Re: system VM has no ips

2018-09-28 Thread Rohit Yadav 
Hi Yordan,


Which version of Apache CloudStack are you using/testing?


- Rohit






From: Yordan Kostov 
Sent: Friday, September 28, 2018 8:29:07 PM
To: users
Subject: system VM has no ips


Dear all,



Trying to get an advanced networking Cloudstack setup.



My environment is a xenserver 7.1 with 4 nics in 2 bonds 
(Bond_01 and bond_23, those are set as labels on the network labels below).

Network setup is:

Management range (bond_01) –  10.10.10.10-20 (untagged)

Public range(bond_01)  - 10.10.10.220-230 (untagged)

Guest vlans (bond_23) – 3500 to 3510



When the system VMs start up the cloudstack menu says 
“starting” forever.

[cid:image002.jpg@01D45754.F399A870]From the Xenserver I can 
see that vms are up and when I logging there are actually no interfaces.


























This is just a test environment so no other configs are 
involved.

I wonder why is this happening. Basic networking option works 
without issues.

Btw is there any guide regarding System VMs behavior ?
Most of the guides explain what they do but not how they do it 
(how are their IPs assigned when started up? Which of the interfaces is used 
for communication with the management server etc..).

Thank you.



Best regards,

Jordan Kostov



rohit.ya...@shapeblue.com 
www.shapeblue.com
Amadeus House, Floral Street, London  WC2E 9DPUK
@shapeblue

Re: TAP/SPAN...

2018-09-28 Thread Simon Weller 
David,


So I assume the customer is in an isolated network between the VR and their VMs?


If so, just SPAN that vlan to another port on your switch and tap it there.



From: David Merrill 
Sent: Friday, September 28, 2018 2:01 PM
To: users@cloudstack.apache.org
Subject: Re: TAP/SPAN...

XenServer 6.5

Thanks,
David

David Merrill
Senior Systems Engineer,
Managed and Private/Hybrid Cloud Services
OTELCO
92 Oak Street, Portland ME 04101
office 207.772.5678 
www.otelco.com 
/business/managed-services



Confidentiality Message
The information contained in this e-mail transmission may be confidential and 
legally privileged. If you are not the intended recipient, you are notified 
that any dissemination, distribution, copying or other use of this information, 
including attachments, is prohibited. If you received this message in error, 
please call me at 207.772.5678  so this error can be 
corrected.


On 9/28/18, 2:54 PM, "Simon Weller"  wrote:

What hypervisor are you using?


If you're using KVM, you could add a vlan VIF into the bridge in question 
and then dump that traffic somewhere via a replicated span on your switch.


-  Si



From: David Merrill 
Sent: Friday, September 28, 2018 1:47 PM
To: users@cloudstack.apache.org
Subject: TAP/SPAN...

We’ve got a client who would like to ship a copy of all packets that pass 
through their virtual router to an appliance (that we’d place on their VLAN).

I’ve searched a bit (I’d hoped to see some mention of it in the users list) 
and haven’t found specific references to TAP/SPAN related to CloudStack, is 
there a convention for such things? I’m a (tiny) little out of my depth, is 
this the kind of thing that I might find (if it existed) here:


  *   
http://docs.cloudstack.apache.org/en/4.11.1.0/adminguide/networking.html?highlight=network%20service%20providers

At the very least is something like this (a kind of roll-your-own SPAN) 
possible on the virtual router?


  *   
https://networkhop.wordpress.com/2016/04/27/port-mirroring-with-iptables/

I wish this had come up at the collab  in Montreal (having JUST been there 
earlier this week), but so it goes.

Thanks for any consideration/feedback,
David

David Merrill
Senior Systems Engineer,
Managed and Private/Hybrid Cloud Services
OTELCO
92 Oak Street, Portland ME 04101
office 207.772.5678
www.otelco.com/business/managed-services

Confidentiality Message
The information contained in this e-mail transmission may be confidential 
and legally privileged. If you are not the intended recipient, you are notified 
that any dissemination, distribution, copying or other use of this information, 
including attachments, is prohibited. If you received this message in error, 
please call me at 207.772.5678 so this error can be 
corrected.

Re: TAP/SPAN...

2018-09-28 Thread David Merrill 
XenServer 6.5

Thanks,
David

David Merrill
Senior Systems Engineer,
Managed and Private/Hybrid Cloud Services
OTELCO
92 Oak Street, Portland ME 04101
office 207.772.5678 
www.otelco.com /business/managed-services



Confidentiality Message
The information contained in this e-mail transmission may be confidential and 
legally privileged. If you are not the intended recipient, you are notified 
that any dissemination, distribution, copying or other use of this information, 
including attachments, is prohibited. If you received this message in error, 
please call me at 207.772.5678  so this error can be 
corrected.
 

On 9/28/18, 2:54 PM, "Simon Weller"  wrote:

What hypervisor are you using?


If you're using KVM, you could add a vlan VIF into the bridge in question 
and then dump that traffic somewhere via a replicated span on your switch.


-  Si



From: David Merrill 
Sent: Friday, September 28, 2018 1:47 PM
To: users@cloudstack.apache.org
Subject: TAP/SPAN...

We’ve got a client who would like to ship a copy of all packets that pass 
through their virtual router to an appliance (that we’d place on their VLAN).

I’ve searched a bit (I’d hoped to see some mention of it in the users list) 
and haven’t found specific references to TAP/SPAN related to CloudStack, is 
there a convention for such things? I’m a (tiny) little out of my depth, is 
this the kind of thing that I might find (if it existed) here:


  *   
http://docs.cloudstack.apache.org/en/4.11.1.0/adminguide/networking.html?highlight=network%20service%20providers

At the very least is something like this (a kind of roll-your-own SPAN) 
possible on the virtual router?


  *   
https://networkhop.wordpress.com/2016/04/27/port-mirroring-with-iptables/

I wish this had come up at the collab  in Montreal (having JUST been there 
earlier this week), but so it goes.

Thanks for any consideration/feedback,
David

David Merrill
Senior Systems Engineer,
Managed and Private/Hybrid Cloud Services
OTELCO
92 Oak Street, Portland ME 04101
office 207.772.5678
www.otelco.com/business/managed-services

Confidentiality Message
The information contained in this e-mail transmission may be confidential 
and legally privileged. If you are not the intended recipient, you are notified 
that any dissemination, distribution, copying or other use of this information, 
including attachments, is prohibited. If you received this message in error, 
please call me at 207.772.5678 so this error can be 
corrected.

Re: TAP/SPAN...

2018-09-28 Thread Simon Weller 
What hypervisor are you using?


If you're using KVM, you could add a vlan VIF into the bridge in question and 
then dump that traffic somewhere via a replicated span on your switch.


-  Si



From: David Merrill 
Sent: Friday, September 28, 2018 1:47 PM
To: users@cloudstack.apache.org
Subject: TAP/SPAN...

We’ve got a client who would like to ship a copy of all packets that pass 
through their virtual router to an appliance (that we’d place on their VLAN).

I’ve searched a bit (I’d hoped to see some mention of it in the users list) and 
haven’t found specific references to TAP/SPAN related to CloudStack, is there a 
convention for such things? I’m a (tiny) little out of my depth, is this the 
kind of thing that I might find (if it existed) here:


  *   
http://docs.cloudstack.apache.org/en/4.11.1.0/adminguide/networking.html?highlight=network%20service%20providers

At the very least is something like this (a kind of roll-your-own SPAN) 
possible on the virtual router?


  *   https://networkhop.wordpress.com/2016/04/27/port-mirroring-with-iptables/

I wish this had come up at the collab  in Montreal (having JUST been there 
earlier this week), but so it goes.

Thanks for any consideration/feedback,
David

David Merrill
Senior Systems Engineer,
Managed and Private/Hybrid Cloud Services
OTELCO
92 Oak Street, Portland ME 04101
office 207.772.5678
www.otelco.com/business/managed-services

Confidentiality Message
The information contained in this e-mail transmission may be confidential and 
legally privileged. If you are not the intended recipient, you are notified 
that any dissemination, distribution, copying or other use of this information, 
including attachments, is prohibited. If you received this message in error, 
please call me at 207.772.5678 so this error can be 
corrected.

TAP/SPAN...

2018-09-28 Thread David Merrill 
We’ve got a client who would like to ship a copy of all packets that pass 
through their virtual router to an appliance (that we’d place on their VLAN).

I’ve searched a bit (I’d hoped to see some mention of it in the users list) and 
haven’t found specific references to TAP/SPAN related to CloudStack, is there a 
convention for such things? I’m a (tiny) little out of my depth, is this the 
kind of thing that I might find (if it existed) here:


  *   
http://docs.cloudstack.apache.org/en/4.11.1.0/adminguide/networking.html?highlight=network%20service%20providers

At the very least is something like this (a kind of roll-your-own SPAN) 
possible on the virtual router?


  *   https://networkhop.wordpress.com/2016/04/27/port-mirroring-with-iptables/

I wish this had come up at the collab  in Montreal (having JUST been there 
earlier this week), but so it goes.

Thanks for any consideration/feedback,
David

David Merrill
Senior Systems Engineer,
Managed and Private/Hybrid Cloud Services
OTELCO
92 Oak Street, Portland ME 04101
office 207.772.5678
www.otelco.com/business/managed-services

Confidentiality Message
The information contained in this e-mail transmission may be confidential and 
legally privileged. If you are not the intended recipient, you are notified 
that any dissemination, distribution, copying or other use of this information, 
including attachments, is prohibited. If you received this message in error, 
please call me at 207.772.5678 so this error can be 
corrected.

Re: [VOTE] Apache CloudStack 4.11.2.0 RC2

2018-09-28 Thread Boris Stoyanov 
Thanks Rene, that worked! 

We have a  +1 then. 

Bobby.


boris.stoya...@shapeblue.com 
www.shapeblue.com
Amadeus House, Floral Street, London  WC2E 9DPUK
@shapeblue
  
 

> On 28 Sep 2018, at 11:38, Rene Moser  wrote:
> 
> Hi
> 
> On 09/28/2018 05:21 PM, Boris Stoyanov wrote:
>> Hi guys,
>> 
>> I’ve did some upgrade testing of RC2. I did upgraded database successfully 
>> from 4.5.2.2, 4.9.3 and 4.11.1, but unfortunately I’ve run into a 
>> connectivity issue between vmware 4.5u3 environments. 
>> 
>> Looks like TLS1.2 is not supported at first glance.
>> 
>>  Caused by: javax.net.ssl.SSLHandshakeException: Server chose TLSv1, but 
>> that protocol version is not enabled or not supported by the client.
> 
>> I’m guessing we’ll need an RC3. 
> 
> This is a known issue and also exists in 4.11 (upgrade from 4.5 to 4.11.1)
> 
> Probably only needs some docs:
> 
> in /etc/cloudstack/management/java.security.ciphers
> 
> change line
> 
> jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1, TLSv1.1, DH keySize
> < 128, RSA keySize < 128, DES keySize < 128, SHA1 keySize < 128, MD5
> keySize < 128, RC4
> 
> to
> 
> jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, DH keySize < 128, RSA
> keySize < 128, DES keySize < 128, SHA1 keySize < 128, MD5 keySize < 128, RC4
> 
> solves it.
> 
> Regards
> René

Re: system VM has no ips

2018-09-28 Thread Boris Stoyanov 
Hi Yordan,

System VMs will get an IP from those networks and will get assigned a gateway 
from the public range, have you tried seeing the logs of management server, 
perhaps you could find a hint there. Also what version of Cloudstack are you 
running.

There’s a really good  wiki page which you could refer to troubleshooting 
SSVMs: 
https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSVM%2C+templates%2C+Secondary+storage+troubleshooting

Regards,
Bobby.


boris.stoya...@shapeblue.com 
www.shapeblue.com
Amadeus House, Floral Street, London  WC2E 9DPUK
@shapeblue
  
 

On 28 Sep 2018, at 10:59, Yordan Kostov 
mailto:yordan.kos...@worldsupport.info>> wrote:

Dear all,

Trying to get an advanced networking Cloudstack setup.

My environment is a xenserver 7.1 with 4 nics in 2 bonds 
(Bond_01 and bond_23, those are set as labels on the network labels below).
Network setup is:
Management range (bond_01) –  10.10.10.10-20 (untagged)
Public range(bond_01)  - 10.10.10.220-230 (untagged)
Guest vlans (bond_23) – 3500 to 3510

When the system VMs start up the cloudstack menu says 
“starting” forever.
[cid:image002.jpg@01D45754.F399A870]From the Xenserver I can 
see that vms are up and when I logging there are actually no interfaces.













This is just a test environment so no other configs are 
involved.
I wonder why is this happening. Basic networking option works 
without issues.

Btw is there any guide regarding System VMs behavior ?
Most of the guides explain what they do but not how they do it 
(how are their IPs assigned when started up? Which of the interfaces is used 
for communication with the management server etc..).
Thank you.

Best regards,
Jordan Kostov

Re: [VOTE] Apache CloudStack 4.11.2.0 RC2

2018-09-28 Thread Rene Moser 
Hi

On 09/28/2018 05:21 PM, Boris Stoyanov wrote:
> Hi guys,
> 
> I’ve did some upgrade testing of RC2. I did upgraded database successfully 
> from 4.5.2.2, 4.9.3 and 4.11.1, but unfortunately I’ve run into a 
> connectivity issue between vmware 4.5u3 environments. 
> 
> Looks like TLS1.2 is not supported at first glance.
> 
>   Caused by: javax.net.ssl.SSLHandshakeException: Server chose TLSv1, but 
> that protocol version is not enabled or not supported by the client.

> I’m guessing we’ll need an RC3. 

This is a known issue and also exists in 4.11 (upgrade from 4.5 to 4.11.1)

Probably only needs some docs:

in /etc/cloudstack/management/java.security.ciphers

change line

jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1, TLSv1.1, DH keySize
< 128, RSA keySize < 128, DES keySize < 128, SHA1 keySize < 128, MD5
keySize < 128, RC4

to

jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, DH keySize < 128, RSA
keySize < 128, DES keySize < 128, SHA1 keySize < 128, MD5 keySize < 128, RC4

solves it.

Regards
René

Re: [VOTE] Apache CloudStack 4.11.2.0 RC2

2018-09-28 Thread Boris Stoyanov 
Hi guys,

I’ve did some upgrade testing of RC2. I did upgraded database successfully from 
4.5.2.2, 4.9.3 and 4.11.1, but unfortunately I’ve run into a connectivity issue 
between vmware 4.5u3 environments. 

Looks like TLS1.2 is not supported at first glance.

Caused by: javax.net.ssl.SSLHandshakeException: Server chose TLSv1, but 
that protocol version is not enabled or not supported by the client.

I’m guessing we’ll need an RC3. 

Bobby.


boris.stoya...@shapeblue.com 
www.shapeblue.com
Amadeus House, Floral Street, London  WC2E 9DPUK
@shapeblue
  
 

> On 26 Sep 2018, at 23:06, Paul Angus  wrote:
> 
> Hi All,
> 
> There were a few issues discovered in RC1, these have been fixed so we're 
> ready to go with RC2 which should hopefully go very smoothly.
> 
> I've created a 4.11.2.0 release (RC2), with the following artefacts up for 
> testing and a vote:
> 
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/
> Commit: c64591bdd2fd677c9a0ca1970d61d1be9f222326
> 
> Source release (checksums and signatures are available at the same location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.2.0/
> 
> PGP release keys (signed using 8B309F7251EE0BC8):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> 
> The vote will be open until the middle of next week, 26th September 2018.
> 
> For sanity in tallying the vote, can PMC members please be sure to indicate 
> "(binding)" with their vote
> 
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
> 
> Additional information:
> 
> For users' convenience, I've built packages from 
> c64591bdd2fd677c9a0ca1970d61d1be9f222326 and published RC2 repository here:
> http://packages.shapeblue.com/testing/41120rc2/
> 
> 4.11.2 systemvm templates are available from here:
> http://packages.shapeblue.com/testing/systemvm/
> 
> 
> 
> 
> 
> paul.an...@shapeblue.com 
> www.shapeblue.com
> Amadeus House, Floral Street, London  WC2E 9DPUK
> @shapeblue
> 
> 
>

system VM has no ips

2018-09-28 Thread Yordan Kostov 
Dear all,

Trying to get an advanced networking Cloudstack setup.

My environment is a xenserver 7.1 with 4 nics in 2 bonds 
(Bond_01 and bond_23, those are set as labels on the network labels below).
Network setup is:
Management range (bond_01) -  10.10.10.10-20 (untagged)
Public range(bond_01)  - 10.10.10.220-230 (untagged)
Guest vlans (bond_23) - 3500 to 3510

When the system VMs start up the cloudstack menu says 
"starting" forever.
[cid:image002.jpg@01D45754.F399A870]From the Xenserver I can 
see that vms are up and when I logging there are actually no interfaces.













This is just a test environment so no other configs are 
involved.
I wonder why is this happening. Basic networking option works 
without issues.

Btw is there any guide regarding System VMs behavior ?
Most of the guides explain what they do but not how they do it 
(how are their IPs assigned when started up? Which of the interfaces is used 
for communication with the management server etc..).
Thank you.

Best regards,
Jordan Kostov

Local Upload to Storage - Volumes

2018-09-28 Thread Richard M 
Hello
Every time I try and "upload from local" in storage. It creates an entry but 
fails to upload the file. I've checked the logs but can find no reason why it 
failed.
Is anyone able to help shed some light on why this may be happening?
Thanks
Richard