Re:RE: Is this a bug?

[WXR]

Why the rule set will lost after iptables restarting?How can I do to avoid it?




-- Original --
From:  "Jayapal Reddy Uradi";
Date:  Wed, Jun 26, 2013 12:34 PM
To:  "users"; 

Subject:  RE: Is this a bug?



Hi,

It is not a bug.
I think it is working as expected.
Please find my inline comments.

Thanks,
Jayapal

> -Original Message-
> From: WXR [mailto:474745...@qq.com]
> Sent: Wednesday, 26 June 2013 7:16 AM
> To: users
> Subject: Is this a bug?
> 
> cloudstack version:  4.1
> 
> network type:  basic zone and basic network
> 
> security group setting:
> ProtocolStart PortEnd PortCIDR
> TCP1655350.0.0.0/0
> UDP1655350.0.0.0/0
> ICMP-1-10.0.0.0/0
> 
> VM OS:  windows
> 
> 1.I can ping the vm and connect to it by rdp.
ICMP -1 -1 means allow icmp protocol all types and codes (255,255).
RDP uses tcp 3399, tcp all ports are opened.
So icmp and rdp are allowed to reach vm.
> 2.When I restart the iptables of the Host physical machine,I can not ping the
> vm,but I can still connect to it by rdp.
When you restart the iptables please make sure the cloudstack configured rules 
are set before checking the traffic.
RDP is working because the connection is in established state. 

> 3.When I delete the ICMP rule of security group and add the same rule
> again.I can ping the vm.
When you restart ipables rules, I think the icmp rule set by cloudstack is 
lost. When you reconfigure the icmp rules on the 
Host is configured  and traffic to the vm is allowed.


.

RE: Re:RE: Is this a bug?

[Jayapal Reddy Uradi]

Restart iptables logic is specific to host iptables.
You can save (iptables-save)  and restore (iptables-restore) to avoid config 
loss.

Thanks,
Jayapal

> -Original Message-
> From: WXR [mailto:474745...@qq.com]
> Sent: Wednesday, 26 June 2013 12:57 PM
> To: users
> Subject: Re:RE: Is this a bug?
> 
> Why the rule set will lost after iptables restarting?How can I do to avoid it?
> 
> 
> 
> 
> -- Original --
> From:  "Jayapal Reddy Uradi";
> Date:  Wed, Jun 26, 2013 12:34 PM
> To:  "users";
> 
> Subject:  RE: Is this a bug?
> 
> 
> 
> Hi,
> 
> It is not a bug.
> I think it is working as expected.
> Please find my inline comments.
> 
> Thanks,
> Jayapal
> 
> > -Original Message-
> > From: WXR [mailto:474745...@qq.com]
> > Sent: Wednesday, 26 June 2013 7:16 AM
> > To: users
> > Subject: Is this a bug?
> >
> > cloudstack version:  4.1
> >
> > network type:  basic zone and basic network
> >
> > security group setting:
> > ProtocolStart PortEnd PortCIDR
> > TCP1655350.0.0.0/0
> > UDP1655350.0.0.0/0
> > ICMP-1-10.0.0.0/0
> >
> > VM OS:  windows
> >
> > 1.I can ping the vm and connect to it by rdp.
> ICMP -1 -1 means allow icmp protocol all types and codes (255,255).
> RDP uses tcp 3399, tcp all ports are opened.
> So icmp and rdp are allowed to reach vm.
> > 2.When I restart the iptables of the Host physical machine,I can not
> > ping the vm,but I can still connect to it by rdp.
> When you restart the iptables please make sure the cloudstack configured
> rules are set before checking the traffic.
> RDP is working because the connection is in established state.
> 
> > 3.When I delete the ICMP rule of security group and add the same rule
> > again.I can ping the vm.
> When you restart ipables rules, I think the icmp rule set by cloudstack is 
> lost.
> When you reconfigure the icmp rules on the Host is configured  and traffic to
> the vm is allowed.
> 
> 
> .

Re: Re:RE: Is this a bug?

[Nils Vogels]

One could argue that the CloudPortal should do this, since the host is
under the reign of CloudPortal ... ;)


On Wed, Jun 26, 2013 at 12:18 PM, Jayapal Reddy Uradi <
jayapalreddy.ur...@citrix.com> wrote:

> Restart iptables logic is specific to host iptables.
> You can save (iptables-save)  and restore (iptables-restore) to avoid
> config loss.
>
> Thanks,
> Jayapal
>
> > -Original Message-
> > From: WXR [mailto:474745...@qq.com]
> > Sent: Wednesday, 26 June 2013 12:57 PM
> > To: users
> > Subject: Re:RE: Is this a bug?
> >
> > Why the rule set will lost after iptables restarting?How can I do to
> avoid it?
> >
> >
> >
> >
> > -- Original --
> > From:  "Jayapal Reddy Uradi";
> > Date:  Wed, Jun 26, 2013 12:34 PM
> > To:  "users";
> >
> > Subject:  RE: Is this a bug?
> >
> >
> >
> > Hi,
> >
> > It is not a bug.
> > I think it is working as expected.
> > Please find my inline comments.
> >
> > Thanks,
> > Jayapal
> >
> > > -Original Message-
> > > From: WXR [mailto:474745...@qq.com]
> > > Sent: Wednesday, 26 June 2013 7:16 AM
> > > To: users
> > > Subject: Is this a bug?
> > >
> > > cloudstack version:  4.1
> > >
> > > network type:  basic zone and basic network
> > >
> > > security group setting:
> > > ProtocolStart PortEnd PortCIDR
> > > TCP1655350.0.0.0/0
> > > UDP1655350.0.0.0/0
> > > ICMP-1-10.0.0.0/0
> > >
> > > VM OS:  windows
> > >
> > > 1.I can ping the vm and connect to it by rdp.
> > ICMP -1 -1 means allow icmp protocol all types and codes (255,255).
> > RDP uses tcp 3399, tcp all ports are opened.
> > So icmp and rdp are allowed to reach vm.
> > > 2.When I restart the iptables of the Host physical machine,I can not
> > > ping the vm,but I can still connect to it by rdp.
> > When you restart the iptables please make sure the cloudstack configured
> > rules are set before checking the traffic.
> > RDP is working because the connection is in established state.
> >
> > > 3.When I delete the ICMP rule of security group and add the same rule
> > > again.I can ping the vm.
> > When you restart ipables rules, I think the icmp rule set by cloudstack
> is lost.
> > When you reconfigure the icmp rules on the Host is configured  and
> traffic to
> > the vm is allowed.
> >
> >
> > .
>



-- 
Simple guidelines to happiness:
Work like you don't need the money,
Love like your heart has never been broken and
Dance like no one can see you.

RE: Re:RE: Is this a bug?

[Jayapal Reddy Uradi]

Iptables restart loads the default configuration from the config file 
(/etc/sysconfig/iptables).
In this case other configuration will be lost. If you want to reset iptables 
config use restart.

cloudstack is not controlling the iptables restart. User is not supposed to 
touch the cloudstack configured iptables rules.

I think you can also change the restart logic to save and re apply the config 
instead of default.
It is better to  use iptables-save,iptables stop, iptables start and  
iptables-reload.

Thanks,
Jayapal
> -Original Message-
> From: Nils Vogels [mailto:bacardic...@gmail.com]
> Sent: Wednesday, 26 June 2013 3:50 PM
> To: users@cloudstack.apache.org
> Subject: Re: Re:RE: Is this a bug?
> 
> One could argue that the CloudPortal should do this, since the host is under
> the reign of CloudPortal ... ;)
> 
> 
> On Wed, Jun 26, 2013 at 12:18 PM, Jayapal Reddy Uradi <
> jayapalreddy.ur...@citrix.com> wrote:
> 
> > Restart iptables logic is specific to host iptables.
> > You can save (iptables-save)  and restore (iptables-restore) to avoid
> > config loss.
> >
> > Thanks,
> > Jayapal
> >
> > > -Original Message-
> > > From: WXR [mailto:474745...@qq.com]
> > > Sent: Wednesday, 26 June 2013 12:57 PM
> > > To: users
> > > Subject: Re:RE: Is this a bug?
> > >
> > > Why the rule set will lost after iptables restarting?How can I do to
> > avoid it?
> > >
> > >
> > >
> > >
> > > -- Original --
> > > From:  "Jayapal Reddy Uradi";
> > > Date:  Wed, Jun 26, 2013 12:34 PM
> > > To:  "users";
> > >
> > > Subject:  RE: Is this a bug?
> > >
> > >
> > >
> > > Hi,
> > >
> > > It is not a bug.
> > > I think it is working as expected.
> > > Please find my inline comments.
> > >
> > > Thanks,
> > > Jayapal
> > >
> > > > -Original Message-
> > > > From: WXR [mailto:474745...@qq.com]
> > > > Sent: Wednesday, 26 June 2013 7:16 AM
> > > > To: users
> > > > Subject: Is this a bug?
> > > >
> > > > cloudstack version:  4.1
> > > >
> > > > network type:  basic zone and basic network
> > > >
> > > > security group setting:
> > > > ProtocolStart PortEnd PortCIDR
> > > > TCP1655350.0.0.0/0
> > > > UDP1655350.0.0.0/0
> > > > ICMP-1-10.0.0.0/0
> > > >
> > > > VM OS:  windows
> > > >
> > > > 1.I can ping the vm and connect to it by rdp.
> > > ICMP -1 -1 means allow icmp protocol all types and codes (255,255).
> > > RDP uses tcp 3399, tcp all ports are opened.
> > > So icmp and rdp are allowed to reach vm.
> > > > 2.When I restart the iptables of the Host physical machine,I can
> > > > not ping the vm,but I can still connect to it by rdp.
> > > When you restart the iptables please make sure the cloudstack
> > > configured rules are set before checking the traffic.
> > > RDP is working because the connection is in established state.
> > >
> > > > 3.When I delete the ICMP rule of security group and add the same
> > > > rule again.I can ping the vm.
> > > When you restart ipables rules, I think the icmp rule set by
> > > cloudstack
> > is lost.
> > > When you reconfigure the icmp rules on the Host is configured  and
> > traffic to
> > > the vm is allowed.
> > >
> > >
> > > .
> >
> 
> 
> 
> --
> Simple guidelines to happiness:
> Work like you don't need the money,
> Love like your heart has never been broken and Dance like no one can see
> you.

Re:RE: Re:RE: Is this a bug?

[WXR]

Thank you!I will have a try.


-- Original --
From:  "Jayapal Reddy Uradi";
Date:  Wed, Jun 26, 2013 06:55 PM
To:  "users@cloudstack.apache.org"; 

Subject:  RE: Re:RE: Is this a bug?



Iptables restart loads the default configuration from the config file 
(/etc/sysconfig/iptables).
In this case other configuration will be lost. If you want to reset iptables 
config use restart.

cloudstack is not controlling the iptables restart. User is not supposed to 
touch the cloudstack configured iptables rules.

I think you can also change the restart logic to save and re apply the config 
instead of default.
It is better to  use iptables-save,iptables stop, iptables start and  
iptables-reload.

Thanks,
Jayapal
> -Original Message-
> From: Nils Vogels [mailto:bacardic...@gmail.com]
> Sent: Wednesday, 26 June 2013 3:50 PM
> To: users@cloudstack.apache.org
> Subject: Re: Re:RE: Is this a bug?
> 
> One could argue that the CloudPortal should do this, since the host is under
> the reign of CloudPortal ... ;)
> 
> 
> On Wed, Jun 26, 2013 at 12:18 PM, Jayapal Reddy Uradi <
> jayapalreddy.ur...@citrix.com> wrote:
> 
> > Restart iptables logic is specific to host iptables.
> > You can save (iptables-save)  and restore (iptables-restore) to avoid
> > config loss.
> >
> > Thanks,
> > Jayapal
> >
> > > -Original Message-
> > > From: WXR [mailto:474745...@qq.com]
> > > Sent: Wednesday, 26 June 2013 12:57 PM
> > > To: users
> > > Subject: Re:RE: Is this a bug?
> > >
> > > Why the rule set will lost after iptables restarting?How can I do to
> > avoid it?
> > >
> > >
> > >
> > >
> > > -- Original --
> > > From:  "Jayapal Reddy Uradi";
> > > Date:  Wed, Jun 26, 2013 12:34 PM
> > > To:  "users";
> > >
> > > Subject:  RE: Is this a bug?
> > >
> > >
> > >
> > > Hi,
> > >
> > > It is not a bug.
> > > I think it is working as expected.
> > > Please find my inline comments.
> > >
> > > Thanks,
> > > Jayapal
> > >
> > > > -Original Message-
> > > > From: WXR [mailto:474745...@qq.com]
> > > > Sent: Wednesday, 26 June 2013 7:16 AM
> > > > To: users
> > > > Subject: Is this a bug?
> > > >
> > > > cloudstack version:  4.1
> > > >
> > > > network type:  basic zone and basic network
> > > >
> > > > security group setting:
> > > > ProtocolStart PortEnd PortCIDR
> > > > TCP1655350.0.0.0/0
> > > > UDP1655350.0.0.0/0
> > > > ICMP-1-10.0.0.0/0
> > > >
> > > > VM OS:  windows
> > > >
> > > > 1.I can ping the vm and connect to it by rdp.
> > > ICMP -1 -1 means allow icmp protocol all types and codes (255,255).
> > > RDP uses tcp 3399, tcp all ports are opened.
> > > So icmp and rdp are allowed to reach vm.
> > > > 2.When I restart the iptables of the Host physical machine,I can
> > > > not ping the vm,but I can still connect to it by rdp.
> > > When you restart the iptables please make sure the cloudstack
> > > configured rules are set before checking the traffic.
> > > RDP is working because the connection is in established state.
> > >
> > > > 3.When I delete the ICMP rule of security group and add the same
> > > > rule again.I can ping the vm.
> > > When you restart ipables rules, I think the icmp rule set by
> > > cloudstack
> > is lost.
> > > When you reconfigure the icmp rules on the Host is configured  and
> > traffic to
> > > the vm is allowed.
> > >
> > >
> > > .
> >
> 
> 
> 
> --
> Simple guidelines to happiness:
> Work like you don't need the money,
> Love like your heart has never been broken and Dance like no one can see
> you.
.

How can I allocate a specific IP when I create an instance.

[WXR]

cloudstack version: 4.1
network type: basic network

When I create a new instance,the vm will get a random IP from the DHCP server 
on vrouter.

If I want to:
1.allocate a specific ip to the vm.
2.allocate multiple ips to the vm.
3.change the vm ip from one to another.

How can I achieve it? I try to bind the ip to the vm nic manually but the ip 
can not be accessed.

Snapshot failing and SR left mounted

[Yong Chen]

Hi,

>From time to time there are VMs failed to take snapshots. I found that there 
>are SR left mounted (they are the mount to secondary storage snapshot paths) 
>on hosts and that seems causing the issue.

If I manually dismount or detach SR then snapshots can be takened successfully. 
However dismount or detach does not always work. It shows device is busy and I 
can't see any PID is using it by fuser.

So my questions are:
1. Why snapshot SRs sometime randomly are left mounted when there is no 
snapshot activities?
2. What is the way to clean up the above SR mounts?

My environment is CS 4.0.1 and XS 6.0.2 with all hot fixes up-to-date.

Thanks!

Yong

Re: How can I allocate a specific IP when I create an instance.

[Dave Dunaway]

There should be a way to have the ability to reserve an IP and still have
DHCP assign the IP by mac reservation. There's no technical reason this
wouldn't work and likely a feature a lot of people would love to see. The
only hold back is the UI not allowing you to do so.

Ultimately, you can go to the DB and change the VM's IP in the nics table
to what you want (reboot the VM and the IP change will occur). Which is not
the preferred way to do so, but ultimately that functionality from the UI
would be ideal.

Even going as far as intergrating IPAM functionality into the product would
be ideal.


On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
geoff.higginbot...@shapeblue.com> wrote:

> Simple answer - you can't.
>
> In an advanced zone, you can specify the IP address when you create a new
> VM using the API, however in a basic zone, because the IP will depend on
> which POD your VM ends up in, and as a user you cannot influence this,
> there is no way to specific the IP, even if you are a root admin.
>
> The reason it still fails when you manually change the IP is that the
> security groups feature is expecting the VM to have the IP CloudStack
> allocated it via DHCP.
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 +442036030540> | M: +44(0)7968161581
>
> geoff.higginbot...@shapeblue.com
> | www.shapeblue.com
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com> wrote:
>
> cloudstack version: 4.1
> network type: basic network
>
> When I create a new instance,the vm will get a random IP from the DHCP
> server on vrouter.
>
> If I want to:
> 1.allocate a specific ip to the vm.
> 2.allocate multiple ips to the vm.
> 3.change the vm ip from one to another.
>
> How can I achieve it? I try to bind the ip to the vm nic manually but the
> ip can not be accessed.
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
>

Re: How can I allocate a specific IP when I create an instance.

[Geoff Higginbottom]

Simple answer - you can't.

In an advanced zone, you can specify the IP address when you create a new VM 
using the API, however in a basic zone, because the IP will depend on which POD 
your VM ends up in, and as a user you cannot influence this, there is no way to 
specific the IP, even if you are a root admin.

The reason it still fails when you manually change the IP is that the security 
groups feature is expecting the VM to have the IP CloudStack allocated it via 
DHCP.

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44(0)20 3603 0542 | S: +44(0)20 3603 
0540 | M: +44(0)7968161581

geoff.higginbot...@shapeblue.com | 
www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com> wrote:

cloudstack version: 4.1
network type: basic network

When I create a new instance,the vm will get a random IP from the DHCP server 
on vrouter.

If I want to:
1.allocate a specific ip to the vm.
2.allocate multiple ips to the vm.
3.change the vm ip from one to another.

How can I achieve it? I try to bind the ip to the vm nic manually but the ip 
can not be accessed.
This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is operated under 
license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Re:RE: Is this a bug?

[Ahmad Emneina]

If you feel strongly about it, I'd file a feature enhancement for it. At
least an api call that can restore the iptable rules. I'd also start a
thread about it on dev and see if you can get people to upvote the ticket.
I for one, would love to see that in cloudstack.


On Wed, Jun 26, 2013 at 11:20 AM, Nils Vogels  wrote:

> One could argue that the CloudPortal should do this, since the host is
> under the reign of CloudPortal ... ;)
>
>
> On Wed, Jun 26, 2013 at 12:18 PM, Jayapal Reddy Uradi <
> jayapalreddy.ur...@citrix.com> wrote:
>
> > Restart iptables logic is specific to host iptables.
> > You can save (iptables-save)  and restore (iptables-restore) to avoid
> > config loss.
> >
> > Thanks,
> > Jayapal
> >
> > > -Original Message-
> > > From: WXR [mailto:474745...@qq.com]
> > > Sent: Wednesday, 26 June 2013 12:57 PM
> > > To: users
> > > Subject: Re:RE: Is this a bug?
> > >
> > > Why the rule set will lost after iptables restarting?How can I do to
> > avoid it?
> > >
> > >
> > >
> > >
> > > -- Original --
> > > From:  "Jayapal Reddy Uradi";
> > > Date:  Wed, Jun 26, 2013 12:34 PM
> > > To:  "users";
> > >
> > > Subject:  RE: Is this a bug?
> > >
> > >
> > >
> > > Hi,
> > >
> > > It is not a bug.
> > > I think it is working as expected.
> > > Please find my inline comments.
> > >
> > > Thanks,
> > > Jayapal
> > >
> > > > -Original Message-
> > > > From: WXR [mailto:474745...@qq.com]
> > > > Sent: Wednesday, 26 June 2013 7:16 AM
> > > > To: users
> > > > Subject: Is this a bug?
> > > >
> > > > cloudstack version:  4.1
> > > >
> > > > network type:  basic zone and basic network
> > > >
> > > > security group setting:
> > > > ProtocolStart PortEnd PortCIDR
> > > > TCP1655350.0.0.0/0
> > > > UDP1655350.0.0.0/0
> > > > ICMP-1-10.0.0.0/0
> > > >
> > > > VM OS:  windows
> > > >
> > > > 1.I can ping the vm and connect to it by rdp.
> > > ICMP -1 -1 means allow icmp protocol all types and codes (255,255).
> > > RDP uses tcp 3399, tcp all ports are opened.
> > > So icmp and rdp are allowed to reach vm.
> > > > 2.When I restart the iptables of the Host physical machine,I can not
> > > > ping the vm,but I can still connect to it by rdp.
> > > When you restart the iptables please make sure the cloudstack
> configured
> > > rules are set before checking the traffic.
> > > RDP is working because the connection is in established state.
> > >
> > > > 3.When I delete the ICMP rule of security group and add the same rule
> > > > again.I can ping the vm.
> > > When you restart ipables rules, I think the icmp rule set by cloudstack
> > is lost.
> > > When you reconfigure the icmp rules on the Host is configured  and
> > traffic to
> > > the vm is allowed.
> > >
> > >
> > > .
> >
>
>
>
> --
> Simple guidelines to happiness:
> Work like you don't need the money,
> Love like your heart has never been broken and
> Dance like no one can see you.
>

Re: Re:RE: Is this a bug?

[Ahmad Emneina]

on second thought, i wonder if a 'force reconnect' for the host restores
the rules. That might be the way to restore them in an undocumented way.


On Wed, Jun 26, 2013 at 5:16 PM, Ahmad Emneina  wrote:

> If you feel strongly about it, I'd file a feature enhancement for it. At
> least an api call that can restore the iptable rules. I'd also start a
> thread about it on dev and see if you can get people to upvote the ticket.
> I for one, would love to see that in cloudstack.
>
>
> On Wed, Jun 26, 2013 at 11:20 AM, Nils Vogels wrote:
>
>> One could argue that the CloudPortal should do this, since the host is
>> under the reign of CloudPortal ... ;)
>>
>>
>> On Wed, Jun 26, 2013 at 12:18 PM, Jayapal Reddy Uradi <
>> jayapalreddy.ur...@citrix.com> wrote:
>>
>> > Restart iptables logic is specific to host iptables.
>> > You can save (iptables-save)  and restore (iptables-restore) to avoid
>> > config loss.
>> >
>> > Thanks,
>> > Jayapal
>> >
>> > > -Original Message-
>> > > From: WXR [mailto:474745...@qq.com]
>> > > Sent: Wednesday, 26 June 2013 12:57 PM
>> > > To: users
>> > > Subject: Re:RE: Is this a bug?
>> > >
>> > > Why the rule set will lost after iptables restarting?How can I do to
>> > avoid it?
>> > >
>> > >
>> > >
>> > >
>> > > -- Original --
>> > > From:  "Jayapal Reddy Uradi";
>> > > Date:  Wed, Jun 26, 2013 12:34 PM
>> > > To:  "users";
>> > >
>> > > Subject:  RE: Is this a bug?
>> > >
>> > >
>> > >
>> > > Hi,
>> > >
>> > > It is not a bug.
>> > > I think it is working as expected.
>> > > Please find my inline comments.
>> > >
>> > > Thanks,
>> > > Jayapal
>> > >
>> > > > -Original Message-
>> > > > From: WXR [mailto:474745...@qq.com]
>> > > > Sent: Wednesday, 26 June 2013 7:16 AM
>> > > > To: users
>> > > > Subject: Is this a bug?
>> > > >
>> > > > cloudstack version:  4.1
>> > > >
>> > > > network type:  basic zone and basic network
>> > > >
>> > > > security group setting:
>> > > > ProtocolStart PortEnd PortCIDR
>> > > > TCP1655350.0.0.0/0
>> > > > UDP1655350.0.0.0/0
>> > > > ICMP-1-10.0.0.0/0
>> > > >
>> > > > VM OS:  windows
>> > > >
>> > > > 1.I can ping the vm and connect to it by rdp.
>> > > ICMP -1 -1 means allow icmp protocol all types and codes (255,255).
>> > > RDP uses tcp 3399, tcp all ports are opened.
>> > > So icmp and rdp are allowed to reach vm.
>> > > > 2.When I restart the iptables of the Host physical machine,I can not
>> > > > ping the vm,but I can still connect to it by rdp.
>> > > When you restart the iptables please make sure the cloudstack
>> configured
>> > > rules are set before checking the traffic.
>> > > RDP is working because the connection is in established state.
>> > >
>> > > > 3.When I delete the ICMP rule of security group and add the same
>> rule
>> > > > again.I can ping the vm.
>> > > When you restart ipables rules, I think the icmp rule set by
>> cloudstack
>> > is lost.
>> > > When you reconfigure the icmp rules on the Host is configured  and
>> > traffic to
>> > > the vm is allowed.
>> > >
>> > >
>> > > .
>> >
>>
>>
>>
>> --
>> Simple guidelines to happiness:
>> Work like you don't need the money,
>> Love like your heart has never been broken and
>> Dance like no one can see you.
>>
>
>

Re: How can I allocate a specific IP when I create an instance.

[Ahmad Emneina]

Its feasible to do this, you can pick a host to deploy to (as an admin) so
you know what pod it will eventually land in and its ip address space. I
say file an enhancement, bring it up to dev and have it discussed and voted
upon.


On Wed, Jun 26, 2013 at 4:51 PM, Dave Dunaway wrote:

> There should be a way to have the ability to reserve an IP and still have
> DHCP assign the IP by mac reservation. There's no technical reason this
> wouldn't work and likely a feature a lot of people would love to see. The
> only hold back is the UI not allowing you to do so.
>
> Ultimately, you can go to the DB and change the VM's IP in the nics table
> to what you want (reboot the VM and the IP change will occur). Which is not
> the preferred way to do so, but ultimately that functionality from the UI
> would be ideal.
>
> Even going as far as intergrating IPAM functionality into the product would
> be ideal.
>
>
> On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
> geoff.higginbot...@shapeblue.com> wrote:
>
> > Simple answer - you can't.
> >
> > In an advanced zone, you can specify the IP address when you create a new
> > VM using the API, however in a basic zone, because the IP will depend on
> > which POD your VM ends up in, and as a user you cannot influence this,
> > there is no way to specific the IP, even if you are a root admin.
> >
> > The reason it still fails when you manually change the IP is that the
> > security groups feature is expecting the VM to have the IP CloudStack
> > allocated it via DHCP.
> >
> > Regards
> >
> > Geoff Higginbottom
> > CTO / Cloud Architect
> >
> >
> > D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 > +442036030540> | M: +44(0)7968161581
> >
> > geoff.higginbot...@shapeblue.com >
> > | www.shapeblue.com
> >
> > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
> >
> >
> >
> > On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com> wrote:
> >
> > cloudstack version: 4.1
> > network type: basic network
> >
> > When I create a new instance,the vm will get a random IP from the DHCP
> > server on vrouter.
> >
> > If I want to:
> > 1.allocate a specific ip to the vm.
> > 2.allocate multiple ips to the vm.
> > 3.change the vm ip from one to another.
> >
> > How can I achieve it? I try to bind the ip to the vm nic manually but the
> > ip can not be accessed.
> > This email and any attachments to it may be confidential and are intended
> > solely for the use of the individual to whom it is addressed. Any views
> or
> > opinions expressed are solely those of the author and do not necessarily
> > represent those of Shape Blue Ltd or related companies. If you are not
> the
> > intended recipient of this email, you must neither take any action based
> > upon its contents, nor copy or show it to anyone. Please contact the
> sender
> > if you believe you have received this email in error. Shape Blue Ltd is a
> > company incorporated in England & Wales. ShapeBlue Services India LLP is
> > operated under license from Shape Blue Ltd. ShapeBlue is a registered
> > trademark.
> >
>

Re: Snapshot failing and SR left mounted

[Ahmad Emneina]

my guess is this is a bug. maybe were not handling stale operations
properly... please file it including all relevant logs and command outputs.


On Wed, Jun 26, 2013 at 1:54 PM, Yong Chen  wrote:

> Hi,
>
> From time to time there are VMs failed to take snapshots. I found that
> there are SR left mounted (they are the mount to secondary storage snapshot
> paths) on hosts and that seems causing the issue.
>
> If I manually dismount or detach SR then snapshots can be takened
> successfully. However dismount or detach does not always work. It shows
> device is busy and I can't see any PID is using it by fuser.
>
> So my questions are:
> 1. Why snapshot SRs sometime randomly are left mounted when there is no
> snapshot activities?
> 2. What is the way to clean up the above SR mounts?
>
> My environment is CS 4.0.1 and XS 6.0.2 with all hot fixes up-to-date.
>
> Thanks!
>
> Yong
>

Re: How can I allocate a specific IP when I create an instance.

[Geoff Higginbottom]

Dave,

There is a very good reason you can't, and its nothing to do with the GUI.

In a Basic Zone, the Guest VM IP is allocated from the POD CIDR.  The gotcha is 
that each POD has a unique CIDR, and as a user cannot influence POD placement, 
they have no way of knowing which POD the VM will end up in.

In an Advance Zone, the Guest VM CIDR is under the control of the user as they 
can allocate it when the create a new Guest Network.  The VM is allocated an IP 
from the Guest Network CIDR no matter which POD the VM ends up in.  users can 
allocate the Guest VM during the deployment of a new VM if they use the API.

I believe they are working on bringing DHCP control features into the GUI, but 
it will only be available in an Advanced Zone.

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44(0)20 3603 0542 | S: +44(0)20 3603 
0540 | M: +44(0)7968161581

geoff.higginbot...@shapeblue.com | 
www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 26 Jun 2013, at 08:53, "Dave Dunaway" 
mailto:dave.duna...@gmail.com>> wrote:

There should be a way to have the ability to reserve an IP and still have
DHCP assign the IP by mac reservation. There's no technical reason this
wouldn't work and likely a feature a lot of people would love to see. The
only hold back is the UI not allowing you to do so.

Ultimately, you can go to the DB and change the VM's IP in the nics table
to what you want (reboot the VM and the IP change will occur). Which is not
the preferred way to do so, but ultimately that functionality from the UI
would be ideal.

Even going as far as intergrating IPAM functionality into the product would
be ideal.


On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
geoff.higginbot...@shapeblue.com> 
wrote:

Simple answer - you can't.

In an advanced zone, you can specify the IP address when you create a new
VM using the API, however in a basic zone, because the IP will depend on
which POD your VM ends up in, and as a user you cannot influence this,
there is no way to specific the IP, even if you are a root admin.

The reason it still fails when you manually change the IP is that the
security groups feature is expecting the VM to have the IP CloudStack
allocated it via DHCP.

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 | M: +44(0)7968161581

geoff.higginbot...@shapeblue.com
| www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 26 Jun 2013, at 05:02, "WXR" 
<474745...@qq.com> wrote:

cloudstack version: 4.1
network type: basic network

When I create a new instance,the vm will get a random IP from the DHCP
server on vrouter.

If I want to:
1.allocate a specific ip to the vm.
2.allocate multiple ips to the vm.
3.change the vm ip from one to another.

How can I achieve it? I try to bind the ip to the vm nic manually but the
ip can not be accessed.
This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender
if you believe you have received this email in error. Shape Blue Ltd is a
company incorporated in England & Wales. ShapeBlue Services India LLP is
operated under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is operated under 
license from Shape Blue Ltd. ShapeBlue is a registered trademark.

CPVM custom SSL location

[David Comerford]

Hi,

Does anyone know where custom SSL certificates are stored on the console
proxy vm's?
Had a look in /etc/ssl/certs/ and /usr/local/cloud/certs/ but they only
contain the realhostip.com certs.

Thanks,
David Comerford

Re: CPVM custom SSL location

[Steven Liang]

  
  
good question. i also want to know.
  
  On 06/26/2013 12:31 PM, David Comerford wrote:


  Hi,

Does anyone know where custom SSL certificates are stored on the console
proxy vm's?
Had a look in /etc/ssl/certs/ and /usr/local/cloud/certs/ but they only
contain the realhostip.com certs.

Thanks,
David Comerford





-- 
  Steven Liang
Linux System Admin
Phone: 1.416.499.8009 ext. 2865
Cell Phone: 1.647.718.5292
Email: stevenli...@yesup.com
www.yesup.com | account.yesup.com
  
  
  

Re: CPVM custom SSL location

[Kelven Yang]

For security reasons, we actually don't store custom SSL certificate in console 
proxy VM's file system. The certificate is stored in management server DB 
(encrypted), dynamically re-constructed in memory and sent it over through the 
SSL secured channel to console proxy VM at run time.

Kelven

From: Steven Liang mailto:stevenli...@yesup.com>>
Reply-To: "users@cloudstack.apache.org" 
mailto:users@cloudstack.apache.org>>
Date: Wednesday, June 26, 2013 10:03 AM
To: "users@cloudstack.apache.org" 
mailto:users@cloudstack.apache.org>>
Subject: Re: CPVM custom SSL location

good question. i also want to know.

On 06/26/2013 12:31 PM, David Comerford wrote:

Hi,

Does anyone know where custom SSL certificates are stored on the console
proxy vm's?
Had a look in /etc/ssl/certs/ and /usr/local/cloud/certs/ but they only
contain the realhostip.com certs.

Thanks,
David Comerford




--
Steven Liang
Linux System Admin
Phone: 1.416.499.8009 ext. 2865
Cell Phone: 1.647.718.5292
Email: stevenli...@yesup.com
www.yesup.com | 
account.yesup.com

[Yesup]

Re: How can I allocate a specific IP when I create an instance.

[Jason Pavao]

Do you by chance have a sample sql query that would perform this?


On 6/26/2013 8:51 AM, Dave Dunaway wrote:

There should be a way to have the ability to reserve an IP and still have
DHCP assign the IP by mac reservation. There's no technical reason this
wouldn't work and likely a feature a lot of people would love to see. The
only hold back is the UI not allowing you to do so.

Ultimately, you can go to the DB and change the VM's IP in the nics table
to what you want (reboot the VM and the IP change will occur). Which is not
the preferred way to do so, but ultimately that functionality from the UI
would be ideal.

Even going as far as intergrating IPAM functionality into the product would
be ideal.


On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
geoff.higginbot...@shapeblue.com> wrote:


Simple answer - you can't.

In an advanced zone, you can specify the IP address when you create a new
VM using the API, however in a basic zone, because the IP will depend on
which POD your VM ends up in, and as a user you cannot influence this,
there is no way to specific the IP, even if you are a root admin.

The reason it still fails when you manually change the IP is that the
security groups feature is expecting the VM to have the IP CloudStack
allocated it via DHCP.

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 | M: +44(0)7968161581

geoff.higginbot...@shapeblue.com
| www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com> wrote:

cloudstack version: 4.1
network type: basic network

When I create a new instance,the vm will get a random IP from the DHCP
server on vrouter.

If I want to:
1.allocate a specific ip to the vm.
2.allocate multiple ips to the vm.
3.change the vm ip from one to another.

How can I achieve it? I try to bind the ip to the vm nic manually but the
ip can not be accessed.
This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender
if you believe you have received this email in error. Shape Blue Ltd is a
company incorporated in England & Wales. ShapeBlue Services India LLP is
operated under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.



--
Thanks.
-Jason

Re: How can I allocate a specific IP when I create an instance.

[Dave Dunaway]

@Geoff: Of course we are talking advanced networking, and having
consideration of what your networks are that you can use. If someone wants
to put a 10.x.x.x ip on a VM that is on a 192.x.x.x network, then they can
gladly shoot themselves in the foot. Ideally the person making such a
change understands the 'basic's of advanced networking in CloudPlatform.
Otherwise they should stick the UI.;)

@Jason: Look in the cloud.nics table. The nics for VMs are defined here.
Modify as needed. A restart of the VM to make sure it all works is highly
recommended.

In our testing environment I can move a VM from one network to another, add
nics, change IP's etc quite easily. Some of the 4.1 API will add this
functionality (add nics for example to an existing VM). But there's still a
lot of immutable things in CloudPlatform that shouldn't be, and  that maybe
one day will be a feature. We just need to make the requests for those
features.






On Wed, Jun 26, 2013 at 1:30 PM, Jason Pavao  wrote:

> Do you by chance have a sample sql query that would perform this?
>
>
>
> On 6/26/2013 8:51 AM, Dave Dunaway wrote:
>
>> There should be a way to have the ability to reserve an IP and still have
>> DHCP assign the IP by mac reservation. There's no technical reason this
>> wouldn't work and likely a feature a lot of people would love to see. The
>> only hold back is the UI not allowing you to do so.
>>
>> Ultimately, you can go to the DB and change the VM's IP in the nics table
>> to what you want (reboot the VM and the IP change will occur). Which is
>> not
>> the preferred way to do so, but ultimately that functionality from the UI
>> would be ideal.
>>
>> Even going as far as intergrating IPAM functionality into the product
>> would
>> be ideal.
>>
>>
>> On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
>> geoff.higginbottom@shapeblue.**com >
>> wrote:
>>
>>  Simple answer - you can't.
>>>
>>> In an advanced zone, you can specify the IP address when you create a new
>>> VM using the API, however in a basic zone, because the IP will depend on
>>> which POD your VM ends up in, and as a user you cannot influence this,
>>> there is no way to specific the IP, even if you are a root admin.
>>>
>>> The reason it still fails when you manually change the IP is that the
>>> security groups feature is expecting the VM to have the IP CloudStack
>>> allocated it via DHCP.
>>>
>>> Regards
>>>
>>> Geoff Higginbottom
>>> CTO / Cloud Architect
>>>
>>>
>>> D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540>> +442036030540> | M: +44(0)7968161581
>>>
>>> geoff.higginbottom@shapeblue.**com 
>>> >> >
>>> | www.shapeblue.com
>>>
>>> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>>
>>>
>>>
>>> On 26 Jun 2013, at 05:02, "WXR" 
>>> <474745...@qq.com>>
>>> wrote:
>>>
>>> cloudstack version: 4.1
>>> network type: basic network
>>>
>>> When I create a new instance,the vm will get a random IP from the DHCP
>>> server on vrouter.
>>>
>>> If I want to:
>>> 1.allocate a specific ip to the vm.
>>> 2.allocate multiple ips to the vm.
>>> 3.change the vm ip from one to another.
>>>
>>> How can I achieve it? I try to bind the ip to the vm nic manually but the
>>> ip can not be accessed.
>>> This email and any attachments to it may be confidential and are intended
>>> solely for the use of the individual to whom it is addressed. Any views
>>> or
>>> opinions expressed are solely those of the author and do not necessarily
>>> represent those of Shape Blue Ltd or related companies. If you are not
>>> the
>>> intended recipient of this email, you must neither take any action based
>>> upon its contents, nor copy or show it to anyone. Please contact the
>>> sender
>>> if you believe you have received this email in error. Shape Blue Ltd is a
>>> company incorporated in England & Wales. ShapeBlue Services India LLP is
>>> operated under license from Shape Blue Ltd. ShapeBlue is a registered
>>> trademark.
>>>
>>>
> --
> Thanks.
> -Jason
>
>

CS4.1 S3 AWS, problem with End Point Reference

[Michał Łuczak]

Hi,

I have tried to configure Amazon S3 in CS4.1 but I have a problem with
one error. API AmazonEC2 works (tested), but S3 not.

My steps
1) I enabled S3 API (from UI)
2) mkdir -p /mnt/S3 and owned to cloud.cloud
3) In cloud-bridge.properties I set storage.root to /mnt/S3

Now looks that:
host=http://localhost:7080/awsapi
storage.root=/mnt/S3
storage.multipartDir=__multipart__uploads__
bucket.dns=false
serviceEndpoint=localhost:7080

4) CS was restarted
5) I generated new api key and secret key for user
6) New private key and self-signet cert was generated and saved
7) Using cloudstack-aws-api-register I registered user, all ok

And now I have a problem.
When I try to open a link

http://[MY_IP]:7080/awsapi/rest/AmazonS3/

I will get error

http://www.w3.org/2003/05/soap-envelope";>

  The service cannot be found for the endpoint reference (EPR) 
/awsapi/services/AmazonEC2/



I can't find what is wrong.

In catalina.out I found only this
czw 26, 2013 8:26:17 PM org.apache.axis2.engine.AxisEngine receive
SEVERE: The service cannot be found for the endpoint reference (EPR) 
/awsapi/services/AmazonEC2/
org.apache.axis2.AxisFault: The service cannot be found for the endpoint 
reference (EPR) /awsapi/services/AmazonEC2/
at 
org.apache.axis2.engine.DispatchPhase.checkPostConditions(DispatchPhase.java:65)
at org.apache.axis2.engine.Phase.invoke(Phase.java:334)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:254)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160)
at 
org.apache.axis2.transport.http.util.RESTUtil.invokeAxisEngine(RESTUtil.java:135)
at 
org.apache.axis2.transport.http.util.RESTUtil.processURLRequest(RESTUtil.java:130)
at 
org.apache.axis2.transport.http.AxisServlet$RestRequestProcessor.processURLRequest(AxisServlet.java:825)
at 
org.apache.axis2.transport.http.AxisServlet.doGet(AxisServlet.java:271)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at 
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at 
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:438)
at 
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
at 
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at 
com.cloud.bridge.service.EC2MainServlet.doGetOrPost(EC2MainServlet.java:114)
at com.cloud.bridge.service.EC2MainServlet.doGet(EC2MainServlet.java:84)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at 
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at 
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:438)
at 
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
at 
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at 
org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:415)
at 
org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:342)
at 
org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:286)
at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at 
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:555)
at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at 
org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcessor.java:889)
at 
org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:721)
at 
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:2274)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:722)


-- 
Pozdrowienia,
 Michael Lukzak

Re: CPVM custom SSL location

[David Comerford]

Well that explains why I couldn't find it anywhere on the filesystem.
Cheers Kelven.

Regards,
David Comerford


On 26 June 2013 18:14, Kelven Yang  wrote:

> For security reasons, we actually don't store custom SSL certificate in
> console proxy VM's file system. The certificate is stored in management
> server DB (encrypted), dynamically re-constructed in memory and sent it
> over through the SSL secured channel to console proxy VM at run time.
>
> Kelven
>
> From: Steven Liang mailto:stevenli...@yesup.com>>
> Reply-To: "users@cloudstack.apache.org"
> mailto:users@cloudstack.apache.org>>
> Date: Wednesday, June 26, 2013 10:03 AM
> To: "users@cloudstack.apache.org" <
> users@cloudstack.apache.org>
> Subject: Re: CPVM custom SSL location
>
> good question. i also want to know.
>
> On 06/26/2013 12:31 PM, David Comerford wrote:
>
> Hi,
>
> Does anyone know where custom SSL certificates are stored on the console
> proxy vm's?
> Had a look in /etc/ssl/certs/ and /usr/local/cloud/certs/ but they only
> contain the realhostip.com certs.
>
> Thanks,
> David Comerford
>
>
>
>
> --
> Steven Liang
> Linux System Admin
> Phone: 1.416.499.8009 ext. 2865
> Cell Phone: 1.647.718.5292
> Email: stevenli...@yesup.com
> www.yesup.com | account.yesup.com<
> http://account.yesup.com>
>
> [Yesup]
>

cloudstack support in apache libcloud

[Sebastien Goasguen]

Hi folks,

libcloud 0.13 RC is up for vote. There is much better support for CloudStack in 
it.
Check it out: 
http://buildacloud.org/blog/268-cloudstack-support-in-apache-libcloud.html

-sebastien

Unable to add host: Unable to start agent: NO HVM support on this machine

[Mir Islam]

Hi all, when trying to add a new host I am seeing the following error in 
/var/log/cloudstack/agent/cloudstack-agent.out


2013-06-26 13:30:42,461{GMT} ERROR [cloud.agent.AgentShell] (main:) Unable to 
start agent: NO HVM support on this machine, please make sure: 1. VT/SVM is 
supported by your CPU, or is enabled in BIOS. 2. kvm modules are loaded (kvm, 
kvm_amd|kvm_intel)
Unable to start agent: NO HVM support on this machine, please make sure: 1. 
VT/SVM is supported by your CPU, or is enabled in BIOS. 2. kvm modules are 
loaded (kvm, kvm_amd|kvm_intel)

I do have the virtualization turned on in BIOS and the kvm+kvm_intel modules 
are loaded into kernel. So not sure what is wrong?

My setup:

Centos 6.3 (tried with 6.4 same result)
Cloudstack 4.1 from yum repo

What other log/info can I provide?

Thanks
Mir

Re: How can I allocate a specific IP when I create an instance.

[Geoff Higginbottom]

@Dave: you are right about advanced networks but the original question was in 
relation to basic networking.

@All: I did some testing over a year ago around changing IPs for guest.  For a 
VM on and advanced network you can edit the IP directly in the database but 
restarting the VM is not enough, you have to also restart the virtual Router 
for that network.

The new 4.1 add NIC API call Dave is referring to is great and to me one of the 
best new features of 4.1, but again it's only for advanced networking so no 
good for the original problem.

The multiple IPs to a single NIC has been discussed a lot, but I believe it is 
still in development.

Regards

Geoff Higginbottom
CTO / Cloud Architect

D: +44 20 3603 0542 | S: +44 20 3603 
0540| M: +447968161581

geoff.higginbot...@shapeblue.com 
|www.shapeblue.com | Twitter:@shapeblue

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS


On 26 Jun 2013, at 11:22, "Dave Dunaway" 
mailto:dave.duna...@gmail.com>> wrote:

@Geoff: Of course we are talking advanced networking, and having
consideration of what your networks are that you can use. If someone wants
to put a 10.x.x.x ip on a VM that is on a 192.x.x.x network, then they can
gladly shoot themselves in the foot. Ideally the person making such a
change understands the 'basic's of advanced networking in CloudPlatform.
Otherwise they should stick the UI.;)

@Jason: Look in the cloud.nics table. The nics for VMs are defined here.
Modify as needed. A restart of the VM to make sure it all works is highly
recommended.

In our testing environment I can move a VM from one network to another, add
nics, change IP's etc quite easily. Some of the 4.1 API will add this
functionality (add nics for example to an existing VM). But there's still a
lot of immutable things in CloudPlatform that shouldn't be, and  that maybe
one day will be a feature. We just need to make the requests for those
features.






On Wed, Jun 26, 2013 at 1:30 PM, Jason Pavao 
mailto:jason.pa...@oracle.com>> wrote:

Do you by chance have a sample sql query that would perform this?



On 6/26/2013 8:51 AM, Dave Dunaway wrote:

There should be a way to have the ability to reserve an IP and still have
DHCP assign the IP by mac reservation. There's no technical reason this
wouldn't work and likely a feature a lot of people would love to see. The
only hold back is the UI not allowing you to do so.

Ultimately, you can go to the DB and change the VM's IP in the nics table
to what you want (reboot the VM and the IP change will occur). Which is
not
the preferred way to do so, but ultimately that functionality from the UI
would be ideal.

Even going as far as intergrating IPAM functionality into the product
would
be ideal.


On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.**com 
mailto:geoff.higginbot...@shapeblue.com>>>
wrote:

Simple answer - you can't.

In an advanced zone, you can specify the IP address when you create a new
VM using the API, however in a basic zone, because the IP will depend on
which POD your VM ends up in, and as a user you cannot influence this,
there is no way to specific the IP, even if you are a root admin.

The reason it still fails when you manually change the IP is that the
security groups feature is expecting the VM to have the IP CloudStack
allocated it via DHCP.

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 | M: +44(0)7968161581

geoff.higginbottom@shapeblue.**com 
mailto:geoff.higginbot...@shapeblue.com>>
mailto:geoff.higginbot...@shapeblue.com>>

| www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 26 Jun 2013, at 05:02, "WXR" 
<474745...@qq.com>>
wrote:

cloudstack version: 4.1
network type: basic network

When I create a new instance,the vm will get a random IP from the DHCP
server on vrouter.

If I want to:
1.allocate a specific ip to the vm.
2.allocate multiple ips to the vm.
3.change the vm ip from one to another.

How can I achieve it? I try to bind the ip to the vm nic manually but the
ip can not be accessed.
This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views
or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not
the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the
sender
if you believe you have received this email in error. Shape Blue Ltd is a
company incorporated in England & Wales. ShapeBlue Services India LLP is
operated under license from Shape Blue Ltd. ShapeBlue is a registered
trademark

Error While Decrypting on Create volume from snapshot

[John Skinner]

I am running CS 3.0.2 and I am running into an issue when trying to create a 
new volume from a snapshot, I instantly get an error like this:

2013-06-26 16:47:38,637 DEBUG [cloud.async.AsyncJobManagerImpl] 
(Job-Executor-67:job-110824) Executing com.cloud.api.commands.CreateVolumeCmd 
for job-110824
2013-06-26 16:47:38,637 DEBUG [cloud.async.AsyncJobManagerImpl] 
(TP-Processor19:null) submit async job-110824, details: AsyncJobVO {id:110824, 
userId: 56, accountId: 48, sessionKey: null, instanceType: Volume, instanceId: 
11859, cmd: com.cloud.api.commands.CreateVolumeCmd, cmdOriginator: null, 
cmdInfo: 
{"id":"11859","response":"json","sessionkey":"Foq7QELfzXb/duC+sVGPXCa5Z90\u003d","ctxUserId":"56","snapshotid":"22910","name":"testing1","_":"1372283258551","ctxAccountId":"48","ctxStartEventId":"809567"},
 cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0, 
processStatus: 0, resultCode: 0, result: null, initMsid: 139532853012501, 
completeMsid: null, lastUpdated: null, lastPolled: null, created: null}
2013-06-26 16:47:38,668 DEBUG [utils.crypt.DBEncryptionUtil] 
(Job-Executor-67:job-110824) Error while decrypting: d2eac12f459fc802
2013-06-26 16:47:38,685 ERROR [cloud.api.ApiDispatcher] 
(Job-Executor-67:job-110824) Exception while executing CreateVolumeCmd:
2013-06-26 16:47:38,686 DEBUG [cloud.async.AsyncJobManagerImpl] 
(Job-Executor-67:job-110824) Complete async job-110824, jobStatus: 2, 
resultCode: 530, result: com.cloud.api.response.ExceptionResponse@1133daea

Error while decrypting.. I am not sure why I am getting this error. I have 
tested this on 2 separate accounts. This environment was previously running on 
2.2.14 and then was upgraded to 3.0.2. 

With the same account I am able to create new VMs, acquire IP addresses, and 
create new volumes just fine.

Any ideas?

RE: Unable to add host: Unable to start agent: NO HVM support on this machine

[Susumu Shipp]

This may be a basic question, but have you verified that you can use kvm 
outside of cloudstack on the node?

-susumu

-Original Message-
From: Mir Islam [mailto:mis...@mirislam.com] 
Sent: Wednesday, June 26, 2013 2:44 PM
To: users@cloudstack.apache.org
Subject: Unable to add host: Unable to start agent: NO HVM support on this 
machine

Hi all, when trying to add a new host I am seeing the following error in 
/var/log/cloudstack/agent/cloudstack-agent.out


2013-06-26 13:30:42,461{GMT} ERROR [cloud.agent.AgentShell] (main:) Unable to 
start agent: NO HVM support on this machine, please make sure: 1. VT/SVM is 
supported by your CPU, or is enabled in BIOS. 2. kvm modules are loaded (kvm, 
kvm_amd|kvm_intel) Unable to start agent: NO HVM support on this machine, 
please make sure: 1. VT/SVM is supported by your CPU, or is enabled in BIOS. 2. 
kvm modules are loaded (kvm, kvm_amd|kvm_intel)

I do have the virtualization turned on in BIOS and the kvm+kvm_intel modules 
are loaded into kernel. So not sure what is wrong?

My setup:

Centos 6.3 (tried with 6.4 same result)
Cloudstack 4.1 from yum repo

What other log/info can I provide?

Thanks
Mir


This email message is intended for the use of the person to whom it has been 
sent, and may contain information that is confidential or legally protected. If 
you are not the intended recipient or have received this message in error, you 
are not authorized to copy, distribute, or otherwise use this message or its 
attachments. Please notify the sender immediately by return e-mail and 
permanently delete this message and any attachments. Verio Inc. makes no 
warranty that this email is error or virus free.  Thank you.

Re: How can I allocate a specific IP when I create an instance.

[Dave Dunaway]

I've done testing on changing IPs with 3.0.4 CloudPlatform in advanced
networking and never had to reboot the VR. Seems a  bit silly to have to go
that far just to re-ip a machine. When the machine is restarted from
CloudPlatorm it will add its IP to the dhcp leases file correctly as
expected on the VR. Perhaps it was requirement back then, but does not
appear to be the case with more recent versions.


On Wed, Jun 26, 2013 at 5:16 PM, Geoff Higginbottom <
geoff.higginbot...@shapeblue.com> wrote:

> @Dave: you are right about advanced networks but the original question was
> in relation to basic networking.
>
> @All: I did some testing over a year ago around changing IPs for guest.
>  For a VM on and advanced network you can edit the IP directly in the
> database but restarting the VM is not enough, you have to also restart the
> virtual Router for that network.
>
> The new 4.1 add NIC API call Dave is referring to is great and to me one
> of the best new features of 4.1, but again it's only for advanced
> networking so no good for the original problem.
>
> The multiple IPs to a single NIC has been discussed a lot, but I believe
> it is still in development.
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 +442036030540>| M: +447968161581
>
> geoff.higginbot...@shapeblue.com
> |www.shapeblue.com | Twitter:@shapeblue
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
> On 26 Jun 2013, at 11:22, "Dave Dunaway"  dave.duna...@gmail.com>> wrote:
>
> @Geoff: Of course we are talking advanced networking, and having
> consideration of what your networks are that you can use. If someone wants
> to put a 10.x.x.x ip on a VM that is on a 192.x.x.x network, then they can
> gladly shoot themselves in the foot. Ideally the person making such a
> change understands the 'basic's of advanced networking in CloudPlatform.
> Otherwise they should stick the UI.;)
>
> @Jason: Look in the cloud.nics table. The nics for VMs are defined here.
> Modify as needed. A restart of the VM to make sure it all works is highly
> recommended.
>
> In our testing environment I can move a VM from one network to another, add
> nics, change IP's etc quite easily. Some of the 4.1 API will add this
> functionality (add nics for example to an existing VM). But there's still a
> lot of immutable things in CloudPlatform that shouldn't be, and  that maybe
> one day will be a feature. We just need to make the requests for those
> features.
>
>
>
>
>
>
> On Wed, Jun 26, 2013 at 1:30 PM, Jason Pavao  > wrote:
>
> Do you by chance have a sample sql query that would perform this?
>
>
>
> On 6/26/2013 8:51 AM, Dave Dunaway wrote:
>
> There should be a way to have the ability to reserve an IP and still have
> DHCP assign the IP by mac reservation. There's no technical reason this
> wouldn't work and likely a feature a lot of people would love to see. The
> only hold back is the UI not allowing you to do so.
>
> Ultimately, you can go to the DB and change the VM's IP in the nics table
> to what you want (reboot the VM and the IP change will occur). Which is
> not
> the preferred way to do so, but ultimately that functionality from the UI
> would be ideal.
>
> Even going as far as intergrating IPAM functionality into the product
> would
> be ideal.
>
>
> On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
> geoff.higginbottom@shapeblue.**com  >>
> wrote:
>
> Simple answer - you can't.
>
> In an advanced zone, you can specify the IP address when you create a new
> VM using the API, however in a basic zone, because the IP will depend on
> which POD your VM ends up in, and as a user you cannot influence this,
> there is no way to specific the IP, even if you are a root admin.
>
> The reason it still fails when you manually change the IP is that the
> security groups feature is expecting the VM to have the IP CloudStack
> allocated it via DHCP.
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 +442036030540> | M: +44(0)7968161581
>
> geoff.higginbottom@shapeblue.**com  >
> <
> geoff.higginbot...@shapeblue.com>
>
> | www.shapeblue.com
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com<
> http://qq.**com>>
> wrote:
>
> cloudstack version: 4.1
> network type: basic network
>
> When I create a new instance,the vm will get a random IP from the DHCP
> server on vrouter.
>
> If I want to:
> 1.allocate a specific ip to the vm.
> 2.allocate multiple ips to the vm.
> 3.change the vm ip from one to another.
>
> How can 

Re: Unable to add host: Unable to start agent: NO HVM support on this machine

[Mir Islam]

Funny that you asked that. Just a little while ago I installed libvirt-manager 
and other packages and tried to run a VM in kvm. That worked. Then I went back 
to CS Management and tried to add the host again. This time it successfully 
added the host. So by default, something or packages were missing is what I am 
guessing. I did not try to launch a vm from command line to test. I will see if 
I can narrow down the missing packages.

On Jun 26, 2013, at 3:30 PM, Susumu Shipp wrote:

> This may be a basic question, but have you verified that you can use kvm 
> outside of cloudstack on the node?
> 
> -susumu
> 
> -Original Message-
> From: Mir Islam [mailto:mis...@mirislam.com] 
> Sent: Wednesday, June 26, 2013 2:44 PM
> To: users@cloudstack.apache.org
> Subject: Unable to add host: Unable to start agent: NO HVM support on this 
> machine
> 
> Hi all, when trying to add a new host I am seeing the following error in 
> /var/log/cloudstack/agent/cloudstack-agent.out
> 
> 
> 2013-06-26 13:30:42,461{GMT} ERROR [cloud.agent.AgentShell] (main:) Unable to 
> start agent: NO HVM support on this machine, please make sure: 1. VT/SVM is 
> supported by your CPU, or is enabled in BIOS. 2. kvm modules are loaded (kvm, 
> kvm_amd|kvm_intel) Unable to start agent: NO HVM support on this machine, 
> please make sure: 1. VT/SVM is supported by your CPU, or is enabled in BIOS. 
> 2. kvm modules are loaded (kvm, kvm_amd|kvm_intel)
> 
> I do have the virtualization turned on in BIOS and the kvm+kvm_intel modules 
> are loaded into kernel. So not sure what is wrong?
> 
> My setup:
> 
> Centos 6.3 (tried with 6.4 same result)
> Cloudstack 4.1 from yum repo
> 
> What other log/info can I provide?
> 
> Thanks
> Mir
> 
> 
> This email message is intended for the use of the person to whom it has been 
> sent, and may contain information that is confidential or legally protected. 
> If you are not the intended recipient or have received this message in error, 
> you are not authorized to copy, distribute, or otherwise use this message or 
> its attachments. Please notify the sender immediately by return e-mail and 
> permanently delete this message and any attachments. Verio Inc. makes no 
> warranty that this email is error or virus free.  Thank you.

Load balance in basic network model

[j...@millican.us]

Hello,
I am running CloudStack 4.1 on Ubuntu 12.04.2 with KVM for hypervisors 
and am using NFS for primary and secondary storage.
I am currently running Basic Networking model and would like to have two 
VMs on separate hosts load balanced.
I see in the network section of Service Offerings "Default Isolated 
Network Offering With Source NAT Service" and
under System Offering for "System Offering for Elastic LB VM"  But am 
not able to find anyway to use them.
I have Googled the heck out of this and have found many post that say 
this is doable but none that give any examples or "how to" instructions.


It would also be nice to have the System VMs and routers be redundant so 
that if a host fails it will automatically fail over to the other host 
with as little down time as possible.  Again I see lots of talk about 
this but nothing to show how to do it.


Even a simple pointer to where I can find example or a how to would be 
great. I have read the admin guide at 
http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.1.0/html/Admin_Guide/ 
  and am not finding my answers.


Thanks
JohnM

Re: How can I allocate a specific IP when I create an instance.

[Geoff Higginbottom]

Hi Dave,

Thanks for the update on that, it's good to see it's got easier since I last 
tested it.

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44(0)20 3603 0542 | S: +44(0)20 3603 
0540 | M: +44(0)7968161581

geoff.higginbot...@shapeblue.com | 
www.shapeblue.com

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS



On 26 Jun 2013, at 15:45, "Dave Dunaway" 
mailto:dave.duna...@gmail.com>> wrote:

I've done testing on changing IPs with 3.0.4 CloudPlatform in advanced
networking and never had to reboot the VR. Seems a  bit silly to have to go
that far just to re-ip a machine. When the machine is restarted from
CloudPlatorm it will add its IP to the dhcp leases file correctly as
expected on the VR. Perhaps it was requirement back then, but does not
appear to be the case with more recent versions.


On Wed, Jun 26, 2013 at 5:16 PM, Geoff Higginbottom <
geoff.higginbot...@shapeblue.com> 
wrote:

@Dave: you are right about advanced networks but the original question was
in relation to basic networking.

@All: I did some testing over a year ago around changing IPs for guest.
For a VM on and advanced network you can edit the IP directly in the
database but restarting the VM is not enough, you have to also restart the
virtual Router for that network.

The new 4.1 add NIC API call Dave is referring to is great and to me one
of the best new features of 4.1, but again it's only for advanced
networking so no good for the original problem.

The multiple IPs to a single NIC has been discussed a lot, but I believe
it is still in development.

Regards

Geoff Higginbottom
CTO / Cloud Architect

D: +44 20 3603 0542 | S: +44 20 3603 0540| M: +447968161581

geoff.higginbot...@shapeblue.com
|www.shapeblue.com | 
Twitter:@shapeblue

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS


On 26 Jun 2013, at 11:22, "Dave Dunaway" 
mailto:dave.duna...@gmail.com>mailto:dave.duna...@gmail.com>>> wrote:

@Geoff: Of course we are talking advanced networking, and having
consideration of what your networks are that you can use. If someone wants
to put a 10.x.x.x ip on a VM that is on a 192.x.x.x network, then they can
gladly shoot themselves in the foot. Ideally the person making such a
change understands the 'basic's of advanced networking in CloudPlatform.
Otherwise they should stick the UI.;)

@Jason: Look in the cloud.nics table. The nics for VMs are defined here.
Modify as needed. A restart of the VM to make sure it all works is highly
recommended.

In our testing environment I can move a VM from one network to another, add
nics, change IP's etc quite easily. Some of the 4.1 API will add this
functionality (add nics for example to an existing VM). But there's still a
lot of immutable things in CloudPlatform that shouldn't be, and  that maybe
one day will be a feature. We just need to make the requests for those
features.






On Wed, Jun 26, 2013 at 1:30 PM, Jason Pavao 
mailto:jason.pa...@oracle.com>
> wrote:

Do you by chance have a sample sql query that would perform this?



On 6/26/2013 8:51 AM, Dave Dunaway wrote:

There should be a way to have the ability to reserve an IP and still have
DHCP assign the IP by mac reservation. There's no technical reason this
wouldn't work and likely a feature a lot of people would love to see. The
only hold back is the UI not allowing you to do so.

Ultimately, you can go to the DB and change the VM's IP in the nics table
to what you want (reboot the VM and the IP change will occur). Which is
not
the preferred way to do so, but ultimately that functionality from the UI
would be ideal.

Even going as far as intergrating IPAM functionality into the product
would
be ideal.


On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.**com 
mailto:geoff.higginbot...@shapeblue.com>
>>
wrote:

Simple answer - you can't.

In an advanced zone, you can specify the IP address when you create a new
VM using the API, however in a basic zone, because the IP will depend on
which POD your VM ends up in, and as a user you cannot influence this,
there is no way to specific the IP, even if you are a root admin.

The reason it still fails when you manually change the IP is that the
security groups feature is expecting the VM to have the IP CloudStack
allocated it via DHCP.

Regards

Geoff Higginbottom
CTO / Cloud Architect


D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 | M: +44(0)7968161581

geoff.higginbottom@shapeblue.**com 
mailto:geoff.higginbot...@shapeblue.com>
>
<
geoff.higginbot...@shapeblue.com

Re: How can I allocate a specific IP when I create an instance.

[WXR]

If I use basic zone and basic network, I can set the public ips(the ips which 
can be routed on internet) to the guest newwork.So a vm instance can get the 
public ip directly from dhcp and I can see the public ip on its nic.

But the advanced network topology is not as same as basic network,the ip on the 
vm is a private ip and the I must add a static NAT rule to map a public ip to 
the vm.And I hope all vms can link to the physical switch directly,but in 
advanced network,a vrouter is the gateway,all vms a linked to the vrouter.

I don't know if there is a guest network just as the basic network topology in 
advance zone.If there is,I prefer to use the advanced network.




-- Original --
From:  "Dave Dunaway";
Date:  Thu, Jun 27, 2013 02:19 AM
To:  "users"; 
"jason.pavao"; 

Subject:  Re: How can I allocate a specific IP when I create an instance.



@Geoff: Of course we are talking advanced networking, and having
consideration of what your networks are that you can use. If someone wants
to put a 10.x.x.x ip on a VM that is on a 192.x.x.x network, then they can
gladly shoot themselves in the foot. Ideally the person making such a
change understands the 'basic's of advanced networking in CloudPlatform.
Otherwise they should stick the UI.;)

@Jason: Look in the cloud.nics table. The nics for VMs are defined here.
Modify as needed. A restart of the VM to make sure it all works is highly
recommended.

In our testing environment I can move a VM from one network to another, add
nics, change IP's etc quite easily. Some of the 4.1 API will add this
functionality (add nics for example to an existing VM). But there's still a
lot of immutable things in CloudPlatform that shouldn't be, and  that maybe
one day will be a feature. We just need to make the requests for those
features.






On Wed, Jun 26, 2013 at 1:30 PM, Jason Pavao  wrote:

> Do you by chance have a sample sql query that would perform this?
>
>
>
> On 6/26/2013 8:51 AM, Dave Dunaway wrote:
>
>> There should be a way to have the ability to reserve an IP and still have
>> DHCP assign the IP by mac reservation. There's no technical reason this
>> wouldn't work and likely a feature a lot of people would love to see. The
>> only hold back is the UI not allowing you to do so.
>>
>> Ultimately, you can go to the DB and change the VM's IP in the nics table
>> to what you want (reboot the VM and the IP change will occur). Which is
>> not
>> the preferred way to do so, but ultimately that functionality from the UI
>> would be ideal.
>>
>> Even going as far as intergrating IPAM functionality into the product
>> would
>> be ideal.
>>
>>
>> On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
>> geoff.higginbottom@shapeblue.**com >
>> wrote:
>>
>>  Simple answer - you can't.
>>>
>>> In an advanced zone, you can specify the IP address when you create a new
>>> VM using the API, however in a basic zone, because the IP will depend on
>>> which POD your VM ends up in, and as a user you cannot influence this,
>>> there is no way to specific the IP, even if you are a root admin.
>>>
>>> The reason it still fails when you manually change the IP is that the
>>> security groups feature is expecting the VM to have the IP CloudStack
>>> allocated it via DHCP.
>>>
>>> Regards
>>>
>>> Geoff Higginbottom
>>> CTO / Cloud Architect
>>>
>>>
>>> D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540>> +442036030540> | M: +44(0)7968161581
>>>
>>> geoff.higginbottom@shapeblue.**com 
>>> >> >
>>> | www.shapeblue.com
>>>
>>> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>>
>>>
>>>
>>> On 26 Jun 2013, at 05:02, "WXR" 
>>> <474745...@qq.com>>
>>> wrote:
>>>
>>> cloudstack version: 4.1
>>> network type: basic network
>>>
>>> When I create a new instance,the vm will get a random IP from the DHCP
>>> server on vrouter.
>>>
>>> If I want to:
>>> 1.allocate a specific ip to the vm.
>>> 2.allocate multiple ips to the vm.
>>> 3.change the vm ip from one to another.
>>>
>>> How can I achieve it? I try to bind the ip to the vm nic manually but the
>>> ip can not be accessed.
>>> This email and any attachments to it may be confidential and are intended
>>> solely for the use of the individual to whom it is addressed. Any views
>>> or
>>> opinions expressed are solely those of the author and do not necessarily
>>> represent those of Shape Blue Ltd or related companies. If you are not
>>> the
>>> intended recipient of this email, you must neither take any action based
>>> upon its contents, nor copy or show it to anyone. Please contact the
>>> sender
>>> if you believe you have received this email in error. Shape Blue Ltd is a
>>> company incorporated in England & Wales. ShapeBlue Services India LLP is
>>> operated under license from Shape Blue Ltd. ShapeBlue is a registered
>>> trademark.
>>>
>>>
> --
> Thanks.
> -Jason
>
>

RE: How can I allocate a specific IP when I create an instance.

[Geoff Higginbottom]

There is a feature which got pulled from the 4.1 release which should make it 
into the 4.2 release, which is 'Security Group Isolation in Advanced Zone'.  
This enables you to create a basic style network with security groups, but in 
advanced networking.

An alternative might to use advanced networking, but to create a custom network 
offering, which does not have any Source or Static NAT features enabled, you 
can then use a physical Router as the GW, but still use the VR as the DHCP 
Server.

You can actually go the whole hog and create an offering which does not use any 
VR if it suits your use case.

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbot...@shapeblue.com

-Original Message-
From: WXR [mailto:474745...@qq.com]
Sent: 26 June 2013 17:59
To: users
Subject: Re: How can I allocate a specific IP when I create an instance.

If I use basic zone and basic network, I can set the public ips(the ips which 
can be routed on internet) to the guest newwork.So a vm instance can get the 
public ip directly from dhcp and I can see the public ip on its nic.

But the advanced network topology is not as same as basic network,the ip on the 
vm is a private ip and the I must add a static NAT rule to map a public ip to 
the vm.And I hope all vms can link to the physical switch directly,but in 
advanced network,a vrouter is the gateway,all vms a linked to the vrouter.

I don't know if there is a guest network just as the basic network topology in 
advance zone.If there is,I prefer to use the advanced network.




-- Original --
From:  "Dave Dunaway";
Date:  Thu, Jun 27, 2013 02:19 AM
To:  "users"; 
"jason.pavao";

Subject:  Re: How can I allocate a specific IP when I create an instance.



@Geoff: Of course we are talking advanced networking, and having consideration 
of what your networks are that you can use. If someone wants to put a 10.x.x.x 
ip on a VM that is on a 192.x.x.x network, then they can gladly shoot 
themselves in the foot. Ideally the person making such a change understands the 
'basic's of advanced networking in CloudPlatform.
Otherwise they should stick the UI.;)

@Jason: Look in the cloud.nics table. The nics for VMs are defined here.
Modify as needed. A restart of the VM to make sure it all works is highly 
recommended.

In our testing environment I can move a VM from one network to another, add 
nics, change IP's etc quite easily. Some of the 4.1 API will add this 
functionality (add nics for example to an existing VM). But there's still a lot 
of immutable things in CloudPlatform that shouldn't be, and  that maybe one day 
will be a feature. We just need to make the requests for those features.






On Wed, Jun 26, 2013 at 1:30 PM, Jason Pavao  wrote:

> Do you by chance have a sample sql query that would perform this?
>
>
>
> On 6/26/2013 8:51 AM, Dave Dunaway wrote:
>
>> There should be a way to have the ability to reserve an IP and still
>> have DHCP assign the IP by mac reservation. There's no technical
>> reason this wouldn't work and likely a feature a lot of people would
>> love to see. The only hold back is the UI not allowing you to do so.
>>
>> Ultimately, you can go to the DB and change the VM's IP in the nics
>> table to what you want (reboot the VM and the IP change will occur).
>> Which is not the preferred way to do so, but ultimately that
>> functionality from the UI would be ideal.
>>
>> Even going as far as intergrating IPAM functionality into the product
>> would be ideal.
>>
>>
>> On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
>> geoff.higginbottom@shapeblue.**com
>> >
>> wrote:
>>
>>  Simple answer - you can't.
>>>
>>> In an advanced zone, you can specify the IP address when you create
>>> a new VM using the API, however in a basic zone, because the IP will
>>> depend on which POD your VM ends up in, and as a user you cannot
>>> influence this, there is no way to specific the IP, even if you are a root 
>>> admin.
>>>
>>> The reason it still fails when you manually change the IP is that
>>> the security groups feature is expecting the VM to have the IP
>>> CloudStack allocated it via DHCP.
>>>
>>> Regards
>>>
>>> Geoff Higginbottom
>>> CTO / Cloud Architect
>>>
>>>
>>> D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540>> +442036030540> | M: +44(0)7968161581
>>>
>>> geoff.higginbottom@shapeblue.**com
>>> 
>>> > lue.com>
>>> >
>>> | www.shapeblue.com
>>>
>>> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>>>
>>>
>>>
>>> On 26 Jun 2013, at 05:02, "WXR"
>>> <474745...@qq.com>>
>>> wrote:
>>>
>>> cloudstack version: 4.1
>>> network type: basic network
>>>
>>> When I create a new instance,the vm will get a random IP from the
>>> DHCP server on vrouter.
>>>
>>> If I want to:
>>> 1.allocate a specific ip to the vm.
>>> 2.allocate multiple ips to the vm.
>>> 3.change the vm ip from one to a

How to find the the vm's volume file in primary storage?

[WXR]

My primary storage is NFS.
When I mount it and list the files in it, I can see lots of files named as 
uuid.I think they are vm volume files.
But the uuid does not match to any vm's uuid or volumes uuid displayed in the 
cloudstack UI??so if I want to find a vm's volume file on primary storage NFS,I 
don't know which is the correct one.

Can anybody tell me the relationship between the vm and the volume file?

Re: How to find the the vm's volume file in primary storage?

[Kirk Jantzer]

I haven't looked, but I think they would be correlated to each other in the
database tables, or possibly via the api.

Regards,

Kirk Jantzer
http://about.me/kirkjantzer
On Jun 26, 2013 10:10 PM, "WXR" <474745...@qq.com> wrote:

> My primary storage is NFS.
> When I mount it and list the files in it, I can see lots of files named as
> uuid.I think they are vm volume files.
> But the uuid does not match to any vm's uuid or volumes uuid displayed in
> the cloudstack UI，so if I want to find a vm's volume file on primary
> storage NFS,I don't know which is the correct one.
>
> Can anybody tell me the relationship between the vm and the volume file?

Re: How can I allocate a specific IP when I create an instance.

[WXR]

If I modify the ip of the vm in nic table and restart the vrouter system vm,
the instance vm can get the new ip which I specify.
But this ip can't be used normally.Them vm can not access the gateway ip even 
if I'v stopped the iptables of its host node machine.


-- Original --
From:  "Dave Dunaway";
Date:  Wed, Jun 26, 2013 11:51 PM
To:  "users"; 

Subject:  Re: How can I allocate a specific IP when I create an instance.



There should be a way to have the ability to reserve an IP and still have
DHCP assign the IP by mac reservation. There's no technical reason this
wouldn't work and likely a feature a lot of people would love to see. The
only hold back is the UI not allowing you to do so.

Ultimately, you can go to the DB and change the VM's IP in the nics table
to what you want (reboot the VM and the IP change will occur). Which is not
the preferred way to do so, but ultimately that functionality from the UI
would be ideal.

Even going as far as intergrating IPAM functionality into the product would
be ideal.


On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom <
geoff.higginbot...@shapeblue.com> wrote:

> Simple answer - you can't.
>
> In an advanced zone, you can specify the IP address when you create a new
> VM using the API, however in a basic zone, because the IP will depend on
> which POD your VM ends up in, and as a user you cannot influence this,
> there is no way to specific the IP, even if you are a root admin.
>
> The reason it still fails when you manually change the IP is that the
> security groups feature is expecting the VM to have the IP CloudStack
> allocated it via DHCP.
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
>
> D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 +442036030540> | M: +44(0)7968161581
>
> geoff.higginbot...@shapeblue.com
> | www.shapeblue.com
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
>
>
> On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com> wrote:
>
> cloudstack version: 4.1
> network type: basic network
>
> When I create a new instance,the vm will get a random IP from the DHCP
> server on vrouter.
>
> If I want to:
> 1.allocate a specific ip to the vm.
> 2.allocate multiple ips to the vm.
> 3.change the vm ip from one to another.
>
> How can I achieve it? I try to bind the ip to the vm nic manually but the
> ip can not be accessed.
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is
> operated under license from Shape Blue Ltd. ShapeBlue is a registered
> trademark.
>