[ovirt-users] Maximum storage per VM?

[Dmitri Chebotarov]

Hello

I'm trying to find any info on how much storage I can attach to a VM.

Is there a recommended/maximum for number of disks and maximum disk size? 

I'm using GlusterFS as backend storage for the cluster.

The VM uses LVM (/w striped volumes) to manage attached disks.

Thank you,
--
Dmitri Chebotarov.
George Mason University,
4400 University Drive,
Fairfax, VA, 22030
GPG Public key# 5E19F14D: [https://goo.gl/SlE8tj]

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] VM remote noVNC console

[Alex K]

Thank you Alan.
I will try this. I guess if i define localhost as the spice proxy at each
host i will not need to edit the vv file.

Is there a way to change the default 2min expiration to sth greater? Lets
say 5min, as mostly i use high latency satellite connections.

On Oct 6, 2017 1:20 PM, "Alan Griffiths"  wrote:

> I have this working through an SSH tunnel, although it adds some extra
> steps.
>
> 1. Figure out which port your VM console is bound to (5900 + offset).
> 2. SSH to the hypervisor tunneling a local port to that remote console
> port.
> 3. Click on the console link in the Engine and locally save the vv file.
> 4. Edit the vv file; change host to localhost and port to whichever
> port you configured for the local side of the tunnel.
> 5. Save and run the vv file with your SPICE client.
>
> You have two minutes to connect from downloading the vv file before
> the password expires.
>
> On 5 October 2017 at 22:58, Alex K  wrote:
> > Any idea how this can be addressed?
> >
> >
> > On Sep 19, 2017 23:07, "Alex K"  wrote:
> >
> > Hi all,
> >
> > I am trying to get the VM console of a VM through SSH socks proxy.
> > This is a scenario I will frequently face, as the ovirt cluster will be
> > available only though a remote SSH tunnel.
> >
> > I am trying several console options without success.
> >
> > With SPICE or VNC I get issue with virt-viewer saying "Unable to connect
> to
> > libvirt with URI [none]'
> >
> > With noVNC I get a separate tab on browser where it is stuck showing
> > "loading".
> >
> > Has anyone success with this kind of remote console access?
> >
> > Thanx,
> > Alex
> >
> >
> >
> > ___
> > Users mailing list
> > Users@ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Debugging warning messages about bonding mode 4

[Darrell Budic]

That looks like the normal state for a LACP bond, but it does record some churn 
(bond renegotiations, I believe). So it probably bounced once or twice coming 
up. Maybe a slow switch, maybe a switch relying on dynamic bonding instead of 
static bonds, and taking longer to establish. 

For the ones with a down link, and this one too, you could ask the network guys 
if they statically configured the bond, or if they could, might make it quicker 
to bring it up.

I don’t think anything updates when the host is in maintenance, you could take 
it out and see what happens :) The bond is lower level though, should come up 
if it’s configured properly, and you should be able to see that on the host.

  -Darrell

a bond on one of mine:

# cat /proc/net/bonding/bond0 
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2 (0)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: slow
Min links: 0
Aggregator selection policy (ad_select): stable
System priority: 65535
System MAC address: 00:0f:53:08:4b:ac
Active Aggregator Info:
Aggregator ID: 1
Number of ports: 2
Actor Key: 13
Partner Key: 14
Partner Mac Address: 64:64:9b:5e:9b:00

Slave Interface: p1p1
MII Status: up
Speed: 1 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0f:53:08:4b:ac
Slave queue ID: 0
Aggregator ID: 1
Actor Churn State: none
Partner Churn State: none
Actor Churned Count: 0
Partner Churned Count: 0
details actor lacp pdu:
system priority: 65535
system mac address: 00:0f:53:08:4b:ac
port key: 13
port priority: 255
port number: 1
port state: 61
details partner lacp pdu:
system priority: 127
system mac address: 64:64:9b:5e:9b:00
oper key: 14
port priority: 127
port number: 8
port state: 63

Slave Interface: p1p2
MII Status: up
Speed: 1 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0f:53:08:4b:ad
Slave queue ID: 0
Aggregator ID: 1
Actor Churn State: none
Partner Churn State: none
Actor Churned Count: 0
Partner Churned Count: 0
details actor lacp pdu:
system priority: 65535
system mac address: 00:0f:53:08:4b:ac
port key: 13
port priority: 255
port number: 2
port state: 61
details partner lacp pdu:
system priority: 127
system mac address: 64:64:9b:5e:9b:00
oper key: 14
port priority: 127
port number: 7
port state: 63


> From: Gianluca Cecchi 
> Subject: [ovirt-users] Debugging warning messages about bonding mode 4
> Date: October 6, 2017 at 6:28:16 AM CDT
> To: users
> 
> Hello,
> on a 2 nodes cluster in 4.1.6 I have this situation.
> Every node has 3 bonds, each one composed by 2 network adapters and each one 
> of type mode=4
> (actually in setup networks I have configured custom and then the value: 
> "mode=4 miimon=100"
> )
> 
> At this moment only one of the servers has access to FC storage, while the 
> other is currently on maintenance.
> 
> On 2 of the 3 bonds of the active server I get an exclamation point in 
> "Network Interfaces" subtab with this mouseover popup
> 
> Bond is in link aggregation mode (mode 4), but no partner mac has been 
> reported for it
> 
> What is the exact meaning of this message? Do I have to care about (I think 
> so..)?
> What should I report to network guys?
> Eg, one of these two warning bonds status is:
> 
> # cat /proc/net/bonding/bond2
> Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
> 
> Bonding Mode: IEEE 802.3ad Dynamic link aggregation
> Transmit Hash Policy: layer2 (0)
> MII Status: up
> MII Polling Interval (ms): 100
> Up Delay (ms): 0
> Down Delay (ms): 0
> 
> 802.3ad info
> LACP rate: slow
> Min links: 0
> Aggregator selection policy (ad_select): stable
> System priority: 65535
> System MAC address: 48:df:37:0c:7f:5a
> Active Aggregator Info:
> Aggregator ID: 5
> Number of ports: 2
> Actor Key: 9
> Partner Key: 6
> Partner Mac Address: b8:38:61:9c:75:80
> 
> Slave Interface: ens2f2
> MII Status: up
> Speed: 1000 Mbps
> Duplex: full
> Link Failure Count: 2
> Permanent HW addr: 48:df:37:0c:7f:5a
> Slave queue ID: 0
> Aggregator ID: 5
> Actor Churn State: none
> Partner Churn State: none
> Actor Churned Count: 2
> Partner Churned Count: 3
> details actor lacp pdu:
> system priority: 65535
> system mac address: 48:df:37:0c:7f:5a
> port key: 9
> port priority: 255
> port number: 1
> port state: 61
> details partner lacp pdu:
> system priority: 32768
> system mac address: b8:38:61:9c:75:80
> oper key: 6
> port priority: 32768
> port number: 293
> port state: 61
> 
> Slave Interface: ens2f3
> MII Status: up
> Speed: 1000 Mbps
> Duplex: full
> Link Failure Count: 2
> Permanent HW addr: 48:df:37:0c:7f:5b
> Slave queue ID: 0
> Aggregator ID: 5
> Actor Churn State: none
> Partner 

Re: [ovirt-users] Unable to grant permissions to AD users

[Martin Perina]

On Thu, Oct 5, 2017 at 10:13 PM, Michael Watters 
wrote:

> I actually reran the ovirt-engine-extension-aaa-ldap-setup tool and was
> able to login and complete a search successfully but doing the same
> thing in the engine UI fails.
>
> Here's the configuration from the .properties file.
>
> include = 
>
> vars.domain = example.com
> vars.user = ldapu...@example.com
> vars.password = password
>
> pool.default.auth.simple.bindDN = ${global:vars.user}
> pool.default.auth.simple.password = ${global:vars.password}
> pool.default.serverset.type = srvrecord
> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> pool.default.ssl.startTLS = true
>
> engine logs show this error.  Is this a bug?  I don't remember entering
> a trailing space anywhere during setup.
>

​Hmm, could you please try execute following commands with the same
username as you have used to login to webui?

  ovirt-engine-extensions-tool aaa login-user --log-level=FINEST
--profile= --user-name=

  ovirt-engine-extensions-tool aaa search --log-level=FINEST
--extension-name= --entity-name=

Thanks
​


>
> 2017-10-05 14:17:38,156-04 ERROR
> [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-354) []
> OAuthException server_error: java.text.ParseException: Invalid character
> ' ' encountered.
> 2017-10-05 14:20:03,229-04 ERROR
> [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-38) []
> OAuthException server_error: java.text.ParseException: Invalid character
> ' ' encountered.
> 2017-10-05 14:22:24,691-04 ERROR
> [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default
> task-185) [] The user usern...@example.com@example.com is not authorized
> to perform login
>
>
>
> On 10/05/2017 03:29 PM, Martin Perina wrote:
> > Hi,
> >
> > it seems that you have an error in your aaa-ldap configuration. Could you
> > please share your engine.log and your aaa-ldap configuration?
> >
> > Thanks
> >
> > Martin Perina
> >
> >
> > On Thu, Oct 5, 2017 at 9:08 PM, Michael Watters 
> wrote:
> >
> >> I'm having some issues granting permissions to AD users in ovirt-engine
> >> 4.1.  Users can log in but receive an error as below.
> >> The user u...@example.com@example.com is not authorized to perform
> login
> >>
> >> I am also not able to grant this user any permissions through the admin
> >> console.  Entering a user name in the search field for the System
> >> Permissions section results in a blank list.  Attached is a screenshot
> for
> >> reference.
> >>
> >> Does anybody have an idea on what would cause this?  The log files
> aren't
> >> very useful and don't show any errors.
> >>
> >> ___
> >> Users mailing list
> >> Users@ovirt.org
> >> http://lists.ovirt.org/mailman/listinfo/users
> >>
> >>
>
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] How to change network card configuration under bridge on host?

[Derek Atkins]

Hi,

I've got a single host running CentOS 7.3 + Ovirt 4.0.6 with hosted
engine.  I'm having network issues (see previous email thread) and the
next thing I'm going to try is to add a new network card and use that
instead of the onboard ethernet on the mobo.  However it looks like
/etc/sysconfig/network-scripts/ifcfg-* get replaced every time the host
restarts.

Right now it's configured with:

  eno1, eno2 -> bond0 -> ovirtmgmt

I accomplished this by setting up the bond by hand on the host before I
installed the hosted engine, but then ovirt "took control" of the
configuration.  I want to change this to replace eno1 and eno2 with the
two new devices when I add the new card tomorrow.  What's the best way
to do this?

I suppose I can just add the new devices as bond0 slaves pretty easily
by creating new ifcfg-xxx files for the new devices (I'm assuming they
will be eno3 and eno4) that looks similar to the eno1 and eno2 files.
However I'd like to also remove eno1 and eno2 from bond0.  Yet I suspect
if I change ifcfg-eno1 and ifcfg-eno2 by hand, they will just get
replaced at the next reboot by ovirt.

How do I convince ovirt to stop overwriting those files?  Or how do I
tell ovirt about the new configuration?

Thanks,

-derek
-- 
   Derek Atkins 617-623-3745
   de...@ihtfp.com www.ihtfp.com
   Computer and Internet Security Consultant
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Info on manual operations after removing FC storage domain

[Gianluca Cecchi]

Hello,
I'm relocating some disks from some storage domains to other ones.
At the end I'm going to remove source storage domains.
All the SD involved are FC and the hosts are CentOS 7.4
I see that after removing an SD from oVirt, the multipath part on host
remains.
What is the correct sequence of operations to do at hosts' side after
completing the Webadmin Gui part?

Some questions:
- do the remove SD from gui imply vgchange -an of the VG and vgremove of
the vg?
Or are they delegated to post actions?

- do it imply the pvremove on the LUN?

After clearing what above I would imagine remaining steps would be, based
on my previous similar experience with iSCSI removal on physical servers:

- take note of the paths sdY, ... of mpathX

- remove the multipath device with
multipath -f mpathX

- flush the single paths devices
blockdev --flushbufs sdY for every path of the previous taken note ones

- remove single path devices
echo 1 > /sys/block/sdY/device/delete

- remove LUN from storage array
when previous steps done on all the hypervisors

Any comment?
Any further step at vdsm level files..?

Thanks in advance,
Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Debugging warning messages about bonding mode 4

[Gianluca Cecchi]

Hello,
on a 2 nodes cluster in 4.1.6 I have this situation.
Every node has 3 bonds, each one composed by 2 network adapters and each
one of type mode=4
(actually in setup networks I have configured custom and then the value:
"mode=4 miimon=100"
)

At this moment only one of the servers has access to FC storage, while the
other is currently on maintenance.

On 2 of the 3 bonds of the active server I get an exclamation point in
"Network Interfaces" subtab with this mouseover popup

Bond is in link aggregation mode (mode 4), but no partner mac has been
reported for it

What is the exact meaning of this message? Do I have to care about (I think
so..)?
What should I report to network guys?
Eg, one of these two warning bonds status is:

# cat /proc/net/bonding/bond2
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2 (0)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: slow
Min links: 0
Aggregator selection policy (ad_select): stable
System priority: 65535
System MAC address: 48:df:37:0c:7f:5a
Active Aggregator Info:
Aggregator ID: 5
Number of ports: 2
Actor Key: 9
Partner Key: 6
Partner Mac Address: b8:38:61:9c:75:80

Slave Interface: ens2f2
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 2
Permanent HW addr: 48:df:37:0c:7f:5a
Slave queue ID: 0
Aggregator ID: 5
Actor Churn State: none
Partner Churn State: none
Actor Churned Count: 2
Partner Churned Count: 3
details actor lacp pdu:
system priority: 65535
system mac address: 48:df:37:0c:7f:5a
port key: 9
port priority: 255
port number: 1
port state: 61
details partner lacp pdu:
system priority: 32768
system mac address: b8:38:61:9c:75:80
oper key: 6
port priority: 32768
port number: 293
port state: 61

Slave Interface: ens2f3
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 2
Permanent HW addr: 48:df:37:0c:7f:5b
Slave queue ID: 0
Aggregator ID: 5
Actor Churn State: none
Partner Churn State: none
Actor Churned Count: 0
Partner Churned Count: 3
details actor lacp pdu:
system priority: 65535
system mac address: 48:df:37:0c:7f:5a
port key: 9
port priority: 255
port number: 2
port state: 61
details partner lacp pdu:
system priority: 32768
system mac address: b8:38:61:9c:75:80
oper key: 6
port priority: 32768
port number: 549
port state: 61

Also, the other node (that is currently in maintenance) shows one of the 2
interfaces of bond2 (ens2f2) as down (red arrow) but on the host

# ip link show ens2f2
6: ens2f2:  mtu 1500 qdisc mq master
bond2 state UP mode DEFAULT qlen 1000
link/ether 48:df:37:0c:85:4e brd ff:ff:ff:ff:ff:ff
#

Does this depend on the host being in maintenance?
Perhaps when a host is in maintenance, the warnings on it are not
checked/updated again from engine?

Thanks in advance,
Gianluca
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] VM remote noVNC console

[Robert O'Kane]

I open the Ovirt WEB User page (over the ssh tunnel)  and open the "console". I 
have a spice/vnc client
on my local computer.

Actually, with the native windows Spice client you do not need the X-Windows.
I do not need to go to the hypervisor(s) directly as they are on the same net 
as the Hosted server



On 10/06/2017 12:20 PM, Alan Griffiths wrote:

I have this working through an SSH tunnel, although it adds some extra steps.

1. Figure out which port your VM console is bound to (5900 + offset).
2. SSH to the hypervisor tunneling a local port to that remote console port.
3. Click on the console link in the Engine and locally save the vv file.
4. Edit the vv file; change host to localhost and port to whichever
port you configured for the local side of the tunnel.
5. Save and run the vv file with your SPICE client.

You have two minutes to connect from downloading the vv file before
the password expires.

On 5 October 2017 at 22:58, Alex K  wrote:

Any idea how this can be addressed?


On Sep 19, 2017 23:07, "Alex K"  wrote:

Hi all,

I am trying to get the VM console of a VM through SSH socks proxy.
This is a scenario I will frequently face, as the ovirt cluster will be
available only though a remote SSH tunnel.

I am trying several console options without success.

With SPICE or VNC I get issue with virt-viewer saying "Unable to connect to
libvirt with URI [none]'

With noVNC I get a separate tab on browser where it is stuck showing
"loading".

Has anyone success with this kind of remote console access?

Thanx,
Alex



___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



--
Robert O'Kane
Systems Administrator
Kunsthochschule für Medien Köln
Peter-Welter-Platz 2
50676 Köln

fon: +49(221)20189-223
fax: +49(221)20189-49223
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] VM remote noVNC console

[Alan Griffiths]

I have this working through an SSH tunnel, although it adds some extra steps.

1. Figure out which port your VM console is bound to (5900 + offset).
2. SSH to the hypervisor tunneling a local port to that remote console port.
3. Click on the console link in the Engine and locally save the vv file.
4. Edit the vv file; change host to localhost and port to whichever
port you configured for the local side of the tunnel.
5. Save and run the vv file with your SPICE client.

You have two minutes to connect from downloading the vv file before
the password expires.

On 5 October 2017 at 22:58, Alex K  wrote:
> Any idea how this can be addressed?
>
>
> On Sep 19, 2017 23:07, "Alex K"  wrote:
>
> Hi all,
>
> I am trying to get the VM console of a VM through SSH socks proxy.
> This is a scenario I will frequently face, as the ovirt cluster will be
> available only though a remote SSH tunnel.
>
> I am trying several console options without success.
>
> With SPICE or VNC I get issue with virt-viewer saying "Unable to connect to
> libvirt with URI [none]'
>
> With noVNC I get a separate tab on browser where it is stuck showing
> "loading".
>
> Has anyone success with this kind of remote console access?
>
> Thanx,
> Alex
>
>
>
> ___
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] VM remote noVNC console

[Robert O'Kane]

Hello,

I run a local X-Windows server on my client and ssh to the remote host with the 
-Y option. This forwards all remote
X windows commands to the local X-Window server. I can then get my remote 
windows to run locally.

Good Luck,

Robert O'Kane


On 10/05/2017 11:58 PM, Alex K wrote:

Any idea how this can be addressed?


On Sep 19, 2017 23:07, "Alex K" > wrote:

Hi all,

I am trying to get the VM console of a VM through SSH socks proxy.
This is a scenario I will frequently face, as the ovirt cluster will be 
available only though a remote SSH tunnel.

I am trying several console options without success.

With SPICE or VNC I get issue with virt-viewer saying "Unable to connect to 
libvirt with URI [none]'

With noVNC I get a separate tab on browser where it is stuck showing 
"loading".

Has anyone success with this kind of remote console access?

Thanx,
Alex



--
Robert O'Kane
Systems Administrator
Kunsthochschule für Medien Köln
Peter-Welter-Platz 2
50676 Köln

fon: +49(221)20189-223
fax: +49(221)20189-49223
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users