Re: help/advise needed: Private gateway vs. new physcial network issue

2017-05-03 Thread Andrija Panic
I managed to solve it, thanks Simon: Steps, give or take: - add new physical network via CM - enable new physical network via CM - manually define VLAN as isolation method in DB (add new ROW in physical_network_isolation_methods table) - duplicate existing Guest network row from table physical_net

Re: help/advise needed: Private gateway vs. new physcial network issue

2017-05-03 Thread Andrija Panic
Ok, thanks, I need to read a bit on tagging networks, first time I encounter this. agent.properties only has 1 guest interface definition ( guest.network.device=bond0.950), so I will see how this behaves... Thanks for input Simon On 3 May 2017 at 23:19, Simon Weller wrote: > We deploy with 2 p

Re: help/advise needed: Private gateway vs. new physcial network issue

2017-05-03 Thread Simon Weller
We deploy with 2 physical interfaces. 1 is for vxlan guest networks and the other is a trunk interfaces for public, mgmt and private gateways. We found that tagging was necessary, or the incorrect interface can be selected because both have guest networks. From

Re: help/advise needed: Private gateway vs. new physcial network issue

2017-05-03 Thread Andrija Panic
Hi Simon, not at all. We use tags only for storage and compute(service)/disk offerings... But, I just found out, even when I change recird in DB record, change KVM label from bond0.950 to bond0, then disable/enable zone, and even restart mgmt servers, still ACS provision vlan 999 on top of bond0

Re: help/advise needed: Private gateway vs. new physcial network issue

2017-05-03 Thread Simon Weller
Andrija, Do you have any network tagging setup for your vpc network offerings that correspond to your zone network tags? From: Andrija Panic Sent: Wednesday, May 3, 2017 3:46 PM To: us...@cloudstack.apache.org; dev@cloudstack.apache.org Subject: help/advise nee

proper place to put migrations

2017-05-03 Thread Nathan Johnson
I have created a JIRA bug here that will require the use of a migration to fix. https://issues.apache.org/jira/browse/CLOUDSTACK-9902 What is the most appropriate branch to fork from to submit a PR in this case, and what is the most appropriate migration script to edit (or create a new one)

help/advise needed: Private gateway vs. new physcial network issue

2017-05-03 Thread Andrija Panic
Hi all, I'm trying to to test Private Gateway on our production (actually on DEV first :) ) setup, of ACS 4.5, but I'm hitting some strange issues during actual creation of PV GTW. My setup is the following: ACS 4.5, advanced zone KVM (ubuntu 14) mgmt network: KVM label/name: cloudbr0 sec. stor.

Re: Private gateways - experience, anyone really using it ?

2017-05-03 Thread Andrija Panic
Thanks everyone for swift comments :) I see (in ACS 4.5 ATM, to be soon upgraded to 4.8) there are some issues when creating (additional) physical networks (with CM), i.e. we set isolation method to be VLAN, but DB field is not written to at all, so when adding PV GTW, ACS fails back to add vlan i

Re: Private gateways - experience, anyone really using it ?

2017-05-03 Thread Will Stevens
Interesting. I wonder if the limitations we are seeing are actually a UI artifact and not actually an implementation artifact. I will have to look into that. Thanks... :) *Will STEVENS* Lead Developer On Wed, May 3, 2017 at 11:32 AM, Simon Weller wrote: > So we mana

Re: Private gateways - experience, anyone really using it ?

2017-05-03 Thread Simon Weller
So we manage static routes within our middleware and UI (we don't use the ACS native UI), so I don't think we've experienced this. From: williamstev...@gmail.com on behalf of Will Stevens Sent: Wednesday, May 3, 2017 10:26 AM To: dev@cloudstack.apache.org Cc: u

Re: Private gateways - experience, anyone really using it ?

2017-05-03 Thread Will Stevens
@sweller: I would be interested in the PG fixes you have done. Anything related to overlapping routes? *Will STEVENS* Lead Developer On Wed, May 3, 2017 at 11:23 AM, Simon Weller wrote: > We use private gateways extensively with KVM and redundant VRs. We have > our own

Re: Private gateways - experience, anyone really using it ?

2017-05-03 Thread Simon Weller
We use private gateways extensively with KVM and redundant VRs. We have our own ACS 4.8 branch (https://github.com/myENA/cloudstack/tree/release/ENA-4.8) with quite a number of backported fixes that relate to PGs. As far as I'm aware, vxlan is not supported on PGs today. We would like to see it

Re: Private gateways - experience, anyone really using it ?

2017-05-03 Thread Will Stevens
​We have been using it quite a bit in production over the last 3+ years. It works pretty well. It is a pretty simple implementation, so it is pretty stable. I know my networking guys have some frustrations with the limitations on the static routes. No overlapping routes and things like that whic

Private gateways - experience, anyone really using it ?

2017-05-03 Thread Andrija Panic
Hi all, I'm interested to know if anyone is using private gatewyas in production, and what are your experience with it, any undocumented limitations, etc ? I dont see iif t supports vxlans (perhaps will try to test it myself) I really would appreciate any feedback. Thanks, -- Andrija Panić

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Rene Moser
Thanks Remi for the hint and Daan for pick it up! That is why I like open source software development and this project ;) On 05/03/2017 02:49 PM, Daan Hoogland wrote: > Happy to pick this up, Remi. I'm travelling now but will look at both on > Friday.

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Daan Hoogland
Happy to pick this up, Remi. I'm travelling now but will look at both on Friday. Biligual auto correct use. Read at your own risico On 3 May 2017 2:25 pm, "Remi Bergsma" wrote: > Always happy to share, but I won’t have time to work on porting this to > CloudStack any time soon. > > Regards, Re

Re: ovf file parser

2017-05-03 Thread Will Stevens
Cool. Let me know if you have questions. My instinct is that we probably want to keep the Ova manipulation in the context of vmware since I don't believe it will be used outside that context. Trying to manipulate the ovf files with generic tools may prove to be more complicated to manage going for

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Remi Bergsma
Always happy to share, but I won’t have time to work on porting this to CloudStack any time soon. Regards, Remi On 03/05/2017, 13:44, "Rohit Yadav" wrote: Hi Remi, thanks for sharing. We would love to have those changes (for 4.9+), looking forward to your pull requests. Reg

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Rohit Yadav
Hi Remi, thanks for sharing. We would love to have those changes (for 4.9+), looking forward to your pull requests. Regards. From: Remi Bergsma Sent: 03 May 2017 16:58:18 To: dev@cloudstack.apache.org Subject: Re: Very slow Virtual Router provisioning with 4.9.

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Remi Bergsma
Hi, The patches I talked about: 1) Iptables speed improvement https://github.com/apache/cloudstack/pull/1482 Was reverted due to a licensing issue. 2) Passwd speed improvement https://github.com/MissionCriticalCloudOldRepos/cosmic-core/pull/138 By now, these are rather old patches so they ne

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Jeff Hair
Hi Remi, Do you have a link to the PR that was reverted? And also possibly the code that makes the password updating more efficient? Jeff On Wed, May 3, 2017 at 10:36 AM, Remi Bergsma wrote: > Hi Wido, > > When we had similar issues last year, we found that for example comparing > the iptables

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Remi Bergsma
Hi Wido, When we had similar issues last year, we found that for example comparing the iptables rules one-by-one is 1000x slower than simply loading them all at once. Boris rewrote this part in our Cosmic fork, may be worth looking into this again. The PR to CloudStack was merged, but reverted

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Jayapal Uradi
Another reason of slow can be VR configuration(persistent VR configuration design). When one component config apply, whole VR configuration apply is executed. Due to this the VR boot up time will increase. Thanks, Jayapal > On May 3, 2017, at 1:55 PM, Marc-Aurèle Brothier wrote: > > Hi Wido

Re: Very slow Virtual Router provisioning with 4.9.2.0

2017-05-03 Thread Marc-Aurèle Brothier
Hi Wido, Well for us, it's not a version problem, it's simply a design problem. This VR is very problematic during any upgrade of cloudstack (which I perform every week almost on our platform), same goes for the secondary storage VMs which scans all templates. We've planned on our roadmap to get r

Re: ovf file parser

2017-05-03 Thread Abhinandan Prateek
Hi Will, I am improving the multiple disk OVA feature. As part of revamp I am moving out some OVF manipulation code from the vmware hypervisor plugin context to secondary storage component. The existing code was using vim25 and managed objects to query and rewrite the OVF file. I have rewrit