RE: 配置RBD作为主存储时,迁移出现若干问题
cloudstack4.1 主存储还像不支持ceph? From: 474745...@qq.com To: users-cn@cloudstack.apache.org Subject: 配置RBD作为主存储时,迁移出现若干问题 Date: Wed, 16 Oct 2013 10:19:45 +0800 环境如下: cloudstack4.1.0 hypervisor是kvm,qemu-kvm版本1,2.0(手动编译),libvirt版本1.1.2(手动编译) ceph版本0.67.3(yum安装) 遇到的问题如下: 1.运行在rbd主存储上的windows 2003虚拟机关闭后,迁移到另外一个rbd主存储,有时候能成功,有时候虚拟机引导不了; 2.windows 2003虚拟机关闭后,从nfs主存储迁移到rbd主存储或者从rbd 主存储迁移到nfs主存储,都出现找不到引导设备的情况; 3.linux虚拟机在nfs和rbd之间迁移或者两个rbd存储之间迁移都会出现找不到引导设备的情况; 4.linux虚拟机在主机之间迁移后,内核会崩溃,重启虚拟机后正常; 5.windows虚拟机在主机之间迁移后会出现蓝屏现象,代码是0x077,关闭此虚拟机后重新打开正常
Re: 使用apikey访问实例console失败
这个域名应该是citrix的,连到internet才会解析
在 2013年10月21日下午5:27,yao hu huyao...@gmail.com写道:
我们在访问实例console或者下载模板时,cloudstack都会返回一个
https://192-168-45-248.realhostip.com
这种类似的url,有没有人知道是谁负责解析realhostip.com这个域名的了???
在 2013年10月16日下午3:06,Wei ZHOU ustcweiz...@gmail.com写道:
那你签名的时候也用encodeBase64URLSafeString试试
api的参数在apiservlet/apiserver.java里有对参数特殊字符的检查
console没有这块。我猜想也是为了安全。
在 2013年10月16日上午4:54,yao hu huyao...@gmail.com写道:
我这是内网开发环境,给你也不能用,你自己用你的secret key试一下,
我现在的疑问是,客户端生成签名的方法是一样的,为什么服务器端验证时
用的方法不一样,是bug还是有什么我们不知道的特殊作用。
在 2013年10月16日上午10:31,Gavin Lee gavin@gmail.com写道:
你能把你的SecretKey贴出来吗?这样我也试一下生产Signature。
encodeBase64URLSafeString应该都会调到的。
2013/10/11 yao hu huyao...@gmail.com
1. 问题现象
用apikey访问实例console时,浏览器提示无效的session或者api key,导致访问失败。
测试版本:win7+cygwin+xenserver 6.1.0+cloudstack 4.1.1
测试操作步骤:
1. 用api key和secret key构造一个访问实例console的url
http://localhost:8080/client/console?cmd=accessvm=b194369f-e0d4-45d8-a50f-09ec51095e68apikey=fmS7oyThP6MGxN5X_CgeOCxQIqgTu5QFDz46r2Pv5kLp88EYYBquSu6_3s3d9MXdbUHPpxj5qDDy1jvhEpQWvQsignature=y3dNHn580NJiCVRGwrBTR4JHImo%3D
2. 把上面构造的url粘贴到浏览器地址栏,并访问,提示如下信息
[image: 内嵌图片 1]
2. 问题分析
问题出现后,一开始是怀疑构造url的脚本有错,后面又尝试构造其它api的url来验证脚本是否正确。如构造调用listAccounts
API的url
,其url如下:
http://localhost:8080/client/api?command=listAccountsapikey=fmS7oyThP6MGxN5X_CgeOCxQIqgTu5QFDz46r2Pv5kLp88EYYBquSu6_3s3d9MXdbUHPpxj5qDDy1jvhEpQWvQsignature=ALhJtw%2Bzi7Rcmo%2Bkk3xH3cTJgp4%3D
在浏览器中访问该url后,能正确返回结果,这就说明构造url的脚本是没有错的。
接着,调试了访问实例console这部分的源代码,并定位到失败的地方是在ConsoleProxyServlet.java文件的
verifyRequest函数,其主要代码如下:
private boolean verifyRequest(MapString, Object[]
requestParameters)
{
try {
...省略部分代码
unsignedRequest = unsignedRequest.toLowerCase();
Mac mac = Mac.getInstance(HmacSHA1);
SecretKeySpec keySpec = new
SecretKeySpec(secretKey.getBytes(),
HmacSHA1);
mac.init(keySpec);
mac.update(unsignedRequest.getBytes());
byte[] encryptedBytes = mac.doFinal();
String computedSignature =
Base64.encodeBase64URLSafeString(encryptedBytes);
boolean equalSig = signature.equals(computedSignature);
if (!equalSig) {
s_logger.debug(User signature: + signature + is
not
equaled to computed signature: + computedSignature);
}
... 省略部分代码
return equalSig;
} catch (Exception ex) {
s_logger.error(unable to verifty request signature, ex);
}
return false;
}
这个函数中红色字体部分在验证签名时失败。其中,signature是客户端url中传进来的参数,computedSignature是服务端根据api
key和secret key计算出来的。signature与computedSignature比较时不相同,导致函数返回false。
由于用api
key调用其它api时是能正确得到结果的,故又调试了其它api的调用流程,并定位到其验证signature的代码,在文件
ApiServer.java的verifyRequest函数中,其主要代码如下:
public boolean verifyRequest(MapString, Object[]
requestParameters,
Long
userId) throws ServerApiException {
try {
...省略部分代码
unsignedRequest = unsignedRequest.toLowerCase();
Mac mac = Mac.getInstance(HmacSHA1);
SecretKeySpec keySpec = new
SecretKeySpec(secretKey.getBytes(), HmacSHA1);
mac.init(keySpec);
mac.update(unsignedRequest.getBytes());
byte[] encryptedBytes = mac.doFinal();
String computedSignature =
Base64.encodeBase64String(encryptedBytes);
boolean equalSig =
signature.equals(computedSignature);
if (!equalSig) {
s_logger.debug(User signature: + signature
+
is
not equaled to computed signature: + computedSignature);
}
...省略部分代码
return equalSig;
} catch (Exception ex) {
s_logger.error(unable to verifty request signature,
ex);
}
return false;
}
这个函数的红色部分对signature进行了验证,signature与computedSignature进行比较时相同,故能通过验证,函数返回
true。
仔细比较这两个verifyRequest函数验证signature部分的代码,我们可以发现前面的verifyRequest函数在计算
computedSignature时,使用的是Base64.encodeBase64URLSafeString
函数,而后面那个使用的是Base64.encodeBase64String,就这说明,客户端生成的signature可以通过
Base64.encodeBase64String的验证。接着,把Base64.encodeBase64URLSafeString
替换为Base64.encodeBase64String,重新编译源代码并部署,再次通过api
key来访问实例console,这次是能成功访问的。
为何这两个verifyRequest函数中使用两个不同的encode方法?是bug?还是用
CloudInstanceManager.msi文件源码
问下,CloudInstanceManager.msi的源码在哪儿能下载到?
RE: CloudInstanceManager.msi文件源码
嗯, apache社区哪儿能下载到吗?能帮忙给个链接吗? 谢谢 Date: Tue, 22 Oct 2013 12:56:23 +0200 Subject: Re: CloudInstanceManager.msi文件源码 From: ustcweiz...@gmail.com To: users-cn@cloudstack.apache.org 从sourceforge下载的?不是apache社区开源版本。 在 2013年10月22日上午10:46,王耀锋 wilc...@hotmail.com写道: 问下,CloudInstanceManager.msi的源码在哪儿能下载到?
回复: CloudInstanceManager.msi文件源码
http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/CloudInstanceManager.msi/download 可以下载到 2013-10-23 toudsf 发件人:王耀锋 wilc...@hotmail.com 发送时间:2013-10-22 16:46 主题:CloudInstanceManager.msi文件源码 收件人:users-cn@cloudstack.apache.orgusers-cn@cloudstack.apache.org 抄送: 问下,CloudInstanceManager.msi的源码在哪儿能下载到?
Re: Bridge issues after upgrade to 4.2
HI, I did not see it run, but I did run it manualy. Still the problem is that the physical interface eth1 is plugged in in cloudVrBr500, and it could not be renamed (this is bridge configured via ifcfg scripts, not sure that is possible to be renamed by script...) Also, does this /usr/bin/cloudstack-agent-**upgrade script, update the cloudstack database to set new label for netowrks... not sure what is the purpose of the script (I inspected source code) except renaming already running bridges..at least some number of it... On 22 October 2013 06:13, Bjoern Teipel bjoern.tei...@internetbrands.comwrote: Didn't the script /usr/bin/cloudstack-agent-**upgrade run while you updated the cloudstack-agent ? Bjoern On 10/21/2013 6:20 AM, Andrija Panic wrote: HI, I have done upgrade from 4.0.0 to 4.2, and it all went fine, until I stoped and tried to start VMs (Vm belongs to an account, which has it's on VLAN dedicated for private network)... and got errors about not being able to joint eth1.500 to breth1-500 because it is already joined to cloudVirBr500 (original bridge that I manualy created during original CS 4.0.0 installation, inside /etc/sysconfig/network-**scripts/). So if I use brctl and remove interface from old bridhe and join it to new bridgem, then all VMs DO have internet acces, and all fine. But if I change/reconfigure OS, that is, renam cloudVirBr500 to breth1-500 (on host OS, /etc/sysconfig/network-**scripts/) than CloudStack agent give me alert that it could not find public interface and does not start. Then I edit the CS agent conf file, and define new bridge breth1-xxx for public network, and agent starts fine, but with alert state, and constantly disconnecting from CS MGMT host... Does anybody have good explanation on how to behave with this cloud bridge naming convention now in 4.2 ? BTW: using advanced networking, eth0--cloudBr0, eth1--cloudVirBr500, this is configured via /etc/sysconfig/network-**scripts/. eth0 (management, storage, guest,,,) eth1 (guest, public) Maybe I should NOT define cloudVirBr500 at all ? Thanks, -- Andrija Panić -- http://admintweets.com --
Re: ACS 4.2 shibboleth
On Oct 21, 2013, at 2:02 PM, Ian Duffy i...@ianduffy.ie wrote: Hi, As far as I'm aware there is no shibboleth authentication. A shibboleth plugin would be very welcome :) However, you can hook directly up to LDAP. On 21 October 2013 18:27, Erdősi Péter f...@niif.hu wrote: Dear, Does anyone know about working shibboleth authentication in ACS (4.2)? Thanks, Peter
CS4.2 Security groups - need explaination
Hi all, I am trying to setup an advance zone. One the very first window of the wizard there is an option to use security groups. What is the difference between using security groups and not using securty groups? Does my network have to be setup differently for each? Thank you, Jake
Re: ACS 4.2 shibboleth
Hi, I'll need to auth by shibboleth cause impossible to connect all ldap servers in eduid alliance. So yes, some kind of plugin would be very welcome :) Regards, Fazy 2013.10.22. 11:20 keltezéssel, Sebastien Goasguen írta: On Oct 21, 2013, at 2:02 PM, Ian Duffy i...@ianduffy.ie wrote: Hi, As far as I'm aware there is no shibboleth authentication. A shibboleth plugin would be very welcome :) However, you can hook directly up to LDAP. On 21 October 2013 18:27, Erdősi Péter f...@niif.hu wrote: Dear, Does anyone know about working shibboleth authentication in ACS (4.2)? Thanks, Peter
RE: Public IPs on Guest VMs within CloudStack 4.2.0
Sanjeev, I followed a YouTube video explanation and did specify the tags cloud-public to the guest and public networks - and cloud-private to the management network. The public IPs work fine for things like SSVM and Console Proxy VM, hence my confusion. I also used the cloud-public tag in two simple network service offerings, one with no services and one with just DSN, DHCP, and userdata. No firewalls or security groups and default egress policy set to allow, although I'm not sure it was needed there. Thanks. Bryan Quoting Sanjeev Neelarapu sanjeev.neelar...@citrix.com: Hi Bryan Manske, Did you specify the tags cloud-public and cloud-private as traffic lables for public and private trafifics in the physical network ? -Sanjeev -Original Message- From: Bryan Manske [mailto:br...@manske.org] Sent: Tuesday, October 22, 2013 3:30 AM To: users@cloudstack.apache.org Subject: Re: Public IPs on Guest VMs within CloudStack 4.2.0 All, I'm still having issues with my CloudStack instances seeing the outside network and vice versa. I've verified that other non-CloudStack VMs in the same IP subnet can see the default gateway and each other but they can't see the CloudStack instances. The CloudStack instances can ping the VR but not the default gateway or any other non-CS VMs. I'm using Xen Server 6.2 as the only hypervisor for the moment and have set the network interface tags (cloud-public and cloud-private) with xe network-param-set name-label=cloud-public uuid=interface-uuid and xe network- list looks correct. Am I missing tags in the network offering or somewhere else? I can't imagine that the CS VR would want to be the default gateway itself but I suppose its possible. I've even been looking at VLANs (tagged versus untagged) at my network edge with no luck. xe-switch-network-backend is set to bridged so maybe its an openvswitch issue. Big sigh. I've debugged as far as I can and need a few suggestions on where to look next. Thanks. Regards, Bryan Manske Quoting Bryan Manske br...@manske.org: All, Now I'm curious about public IPs on Guest VMs within CloudStack 4.2.0. I have one IPv4 /27 for Public IPs and that's working fine. Now what I want to do is assign a live IP address from another /27 to a Guest VM, which appears to work but can't actually touch the default gateway. So here's the rub: The default gateway is actually provided as a virtual IP on two VRRP nodes (for A/B redundancy) by my upstream provider. I can ping the two VRRP routers, I can see the VM has the proper IP address, netmask, and default gateway; and I can configure the VM with a proper IP config which never finds the default gateway IP. The arp cache sees the local MAC address and incomplete for the gateway. So now I'm thinking; according to cloudstack, is the default gateway plumbed on a virtual router? If so, how does THAT route out to the world? I also have a /64 of IPv6 space, /96 of which I have configured in a network offering which has the same upstream infrastructure situation. Same lack of functionality there. So how do I configure my Guest real IP netblocks? Is it okay to be looking for a default gateway IP on a my provider's core router or do I need to have them statically route that netblock to something like the cloudstack management host? Of course I could also have the network offering wrong or incomplete. Any thoughts or pointers to documentation would be appreciated. I can tell I'm making progress because I keep dealing with progressively higher level errors. :) Thanks. Bryan Manske --- Earnest falsehoods left unchallenged risk being accepted as fact. -- Monty xiphmont Montgomery - Xiph Foundation, on the Ogg format --- --- Earnest falsehoods left unchallenged risk being accepted as fact. -- Monty xiphmont Montgomery - Xiph Foundation, on the Ogg format --- --- Earnest falsehoods left unchallenged risk being accepted as fact. -- Monty xiphmont Montgomery - Xiph Foundation, on the Ogg format ---
Can not delete port forwarding rule with UI in 4.1.1 Is there a global parameter timeout for this?
This is what I did using the UI:
added a guest network in my advance zone,
added a guest to the network,
opened up a firewall on the network
added a port forwarding rule, specifying my guest
And this seemed to work. Database updated as expected. Log messages
seemed ok too.
THEN! using the UI, I trieddeleting the port forwarding rule I just
created.
Internal Server error.
Pertinent log messages:
2013-10-22 08:14:14,087 DEBUG [cloud.api.ApiServlet] (catalina-exec-9:null)
===START=== 192.168.220.1 -- GET
command=deletePortForwardingRuleresponse=jsonsessionkey=YwEeHOyxyQa9chYMY4VtUbIQPe8%3Did=2cbaa440-c4b1-4472-a27b-28c71f7c1dcf_=1382444054170
2013-10-22 08:14:14,147 DEBUG [cloud.async.AsyncJobManagerImpl]
(catalina-exec-9:null) submit async job-39, details: AsyncJobVO {id:39,
userId: 2, accountId: 2, sessionKey: null, instanceType: FirewallRule,
instanceId: null, cmd:
org.apache.cloudstack.api.command.user.firewall.DeletePortForwardingRuleCmd,
cmdOriginator: null, cmdInfo:
{response:json,id:2cbaa440-c4b1-4472-a27b-28c71f7c1dcf,sessionkey:YwEeHOyxyQa9chYMY4VtUbIQPe8\u003d,ctxUserId:2,_:1382444054170,ctxAccountId:2,ctxStartEventId:178},
cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0,
processStatus: 0, resultCode: 0, result: null, initMsid: 345052229336,
completeMsid: null, lastUpdated: null, lastPolled: null, created: null}
2013-10-22 08:14:14,153 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-44:job-39) Executing
org.apache.cloudstack.api.command.user.firewall.DeletePortForwardingRuleCmd
for job-39
2013-10-22 08:14:14,155 DEBUG [cloud.api.ApiServlet] (catalina-exec-9:null)
===END=== 192.168.220.1 -- GET
command=deletePortForwardingRuleresponse=jsonsessionkey=YwEeHOyxyQa9chYMY4VtUbIQPe8%3Did=2cbaa440-c4b1-4472-a27b-28c71f7c1dcf_=1382444054170
2013-10-22 08:14:14,172 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-44:job-39) Sync job-39 execution on object network.212
2013-10-22 08:14:14,185 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-44:job-39) job
org.apache.cloudstack.api.command.user.firewall.DeletePortForwardingRuleCmd
for job-39 was queued, processing the queue.
2013-10-22 08:14:14,200 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-44:job-39) Executing sync queue item: SyncQueueItemVO {id:18,
queueId: 19, contentType: AsyncJob, contentId: 39, lastProcessMsid:
345052229336, lastprocessNumber: 5, lastProcessTime: Tue Oct 22 08:14:14
EDT 2013, created: Tue Oct 22 08:14:14 EDT 2013}
2013-10-22 08:14:14,202 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-44:job-39) Schedule queued job-39
2013-10-22 08:14:14,241 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-45:job-39) Executing
org.apache.cloudstack.api.command.user.firewall.DeletePortForwardingRuleCmd
for job-39
2013-10-22 08:14:14,242 DEBUG [cloud.async.SyncQueueManagerImpl]
(Job-Executor-44:job-39) There is a pending process in sync queue(id: 19)
2013-10-22 08:14:14,285 DEBUG [db.Transaction.Transaction]
(Job-Executor-45:job-39) Rolling back the transaction: Time = 5 Name =
-AsyncJobManagerImpl$1.run:401-Executors$RunnableAdapter.call:471-FutureTask$Sync.innerRun:334-FutureTask.run:166-ThreadPoolExecutor.runWorker:1146-ThreadPoolExecutor$Worker.run:615-Thread.run:679;
called by
-Transaction.rollback:890-Transaction.removeUpTo:833-Transaction.close:657-TransactionContextBuilder.interceptException:63-ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept:133-RulesManagerImpl.revokePortForwardingRuleInternal:571-RulesManagerImpl.revokePortForwardingRule:562-ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept:125-DeletePortForwardingRuleCmd.execute:98-ApiDispatcher.dispatch:162-AsyncJobManagerImpl$1.run:437-Executors$RunnableAdapter.call:471
2013-10-22 08:14:14,336 ERROR [cloud.async.AsyncJobManagerImpl]
(Job-Executor-45:job-39) Unexpected exception while executing
org.apache.cloudstack.api.command.user.firewall.DeletePortForwardingRuleCmd
java.lang.NullPointerException
at
com.cloud.event.UsageEventUtils.publishUsageEvent(UsageEventUtils.java:132)
at
com.cloud.event.UsageEventUtils.publishUsageEvent(UsageEventUtils.java:73)
at
com.cloud.network.firewall.FirewallManagerImpl.revokeRule(FirewallManagerImpl.java:710)
at
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at
com.cloud.network.rules.RulesManagerImpl.revokePortForwardingRuleInternal(RulesManagerImpl.java:571)
at
com.cloud.network.rules.RulesManagerImpl.revokePortForwardingRule(RulesManagerImpl.java:562)
at
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at
org.apache.cloudstack.api.command.user.firewall.DeletePortForwardingRuleCmd.execute(DeletePortForwardingRuleCmd.java:98)
at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:162)
Re: Templates and ISOs are shown twice after upgrade to 4.2
Did you add a new zone or have multiple zones ? Are they showing up for different zones ? Is the cross zone flag on ? On 22/10/13 6:57 AM, Andrei Mikhailovsky and...@arhont.com wrote: I was wondering if anyone else have noticed that the Templates and ISOs are shown twice in the ACS 4.2.0 GUI. I've looked at the duplicates and they have the same id/uuid and when I look in db, the templates which are shown twice have only a single entrance in the database. Any idea what is causing this? Cheers
Re: Templates and ISOs are shown twice after upgrade to 4.2
Nope, I only have a single zone and i've not added anything. I've simply upgraded from 4.1.1 to 4.2 and found it like that. Let me check the cross zone flag and come back Andrei - Original Message - From: Nitin Mehta nitin.me...@citrix.com To: users@cloudstack.apache.org Sent: Tuesday, 22 October, 2013 4:01:06 PM Subject: Re: Templates and ISOs are shown twice after upgrade to 4.2 Did you add a new zone or have multiple zones ? Are they showing up for different zones ? Is the cross zone flag on ? On 22/10/13 6:57 AM, Andrei Mikhailovsky and...@arhont.com wrote: I was wondering if anyone else have noticed that the Templates and ISOs are shown twice in the ACS 4.2.0 GUI. I've looked at the duplicates and they have the same id/uuid and when I look in db, the templates which are shown twice have only a single entrance in the database. Any idea what is causing this? Cheers
Downloading templates loop
Hi,
I've noticed my logs are filled with what looks like attempts to
re-download old failed template downloads. The jobID's from the logs can be
seen in the template_host_ref table.
I'm wondering why the jobs haven't timed out or otherwise given up. And If
they are going on go on forever then how do I stop/remove them.
Thanks
=== Extract from management-server.log ===
2013-10-21 16:46:55,202 DEBUG [agent.transport.Request] (Timer-13:null) Seq
67-1910165348: Sending { Cmd , MgmtId: 345051854263, via: 67, Ver: v1,
Flags: 100011,
[{storage.DownloadProgressCommand:{jobId:25d111cf-767d-40f2-9d3f-e921b8d00638,request:GET_STATUS,hvm:true,description:RHEL
Server 6.3 32
Bit,checksum:edd93cda6935bcf04c3381446764eb26,maxDownloadSizeInBytes:53687091200,id:233,resourceType:TEMPLATE,url:
http://bignas01/rhel-server-6.3-i386-dvd.iso,format:ISO,accountId:2,name:233-2-03f4e933-fc90-3056-8ccd-78b4a1b27dfb,secUrl:nfs://othernas/export/sec2,wait:0}}]
}
2013-10-21 16:46:55,254 DEBUG [agent.transport.Request]
(AgentManager-Handler-2:null) Seq 67-1910165348: Processing: { Ans: ,
MgmtId: 345051854263, via: 67, Ver: v1, Flags: 10,
[{storage.DownloadAnswer:{jobId:25d111cf-767d-40f2-9d3f-e921b8d00638,downloadPct:0,errorString:No
route to
host,downloadStatus:NOT_DOWNLOADED,downloadPath:/mnt/SecStorage/9219e7b2-1e8a-3b9c-bfba-fa05ffc80290/template/tmpl/2/233/dnld1954968885437896633tmp_,templateSize:0,templatePhySicalSize:0,checkSum:edd93cda6935bcf04c3381446764eb26,result:false,details:No
route to host,wait:0}}] }
=== Example JobID from database
mysql select * from template_host_ref where job_id =
'25d111cf-767d-40f2-9d3f-e921b8d00638' \G
*** 1. row ***
id: 385
host_id: 55
template_id: 233
created: 2012-10-29 23:09:28
last_updated: 2013-10-21 15:54:55
job_id: 25d111cf-767d-40f2-9d3f-e921b8d00638
download_pct: 0
size: 0
physical_size: 0
download_state: NOT_DOWNLOADED
error_str: No route to host
local_path:
/mnt/SecStorage/9219e7b2-1e8a-3b9c-bfba-fa05ffc80290/template/tmpl/2/233/dnld1954968885437896633tmp_
install_path: NULL
url: http://bignas01/rhel-server-6.3-i386-dvd.iso
destroyed: 0
is_copy: 0
1 row in set (0.00 sec)
Cheers!
Best regards,
David Comerford
Tel: +353 87 1238295
Email: davest...@gmail.com
Website: http://dave.ie
GPG key: http://gpg.dave.ie
upgrade xen 6.0.2 to 6.2
Hello Did anyone know how is procedure to upgrade existing host in the cluster to xenserver 6.2 from xenserver 6.0.2 ?
RE: upgrade xen 6.0.2 to 6.2
If you have single host in the cluster: --- Put the host in to maintenance mode from CS --- once its successful, un-manage the cluster from cs Upgrade the xenver from 6.0.2 to 6.2 ---cancel maintenance mode and Click on Manage Cluster fr0m CS. If you have multiple host first put master into maintenance mode and make sure all vms migrated to other host and unmanage cluster from cs . Upgrade host then manage cluster and then put other host (slave)into maintenance mode and upgrade host and cancel maintenance mode Regards Sadhu -Original Message- From: Jaro 2079 [mailto:jaro2...@gmail.com] Sent: 22 October 2013 21:26 To: users@cloudstack.apache.org Subject: upgrade xen 6.0.2 to 6.2 Hello Did anyone know how is procedure to upgrade existing host in the cluster to xenserver 6.2 from xenserver 6.0.2 ?
Public LAN inside CS
Hi, I have one question on public network, used in Advance networking scenario. As I understood from documentation, Public network is only used by system VMs, and assigned to the public interface on VR(s). What is recommended way if I want public IP address to be assigned to some user VMs? I'm not deploying VR for customer VMs, just kind of VPS VM... I have done the folowing, and wonder if this is good/correct method - it is working fine for now. In order to have public IPs assigned to single VM - I had to use another guest network with vlan tagged packets (so, I have one guest network, with vlans 40-50 on eth0 for private IP range communication between VMs (each account get it's own vlan ID from range 40-60), and I HAD to have vlan 500 on eth1, on HOST. Then I deployed new Shared Network inside CS UI, with vlan 500 (that can be assigned to all acount VMs, in order to have public IP and direct internet access), and CS created bridge cloudVrBb500, and joing eth1.500 to that network... So, any other solution to have normal VMs get public IP address from public IP range without using vlans for that guest network ??? Thanks, -- Andrija Panić
Re: ACS 4.2 secondary storage strangeness
Also, Template creation from a snapshot doesn't work. Perhaps related? I've double checked that ssvm is up and running and the check script does not produce any errors. Here is the error while trying to create a template: 2013-10-22 17:13:28,474 DEBUG [cloud.network.NetworkUsageManagerImpl] (AgentConnectTaskPool-3979:null) Disconnected called on 61 with status Alert 2013-10-22 17:13:28,474 DEBUG [agent.manager.AgentManagerImpl] (AgentConnectTaskPool-3979:null) Sending Disconnect to listener: com.cloud.consoleproxy.ConsoleProxyListener 2013-10-22 17:13:28,476 DEBUG [cloud.host.Status] (AgentConnectTaskPool-3979:null) Transition:[Resource state = Enabled, Agent event = AgentDisconnected, Host id = 61, name = s-820-VM] 2013-10-22 17:13:28,593 DEBUG [cloud.host.Status] (AgentConnectTaskPool-3979:null) Agent status update: [id = 61; name = s-820-VM; old status = Connecting; event = AgentDisconnected; new status = Alert; old update count = 5283; new update count = 5284] 2013-10-22 17:13:28,593 DEBUG [agent.manager.ClusteredAgentManagerImpl] (AgentConnectTaskPool-3979:null) Notifying other nodes of to disconnect 2013-10-22 17:13:28,594 DEBUG [agent.manager.AgentManagerImpl] (AgentConnectTaskPool-3979:null) Failed to handle host connection: com.cloud.utils.exception.CloudRuntimeException: Unable to connect 61 2013-10-22 17:13:28,594 DEBUG [agent.manager.AgentManagerImpl] (AgentConnectTaskPool-3979:null) Can not send command com.cloud.agent.api.ReadyCommand due to Host 61 is not up 2013-10-22 17:13:28,649 DEBUG [cloud.template.TemplateManagerImpl] (Job-Executor-103:job-6828 = [ 992cbb95-38ec-497e-bddc-1e90b67bcdb9 ]) Failed to create templatecom.cloud.utils.exception.CloudRuntimeException: Failed to send command, due to Agent:61, com.cloud.exception.OperationTimedoutException: Commands 1024262150 to Host 61 timed out after 21600 2013-10-22 17:13:28,764 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Executor-103:job-6828 = [ 992cbb95-38ec-497e-bddc-1e90b67bcdb9 ]) Unexpected exception while executing org.apache.cloudstack.api.command.user.template.CreateTemplateCmd com.cloud.utils.exception.CloudRuntimeException: Failed to create templatecom.cloud.utils.exception.CloudRuntimeException: Failed to send command, due to Agent:61, com.cloud.exception.OperationTimedoutException: Commands 1024262150 to Host 61 timed out after 21600 at com.cloud.template.TemplateManagerImpl.createPrivateTemplate(TemplateManagerImpl.java:1395) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.api.command.user.template.CreateTemplateCmd.execute(CreateTemplateCmd.java:263) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:158) at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:531) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:679) 2013-10-22 17:13:28,765 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-103:job-6828 = [ 992cbb95-38ec-497e-bddc-1e90b67bcdb9 ]) Complete async job-6828 = [ 992cbb95-38ec-497e-bddc-1e90b67bcdb9 ], jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: Failed to create templatecom.cloud.utils.exception.CloudRuntimeException: Failed to send command, due to Agent:61, com.cloud.exception.OperationTimedoutException: Commands 1024262150 to Host 61 timed out after 21600 Thanks Andrei - Original Message - From: Andrei Mikhailovsky and...@arhont.com To: users@cloudstack.apache.org Sent: Tuesday, 22 October, 2013 2:35:15 PM Subject: ACS 4.2 secondary storage strangeness Hello guys, I am having an issue after upgrading from 4.1.1 to 4.2.0. Every minute or so I have the following exception in my management server logs: - 2013-10-22 14:31:43,921 INFO [storage.image.TemplateServiceImpl] (AgentConnectTaskPool-3561:null) Template Sync found routing-8 already in the image store 2013-10-22 14:31:44,070 INFO [storage.image.TemplateServiceImpl] (AgentConnectTaskPool-3561:null) Template Sync found routing-1 already in the image store 2013-10-22 14:31:44,167 INFO [storage.image.TemplateServiceImpl] (AgentConnectTaskPool-3561:null) Template Sync found centos55-x86_64 already in the image store 2013-10-22 14:31:44,263 INFO [storage.image.TemplateServiceImpl] (AgentConnectTaskPool-3561:null) Template Sync did not find centos56-x86_64-xen on image store 42, may request download based on available hypervisor types 2013-10-22 14:31:44,264 INFO [storage.image.TemplateServiceImpl] (AgentConnectTaskPool-3561:null) Template
Re: Templates and ISOs are shown twice after upgrade to 4.2
This is strange Andrei. Do you see any attribute different in the duplicate entries ? Why don¹t u paste the logs/DB/snapshots of UI somewhere so that we can help you further. On 22/10/13 8:15 AM, Andrei Mikhailovsky and...@arhont.com wrote: Yeah, the cross_zones column has 1 for all of my templates. Thanks - Original Message - From: Nitin Mehta nitin.me...@citrix.com To: users@cloudstack.apache.org Sent: Tuesday, 22 October, 2013 4:01:06 PM Subject: Re: Templates and ISOs are shown twice after upgrade to 4.2 Did you add a new zone or have multiple zones ? Are they showing up for different zones ? Is the cross zone flag on ? On 22/10/13 6:57 AM, Andrei Mikhailovsky and...@arhont.com wrote: I was wondering if anyone else have noticed that the Templates and ISOs are shown twice in the ACS 4.2.0 GUI. I've looked at the duplicates and they have the same id/uuid and when I look in db, the templates which are shown twice have only a single entrance in the database. Any idea what is causing this? Cheers
Re: Downloading templates loop
If there is an option available in the UI to delete them then do that.
Else you can remove the entry from template_store_ref, I think that should
do
On 22/10/13 8:20 AM, David Comerford davest...@gmail.com wrote:
Hi,
I've noticed my logs are filled with what looks like attempts to
re-download old failed template downloads. The jobID's from the logs can
be
seen in the template_host_ref table.
I'm wondering why the jobs haven't timed out or otherwise given up. And If
they are going on go on forever then how do I stop/remove them.
Thanks
=== Extract from management-server.log ===
2013-10-21 16:46:55,202 DEBUG [agent.transport.Request] (Timer-13:null)
Seq
67-1910165348: Sending { Cmd , MgmtId: 345051854263, via: 67, Ver: v1,
Flags: 100011,
[{storage.DownloadProgressCommand:{jobId:25d111cf-767d-40f2-9d3f-e921
b8d00638,request:GET_STATUS,hvm:true,description:RHEL
Server 6.3 32
Bit,checksum:edd93cda6935bcf04c3381446764eb26,maxDownloadSizeInBytes
:53687091200,id:233,resourceType:TEMPLATE,url:
http://bignas01/rhel-server-6.3-i386-dvd.iso,format:ISO,accountId:2
,name:233-2-03f4e933-fc90-3056-8ccd-78b4a1b27dfb,secUrl:nfs://other
nas/export/sec2,wait:0}}]
}
2013-10-21 16:46:55,254 DEBUG [agent.transport.Request]
(AgentManager-Handler-2:null) Seq 67-1910165348: Processing: { Ans: ,
MgmtId: 345051854263, via: 67, Ver: v1, Flags: 10,
[{storage.DownloadAnswer:{jobId:25d111cf-767d-40f2-9d3f-e921b8d00638
,downloadPct:0,errorString:No
route to
host,downloadStatus:NOT_DOWNLOADED,downloadPath:/mnt/SecStorage/92
19e7b2-1e8a-3b9c-bfba-fa05ffc80290/template/tmpl/2/233/dnld195496888543789
6633tmp_,templateSize:0,templatePhySicalSize:0,checkSum:edd93cda69
35bcf04c3381446764eb26,result:false,details:No
route to host,wait:0}}] }
=== Example JobID from database
mysql select * from template_host_ref where job_id =
'25d111cf-767d-40f2-9d3f-e921b8d00638' \G
*** 1. row ***
id: 385
host_id: 55
template_id: 233
created: 2012-10-29 23:09:28
last_updated: 2013-10-21 15:54:55
job_id: 25d111cf-767d-40f2-9d3f-e921b8d00638
download_pct: 0
size: 0
physical_size: 0
download_state: NOT_DOWNLOADED
error_str: No route to host
local_path:
/mnt/SecStorage/9219e7b2-1e8a-3b9c-bfba-fa05ffc80290/template/tmpl/2/233/d
nld1954968885437896633tmp_
install_path: NULL
url: http://bignas01/rhel-server-6.3-i386-dvd.iso
destroyed: 0
is_copy: 0
1 row in set (0.00 sec)
Cheers!
Best regards,
David Comerford
Tel: +353 87 1238295
Email: davest...@gmail.com
Website: http://dave.ie
GPG key: http://gpg.dave.ie
Re: ACS 4.2 secondary storage strangeness
What does the agent state in the UI for SSVM - is it up ? As per me the ssvm check scripts shouldn't have succeeded for you. Following log message hints that to me. Agent status update: [id = 61; name = s-820-VM; old status = Connecting; event = AgentDisconnected; new status = Alert; old update count = 5283; new update count = 5284] On 22/10/13 9:21 AM, Andrei Mikhailovsky and...@arhont.com wrote: Also, Template creation from a snapshot doesn't work. Perhaps related? I've double checked that ssvm is up and running and the check script does not produce any errors. Here is the error while trying to create a template: 2013-10-22 17:13:28,474 DEBUG [cloud.network.NetworkUsageManagerImpl] (AgentConnectTaskPool-3979:null) Disconnected called on 61 with status Alert 2013-10-22 17:13:28,474 DEBUG [agent.manager.AgentManagerImpl] (AgentConnectTaskPool-3979:null) Sending Disconnect to listener: com.cloud.consoleproxy.ConsoleProxyListener 2013-10-22 17:13:28,476 DEBUG [cloud.host.Status] (AgentConnectTaskPool-3979:null) Transition:[Resource state = Enabled, Agent event = AgentDisconnected, Host id = 61, name = s-820-VM] 2013-10-22 17:13:28,593 DEBUG [cloud.host.Status] (AgentConnectTaskPool-3979:null) Agent status update: [id = 61; name = s-820-VM; old status = Connecting; event = AgentDisconnected; new status = Alert; old update count = 5283; new update count = 5284] 2013-10-22 17:13:28,593 DEBUG [agent.manager.ClusteredAgentManagerImpl] (AgentConnectTaskPool-3979:null) Notifying other nodes of to disconnect 2013-10-22 17:13:28,594 DEBUG [agent.manager.AgentManagerImpl] (AgentConnectTaskPool-3979:null) Failed to handle host connection: com.cloud.utils.exception.CloudRuntimeException: Unable to connect 61 2013-10-22 17:13:28,594 DEBUG [agent.manager.AgentManagerImpl] (AgentConnectTaskPool-3979:null) Can not send command com.cloud.agent.api.ReadyCommand due to Host 61 is not up 2013-10-22 17:13:28,649 DEBUG [cloud.template.TemplateManagerImpl] (Job-Executor-103:job-6828 = [ 992cbb95-38ec-497e-bddc-1e90b67bcdb9 ]) Failed to create templatecom.cloud.utils.exception.CloudRuntimeException: Failed to send command, due to Agent:61, com.cloud.exception.OperationTimedoutException: Commands 1024262150 to Host 61 timed out after 21600 2013-10-22 17:13:28,764 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Executor-103:job-6828 = [ 992cbb95-38ec-497e-bddc-1e90b67bcdb9 ]) Unexpected exception while executing org.apache.cloudstack.api.command.user.template.CreateTemplateCmd com.cloud.utils.exception.CloudRuntimeException: Failed to create templatecom.cloud.utils.exception.CloudRuntimeException: Failed to send command, due to Agent:61, com.cloud.exception.OperationTimedoutException: Commands 1024262150 to Host 61 timed out after 21600 at com.cloud.template.TemplateManagerImpl.createPrivateTemplate(TemplateManag erImpl.java:1395) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorD ispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.api.command.user.template.CreateTemplateCmd.execute( CreateTemplateCmd.java:263) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:158) at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:531) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java: 1146) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java :615) at java.lang.Thread.run(Thread.java:679) 2013-10-22 17:13:28,765 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-103:job-6828 = [ 992cbb95-38ec-497e-bddc-1e90b67bcdb9 ]) Complete async job-6828 = [ 992cbb95-38ec-497e-bddc-1e90b67bcdb9 ], jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: Failed to create templatecom.cloud.utils.exception.CloudRuntimeException: Failed to send command, due to Agent:61, com.cloud.exception.OperationTimedoutException: Commands 1024262150 to Host 61 timed out after 21600 Thanks Andrei - Original Message - From: Andrei Mikhailovsky and...@arhont.com To: users@cloudstack.apache.org Sent: Tuesday, 22 October, 2013 2:35:15 PM Subject: ACS 4.2 secondary storage strangeness Hello guys, I am having an issue after upgrading from 4.1.1 to 4.2.0. Every minute or so I have the following exception in my management server logs: - 2013-10-22 14:31:43,921 INFO [storage.image.TemplateServiceImpl] (AgentConnectTaskPool-3561:null) Template Sync found routing-8 already in the image store 2013-10-22 14:31:44,070 INFO [storage.image.TemplateServiceImpl] (AgentConnectTaskPool-3561:null) Template Sync found routing-1 already in the image store 2013-10-22 14:31:44,167 INFO [storage.image.TemplateServiceImpl] (AgentConnectTaskPool-3561:null) Template Sync found centos55-x86_64 already in the
Re: Public LAN inside CS
Or to post question other way: The only way to make public IP addresses available to VMs directly (call it VPS style) (without VR), is using guest network (bind it to ethX/bridgeX that has direct internet access) and create shared network offer... as I already done ? On 22 October 2013 18:09, Andrija Panic andrija.pa...@gmail.com wrote: Hi, I have one question on public network, used in Advance networking scenario. As I understood from documentation, Public network is only used by system VMs, and assigned to the public interface on VR(s). What is recommended way if I want public IP address to be assigned to some user VMs? I'm not deploying VR for customer VMs, just kind of VPS VM... I have done the folowing, and wonder if this is good/correct method - it is working fine for now. In order to have public IPs assigned to single VM - I had to use another guest network with vlan tagged packets (so, I have one guest network, with vlans 40-50 on eth0 for private IP range communication between VMs (each account get it's own vlan ID from range 40-60), and I HAD to have vlan 500 on eth1, on HOST. Then I deployed new Shared Network inside CS UI, with vlan 500 (that can be assigned to all acount VMs, in order to have public IP and direct internet access), and CS created bridge cloudVrBb500, and joing eth1.500 to that network... So, any other solution to have normal VMs get public IP address from public IP range without using vlans for that guest network ??? Thanks, -- Andrija Panić -- Andrija Panić -- http://admintweets.com --
Network Setup Problem 4.1.1
Hi, I am trying to setup a basic cloudstack 4.1.1 installation (test setup) with 1 Management (mgmt) server (centos 6.4), 1 host machine(cents 6.4) and 1 dell6248 switch Mgmt has 2 NIC's * One connected to the internet * Another with local ip 20.1.1.1 (which acts a gateway) net mask 255.0.0.0 * I have added NAT rules to forward internet to rest of the network * And this runs a dns server * Also this hosts the Mysql and NFS (/export/primary, /export/secondary) * But No dhcp server * I followed the instructions in the document and the management server is running and I can access it through browser DELL6248 Switch * I assigned ip as 20.2.1.1 netmask 255.0.0.0 gateway 20.1.1.1 * No Vlan configured, left it at default config Host Machine has 1 NIC * It is connected to the Switch * I followed the steps in the document (installation for KVM) for creating bridges * I Assigned ip 20.1.1.2 to the vlan em1.100 [ Netmask 255.0.0.0 Gateway 20.1.1.1 ] (em is my eth) and no ip on em1, Amd configured 2 bridges as said. - But, With this setup the host machine cannot even ping the switch and mgmt server. - I tried assigning the 192.*.*.* ip to em1.100 with the ip at virbr0(192.*.*.1) as gateway but same result cannot ping the switch or mgmt.. * So removed all vlan's and bridges and just set 20.1.1.2 to em1 [ Netmask 255.0.0.0 Gateway 20.1.1.1]. Now it works as expected and I can access the internet as well. Setup: * I proceeded with the basic installation * Pod - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.5 - 20.1.1.20 * Guest - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.30 - 20.1.1.200 * The Zone gets added successfully. No error on that. It creates cloubr0 bridge on host by itself and moves the ip from em1 to cloudbr0 and also starts the SSVM and Console VM on the host machine. But I get this There is no secondary storage VM for secondary storage host nfs://20.1.1.1/export/secondary On the management server log. SSVM Guest Machine * I can log into the SSVM from host using iplink local and I ran the SSVM test script, it seems it cannot connect to the gateway (20.1.1.1). * Following are the ip assigned to SSVM oPublic - 20.1.1.30 (eth2) , Private - 20.1.111 (eth1) , Link Local - 169.254.2.151 (eth0) , oAnd on eth3 20.1.1.20 (Not sure what this is for) Problems: * SSVM cannot access switch or gateway server (mgmt,nfs,mysql) or internet * And I cannot add any iso's or the cannot see the system default iso on the add instance screen. So there's something wrong in my network configuration over here but I couldn't figure out what it is. So any help on this would be much appreciated. Regards, Vairavan M.
Re: Public LAN inside CS
Hi Andrija, Your setup seems fine to me, I am not sure why you would want to get rid of VLANs as it provides the flexibility you require when it comes to isolated public/private networking all on the same infrastructure. I run a shared network for our 'Public' addresses, on a set VLAN and also have other vlans for certain servers for private networks, just like yours. I hope that answers your question. Marty On Tue, Oct 22, 2013 at 7:20 PM, Andrija Panic andrija.pa...@gmail.comwrote: Or to post question other way: The only way to make public IP addresses available to VMs directly (call it VPS style) (without VR), is using guest network (bind it to ethX/bridgeX that has direct internet access) and create shared network offer... as I already done ? On 22 October 2013 18:09, Andrija Panic andrija.pa...@gmail.com wrote: Hi, I have one question on public network, used in Advance networking scenario. As I understood from documentation, Public network is only used by system VMs, and assigned to the public interface on VR(s). What is recommended way if I want public IP address to be assigned to some user VMs? I'm not deploying VR for customer VMs, just kind of VPS VM... I have done the folowing, and wonder if this is good/correct method - it is working fine for now. In order to have public IPs assigned to single VM - I had to use another guest network with vlan tagged packets (so, I have one guest network, with vlans 40-50 on eth0 for private IP range communication between VMs (each account get it's own vlan ID from range 40-60), and I HAD to have vlan 500 on eth1, on HOST. Then I deployed new Shared Network inside CS UI, with vlan 500 (that can be assigned to all acount VMs, in order to have public IP and direct internet access), and CS created bridge cloudVrBb500, and joing eth1.500 to that network... So, any other solution to have normal VMs get public IP address from public IP range without using vlans for that guest network ??? Thanks, -- Andrija Panić -- Andrija Panić -- http://admintweets.com --
Re: Public LAN inside CS
Thanks Marty, I just needed confirmation of my work, I deployed CS 4.0.0. (from not knowing what it is, till fully operational and used in kind of production) in less than 15 days...so lot of stuff was done in kind of rush, but got 99% of networkng understood then. Now, 9 months later, I got that 1% I missed :) Thanks On 22 October 2013 21:04, Marty Sweet msweet@gmail.com wrote: Hi Andrija, Your setup seems fine to me, I am not sure why you would want to get rid of VLANs as it provides the flexibility you require when it comes to isolated public/private networking all on the same infrastructure. I run a shared network for our 'Public' addresses, on a set VLAN and also have other vlans for certain servers for private networks, just like yours. I hope that answers your question. Marty On Tue, Oct 22, 2013 at 7:20 PM, Andrija Panic andrija.pa...@gmail.com wrote: Or to post question other way: The only way to make public IP addresses available to VMs directly (call it VPS style) (without VR), is using guest network (bind it to ethX/bridgeX that has direct internet access) and create shared network offer... as I already done ? On 22 October 2013 18:09, Andrija Panic andrija.pa...@gmail.com wrote: Hi, I have one question on public network, used in Advance networking scenario. As I understood from documentation, Public network is only used by system VMs, and assigned to the public interface on VR(s). What is recommended way if I want public IP address to be assigned to some user VMs? I'm not deploying VR for customer VMs, just kind of VPS VM... I have done the folowing, and wonder if this is good/correct method - it is working fine for now. In order to have public IPs assigned to single VM - I had to use another guest network with vlan tagged packets (so, I have one guest network, with vlans 40-50 on eth0 for private IP range communication between VMs (each account get it's own vlan ID from range 40-60), and I HAD to have vlan 500 on eth1, on HOST. Then I deployed new Shared Network inside CS UI, with vlan 500 (that can be assigned to all acount VMs, in order to have public IP and direct internet access), and CS created bridge cloudVrBb500, and joing eth1.500 to that network... So, any other solution to have normal VMs get public IP address from public IP range without using vlans for that guest network ??? Thanks, -- Andrija Panić -- Andrija Panić -- http://admintweets.com -- -- Andrija Panić -- http://admintweets.com --
Re: Public LAN inside CS
Awesome, let us know if you need any further assistance! Marty On Tue, Oct 22, 2013 at 8:13 PM, Andrija Panic andrija.pa...@gmail.comwrote: Thanks Marty, I just needed confirmation of my work, I deployed CS 4.0.0. (from not knowing what it is, till fully operational and used in kind of production) in less than 15 days...so lot of stuff was done in kind of rush, but got 99% of networkng understood then. Now, 9 months later, I got that 1% I missed :) Thanks On 22 October 2013 21:04, Marty Sweet msweet@gmail.com wrote: Hi Andrija, Your setup seems fine to me, I am not sure why you would want to get rid of VLANs as it provides the flexibility you require when it comes to isolated public/private networking all on the same infrastructure. I run a shared network for our 'Public' addresses, on a set VLAN and also have other vlans for certain servers for private networks, just like yours. I hope that answers your question. Marty On Tue, Oct 22, 2013 at 7:20 PM, Andrija Panic andrija.pa...@gmail.com wrote: Or to post question other way: The only way to make public IP addresses available to VMs directly (call it VPS style) (without VR), is using guest network (bind it to ethX/bridgeX that has direct internet access) and create shared network offer... as I already done ? On 22 October 2013 18:09, Andrija Panic andrija.pa...@gmail.com wrote: Hi, I have one question on public network, used in Advance networking scenario. As I understood from documentation, Public network is only used by system VMs, and assigned to the public interface on VR(s). What is recommended way if I want public IP address to be assigned to some user VMs? I'm not deploying VR for customer VMs, just kind of VPS VM... I have done the folowing, and wonder if this is good/correct method - it is working fine for now. In order to have public IPs assigned to single VM - I had to use another guest network with vlan tagged packets (so, I have one guest network, with vlans 40-50 on eth0 for private IP range communication between VMs (each account get it's own vlan ID from range 40-60), and I HAD to have vlan 500 on eth1, on HOST. Then I deployed new Shared Network inside CS UI, with vlan 500 (that can be assigned to all acount VMs, in order to have public IP and direct internet access), and CS created bridge cloudVrBb500, and joing eth1.500 to that network... So, any other solution to have normal VMs get public IP address from public IP range without using vlans for that guest network ??? Thanks, -- Andrija Panić -- Andrija Panić -- http://admintweets.com -- -- Andrija Panić -- http://admintweets.com --
Re: Downloading templates loop
They aren't present in the UI.
Would deleting them from template_store_ref not cause a problem as they are
referenced by template_host_ref and vm_template?
Best regards,
David Comerford
Tel: +353 87 1238295
Email: davest...@gmail.com
Website: http://dave.ie
GPG key: http://gpg.dave.ie
On 22 October 2013 17:42, Nitin Mehta nitin.me...@citrix.com wrote:
If there is an option available in the UI to delete them then do that.
Else you can remove the entry from template_store_ref, I think that should
do
On 22/10/13 8:20 AM, David Comerford davest...@gmail.com wrote:
Hi,
I've noticed my logs are filled with what looks like attempts to
re-download old failed template downloads. The jobID's from the logs can
be
seen in the template_host_ref table.
I'm wondering why the jobs haven't timed out or otherwise given up. And If
they are going on go on forever then how do I stop/remove them.
Thanks
=== Extract from management-server.log ===
2013-10-21 16:46:55,202 DEBUG [agent.transport.Request] (Timer-13:null)
Seq
67-1910165348: Sending { Cmd , MgmtId: 345051854263, via: 67, Ver: v1,
Flags: 100011,
[{storage.DownloadProgressCommand:{jobId:25d111cf-767d-40f2-9d3f-e921
b8d00638,request:GET_STATUS,hvm:true,description:RHEL
Server 6.3 32
Bit,checksum:edd93cda6935bcf04c3381446764eb26,maxDownloadSizeInBytes
:53687091200,id:233,resourceType:TEMPLATE,url:
http://bignas01/rhel-server-6.3-i386-dvd.iso
,format:ISO,accountId:2
,name:233-2-03f4e933-fc90-3056-8ccd-78b4a1b27dfb,secUrl:nfs://other
nas/export/sec2,wait:0}}]
}
2013-10-21 16:46:55,254 DEBUG [agent.transport.Request]
(AgentManager-Handler-2:null) Seq 67-1910165348: Processing: { Ans: ,
MgmtId: 345051854263, via: 67, Ver: v1, Flags: 10,
[{storage.DownloadAnswer:{jobId:25d111cf-767d-40f2-9d3f-e921b8d00638
,downloadPct:0,errorString:No
route to
host,downloadStatus:NOT_DOWNLOADED,downloadPath:/mnt/SecStorage/92
19e7b2-1e8a-3b9c-bfba-fa05ffc80290/template/tmpl/2/233/dnld195496888543789
6633tmp_,templateSize:0,templatePhySicalSize:0,checkSum:edd93cda69
35bcf04c3381446764eb26,result:false,details:No
route to host,wait:0}}] }
=== Example JobID from database
mysql select * from template_host_ref where job_id =
'25d111cf-767d-40f2-9d3f-e921b8d00638' \G
*** 1. row ***
id: 385
host_id: 55
template_id: 233
created: 2012-10-29 23:09:28
last_updated: 2013-10-21 15:54:55
job_id: 25d111cf-767d-40f2-9d3f-e921b8d00638
download_pct: 0
size: 0
physical_size: 0
download_state: NOT_DOWNLOADED
error_str: No route to host
local_path:
/mnt/SecStorage/9219e7b2-1e8a-3b9c-bfba-fa05ffc80290/template/tmpl/2/233/d
nld1954968885437896633tmp_
install_path: NULL
url: http://bignas01/rhel-server-6.3-i386-dvd.iso
destroyed: 0
is_copy: 0
1 row in set (0.00 sec)
Cheers!
Best regards,
David Comerford
Tel: +353 87 1238295
Email: davest...@gmail.com
Website: http://dave.ie
GPG key: http://gpg.dave.ie
Re: Missing jar vmware-lib-jaxrpc.jar?
H Fred, Sorry for the late reply. I would say try moving the jars in and out. As long as you don't delete them you are fine. The wiki page should be up to date but the release documentation is the place to look. On Fri, Oct 18, 2013 at 9:32 PM, Fred Messinger fredmessin...@gmail.com wrote: Hi Daan, I was reluctant to do that because of this: git commit: CLOUDSTACK-346: Replace vmware-lib-jaxrpc with axis-jaxrpc The fact that I was seeing something trying to load this class meant that something was very wrong. Which makes me suspect the dependencies section on this page: https://cwiki.apache.org/confluence/display/CLOUDSTACK/How+to+build+CloudStack# Is this documentation still good? Thanks, Fred On Thu, Oct 17, 2013 at 1:38 PM, Daan Hoogland daan.hoogl...@gmail.comwrote: Fred, Attachements are stripped from maila to the list. It sounds like this is your problem yes. Why don't you try adding the jar and restarting the ms? regards, Daan On Wed, Oct 16, 2013 at 3:04 PM, Fred Messinger fredmessin...@gmail.com wrote: Hi All, I'm trying to upgrade from 4.1.1 to 4.2 using vmware. And I think I am SO close! My management server log file is attached. It describes some deserialization problems and it also shows that a VMware resource class file cannot be loaded. From googling the exception, I found this jira ticket: https://issues.apache.org/jira/browse/CLOUDSTACK-211 Is the reason I can't start my ssvm because of this? Thanks, Fred
FW: [ACS421] closing resolved defects
From: Sudha Ponnaganti Sent: Tuesday, October 22, 2013 3:19 PM To: d...@cloudstack.apache.org Subject: [ACS421] closing resolved defects Hi All, Below are the defects fixed for 4.2.1. Can you please review the fix, validate it and see if the fix is what you are expecting?? Reporter Total Ahmad Emneina 1 Alena Prokharchyk 2 Alex Huang 1 angeline shen1 Chandan Purushothama 8 Daan Hoogland 1 Dave Cahill 1 Demetrius Tsitrelis 1 Donal Lafferty 1 Douglas Almquist 1 Francois Gaudreault 1 Harikrishna Patnala 1 Jayapal Reddy 2 Koushik Das2 manasaveloori 1 Marcus Sorensen 1 Milamber1 Min Chen4 Minying Bao 1 Naoki Sakamoto 1 Nitin Mehta4 Parth Jagirdar3 Paul Angus 1 Prachi Damle 1 prashant kumar mishra 3 Rayees Namathponnan4 sadhu suresh 1 Sailaja Mada 1 Saksham Srivastava 1 Sangeetha Hariharan 2 Sanjay Tripathi 1 Sanjeev N 1 Sateesh Chodapuneedi 1 Sheng Yang 4 shweta agarwal1 Sowmya Krishnan1 Sudha Ponnaganti 1 Valery Ciareszka 1 venkata swamybabu budumuru 2 Wei Zhou 1 Grand Total68 Thanks /sudha
RE: Network Setup Problem 4.1.1
Hi Marty, No I don't own a range of public ip's and I am jus looking for a simple setup at this moment. I changed the ip's as you suggested. Management: Em1: publicip Em2: 10.10.0.1, netmas:255.255.255.0 Agent:(host) And I assume by agent you mean the physical host (Compute Node) : Em1: 10.10.0.2, netmask: 255.255.255.0, gateway=10.10.0.1, dns=10.10.0.1 And I also changed the switch ip to 10.10.0.254 * I can ping my host from mgmt and vice versa. Host OS has internet. * I cannot ping any ip's of SSVM or Console VM from Mgmt server. * I can ping the link local ip (169.*.*.*) of SSVM from the host, but not the other 10.10.*.* ip's * I still get the same No Secondary Storage VM Error This was the case in the previous configuration as well. And please note that I have not created any vlan's or bridges on host or switch or management server. So is there anything I should do on switch (Dell 6248) and should I create any vlan's on host (which I already mentioned in my previous post)? Thank you. Regards, Vairavan M. -Original Message- From: Marty Sweet [mailto:msweet@gmail.com] Sent: Tuesday, October 22, 2013 1:14 PM To: users@cloudstack.apache.org Subject: Re: Network Setup Problem 4.1.1 Hi Vairavan, The main highlight here is that you are using 20.xxx.xxx.xxx as your private network, this is not compliant with RFC1918 and would cause connectivity issues to public address in this subnet. Do you own a range of public IP address you wish to allocate to VMs? If so, this will effect the way you setup your Cloudstack Networking. If not, and you are looking for a simple setup, I would recommend the following: Management: eth0: your.public.ip.addr eth1: 10.10.0.1/24 (Private Interface) Agent: eth0: 10.10.0.2/24 If you wish to stick to your current setup (which I would advise against), can your agent ping your 20.1.1.1? Marty On Tue, Oct 22, 2013 at 7:28 PM, Murugappan, Vairavan vmurugap...@miners.utep.edu wrote: Hi, I am trying to setup a basic cloudstack 4.1.1 installation (test setup) with 1 Management (mgmt) server (centos 6.4), 1 host machine(cents 6.4) and 1 dell6248 switch Mgmt has 2 NIC's * One connected to the internet * Another with local ip 20.1.1.1 (which acts a gateway) net mask 255.0.0.0 * I have added NAT rules to forward internet to rest of the network * And this runs a dns server * Also this hosts the Mysql and NFS (/export/primary, /export/secondary) * But No dhcp server * I followed the instructions in the document and the management server is running and I can access it through browser DELL6248 Switch * I assigned ip as 20.2.1.1 netmask 255.0.0.0 gateway 20.1.1.1 * No Vlan configured, left it at default config Host Machine has 1 NIC * It is connected to the Switch * I followed the steps in the document (installation for KVM) for creating bridges * I Assigned ip 20.1.1.2 to the vlan em1.100 [ Netmask 255.0.0.0 Gateway 20.1.1.1 ] (em is my eth) and no ip on em1, Amd configured 2 bridges as said. - But, With this setup the host machine cannot even ping the switch - and mgmt server. - I tried assigning the 192.*.*.* ip to em1.100 with the ip at virbr0(192.*.*.1) as gateway but same result cannot ping the switch or mgmt.. * So removed all vlan's and bridges and just set 20.1.1.2 to em1 [ Netmask 255.0.0.0 Gateway 20.1.1.1]. Now it works as expected and I can access the internet as well. Setup: * I proceeded with the basic installation * Pod - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.5 - 20.1.1.20 * Guest - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.30 - 20.1.1.200 * The Zone gets added successfully. No error on that. It creates cloubr0 bridge on host by itself and moves the ip from em1 to cloudbr0 and also starts the SSVM and Console VM on the host machine. But I get this There is no secondary storage VM for secondary storage host nfs:// 20.1.1.1/export/secondary On the management server log. SSVM Guest Machine * I can log into the SSVM from host using iplink local and I ran the SSVM test script, it seems it cannot connect to the gateway (20.1.1.1). * Following are the ip assigned to SSVM oPublic - 20.1.1.30 (eth2) , Private - 20.1.111 (eth1) , Link Local - 169.254.2.151 (eth0) , oAnd on eth3 20.1.1.20 (Not sure what this is for) Problems: * SSVM cannot access switch or gateway server (mgmt,nfs,mysql) or internet * And I cannot add any iso's or the cannot see the system default iso on the add instance screen. So there's something wrong in my network configuration over here but I couldn't figure out what it is. So any help on this would be much appreciated. Regards, Vairavan
Re: Error building Cloudstack 4.2 RPMs
On Tue, Oct 8, 2013 at 9:51 PM, Jamie Carranza gojamieg...@gmail.com wrote: Hi All, I'm trying to build Cloudstack 4.2 RPMs and keep running up against the same error, this looks like the most important part: Failed tests: appendTest(org.apache.cloudstack.alert.snmp.SnmpTrapAppenderTest): error snmpHelper list size not as expected expected:0 but was:2 So I joined this list just to report the answer to your question Jamie. I found the solution after digging into the code. Essentially you need to configure your host to pass the hostname --fqdn test before the SnmpAppenderTest class will pass the junit test. I simply added my hostname to /etc/hosts and was able to build successfully. Just wanted to share so if anyone else caring to build from source ran into this issue, that they would know what to do. FYI, this was on Centos 6.4 64-bit with Cloudstack 4.2. Sincerely, Z
Re: Downloading templates loop
David - I don¹t think it should be a problem. The reference is the other
way around.
Also mark the vm_template table entry as removed. Try this for one of them
and see.
On 22/10/13 1:22 PM, David Comerford davest...@gmail.com wrote:
They aren't present in the UI.
Would deleting them from template_store_ref not cause a problem as they
are
referenced by template_host_ref and vm_template?
Best regards,
David Comerford
Tel: +353 87 1238295
Email: davest...@gmail.com
Website: http://dave.ie
GPG key: http://gpg.dave.ie
On 22 October 2013 17:42, Nitin Mehta nitin.me...@citrix.com wrote:
If there is an option available in the UI to delete them then do that.
Else you can remove the entry from template_store_ref, I think that
should
do
On 22/10/13 8:20 AM, David Comerford davest...@gmail.com wrote:
Hi,
I've noticed my logs are filled with what looks like attempts to
re-download old failed template downloads. The jobID's from the logs
can
be
seen in the template_host_ref table.
I'm wondering why the jobs haven't timed out or otherwise given up.
And If
they are going on go on forever then how do I stop/remove them.
Thanks
=== Extract from management-server.log ===
2013-10-21 16:46:55,202 DEBUG [agent.transport.Request] (Timer-13:null)
Seq
67-1910165348: Sending { Cmd , MgmtId: 345051854263, via: 67, Ver: v1,
Flags: 100011,
[{storage.DownloadProgressCommand:{jobId:25d111cf-767d-40f2-9d3f-e9
21
b8d00638,request:GET_STATUS,hvm:true,description:RHEL
Server 6.3 32
Bit,checksum:edd93cda6935bcf04c3381446764eb26,maxDownloadSizeInByt
es
:53687091200,id:233,resourceType:TEMPLATE,url:
http://bignas01/rhel-server-6.3-i386-dvd.iso
,format:ISO,accountId:2
,name:233-2-03f4e933-fc90-3056-8ccd-78b4a1b27dfb,secUrl:nfs://oth
er
nas/export/sec2,wait:0}}]
}
2013-10-21 16:46:55,254 DEBUG [agent.transport.Request]
(AgentManager-Handler-2:null) Seq 67-1910165348: Processing: { Ans: ,
MgmtId: 345051854263, via: 67, Ver: v1, Flags: 10,
[{storage.DownloadAnswer:{jobId:25d111cf-767d-40f2-9d3f-e921b8d0063
8
,downloadPct:0,errorString:No
route to
host,downloadStatus:NOT_DOWNLOADED,downloadPath:/mnt/SecStorage/
92
19e7b2-1e8a-3b9c-bfba-fa05ffc80290/template/tmpl/2/233/dnld1954968885437
89
6633tmp_,templateSize:0,templatePhySicalSize:0,checkSum:edd93cda
69
35bcf04c3381446764eb26,result:false,details:No
route to host,wait:0}}] }
=== Example JobID from database
mysql select * from template_host_ref where job_id =
'25d111cf-767d-40f2-9d3f-e921b8d00638' \G
*** 1. row ***
id: 385
host_id: 55
template_id: 233
created: 2012-10-29 23:09:28
last_updated: 2013-10-21 15:54:55
job_id: 25d111cf-767d-40f2-9d3f-e921b8d00638
download_pct: 0
size: 0
physical_size: 0
download_state: NOT_DOWNLOADED
error_str: No route to host
local_path:
/mnt/SecStorage/9219e7b2-1e8a-3b9c-bfba-fa05ffc80290/template/tmpl/2/233
/d
nld1954968885437896633tmp_
install_path: NULL
url: http://bignas01/rhel-server-6.3-i386-dvd.iso
destroyed: 0
is_copy: 0
1 row in set (0.00 sec)
Cheers!
Best regards,
David Comerford
Tel: +353 87 1238295
Email: davest...@gmail.com
Website: http://dave.ie
GPG key: http://gpg.dave.ie
RE: ACS 4.2 Error adding S3/Ceph secondary storage
That means one of the zones in your setup may be having NFS as the secondary storage provider. Make sure that none of the zones use NFS for secondary storage if you want to use S3 . -Original Message- From: Andrei Mikhailovsky [mailto:and...@arhont.com] Sent: Tuesday, October 22, 2013 7:43 PM To: users@cloudstack.apache.org Subject: ACS 4.2 Error adding S3/Ceph secondary storage Hello guys, I am trying to add a new secondary storage provided by Ceph's S3 radosgw, which i've configured and tested. Right after adding it via the GUI I have the following message/error: You can only add new image stores from the same provider NFS already added Does anyone know what this message means? I am a bit confused here as I am not adding the NFS secondary storage, but instead adding the S3 storage. Cheers Andrei
