[ovirt-users] Maximum storage per VM?
Hello I'm trying to find any info on how much storage I can attach to a VM. Is there a recommended/maximum for number of disks and maximum disk size? I'm using GlusterFS as backend storage for the cluster. The VM uses LVM (/w striped volumes) to manage attached disks. Thank you, -- Dmitri Chebotarov. George Mason University, 4400 University Drive, Fairfax, VA, 22030 GPG Public key# 5E19F14D: [https://goo.gl/SlE8tj] ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] VM remote noVNC console
Thank you Alan. I will try this. I guess if i define localhost as the spice proxy at each host i will not need to edit the vv file. Is there a way to change the default 2min expiration to sth greater? Lets say 5min, as mostly i use high latency satellite connections. On Oct 6, 2017 1:20 PM, "Alan Griffiths"wrote: > I have this working through an SSH tunnel, although it adds some extra > steps. > > 1. Figure out which port your VM console is bound to (5900 + offset). > 2. SSH to the hypervisor tunneling a local port to that remote console > port. > 3. Click on the console link in the Engine and locally save the vv file. > 4. Edit the vv file; change host to localhost and port to whichever > port you configured for the local side of the tunnel. > 5. Save and run the vv file with your SPICE client. > > You have two minutes to connect from downloading the vv file before > the password expires. > > On 5 October 2017 at 22:58, Alex K wrote: > > Any idea how this can be addressed? > > > > > > On Sep 19, 2017 23:07, "Alex K" wrote: > > > > Hi all, > > > > I am trying to get the VM console of a VM through SSH socks proxy. > > This is a scenario I will frequently face, as the ovirt cluster will be > > available only though a remote SSH tunnel. > > > > I am trying several console options without success. > > > > With SPICE or VNC I get issue with virt-viewer saying "Unable to connect > to > > libvirt with URI [none]' > > > > With noVNC I get a separate tab on browser where it is stuck showing > > "loading". > > > > Has anyone success with this kind of remote console access? > > > > Thanx, > > Alex > > > > > > > > ___ > > Users mailing list > > Users@ovirt.org > > http://lists.ovirt.org/mailman/listinfo/users > > > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Debugging warning messages about bonding mode 4
That looks like the normal state for a LACP bond, but it does record some churn (bond renegotiations, I believe). So it probably bounced once or twice coming up. Maybe a slow switch, maybe a switch relying on dynamic bonding instead of static bonds, and taking longer to establish. For the ones with a down link, and this one too, you could ask the network guys if they statically configured the bond, or if they could, might make it quicker to bring it up. I don’t think anything updates when the host is in maintenance, you could take it out and see what happens :) The bond is lower level though, should come up if it’s configured properly, and you should be able to see that on the host. -Darrell a bond on one of mine: # cat /proc/net/bonding/bond0 Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: IEEE 802.3ad Dynamic link aggregation Transmit Hash Policy: layer2 (0) MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 802.3ad info LACP rate: slow Min links: 0 Aggregator selection policy (ad_select): stable System priority: 65535 System MAC address: 00:0f:53:08:4b:ac Active Aggregator Info: Aggregator ID: 1 Number of ports: 2 Actor Key: 13 Partner Key: 14 Partner Mac Address: 64:64:9b:5e:9b:00 Slave Interface: p1p1 MII Status: up Speed: 1 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0f:53:08:4b:ac Slave queue ID: 0 Aggregator ID: 1 Actor Churn State: none Partner Churn State: none Actor Churned Count: 0 Partner Churned Count: 0 details actor lacp pdu: system priority: 65535 system mac address: 00:0f:53:08:4b:ac port key: 13 port priority: 255 port number: 1 port state: 61 details partner lacp pdu: system priority: 127 system mac address: 64:64:9b:5e:9b:00 oper key: 14 port priority: 127 port number: 8 port state: 63 Slave Interface: p1p2 MII Status: up Speed: 1 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 00:0f:53:08:4b:ad Slave queue ID: 0 Aggregator ID: 1 Actor Churn State: none Partner Churn State: none Actor Churned Count: 0 Partner Churned Count: 0 details actor lacp pdu: system priority: 65535 system mac address: 00:0f:53:08:4b:ac port key: 13 port priority: 255 port number: 2 port state: 61 details partner lacp pdu: system priority: 127 system mac address: 64:64:9b:5e:9b:00 oper key: 14 port priority: 127 port number: 7 port state: 63 > From: Gianluca Cecchi> Subject: [ovirt-users] Debugging warning messages about bonding mode 4 > Date: October 6, 2017 at 6:28:16 AM CDT > To: users > > Hello, > on a 2 nodes cluster in 4.1.6 I have this situation. > Every node has 3 bonds, each one composed by 2 network adapters and each one > of type mode=4 > (actually in setup networks I have configured custom and then the value: > "mode=4 miimon=100" > ) > > At this moment only one of the servers has access to FC storage, while the > other is currently on maintenance. > > On 2 of the 3 bonds of the active server I get an exclamation point in > "Network Interfaces" subtab with this mouseover popup > > Bond is in link aggregation mode (mode 4), but no partner mac has been > reported for it > > What is the exact meaning of this message? Do I have to care about (I think > so..)? > What should I report to network guys? > Eg, one of these two warning bonds status is: > > # cat /proc/net/bonding/bond2 > Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) > > Bonding Mode: IEEE 802.3ad Dynamic link aggregation > Transmit Hash Policy: layer2 (0) > MII Status: up > MII Polling Interval (ms): 100 > Up Delay (ms): 0 > Down Delay (ms): 0 > > 802.3ad info > LACP rate: slow > Min links: 0 > Aggregator selection policy (ad_select): stable > System priority: 65535 > System MAC address: 48:df:37:0c:7f:5a > Active Aggregator Info: > Aggregator ID: 5 > Number of ports: 2 > Actor Key: 9 > Partner Key: 6 > Partner Mac Address: b8:38:61:9c:75:80 > > Slave Interface: ens2f2 > MII Status: up > Speed: 1000 Mbps > Duplex: full > Link Failure Count: 2 > Permanent HW addr: 48:df:37:0c:7f:5a > Slave queue ID: 0 > Aggregator ID: 5 > Actor Churn State: none > Partner Churn State: none > Actor Churned Count: 2 > Partner Churned Count: 3 > details actor lacp pdu: > system priority: 65535 > system mac address: 48:df:37:0c:7f:5a > port key: 9 > port priority: 255 > port number: 1 > port state: 61 > details partner lacp pdu: > system priority: 32768 > system mac address: b8:38:61:9c:75:80 > oper key: 6 > port priority: 32768 > port number: 293 > port state: 61 > > Slave Interface: ens2f3 > MII Status: up > Speed: 1000 Mbps > Duplex: full > Link Failure Count: 2 > Permanent HW addr: 48:df:37:0c:7f:5b > Slave queue ID: 0 > Aggregator ID: 5 > Actor Churn State: none > Partner
Re: [ovirt-users] Unable to grant permissions to AD users
On Thu, Oct 5, 2017 at 10:13 PM, Michael Watterswrote: > I actually reran the ovirt-engine-extension-aaa-ldap-setup tool and was > able to login and complete a search successfully but doing the same > thing in the engine UI fails. > > Here's the configuration from the .properties file. > > include = > > vars.domain = example.com > vars.user = ldapu...@example.com > vars.password = password > > pool.default.auth.simple.bindDN = ${global:vars.user} > pool.default.auth.simple.password = ${global:vars.password} > pool.default.serverset.type = srvrecord > pool.default.serverset.srvrecord.domain = ${global:vars.domain} > pool.default.ssl.startTLS = true > > engine logs show this error. Is this a bug? I don't remember entering > a trailing space anywhere during setup. > Hmm, could you please try execute following commands with the same username as you have used to login to webui? ovirt-engine-extensions-tool aaa login-user --log-level=FINEST --profile= --user-name= ovirt-engine-extensions-tool aaa search --log-level=FINEST --extension-name= --entity-name= Thanks > > 2017-10-05 14:17:38,156-04 ERROR > [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-354) [] > OAuthException server_error: java.text.ParseException: Invalid character > ' ' encountered. > 2017-10-05 14:20:03,229-04 ERROR > [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-38) [] > OAuthException server_error: java.text.ParseException: Invalid character > ' ' encountered. > 2017-10-05 14:22:24,691-04 ERROR > [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default > task-185) [] The user usern...@example.com@example.com is not authorized > to perform login > > > > On 10/05/2017 03:29 PM, Martin Perina wrote: > > Hi, > > > > it seems that you have an error in your aaa-ldap configuration. Could you > > please share your engine.log and your aaa-ldap configuration? > > > > Thanks > > > > Martin Perina > > > > > > On Thu, Oct 5, 2017 at 9:08 PM, Michael Watters > wrote: > > > >> I'm having some issues granting permissions to AD users in ovirt-engine > >> 4.1. Users can log in but receive an error as below. > >> The user u...@example.com@example.com is not authorized to perform > login > >> > >> I am also not able to grant this user any permissions through the admin > >> console. Entering a user name in the search field for the System > >> Permissions section results in a blank list. Attached is a screenshot > for > >> reference. > >> > >> Does anybody have an idea on what would cause this? The log files > aren't > >> very useful and don't show any errors. > >> > >> ___ > >> Users mailing list > >> Users@ovirt.org > >> http://lists.ovirt.org/mailman/listinfo/users > >> > >> > > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] How to change network card configuration under bridge on host?
Hi, I've got a single host running CentOS 7.3 + Ovirt 4.0.6 with hosted engine. I'm having network issues (see previous email thread) and the next thing I'm going to try is to add a new network card and use that instead of the onboard ethernet on the mobo. However it looks like /etc/sysconfig/network-scripts/ifcfg-* get replaced every time the host restarts. Right now it's configured with: eno1, eno2 -> bond0 -> ovirtmgmt I accomplished this by setting up the bond by hand on the host before I installed the hosted engine, but then ovirt "took control" of the configuration. I want to change this to replace eno1 and eno2 with the two new devices when I add the new card tomorrow. What's the best way to do this? I suppose I can just add the new devices as bond0 slaves pretty easily by creating new ifcfg-xxx files for the new devices (I'm assuming they will be eno3 and eno4) that looks similar to the eno1 and eno2 files. However I'd like to also remove eno1 and eno2 from bond0. Yet I suspect if I change ifcfg-eno1 and ifcfg-eno2 by hand, they will just get replaced at the next reboot by ovirt. How do I convince ovirt to stop overwriting those files? Or how do I tell ovirt about the new configuration? Thanks, -derek -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Info on manual operations after removing FC storage domain
Hello, I'm relocating some disks from some storage domains to other ones. At the end I'm going to remove source storage domains. All the SD involved are FC and the hosts are CentOS 7.4 I see that after removing an SD from oVirt, the multipath part on host remains. What is the correct sequence of operations to do at hosts' side after completing the Webadmin Gui part? Some questions: - do the remove SD from gui imply vgchange -an of the VG and vgremove of the vg? Or are they delegated to post actions? - do it imply the pvremove on the LUN? After clearing what above I would imagine remaining steps would be, based on my previous similar experience with iSCSI removal on physical servers: - take note of the paths sdY, ... of mpathX - remove the multipath device with multipath -f mpathX - flush the single paths devices blockdev --flushbufs sdY for every path of the previous taken note ones - remove single path devices echo 1 > /sys/block/sdY/device/delete - remove LUN from storage array when previous steps done on all the hypervisors Any comment? Any further step at vdsm level files..? Thanks in advance, Gianluca ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Debugging warning messages about bonding mode 4
Hello, on a 2 nodes cluster in 4.1.6 I have this situation. Every node has 3 bonds, each one composed by 2 network adapters and each one of type mode=4 (actually in setup networks I have configured custom and then the value: "mode=4 miimon=100" ) At this moment only one of the servers has access to FC storage, while the other is currently on maintenance. On 2 of the 3 bonds of the active server I get an exclamation point in "Network Interfaces" subtab with this mouseover popup Bond is in link aggregation mode (mode 4), but no partner mac has been reported for it What is the exact meaning of this message? Do I have to care about (I think so..)? What should I report to network guys? Eg, one of these two warning bonds status is: # cat /proc/net/bonding/bond2 Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: IEEE 802.3ad Dynamic link aggregation Transmit Hash Policy: layer2 (0) MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 802.3ad info LACP rate: slow Min links: 0 Aggregator selection policy (ad_select): stable System priority: 65535 System MAC address: 48:df:37:0c:7f:5a Active Aggregator Info: Aggregator ID: 5 Number of ports: 2 Actor Key: 9 Partner Key: 6 Partner Mac Address: b8:38:61:9c:75:80 Slave Interface: ens2f2 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 2 Permanent HW addr: 48:df:37:0c:7f:5a Slave queue ID: 0 Aggregator ID: 5 Actor Churn State: none Partner Churn State: none Actor Churned Count: 2 Partner Churned Count: 3 details actor lacp pdu: system priority: 65535 system mac address: 48:df:37:0c:7f:5a port key: 9 port priority: 255 port number: 1 port state: 61 details partner lacp pdu: system priority: 32768 system mac address: b8:38:61:9c:75:80 oper key: 6 port priority: 32768 port number: 293 port state: 61 Slave Interface: ens2f3 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 2 Permanent HW addr: 48:df:37:0c:7f:5b Slave queue ID: 0 Aggregator ID: 5 Actor Churn State: none Partner Churn State: none Actor Churned Count: 0 Partner Churned Count: 3 details actor lacp pdu: system priority: 65535 system mac address: 48:df:37:0c:7f:5a port key: 9 port priority: 255 port number: 2 port state: 61 details partner lacp pdu: system priority: 32768 system mac address: b8:38:61:9c:75:80 oper key: 6 port priority: 32768 port number: 549 port state: 61 Also, the other node (that is currently in maintenance) shows one of the 2 interfaces of bond2 (ens2f2) as down (red arrow) but on the host # ip link show ens2f2 6: ens2f2:mtu 1500 qdisc mq master bond2 state UP mode DEFAULT qlen 1000 link/ether 48:df:37:0c:85:4e brd ff:ff:ff:ff:ff:ff # Does this depend on the host being in maintenance? Perhaps when a host is in maintenance, the warnings on it are not checked/updated again from engine? Thanks in advance, Gianluca ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] VM remote noVNC console
I open the Ovirt WEB User page (over the ssh tunnel) and open the "console". I have a spice/vnc client on my local computer. Actually, with the native windows Spice client you do not need the X-Windows. I do not need to go to the hypervisor(s) directly as they are on the same net as the Hosted server On 10/06/2017 12:20 PM, Alan Griffiths wrote: I have this working through an SSH tunnel, although it adds some extra steps. 1. Figure out which port your VM console is bound to (5900 + offset). 2. SSH to the hypervisor tunneling a local port to that remote console port. 3. Click on the console link in the Engine and locally save the vv file. 4. Edit the vv file; change host to localhost and port to whichever port you configured for the local side of the tunnel. 5. Save and run the vv file with your SPICE client. You have two minutes to connect from downloading the vv file before the password expires. On 5 October 2017 at 22:58, Alex Kwrote: Any idea how this can be addressed? On Sep 19, 2017 23:07, "Alex K" wrote: Hi all, I am trying to get the VM console of a VM through SSH socks proxy. This is a scenario I will frequently face, as the ovirt cluster will be available only though a remote SSH tunnel. I am trying several console options without success. With SPICE or VNC I get issue with virt-viewer saying "Unable to connect to libvirt with URI [none]' With noVNC I get a separate tab on browser where it is stuck showing "loading". Has anyone success with this kind of remote console access? Thanx, Alex ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users -- Robert O'Kane Systems Administrator Kunsthochschule für Medien Köln Peter-Welter-Platz 2 50676 Köln fon: +49(221)20189-223 fax: +49(221)20189-49223 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] VM remote noVNC console
I have this working through an SSH tunnel, although it adds some extra steps. 1. Figure out which port your VM console is bound to (5900 + offset). 2. SSH to the hypervisor tunneling a local port to that remote console port. 3. Click on the console link in the Engine and locally save the vv file. 4. Edit the vv file; change host to localhost and port to whichever port you configured for the local side of the tunnel. 5. Save and run the vv file with your SPICE client. You have two minutes to connect from downloading the vv file before the password expires. On 5 October 2017 at 22:58, Alex Kwrote: > Any idea how this can be addressed? > > > On Sep 19, 2017 23:07, "Alex K" wrote: > > Hi all, > > I am trying to get the VM console of a VM through SSH socks proxy. > This is a scenario I will frequently face, as the ovirt cluster will be > available only though a remote SSH tunnel. > > I am trying several console options without success. > > With SPICE or VNC I get issue with virt-viewer saying "Unable to connect to > libvirt with URI [none]' > > With noVNC I get a separate tab on browser where it is stuck showing > "loading". > > Has anyone success with this kind of remote console access? > > Thanx, > Alex > > > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] VM remote noVNC console
Hello, I run a local X-Windows server on my client and ssh to the remote host with the -Y option. This forwards all remote X windows commands to the local X-Window server. I can then get my remote windows to run locally. Good Luck, Robert O'Kane On 10/05/2017 11:58 PM, Alex K wrote: Any idea how this can be addressed? On Sep 19, 2017 23:07, "Alex K"> wrote: Hi all, I am trying to get the VM console of a VM through SSH socks proxy. This is a scenario I will frequently face, as the ovirt cluster will be available only though a remote SSH tunnel. I am trying several console options without success. With SPICE or VNC I get issue with virt-viewer saying "Unable to connect to libvirt with URI [none]' With noVNC I get a separate tab on browser where it is stuck showing "loading". Has anyone success with this kind of remote console access? Thanx, Alex -- Robert O'Kane Systems Administrator Kunsthochschule für Medien Köln Peter-Welter-Platz 2 50676 Köln fon: +49(221)20189-223 fax: +49(221)20189-49223 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users