Re: [one-users] Cloud View with Persistent Image

2014-10-03 Thread Nicolas Bélan 
Hi,

I have exactly the same pb, and same needs ...
I start think about a dedicated web service to handle that, but a
shorter (quicker) way to achieve deployments would be nice !

I will follow this thread for feebacks too

Best regards,
NB

Le 02/10/2014 06:07, Anandharaj Subramaniam a écrit :
>
> Hi All,
>
>  
>
> Just need some clarification and would like to get you guys feedback
> on managing VMs using OpenNebula in your environment.
>
>  
>
> _Our current practice as below (using OpenNebula 4.2):_
>
> 1.   New VM request
>
> -  Clone existing image (master image) to a new image. All the
> images are persistent.
>
> -  Clone existing template (master template) to a new template.
>
> -  Update the new template -- set cpu/vcpu, memory, image
> (point to newly created image), ip address, etc
>
> -  Instantiate the template
>
>  
>
> 2.   Update the spec of the VM
>
> -  Shutdown / delete the running VM
>
> -  Update the template belongs to that particular VM -- e.g
> set the new memory size
>
> -  Instantiate the template
>
>  
>
> Note:  a) In our setup, every VM will have their own template as per
> done in #1
>
>  b) Reason being update the template & re-instantiate
> instead of just  update the memory in VM is because of #3 below
>
>  
>
> 3.   Repair the VM
>
> -  In some cases the VM's filesystem will have some errors
> (eg: due to force shutdown / nfs issues) therefore require to run fsck
> using live CD.
>
> -  Image type CDROM cannot be attached thru VM list page
> (click on the VM -> storage tab)
>
> -  Update the VM's template -- add disk and choose the ISO
> image, choose boot = cdrom
>
> -  Instantiate the template and fix the errors using the live CD
>
> -  Shutdown / delete the running VM
>
> -  Update the VM's template -- remove the ISO image and choose
> boot = hd
>
> -  Instantiate the template
>
>  
>
> From the above scenario, anything that we are doing inefficiently? Im
> still new to this OpenNebula so appreciate you guys feedback / suggestion
>
>  
>
>  
>
> _Testing environment (OpenNebula 4.8)_
>
>  
>
> To further understand on this OpenNebula, I have setup ONE 4.8 and
> testing the Cloud View and see how I can improve my operation / VM
> administration.
>
>  
>
> The way user can create VM in Cloud View is the one I need -- user
> define the VM name, choose the template (OS), set the memory & CPU and
> launch it. Very simple. But unfortunately this only works with
> non-persistent image type. In my case, I cannot use non-persistent
> image because of the reason stated in #2 and #3 above.
>
>  
>
> So what I think Cloud View can be improved is:
>
> -  Based on config parameter (oned.conf ->
> ONE_DEPLOY=Persistent),  when user create a VM, a template should be
> created and the image should be cloned as persistent image. This is
> kinda same behavior as "Save" VM with only different is the image
> persistent yes/no and template spec
>
> -  Able to attach / detach CDROM
>
> Feel free to comment on this and provide some feedback.
>
>  
>
> --
>
> Regards,
>
> Anandharaj
>
>  
>
>
> 
> *DISCLAIMER:*
>
> This e-mail (including any attachments) is for the addressee(s) only
> and may be confidential, especially as regards personal data. If you
> are not the intended recipient, please note that any dealing, review,
> distribution, printing, copying or use of this e-mail is strictly
> prohibited. If you have received this email in error, please notify
> the sender immediately and delete the original message (including any
> attachments).
>
>
> MIMOS Berhad is a research and development institution under the
> purview of the Malaysian Ministry of Science, Technology and
> Innovation. Opinions, conclusions and other information in this e-mail
> that do not relate to the official business of MIMOS Berhad and/or its
> subsidiaries shall be understood as neither given nor endorsed by
> MIMOS Berhad and/or its subsidiaries and neither MIMOS Berhad nor its
> subsidiaries accepts responsibility for the same. All liability
> arising from or in connection with computer viruses and/or corrupted
> e-mails is excluded to the fullest extent permitted by law.
>
>
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] oneacct start/end question

2014-07-02 Thread Nicolas Bélan 
Hello,

I am using a script to generate usage stats.
But the update to 4.6.1 breaks my script. I have found that the error is
on oneacct:

[oneadmin@sam01 ~]$ LANG=C oneacct -s '06/01/2014 00:00:00' -e
'06/30/2014 23:59:59'
invalid argument: -e 06/30/2014 23:59:59

Using:
??[oneadmin@sam01 ~]$ oneacct -s '01/06/2014 00:00:00' -e '30/06/2014
23:59:59'

It is working.

In the doc
http://docs.opennebula.org/4.6/administration/users_and_groups/accounting.html
We have:

The time can be written as |month/day/year hour:minute:second|, or any
other similar format, e.g |month/day hour:minute|

Is it an error on the doc or on the oneacct tool ?

Thank you

Best regards,
Nicolas.
|
|
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Scalr with OpenNebula

2014-06-04 Thread Nicolas Bélan 
Hello Daniel,

Sure it could be interesting ;)

If I have time, i will have a technical look during summer

Best regards,
Nicolas


Le 04/06/2014 11:01, Daniel Molina a écrit :
> Hi Nicolas,
>
> I have never tried scalr, but It should work as long as you can define
> a custom endpoint for EC2 and it doesn't depend on S3, since
> OpenNebula does not provide S3 support.
>
> Maybe it would be interesting to develop an integration with
> OpenNebula using the XMLRPC API
>
> Cheers
>
>
> On 1 June 2014 00:09, Nicolas Bélan  <mailto:nicolas.be...@gmail.com>> wrote:
>
> Hello the list,
>
> we are looking at some integration with scalr software (opensource
> version).
> They said it is EC2 compliant.
>
> Does anyone tested it ?
> Do you have any advice ?
>
> Thank you :)
> Best regards,
> nicolas
> ___
> Users mailing list
> Users@lists.opennebula.org <mailto:Users@lists.opennebula.org>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
>
> -- 
> --
> Daniel Molina
> Project Engineer
> OpenNebula - Flexible Enterprise Cloud Made Simple
> www.OpenNebula.org <http://www.OpenNebula.org> |
> dmol...@opennebula.org <mailto:dmol...@opennebula.org> | @OpenNebula

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] Scalr with OpenNebula

2014-05-31 Thread Nicolas Bélan 
Hello the list,

we are looking at some integration with scalr software (opensource version).
They said it is EC2 compliant.

Does anyone tested it ?
Do you have any advice ?

Thank you :)
Best regards,
nicolas
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Move an image

2014-02-14 Thread Nicolas Bélan 
Ok, good to see something is planned for 4.6 :)

I did it successfully, thanks to you !

worked like a charm !

Thank you

Nicolas.

Le 11/02/2014 19:59, Ruben S. Montero a écrit :
> No, you cannot yet :( see [1,2].
>
> However you can do the procedure manually. Let's assume that:
>
> a. You already have a new datastore, ready and available
> under /var/lib/one/datastores/
> b. There are no VMs running using the images to be moved
>
> Then:
>
> 1.- Move the image file to the new place, you can keep the hashed name 
>
> mv /var/lib/one/datastores/106/fc0b14ee* /var/lib/one/datastores//
>
> 2.- Register a new image.You can keep the previous attributes if any
> (e.g. DRIVER or CACHE) **but be sure** to include:
>  * SOURCE set to point to the new location
>  * SIZE set to the original value
>
> This procedure can be easily script'ed if there are too many images. 
>
> Cheers
>
> Ruben
>
> [1] http://dev.opennebula.org/issues/2417
> [2] http://dev.opennebula.org/issues/1696
>
>
> On Tue, Feb 11, 2014 at 7:40 PM, Nicolas Bélan
> mailto:nicolas.be...@gmail.com>> wrote:
>
> Hello the list,
>
> I just want to know if it is possible to "move" a disk image between
> datastore.
>
> The use case is:
>
> I have a brand new JBOD, and I want to move  5TB of data from existing
> DS to the new one.
>
> I do not talk about System DS, but image DS.
>
> [oneadmin] ll -h
> /var/lib/one/datastores/106/fc0b14ee770a71c5db4ecd4947d13a10
> -rw-r--r-- 1 oneadmin oneadmin 2,8T  6 feb. 10:40
> /var/lib/one/datastores/106/fc0b14ee770a71c5db4ecd4947d13a10
>
> I can move/rsync/anything the disk, but I would like to re-register it
> like that (without any qemu-img convert) because, I do not want to
> clone
> it, just store it somewhere else.
>
> Thank you for any web pointer, I did not find any :-/
>
> Best regards,
> Nicolas
>
> ___
> Users mailing list
> Users@lists.opennebula.org <mailto:Users@lists.opennebula.org>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
>
> -- 
> -- 
> Ruben S. Montero, PhD
> Project co-Lead and Chief Architect
> OpenNebula - Flexible Enterprise Cloud Made Simple
> www.OpenNebula.org <http://www.OpenNebula.org> |
> rsmont...@opennebula.org <mailto:rsmont...@opennebula.org> | @OpenNebula

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] Move an image

2014-02-11 Thread Nicolas Bélan 
Hello the list,

I just want to know if it is possible to "move" a disk image between
datastore.

The use case is:

I have a brand new JBOD, and I want to move  5TB of data from existing
DS to the new one.

I do not talk about System DS, but image DS.

[oneadmin] ll -h
/var/lib/one/datastores/106/fc0b14ee770a71c5db4ecd4947d13a10
-rw-r--r-- 1 oneadmin oneadmin 2,8T  6 feb. 10:40
/var/lib/one/datastores/106/fc0b14ee770a71c5db4ecd4947d13a10

I can move/rsync/anything the disk, but I would like to re-register it
like that (without any qemu-img convert) because, I do not want to clone
it, just store it somewhere else.

Thank you for any web pointer, I did not find any :-/

Best regards,
Nicolas

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] ldap auth without automatic user creation

2014-02-06 Thread Nicolas Bélan 
Thank you for the explanation.

I am trying to detail more the steps I am using.

I have a LDAP tree with users (eg foobar user).
I will setup a VM in one-4.4 and I would like to assign it to foobar.
But, foobar does not exists yet in one (especially sunstone) until
foobar logged in, right ?
So, I would like to add it before any login, and assign its VM to its
user id. So, I create a foobar user (same UID as LDAP) in one.

But, If I create with "oneuser foobar" and set its auth engine to LDAP,
it seems that one do no find it.
It creates a new User ID when foobar logs in. (In fact, if I understand,
it finds the ldap one, and display it without any search in one users DB).
I have two users with the same ID (but numeric ID different), the LDAP
one and the ONE-4.4 one ( :-) ). Which seems "right" with your description.

Is there a way to "map" the oneuser foobar and the ldap one ? or to
"link" both ?

To be clear, I would like to authentify the one user to LDAP, but only
auth may be externalized to ldap.

Thank you
Nicolas


Le 06/02/2014 12:24, Javier Fontan a écrit :
> I'm not sure I've understood the problem. Maybe this explanation helps.
>
> The user name of a user with ldap driver is used to find it in ldap.
> It first searches for an ldap user with a DN equal to the OpenNebula
> user name. This way you can set the OpenNebula user name to a full dn
> of a user.
>
> In case there's no user with that dn it searches for users that have a
> field that are equal to the OpenNebula user name. By default this
> field is "cn" but it can be changed in ldap auth configuration file:
>
> --8<--
> # field that holds the user name, if not set 'cn' will be used
> :user_field: 'cn'
> -->8--
>
> In this example the field that we want to use as user name is "uid":
>
> --8<--
> dn: cn=Robert Smith,ou=people,dc=example,dc=com
> objectclass: inetOrgPerson
> cn: Robert Smith
> cn: Robert J Smith
> cn: bob  smith
> sn: smith
> uid: rjsmith
> userpassword: rJsmitH
> ou: Human Resources
> -->8--
>
> And we can change the ldap auth "user_field" to "uid".
>
> The user in OpenNebula should have
>
> user name: rjsmith
> password: -
> driver: ldap
>
> On Wed, Feb 5, 2014 at 10:41 AM, Nicolas Bélan  
> wrote:
>> Hello,
>>
>> I tried successfully the LDAP auth using one 4.4, with the 'default'
>> auth engine.
>>
>> So, I am able to log on Sunstone with a user in the right LDAP group, if
>> it is not created on the one user DB.
>>
>> But, I am trying to answer this use case, and I can't achieve it:
>>
>> 1) create a user through sunstone and set it a LDAP scheme auth.
>> 2) assign VM to this user (let's say uid 2)
>> 3) create a correct CN in LDAP DB, and assign it to the right group
>> 4) auth with sunstone GUI
>>
>> I creates a user 3, without any VM (same filter id ...)
>>
>> I would like to (pre)create user in sunstone, and give them accesses
>> later through LDAP auth.
>> Is it possible ?
>>
>> Thank you
>> Best regards,
>> Nicolas.
>>
>> ___
>> Users mailing list
>> Users@lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] ldap auth without automatic user creation

2014-02-05 Thread Nicolas Bélan 
Hello,

I tried successfully the LDAP auth using one 4.4, with the 'default'
auth engine.

So, I am able to log on Sunstone with a user in the right LDAP group, if
it is not created on the one user DB.

But, I am trying to answer this use case, and I can't achieve it:

1) create a user through sunstone and set it a LDAP scheme auth.
2) assign VM to this user (let's say uid 2)
3) create a correct CN in LDAP DB, and assign it to the right group
4) auth with sunstone GUI

I creates a user 3, without any VM (same filter id ...)

I would like to (pre)create user in sunstone, and give them accesses
later through LDAP auth.
Is it possible ?

Thank you
Best regards,
Nicolas.

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Setting up IPv6..

2014-01-26 Thread Nicolas Bélan 
Hello

You can not have IPv6 address automatically set in something other than
a /64 in opennebula (or I did not find the check box ...)
IPv6 address is derivative from the MAC address, someting like
:
So, using context package is a easy way to set IPv6 on openNebula
instance ;)

What I have found:

in vnet, you may set CONTEXT_FORCE_IPV4, to force IPv4 AND IPv6 on NIC.
If not, if an IPv6 is set, NO IPv4 will be setup ...
in vnet, you may set GATEWAY6 to the IPv6 address of your gateway (easy ...)
on vnet setup (warn, not after ...), you may set IPv6 Global Prefix (a
public, routable, IPv6, given by a LIR/RIR, /64 address) OR IPv6 Site
Prefix (fc00:: kind of address).

Using context, it works (I have found a Bug in 4.2, but I think it is
fixed in 4.4).
You have something like that in vnet leases, for site prefix.




IP  MAC IPv6 Site   IPv6 Global

VM:147  172.16.13.1 02:00:ac:10:0d:01
fc00:16:93:13:400:acff:fe10:d01 --

One set, you can not change the Site or Global prefix (in 4.2) ...

Best regards,
Nicolas



Le 23/01/2014 21:51, David a écrit :
> How do you do it? The documentation is baffling for people new to IPv6.
> Like where do I get the site prefix of my address? global? what's the
> difference between them? Do I use the MAC address in ifconfig? If I
> have a /64 is my network size 64? 
>
> What do I do? How do I set this up correctly? 
>
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Monitoring of a host can fail during a VM shutdown

2014-01-22 Thread Nicolas Bélan 
Hello,

got something similar on one 4.2:
Wed Jan 22 13:16:09 2014 [InM][I]: Monitoring host gimli02 (1)
Wed Jan 22 13:16:14 2014 [InM][I]: Command execution fail: 'if [ -x
"/var/tmp/one/im/run_probes" ]; then /var/t
mp/one/im/run_probes kvm 1 gimli02; else 
exit 42; fi'
Wed Jan 22 13:16:14 2014 [InM][I]: error: failed to get domain 'one-305'
Wed Jan 22 13:16:14 2014 [InM][I]: error: Domaine non trouvé : no domain
with matching name 'one-305'
Wed Jan 22 13:16:14 2014 [InM][I]: ../../vmm/kvm/poll:70:in
`get_vm_info': undefined method `[]' for nil:NilCla
ss (NoMethodError)
Wed Jan 22 13:16:14 2014 [InM][I]: from ../../vmm/kvm/poll:68:in `each'
Wed Jan 22 13:16:14 2014 [InM][I]: from ../../vmm/kvm/poll:68:in
`get_vm_info'
Wed Jan 22 13:16:14 2014 [InM][I]: from ../../vmm/kvm/poll:35:in
`get_all_vm_info'
Wed Jan 22 13:16:14 2014 [InM][I]: from ../../vmm/kvm/poll:401:in
`print_all_vm_template'
Wed Jan 22 13:16:14 2014 [InM][I]: from ../../vmm/kvm/poll:440
Wed Jan 22 13:16:14 2014 [InM][E]: Error executing poll.sh
Wed Jan 22 13:16:14 2014 [InM][I]: ExitCode: 1
Wed Jan 22 13:16:14 2014 [ONE][E]: Error monitoring Host gimli02 (1):
Error executing poll.sh

The problem appeares while deploying and removing 4 VMs in oneFlow. So,
It looks like the problem of Daniel.

The problem raise a full VM reset of the running vms on the HV.

Do you have any bug id linked for this PR ?

Thanks,
Nicolas.

Le 08/01/2014 11:17, Javier Fontan a écrit :
> This is a bug indeed. It can also fail in other cases like VM crash or
> migration.
>
> Open that bug and we will look into it. When you see those crashes it
> is safe to open a bug.
>
> On Wed, Dec 11, 2013 at 3:30 PM, Daniel Dehennin
>  wrote:
>> Hello,
>>
>> On a ONE 4.2, we just encountered an transiant issue:
>>
>> [InM][I]: Monitoring host grichka (9)
>> [InM][I]: Command execution fail: 'if [ -x "/var/tmp/one/im/run_probes" 
>> ]; then /var/tmp/one/im/run_probes kvm 9 grichka; else exit 42; fi'
>> [InM][I]: error: failed to get domain 'one-1547'
>> [InM][I]: error: Domain not found: no domain with matching name 
>> 'one-1547'
>> [InM][I]: ../../vmm/kvm/poll:70:in `block in get_vm_info': undefined 
>> method `[]' for nil:NilClass (NoMethodError)
>> [InM][I]: from ../../vmm/kvm/poll:68:in `each'
>> [InM][I]: from ../../vmm/kvm/poll:68:in `get_vm_info'
>> [InM][I]: from ../../vmm/kvm/poll:35:in `get_all_vm_info'
>> [InM][I]: from ../../vmm/kvm/poll:401:in `print_all_vm_template'
>> [InM][I]: from ../../vmm/kvm/poll:440:in `'
>> [InM][E]: Error executing poll.sh
>> [InM][I]: ExitCode: 1
>> [ONE][E]: Error monitoring Host grichka (9): Error executing poll.sh
>>
>>
>> It looks like something list all the running VM and then call
>> “get_vm_info” for each one.
>>
>> This result in an error if the VM disappears in the meantime, because of
>> a shutdown for example.
>>
>> Is this something plausible, in which case I'll open an issue on the bug
>> tracker?
>>
>> Regards.
>>
>> --
>> Daniel Dehennin
>> Récupérer ma clef GPG:
>> gpg --keyserver pgp.mit.edu --recv-keys 0x7A6FE2DF
>>
>> ___
>> Users mailing list
>> Users@lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>
>

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] _CONTEXT_FORCE_IPV4 disappeard ?

2013-08-23 Thread Nicolas Bélan 
Hello,

same (more or less) pb, but with RAW entries...

each time I update a template using 'classical' window ,not the advanced
on, I loose
RAW=[TYPE="kvm",DATA=""]

a bug ?

Best regards,
Nicolas.

Le 19/08/13 15:11, Javier Fontan a écrit :
> When OpenNebula finds NETWORK=yes it adds (or substitutes) network
> parameters by the standard network parameters that come in variable
> form, something like:
>
>   ETH0_IP = "$NIC[IP, NETWORK=\"public\"]",
>   ETH0_NETWORK = "$NETWORK[NETWORK_ADDRESS, NETWORK=\"public\"]",
>   ETH0_MASK = "$NETWORK[NETWORK_MASK, NETWORK=\"public\"]",
>   ETH0_GATEWAY = "$NETWORK[GATEWAY, NETWORK=\"public\"]",
>   ETH0_DNS = "$NETWORK[DNS, NETWORK=\"public\"]",
>   ETH0_CONTEXT_FORCE_IPV4 = "$NETWORK[CONTEXT_FORCE_IPV4, 
> NETWORK=\"public\"]",
>
> Then it substitutes the variables but when no match is found the
> variable is deleted. I think the problem is that you don't have the
> variable "CONTEXT_FORCE_IPV4" set in the virtual network template.
>
> On Wed, Aug 14, 2013 at 4:22 PM, Nicolas Bélan  
> wrote:
>> Hello
>>
>> I have the following context in my VM:
>> TARGET vdb
>> ETH0_MASK 255.255.255.192
>> ETH0_DNS A.B.C.D
>> ETH0_IPV6 A:B::400:b9ff:fe1e:5c04
>> ETH0_IP6 A:B::400:b9ff:fe1e:5c04
>> ETH0_NETWORK A.B.C.0
>> ETH0_GATEWAY6 A:B::
>> ETH0_GATEWAY A.B.C.D
>> ETH0_IP A.B.C.D
>> NETWORK YES
>> SSH_PUBLIC_KEY ssh-rsa
>> B3NzaC1yc2EDAQABAAACAQC/I3q0n8U/4+YEnUFyqh6nU7pKjUYQEhcu9jGtmYa57lzf8h9ps23RgUXGjT7GJiTASscRIuv9wSfC/6pGdjk7FVFs4lSVyyVfxuq+hRZ/uGpqsbtJqTWzeqOnEIixiLyjSSHe4O9c8kcNj/HMwqQ9k/IlXIA/kH/a5yUkOE1eHZ3r4KIydnGwvccaxqjJTHqvmKMYJAjOt1oe349SgT8ME7L4602Y88T7akVWmvOlP5W4cyi3hFoClv6iOqdjCTxOZX+tIoxJyBDS8lwIbgbf+S7gJhZsBJs1bshmC8U2Jx4tLTCpvNWYc2yE7LjaZweO3Cvz10OJ30nmRbdnCFT+jm5NvraGghLkp3eIXoEXP+yY/QlHc6R0XckgDZDF+N9jS3QAMsq8kEb6Uiy7UUlXvnDiCksgG1elJrTMN5wdyQFb55y3l0G3GaGt7vF+6yBMOay5b6Gy2LhIizrE2GJpd04auAZc8aAhJPUXXpDAK3nIuwwS2Df23jAa+b7bNcCGUCjHGIc3FJmRRtpJHLhC7g1fLxarvcD+HPQvV5l8sEo3yTyY3cTz+vZRMeYvZE9UImM+U0mf27nYdU3aZk49nb+4EDO23HApUB6XpDef7ODa8+dPsuObi3N76WvYO5BqWJ1uDajwyMBfitvR/T3yArdTMsUemhyRxLt8Mv0Thw==
>> user1@MacBook-Air-de-User1.local\nssh-rsa
>> B3NzaC1yc2EBIwAAAQEAsVArSh0m8RuropQ7Cqq47aOMg8BEz8LiIsH9A7ffGvzcWKAFLVrVfKg83WdCjJKSMlAArOVzLOzTJy6fSBFhGE3ah8JdBhPFrPJOqXUW9ntYyNlL/rYxAqdhu6FySz4+r2804iw+hWWZgMU5cBIWenaDsJ0HUUPY8mAG+jW2WhB8DEIylvMdkUlAMDNpUM/qeq7ZewX0fxJNUDnxRppmWySaaJmzZGM+ExedEqheBFGxntnaUiJE2ZNo5NLGjBici8Rl7EbB5eapHys7TCErO3k93+7fo4SNbz82yESlSHz+oAzTxGUItl1TnTHJy5zGS9Lu6O89MECNq5BIkR/gqw==
>> nbelan@nln\nssh-rsa
>> B3NzaC1yc2EDAQABAAABAQDTK5paorACmeNgrEWKNx6mOLRW48LLoeFYKE7CoSXddK+hyY8Lc+k4/tMKgus/TwsxNJ+6hUGHc0mRufp4cIkJwkzBRWkhIsOXwkgC2olFeb8PvfuEhXL/255MP7fgy5SYYb6th97hPYZIdnm8FKVSf1tboh9aGB6zMeyPiPygyY4UNsLcmc6I5ch28wsOQ9KYmfkjWnDP4Hj5D17eabQrmCF9aR6qTM5w9N919dvceop52k95VBLjcSBEkVAUbQUuF8QvcLEU0vf11UgWnFXWEoOj1kTeSJJAE3e+r7xHXnDQQEXSYt+q18LEDXNt+m00YiQdfXJQ5MXpXEI/oX9J
>> user2@MacBook-Air-de-User2.local
>> HOSTNAME host1
>> DISK_ID 1
>>
>> but my template has the following (i changed IP & ssh pub key in both)
>>
>> RAW=[TYPE="kvm",DATA="> port='0'/>> port='0'/>"]
>> NIC=[NETWORK_ID="4",MODEL="e1000",IP="A.B.C.D"]
>> DISK=[IMAGE_ID="29",DRIVER="qcow2"]
>> FEATURES=[PAE="yes",ACPI="yes"]
>> OS=[ARCH="x86_64"]
>> VCPU="1"
>> GRAPHICS=[TYPE="VNC",LISTEN="0.0.0.0",KEYMAP="fr"]
>> MEMORY="1024"
>> CPU="0.1"
>> CONTEXT=[ETH0_IPV6="$NIC[IP6_GLOBAL]",ETH0_CONTEXT_FORCE_IPV4="yes",ETH0_GATEWAY6="$NETWORK[GATEWAY6,
>> NETWORK_ID=4]",NETWORK="YES",SSH_PUBLIC_KEY="ssh-rsa
>> B3NzaC1yc2EDAQABAAACAQC/I3q0n8U/4+YEnUFyqh6nU7pKjUYQEhcu9jGtmYa57lzf8h9ps23RgUXGjT7GJiTASscRIuv9wSfC/6pGdjk7FVFs4lSVyyVfxuq+hRZ/uGpqsbtJqTWzeqOnEIixiLyjSSHe4O9c8kcNj/HMwqQ9k/IlXIA/kH/a5yUkOE1eHZ3r4KIydnGwvccaxqjJTHqvmKMYJAjOt1oe349SgT8ME7L4602Y88T7akVWmvOlP5W4cyi3hFoClv6iOqdjCTxOZX+tIoxJyBDS8lwIbgbf+S7gJhZsBJs1bshmC8U2Jx4tLTCpvNWYc2yE7LjaZweO3Cvz10OJ30nmRbdnCFT+jm5NvraGghLkp3eIXoEXP+yY/QlHc6R0XckgDZDF+N9jS3QAMsq8kEb6Uiy7UUlXvnDiCksgG1elJrTMN5wdyQFb55y3l0G3GaGt7vF+6yBMOay5b6Gy2LhIizrE2GJpd04auAZc8aAhJPUXXpDAK3nIuwwS2Df23jAa+b7bNcCGUCjHGIc3FJmRRtpJHLhC7g1fLxarvcD+HPQvV5l8sEo3yTyY3cTz+vZRMeYvZE9UImM+U0mf27nYdU3aZk49n

[one-users] _CONTEXT_FORCE_IPV4 disappeard ?

2013-08-14 Thread Nicolas Bélan 
Hello

I have the following context in my VM:
TARGET  vdb
ETH0_MASK   255.255.255.192
ETH0_DNSA.B.C.D
ETH0_IPV6   A:B::400:b9ff:fe1e:5c04
ETH0_IP6A:B::400:b9ff:fe1e:5c04
ETH0_NETWORKA.B.C.0
ETH0_GATEWAY6   A:B::
ETH0_GATEWAYA.B.C.D
ETH0_IP A.B.C.D
NETWORK YES
SSH_PUBLIC_KEY  ssh-rsa
B3NzaC1yc2EDAQABAAACAQC/I3q0n8U/4+YEnUFyqh6nU7pKjUYQEhcu9jGtmYa57lzf8h9ps23RgUXGjT7GJiTASscRIuv9wSfC/6pGdjk7FVFs4lSVyyVfxuq+hRZ/uGpqsbtJqTWzeqOnEIixiLyjSSHe4O9c8kcNj/HMwqQ9k/IlXIA/kH/a5yUkOE1eHZ3r4KIydnGwvccaxqjJTHqvmKMYJAjOt1oe349SgT8ME7L4602Y88T7akVWmvOlP5W4cyi3hFoClv6iOqdjCTxOZX+tIoxJyBDS8lwIbgbf+S7gJhZsBJs1bshmC8U2Jx4tLTCpvNWYc2yE7LjaZweO3Cvz10OJ30nmRbdnCFT+jm5NvraGghLkp3eIXoEXP+yY/QlHc6R0XckgDZDF+N9jS3QAMsq8kEb6Uiy7UUlXvnDiCksgG1elJrTMN5wdyQFb55y3l0G3GaGt7vF+6yBMOay5b6Gy2LhIizrE2GJpd04auAZc8aAhJPUXXpDAK3nIuwwS2Df23jAa+b7bNcCGUCjHGIc3FJmRRtpJHLhC7g1fLxarvcD+HPQvV5l8sEo3yTyY3cTz+vZRMeYvZE9UImM+U0mf27nYdU3aZk49nb+4EDO23HApUB6XpDef7ODa8+dPsuObi3N76WvYO5BqWJ1uDajwyMBfitvR/T3yArdTMsUemhyRxLt8Mv0Thw==
user1@MacBook-Air-de-User1.local\nssh-rsa
B3NzaC1yc2EBIwAAAQEAsVArSh0m8RuropQ7Cqq47aOMg8BEz8LiIsH9A7ffGvzcWKAFLVrVfKg83WdCjJKSMlAArOVzLOzTJy6fSBFhGE3ah8JdBhPFrPJOqXUW9ntYyNlL/rYxAqdhu6FySz4+r2804iw+hWWZgMU5cBIWenaDsJ0HUUPY8mAG+jW2WhB8DEIylvMdkUlAMDNpUM/qeq7ZewX0fxJNUDnxRppmWySaaJmzZGM+ExedEqheBFGxntnaUiJE2ZNo5NLGjBici8Rl7EbB5eapHys7TCErO3k93+7fo4SNbz82yESlSHz+oAzTxGUItl1TnTHJy5zGS9Lu6O89MECNq5BIkR/gqw==
nbelan@nln\nssh-rsa
B3NzaC1yc2EDAQABAAABAQDTK5paorACmeNgrEWKNx6mOLRW48LLoeFYKE7CoSXddK+hyY8Lc+k4/tMKgus/TwsxNJ+6hUGHc0mRufp4cIkJwkzBRWkhIsOXwkgC2olFeb8PvfuEhXL/255MP7fgy5SYYb6th97hPYZIdnm8FKVSf1tboh9aGB6zMeyPiPygyY4UNsLcmc6I5ch28wsOQ9KYmfkjWnDP4Hj5D17eabQrmCF9aR6qTM5w9N919dvceop52k95VBLjcSBEkVAUbQUuF8QvcLEU0vf11UgWnFXWEoOj1kTeSJJAE3e+r7xHXnDQQEXSYt+q18LEDXNt+m00YiQdfXJQ5MXpXEI/oX9J
user2@MacBook-Air-de-User2.local
HOSTNAMEhost1
DISK_ID 1


but my template has the following (i changed IP & ssh pub key in both)

RAW=[TYPE="kvm",DATA=""]
NIC=[NETWORK_ID="4",MODEL="e1000",IP="A.B.C.D"]
DISK=[IMAGE_ID="29",DRIVER="qcow2"]
FEATURES=[PAE="yes",ACPI="yes"]
OS=[ARCH="x86_64"]
VCPU="1"
GRAPHICS=[TYPE="VNC",LISTEN="0.0.0.0",KEYMAP="fr"]
MEMORY="1024"
CPU="0.1"
CONTEXT=[ETH0_IPV6="$NIC[IP6_GLOBAL]",ETH0_CONTEXT_FORCE_IPV4="yes",ETH0_GATEWAY6="$NETWORK[GATEWAY6,
NETWORK_ID=4]",NETWORK="YES",SSH_PUBLIC_KEY="ssh-rsa
B3NzaC1yc2EDAQABAAACAQC/I3q0n8U/4+YEnUFyqh6nU7pKjUYQEhcu9jGtmYa57lzf8h9ps23RgUXGjT7GJiTASscRIuv9wSfC/6pGdjk7FVFs4lSVyyVfxuq+hRZ/uGpqsbtJqTWzeqOnEIixiLyjSSHe4O9c8kcNj/HMwqQ9k/IlXIA/kH/a5yUkOE1eHZ3r4KIydnGwvccaxqjJTHqvmKMYJAjOt1oe349SgT8ME7L4602Y88T7akVWmvOlP5W4cyi3hFoClv6iOqdjCTxOZX+tIoxJyBDS8lwIbgbf+S7gJhZsBJs1bshmC8U2Jx4tLTCpvNWYc2yE7LjaZweO3Cvz10OJ30nmRbdnCFT+jm5NvraGghLkp3eIXoEXP+yY/QlHc6R0XckgDZDF+N9jS3QAMsq8kEb6Uiy7UUlXvnDiCksgG1elJrTMN5wdyQFb55y3l0G3GaGt7vF+6yBMOay5b6Gy2LhIizrE2GJpd04auAZc8aAhJPUXXpDAK3nIuwwS2Df23jAa+b7bNcCGUCjHGIc3FJmRRtpJHLhC7g1fLxarvcD+HPQvV5l8sEo3yTyY3cTz+vZRMeYvZE9UImM+U0mf27nYdU3aZk49nb+4EDO23HApUB6XpDef7ODa8+dPsuObi3N76WvYO5BqWJ1uDajwyMBfitvR/T3yArdTMsUemhyRxLt8Mv0Thw==
user1@MacBook-Air-de-User1.local\nssh-rsa
B3NzaC1yc2EBIwAAAQEAsVArSh0m8RuropQ7Cqq47aOMg8BEz8LiIsH9A7ffGvzcWKAFLVrVfKg83WdCjJKSMlAArOVzLOzTJy6fSBFhGE3ah8JdBhPFrPJOqXUW9ntYyNlL/rYxAqdhu6FySz4+r2804iw+hWWZgMU5cBIWenaDsJ0HUUPY8mAG+jW2WhB8DEIylvMdkUlAMDNpUM/qeq7ZewX0fxJNUDnxRppmWySaaJmzZGM+ExedEqheBFGxntnaUiJE2ZNo5NLGjBici8Rl7EbB5eapHys7TCErO3k93+7fo4SNbz82yESlSHz+oAzTxGUItl1TnTHJy5zGS9Lu6O89MECNq5BIkR/gqw==
nbelan@nln\nssh-rsa
B3NzaC1yc2EDAQABAAABAQDTK5paorACmeNgrEWKNx6mOLRW48LLoeFYKE7CoSXddK+hyY8Lc+k4/tMKgus/TwsxNJ+6hUGHc0mRufp4cIkJwkzBRWkhIsOXwkgC2olFeb8PvfuEhXL/255MP7fgy5SYYb6th97hPYZIdnm8FKVSf1tboh9aGB6zMeyPiPygyY4UNsLcmc6I5ch28wsOQ9KYmfkjWnDP4Hj5D17eabQrmCF9aR6qTM5w9N919dvceop52k95VBLjcSBEkVAUbQUuF8QvcLEU0vf11UgWnFXWEoOj1kTeSJJAE3e+r7xHXnDQQEXSYt+q18LEDXNt+m00YiQdfXJQ5MXpXEI/oX9J
user2@MacBook-Air-de-User2.local",HOSTNAME="ns1"]


As you can see, ETH0_CONTEXT_FORCE_IPV4="yes", is not present on VM ?
I tested on another VM, it is present ...
The difference between both is that the "HOSTNAME" field is not set when
working.
Perhaps a limitation on an array size ? I failed to find in code where
it could be located...

Best regards,
Nicolas
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Live migrate error, disk.0 does not exists at destination

2013-08-14 Thread Nicolas Bélan 
hum ...
I tried the next case; shutdown one HV ..

I shared DS 0 using HA NAS.
I got now:
Wed Aug 14 15:09:12 2013 [TM][D]: Message received: LOG I 77 Command
execution fail: /var/lib/one/remotes/tm/shared/context
/var/lib/one/vms/77/context.sh
hostB:/var/lib/one//datastores/0/77/disk.1 77 0

Wed Aug 14 15:09:12 2013 [TM][D]: Message received: LOG I 77 context:
Generating context block device at
hostB:/var/lib/one//datastores/0/77/disk.1

Wed Aug 14 15:09:12 2013 [TM][D]: Message received: LOG E 77 context:
Command "ln -s /var/lib/one/datastores/0/77/disk.1
/var/lib/one/datastores/0/77/disk.1.iso" failed: ln: creating symbolic
link `/var/lib/one/datastores/0/77/disk.1.iso': File exists

Wed Aug 14 15:09:12 2013 [TM][D]: Message received: LOG E 77 Error
creating ISO symbolic link

Wed Aug 14 15:09:12 2013 [TM][D]: Message received: LOG I 77 ExitCode: 1

Wed Aug 14 15:09:12 2013 [TM][D]: Message received: TRANSFER FAILURE 77
Error creating ISO symbolic link

Wed Aug 14 15:09:12 2013 [ReM][D]: Req:8048 UID:0 VirtualMachineAction
invoked, "delete-recreate", 77
Wed Aug 14 15:09:12 2013 [ReM][D]: Req:4592 UID:0 VirtualMachineAction
invoked, "delete", 77
Wed Aug 14 15:09:12 2013 [DiM][D]: Finalizing VM 77

This is logical, because disk.1.iso was created on hostA, then, retrying
to restart VM 77 to hostB encounters an error, because file already
exists ...

The log was generated because I activated the hook to restart VMs on
other HV ...
 
Then, my VMs was deleted ...

Best regards,
Nicolas

Le 14/08/13 14:46, Jaime Melis a écrit :
> Hi Nicolas,
>
> it's more or less explicitely stated by this section:
> http://opennebula.org/documentation:rel4.2:system_ds#host_configuration
>
> cheers,
> Jaime
>
>
> On Wed, Aug 14, 2013 at 7:54 AM, Nicolas Bélan
> mailto:nicolas.be...@gmail.com>> wrote:
>
> Hum, that's not very clear in the doc.
> I though that DS 0 was local to all ALL hypervisors ...
>
> Thank you
>
> Le 14/08/13 13:51, Jaime Melis a écrit :
>> Hi Nicolas,
>>
>> /var/lib/one/datastores/0 should be shared (using NFS for
>> example) across all the hosts.
>>
>> regards,
>> Jaime
>>
>>
>> On Mon, Aug 12, 2013 at 7:40 AM, Nicolas Bélan
>> mailto:nicolas.be...@gmail.com>> wrote:
>>
>> Hello the list,
>>
>> I am using OpenNebula 4.2 with a shared (qcow2) storage + kvm.
>> I am trying to livre migrate a vm from hostA to hostB.
>> It fails with the following message:
>>
>> Mon Aug 12 13:30:57 2013 [DiM][D]: Live-migrating VM 45
>> Mon Aug 12 13:30:57 2013 [ReM][D]: Req:656 UID:0
>> VirtualMachineMigrate result SUCCESS, 45
>> Mon Aug 12 13:30:57 2013 [ReM][D]: Req:5920 UID:0
>> VirtualMachineInfo invoked, 45
>> Mon Aug 12 13:30:57 2013 [ReM][D]: Req:5920 UID:0
>> VirtualMachineInfo result SUCCESS, "45..."
>> Mon Aug 12 13:30:57 2013 [VMM][D]: Message received: LOG I 45
>> Successfully execute transfer manager driver operation:
>> tm_premigrate.
>> Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45
>> ExitCode: 0
>> Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45
>> Successfully execute network driver operation: pre.
>> Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45
>> Command execution fail: /var/tmp/one/vmm/kvm/migrate 'one-45'
>> 'hostB' 'hostA' 45 hostB
>>
>> *Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG E
>> 45 migrate: Command "virsh --connect qemu:///system migrate
>> --live one-45 qemu+ssh://hostB/system" failed: error: cannot
>> open file '/var/lib/one//datastores/0/45/disk.0': Aucun
>> fichier ou dossier de ce type* (tra: No such file or directory)
>>
>> Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG E 45
>> Could not migrate one-45 to hostB
>> Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45
>> ExitCode: 1
>> Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45
>> Failed to execute virtualization driver operation: migrate.
>> Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: MIGRATE
>> FAILURE 45 Could not migrate one-45 to hostB
>>
>> As I understand, using a shared datastore, One create a
>> symlink to the real shared DS into the DS 0 (for system images).
>> But, It seems that on target hostB, th

[one-users] Error in contextualization script

2013-08-14 Thread Nicolas Bélan 
Hello,

I have found an error (opennebula 4.2.0 / CentOS 6.4) in
contextualisation rpm:

there is
IPV6=$(get_iface_var "IPV6")

this should be
IPV6=$(get_iface_var "IP6")

Regards,
Nicolas
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] extend virtual network range

2013-08-14 Thread Nicolas Bélan 
Hello

I have defined a RANGED virtual network, something like
10.0.0.6 to 10.0.0.63
I would like to extend to 10.0.0.2 to 10.0.0.100 (e.g.)
Unless destroy and redo the virtual network definition, how can I do that ?
I have some running vms using the vnet definition..

May I update the DB directly ? (bad, but if it is working )

Thanks
Nicolas.
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Add Volatile disk

2013-08-12 Thread Nicolas Bélan 
Hello,

mkfs.ntfs is provided by ntfs-3g package on most linux.
You should install it and retry I think
Or perhaps (not tested by myselft) use a raw disk and format it inside
your windows. I never installed windows on opennebula, I can not give
you more advice.

Best regards
Nicolas

Le 12/08/13 16:45, Michael Curran a écrit :
>
> I need to add a raw disk to be used with a windows VM -- and this is
> the error message I get in the logs for the VM
>
>  
>
> Mon Aug 12 07:09:53 2013 [VMM][E]: mkimage: Command "export
> PATH=/usr/sbin:/sbin:$PATH
> Mon Aug 12 07:09:53 2013 [VMM][I]: 
> Mon Aug 12 07:09:53 2013 [VMM][I]: if [ ! -d
> /vmfs/volumes/102/2/disk.2 ]; then
> Mon Aug 12 07:09:53 2013 [VMM][I]: mkdir -p /vmfs/volumes/102/2/disk.2
> Mon Aug 12 07:09:53 2013 [VMM][I]: fi
> Mon Aug 12 07:09:53 2013 [VMM][I]: 
> Mon Aug 12 07:09:53 2013 [VMM][I]: mkfs -t NTFS
> /vmfs/volumes/102/2/disk.2" failed: sh: mkfs: not found
> Mon Aug 12 07:09:53 2013 [VMM][E]: Could not create image
> /vmfs/volumes/102/2/disk.2
> Mon Aug 12 07:09:53 2013 [VMM][I]: ExitCode: 127
> Mon Aug 12 07:09:53 2013 [VMM][I]: Failed to execute transfer manager
> driver operation: tm_attach.
> Mon Aug 12 07:09:53 2013 [VMM][E]: Error attaching new VM Disk: Could
> not create image /vmfs/volumes/102/2/disk.2
>
>  
>
> This is trying to use mkfs to create a NTFS volume, when you cannot do
> anything with VMware except attach a raw disk, there are no mkfs tools
> that will build and attach it as a NTFS volume
>
>  
>
> When I look up how to add a disk via ESXi command-line this is what I
> find  which is a completely different command than shown
>
>  
>
> It says add a disk to VM 16 that is 10g in size as SCSI device 0:2
> using datastore1
>
>  
>
> vim-cmd vmsvc/device.diskadd 16 1 scsi0 2 datastore1
>
>  
>
> The unique thing is though, that I cannot run that as oneadmin,
> because it fails -- which means I cannot add a disk to the VM
>
>  
>
> # vim-cmd vmsvc/device.diskadd 20 15000 scsi 0 1 102
>
> Reconfigure failed
>
>  
>
> And if I try to add the disk via vSphere , it cannot really add it
> because the disk currently in use is technically SCSI0:0 , but vSphere
> is still expecting SCSI0:0 as the next disk.
>
>  
>
> Does this sound like a bug, if so I can create a bug report on this
> instead.
>
>  
>
> Michael Curran | connectsolutions | Lead Network Architect
>
> Phone 614.568.2285 | Mobile 614.403.6320 | www.connectsolutions.com
> 
>
>  
>
>
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] Live migrate error, disk.0 does not exists at destination

2013-08-12 Thread Nicolas Bélan 
Hello the list,

I am using OpenNebula 4.2 with a shared (qcow2) storage + kvm.
I am trying to livre migrate a vm from hostA to hostB.
It fails with the following message:

Mon Aug 12 13:30:57 2013 [DiM][D]: Live-migrating VM 45
Mon Aug 12 13:30:57 2013 [ReM][D]: Req:656 UID:0 VirtualMachineMigrate
result SUCCESS, 45
Mon Aug 12 13:30:57 2013 [ReM][D]: Req:5920 UID:0 VirtualMachineInfo
invoked, 45
Mon Aug 12 13:30:57 2013 [ReM][D]: Req:5920 UID:0 VirtualMachineInfo
result SUCCESS, "45..."
Mon Aug 12 13:30:57 2013 [VMM][D]: Message received: LOG I 45
Successfully execute transfer manager driver operation: tm_premigrate.
Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45 ExitCode: 0
Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45
Successfully execute network driver operation: pre.
Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45 Command
execution fail: /var/tmp/one/vmm/kvm/migrate 'one-45' 'hostB' 'hostA' 45
hostB

*Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG E 45 migrate:
Command "virsh --connect qemu:///system migrate --live one-45
qemu+ssh://hostB/system" failed: error: cannot open file
'/var/lib/one//datastores/0/45/disk.0': Aucun fichier ou dossier de ce
type* (tra: No such file or directory)

Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG E 45 Could not
migrate one-45 to hostB
Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45 ExitCode: 1
Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: LOG I 45 Failed to
execute virtualization driver operation: migrate.
Mon Aug 12 13:30:58 2013 [VMM][D]: Message received: MIGRATE FAILURE 45
Could not migrate one-45 to hostB

As I understand, using a shared datastore, One create a symlink to the
real shared DS into the DS 0 (for system images).
But, It seems that on target hostB, the symlink is not created before
migration
Am I missing something ?

Thank you

Best regards,
Nicolas.
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] acctd.conf web page 404 (4.2)

2013-08-05 Thread Nicolas Bélan 
Hello,

thanks. The link was found on
http://opennebula.org/documentation:rel4.2:cg page "Accounting & statistics"

Regards,
Nicolas

Le 05/08/13 12:52, Daniel Molina a écrit :
> Hi,
>
>
> On 5 August 2013 12:50, Nicolas Bélan  <mailto:nicolas.be...@gmail.com>> wrote:
>
> Hello,
>
> I was looking for information on opennebula.org
> <http://opennebula.org>, but this link:
> http://opennebula.org/documentation:rel4.2:acctd_conf
> does not exists
>
>
> acctd was integrated in the OpenNebula core a few releases ago. This
> is the new documentation:
> http://opennebula.org/documentation:rel4.2:accounting
>
> Cheers
>  
>
>
> Best regards,
> Nicolas
> ___
> Users mailing list
> Users@lists.opennebula.org <mailto:Users@lists.opennebula.org>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
>
> -- 
> Join us at OpenNebulaConf2013 <http://opennebulaconf.com/> in Berlin,
> 24-26 September, 2013
> --
> Daniel Molina
> Project Engineer
> OpenNebula - The Open Source Solution for Data Center Virtualization
> www.OpenNebula.org <http://www.OpenNebula.org> |
> dmol...@opennebula.org <mailto:dmol...@opennebula.org> | @OpenNebula

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] acctd.conf web page 404 (4.2)

2013-08-05 Thread Nicolas Bélan 
Hello,

I was looking for information on opennebula.org, but this link:
http://opennebula.org/documentation:rel4.2:acctd_conf
does not exists

Best regards,
Nicolas
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] MySQL Engine

2013-05-12 Thread Nicolas Bélan 
Hi,

I would prefer that the engin type is a parameter.
One would prefer myisam, other innodb, there are not only one solution.

My 5 cents.

Regards,
Nicolas

Le 11/05/13 00:07, Gandalf Corvotempesta a écrit :
> I've seen that mysql db creation doesn't specify the engine type.
> Could you please set InnoDB as default type? InnoDB is the default
> engine starting from MySQL 5.5 but it has many advantages over MyISAM
> and should be used also in version older than 5.5
>
> More over, with innodb will be possible to use XtraDB Cluster from Percona
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] OpenNebula 4.0 is out!

2013-05-08 Thread Nicolas Bélan 
\o/

That's a great and good news !
thank you all!


Le 08/05/2013 18:52, Jon a écrit :
>
> This is awesome!  Thanks for all the hard work!
>
> On May 8, 2013 10:35 AM, "Tino Vazquez"  > wrote:
>
> Dear Community,
>
> This is the official announcement of OpenNebula 4.0, codename Eagle,
> five years after our first public release. OpenNebula 4.0 is the
> result of the terrific feedback of the day-to-day operation of
> virtualized infrastructures by many of you, result of all your
> contributions, bug reports, patches, and translations, but one and
> foremost, OpenNebula 4.0 is the realization of a vision of simplicity,
> openness, code-correctness and a sysadmin-centric approach.
>
> OpenNebula 4.0 includes new features in most of its subsystems. We are
> showing for the first time a completely redesigned Sunstone, with a
> fresh and modern look and an updated workflow for most of the dialogs.
> The also new Sunstone Views functionality allows to customize the GUI
> for each type of user or group, so the interface implements a
> different provisioning model for each role. A whole new set of
> operations for VMs like system and disk snapshoting, capacity
> re-sizing, programmable VM actions and IPv6 among others. There are
> some new drivers also, like Ceph; as well as improvements for VMware,
> KVM and Xen. The scheduler has received some attention from the
> OpenNebula team to easily define more placement policies...and much
> more.
>
> As usual OpenNebula releases are named after a Nebula. The Eagle
> Nebula (catalogued as Messier 16 or M16, and as NGC 6611, and also
> known as the Star Queen Nebula) is a young open cluster of stars in
> the constellation Serpens, discovered by Jean-Philippe de Cheseaux in
> 1745-46. It is located about 7,000 light-years away from Earth.
>
> And last, but not least, we want to give a huge THANKS to our
> community, without whom OpenNebula wouldn't be anywhere as near as
> good as it is today.
>
> So, let's fly over the clouds riding the Eagle ;)
>
> LINKS
>   * Complete Release Notes:
> http://www.opennebula.org/software:rnotes:rn-rel4.0
>   * Download: http://downloads.opennebula.org/
>   * Documentation: http://opennebula.org/documentation:rel4.0
>   * Screencasts: http://opennebula.org/documentation:screencasts
>
> --
> Join us at OpenNebulaConf2013 in Berlin, 24-26 September, 2013
>
> --
> Constantino Vázquez Blanco, PhD, MSc
> Project Engineer | OpenNebula - The Open-Source Solution for Data
> Center Virtualization
> Join us at OpenNebulaConf2013 in Berlin from the 24th to the 26th of
> September 2013!
> www.OpenNebula.org  | @tinova79 |
> @OpenNebula
> ___
> Users mailing list
> Users@lists.opennebula.org 
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org



smime.p7s
Description: Signature cryptographique S/MIME
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] occi 4567/ui auth error

2013-04-10 Thread Nicolas Bélan 
good :)

i am so impatient !!

thank you :-)

Le 10 avr. 2013 à 11:35, Daniel Molina  a écrit :

> Hi Nicolas
> 
> 
> On 10 April 2013 01:48, Nicolas Bélan  wrote:
>> Hello,
>> 
>> I tried 3.9.80 this afternoon, from a working 3.8.3.
>> Work great, unless occi selfservice ...
>> It used to work with 3.8.3, but now, I am stuck on that:
>> 
>> [nicolas@Server-9 ~]$ wget -S -O- http://nebula-frontend:4567/ui
>> --2013-04-10 01:21:34--  http://nebula-frontend:4567/ui
>> Resolving nebula-frontend (nebula-frontend)... 172.16.253.28
>> Connecting to nebula-frontend (nebula-frontend)|172.16.253.28|:4567...
>> connected.
>> HTTP request sent, awaiting response...
>>   HTTP/1.1 401 Unauthorized
>>   Content-Type: application/xml;charset=utf-8
>>   Content-Length: 0
>>   Cache-Control: no-store
>>   Connection: keep-alive
>>   Server: thin 1.5.0 codename Knife
>> Authorization failed.
>> 
>> 
>> There nothing more.
>> Logs give:
>> ==> /var/log/one/occi-server.log <==
>> Wed Apr 10 01:39:54 2013 [E]: User not authorized
>> Wed Apr 10 01:39:54 2013 [I]: 172.16.253.6 - - [10/Apr/2013 01:39:54]
>> "GET /ui HTTP/1.1" 401 - 0.0066
>> 
>> sunstone work fine, and all my work on XMLRPC is still working after the
>> upgrade ... only occi self service is down ...
>> 
>> Do you have any hint on that ? I do not find more error message or
>> something like that :-(
> 
> Currently, we are working in a new Self Service using the Sunstone engine. 
> This new Self Service will be included in the upcoming v4.0 release and you 
> will be able to customize it to fit your requirements and even replicate the 
> old self service.
> 
> Cheers
> 
> 
> -- 
> Daniel Molina
> Project Engineer
> OpenNebula - The Open Source Solution for Data Center Virtualization
> www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] occi 4567/ui auth error

2013-04-09 Thread Nicolas Bélan 
Hello,

I tried 3.9.80 this afternoon, from a working 3.8.3.
Work great, unless occi selfservice ...
It used to work with 3.8.3, but now, I am stuck on that:

[nicolas@Server-9 ~]$ wget -S -O- http://nebula-frontend:4567/ui
--2013-04-10 01:21:34--  http://nebula-frontend:4567/ui
Resolving nebula-frontend (nebula-frontend)... 172.16.253.28
Connecting to nebula-frontend (nebula-frontend)|172.16.253.28|:4567...
connected.
HTTP request sent, awaiting response...
  HTTP/1.1 401 Unauthorized
  Content-Type: application/xml;charset=utf-8
  Content-Length: 0
  Cache-Control: no-store
  Connection: keep-alive
  Server: thin 1.5.0 codename Knife
Authorization failed.


There nothing more.
Logs give:
==> /var/log/one/occi-server.log <==
Wed Apr 10 01:39:54 2013 [E]: User not authorized
Wed Apr 10 01:39:54 2013 [I]: 172.16.253.6 - - [10/Apr/2013 01:39:54]
"GET /ui HTTP/1.1" 401 - 0.0066

sunstone work fine, and all my work on XMLRPC is still working after the
upgrade ... only occi self service is down ...

Do you have any hint on that ? I do not find more error message or
something like that :-(

Thank you for your time.
Best regards,
Nicolas




smime.p7s
Description: Signature cryptographique S/MIME
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] Failed to validate XML RPC answers

2013-03-31 Thread Nicolas Bélan 
Hello the list,

I am trying to validate the XML answers from RPC call (see joined
files), I got the following error:

$ xmllint --schema vmpool.xsd sample_vmpool.xml
sample_vmpool.xml:2: element VM_POOL: Schemas validity error : Element
'VM_POOL': No matching global declaration available for the validation root.
sample_vmpool.xml fails to validate


The XSD files are the one found in the documentation.

Where Am i wrong ? The VM_POOL node is present, and the xsd file is well
formed... I should not see something clear :'(

Best regards,
Nicolas

http://www.w3.org/2001/XMLSchema"; elementFormDefault="unqualified"
  targetNamespace="http://opennebula.org/XMLSchema"; xmlns="http://opennebula.org/XMLSchema";>
  

  







  

  
  
  
  
  
  
  
  
  

  


























  

  

  



















  

  

  

  

  

http://www.w3.org/2001/XMLSchema"; elementFormDefault="unqualified"
targetNamespace="http://opennebula.org/XMLSchema"; xmlns="http://opennebula.org/XMLSchema";>
  
  

  

  

  


	
		29
		3
		102
		john_doe
		customers_self_service
		jdoe2
		
			1
			1
			0
			0
			0
			0
			0
			0
			0
		
		1362873189
		4
		0
		0
		1362872971
		0
		one-29:/var/lib/one/datastores/0/29/deployment.0
		
		0
		0
		0
		0
		
			
			















			
			
			
			
			







			
			
			
		
		
			
29
0
node-1
4
1362873184
1362873654
vmm_vbox
dummy
shared
/var/lib/one/datastores
0
1362873184
1362873184
1362873184
1362873654
1362873654
1362873654
2
			
		
	


smime.p7s
Description: Signature cryptographique S/MIME
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] RPC API and PHP (auth pb)

2013-03-26 Thread Nicolas Bélan 
Hello,

nope, the code is base64_encoded.

I found it !!

You have an error in your code (well ... a default usage, not an error)
and I did not notice it quickly.

You do not set any Initialization Vector for the AES-256-CBC.
mcrypt and openssl implementation does not like that !
So, I tried to pass through, (and failed) and I find this lib:
http://phpseclib.sourceforge.net/
The implementation is good, and the result is fine. I can now call RPC
through serveradmin ...

I cut&paste for list users sample code:

http://pastebin.com/06Z52nXG

Have a nice day
Best regards
nicolas.


Le 26/03/2013 11:30, Carlos Martín Sánchez a écrit :
> Your second code looks better.
> In ruby the encrypted token is then encoded to Base64, is this step
> missing from your code?
>
> Regards
> --
> Carlos Martín, MSc
> Project Engineer
> OpenNebula - The Open-source Solution for Data Center Virtualization
> www.OpenNebula.org <http://www.OpenNebula.org> |
> cmar...@opennebula.org <mailto:cmar...@opennebula.org> | @OpenNebula
> <http://twitter.com/opennebula>
>
>
> On Tue, Mar 26, 2013 at 1:31 AM, Nicolas Bélan
> mailto:nicolas.be...@gmail.com>> wrote:
>
> Hi,
>
> Well, the encrypted field is not clear for me.
>
> I tried:
> function test_request_1() {
> // build userAuth
> $userAuth =$this->oca_username . ":" .
> $this->user_email . ":" . sha1($this->oca_password);
> $request = xmlrpc_encode_request("one.vmpool.info
> <http://one.vmpool.info>", array($userAuth, -2, -1, -1 , -1));
> $content = stream_context_create(array(
> "http" => array("method" => "POST",
> "header" => "Content-Type: text/xml",
> "content" => $request
> )
> ));
> $file = file_get_contents($this->oca_base_url, false,
> $content);
> $response = xmlrpc_decode($file);
> }
>
> But, I got:
> Tue Mar 26 01:24:31 2013 [AuM][E]: Auth Error: wrong final block
> length
> Tue Mar 26 01:24:31 2013 [ReM][E]: Req:7056 UID:-
> VirtualMachinePoolInfo result FAILURE [VirtualMachinePoolInfo]
> User couldn't be authenticated, aborting call.
>
> oca_username is "serveradmin", and "oca_password" is the password
> of serveradmin.
> user_email is the login  id of the client.
>
> The think that I can not understand is the following:
> I captured the third field:
> PWyaJz96iwdYldYoPHXWZYle/HkPus+rFpkJhLRSf8wRMWGr+/NRXA7Qf8YPiwU3
> it is 64 chars long.
>
> a sha1(str) is 40 bytes long.
>
> So, how ruby can make a 40+24 sha1() password ?
>
>
> I tested also using:
> function test_aes_4() {
> // let's do it with openssl
> // like Ruby, we generate a 40 bytes key, but only 32
> bytes for aes-256-CBC
> $key = substr(sha1($this->oca_password), 0,
> $this->mcrypt_keysize);
> $this->assertEquals($this->mcrypt_keysize, strlen($key));
> // let's make data with an iv
> $iv = mcrypt_create_iv($this->mcrypt_ivsize);
> $data = $this->oca_username . ":" . $this->user_email .
> ":" . time()+3600;
> $encrypted_data64 = openssl_encrypt($data, "aes-256-cbc",
> $key, false, $iv);
> $this->assertEquals(64, strlen($encrypted_data64));
> }
>
> It failed with:
> 2) CloudTest::test_aes_4
> Failed asserting that 24 matches expected 64.
>
> -- sure, the ! "reply all" was an error, sorry
>
> Best regards,
> Nicolas
>
> Le 25/03/2013 17:25, Carlos Martín Sánchez a écrit :
>> Hi,
>>
>> On Mon, Mar 25, 2013 at 2:48 PM, Nicolas Bélan
>> mailto:nicolas.be...@gmail.com>> wrote:
>>
>> Hello,
>>
>> the problem is that password is in a LDAP tree, and I do not
>> get clear user password from the user (got it in SHA1)
>> through web connection.
>>
>> I only map ldap[uidnumber] to get various other informations
>> (DNS owner, SMTP accounting, Support requests and so on).
>> I would like to keep avoiding getting clear text password to
>> access OpenNebula Interface.
>> If it is not possible, I may get access directly to SQL
>> Database, but this not what I would like to do fi

Re: [one-users] RPC API and PHP (auth pb)

2013-03-25 Thread Nicolas Bélan 
Hi,

Well, the encrypted field is not clear for me.

I tried:
function test_request_1() {
// build userAuth
$userAuth =$this->oca_username . ":" . $this->user_email .
":" . sha1($this->oca_password);
$request = xmlrpc_encode_request("one.vmpool.info",
array($userAuth, -2, -1, -1 , -1));
$content = stream_context_create(array(
"http" => array("method" => "POST",
"header" => "Content-Type: text/xml",
"content" => $request
)
));
$file = file_get_contents($this->oca_base_url, false, $content);
$response = xmlrpc_decode($file);
}

But, I got:
Tue Mar 26 01:24:31 2013 [AuM][E]: Auth Error: wrong final block length
Tue Mar 26 01:24:31 2013 [ReM][E]: Req:7056 UID:- VirtualMachinePoolInfo
result FAILURE [VirtualMachinePoolInfo] User couldn't be authenticated,
aborting call.

oca_username is "serveradmin", and "oca_password" is the password of
serveradmin.
user_email is the login  id of the client.

The think that I can not understand is the following:
I captured the third field:
PWyaJz96iwdYldYoPHXWZYle/HkPus+rFpkJhLRSf8wRMWGr+/NRXA7Qf8YPiwU3
it is 64 chars long.

a sha1(str) is 40 bytes long.

So, how ruby can make a 40+24 sha1() password ?


I tested also using:
function test_aes_4() {
// let's do it with openssl
// like Ruby, we generate a 40 bytes key, but only 32 bytes for
aes-256-CBC
$key = substr(sha1($this->oca_password), 0, $this->mcrypt_keysize);
$this->assertEquals($this->mcrypt_keysize, strlen($key));
// let's make data with an iv
$iv = mcrypt_create_iv($this->mcrypt_ivsize);
$data = $this->oca_username . ":" . $this->user_email . ":" .
time()+3600;
$encrypted_data64 = openssl_encrypt($data, "aes-256-cbc", $key,
false, $iv);
$this->assertEquals(64, strlen($encrypted_data64));
}

It failed with:
2) CloudTest::test_aes_4
Failed asserting that 24 matches expected 64.

-- sure, the ! "reply all" was an error, sorry

Best regards,
Nicolas

Le 25/03/2013 17:25, Carlos Martín Sánchez a écrit :
> Hi,
>
> On Mon, Mar 25, 2013 at 2:48 PM, Nicolas Bélan
> mailto:nicolas.be...@gmail.com>> wrote:
>
> Hello,
>
> the problem is that password is in a LDAP tree, and I do not get
> clear user password from the user (got it in SHA1) through web
> connection.
>
> I only map ldap[uidnumber] to get various other informations (DNS
> owner, SMTP accounting, Support requests and so on).
> I would like to keep avoiding getting clear text password to
> access OpenNebula Interface.
> If it is not possible, I may get access directly to SQL Database,
> but this not what I would like to do first ...
>
>
> In that case serveradmin is the right approach.
>
> I see in your first email that you already found login_token in
> server_cipher_auth.rb. Maybe you were not using the same encryption
> algorithm, aes-256-cbc?
>
> Regards
>
> PS: Please reply to the list, more people may find it useful...
> --
> Carlos Martín, MSc
> Project Engineer
> OpenNebula - The Open-source Solution for Data Center Virtualization
> www.OpenNebula.org
> <http://www.opennebula.org/> | cmar...@opennebula.org
> <mailto:cmar...@opennebula.org> | @OpenNebula
> <http://twitter.com/opennebula>
>
>  
>
> Regards,
> nicolas.
>
> Le 25/03/2013 11:29, Carlos Martín Sánchez a écrit :
>> Hi,
>>
>> The serveradmin users allows more secure communications, and
>> advanced authentication scenarios, like browser certificates [1].
>> But if you are building a simple user interface, you might want
>> to keep things simple and use the 'username:password' session
>> token for your xmlrpc requests.
>>
>> Regards
>>
>> [1] http://opennebula.org/documentation:rel3.8:sunstone#x509_auth
>> --
>> Carlos Martín, MSc
>> Project Engineer
>> OpenNebula - The Open-source Solution for Data Center Virtualization
>> www.OpenNebula.org <http://www.OpenNebula.org> |
>> cmar...@opennebula.org <mailto:cmar...@opennebula.org> |
>> @OpenNebula <http://twitter.com/opennebula>
>>
>>
>> On Fri, Mar 22, 2013 at 5:46 PM, Nicolas Bélan
>> mailto:nicolas.be...@gmail.com>> wrote:
>>
>> Hello,
>>
>> well, i would like to display to user their vm, networks,
>> images and so on, acco

Re: [one-users] RPC API and PHP (auth pb)

2013-03-22 Thread Nicolas Bélan 
Hello,

well, i would like to display to user their vm, networks, images and so on, 
according to the role and access of each user. 
so i am trying to use as much as possible openNebula rbac and rpc to retrieve 
only right informations. 
the step after is to deploy vm as user, not as oneadmin or serveradmin, but 
directly as "user" 

the service i am building is a very simplified user interface. the step after 
for the user is to have access to self service, but to begin, i would like to 
hide some concepts to make easier cloud access. 

best regards,
nicolas
Le 22 mars 2013 à 17:25, Tino Vazquez  a écrit :

> Hi Nicolas,
> 
> serveradmin is used by Sunstone and related interface services. Did
> you try it out with other users (ie, oneadmin)?
> 
> Depending on what type of service you are building, you may be
> interested indeed in serveradmin. Could you elaborate a bit more on
> that?
> 
> Regards
> --
> Constantino Vázquez Blanco, PhD, MSc
> Project Engineer
> OpenNebula - The Open-Source Solution for Data Center Virtualization
> www.OpenNebula.org | @tinova79 | @OpenNebula
> 
> 
> On Fri, Mar 22, 2013 at 4:16 PM, Nicolas Bélan  
> wrote:
>> Hello the list,
>> 
>> I am trying (unsuccessfully) to call RPM methods.
>> 
>> The problem is that I can not make my user authenticated by code (while
>> it is ok with http://localhost:4567/ui)
>> I am using version 3.8.3.
>> 
>> I am trying to user serveradmin:: with it does not work
>> as written in the documentation.
>> Deeply investigating, I found, in
>> /usr/lib/one/ruby/server_cipher_auth.rb that the third part is a token,
>> but i am not ruby compliant
>> It seems, If i understand, that:
>> a string is built with: "serveradmin:username:time()+expire"
>> the serveradmin password is used to create a key.
>> This key is then used to cipher (salted ?) the previous string.
>> The result is then appended like that:
>> "serveradmin:username:cipher(key,serveradmin:username:time()+expire)"
>> and sent as the first parameter of the rpc call.
>> Am i completely wrong ?
>> For example:
>> serveradmin:user_example:PWyaJz96iwdYldYoPHXWZYkBMbuvKIEXiTVb0WuAHURYuQ2Dzmhnzjm0JDNCMchB
>> 
>> Using perl, I failed to authenticate user 
>> using tcpdump, it seems that the third part is quite constant during a
>> certain laps of time ...
>> So, I may be wrong with my time() expire part 
>> Can you help me writing this part of code ? Perl or PHP are welcome ;)
>> 
>> Thank you for you help
>> 
>> Best regards,
>> Nicolas.
>> 
>> 
>> 
>> 
>> 
>> 
>> ___
>> Users mailing list
>> Users@lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>> 
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] RPC API and PHP (auth pb)

2013-03-22 Thread Nicolas Bélan 
Hello the list,

I am trying (unsuccessfully) to call RPM methods.

The problem is that I can not make my user authenticated by code (while
it is ok with http://localhost:4567/ui)
I am using version 3.8.3.

I am trying to user serveradmin:: with it does not work
as written in the documentation.
Deeply investigating, I found, in
/usr/lib/one/ruby/server_cipher_auth.rb that the third part is a token,
but i am not ruby compliant
It seems, If i understand, that:
a string is built with: "serveradmin:username:time()+expire"
the serveradmin password is used to create a key.
This key is then used to cipher (salted ?) the previous string.
The result is then appended like that:
"serveradmin:username:cipher(key,serveradmin:username:time()+expire)"
and sent as the first parameter of the rpc call.
Am i completely wrong ?
For example:
serveradmin:user_example:PWyaJz96iwdYldYoPHXWZYkBMbuvKIEXiTVb0WuAHURYuQ2Dzmhnzjm0JDNCMchB

Using perl, I failed to authenticate user 
using tcpdump, it seems that the third part is quite constant during a
certain laps of time ...
So, I may be wrong with my time() expire part 
Can you help me writing this part of code ? Perl or PHP are welcome ;)

Thank you for you help

Best regards,
Nicolas.







smime.p7s
Description: Signature cryptographique S/MIME
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] question about ACL with one.image.clone

2013-03-08 Thread Nicolas Bélan 
Hello everyone,

I am testing OpenNebula Self-Service (v3.8.3 + debian), and acl rules.

I have a little problem using ACLs...

According to documentation
http://opennebula.org/documentation:rel3.8:api#oneimage :
clone   one.image.clone

IMAGE:CREATE
IMAGE:USE


I set my ACL to the following value:

oneadmin@nebula-frontend:~$ oneacl list
   ID USER RES_VHNIUTGDCO   RID OPE_UMAC
0   @1 V-NI-T * ---c
1   @1 -H * -m--
2* -O * ---c
   48 @102 ---I--  @102 u--c
   50 @102 --N--T  @102 u---

Using a UserID with groupIP 102, I am trying to clone an image through
http://nebula-frontend:4567/ui (button Clone)
.
I got the following message:
[ImageClone] User [3] : Not authorized to perform CREATE IMAGE.

Where am i wrong ?

The original image is UID = 0 but GID = 102.

Thank you for your help :)

Best regards,
Nicolas.



smime.p7s
Description: Signature cryptographique S/MIME
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org