Re: kubernetes on vpc network
Hello Piotr, yes, since Cloudstack 4.18.1 it is possible to run a CKS kubernetes cluster based on a vpc network. https://github.com/apache/cloudstack/issues/6723 Best regards, Stephan > Piotr Pisz hat am 06.09.2024 08:32 CEST geschrieben: > > > Hi, > > Is it possible to run a kubernetes cluster within a VPC network (kubernetes > network as a tier of the vps network)? > > Regards, > Piotr
Re: Site not prompting on bad user and password
Hi Marty, indeed, it is: https://github.com/apache/cloudstack/issues/8662 I guess you are on 4.19.0.1 instead of 4.19.1 ? Best regards, Stephan > Marty Godsey hat am 02.07.2024 16:51 CEST geschrieben: > > > I have a weird issue. > > When a user types in incorrect credentials, it is not saying incorrect > username or password any more. Instead it acts like it is going to log in, > you get the spinning icon, and it sits there. If you try and refresh the > page, then the login prompt never comes back, it just sits at the spinning > icon spinning. To log in, you must clear the data from the browser’s cache. > > I am on 4.19.1. Is this a known issue?
Re: Login issue on new install
Hi Ian, it sounds exactly like the issue we found last week and opened a github issue for: https://github.com/apache/cloudstack/issues/9123 Once you enter a wrong password, you are stuck in the spinning wheel page. No error message about the wrong password will appear, like in previous versions. Even when you close the browser window/tab and open a new one with the url - you will only see the spinning wheel and no login page. You have to delete browser cache to be able to see the login page again. Seems like a bug. Best regards, Stephan > Wei ZHOU hat am 24.05.2024 19:01 CEST geschrieben: > > > Any "Exception" in the /var/log/cloudstack/management-server log? > > > On Friday, May 24, 2024, Ian Tobin wrote: > > > > > Tried that on different machines > > > > The server loads are also low > > > > > > > > -Original Message- > > From: Wei ZHOU > > Sent: 24 May 2024 17:33 > > To: users@cloudstack.apache.org > > Subject: Re: Login issue on new install > > > > clear browser cache or incognito mode? > > > > > > > > On Friday, May 24, 2024, Ian Tobin wrote: > > > > > Hi, > > > > > > We've just built a new management server (ubtunu 23.04) and db server. > > > Login page loads, enter user and pass, then the login box just spins, > > > it never times out either. > > > > > > Any idea what could be the issue or log to check? > > > > > > Thanks > > > > > > Ian > > > > > > > > > > >
Re: Console Proxy Stopped Working after 4.17.2 -> 4.18.1 upgrade on KVM Hosts
Hello Antoine,
we had exactly the same issue.
Re-uploading and re-applying all certificates according to the documentation
solved the issue, they were lost during the update.
Best regards,
Stephan
> Antoine Boucher hat am 15.01.2024 06:32 CET
> geschrieben:
>
>
> Hello,
>
> The console access now fails on KVM hosts after upgrading from ACS 4.17.2 to
> ACS 4.18.1
> The console has been working flawlessly on 4.17.2 with SSL and
> www-xxx-yyy-zzz.domain.com configuration.
> I see some authentication and loading resource issues in the following Proxy
> logs. Everything else works well, including the console access on Xen hosts.
>
> The firewall on the host is disabled, times are synced, the management server
> is using the local time zone, and the KVM hosts are using UTC.
>
> What am I missing?
>
> Regards,
> Antoine
>
>
> Note: The KVM host IP has been changed to 10.xx.xx.xx
>
>
> MANAGEMENT SERVER LOGS
>
> 2024-01-14 23:57:20,027 DEBUG [c.c.a.m.AgentManagerImpl]
> (AgentManager-Handler-4:null) (logid:) SeqA 104-3099: Processing Seq
> 104-3099: { Cmd , MgmtId: -1, via: 104, Ver: v1, Flags: 11,
> [{"com.cloud.agent.api.ConsoleProxyLoadReportCommand":{"_proxyVmId":"493","_loadInfo":"{
> "connections": [],
> "removedSessions": []
> }","wait":"0","bypassHostMaintenance":"false"}}] }
> 2024-01-14 23:57:20,032 DEBUG [c.c.a.m.AgentManagerImpl]
> (AgentManager-Handler-4:null) (logid:) SeqA 104-3099: Sending Seq 104-3099:
> { Ans: , MgmtId: 130593671224, via: 104, Ver: v1, Flags: 100010,
> [{"com.cloud.agent.api.AgentControlAnswer":{"result":"true","wait":"0","bypassHostMaintenance":"false"}}]
> }
> 2024-01-14 23:57:21,363 DEBUG [c.c.a.m.AgentManagerImpl]
> (AgentManager-Handler-5:null) (logid:) SeqA 102-2964: Processing Seq
> 102-2964: { Cmd , MgmtId: -1, via: 102, Ver: v1, Flags: 11,
> [{"com.cloud.agent.api.ConsoleProxyLoadReportCommand":{"_proxyVmId":"488","_loadInfo":"{
> "connections": [],
> "removedSessions": []
> }","wait":"0","bypassHostMaintenance":"false"}}] }
> 2024-01-14 23:57:21,367 DEBUG [c.c.a.m.AgentManagerImpl]
> (AgentManager-Handler-5:null) (logid:) SeqA 102-2964: Sending Seq 102-2964:
> { Ans: , MgmtId: 130593671224, via: 102, Ver: v1, Flags: 100010,
> [{"com.cloud.agent.api.AgentControlAnswer":{"result":"true","wait":"0","bypassHostMaintenance":"false"}}]
> }
> 2024-01-14 23:57:23,558 DEBUG [c.c.a.ApiServlet]
> (qtp279593458-695:ctx-2e31e696) (logid:a3f76229) ===START=== 104.28.133.19
> -- GET
> virtualmachineid=bca11a2a-f642-4ded-a8d8-809a046de56b&command=createConsoleEndpoint&response=json
> 2024-01-14 23:57:23,559 DEBUG [c.c.a.ApiServlet]
> (qtp279593458-695:ctx-2e31e696) (logid:a3f76229) Two factor authentication is
> already verified for the user 2, so skipping
> 2024-01-14 23:57:23,574 DEBUG [c.c.a.ApiServer]
> (qtp279593458-695:ctx-2e31e696 ctx-ced9fb8e) (logid:a3f76229) CIDRs from
> which account 'Account
> [{"accountName":"admin","id":2,"uuid":"2cee75f9-8bc4-11ec-9c43-001e67fd4838"}]'
> is allowed to perform API calls: 0.0.0.0/0,::/0
> 2024-01-14 23:57:23,579 INFO [o.a.c.a.DynamicRoleBasedAPIAccessChecker]
> (qtp279593458-695:ctx-2e31e696 ctx-ced9fb8e) (logid:a3f76229) Account
> [Account
> [{"accountName":"admin","id":2,"uuid":"2cee75f9-8bc4-11ec-9c43-001e67fd4838"}]]
> is Root Admin or Domain Admin, all APIs are allowed.
> 2024-01-14 23:57:23,581 WARN [o.a.c.a.ProjectRoleBasedApiAccessChecker]
> (qtp279593458-695:ctx-2e31e696 ctx-ced9fb8e) (logid:a3f76229) Project is
> null, ProjectRoleBasedApiAccessChecker only applies to projects, returning
> API [createConsoleEndpoint] for user [User
> {"username":"admin","uuid":"2cefb708-8bc4-11ec-9c43-001e67fd4838"}.] as
> allowed.
> 2024-01-14 23:57:23,591 WARN [c.c.a.d.ParamGenericValidationWorker]
> (qtp279593458-695:ctx-2e31e696 ctx-ced9fb8e) (logid:a3f76229) Received
> unknown parameters for command createConsoleEndpoint. Unknown parameters :
> client-inet-address
> 2024-01-14 23:57:23,607 DEBUG [c.c.c.ConsoleProxyManagerImpl]
> (qtp279593458-695:ctx-2e31e696 ctx-ced9fb8e) (logid:a3f76229) Assign previous
> allocated console proxy for user vm : 59
> 2024-01-14 23:57:23,614 DEBUG [c.c.a.t.Request]
> (qtp279593458-695:ctx-2e31e696 ctx-ced9fb8e) (logid:a3f76229) Seq
> 59-4686558362232422593: Sending { Cmd , MgmtId: 130593671224, via:
> 59(cs-kvm01), Ver: v1, Flags: 100011,
> [{"com.cloud.agent.api.GetVncPortCommand":{"id":"59","name":"i-11-59-VM","wait":"0","bypassHostMaintenance":"false"}}]
> }
> 2024-01-14 23:57:23,679 DEBUG [c.c.a.t.Request] (AgentManager-Handler-7:null)
> (logid:) Seq 59-4686558362232422593: Processing: { Ans: , MgmtId:
> 130593671224, via: 59, Ver: v1, Flags: 10,
> [{"com.cloud.agent.api.GetVncPortAnswer":{"address":"10.xxx.xxx.xxx","port":"5905","result":"true","wait":"0","bypassHostMaintenance":"false"}}]
> }
> 2024-01-14 23:57:23,680 DEBUG [c.c.a.t.Request]
> (qtp279593458-695:ctx-2e31e696 ctx-ced9fb8e) (logid:a3f76229) Seq
> 59-
Re: KVM + Ceph volume attach problem
Hello Andrei, we are using Ceph with RBD images on CloudStack 4.18.1.0 as well but i can not reproduce the issue you are observing. Using the WebUI i created a new Volume, selected "Attach Disk" and all VMs are shown, running and stopped. Attaching to a running VM within the WebUI works as expected in my setup. Probably a simple thing, but did you/the users try cleaning your browser cache after the CloudStack Update? Best regards, Stephan > Andrei Mikhailovsky hat am 15.12.2023 11:49 CET > geschrieben: > > > Hello guys, > > Any updates or thoughts on what's causing the issue with attaching volumes in > the latest ACS? I still can't attach any volumes to a running vis from the > ACS web gui. This is a bit of a problem. As I've mentioned earlier, no errors > in the management.log. The attaching works okay from the cmk. However, most > of the users that we have are using web gui to manage their vms. > > Any help would be appreciated. > > Cheers > > Andrei > > - Original Message - > > From: "Andrei Mikhailovsky" > > To: "users" > > Sent: Monday, 11 December, 2023 11:39:27 > > Subject: Re: KVM + Ceph volume attach problem > > > Hey Wei, > > > > I tested and I can attach it from the cloudmonkey just fine. > > > > Do you know what could be causing the issue in the GUI? > > > > Cheers > > > > Andrei > > > > - Original Message - > >> From: "Wei ZHOU" > >> To: "users" > >> Sent: Monday, 11 December, 2023 10:15:20 > >> Subject: Re: KVM + Ceph volume attach problem > > > >> Hi, > >> > >> Do the volumes/vms belong to the same account ? > >> > >> Can you try with cmk/cloudmonkey ? > >> > >> -Wei > >> > >> On Mon, 11 Dec 2023 at 11:05, Andrei Mikhailovsky > >> > >> wrote: > >> > >>> Hello guys, > >>> > >>> I am having a strange issue which I've not noticed before. I am running > >>> ACS version 4.18.1.0 with ceph using rbd for images. I've created a new > >>> volume and trying to attach it. However, the list of VMs that I can attach > >>> a volume to is only showing STOPPED VMs. I can't seem to attach any > >>> volumes > >>> to a running vm. I've done the usual, management server logs checking, > >>> restarting the acs management server, etc. It didn't help. I've also > >>> noticed that the nfs storage pool volumes are experiencing the same issue. > >>> > >>> I am sure that I was able to attach volumes to a running vm in the past. > >>> What could be causing the issue? > >>> > >>> Cheers > >>> > > >> Andrei
Re: How To Not Allow Domain Admin to create Network Offerings
Hi Palash, i am not sure what you are referring to exactly, because in my case a Domain Admin is not able to create Network Offerings. They can list network offerings, but not create. In case you are searching for a way to deny Domain Admins creating ServiceOfferings, you can create a new role, based on the Domain Admin Role. For this new role, you can deny various actions, for example select "Deny" for the actions "createComputeOffering" and "createDiskOffering" (in the UI look for the Rules tab of the role). Best regards, Stephan > Palash Biswas hat am 06.12.2023 07:36 CET geschrieben: > > > Hi Community, > > I do not want to allow Domain Admin to create any Network Offerings. > > It should only be created by Root Admins > > How do I achieve this? Thank you
Re: Migrate VR and all VMs hanging from it
Hello Francisco, in case it's related to all VMs/VRs on one hypervisor/host, you could put the host to maintenance mode. Cloudstack will automatically migrate all VMs including VRs, to another host. Best regards, Stephan > Francisco Arencibia Quesada hat am 05.12.2023 > 10:34 CET geschrieben: > > > Good morning guys, > > I have a task to complete and would like to know if someone has done this > before, or if CloudStack already has a feature like this, before proceeding > with the assignment. The intention is to create a script that assists in > the bulk migration of VMs and their VR. The idea is to take the VMs from > one hypervisor, check their network with the associated VR, and then review > the VMs that rely on that network. With this list, proceed to migrate in > bulk. > > Kind Regards > -- > *Francisco Arencibia Quesada.* > *DevOps Engineer*
Re: VM Firewalls In Between Subnets
Hi Bryan, sure you can, for example using multiple L2 networks connected to your virtual appliance. L2 network will not interfere with any services of your appliance, as there is no virtual router involved. Spreading the VMs to the different L2 networks, their only way to communicate is via your appliance of choice. Use L2 with ConfigDrive network offerings to keep the possibility of providing UserData for Cloud-Init etc if required. Using L2 networks with "specify VLAN" you could even use an maybe already existing physical or virtual appliance outside of Cloudstack within the specified VLANs. Best regards, Stephan > Bryan Tiang hat am 21.11.2023 07:40 CET > geschrieben: > > > Hi All, > > I have a financial client who requires 3 subnets, each filtered by a firewall. > > They didnt accept the idea of using Network ACLs. They want packet filtering, > intrusion prevention systems etc which are all features of a full fledged > firewall. > > Can i install a VM Firewall from Fortinet or Palo Alto, and get achieve the > subnet segregation? All via cloudstack? > > Regards, > Bryan > > Sent with Spark
Re: VM Firewalls In Between Subnets
Hi Bryan, sure you can, for example using multiple L2 networks connected to your virtual appliance. L2 network will not interfere with any services of your appliance, as there is no virtual router involved. Spreading the VMs to the different L2 networks, their only way to communicate is via your appliance of choice. Use L2 with ConfigDrive network offerings to keep the possibility of providing UserData for Cloud-Init etc if required. Using L2 networks with "specify VLAN" you could even use an maybe already existing physical or virtual appliance outside of Cloudstack within the specified VLANs. Best regards, Stephan > Bryan Tiang hat am 21.11.2023 07:40 CET > geschrieben: > > > Hi All, > > I have a financial client who requires 3 subnets, each filtered by a firewall. > > They didnt accept the idea of using Network ACLs. They want packet filtering, > intrusion prevention systems etc which are all features of a full fledged > firewall. > > Can i install a VM Firewall from Fortinet or Palo Alto, and get achieve the > subnet segregation? All via cloudstack? > > Regards, > Bryan > > Sent with Spark
Re: CloudStack - TF Integration Status
Rohit P. might be referring to Tungsten Fabric instead of Terraform. On the project website of Tungsten Fabric the project team states: "Thank you for your interest in Tungsten Fabric. The community has decided to shut down the project and will sunset this website on August 1, 2024." which would give the right relation to Rohit`s question of how this will impact the integration with Cloudstack Best regards, Stephan > Rohit Yadav hat am 26.10.2023 10:59 CEST > geschrieben: > > > Hi Rohit, > > Some triaging work was done last month, we hope to work towards the next TF > release v0.5.0 after ACS 4.19 release - > https://github.com/apache/cloudstack-terraform-provider/milestone/2 > > In the meanwhile, any user efforts in testing and submitting bugs/improvement > requests on Github are welcome. > > > Regards. > > > From: Rohit Palsulkar > Sent: Thursday, October 26, 2023 14:25 > To: users@cloudstack.apache.org > Subject: CloudStack - TF Integration Status > > Hi All, > > I just wanted to know the status of the CloudStack - TF Integration. Is it > still happening? > > I came across the TF Website and saw below message - > > [Screenshot 2023-10-26 at 2.07.48 PM.png] > > Kindly let us know if this will affect the ongoing development towards the > Integration with Cloudstack? > > -- > Regards, > Rohit P > [https://ci3.googleusercontent.com/mail-sig/AIorK4yvCmOZqibK4B_l3XOxCFDHWF9Qo_rdu2JLbrcXZf9-hhM9s8z-Lg2J-zCpyobbFnVUAAzHtRg] > > This message is intended only for the use of the individual or entity to > which it is addressed and may contain confidential and/or privileged > information. If you are not the intended recipient, please delete the > original message and any copy of it from your computer system. You are hereby > notified that any dissemination, distribution or copying of this > communication is strictly prohibited unless proper authorization has been > obtained for such action. If you have received this communication in error, > please notify the sender immediately. Although IndiQus attempts to sweep > e-mail and attachments for viruses, it does not guarantee that both are > virus-free and accepts no liability for any damage sustained as a result of > viruses.
Re: Unable to deploy vm instance
Hi,
it looks like your VirtualRouter is failing to deploy and the virtual machine
you are trying to deploy is depending on the successful deployment of the
virtual router:
For the virtualrouter:
"No clusters found having a host with enough capacity, returning"
2023-09-04 14:53:18,705 DEBUG [o.a.c.e.o.NetworkOrchestrator]
(Work-Job-Executor-49:ctx-c8a359da job-121/job-122 ctx-7d522cd7)
(logid:f67a3ec7) Changing active number of nics for network id=213 on 1
2023-09-04 14:53:18,743 DEBUG [o.a.c.e.o.NetworkOrchestrator]
(Work-Job-Executor-49:ctx-c8a359da job-121/job-122 ctx-7d522cd7)
(logid:f67a3ec7) Asking VirtualRouter to prepare for
Nic[25-15-260f06c2-cd9e-4cc4-bd43-4bf0f1747e8d-10.66.10.77]
2023-09-04 14:53:18,761 DEBUG [c.c.n.r.NetworkHelperImpl]
(Work-Job-Executor-49:ctx-c8a359da job-121/job-122 ctx-7d522cd7)
(logid:f67a3ec7) Starting router VM instance
{"id":12,"instanceName":"r-12-VM","type":"DomainRouter","uuid":"6cb1a13f-c23e-4ba3-90dd-9dcafb186b01"}
2023-09-04 14:53:18,873 DEBUG [c.c.d.FirstFitPlanner]
(Work-Job-Executor-49:ctx-c8a359da job-121/job-122 ctx-7d522cd7)
(logid:f67a3ec7) Searching resources only under specified Pod: 3
2023-09-04 14:53:18,878 DEBUG [c.c.d.FirstFitPlanner]
(Work-Job-Executor-49:ctx-c8a359da job-121/job-122 ctx-7d522cd7)
(logid:f67a3ec7) Listing clusters in order of aggregate capacity, that have (at
least one host with) enough CPU and RAM capacity under this Pod: 3
2023-09-04 14:53:18,883 DEBUG [c.c.d.FirstFitPlanner]
(Work-Job-Executor-49:ctx-c8a359da job-121/job-122 ctx-7d522cd7)
(logid:f67a3ec7) No clusters found having a host with enough capacity,
returning.
2023-09-04 14:53:18,941 WARN [c.c.v.VirtualMachineManagerImpl]
(Work-Job-Executor-49:ctx-c8a359da job-121/job-122 ctx-7d522cd7)
(logid:f67a3ec7) Insufficient capacity
com.cloud.exception.InsufficientServerCapacityException: Unable to create a
deployment for VM instance
{"id":12,"instanceName":"r-12-VM","type":"DomainRouter","uuid":"6cb1a13f-c23e-4ba3-90dd-9dcafb186b01"}Scope=interface
com.cloud.dc.DataCenter; id=3
Therefore, the VM deployment, which initially is successful, is destroyed after
the Virtual Router cant be deployed.
Do you have any other Virtual Router in Datacenter with id 3 and Pod with id 3
running already?
Did you specify any specific host/storage tags for the virtual router offering,
is network configuration right and do you have enough hosts with enough
capacity in pod with id=3?
Best regards,
Stephan
> Wei ZHOU hat am 04.09.2023 12:00 CEST geschrieben:
>
>
> Hi,
>
> It looks like there was not enough memory.
>
> -Wei
>
> On Mon, 4 Sept 2023 at 11:08, Technology Mail
> wrote:
>
> > Hello,
> >
> > Unable to deploy vm instance,
> >
> > My server is alam 8.
> >
> > 1. MGMT+NFS
> > 2. KVM
> >
> > +
> >
> > Unable to start a VM [55d71859-ae54-4e12-8de3-8f84fe9627bf] due to
> > [Unable to create a deployment for VM instance
> >
> > {"id":15,"instanceName":"i-2-15-VM","type":"User","uuid":"55d71859-ae54-4e12-8de3-8f84fe9627bf"}].
> >
> > +
> >
> > MGMT server log
> >
> > ++
> >
> > 2023-09-04 14:53:15,711 DEBUG [c.c.a.ApiServlet]
> > (qtp649329985-505:ctx-d4b80649) (logid:550584ab) ===START=== 10.66.10.22
> > -- GET
> >
> > zoneid=cd6b9366-3982-42be-b3b2-8c4361239e4f&podid=97b8385b-baf9-4818-97b1-4ca141dcddce&clusterid=94385c60-5970-447c-926b-11653ac04a5a&hostid=7cad36ca-ddb9-404f-99ae-4f9f446138d8&boottype=BIOS&bootmode=LEGACY&templateid=0b13fe5d-af8a-4247-b473-20fb19723a9a&hypervisor=KVM&startvm=true&serviceofferingid=d13efba9-4f06-429c-a697-7a46a7c0f9b4&diskofferingid=961fd360-ca5e-4d2a-9813-cbd9eb392412&affinitygroupids=&securitygroupids=3388fc57-4a57-11ee-acdf-08002737abca&keypairs=&command=deployVirtualMachine&response=json
> > 2023-09-04 14:53:15,711 DEBUG [c.c.a.ApiServlet]
> > (qtp649329985-505:ctx-d4b80649) (logid:550584ab) Two factor
> > authentication is already verified for the user 2, so skipping
> > 2023-09-04 14:53:15,729 DEBUG [c.c.a.ApiServer]
> > (qtp649329985-505:ctx-d4b80649 ctx-698d5d78) (logid:550584ab) CIDRs from
> > which account 'Account
> > [{"accountName":"admin","id":2,"uuid":"33862365-4a57-11ee-acdf-08002737abca"}]'
> >
> > is allowed to perform API calls: 0.0.0.0/0,::/0
> > 2023-09-04 14:53:15,736 INFO [o.a.c.a.DynamicRoleBasedAPIAccessChecker]
> > (qtp649329985-505:ctx-d4b80649 ctx-698d5d78) (logid:550584ab) Account
> > [Account
> > [{"accountName":"admin","id":2,"uuid":"33862365-4a57-11ee-acdf-08002737abca"}]]
> >
> > is Root Admin or Domain Admin, all APIs are allowed.
> > 2023-09-04 14:53:15,738 WARN [o.a.c.a.ProjectRoleBasedApiAccessChecker]
> > (qtp649329985-505:ctx-d4b80649 ctx-698d5d78) (logid:550584ab) Project is
> > null, ProjectRoleBasedApiAccessChecker only applies to projects,
> > returning API [deployVirtualMachine] for user [User
> > {"username":"admin","uuid":"33884ade-4a57-11ee-acdf-08002737abca"}.] as
> > allowed.
> > 2023-09-04 14:53:15,742 DEBUG [o.a.c.a.Static
Re: Windows guests hang on boot up
Hi Gary, indeed we are seeing the same on all of our KVM based virtualization platform, for example CloudStack and Proxmox. We usually see this behavior when rebooting after updates. As we update and reboot using Ansible, we implemented a check if the reboot failed within the defined timeout. If the normal windows reboot failed, we execute a shutdown and start of the VM via the virtualizations platform API. After the shutdown and start, Windows is always booting normal again. A workaround because we did not find the root cause for the issue, but we know many others suffer the same issue. Best regards, Stephan > Gary Dixon hat am 22.08.2023 16:38 CEST > geschrieben: > > > > ACS 4.15.2 > > KVM hosts Ubuntu 20.04 > > > > Hi all > > > > Is anyone else seeing an issue where Windows guests VM’s are getting stuck at > the windows boot logo after being rebooted ? > > > > It is the same issue as reported here > https://borncity.com/win/2023/04/04/kvm-bug-windows-vms-can-hang-at-boot-after-11-days/ > > https://borncity.com/win/2023/04/04/kvm-bug-windows-vms-can-hang-at-boot-after-11-days/ > and also seems to be affecting other solutions that use KVM/Libvirt as the > hypervisor such as proxmox > > > > If so has anyone found a fix ? > > > > BR > > > > Gary > > > > > > Gary Dixon > Senior Technical Consultant > T: +44 161 537 4990 > E: v tel:+44%207989717661ms@quadris‑support.com > W: www.quadris.co.uk > The information contained in this e-mail from Quadris may be confidential and > privileged for the private use of the named recipient. The contents of this > e-mail may not necessarily represent the official views of Quadris. If you > have received this information in error you must not copy, distribute or take > any action or reliance on its contents. Please destroy any hard copies and > delete this message. >
Re: Apache CloudStack and Ceph
Hi Ivet, at weSystems we build on Ceph for storage projects heavily and thats why we decided to build our Cloudstack Platform on Ceph of course. We are usually in close communication with the people at croit.io, Founding Member of the Ceph Foundation, and from time to time share ideas what could be helpful to make the combination of Cloudstack and Ceph even greater. I am happy to be part of the event as well and share our story. Best regards, Stephan > Ivet Petrova hat am 09.08.2023 14:55 CEST > geschrieben: > > > Hello all, > > Do we have any community members who are using both Apache CloudStack and > Ceph as a storage? > We are discussing organising a joint 1-day event with the Ceph community and > I was wondering if I can get support from companies - join the event and have > a talk over their ACS and Ceph usage? > > Kind regards,
Re: over-ride VM CPU config
I am not sure if i understand your concern in regards to hooks, but they actually work to modify the generated XML. We are for example using the following settings in agent.properties to add GPUs to specific VMs. agent.hooks.libvirt_vm_on_start.script=libvirt-vm.groovy agent.hooks.libvirt_vm_xml_transformer.method=transform agent.hooks.libvirt_vm_xml_transformer.script=libvirt-vm.groovy agent.hooks.libvirt_vm_on_stop.script=libvirt-vm.groovy This was implemented before the nice feature of "extraconfig". The script libvirt-vm.groovy is adding additional devices (GPUs) to the device tree of the VMs XML like return new XmlParser().parseText( " \n" + "\n" + " \n" + "\n" + " ") } Maybe thats what you, Gary, were asking for? I never tried changing the CPU using this approach. Best regards, Stephan > Wido den Hollander hat am 14.07.2023 15:21 CEST geschrieben: > > > Op 14-07-2023 om 14:30 schreef Gary Dixon: > > Hi Wido > > > > So I take it this old feature request to inject custom domain XML wasn't > > implemented in any version of ACS ? > > https://cwiki.apache.org/confluence/display/CLOUDSTACK/KVM+hook+script+include > > That's for during a migration. That seems to be supported by libvirt. > > Not during the start of a VM. > > Wido > > > > > Gary Dixon > > Senior Technical Consultant > > T: +44 161 537 4990 > > E: v ms@quadris‑support.com > > W: www.quadris.co.uk > > > > The information contained in this e-mail from Quadris may be > > confidential and privileged for the private use of the named recipient. > > The contents of this e-mail may not necessarily represent the official > > views of Quadris. If you have received this information in error you > > must not copy, distribute or take any action or reliance on its > > contents. Please destroy any hard copies and delete this message. > > > > > > From: Wido den Hollander > > Sent: Friday, July 14, 2023 1:08 PM > > To: users@cloudstack.apache.org; Gary Dixon > > Subject: Re: over-ride VM CPU config > > > > > > > > Op 14/07/2023 om 13:46 schreef Gary Dixon: > > > Thanks Stephen > > > > > > This would be a great feature to have. I was wondering if for now we > > > could achieve our goal using libvirt hooks ? > > > https://libv/ > > > irt.org%2Fhooks.html%23custom-event-scripts&data=05%7C01%7CGary.Dixon% > > > 40quadris.co.uk%7Cb12cb9c94d5a44d29c7408db8462f4ed%7Cf1d6abf3d3b44894a > > > e16db0fb93a96a2%7C0%7C0%7C638249332779881625%7CUnknown%7CTWFpbGZsb3d8e > > > yJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C30 > > > 00%7C%7C%7C&sdata=CK%2Fdtn0NtenXsGtxEnRXknZlRVuNc7hEIAWN5WligRg%3D&res > > > erved=0 > > > <https://lib/ > > > virt.org%2Fhooks.html%23custom-event-scripts&data=05%7C01%7CGary.Dixon > > > %40quadris.co.uk%7Cb12cb9c94d5a44d29c7408db8462f4ed%7Cf1d6abf3d3b44894 > > > ae16db0fb93a96a2%7C0%7C0%7C638249332779881625%7CUnknown%7CTWFpbGZsb3d8 > > > eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3 > > > 000%7C%7C%7C&sdata=CK%2Fdtn0NtenXsGtxEnRXknZlRVuNc7hEIAWN5WligRg%3D&re > > > served=0> > > > > As far as I know you are not able to modify the XML with hooks. > > > > You can act upon the hook prior to starting the VM by looking at the XML > > and preparing some resources for the VM, but you can't change anything > > at that point. > > > > Please do correct me if I'm wrong. > > > > Wido > > > > > > > > Gary Dixon > > > Senior Technical Consultant > > > T: +44 161 537 4990 > > > E: v ms@quadris‑support.com > > > W: > > > http://www.q/ > > > uadris.co.uk%2F&data=05%7C01%7CGary.Dixon%40quadris.co.uk%7Cb12cb9c94d > > > 5a44d29c7408db8462f4ed%7Cf1d6abf3d3b44894ae16db0fb93a96a2%7C0%7C0%7C63 > > > 8249332779881625%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV > > > 2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Nl0TSU5cLT > > > JqKh4uuKibuBHW%2B24R58zPfp8zhddUH9c%3D&reserved=0 > > > > > > The information contained in this e-mail from Quadris may be > > > confidential and privileged for the private use of the named recipient. > > > The contents of this e-mail may not necessarily represent the official > > > views of Quadris. If you have received this informati
Re: over-ride VM CPU config
Hi Gary, Lukas had the same requirement and already opened an issue / feature request for it https://github.com/apache/cloudstack/issues/7600 Best regards, Stephan > Gary Dixon hat am 14.07.2023 12:14 CEST > geschrieben: > > > > Hi all > > > > > > ACS 4.15.2 > > KVM on Ubuntu 20.04 > > > > > > We have a requirement that whenever a VM is deployed from a specific template > (a Netscaler appliance) that it must over-ride the agent properties guest cpu > mode = host-passthrough with a specific CPU model like so : > > > > Currently the VM gets deployed with these CPU parameters from the KVM host > agent config: > > > > > > > > > > > > > And we want to over-ride with this CPU config: > > > > > > EPYC-Rome > > > > > > > > > > > > > > > > We can change it temporarily on a running VM with Virt-Manager – but I want > this config to always be set whenever a VM is deployed from the template and > whenever a deployed VM is stopped and started. > > > > Any assistance would be greatly appreciated > > > > BR > > > > Gary > > > Gary Dixon > Senior Technical Consultant > T: +44 161 537 4990 > E: v tel:+44%207989717661ms@quadris‑support.com > W: www.quadris.co.uk > The information contained in this e-mail from Quadris may be confidential and > privileged for the private use of the named recipient. The contents of this > e-mail may not necessarily represent the official views of Quadris. If you > have received this information in error you must not copy, distribute or take > any action or reliance on its contents. Please destroy any hard copies and > delete this message. >
Re: How to create network based on DefaultL2NetworkOfferingConfigDriveVlan?
Hello Jeorge, indeed you have to be root admin to deploy a network with SpecifyVlan = true I experienced the same challenge as you did - the network will be owned by the root domain, even tough providing a domain (without an account). In my case it perfectly works when i define the domain AND an admin account of this domain - the network is owned by the domain and account correctly. Are you sure you defined the Domain AND the right account (not user) of the domain? Did you try via API / Cloudmonkey? Best regards, Stephan > Jorge Luiz Correa hat am 26.05.2023 13:24 > CEST geschrieben: > > > Hi all! How can I use the network offering > DefaultL2NetworkOfferingConfigDriveVlan? I would like to create a new L2 > network to be used by domain TEST, with vlan id 2123. DHCP will be > external. I need to use ConfigDrive to be able to set VM hostname and > password and Vlan to define the vlan id for the network. > > Using a domain admin account in TEST domain I can't create that network > because I can't choose the vlan id. If I use ROOT Admin to create I can > inform the vlan id but, even choosing the domain TEST, after creation the > new network has Domain=ROOT and Account=admin. I've already tried to inform > the domain and one account from TEST domain (as say help, 'account that > will own the network') but no success. Inside the TEST domain I can't see > the new network. > > As a workaround I've created a new network offering using shared, with > vlan, then enabled just UserData : ConfigDrive as provider. So, I could > create a new network as ROOT admin, configure the vlan id and the domain. > But I guess this is not the right way, I had to configure gateway, start > and end ip addresses, but none of these make sense, they are not used. > > Appreciate any help! > :) > > -- > Jorge Luiz Corrêa > Embrapa Agricultura Digital > > echo "CkpvcmdlIEx1aXogQ29ycmVhCkFu > YWxpc3RhIGRlIFJlZGVzIGUgU2VndXJhbm > NhCkVtYnJhcGEgQWdyaWN1bHR1cmEgRGln > aXRhbCAtIE5USQpBdi4gQW5kcmUgVG9zZW > xsbywgMjA5IChCYXJhbyBHZXJhbGRvKQpD > RVAgMTMwODMtODg2IC0gQ2FtcGluYXMsIF > NQClRlbGVmb25lOiAoMTkpIDMyMTEtNTg4 > Mgpqb3JnZS5sLmNvcnJlYUBlbWJyYXBhLm > JyCgo="|base64 -d > > -- > __ > Aviso de confidencialidade > > Esta mensagem da > Empresa Brasileira de Pesquisa Agropecuaria (Embrapa), empresa publica > federal regida pelo disposto na Lei Federal no. 5.851, de 7 de dezembro > de 1972, e enviada exclusivamente a seu destinatario e pode conter > informacoes confidenciais, protegidas por sigilo profissional. Sua > utilizacao desautorizada e ilegal e sujeita o infrator as penas da lei. > Se voce a recebeu indevidamente, queira, por gentileza, reenvia-la ao > emitente, esclarecendo o equivoco. > > Confidentiality note > > This message from > Empresa Brasileira de Pesquisa Agropecuaria (Embrapa), a government > company established under Brazilian law (5.851/72), is directed > exclusively to its addressee and may contain confidential data, > protected under professional secrecy rules. Its unauthorized use is > illegal and may subject the transgressor to the law's penalties. If you > are not the addressee, please send it back, elucidating the failure.
Re: Problem with K8 cluster
Hi Stanley, Hi Wei, thanks for your hints. Indeed i just saw in CS 4.18, containerd >1.6 is already used. So my issue is related to CS 4.17 (and its systemvm probably?) Building an up to date kubernetes iso worked like a charm, but i am not sure if within the kubernetes iso i can instruct the kubernetes setup process to deploy an up to date containerd. Anyways, after a CS update to 4.18 and its systemvm it should be solved anyways. Best regards, Stephan > Wei ZHOU hat am 24.05.2023 20:44 CEST geschrieben: > > > Hi Stephan, > > Which ISO do you use ? There are some ISOs on > https://download.cloudstack.org/cks/ , but they are out-of-date. > You can use create-kubernetes-binaries-iso.sh to create your own ISO with > specific cni/cri/weave/dashboard versions. > > > -Wei > > > On Wed, 24 May 2023 at 18:05, Stephan Bienek wrote: > > > Hi Stanley, > > > > i finally found a hint, that for k8s v1.26 you need containerd >=1.6 > > > > But the containerd version installed is < 1.6 > > > > I made the "kubeadm init --token ..." command from the script > > /opt/bin/deploy-kube-system working after updating containerd on the > > controller node to >1.6 > > > > echo "deb [arch=$(dpkg --print-architecture) > > signed-by=/etc/apt/keyrings/docker.gpg] > > https://download.docker.com/linux/debian $(lsb_release -cs) stable" | > > sudo tee /etc/apt/sources.list.d/docker.list > /dev/null > > apt-get update > > apt-get remove containerd runc > > apt-get install containerd.io > > containerd config default | tee /etc/containerd/config.toml > > sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/' > > /etc/containerd/config.toml > > systemctl restart containerd > > > > bash -e /opt/bin/deploy-kube-system > > > > I'm now trying to find out which component is installing containerd and > > where it's possible to adjust that. > > > > Best regards, > > Stephan > > > > > Stanley Burkee hat am 04.05.2023 09:29 CEST > > geschrieben: > > > > > > > > > Hi Stephan, > > > > > > Thanks for your response. > > > > > > Please update if you were able to find any solution to the issue. > > > > > > Your help is much appreciated. > > > > > > Thanks > > > > > > Stanley > > > > > > On Tue, May 2, 2023 at 7:16 PM Stephan Bienek > > > wrote: > > > > > > > Hi Stanley, > > > > > > > > i probably ran into the same issue on Cloudstack 4.17.0.1 and was not > > sure > > > > if it's an issue not beeing in 4.18 yet. > > > > > > > > The instances are up and running, but the kubebernetes cluster > > deployment > > > > issued on the control node via kubeadm is failing. > > > > > > > > When logging in to the control node and checking the kubeadm logs or > > > > manually executing the bash script, which is executing kubeadm to > > deploy > > > > the cluster you will probably find the error > > > > > > > > CRI v1 runtime API is not implemented for endpoint > > > > "unix:///run/containerd/containerd.sock": rpc error: code = > > Unimplemented > > > > desc = unknown service runtime.v1.RuntimeService > > > > > > > > and/or > > > > [ERROR CRI]: container runtime is not running > > > > > > > > What i tried unsuccessful so far > > > > - editing /etc/containerd/config.toml and adding a few tipps from > > google > > > > searches here and there > > > > - deleting /etc/containerd/config.toml > > > > - installing the more up to date version of containerd > > > > > > > > Unfortunately i couldn't find the time to fully troubleshoot the issue > > yet > > > > and went the easy way of using Kubernetes ISO v1.25 which works like a > > > > charm. > > > > > > > > Maybe someone with more insight to it found an easy solution? > > > > > > > > Best regards, > > > > Stephan > > > > > > > > > Stanley Burkee hat am 02.05.2023 15:23 > > CEST > > > > geschrieben: > > > > > > > > > > > > > > > Hi guys, > > > > > > > > > > We are trying to create a Kubernetes cluster v.1.26 in Cloudstack > > 4.18. > > > > The > > > > > controller & worker nodes are provisioned and show in a running > > state but > > > > > Kubernetes Cluster is stuck in the starting state. > > > > > > > > > > Thanks a lot in advance. > > > > > > > > > > > > > > > Regards > > > > > > > > > > Stanley > > > > > >
Re: Problem with K8 cluster
Hi Stanley, i finally found a hint, that for k8s v1.26 you need containerd >=1.6 But the containerd version installed is < 1.6 I made the "kubeadm init --token ..." command from the script /opt/bin/deploy-kube-system working after updating containerd on the controller node to >1.6 echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null apt-get update apt-get remove containerd runc apt-get install containerd.io containerd config default | tee /etc/containerd/config.toml sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/' /etc/containerd/config.toml systemctl restart containerd bash -e /opt/bin/deploy-kube-system I'm now trying to find out which component is installing containerd and where it's possible to adjust that. Best regards, Stephan > Stanley Burkee hat am 04.05.2023 09:29 CEST > geschrieben: > > > Hi Stephan, > > Thanks for your response. > > Please update if you were able to find any solution to the issue. > > Your help is much appreciated. > > Thanks > > Stanley > > On Tue, May 2, 2023 at 7:16 PM Stephan Bienek > wrote: > > > Hi Stanley, > > > > i probably ran into the same issue on Cloudstack 4.17.0.1 and was not sure > > if it's an issue not beeing in 4.18 yet. > > > > The instances are up and running, but the kubebernetes cluster deployment > > issued on the control node via kubeadm is failing. > > > > When logging in to the control node and checking the kubeadm logs or > > manually executing the bash script, which is executing kubeadm to deploy > > the cluster you will probably find the error > > > > CRI v1 runtime API is not implemented for endpoint > > "unix:///run/containerd/containerd.sock": rpc error: code = Unimplemented > > desc = unknown service runtime.v1.RuntimeService > > > > and/or > > [ERROR CRI]: container runtime is not running > > > > What i tried unsuccessful so far > > - editing /etc/containerd/config.toml and adding a few tipps from google > > searches here and there > > - deleting /etc/containerd/config.toml > > - installing the more up to date version of containerd > > > > Unfortunately i couldn't find the time to fully troubleshoot the issue yet > > and went the easy way of using Kubernetes ISO v1.25 which works like a > > charm. > > > > Maybe someone with more insight to it found an easy solution? > > > > Best regards, > > Stephan > > > > > Stanley Burkee hat am 02.05.2023 15:23 CEST > > geschrieben: > > > > > > > > > Hi guys, > > > > > > We are trying to create a Kubernetes cluster v.1.26 in Cloudstack 4.18. > > The > > > controller & worker nodes are provisioned and show in a running state but > > > Kubernetes Cluster is stuck in the starting state. > > > > > > Thanks a lot in advance. > > > > > > > > > Regards > > > > > > Stanley > >
Re: Problem with K8 cluster
Hi Stanley, i probably ran into the same issue on Cloudstack 4.17.0.1 and was not sure if it's an issue not beeing in 4.18 yet. The instances are up and running, but the kubebernetes cluster deployment issued on the control node via kubeadm is failing. When logging in to the control node and checking the kubeadm logs or manually executing the bash script, which is executing kubeadm to deploy the cluster you will probably find the error CRI v1 runtime API is not implemented for endpoint "unix:///run/containerd/containerd.sock": rpc error: code = Unimplemented desc = unknown service runtime.v1.RuntimeService and/or [ERROR CRI]: container runtime is not running What i tried unsuccessful so far - editing /etc/containerd/config.toml and adding a few tipps from google searches here and there - deleting /etc/containerd/config.toml - installing the more up to date version of containerd Unfortunately i couldn't find the time to fully troubleshoot the issue yet and went the easy way of using Kubernetes ISO v1.25 which works like a charm. Maybe someone with more insight to it found an easy solution? Best regards, Stephan > Stanley Burkee hat am 02.05.2023 15:23 CEST > geschrieben: > > > Hi guys, > > We are trying to create a Kubernetes cluster v.1.26 in Cloudstack 4.18. The > controller & worker nodes are provisioned and show in a running state but > Kubernetes Cluster is stuck in the starting state. > > Thanks a lot in advance. > > > Regards > > Stanley
Re: Deploy CAPI on ACS
Hi Wei,
thanks for testing and confirming the issue for CAPI deployments as well.
Great you gave the Github issue your attention, much appreciated.
Best regards,
Stephan
> Wei ZHOU hat am 23.04.2023 11:20 CEST geschrieben:
>
>
> Hi Stephan,
>
> It looks like a valid issue with CKS.
>
> I just tested k8s deployment on vpc network using CAPI, it fails with the
> following error
> ```
> # kubectl logs capc-controller-manager-7866f69646-cqftl -n capc-system
> ...
> E0423 09:14:23.782525 1 controller.go:317]
> controller/cloudstackisolatednetwork "msg"="Reconciler error"
> "error"="associating public IP address to csCluster: associating public IP
> address with ID 10b69534-2b1b-496b-b346-c61dc9472028 to network with ID
> cecbd9f8-f9dd-4e4f-903a-07ece1136a5f: Undefined error:
> {\"errorcode\":431,\"errortext\":\"Can't assign ip to the network directly
> when network belongs to VPC.Specify vpcId to associate ip address to
> VPC\"}" "name"="capc-cluster-kvm-capc-cluster-kvm-vpc-001"
> "namespace"="default" "reconciler group"="infrastructure.cluster.x-k8s.io"
> "reconciler kind"="CloudStackIsolatedNetwork"
> ```
>
> so my previous reply was wrong. cc Ricardo.
>
>
> -Wei
>
>
> On Sun, 23 Apr 2023 at 10:25, Stephan Bienek wrote:
>
> > I would not bee too sure about the CAPI deployment into a VPC networks is
> > possible.
> >
> > I opened a Github issue about the Kubernetes provider failing to deploy in
> > VPC networks, because it's missing the "Firewall service" in VPC type
> > networks, as VPC networks are using the "Network ACL Service"
> > https://github.com/apache/cloudstack/issues/6723
> >
> > If i remember correct, in one of the last live presentations of CAPI
> > deployment someone mentioned the same issue could potentially prevent CAPI
> > deployments in VPC networks.
> >
> > But i have to admit i never tested the CAPI deployment in VPC networks
> > myself so far and would be interested in a clarifying result as well.
> >
> > Best regards,
> > Stephan
> >
> > > Wei ZHOU hat am 23.04.2023 10:06 CEST
> > geschrieben:
> > >
> > >
> > > Hi Ricardo,
> > >
> > > imho, vpc network should not be a problem, you can just use the vpc tier
> > > name as network name.
> > >
> > > It looks project is not supported in capc. It might be simple to support
> > it
> > > as project id is already supported by ccm.
> > >
> > > Deploy for other accounts - seems impossible for now.
> > >
> > >
> > > -Wei
> > >
> > > On Sunday, 23 April 2023, Ricardo Pertuz
> > wrote:
> > >
> > > > Hi people,
> > > >
> > > > I was trying CAPI to deploy Kubernetes on Cloudstack but not sure or
> > > > haven’t find the way to provide a specific project or if I can deploy
> > into
> > > > on a VPC network. Variables are based in names and not IDs so it’s hard
> > > > from the point of view of an admin/domain admin to deploy in other
> > accounts.
> > > >
> > > > Regards
> > > >
> > > > Ricardo P
> > > >
> > > >
> >
Re: Deploy CAPI on ACS
I would not bee too sure about the CAPI deployment into a VPC networks is possible. I opened a Github issue about the Kubernetes provider failing to deploy in VPC networks, because it's missing the "Firewall service" in VPC type networks, as VPC networks are using the "Network ACL Service" https://github.com/apache/cloudstack/issues/6723 If i remember correct, in one of the last live presentations of CAPI deployment someone mentioned the same issue could potentially prevent CAPI deployments in VPC networks. But i have to admit i never tested the CAPI deployment in VPC networks myself so far and would be interested in a clarifying result as well. Best regards, Stephan > Wei ZHOU hat am 23.04.2023 10:06 CEST geschrieben: > > > Hi Ricardo, > > imho, vpc network should not be a problem, you can just use the vpc tier > name as network name. > > It looks project is not supported in capc. It might be simple to support it > as project id is already supported by ccm. > > Deploy for other accounts - seems impossible for now. > > > -Wei > > On Sunday, 23 April 2023, Ricardo Pertuz wrote: > > > Hi people, > > > > I was trying CAPI to deploy Kubernetes on Cloudstack but not sure or > > haven’t find the way to provide a specific project or if I can deploy into > > on a VPC network. Variables are based in names and not IDs so it’s hard > > from the point of view of an admin/domain admin to deploy in other accounts. > > > > Regards > > > > Ricardo P > > > >
Re: How do I login to Ubuntu’s cloud image?
Hi Jeremy,
the last ubuntu cloud image i was using
https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img
was working with Cloudstack User-Data out of the box, without any modifications.
Make sure to use
Advanced mode / Show advanced settings / Userdata /( Manual Userdata entry / in
case of cloudstack 4.18)
and paste your cloud-init config, for example ("#cloud-config" line is
required):
#cloud-config
users:
- name: stephan
ssh-authorized-keys:
- ssh-ed25519
lock_passwd: false
passwd:
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
ssh_pwauth: true
Are you really sure networking was not brought up?
Make sure to use an Isolated network with a Virtual Router or any other network
with "Config Drive" feature enabled.
Networking is working without userdata - if this doesnt work you can give Nux
idea a try to be 100% sure.
Cheers,
Stephan
> Jeremy Hansen hat am 27.03.2023 18:13 CEST
> geschrieben:
>
>
> I’m trying to setup a template for Ubuntu 22.04LTS and while the image boots
> successfully, I see no way to log in. It doesn’t seem to bring up networking
> by default so I can’t ssh in with my pub key.
>
> Is this where “User Data” comes in to play? If so, anyone have an example
> that sets the password or just brings up networking?
>
> Thanks!
>
>
>
Re: User-Data for Windows Instance
Hi Ranjit, while searching for the same some time ago i stumbled across https://cloudbase.it/cloudbase-init/ which looks like the ready-to-use windows-enabled cloud-init i was looking for. Not tested yet, but the description sounds promising. If you prefer to self-develop something similar, independent of the OS you can always query http://data-server./latest/user-data and to retrieve parse the provided user-data via scripts and take actions. (see https://docs.cloudstack.apache.org/en/latest/adminguide/virtual_machines/user-data.html ) Best regards, Stephan > Ranjit Jadhav hat am 08.03.2023 20:04 CET > geschrieben: > > > Hello Folks. > > On the KVM hypervisor, we need to pass user-data i.e. bat script while > creating a windows instance. Is it possible? Which guest-tools should we > use? > > Thank you, > Ranjit
Re: Multiple public networks per zone ?
Might the available functionality to reserve Public IP Ranges be what you are searching for? You can add a second "Public IP" range to your public network with a different VLAN than your real WAN IP range, specify a RFC1918 IP range, select "Set reservation" and "Systems VMs". (not tested, just had a look at available functionality) Or is this concept missing something for your idea? Best regards, Stephan > Daan Hoogland hat am 24.02.2023 08:12 CET > geschrieben: > > > Lukâš, > > Did you experiment with this? and did you manage? > I am quite curious if your proposal works. > > On Sat, Dec 31, 2022 at 10:41 AM Lukáš Mrtvý wrote: > > > Is possible to create multiple public networks per zone ? ( traffic type: > > Public ) > > I would like to put systemvms to this network to save two "Public" IPv4, > > these aren't cheap these days. The use case would be to deploy systemvms > > to RFC1918 external network and use a reverse proxy to access cloudstack > > webui and systemvms from the internet via this reverse proxy. The other > > public network would be an actual WAN. ( NAT isn't solution ) > > Thanks > > BR, > > LM > > > > > -- > Daan
Re: Using terraform to spin custom instances?
Hi Jordan,
it actually works but not too great documented.
Use the following example:
resource "cloudstack_instance" "web" {
name = "server-1"
service_offering = "custom"
network_id = "c4a3303c-376d-4d56-b336-1bd91cb130b6"
template = "d4c2f9c6-1d18-11ec-9173-50eb7122da94"
zone = "d4a81f75-5d92-415e-ab59-e85cc2ce56d9"
details = {"cpuNumber" = "2", "memory" = "500"}
}
Best regards,
Stephan
> jordan j hat am 23.01.2023 08:42 CET geschrieben:
>
>
> Dear everyone,
>
> I started playing with the Terraform provider. I noticed that there is no
> way to choose custom resource values as my Compute Offering is custom. Is
> there a way or that feature is not developed? Any advice is appreciated!
>
> Regard,
> Jordan
Cloudstack on arm64 and packer build systemvmtemplate success
Hello Cloudstack Users, following the blog of Rohit about how to install and run Cloudstack on an Raspberry 4 using Ubuntu on arm64/aarch64 ( https://www.shapeblue.com/apache-cloudstack-on-raspberrypi4-with-kvm/ ) and Rohits commits to cloudstack to support arm64 (thx Rohit!) i tried it myself. For my setup i decided to use the latest release of Cloudstack without any modifications, as Rohits commits were already merged. Instead of using a Raspberry Pi4 i am using an Odroid M1, which shares the arm64 architecture with the rpi4. The installation following the ACS documentation and/or Rohits blog (without the special modifications required at that time) went quite smooth. Missing automatic systemvmtemplate build One thing i felt still missing was how to build the required systemvmtemplate (Consoleproxy, SSVM and VRs) for arm64. Building the same automatic way on both - a x86_64 host, being able to build the amd64 systemvmtemplate and the arm64 systemvmtemplate, and/or directly building on the arm64 host would be great. After quite some work i figured the required changes and thought i'd share them here to see if it helps someone else and if it's useful, maybe the changes could contribute to cloudstack. All the existing logic using packer was kept, which is available for amd64 and arm64. I created a fork and applied the changes in a branch at https://github.com/StepBee/cloudstack/tree/add_systemvmtemplate_arm64_support The changes in code --- - changing debian preseed files tools/appliance/systemvmtemplate/http/preseed.cfg to create an EFI partition and instruct debian to copy /EFI/debian/grubaa64.efi to /EFI/BOOT/BOOTAA64.efi Detailed changes can be found at https://github.com/apache/cloudstack/commit/8f406e7fd1bcf9b71202fe526f0adaff40402884 - changing tools/appliance/systemvmtemplate/template.json packer builder template(s) to provide the right qemuargs and adjust the boot_commands, as these are quite different from amd64 builds, increasing ssh_timeout and boot_wait Detailed changes can be found at https://github.com/apache/cloudstack/commit/a7077a8453dc944048a236bb44e19beeffaec7f9 - changing tools/appliance/build.sh to support providing the target architecture as first parameter and skip all non-kvm builds when building for arm64 - building arm64 systemvmtemplate on x86_64 and arm64 hosts is supported - changing tools/appliance/systemvmtemplate/scripts/install_systemvm_packages.sh to handle repository additions etc for arm64 Detailed changes can be found at https://github.com/apache/cloudstack/commit/fbacf5b2caed958e90ed4c134948aa4eb8dafed1 Required packages are based on the amd64 requirements plus, of course, the arm/aarch64 qemu packages - packer ( https://developer.hashicorp.com/packer/tutorials/docker-get-started/get-started-install-cli ) - qemu-utils - qemu-system-arm - qemu-efi-aarch64 To build the arm64 systemvmtemplate: - Cloning the branch from my fork - cd tools/appliance/ - ./build.sh aarch64 systemvmtemplate Running Cloudstack -- On arm64 i noticed the log was complaining about a missing /etc/cloudstack/agent/uefi.properties Which could look like this one: guest.nvram.template.secure=/usr/share/AAVMF/AAVMF_VARS.snakeoil.fd guest.nvram.template.legacy=/usr/share/AAVMF/AAVMF_VARS.fd guest.loader.secure=/usr/share/AAVMF/AAVMF_CODE.snakeoil.fd guest.nvram.path=/var/lib/libvirt/qemu/nvram/ guest.loader.legacy=/usr/share/AAVMF/AAVMF_CODE.fd An additional hint for using cloud images: Where most of the cloud images for amd64 work with cloudstack userdata out of the box, i noticed most of the arm64/aarch64 cloud images are missing the cloudstack datasource within the built-in cloud-init config. Modification of the cloud images by placing the file /etc/cloud/cloud.cfg.d/cloudstack.cfg with content: datasource_list: ['CloudStack'] datasource: CloudStack: max_wait: 120 timeout: 50 in the qcow2 or raw images solves the issue. I hope it's helping the cloudstack community. Best regards, Stephan
