE networks

2014-02-03 Thread Jonathan Proulx 
Turns out my issue is simply that Havana requires Open vSwitch >=1.10
and my compute nodes were still running 1.4.  I some how managed to
miss the errors in the logs (didn't look far enough back) indicating
the failure to properly create the flooding flow on the tunnel bridge:

/var/log/neutron/openvswitch-agent.log.4.gz:Command: ['sudo',
'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ovs-ofctl',
'mod-flows', 'br-tun',
'hard_timeout=0,idle_timeout=0,priority=1,table=21,dl_vlan=1,actions=strip_vlan,set_tunnel:3,output:4,58,56,11,12,47,13,48,49,44,43,45,46,30,31,29,28,26,27,24,25,32,19,21,59,60,57,6,5,20,18,17,16,15,14,7,9,8,53,10,3,2,38,37,39,40,34,23,36,35,22,42,41,54,52,51,50,55,33']
/var/log/neutron/openvswitch-agent.log.4.gz:Stderr: 'ovs-ofctl:
unknown keyword hard_timeout\n'

v1.10 was installed on upgrade, but since it's tied to kernel module,
requires a reboot of the compute nodes to make it go.

On Fri, Jan 31, 2014 at 3:30 AM, Ruzicka, Marek
 wrote:
> Hi Jon,
>
> By any chance, do you have any kind of asymmetric routing in place?
> This is definitely a long shot, since I have no idea about your setup, but we 
> have experienced similar issues ourselves.
> In our case it was problem with asymmetric routing and rather dumb linux 
> defaults when it comes to arp settings.
>
> Try to check what are your current settings, and if they differ, try these:
>
> net.ipv4.conf.all.arp_announce=1
> net.ipv4.conf.default.arp_announce=1
> net.ipv4.conf.all.arp_notify=1
> net.ipv4.conf.default.arp_notify=1
> net.ipv4.conf.all.rp_filter=0
> net.ipv4.conf.default.rp_filter=0
>
> Just shooting from the hip here, so sorry if I'm completely wrong here.
>
> Marek
>
> -Original Message-
> From: Jonathan Proulx [mailto:j...@jonproulx.com]
> Sent: 30. januára 2014 19:11
> To: Robert Collins
> Cc: openstack@lists.openstack.org
> Subject: Re: [Openstack] [Neutron] asymetric DHCP brokenness on tenant GRE 
> networks
>
> Still can't quite sort this out but I am circling in on where the problem is.
>
> To recap bootpc and arp requests from instances using GRE tenant networks are 
> not making it onto the physical network,  I suspect this is "all broadcast 
> traffic".  If IP is configured statically and the arp cache is set (by 
> pinging from the other end, network controller in this case) I can 
> communicate over the link, until the arp cache times out...
>
> By fiddling with ovs port mirroring I've been able to determine where the 
> packets disappear from my expected path (and verified that packets are 
> visible at these point when traffic is passing):
>
>
> tap (has packets) -> patch-tun (has packets) -> patch-int (still
> there) -> gre- (no packets) -> eth0 (no packets)
>
> \___/
> \_/(GRE wrapped)
>
> br-int
>  br-tun  IP of
> tunnel endpoint
>
>
> That will probably get mangled by line wrapping but packets make it to the 
> tunnel bridge, br-tun, on the patch-int interface but do not make it onto the 
> gre- interface.  This is consistent across multiple GRE networks including 
> newly created ones.  The provider VLAN networks most of our instances use 
> function normally (on a much different path), and GRE used to work definitely 
> with Grizzly though not sure if they broke on upgrade or since then as 
> they're not widely used.
>
> so my basic question remains WTF?
>
> -Jon
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Does OpenStack join this year's GSoC

2014-02-03 Thread Debojyoti Dutta 
+1  I would love to mentor a student in the area of scheduling and
performance characterization.


On Mon, Feb 3, 2014 at 7:11 AM, Debojyoti Dutta  wrote:

> +
>
>
> On Mon, Feb 3, 2014 at 6:18 AM, Damon Wang  wrote:
>
>> Hi,
>>
>> I'm interested in participating as a student.
>>
>> I now do some research job about OpenStack(Neutron) at a lab, and I'm
>> free at June to August, so ask whether OpenStack join this year's GSoC.
>>
>> Hope some developers have interest in GSoC, I think it's both benefit to
>> community and students.
>>
>> Thanks,
>>
>> Damon
>>
>>
>> 2014-02-03 Anne Gentle :
>>
>> Hi Damon,
>>> Are you interested in being a mentor or participating as a student?
>>>
>>>  I sent out a call to the OpenStack community to ask for someone to
>>> coordinate and recruit mentors:
>>>
>>> http://lists.openstack.org/pipermail/openstack-dev/2014-January/025744.html
>>>
>>> But haven't heard back from anyone interested yet.
>>>
>>> Thanks for asking -- hopefully it'll encourage someone to step forward!
>>> Anne
>>>
>>>
>>> On Mon, Feb 3, 2014 at 7:37 AM, Damon Wang wrote:
>>>
 Hi guys,

 Does OpenStack join this year's GSoC(Google Summer of Code) ?

 Mentoring organizations can begin submitting applications to Google
 these days, does OpenStack will join?

 And as I know, OpenStack has tried in 2012 but failed...

 Thanks,

 Damon


 ___
 Mailing list:
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
 Post to : openstack@lists.openstack.org
 Unsubscribe :
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


>>>
>>
>> ___
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack@lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
>
> --
> -Debo~
>



-- 
-Debo~
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Does OpenStack join this year's GSoC

2014-02-03 Thread Debojyoti Dutta 
+


On Mon, Feb 3, 2014 at 6:18 AM, Damon Wang  wrote:

> Hi,
>
> I'm interested in participating as a student.
>
> I now do some research job about OpenStack(Neutron) at a lab, and I'm free
> at June to August, so ask whether OpenStack join this year's GSoC.
>
> Hope some developers have interest in GSoC, I think it's both benefit to
> community and students.
>
> Thanks,
>
> Damon
>
>
> 2014-02-03 Anne Gentle :
>
> Hi Damon,
>> Are you interested in being a mentor or participating as a student?
>>
>>  I sent out a call to the OpenStack community to ask for someone to
>> coordinate and recruit mentors:
>>
>> http://lists.openstack.org/pipermail/openstack-dev/2014-January/025744.html
>>
>> But haven't heard back from anyone interested yet.
>>
>> Thanks for asking -- hopefully it'll encourage someone to step forward!
>> Anne
>>
>>
>> On Mon, Feb 3, 2014 at 7:37 AM, Damon Wang wrote:
>>
>>> Hi guys,
>>>
>>> Does OpenStack join this year's GSoC(Google Summer of Code) ?
>>>
>>> Mentoring organizations can begin submitting applications to Google
>>> these days, does OpenStack will join?
>>>
>>> And as I know, OpenStack has tried in 2012 but failed...
>>>
>>> Thanks,
>>>
>>> Damon
>>>
>>>
>>> ___
>>> Mailing list:
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> Post to : openstack@lists.openstack.org
>>> Unsubscribe :
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>
>>>
>>
>
> ___
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>


-- 
-Debo~
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Does OpenStack join this year's GSoC

2014-02-03 Thread Damon Wang 
Hi,

I'm interested in participating as a student.

I now do some research job about OpenStack(Neutron) at a lab, and I'm free
at June to August, so ask whether OpenStack join this year's GSoC.

Hope some developers have interest in GSoC, I think it's both benefit to
community and students.

Thanks,

Damon


2014-02-03 Anne Gentle :

> Hi Damon,
> Are you interested in being a mentor or participating as a student?
>
> I sent out a call to the OpenStack community to ask for someone to
> coordinate and recruit mentors:
> http://lists.openstack.org/pipermail/openstack-dev/2014-January/025744.html
>
> But haven't heard back from anyone interested yet.
>
> Thanks for asking -- hopefully it'll encourage someone to step forward!
> Anne
>
>
> On Mon, Feb 3, 2014 at 7:37 AM, Damon Wang  wrote:
>
>> Hi guys,
>>
>> Does OpenStack join this year's GSoC(Google Summer of Code) ?
>>
>> Mentoring organizations can begin submitting applications to Google these
>> days, does OpenStack will join?
>>
>> And as I know, OpenStack has tried in 2012 but failed...
>>
>> Thanks,
>>
>> Damon
>>
>>
>> ___
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack@lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Does OpenStack join this year's GSoC

2014-02-03 Thread Anne Gentle 
Hi Damon,
Are you interested in being a mentor or participating as a student?

I sent out a call to the OpenStack community to ask for someone to
coordinate and recruit mentors:
http://lists.openstack.org/pipermail/openstack-dev/2014-January/025744.html

But haven't heard back from anyone interested yet.

Thanks for asking -- hopefully it'll encourage someone to step forward!
Anne


On Mon, Feb 3, 2014 at 7:37 AM, Damon Wang  wrote:

> Hi guys,
>
> Does OpenStack join this year's GSoC(Google Summer of Code) ?
>
> Mentoring organizations can begin submitting applications to Google these
> days, does OpenStack will join?
>
> And as I know, OpenStack has tried in 2012 but failed...
>
> Thanks,
>
> Damon
>
>
> ___
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] nova unique name generator middleware

2014-02-03 Thread Joel Cooklin 
>>Shouldn't "nova list" and some shell script magic do most of this?

For our use case this won't work as well since several business units
(tenants) make direct use of the APIs.  It's hard to enforce that they
use our wrappers and the like.  It would be much more convenient in
our case if we could enforce business logic via a plugin for all
requests regardless of the client being used to access the API.

On Sun, Feb 2, 2014 at 11:48 PM, Aryeh Friedman
 wrote:
> Shouldn't "nova list" and some shell script magic do most of this?  The only
> problem would be to make sure that two people didn't ask for a name at the
> same time
>
>
> On Mon, Feb 3, 2014 at 1:19 AM, Tim Bell  wrote:
>>
>> > -Original Message-
>> > From: John Griffith [mailto:john.griff...@solidfire.com]
>> > Sent: 03 February 2014 03:47
>> > To: Joel Cooklin
>> > Cc: openstack@lists.openstack.org
>> > Subject: Re: [Openstack] nova unique name generator middleware
>> >
>> > On Sun, Feb 2, 2014 at 7:26 PM, Joel Cooklin 
>> > wrote:
>> > > +1 intel use cases.  It would be nice to avoid our current custom
>> > > patches.
>> > >
>> > >
>> > > On Sunday, February 2, 2014, Joshua Harlow 
>> > > wrote:
>> > >>
>> > >> +1 yahoo use case(s) would also benefit from not having to patch the
>> > >> +code
>> > >> to achieve similar results.
>> > >>
>> > >> Sent from my really tiny device...
>> > >>
>> > >> > On Feb 2, 2014, at 12:12 AM, "Tim Bell"  wrote:
>> > >> >
>> > >> > It would be interesting to have a formal exit inside OpenStack nova
>> > >> > at VM creation for this sort of check rather than having to patch
>> > >> > the code.
>> > >> >
>> > >> > Other scenarios that I've seen is where there is a need to enforce
>> > >> > limits as the server name is used for other purposes. Examples are
>> > >> > characters in the server name or maximum length.
>> > >> >
>> > >> > Tim
>> > >> >
>> ...
>> > >
>> > Maybe just an auto-naming option added to nova's existing boot call; use
>> > a prefix and the UUID of the instance would satisfy the
>> > cases people are talking about here and not impact existing users?
>> >
>>
>> We have a set of other use cases which are around the use of the server
>> name to get a Kerberos/X.509 identity which imposes other restrictions on
>> the name being chosen (such as maximum length and limited set of
>> characters). The unique name is one scenario but there are others.
>>
>> Thus, we could start adding new options such as "max server name length"
>> and "server name character set" or we find a way to do a plugin.
>>
>> Tim
>>
>> ___
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack@lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
>
>
> --
> Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Does OpenStack join this year's GSoC

2014-02-03 Thread Damon Wang 
Hi guys,

Does OpenStack join this year's GSoC(Google Summer of Code) ?

Mentoring organizations can begin submitting applications to Google these
days, does OpenStack will join?

And as I know, OpenStack has tried in 2012 but failed...

Thanks,

Damon
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] [Heat/Havana]: Long delay before VM instance starts to ping...

2014-02-03 Thread Juha Tynninen 
Hi,

I'm using the following unmodified image:
http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img


I set static ip address for the VM instance via Heat template and user-data:

 "Resources" : {

  "DemoInstance" : {
   "Type" : "OS::Nova::Server",
   "Properties" : {
 "key_name" : { "Ref" : "KeyName" },
 "flavor": { "Ref" : "Flavor" },
 "image": { "Ref": "ImageName"},
 "networks": [
{ "uuid": { "Ref" : "PrivateNetworkId" } },
{ "uuid": { "Ref" : "PublicNetworkId" }, "fixed_ip": { "Ref" :
"StaticIp" } } ],
 "user_data" : {
"Fn::Base64": {
   "Fn::Join": [
  "",
  [
 "#!/bin/bash \n",
 "export ETH1_CFG=/etc/network/interfaces.d/eth1.cfg\n",
 "rm $ETH1_CFG\n",
 "touch $ETH1_CFG\n",
 "echo auto eth1 >> $ETH1_CFG\n",
 "echo iface eth1 inet static >> $ETH1_CFG\n",
 "echo address ", { "Ref": "StaticIp" }, " >> $ETH1_CFG\n",
 "echo netmask 255.255.255.0 >> $ETH1_CFG\n",
 "ifdown eth1\n",
 "ifup eth1\n"
  ]
   ]
}

The static ip is given from public network range (192.168.100.xxx).
As such everything is working fine, the VM starts and after a while I can
ping it and log in to it with ssh.

But it can take quite a long time before ping and ssh starts to work.
Normally 4-7 minutes.
Any ideas what could be a reason why it takes so long...? What to check?

Many thanks,
-Juha
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] port on openvswitch not tagged upon VM launch

2014-02-03 Thread Ageeleshwar Kandavelu 
@Darragh O'Reilly

It is quiet possible because it is the dhcp agent that creates port for 
dnsmasq. Nova driver creates it for VM. Some time back I learnt from the 
launchpad that 'agent/linux/interface.py' is the one responsible.

Checking the vif driver would be a good place to start as you mentioned.


However I just wanted some clarification on the below

On the compute node, i have an initial bridge, with two physical
interfaces in bonding, with some VLANs trunked on the bond


@DeadManMoving

Why do you need to add physical interfaces to your integration bridge?

http://www.csscorp.com/common/email-disclaimer.php
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] [neutron] neutron api

2014-02-03 Thread Ageeleshwar Kandavelu 
I was trying to use the python-neutronclient for creating security groups and 
it throws the weird ("NeutronClientException: Unable to find 'security_group' 
in request body" ) exception. Why is it trying to find a security group when I 
am trying to create a new one.

the list and get method of the python-neutronclient work well though.


I checked the neutron api documentation and see that it has CRUD methods only 
for network, subnet and ports. 
(https://wiki.openstack.org/wiki/Neutron/APIv2-specification)

Now I am really confused about the work-flow. Is neutron responsible for 
creating security groups or is it nova(create works with nova except that i do 
not know how to add rules to the sg).

Can any one tell me which process is responsible for this workflow and what the 
api is and if there is support for it in any python client.

Thank you,
Ageeleshwar K
http://www.csscorp.com/common/email-disclaimer.php
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] [openstack-user] About installing CLI for swift on windows

2014-02-03 Thread Mayur Patil 
Hi Dmitry,

 Thanks for the detail reply.

 I am asking why because *except swift* all components are properly
installed & ready to use.

 So I need single hint that could solve my problem. And yes, in case of
Linux, no doubt that it has to work.

 Waiting for favourable guidance,

 Thanks !!

*--*

*Cheers,Mayur*.

Contact :
  


 *
* 




On Mon, Feb 3, 2014 at 2:58 PM, Dmitry Mescheryakov <
dmescherya...@mirantis.com> wrote:

> Mayur,
>
> An observation: the stack trace shows that pkg_resources failed to import
> 'shell' module. At the same time swift's entry point is
> 'swiftclient.shell:main'. As if pkg_resources tries to import 'shell'
> instead of 'swiftclient.shell' for some reason. Can't give you more hints
> as I am not accustomed to develop under Windows. One thing I can suggest is
> to use swift client under Linux if you can. The client works in Linux out
> of the box.
>
> Dmitry
>
>
> 2014-02-01 Mayur Patil :
>
>> Hi All,
>>
>> I am trying to install Client Library for OpenStack Object Storage
>> API i.e. python-swiftclient.
>>
>> I have tried for each method but all fails:
>>
>> 1)   pip install python-swiftclient
>> 2)   pip install 
>> 3)   easy_install python-swiftclient
>>
>> I also configured manually setup.cfg in python-swiftclient as follows:
>>
>> http://fpaste.org/73621/
>>
>> in which, I have removed scripts= bin/swift.
>>
>> It seems to be all Ok from configurations. http://fpaste.org/73625/
>>
>> It also setup swift.exe to C:\Python27\Scripts.
>>
>> But again if I will check for  swift --version, it gives error
>> http://fpaste.org/73627/
>>
>> I have also googled but it did not help; stuck at this!
>>
>> Seeking for guidance,
>>
>> Thanks !!
>>
>> ___
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack@lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] [openstack-user] About installing CLI for swift on windows

2014-02-03 Thread Dmitry Mescheryakov 
Mayur,

An observation: the stack trace shows that pkg_resources failed to import
'shell' module. At the same time swift's entry point is
'swiftclient.shell:main'. As if pkg_resources tries to import 'shell'
instead of 'swiftclient.shell' for some reason. Can't give you more hints
as I am not accustomed to develop under Windows. One thing I can suggest is
to use swift client under Linux if you can. The client works in Linux out
of the box.

Dmitry


2014-02-01 Mayur Patil :

> Hi All,
>
> I am trying to install Client Library for OpenStack Object Storage API
> i.e. python-swiftclient.
>
> I have tried for each method but all fails:
>
> 1)   pip install python-swiftclient
> 2)   pip install 
> 3)   easy_install python-swiftclient
>
> I also configured manually setup.cfg in python-swiftclient as follows:
>
> http://fpaste.org/73621/
>
> in which, I have removed scripts= bin/swift.
>
> It seems to be all Ok from configurations. http://fpaste.org/73625/
>
> It also setup swift.exe to C:\Python27\Scripts.
>
> But again if I will check for  swift --version, it gives error
> http://fpaste.org/73627/
>
> I have also googled but it did not help; stuck at this!
>
> Seeking for guidance,
>
> Thanks !!
> *--*
> *Cheers,*
> *Mayur.*
>
> ___
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] port on openvswitch not tagged upon VM launch

2014-02-03 Thread Darragh O'Reilly 
Hi,

the ovs-agent is responsible for tagging the port. It's strange
that it can tag the dhcp port ok but not the nova port. What VIF
driver are you using - libvirt_vif_driver in nova.conf?

Check the syslog - all the ovs-vsctl commands are logged there.
Look for messages about this port. Are there any errors in the
ovs-agent log?

Re, Darragh.

>i have a nearly working neutron + openvswitch + VLAN setup but, i have a
>small problem however...
>
>I am running neutron-server on a node controller and
>neutron-openvswitch-agent and neutron-dhcp-agent running on a compute
>node.
>
>On the compute node, i have an initial bridge, with two physical
>interfaces in bonding, with some VLANs trunked on the bond.
>
>On the controller node, i created a network with --provider:network_type
>vlan and --provider:segmentation_id xxx (xxx being one of the VLAN
>trunked on the bond inside my initial bridge). Then, i created a subnet
>on that network.
>
>When i launch neutron-dhcp-agent on the compute node, everything seem
>fine : the namespace is being created, there is a port with tag 1 on the
>integration bridge for the dnsmasq process and, i can ping the IP of the
>dnsmasq process from a device on the xxx vlan. I can also see the
>openflow flows for vlan modification on both bridge (vlan xxx to vlan 1,
>vlan 1 to vlan xxx).
>
>However, my problem is that when i launch a VM using the network i
>created in neutron, a port is being created in the integration bridge
>but, it is not tagged with vlan 1 so, the VM is unable to communicate on
>the network. As soon as i tag the port with vlan 1, with a command
>like : 
>
>ovs-vsctl set Port tap1234-ab tag=1 
>
>the VM is able to communicate on the network.
>
>
>So, am i missing something obvious? Or maybe that i have something
>misconfigured in my neutron setup?
>
>
>Any help would be greatly appreciated.
>
>Regards,
>
>Tony

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] openstack swift storage provisioning

2014-02-03 Thread Heiko Krämer 
Hi Pragya,

you can set account and container quotas with a ResellerAdmin user.
http://docs.openstack.org/developer/swift/middleware.html?highlight=quota#module-swift.common.middleware.account_quotas


to find out how much a user have in use you need ceilometer.

Cheers
Heiko


On 01.02.2014 05:22, pragya jain wrote:
> hello all,
>
> please somebody help me to know:
>
>
> in openstack swift,
> how does a user come to know whether there is a free space available
to store the data or there is a need to add more storage capacity?
>
> ---
> thanks
> Pragya Jain
>
>
> ___
> Mailing list:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe :
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack



___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack