cs4.2+xen6.1 初始化后系统VM启动不了
2014-04-04 00:10:36,740 DEBUG [cloud.server.StatsCollector]
(StatsCollector-3:null) StorageCollector is running...
2014-04-04 00:10:36,748 DEBUG [cloud.server.StatsCollector]
(StatsCollector-3:null) There is no secondary storage VM for secondary
storage host nfs://10.20.6.40/media
2014-04-04 00:10:36,760 DEBUG [agent.manager.DirectAgentAttache]
(DirectAgent-246:null) Seq 1-766642356: Executing request
2014-04-04 00:10:37,227 DEBUG [agent.manager.DirectAgentAttache]
(DirectAgent-246:null) Seq 1-766642356: Response Received:
2014-04-04 00:10:37,228 DEBUG [agent.transport.Request]
(StatsCollector-3:null) Seq 1-766642356: Received: { Ans: , MgmtId:
81397048490778, via: 1, Ver: v1, Flags: 10, { GetStorageStatsAnswer } }
2014-04-04 00:10:42,973 DEBUG
[storage.secondary.SecondaryStorageManagerImpl] (secstorage-1:null) Zone 1
is ready to launch secondary storage VM
2014-04-04 00:10:42,979 INFO
[cloud.secstorage.PremiumSecondaryStorageManagerImpl] (secstorage-1:null)
No running secondary storage vms found in datacenter id=1, starting one
2014-04-04 00:10:42,989 INFO
[storage.secondary.SecondaryStorageManagerImpl] (secstorage-1:null) Found
a stopped secondary storage vm, bring it up to running pool. secStorageVm
vm id : 381
2014-04-04 00:10:43,001 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:null) VM state transitted from :Stopped to Starting with
event: StartRequestedvm's original host id: null new host id: null host id
before state transition: null
2014-04-04 00:10:43,001 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(secstorage-1:null) Successfully transitioned to start state for
VM[SecondaryStorageVm|s-381-VM] reservation id =
e5d7afe9-4a55-4e3f-95b5-9412e38e8012
2014-04-04 00:10:43,028 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(secstorage-1:null) Trying to deploy VM, vm has dcId: 1 and podId: 1
2014-04-04 00:10:43,028 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(secstorage-1:null) Deploy avoids pods: null, clusters: null, hosts: null
2014-04-04 00:10:43,032 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) DeploymentPlanner allocation algorithm: random
2014-04-04 00:10:43,032 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Trying to allocate a host and storage pools from dc:1,
pod:1,cluster:null, requested cpu: 500, requested ram: 268435456
2014-04-04 00:10:43,032 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Is ROOT volume READY (pool already allocated)?: No
2014-04-04 00:10:43,032 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Searching resources only under specified Pod: 1
2014-04-04 00:10:43,035 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Listing clusters in order of aggregate capacity, that
have (atleast one host with) enough CPU and RAM capacity under this Pod: 1
2014-04-04 00:10:43,037 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) CPUOverprovisioningFactor considered: 1.0
2014-04-04 00:10:43,050 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Checking resources in Cluster: 1 under Pod: 1
2014-04-04 00:10:43,050 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Looking for hosts in dc: 1 pod:1
cluster:1
2014-04-04 00:10:43,051 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) FirstFitAllocator has 1 hosts to
check for allocation: [Host[-1-Routing]]
2014-04-04 00:10:43,054 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Found 1 hosts for allocation after
prioritization: [Host[-1-Routing]]
2014-04-04 00:10:43,054 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Looking for speed=500Mhz, Ram=256
2014-04-04 00:10:43,057 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Checking if host: 1 has enough
capacity for requested CPU: 500 and requested RAM: 268435456 ,
cpuOverprovisioningFactor: 1.0
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Hosts's actual total CPU: 17552 and
CPU after applying overprovisioning: 17552
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Free CPU: 17552 , Requested CPU: 500
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Free RAM: 32844938112 , Requested
RAM: 268435456
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Host has enough CPU and RAM
available
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) STATS: Can alloc CPU from host: 1,
used: 0, reserved: 0, actual total: 17552, total with overprovisioning:
17552; requested cpu:500,alloc_from_last_host?:false
,considerReservedCapacity?: true
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) STATS: Can alloc MEM from host: 1,
used: 0, reserved: 0,
Re: 求助,无法创建虚拟机了
你的系统VM的状态正常吗?另外计算节点的状态是up吗?
2014-04-03 19:25 GMT+08:00 cui6522123 cui6522...@gmail.com:
新创建虚拟机报错,生产环境,求大神协助解决,报错如下:
---
2014-04-03 19:22:09,696 DEBUG
[network.router.VirtualNetworkApplianceManagerImpl] (Job-Executor-19:job-452
= [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Lock is acquired for network id
204 as a part of router startup in
Dest[Zone(Id)-Pod(Id)-Cluster(Id)-Host(Id)-Storage(Volume(Id|Type--Pool(Id))]
: Dest[Zone(1)-Pod(1)-Cluster(1)-Host(1)-Storage(Volume(151|ROOT--Pool(1))]
2014-04-03 19:22:09,701 DEBUG
[network.router.VirtualNetworkApplianceManagerImpl] (Job-Executor-19:job-452
= [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Lock is released for network id
204 as a part of router startup in
Dest[Zone(Id)-Pod(Id)-Cluster(Id)-Host(Id)-Storage(Volume(Id|Type--Pool(Id))]
: Dest[Zone(1)-Pod(1)-Cluster(1)-Host(1)-Storage(Volume(151|ROOT--Pool(1))]
2014-04-03 19:22:09,713 DEBUG [cloud.network.NetworkModelImpl]
(Job-Executor-19:job-452 = [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Service
SecurityGroup is not supported in the network id=204
2014-04-03 19:22:09,732 DEBUG [cloud.network.NetworkModelImpl]
(Job-Executor-19:job-452 = [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Service
SecurityGroup is not supported in the network id=204
2014-04-03 19:22:09,737 DEBUG
[network.router.VirtualNetworkApplianceManagerImpl] (Job-Executor-19:job-452
= [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Applying dhcp entry in network
Ntwk[204|Guest|15]
2014-04-03 19:22:09,769 DEBUG [agent.transport.Request]
(Job-Executor-19:job-452 = [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Seq
1-947650693: Sending { Cmd , MgmtId: 264018885718825, via: 1, Ver: v1, Flags:
100111,
[{com.cloud.agent.api.routing.DhcpEntryCommand:{vmMac:02:00:5d:f6:00:59,vmIpAddress:10.10.30.168,vmName:jcui02,defaultRouter:10.10.30.1,defaultDns:10.10.30.1,duid:00:03:00:01:02:00:5d:f6:00:59,isDefault:true,executeInSequence:true,accessDetails:{router.guest.ip:10.10.30.1,zone.network.type:Advanced,router.name:r-4-VM,router.ip:169.254.1.159},wait:0}}]
}
2014-04-03 19:22:09,769 DEBUG [agent.transport.Request]
(Job-Executor-19:job-452 = [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Seq
1-947650693: Executing: { Cmd , MgmtId: 264018885718825, via: 1, Ver: v1,
Flags: 100111,
[{com.cloud.agent.api.routing.DhcpEntryCommand:{vmMac:02:00:5d:f6:00:59,vmIpAddress:10.10.30.168,vmName:jcui02,defaultRouter:10.10.30.1,defaultDns:10.10.30.1,duid:00:03:00:01:02:00:5d:f6:00:59,isDefault:true,executeInSequence:true,accessDetails:{router.guest.ip:10.10.30.1,zone.network.type:Advanced,router.name:r-4-VM,router.ip:169.254.1.159},wait:0}}]
}
2014-04-03 19:22:09,770 DEBUG [agent.manager.DirectAgentAttache]
(DirectAgent-26:null) Seq 1-947650693: Executing request
2014-04-03 19:22:10,715 DEBUG [agent.manager.DirectAgentAttache]
(DirectAgent-26:null) Seq 1-947650693: Response Received:
2014-04-03 19:22:10,715 DEBUG [agent.transport.Request] (DirectAgent-26:null)
Seq 1-947650693: Processing: { Ans: , MgmtId: 264018885718825, via: 1, Ver:
v1, Flags: 110, [{com.cloud.agent.api.Answer:{result:true,wait:0}}] }
2014-04-03 19:22:10,715 DEBUG [agent.manager.AgentAttache]
(DirectAgent-26:null) Seq 1-947650693: No more commands found
2014-04-03 19:22:10,715 DEBUG [agent.transport.Request]
(Job-Executor-19:job-452 = [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Seq
1-947650693: Received: { Ans: , MgmtId: 264018885718825, via: 1, Ver: v1,
Flags: 110, { Answer } }
2014-04-03 19:22:10,729 DEBUG [cloud.network.NetworkModelImpl]
(Job-Executor-19:job-452 = [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Service
SecurityGroup is not supported in the network id=204
2014-04-03 19:22:10,734 DEBUG
[network.router.VirtualNetworkApplianceManagerImpl] (Job-Executor-19:job-452
= [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Applying userdata and password
entry in network Ntwk[204|Guest|15]
2014-04-03 19:22:10,763 DEBUG [agent.transport.Request]
(Job-Executor-19:job-452 = [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Seq
1-947650694: Sending { Cmd , MgmtId: 264018885718825, via: 1, Ver: v1, Flags:
100111,
[{com.cloud.agent.api.routing.SavePasswordCommand:{password:fnirq_cnffjbeq,vmIpAddress:10.10.30.168,vmName:jcui02,executeInSequence:true,accessDetails:{router.guest.ip:10.10.30.1,zone.network.type:Advanced,router.ip:169.254.1.159,router.name:r-4-VM},wait:0}},{com.cloud.agent.api.routing.VmDataCommand:{vmIpAddress:10.10.30.168,vmName:jcui02,executeInSequence:true,accessDetails:{router.guest.ip:10.10.30.1,zone.network.type:Advanced,router.ip:169.254.1.159,router.name:r-4-VM},wait:0}}]
}
2014-04-03 19:22:10,764 DEBUG [agent.transport.Request]
(Job-Executor-19:job-452 = [ 0fbf7edc-00f9-486a-855f-4674a264e323 ]) Seq
1-947650694: Executing: { Cmd , MgmtId: 264018885718825, via: 1, Ver: v1,
Flags: 100111,
Re: cs4.2+xen6.1 初始化后系统VM启动不了
There is no secondary storage VM for secondary
storage host nfs://10.20.6.40/media
你检查下NFS存储能否正常挂载,另外你初始化安装了模板之后需要先卸载掉挂载的二级存储的目录,然后再执行初始化
2014-04-04 14:25 GMT+08:00 张秉南 zbnyouj...@gmail.com:
2014-04-04 00:10:36,740 DEBUG [cloud.server.StatsCollector]
(StatsCollector-3:null) StorageCollector is running...
2014-04-04 00:10:36,748 DEBUG [cloud.server.StatsCollector]
(StatsCollector-3:null) There is no secondary storage VM for secondary
storage host nfs://10.20.6.40/media
2014-04-04 00:10:36,760 DEBUG [agent.manager.DirectAgentAttache]
(DirectAgent-246:null) Seq 1-766642356: Executing request
2014-04-04 00:10:37,227 DEBUG [agent.manager.DirectAgentAttache]
(DirectAgent-246:null) Seq 1-766642356: Response Received:
2014-04-04 00:10:37,228 DEBUG [agent.transport.Request]
(StatsCollector-3:null) Seq 1-766642356: Received: { Ans: , MgmtId:
81397048490778, via: 1, Ver: v1, Flags: 10, { GetStorageStatsAnswer } }
2014-04-04 00:10:42,973 DEBUG
[storage.secondary.SecondaryStorageManagerImpl] (secstorage-1:null) Zone 1
is ready to launch secondary storage VM
2014-04-04 00:10:42,979 INFO
[cloud.secstorage.PremiumSecondaryStorageManagerImpl] (secstorage-1:null)
No running secondary storage vms found in datacenter id=1, starting one
2014-04-04 00:10:42,989 INFO
[storage.secondary.SecondaryStorageManagerImpl] (secstorage-1:null) Found
a stopped secondary storage vm, bring it up to running pool. secStorageVm
vm id : 381
2014-04-04 00:10:43,001 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:null) VM state transitted from :Stopped to Starting with
event: StartRequestedvm's original host id: null new host id: null host id
before state transition: null
2014-04-04 00:10:43,001 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(secstorage-1:null) Successfully transitioned to start state for
VM[SecondaryStorageVm|s-381-VM] reservation id =
e5d7afe9-4a55-4e3f-95b5-9412e38e8012
2014-04-04 00:10:43,028 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(secstorage-1:null) Trying to deploy VM, vm has dcId: 1 and podId: 1
2014-04-04 00:10:43,028 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(secstorage-1:null) Deploy avoids pods: null, clusters: null, hosts: null
2014-04-04 00:10:43,032 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) DeploymentPlanner allocation algorithm: random
2014-04-04 00:10:43,032 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Trying to allocate a host and storage pools from dc:1,
pod:1,cluster:null, requested cpu: 500, requested ram: 268435456
2014-04-04 00:10:43,032 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Is ROOT volume READY (pool already allocated)?: No
2014-04-04 00:10:43,032 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Searching resources only under specified Pod: 1
2014-04-04 00:10:43,035 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Listing clusters in order of aggregate capacity, that
have (atleast one host with) enough CPU and RAM capacity under this Pod: 1
2014-04-04 00:10:43,037 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) CPUOverprovisioningFactor considered: 1.0
2014-04-04 00:10:43,050 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Checking resources in Cluster: 1 under Pod: 1
2014-04-04 00:10:43,050 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Looking for hosts in dc: 1 pod:1
cluster:1
2014-04-04 00:10:43,051 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) FirstFitAllocator has 1 hosts to
check for allocation: [Host[-1-Routing]]
2014-04-04 00:10:43,054 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Found 1 hosts for allocation after
prioritization: [Host[-1-Routing]]
2014-04-04 00:10:43,054 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Looking for speed=500Mhz, Ram=256
2014-04-04 00:10:43,057 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Checking if host: 1 has enough
capacity for requested CPU: 500 and requested RAM: 268435456 ,
cpuOverprovisioningFactor: 1.0
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Hosts's actual total CPU: 17552 and
CPU after applying overprovisioning: 17552
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Free CPU: 17552 , Requested CPU: 500
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Free RAM: 32844938112 , Requested
RAM: 268435456
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Host has enough CPU and RAM
available
2014-04-04 00:10:43,060 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) STATS: Can alloc CPU from host: 1,
used: 0, reserved: 0, actual total: 17552, total
Re: 有大牛使用glusterfs做主存储吗,我的报错。
你确认下NFS能否使用? 然后确认下glusterfs有没有报错信息 在 2014年4月4日 上午11:27,虚无缥缈 83675...@qq.com 写道: mount -t glusterfs到本地目录,然后主存储使用SharedMountPoint,结果是添加状态是up,但是,后台报错Primary secondary storage is not even started, wait until next turn。 使用glusterfs的标准nfs协议挂载,当成nfs使用没有任何问题。 -- 白清杰 (Born Bai) 北京开源愿景信息技术有限公司 Mail: linux...@gmail.com
AW: VPC question
Does the internal loadbalancer takes care if one of my webservers fail? Am I able to configure health checks without external hardware? Thanks, Ingo -Ursprüngliche Nachricht- Von: Xerex Bueno [mailto:xbu...@lpsintegration.com] Gesendet: Freitag, 4. April 2014 01:22 An: users@cloudstack.apache.org Betreff: Re: VPC question So the default load balancing happens on the vRouter by using HAPROXY. You can configure load balancing rules to VMs but you cannot select the LB specifically. If you have en external LB you want to use, you must create another network offering specifying the external load balancer. On 4/3/14, 4:41 PM, Jochim, Ingo ingo.joc...@bautzen-it.de wrote: Hi folks, how does forwarding from the router to the LB of the tier works? On the router's IP there is a port forwarding config. But there I can select the VMs only and not the LB. I also cannot select the tier in CS version 4.2 Any help is appreciated. Thanks, Ingo -- This email was Virus checked by Astaro Security Gateway. http://www.astaro.com This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail) -- This email was Virus checked by Astaro Security Gateway. http://www.astaro.com
RE: firewall accept all
Never having done it, where do I file the bug report? From: jayapalreddy.ur...@citrix.com To: users@cloudstack.apache.org Subject: Re: firewall accept all Date: Fri, 4 Apr 2014 06:13:59 + This will be UI bug then. If API says the source cidr is optional, then same should be in UI as well. Michael can you please file UI bug this. Thanks, Jayapal On 04-Apr-2014, at 2:49 AM, Michael Phillips mphilli7...@hotmail.com wrote: That did itthanks for the info! From: xbu...@lpsintegration.com To: users@cloudstack.apache.org Subject: Re: firewall accept all Date: Thu, 3 Apr 2014 21:04:39 + Enter 0.0.0.0/0 On 4/3/14, 3:51 PM, Michael Phillips mphilli7...@hotmail.com wrote: According to the docs it says you can leave the source cidr blank to accept all. However when I attempt to leave the source CIDR field blank it says it's required. How do you accept all incoming CIDR's? This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail)
Re: Service Offering Maximum Limit
Don't see a reason why there should be. Are you hitting a limit? On Thu, Apr 3, 2014 at 3:01 AM, Michael Phillips mphilli7...@hotmail.com wrote: Does anyone know if there is a maximum amount of service offerings that can be created? -- Daan
RE: Service Offering Maximum Limit
I know of an installation with over 2000 (a little extreme I know) so unless you are going significantly higher than this you should not be hitting any limits Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Daan Hoogland [mailto:daan.hoogl...@gmail.com] Sent: 04 April 2014 10:08 To: users@cloudstack.apache.org Subject: Re: Service Offering Maximum Limit Don't see a reason why there should be. Are you hitting a limit? On Thu, Apr 3, 2014 at 3:01 AM, Michael Phillips mphilli7...@hotmail.com wrote: Does anyone know if there is a maximum amount of service offerings that can be created? -- Daan Need Enterprise Grade Support for Apache CloudStack? Our CloudStack Infrastructure Supporthttp://shapeblue.com/cloudstack-infrastructure-support/ offers the best 24/7 SLA for CloudStack Environments. Apache CloudStack Bootcamp training courses **NEW!** CloudStack 4.2.1 traininghttp://shapeblue.com/cloudstack-training/ 18th-19th February 2014, Brazil. Classroomhttp://shapeblue.com/cloudstack-training/ 17th-23rd March 2014, Region A. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ 24th-28th March 2014, Region B. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ 16th-20th June 2014, Region A. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ 23rd-27th June 2014, Region B. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: AW: VPC question
Yes, it will do health checks without an external LB. In the event one of the servers is unavailable it will stop sending requests to it. You are able to configure health checks once you create the LB policy. On Apr 4, 2014, at 1:04 AM, Jochim, Ingo ingo.joc...@bautzen-it.de wrote: Does the internal loadbalancer takes care if one of my webservers fail? Am I able to configure health checks without external hardware? Thanks, Ingo -Ursprüngliche Nachricht- Von: Xerex Bueno [mailto:xbu...@lpsintegration.com] Gesendet: Freitag, 4. April 2014 01:22 An: users@cloudstack.apache.org Betreff: Re: VPC question So the default load balancing happens on the vRouter by using HAPROXY. You can configure load balancing rules to VMs but you cannot select the LB specifically. If you have en external LB you want to use, you must create another network offering specifying the external load balancer. On 4/3/14, 4:41 PM, Jochim, Ingo ingo.joc...@bautzen-it.de wrote: Hi folks, how does forwarding from the router to the LB of the tier works? On the router's IP there is a port forwarding config. But there I can select the VMs only and not the LB. I also cannot select the tier in CS version 4.2 Any help is appreciated. Thanks, Ingo -- This email was Virus checked by Astaro Security Gateway. http://www.astaro.com This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail) -- This email was Virus checked by Astaro Security Gateway. http://www.astaro.com
AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directoryCN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAPsn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Interesting, they look OK. Can you change ldap.user.object to have the value user then restart the management server and check if things are back working as expected. Thanks, Ian On 4 April 2014 11:11, Antonio Packery antonio.pack...@t-systems.co.za wrote: Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directoryCN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAPsn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Hi Ian, Change ldap.user.object to user but still no change. Busy sniffing the ldap server connection for any errors. Are there any logs in cloudstack that records the ldap activity? Regards Antonio On 04/04/2014 12:14 PM, Ian Duffy wrote: Interesting, they look OK. Can you change ldap.user.object to have the value user then restart the management server and check if things are back working as expected. Thanks, Ian On 4 April 2014 11:11, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directoryCN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAPsn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
CCing Rajani on this to see if she has any ideas. If you haven't done so already can you try remove/re-add the LDAP server via the UI. Are there any logs in cloudstack that records the ldap activity? On failed adding of a LDAP server you will get a message back saying so and the server will not add. On authentication failure of an ldap user it will appear in the cloudstack logs. On 4 April 2014 11:47, Antonio Packery antonio.pack...@t-systems.co.za wrote: Hi Ian, Change ldap.user.object to user but still no change. Busy sniffing the ldap server connection for any errors. Are there any logs in cloudstack that records the ldap activity? Regards Antonio On 04/04/2014 12:14 PM, Ian Duffy wrote: Interesting, they look OK. Can you change ldap.user.object to have the value user then restart the management server and check if things are back working as expected. Thanks, Ian On 4 April 2014 11:11, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directoryCN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAPsn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged
AW: AW: VPC question
Many thanks Xerex. I was wondering why I could not configure the health checks on creating the LB rules. I had to create the rule first and then configure the health check. Regards, Ingo -Ursprüngliche Nachricht- Von: Xerex Bueno [mailto:xbu...@lpsintegration.com] Gesendet: Freitag, 4. April 2014 11:22 An: users@cloudstack.apache.org Betreff: Re: AW: VPC question Yes, it will do health checks without an external LB. In the event one of the servers is unavailable it will stop sending requests to it. You are able to configure health checks once you create the LB policy. On Apr 4, 2014, at 1:04 AM, Jochim, Ingo ingo.joc...@bautzen-it.de wrote: Does the internal loadbalancer takes care if one of my webservers fail? Am I able to configure health checks without external hardware? Thanks, Ingo -Ursprüngliche Nachricht- Von: Xerex Bueno [mailto:xbu...@lpsintegration.com] Gesendet: Freitag, 4. April 2014 01:22 An: users@cloudstack.apache.org Betreff: Re: VPC question So the default load balancing happens on the vRouter by using HAPROXY. You can configure load balancing rules to VMs but you cannot select the LB specifically. If you have en external LB you want to use, you must create another network offering specifying the external load balancer. On 4/3/14, 4:41 PM, Jochim, Ingo ingo.joc...@bautzen-it.de wrote: Hi folks, how does forwarding from the router to the LB of the tier works? On the router's IP there is a port forwarding config. But there I can select the VMs only and not the LB. I also cannot select the tier in CS version 4.2 Any help is appreciated. Thanks, Ingo -- This email was Virus checked by Astaro Security Gateway. http://www.astaro.com This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail) -- This email was Virus checked by Astaro Security Gateway. http://www.astaro.com
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
I have removed and re-added the ldap server previously. I can see the log entries for the tasks you mentioned below in the catalina.out log but nothing when trying to import a new ldap user. Busy doing default ldapsearch tests against the AD ldap to confirm this works. On 04/04/2014 12:53 PM, Ian Duffy wrote: CCing Rajani on this to see if she has any ideas. If you haven't done so already can you try remove/re-add the LDAP server via the UI. Are there any logs in cloudstack that records the ldap activity? On failed adding of a LDAP server you will get a message back saying so and the server will not add. On authentication failure of an ldap user it will appear in the cloudstack logs. On 4 April 2014 11:47, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Change ldap.user.object to user but still no change. Busy sniffing the ldap server connection for any errors. Are there any logs in cloudstack that records the ldap activity? Regards Antonio On 04/04/2014 12:14 PM, Ian Duffy wrote: Interesting, they look OK. Can you change ldap.user.object to have the value user then restart the management server and check if things are back working as expected. Thanks, Ian On 4 April 2014 11:11, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directoryCN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAPsn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Just to confirm, is both authentication and import not working or just import? If just import does the assigned bind user have the correct rights to query the specified dc? On 4 April 2014 12:04, Antonio Packery antonio.pack...@t-systems.co.za wrote: I have removed and re-added the ldap server previously. I can see the log entries for the tasks you mentioned below in the catalina.out log but nothing when trying to import a new ldap user. Busy doing default ldapsearch tests against the AD ldap to confirm this works. On 04/04/2014 12:53 PM, Ian Duffy wrote: CCing Rajani on this to see if she has any ideas. If you haven't done so already can you try remove/re-add the LDAP server via the UI. Are there any logs in cloudstack that records the ldap activity? On failed adding of a LDAP server you will get a message back saying so and the server will not add. On authentication failure of an ldap user it will appear in the cloudstack logs. On 4 April 2014 11:47, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Change ldap.user.object to user but still no change. Busy sniffing the ldap server connection for any errors. Are there any logs in cloudstack that records the ldap activity? Regards Antonio On 04/04/2014 12:14 PM, Ian Duffy wrote: Interesting, they look OK. Can you change ldap.user.object to have the value user then restart the management server and check if things are back working as expected. Thanks, Ian On 4 April 2014 11:11, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directory CN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAP sn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility Disclaimer: This
RE: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Can you post the logs ,we used to log ldap transactions in management log. Are you hitting any nullpointer exception. Make sure active directory user has defined email address in AD. Regards Sadhu -Original Message- From: Ian Duffy [mailto:i...@ianduffy.ie] Sent: 04 April 2014 16:24 To: users@cloudstack.apache.org Cc: Rajani Karuturi Subject: Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade CCing Rajani on this to see if she has any ideas. If you haven't done so already can you try remove/re-add the LDAP server via the UI. Are there any logs in cloudstack that records the ldap activity? On failed adding of a LDAP server you will get a message back saying so and the server will not add. On authentication failure of an ldap user it will appear in the cloudstack logs. On 4 April 2014 11:47, Antonio Packery antonio.pack...@t-systems.co.za wrote: Hi Ian, Change ldap.user.object to user but still no change. Busy sniffing the ldap server connection for any errors. Are there any logs in cloudstack that records the ldap activity? Regards Antonio On 04/04/2014 12:14 PM, Ian Duffy wrote: Interesting, they look OK. Can you change ldap.user.object to have the value user then restart the management server and check if things are back working as expected. Thanks, Ian On 4 April 2014 11:11, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directoryCN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAPsn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. T-Systems - Business Flexibility Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Both user ldap authentication and import is not working. The service account used does have the necessary privileges to query the AD DC. No change to the AD account since i configured LDAP in CS 4.2.1 and until yesterday when i upgraded to CS 4.3, all was still working. On 04/04/2014 01:07 PM, Ian Duffy wrote: Just to confirm, is both authentication and import not working or just import? If just import does the assigned bind user have the correct rights to query the specified dc? On 4 April 2014 12:04, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: I have removed and re-added the ldap server previously. I can see the log entries for the tasks you mentioned below in the catalina.out log but nothing when trying to import a new ldap user. Busy doing default ldapsearch tests against the AD ldap to confirm this works. On 04/04/2014 12:53 PM, Ian Duffy wrote: CCing Rajani on this to see if she has any ideas. If you haven't done so already can you try remove/re-add the LDAP server via the UI. Are there any logs in cloudstack that records the ldap activity? On failed adding of a LDAP server you will get a message back saying so and the server will not add. On authentication failure of an ldap user it will appear in the cloudstack logs. On 4 April 2014 11:47, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Change ldap.user.object to user but still no change. Busy sniffing the ldap server connection for any errors. Are there any logs in cloudstack that records the ldap activity? Regards Antonio On 04/04/2014 12:14 PM, Ian Duffy wrote: Interesting, they look OK. Can you change ldap.user.object to have the value user then restart the management server and check if things are back working as expected. Thanks, Ian On 4 April 2014 11:11, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directory CN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAP sn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such
Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade
Hi Antonio, Can you review your ldap.bind.principle value, judging from your logs its just OMCORE. This should be in the form cn=username,dc=za,dc=omlac,dc=net or whatever the exact path to your bind user is. On 4 April 2014 12:41, Antonio Packery antonio.pack...@t-systems.co.za wrote: No nullpointer exceptions that i can see. management-server.log extract with all lines containing the word ldap attached. On 04/04/2014 01:12 PM, Suresh Sadhu wrote: Can you post the logs ,we used to log ldap transactions in management log. Are you hitting any nullpointer exception. Make sure active directory user has defined email address in AD. Regards Sadhu -Original Message- From: Ian Duffy [mailto:i...@ianduffy.ie] Sent: 04 April 2014 16:24 To: users@cloudstack.apache.org Cc: Rajani Karuturi Subject: Re: AD LDAP authentication failing post CS 4.2.1 to CS 4.3 upgrade CCing Rajani on this to see if she has any ideas. If you haven't done so already can you try remove/re-add the LDAP server via the UI. Are there any logs in cloudstack that records the ldap activity? On failed adding of a LDAP server you will get a message back saying so and the server will not add. On authentication failure of an ldap user it will appear in the cloudstack logs. On 4 April 2014 11:47, Antonio Packery antonio.pack...@t-systems.co.za wrote: Hi Ian, Change ldap.user.object to user but still no change. Busy sniffing the ldap server connection for any errors. Are there any logs in cloudstack that records the ldap activity? Regards Antonio On 04/04/2014 12:14 PM, Ian Duffy wrote: Interesting, they look OK. Can you change ldap.user.object to have the value user then restart the management server and check if things are back working as expected. Thanks, Ian On 4 April 2014 11:11, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi Ian, Here they are, ldap server via port 389 is being used. ldap.basednThe search base defines the starting point for the search in the directory tree Example: dc=cloud,dc=com.dc=dc=,dc=... ldap.bind.principalSpecify the distinguished name of a user with the search permission on the directory CN=...,OU=...,DC=,DC=.,DC=. ldap.email.attributeSets the email attribute used within LDAPmail ldap.firstname.attributeSets the firstname attribute used within LDAP givenname ldap.group.objectSets the object type of groups within LDAP groupOfUniqueNames ldap.group.user.uniquememberSets the attribute for uniquemembers within a groupuniquemember ldap.lastname.attributeSets the lastname attribute used within LDAP sn ldap.search.group.principleSets the principle of the group that users must be a member of ldap.truststoreEnter the path to trusted keystore ldap.truststore.passwordEnter the password for trusted keystore ldap.user.object = inetOrgPerson ldap.username.attribute = sAMAccountName Regards Antonio On 04/04/2014 11:47 AM, Ian Duffy wrote: Hi Antonio, Can you confirm the values for the settings in global settings starting with ldap. Since you mentioned AD I'm specifically interested in ldap.username.attribute and ldap.user.object Thanks, Ian On 4 April 2014 10:36, Antonio Packery antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.zamailto:antonio.pack...@t-systems.co.za wrote: Hi, Since upgrading to CS 4.3 my AD LDAP authentication no longer works. All my previous do seem to have been retained but i am not able to import any LDAP users. Are there any log/configuration files i can check for errors? Also, any guidance on the correct syntac, ldap attributes to be using for AD would help. Regards Antonio Disclaimer: This message and/or attachment(s) may contain privileged, confidential and/or personal information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not related to T-Systems' official business is deemed to be that of the individual only and is not endorsed by T-Systems. This message and/or attachment(s) may contain privileged or confidential information. If you are not the intended recipient you may not disclose or distribute any of the information contained within this message. In such case you must destroy this message and inform the sender of the error. T-Systems does not accept liability for any errors, omissions, information and viruses contained in the transmission of this message. Any opinions, conclusions and other information contained within this message not
Corrupt Primary Storage, please help!
We moved our nfs server from one drbd peer to the other and then as we restored power to the former primary nfs server it took over the nfs and locked up the file systems. We switched back immediately but some damage has happened. Now we're stuck with a pile of vhds which are corrupt (mostly windows) and linux ones which are repairable, if we had the root passwords (like the ssvm/console vm). How can we access the locations of the vhd files/or chains of them which are on the other server which are possibly unaffected by this corruption so we can get them up and running on another system? Running XenServer 6.2, CloudStack 4.2. Thanks, - Ian
RE: Service Offering Maximum Limit
The reason I was curious is because we are using hostbill for billing and life cycle control of our vm's, and the way they spin up vm's is to create a unique service offering for each VM. From: daan.hoogl...@gmail.com Date: Fri, 4 Apr 2014 11:07:46 +0200 Subject: Re: Service Offering Maximum Limit To: users@cloudstack.apache.org Don't see a reason why there should be. Are you hitting a limit? On Thu, Apr 3, 2014 at 3:01 AM, Michael Phillips mphilli7...@hotmail.com wrote: Does anyone know if there is a maximum amount of service offerings that can be created? -- Daan
Re: Help with SSVM routes
My network admin asked to change the managment ip addresses so now they are a 172.16.0.0/16 I wiped the database and setup the system again. I am still having problems resolving dns from inside of ssvm. Its wierd I can telnet / ssh out to my mail server by using the ip address. The only thing I can think of is the iptables on my host must be wrong. Can someone please look at this and tell me what to do. I do not see cloudbr3 which is connected to my public interface. I'm no iptables expert so if you can help with the commands to add to this list it would be very helpful. [root@cst2 ~]# cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.7 on Fri Apr 4 09:32:17 2014 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :BF-breth2-101 - [0:0] :BF-breth2-101-IN - [0:0] :BF-breth2-101-OUT - [0:0] :BF-cloud0 - [0:0] :BF-cloud0-IN - [0:0] :BF-cloud0-OUT - [0:0] :BF-cloudbr0 - [0:0] :BF-cloudbr0-IN - [0:0] :BF-cloudbr0-OUT - [0:0] -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 32803 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 32769 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 892 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 892 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 875 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 875 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 662 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -p tcp -m tcp --dport 49152:49216 -j ACCEPT -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5900:6100 -j ACCEPT -A INPUT -p tcp -m tcp --dport 16509 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A FORWARD -o cloud0 -m physdev --physdev-is-bridged -j BF-cloud0 -A FORWARD -i cloud0 -m physdev --physdev-is-bridged -j BF-cloud0 -A FORWARD -o cloud0 -j DROP -A FORWARD -i cloud0 -j DROP -A FORWARD -o breth2-101 -m physdev --physdev-is-bridged -j BF-breth2-101 -A FORWARD -i breth2-101 -m physdev --physdev-is-bridged -j BF-breth2-101 -A FORWARD -o breth2-101 -j DROP -A FORWARD -i breth2-101 -j DROP -A FORWARD -o cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0 -A FORWARD -i cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0 -A FORWARD -o cloudbr0 -j DROP -A FORWARD -i cloudbr0 -j DROP -A BF-breth2-101 -m state --state RELATED,ESTABLISHED -j ACCEPT -A BF-breth2-101 -m physdev --physdev-is-in --physdev-is-bridged -j BF-breth2-101-IN -A BF-breth2-101 -m physdev --physdev-is-out --physdev-is-bridged -j BF-breth2-101-OUT -A BF-breth2-101 -m physdev --physdev-out eth2.101 --physdev-is-bridged -j ACCEPT -A BF-cloud0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A BF-cloud0 -m physdev --physdev-is-in --physdev-is-bridged -j BF-cloud0-IN -A BF-cloud0 -m physdev --physdev-is-out --physdev-is-bridged -j BF-cloud0-OUT -A BF-cloud0 -m physdev --physdev-out vnet0 --physdev-is-bridged -j ACCEPT -A BF-cloudbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A BF-cloudbr0 -m physdev --physdev-is-in --physdev-is-bridged -j BF-cloudbr0-IN -A BF-cloudbr0 -m physdev --physdev-is-out --physdev-is-bridged -j BF-cloudbr0-OUT -A BF-cloudbr0 -m physdev --physdev-out eth0 --physdev-is-bridged -j ACCEPT COMMIT # Completed on Fri Apr 4 09:32:17 2014 # Generated by iptables-save v1.4.7 on Fri Apr 4 09:32:17 2014 *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT # Completed on Fri Apr 4 09:32:17 2014 # Generated by iptables-save v1.4.7 on Fri Apr 4 09:32:17 2014 *nat :PREROUTING ACCEPT [92:16743] :POSTROUTING ACCEPT [575:38614] :OUTPUT ACCEPT [575:38614] COMMIT # Completed on Fri Apr 4 09:32:17 2014 On 04/03/2014 08:04 PM, Matthew Midgett wrote: I have made some changes to my network but I am still unable to ping my internal lan from ssvm or anything past my public gateway. From the internet I can ping the public ip of ssvm and console proxy so i know that they are online. I've included all that I can think of. If you need more info please tell me what it is. I am using CT 4.3 on Centos 6.5 64bit with KVM as a hypervisor Each of my hosts has 4 nics
RE: firewall accept all
Created. I guess someone from the dev team will look at it in due time? From: jayapalreddy.ur...@citrix.com To: users@cloudstack.apache.org Subject: Re: firewall accept all Date: Fri, 4 Apr 2014 10:52:34 + You can file bugs cloudstack at below url https://issues.apache.org/jira/secure/Dashboard.jspa Thanks, Jayapal On 04-Apr-2014, at 11:55 AM, Michael Phillips mphilli7...@hotmail.com wrote: Never having done it, where do I file the bug report? From: jayapalreddy.ur...@citrix.com To: users@cloudstack.apache.org Subject: Re: firewall accept all Date: Fri, 4 Apr 2014 06:13:59 + This will be UI bug then. If API says the source cidr is optional, then same should be in UI as well. Michael can you please file UI bug this. Thanks, Jayapal On 04-Apr-2014, at 2:49 AM, Michael Phillips mphilli7...@hotmail.com wrote: That did itthanks for the info! From: xbu...@lpsintegration.com To: users@cloudstack.apache.org Subject: Re: firewall accept all Date: Thu, 3 Apr 2014 21:04:39 + Enter 0.0.0.0/0 On 4/3/14, 3:51 PM, Michael Phillips mphilli7...@hotmail.com wrote: According to the docs it says you can leave the source cidr blank to accept all. However when I attempt to leave the source CIDR field blank it says it's required. How do you accept all incoming CIDR's? This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail)
Re: Help with SSVM routes
This is the correct statement. I had cloudbr3 which was incorrect. I do not see cloudbr2 which is connected to my public interface. I'm no iptables expert so if you can help with the commands to add to this list it would be very helpful. Sent from my Galaxy S®III Original message From: Matthew Midgett supp...@trickhosting.biz Date:04/04/2014 10:07 AM (GMT-05:00) To: users@cloudstack.apache.org users@cloudstack.apache.org users@cloudstack.apache.org Subject: Re: Help with SSVM routes My network admin asked to change the managment ip addresses so now they are a 172.16.0.0/16 I wiped the database and setup the system again. I am still having problems resolving dns from inside of ssvm. Its wierd I can telnet / ssh out to my mail server by using the ip address. The only thing I can think of is the iptables on my host must be wrong. Can someone please look at this and tell me what to do. I do not see cloudbr3 which is connected to my public interface. I'm no iptables expert so if you can help with the commands to add to this list it would be very helpful. [root@cst2 ~]# cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.7 on Fri Apr 4 09:32:17 2014 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :BF-breth2-101 - [0:0] :BF-breth2-101-IN - [0:0] :BF-breth2-101-OUT - [0:0] :BF-cloud0 - [0:0] :BF-cloud0-IN - [0:0] :BF-cloud0-OUT - [0:0] :BF-cloudbr0 - [0:0] :BF-cloudbr0-IN - [0:0] :BF-cloudbr0-OUT - [0:0] -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 32803 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 32769 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 892 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 892 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 875 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p udp -m state --state NEW -m udp --dport 875 -j ACCEPT -A INPUT -s 172.16.0.0/16 -p tcp -m state --state NEW -m tcp --dport 662 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -p tcp -m tcp --dport 49152:49216 -j ACCEPT -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A INPUT -p tcp -m tcp --dport 5900:6100 -j ACCEPT -A INPUT -p tcp -m tcp --dport 16509 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A FORWARD -o cloud0 -m physdev --physdev-is-bridged -j BF-cloud0 -A FORWARD -i cloud0 -m physdev --physdev-is-bridged -j BF-cloud0 -A FORWARD -o cloud0 -j DROP -A FORWARD -i cloud0 -j DROP -A FORWARD -o breth2-101 -m physdev --physdev-is-bridged -j BF-breth2-101 -A FORWARD -i breth2-101 -m physdev --physdev-is-bridged -j BF-breth2-101 -A FORWARD -o breth2-101 -j DROP -A FORWARD -i breth2-101 -j DROP -A FORWARD -o cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0 -A FORWARD -i cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0 -A FORWARD -o cloudbr0 -j DROP -A FORWARD -i cloudbr0 -j DROP -A BF-breth2-101 -m state --state RELATED,ESTABLISHED -j ACCEPT -A BF-breth2-101 -m physdev --physdev-is-in --physdev-is-bridged -j BF-breth2-101-IN -A BF-breth2-101 -m physdev --physdev-is-out --physdev-is-bridged -j BF-breth2-101-OUT -A BF-breth2-101 -m physdev --physdev-out eth2.101 --physdev-is-bridged -j ACCEPT -A BF-cloud0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A BF-cloud0 -m physdev --physdev-is-in --physdev-is-bridged -j BF-cloud0-IN -A BF-cloud0 -m physdev --physdev-is-out --physdev-is-bridged -j BF-cloud0-OUT -A BF-cloud0 -m physdev --physdev-out vnet0 --physdev-is-bridged -j ACCEPT -A BF-cloudbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A BF-cloudbr0 -m physdev --physdev-is-in --physdev-is-bridged -j BF-cloudbr0-IN -A BF-cloudbr0 -m physdev --physdev-is-out --physdev-is-bridged -j BF-cloudbr0-OUT -A BF-cloudbr0 -m physdev --physdev-out eth0 --physdev-is-bridged -j ACCEPT COMMIT # Completed on Fri Apr 4 09:32:17 2014 # Generated by iptables-save v1.4.7 on Fri Apr 4 09:32:17 2014 *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT # Completed on Fri Apr 4 09:32:17 2014 # Generated by iptables-save v1.4.7 on Fri Apr 4 09:32:17 2014 *nat :PREROUTING ACCEPT [92:16743] :POSTROUTING ACCEPT [575:38614] :OUTPUT ACCEPT [575:38614] COMMIT
Re: cannot start system vms
Jason, have you considered using ACS43, the latest official release? NB; version 43 removes the realhostip.com dependency which is of some importance. /Ove On 04/03/2014 07:42 PM, jason pavao wrote: Anybody? Is there another mailing list I can use to request help? Hey Folks, Hoping for some assistance here. Running cloudstack 4.0.2 what does avoid set mean? and how do i enable my kvm hosts? Here is the logging from the management head during system vm creation- Any and all help is appreciated! 2014-04-02 17:48:58,264 DEBUG [cloud.vm.VirtualMachineManagerImpl] (secstorage-1:null) Successfully released network resources for the vm VM[SecondaryStorageVm|s-6410-VM] 2014-04-02 17:48:58,264 DEBUG [cloud.vm.VirtualMachineManagerImpl] (secstorage-1:null) Successfully cleanued up resources for the vm VM[SecondaryStorageVm|s-6410-VM] in Starting state 2014-04-02 17:48:58,265 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) DeploymentPlanner allocation algorithm: random 2014-04-02 17:48:58,265 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) Trying to allocate a host and storage pools from dc:1, pod:null,cluster:null, requested cpu: 500, requested ram: 268435456 2014-04-02 17:48:58,265 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) Is ROOT volume READY (pool already allocated)?: No 2014-04-02 17:48:58,266 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) Searching all possible resources under this Zone: 1 2014-04-02 17:48:58,267 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) Listing clusters in order of aggregate capacity, that have (atleast one host with) enough CPU and RAM capacity under this Zone: 1 2014-04-02 17:48:58,267 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) CPUOverprovisioningFactor considered: 1.0 2014-04-02 17:48:58,271 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) Checking resources in Cluster: 1 under Pod: 1 2014-04-02 17:48:58,271 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) Calling HostAllocators to find suitable hosts 2014-04-02 17:48:58,271 DEBUG [allocator.impl.FirstFitAllocator] (secstorage-1:FirstFitRoutingAllocator) Looking for hosts in dc: 1 pod:1 cluster:1 2014-04-02 17:48:58,272 DEBUG [allocator.impl.FirstFitAllocator] (secstorage-1:FirstFitRoutingAllocator) FirstFitAllocator has 2 hosts to check for allocation: [Host[-28-Routing], Host[-29-Routing]] 2014-04-02 17:48:58,274 DEBUG [allocator.impl.FirstFitAllocator] (secstorage-1:FirstFitRoutingAllocator) Found 2 hosts for allocation after prioritization: [Host[-28-Routing], Host[-29-Routing]] 2014-04-02 17:48:58,274 DEBUG [allocator.impl.FirstFitAllocator] (secstorage-1:FirstFitRoutingAllocator) Looking for speed=500Mhz, Ram=256 2014-04-02 17:48:58,274 DEBUG [allocator.impl.FirstFitAllocator] (secstorage-1:FirstFitRoutingAllocator) Host name: slcai073.us.oracle.com, hostId: 28 is in avoid set, skipping this and trying other available hosts 2014-04-02 17:48:58,274 DEBUG [allocator.impl.FirstFitAllocator] (secstorage-1:FirstFitRoutingAllocator) Host name: slcai074, hostId: 29 is in avoid set, skipping this and trying other available hosts 2014-04-02 17:48:58,275 DEBUG [allocator.impl.FirstFitAllocator] (secstorage-1:FirstFitRoutingAllocator) Host Allocator returning 0 suitable hosts 2014-04-02 17:48:58,275 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) No suitable hosts found 2014-04-02 17:48:58,275 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) No suitable hosts found under this Cluster: 1 2014-04-02 17:48:58,275 DEBUG [cloud.deploy.FirstFitPlanner] (secstorage-1:null) Could not find suitable Deployment Destination for this VM under any clusters, returning. 2014-04-02 17:48:58,277 DEBUG [cloud.capacity.CapacityManagerImpl] (secstorage-1:null) VM state transitted from :Starting to Stopped with event: OperationFailedvm's original host id: null new host id: null host id before state transition: 29 2014-04-02 17:48:58,279 DEBUG [cloud.capacity.CapacityManagerImpl] (secstorage-1:null) Hosts's actual total CPU: 92832 and CPU after applying overprovisioning: 92832 2014-04-02 17:48:58,279 DEBUG [cloud.capacity.CapacityManagerImpl] (secstorage-1:null) release cpu from host: 29, old used: 1000,reserved: 0, actual total: 92832, total with overprovisioning: 92832; new used: 500,reserved:0; movedfromreserved: false,moveToReserveredfalse 2014-04-02 17:48:58,280 DEBUG [cloud.capacity.CapacityManagerImpl] (secstorage-1:null) release mem from host: 29, old used: 1342177280,reserved: 0, total: 271024279552; new used: 1073741824,reserved:0; movedfromreserved: false,moveToReserveredfalse 2014-04-02 17:48:58,281 WARN [storage.secondary.SecondaryStorageManagerImpl] (secstorage-1:null) Exception while trying to start secondary storage vm com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[SecondaryStorageVm|s-6410-VM]Scope=interface com.cloud.dc.DataCenter; id=1 at
Systems VM Agent status-disconnect after upgrading from Cloudstack 4.1 to 4.2
Hello all, I upgrade Cloudstack 4.1 to Cloudstack 4.2, after upgrading Systems VMs status show as Agent disconnect. for that reason I can't access counsel of Instances, any idea how to fix that issue? Thanks
Re: Systems VM Agent status-disconnect after upgrading from Cloudstack 4.1 to 4.2
Have you tried destroying the instance and allowing CS to create another one for you? On Apr 4, 2014, at 10:45 AM, motty cruz motty.c...@gmail.com wrote: Hello all, I upgrade Cloudstack 4.1 to Cloudstack 4.2, after upgrading Systems VMs status show as Agent disconnect. for that reason I can't access counsel of Instances, any idea how to fix that issue? Thanks This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail)
Re: Systems VM Agent status-disconnect after upgrading from Cloudstack 4.1 to 4.2
hello Xerex, do you mean destroying the Systems VMs? I did that once testing environment and CS never recreated, so i'm afraid to do so now in production environment. On Fri, Apr 4, 2014 at 8:53 AM, Xerex Bueno xbu...@lpsintegration.comwrote: Have you tried destroying the instance and allowing CS to create another one for you? On Apr 4, 2014, at 10:45 AM, motty cruz motty.c...@gmail.com wrote: Hello all, I upgrade Cloudstack 4.1 to Cloudstack 4.2, after upgrading Systems VMs status show as Agent disconnect. for that reason I can't access counsel of Instances, any idea how to fix that issue? Thanks This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail)
Re: Systems VM Agent status-disconnect after upgrading from Cloudstack 4.1 to 4.2
Yes, also if I remember correctly it actually tells you to do that in the upgrade documentation. In the event it doesn't automatically recreate it, restart the CA management service. Sent from my iPhone On Apr 4, 2014, at 10:57 AM, motty cruz motty.c...@gmail.com wrote: hello Xerex, do you mean destroying the Systems VMs? I did that once testing environment and CS never recreated, so i'm afraid to do so now in production environment. On Fri, Apr 4, 2014 at 8:53 AM, Xerex Bueno xbu...@lpsintegration.comwrote: Have you tried destroying the instance and allowing CS to create another one for you? On Apr 4, 2014, at 10:45 AM, motty cruz motty.c...@gmail.com wrote: Hello all, I upgrade Cloudstack 4.1 to Cloudstack 4.2, after upgrading Systems VMs status show as Agent disconnect. for that reason I can't access counsel of Instances, any idea how to fix that issue? Thanks This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail) This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or displayed to any other party without the expressed written permission of LPS Integration, Inc. If you are not the intended recipient and have received this email in error, please destroy the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009 (Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail)
RE: [EVENTS] CloudStack Hyderabad April meetup -3rd April
Update on Yesterday 's Meet-up:(Highlights) -- I have attached few photos. -Meet up went very well. Great participation from the audience .some of them already using cloudstack. Around 25 people attend this event. - People are willing to contribute and some of them are interested in bug fixing . We hope to see more involvement in coming future from the participants . -some of topics they expect in next meet-up are : debugging tips /on events/monitoring/cloudstack networking internals/realhostip/SDN / baremetal. ** We are planning the next meetup tentatively on may 8th 2014. *** Regards Sadhu -Original Message- From: Srikanteswararao Talluri [mailto:srikanteswararao.tall...@citrix.com] Sent: 01 April 2014 19:04 To: Rohit Yadav; d...@cloudstack.apache.org Cc: users@cloudstack.apache.org; market...@cloudstack.apache.org Subject: Re: [EVENTS] CloudStack Hyderabad April meetup -3rd April Sure Rohit. We'll try to announce the events much in advance so that interested people can plan accordingly. Thanks, ~Talluri From: Rohit Yadav bhais...@apache.orgmailto:bhais...@apache.org Date: Saturday, 29 March 2014 2:57 pm To: d...@cloudstack.apache.orgmailto:d...@cloudstack.apache.org d...@cloudstack.apache.orgmailto:d...@cloudstack.apache.org, Srikanteswararao Talluri srikanteswararao.tall...@citrix.commailto:srikanteswararao.tall...@citrix.com Cc: users@cloudstack.apache.orgmailto:users@cloudstack.apache.org users@cloudstack.apache.orgmailto:users@cloudstack.apache.org, market...@cloudstack.apache.orgmailto:market...@cloudstack.apache.org market...@cloudstack.apache.orgmailto:market...@cloudstack.apache.org Subject: Re: [EVENTS] CloudStack Hyderabad April meetup -3rd April Hi Talluri! Thanks for sharing. Folks can you please plan/share meetup events at least one month in advance, in future? I've sort of missed two meetups in India in the past due to timing mismatches which I would have loved to join. Regards. On Sat, Mar 29, 2014 at 11:32 AM, Srikanteswararao Talluri srikanteswararao.tall...@citrix.commailto:srikanteswararao.tall...@citrix.com wrote: Gentle reminder. Please join us for CloudStack Hyderabad April meetup on Thursday, 3rd April 2014 at IIIT Hyderabad. RSVP @ http://www.meetup.com/CloudStack-Hyderabad-Group/events/172106682/ Thanks, ~Talluri
Re: VM orchestration, updating Best practices
Hi Lisa,
Erik Weber terbol...@gmail.com wrote:
One way is to let puppet or whatever decide based on hostname, and pass the
role that way. Or you could look at userdata, but that is hard to change
later.
Erik
26. mars 2014 18:47 skrev X. S. nordlicht1...@hotmail.de følgende:
Hey!
I have several choices to make regarding orchestration of VMs:
- when and where should I assign a role to a template/VM?
- Should I have a Database template, a Webserver template etc? Or should I
just have one basic ubuntu template with chef/puppet installed and pass the
role somehow differently to the VM (how?) so all the rest of the
installation is taken care of by those tools?
we use the following combination of tools/strategies:
- match host names by regular expressions in puppet
with this, every host with name www... has the role web-server
node /^www.*\.example\.com$/ inherits 'web-server-node' {
...
}
you can also use 'if' or 'case' statement inside definitions/classes
- specify a specific version of the package in puppet
package { 'tomcat7':
ensure = '7.0.26-1ubuntu1.2'
}
- a proxy repository for OS packages
A caching proxy for the OS packages is a good measure to be able to
control which packages are available for installation in your VMs. Even
if the upstream repositories remove certain packages, your cache still
keeps them. We use apt-cacher on Ubuntu 12.04.
- Should I turn on automatic updates in Ubuntu and how often should I
create a new, up to date template?
- is puppet/chef really worth having to change the recipes on every minor
new version and coming up with a recipe every time I want to install
something new? Is there a way of installing security patches etc.
automatically but handle new versions manually via chef or puppet?
It depends on what you want to achieve. From your questions above, I
have the impression that strict control of package versions is your
goal. With puppet, you can be strict for certain packages and lenient
for others, as you can also just specify that a package should just be
present without giving a specific number:
package { 'tomcat7':
ensure = 'present'
}
or tell puppet to always upgrade to the latest version with 'ensure =
latest'.
cf.
http://docs.puppetlabs.com/references/latest/type.html#package-attribute-ensure
- I guess the best way for updates would be to start a new VM with the new
software and one by one move the workload to the updated VMs. On the other
hand this seems not very feasible for the daily updates on the OS
level!?
The way we do it is to create a template from a running VM, start that
template, change the versions of the relevant packages in the puppet
configuration to 'latest', and test the functionality.
If everything is OK, the versions which have been tested are written
into the puppet configuration and 'frozen' from that moment on until the
next round of updates.
I have been researching this for a few weeks. Maybe you can share a thing
or two before my head explodes...
Thank you!
Lisa
HTH
Kambiz
Not sure if this is ok to ask
But if anyone has time today to help me get this network setup I am willing to pay a consulting fee to make it happen. Thanks, Fred -- Zobotek, LLC 7941 Katy Freeway #256 Houston, TX 77024 281-216-0488 - Main Number http://www.zobotek.com http://www.stonemountainhosting.com
Re: LXC template
Thank you Francois for the information. Please could you tell me which cloudstack template to use for spawning systems VMS on a LXC to spawn containers. I used LXC template found in database which was very old | 10 | SystemVM Template (LXC) | http://download.cloud.com/templates/acton/acton-systemvm-02062012.qcow2.bz2| SYSTEM | LXC | which did not work as cloudstack release was too old, then I tried with | 3 | SystemVM Template (KVM) | http://download.cloud.com/templates/4.2/systemvmtemplate-2013-06-12-master-kvm.qcow2.bz2| SYSTEM | KVM. Still my system VMs were rebooting only 1 VM is up at a time. Any Advice would be appreciated Thank you Regards, Chinu On Wed, Apr 2, 2014 at 8:12 AM, Francois Gaudreault fgaudrea...@cloudops.com wrote: On 2014-04-02, 1:34 AM, Chinu wrote: Hello all, Please can someone advice how to create an LXC template image in tar format to spawn containers in KVM for Cloudstack version 4.2 or 4.3 Regards, Chinu Ok, the output was not as good as I though. Use this link instead :) http://pastebin.com/PuZd9gw6 -- Francois Gaudreault Architecte de Solution Cloud | Cloud Solutions Architect fgaudrea...@cloudops.com 514-629-6775 - - - CloudOps 420 rue Guy Montréal QC H3J 1S6 www.cloudops.com @CloudOps_
XenServer Hosts Mounting Secondary Storage from wrong Zone
I am observing a problem with relation to XenServer Hosts which are mounting Secondary Storage from a remote Zone via their Management Network, even though there is a correctly configured Secondary Storage in the local Zone, and a correctly configured Storage Network on a dedicated VLAN. In addition, when the XenServer decides to mount the correct local Secondary Storage, it appears to run very slowly. However if we manually mount the secondary storage and copies files, they copy very quickly. And by very slowly, I mean simply running the 'ls' command can take 2 minutes to return a list of two files. This particular problem is being experienced on CloudStack 4.2.1 with XenServer 6.2. However I have also witnessed the cross Zone Secondary Storage mounting happening in CloudStack 4.3 Anyone else seen this behaviour ??? Regards Geoff Higginbottom CTO / Cloud Architect [Description: Mail Logo Bottom Align] D: +44 20 3603 0542tel:+442036030542 | S: +44 20 3603 0540tel:+442036030540 | M: +447968161581tel:+447968161581 geoff.higginbot...@shapeblue.commailto:geoff.higginbot...@shapeblue.com | www.shapeblue.comhtp://www.shapeblue.com/ | Twitter:@cloudstackguruhttps://twitter.com/#!/cloudstackguru ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS Need Enterprise Grade Support for Apache CloudStack? Our CloudStack Infrastructure Supporthttp://shapeblue.com/cloudstack-infrastructure-support/ offers the best 24/7 SLA for CloudStack Environments. Apache CloudStack Bootcamp training courses **NEW!** CloudStack 4.2.1 traininghttp://shapeblue.com/cloudstack-training/ 28th-29th May 2014, Bangalore. Classrommhttp://shapeblue.com/cloudstack-training/ 16th-20th June 2014, Region A. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ 23rd-27th June 2014, Region B. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ 15th-20th September 2014, Region A. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ 22nd-27th September 2014, Region B. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ 1st-6th December 2014, Region A. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ 8th-12th December 2014, Region B. Instructor led, On-linehttp://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: LXC template
You need a real hypervisor to run your SSVM and CPVM (ie. KVM, Xen, etc.) You can't run the SSVM only on LXC. Francois On 2014-04-04, 4:32 PM, chinu shah wrote: Thank you Francois for the information. Please could you tell me which cloudstack template to use for spawning systems VMS on a LXC to spawn containers. I used LXC template found in database which was very old | 10 | SystemVM Template (LXC) | http://download.cloud.com/templates/acton/acton-systemvm-02062012.qcow2.bz2 | SYSTEM | LXC | which did not work as cloudstack release was too old, then I tried with | 3 | SystemVM Template (KVM) | http://download.cloud.com/templates/4.2/systemvmtemplate-2013-06-12-master-kvm.qcow2.bz2 | SYSTEM | KVM. Still my system VMs were rebooting only 1 VM is up at a time. Any Advice would be appreciated Thank you Regards, Chinu On Wed, Apr 2, 2014 at 8:12 AM, Francois Gaudreault fgaudrea...@cloudops.com mailto:fgaudrea...@cloudops.com wrote: On 2014-04-02, 1:34 AM, Chinu wrote: Hello all, Please can someone advice how to create an LXC template image in tar format to spawn containers in KVM for Cloudstack version 4.2 or 4.3 Regards, Chinu Ok, the output was not as good as I though. Use this link instead :) http://pastebin.com/PuZd9gw6 -- Francois Gaudreault Architecte de Solution Cloud | Cloud Solutions Architect fgaudrea...@cloudops.com mailto:fgaudrea...@cloudops.com 514-629-6775 tel:514-629-6775 - - - CloudOps 420 rue Guy Montréal QC H3J 1S6 www.cloudops.com http://www.cloudops.com @CloudOps_ -- Francois Gaudreault Architecte de Solution Cloud | Cloud Solutions Architect fgaudrea...@cloudops.com 514-629-6775 - - - CloudOps 420 rue Guy Montréal QC H3J 1S6 www.cloudops.com @CloudOps_
Trouble with Usage server on 4.3.
On 4.3 I am having a problem getting my usage server to start. CS works fine and db.properties appears to be correct. The cloudstack_usage DB has been created and credentials work. I am getting the following in the cloudstack-usage.err log com.cloud.utils.exception.CloudRuntimeException: DB Exception on: null at com.cloud.utils.db.GenericDaoBase.searchIncludingRemoved(GenericDaoBase.java:421) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.CGLIB$searchIncludingRemoved$48(generated) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759_FastClassByCloudStack_bb80d0f6.invoke(generated) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.searchIncludingRemoved(generated) at com.cloud.utils.db.GenericDaoBase.searchIncludingRemoved(GenericDaoBase.java:356) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.CGLIB$searchIncludingRemoved$49(generated) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759_FastClassByCloudStack_bb80d0f6.invoke(generated) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.searchIncludingRemoved(generated) at com.cloud.utils.db.GenericDaoBase.listIncludingRemovedBy(GenericDaoBase.java:911) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.CGLIB$listIncludingRemovedBy$78(generated) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759_FastClassByCloudStack_bb80d0f6.invoke(generated) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.listIncludingRemovedBy(generated) at com.cloud.utils.db.GenericDaoBase.listIncludingRemovedBy(GenericDaoBase.java:916) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.CGLIB$listIncludingRemovedBy$76(generated) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759_FastClassByCloudStack_bb80d0f6.invoke(generated) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.listIncludingRemovedBy(generated) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl.getConfiguration(ConfigurationDaoImpl.java:82) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.CGLIB$getConfiguration$8(generated) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759_FastClassByCloudStack_bb80d0f6.invoke(generated) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.getConfiguration(generated) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl.getConfiguration(ConfigurationDaoImpl.java:110) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.CGLIB$getConfiguration$9(generated) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759_FastClassByCloudStack_bb80d0f6.invoke(generated) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at org.apache.cloudstack.framework.config.dao.ConfigurationDaoImpl_EnhancerByCloudStack_964f5759.getConfiguration(generated) at com.cloud.usage.UsageManagerImpl.configure(UsageManagerImpl.java:173) at com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(ComponentContext.java:114) at com.cloud.usage.UsageServer.start(UsageServer.java:60) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
