Re: some questions about snapshot
One month has passed. Now I compile and installe cloudstack 4.2 from resouce code,but I find the issue is not resolved. Old napshot files on server are still not deleted by snapshot schedule. -- Original -- From: "Prasanna Santhanam";; Date: Thu, Aug 8, 2013 02:43 PM To: "users"; Subject: Re: some questions about snapshot This is a bug with 4.0 and it has been fixed in the upcoming release: https://issues.apache.org/jira/browse/CLOUDSTACK-643 On Thu, Aug 08, 2013 at 02:09:28PM +0800, WXR wrote: > It can delete the older snapshots on the webUI,but the files are not deleted > actually. > If I go to the snapshot folder of secondary storage,I can see all the > snapshot files. > > I use kvm as hypervisor,could you tell me how to let cloudstack create delta > snapshots daily and full snapshots every 7 days? > > Thank you. > > > > > -- Original -- > From: "Venkata SwamyBabu Budumuru"; > Date: Thu, Aug 8, 2013 12:39 PM > To: "users@cloudstack.apache.org"; > > Subject: Re: some questions about snapshot > > > > About the first question: > > Are you talking about the recurring snapshot feature? If yes, AFAIK, It is > supposed to delete the 1st snapshot when you take the 4th one. > > Regarding the second one, > > You are right about settings present in global category for full and delta > and they are closely tied to hypervisor. What is the hypervisor you are > using? > > > Thanks, > SWAMY > > On 08/08/13 8:45 AM, "WXR" <1485739...@qq.com> wrote: > > >1.I use snapshot schedule to create snapshots daily,keep 3 snapshots.Now > >I can see 3 snapshots on webUI,but all snapshot files created before are > >still on secondary storage. > >How to let cloudstack clean the old snapshots files? > > > >2.There are global settings about "delta snapshot" and "full snapshot",I > >find that the default snapshot of volume a full snapshot,how to do a > >delta snapshot? > > . -- Prasanna., Powered by BigRock.com .
Re: some questions about snapshot
It can delete the older snapshots on the webUI,but the files are not deleted actually. If I go to the snapshot folder of secondary storage,I can see all the snapshot files. I use kvm as hypervisor,could you tell me how to let cloudstack create delta snapshots daily and full snapshots every 7 days? Thank you. -- Original -- From: "Venkata SwamyBabu Budumuru"; Date: Thu, Aug 8, 2013 12:39 PM To: "users@cloudstack.apache.org"; Subject: Re: some questions about snapshot About the first question: Are you talking about the recurring snapshot feature? If yes, AFAIK, It is supposed to delete the 1st snapshot when you take the 4th one. Regarding the second one, You are right about settings present in global category for full and delta and they are closely tied to hypervisor. What is the hypervisor you are using? Thanks, SWAMY On 08/08/13 8:45 AM, "WXR" <1485739...@qq.com> wrote: >1.I use snapshot schedule to create snapshots daily,keep 3 snapshots.Now >I can see 3 snapshots on webUI,but all snapshot files created before are >still on secondary storage. >How to let cloudstack clean the old snapshots files? > >2.There are global settings about "delta snapshot" and "full snapshot",I >find that the default snapshot of volume a full snapshot,how to do a >delta snapshot? .
some questions about snapshot
1.I use snapshot schedule to create snapshots daily,keep 3 snapshots.Now I can see 3 snapshots on webUI,but all snapshot files created before are still on secondary storage. How to let cloudstack clean the old snapshots files? 2.There are global settings about "delta snapshot" and "full snapshot",I find that the default snapshot of volume a full snapshot,how to do a delta snapshot?
Re: Is NFS the cloudstack IO perfomance bottleneck?
I'm not using RAID ,just a single hdd per primary storage. server A and B are all Dell PowerEdge R720,the nic on each server is broadcom gigabitethernet network adapter. When I find the performance is bad enough,the trafficflow of each nic is just 600Mb/s. Could you please share your experience of configuration about cloudstack with nfs? -- Original -- From: "Dean Kamali"; Date: Tue, Aug 6, 2013 10:43 PM To: "users"; Subject: Re: Is NFS the cloudstack IO perfomance bottleneck? I don't think NFS is to blame, but I could blame the hardware for being slow, could you please tell us your IOPS usage? Network setup? drive types and RAID you are using? have you used tools like ioping? For %90 of the time is the hardware that preforms poorly, I have been using NFS for over a year now with cloudstack and never had an issue with performance. On Tue, Aug 6, 2013 at 10:03 AM, Kirk Jantzer wrote: > I doubt NFS is the issue. What are the specs of the VMs? What is the > network like? What are the disks? Etc. There are too many variables to say > "NFS is a CloudStack bottleneck". I just implemented a 35TB storage cluster > that is capable of 10's of thousands of IOPS and >1GB (yes, gigabyte, not > gigabit) network bandwidth via NFS. > > > On Tue, Aug 6, 2013 at 9:48 AM, WXR <1485739...@qq.com> wrote: > > > I use kvm as hypervisor and nfs(nfs server on centos 6.4) as primary and > > secondary storage. > > > > I use server A as host node and B with 1 hdd as primary storage.When I > > create 20 vms,I find the disk io performance is very low. > > At first I think the bottleneck is from the hard disk,because there are > 20 > > vms on a single hdd.So I attach another 4hdds on server B and increase > the > > number of primary storage from 1 to 5.Now there are 20 vms allocated > > averagely on 5 primary storage(4 vms per storage),but the vm disk IO > > performance is the same as before. > > > > I think NFS may be the bottleneck,but I don't know if it is true.Does > > anyone have a good idea to help me finding the real reason? > > > > > -- > Regards, > > Kirk Jantzer > c: (678) 561-5475 > http://about.met/kirkjantzer >
Is NFS the cloudstack IO perfomance bottleneck?
I use kvm as hypervisor and nfs(nfs server on centos 6.4) as primary and secondary storage. I use server A as host node and B with 1 hdd as primary storage.When I create 20 vms,I find the disk io performance is very low. At first I think the bottleneck is from the hard disk,because there are 20 vms on a single hdd.So I attach another 4hdds on server B and increase the number of primary storage from 1 to 5.Now there are 20 vms allocated averagely on 5 primary storage(4 vms per storage),but the vm disk IO performance is the same as before. I think NFS may be the bottleneck,but I don't know if it is true.Does anyone have a good idea to help me finding the real reason?
Re: iSCSI IO performance is worse than NFS,why?
Does your iSCSI primary storage offer better disk IO performance than NFS? -- Original -- From: "Aaron Delp"; Date: Thu, Aug 1, 2013 00:18 AM To: "users@cloudstack.apache.org"; Subject: Re: iSCSI IO performance is worse than NFS,why? > Sorry, I don't have enough KVM experience to comment or troubleshoot. On 7/31/13 9:00 AM, "WXR" <1485739...@qq.com> wrote: >kvm > > > > >-- Original -- >From: "Aaron Delp"; >Date: Wed, Jul 31, 2013 11:40 PM >To: "users@cloudstack.apache.org"; > >Subject: Re: iSCSI IO performance is worse than NFS,why? > > > >On 7/31/13 8:32 AM, "WXR" <1485739...@qq.com> wrote: > > >>I find that the disk IO performance of vm instances on >>iSCSI(sharedmountpoint) primary storage is worse than that on NFS primary >>storage. >> >>When I use a single hdd and create a NFS share as primary storage,the >>disk IO performance is pretty good. >>But when I use the same hdd and create a iSCSI lun as primary storage,the >>disk IO performance is lower than NFS. >> >>I think the disk IO performance of iSCSI should be better than NFS. > >> What hypervisor are you using to attach? > > >. .
Re: iSCSI IO performance is worse than NFS,why?
kvm -- Original -- From: "Aaron Delp"; Date: Wed, Jul 31, 2013 11:40 PM To: "users@cloudstack.apache.org"; Subject: Re: iSCSI IO performance is worse than NFS,why? On 7/31/13 8:32 AM, "WXR" <1485739...@qq.com> wrote: >I find that the disk IO performance of vm instances on >iSCSI(sharedmountpoint) primary storage is worse than that on NFS primary >storage. > >When I use a single hdd and create a NFS share as primary storage,the >disk IO performance is pretty good. >But when I use the same hdd and create a iSCSI lun as primary storage,the >disk IO performance is lower than NFS. > >I think the disk IO performance of iSCSI should be better than NFS. > What hypervisor are you using to attach? .
iSCSI IO performance is worse than NFS,why?
I find that the disk IO performance of vm instances on iSCSI(sharedmountpoint) primary storage is worse than that on NFS primary storage. When I use a single hdd and create a NFS share as primary storage,the disk IO performance is pretty good. But when I use the same hdd and create a iSCSI lun as primary storage,the disk IO performance is lower than NFS. I think the disk IO performance of iSCSI should be better than NFS.
How to do time synchronization in vm instances
I use kvm as the hypervisor in my cloudstack. I find that the time in the vm instance is different from its host node server. I want to know how to synchronize the time of vm instances,does cloudstack offer some tools like esxi,xenserver,hyper-v to do time synchronization?
Re:RE: Re:RE: Re:RE: Does compute offering in basic network support network rate limit??
I can't confirm if it is a bug or my configuration fault. Does any one succeed in limiting the network rate by compute offering? -- Original -- From: "Sanjeev Neelarapu"; Date: Thu, Jul 25, 2013 01:34 PM To: "users@cloudstack.apache.org"; Subject: RE: Re:RE: Re:RE: Does compute offering in basic network support network rate limit?? Please file a bug in JIRA is it is not working as expected. -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: Thursday, July 25, 2013 7:03 AM To: users Subject: Re:RE: Re:RE: Does compute offering in basic network support network rate limit?? I set the vm.network.throttling.rate value to 0,restart the management service,and create a new vm with 1Mb/s compute offering.But the inbound and outbound network rate is still 100Bb/s. -- Original -- From: "Sanjeev Neelarapu"; Date: Thu, Jul 25, 2013 01:00 AM To: "users@cloudstack.apache.org"; Subject: RE: Re:RE: Does compute offering in basic network support network rate limit?? Hi, There is a global setting parameter called " vm.network.throttling.rate" , if this is set , the value in compute offering will be overwrite with this. For the rate limit value in compute offering to take effect, set the global paramet to 0 and restart management server. Btw network rate limit applies only to outbound traffic, but not for inbound traffic. -Sanjeev -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: Wednesday, July 24, 2013 5:28 PM To: users Subject: Re:RE: Does compute offering in basic network support network rate limit?? But a vm which uses 1Mb/s network rate compute offering on my cloudstack can reach 100Mb/s inbound/outbound. The link rate of my network is 100Mb/s,I think the limit does not take effect. -- Original -- From: "Sanjeev Neelarapu"; Date: Wed, Jul 24, 2013 05:07 PM To: "users@cloudstack.apache.org"; Subject: RE: Does compute offering in basic network support network rate limit?? Yes, basic network does support network rate limit in compute offering. -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: Wednesday, July 24, 2013 8:03 AM To: users Subject: Does compute offering in basic network support network rate limit?? I create a compute offering with 1Mb/s network rate limit,and then apply it to a vm.But the network traffic limit seems not work. I want to know if basic network doesn't support network rate limit in compute offering? . . .
Re:RE: Re:RE: Does compute offering in basic network support network rate limit??
I set the vm.network.throttling.rate value to 0,restart the management service,and create a new vm with 1Mb/s compute offering.But the inbound and outbound network rate is still 100Bb/s. -- Original -- From: "Sanjeev Neelarapu"; Date: Thu, Jul 25, 2013 01:00 AM To: "users@cloudstack.apache.org"; Subject: RE: Re:RE: Does compute offering in basic network support network rate limit?? Hi, There is a global setting parameter called " vm.network.throttling.rate" , if this is set , the value in compute offering will be overwrite with this. For the rate limit value in compute offering to take effect, set the global paramet to 0 and restart management server. Btw network rate limit applies only to outbound traffic, but not for inbound traffic. -Sanjeev -----Original Message- From: WXR [mailto:1485739...@qq.com] Sent: Wednesday, July 24, 2013 5:28 PM To: users Subject: Re:RE: Does compute offering in basic network support network rate limit?? But a vm which uses 1Mb/s network rate compute offering on my cloudstack can reach 100Mb/s inbound/outbound. The link rate of my network is 100Mb/s,I think the limit does not take effect. -- Original -- From: "Sanjeev Neelarapu"; Date: Wed, Jul 24, 2013 05:07 PM To: "users@cloudstack.apache.org"; Subject: RE: Does compute offering in basic network support network rate limit?? Yes, basic network does support network rate limit in compute offering. -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: Wednesday, July 24, 2013 8:03 AM To: users Subject: Does compute offering in basic network support network rate limit?? I create a compute offering with 1Mb/s network rate limit,and then apply it to a vm.But the network traffic limit seems not work. I want to know if basic network doesn't support network rate limit in compute offering? . .
Re: Why does cloudstack create a vm instance through compute offering?
Do you mean that I can post my request on JIRA? -- Original -- From: "David Comerford"; Date: Wed, Jul 24, 2013 08:16 PM To: "users"; Subject: Re: Why does cloudstack create a vm instance through compute offering? Feel free to make a feature request and/or bug report with any suggests or ideas you have. It's a team effort friend - http://cloudstack.apache.org/contribute.html Best regards, David Comerford Tel: +353 87 1238295 Email: davest...@gmail.com Website: http://dave.ie GPG key: http://gpg.dave.ie On 24 July 2013 13:08, WXR <1485739...@qq.com> wrote: > Cloudstack is an Iaas platform,I think it should offer elastic compute > resources. > Creating a limited number of compute offerings previously and apply them > to new vms is not a good idea.
Why does cloudstack create a vm instance through compute offering?
Cloudstack is an Iaas platform,I think it should offer elastic compute resources. Creating a limited number of compute offerings previously and apply them to new vms is not a good idea.
Re:RE: Does compute offering in basic network support network rate limit??
But a vm which uses 1Mb/s network rate compute offering on my cloudstack can reach 100Mb/s inbound/outbound. The link rate of my network is 100Mb/s,I think the limit does not take effect. -- Original -- From: "Sanjeev Neelarapu"; Date: Wed, Jul 24, 2013 05:07 PM To: "users@cloudstack.apache.org"; Subject: RE: Does compute offering in basic network support network rate limit?? Yes, basic network does support network rate limit in compute offering. -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: Wednesday, July 24, 2013 8:03 AM To: users Subject: Does compute offering in basic network support network rate limit?? I create a compute offering with 1Mb/s network rate limit,and then apply it to a vm.But the network traffic limit seems not work. I want to know if basic network doesn't support network rate limit in compute offering? .
Does compute offering in basic network support network rate limit??
I create a compute offering with 1Mb/s network rate limit,and then apply it to a vm.But the network traffic limit seems not work. I want to know if basic network doesn't support network rate limit in compute offering?
Re: How to backup cloudstack data?
I can copy all templates,isos files,and the nearest 1 day snapshots. If I have these files and the db backupfile,how can I rebuild the vms? I must create a temp template from the root volume snapshot and create a new vm with the temp template,and then create a data volume from the data volume snapshot and attach it on the vm.Then delete the temp template. It will take a long time to rebuild a vm,Is there any easy way do rebuild all the vms? -- Original -- From: "Kirk Jantzer"; Date: Tue, Jul 23, 2013 10:20 PM To: "Cloudstack users mailing list"; Subject: Re: How to backup cloudstack data? We won't be able to tell you that. You will have to determine what is most important to your organization to backup. For simplicity, definitely backup the DB. If you wanted to backup anything, I'd probably suggest the secondary storage, as it contains the templates, isos, and snapshots; of which you'll likely be able to recover from (rebuild instances) more easily. On Mon, Jul 22, 2013 at 11:00 PM, WXR <1485739...@qq.com> wrote: > I use a storage device as my cloudstack primary and secondary storage.I > can do redundant storage configuration on the device. > > But I must do a backup of the most important data on the storage device > to another server.If the storage device is ruined for some reasons,I can > restore the vms by using the backup data on the server. > > Each vm has its root and data volume files and the nearest 2 weeks > snapshot files on the storage. > If there is 50T data on the storage device(including volumes and > snapshots),I can just copy 2T-10T of them to the backup server.Now the > problem is which files should I copy and how to restore them. > > > > -- Original -- > From: "Ahmad Emneina"; > Date: Tue, Jul 23, 2013 10:29 AM > To: "Cloudstack users mailing list"; > > Subject: Re: How to backup cloudstack data? > > > > I agree with Kirk here, configuration management for the virtual infra and > the important bits of data should be made redundant at the storage level. > Cloudstack has a snapshotting function but if your secondary storage server > tanks, you'll be in a world of hurt. If you use cloudstack snapshotting, > ensure your secondary storage is replicated or has plenty of redundant > disks. > > > On Mon, Jul 22, 2013 at 6:22 PM, Kirk Jantzer >wrote: > > > I said this in another thread and figured I'd mention it here since it > > seems applicable. It is my belief that the cloud is the IaaS and that the > > applications that run on the cloud should be built for failure of the > IaaS: > > they (instances/applications) should be rapidly deployable. So, it > > shouldn't matter what cloud product > > (openstack/cloudstack/vmware/aws/etc...) > > you provide to your customers, they should be able to redeploy their > > application where ever they go or are given for IaaS. > > > > With that said, if you really wanted to backup the VMs, you probably want > > to look at something that backed up thorough the storage device, or the > > hypervisor, and then backup the management and mysql db. > > > > > > On Mon, Jul 22, 2013 at 8:57 PM, WXR <1485739...@qq.com> wrote: > > > > > Virtual machines. > > > I want to know how to do data backup and restore the vms when the > > > cloudstack storage has been ruined totally. > > > > > > > > > > > > > > > ------ Original -- > > > From: "Nitin Mehta"; > > > Date: Mon, Jul 22, 2013 03:10 PM > > > To: "users@cloudstack.apache.org"; > > > > > > Subject: Re: How to backup cloudstack data? > > > > > > > > > > > > What is it that you want to back up ? Virtual machines, snapshots - > > > anything else ? > > > > > > On 22/07/13 7:09 AM, "WXR" <1485739...@qq.com> wrote: > > > > > > >I want to do a full backup of cloudstack data and restore them to a > new > > > >cloudstack,but I don't know which files should I copy and how to > restore > > > >them. > > > > > > . > > > > > > > > > > -- > > Regards, > > > > Kirk Jantzer > > c: (678) 561-5475 > > http://about.met/kirkjantzer > > > -- Regards, Kirk Jantzer c: (678) 561-5475 http://about.met/kirkjantzer
Re: How to backup cloudstack data?
I use a storage device as my cloudstack primary and secondary storage.I can do redundant storage configuration on the device. But I must do a backup of the most important data on the storage device to another server.If the storage device is ruined for some reasons,I can restore the vms by using the backup data on the server. Each vm has its root and data volume files and the nearest 2 weeks snapshot files on the storage. If there is 50T data on the storage device(including volumes and snapshots),I can just copy 2T-10T of them to the backup server.Now the problem is which files should I copy and how to restore them. -- Original -- From: "Ahmad Emneina"; Date: Tue, Jul 23, 2013 10:29 AM To: "Cloudstack users mailing list"; Subject: Re: How to backup cloudstack data? I agree with Kirk here, configuration management for the virtual infra and the important bits of data should be made redundant at the storage level. Cloudstack has a snapshotting function but if your secondary storage server tanks, you'll be in a world of hurt. If you use cloudstack snapshotting, ensure your secondary storage is replicated or has plenty of redundant disks. On Mon, Jul 22, 2013 at 6:22 PM, Kirk Jantzer wrote: > I said this in another thread and figured I'd mention it here since it > seems applicable. It is my belief that the cloud is the IaaS and that the > applications that run on the cloud should be built for failure of the IaaS: > they (instances/applications) should be rapidly deployable. So, it > shouldn't matter what cloud product > (openstack/cloudstack/vmware/aws/etc...) > you provide to your customers, they should be able to redeploy their > application where ever they go or are given for IaaS. > > With that said, if you really wanted to backup the VMs, you probably want > to look at something that backed up thorough the storage device, or the > hypervisor, and then backup the management and mysql db. > > > On Mon, Jul 22, 2013 at 8:57 PM, WXR <1485739...@qq.com> wrote: > > > Virtual machines. > > I want to know how to do data backup and restore the vms when the > > cloudstack storage has been ruined totally. > > > > > > > > > > -- Original -- > > From: "Nitin Mehta"; > > Date: Mon, Jul 22, 2013 03:10 PM > > To: "users@cloudstack.apache.org"; > > > > Subject: Re: How to backup cloudstack data? > > > > > > > > What is it that you want to back up ? Virtual machines, snapshots - > > anything else ? > > > > On 22/07/13 7:09 AM, "WXR" <1485739...@qq.com> wrote: > > > > >I want to do a full backup of cloudstack data and restore them to a new > > >cloudstack,but I don't know which files should I copy and how to restore > > >them. > > > > . > > > > > -- > Regards, > > Kirk Jantzer > c: (678) 561-5475 > http://about.met/kirkjantzer >
Re: How to backup cloudstack data?
Virtual machines. I want to know how to do data backup and restore the vms when the cloudstack storage has been ruined totally. -- Original -- From: "Nitin Mehta"; Date: Mon, Jul 22, 2013 03:10 PM To: "users@cloudstack.apache.org"; Subject: Re: How to backup cloudstack data? What is it that you want to back up ? Virtual machines, snapshots - anything else ? On 22/07/13 7:09 AM, "WXR" <1485739...@qq.com> wrote: >I want to do a full backup of cloudstack data and restore them to a new >cloudstack,but I don't know which files should I copy and how to restore >them. .
How to backup cloudstack data?
I want to do a full backup of cloudstack data and restore them to a new cloudstack,but I don't know which files should I copy and how to restore them.
Re: packets dropped by kernel on host node management nic
Do you mean that if there is a large traffic flow on the nic,the tcpdump will show 'dropped packets'? -- Original -- From: "David Nalley"; Date: Sat, Jul 20, 2013 09:47 AM To: "users"; Subject: Re: packets dropped by kernel on host node management nic On Fri, Jul 19, 2013 at 9:42 PM, WXR <1485739...@qq.com> wrote: > I use cloudstack4.1 basic network. > When I use tcpdump to capture packets on the management nic of the host > node,it will be like this: > > [root@cs-kvm02 opt]# tcpdump -c 1 -w /test.pcap -vv > tcpdump: listening on cloudbr0, link-type EN10MB (Ethernet), capture size > 65535 bytes > 1 packets captured > 10515 packets received by filter > 481 packets dropped by kernel > > I don't know if it is normal,I think it should be "0 packets dropped by > kernel". So tcpdump has a buffer, and if tcpdump doesn't clear the buffer fast enough - the kernel will overwrite the buffer and 'drop packets' See the tcpdump manpage for more information. --David .
packets dropped by kernel on host node management nic
I use cloudstack4.1 basic network. When I use tcpdump to capture packets on the management nic of the host node,it will be like this: [root@cs-kvm02 opt]# tcpdump -c 1 -w /test.pcap -vv tcpdump: listening on cloudbr0, link-type EN10MB (Ethernet), capture size 65535 bytes 1 packets captured 10515 packets received by filter 481 packets dropped by kernel I don't know if it is normal,I think it should be "0 packets dropped by kernel".
Is there anything wrong with my network configuration?
I use cloudstack4.1 basic network. This is my host(compute) node network configuration: ifcfg-em1: DEVICE=em1 TYPE=Ethernet ONBOOT=yes BRIDGE=cloudbr0 ifcfg-em2: DEVICE=em2 TYPE=Ethernet ONBOOT=yes BRIDGE=cloudbr1 ifcfg-cloudbr0: DEVICE=cloudbr0 TYPE=Bridge ONBOOT=yes BOOTPROTO=static IPADDR=172.16.1.10 NETMASK=255.255.255.0 GATEWAY=172.16.1.1 DNS1=8.8.8.8 DEVICE=cloudbr1 TYPE=Bridge ONBOOT=yes BOOTPROTO=none IPV6INIT=no IPV6_AUTOCONF=no DELAY=5 STP=yes management traffic go through em1,guest traffic go through em2. em1 connect to dell powerconnect8132 switch te1/0/15 em2 connect to dell powerconnect8132 switch te1/0/16 Now the dell switch show lots of logs like this: spanning Tree Topology Change Received: MSTID: 0 Te1/0/16 I think there may be a network loop. I want to know if my configuration is correct.
Re: host node reboots by itself and keeps waiting for umount.
I don't think reboot host node is a good idea,host node always can not reboot normally in non-maintenance mode. -- Original -- From: "Dean Kamali"; Date: Tue, Jul 16, 2013 09:33 PM To: "users"; Subject: Re: host node reboots by itself and keeps waiting for umount. to me it sounds like your host is losing connectivity to primary storage, which makes cloud stack management server start to think that vms are stopped / frozen which triggers it to reboot the host to resolve such issue. On Tue, Jul 16, 2013 at 9:03 AM, WXR <1485739...@qq.com> wrote: > I find that my cloudstack host node reboots by itself sometimes. > I think the reboot message may be sent by management or agent service. > > And if the host node reboots by itself,it always stops at this line: > umount.fs /mnt/1edaca6a-b5dc-414d-90f3-0e0ddc6092d0 device is busy > [failed] > > 1.Why does the host node reboot by itself,how to avoid it? > 2.How to let cloudstack host node reboot normally,it often stops at umount > failed line.
host node reboots by itself and keeps waiting for umount.
I find that my cloudstack host node reboots by itself sometimes. I think the reboot message may be sent by management or agent service. And if the host node reboots by itself,it always stops at this line: umount.fs /mnt/1edaca6a-b5dc-414d-90f3-0e0ddc6092d0 device is busy [failed] 1.Why does the host node reboot by itself,how to avoid it? 2.How to let cloudstack host node reboot normally,it often stops at umount failed line.
Cloudstack can not work with NFS which does not permit subdirectory mounting
I find that cloudstack needs to mount subdirectory of primary or secondary storage NFS. For example,if I use 192.168.1.10:/secondary as my secondary storage,cloudstack will not only mount /secondary,but also mount /secondary/template/tpml/1/3 sometimes. Now I have a storage device which does not support subdirectory mounting,so if cloudstack use it as its primary/secondary storage,the system vms can not start. I want to know how to deal with the problem.
Re: API or cloudmonkey CLI call fails sometimes.
I've reinstalled my cloudstack for some other test purposes and can't get the issue now.If the same issue arises again in future I will post the logs. Thank you all the same. -- Original -- From: "Rohit Yadav"; Date: Sat, Jul 13, 2013 02:44 AM To: "Sebastien Goasguen"; "WXR"<1485739...@qq.com>; Cc: "users"; Subject: Re: API or cloudmonkey CLI call fails sometimes. On Thu, Jul 11, 2013 at 4:45 AM, Sebastien Goasguen wrote: > > On Jul 10, 2013, at 8:42 AM, WXR <1485739...@qq.com> wrote: > > > Intermittent network issue can not cause authentication fail,and some > other function fails,I think. > > Then we need more info to help. > CloudMonkey always works for me > > I am copying Rohit who wrote cloudmonkey. > Hi WXR, I'm not sure what the issue is, intermittent network issue will cause timeout and now I'm not sure if such an exception is handled correctly for some case. Looks time some timing based issue, if something is working for sometime and fails other times, probably you've a clustered mgmt setup, or lb or some out of the ordinary setup? Can you provide some logs, your conf file details etc.? This can surely help us find the issue. Meanwhile check that you've the latest version from pypi or from master. My $dayjob does not permit me to work on opensource full time, so I'll be only able to get back to you during weekends and in my free time, but I'll try to reply. Cheers. > > > > > > > > > > > -- Original -- > > From: "Sebastien Goasguen"; > > Date: Wed, Jul 10, 2013 08:20 PM > > To: "users"; > > > > Subject: Re: API or cloudmonkey CLI call fails sometimes. > > > > > > > > > > On Jul 8, 2013, at 8:44 PM, WXR <1485739...@qq.com> wrote: > > > >> Sometimes when I use the an api call or cloudmonkey command,cloudstack > will return a false value(authentication fails,can not deploy vm,can not > create volume,can not attach volume,etc),but sometimes the same api or cli > call succeeds. > >> > >> Does anyone know how to avoid it? > > > > Maybe it's an intermittent network issue ? > > > > . > >
Re:RE: Some allocation algorithm questions about instance and volume
Thank you! -- Original -- From: "Prachi Damle"; Date: Thu, Jul 11, 2013 04:58 AM To: "users@cloudstack.apache.org"; Subject: RE: Some allocation algorithm questions about instance and volume Hi, I have added some comments inline. Thanks, Prachi -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: Wednesday, July 10, 2013 6:23 AM To: users Subject: Some allocation algorithm questions about instance and volume 1.Can cloudstack allocate vm instances averagely between host nodes? The default value of vm.allocation.algorithm is "random". If there is just one host node in a cluster(we call it A) and I create 20 instances,all of them will be allocated on host A.Now I add another host B,and create 30 instance again,what will happen? I think the number of instances on A is 35,on B is 15,according to probability theory.But I hope the result is 25 on A,25 on B,but I don't know how to configure cloudstack to achieve it. [Prachi] Currently there is no implementation to balance the instances across available hosts. If you are using single cloudstack account to create the instances, setting vm.allocation.algorithm to 'userdispersing' can help you achieve the balance. 'userdispersing' will always choose a host with less number of instances of the two hosts. 2.The similar question about volume allocating. If I have two empty primary storage pools in a cluster,the volumes of vms will be allocated randomly on both of them. But If I have a primary storage with 20 volumes and an empty primary storage,how can I let new volumes allocated averagely on them? [Prachi] Same as above. No implementation for balancing. But 'userdispersing' can help. 3.How to set a standby host in a cluster? There is there host nodes A,B,C ,vm instances are allocated randomly on them. Now I want to add a standby host node D into the cluster. If there are enough compute resources on A,B,C ,no new instance will be allocated on D. But if A breaks down and there are not enough resources on B,C , many of the vms on A will be migrated to D. Is it possible to set a standby host like this? [Prachi] You can achieve this by setting the global config variable 'ha.tag' to some value and adding a hosttag with same value for the host D. This will ensure that host D is used only for HA purposes. .
Some allocation algorithm questions about instance and volume
1.Can cloudstack allocate vm instances averagely between host nodes? The default value of vm.allocation.algorithm is "random". If there is just one host node in a cluster(we call it A) and I create 20 instances,all of them will be allocated on host A.Now I add another host B,and create 30 instance again,what will happen? I think the number of instances on A is 35,on B is 15,according to probability theory.But I hope the result is 25 on A,25 on B,but I don't know how to configure cloudstack to achieve it. 2.The similar question about volume allocating. If I have two empty primary storage pools in a cluster,the volumes of vms will be allocated randomly on both of them. But If I have a primary storage with 20 volumes and an empty primary storage,how can I let new volumes allocated averagely on them? 3.How to set a standby host in a cluster? There is there host nodes A,B,C ,vm instances are allocated randomly on them. Now I want to add a standby host node D into the cluster. If there are enough compute resources on A,B,C ,no new instance will be allocated on D. But if A breaks down and there are not enough resources on B,C , many of the vms on A will be migrated to D. Is it possible to set a standby host like this?
Re: API or cloudmonkey CLI call fails sometimes.
Intermittent network issue can not cause authentication fail,and some other function fails,I think. -- Original -- From: "Sebastien Goasguen"; Date: Wed, Jul 10, 2013 08:20 PM To: "users"; Subject: Re: API or cloudmonkey CLI call fails sometimes. On Jul 8, 2013, at 8:44 PM, WXR <1485739...@qq.com> wrote: > Sometimes when I use the an api call or cloudmonkey command,cloudstack will > return a false value(authentication fails,can not deploy vm,can not create > volume,can not attach volume,etc),but sometimes the same api or cli call > succeeds. > > Does anyone know how to avoid it? Maybe it's an intermittent network issue ? .
How to let vm instance display the processor info of its host server?
I use kvm as hypervisor,cloudstack is intalled on a dell server.The cpu is E5-2620,the hdd is Seagate SAS. By default the vm processor info is qemu virtual processor,the harddisk info is qemu or virtio driver. I want to let the vm show the hardware info of its host server , just like E5-2620,SAS hdd. Is there any global setting or other method to achieve it ?
API or cloudmonkey CLI call fails sometimes.
Sometimes when I use the an api call or cloudmonkey command,cloudstack will return a false value(authentication fails,can not deploy vm,can not create volume,can not attach volume,etc),but sometimes the same api or cli call succeeds. Does anyone know how to avoid it?
Re:RE: vm's disk io performance declines quickly after beingcreated0.5-1 hours later.
use kvm as hypervisor. use the default medium instance compute offering. -- Original -- From: "CSG - Ashley Lester"; Date: Mon, Jul 8, 2013 03:25 PM To: "users@cloudstack.apache.org"; Subject: RE: vm's disk io performance declines quickly after beingcreated0.5-1 hours later. Whats the hypervisor is use ? XenServer has some pretty bad driver issues for a while.. -Original Message- From: David Comerford [mailto:davest...@gmail.com] Sent: July-08-13 1:57 AM To: users@cloudstack.apache.org Subject: Re: vm's disk io performance declines quickly after being created0.5-1 hours later. What kind of compute Service Offering are you using for the instance? There may be some painfully restrictive settings in there. Best regards, David Comerford Mobile: +353 87 1238295 Email: davest...@gmail.com Website: http://dave.ie GPG key: http://pgp.dave.ie On 7 July 2013 05:07, WXR <1485739...@qq.com> wrote: > The host node has 96GB ram and 2 E5-2620 cpus.There is just one vm for > test on this node. > The storage node is just only working for the host node. > > I don't know if cloudstack has some default resource limit policies. > I don't think workload is the reason.There may be a system feature > which cause this issue,about cloudstack,or kvm,or windows system,or > storage device,or something else. > Does any one have relevant experience in dealing with this issue? > > > > -- Original -- > From: "David Comerford"; > Date: Sun, Jul 7, 2013 05:43 AM > To: "users"; > > Subject: Re: vm's disk io performance declines quickly after being > created0.5-1 hours later. > > > > Doesn't sounds like a CloudStack problem. > Spin up a Linux instance and see does it have the same problem. > > Then apply some science and check I/O inside the instance. Then I/O on > the primary storage device. > Keep an eye on the storage NICs too. > > Does you host have enough RAM? Maybe it's booting up in main memory > and starting to swap over the hour. > > Best regards, > David Comerford > Mobile: +353 87 1238295 > Email: davest...@gmail.com > Website: http://dave.ie > GPG key: http://pgp.dave.ie > > > On 6 July 2013 10:56, WXR <1485739...@qq.com> wrote: > > > I create a windows 2003 server enterprise 32bit vm template. > > When I use this template to create a vm instance and start the > > vm.The > disk > > io performance is normal,it just takes 5 seconds to copy a 200MB > > file.And other files/directories copy jobs are very fask. > > > > But 0.5-1 hours later,the vm need serveral minutes to copy a 200MB > > file,and all other files copy job become very slow. > > > > I don't know if it is an issue of windows 2003 vm template,or > > cloudstack configuration,or storage configuration. > > Does anyone meet the same issue? > .
Re: vm's disk io performance declines quickly after being created0.5-1 hours later.
The host node has 96GB ram and 2 E5-2620 cpus.There is just one vm for test on this node. The storage node is just only working for the host node. I don't know if cloudstack has some default resource limit policies. I don't think workload is the reason.There may be a system feature which cause this issue,about cloudstack,or kvm,or windows system,or storage device,or something else. Does any one have relevant experience in dealing with this issue? -- Original -- From: "David Comerford"; Date: Sun, Jul 7, 2013 05:43 AM To: "users"; Subject: Re: vm's disk io performance declines quickly after being created0.5-1 hours later. Doesn't sounds like a CloudStack problem. Spin up a Linux instance and see does it have the same problem. Then apply some science and check I/O inside the instance. Then I/O on the primary storage device. Keep an eye on the storage NICs too. Does you host have enough RAM? Maybe it's booting up in main memory and starting to swap over the hour. Best regards, David Comerford Mobile: +353 87 1238295 Email: davest...@gmail.com Website: http://dave.ie GPG key: http://pgp.dave.ie On 6 July 2013 10:56, WXR <1485739...@qq.com> wrote: > I create a windows 2003 server enterprise 32bit vm template. > When I use this template to create a vm instance and start the vm.The disk > io performance is normal,it just takes 5 seconds to copy a 200MB file.And > other files/directories copy jobs are very fask. > > But 0.5-1 hours later,the vm need serveral minutes to copy a 200MB > file,and all other files copy job become very slow. > > I don't know if it is an issue of windows 2003 vm template,or cloudstack > configuration,or storage configuration. > Does anyone meet the same issue?
vm's disk io performance declines quickly after being created 0.5-1 hours later.
I create a windows 2003 server enterprise 32bit vm template. When I use this template to create a vm instance and start the vm.The disk io performance is normal,it just takes 5 seconds to copy a 200MB file.And other files/directories copy jobs are very fask. But 0.5-1 hours later,the vm need serveral minutes to copy a 200MB file,and all other files copy job become very slow. I don't know if it is an issue of windows 2003 vm template,or cloudstack configuration,or storage configuration. Does anyone meet the same issue?
Re: How many vms per primary storage can offer best performance?
The network trafficflow is just 40Mb/s-50Mb/s on the management&storage nic when the performance becomes low. -- Original -- From: "Dean Kamali"; Date: Sat, Jul 6, 2013 03:42 AM To: "users"; Subject: Re: How many vms per primary storage can offer best performance? Well can you tell us more about your setup, before blaming NFS for being slow :) In most cases the hardware is what to blame, Are you using 6Gbps / SATA3 drives? Your 1GB link most likely the bottle neck here, you will need to either bond 4 NICs together or maybe invest in 10G switch. I'm using NFS with SSDs and SATA3 drives / with expensive DELL Raid controller, and 10G Network, I'm able to run 30 - 40 vms with no performance issues. On Fri, Jul 5, 2013 at 1:35 AM, Ignazio Cassano wrote: > Hi, I think nfs is not a good solution. > Try clvm over iscsi or fc. > Regards > Il giorno 04/lug/2013 18:26, "Conrad Geiger" ha > scritto: > > > I would also say that 8 spindles for 15-20 VMs is low. You are going to > > run out of iops. > > > > > > Sent from my Verizon Wireless 4G LTE Smartphone > > > > > > > > Original message > > From: Ahmad Emneina > > Date: 07/04/2013 9:10 AM (GMT-05:00) > > To: Cloudstack users mailing list > > Subject: Re: How many vms per primary storage can offer best performance? > > > > > > I would google NFS tuning and atomically test changes. Changes vary from > > the kernel level up through the switches (sizing frames) as well as > > introducing bonding. YMMV here NFS tuning is a huge part trial and error. > > > > > > On Thu, Jul 4, 2013 at 5:26 AM, WXR <1485739...@qq.com> wrote: > > > > > I use NFS share as primary storage,the NFS share is on a 8 SATA HDDs > > > RAID10 volume. > > > The network link is gigabit ethernet.The switch is dell powerconnect. > > > > > > When I just create 15-20 vm instances and start them(not run any > software > > > on them),I find the disk IO performance of the vm is very low. > > > If a file copy job on a pc needs 10 minutes , the same job on the vm > > needs > > > 20minutes. > > > > > > I don't know if it is normal,and I want to know the correct > configuration > > > of the primary storage,I need your suggests with enough experience. > > >
How many vms per primary storage can offer best performance?
I use NFS share as primary storage,the NFS share is on a 8 SATA HDDs RAID10 volume. The network link is gigabit ethernet.The switch is dell powerconnect. When I just create 15-20 vm instances and start them(not run any software on them),I find the disk IO performance of the vm is very low. If a file copy job on a pc needs 10 minutes , the same job on the vm needs 20minutes. I don't know if it is normal,and I want to know the correct configuration of the primary storage,I need your suggests with enough experience.
Re:System integrity check failed. Refuse to startup
I just create a new user called abc,then download tomcat7 to the abc home directory and run the start.sh script. Does this operation cause the issue?? -- Original -- From: "WXR"<1485739...@qq.com>; Date: Tue, Jul 2, 2013 10:31 PM To: "users"; Subject: System integrity check failed. Refuse to startup The cloudstack-management service can not start normally. The logs indicate the reason but I don't know how to get rid of the issue. 2013-07-02 19:26:09,078 INFO [utils.component.ComponentContext] (Timer-1:null) Running SystemIntegrityChecker managementServerNode 2013-07-02 19:26:09,080 ERROR [utils.component.ComponentContext] (Timer-1:null) System integrity check failed. Refuse to startup
Re:RE: Re:RE: Re:RE: Where are the snapshots generated by schedules?
I think the schedule job is created successfully.I can see the text like this: Scheduled Snapshots Time: 1 min past the hr Timezone: [UTC-12:00] GMT-12:00 Keep: 3 -- Original -- From: "Rajesh Battala"; Date: Tue, Jul 2, 2013 11:15 PM To: "users@cloudstack.apache.org"; Subject: RE: Re:RE: Re:RE: Where are the snapshots generated by schedules? NPE issue for recurring snapshot is fixed long back. This should not occur. Schedule snapshots works the same way we take manually snapshots. For schedule snapshot, CS will create the createsnapshot async job while the schedule occurs to take the snapshot for the volume. Is the schedule snapshot job is created successfully? > -Original Message- > From: WXR [mailto:1485739...@qq.com] > Sent: Tuesday, July 2, 2013 8:34 PM > To: users > Subject: Re:RE: Re:RE: Where are the snapshots generated by schedules? > > Yes I'm using kvm,but I'm using basic network,not advanced network. > The jira link give a solution but I don't know how to do it,I'm not familiar > with java and git. > What can I do to fix the bug,should I rebuild the project? > > > -- Original -- > From: "Geoff Higginbottom"; > Date: Tue, Jul 2, 2013 10:38 PM > To: "users@cloudstack.apache.org"; > > Subject: RE: Re:RE: Where are the snapshots generated by schedules? > > > > Are you using KVM by any chance, there is currently a ticket logged in > relation to Scheduled Snapshots failing on KVM. > > If so take a look at https://issues.apache.org/jira/browse/CLOUDSTACK-1353 > and see if it mirrors your symptoms > > Regards > > Geoff Higginbottom > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > geoff.higginbot...@shapeblue.com > > > -Original Message- > From: WXR [mailto:1485739...@qq.com] > Sent: 02 July 2013 15:36 > To: users > Subject: Re:RE: Where are the snapshots generated by schedules? > > I'm sure I have added the schedule and I can see it at the bottom of the > schedule box. > > > > > -- Original -- > From: "Geoff Higginbottom"; > Date: Tue, Jul 2, 2013 10:27 PM > To: "users@cloudstack.apache.org"; > > Subject: RE: Where are the snapshots generated by schedules? > > > > When setting up the recurring snapshot, ensure that after entering the times > etc, you click the Add Button, then the Done Button. Failing to click the Add > button will result in no Schedule being created > > Regards > > Geoff Higginbottom > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > geoff.higginbot...@shapeblue.com > > > -Original Message- > From: WXR [mailto:1485739...@qq.com] > Sent: 02 July 2013 15:14 > To: users > Subject: Where are the snapshots generated by schedules? > > If I create a snapshot of a volume , I can see it on the snapshot list. > But if I create a hourly schedule for a volume and wait enough time(longer > than 1 day),I can't see any snapshot associated with the volume on the > snapshot list.All snapshots listed are "manual". > I don't know if the schedule doesn't work correctly,or the snapshots are > generated by schedule but not shown on snapshot list. > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based > upon its contents, nor copy or show it to anyone. Please contact the sender > if you believe you have received this email in error. Shape Blue Ltd is a > company incorporated in England & Wales. ShapeBlue Services India LLP is > operated under license from Shape Blue Ltd. ShapeBlue is a registered > trademark. > > . > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based > upon its contents, nor copy or show it to anyone. Please contact the sender > if you believe you have received this email in error. Shape Blue Ltd is a > company incorporated in England & Wales. ShapeBlue Services India LLP is > operated under license from Shape Blue Ltd. ShapeBlue is a registered > trademark. .
Re: RE: Re:RE: Where are the snapshots generated by schedules?
cloudstack4.1 I download the yum repo from url http://cloudstack.apt-get.eu/rhel/4.1/ I use "yum groupinstall Virtualization" to install kvm firstly and then use "yum install cloudstack-agent" to install the agent,because the kvm installed by cloudstack-agent can not work normally. -- Original -- From: "David Nalley"; Date: Tue, Jul 2, 2013 11:21 PM To: "users"; Subject: Re: RE: Re:RE: Where are the snapshots generated by schedules? What version of ACS are you on? --David On Tue, Jul 2, 2013 at 11:03 AM, WXR <1485739...@qq.com> wrote: > Yes I'm using kvm,but I'm using basic network,not advanced network. > The jira link give a solution but I don't know how to do it,I'm not familiar > with java and git. > What can I do to fix the bug,should I rebuild the project? > > > -- Original -- > From: "Geoff Higginbottom"; > Date: Tue, Jul 2, 2013 10:38 PM > To: "users@cloudstack.apache.org"; > > Subject: RE: Re:RE: Where are the snapshots generated by schedules? > > > > Are you using KVM by any chance, there is currently a ticket logged in > relation to Scheduled Snapshots failing on KVM. > > If so take a look at https://issues.apache.org/jira/browse/CLOUDSTACK-1353 > and see if it mirrors your symptoms > > Regards > > Geoff Higginbottom > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > geoff.higginbot...@shapeblue.com > > > -Original Message- > From: WXR [mailto:1485739...@qq.com] > Sent: 02 July 2013 15:36 > To: users > Subject: Re:RE: Where are the snapshots generated by schedules? > > I'm sure I have added the schedule and I can see it at the bottom of the > schedule box. > > > > > -- Original -- > From: "Geoff Higginbottom"; > Date: Tue, Jul 2, 2013 10:27 PM > To: "users@cloudstack.apache.org"; > > Subject: RE: Where are the snapshots generated by schedules? > > > > When setting up the recurring snapshot, ensure that after entering the times > etc, you click the Add Button, then the Done Button. Failing to click the > Add button will result in no Schedule being created > > Regards > > Geoff Higginbottom > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > geoff.higginbot...@shapeblue.com > > > -Original Message- > From: WXR [mailto:1485739...@qq.com] > Sent: 02 July 2013 15:14 > To: users > Subject: Where are the snapshots generated by schedules? > > If I create a snapshot of a volume , I can see it on the snapshot list. > But if I create a hourly schedule for a volume and wait enough time(longer > than 1 day),I can't see any snapshot associated with the volume on the > snapshot list.All snapshots listed are "manual". > I don't know if the schedule doesn't work correctly,or the snapshots are > generated by schedule but not shown on snapshot list. > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based upon > its contents, nor copy or show it to anyone. Please contact the sender if you > believe you have received this email in error. Shape Blue Ltd is a company > incorporated in England & Wales. ShapeBlue Services India LLP is operated > under license from Shape Blue Ltd. ShapeBlue is a registered trademark. > > . > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based upon > its contents, nor copy or show it to anyone. Please contact the sender if you > believe you have received this email in error. Shape Blue Ltd is a company > incorporated in England & Wales. ShapeBlue Services India LLP is operated > under license from Shape Blue Ltd. ShapeBlue is a registered trademark. .
Volume losts after migrating.
I want to migrate all volumes from one primary storage to another. So I migrate serveral root and data volumes at the same time from the UI. Now one of the vms can not start after migrating,the management log shows that the vm start fails due to can't find volume. How can I find the lost volume and recover it?
Re:RE: Re:RE: Where are the snapshots generated by schedules?
Yes I'm using kvm,but I'm using basic network,not advanced network. The jira link give a solution but I don't know how to do it,I'm not familiar with java and git. What can I do to fix the bug,should I rebuild the project? -- Original -- From: "Geoff Higginbottom"; Date: Tue, Jul 2, 2013 10:38 PM To: "users@cloudstack.apache.org"; Subject: RE: Re:RE: Where are the snapshots generated by schedules? Are you using KVM by any chance, there is currently a ticket logged in relation to Scheduled Snapshots failing on KVM. If so take a look at https://issues.apache.org/jira/browse/CLOUDSTACK-1353 and see if it mirrors your symptoms Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: 02 July 2013 15:36 To: users Subject: Re:RE: Where are the snapshots generated by schedules? I'm sure I have added the schedule and I can see it at the bottom of the schedule box. -- Original -- From: "Geoff Higginbottom"; Date: Tue, Jul 2, 2013 10:27 PM To: "users@cloudstack.apache.org"; Subject: RE: Where are the snapshots generated by schedules? When setting up the recurring snapshot, ensure that after entering the times etc, you click the Add Button, then the Done Button. Failing to click the Add button will result in no Schedule being created Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: 02 July 2013 15:14 To: users Subject: Where are the snapshots generated by schedules? If I create a snapshot of a volume , I can see it on the snapshot list. But if I create a hourly schedule for a volume and wait enough time(longer than 1 day),I can't see any snapshot associated with the volume on the snapshot list.All snapshots listed are "manual". I don't know if the schedule doesn't work correctly,or the snapshots are generated by schedule but not shown on snapshot list. This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. . This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re:RE: Where are the snapshots generated by schedules?
I'm sure I have added the schedule and I can see it at the bottom of the schedule box. -- Original -- From: "Geoff Higginbottom"; Date: Tue, Jul 2, 2013 10:27 PM To: "users@cloudstack.apache.org"; Subject: RE: Where are the snapshots generated by schedules? When setting up the recurring snapshot, ensure that after entering the times etc, you click the Add Button, then the Done Button. Failing to click the Add button will result in no Schedule being created Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: 02 July 2013 15:14 To: users Subject: Where are the snapshots generated by schedules? If I create a snapshot of a volume , I can see it on the snapshot list. But if I create a hourly schedule for a volume and wait enough time(longer than 1 day),I can't see any snapshot associated with the volume on the snapshot list.All snapshots listed are "manual". I don't know if the schedule doesn't work correctly,or the snapshots are generated by schedule but not shown on snapshot list. This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. .
System integrity check failed. Refuse to startup
The cloudstack-management service can not start normally. The logs indicate the reason but I don't know how to get rid of the issue. 2013-07-02 19:26:09,078 INFO [utils.component.ComponentContext] (Timer-1:null) Running SystemIntegrityChecker managementServerNode 2013-07-02 19:26:09,080 ERROR [utils.component.ComponentContext] (Timer-1:null) System integrity check failed. Refuse to startup
Re:RE: Changing compute offering needs a restarting to take effect.
cloudstack4.1,use kvm as hypervisor. -- Original -- From: "Geoff Higginbottom"; Date: Tue, Jul 2, 2013 09:57 PM To: "users@cloudstack.apache.org"; Subject: RE: Changing compute offering needs a restarting to take effect. What version of CloudStack, and also what HyperVisor are you using Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: WXR [mailto:1485739...@qq.com] Sent: 02 July 2013 14:49 To: users Subject: Changing compute offering needs a restarting to take effect. When I stop a instance and change its compute offering from one to another(e.g. 1 cpu to 2 cpus),the vm's compute offering will not change to the new one after the first starting.And if I restart the vm again,it will apply the new computer offering. Why? This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Where are the snapshots generated by schedules?
If I create a snapshot of a volume , I can see it on the snapshot list. But if I create a hourly schedule for a volume and wait enough time(longer than 1 day),I can't see any snapshot associated with the volume on the snapshot list.All snapshots listed are "manual". I don't know if the schedule doesn't work correctly,or the snapshots are generated by schedule but not shown on snapshot list.
Changing compute offering needs a restarting to take effect.
When I stop a instance and change its compute offering from one to another(e.g. 1 cpu to 2 cpus),the vm's compute offering will not change to the new one after the first starting.And if I restart the vm again,it will apply the new computer offering. Why?
How to use the basic guest network without any security group?
If I add a basic zone with security group,all ingress traffics will be blocked by default.So I need to add the rules to let the vm be accessed. But if I add a basic zone without any security group,all ingress traffics are still be blocked by default.How can I let it be accessed? I think a guest network without any security group should be accessed directly,should not be blocked by default.
404 error when downloading template.
cloudstack version: 4.1 When I download a template and click the URL generated by cloudstack,it will return a 404 error: Not Found The requested URL /userdata/1f52a1bd-2fae-459f-8b6e-1ab2d1556bf5.qcow2 was not found on this server. I just created the template serveral minutes ago.
Re: How to migrate all volumes from one primary storage to anotherone?
Thank you.I have found the button. And now my question is how to migrate all templates and snapshots from one secondary storage to another.I try to modify the template_host_ref table in mysql,but cloudstack can not work correcly after modifying. -- Original -- From: "Geoff Higginbottom"; Date: Sat, Jun 29, 2013 06:39 PM To: ""; Subject: Re: How to migrate all volumes from one primary storage to anotherone? To migrate a Root volume simply stop the VM The button which migrates Hosts when the VM is running becomes a migrate storage button when the VM is stopped You have to be a Root admin to do this. Regards Geoff Higginbottom CTO / Cloud Architect D: +44 20 3603 0542 | S: +44 20 3603 0540| M: +447968161581 geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com> |www.shapeblue.com | Twitter:@shapeblue<https://twitter.com/#!/shapeblue> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS On 29 Jun 2013, at 07:46, "WXR" <474745...@qq.com<http://qq.com>> wrote: In cloudstack 4.1 UI,I can see a button which can migrate a volume from one primary storage to another,but the volume must not belong to any instance.So at least the root disk volume can not be migrated. If I want to migrate all volumes from one primary storage to another,what should I do? And the same question about secondary storage. This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re:RE: A instance with HA offering can not be shutted down in the vmOS.
But a instance owner without the cloudstack UI privilege can not stop the vm from cloudstack. So there is no way for him to stop his instance. -- Original -- From: "CSG - Ashley Lester"; Date: Sat, Jun 29, 2013 03:15 PM To: "users@cloudstack.apache.org"; Subject: RE: A instance with HA offering can not be shutted down in the vmOS. Stop the VM from Cloudstack and it wont restart -Original Message- From: WXR [mailto:474745...@qq.com] Sent: June-29-13 5:14 PM To: users Subject: A instance with HA offering can not be shutted down in the vm OS. If I create an instance without HA compute offering,I can shutdown the vm in the guest vm OS. But If I create an instance with HA compute offering and use "shutdown" in the guest vm OS,the vm will be started automatically after stopping. I want to use HA but I don't need the auto-start feature. .
A instance with HA offering can not be shutted down in the vm OS.
If I create an instance without HA compute offering,I can shutdown the vm in the guest vm OS. But If I create an instance with HA compute offering and use "shutdown" in the guest vm OS,the vm will be started automatically after stopping. I want to use HA but I don't need the auto-start feature.
How to migrate all volumes from one primary storage to another one?
In cloudstack 4.1 UI,I can see a button which can migrate a volume from one primary storage to another,but the volume must not belong to any instance.So at least the root disk volume can not be migrated. If I want to migrate all volumes from one primary storage to another,what should I do? And the same question about secondary storage.
?????? Cloudstack password enabled template
Yes,I have checked the "password enabled" checkbox. Does anyone set the vm password successfully with the linux password setting script? -- -- ??: "Edward Valencia"; : 2013??6??28??(??) 10:22 ??: "users"; : Re: Cloudstack password enabled template Was the "Password Enabled" check box marked when the template was created? This is required when you want to be able to change the password on Linux and Windows for the script to work. Once the template is created and a new instances started with this "Password Enabled" template then instances launched will be able to generate password upon creation and give the ability to the end users of chaining the root password from CloudStack. On Friday, June 28, 2013 at 5:51 AM, WXR wrote: > I have a similar question about the password resetting. > > I download the cloud-set-guest-password for linux and put it on my centos > guest vm. > > http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/ > > # cp cloud-set-guest-password /etc/init.d/ > # chmod +x /etc/init.d/cloud-set-guest-password > # chkconfig --add cloud-set-guest-password > > But it doen't take effect. > The tool for windows guest vm can work well. > > > > > -- Original -- > From: "Geoff Higginbottom" (mailto:geoff.higginbot...@shapeblue.com)>; > Date: Fri, Jun 28, 2013 06:32 PM > To: "users@cloudstack.apache.org > (mailto:users@cloudstack.apache.org)" (mailto:users@cloudstack.apache.org)>; > > Subject: RE: Cloudstack password enabled template > > > > Asmita, > > Are you adding the Password Reset Script to your Templates, if so then each > time you create a new VM it will get a randomly generated password. > > I believe you can then also use the getVMPassword API call to query the > existing password, although I have not tested this new 4.1 API command yet. > > Regards > > Geoff Higginbottom > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > geoff.higginbot...@shapeblue.com (mailto:geoff.higginbot...@shapeblue.com) > > -Original Message- > From: Asmita Vagyani [mailto:asmita.vagy...@sigma-systems.com] > Sent: 28 June 2013 11:26 > To: cloudstack-us...@incubator.apache.org > (mailto:cloudstack-us...@incubator.apache.org) > Subject: Cloudstack password enabled template > > > Hi, > > I have some queries related to getting password of VM that is created. > > I am using deployVirtualMachine api to create virtual machine from templates > that I have configured in cloudstack. > > When VM is deployed I want to get username and password of the VM to login to > that VM instance. > Also I want to generate random password everytime new VM is created using the > same template. > > Can anyone help me with that? > > > Regards, > > Asmita. > > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based upon > its contents, nor copy or show it to anyone. Please contact the sender if you > believe you have received this email in error. Shape Blue Ltd is a company > incorporated in England & Wales. ShapeBlue Services India LLP is operated > under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re:RE: Cloudstack password enabled template
I have a similar question about the password resetting. I download the cloud-set-guest-password for linux and put it on my centos guest vm. http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/ # cp cloud-set-guest-password /etc/init.d/ # chmod +x /etc/init.d/cloud-set-guest-password # chkconfig --add cloud-set-guest-password But it doen't take effect. The tool for windows guest vm can work well. -- Original -- From: "Geoff Higginbottom"; Date: Fri, Jun 28, 2013 06:32 PM To: "users@cloudstack.apache.org"; Subject: RE: Cloudstack password enabled template Asmita, Are you adding the Password Reset Script to your Templates, if so then each time you create a new VM it will get a randomly generated password. I believe you can then also use the getVMPassword API call to query the existing password, although I have not tested this new 4.1 API command yet. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Asmita Vagyani [mailto:asmita.vagy...@sigma-systems.com] Sent: 28 June 2013 11:26 To: cloudstack-us...@incubator.apache.org Subject: Cloudstack password enabled template Hi, I have some queries related to getting password of VM that is created. I am using deployVirtualMachine api to create virtual machine from templates that I have configured in cloudstack. When VM is deployed I want to get username and password of the VM to login to that VM instance. Also I want to generate random password everytime new VM is created using the same template. Can anyone help me with that? Regards, Asmita. This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re:RE: How to change the timezone of cloudstack mangement?
The OS of the management server is CentOS and the timezone is Asia/Shanghai(GMT+8). But all the time shown in cloudstack UI is GMT(8 hours less than Asia/Shanghai).For example,the logevent time and the instance create time. -- Original -- From: "Jayapal Reddy Uradi"; Date: Fri, Jun 28, 2013 04:26 PM To: "users"; Subject: RE: How to change the timezone of cloudstack mangement? What is your management server time zone. Setting management server time zone to your time zone is enough. Thanks, Jayapal > -Original Message- > From: WXR [mailto:474745...@qq.com] > Sent: Friday, 28 June 2013 1:47 PM > To: users > Subject: How to change the timezone of cloudstack mangement? > > It seems that cloudstack use the UTC time by default. > I want to set the timezone to a specified one, but I cant find the global > property about it. .
How to change the timezone of cloudstack mangement?
It seems that cloudstack use the UTC time by default. I want to set the timezone to a specified one, but I cant find the global property about it.
Re:RE: How can I allocate a specific IP when I create an instance.
Thank you!It is working correcly now. The order of operations is very important. -- Original -- From: ""; Date: Fri, Jun 28, 2013 02:35 PM To: "users"; Subject: RE: How can I allocate a specific IP when I create an instance. 1. change the ip in db 2. stop the vm 3. reboot the router 4. start the vm. The ip set correctly in log file. Thanks, Jayapal > -Original Message- > From: WXR [mailto:474745...@qq.com] > Sent: Friday, 28 June 2013 8:53 AM > To: users > Subject: Re: How can I allocate a specific IP when I create an instance. > > I want to change the ip of guest vm i-2-5-VM from 192.168.30.101 to > 192.168.30.123 > > # cat /var/run/cloud/i-2-5-VM.log > i-2-5-VM,5,192.168.30.101,36,1bb8f16bea8fcff2fa927946160a9d0e,27 > > I can edit this file and change the ip to 192.168.30.123,but the ip will come > back to 192.168.30.101 after the vm restarting. > > > > > -- Original -- > From: ""; > Date: Thu, Jun 27, 2013 06:09 PM > To: ""; > > Subject: Re: How can I allocate a specific IP when I create an instance. > > > > Try edit the vm ip in /var/run/cloud/.log file in host and restart > the vm. > This should update the security group rules in host. > > Thanks, > Jayapal > On 27-Jun-2013, at 3:00 PM, WXR <474745...@qq.com> > wrote: > > > I just modify the "nics" table and change the "ipv4_address" value.And > then I restart the vrouter vm. > > After the vrouter restarting,the instance vm can get the new ip but the ip > can not be accessed. > > > > > > > > > > -- Original -- > > From: "Dave Dunaway"; > > Date: Thu, Jun 27, 2013 05:25 PM > > To: "users"; > > > > Subject: Re: How can I allocate a specific IP when I create an instance. > > > > > > > > Show us what you changed... without that we can't help you. And make > > sure to indicate what version of CloudPlatform you use as apparently > > some older versions may not work with the ip address change in the DB > > as Geoff indicated. > > > > > > On Thu, Jun 27, 2013 at 12:42 AM, WXR <474745...@qq.com> wrote: > > > >> If I modify the ip of the vm in nic table and restart the vrouter > >> system vm, the instance vm can get the new ip which I specify. > >> But this ip can't be used normally.Them vm can not access the gateway > >> ip even if I'v stopped the iptables of its host node machine. > >> > >> > >> -- Original -- > >> From: "Dave Dunaway"; > >> Date: Wed, Jun 26, 2013 11:51 PM > >> To: "users"; > >> > >> Subject: Re: How can I allocate a specific IP when I create an instance. > >> > >> > >> > >> There should be a way to have the ability to reserve an IP and still > >> have DHCP assign the IP by mac reservation. There's no technical > >> reason this wouldn't work and likely a feature a lot of people would > >> love to see. The only hold back is the UI not allowing you to do so. > >> > >> Ultimately, you can go to the DB and change the VM's IP in the nics > >> table to what you want (reboot the VM and the IP change will occur). > >> Which is not the preferred way to do so, but ultimately that > >> functionality from the UI would be ideal. > >> > >> Even going as far as intergrating IPAM functionality into the product > >> would be ideal. > >> > >> > >> On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom < > >> geoff.higginbot...@shapeblue.com> wrote: > >> > >>> Simple answer - you can't. > >>> > >>> In an advanced zone, you can specify the IP address when you create > >>> a new VM using the API, however in a basic zone, because the IP will > >>> depend on which POD your VM ends up in, and as a user you cannot > >>> influence this, there is no way to specific the IP, even if you are a root > admin. > >>> > >>> The reason it still fails when you manually change the IP is that > >>> the security groups feature is expecting the VM to have the IP > >>> CloudStack allocated it via DHCP. > >>> > >>> Regards > >>> > >>> Geoff Higginbottom > >>> CTO / Cloud Architect > >>> > >>> > >>> D: +44(0)20 36
Re:RE: How to create a network offering without firewall?
When I create a new guest network with source NAT service.I can find these
lines in management-server.log
2013-06-28 13:34:01,468 DEBUG
[network.router.VirtualNetworkApplianceManagerImpl] (Job-Executor-1:job-236)
Resending ipAssoc, port forwarding, load balancing rules as a part of Virtual
router start
2013-06-28 13:35:04,920 DEBUG [agent.transport.Request]
(Job-Executor-1:job-236) Seq 12-142344210: Sending { Cmd , MgmtId:
119377525801125, via: 12, Ver: v1, Flags: 11,
[{"routing.IpAssocCommand":{"ipAddresses":[{"accountId":2,"publicIp":"192.168.30.77","sourceNat":true,"add":true,"oneToOneNat":false,"firstIP":true,"vlanId":"30","vlanGateway":"192.168.30.1","vlanNetmask":"255.255.255.0","vifMacAddress":"06:28:14:00:00:4e","networkRate":200,"trafficType":"Public","networkName":"breth1-30"}],"accessDetails":{"router.guest.ip":"10.10.3.1","zone.network.type":"Advanced","router.ip":"169.254.0.190","router.name":"r-65-VM"},"wait":0}}]
}
2013-06-28 13:35:07,519 DEBUG [agent.transport.Request]
(AgentManager-Handler-1:null) Seq 12-142344210: Processing: { Ans: , MgmtId:
119377525801125, via: 12, Ver: v1, Flags: 0,
[{"routing.IpAssocAnswer":{"results":["192.168.30.77 -
success"],"result":true,"wait":0}}] }
2013-06-28 13:35:07,520 DEBUG [agent.transport.Request]
(Job-Executor-1:job-236) Seq 12-142344210: Received: { Ans: , MgmtId:
119377525801125, via: 12, Ver: v1, Flags: 0, { IpAssocAnswer } }
Does that mean the sourceNAT rule has been added to the vroute iptables?
-- Original --
From: "";
Date: Fri, Jun 28, 2013 12:17 PM
To: "users";
Subject: RE: How to create a network offering without firewall?
From the iptables rules it is clear that in router source NAT ip is not
configured
Management server logs will help to understand what is went wrong
Please see logs for ipassoc command during guest network implementation.
Ipassoc command will set the source nat ip on the router.
Thanks,
Jayapal
> -Original Message-
> From: WXR [mailto:474745...@qq.com]
> Sent: Friday, 28 June 2013 8:33 AM
> To: users
> Subject: Re: How to create a network offering without firewall?
>
> root@r-60-VM:~# iptables -t nat -L -nv
> Chain PREROUTING (policy ACCEPT 149 packets, 13502 bytes)
> pkts bytes target prot opt in out source
> destination
>
> Chain POSTROUTING (policy ACCEPT 6 packets, 419 bytes)
> pkts bytes target prot opt in out source
> destination
>
> Chain OUTPUT (policy ACCEPT 6 packets, 419 bytes)
> pkts bytes target prot opt in out source
> destination
>
>
>
> root@r-60-VM:~# iptables -t mangle -L -nv Chain PREROUTING (policy
> ACCEPT 641 packets, 74208 bytes)
> pkts bytes target prot opt in out source
> destination
> 466 59141 CONNMARK all -- * * 0.0.0.0/00.0.0.0/0
> state
> RELATED,ESTABLISHED CONNMARK restore
>
> Chain INPUT (policy ACCEPT 619 packets, 72888 bytes)
> pkts bytes target prot opt in out source
> destination
>
> Chain FORWARD (policy ACCEPT 22 packets, 1320 bytes)
> pkts bytes target prot opt in out source
> destination
>
> Chain OUTPUT (policy ACCEPT 400 packets, 66973 bytes)
> pkts bytes target prot opt in out source
> destination
>
> Chain POSTROUTING (policy ACCEPT 400 packets, 66973 bytes)
> pkts bytes target prot opt in out source
> destination
> 0 0 CHECKSUM udp -- * * 0.0.0.0/00.0.0.0/0
> udp dpt:68
> CHECKSUM fill
>
> --
>
> root@r-60-VM:~# iptables -L -nv
> Chain INPUT (policy DROP 125 packets, 11746 bytes)
> pkts bytes target prot opt in out source
> destination
> 0 0 ACCEPT all -- * * 0.0.0.0/0224.0.0.18
> 0 0 ACCEPT all -- * * 0.0.0.0/0225.0.0.50
> 0 0 ACCEPT all -- eth0 * 0.0.0.0/00.0.0.0/0
> state
> RELATED,ESTABLISHED
> 416 54881 ACCEPT all -- eth1 * 0.0.0.0/00.0.0.0/0
> state
> RELATED,ESTABLISHED
> 3 347 ACCEPT all -- eth2 * 0.0.0.0/00.0.0.0/0
> state
> RELATED,ESTABLISHED
>13 1129 ACCEPT
Re: How to create a network offering without firewall?
0 0 CHECKSUM udp -- * * 0.0.0.0/00.0.0.0/0 udp dpt:68 CHECKSUM fill root@r-60-VM:~# clear root@r-60-VM:~# iptables -t mangle -L -nv Chain PREROUTING (policy ACCEPT 641 packets, 74208 bytes) pkts bytes target prot opt in out source destination 466 59141 CONNMARK all -- * * 0.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED CONNMARK restore Chain INPUT (policy ACCEPT 619 packets, 72888 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 22 packets, 1320 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 400 packets, 66973 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 400 packets, 66973 bytes) pkts bytes target prot opt in out source destination 0 0 CHECKSUM udp -- * * 0.0.0.0/00.0.0.0/0 udp dpt:68 CHECKSUM fill root@r-60-VM:~# iptables -L -nv Chain INPUT (policy DROP 125 packets, 11746 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0224.0.0.18 0 0 ACCEPT all -- * * 0.0.0.0/0225.0.0.50 0 0 ACCEPT all -- eth0 * 0.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED 506 65459 ACCEPT all -- eth1 * 0.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED 3 347 ACCEPT all -- eth2 * 0.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED 15 1297 ACCEPT icmp -- * * 0.0.0.0/00.0.0.0/0 5 293 ACCEPT all -- lo * 0.0.0.0/00.0.0.0/0 0 0 ACCEPT udp -- eth0 * 0.0.0.0/00.0.0.0/0 udp dpt:67 0 0 ACCEPT udp -- eth0 * 0.0.0.0/00.0.0.0/0 udp dpt:53 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/00.0.0.0/0 tcp dpt:53 15 900 ACCEPT tcp -- eth1 * 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:3922 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:80 0 0 ACCEPT tcp -- eth0 * 10.10.2.0/24 0.0.0.0/0 state NEW tcp dpt:8080 Chain FORWARD (policy DROP 22 packets, 1320 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- eth0 eth10.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- eth2 eth00.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- eth0 eth00.0.0.0/00.0.0.0/0 state NEW 0 0 ACCEPT all -- eth0 eth00.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED 22 1320 FW_OUTBOUND all -- eth0 eth20.0.0.0/00.0.0.0/0 Chain OUTPUT (policy ACCEPT 441 packets, 74901 bytes) pkts bytes target prot opt in out source destination Chain FW_OUTBOUND (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED -- Original -- From: ""; Date: Fri, Jun 28, 2013 10:56 AM To: ""; Subject: Re: How to create a network offering without firewall? I thought iptables rules you send from router iptables-save. in /etc/iptables/rules we won't have SNAT rule. Please send iptables rules from your router not the /etc/iptables/rules. iptables -t nat -L -nv, iptables -L -nv and iptables -t mangle -L -nv. Thanks, Jayapal On 28-Jun-2013, at 8:21 AM, WXR <474745...@qq.com> wrote: > When I added the guest network I selected the system default network offering > with source NAT. > There is a default ip "x.x.x.x[source NAT]" in the list when I click the > "view ip addresses". > > > > > -- Original -- > From: ""; > Date: Fri, Jun 28, 2013 10:45 AM > To: ""; > > Subject: Re: How to create a network offering without firewall? > > > > THe problem is there is no source NAT rule added in iptables nat table on > router. > Why the source NAT rule is not added on the router ? > In your network ip address do you have source NAT ip ? > > T
Re: How can I allocate a specific IP when I create an instance.
I want to change the ip of guest vm i-2-5-VM from 192.168.30.101 to 192.168.30.123 # cat /var/run/cloud/i-2-5-VM.log i-2-5-VM,5,192.168.30.101,36,1bb8f16bea8fcff2fa927946160a9d0e,27 I can edit this file and change the ip to 192.168.30.123,but the ip will come back to 192.168.30.101 after the vm restarting. -- Original -- From: ""; Date: Thu, Jun 27, 2013 06:09 PM To: ""; Subject: Re: How can I allocate a specific IP when I create an instance. Try edit the vm ip in /var/run/cloud/.log file in host and restart the vm. This should update the security group rules in host. Thanks, Jayapal On 27-Jun-2013, at 3:00 PM, WXR <474745...@qq.com> wrote: > I just modify the "nics" table and change the "ipv4_address" value.And then I > restart the vrouter vm. > After the vrouter restarting,the instance vm can get the new ip but the ip > can not be accessed. > > > > > -- Original -- > From: "Dave Dunaway"; > Date: Thu, Jun 27, 2013 05:25 PM > To: "users"; > > Subject: Re: How can I allocate a specific IP when I create an instance. > > > > Show us what you changed... without that we can't help you. And make sure > to indicate what version of CloudPlatform you use as apparently some older > versions may not work with the ip address change in the DB as Geoff > indicated. > > > On Thu, Jun 27, 2013 at 12:42 AM, WXR <474745...@qq.com> wrote: > >> If I modify the ip of the vm in nic table and restart the vrouter system >> vm, >> the instance vm can get the new ip which I specify. >> But this ip can't be used normally.Them vm can not access the gateway ip >> even if I'v stopped the iptables of its host node machine. >> >> >> -- Original -- >> From: "Dave Dunaway"; >> Date: Wed, Jun 26, 2013 11:51 PM >> To: "users"; >> >> Subject: Re: How can I allocate a specific IP when I create an instance. >> >> >> >> There should be a way to have the ability to reserve an IP and still have >> DHCP assign the IP by mac reservation. There's no technical reason this >> wouldn't work and likely a feature a lot of people would love to see. The >> only hold back is the UI not allowing you to do so. >> >> Ultimately, you can go to the DB and change the VM's IP in the nics table >> to what you want (reboot the VM and the IP change will occur). Which is not >> the preferred way to do so, but ultimately that functionality from the UI >> would be ideal. >> >> Even going as far as intergrating IPAM functionality into the product would >> be ideal. >> >> >> On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom < >> geoff.higginbot...@shapeblue.com> wrote: >> >>> Simple answer - you can't. >>> >>> In an advanced zone, you can specify the IP address when you create a new >>> VM using the API, however in a basic zone, because the IP will depend on >>> which POD your VM ends up in, and as a user you cannot influence this, >>> there is no way to specific the IP, even if you are a root admin. >>> >>> The reason it still fails when you manually change the IP is that the >>> security groups feature is expecting the VM to have the IP CloudStack >>> allocated it via DHCP. >>> >>> Regards >>> >>> Geoff Higginbottom >>> CTO / Cloud Architect >>> >>> >>> D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540>> +442036030540> | M: +44(0)7968161581 >>> >>> geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com >>> >>> | www.shapeblue.com >>> >>> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS >>> >>> >>> >>> On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com<http://qq.com>> wrote: >>> >>> cloudstack version: 4.1 >>> network type: basic network >>> >>> When I create a new instance,the vm will get a random IP from the DHCP >>> server on vrouter. >>> >>> If I want to: >>> 1.allocate a specific ip to the vm. >>> 2.allocate multiple ips to the vm. >>> 3.change the vm ip from one to another. >>> >>> How can I achieve it? I try to bind the ip to the vm nic manually but the >>> ip can not be accessed. >>> This email and any attachments to it may be confidential and are intended >>> solely for the use of the individual to whom it is addressed. Any views >> or >>> opinions expressed are solely those of the author and do not necessarily >>> represent those of Shape Blue Ltd or related companies. If you are not >> the >>> intended recipient of this email, you must neither take any action based >>> upon its contents, nor copy or show it to anyone. Please contact the >> sender >>> if you believe you have received this email in error. Shape Blue Ltd is a >>> company incorporated in England & Wales. ShapeBlue Services India LLP is >>> operated under license from Shape Blue Ltd. ShapeBlue is a registered >>> trademark. >>>
Re: How to create a network offering without firewall?
When I added the guest network I selected the system default network offering with source NAT. There is a default ip "x.x.x.x[source NAT]" in the list when I click the "view ip addresses". -- Original -- From: ""; Date: Fri, Jun 28, 2013 10:45 AM To: ""; Subject: Re: How to create a network offering without firewall? THe problem is there is no source NAT rule added in iptables nat table on router. Why the source NAT rule is not added on the router ? In your network ip address do you have source NAT ip ? Thanks, Jayapal On 28-Jun-2013, at 8:06 AM, WXR <474745...@qq.com> wrote: > I try to add the rule "iptables -A FW_OUTBOUND -j ACCEPT" to the vrouter > firewall but unfortunately it takes no effect. > > This is the iptables rules in file "/etc/iptables/rules" > > *nat > :PREROUTING ACCEPT [0:0] > :POSTROUTING ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > COMMIT > *filter > :INPUT DROP [0:0] > :FORWARD DROP [0:0] > :OUTPUT ACCEPT [0:0] > :FW_OUTBOUND - [0:0] > -A INPUT -d 224.0.0.18/32 -j ACCEPT > -A INPUT -d 225.0.0.50/32 -j ACCEPT > -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT > -A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT > -A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT > -A INPUT -p icmp -j ACCEPT > -A INPUT -i lo -j ACCEPT > -A INPUT -i eth0 -p udp -m udp --dport 67 -j ACCEPT > -A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT > -A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT > -A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT > -A INPUT -i eth0 -p tcp -m state --state NEW --dport 80 -j ACCEPT > -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT > -A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT > -A FORWARD -i eth0 -o eth0 -m state --state NEW -j ACCEPT > -A FORWARD -i eth0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT > -A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND > -I FW_OUTBOUND -m state --state RELATED,ESTABLISHED -j ACCEPT > COMMIT > *mangle > :PREROUTING ACCEPT [0:0] > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > :POSTROUTING ACCEPT [0:0] > -A PREROUTING -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark > -A POSTROUTING -p udp --dport bootpc -j CHECKSUM --checksum-fill > COMMIT > > Is there anything wrong? > > > > -- Original -- > From: ""; > Date: Thu, Jun 27, 2013 06:40 PM > To: "users@cloudstack.apache.org"; > > Subject: RE: How to create a network offering without firewall? > > > > I had this issue too some days ago. I solved it by logging into the Virtual > Router over ssh and adding this rule to the Firewall: > > iptables -A FW_OUTBOUND -j ACCEPT > > I hope this helps. > > Regards > > -Mensaje original- > De: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com] > Enviado el: jueves, 27 de junio de 2013 12:37 > Para: > Asunto: Re: How to create a network offering without firewall? > > Is internet accessible from from router ? > If it is accessible please send router iptables rules on pastebin.com > > Thanks, > jayapal > > On 27-Jun-2013, at 3:34 PM, WXR <474745...@qq.com> > wrote: > >> Sorry,the instance can access the vrouter gateway ip ,but can not access the >> Internet. >> >> >> -- Original -- >> From: "WXR"<474745...@qq.com>; >> Date: Thu, Jun 27, 2013 06:01 PM >> To: "users"; >> >> Subject: Re: How to create a network offering without firewall? >> >> >> >> I have added a egress rule like this: >> Source CIDRProtocolStart PortEnd Port >> 0.0.0.0/0 AllAllAll >> >> The vrouter vm can also access the Internet. >> But the instance vm is still able to access the vrouter gateway ip and the >> Internet. >> >> >> >> >> -- Original -- >> From: "Murali Reddy"; >> Date: Thu, Jun 27, 2013 05:21 PM >> To: "users@cloudstack.apache.org"; >> >> Subject: Re: How to create a network offering without firewall? >> >> >> >> >> Yes, egress firewall default action is 'BLOCK'. Here is a nice blog >> from Radhika >> http://writersopendiary.wordpress.com/2013/05/27/egress-firewall-rules >> -in-a >> pache-cloudstack/ >> >> On 27/06/13 2:21 PM, "WXR" <4
Re:RE: How to create a network offering without firewall?
I try to add the rule "iptables -A FW_OUTBOUND -j ACCEPT" to the vrouter firewall but unfortunately it takes no effect. This is the iptables rules in file "/etc/iptables/rules" *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] :FW_OUTBOUND - [0:0] -A INPUT -d 224.0.0.18/32 -j ACCEPT -A INPUT -d 225.0.0.50/32 -j ACCEPT -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -i eth0 -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT -A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT -A INPUT -i eth0 -p tcp -m state --state NEW --dport 80 -j ACCEPT -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i eth0 -o eth0 -m state --state NEW -j ACCEPT -A FORWARD -i eth0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND -I FW_OUTBOUND -m state --state RELATED,ESTABLISHED -j ACCEPT COMMIT *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A PREROUTING -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark -A POSTROUTING -p udp --dport bootpc -j CHECKSUM --checksum-fill COMMIT Is there anything wrong? -- Original -- From: ""; Date: Thu, Jun 27, 2013 06:40 PM To: "users@cloudstack.apache.org"; Subject: RE: How to create a network offering without firewall? I had this issue too some days ago. I solved it by logging into the Virtual Router over ssh and adding this rule to the Firewall: iptables -A FW_OUTBOUND -j ACCEPT I hope this helps. Regards -Mensaje original- De: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com] Enviado el: jueves, 27 de junio de 2013 12:37 Para: Asunto: Re: How to create a network offering without firewall? Is internet accessible from from router ? If it is accessible please send router iptables rules on pastebin.com Thanks, jayapal On 27-Jun-2013, at 3:34 PM, WXR <474745...@qq.com> wrote: > Sorry,the instance can access the vrouter gateway ip ,but can not access the > Internet. > > > -- Original -- > From: "WXR"<474745...@qq.com>; > Date: Thu, Jun 27, 2013 06:01 PM > To: "users"; > > Subject: Re: How to create a network offering without firewall? > > > > I have added a egress rule like this: > Source CIDRProtocolStart PortEnd Port > 0.0.0.0/0 AllAllAll > > The vrouter vm can also access the Internet. > But the instance vm is still able to access the vrouter gateway ip and the > Internet. > > > > > -- Original -- > From: "Murali Reddy"; > Date: Thu, Jun 27, 2013 05:21 PM > To: "users@cloudstack.apache.org"; > > Subject: Re: How to create a network offering without firewall? > > > > > Yes, egress firewall default action is 'BLOCK'. Here is a nice blog > from Radhika > http://writersopendiary.wordpress.com/2013/05/27/egress-firewall-rules > -in-a > pache-cloudstack/ > > On 27/06/13 2:21 PM, "WXR" <474745...@qq.com> wrote: > >> By the way , when I select the default guestnetworkwithsourceNAT and >> create an instance,the vm can not access to the Internet,is this a >> default setting?how can I let the vm access the Internet? >> >> >> >> >> -- Original -- >> From: "Murali Reddy"; >> Date: Thu, Jun 27, 2013 04:46 PM >> To: "users@cloudstack.apache.org"; >> >> Subject: Re: How to create a network offering without firewall? >> >> >> >> >> Also, by default all the ports that will be used by edge services are >> blocked by iptable config in the router VM templates. They needed to >> be opened explicitly with firewall rules. >> >> On 27/06/13 2:08 PM, "Jayapal Reddy Uradi" >> >> wrote: >> >>> With out firewall provider you can't have sourceNAT and static NAT >>> services because these services are provided by firewall provider only. >>> >>> Thanks, >>> Jayapal >>> >>> On 27-Jun-2013, at 1:35 PM, WXR <474745...@qq.com> >>> wrote: >>> >>>> If I create a new network offering and check >>>> dns,dhcp,userdata,sourceNAT,staticNAT,not check the firewall >>>> service.But the firewall will be added into it automatically. >>>> I don't need the firewall service ,how can I create a network >>>> offering without firewall? >>> >>> >> >> >> . > > > . .
Re: How to create a network offering without firewall?
Sorry,the instance can access the vrouter gateway ip ,but can not access the Internet. -- Original -- From: "WXR"<474745...@qq.com>; Date: Thu, Jun 27, 2013 06:01 PM To: "users"; Subject: Re: How to create a network offering without firewall? I have added a egress rule like this: Source CIDRProtocolStart PortEnd Port 0.0.0.0/0 AllAllAll The vrouter vm can also access the Internet. But the instance vm is still able to access the vrouter gateway ip and the Internet. -- Original -- From: "Murali Reddy"; Date: Thu, Jun 27, 2013 05:21 PM To: "users@cloudstack.apache.org"; Subject: Re: How to create a network offering without firewall? Yes, egress firewall default action is 'BLOCK'. Here is a nice blog from Radhika http://writersopendiary.wordpress.com/2013/05/27/egress-firewall-rules-in-a pache-cloudstack/ On 27/06/13 2:21 PM, "WXR" <474745...@qq.com> wrote: >By the way , when I select the default guestnetworkwithsourceNAT and >create an instance,the vm can not access to the Internet,is this a >default setting?how can I let the vm access the Internet? > > > > >-- Original -- >From: "Murali Reddy"; >Date: Thu, Jun 27, 2013 04:46 PM >To: "users@cloudstack.apache.org"; > >Subject: Re: How to create a network offering without firewall? > > > > >Also, by default all the ports that will be used by edge services are >blocked by iptable config in the router VM templates. They needed to be >opened explicitly with firewall rules. > >On 27/06/13 2:08 PM, "Jayapal Reddy Uradi" >wrote: > >>With out firewall provider you can't have sourceNAT and static NAT >>services because these services are provided by firewall provider only. >> >>Thanks, >>Jayapal >> >>On 27-Jun-2013, at 1:35 PM, WXR <474745...@qq.com> >> wrote: >> >>> If I create a new network offering and check >>>dns,dhcp,userdata,sourceNAT,staticNAT,not check the firewall service.But >>>the firewall will be added into it automatically. >>> I don't need the firewall service ,how can I create a network offering >>>without firewall? >> >> > > >. .
Re: How to create a network offering without firewall?
I have added a egress rule like this: Source CIDRProtocolStart PortEnd Port 0.0.0.0/0 AllAllAll The vrouter vm can also access the Internet. But the instance vm is still able to access the vrouter gateway ip and the Internet. -- Original -- From: "Murali Reddy"; Date: Thu, Jun 27, 2013 05:21 PM To: "users@cloudstack.apache.org"; Subject: Re: How to create a network offering without firewall? Yes, egress firewall default action is 'BLOCK'. Here is a nice blog from Radhika http://writersopendiary.wordpress.com/2013/05/27/egress-firewall-rules-in-a pache-cloudstack/ On 27/06/13 2:21 PM, "WXR" <474745...@qq.com> wrote: >By the way , when I select the default guestnetworkwithsourceNAT and >create an instance,the vm can not access to the Internet,is this a >default setting?how can I let the vm access the Internet? > > > > >-- Original -- >From: "Murali Reddy"; >Date: Thu, Jun 27, 2013 04:46 PM >To: "users@cloudstack.apache.org"; > >Subject: Re: How to create a network offering without firewall? > > > > >Also, by default all the ports that will be used by edge services are >blocked by iptable config in the router VM templates. They needed to be >opened explicitly with firewall rules. > >On 27/06/13 2:08 PM, "Jayapal Reddy Uradi" >wrote: > >>With out firewall provider you can't have sourceNAT and static NAT >>services because these services are provided by firewall provider only. >> >>Thanks, >>Jayapal >> >>On 27-Jun-2013, at 1:35 PM, WXR <474745...@qq.com> >> wrote: >> >>> If I create a new network offering and check >>>dns,dhcp,userdata,sourceNAT,staticNAT,not check the firewall service.But >>>the firewall will be added into it automatically. >>> I don't need the firewall service ,how can I create a network offering >>>without firewall? >> >> > > >. .
Re: How can I allocate a specific IP when I create an instance.
I just modify the "nics" table and change the "ipv4_address" value.And then I restart the vrouter vm. After the vrouter restarting,the instance vm can get the new ip but the ip can not be accessed. -- Original -- From: "Dave Dunaway"; Date: Thu, Jun 27, 2013 05:25 PM To: "users"; Subject: Re: How can I allocate a specific IP when I create an instance. Show us what you changed... without that we can't help you. And make sure to indicate what version of CloudPlatform you use as apparently some older versions may not work with the ip address change in the DB as Geoff indicated. On Thu, Jun 27, 2013 at 12:42 AM, WXR <474745...@qq.com> wrote: > If I modify the ip of the vm in nic table and restart the vrouter system > vm, > the instance vm can get the new ip which I specify. > But this ip can't be used normally.Them vm can not access the gateway ip > even if I'v stopped the iptables of its host node machine. > > > -- Original -- > From: "Dave Dunaway"; > Date: Wed, Jun 26, 2013 11:51 PM > To: "users"; > > Subject: Re: How can I allocate a specific IP when I create an instance. > > > > There should be a way to have the ability to reserve an IP and still have > DHCP assign the IP by mac reservation. There's no technical reason this > wouldn't work and likely a feature a lot of people would love to see. The > only hold back is the UI not allowing you to do so. > > Ultimately, you can go to the DB and change the VM's IP in the nics table > to what you want (reboot the VM and the IP change will occur). Which is not > the preferred way to do so, but ultimately that functionality from the UI > would be ideal. > > Even going as far as intergrating IPAM functionality into the product would > be ideal. > > > On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom < > geoff.higginbot...@shapeblue.com> wrote: > > > Simple answer - you can't. > > > > In an advanced zone, you can specify the IP address when you create a new > > VM using the API, however in a basic zone, because the IP will depend on > > which POD your VM ends up in, and as a user you cannot influence this, > > there is no way to specific the IP, even if you are a root admin. > > > > The reason it still fails when you manually change the IP is that the > > security groups feature is expecting the VM to have the IP CloudStack > > allocated it via DHCP. > > > > Regards > > > > Geoff Higginbottom > > CTO / Cloud Architect > > > > > > D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 > +442036030540> | M: +44(0)7968161581 > > > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com > > > > | www.shapeblue.com > > > > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS > > > > > > > > On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com<http://qq.com>> wrote: > > > > cloudstack version: 4.1 > > network type: basic network > > > > When I create a new instance,the vm will get a random IP from the DHCP > > server on vrouter. > > > > If I want to: > > 1.allocate a specific ip to the vm. > > 2.allocate multiple ips to the vm. > > 3.change the vm ip from one to another. > > > > How can I achieve it? I try to bind the ip to the vm nic manually but the > > ip can not be accessed. > > This email and any attachments to it may be confidential and are intended > > solely for the use of the individual to whom it is addressed. Any views > or > > opinions expressed are solely those of the author and do not necessarily > > represent those of Shape Blue Ltd or related companies. If you are not > the > > intended recipient of this email, you must neither take any action based > > upon its contents, nor copy or show it to anyone. Please contact the > sender > > if you believe you have received this email in error. Shape Blue Ltd is a > > company incorporated in England & Wales. ShapeBlue Services India LLP is > > operated under license from Shape Blue Ltd. ShapeBlue is a registered > > trademark. > > >
Re: How to create a network offering without firewall?
By the way , when I select the default guestnetworkwithsourceNAT and create an instance,the vm can not access to the Internet,is this a default setting?how can I let the vm access the Internet? -- Original -- From: "Murali Reddy"; Date: Thu, Jun 27, 2013 04:46 PM To: "users@cloudstack.apache.org"; Subject: Re: How to create a network offering without firewall? Also, by default all the ports that will be used by edge services are blocked by iptable config in the router VM templates. They needed to be opened explicitly with firewall rules. On 27/06/13 2:08 PM, "Jayapal Reddy Uradi" wrote: >With out firewall provider you can't have sourceNAT and static NAT >services because these services are provided by firewall provider only. > >Thanks, >Jayapal > >On 27-Jun-2013, at 1:35 PM, WXR <474745...@qq.com> > wrote: > >> If I create a new network offering and check >>dns,dhcp,userdata,sourceNAT,staticNAT,not check the firewall service.But >>the firewall will be added into it automatically. >> I don't need the firewall service ,how can I create a network offering >>without firewall? > > .
How to create a network offering without firewall?
If I create a new network offering and check dns,dhcp,userdata,sourceNAT,staticNAT,not check the firewall service.But the firewall will be added into it automatically. I don't need the firewall service ,how can I create a network offering without firewall?
Re: How can I allocate a specific IP when I create an instance.
If I modify the ip of the vm in nic table and restart the vrouter system vm, the instance vm can get the new ip which I specify. But this ip can't be used normally.Them vm can not access the gateway ip even if I'v stopped the iptables of its host node machine. -- Original -- From: "Dave Dunaway"; Date: Wed, Jun 26, 2013 11:51 PM To: "users"; Subject: Re: How can I allocate a specific IP when I create an instance. There should be a way to have the ability to reserve an IP and still have DHCP assign the IP by mac reservation. There's no technical reason this wouldn't work and likely a feature a lot of people would love to see. The only hold back is the UI not allowing you to do so. Ultimately, you can go to the DB and change the VM's IP in the nics table to what you want (reboot the VM and the IP change will occur). Which is not the preferred way to do so, but ultimately that functionality from the UI would be ideal. Even going as far as intergrating IPAM functionality into the product would be ideal. On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom < geoff.higginbot...@shapeblue.com> wrote: > Simple answer - you can't. > > In an advanced zone, you can specify the IP address when you create a new > VM using the API, however in a basic zone, because the IP will depend on > which POD your VM ends up in, and as a user you cannot influence this, > there is no way to specific the IP, even if you are a root admin. > > The reason it still fails when you manually change the IP is that the > security groups feature is expecting the VM to have the IP CloudStack > allocated it via DHCP. > > Regards > > Geoff Higginbottom > CTO / Cloud Architect > > > D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540 +442036030540> | M: +44(0)7968161581 > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com> > | www.shapeblue.com > > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS > > > > On 26 Jun 2013, at 05:02, "WXR" <474745...@qq.com<http://qq.com>> wrote: > > cloudstack version: 4.1 > network type: basic network > > When I create a new instance,the vm will get a random IP from the DHCP > server on vrouter. > > If I want to: > 1.allocate a specific ip to the vm. > 2.allocate multiple ips to the vm. > 3.change the vm ip from one to another. > > How can I achieve it? I try to bind the ip to the vm nic manually but the > ip can not be accessed. > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based > upon its contents, nor copy or show it to anyone. Please contact the sender > if you believe you have received this email in error. Shape Blue Ltd is a > company incorporated in England & Wales. ShapeBlue Services India LLP is > operated under license from Shape Blue Ltd. ShapeBlue is a registered > trademark. >
How to find the the vm's volume file in primary storage?
My primary storage is NFS. When I mount it and list the files in it, I can see lots of files named as uuid.I think they are vm volume files. But the uuid does not match to any vm's uuid or volumes uuid displayed in the cloudstack UI??so if I want to find a vm's volume file on primary storage NFS,I don't know which is the correct one. Can anybody tell me the relationship between the vm and the volume file?
Re: How can I allocate a specific IP when I create an instance.
If I use basic zone and basic network, I can set the public ips(the ips which can be routed on internet) to the guest newwork.So a vm instance can get the public ip directly from dhcp and I can see the public ip on its nic. But the advanced network topology is not as same as basic network,the ip on the vm is a private ip and the I must add a static NAT rule to map a public ip to the vm.And I hope all vms can link to the physical switch directly,but in advanced network,a vrouter is the gateway,all vms a linked to the vrouter. I don't know if there is a guest network just as the basic network topology in advance zone.If there is,I prefer to use the advanced network. -- Original -- From: "Dave Dunaway"; Date: Thu, Jun 27, 2013 02:19 AM To: "users"; "jason.pavao"; Subject: Re: How can I allocate a specific IP when I create an instance. @Geoff: Of course we are talking advanced networking, and having consideration of what your networks are that you can use. If someone wants to put a 10.x.x.x ip on a VM that is on a 192.x.x.x network, then they can gladly shoot themselves in the foot. Ideally the person making such a change understands the 'basic's of advanced networking in CloudPlatform. Otherwise they should stick the UI.;) @Jason: Look in the cloud.nics table. The nics for VMs are defined here. Modify as needed. A restart of the VM to make sure it all works is highly recommended. In our testing environment I can move a VM from one network to another, add nics, change IP's etc quite easily. Some of the 4.1 API will add this functionality (add nics for example to an existing VM). But there's still a lot of immutable things in CloudPlatform that shouldn't be, and that maybe one day will be a feature. We just need to make the requests for those features. On Wed, Jun 26, 2013 at 1:30 PM, Jason Pavao wrote: > Do you by chance have a sample sql query that would perform this? > > > > On 6/26/2013 8:51 AM, Dave Dunaway wrote: > >> There should be a way to have the ability to reserve an IP and still have >> DHCP assign the IP by mac reservation. There's no technical reason this >> wouldn't work and likely a feature a lot of people would love to see. The >> only hold back is the UI not allowing you to do so. >> >> Ultimately, you can go to the DB and change the VM's IP in the nics table >> to what you want (reboot the VM and the IP change will occur). Which is >> not >> the preferred way to do so, but ultimately that functionality from the UI >> would be ideal. >> >> Even going as far as intergrating IPAM functionality into the product >> would >> be ideal. >> >> >> On Wed, Jun 26, 2013 at 11:44 AM, Geoff Higginbottom < >> geoff.higginbottom@shapeblue.**com > >> wrote: >> >> Simple answer - you can't. >>> >>> In an advanced zone, you can specify the IP address when you create a new >>> VM using the API, however in a basic zone, because the IP will depend on >>> which POD your VM ends up in, and as a user you cannot influence this, >>> there is no way to specific the IP, even if you are a root admin. >>> >>> The reason it still fails when you manually change the IP is that the >>> security groups feature is expecting the VM to have the IP CloudStack >>> allocated it via DHCP. >>> >>> Regards >>> >>> Geoff Higginbottom >>> CTO / Cloud Architect >>> >>> >>> D: +44(0)20 3603 0542 | S: +44(0)20 3603 0540>> +442036030540> | M: +44(0)7968161581 >>> >>> geoff.higginbottom@shapeblue.**com >>> <mailto:geoff.higginbottom@**shapeblue.com >>> > >>> | www.shapeblue.com >>> >>> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS >>> >>> >>> >>> On 26 Jun 2013, at 05:02, "WXR" >>> <474745...@qq.com<http://qq.**com<http://qq.com>>> >>> wrote: >>> >>> cloudstack version: 4.1 >>> network type: basic network >>> >>> When I create a new instance,the vm will get a random IP from the DHCP >>> server on vrouter. >>> >>> If I want to: >>> 1.allocate a specific ip to the vm. >>> 2.allocate multiple ips to the vm. >>> 3.change the vm ip from one to another. >>> >>> How can I achieve it? I try to bind the ip to the vm nic manually but the >>> ip can not be accessed. >>> This email and any attachments to it may be confidential and are intended >>> solely for the use of the individual to whom it is addressed. Any views >>> or >>> opinions expressed are solely those of the author and do not necessarily >>> represent those of Shape Blue Ltd or related companies. If you are not >>> the >>> intended recipient of this email, you must neither take any action based >>> upon its contents, nor copy or show it to anyone. Please contact the >>> sender >>> if you believe you have received this email in error. Shape Blue Ltd is a >>> company incorporated in England & Wales. ShapeBlue Services India LLP is >>> operated under license from Shape Blue Ltd. ShapeBlue is a registered >>> trademark. >>> >>> > -- > Thanks. > -Jason > >
How can I allocate a specific IP when I create an instance.
cloudstack version: 4.1 network type: basic network When I create a new instance,the vm will get a random IP from the DHCP server on vrouter. If I want to: 1.allocate a specific ip to the vm. 2.allocate multiple ips to the vm. 3.change the vm ip from one to another. How can I achieve it? I try to bind the ip to the vm nic manually but the ip can not be accessed.
Re:RE: Re:RE: Is this a bug?
Thank you!I will have a try. -- Original -- From: "Jayapal Reddy Uradi"; Date: Wed, Jun 26, 2013 06:55 PM To: "users@cloudstack.apache.org"; Subject: RE: Re:RE: Is this a bug? Iptables restart loads the default configuration from the config file (/etc/sysconfig/iptables). In this case other configuration will be lost. If you want to reset iptables config use restart. cloudstack is not controlling the iptables restart. User is not supposed to touch the cloudstack configured iptables rules. I think you can also change the restart logic to save and re apply the config instead of default. It is better to use iptables-save,iptables stop, iptables start and iptables-reload. Thanks, Jayapal > -Original Message- > From: Nils Vogels [mailto:bacardic...@gmail.com] > Sent: Wednesday, 26 June 2013 3:50 PM > To: users@cloudstack.apache.org > Subject: Re: Re:RE: Is this a bug? > > One could argue that the CloudPortal should do this, since the host is under > the reign of CloudPortal ... ;) > > > On Wed, Jun 26, 2013 at 12:18 PM, Jayapal Reddy Uradi < > jayapalreddy.ur...@citrix.com> wrote: > > > Restart iptables logic is specific to host iptables. > > You can save (iptables-save) and restore (iptables-restore) to avoid > > config loss. > > > > Thanks, > > Jayapal > > > > > -Original Message- > > > From: WXR [mailto:474745...@qq.com] > > > Sent: Wednesday, 26 June 2013 12:57 PM > > > To: users > > > Subject: Re:RE: Is this a bug? > > > > > > Why the rule set will lost after iptables restarting?How can I do to > > avoid it? > > > > > > > > > > > > > > > -- Original -- > > > From: "Jayapal Reddy Uradi"; > > > Date: Wed, Jun 26, 2013 12:34 PM > > > To: "users"; > > > > > > Subject: RE: Is this a bug? > > > > > > > > > > > > Hi, > > > > > > It is not a bug. > > > I think it is working as expected. > > > Please find my inline comments. > > > > > > Thanks, > > > Jayapal > > > > > > > -Original Message- > > > > From: WXR [mailto:474745...@qq.com] > > > > Sent: Wednesday, 26 June 2013 7:16 AM > > > > To: users > > > > Subject: Is this a bug? > > > > > > > > cloudstack version: 4.1 > > > > > > > > network type: basic zone and basic network > > > > > > > > security group setting: > > > > ProtocolStart PortEnd PortCIDR > > > > TCP1655350.0.0.0/0 > > > > UDP1655350.0.0.0/0 > > > > ICMP-1-10.0.0.0/0 > > > > > > > > VM OS: windows > > > > > > > > 1.I can ping the vm and connect to it by rdp. > > > ICMP -1 -1 means allow icmp protocol all types and codes (255,255). > > > RDP uses tcp 3399, tcp all ports are opened. > > > So icmp and rdp are allowed to reach vm. > > > > 2.When I restart the iptables of the Host physical machine,I can > > > > not ping the vm,but I can still connect to it by rdp. > > > When you restart the iptables please make sure the cloudstack > > > configured rules are set before checking the traffic. > > > RDP is working because the connection is in established state. > > > > > > > 3.When I delete the ICMP rule of security group and add the same > > > > rule again.I can ping the vm. > > > When you restart ipables rules, I think the icmp rule set by > > > cloudstack > > is lost. > > > When you reconfigure the icmp rules on the Host is configured and > > traffic to > > > the vm is allowed. > > > > > > > > > . > > > > > > -- > Simple guidelines to happiness: > Work like you don't need the money, > Love like your heart has never been broken and Dance like no one can see > you. .
Re:RE: Is this a bug?
Why the rule set will lost after iptables restarting?How can I do to avoid it? -- Original -- From: "Jayapal Reddy Uradi"; Date: Wed, Jun 26, 2013 12:34 PM To: "users"; Subject: RE: Is this a bug? Hi, It is not a bug. I think it is working as expected. Please find my inline comments. Thanks, Jayapal > -Original Message- > From: WXR [mailto:474745...@qq.com] > Sent: Wednesday, 26 June 2013 7:16 AM > To: users > Subject: Is this a bug? > > cloudstack version: 4.1 > > network type: basic zone and basic network > > security group setting: > ProtocolStart PortEnd PortCIDR > TCP1655350.0.0.0/0 > UDP1655350.0.0.0/0 > ICMP-1-10.0.0.0/0 > > VM OS: windows > > 1.I can ping the vm and connect to it by rdp. ICMP -1 -1 means allow icmp protocol all types and codes (255,255). RDP uses tcp 3399, tcp all ports are opened. So icmp and rdp are allowed to reach vm. > 2.When I restart the iptables of the Host physical machine,I can not ping the > vm,but I can still connect to it by rdp. When you restart the iptables please make sure the cloudstack configured rules are set before checking the traffic. RDP is working because the connection is in established state. > 3.When I delete the ICMP rule of security group and add the same rule > again.I can ping the vm. When you restart ipables rules, I think the icmp rule set by cloudstack is lost. When you reconfigure the icmp rules on the Host is configured and traffic to the vm is allowed. .
Is this a bug?
cloudstack version: 4.1 network type: basic zone and basic network security group setting: ProtocolStart PortEnd PortCIDR TCP1655350.0.0.0/0 UDP1655350.0.0.0/0 ICMP-1-10.0.0.0/0 VM OS: windows 1.I can ping the vm and connect to it by rdp. 2.When I restart the iptables of the Host physical machine,I can not ping the vm,but I can still connect to it by rdp. 3.When I delete the ICMP rule of security group and add the same rule again.I can ping the vm.
Re: cant add host to cloud: "Nics are not configured!" / "Failedto get public nic name"
in the file "/etc/cloudstack/agent/agent.properties" you can see two properties which are commented: #public.network.device=cloudbr0 #private.network.device=cloudbr1 the commented contents indicate that you should create two bridges called cloudbr0 and cloudbr1,or you can uncomment the two lines and modify them to other values. -- Original -- From: "Fernando Guillén Camb"; Date: Tue, Jun 25, 2013 08:14 PM To: "users"; Subject: Re: cant add host to cloud: "Nics are not configured!" / "Failedto get public nic name" Hi. I'm trying to install CS4.1 in a host with Centos6.4 and I'm having exactly the same problem: 2013-06-25 14:07:14,703 DEBUG [kvm.resource.LibvirtComputingResource] (main:null) failing to get physical interface from bridgemanagement, did not find an eth*, bond*, or vlan* in /sys/devices/virtual/net/management/brif The interface list on the server: 2: em1: mtu 1500 qdisc mq state UP qlen 1000 link/ether e0:db:55:21:1f:3c brd ff:ff:ff:ff:ff:ff 3: em2: mtu 1500 qdisc mq state UP qlen 1000 link/ether e0:db:55:21:1f:3e brd ff:ff:ff:ff:ff:ff 4: p3p1: mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:0a:f7:0d:fb:e0 brd ff:ff:ff:ff:ff:ff 5: p3p2: mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:0a:f7:0d:fb:e2 brd ff:ff:ff:ff:ff:ff 6: public_guest: mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:0a:f7:0d:fb:e0 brd ff:ff:ff:ff:ff:ff 7: management: mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:0a:f7:0d:fb:e2 brd ff:ff:ff:ff:ff:ff 9: cloud0: mtu 1500 qdisc noqueue state UNKNOWN link/ether b2:64:55:9e:b8:33 brd ff:ff:ff:ff:ff:ff Is there any other solution than the one found by Javier? removing the biosdevname package, renaming all em* ifcfg scripts to eth* and deleting the 70-persistent-net.rules Thanx. El 23/05/13 17:51, Prasanna Santhanam escribió: > Yes the consistent naming scheme problem I *think* was fixed already > by Marcus and should be in 4.1 IIRC. Glad to hear that your problem is > solved. > > On Thu, May 23, 2013 at 05:17:04PM +0200, Javier Rodriguez wrote: >> Hi Prasanna, >> >> Thanks very much for your response, >> >> [root@mnode-1 ~]# rpm -qa | grep qemu >> gpxe-roms-qemu-0.9.7-6.9.el6.noarch >> qemu-kvm-0.12.1.2-2.355.0.1.el6.centos.2.x86_64 >> qemu-img-0.12.1.2-2.355.0.1.el6.centos.2.x86_64 >> >> [root@mnode-1 ~]# rpm -qa | grep virt >> libvirt-client-0.10.2-18.el6_4.4.x86_64 >> libvirt-0.10.2-18.el6_4.4.x86_64 >> virt-what-1.11-1.2.el6.x86_64 >> >> [root@mnode-1 ~]# rpm -qa | grep cloud >> cloud-deps-4.0.2-1.el6.x86_64 >> cloud-utils-4.0.2-1.el6.x86_64 >> cloud-scripts-4.0.2-1.el6.x86_64 >> cloud-agent-libs-4.0.2-1.el6.x86_64 >> cloud-python-4.0.2-1.el6.x86_64 >> cloud-agent-4.0.2-1.el6.x86_64 >> cloud-core-4.0.2-1.el6.x86_64 >> >> >> I enabled the DEBUG mode like you asked (I did not find >> /etc/cloudstack/agent/log4j.xml, so I changed it in >> /etc/cloud/agent/log4j-cloud.xml instead), and I found something >> interesting: >> >> 2013-05-23 12:26:26,210 DEBUG >> [kvm.resource.LibvirtComputingResource] (main:null) failing to get >> physical interface from bridgecloudbr0, did not find an eth*, bond*, >> or vlan* in /sys/devices/virtual/net/cloudbr0/brif >> >> The only file in /sys/devices/virtual/net/cloudbr0/brif is a symlink >> named em1.200, and apparently the cloud agent is expecting to find >> eth* devices. >> >> Apparently this has something to do with the Consistent Network >> Device naming feature introduced in later RH based distributions. >> (if eth0 is embedded in the motherboard it will be now called em1 by >> default). >> >> After investingating a bit I managed to rename the nics by removing >> the biosdevname package, renaming all em* ifcfg scripts to eth* and >> deleting the 70-persistent-net.rules in /etc/udev/rules.d (which >> gets automatically regenerated with proper values taken from ifcfg >> scripts by write_net_rules). >> >> After that I could add the host with no problem :) . I think the >> cloud agent not being able to manage Consistent Network Device >> Interfaces ( em* and p*p* ) is probably a bug in the cloud agent. >> >> Thanks for your help, >> >> -Javier -- Fernando Guillén Camba Unidade de Xestión de Infraestruturas TIC Centro de Investigación en Tecnoloxías da Información (CITIUS) Teléfono: 8818 16409 Correo: citius@usc.es
Does anyone know how to get the token of the vm console login url?
When we click the "view console" button of a sertain vm,a webbrower window will pop up and we can view the console of the vm. If we view the html source code of the window,we can find a https url like this: https://192-168-30-102.realhostip.com/ajax?token=mD_rIFSUJkT7PrE6r5Q576WmdQMpDi9cOmi5ClE5J8tiMzJIxwg8p8CWDQtdDOst_irHE4D1S_5geEkcFvwoIGcvoc7LbK8MydwVFvtyCcPi1crfLe82_4ZbetnfEaG1GdEu3rntUkUJ5b00_1KuW3DAb0F1b_16be_WG9IT9Uck32IFPmdf3MS4RSKVGo9C27z978LoA8oVLd3wTe-EDa2K-dOjPclKql9uhFMgBoSEifsLPoo6ZAD5Lahu15oq7QdtYp9zg-ujst8Oya7kOg I want to know how to get the token value.I need to make this url by myself,not by clicking the button on cloudstack UI,but I'm not familiar with JAVA.It's too difficult for me to find the algorithm from the cloudstack source code directly,so I hope some people or documents can help me to get it.
