Re: 答复: unable to test Network Throttling.

2014-12-09 Thread raja sekhar 
hi prasanth,

In cloudstack i have given network rate as 1024Mb/s but in xencenter qos
properties it is showing 25Mb/s for that VM.

Andrija Panic/Prashant if i change the interface property(bandwidth)
through xencenter or commandline process in
http://xmodulo.com/how-to-rate-limit-xenserver-vms-network-interfaces.html ,
if i shutdown the VM from cloudstack that VM wil be disabled from
xencenter, when ever i start the VM, the qos value will be same or it will
changed to 25Mb/s.

waiting for your reply.

Regards,
Rajasekhar.


On Tue, Dec 9, 2014 at 12:05 AM, Prashant Kumar Mishra <
prashantkumar.mis...@citrix.com> wrote:
>
> From the  xencenter you can check interface property (look for QoS
> settings) for that particular vm .
>
> -Original Message-
> From: Andrija Panic [mailto:andrija.pa...@gmail.com]
> Sent: Tuesday, December 09, 2014 1:30 PM
> To: d...@cloudstack.apache.org
> Cc: users@cloudstack.apache.org
> Subject: Re: 答复: unable to test Network Throttling.
>
> Recent reply from Vadim:
> http://xmodulo.com/how-to-rate-limit-xenserver-vms-network-interfaces.html
>
> On 9 December 2014 at 08:40, raja sekhar  wrote:
>
> > Hi Star,
> >
> > Thanks for your reply. I'm using XenServer 6.2 and cloudstack 4.3.1.
> > how can i check the band width rate of the VM, is there any command
> > for xenserver host?
> >
> > waiting for your reply.
> >
> > Regards,
> > Rajasekhar.
> >
> > On Mon, Dec 8, 2014 at 10:56 PM, Star Guo  wrote:
> > >
> > > Hi,
> > >
> > > There is a priority: the network rate of compute offering > the
> > > network rate of global configuration.
> > > If you deploy on kvm host, you can use virsh command to dumpxml of
> > > the VM and focus on   ... .
> > >
> > > Best Regards,
> > > Star Guo
> > >
> > > -邮件原件-
> > > 发件人: raja sekhar [mailto:rajsekhar@gmail.com]
> > > 发送时间: 2014年12月9日 14:28
> > > 收件人: d...@cloudstack.apache.org; users@cloudstack.apache.org
> > > 主题: unable to test Network Throttling.
> > >
> > > Hi all,
> > >
> > > i have created one compute offering(2 CPU , 4 GB) and given the
> > > Network Rate as 1024 Mb/s, a VM is deployed from that compute
> > > offering and in global settings i didn't changed any Network
> > > Throttling Rate(default 200
> > > Mb/s) and i'm unable to test the network bandwidth rate.
> > >
> > > please suggest me how to test the bandwidth rate of the VM.
> > >
> > >
> > >
> > > Regards,
> > > Rajasekhar.
> > >
> > >
> >
>
>
>
> --
>
> Andrija Panić
>

libvritd segfault when migrating with CentOS 6.6 and CS 4.4.1

2014-12-09 Thread Lee Webb 
Hi List,

(apologies if there's a double post the original didn't look to have been sent)

I've encountered an unusual problem of libvirtd segfaulting when a live 
migration is initiated from the CS management server.

I have 5 identical (using SaltStack) Dell PE M420 blades running CentOS 6.6 
with Intel Xeon E5-2470 v2 CPU's which all do the same thing.

The back trace from the core indicates that something is dying within libc.so.6

I've played with the cpu passthrough settings on the agent but this doesn't 
seem to influence whether it crashes or not & normal operation of the VM's 
(start, stop, usage etc.) all appears ok.

I'm considering trying out CentOS 7 to see whether it happens there but haven't 
done that yet

Here is the GDB backtrace

Program terminated with signal 11, Segmentation fault.
#0  0x7f7d8f7fe43a in __strcmp_sse42 () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install 
libvirt-0.10.2-46.el6_6.2.x86_64
(gdb) backtrace
#0  0x7f7d8f7fe43a in __strcmp_sse42 () from /lib64/libc.so.6
#1  0x7f7d92dd6411 in ?? () from /usr/lib64/libvirt.so.0
#2  0x7f7d92dd87e8 in ?? () from /usr/lib64/libvirt.so.0
#3  0x004aac4e in ?? ()
#4  0x0048a2cc in ?? ()
#5  0x00491110 in ?? ()
#6  0x00491ab7 in ?? ()
#7  0x004550b4 in ?? ()
#8  0x7f7d92def13f in virDomainMigratePrepare3 () from 
/usr/lib64/libvirt.so.0
#9  0x0042eddf in ?? ()
#10 0x7f7d92e50132 in virNetServerProgramDispatch () from 
/usr/lib64/libvirt.so.0
#11 0x7f7d92e4d70e in ?? () from /usr/lib64/libvirt.so.0
#12 0x7f7d92e4ddac in ?? () from /usr/lib64/libvirt.so.0
#13 0x7f7d92d6bb3c in ?? () from /usr/lib64/libvirt.so.0
#14 0x7f7d92d6b429 in ?? () from /usr/lib64/libvirt.so.0
#15 0x7f7d8fe789d1 in start_thread () from /lib64/libpthread.so.0
#16 0x7f7d8f7be9dd in clone () from /lib64/libc.so.6
 
and more specifically

#0  __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp.S:260
#1  0x7f7d92dd6411 in x86ModelFind (cpu=0x7f7d68003440, map=0x7f7d680021e0, 
policy=1) at cpu/cpu_x86.c:831
#2  x86ModelFromCPU (cpu=0x7f7d68003440, map=0x7f7d680021e0, policy=1) at 
cpu/cpu_x86.c:850
#3  0x7f7d92dd87e8 in x86Compute (host=, 
cpu=0x7f7d68003440, guest=0x7f7d82f04df0, message=0x7f7d82f04de0) at 
cpu/cpu_x86.c:1243
#4  0x004aac4e in qemuBuildCpuArgStr (conn=0x7f7d5920, 
driver=0x7f7d78013b20, def=0x7f7d68002830, monitor_chr=0x7f7d680026f0, 
monitor_json=true, caps=0x7f7d68002c50, 
migrateFrom=0x7f7d680136d0 "tcp:[::]:49152", migrateFd=-1, snapshot=0x0, 
vmop=VIR_NETDEV_VPORT_PROFILE_OP_MIGRATE_IN_START) at qemu/qemu_command.c:4516
#5  qemuBuildCommandLine (conn=0x7f7d5920, driver=0x7f7d78013b20, 
def=0x7f7d68002830, monitor_chr=0x7f7d680026f0, monitor_json=true, 
caps=0x7f7d68002c50, migrateFrom=0x7f7d680136d0 "tcp:[::]:49152", 
migrateFd=-1, snapshot=0x0, 
vmop=VIR_NETDEV_VPORT_PROFILE_OP_MIGRATE_IN_START) at qemu/qemu_command.c:5320
#6  0x0048a2cc in qemuProcessStart (conn=0x7f7d5920, 
driver=0x7f7d78013b20, vm=0x7f7d68006e10, migrateFrom=0x7f7d680136d0 
"tcp:[::]:49152", stdin_fd=-1, stdin_path=0x0, snapshot=0x0, 
vmop=VIR_NETDEV_VPORT_PROFILE_OP_MIGRATE_IN_START, flags=6) at 
qemu/qemu_process.c:4008
#7  0x00491110 in qemuMigrationPrepareAny (driver=0x7f7d78013b20, 
dconn=0x7f7d5920, cookiein=, cookieinlen=255, 
cookieout=0x7f7d82f05ae0, cookieoutlen=0x7f7d82f05aec, 
dname=0x7f7d68002570 "i-2-10-VM", 
dom_xml=0x7f7d680013d0 "\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  CentOS 6.5 
(64-bit)\n  1048576\n  
\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  
eqx-cs-cmp-05.ipscape.com.au\n  
44454c4c-3000-104b-8043-b4c04f573232, uri_out=0x7f7d68002680, dname=0x7f7d68002570 "i-2-10-VM", 
dom_xml=0x7f7d680013d0 "\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  CentOS 6.5 
(64-bit)\n  1048576\n  
\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  
eqx-cs-cmp-05.ipscape.com.au\n  
44454c4c-3000-104b-8043-b4c04f573232, uri_in=, uri_out=0x7f7d68002680, flags=1, dname=0x7f7d68002570 
"i-2-10-VM", 
resource=1, 
dom_xml=0x7f7d680013d0 "\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  CentOS 6.5 
(64-bit)\n  1048576\n  
\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  
eqx-cs-cmp-05.ipscape.com.au\n  
44454c4c-3000-104b-8043-b4c04f573232\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  CentOS 6.5 
(64-bit)\n  1048576\n  
, client=, msg=, 
rerr=0x7f7d82f05b80, args=0x7f7d680027b0, 
ret=0x7f7d68002790) at remote.c:3590
#12 remoteDispatchDomainMigratePrepare3Helper (server=, 
client=, msg=, rerr=0x7f7d82f05b80, 
args=0x7f7d680027b0, ret=0x7f7d68002790)
at remote_dispatch.h:3695
#13 0x7f7d92e50132 in virNetServerProgramDispatchCall (prog=0x16b7700, 
server=0x16aea20, client=0x16b7010, msg=0x16b07f0) at 
rpc/virnetserverprogram.c:431
#14 virNetServerProgramDispatch (prog=0x16b7700, server=0x16ae

Re: Cloud-init ssh keys

2014-12-09 Thread Carlos Reategui 
Not sure what version of cloud-init comes with 6.5 but there was a bug in the 
one on 5.x where it was getting metadata from the gateway instead of the vr on 
Cloudstack. 

> On Dec 9, 2014, at 8:36 PM, Abhinandan Prateek 
>  wrote:
> 
> https://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Installation_Guide/using-sshkeys.html
> 
> 
>> On 10-Dec-2014, at 10:02 am, Matthew Midgett 
>>  wrote:
>> 
>> I just enabled cloud-init on my first centos 6.5 template and I can see that
>> the hostname changed and the ssh password is disabled. How do I get my ssh
>> keys? I've generated my key in the UI but I don't see any way to import that
>> key into an instance.
>> 
>> 
>> 
>> Thanks
>> 
>> 
>> 
>> Matthew Midgett
>> 
> 
> Find out more about ShapeBlue and our range of CloudStack related services
> 
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software 
> Engineering
> CloudStack Infrastructure 
> Support
> CloudStack Bootcamp Training 
> Courses
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
> registered by The Republic of South Africa and is traded under license from 
> Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: ok, so I followed the instructions (noob question)

2014-12-09 Thread Andrew Kirch 

Jayapal,

Thanks, this got me going in the right direction!

Andrew


On 12/9/2014 11:27 PM, Jayapal Reddy Uradi wrote:

Hi Andrew,

 From your email I understand that you are using basic zone.
If you want to access the vm you need to configure the ingress rules in 
security groups.


Thanks,
Jayapal

On 10-Dec-2014, at 9:49 AM, Abhinandan Prateek 
 wrote:


There are iptables and ebtables running on the host providing isolation for 
basic zone networking.
It will be better to allow traffic for required services using cloudstack 
instead of manually disabling iptables on guest.
More on security groups here 
https://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Installation_Guide/security-groups.html


Abhinandan Prateek

M +919701199011
abhinandan.prat...@shapeblue.com





On 10-Dec-2014, at 9:31 am, Andrew Kirch  wrote:

I've got cloudstack running, I've imported my instance, I have the console 
running but I can't connect to the instance.  I'm configured as a flat layer2 
network, and the firewall on the instance is disabled for testing.  does 
cloudstack have a firewall somewhere?
the entire thing is set up on 192.168.100.0/24 with 30-99 reserved for 
cloudstack, and 100+ reserved to DHCP.  I can console to the host (thanks for 
the help earlier on that) and can ping, and can ping machines on the local lan, 
but they cannot connect.

Andrew

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended solely 
for the use of the individual to whom it is addressed. Any views or opinions 
expressed are solely those of the author and do not necessarily represent those of 
Shape Blue Ltd or related companies. If you are not the intended recipient of this 
email, you must neither take any action based upon its contents, nor copy or show 
it to anyone. Please contact the sender if you believe you have received this email 
in error. Shape Blue Ltd is a company incorporated in England & Wales. 
ShapeBlue Services India LLP is a company incorporated in India and is operated 
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company 
incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue 
SA Pty Ltd is a company registered by The Republic of South Africa and is traded 
under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: [TESTING] CloudStack 4.3.2 testing

2014-12-09 Thread Abhinandan Prateek 
Following test worked fine on 4.3 adv zone setup with Xen 6.2:

Register template
VM creation
Multiple primary storages
Storage tagging
VM, Volume snapshots
Volume from snapshot
VPC

In dev setup the storage is configured as local storage by default, since I was 
using shared storage and was not aware of this, it took some time to figure it 
out.

Other than that 4.3 worked pretty well. Though if we have any type of 
automation configured on it, it will be nice to run regression tests and know 
publish the result.

My thought will be to get this release (4.3.2) out of the door instead of 
delaying it  past 4.5, 4.5 testing is going to take time as it may require more 
bug fixing-testing iterations than 4.3.2.
As of now 4.3.2 looks promising.

Abhinandan Prateek

M +919701199011
abhinandan.prat...@shapeblue.com

> On 10-Dec-2014, at 3:09 am, Mike Tutkowski  
> wrote:
>
> Yeah, I agree 4.3.2 mainly requires regression testing.
>
> What's not clear to me is how much coverage we currently have for that
> release and how much of it is automated.
>
> A lot of fixes went into it and that's awesome, but that does increase the
> probability that something here or there was broken.
>
> On Tuesday, December 9, 2014, Mike Tutkowski 
> wrote:
>
>> I see it listed on the website now. Thanks :)
>>
>> On Tuesday, December 9, 2014, Rohit Yadav > > wrote:
>>
>>> Hi Mike,
>>>
>>> 4.4.2 is already released.
>>>
 On 10-Dec-2014, at 1:36 am, Mike Tutkowski <
>>> mike.tutkow...@solidfire.com> wrote:

 I wonder perhaps if it will be difficult for us to test two RCs (4.5.0
>>> and
 4.3.2) at the same time.

 I expect the two VOTE threads will overlap and people might not have
>>> enough
 bandwidth to devote to testing both at approximately the same time.
>>>
>>> I understand your concern, in fact both these things including an
>>> upcoming cloudmonkey voting process, quality discussion initiatives,
>>> automation/testing efforts are all happening around the holiday season -
>>> but this simply shows that we’ve a great and diverse community, and it’s
>>> good to see so many initiatives.
>>>
>>> I think it’s certainly do-able and here’s how we grow our testing
>>> community;
>>>
>>> - include users@, users-cn@ getting more people to help testing
>>> release(s)
>>> - built and share a deb/rpm repository so testing upgrades and installs
>>> along with ACS is easier for everyone (everyone is welcome to build from
>>> source but I think Jenkins is still a better tool for building/packaging)
>>> - 4.3.2 mainly requires regression testing efforts since it’s a bugfix
>>> release and requires less bandwidth
>>> - 4.5.0 will require a lot of functional testing, (new) component testing
>>> and regression testing as it is a major release with new features, a lot of
>>> changes and a new systemvmtemplate
>>>
>>> I’ll also build and share deb/rpm repository for 4.5.0 as soon as the RC
>>> is out and as part of our release process we can do that so it’s easier for
>>> users and people in general to participate without building from source
>>> (I’m not suggesting to discourage building from source in any way).
>>>
>>> Regards,
>>> Rohit Yadav
>>> Software Architect, ShapeBlue
>>> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
>>> Blog: bhaisaab.org | Twitter: @_bhaisaab
>>>
>>> Find out more about ShapeBlue and our range of CloudStack related services
>>>
>>> IaaS Cloud Design & Build<
>>> http://shapeblue.com/iaas-cloud-design-and-build//>
>>> CSForge – rapid IaaS deployment framework
>>> CloudStack Consulting
>>> CloudStack Software Engineering<
>>> http://shapeblue.com/cloudstack-software-engineering/>
>>> CloudStack Infrastructure Support<
>>> http://shapeblue.com/cloudstack-infrastructure-support/>
>>> CloudStack Bootcamp Training Courses<
>>> http://shapeblue.com/cloudstack-training/>
>>>
>>> This email and any attachments to it may be confidential and are intended
>>> solely for the use of the individual to whom it is addressed. Any views or
>>> opinions expressed are solely those of the author and do not necessarily
>>> represent those of Shape Blue Ltd or related companies. If you are not the
>>> intended recipient of this email, you must neither take any action based
>>> upon its contents, nor copy or show it to anyone. Please contact the sender
>>> if you believe you have received this email in error. Shape Blue Ltd is a
>>> company incorporated in England & Wales. ShapeBlue Services India LLP is a
>>> company incorporated in India and is operated under license from Shape Blue
>>> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
>>> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
>>> a company registered by The Republic of South Africa and is traded under
>>> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>>>
>>
>>
>> --
>> *Mike Tutkowski*
>> *Senior CloudStac

Re: ACS 4.4.1 XenServer 6.2 - VMs lost connection in "Isolated" network

2014-12-09 Thread Jayapal Reddy Uradi 
HI Motty,

First make sure there are no issue in the VM like ip addr, route, firewall etc.

Second When you send traffic from the VM, capture the it in each place to 
figure where exactly the traffic is blocking.
Is it reached to hypervisor, router etc ? This way you can find who is culprit.

Thanks,
Jayapal


On 10-Dec-2014, at 3:10 AM, Somesh Naidu  wrote:

> Check routes on the guests that are having trouble. You should verify if the 
> public traffic from these guests is reaching the router.
> 
> -Original Message-
> From: Motty Cruz [mailto:motty.c...@gmail.com] 
> Sent: Tuesday, 9 December 2014 11:46 AM
> To: users@cloudstack.apache.org
> Subject: ACS 4.4.1 XenServer 6.2 - VMs lost connection in "Isolated" network
> 
> Hi All,
> 
> I have total of about 5 VMs on "Isolated" network, but they lost connection 
> to outside world. I am able to ping the VR but can't ping to outside world. 
> If I log in to VR, am able to ping anywhere outside or inside network.
> 
> out of the 5 VMs, 3 machines never loose connection, the two VMs that do 
> loose connection are windows machines. To get the connection again, I have to 
> restart VR. Any ideas?
> 
> I want to mentioned that, I have three other "Isolated" networks in the same 
> zone. I do not have problems with other "Isolated" networks.
> 
> I do need help!
> 
> Thanks,
> Motty
>

Re: Cloud-init ssh keys

2014-12-09 Thread Abhinandan Prateek 
https://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Installation_Guide/using-sshkeys.html


> On 10-Dec-2014, at 10:02 am, Matthew Midgett 
>  wrote:
>
> I just enabled cloud-init on my first centos 6.5 template and I can see that
> the hostname changed and the ssh password is disabled. How do I get my ssh
> keys? I've generated my key in the UI but I don't see any way to import that
> key into an instance.
>
>
>
> Thanks
>
>
>
> Matthew Midgett
>

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Cloud-init ssh keys

2014-12-09 Thread Matthew Midgett 
I just enabled cloud-init on my first centos 6.5 template and I can see that
the hostname changed and the ssh password is disabled. How do I get my ssh
keys? I've generated my key in the UI but I don't see any way to import that
key into an instance.

 

Thanks

 

Matthew Midgett

Re: ok, so I followed the instructions (noob question)

2014-12-09 Thread Jayapal Reddy Uradi 
Hi Andrew,

>From your email I understand that you are using basic zone.
If you want to access the vm you need to configure the ingress rules in 
security groups.


Thanks,
Jayapal

On 10-Dec-2014, at 9:49 AM, Abhinandan Prateek 
 wrote:

> There are iptables and ebtables running on the host providing isolation for 
> basic zone networking.
> It will be better to allow traffic for required services using cloudstack 
> instead of manually disabling iptables on guest.
> More on security groups here 
> https://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Installation_Guide/security-groups.html
> 
> 
> Abhinandan Prateek
> 
> M +919701199011
> abhinandan.prat...@shapeblue.com
> 
> 
> 
> 
>> On 10-Dec-2014, at 9:31 am, Andrew Kirch  wrote:
>> 
>> I've got cloudstack running, I've imported my instance, I have the console 
>> running but I can't connect to the instance.  I'm configured as a flat 
>> layer2 network, and the firewall on the instance is disabled for testing.  
>> does cloudstack have a firewall somewhere?
>> the entire thing is set up on 192.168.100.0/24 with 30-99 reserved for 
>> cloudstack, and 100+ reserved to DHCP.  I can console to the host (thanks 
>> for the help earlier on that) and can ping, and can ping machines on the 
>> local lan, but they cannot connect.
>> 
>> Andrew
> 
> Find out more about ShapeBlue and our range of CloudStack related services
> 
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software 
> Engineering
> CloudStack Infrastructure 
> Support
> CloudStack Bootcamp Training 
> Courses
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
> registered by The Republic of South Africa and is traded under license from 
> Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: ok, so I followed the instructions (noob question)

2014-12-09 Thread Abhinandan Prateek 
There are iptables and ebtables running on the host providing isolation for 
basic zone networking.
It will be better to allow traffic for required services using cloudstack 
instead of manually disabling iptables on guest.
More on security groups here 
https://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.2/html/Installation_Guide/security-groups.html


Abhinandan Prateek

M +919701199011
abhinandan.prat...@shapeblue.com




> On 10-Dec-2014, at 9:31 am, Andrew Kirch  wrote:
>
> I've got cloudstack running, I've imported my instance, I have the console 
> running but I can't connect to the instance.  I'm configured as a flat layer2 
> network, and the firewall on the instance is disabled for testing.  does 
> cloudstack have a firewall somewhere?
> the entire thing is set up on 192.168.100.0/24 with 30-99 reserved for 
> cloudstack, and 100+ reserved to DHCP.  I can console to the host (thanks for 
> the help earlier on that) and can ping, and can ping machines on the local 
> lan, but they cannot connect.
>
> Andrew

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

ok, so I followed the instructions (noob question)

2014-12-09 Thread Andrew Kirch 
I've got cloudstack running, I've imported my instance, I have the 
console running but I can't connect to the instance.  I'm configured as 
a flat layer2 network, and the firewall on the instance is disabled for 
testing.  does cloudstack have a firewall somewhere?
the entire thing is set up on 192.168.100.0/24 with 30-99 reserved for 
cloudstack, and 100+ reserved to DHCP.  I can console to the host 
(thanks for the help earlier on that) and can ping, and can ping 
machines on the local lan, but they cannot connect.


Andrew

hi, join you

2014-12-09 Thread richard.panf 
hi,


I want to join you.



thank you.

2014.12.10

libvritd segfault when migrating with CentOS 6.6 and CS 4.4.1

2014-12-09 Thread Lee Webb 
Hi List,

I've encountered an unusual problem of libvirtd segfaulting when a live 
migration is initiated from the CS management server.

I have 5 identical (using SaltStack) Dell PE M420 blades running CentOS 6.6 
with Intel Xeon E5-2470 v2 CPU's which all do the same thing.

The back trace from the core indicates that something is dying within libc.so.6

I've played with the cpu passthrough settings on the agent but this doesn't 
seem to influence whether it crashes or not & normal operation of the VM's 
(start, stop, usage etc.) all appears ok.

I'm considering trying out CentOS 7 to see whether it happens there but haven't 
done that yet

Here is the GDB backtrace

Program terminated with signal 11, Segmentation fault.
#0  0x7f7d8f7fe43a in __strcmp_sse42 () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install 
libvirt-0.10.2-46.el6_6.2.x86_64
(gdb) backtrace
#0  0x7f7d8f7fe43a in __strcmp_sse42 () from /lib64/libc.so.6
#1  0x7f7d92dd6411 in ?? () from /usr/lib64/libvirt.so.0
#2  0x7f7d92dd87e8 in ?? () from /usr/lib64/libvirt.so.0
#3  0x004aac4e in ?? ()
#4  0x0048a2cc in ?? ()
#5  0x00491110 in ?? ()
#6  0x00491ab7 in ?? ()
#7  0x004550b4 in ?? ()
#8  0x7f7d92def13f in virDomainMigratePrepare3 () from 
/usr/lib64/libvirt.so.0
#9  0x0042eddf in ?? ()
#10 0x7f7d92e50132 in virNetServerProgramDispatch () from 
/usr/lib64/libvirt.so.0
#11 0x7f7d92e4d70e in ?? () from /usr/lib64/libvirt.so.0
#12 0x7f7d92e4ddac in ?? () from /usr/lib64/libvirt.so.0
#13 0x7f7d92d6bb3c in ?? () from /usr/lib64/libvirt.so.0
#14 0x7f7d92d6b429 in ?? () from /usr/lib64/libvirt.so.0
#15 0x7f7d8fe789d1 in start_thread () from /lib64/libpthread.so.0
#16 0x7f7d8f7be9dd in clone () from /lib64/libc.so.6
 
and more specifically

#0  __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp.S:260
#1  0x7f7d92dd6411 in x86ModelFind (cpu=0x7f7d68003440, map=0x7f7d680021e0, 
policy=1) at cpu/cpu_x86.c:831
#2  x86ModelFromCPU (cpu=0x7f7d68003440, map=0x7f7d680021e0, policy=1) at 
cpu/cpu_x86.c:850
#3  0x7f7d92dd87e8 in x86Compute (host=, 
cpu=0x7f7d68003440, guest=0x7f7d82f04df0, message=0x7f7d82f04de0) at 
cpu/cpu_x86.c:1243
#4  0x004aac4e in qemuBuildCpuArgStr (conn=0x7f7d5920, 
driver=0x7f7d78013b20, def=0x7f7d68002830, monitor_chr=0x7f7d680026f0, 
monitor_json=true, caps=0x7f7d68002c50, 
migrateFrom=0x7f7d680136d0 "tcp:[::]:49152", migrateFd=-1, snapshot=0x0, 
vmop=VIR_NETDEV_VPORT_PROFILE_OP_MIGRATE_IN_START) at qemu/qemu_command.c:4516
#5  qemuBuildCommandLine (conn=0x7f7d5920, driver=0x7f7d78013b20, 
def=0x7f7d68002830, monitor_chr=0x7f7d680026f0, monitor_json=true, 
caps=0x7f7d68002c50, migrateFrom=0x7f7d680136d0 "tcp:[::]:49152", 
migrateFd=-1, snapshot=0x0, 
vmop=VIR_NETDEV_VPORT_PROFILE_OP_MIGRATE_IN_START) at qemu/qemu_command.c:5320
#6  0x0048a2cc in qemuProcessStart (conn=0x7f7d5920, 
driver=0x7f7d78013b20, vm=0x7f7d68006e10, migrateFrom=0x7f7d680136d0 
"tcp:[::]:49152", stdin_fd=-1, stdin_path=0x0, snapshot=0x0, 
vmop=VIR_NETDEV_VPORT_PROFILE_OP_MIGRATE_IN_START, flags=6) at 
qemu/qemu_process.c:4008
#7  0x00491110 in qemuMigrationPrepareAny (driver=0x7f7d78013b20, 
dconn=0x7f7d5920, cookiein=, cookieinlen=255, 
cookieout=0x7f7d82f05ae0, cookieoutlen=0x7f7d82f05aec, 
dname=0x7f7d68002570 "i-2-10-VM", 
dom_xml=0x7f7d680013d0 "\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  CentOS 6.5 
(64-bit)\n  1048576\n  
\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  
eqx-cs-cmp-05.ipscape.com.au\n  
44454c4c-3000-104b-8043-b4c04f573232, uri_out=0x7f7d68002680, dname=0x7f7d68002570 "i-2-10-VM", 
dom_xml=0x7f7d680013d0 "\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  CentOS 6.5 
(64-bit)\n  1048576\n  
\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  
eqx-cs-cmp-05.ipscape.com.au\n  
44454c4c-3000-104b-8043-b4c04f573232, uri_in=, uri_out=0x7f7d68002680, flags=1, dname=0x7f7d68002570 
"i-2-10-VM", 
resource=1, 
dom_xml=0x7f7d680013d0 "\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  CentOS 6.5 
(64-bit)\n  1048576\n  
\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  
eqx-cs-cmp-05.ipscape.com.au\n  
44454c4c-3000-104b-8043-b4c04f573232\n  i-2-10-VM\n  
95c5aa11-f7ad-4322-b377-d153774e330f\n  CentOS 6.5 
(64-bit)\n  1048576\n  
, client=, msg=, 
rerr=0x7f7d82f05b80, args=0x7f7d680027b0, 
ret=0x7f7d68002790) at remote.c:3590
#12 remoteDispatchDomainMigratePrepare3Helper (server=, 
client=, msg=, rerr=0x7f7d82f05b80, 
args=0x7f7d680027b0, ret=0x7f7d68002790)
at remote_dispatch.h:3695
#13 0x7f7d92e50132 in virNetServerProgramDispatchCall (prog=0x16b7700, 
server=0x16aea20, client=0x16b7010, msg=0x16b07f0) at 
rpc/virnetserverprogram.c:431
#14 virNetServerProgramDispatch (prog=0x16b7700, server=0x16aea20, 
client=0x16b7010, msg=0x16b07f0) at rpc/virnetserverprogram.c:304
#15 0x000

Re: [CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds

2014-12-09 Thread esanders83 
Ha! Sorry.. I got your last name confused with UK side and Geoff/Giles
filled in that hole../me smack..ha

On 12/9/2014 at 5:03 PM, "Daan Hoogland"  wrote:I am not working for
ShapeBlue, Eric nor for Citrix, but they both
help out a lot, yes.

On Tue, Dec 9, 2014 at 11:56 PM,   wrote:
> Daan,
> Thank you for your insight on this matter.
> I have seen on occasion that Citrix comes in and helps out.  You
guys
> (shapeblue) have definitely been contributing to this forum a whole
> lot and for that I appreciate it.
> thank you againeric
>
> On 12/9/2014 at 4:49 PM, "Daan Hoogland"  wrote:Eric, the bug was
> fixed by A Citrix employee from India and it was
> reported by Citrix in California. All ShapeBlue has done was include
> it in its packaging after it was contributed t the Apche CloudStack
> repository. So I would say Citrix' contribution to this is
> instrumental and fundamental.
> kind regards,
> Daan (working for neither ShapeBlue or Citrix, yet grateful to both)
>
> On Tue, Dec 9, 2014 at 5:26 PM,   wrote:
>> Good evening,
>> Just asking about the group.
>> If it wasn't for shapeblue; what other user/body in the cloudstack
>> community would resolve this quickly?  How much is Citrix even
> helping
>> out anymore?
>> thank youEric
>>
>> On 12/9/2014 at 3:40 AM, "Rohit Yadav"  wrote:ShapeBlue has created
> a
>> patch that fixes this issue for Apache CloudStack 4.3.1 users, it
>> available from their “main” deb/rpm repository. ShapeBlue has
> also
>> published Apache CloudStack 4.4.2 debs/rpms on their main and
> upstream
>> repositories.
>>
>> Repository: http://shapeblue.com/packages
>> Release notes:
>>
>
https://github.com/shapeblue/cloudstack/wiki/Apache-CloudStack-4.3.1-ShapeBlue-Patch02
>> Source tag 4.3.1-shapeblue-02:
>>
>
https://github.com/shapeblue/cloudstack/releases/tag/shapeblue-4.3.1-02
>>
>> Regards.
>>
>>> On 09-Dec-2014, at 1:41 am, John Kinsella  wrote:
>>>
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA512
>>>
>>> CVE-2014-7807: Apache CloudStack unauthenticated LDAP binds
>>>
>>> CVSS:
>>> 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
>>>
>>> Vendors:
>>> The Apache Software Foundation
>>> Citrix, Inc.
>>>
>>> Versions Afffected:
>>> Apache CloudStack 4.3, 4.4
>>>
>>> Description:
>>> Apache CloudStack may be configured to authenticate LDAP users.
>>> When so configured, it performs a simple LDAP bind with the name
>>> and password provided by a user.  Simple LDAP binds are defined
>>> with three mechanisms (RFC 4513): 1) username and password; 2)
>>> unauthenticated if only a username is specified; and 3) anonymous
>>> if neither username or password is specified.  Currently, Apache
>>> CloudStack does not check if the password was provided which could
>>> allow an attacker to bind as an unauthenticated user.
>>>
>>> Mitigation:
>>> Users of Apache CloudStack 4.4 and derivatives should update to
the
>>> latest version (4.4.2)
>>>
>>> An updated release for Apache CloudStack 4.3.2 is in testing.
Until
>>> that is released, we recommend following the mitigation below:
>>>
>>> By default, many LDAP servers are not configured to allow
>> unauthenticated
>>> binds.  If the LDAP server in use allow this behaviour, a
potential
>>> interim solution would be to consider disabling unauthenticated
>>> binds.
>>>
>>> Credit:
>>> This issue was identified by the Citrix Security Team.
>>> -BEGIN PGP SIGNATURE-
>>> Version: GnuPG v1
>>> Comment: GPGTools - http://gpgtools.org
>>>
>>> iQIcBAEBCgAGBQJUhgUCAAoJEOom9N0pCN7SOQMQAKyBuhg25u3FcVOU5XMdGGpT
>>> 2kSVFoLFR74ObI8bdr3HP+2LdLf/Go9QBBrWlZ034FUj6OV0Ct5o8TNB6AHbv0qF
>>> Ar4N05JoGtPaDCe9sWV/+ykOJH8snQjnYwVFrLZlLw8Y/JUQ+I1yJBksw8a2/hT2
>>> vmYgYiAQyrEMMk4bhBBlEyaJFMhuMtKtgUqLDW8wmlhkt2acZMt/0BKxDwAO8o7m
>>> 6ypepPCmkPHUpD50tfcCI+K4ib/C5EOn40n4orM97/JHZLsCyhz5nk36eQMOQQz2
>>> fJlaA04fQSV4Cv7c+S0LPh5e4e6TPSrOW3O4/V2dkjK/GgP8kUoo7ivyjIw6d2oJ
>>> Z5vqqgxrmgwDjH58YfVu3tyVuDlOFTZfCLkhdoXMxHfMLYYKeXkffRli9XabxrE+
>>> AkVoXaQAumf8IzTLVSQztV18jC79kvEeCV0pFYOjb/X/gShemruqmCWVDulj1ax6
>>> tzoP+Bm2mQRyrRClY37R+q3cQ2z6eNAC/vAoYzhYBN1o63MYneLYDADhyE6YIGz0
>>> LTbDDGFn0WVdFDrqworHdYDIMW7HQFMNtsQuueeP7LBldsgyTmjmBMp+S3Tq27UT
>>> RaVgp3n9ZUPdzj/i1vvJBrATKUNmv1GDoy+C1GPNx423nEOe7dFkMJARlcbf5Pml
>>> 03DX+ot4Xan0P5HXPT+r
>>> =QqOf
>>> -END PGP SIGNATURE-
>>
>> Regards,
>> Rohit Yadav
>> Software Architect, ShapeBlue
>> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
>> Blog: bhaisaab.org | Twitter: @_bhaisaab
>> Find out more about ShapeBlue and our range of CloudStack related
>> services
>>
>> IaaS Cloud Design & Build
>> CSForge – rapid IaaS deployment framework
>> CloudStack Consulting
>> CloudStack Software Engineering
>> CloudStack Infrastructure Support
>> CloudStack Bootcamp Training Courses
>>
>> This email and any attachments to it may be confidential and are
>> intended solely for the use of the individual to whom it is
> addressed.
>> Any views or opinions expressed are solely those of the author and
> do
>> not necessarily represent those of Shape Blu

Re: [CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds

2014-12-09 Thread Daan Hoogland 
I am not working for ShapeBlue, Eric nor for Citrix, but they both
help out a lot, yes.

On Tue, Dec 9, 2014 at 11:56 PM,   wrote:
> Daan,
> Thank you for your insight on this matter.
> I have seen on occasion that Citrix comes in and helps out.  You guys
> (shapeblue) have definitely been contributing to this forum a whole
> lot and for that I appreciate it.
> thank you againeric
>
> On 12/9/2014 at 4:49 PM, "Daan Hoogland"  wrote:Eric, the bug was
> fixed by A Citrix employee from India and it was
> reported by Citrix in California. All ShapeBlue has done was include
> it in its packaging after it was contributed t the Apche CloudStack
> repository. So I would say Citrix' contribution to this is
> instrumental and fundamental.
> kind regards,
> Daan (working for neither ShapeBlue or Citrix, yet grateful to both)
>
> On Tue, Dec 9, 2014 at 5:26 PM,   wrote:
>> Good evening,
>> Just asking about the group.
>> If it wasn't for shapeblue; what other user/body in the cloudstack
>> community would resolve this quickly?  How much is Citrix even
> helping
>> out anymore?
>> thank youEric
>>
>> On 12/9/2014 at 3:40 AM, "Rohit Yadav"  wrote:ShapeBlue has created
> a
>> patch that fixes this issue for Apache CloudStack 4.3.1 users, it
>> available from their “main” deb/rpm repository. ShapeBlue has
> also
>> published Apache CloudStack 4.4.2 debs/rpms on their main and
> upstream
>> repositories.
>>
>> Repository: http://shapeblue.com/packages
>> Release notes:
>>
> https://github.com/shapeblue/cloudstack/wiki/Apache-CloudStack-4.3.1-ShapeBlue-Patch02
>> Source tag 4.3.1-shapeblue-02:
>>
> https://github.com/shapeblue/cloudstack/releases/tag/shapeblue-4.3.1-02
>>
>> Regards.
>>
>>> On 09-Dec-2014, at 1:41 am, John Kinsella  wrote:
>>>
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA512
>>>
>>> CVE-2014-7807: Apache CloudStack unauthenticated LDAP binds
>>>
>>> CVSS:
>>> 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
>>>
>>> Vendors:
>>> The Apache Software Foundation
>>> Citrix, Inc.
>>>
>>> Versions Afffected:
>>> Apache CloudStack 4.3, 4.4
>>>
>>> Description:
>>> Apache CloudStack may be configured to authenticate LDAP users.
>>> When so configured, it performs a simple LDAP bind with the name
>>> and password provided by a user.  Simple LDAP binds are defined
>>> with three mechanisms (RFC 4513): 1) username and password; 2)
>>> unauthenticated if only a username is specified; and 3) anonymous
>>> if neither username or password is specified.  Currently, Apache
>>> CloudStack does not check if the password was provided which could
>>> allow an attacker to bind as an unauthenticated user.
>>>
>>> Mitigation:
>>> Users of Apache CloudStack 4.4 and derivatives should update to the
>>> latest version (4.4.2)
>>>
>>> An updated release for Apache CloudStack 4.3.2 is in testing. Until
>>> that is released, we recommend following the mitigation below:
>>>
>>> By default, many LDAP servers are not configured to allow
>> unauthenticated
>>> binds.  If the LDAP server in use allow this behaviour, a potential
>>> interim solution would be to consider disabling unauthenticated
>>> binds.
>>>
>>> Credit:
>>> This issue was identified by the Citrix Security Team.
>>> -BEGIN PGP SIGNATURE-
>>> Version: GnuPG v1
>>> Comment: GPGTools - http://gpgtools.org
>>>
>>> iQIcBAEBCgAGBQJUhgUCAAoJEOom9N0pCN7SOQMQAKyBuhg25u3FcVOU5XMdGGpT
>>> 2kSVFoLFR74ObI8bdr3HP+2LdLf/Go9QBBrWlZ034FUj6OV0Ct5o8TNB6AHbv0qF
>>> Ar4N05JoGtPaDCe9sWV/+ykOJH8snQjnYwVFrLZlLw8Y/JUQ+I1yJBksw8a2/hT2
>>> vmYgYiAQyrEMMk4bhBBlEyaJFMhuMtKtgUqLDW8wmlhkt2acZMt/0BKxDwAO8o7m
>>> 6ypepPCmkPHUpD50tfcCI+K4ib/C5EOn40n4orM97/JHZLsCyhz5nk36eQMOQQz2
>>> fJlaA04fQSV4Cv7c+S0LPh5e4e6TPSrOW3O4/V2dkjK/GgP8kUoo7ivyjIw6d2oJ
>>> Z5vqqgxrmgwDjH58YfVu3tyVuDlOFTZfCLkhdoXMxHfMLYYKeXkffRli9XabxrE+
>>> AkVoXaQAumf8IzTLVSQztV18jC79kvEeCV0pFYOjb/X/gShemruqmCWVDulj1ax6
>>> tzoP+Bm2mQRyrRClY37R+q3cQ2z6eNAC/vAoYzhYBN1o63MYneLYDADhyE6YIGz0
>>> LTbDDGFn0WVdFDrqworHdYDIMW7HQFMNtsQuueeP7LBldsgyTmjmBMp+S3Tq27UT
>>> RaVgp3n9ZUPdzj/i1vvJBrATKUNmv1GDoy+C1GPNx423nEOe7dFkMJARlcbf5Pml
>>> 03DX+ot4Xan0P5HXPT+r
>>> =QqOf
>>> -END PGP SIGNATURE-
>>
>> Regards,
>> Rohit Yadav
>> Software Architect, ShapeBlue
>> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
>> Blog: bhaisaab.org | Twitter: @_bhaisaab
>> Find out more about ShapeBlue and our range of CloudStack related
>> services
>>
>> IaaS Cloud Design & Build
>> CSForge – rapid IaaS deployment framework
>> CloudStack Consulting
>> CloudStack Software Engineering
>> CloudStack Infrastructure Support
>> CloudStack Bootcamp Training Courses
>>
>> This email and any attachments to it may be confidential and are
>> intended solely for the use of the individual to whom it is
> addressed.
>> Any views or opinions expressed are solely those of the author and
> do
>> not necessarily represent those of Shape Blue Ltd or related
>> companies. If you are not the intended recipient of this email, you
>> must neither take any action based upon its contents, nor copy o

Re: [CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds

2014-12-09 Thread esanders83 
Daan,
Thank you for your insight on this matter.
I have seen on occasion that Citrix comes in and helps out.  You guys
(shapeblue) have definitely been contributing to this forum a whole
lot and for that I appreciate it.
thank you againeric

On 12/9/2014 at 4:49 PM, "Daan Hoogland"  wrote:Eric, the bug was
fixed by A Citrix employee from India and it was
reported by Citrix in California. All ShapeBlue has done was include
it in its packaging after it was contributed t the Apche CloudStack
repository. So I would say Citrix' contribution to this is
instrumental and fundamental.
kind regards,
Daan (working for neither ShapeBlue or Citrix, yet grateful to both)

On Tue, Dec 9, 2014 at 5:26 PM,   wrote:
> Good evening,
> Just asking about the group.
> If it wasn't for shapeblue; what other user/body in the cloudstack
> community would resolve this quickly?  How much is Citrix even
helping
> out anymore?
> thank youEric
>
> On 12/9/2014 at 3:40 AM, "Rohit Yadav"  wrote:ShapeBlue has created
a
> patch that fixes this issue for Apache CloudStack 4.3.1 users, it
> available from their “main” deb/rpm repository. ShapeBlue has
also
> published Apache CloudStack 4.4.2 debs/rpms on their main and
upstream
> repositories.
>
> Repository: http://shapeblue.com/packages
> Release notes:
>
https://github.com/shapeblue/cloudstack/wiki/Apache-CloudStack-4.3.1-ShapeBlue-Patch02
> Source tag 4.3.1-shapeblue-02:
>
https://github.com/shapeblue/cloudstack/releases/tag/shapeblue-4.3.1-02
>
> Regards.
>
>> On 09-Dec-2014, at 1:41 am, John Kinsella  wrote:
>>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA512
>>
>> CVE-2014-7807: Apache CloudStack unauthenticated LDAP binds
>>
>> CVSS:
>> 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
>>
>> Vendors:
>> The Apache Software Foundation
>> Citrix, Inc.
>>
>> Versions Afffected:
>> Apache CloudStack 4.3, 4.4
>>
>> Description:
>> Apache CloudStack may be configured to authenticate LDAP users.
>> When so configured, it performs a simple LDAP bind with the name
>> and password provided by a user.  Simple LDAP binds are defined
>> with three mechanisms (RFC 4513): 1) username and password; 2)
>> unauthenticated if only a username is specified; and 3) anonymous
>> if neither username or password is specified.  Currently, Apache
>> CloudStack does not check if the password was provided which could
>> allow an attacker to bind as an unauthenticated user.
>>
>> Mitigation:
>> Users of Apache CloudStack 4.4 and derivatives should update to the
>> latest version (4.4.2)
>>
>> An updated release for Apache CloudStack 4.3.2 is in testing. Until
>> that is released, we recommend following the mitigation below:
>>
>> By default, many LDAP servers are not configured to allow
> unauthenticated
>> binds.  If the LDAP server in use allow this behaviour, a potential
>> interim solution would be to consider disabling unauthenticated
>> binds.
>>
>> Credit:
>> This issue was identified by the Citrix Security Team.
>> -BEGIN PGP SIGNATURE-
>> Version: GnuPG v1
>> Comment: GPGTools - http://gpgtools.org
>>
>> iQIcBAEBCgAGBQJUhgUCAAoJEOom9N0pCN7SOQMQAKyBuhg25u3FcVOU5XMdGGpT
>> 2kSVFoLFR74ObI8bdr3HP+2LdLf/Go9QBBrWlZ034FUj6OV0Ct5o8TNB6AHbv0qF
>> Ar4N05JoGtPaDCe9sWV/+ykOJH8snQjnYwVFrLZlLw8Y/JUQ+I1yJBksw8a2/hT2
>> vmYgYiAQyrEMMk4bhBBlEyaJFMhuMtKtgUqLDW8wmlhkt2acZMt/0BKxDwAO8o7m
>> 6ypepPCmkPHUpD50tfcCI+K4ib/C5EOn40n4orM97/JHZLsCyhz5nk36eQMOQQz2
>> fJlaA04fQSV4Cv7c+S0LPh5e4e6TPSrOW3O4/V2dkjK/GgP8kUoo7ivyjIw6d2oJ
>> Z5vqqgxrmgwDjH58YfVu3tyVuDlOFTZfCLkhdoXMxHfMLYYKeXkffRli9XabxrE+
>> AkVoXaQAumf8IzTLVSQztV18jC79kvEeCV0pFYOjb/X/gShemruqmCWVDulj1ax6
>> tzoP+Bm2mQRyrRClY37R+q3cQ2z6eNAC/vAoYzhYBN1o63MYneLYDADhyE6YIGz0
>> LTbDDGFn0WVdFDrqworHdYDIMW7HQFMNtsQuueeP7LBldsgyTmjmBMp+S3Tq27UT
>> RaVgp3n9ZUPdzj/i1vvJBrATKUNmv1GDoy+C1GPNx423nEOe7dFkMJARlcbf5Pml
>> 03DX+ot4Xan0P5HXPT+r
>> =QqOf
>> -END PGP SIGNATURE-
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> Find out more about ShapeBlue and our range of CloudStack related
> services
>
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software Engineering
> CloudStack Infrastructure Support
> CloudStack Bootcamp Training Courses
>
> This email and any attachments to it may be confidential and are
> intended solely for the use of the individual to whom it is
addressed.
> Any views or opinions expressed are solely those of the author and
do
> not necessarily represent those of Shape Blue Ltd or related
> companies. If you are not the intended recipient of this email, you
> must neither take any action based upon its contents, nor copy or
show
> it to anyone. Please contact the sender if you believe you have
> received this email in error. Shape Blue Ltd is a company
incorporated
> in England & Wales. ShapeBlue Services India LLP is a company
> incorporated in India and is operated under license from Shape Blue
>

Re: [CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds

2014-12-09 Thread Daan Hoogland 
Eric, the bug was fixed by A Citrix employee from India and it was
reported by Citrix in California. All ShapeBlue has done was include
it in its packaging after it was contributed t the Apche CloudStack
repository. So I would say Citrix' contribution to this is
instrumental and fundamental.


kind regards,
Daan (working for neither ShapeBlue or Citrix, yet grateful to both)

On Tue, Dec 9, 2014 at 5:26 PM,   wrote:
> Good evening,
> Just asking about the group.
> If it wasn't for shapeblue; what other user/body in the cloudstack
> community would resolve this quickly?  How much is Citrix even helping
> out anymore?
> thank youEric
>
> On 12/9/2014 at 3:40 AM, "Rohit Yadav"  wrote:ShapeBlue has created a
> patch that fixes this issue for Apache CloudStack 4.3.1 users, it
> available from their “main” deb/rpm repository. ShapeBlue has also
> published Apache CloudStack 4.4.2 debs/rpms on their main and upstream
> repositories.
>
> Repository: http://shapeblue.com/packages
> Release notes:
> https://github.com/shapeblue/cloudstack/wiki/Apache-CloudStack-4.3.1-ShapeBlue-Patch02
> Source tag 4.3.1-shapeblue-02:
> https://github.com/shapeblue/cloudstack/releases/tag/shapeblue-4.3.1-02
>
> Regards.
>
>> On 09-Dec-2014, at 1:41 am, John Kinsella  wrote:
>>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA512
>>
>> CVE-2014-7807: Apache CloudStack unauthenticated LDAP binds
>>
>> CVSS:
>> 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
>>
>> Vendors:
>> The Apache Software Foundation
>> Citrix, Inc.
>>
>> Versions Afffected:
>> Apache CloudStack 4.3, 4.4
>>
>> Description:
>> Apache CloudStack may be configured to authenticate LDAP users.
>> When so configured, it performs a simple LDAP bind with the name
>> and password provided by a user.  Simple LDAP binds are defined
>> with three mechanisms (RFC 4513): 1) username and password; 2)
>> unauthenticated if only a username is specified; and 3) anonymous
>> if neither username or password is specified.  Currently, Apache
>> CloudStack does not check if the password was provided which could
>> allow an attacker to bind as an unauthenticated user.
>>
>> Mitigation:
>> Users of Apache CloudStack 4.4 and derivatives should update to the
>> latest version (4.4.2)
>>
>> An updated release for Apache CloudStack 4.3.2 is in testing. Until
>> that is released, we recommend following the mitigation below:
>>
>> By default, many LDAP servers are not configured to allow
> unauthenticated
>> binds.  If the LDAP server in use allow this behaviour, a potential
>> interim solution would be to consider disabling unauthenticated
>> binds.
>>
>> Credit:
>> This issue was identified by the Citrix Security Team.
>> -BEGIN PGP SIGNATURE-
>> Version: GnuPG v1
>> Comment: GPGTools - http://gpgtools.org
>>
>> iQIcBAEBCgAGBQJUhgUCAAoJEOom9N0pCN7SOQMQAKyBuhg25u3FcVOU5XMdGGpT
>> 2kSVFoLFR74ObI8bdr3HP+2LdLf/Go9QBBrWlZ034FUj6OV0Ct5o8TNB6AHbv0qF
>> Ar4N05JoGtPaDCe9sWV/+ykOJH8snQjnYwVFrLZlLw8Y/JUQ+I1yJBksw8a2/hT2
>> vmYgYiAQyrEMMk4bhBBlEyaJFMhuMtKtgUqLDW8wmlhkt2acZMt/0BKxDwAO8o7m
>> 6ypepPCmkPHUpD50tfcCI+K4ib/C5EOn40n4orM97/JHZLsCyhz5nk36eQMOQQz2
>> fJlaA04fQSV4Cv7c+S0LPh5e4e6TPSrOW3O4/V2dkjK/GgP8kUoo7ivyjIw6d2oJ
>> Z5vqqgxrmgwDjH58YfVu3tyVuDlOFTZfCLkhdoXMxHfMLYYKeXkffRli9XabxrE+
>> AkVoXaQAumf8IzTLVSQztV18jC79kvEeCV0pFYOjb/X/gShemruqmCWVDulj1ax6
>> tzoP+Bm2mQRyrRClY37R+q3cQ2z6eNAC/vAoYzhYBN1o63MYneLYDADhyE6YIGz0
>> LTbDDGFn0WVdFDrqworHdYDIMW7HQFMNtsQuueeP7LBldsgyTmjmBMp+S3Tq27UT
>> RaVgp3n9ZUPdzj/i1vvJBrATKUNmv1GDoy+C1GPNx423nEOe7dFkMJARlcbf5Pml
>> 03DX+ot4Xan0P5HXPT+r
>> =QqOf
>> -END PGP SIGNATURE-
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> Find out more about ShapeBlue and our range of CloudStack related
> services
>
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software Engineering
> CloudStack Infrastructure Support
> CloudStack Bootcamp Training Courses
>
> This email and any attachments to it may be confidential and are
> intended solely for the use of the individual to whom it is addressed.
> Any views or opinions expressed are solely those of the author and do
> not necessarily represent those of Shape Blue Ltd or related
> companies. If you are not the intended recipient of this email, you
> must neither take any action based upon its contents, nor copy or show
> it to anyone. Please contact the sender if you believe you have
> received this email in error. Shape Blue Ltd is a company incorporated
> in England & Wales. ShapeBlue Services India LLP is a company
> incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in
> Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA
> Pty Ltd is a company registered by The Republic of South Africa and is
> traded under license from Shape Blue Ltd. ShapeBlue is a registered
> t

Re: can't import VHD

2014-12-09 Thread Andrew Kirch 

Somesh,

Thank you so much, I'd never have found this!

Andrew

On 12/9/2014 4:37 PM, Somesh Naidu wrote:

Could you check what global configuration parameter 
"secstorage.allowed.internal.sites" is set to?

-Original Message-
From: Andrew Kirch [mailto:trel...@trelane.net]
Sent: Tuesday, 9 December 2014 4:30 PM
To: users@cloudstack.apache.org
Subject: can't import VHD

I'm attempting to import a VHD to a template.  I've set up a webserver on the 
local Cloudstack box, but am getting connection refused.  Apache is claiming 
it's sending a 200 and the file.
i
   CloudStack is saying:
Home

   * Templates
   * Zenoss425


Zones:

Zone name Connection refused no +

apache is saying:
192.168.100.20 - - [09/Dec/2014:16:04:26 -0500] "GET /Zenoss425.vhd HTTP/1.1" 200 6301425664 
"-" "Java/1.7.0_71"


Obviously this is something simple, but what am I missing?

Andrew

CloudStack 4.4.1 Upgrade - View Console Not Working (Any Ideas)?

2014-12-09 Thread Casey Cantwell 
Hello,

We upgraded Cloud Stack from 4.2 to 4.4.1 to address the Depreciation of
realhostip.com.  The installation was successful, and everything went
smoothly.  Unfortunately, the view console link is still not working.
We disabled SSL completely by setting secstorage.encrypt.copy to "false",
and changing consoleproxy.url.domain to empty.  It's a non production
system, and SSL isn't required.

This is the URL that is being called from CloudStack now:  (Before I got
the Apache page, telling me realhostip was deprecated and what to do)
http://9.72.78.1:8080/client/console?cmd=access&vm=ade1e441-5460-4a33-bc73-595baf19149d

This is what is returned in the management console log.  Does anyone have
any ideas what else needs to be configured, or changed?  I've been reading
everything I can on "Ignoring paremeter displayvm as the caller is not
authorized to pass it in", to try and resolve it.  Any ideas, hints, or
comments is greatly appreciated.

Thank you in advance for reviewing.

Casey Cantwell


2014-12-09 11:20:42,001 DEBUG [c.c.a.ApiServlet]
(catalina-exec-8:ctx-bc45be80) ===START===  9.72.44.101 -- GET
command=listVirtualMachines&id=ade1e441-5460-4a33-bc73-595baf19149d&response=json&sessionkey=Sph11NRl%2B9FD9ToP4nk5h8E%2FXGk%3D&_=1418152841990
2014-12-09 11:20:42,005 DEBUG [o.a.c.a.BaseCmd]
(catalina-exec-8:ctx-bc45be80 ctx-9ea2576d) Ignoring paremeter displayvm as
the caller is not authorized to pass it in
2014-12-09 11:20:42,009 DEBUG [o.a.c.a.BaseCmd]
(catalina-exec-8:ctx-bc45be80 ctx-9ea2576d) Ignoring paremeter displayvm as
the caller is not authorized to pass it in
2014-12-09 11:20:42,030 DEBUG [c.c.a.ApiServlet]
(catalina-exec-8:ctx-bc45be80 ctx-9ea2576d) ===END===  9.72.44.101 -- GET
command=listVirtualMachines&id=ade1e441-5460-4a33-bc73-595baf19149d&response=json&sessionkey=Sph11NRl%2B9FD9ToP4nk5h8E%2FXGk%3D&_=1418152841990
2014-12-09 11:20:42,


2014-12-05 11:31:16,489 DEBUG [c.c.a.ApiServlet]
(catalina-exec-20:ctx-f6deaa79) ===START===  9.72.44.101 -- GET
command=listVirtualMachines&id=ade1e441-5460-4a33-bc73-595baf19149d&response=json&sessionkey=J%2BzoAkWX%2B1TLv%2BjfbMYg0QAOLoA%3D&_=1417807876551
2014-12-05 11:31:16,493 DEBUG [o.a.c.a.BaseCmd]
(catalina-exec-20:ctx-f6deaa79 ctx-594e7854) Ignoring paremeter displayvm
as the caller is not authorized to pass it in
2014-12-05 11:31:16,496 DEBUG [o.a.c.a.BaseCmd]
(catalina-exec-20:ctx-f6deaa79 ctx-594e7854) Ignoring paremeter displayvm
as the caller is not authorized to pass it in
2014-12-05 11:31:16,518 DEBUG [c.c.a.ApiServlet]
(catalina-exec-20:ctx-f6deaa79 ctx-594e7854) ===END===  9.72.44.101 -- GET
command=listVirtualMachines&id=ade1e441-5460-4a33-bc73-595baf19149d&response=json&sessionkey=J%2BzoAkWX%2B1TLv%2BjfbMYg0QAOLoA%3D&_=1417807876551

RE: ACS 4.4.1 XenServer 6.2 - VMs lost connection in "Isolated" network

2014-12-09 Thread Somesh Naidu 
Check routes on the guests that are having trouble. You should verify if the 
public traffic from these guests is reaching the router.

-Original Message-
From: Motty Cruz [mailto:motty.c...@gmail.com] 
Sent: Tuesday, 9 December 2014 11:46 AM
To: users@cloudstack.apache.org
Subject: ACS 4.4.1 XenServer 6.2 - VMs lost connection in "Isolated" network

Hi All,

I have total of about 5 VMs on "Isolated" network, but they lost connection to 
outside world. I am able to ping the VR but can't ping to outside world. If I 
log in to VR, am able to ping anywhere outside or inside network.

out of the 5 VMs, 3 machines never loose connection, the two VMs that do loose 
connection are windows machines. To get the connection again, I have to restart 
VR. Any ideas?

I want to mentioned that, I have three other "Isolated" networks in the same 
zone. I do not have problems with other "Isolated" networks.

I do need help!

Thanks,
Motty

Re: [TESTING] CloudStack 4.3.2 testing

2014-12-09 Thread Mike Tutkowski 
Yeah, I agree 4.3.2 mainly requires regression testing.

What's not clear to me is how much coverage we currently have for that
release and how much of it is automated.

A lot of fixes went into it and that's awesome, but that does increase the
probability that something here or there was broken.

On Tuesday, December 9, 2014, Mike Tutkowski 
wrote:

> I see it listed on the website now. Thanks :)
>
> On Tuesday, December 9, 2014, Rohit Yadav  > wrote:
>
>> Hi Mike,
>>
>> 4.4.2 is already released.
>>
>> > On 10-Dec-2014, at 1:36 am, Mike Tutkowski <
>> mike.tutkow...@solidfire.com> wrote:
>> >
>> > I wonder perhaps if it will be difficult for us to test two RCs (4.5.0
>> and
>> > 4.3.2) at the same time.
>> >
>> > I expect the two VOTE threads will overlap and people might not have
>> enough
>> > bandwidth to devote to testing both at approximately the same time.
>>
>> I understand your concern, in fact both these things including an
>> upcoming cloudmonkey voting process, quality discussion initiatives,
>> automation/testing efforts are all happening around the holiday season -
>> but this simply shows that we’ve a great and diverse community, and it’s
>> good to see so many initiatives.
>>
>> I think it’s certainly do-able and here’s how we grow our testing
>> community;
>>
>> - include users@, users-cn@ getting more people to help testing
>> release(s)
>> - built and share a deb/rpm repository so testing upgrades and installs
>> along with ACS is easier for everyone (everyone is welcome to build from
>> source but I think Jenkins is still a better tool for building/packaging)
>> - 4.3.2 mainly requires regression testing efforts since it’s a bugfix
>> release and requires less bandwidth
>> - 4.5.0 will require a lot of functional testing, (new) component testing
>> and regression testing as it is a major release with new features, a lot of
>> changes and a new systemvmtemplate
>>
>> I’ll also build and share deb/rpm repository for 4.5.0 as soon as the RC
>> is out and as part of our release process we can do that so it’s easier for
>> users and people in general to participate without building from source
>> (I’m not suggesting to discourage building from source in any way).
>>
>> Regards,
>> Rohit Yadav
>> Software Architect, ShapeBlue
>> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
>> Blog: bhaisaab.org | Twitter: @_bhaisaab
>>
>> Find out more about ShapeBlue and our range of CloudStack related services
>>
>> IaaS Cloud Design & Build<
>> http://shapeblue.com/iaas-cloud-design-and-build//>
>> CSForge – rapid IaaS deployment framework
>> CloudStack Consulting
>> CloudStack Software Engineering<
>> http://shapeblue.com/cloudstack-software-engineering/>
>> CloudStack Infrastructure Support<
>> http://shapeblue.com/cloudstack-infrastructure-support/>
>> CloudStack Bootcamp Training Courses<
>> http://shapeblue.com/cloudstack-training/>
>>
>> This email and any attachments to it may be confidential and are intended
>> solely for the use of the individual to whom it is addressed. Any views or
>> opinions expressed are solely those of the author and do not necessarily
>> represent those of Shape Blue Ltd or related companies. If you are not the
>> intended recipient of this email, you must neither take any action based
>> upon its contents, nor copy or show it to anyone. Please contact the sender
>> if you believe you have received this email in error. Shape Blue Ltd is a
>> company incorporated in England & Wales. ShapeBlue Services India LLP is a
>> company incorporated in India and is operated under license from Shape Blue
>> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
>> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
>> a company registered by The Republic of South Africa and is traded under
>> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>>
>
>
> --
> *Mike Tutkowski*
> *Senior CloudStack Developer, SolidFire Inc.*
> e: mike.tutkow...@solidfire.com
> 
> o: 303.746.7302
> Advancing the way the world uses the cloud
> *™*
>
>

-- 
*Mike Tutkowski*
*Senior CloudStack Developer, SolidFire Inc.*
e: mike.tutkow...@solidfire.com
o: 303.746.7302
Advancing the way the world uses the cloud
*™*

RE: can't import VHD

2014-12-09 Thread Somesh Naidu 
Could you check what global configuration parameter 
"secstorage.allowed.internal.sites" is set to?

-Original Message-
From: Andrew Kirch [mailto:trel...@trelane.net] 
Sent: Tuesday, 9 December 2014 4:30 PM
To: users@cloudstack.apache.org
Subject: can't import VHD

I'm attempting to import a VHD to a template.  I've set up a webserver on the 
local Cloudstack box, but am getting connection refused.  Apache is claiming 
it's sending a 200 and the file.
i
  CloudStack is saying:
Home

  * Templates
  * Zenoss425


Zones:

Zone name Connection refused no +

apache is saying:
192.168.100.20 - - [09/Dec/2014:16:04:26 -0500] "GET /Zenoss425.vhd HTTP/1.1" 
200 6301425664 "-" "Java/1.7.0_71"


Obviously this is something simple, but what am I missing?

Andrew

Re: [TESTING] CloudStack 4.3.2 testing

2014-12-09 Thread Mike Tutkowski 
I see it listed on the website now. Thanks :)

On Tuesday, December 9, 2014, Rohit Yadav  wrote:

> Hi Mike,
>
> 4.4.2 is already released.
>
> > On 10-Dec-2014, at 1:36 am, Mike Tutkowski  > wrote:
> >
> > I wonder perhaps if it will be difficult for us to test two RCs (4.5.0
> and
> > 4.3.2) at the same time.
> >
> > I expect the two VOTE threads will overlap and people might not have
> enough
> > bandwidth to devote to testing both at approximately the same time.
>
> I understand your concern, in fact both these things including an upcoming
> cloudmonkey voting process, quality discussion initiatives,
> automation/testing efforts are all happening around the holiday season -
> but this simply shows that we’ve a great and diverse community, and it’s
> good to see so many initiatives.
>
> I think it’s certainly do-able and here’s how we grow our testing
> community;
>
> - include users@, users-cn@ getting more people to help testing release(s)
> - built and share a deb/rpm repository so testing upgrades and installs
> along with ACS is easier for everyone (everyone is welcome to build from
> source but I think Jenkins is still a better tool for building/packaging)
> - 4.3.2 mainly requires regression testing efforts since it’s a bugfix
> release and requires less bandwidth
> - 4.5.0 will require a lot of functional testing, (new) component testing
> and regression testing as it is a major release with new features, a lot of
> changes and a new systemvmtemplate
>
> I’ll also build and share deb/rpm repository for 4.5.0 as soon as the RC
> is out and as part of our release process we can do that so it’s easier for
> users and people in general to participate without building from source
> (I’m not suggesting to discourage building from source in any way).
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 88 262 30892 | rohit.ya...@shapeblue.com 
> Blog: bhaisaab.org | Twitter: @_bhaisaab
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<
> http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software Engineering<
> http://shapeblue.com/cloudstack-software-engineering/>
> CloudStack Infrastructure Support<
> http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<
> http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
> a company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>


-- 
*Mike Tutkowski*
*Senior CloudStack Developer, SolidFire Inc.*
e: mike.tutkow...@solidfire.com
o: 303.746.7302
Advancing the way the world uses the cloud
*™*

can't import VHD

2014-12-09 Thread Andrew Kirch 
I'm attempting to import a VHD to a template.  I've set up a webserver 
on the local Cloudstack box, but am getting connection refused.  Apache 
is claiming it's sending a 200 and the file.

i
 CloudStack is saying:
Home

 * Templates
 * Zenoss425


Zones:

Zone name Connection refused no +

apache is saying:
192.168.100.20 - - [09/Dec/2014:16:04:26 -0500] "GET /Zenoss425.vhd 
HTTP/1.1" 200 6301425664 "-" "Java/1.7.0_71"



Obviously this is something simple, but what am I missing?

Andrew

Re: [TESTING] CloudStack 4.3.2 testing

2014-12-09 Thread Rohit Yadav 
Hi Mike,

4.4.2 is already released.

> On 10-Dec-2014, at 1:36 am, Mike Tutkowski  
> wrote:
>
> I wonder perhaps if it will be difficult for us to test two RCs (4.5.0 and
> 4.3.2) at the same time.
>
> I expect the two VOTE threads will overlap and people might not have enough
> bandwidth to devote to testing both at approximately the same time.

I understand your concern, in fact both these things including an upcoming 
cloudmonkey voting process, quality discussion initiatives, automation/testing 
efforts are all happening around the holiday season - but this simply shows 
that we’ve a great and diverse community, and it’s good to see so many 
initiatives.

I think it’s certainly do-able and here’s how we grow our testing community;

- include users@, users-cn@ getting more people to help testing release(s)
- built and share a deb/rpm repository so testing upgrades and installs along 
with ACS is easier for everyone (everyone is welcome to build from source but I 
think Jenkins is still a better tool for building/packaging)
- 4.3.2 mainly requires regression testing efforts since it’s a bugfix release 
and requires less bandwidth
- 4.5.0 will require a lot of functional testing, (new) component testing and 
regression testing as it is a major release with new features, a lot of changes 
and a new systemvmtemplate

I’ll also build and share deb/rpm repository for 4.5.0 as soon as the RC is out 
and as part of our release process we can do that so it’s easier for users and 
people in general to participate without building from source (I’m not 
suggesting to discourage building from source in any way).

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 88 262 30892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: [TESTING] CloudStack 4.3.2 testing

2014-12-09 Thread Mike Tutkowski 
Actually, it looks like we're considering the release of 4.4.2 in December
along with 4.5.0 and 4.3.2.

We definitely should make sure we give people sufficient time to test RCs
and not run VOTE threads simultaneously.

On Tue, Dec 9, 2014 at 1:06 PM, Mike Tutkowski  wrote:

> I wonder perhaps if it will be difficult for us to test two RCs (4.5.0 and
> 4.3.2) at the same time.
>
> I expect the two VOTE threads will overlap and people might not have
> enough bandwidth to devote to testing both at approximately the same time.
>
> On Tue, Dec 9, 2014 at 6:47 AM, Rohit Yadav 
> wrote:
>
>> Hi everyone,
>>
>> In last couple of weeks 103 issues were fixed on 4.3 branch since 4.3.1
>> release: https://github.com/apache/cloudstack/blob/4.3/CHANGES.md
>>
>> I want to kick start release process for 4.3.2 next week (15 Dec 2014),
>> but before that let's test 4.3 branch and fix any blockers and critical
>> issues. I'll meanwhile try to fix other pending issues till the end of
>> this week. I've tested 4.3 branch with KVM in both basic and advance
>> zones and it has worked for me so far.
>>
>> For the purpose of involving users in the testing process I've build a
>> noredist rpm/deb repository using SHA 32adae4 from 4.3 branch. Please
>> use the following repository for testing 4.3.2-SNAPSHOT:
>>
>> http://packages.bhaisaab.org/cloudstack/testing
>>
>> If you find any blocker or critical issues please report them on this
>> thread. Thanks.
>>
>> Regards,
>> Rohit Yadav
>> Software Architect, ShapeBlue
>> M. +91 8826230892 | rohit.ya...@shapeblue.com
>> Blog: bhaisaab.org | Twitter: @_bhaisaab
>> PS. If you see any footer below, I did not add it :)
>> Find out more about ShapeBlue and our range of CloudStack related services
>>
>> IaaS Cloud Design & Build> iaas-cloud-design-and-build//>
>> CSForge – rapid IaaS deployment framework
>> CloudStack Consulting
>> CloudStack Software Engineering> engineering/>
>> CloudStack Infrastructure Support> cloudstack-infrastructure-support/>
>> CloudStack Bootcamp Training Courses> cloudstack-training/>
>>
>> This email and any attachments to it may be confidential and are intended
>> solely for the use of the individual to whom it is addressed. Any views or
>> opinions expressed are solely those of the author and do not necessarily
>> represent those of Shape Blue Ltd or related companies. If you are not the
>> intended recipient of this email, you must neither take any action based
>> upon its contents, nor copy or show it to anyone. Please contact the sender
>> if you believe you have received this email in error. Shape Blue Ltd is a
>> company incorporated in England & Wales. ShapeBlue Services India LLP is a
>> company incorporated in India and is operated under license from Shape Blue
>> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
>> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
>> a company registered by The Republic of South Africa and is traded under
>> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>>
>
>
>
> --
> *Mike Tutkowski*
> *Senior CloudStack Developer, SolidFire Inc.*
> e: mike.tutkow...@solidfire.com
> o: 303.746.7302
> Advancing the way the world uses the cloud
> *™*
>



-- 
*Mike Tutkowski*
*Senior CloudStack Developer, SolidFire Inc.*
e: mike.tutkow...@solidfire.com
o: 303.746.7302
Advancing the way the world uses the cloud
*™*

Re: [TESTING] CloudStack 4.3.2 testing

2014-12-09 Thread Mike Tutkowski 
I wonder perhaps if it will be difficult for us to test two RCs (4.5.0 and
4.3.2) at the same time.

I expect the two VOTE threads will overlap and people might not have enough
bandwidth to devote to testing both at approximately the same time.

On Tue, Dec 9, 2014 at 6:47 AM, Rohit Yadav 
wrote:

> Hi everyone,
>
> In last couple of weeks 103 issues were fixed on 4.3 branch since 4.3.1
> release: https://github.com/apache/cloudstack/blob/4.3/CHANGES.md
>
> I want to kick start release process for 4.3.2 next week (15 Dec 2014),
> but before that let's test 4.3 branch and fix any blockers and critical
> issues. I'll meanwhile try to fix other pending issues till the end of
> this week. I've tested 4.3 branch with KVM in both basic and advance
> zones and it has worked for me so far.
>
> For the purpose of involving users in the testing process I've build a
> noredist rpm/deb repository using SHA 32adae4 from 4.3 branch. Please
> use the following repository for testing 4.3.2-SNAPSHOT:
>
> http://packages.bhaisaab.org/cloudstack/testing
>
> If you find any blocker or critical issues please report them on this
> thread. Thanks.
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 8826230892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> PS. If you see any footer below, I did not add it :)
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software Engineering engineering/>
> CloudStack Infrastructure Support cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
> a company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>



-- 
*Mike Tutkowski*
*Senior CloudStack Developer, SolidFire Inc.*
e: mike.tutkow...@solidfire.com
o: 303.746.7302
Advancing the way the world uses the cloud
*™*

Re: Desktop as a service

2014-12-09 Thread Tilak Raj Singh 
Hello John,

Thanks for your reply. Have looked at XenDesktop but I am looking for some
open source alternative to this..Is there something else available for such
tasks which can be used for both windows and Linux...
I found a few alternatives like spice (http://www.spice-space.org/), apache
VCL (http://vcl.apache.org/) and cantivo (http://cantivo.org/)
I wished to know if any of these an be used with cloudstack? If yes then
can someone please guide me how to do that?

Regards

On Tue, Dec 9, 2014 at 5:43 AM, John Kinsella  wrote:

>
> > On Dec 5, 2014, at 11:08 PM, Tilak Raj Singh  wrote:
> >
> > Hello Everybody,
> >
> > I am new to cloudstack so I dont know if I am going off the topic here. I
> > wished to know how to setup Virtual Desktop Interface (VDI) using
> > cloudstack. I browsed the net and found that openstack has the
> capabilities
> > to setup this feature. Does cloudstack can be used to deploy such a
> > service? If yes some links for the same would be highly appreciated. Also
> > if cloudstack does not have that capability then is there some
> alternative
> > to this?
>
> Hi and welcome!  CloudStack can be used with Citrix XenDesktop and XenApp
> to provide VDI services for users. It’s covered in the XenDesktop
> install/setup docs (just replace CloudPlatform with CloudStack)
>
> > Another thing I wanted to know is how to instantiate virtual machines
> > automatically if the load is increased. Have read about load balancing
> and
> > I guess its regarding this only.
>
> If you mean for VDI, XenDesktop can manage this once connected to
> CloudStack. If you mean outside of that setup, the phrase you’re looking
> for is “autoscaling.” Currently it works with either NetScaler load
> balancers or XenServer virtualization.
>
> > The architecture I wish to setup is to provide VDI to several users on
> > demand via browsers, where the compute is done on the virtual machines.
> Now
> > when suppose 10 users are simultaneously using this Virtual Desktop the
> > load on the VM increases so cloudstanck spawns another VM to share the
> load
> > of these 10 users to 5 each on these two VMs created. I hope my doubt is
> > clear.
>
> Yep - XenDesktop will do that for ya. :)
>
> John

Re: [TESTING] CloudStack 4.3.2 testing

2014-12-09 Thread Ian Duffy 
Fantastic work Rohit! :)

I tested with the dev branch of devcloud4 binary installation basic [1].

Everything worked without issue, brought up a new ubuntu vm based of the
openvm.eu templates [2]. Template came up without issue, console worked,
password and hostname were successfully set.

Created SG group rules for HTTP and SSH. Both worked as expected.

[1]
https://github.com/imduffy15/devcloud4/tree/dev/binary-installation-basic
[2] http://dl.openvm.eu/cloudstack/ubuntu/vanilla/jenkins/

On 9 December 2014 at 13:47, Rohit Yadav  wrote:

> Hi everyone,
>
> In last couple of weeks 103 issues were fixed on 4.3 branch since 4.3.1
> release: https://github.com/apache/cloudstack/blob/4.3/CHANGES.md
>
> I want to kick start release process for 4.3.2 next week (15 Dec 2014),
> but before that let's test 4.3 branch and fix any blockers and critical
> issues. I'll meanwhile try to fix other pending issues till the end of
> this week. I've tested 4.3 branch with KVM in both basic and advance
> zones and it has worked for me so far.
>
> For the purpose of involving users in the testing process I've build a
> noredist rpm/deb repository using SHA 32adae4 from 4.3 branch. Please
> use the following repository for testing 4.3.2-SNAPSHOT:
>
> http://packages.bhaisaab.org/cloudstack/testing
>
> If you find any blocker or critical issues please report them on this
> thread. Thanks.
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 8826230892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> PS. If you see any footer below, I did not add it :)
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software Engineering engineering/>
> CloudStack Infrastructure Support cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
> a company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>

ACS 4.4.1 XenServer 6.2 - VMs lost connection in "Isolated" network

2014-12-09 Thread Motty Cruz 

Hi All,

I have total of about 5 VMs on "Isolated" network, but they lost 
connection to outside world. I am able to ping the VR but can't ping to 
outside world. If I log in to VR, am able to ping anywhere outside or 
inside network.


out of the 5 VMs, 3 machines never loose connection, the two VMs that do 
loose connection are windows machines. To get the connection again, I 
have to restart VR. Any ideas?


I want to mentioned that, I have three other "Isolated" networks in the 
same zone. I do not have problems with other "Isolated" networks.


I do need help!

Thanks,
Motty

Re: [CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds

2014-12-09 Thread esanders83 
Good evening,
Just asking about the group.
If it wasn't for shapeblue; what other user/body in the cloudstack
community would resolve this quickly?  How much is Citrix even helping
out anymore?
thank youEric

On 12/9/2014 at 3:40 AM, "Rohit Yadav"  wrote:ShapeBlue has created a
patch that fixes this issue for Apache CloudStack 4.3.1 users, it
available from their “main” deb/rpm repository. ShapeBlue has also
published Apache CloudStack 4.4.2 debs/rpms on their main and upstream
repositories.

Repository: http://shapeblue.com/packages
Release notes:
https://github.com/shapeblue/cloudstack/wiki/Apache-CloudStack-4.3.1-ShapeBlue-Patch02
Source tag 4.3.1-shapeblue-02:
https://github.com/shapeblue/cloudstack/releases/tag/shapeblue-4.3.1-02

Regards.

> On 09-Dec-2014, at 1:41 am, John Kinsella  wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> CVE-2014-7807: Apache CloudStack unauthenticated LDAP binds
>
> CVSS:
> 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
>
> Vendors:
> The Apache Software Foundation
> Citrix, Inc.
>
> Versions Afffected:
> Apache CloudStack 4.3, 4.4
>
> Description:
> Apache CloudStack may be configured to authenticate LDAP users.
> When so configured, it performs a simple LDAP bind with the name
> and password provided by a user.  Simple LDAP binds are defined
> with three mechanisms (RFC 4513): 1) username and password; 2)
> unauthenticated if only a username is specified; and 3) anonymous
> if neither username or password is specified.  Currently, Apache
> CloudStack does not check if the password was provided which could
> allow an attacker to bind as an unauthenticated user.
>
> Mitigation:
> Users of Apache CloudStack 4.4 and derivatives should update to the
> latest version (4.4.2)
>
> An updated release for Apache CloudStack 4.3.2 is in testing. Until
> that is released, we recommend following the mitigation below:
>
> By default, many LDAP servers are not configured to allow
unauthenticated
> binds.  If the LDAP server in use allow this behaviour, a potential
> interim solution would be to consider disabling unauthenticated
> binds.
>
> Credit:
> This issue was identified by the Citrix Security Team.
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1
> Comment: GPGTools - http://gpgtools.org
>
> iQIcBAEBCgAGBQJUhgUCAAoJEOom9N0pCN7SOQMQAKyBuhg25u3FcVOU5XMdGGpT
> 2kSVFoLFR74ObI8bdr3HP+2LdLf/Go9QBBrWlZ034FUj6OV0Ct5o8TNB6AHbv0qF
> Ar4N05JoGtPaDCe9sWV/+ykOJH8snQjnYwVFrLZlLw8Y/JUQ+I1yJBksw8a2/hT2
> vmYgYiAQyrEMMk4bhBBlEyaJFMhuMtKtgUqLDW8wmlhkt2acZMt/0BKxDwAO8o7m
> 6ypepPCmkPHUpD50tfcCI+K4ib/C5EOn40n4orM97/JHZLsCyhz5nk36eQMOQQz2
> fJlaA04fQSV4Cv7c+S0LPh5e4e6TPSrOW3O4/V2dkjK/GgP8kUoo7ivyjIw6d2oJ
> Z5vqqgxrmgwDjH58YfVu3tyVuDlOFTZfCLkhdoXMxHfMLYYKeXkffRli9XabxrE+
> AkVoXaQAumf8IzTLVSQztV18jC79kvEeCV0pFYOjb/X/gShemruqmCWVDulj1ax6
> tzoP+Bm2mQRyrRClY37R+q3cQ2z6eNAC/vAoYzhYBN1o63MYneLYDADhyE6YIGz0
> LTbDDGFn0WVdFDrqworHdYDIMW7HQFMNtsQuueeP7LBldsgyTmjmBMp+S3Tq27UT
> RaVgp3n9ZUPdzj/i1vvJBrATKUNmv1GDoy+C1GPNx423nEOe7dFkMJARlcbf5Pml
> 03DX+ot4Xan0P5HXPT+r
> =QqOf
> -END PGP SIGNATURE-

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 88 262 30892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab
Find out more about ShapeBlue and our range of CloudStack related
services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software Engineering
CloudStack Infrastructure Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are
intended solely for the use of the individual to whom it is addressed.
Any views or opinions expressed are solely those of the author and do
not necessarily represent those of Shape Blue Ltd or related
companies. If you are not the intended recipient of this email, you
must neither take any action based upon its contents, nor copy or show
it to anyone. Please contact the sender if you believe you have
received this email in error. Shape Blue Ltd is a company incorporated
in England & Wales. ShapeBlue Services India LLP is a company
incorporated in India and is operated under license from Shape Blue
Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in
Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA
Pty Ltd is a company registered by The Republic of South Africa and is
traded under license from Shape Blue Ltd. ShapeBlue is a registered
trademark.

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Logan Barfield 
Hi Rohit,

The only thing I can think of is offering descriptions for UUIDs for
more of the arguments when using tab completion (like it does not with
template names).  This really helps avoid having to look in the GUI or
make other calls all the time.

Off the top of my head, match the "publicipid" UUID to an IP address,
for example:

create remoteaccessvpn publicipid=

abcdefg-123456-abcde...   100.100.100.100
hijklmno-789011-hijklm...   100.100.100.101

Thank You,

Logan Barfield
Tranquil Hosting


On Tue, Dec 9, 2014 at 8:00 AM, Rohit Yadav  wrote:
> Hi everyone,
>
> Thanks for your suggestions and improvements so far. For a timely 5.3.1
> release I want to start the release process for 5.3.1 bugfix release
> this week, anyone wants to report any bugs or share improvement ideas?
>
> CHANGES for 5.3.1 so far:
> https://github.com/apache/cloudstack-cloudmonkey/blob/master/CHANGES.md
>
>
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 8826230892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> PS. If you see any footer below, I did not add it :)
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design &
> Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software
> Engineering
> CloudStack Infrastructure
> Support
> CloudStack Bootcamp Training
> Courses
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a
> company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.

[TESTING] CloudStack 4.3.2 testing

2014-12-09 Thread Rohit Yadav 

Hi everyone,

In last couple of weeks 103 issues were fixed on 4.3 branch since 4.3.1
release: https://github.com/apache/cloudstack/blob/4.3/CHANGES.md

I want to kick start release process for 4.3.2 next week (15 Dec 2014),
but before that let's test 4.3 branch and fix any blockers and critical
issues. I'll meanwhile try to fix other pending issues till the end of
this week. I've tested 4.3 branch with KVM in both basic and advance
zones and it has worked for me so far.

For the purpose of involving users in the testing process I've build a
noredist rpm/deb repository using SHA 32adae4 from 4.3 branch. Please
use the following repository for testing 4.3.2-SNAPSHOT:

http://packages.bhaisaab.org/cloudstack/testing

If you find any blocker or critical issues please report them on this
thread. Thanks.

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 8826230892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab
PS. If you see any footer below, I did not add it :)
Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended solely 
for the use of the individual to whom it is addressed. Any views or opinions 
expressed are solely those of the author and do not necessarily represent those of 
Shape Blue Ltd or related companies. If you are not the intended recipient of this 
email, you must neither take any action based upon its contents, nor copy or show 
it to anyone. Please contact the sender if you believe you have received this email 
in error. Shape Blue Ltd is a company incorporated in England & Wales. 
ShapeBlue Services India LLP is a company incorporated in India and is operated 
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company 
incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue 
SA Pty Ltd is a company registered by The Republic of South Africa and is traded 
under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Rohit Yadav 

Hi everyone,

Thanks for your suggestions and improvements so far. For a timely 5.3.1
release I want to start the release process for 5.3.1 bugfix release
this week, anyone wants to report any bugs or share improvement ideas?

CHANGES for 5.3.1 so far:
https://github.com/apache/cloudstack-cloudmonkey/blob/master/CHANGES.md


Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 8826230892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab
PS. If you see any footer below, I did not add it :)
Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended solely 
for the use of the individual to whom it is addressed. Any views or opinions 
expressed are solely those of the author and do not necessarily represent those of 
Shape Blue Ltd or related companies. If you are not the intended recipient of this 
email, you must neither take any action based upon its contents, nor copy or show 
it to anyone. Please contact the sender if you believe you have received this email 
in error. Shape Blue Ltd is a company incorporated in England & Wales. 
ShapeBlue Services India LLP is a company incorporated in India and is operated 
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company 
incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue 
SA Pty Ltd is a company registered by The Republic of South Africa and is traded 
under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Upgrade to 4.3.1

2014-12-09 Thread Rohit Yadav 

Hi,

Regarding the console proxy url issue, this was a regression introduce
in 4.3.1 release and will be faced by all users using the feature with
4.3.1 (freshly installed or upgraded to 4.3.1). JFYI, It has been fixed
with 4.3.2:

http://issues.apache.org/jira/browse/CLOUDSTACK-7572

On Tuesday 16 September 2014 06:37 PM, Mārtiņš Jakubovičs wrote:

Hello,

In CentOS 6.5 today I discovered that is available update for CS 4.3. I
installed it but after management service restart "
consoleproxy.url.domain" value stopped to work. When I launch console
proxy, it connect to ".realhostip.com" domain in a way to connect my
real domain. When I clean this value, console proxy connects to IP.
After entering any other value it connects to ".realhostip.com" anyway.
How I can solve this?

Thanks.



--
Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 8826230892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab
PS. If you see any footer below, I did not add it :)
Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended solely 
for the use of the individual to whom it is addressed. Any views or opinions 
expressed are solely those of the author and do not necessarily represent those of 
Shape Blue Ltd or related companies. If you are not the intended recipient of this 
email, you must neither take any action based upon its contents, nor copy or show 
it to anyone. Please contact the sender if you believe you have received this email 
in error. Shape Blue Ltd is a company incorporated in England & Wales. 
ShapeBlue Services India LLP is a company incorporated in India and is operated 
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company 
incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue 
SA Pty Ltd is a company registered by The Republic of South Africa and is traded 
under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Rohit Yadav 

Hi Sebastien,

I think it's a good idea to allow users to enter human readable text and let 
cloudmonkey figure out uuid stuff, it's tricky to get it right I'll see if we 
can implement it in future.

Cheers.

On Tuesday 09 December 2014 02:24 PM, Sebastien Goasguen wrote:


On Dec 9, 2014, at 3:38 AM, Rohit Yadav  wrote:

> Good discussion, keep them coming!
>
> Hi Sebastien,
>
>> On 09-Dec-2014, at 1:41 pm, Sebastien Goasguen  wrote:
>>
>> I will put one in:
>>
>> would be nice to be able to reference entities by name in addition to uuid.
>> using uuid is quite cumbersome.
>>
>> for example
>>
>> cloudmonkey deploy virtualmachine template='foo' serviceoffering='bar' 
keypair=‘toto'
>
> Any ideas on how we can actually implement this and also people may not even 
remember the names of these args and they may want autocompletion for that as 
well? Right now with autocompletion enabled (set paramcompletion true), one can 
easily tab tab on an arg that is of uuid, boolean (and a special case account 
param) type and cloudmonkey lists uuids with names so one can pick a uuid for a 
suitable name.
>
> If we want to do autocompletion of names and which then translate to uuids is 
sort of doable but it will require a lot of background list API calls and a 
translation layer which can slow down cloudmonkey, and there is a corner case that 
an entity got removed and the name to uuid translation layer in cloudmonkey won’t 
know which uuid to pick and fail (few people may find it alright).
>

no idea how to implement it :) I have not looked at the code in a long time.

That's just a feature request, maybe it's not a good one.

>> On Dec 9, 2014, at 3:03 AM, Erik Weber  wrote:
>>
>>> I'm trying to use cloudmonkey in some scripts and find it hard to check if
>>> there was anything returned or not.
>>>
>>> Would it be possible to have cloudmonkey not return an extra newline if
>>> there's no results?
>>>
>>> Example of current behaviour:
>>>
>>> [jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
>>> name=packer-centos-6.6-60gb
>>>
>>> ( note this extra empty line )
>>>
>>> [jenkins@packer-master ~]$
>>>
>>>
>>> Expected behaviour:
>>>
>>> [jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
>>> name=packer-centos-6.6-60gb
>>>
>>> [jenkins@packer-master ~]$
>>>
>>>
>>> --
>>>
>>> Erik
>>>
>>> On Thu, Dec 4, 2014 at 12:45 PM, Rohit Yadav 
>>> wrote:
>>>
 Hi all,

 We want to work on the next release of CloudMonkey do you have any
 issues that we should fix, or any new feature you want? Thanks.

 --
 Regards,
 Rohit Yadav
 Software Architect, ShapeBlue
 M. +91 8826230892 | rohit.ya...@shapeblue.com
 Blog: bhaisaab.org | Twitter: @_bhaisaab

 Find out more about ShapeBlue and our range of CloudStack related services

 IaaS Cloud Design & Build
 CSForge – rapid IaaS deployment framework
 CloudStack Consulting
 CloudStack Software Engineering
 CloudStack Infrastructure Support
 CloudStack Bootcamp Training Courses

 This email and any attachments to it may be confidential and are intended
 solely for the use of the individual to whom it is addressed. Any views or
 opinions expressed are solely those of the author and do not necessarily
 represent those of Shape Blue Ltd or related companies. If you are not the
 intended recipient of this email, you must neither take any action based
 upon its contents, nor copy or show it to anyone. Please contact the sender
 if you believe you have received this email in error. Shape Blue Ltd is a
 company incorporated in England & Wales. ShapeBlue Services India LLP is a
 company incorporated in India and is operated under license from Shape Blue
 Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
 and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
 a company registered by The Republic of South Africa and is traded under
 license from Shape Blue Ltd. ShapeBlue is a registered trademark.

>>
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
>
>
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software 
Engineering
> CloudStack Infrastructure

Re: [DISCUSS] Any issues to be fixed for 4.3.1?

2014-12-09 Thread Rohit Yadav 

Hi France,

I'll try too go through them and see if I can fix them, everyone in the 
community is encouraged to help fix test.
If they are already fixed, I can help with backporting them and testing them.

I don't want to delay 4.3.2 release further because there is a security issue 
that will be shipped with 4.3.2 and we have not done any official ACS release 
to answer that, I think we should fix blockers or critical bugs for 4.3.2 and 
effort on testing it now. We'll keep working on these and other pending bugs, 
and if they don't make it to 4.3.2 we can always work on 4.3.3 etc.

On Monday 08 December 2014 03:06 PM, France wrote:

Hi Rohit,

Here are a few issues (without resolution). Maybe you can help get a fix in 
time for 4.3.2 release:

Snapshosts errors after upgrade 4.1.1 to 4.3.1:
https://issues.apache.org/jira/browse/CLOUDSTACK-8013

Failed to create a volume from snapshot:
https://issues.apache.org/jira/browse/CLOUDSTACK-8014

Virtual Router only with DHCP should not have DNS service
https://issues.apache.org/jira/browse/CLOUDSTACK-4675

Excessive use of LVM snapshots on XenServer, that leads to snapshot failure and 
unnecessary disk usage.
https://issues.apache.org/jira/browse/CLOUDSTACK-6060

Possibly this one too:
Failed to create snapshot due to an internal error creating snapshot for volume 372 
-> Failure from sparse_dd: Fatal error: exception Invalid_argument("index out 
of bounds”):
https://issues.apache.org/jira/browse/CLOUDSTACK-8044?filter=-2

Some others, you have already back-ported. For that we thank you.

Thank you,
Regards,
F.


On 20 Nov 2014, at 10:15, Rohit Yadav  wrote:

> Hi,
>
> We’ve some bugfixes backported to 4.3 branch since 4.3.1 was released and I 
think we should at least support this branch with a 4.3.2 release in next couple 
of weeks until a stable 4.5.0 is released in next couple of months.
>
> I’m going through JIRA and list of issues and will help backport fixes to the 
4.3 branch. So, please share if you’ve found any blocker/critical/major issue that 
you found in 4.3.0 or 4.3.1 and want to be fixed. Thanks.
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software 
Engineering
> CloudStack Infrastructure 
Support
> CloudStack Bootcamp Training 
Courses



--
Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 8826230892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab
PS. If you see any footer below, I did not add it :)

Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended solely 
for the use of the individual to whom it is addressed. Any views or opinions 
expressed are solely those of the author and do not necessarily represent those of 
Shape Blue Ltd or related companies. If you are not the intended recipient of this 
email, you must neither take any action based upon its contents, nor copy or show 
it to anyone. Please contact the sender if you believe you have received this email 
in error. Shape Blue Ltd is a company incorporated in England & Wales. 
ShapeBlue Services India LLP is a company incorporated in India and is operated 
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company 
incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue 
SA Pty Ltd is a company registered by The Republic of South Africa and is traded 
under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Strange instance boot issue

2014-12-09 Thread Alessandro Caviglione 
Hi Geoff,
thank you for your tech suggest!
I think you're right, in fact changing compute offering to 1 GHz the server
boot up in 10 sec...
Thank you very much, also today I've learned something! :)

On Mon, Dec 8, 2014 at 10:42 AM, Geoff Higginbottom <
geoff.higginbot...@shapeblue.com> wrote:

> Hi Allesandro,
>
> This is just a hunch, but could it be that Windows only uses its 1st CPU
> to handle the boot process.  If this is the case when you allocate 4vCPU @
> 500Mhz it only has 500Mhz of CPU power to process the very intensive boot
> process, vs having 2000Mhz when you allocate a single vCPU @ 200MHz.
>
> I believe it's always better to provide a faster single vCPU than multiple
> Slower vCPUs as there are overheads on the Guest OS and Hypervisor when
> dealing with multiple vCPUs.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbot...@shapeblue.com
>
> -Original Message-
> From: Alessandro Caviglione [mailto:c.alessan...@gmail.com]
> Sent: 08 December 2014 02:20
> To: users@cloudstack.apache.org
> Subject: Re: Strange instance boot issue
>
> Ok... maybe I found the issue!!
> Again... I'm learning CS in these month so you've to be patient with me!
> :) But this thing is strange...
> I configure some Compute offering setting CPU speed to 500 MHz and
> changing vCPU number for each offer, all the offerings are with CPU CAP
> enabled.
> Now, if I deploy a W2008R2 instance from a template or an ISO (yes
> W2012 is working fine! :-/) with 4vCPU (4*500 MHz = 2 GHz) I get the
> issue... sloow boot time (about 15 mins).
> If I deploy the same instance with 1 vCPU with 2000 MHz, the instance boot
> in 7 sec!!
> Why???
>
> On Sun, Dec 7, 2014 at 1:49 AM, Alessandro Caviglione <
> c.alessan...@gmail.com> wrote:
>
> > Hi guys,
> > I'm sorry if I submit this problem, I honestly do not think it is a
> > fault of CloudStack, but I do not know where to look anymore ...
> > For several days (up to a week ago I did not have this problem) I have
> > trouble creating templates and run instances.
> > My infrastructure is composed of CS4.4.1 and 4 XenServer 6.2 hosts.
> > I want to point out that the problem is not due to poor storage
> > performance.
> > When I create an instance from an ISO, the installation time is
> > greatly increased.
> > When restarting the instances, for example windows VMs, they remain in
> > the boot about 30 minutes.
> > The strange thing is that when instances are started, the performances
> > are excellent!
> > What's even more strange is that trying to install a new VM directly
> > from XenServer, installation is fast and the boot issue when restart
> > the VMs does not appear and also boot is very fast (about 20/30 sec.)
> > In short, the problem seems to be only when the VMs are managed by
> > CloudStack.
> > I found this article and correct the BIOS of my server, even though I
> > had never encountered this problem until a week ago. (
> > http://support.citrix.com/article/CTX127395)
> >
> >
> > Someone can give me some guidance?
> >
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<
> http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software Engineering<
> http://shapeblue.com/cloudstack-software-engineering/>
> CloudStack Infrastructure Support<
> http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<
> http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
> a company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>

Trouble with deployment

2014-12-09 Thread Erik Weber 
Usually I manage to see why deployments fail, but this time I'm stuck.

I'm facing trouble deploying from a template (other templates works fine)
and I cannot see why.

I have 6 hypervisor hosts, 2 primary storage pools (one is over capacity,
but that is ok)

mgmt logs of the job id: http://pastebin.com/AshmLpFs

-- 
Erik

Re: [CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds

2014-12-09 Thread Rohit Yadav 
ShapeBlue has created a patch that fixes this issue for Apache CloudStack 4.3.1 
users, it available from their “main” deb/rpm repository. ShapeBlue has also 
published Apache CloudStack 4.4.2 debs/rpms on their main and upstream 
repositories.

Repository: http://shapeblue.com/packages
Release notes: 
https://github.com/shapeblue/cloudstack/wiki/Apache-CloudStack-4.3.1-ShapeBlue-Patch02
Source tag 4.3.1-shapeblue-02: 
https://github.com/shapeblue/cloudstack/releases/tag/shapeblue-4.3.1-02

Regards.

> On 09-Dec-2014, at 1:41 am, John Kinsella  wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> CVE-2014-7807: Apache CloudStack unauthenticated LDAP binds
>
> CVSS:
> 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
>
> Vendors:
> The Apache Software Foundation
> Citrix, Inc.
>
> Versions Afffected:
> Apache CloudStack 4.3, 4.4
>
> Description:
> Apache CloudStack may be configured to authenticate LDAP users.
> When so configured, it performs a simple LDAP bind with the name
> and password provided by a user.  Simple LDAP binds are defined
> with three mechanisms (RFC 4513): 1) username and password; 2)
> unauthenticated if only a username is specified; and 3) anonymous
> if neither username or password is specified.  Currently, Apache
> CloudStack does not check if the password was provided which could
> allow an attacker to bind as an unauthenticated user.
>
> Mitigation:
> Users of Apache CloudStack 4.4 and derivatives should update to the
> latest version (4.4.2)
>
> An updated release for Apache CloudStack 4.3.2 is in testing. Until
> that is released, we recommend following the mitigation below:
>
> By default, many LDAP servers are not configured to allow unauthenticated
> binds.  If the LDAP server in use allow this behaviour, a potential
> interim solution would be to consider disabling unauthenticated
> binds.
>
> Credit:
> This issue was identified by the Citrix Security Team.
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1
> Comment: GPGTools - http://gpgtools.org
>
> iQIcBAEBCgAGBQJUhgUCAAoJEOom9N0pCN7SOQMQAKyBuhg25u3FcVOU5XMdGGpT
> 2kSVFoLFR74ObI8bdr3HP+2LdLf/Go9QBBrWlZ034FUj6OV0Ct5o8TNB6AHbv0qF
> Ar4N05JoGtPaDCe9sWV/+ykOJH8snQjnYwVFrLZlLw8Y/JUQ+I1yJBksw8a2/hT2
> vmYgYiAQyrEMMk4bhBBlEyaJFMhuMtKtgUqLDW8wmlhkt2acZMt/0BKxDwAO8o7m
> 6ypepPCmkPHUpD50tfcCI+K4ib/C5EOn40n4orM97/JHZLsCyhz5nk36eQMOQQz2
> fJlaA04fQSV4Cv7c+S0LPh5e4e6TPSrOW3O4/V2dkjK/GgP8kUoo7ivyjIw6d2oJ
> Z5vqqgxrmgwDjH58YfVu3tyVuDlOFTZfCLkhdoXMxHfMLYYKeXkffRli9XabxrE+
> AkVoXaQAumf8IzTLVSQztV18jC79kvEeCV0pFYOjb/X/gShemruqmCWVDulj1ax6
> tzoP+Bm2mQRyrRClY37R+q3cQ2z6eNAC/vAoYzhYBN1o63MYneLYDADhyE6YIGz0
> LTbDDGFn0WVdFDrqworHdYDIMW7HQFMNtsQuueeP7LBldsgyTmjmBMp+S3Tq27UT
> RaVgp3n9ZUPdzj/i1vvJBrATKUNmv1GDoy+C1GPNx423nEOe7dFkMJARlcbf5Pml
> 03DX+ot4Xan0P5HXPT+r
> =QqOf
> -END PGP SIGNATURE-

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 88 262 30892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Sebastien Goasguen 

On Dec 9, 2014, at 3:38 AM, Rohit Yadav  wrote:

> Good discussion, keep them coming!
> 
> Hi Sebastien,
> 
>> On 09-Dec-2014, at 1:41 pm, Sebastien Goasguen  wrote:
>> 
>> I will put one in:
>> 
>> would be nice to be able to reference entities by name in addition to uuid.
>> using uuid is quite cumbersome.
>> 
>> for example
>> 
>> cloudmonkey deploy virtualmachine template='foo' serviceoffering='bar' 
>> keypair=‘toto'
> 
> Any ideas on how we can actually implement this and also people may not even 
> remember the names of these args and they may want autocompletion for that as 
> well? Right now with autocompletion enabled (set paramcompletion true), one 
> can easily tab tab on an arg that is of uuid, boolean (and a special case 
> account param) type and cloudmonkey lists uuids with names so one can pick a 
> uuid for a suitable name.
> 
> If we want to do autocompletion of names and which then translate to uuids is 
> sort of doable but it will require a lot of background list API calls and a 
> translation layer which can slow down cloudmonkey, and there is a corner case 
> that an entity got removed and the name to uuid translation layer in 
> cloudmonkey won’t know which uuid to pick and fail (few people may find it 
> alright).
> 

no idea how to implement it :) I have not looked at the code in a long time. 

That's just a feature request, maybe it's not a good one.

>> On Dec 9, 2014, at 3:03 AM, Erik Weber  wrote:
>> 
>>> I'm trying to use cloudmonkey in some scripts and find it hard to check if
>>> there was anything returned or not.
>>> 
>>> Would it be possible to have cloudmonkey not return an extra newline if
>>> there's no results?
>>> 
>>> Example of current behaviour:
>>> 
>>> [jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
>>> name=packer-centos-6.6-60gb
>>> 
>>> ( note this extra empty line )
>>> 
>>> [jenkins@packer-master ~]$
>>> 
>>> 
>>> Expected behaviour:
>>> 
>>> [jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
>>> name=packer-centos-6.6-60gb
>>> 
>>> [jenkins@packer-master ~]$
>>> 
>>> 
>>> --
>>> 
>>> Erik
>>> 
>>> On Thu, Dec 4, 2014 at 12:45 PM, Rohit Yadav 
>>> wrote:
>>> 
 Hi all,
 
 We want to work on the next release of CloudMonkey do you have any
 issues that we should fix, or any new feature you want? Thanks.
 
 --
 Regards,
 Rohit Yadav
 Software Architect, ShapeBlue
 M. +91 8826230892 | rohit.ya...@shapeblue.com
 Blog: bhaisaab.org | Twitter: @_bhaisaab
 
 Find out more about ShapeBlue and our range of CloudStack related services
 
 IaaS Cloud Design & Build
 CSForge – rapid IaaS deployment framework
 CloudStack Consulting
 CloudStack Software Engineering
 CloudStack Infrastructure Support
 CloudStack Bootcamp Training Courses
 
 This email and any attachments to it may be confidential and are intended
 solely for the use of the individual to whom it is addressed. Any views or
 opinions expressed are solely those of the author and do not necessarily
 represent those of Shape Blue Ltd or related companies. If you are not the
 intended recipient of this email, you must neither take any action based
 upon its contents, nor copy or show it to anyone. Please contact the sender
 if you believe you have received this email in error. Shape Blue Ltd is a
 company incorporated in England & Wales. ShapeBlue Services India LLP is a
 company incorporated in India and is operated under license from Shape Blue
 Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
 and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
 a company registered by The Republic of South Africa and is traded under
 license from Shape Blue Ltd. ShapeBlue is a registered trademark.
 
>> 
> 
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> 
> 
> 
> Find out more about ShapeBlue and our range of CloudStack related services
> 
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software 
> Engineering
> CloudStack Infrastructure 
> Support
> CloudStack Bootcamp Training 
> Courses
> 
> This email and any attachments to it may be confidenti

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Rohit Yadav 
Good discussion, keep them coming!

Hi Sebastien,

> On 09-Dec-2014, at 1:41 pm, Sebastien Goasguen  wrote:
>
> I will put one in:
>
> would be nice to be able to reference entities by name in addition to uuid.
> using uuid is quite cumbersome.
>
> for example
>
> cloudmonkey deploy virtualmachine template='foo' serviceoffering='bar' 
> keypair=‘toto'

Any ideas on how we can actually implement this and also people may not even 
remember the names of these args and they may want autocompletion for that as 
well? Right now with autocompletion enabled (set paramcompletion true), one can 
easily tab tab on an arg that is of uuid, boolean (and a special case account 
param) type and cloudmonkey lists uuids with names so one can pick a uuid for a 
suitable name.

If we want to do autocompletion of names and which then translate to uuids is 
sort of doable but it will require a lot of background list API calls and a 
translation layer which can slow down cloudmonkey, and there is a corner case 
that an entity got removed and the name to uuid translation layer in 
cloudmonkey won’t know which uuid to pick and fail (few people may find it 
alright).

> On Dec 9, 2014, at 3:03 AM, Erik Weber  wrote:
>
>> I'm trying to use cloudmonkey in some scripts and find it hard to check if
>> there was anything returned or not.
>>
>> Would it be possible to have cloudmonkey not return an extra newline if
>> there's no results?
>>
>> Example of current behaviour:
>>
>> [jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
>> name=packer-centos-6.6-60gb
>>
>> ( note this extra empty line )
>>
>> [jenkins@packer-master ~]$
>>
>>
>> Expected behaviour:
>>
>> [jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
>> name=packer-centos-6.6-60gb
>>
>> [jenkins@packer-master ~]$
>>
>>
>> --
>>
>> Erik
>>
>> On Thu, Dec 4, 2014 at 12:45 PM, Rohit Yadav 
>> wrote:
>>
>>> Hi all,
>>>
>>> We want to work on the next release of CloudMonkey do you have any
>>> issues that we should fix, or any new feature you want? Thanks.
>>>
>>> --
>>> Regards,
>>> Rohit Yadav
>>> Software Architect, ShapeBlue
>>> M. +91 8826230892 | rohit.ya...@shapeblue.com
>>> Blog: bhaisaab.org | Twitter: @_bhaisaab
>>>
>>> Find out more about ShapeBlue and our range of CloudStack related services
>>>
>>> IaaS Cloud Design & Build>> iaas-cloud-design-and-build//>
>>> CSForge – rapid IaaS deployment framework
>>> CloudStack Consulting
>>> CloudStack Software Engineering>> engineering/>
>>> CloudStack Infrastructure Support>> cloudstack-infrastructure-support/>
>>> CloudStack Bootcamp Training Courses>> cloudstack-training/>
>>>
>>> This email and any attachments to it may be confidential and are intended
>>> solely for the use of the individual to whom it is addressed. Any views or
>>> opinions expressed are solely those of the author and do not necessarily
>>> represent those of Shape Blue Ltd or related companies. If you are not the
>>> intended recipient of this email, you must neither take any action based
>>> upon its contents, nor copy or show it to anyone. Please contact the sender
>>> if you believe you have received this email in error. Shape Blue Ltd is a
>>> company incorporated in England & Wales. ShapeBlue Services India LLP is a
>>> company incorporated in India and is operated under license from Shape Blue
>>> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
>>> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
>>> a company registered by The Republic of South Africa and is traded under
>>> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>>>
>

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 88 262 30892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please cont

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Erik Weber 
On Tue, Dec 9, 2014 at 9:21 AM, Rohit Yadav 
wrote:

> Hi Erik,
>
> Thanks for the suggestion, it's fixed in master/5.3 branch now. Until
> 5.3.1 gets released please install/use using the git repo.
>
>

Thanks Rohit, I'll give it a try!

-- 
Erik

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Rohit Yadav 

Hi Erik,

Thanks for the suggestion, it's fixed in master/5.3 branch now. Until
5.3.1 gets released please install/use using the git repo.

On Tuesday 09 December 2014 01:33 PM, Erik Weber wrote:

I'm trying to use cloudmonkey in some scripts and find it hard to check if
there was anything returned or not.

Would it be possible to have cloudmonkey not return an extra newline if
there's no results?

Example of current behaviour:

[jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
name=packer-centos-6.6-60gb

( note this extra empty line )

[jenkins@packer-master ~]$


Expected behaviour:

[jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
name=packer-centos-6.6-60gb

[jenkins@packer-master ~]$




--
Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 8826230892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab
PS. If you see any footer below, I did not add it :)
Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software 
Engineering
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended solely 
for the use of the individual to whom it is addressed. Any views or opinions 
expressed are solely those of the author and do not necessarily represent those of 
Shape Blue Ltd or related companies. If you are not the intended recipient of this 
email, you must neither take any action based upon its contents, nor copy or show 
it to anyone. Please contact the sender if you believe you have received this email 
in error. Shape Blue Ltd is a company incorporated in England & Wales. 
ShapeBlue Services India LLP is a company incorporated in India and is operated 
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company 
incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue 
SA Pty Ltd is a company registered by The Republic of South Africa and is traded 
under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Sebastien Goasguen 
I will put one in:

would be nice to be able to reference entities by name in addition to uuid.
using uuid is quite cumbersome.

for example

cloudmonkey deploy virtualmachine template='foo' serviceoffering='bar' 
keypair='toto'


etc…


On Dec 9, 2014, at 3:03 AM, Erik Weber  wrote:

> I'm trying to use cloudmonkey in some scripts and find it hard to check if
> there was anything returned or not.
> 
> Would it be possible to have cloudmonkey not return an extra newline if
> there's no results?
> 
> Example of current behaviour:
> 
> [jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
> name=packer-centos-6.6-60gb
> 
> ( note this extra empty line )
> 
> [jenkins@packer-master ~]$
> 
> 
> Expected behaviour:
> 
> [jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
> name=packer-centos-6.6-60gb
> 
> [jenkins@packer-master ~]$
> 
> 
> -- 
> 
> Erik
> 
> On Thu, Dec 4, 2014 at 12:45 PM, Rohit Yadav 
> wrote:
> 
>> Hi all,
>> 
>> We want to work on the next release of CloudMonkey do you have any
>> issues that we should fix, or any new feature you want? Thanks.
>> 
>> --
>> Regards,
>> Rohit Yadav
>> Software Architect, ShapeBlue
>> M. +91 8826230892 | rohit.ya...@shapeblue.com
>> Blog: bhaisaab.org | Twitter: @_bhaisaab
>> 
>> Find out more about ShapeBlue and our range of CloudStack related services
>> 
>> IaaS Cloud Design & Build> iaas-cloud-design-and-build//>
>> CSForge – rapid IaaS deployment framework
>> CloudStack Consulting
>> CloudStack Software Engineering> engineering/>
>> CloudStack Infrastructure Support> cloudstack-infrastructure-support/>
>> CloudStack Bootcamp Training Courses> cloudstack-training/>
>> 
>> This email and any attachments to it may be confidential and are intended
>> solely for the use of the individual to whom it is addressed. Any views or
>> opinions expressed are solely those of the author and do not necessarily
>> represent those of Shape Blue Ltd or related companies. If you are not the
>> intended recipient of this email, you must neither take any action based
>> upon its contents, nor copy or show it to anyone. Please contact the sender
>> if you believe you have received this email in error. Shape Blue Ltd is a
>> company incorporated in England & Wales. ShapeBlue Services India LLP is a
>> company incorporated in India and is operated under license from Shape Blue
>> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
>> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
>> a company registered by The Republic of South Africa and is traded under
>> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>>

RE: 答复: unable to test Network Throttling.

2014-12-09 Thread Prashant Kumar Mishra 
From the  xencenter you can check interface property (look for QoS settings) 
for that particular vm . 

-Original Message-
From: Andrija Panic [mailto:andrija.pa...@gmail.com] 
Sent: Tuesday, December 09, 2014 1:30 PM
To: d...@cloudstack.apache.org
Cc: users@cloudstack.apache.org
Subject: Re: 答复: unable to test Network Throttling.

Recent reply from Vadim:
http://xmodulo.com/how-to-rate-limit-xenserver-vms-network-interfaces.html

On 9 December 2014 at 08:40, raja sekhar  wrote:

> Hi Star,
>
> Thanks for your reply. I'm using XenServer 6.2 and cloudstack 4.3.1.
> how can i check the band width rate of the VM, is there any command 
> for xenserver host?
>
> waiting for your reply.
>
> Regards,
> Rajasekhar.
>
> On Mon, Dec 8, 2014 at 10:56 PM, Star Guo  wrote:
> >
> > Hi,
> >
> > There is a priority: the network rate of compute offering > the 
> > network rate of global configuration.
> > If you deploy on kvm host, you can use virsh command to dumpxml of 
> > the VM and focus on   ... .
> >
> > Best Regards,
> > Star Guo
> >
> > -邮件原件-
> > 发件人: raja sekhar [mailto:rajsekhar@gmail.com]
> > 发送时间: 2014年12月9日 14:28
> > 收件人: d...@cloudstack.apache.org; users@cloudstack.apache.org
> > 主题: unable to test Network Throttling.
> >
> > Hi all,
> >
> > i have created one compute offering(2 CPU , 4 GB) and given the 
> > Network Rate as 1024 Mb/s, a VM is deployed from that compute 
> > offering and in global settings i didn't changed any Network 
> > Throttling Rate(default 200
> > Mb/s) and i'm unable to test the network bandwidth rate.
> >
> > please suggest me how to test the bandwidth rate of the VM.
> >
> >
> >
> > Regards,
> > Rajasekhar.
> >
> >
>



-- 

Andrija Panić

Re: Any more CloudMonkey improvements you want to see?

2014-12-09 Thread Erik Weber 
I'm trying to use cloudmonkey in some scripts and find it hard to check if
there was anything returned or not.

Would it be possible to have cloudmonkey not return an extra newline if
there's no results?

Example of current behaviour:

[jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
name=packer-centos-6.6-60gb

( note this extra empty line )

[jenkins@packer-master ~]$


Expected behaviour:

[jenkins@packer-master ~]$ cloudmonkey list templates templatefilter=self
name=packer-centos-6.6-60gb

[jenkins@packer-master ~]$


-- 

Erik

On Thu, Dec 4, 2014 at 12:45 PM, Rohit Yadav 
wrote:

> Hi all,
>
> We want to work on the next release of CloudMonkey do you have any
> issues that we should fix, or any new feature you want? Thanks.
>
> --
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 8826230892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software Engineering engineering/>
> CloudStack Infrastructure Support cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
> a company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>

Re: 答复: unable to test Network Throttling.

2014-12-09 Thread Andrija Panic 
Recent reply from Vadim:
http://xmodulo.com/how-to-rate-limit-xenserver-vms-network-interfaces.html

On 9 December 2014 at 08:40, raja sekhar  wrote:

> Hi Star,
>
> Thanks for your reply. I'm using XenServer 6.2 and cloudstack 4.3.1.
> how can i check the band width rate of the VM, is there any command for
> xenserver host?
>
> waiting for your reply.
>
> Regards,
> Rajasekhar.
>
> On Mon, Dec 8, 2014 at 10:56 PM, Star Guo  wrote:
> >
> > Hi,
> >
> > There is a priority: the network rate of compute offering > the network
> > rate of global configuration.
> > If you deploy on kvm host, you can use virsh command to dumpxml of the VM
> > and focus on   ... .
> >
> > Best Regards,
> > Star Guo
> >
> > -邮件原件-
> > 发件人: raja sekhar [mailto:rajsekhar@gmail.com]
> > 发送时间: 2014年12月9日 14:28
> > 收件人: d...@cloudstack.apache.org; users@cloudstack.apache.org
> > 主题: unable to test Network Throttling.
> >
> > Hi all,
> >
> > i have created one compute offering(2 CPU , 4 GB) and given the Network
> > Rate as 1024 Mb/s, a VM is deployed from that compute offering and in
> > global settings i didn't changed any Network Throttling Rate(default 200
> > Mb/s) and i'm unable to test the network bandwidth rate.
> >
> > please suggest me how to test the bandwidth rate of the VM.
> >
> >
> >
> > Regards,
> > Rajasekhar.
> >
> >
>



-- 

Andrija Panić