Re: [Openstack] [Openstack-operators] ANNOUNCE: Ultimate OpenStack Grizzly Guide, with super easy Quantum!
On Wed, Mar 20, 2013 at 3:51 PM, Martinx - ジェームズ thiagocmarti...@gmail.comwrote: Hi! I'm working with Grizzly G3+RC1 on top of Ubuntu 12.04.2 and here is the guide I wrote: Ultimate OpenStack Grizzly Guidehttps://gist.github.com/tmartinx/d36536b7b62a48f859c2 It covers: * Ubuntu 12.04.2 * Basic Ubuntu setup * KVM * OpenvSwitch * Name Resolution for OpenStack components; * LVM for Instances * Keystone * Glance * Quantum - Single Flat, Super Green!! * Nova * Cinder / tgt * Dashboard It is still a draft but, every time I deploy Ubuntu and Grizzly, I follow this little guide... I would like some help to improve this guide... If I'm doing something wrong, tell me! Please! Probably I'm doing something wrong, I don't know yet, but I'm seeing some errors on the logs, already reported here on this list. Like for example: nova-novncproxy conflicts with novnc (no VNC console for now), dhcp-agent.log / auth.log points to some problems with `sudo' or the `rootwarp' subsystem when dealing with metadata (so it isn't working)... this is likely due to the fact that the quantum-metadata-ns-proxy was not included in the dhcp.filters, but this has now been fixed upstream for a while. I had chatted with unbutu packaging folks about this, so I think it will be upstream soon if it is not already: Rootwrap change is here: https://github.com/openstack/quantum/commit/48e7848a2e4fb3c96d44bf7519bd7984851ac9bb But in general, it works great!! Best! Thiago ___ OpenStack-operators mailing list openstack-operat...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] One Openstack attached to many existing networks?
On Tue, Mar 19, 2013 at 9:02 AM, Markku Tavasti markku.tava...@cybercom.com wrote: Hi! We are trying to create setup where one opestack cluster is connected to many existing networks. Networks are each assigned to some specific customer, and every network can have different ip range available. For example; * cust1 has network 10.26.3.0/24, and has available ip's on 10.26.3.144 - 10.26.3.151 ( /29 mask) * cust2 has network 10.35.168.0/24 and has available ip's on 10.35.168.128 - 10.35.168.192 I've tried to setup this environment wit nova-network, but with not too much success. Tried something like: nova-manage network create --label TUNK --fixed_range_v4=10.26.3.0/24--vlan=1506 --multi_host='T' --dns1=10.131.38.201 --dns2=10.231.52.2 --gateway=10.26.3.1 --fixed_cidr=10.26.3.144/29 --num_networks=1 --network_size=8 I've tried many different combinations, but haven't still got setup where: * network is /24 * there is network_size 8 * fixed ip's start from .144 Preferably we would put virtual machines directly to that network, but if that is not possible, then even floating ip's on every network is ok. What you think, is this even possible with nova-network? And what about quantum? this should be possible with quantum, as it separates out the cidr for a subnet (i.e., 10.26.3.0/24) from the allocation_pools, from which IPs are allocated. See: http://docs.openstack.org/trunk/openstack-network/admin/content/api_abstractions.html dan --Tavasti __**_ Mailing list: https://launchpad.net/~**openstackhttps://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~**openstackhttps://launchpad.net/~openstack More help : https://help.launchpad.net/**ListHelphttps://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Need suggestion on networking
if you want private networks, but also to give VMs public IPs, you will want to create one or more private networks + subnets, create a router, uplink each subnet to the router, create an external network + subnet using your public IPs, and then allocate a floating ip for each VM that needs a public address. You can mostly follow the workflow outlined here: http://docs.openstack.org/trunk/openstack-network/admin/content/l3_workflow.html dan On Wed, Feb 20, 2013 at 2:57 AM, Anil Vishnoi vishnoia...@gmail.com wrote: Hi, I did Openstack(Folsom+Quantum) setup, with one controller node ( also running networking services) and 8 compute nodes. Both controller node and compute nodes have 2 NIC each, one on public network (internet) and one on private network. My requirement is that for each tenant, every VM should be connected to private network as well as it should also have public IP address, so that user can directly access that machine over internet. I might add some more compute node as well, and my VM counts can grow in range of 200-300+. You can assume that we do have these many public IP's available. My plan is to create vlan based private network for each tenant, but i am confused on the public network part of it. Shell i use provider network or use router/floating ip based networking. I want to user openvswtich (vlan) plugin for networking.Any suggestions? Thanks Anil ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Doubt quantum script
On Mon, Mar 4, 2013 at 7:49 AM, Gary Kotton gkot...@redhat.com wrote: On 03/04/2013 05:45 PM, Guilherme Russi wrote: Found the problem, when I did the step: ovs-vsctl add-port br-ex eth2, it stopped my lan communication. The l3 agent makes changes to the routing table. This may cause a conflict with the default gateway. I would suggest having a static route for the management traffic (I guess that your could have been received via DHCP). Thanks Gary It seems like you had an IP address on eth2. When you add an interface with an IP address to a bridge, you need to move that IP address from the interface device to the bridge device. Dan Any idea? 2013/3/4 Guilherme Russi luisguilherme...@gmail.com Hello guys, I'm installing the openstack folsom again, but now I have a controller node in a proper physical machine and the network node in another one, but which of them I execute the quantum-networking script? I'm following this manual http://docs.openstack.org/folsom/basic-install/content/basic-install_network.htmland I'm trying to execute at the network node, but I got error when execute it. When I type keystone tenant-list and quantum net-list I got the error [Errno 111] Unable to communicate with identity service. My novarc is configured at the network node too. Thanks. Guilherme. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Cannot access metadata host(169.254.169.254) in folsom
On Mon, Mar 4, 2013 at 6:44 AM, Sylvain Bauza sylvain.ba...@digimind.comwrote: Could you please issue 'route -n' on your VM and check if 169.254.0.0/16does have its own route ? If yes, delete it. Another classic error is to forget to add a static route from the controller node (if hosting metadata service) to the external router IP of the VM (see http://docs.openstack.org/folsom/openstack-network/admin/content/adv_cfg_l3_agent_metadata.html) The good news is that this will no longer be a requirement in Grizzly, thanks to Mark's work on integrating metadata into Quantum. Thanks Mark! Dan -Sylvain Le 04/03/2013 15:29, livemoon a écrit : Hi, I am follow http://docs.openstack.org/folsom/basic-install/content/and set up three nodes folsom. Now I have found my vm cannot get 169.254.169.254 to get cloud-init data. So I check the network node(quantum), using iptables -L -t nat, I have found: *Chain quantum-l3-agent-PREROUTING (1 references)* *target prot opt source destination* *DNAT tcp -- anywhere 169.254.169.254 tcp dpt:http to:192.168.1.2:8775* I think it is correct, and in the network node, I can ping and curl 192.168.1.2(this is controller node), but not ping and curl 169.254.169.254. Can anyone help me? ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Scale out
Yes, Grizzly will give you more options when scaling out the L3 gateway node. I'd suggest pausing for a bit until that new functionality is included in the OpenStack documentation. Dan On Fri, Mar 1, 2013 at 6:00 AM, Simon Pasquier pasquier.si...@gmail.comwrote: Hello Heiko, I think that there is a blueprint [1] currently in progress to address your needs. The Quantum developers might be able to give us more information. Simon [1] https://blueprints.launchpad.net/quantum/+spec/quantum-scheduler 2013/3/1 Heiko Krämer krae...@avarteq.de Heyho Guys, i'm trying to setup Openstack with Quantum. That's not a big deal and all components are running but Quantum L3 agent and dhcp agent runs on one node (network node). So this node are a GW for external and internal traffic. This topology will be a bottleneck in the near future. My goal is now to scale out Quantum on other nodes like nova-network. My first idea was to create a second router and configure this router on a second node (l3 agent router_id ) with a second external network (l3 agent network_id). I can use now a second network node with a second router and second external network to balance the traffic between this tow nodes. So before i had: 1Gbit Uplink to WAN = 1 x network node with 1 ext NIC Now: 2 x 1 Gbit Uplink to WAN = 2 x network node with 1 ext NIC The main goal is to use the external NIC's of each compute node or of many Network nodes but the maintainability, which vm or tenant are use which network node, is not really good. I would prefere i can Quantum scale out of the box and Quantum manage port mapping on different nodes like a port scheduler mapper :) Have anyone experience with that ? Ideas or network topologies ? Greetings Heiko -- B. Sc. Informatik Heiko Krämer CIO/Administrator Twitter: @railshoster Avarteq GmbH Zweigstelle: Prinzessinnenstr. 20, 10969 Berlin Geschäftsführer: Alexander Faißt, Dipl.-Inf.(FH) Julian Fischer Handelsregister: AG Saarbrücken HRB 17413, Ust-IdNr.: DE262633168 Sitz: Science Park 2 66123 Saarbrücken Tel: +49 (0)681 / 309 64 190 Fax: +49 (0)681 / 309 64 191 Visit: http://www.enterprise-rails.de/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Metadata service route from a VM
Hi Sylvain, The answer here is that it depends. If you are using Folsom + Quantum, the only supported mechanism is reaching the metadata server is via your default gateway, so VMs should not have specific routes to reach the metadata subnet (I believe this is also the case for nova-network, so I'm a bit surprised by your original comments in this thread about using the direct route with nova-network). In Grizzly, Quantum will support two different mechanisms of reaching metadata. One via the router (as before) and another via the DHCP server IP (with a route for 169.254.169.254/32 injected into the VM via DHCP). The latter supports metadata on networks that do not have a router provided by Quantum. Dan On Mon, Feb 25, 2013 at 8:36 AM, Sylvain Bauza sylvain.ba...@digimind.comwrote: Yet no reply ? I did the hack, I removed the 169.254.0.0/16 route from my images, but this is quite a ugly hack. Could someone with OpenVswitch/GRE setup please confirm that there is no route to create for metadata ? Thanks, -Sylvain Le 21/02/2013 11:33, Sylvain Bauza a écrit : Anyone ? I found the reason why a 'quantum-dhcp-agent restart' is fixing the route, this is because the lease is DHCPNACK'd at next client refresh and the VM is getting a fresh new configuration excluding 169.254.0.0/16route. Community, I beg you to confirm the 169.254.0.0/16 route should *not* be pushed to VMs, and 169.254.169.254/32 should be sent thru the default route (ie. provider router internal IP). If it's the case, I'll update all my images to remove that route. If not, something is wrong with my Quantum setup that I should fix. Thanks, -Sylvain Le 20/02/2013 15:55, Sylvain Bauza a écrit : Hi, Previously using nova-network, all my VMs were having : # route -n Table de routage IP du noyau Destination Passerelle Genmask Indic Metric Ref Use Iface 10.0.0.00.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 00 eth0 0.0.0.0 10.0.0.10.0.0.0 UG0 0 0 eth0 Now, this setup seems incorrect with Quantum, as the ARP query goes directly from the network node trying to resolve 169.254.169.254 : [root@toto ~]# curl http://169.254.169.254/ curl: (7) couldn't connect to host sylvain@folsom02:~$ sudo tcpdump -i qr-f76e4668-fa -nn not ip6 and not udp and host 169.254.169.254 -e tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on qr-f76e4668-fa, link-type EN10MB (Ethernet), capture size 65535 bytes 15:47:46.009548 fa:16:3e:bf:0b:f6 ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 169.254.169.254 tell 10.0.0.5, length 28 15:47:47.009076 fa:16:3e:bf:0b:f6 ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 169.254.169.254 tell 10.0.0.5, length 28 The only way for me to fix it is to remove the 169.254.0.0/16 route on the VM (or for some reason I doesn't understand, by restarting quantum-dhcp-agent on the network node) and then L3 routing is working correctly : [root@toto ~]# route del -net 169.254.0.0/16 [root@toto ~]# curl http://169.254.169.254/ 1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01 2009-04-04 sylvain@folsom02:~$ sudo tcpdump -i qg-f2397006-20 -nn not ip6 and not udp and host 10.0.0.5 and not port 22 -e tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on qg-f2397006-20, link-type EN10MB (Ethernet), capture size 65535 bytes 15:52:58.479234 fa:16:3e:e1:95:20 e0:46:9a:2c:f4:7d, ethertype IPv4 (0x0800), length 74: 10.0.0.5.55428 192.168.1.71.8775: Flags [S], seq 3032859044, win 14600, options [mss 1460,sackOK,TS val 2548891 ecr 0,nop,wscale 5], length 0 15:52:58.480987 e0:46:9a:2c:f4:7d fa:16:3e:e1:95:20, ethertype IPv4 (0x0800), length 74: 192.168.1.71.8775 10.0.0.5.55428: Flags [S.], seq 3888257357, ack 3032859045, win 14480, options [mss 1460,sackOK,TS val 16404712 ecr 2548891,nop,wscale 7], length 0 15:52:58.482211 fa:16:3e:e1:95:20 e0:46:9a:2c:f4:7d, ethertype IPv4 (0x0800), length 66: 10.0.0.5.55428 192.168.1.71.8775: Flags [.], ack 1, win 457, options [nop,nop,TS val 2548895 ecr 16404712], length 0 I can't understand what's wrong with my setup. Could you help me ? I would have to undergo a post-up statement for all my images... :( Thanks, -Sylvain __**_ Mailing list: https://launchpad.net/~**openstackhttps://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~**openstackhttps://launchpad.net/~openstack More help : https://help.launchpad.net/**ListHelphttps://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list
Re: [Openstack] LBaas :: Service Agent :: Drivers
Hi Trinath, This review is no longer the active review for LBaaS within Quantum for Grizzly. Instead, we are going with a simplified approach, here: https://review.openstack.org/#/c/22794/3 dan On Sun, Feb 24, 2013 at 10:17 PM, Trinath Somanchi trinath.soman...@gmail.com wrote: Hi Stackers- While going through the code base at http://review.openstack.org/#/c/20579/ I have a doubt with respect to the understanding of Drivers Can any one kindly help me understand the Concept of Drivers in the Service Agent functionality. What is the role of Drivers? Where do these drivers run, in Controller or the Compute node ? Thanks in advance, Kindly help me understand the same., -- Regards, -- Trinath Somanchi, +91 9866 235 130 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Associating virtual instance NICs to specific networks in quantum
On Sun, Dec 30, 2012 at 8:54 PM, Balamurugan V G balamuruga...@gmail.comwrote: Thanks Itzik. This basically goes by the order. Though this should suffice for most cases, it would have been nice to have more fine grain control and specify the interface names as well. Also, we cant achieve this in Horizon yet. Any idea when Horizon will reach feature parity with CLI? It is targeted for Grizzly, but progress has been slow: https://blueprints.launchpad.net/horizon/+spec/quantum-vnic-ordering One of the reasons for the delay is that this requires a new horizon widget ( https://blueprints.launchpad.net/horizon/+spec/orderable-mutiple-choice-field), so if someone wants to work on this, that would speed things up :) Dan Regards, Balu On Mon, Dec 31, 2012 at 3:35 AM, Itzik Brown itz...@dev.mellanox.co.ilwrote: Hi, What about running nova boot: #nova boot --flavor m1.tiny --image myimage --nic net-id=e7038a3b-cd45-4795-83ec-02b0a11a9bf1 --nic net-id=dc95727d-9495-44e8-9b27-0a942cd671fc vm1. Here the first NIC will be connected to Network with ID e7038a3b-cd45-4795-83ec-02b0a11a9bf1 and the second to Network with ID dc95727d-9495-44e8-9b27-0a942cd671fc. Hope it helps, Itzik On 28/12/2012 06:26, Balamurugan V G wrote: Lets says, I create a Linux virtual Instance in an OpenStack private cloud and associate the instance with two networks; A B. It seems to associate eth0 and eth1 to A and B respectively. But is there any way in which I can specify that eth0 should be attached to network B and eth1 should be attached to network A. The quantum CLI 'quantum port-create' accepts just device-id and network-id which is not sufficient to achieve the level of specificity I believe. Can this be achieved today? Also when will the Horizon UI and Quantum REST API reach feature parity with the Quantum CLI? will it be in Grizzly or later? Thanks, Balu ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] questions about private, external network
the IP allocation pool can be a subset of the overal subnet range, if for example, you want to limit the set of IP addresses that Quantum will hand out to a sub-range of the total IPs in the subnet. This can be useful if a quantum network is shared with hosts outside of openstack (e.g., with physical hosts provisioned outside of openstack). dan On Wed, Nov 28, 2012 at 5:09 PM, Ahmed Al-Mehdi ahmedalme...@gmail.comwrote: Thank you very much for the explanation. However, I am still a bit confused. In the command quantum subnet-create ... for external network, I am already providing start/end allocation pool IP addr. What is the need for the 192.168.50.100/24 option? In this case, is this option redundant OR not needed (as in not used by Quantum) OR not correctly specified? You mentioned 192.168.50.100/30, how did you get /30? Is that an example? Or is that based on the start/end IP allocation pool? Thank you, Ahmed. On Wed, Nov 28, 2012 at 4:44 PM, gong yong sheng gong...@linux.vnet.ibm.com wrote: On 11/29/2012 07:56 AM, Ahmed Al-Mehdi wrote: Hello, I have a few questions related to private and external network in Quantum. I am running into some odd behavior with networking related to my VM instance that I am trying to resolve. # quantum net-create --tenant-id $put_id_of_service_tenant ext_net --router:external=True # quantum subnet-create --tenant-id $put_id_of_service_tenant --allocation-pool start=192.168.50.102,end=192.168.50.126 --gateway 192.168.50.1 ext_net192.168.50.100/24 --enable_dhcp=False (step b) - 192.168.50.100/24: Is 192.168.50.100 assigned (reserved) for any purpose? What is this cidr represent? It should be a wrong cidr. I think if you are using 192.168.50.100/30, the 192.168.59.101 will be reserved. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum + OpenVSwitch + GRE Tunneling with RHEL 6.3
Hi David, Support for GRE tunneling is not part of the main-line kernel yet. Ubuntu support it by using the OVS kernel module that can be built from OVS source. Red Hat based platforms do not support this to my knowledge, though you could always download the OVS source and build it yourself, as Centos is a target platform for OVS. Google will show you a few examples of people explaining how they did it: http://networkstatic.net/installing-openvswitch-and-kvm-on-centos-6-2-part-1/ Dan On Sun, Nov 18, 2012 at 8:59 PM, Jian Hua Geng gen...@cn.ibm.com wrote: Can anyone help to confirm that the GRE Tunneling can be used with Quantum on my RHEL6.3? My Redhat kernel version is 2.6.32-279.el6.x86_64, and the OpenVSwitch version is 1.4.2. From the wiki page(* http://wiki.openstack.org/ConfigureOpenvswitch*http://wiki.openstack.org/ConfigureOpenvswitch ) , I find some modules are still not available in RHEL. If I want to use the GRE Tunneling, need I upgrade my linux kernel or OpenVSwitch? Thanks! -- Best regard, David Geng -- ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Looking for a good Folsom + Quantum guide
Note: use network definitions describe here: http://docs.openstack.org/trunk/openstack-network/admin/content/connectivity.html With an overlay type deployment using NVP or OVS plugins you can choose to consolidate the data network and management network and use the same IP adress for both types of connectivity if you like. You definitely want the external network (used for floating ips, etc.) to be a different IP network, as you wouldn't want VMs having direct access to your management network or the network you use for tunneling. Dan On Fri, Nov 16, 2012 at 11:39 AM, Samuel Winchenbach swinc...@gmail.comwrote: I was attempting to use VLAN/2NICs because that is that I am most familiar with and I do not currently have 3 network cards (I have Infiniband, but it is not currently hooked up). I am a little unclear why GRE requires 3 network cards, probably because I am very unfamiliar with openvswitch. Thanks for the documents and suggestions so far. I will keep hammering away at it. Sam On Thu, Nov 15, 2012 at 8:06 PM, Dan Wendlandt d...@nicira.com wrote: On Thu, Nov 15, 2012 at 4:11 PM, Dan Wendlandt d...@nicira.com wrote: Thanks for your comments. This is all good feedback. A couple of things to mention: 1) The l3-agent rootwrap error mentioned earlier in the thread is in stable/folsom and according to launchpad was added to the Ubuntu stable release archive about a week ago. see: https://bugs.launchpad.net/quantum/+bug/1069966 I take that back, it was committed to the Ubuntu quantum repo a week ago, but it looks like it has not yet been pulled into Precise. dan 2) The Horizon dashboard only knows how to talk to Nova about floating IPs in Folsom. However, early in grizzly there was a change to be able to proxy nova floating IP calls to Quantum, and it appears that this change is in the process of being backported to folsom/stable by Chuck Short, presumably to be included as an update in the Ubuntu stable release, see: https://bugs.launchpad.net/nova/+bug/1023169 Dan On Thu, Nov 15, 2012 at 7:42 AM, Gary Kotton gkot...@redhat.com wrote: On 11/15/2012 05:17 PM, Skible OpenStack wrote: I believe that the biggest problem is not bug fixes, we are able to fix them out by our selves. Instead, we do need *that Dashboard able to communicate with the quantum to allocate floating IP * Does anyone have an idea about the date ? I am not sure if anyone is working on this. You are welome to add the support. It would be great. Le 15/11/2012 16:14, Gary Kotton a écrit : Hi, A considerable effort has been made to close a number of problems in the Folsom release. The list of issues addressed can be seen at https://review.openstack.org/#/q/status:merged+project:openstack/quantum+branch:stable/folsom,n,z There are still a few bug fixes in review. If I understand correctly around the 22nd of November there will be a stable release (maybe give or take a day). My two cents is to wait a couple of days for the reviews to go through and the various distributions to build the packages. If there is a painful issue that you have then please let us know. Thanks Gary On 11/15/2012 05:10 PM, Skible OpenStack wrote: Are you talking about this l3 bug ? https://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/stable/GRE/Tricks%26Ideas/modify_iptables_manager.rst Le 15/11/2012 16:06, Razique Mahroua a écrit : Hi Sam, here is an official guide to start with http://docs.openstack.org/trunk/openstack-compute/install/apt/content/ap_installingfolsomubuntuprecise.html Note that at the moment, the official quantum packages contain bugs - I'm thinking about the l3 agent for instance. Let us know how it's going Best regards, Razique *Nuage Co - Razique Mahroua** * razique.mahr...@gmail.com Le 15 nov. 2012 à 15:30, Samuel Winchenbach swinc...@gmail.com a écrit : Hi All, I am looking for a good guide to help me get started with Folsom and Quantum for either 12.04 or 12.10. I have been attempting to use: goo.gl/vIdcr but when I get to section 5 (openvswitch) I get an error (SIOCADDRT: no such process) when trying to set the interface for the default gateway to the bridge created in the previous step. I have tried a number of different things, including installing 12.10 on a virtual machine and trying it there instead of bare metal. Same outcome. Doe anyone have any recommendations for a good guide to follow? Or if you have any suggestions on fixing the above error, that would be great too! Thanks, Sam ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https
Re: [Openstack] Quantum Suggestion
Yes, this has been suggested before and I think would be valuable. One complication is that in quantum, there are multiple possible implementations (e.g., some plugins require agents, others don't), but I think it would be possible to abstract things in a way that are useful (e.g., show the status of various devices, and what functions they are implementing). dan On Thu, Nov 15, 2012 at 6:22 AM, Skible OpenStack skible.openst...@gmail.com wrote: Hi stackers, Just like Nova does have the nova-manage service list to check on how well the nova-services are running in all the nodes, i suggest that quantum does the same. After all, we have the l3-agent, dhcp agent, quantum server and many plugin agents running in different nodes and it will be nice to have a common monitoring function which checks the state of each service The blueprint is registered here: https://blueprints.launchpad.net/quantum/+spec/quantum-monitoring-functionif anyone is interested. Best regards ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Looking for a good Folsom + Quantum guide
Thanks for your comments. This is all good feedback. A couple of things to mention: 1) The l3-agent rootwrap error mentioned earlier in the thread is in stable/folsom and according to launchpad was added to the Ubuntu stable release archive about a week ago. see: https://bugs.launchpad.net/quantum/+bug/1069966 2) The Horizon dashboard only knows how to talk to Nova about floating IPs in Folsom. However, early in grizzly there was a change to be able to proxy nova floating IP calls to Quantum, and it appears that this change is in the process of being backported to folsom/stable by Chuck Short, presumably to be included as an update in the Ubuntu stable release, see: https://bugs.launchpad.net/nova/+bug/1023169 Dan On Thu, Nov 15, 2012 at 7:42 AM, Gary Kotton gkot...@redhat.com wrote: On 11/15/2012 05:17 PM, Skible OpenStack wrote: I believe that the biggest problem is not bug fixes, we are able to fix them out by our selves. Instead, we do need *that Dashboard able to communicate with the quantum to allocate floating IP * Does anyone have an idea about the date ? I am not sure if anyone is working on this. You are welome to add the support. It would be great. Le 15/11/2012 16:14, Gary Kotton a écrit : Hi, A considerable effort has been made to close a number of problems in the Folsom release. The list of issues addressed can be seen at https://review.openstack.org/#/q/status:merged+project:openstack/quantum+branch:stable/folsom,n,z There are still a few bug fixes in review. If I understand correctly around the 22nd of November there will be a stable release (maybe give or take a day). My two cents is to wait a couple of days for the reviews to go through and the various distributions to build the packages. If there is a painful issue that you have then please let us know. Thanks Gary On 11/15/2012 05:10 PM, Skible OpenStack wrote: Are you talking about this l3 bug ? https://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/stable/GRE/Tricks%26Ideas/modify_iptables_manager.rst Le 15/11/2012 16:06, Razique Mahroua a écrit : Hi Sam, here is an official guide to start with http://docs.openstack.org/trunk/openstack-compute/install/apt/content/ap_installingfolsomubuntuprecise.html Note that at the moment, the official quantum packages contain bugs - I'm thinking about the l3 agent for instance. Let us know how it's going Best regards, Razique *Nuage Co - Razique Mahroua** * razique.mahr...@gmail.com Le 15 nov. 2012 à 15:30, Samuel Winchenbach swinc...@gmail.com a écrit : Hi All, I am looking for a good guide to help me get started with Folsom and Quantum for either 12.04 or 12.10. I have been attempting to use: goo.gl/vIdcr but when I get to section 5 (openvswitch) I get an error (SIOCADDRT: no such process) when trying to set the interface for the default gateway to the bridge created in the previous step. I have tried a number of different things, including installing 12.10 on a virtual machine and trying it there instead of bare metal. Same outcome. Doe anyone have any recommendations for a good guide to follow? Or if you have any suggestions on fixing the above error, that would be great too! Thanks, Sam ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ image/jpeg___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Looking for a good Folsom + Quantum guide
On Thu, Nov 15, 2012 at 4:11 PM, Dan Wendlandt d...@nicira.com wrote: Thanks for your comments. This is all good feedback. A couple of things to mention: 1) The l3-agent rootwrap error mentioned earlier in the thread is in stable/folsom and according to launchpad was added to the Ubuntu stable release archive about a week ago. see: https://bugs.launchpad.net/quantum/+bug/1069966 I take that back, it was committed to the Ubuntu quantum repo a week ago, but it looks like it has not yet been pulled into Precise. dan 2) The Horizon dashboard only knows how to talk to Nova about floating IPs in Folsom. However, early in grizzly there was a change to be able to proxy nova floating IP calls to Quantum, and it appears that this change is in the process of being backported to folsom/stable by Chuck Short, presumably to be included as an update in the Ubuntu stable release, see: https://bugs.launchpad.net/nova/+bug/1023169 Dan On Thu, Nov 15, 2012 at 7:42 AM, Gary Kotton gkot...@redhat.com wrote: On 11/15/2012 05:17 PM, Skible OpenStack wrote: I believe that the biggest problem is not bug fixes, we are able to fix them out by our selves. Instead, we do need *that Dashboard able to communicate with the quantum to allocate floating IP * Does anyone have an idea about the date ? I am not sure if anyone is working on this. You are welome to add the support. It would be great. Le 15/11/2012 16:14, Gary Kotton a écrit : Hi, A considerable effort has been made to close a number of problems in the Folsom release. The list of issues addressed can be seen at https://review.openstack.org/#/q/status:merged+project:openstack/quantum+branch:stable/folsom,n,z There are still a few bug fixes in review. If I understand correctly around the 22nd of November there will be a stable release (maybe give or take a day). My two cents is to wait a couple of days for the reviews to go through and the various distributions to build the packages. If there is a painful issue that you have then please let us know. Thanks Gary On 11/15/2012 05:10 PM, Skible OpenStack wrote: Are you talking about this l3 bug ? https://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/stable/GRE/Tricks%26Ideas/modify_iptables_manager.rst Le 15/11/2012 16:06, Razique Mahroua a écrit : Hi Sam, here is an official guide to start with http://docs.openstack.org/trunk/openstack-compute/install/apt/content/ap_installingfolsomubuntuprecise.html Note that at the moment, the official quantum packages contain bugs - I'm thinking about the l3 agent for instance. Let us know how it's going Best regards, Razique *Nuage Co - Razique Mahroua** * razique.mahr...@gmail.com Le 15 nov. 2012 à 15:30, Samuel Winchenbach swinc...@gmail.com a écrit : Hi All, I am looking for a good guide to help me get started with Folsom and Quantum for either 12.04 or 12.10. I have been attempting to use: goo.gl/vIdcr but when I get to section 5 (openvswitch) I get an error (SIOCADDRT: no such process) when trying to set the interface for the default gateway to the bridge created in the previous step. I have tried a number of different things, including installing 12.10 on a virtual machine and trying it there instead of bare metal. Same outcome. Doe anyone have any recommendations for a good guide to follow? Or if you have any suggestions on fixing the above error, that would be great too! Thanks, Sam ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ image
Re: [Openstack] Bridge mappings in folsom
Hi Neelakantam, There refer to provider networks, which are quantum networks that are mapped directory to a specific flat or VLAN network in your data center. Please see this page in the Quantum Admin Guide (and its three sub-sections): http://docs.openstack.org/trunk/openstack-network/admin/content/provider_networks.html Provider networks are useful if you are implementing a flat network scenario, or if you have a data center with existing VLANs already in use, and want to be able to map VMs to those VLAN networks. dan On Mon, Nov 12, 2012 at 3:09 AM, Neelakantam Gaddam neelugad...@gmail.comwrote: Hi All, I have few questions regarding bridge mapping in folsom release. In the quantum configuration file, there is a config param for bridge mapping: bridge_mappings=default:br-eth1 (ListOpt) Comma-separated list of physical_network:bridge tuples mapping physical network names to agent's node-specific OVS bridge names. Each bridge must exist, and should have physical network # interface configured as a port. Can anyone elaborate on this parameter? What are these physical network names and why they mapped to ovs bridge names ? Please help me in understanding network setup using folsom. Thanks in advance. -- Thanks Regards Neelakantam Gaddam ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] OpenStack (+ Quantum Deployment) Scenarios
Robert, yes, I'm sure in certain configurations and with certain tuning, one can potentially place all services on a single device, and Quantum supports that just fine as well. For the sake of documentation, we wanted to show the case where the two were separated, as this tends to be what we see deployed. Dan On Thu, Nov 8, 2012 at 6:56 PM, Robert Garron robert.gar...@access3000.netwrote: Dan, I see your point about throughput and I/O, but if you have a multi-core server, greater than say 4 cores, and thus likely you would have multiple NICs, 2 or More, your assumptions fall apart about the cpu usage and I/o. For example, using XEN or Qemu or in the older systems where this concept originated - VMS OS (from Digital Equipment Corp. - see Galaxy product and similar) you can assign affinity to CPUs or even dedicate CPU's to tasks or VM's. In addition, using Cisco networking or similar you can dedicated I/O paths, and within a system, you can even dedicated a NIC Card or Port to a path. So the deployment of OpenStack on one physical server or several should not even be a consideration except to the installer and their budget; and whether or not High Availability is a concern. What I think is important is the consistency of the network design, I/O design for multiple VM's and the related load and intended usage of the individual cores of a server. But the most important consistency is having installation guides that work over and over for installations on different hardware and OS's. Myself, if I can get past my current nova and horizon issues, I will then be in a position to contribute in this and many other areas Regards, Robert On 11/8/12 4:06 PM, Skible OpenStack wrote: Thank you Dan for shedding light on this matter. However, there is something concerns me and a lot of other people trying to deploy OpenStack is that most Servers has 2 NICs which creates a problem because your Demo is a great one but the necessary hardware is just not always met ! I have been struggling to find a solution out of it, can you suggest some please ? Le 08/11/2012 21:38, Dan Wendlandt a écrit : Hi, The Quantum Admin Guide indicates that you can choose to combine all services onto a single node, or have separate nodes: http://docs.openstack.org/trunk/openstack-network/admin/content/services.html I will update the text to indicate that that the main reason to use a dedicated network gateway node is if you plan on having VMs send substantial amounts of traffic through that node, and thus would not want that CPU usage to conflict with other openstack services running on your controller node. dan On Thu, Nov 8, 2012 at 11:06 AM, Skible OpenStack skible.openst...@gmail.com wrote: Can someone please enlighten us about the goods of having a separated network node ? I honestly work in production envirnoments (over 30 nodes) and i really give computing resources more credit than networking ones ! Am i doing it the wrong way here ? Le 08/11/2012 18:49, balaji patnala a écrit : Hi Openers, One doubt i have is like, as we see in the demo setup in the Quantum Admin guide available in openstack.org, we have Network Node as a seperate physical node connected to Controller Node and Compute Node. But i see that the openstack community who is actively using Folsom is not discussing more on this kind of setup. Not sure if iam missing any key information on this like that the Network Node setup may not be widely used in current deployment scenarios or it is too early to use Network Node as a seperate physical host for openstack. Open comments on this will be more helpful for openstack community to understand better on the features of folsom. regards, balaji On Thu, Nov 8, 2012 at 7:09 PM, Skible OpenStack skible.openst...@gmail.com wrote: OpenStack Folsom install guidehttps://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/master/OpenStack_Folsom_Install_Guide_WebVersion.rst You will find what you want and even more ;) Le 08/11/2012 14:30, Veera Reddy a écrit : Hi Skible, Can you please send me below configuration files of three setups you have mentioned. - ovs_quantum_plugin.ini (For controller and node) - nova.conf (For controller and node) Thanks in advance Regards, Veera. On Thu, Nov 8, 2012 at 2:57 PM, Skible OpenStack skible.openst...@gmail.com wrote: Hello Stackers ! I am currently trying to create pictures of my OpenStack deployment architecture as a part of my OpenStack Folsom install guidehttps://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/master/OpenStack_Folsom_Install_Guide_WebVersion.rstand i would like to ask a favorite. Could you be kind and please take a look at these Pics below and report back if there is a missing or wrong thing. Thank you. ==Quantum on VLAN + 3 NICs on controller node http://i.imgur.com/Ueh5Z.jpg
Re: [Openstack] how to decide orders of multiple nic
Hi, It would be important to understand if you are using Quantum or traditional nova networking (e.g., Flat/Vlan Managers). Vish's patch is targeted only for traditional nova-networking, but based on this post by you (https://bugs.launchpad.net/quantum/+bug/1077304) it seems like you may be using Quantum. Nic ordering worked with Quantum in Essex, but a bug was introduced in Folsom that broke it. This bug was recently fixed and merged during early grizzly (thanks to mark mcclain from dreamhost), see: https://bugs.launchpad.net/nova/+bug/1064524 . This bug is tagged with folsom-backport-potential, so the team in charge of stable releases for nova should be pulling it into an upcoming folsom release. Dan On Fri, Nov 9, 2012 at 3:38 PM, Vishvananda Ishaya vishvana...@gmail.comwrote: Pardon me, the bottom line should have said, propose it into trunk and backport it (into folsom/stable). So the answer to your question is yes. Vish On Nov 9, 2012, at 3:22 PM, Yi Sun beyo...@gmail.com wrote: Thanks, will these changes ever be added back to the later releases? Yi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] OpenStack (+ Quantum Deployment) Scenarios
Hi, The Quantum Admin Guide indicates that you can choose to combine all services onto a single node, or have separate nodes: http://docs.openstack.org/trunk/openstack-network/admin/content/services.html I will update the text to indicate that that the main reason to use a dedicated network gateway node is if you plan on having VMs send substantial amounts of traffic through that node, and thus would not want that CPU usage to conflict with other openstack services running on your controller node. dan On Thu, Nov 8, 2012 at 11:06 AM, Skible OpenStack skible.openst...@gmail.com wrote: Can someone please enlighten us about the goods of having a separated network node ? I honestly work in production envirnoments (over 30 nodes) and i really give computing resources more credit than networking ones ! Am i doing it the wrong way here ? Le 08/11/2012 18:49, balaji patnala a écrit : Hi Openers, One doubt i have is like, as we see in the demo setup in the Quantum Admin guide available in openstack.org, we have Network Node as a seperate physical node connected to Controller Node and Compute Node. But i see that the openstack community who is actively using Folsom is not discussing more on this kind of setup. Not sure if iam missing any key information on this like that the Network Node setup may not be widely used in current deployment scenarios or it is too early to use Network Node as a seperate physical host for openstack. Open comments on this will be more helpful for openstack community to understand better on the features of folsom. regards, balaji On Thu, Nov 8, 2012 at 7:09 PM, Skible OpenStack skible.openst...@gmail.com wrote: OpenStack Folsom install guidehttps://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/master/OpenStack_Folsom_Install_Guide_WebVersion.rst You will find what you want and even more ;) Le 08/11/2012 14:30, Veera Reddy a écrit : Hi Skible, Can you please send me below configuration files of three setups you have mentioned. - ovs_quantum_plugin.ini (For controller and node) - nova.conf (For controller and node) Thanks in advance Regards, Veera. On Thu, Nov 8, 2012 at 2:57 PM, Skible OpenStack skible.openst...@gmail.com wrote: Hello Stackers ! I am currently trying to create pictures of my OpenStack deployment architecture as a part of my OpenStack Folsom install guidehttps://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/master/OpenStack_Folsom_Install_Guide_WebVersion.rstand i would like to ask a favorite. Could you be kind and please take a look at these Pics below and report back if there is a missing or wrong thing. Thank you. ==Quantum on VLAN + 3 NICs on controller node http://i.imgur.com/Ueh5Z.jpg === ==Quantum on VLAN + 2 NICs on controller node http://i.imgur.com/RK6X7.jpg === ==Quantum on GRE-tunneling + 3 NICs on controller node=== http://i.imgur.com/1jCFC.jpg === To make of OpenStack, the IT project of the century Best regards ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- Regards, VeeraReddy.B 9959236555. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Bug with the openVSwitch plugin Agent !
This is not an issue with the agent. I believe this was handled in another post, which pointed out that 12.10 originally shipped with a version of OVS that did not include tunnel support, but this has since been correctly. See: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1068365 Dan p.s. thanks to rkukura for making sure there was a friendly error message in this case :) On Thu, Nov 8, 2012 at 3:21 AM, Skible OpenStack skible.openst...@gmail.com wrote: Hi to all ! I am using Quantum with Tunneling and this is my /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini [OVS] tenant_network_type = gre tunnel_id_ranges = 1:1000 integration_bridge = br-int tunnel_bridge = br-tun local_ip = 100.10.10.51 enable_tunneling = True When i do look in the log of the openvSwitch plugin agent, i find this 2012-11-08 12:14:23ERROR [quantum.plugins.openvswitch.agent.ovs_quantum_agent] Failed to create OVS patch port. Cannot have tunneling enabled on this agent, since this version of OVS does not support tunnels or patch ports. i am runing ubuntu 12.10 and my OpenVSwitch version is 1.4.3-0ubuntu2 Thank you for your help ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Bug with the openVSwitch plugin Agent !
have you rebooted the device to make sure you're reloaded the new kernel module? On Thu, Nov 8, 2012 at 1:03 PM, Skible OpenStack skible.openst...@gmail.com wrote: Thank you for replying back. I had a bad day because of this problem. I have installed openvswitch-datapath-dkms but it doesn't seem to solve the problem. Le 08/11/2012 21:48, Dan Wendlandt a écrit : This is not an issue with the agent. I believe this was handled in another post, which pointed out that 12.10 originally shipped with a version of OVS that did not include tunnel support, but this has since been correctly. See: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1068365 Dan p.s. thanks to rkukura for making sure there was a friendly error message in this case :) On Thu, Nov 8, 2012 at 3:21 AM, Skible OpenStack skible.openst...@gmail.com wrote: Hi to all ! I am using Quantum with Tunneling and this is my /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini [OVS] tenant_network_type = gre tunnel_id_ranges = 1:1000 integration_bridge = br-int tunnel_bridge = br-tun local_ip = 100.10.10.51 enable_tunneling = True When i do look in the log of the openvSwitch plugin agent, i find this 2012-11-08 12:14:23ERROR [quantum.plugins.openvswitch.agent.ovs_quantum_agent] Failed to create OVS patch port. Cannot have tunneling enabled on this agent, since this version of OVS does not support tunnels or patch ports. i am runing ubuntu 12.10 and my OpenVSwitch version is 1.4.3-0ubuntu2 Thank you for your help ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] no PoT file in Quantum project
Hello, Quantum does not yet support localization in Folsom, but we'd love to have someone work on it. There are already a few people planning on looking at this in Grizzly ( https://blueprints.launchpad.net/quantum/+spec/make-string-localizable), but I'm sure they would welcome help? Dan On Tue, Nov 6, 2012 at 7:21 AM, Ying Chun Guo guoyi...@cn.ibm.com wrote: Hi, I found that there was no PoT file under quantum project and no locale folder in Openstack Folsom stable version. Does quantum support , or have plan to support, any I18N capabilities? If I want to have Folsom to enable I18N, what should I do? Regards Ying Chun Guo (Daisy) China Standards and Open Source Team Emerging Technology Institute (ETI) IBM China Development Lab Tel:(86-10)82453491 Email: guoyi...@cn.ibm.com Address: 1F Tower B, Diamond Building 19 Zhongguancun Software Park, 8 Dongbeiwang West Road, Haidian District, Beijing, P.R.C.100193 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [quantum] Relationship between br-int and physical bridge mapping in OVS plugin
On Sun, Nov 4, 2012 at 9:57 PM, Vinay Bannai vban...@gmail.com wrote: I have a multi node setup. The CC controller doubles up as the quantum server and also has the l3 agent and DHCP. I have configured OVS as my L2 plugin with vlan tunneling. On the compute nodes, I see that in addition to having the integration bridge (br-int) you will also need the ovs physical bridge (br-th1) with the physical ether port eth1 as a member. I am wondering about the relationship between br-int and br-eth1 bridges. Wouldn't it make sense to add eth1 port to the integration mode. you might have quantum networks that use vlans on different on different physical NICs (e.g., eth0 and eth1), so adding each NIC directly to br-int wouldn't make sense. Similarly, you might have some quantum networks that also use tunneling. Hence, all vNICs are just plugged into br-int, and the plugin is responsible for doing the right thing with the traffic. Dan Why have two bridges on the compute node for VMs to talk to other VMs in the same tenancy over the physical network? I am sure I am missing something in my understanding so would appreciate any comments or explanations. Thanks Vinay ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] quantum folsom document
Yong Sheng Gong also did some slides that provide a nice deep-dive on Quantum internals: see the Slides on Technical Architecture of Quantumhttp://wiki.openstack.org/Quantum?action=AttachFiledo=gettarget=quantum-technical-archicture link on http://wiki.openstack.org/Quantum dan On Fri, Nov 2, 2012 at 1:36 AM, Ying Chun Guo guoyi...@cn.ibm.com wrote: Try if this can help: http://docs.openstack.org/developer/quantum/ Daisy openstack-bounces+guoyingc=cn.ibm@lists.launchpad.net wrote on 2012/11/01 22:53:15: Neelakantam Gaddam neelugad...@gmail.com Sent by: openstack-bounces+guoyingc=cn.ibm@lists.launchpad.net 2012/11/01 22:53 To openstack@lists.launchpad.net openstack@lists.launchpad.net, cc Subject [Openstack] quantum folsom document Hi All, Is there any documents/tools to understand the quantum code flows in folsom release? Thanks in advance. -- Thanks Regards Neelakantam Gaddam___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Using Quantum in OpenStack setup
There has been no final decision on whether some or all parts of nova-network will be removed. It will not happen in Grizzly. While Quantum can do many things that nova-network cannot, there are still some use cases that nova-network can do but Quantum cannot. In Grizzly we're working to handle these. Assuming that is achieved, we might consider removing/deprecating some aspects of nova-network in favor of Quantum. At this point, nova-network is frozen in terms of new features, so the cost of maintaining it is relatively low. Dan On Thu, Nov 1, 2012 at 2:25 PM, Ivan Kolodyazhny e...@e0ne.info wrote: I'm not sure when nova-network will be deprecated. At least not in Folsom. It might be in Grizzly. Here is discussion about nova-network vs Quantum https://lists.launchpad.net/openstack/msg16422.html On Thursday, November 1, 2012, Ahmed Al-Mehdi wrote: Do you know if nova-network will go away (eprecated) sometime in the near future? Regards, Ahmed. From: Ivan Kolodyazhny e...@e0ne.info Date: Thursday, November 1, 2012 2:07 PM To: Ahmed Al-Mehdi ah...@coraid.com Cc: openstack@lists.launchpad.net openstack@lists.launchpad.net Subject: Re: [Openstack] Using Quantum in OpenStack setup Quantum is optional component of the OpenStack. You you can use it or nova-network instead. Folsom release doesn't require Quantum. You should use it if nova-network features are not enough for you or you want to use some Quantum plugin for Open vSwitch or plugin supported hardware On Thursday, November 1, 2012, Ahmed Al-Mehdi wrote: I am familiar with that document and reading through it. My question is do I need to install/use it to get a OpenStack up and running or is it optional? Regards, Ahmed. From: Ivan Kolodyazhny e...@e0ne.info Date: Thursday, November 1, 2012 10:35 AM To: Ahmed Al-Mehdi ah...@coraid.com Cc: openstack@lists.launchpad.net openstack@lists.launchpad.net Subject: Re: [Openstack] Using Quantum in OpenStack setup Hello Ahmed, Quantum installation and configuration docs for Ubuntu abd Fedora are available here: http://docs.openstack.org/trunk/openstack-network/admin/content/ch_install.html On Thursday, November 1, 2012, Ahmed Al-Mehdi wrote: Hello, I am following the steps in the document OpenStack Install and Deploy –Ubuntu to setup an openstack environment. I would like to use Quantum for networking. Is there an updated document (even in beta state) or does the same document apply? It's just that I am not seeing a section on Quantum install/configure in this document. Thank you, Ahmed. -- Regards, Ivan Kolodyazhny, Web Developer, http://blog.e0ne.info/, http://notacash.com/, http://kharkivpy.org.ua/ -- Regards, Ivan Kolodyazhny, Web Developer, http://blog.e0ne.info/, http://notacash.com/, http://kharkivpy.org.ua/ -- Regards, Ivan Kolodyazhny, Web Developer, http://blog.e0ne.info/, http://notacash.com/, http://kharkivpy.org.ua/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack-dev] Folsom Quantum Agent :: No such RPC function
I'd suggest posting a diff or pushing your changes to a publicly accessible repo to help people understand the changes you made. On Wed, Oct 31, 2012 at 10:43 AM, Trinath Somanchi trinath.soman...@gmail.com wrote: Hi- Can any one help me troubleshooting this issue... Thanks in advance. - Trinath On Wed, Oct 31, 2012 at 9:16 PM, Trinath Somanchi trinath.soman...@gmail.com wrote: Hi- Please help troubleshoot the issue I have written a fake agent with the study from the dhcp agent. The rpc agent daemon is running with the below errors. But I have missed some bits of information with respect to the rpc communication. In the log, I have the following errors. 2012-10-31 16:14:38 INFO [quantum.agent.fake_compute_agent] Synchronizing state 2012-10-31 16:14:38DEBUG [quantum.openstack.common.rpc.amqp] Making asynchronous call on q-plugin ... 2012-10-31 16:14:38DEBUG [quantum.openstack.common.rpc.amqp] MSG_ID is 28887aedcb4a469199950992e92e5710 2012-10-31 16:14:38DEBUG [amqplib] Closed channel #1 2012-10-31 16:14:38DEBUG [amqplib] using channel_id: 1 2012-10-31 16:14:38DEBUG [amqplib] Channel open 2012-10-31 16:14:38ERROR [quantum.agent.fake_compute_agent] [FakeComputeAgent] Unable to sync network state. Traceback (most recent call last): File /usr/local/lib/python2.7/dist-packages/quantum-2012.2-py2.7.egg/quantum/agent/fake_compute_agent.py, line 91, in sync_state get_host_instances_info = set(self.plugin_rpc.get_host_instances_info()) File /usr/local/lib/python2.7/dist-packages/quantum-2012.2-py2.7.egg/quantum/agent/fake_compute_agent.py, line 131, in get_host_instances_info topic=self.topic) File /usr/local/lib/python2.7/dist-packages/quantum-2012.2-py2.7.egg/quantum/openstack/common/rpc/proxy.py, line 83, in call return rpc.call(context, self._get_topic(topic), msg, timeout) File /usr/local/lib/python2.7/dist-packages/quantum-2012.2-py2.7.egg/quantum/openstack/common/rpc/__init__.py, line 102, in call return _get_impl().call(cfg.CONF, context, topic, msg, timeout) File /usr/local/lib/python2.7/dist-packages/quantum-2012.2-py2.7.egg/quantum/openstack/common/rpc/impl_kombu.py, line 712, in call rpc_amqp.get_connection_pool(conf, Connection)) File /usr/local/lib/python2.7/dist-packages/quantum-2012.2-py2.7.egg/quantum/openstack/common/rpc/amqp.py, line 380, in call rv = list(rv) File /usr/local/lib/python2.7/dist-packages/quantum-2012.2-py2.7.egg/quantum/openstack/common/rpc/amqp.py, line 336, in __iter__ raise result RemoteError: Remote error: AttributeError No such RPC function 'get_host_instances_info' [u'Traceback (most recent call last):\n', u' File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py, line 275, in _process_data\nrval = self.proxy.dispatch(ctxt, version, method, **args)\n', u' File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/dispatcher.py, line 148, in dispatch\nraise AttributeError(No such RPC function \'%s\' % method)\n', uAttributeError: No such RPC function 'get_host_instances_info'\n]. The error is AttributeError No such RPC function 'get_host_instances_info' I have written the method to support the agents method, by following the DHCP agent method get_active_networks. The following files are modified by adding the RPC function method. db/db_base_plugin_v2.py:1268:def _get_host_instances_info(self,context,filters=None,fields=None): db/fakecompute_rpc_base.py:47:def get_host_instances_info(self, context, **kwargs): db/fakecompute_rpc_base.py:50: LOG.debug('[FakeComputeCallbackMixin] get_host_instances_info :: Getting instances info for host %s.', host) db/fakecompute_rpc_base.py:55:return plugin.get_host_instances_info(context, filters=filters) Being a newbee for this code base, Unable to plot what is the BIT that is missing in this rpc communication. Please help me to troubleshoot this issue. Thanks in advance... - Trinath -- Regards, -- Trinath Somanchi, +91 9866 235 130 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Local vlan id number is less than virtual network numbers
this was answered in LP questions: https://answers.launchpad.net/quantum/+question/212613 dan On Thu, Oct 25, 2012 at 2:45 AM, 吉海 thesea1...@gmail.com wrote: Hello, i am a new quantum fun. I have a question about provision local vlan of ovs plugin. Plugin ovs agent can provide 4094 local vlan for local vlan mapping on integration bridge 'br-int'. But each physical network can have a vlan range, it may be 1-4094. If compute node has two physical network. Each physical network vlan range is 1 - 4094. The node supports 4094 * 2 network. Now plugin agent of this node can only provide 4094 local vlan id for mapping physical network segmentation id(physical vlan id). If i create other network more than 4094, it will log error No local VLAN availabel for net-id= . Is it right? ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] quantum: two ips one vif
On Fri, Oct 26, 2012 at 4:12 PM, Carl Bolterstein cbolterst...@blackmesh.com wrote: For the curiosity sake - After some trial and error. It appears we have solved one half of our conundrum. Using the driver below, there is no ip data inserted into libvirt.xml which allows any ip to be used. It works for our uses (HA vip services, secondary addresses). libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtOpenVswitchVirtualPortDriver yes, the docs here (http://docs.openstack.org/trunk/openstack-network/admin/content/nova_with_quantum_vifplugging_ovs.html) talk about using the hybrid driver if you care about security groups. We should expand it to also mention that this applies for spoof-prevention as well. This however does not prevent quantum from assigning a used IP to a new port, but working on that. Would be great if you can provide more detail there. Dan Carl Bolterstein -Original Message- From: openstack-bounces+cbolterstein=blackmesh@lists.launchpad.net [mailto:openstack-bounces+cbolterstein=blackmesh@lists.launchpad.net] On Behalf Of Jason Kölker Sent: Tuesday, October 23, 2012 6:38 PM To: openstack@lists.launchpad.net Subject: Re: [Openstack] quantum: two ips one vif On Tue, 2012-10-23 at 15:14 -0700, Dan Wendlandt wrote: can you post your libvirt xml for the VM? It maybe well be libvirt filtering if you are using the OVS Hybrid vif driver: for example, a VM would have xml like: filterref filter='nova-instance-instance-0001-fa163e0569ba' parameter name='DHCPSERVER' value='10.0.0.2'/ parameter name='IP' value='10.0.0.3'/ parameter name='PROJMASK' value='255.255.0.0'/ parameter name='PROJNET' value='10.0.0.0'/ /filterref I'm not sure what the nova code would generate for multiple IPs. Libvirt's driver only supports 1 ip per interface. It needs to be updated to use the newer network models and not depend on the code in nova.virt.netutils.get_injected_network_template. Happy Hacking! 7-11 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] How to commucation vms in multi nodes using quantum?
On Tue, Oct 23, 2012 at 10:56 PM, livemoon mwjpi...@gmail.com wrote: Dan: Thank you for your help. If the server have three nics, which one will be used as port of br-int. I must know how br-int work between two machines, and then I can make the physical interface which br-int use to one switch If you are using tunneling, the traffic will exit out the NIC based on your physical server's routing table and the destination IP of the tunnel. For example, if your physical server is tunneling a packet to a VM on a physical server with IP W.X.Y.Z, the packet will leave whatever NIC has the route to reach W.X.Y.Z . Dan On Wed, Oct 24, 2012 at 11:52 AM, Dan Wendlandt d...@nicira.com wrote: all you need to do is create a bridge named br-int, which is what the linux devices representing the vm nics will be plugged into. since you are using tunneling, there is no need to create a br-ethX and add a physical interface to it. dan p.s. btw, your config looks like its using database polling, which is not preferred. I'd suggest you use the default config, which uses RPC communication between agents and the main quantum-server process On Tue, Oct 23, 2012 at 8:44 PM, livemoon mwjpi...@gmail.com wrote: I know in one node,vm can work well. I want to know in multi nodes, do I need to create a br-ethX, and port the physical interface to it? how to do that in configuration? On Wed, Oct 24, 2012 at 11:36 AM, 刘家军 iam...@gmail.com wrote: you just need to create one or more networks and specify which network to use when booting vm. 2012/10/24 livemoon mwjpi...@gmail.com Hi, I use quantum as network. A question is if there are multi nodes, how to config to make vms communicate with each other in the same subnet. I use openvswitch as my plugin. And my setting is blow: [DATABASE] sql_connection = mysql://quantum:openstack@172.16.1.1:3306/quantum reconnect_interval = 2 [OVS] tenant_network_type = gre tunnel_id_ranges = 1:1000 integration_bridge = br-int tunnel_bridge = br-tun local_ip = 172.16.1.2 enable_tunneling = True [AGENT] polling_interval = 2 root_helper = sudo /usr/bin/quantum-rootwrap /etc/quantum/rootwrap.conf -- 非淡薄无以明志,非宁静无以致远 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- 刘家军@ljjjustin -- 非淡薄无以明志,非宁静无以致远 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- 非淡薄无以明志,非宁静无以致远 -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] How to commucation vms in multi nodes using quantum?
On Wed, Oct 24, 2012 at 3:22 AM, Gary Kotton gkot...@redhat.com wrote: Hi, In addition to Dan's comments you can also take a look at the following link http://wiki.openstack.org/ConfigureOpenvswitch. Is there any content on that wiki page that is not yet in the quantum admin guide: http://docs.openstack.org/trunk/openstack-network/admin/content/? If so, we should file a bug to make sure it ends up in the admin guide and that the wiki page is deleted so there is exactly one place where we direct people and we avoid stale content. Bob is probably best to answer that question. Dan Thanks Gary On 10/24/2012 08:21 AM, livemoon wrote: Thanks Dan On Wed, Oct 24, 2012 at 2:15 PM, Dan Wendlandt d...@nicira.com wrote: On Tue, Oct 23, 2012 at 10:56 PM, livemoon mwjpi...@gmail.com wrote: Dan: Thank you for your help. If the server have three nics, which one will be used as port of br-int. I must know how br-int work between two machines, and then I can make the physical interface which br-int use to one switch If you are using tunneling, the traffic will exit out the NIC based on your physical server's routing table and the destination IP of the tunnel. For example, if your physical server is tunneling a packet to a VM on a physical server with IP W.X.Y.Z, the packet will leave whatever NIC has the route to reach W.X.Y.Z . Dan On Wed, Oct 24, 2012 at 11:52 AM, Dan Wendlandt d...@nicira.com wrote: all you need to do is create a bridge named br-int, which is what the linux devices representing the vm nics will be plugged into. since you are using tunneling, there is no need to create a br-ethX and add a physical interface to it. dan p.s. btw, your config looks like its using database polling, which is not preferred. I'd suggest you use the default config, which uses RPC communication between agents and the main quantum-server process On Tue, Oct 23, 2012 at 8:44 PM, livemoon mwjpi...@gmail.com wrote: I know in one node,vm can work well. I want to know in multi nodes, do I need to create a br-ethX, and port the physical interface to it? how to do that in configuration? On Wed, Oct 24, 2012 at 11:36 AM, 刘家军 iam...@gmail.com wrote: you just need to create one or more networks and specify which network to use when booting vm. 2012/10/24 livemoon mwjpi...@gmail.com Hi, I use quantum as network. A question is if there are multi nodes, how to config to make vms communicate with each other in the same subnet. I use openvswitch as my plugin. And my setting is blow: [DATABASE] sql_connection = mysql://quantum:openstack@172.16.1.1:3306/quantum reconnect_interval = 2 [OVS] tenant_network_type = gre tunnel_id_ranges = 1:1000 integration_bridge = br-int tunnel_bridge = br-tun local_ip = 172.16.1.2 enable_tunneling = True [AGENT] polling_interval = 2 root_helper = sudo /usr/bin/quantum-rootwrap /etc/quantum/rootwrap.conf -- 非淡薄无以明志,非宁静无以致远 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- 刘家军@ljjjustin -- 非淡薄无以明志,非宁静无以致远 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- 非淡薄无以明志,非宁静无以致远 -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- Blog Site: livemoon.org Twitter: mwjpiero 非淡薄无以明志,非宁静无以致远 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum Floating IPs
On Wed, Oct 24, 2012 at 8:06 AM, Mohammad Banikazemi m...@us.ibm.com wrote: Using Quantum (Folsom) I have a weird situation. I can ping the outside world from my VMs only after I assign a floating IP address to them. In other words, I cannot ping the outside world by just setting up the quantum router and without using floating IP addresses. The other issue, is that after assigning floating IPs I still cannot ping the VM from outside. I can provide more information about my setup but thought I might be missing something simple here and people may have seen the same problem. Thanks. I haven't seen anything like this, so best to create a LP question with your config and setup info. dan ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] quantum: two ips one vif
+--+--++-+ | ID | Name | Status | Networks | +--+--++-+ | 10afbdc8-1ded-4a90-bbe4-0b245776a408 | vm1 | BUILD | net1=10.0.0.3, 20.0.0.3 | +--+--++-+ On Mon, Oct 22, 2012 at 7:09 PM, Jason Ford ja...@chatinara.com wrote: Stackers, I am testing out quantum with vlans using a hardware based firewall as a gateway. I am using openvswitch with the quantum openvswitch agent and nova-compute running on the compute node. I also have one management node with everything else on it. I am able to spin up a vm and assign an ip address via dhcp to my instance. It shows up in quantum port-list as well as quantum net-list and is able to route traffic in and out of my vlan'd network. I have a requirement to assign another fixed IP (not floating) from a new vlan to the same virtual interface on the instance. When I create another subnet in quantum, that works. How do I assign an ip address from the new subnet to the same openvswitch port via quantum? jason ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] quantum create_net- creates network for non-existing tenant also.
On Thu, Oct 18, 2012 at 6:08 AM, gong yong sheng gong...@linux.vnet.ibm.com wrote: Yes, it does work. the quantum will not check if the tenant id specified is in keystone or other Auth system. Yes, though this is only true for the Essex release of quantum, as the quantum API was only used by nova, not directly by tenants, in that release. This all changed in Folsom :) dan On 10/18/2012 04:25 AM, Raja Gajju wrote: Hi, Many thanks for your reply. But we are using Quantum CLIs V1.0 and we are having Quantum V1.0 only in our set up. So, these CLIs should work for the corresponding Quantum version. Regards, Girija Sharan Singh From: gong yong sheng gong...@linux.vnet.ibm.com To: Raja Gajju gajjur...@yahoo.com Cc: openstack@lists.launchpad.net openstack@lists.launchpad.net; mahesh.kur...@oneconvergence.com mahesh.kur...@oneconvergence.com; shyam.tod...@oneconvergence.com shyam.tod...@oneconvergence.com Sent: Thursday, 18 October 2012 12:35 AM Subject: Re: [Openstack] quantum create_net- creates network for non-existing tenant also. It seems that you are using quantum cli v1.0, which is not supported in new quantum version v2.0 API. Are u using quantum v1.x, right? On 10/16/2012 10:39 AM, Raja Gajju wrote: Hi All, I am testing the Quantum CLIs in my set up. When I am creating a new network using create_net CLI for an non-existing tenant, it is showing successful creation. It should not do so. It is something unexpected. And again when I am doing list_nets it is showing that network under the specified non-existing tenant. Here is the snippet of the commans and their results : --- ~/devstack$ quantum create_net hjbddsbfikeoqjroijmfgvkmgfv fake_net Created a new Virtual Network with ID: f3b1d829-009d-45b5-9108-01722539135e for Tenant: hjbddsbfikeoqjroijmfgvkmgfv ~/devstack$ quantum list_nets hjbddsbfikeoqjroijmfgvkmgfv Virtual Networks for Tenant hjbddsbfikeoqjroijmfgvkmgfv Network ID: f3b1d829-009d-45b5-9108-01722539135e --- Any effort to explain this inconsistency issue will be highly appreciated. Many thanks in advance. Thanks and Regards, Girija Sharan Singh ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum OVS Agent as service
It sounds like your config file is saying that you have an OVS bridge named br-eth1, but it looks like you do not. Did you intend to do this, or is this a config copied from somewhere else? If you actually intended to use VLANs that send traffic out eth1, you can do the following: # create bridge ovs-vsctl add-br br-eth1 # add eth1 as a port on this bridge ovs-vsctl add-port br-eth1 eth1 dan On Wed, Oct 17, 2012 at 1:53 AM, Srikanth Kumar Lingala srikanthkumar.ling...@gmail.com wrote: Hi all, If we run Quantum OVS Agent as a service ... 'service quantum-plugin-openvswitch-agent start', it is unable to start the agent. It is throwing the following error to '/var/log/quantum/agent-ovs.log' Stderr: 'Device br-eth1 does not exist.\n' 2012-10-16 12:48:10ERROR [quantum.plugins.openvswitch.agent.ovs_quantum_agent] Bridge br-eth1 for physical network default does not exist if we run the agent manually like the following command, it is able to start: /usr/bin/quantum-openvswitch-agent -- --config-file=/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini --log-file=/var/log/quantum/agent-ovs.log --config-file=/etc/quantum/quantum.conf Please suggest. -- Srikanth. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] metadata api with Quantum and provider networks
On Wed, Oct 10, 2012 at 8:57 AM, Jānis Ģeņģeris janis.genge...@gmail.com wrote: Hi, Thanks for you patience Dan answering all the questions, I have solved all the issues and got the thing working. I could possibly add some content to the Quantum docs about my experience, who should I contant in this regard? woohoo, I love it when people volunteer to improve the docs :) Anne and Diane are the primary docs team leaders for quantum docs. If you have only small changes, its probably easy to just create a bug in https://bugs.launchpad.net/openstack-manuals, tag it with 'quantum', and then write new text you would suggest, where it should be inserted, and then someone from the docs team can implement the suggested change. If you want to make more complex changes, you could use git to checkout the doc source, and submit changes for review yourself. See: http://wiki.openstack.org/Documentation/HowTo Dan Regards, --janis -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] metadata api with Quantum and provider networks
On Mon, Oct 8, 2012 at 7:52 AM, Jānis Ģeņģeris janis.genge...@gmail.com wrote: Hello, When using provider networks in Quantum, where should the metadata service rule mapping (e.g. 169.254.169.254:80 - metadata_server:metadata_port) must be set? For example, for floating IPs l3-agent handles this, but for provider networks router is not used. I tried to set custom iptables rule for this, but have a hard time understanding where to set it, as there is openvswitch and namespaces. I'm using provider network configuration with VLANs. You actually could use the Quantum L3 router as your gateway even if VMs are on a provider network, but I suspect your question is actually more along the lines of: if I want my gateway to be a physical router not managed by Quantum, how do I does the DNAT rule for metadata get applied? In this case, you need to apply the DNAT rule manually to the physical router, which I believe is the same as if you were using flat networking with Nova with a physical router. There may also be a more complex solution achievable via quantum in which the provider creates a quantum router with an interface on the provider network, VMs are each given a host route to route traffic destined for 169.254.169.254/32 to this quantum router IP, rather than the physical default gateway, and this quantum router performs the DNAT. However, its probably much easier to just apply this rule to your physical router. Dan Regards, --janis ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Is it possible to have several floating IPs per VM?
On Fri, Oct 5, 2012 at 4:32 AM, Heinonen, Johanna (NSN - FI/Espoo) johanna.heino...@nsn.com wrote: Hi, I was reading Quantum admin guide (folsom release). There was use case “per-tenant routers with private networks”. In this example all floating IPs were from the same subnet (30.0.0.0/22). I was wondering whether it is possible to have several floating IP subnets and could one VM have floating IP from all of those? (If I have an application that must be reachable from internet via two different interfaces with two different IP addresses, can I do it with Quantum?) Not right now. With Quantum, a router can only uplink to a single external network, and you can have at most one floating IP per external network (otherwise we could not unambiguously apply the policy of SNAT-ing VM initiated connections to the floating IP). In Grizzly, we're planning on making router uplinks more sophisticated, which will include not only the ability to uplink to multiple networks with floating IPs, but also uplink to other types of connectivity, such as an external VPN. I'll update the admin guide to make this clear. Dan Best regards, Johanna ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum network configurations for individual VMs
Hi Janis, On Thu, Sep 27, 2012 at 3:20 PM, Jānis Ģeņģeris janis.genge...@gmail.com wrote: Hello, What are the limitations that can be done with quantum related to NIC configuration for individual VMs? For example, is it possible to have multiple floating IPs and multiple fixed IPs assigned to the same VM (the IPs might come from the same and/or different subnets)? The spec for all core APIs is complete and available here: http://docs.openstack.org/api/openstack-network/2.0/content/index.html . Quantum ports have a list of fixed_ips (http://docs.openstack.org/api/openstack-network/2.0/content/Show_port.html), meaning that multiple IPs are supported. The floating IP stuff is actually an extension, not part of the core API for folsom. We're still adding content for extensions to the guide (I think its under review right now... should be available early next week). Right now the code actually limits each port to having a single floating IP, but in reality, the you should probably be able to have a different floating IP for each fixed_ip on the port, and in fact, a different floating-ip from each external network for each fixed IP on the port (having multiple floating-IPs from the same external network for a single fixed IP would lead to ambiguity when SNATing connections). I've filed this bug to track the appropriate code changes: https://bugs.launchpad.net/quantum/+bug/1057844 . The change is very simple, and so should be easy to pull into a stable/folsom release. How much does it depend on the chosen hypervisor? None of the Quantum logic depends on the hypervisor. What really matters is the method for how you choose to inject IP addresses into the VM. The main methods I'm aware of are filesystem injection by nova, DHCP injection, or using some type of agent. Filesystem injection in particular may be hypervisor-specific. Quantum documentation is quite recent and is still full of 'TBD', but in the current version there is nothing about the features/limitations Quantum brings to the individual VM instance network configuration in comparison to legacy nova-network. Most of the TBD's were filled in by some commits that landed yesterday, but given the large amount of new functionality in Quantum during Folsom, there will definitely be some doc gaps that we need users to help us identify. I'd encourage you to file doc bugs here (https://bugs.launchpad.net/openstack-manuals) to make sure these gaps are brought to the attention of our great docs team. Dan Regards, --janis ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] instance metadata timeout
Hi Naveen, There are probably a couple of things going on here. 1) When using quantum, the L3 forwarding + NAT are actually handled by the quantum-l3-agent, not nova-network (in fact you shouldn't run nova-network at all when you're using Quantum in Folsom). You should make sure the l3_agent.ini have metadata_ip and metadata_port configured to map to your nova-api server and port. 2) The quantum-l3-agent supports the creation of many routers each with potentially overlapping IPs on a single linux host using network namespaces. This is the default configuration, but it creates several complications when working with nova's metadata server, which assumes a pretty simple network model with a single router. quantum-l3-agent can run in a mode more akin to nova's L3 model by disabling namespace setting use_namespaces=False in the l3_agent.ini . Beware that doing so will mean all configuration of routes done by the quantum-l3-agent will affect data forwarding for the entire host (i.e., it may steal your default route). Running quantum-l3-agent with namespaces disabled and running nova-api on the same host should map to the more traditional nova-network setup. Are you using devstack? If so, I think there are some changes we should make to devstack to make it easier to use Quantum in a fashion that maps to traditional nova networking for L3 + NAT. I've heard others mention that they are confused about why the default Quantum setup does not let them SSH directly to VMs via their fixed IPs, and the use of namespaces is the root cause for this as well. Will post a possible patch for this soon. Dan On Wed, Sep 12, 2012 at 12:02 PM, Naveen Joy (najoy) na...@cisco.com wrote: Hi All, My instances are timing out while obtaining their meta-data. They are being spawned on the same controller node in which I am running nova-network and nova-api services. The networks are being provisioned through the Quantum V2 API. I have enabled meta-data in my nova.conf. Any thoughts on how to resolve this issue?. Thanks / cloud-setup: checking http://169.254.169.254/2009-04-04/meta-data/instance-id wget: can't connect to remote host (169.254.169.254): Connection timed out cloud-setup: failed 1/30: up 1.27. request failed wget: can't connect to remote host (169.254.169.254): Connection timed out cloud-setup: failed 2/30: up 191.69. request failed wget: can't connect to remote host (169.254.169.254): Connection timed out cloud-setup: failed 3/30: up 382.15. request failed wget: can't connect to remote host (169.254.169.254): Connection timed out cloud-setup: failed 4/30: up 572.61. request failed wget: can't connect to remote host (169.254.169.254): Connection timed out cloud-setup: failed 5/30: up 763.08. request failed wget: can't connect to remote host (169.254.169.254): Connection timed out cloud-setup: failed 6/30: up 953.54. request failed sudo grep -i metadata /etc/nova/nova.conf enabled_apis=ec2,osapi_compute,osapi_volume,metadata metadata_host=$my_ip (StrOpt) the ip for the metadata api server metadata_port=8775 (IntOpt) the port for the metadata api port # quota_metadata_items=128 (IntOpt) number of metadata items allowed per instance metadata_manager=nova.api.manager.MetadataManager (StrOpt) OpenStack metadata service manager metadata_listen=0.0.0.0 (StrOpt) IP address for metadata api to listen metadata_listen_port=8775 (IntOpt) port for metadata api to listen # metadata_workers=0 (IntOpt) Number of workers for metadata API ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] ERROR in ‘/var/log/quantum/agent-dhcp.log’ for FOLSOM-3
Does the quantum.conf on the host that the dhcp agent is running on point to a valid rabbit_host and have a valid user/password for that rabbit host? Dan On Mon, Sep 17, 2012 at 4:29 AM, balaji patnala patnala...@gmail.com wrote: Hi, I'm using Folsom Testing Packages on Ubuntu 12.04., Quantum V2 with OVS Plugin Agent running. I am getting the following error for every 30 secs in ‘/var/log/quantum/agent-dhcp.log’ in the Openstack Controller: 2012-09-17 12:25:12ERROR [quantum.agent.dhcp_agent] Unable to sync network state. Traceback (most recent call last): File /usr/lib/python2.7/dist-packages/quantum/agent/dhcp_agent.py, line 112, in sync_state active_networks = set(self.plugin_rpc.get_active_networks()) File /usr/lib/python2.7/dist-packages/quantum/agent/dhcp_agent.py, line 260, in get_active_networks topic=self.topic) File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/proxy.py, line 80, in call return rpc.call(context, self._get_topic(topic), msg, timeout) File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/__init__.py, line 102, in call return _get_impl().call(cfg.CONF, context, topic, msg, timeout) File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py, line 712, in call rpc_amqp.get_connection_pool(conf, Connection)) File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py, line 368, in call rv = list(rv) File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py, line 329, in __iter__ self.done() File /usr/lib/python2.7/contextlib.py, line 24, in __exit__ self.gen.next() File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py, line 326, in __iter__ self._iterator.next() File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py, line 595, in iterconsume yield self.ensure(_error_callback, _consume) File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py, line 526, in ensure error_callback(e) File /usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py, line 576, in _error_callback raise rpc_common.Timeout() Timeout: Timeout while waiting on RPC response. Can anybody help me on this -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum, Horizon, and IPs
On Tue, Sep 11, 2012 at 12:50 PM, Joe Topjian joe.topj...@cybera.ca wrote: Hello, Regarding a bug currently being worked on (https://bugs.launchpad.net/horizon/+bug/1040956), I'd like clarification on some of the comments. It sounds like the bug will not fully be fixed until Grizzly. Until then, the api is returning an empty list for a few functions. From reading Dan's last comment, it sounds as though end-users will not be able to allocate a floating IP to their project via Horizon? Given that, will they will not be able to associate floating IPs to instances, either? Horizon support for Quantum in Folsom is limits to the core L2 networks + IP address management aspects of Quantum. Quantum itself didn't add support for L3 and Floating IPs didn't land until extremely late in Folsom, so its not Horizon's fault that this is not supported. If this is true, what will the recommended tool / commands be for end-users to manage floating IPs for themselves? quantum has its own set of floatingip commands that will be available to tenants: floatingip-associate Create a mapping between a floating ip and a fixed ip. floatingip-create Create a floating ip for a given tenant. floatingip-delete Delete a given floating ip. floatingip-disassociateRemove a mapping from a floating ip to a fixed ip. floatingip-listList floating ips that belong to a given tenant. floatingip-showShow information of a given floating ip. Networks that support floating ips can be identified by searching for networks where router:external=True . We haven't yet added a convenient CLI command for that, but you can do: quantum network-list -- --router:external=True This will be covered in the Quantum admin guide. Early in Grizzly we'll also probably work on a mechanism for proxying Nova floatingip API calls to Quantum floating IP calls. Dan Thanks, Joe -- Joe Topjian Systems Administrator Cybera Inc. www.cybera.ca Big data is coming to Canada. Join the welcome wagon. Cyber Summit 2012 October 1-3, Banff www.cybera.ca/summit2012 Cybera is a not-for-profit organization that works to spur and support innovation, for the economic benefit of Alberta, through the use of cyberinfrastructure. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum -. Multi-Plugin and support for provisioning of other devices.
Yes, Tim is correct that we expect to discuss load-balancing capabilities at the Grizzly summit. This is a topic for discussion at the summit, but I expect that it will be possible to run many different types of load balancers independent of your choice of the core L2/L3 plugin you're using to run Quantum (perhaps this is what you're getting at with mentioning 'multi-plugins'). As far as storage devices that require network access, I suspect that would more be under the purview of something like Cinder, which may need to integrate with Quantum (similar to Nova's integration with Quantum) if the goal is to plug storage devices into networks directly. Dan On Sun, Sep 9, 2012 at 10:56 PM, Tim Bell tim.b...@cern.ch wrote: There has been some load balancing discussion and more is due at the summit. The various current activities are summarised in http://wiki.openstack.org/Quantum/LBaaS Can you explain what you mean by storage devices with respect to Quantum ? The storage activities are underway as part of Cinder. Tim From: openstack-bounces+tim.bell=cern...@lists.launchpad.net [mailto:openstack-bounces+tim.bell=cern...@lists.launchpad.net] On Behalf Of Endre Karlson Sent: 09 September 2012 19:57 To: openstack@lists.launchpad.net Subject: [Openstack] Quantum -. Multi-Plugin and support for provisioning of other devices. Hi, I am wondering if there are any community plans to support to use Quantum to provision up interfaces on other devices in areas of say LoadBalancers, Storage devices etc and if there are plans to support multi-active plugins in Quantum for this? Is there a timeframe maybe? Endre. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum features in the folsom release
On Mon, Sep 10, 2012 at 11:07 AM, Bilel Msekni ski...@hotmail.fr wrote: Hi Stackers, Can someone here help me out by detailing the new Quantum features that will be available in the Folsom release. Even a link or anything could help ! i can't seem to find any proper documentation and i have to persuade my boss about the potentials of Quantum :) Hi Bilel, Don't worry, the Quantum team is working hard on docs for Folsom as we speak. At an extremely high-level, the two main things that Quantum provides are: 1) A rich tenant-facing API for defining networks. This let's tenants create rich network topologies, including multiple private networks, multi-tier web applications, etc. and choose which IP subnets are used on these networks (this even works if two tenants decide to use the same subnet). 2) Quantum has pluggable backends that allow cloud operators to use more advanced network technologies on the back-end. For example, you can use Open vSwitch tunneling to avoid limitations around VLANs or take advantage of a plugin that is aware of advanced hardware capabilities. The Quantum Admin Guide is still in draft form and we're hoping to have a publicly consumable draft near the end of this week. That should provide the additional details about specific capabilities. Dan Thanks ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack-dev] Quantum vs. Nova-network in Folsom
On Fri, Sep 7, 2012 at 8:36 AM, rohon mathieu mathieu.ro...@gmail.com wrote: great work thanks; As you said the main missing feature of quantum is the multi-host L3-agent. So I wonder if we can combine nova-network and quantum in a way that nova-network is only used for L3 features? I agree that it would be great if there was a simple work around like that, but I think the core of the problem is the multi_host logic in nova-network is closely tied to the IP Address Management (IPAM) logic in nova. Quantum has its own IPAM logic, as it supports more advanced scenarios like overlapping IP addresses on different networks. As a result, I think trying to get the nova-network multi_host logic working with Quantum would be on the same order of difficultly has getting a multi_host equivalent working in Quantum. I don't think its fundamentally hard, we just need to be spending our current Quantum cycles on testing, bug fixing, and documentation and so had to drop this feature for the Folsom release. Dan On Thu, Sep 6, 2012 at 6:29 PM, Dan Wendlandt d...@nicira.com wrote: On Thu, Sep 6, 2012 at 12:50 AM, rohon mathieu mathieu.ro...@gmail.com wrote: There is still the security filtering issue (https://blueprints.launchpad.net/quantum/+spec/ovs-security-filtering) which prevent some cloud operator from using OVS. Do you have a workaround to use security group with OVS in folsom? Yes, it merged into Nova yesterday. https://bugs.launchpad.net/quantum/+bug/1039400 We're still working on the new Quantum docs for Folsom, but if you're already familiar with using Quantum + Nova, the key difference is that you use should a libvirt vif-plugging config of LibvirtHybridOVSBridgeDriver, rather than just LibvirtOpenVswitchDriver . Dan On Wed, Sep 5, 2012 at 7:01 PM, Dan Wendlandt d...@nicira.com wrote: On Wed, Sep 5, 2012 at 5:23 AM, andi abes andi.a...@gmail.com wrote: late to the party... but I'll dabble. On Mon, Aug 27, 2012 at 12:21 PM, Chris Wright chr...@sous-sol.org wrote: * rob_hirschf...@dell.com (rob_hirschf...@dell.com) wrote: We've been discussing using Open vSwitch as the basis for non-Quantum Nova Networking deployments in Folsom. While not Quantum, it feels like we're bringing Nova Networking a step closer to some of the core technologies that Quantum uses. To what end? OVS provides much more robust monitoring and operational facilities (e.g sFlow monitoring, better switch table visibility etc). You won't find any disagreement from me about OVS having more advanced capabilities :) It also provides a linux-bridge compatibility layer (ovs-brcompatd [1]), which should work out-of-box with the linux-bridge. As such, switching to using OVS rather than the linux bridge could be done without any code changes to nova, just deployment changes (e.g. ensure that ovs-brcompatd is running to intercept brctl ioctl's - [2]). Using ovs-brcompatd would be possible, though some distros do not package and run it by default and in general it is not the preferred way to run things according to email on the OVS mailing list. For the more adventurous, there could be any number of interesting scenarios enabled by having access to ovs capabilities (e.g. tunneling) Tunneling is definitely a huge benefit of OVS, but you still need someone to setup the tunnels and direct packets into them correctly. That's is exactly what the Quantum OVS plugin does and it is completely open source and freely available, so if people want to experiment with OVS tunneling, using Quantum would seem like the obvious way to do this. Dan -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net
Re: [Openstack] [openstack-dev] Quantum vs. Nova-network in Folsom
Hi Syd, On Fri, Sep 7, 2012 at 10:34 AM, Syd (Sydney) Logan slo...@broadcom.com wrote: I'm I correct in believing that the Quantum L3 Abstractions and API Framework (https://blueprints.launchpad.net/quantum/+spec/quantum-l3-api) is the current plan of record for bringing L2toL3 functionality (e.g., VXLAN/NVGRE) into Quantum? Several Quantum plugins already have L3-over-L3 overlay tunneling capability to provide private L2 tenant networks without VLANs. These plugins include the Open vSwitch plugin (completely free/open source) and the Nicira NVP plugin (commercial). I suspect others will add this capability as well in the future, and in general its a great example of the new network technologies that Quantum enables. The blueprint above is actually complete and merged, but is actually about letting tenants define routers that connect multiple L2 Quantum networks (e.g., to make multi-tier web applications). These routers can also provide access to external networks and implement floating IPs. We're still wrapping up the Folsom Quantum docs, but hopefully this capability will be more clear soon. Thanks, Dan Is anyone signed up to do this or has this blueprint been deprecated in favor of some other approach? Thanks, syd -Original Message- From: openstack-bounces+slogan=broadcom@lists.launchpad.net [mailto:openstack-bounces+slogan=broadcom@lists.launchpad.net] On Behalf Of Dan Wendlandt Sent: Friday, September 07, 2012 9:57 AM To: OpenStack Development Mailing List Cc: openstack-operat...@lists.openstack.org; andi abes; openstack@lists.launchpad.net Subject: Re: [Openstack] [openstack-dev] Quantum vs. Nova-network in Folsom On Fri, Sep 7, 2012 at 8:36 AM, rohon mathieu mathieu.ro...@gmail.com wrote: great work thanks; As you said the main missing feature of quantum is the multi-host L3-agent. So I wonder if we can combine nova-network and quantum in a way that nova-network is only used for L3 features? I agree that it would be great if there was a simple work around like that, but I think the core of the problem is the multi_host logic in nova-network is closely tied to the IP Address Management (IPAM) logic in nova. Quantum has its own IPAM logic, as it supports more advanced scenarios like overlapping IP addresses on different networks. As a result, I think trying to get the nova-network multi_host logic working with Quantum would be on the same order of difficultly has getting a multi_host equivalent working in Quantum. I don't think its fundamentally hard, we just need to be spending our current Quantum cycles on testing, bug fixing, and documentation and so had to drop this feature for the Folsom release. Dan On Thu, Sep 6, 2012 at 6:29 PM, Dan Wendlandt d...@nicira.com wrote: On Thu, Sep 6, 2012 at 12:50 AM, rohon mathieu mathieu.ro...@gmail.com wrote: There is still the security filtering issue (https://blueprints.launchpad.net/quantum/+spec/ovs-security-filtering) which prevent some cloud operator from using OVS. Do you have a workaround to use security group with OVS in folsom? Yes, it merged into Nova yesterday. https://bugs.launchpad.net/quantum/+bug/1039400 We're still working on the new Quantum docs for Folsom, but if you're already familiar with using Quantum + Nova, the key difference is that you use should a libvirt vif-plugging config of LibvirtHybridOVSBridgeDriver, rather than just LibvirtOpenVswitchDriver . Dan On Wed, Sep 5, 2012 at 7:01 PM, Dan Wendlandt d...@nicira.com wrote: On Wed, Sep 5, 2012 at 5:23 AM, andi abes andi.a...@gmail.com wrote: late to the party... but I'll dabble. On Mon, Aug 27, 2012 at 12:21 PM, Chris Wright chr...@sous-sol.org wrote: * rob_hirschf...@dell.com (rob_hirschf...@dell.com) wrote: We've been discussing using Open vSwitch as the basis for non-Quantum Nova Networking deployments in Folsom. While not Quantum, it feels like we're bringing Nova Networking a step closer to some of the core technologies that Quantum uses. To what end? OVS provides much more robust monitoring and operational facilities (e.g sFlow monitoring, better switch table visibility etc). You won't find any disagreement from me about OVS having more advanced capabilities :) It also provides a linux-bridge compatibility layer (ovs-brcompatd [1]), which should work out-of-box with the linux-bridge. As such, switching to using OVS rather than the linux bridge could be done without any code changes to nova, just deployment changes (e.g. ensure that ovs-brcompatd is running to intercept brctl ioctl's - [2]). Using ovs-brcompatd would be possible, though some distros do not package and run it by default and in general it is not the preferred way to run things according to email on the OVS mailing list. For the more adventurous, there could be any number of interesting scenarios enabled
Re: [Openstack] Quantum PTL election - please check Voters list
I must admit even I was unaware of the requirement to be a individual foundation member in order to vote in PTL elections (I personally happen to be a member already). There are definitely at least a few people on the list below that I feel should be able to vote but can't, including two core members, Sumit and Aaron. The summary for the elections process that I saw sent to the list (see below) said nothing about foundation membership, and said that the process is mostly the same used in past PTL/PPB elections, which clearly did not have a foundation requirement because the foundation didn't exist. This is not the end of the world, but I'm guessing both Gary and I would both feel better if people had a chance to revisit their foundation status. Is there anything we can do about this? Dan From Thierry's email: TL;DR summary: * The election process is mostly the same used in past PTL/PPB elections * Only active technical contributors get to vote in these elections (see wiki for details) * We'll run the PTL elections first: nominations between Aug 30 and Sep 5, voting between Sep 7 and Sep 13 * We'll run the TC directly-elected seats election next: nominations between Sep 13 and Sep 19, voting between Sep 21 and Sep 27 * Candidates will publicly nominate themselves by email to this list and get publicly confirmed by one of the election officials On Thu, Sep 6, 2012 at 3:27 AM, Thierry Carrez thie...@openstack.org wrote: Hello everyone, The deadline for candidacy to PTL positions is now expired. We have two candidates for the Quantum PTL position, so we'll hold an election for that, starting tomorrow. The voters for this election are individual members of the foundation that committed any code to the Quantum core project in the year before August 29 2012, 23:59 PST. To build that list the election officials had to correlate the list of committers (extracted from Gerrit info) with the current individual members of the foundation. Given that names and email addresses often don't match, we may have missed some. Therefore we provide the list of voters ahead from the election start so that everyone can check its accuracy. The list of confirmed voters follows, with their Launchpad ID and name. Note that we'll use the address registered with the Foundation membership for the election. oldsharp (Ray Chen) psiwczak (Piotr Siwczak) rkukura (Bob Kukura) rsokolkov (rsokolkov) gandelman-a (Adam Gandelman) garyk (garyk) mapleoin (Ionut Artarisi) anotherjesse (anotherjesse) emagana (Edgar Magana) salvatore-orlando (Salvatore Orlando) yamahata (Isaku Yamahata) maru (Maru Newby) markmcclain (markmcclain) soheil-h-y (Soheil Hassas Yeganeh) heut2008 (Yaguang Tang) ljjjustin (ljjjustin) ghe.rivero (Ghe Rivero) ttx (Thierry Carrez) bhuvan (Bhuvan Arumugam) gongysh (gongysh) r-mibu (r-mibu) corvus (James E. Blair) danwent (dan wendlandt) nati-ueno (Nachi Ueno) zrzhit (Rongze Zhu) fungi (Jeremy Stanley) mordred (Monty Taylor) rackerhacker (Major Hayden) cboylan (Clark Boylan) jason-koelker (Jason Kolker) amotoki (Akihiro Motoki) The following list are the Quantum committers that couldn't be clearly linked to a Foundation individual member (no email or name matching). If you are part of this list and were indeed a Foundation individual member at the cut date (August 30), please send ASAP to the election officials (Thierry Carrez, Stefano Maffulli, Duncan McGreggor) information on the name and email address you used for Foundation membership, so that we can add you to the voters list. The deadline for this is tomorrow Friday, 15:00 UTC. ykaneko0929 (Yoshihiro Kaneko) bgh (Brad Hall) arosen (Aaron Rosen) dlapsley (Dave Lapsley) shweta-ap05 (Shweta P) salgado (Guilherme Salgado) snaiksat (Sumit Naiksatam) hiroaki-kawai (Hiroaki KAWAI) xchenum (xchenum) madhav-puri (Madhav Puri) zyluo (Zhongyue Luo) chnm-kulkarni (Chinmay Kulkarni) franciscosouza (Francisco Souza) mathieu-rohon (mat) armando-migliaccio (Armando Migliaccio) luiz-ozaki (Luiz Ozaki) prasad-tanay (Harsh Prasad) tylesmit (Tyler Smith) ncode (Juliano G Martinez) ppyy (Peng Yong) rohitagarwalla (Rohit Agarwalla) klmitch (Kevin L. Mitchell) Finally, if you think you committed code to the Quantum project over the specified timeframe and are not present in either of those lists, please send an email to the election officials (Thierry Carrez, Stefano Maffulli, Duncan McGreggor) with information on that commit, so that we can add you to the voters list. The deadline for this is also tomorrow Friday, 15:00 UTC. Regards, -- Thierry Carrez (ttx) Election Official ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com
Re: [Openstack] [openstack-dev] Quantum vs. Nova-network in Folsom
On Thu, Sep 6, 2012 at 12:50 AM, rohon mathieu mathieu.ro...@gmail.com wrote: There is still the security filtering issue (https://blueprints.launchpad.net/quantum/+spec/ovs-security-filtering) which prevent some cloud operator from using OVS. Do you have a workaround to use security group with OVS in folsom? Yes, it merged into Nova yesterday. https://bugs.launchpad.net/quantum/+bug/1039400 We're still working on the new Quantum docs for Folsom, but if you're already familiar with using Quantum + Nova, the key difference is that you use should a libvirt vif-plugging config of LibvirtHybridOVSBridgeDriver, rather than just LibvirtOpenVswitchDriver . Dan On Wed, Sep 5, 2012 at 7:01 PM, Dan Wendlandt d...@nicira.com wrote: On Wed, Sep 5, 2012 at 5:23 AM, andi abes andi.a...@gmail.com wrote: late to the party... but I'll dabble. On Mon, Aug 27, 2012 at 12:21 PM, Chris Wright chr...@sous-sol.org wrote: * rob_hirschf...@dell.com (rob_hirschf...@dell.com) wrote: We've been discussing using Open vSwitch as the basis for non-Quantum Nova Networking deployments in Folsom. While not Quantum, it feels like we're bringing Nova Networking a step closer to some of the core technologies that Quantum uses. To what end? OVS provides much more robust monitoring and operational facilities (e.g sFlow monitoring, better switch table visibility etc). You won't find any disagreement from me about OVS having more advanced capabilities :) It also provides a linux-bridge compatibility layer (ovs-brcompatd [1]), which should work out-of-box with the linux-bridge. As such, switching to using OVS rather than the linux bridge could be done without any code changes to nova, just deployment changes (e.g. ensure that ovs-brcompatd is running to intercept brctl ioctl's - [2]). Using ovs-brcompatd would be possible, though some distros do not package and run it by default and in general it is not the preferred way to run things according to email on the OVS mailing list. For the more adventurous, there could be any number of interesting scenarios enabled by having access to ovs capabilities (e.g. tunneling) Tunneling is definitely a huge benefit of OVS, but you still need someone to setup the tunnels and direct packets into them correctly. That's is exactly what the Quantum OVS plugin does and it is completely open source and freely available, so if people want to experiment with OVS tunneling, using Quantum would seem like the obvious way to do this. Dan -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum PTL election - please check Voters list
On Thu, Sep 6, 2012 at 9:31 AM, Thierry Carrez thie...@openstack.org wrote: Dan Wendlandt wrote: I must admit even I was unaware of the requirement to be a individual foundation member in order to vote in PTL elections (I personally happen to be a member already). There are definitely at least a few people on the list below that I feel should be able to vote but can't, including two core members, Sumit and Aaron. It's a requirement that was set upon us by the Foundation bylaws, and that was communicated on the wiki page describing the election process (and in one of my subsequent nagging emails). I agree it could have been communicated a bit more clearly, but hey, I was in vacation :) and a well deserved vacation at that :) This is not the end of the world, but I'm guessing both Gary and I would both feel better if people had a chance to revisit their foundation status. Is there anything we can do about this? The wording in the rules on the wiki is slightly ambiguous as it mentions a clear cut-off dates for commits, but no cut-off date for Foundation individual membership. My suggestion would therefore be to give Quantum committers until the end of the day to sign up for the Foundation as an individual member if they want to participate in the election. We would enable that interpretation of the election rules if both candidates agree, and the other election officials agree. Would that work for you ? That would be fantastic. To a large degree, I feel bad that I was unaware of this rule and therefore didn't alert the rest of the Quantum team members at the team meeting to make sure they were aware of the voting requirement. I spoke with Gary on IRC and I believe he would agree with this. He was away from computer for a bit, but I asked him to chime in on the thread when he was back online. Thanks for the flexibility. Dan In all cases, we'll clarify this for the upcoming TC elections. Regards, -- Thierry Carrez (ttx) Election official -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum DHCP support.
@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum vs. Nova-network in Folsom
On Wed, Sep 5, 2012 at 5:42 AM, Salvatore Orlando sorla...@nicira.com wrote: On 4 September 2012 22:16, Trey Morris trey.mor...@rackspace.com wrote: The transition is going to be difficult either way when you consider data migrations.. This is one huge aspect. The other concerns deployment, as Quantum interacts with nova-compute in a quite different way and roll out Quantum to replace nova-network is going to be tricky, and the Quantum community should probably start thinking about strategies and best practices for this migration. I don't see however being in a state where nova-network is going to be deprecated and removed anytime soon; partly because of some gaps still existing, and partly because of use cases, especially flat networks, where quantum adds little to no benefit in terms of feature. Gary, I've scheduled a talk about the future of nova networking. I hope it to be an open forum of ideas. Trey, I hope you are allocating a fair amount of time in your session to discuss migration as well. When we talked about nova-network to Quantum migrations a few months ago, it seemed like the best model would be a script that could read configuration from the nova database (e.g., networks, fixed_ips, floating_ips tables) and then perform Quantum API calls to make an equivalent configuration. Based on the current behavior of the Quantum integration code in Nova, I think this is still quite feasible and is something we can focus on once we close out the Folsom release proper. Obviously, not all config and settings will transfer over, but it should be possible to cover the core use cases. Dan Also, for what it's worth, I'd like to keep quantum code and nova code as separate as possible even if ovs is added to nova's network capabilities. Totally agree. -tr3buchet On Tue, Sep 4, 2012 at 1:15 AM, Gary Kotton gkot...@redhat.com wrote: On 09/03/2012 08:47 PM, rob_hirschf...@dell.com wrote: Dan, The challenge here is how to wean off one code base (Nova Net) and into another (Quantum). My thinking was that we'd be able to have more shared components and possibly shared code. This could ease the transition by having operators gain experience with Open vSwitch. Unfortunately, it is likely to also slow the transition because it would be investing more development effort in Nova Networking. At the moment Quantum supports a number of different technologies, one of them is Open vSwitch. I think that if the focus is taken to integrate OVS directly into nova networking this would hinder both Nova Networking and Quantum. If the resources can be focused on Quantum then we can have one solution that supports a variety of networking technologies. I think that if we focus our resources then hopefully by G-1 we can have Quantum replacing the traditional nova networking. I am not sure if a session is planned for the summit around this but it would be very good to discuss. Note: I'm sorry about the delay in replying. I off so I could include some perspective from investigation. It showed that some of the simplest Nova networking modes could use vSwitch but the popular ones would require duplicating/porting Quantum code back to Nova. You can do this if you want to very basic bridging. But when you want to expose OpenFlow and other technologies you will most probably take a approach similar to that of Quantum. That is my two cents. Thanks Gary Once of the things that I believe could help migration is getting Quantum API integrates into abstractions like Fog. In fact, I've proposed a Summit topic about exactly that. This sounds interesting. It seems that there is also some overlapping - for example the address management and DHCP handing by Quantum and FOG Thanks, Rob -Original Message- From: Dan Wendlandt [mailto:d...@nicira.com] Sent: Monday, August 27, 2012 12:57 PM To: Hirschfeld, Rob Cc: openstack@lists.launchpad.net; openstack-...@lists.openstack.org Subject: Re: [Openstack] Quantum vs. Nova-network in Folsom On Sun, Aug 26, 2012 at 12:39 PM,rob_hirschf...@dell.com wrote: Stackers, I think this is a reasonable approach and appreciate the clarification of use-cases. We've been discussing using Open vSwitch as the basis for non-Quantum Nova Networking deployments in Folsom. While not Quantum, it feels like we're bringing Nova Networking a step closer to some of the core technologies that Quantum uses. I'm interested in hearing what other's in the community think about this approach. One of the main reasons we introduced Quantum was to support alternative switching technologies like Open vSwitch. I'd like to hear more about your thoughts, but at first glance, I'm not sure there's a good way to leverage Open vSwitch in a meaningful way with existing nova-network managers, since those network managers are so tightly tied to using the basic linux bridge + vlans. Dan Rob
Re: [Openstack] Quantum vs. Nova-network in Folsom
On Wed, Sep 5, 2012 at 5:23 AM, andi abes andi.a...@gmail.com wrote: late to the party... but I'll dabble. On Mon, Aug 27, 2012 at 12:21 PM, Chris Wright chr...@sous-sol.org wrote: * rob_hirschf...@dell.com (rob_hirschf...@dell.com) wrote: We've been discussing using Open vSwitch as the basis for non-Quantum Nova Networking deployments in Folsom. While not Quantum, it feels like we're bringing Nova Networking a step closer to some of the core technologies that Quantum uses. To what end? OVS provides much more robust monitoring and operational facilities (e.g sFlow monitoring, better switch table visibility etc). You won't find any disagreement from me about OVS having more advanced capabilities :) It also provides a linux-bridge compatibility layer (ovs-brcompatd [1]), which should work out-of-box with the linux-bridge. As such, switching to using OVS rather than the linux bridge could be done without any code changes to nova, just deployment changes (e.g. ensure that ovs-brcompatd is running to intercept brctl ioctl's - [2]). Using ovs-brcompatd would be possible, though some distros do not package and run it by default and in general it is not the preferred way to run things according to email on the OVS mailing list. For the more adventurous, there could be any number of interesting scenarios enabled by having access to ovs capabilities (e.g. tunneling) Tunneling is definitely a huge benefit of OVS, but you still need someone to setup the tunnels and direct packets into them correctly. That's is exactly what the Quantum OVS plugin does and it is completely open source and freely available, so if people want to experiment with OVS tunneling, using Quantum would seem like the obvious way to do this. Dan -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] Running for Quantum PTL
Just sent this to the openstack-dev mailing this the first time. Now forwarding to openstack@lists.launchpad.net dan -- Forwarded message -- From: Dan Wendlandt d...@nicira.com Date: Sun, Sep 2, 2012 at 2:10 PM Subject: Running for Quantum PTL To: OpenStack Development Mailing List openstack-...@lists.openstack.org Hi folks, I'm really excited about what we've done with Quantum so far and I am even more pumped about where we can take things in the future. As a result, no surprise, I'm running to continue on as the Quantum PTL. I've been a leader of the Quantum project since it was started during the Diablo release, and I was the PTL elected when we became an official incubated project in Essex. If anyone has concerns with the way the project has been running so far, I'd love to hear from you and discuss that feedback. So far, my main goals as PTL have been: - Moving project toward core release in Folsom with a core L2/L3 networking feature set. - Acting as a core developer and reviewing, contributing features and reviewing change-sets. - Growing the number of people contributing to to the project from a development, testing, and documentation perspective. - Helping people in the OpenStack community understand what Quantum is and why it can be useful, though activity on the mailing list and presenting at conferences. . - Making sure existing contributions are able to achieve their and their company's goals within Quantum and OpenStack as a whole. - Interfacing with those outside the community (vendors, media, etc.) to answer their questions on Quantum and help promote OpenStack in general. Moving forward in Grizzly, here are some thoughts of what I'm looking to have the team focus on during Grizzly: - continue to grow the number of people regularly contributing high quality community code reviews to the Quantum project - improve system test coverage for core quantum feature set - Improve documentation, both admin and developer. - identify and fix transition hurdles of people looking to move from nova-network to quantum - improve HA/Scale of some existing sub-systems, including DHCP/L3 (this includes a mechanism similar to nova-network multi_host flag) - add additional core quantum plugins from vendors new to the community. - explore internal architectures and external APIs for higher-level services. This will likely focus on L3/L4 packet filtering and Load-balancing, based on initial community input. Note: obviously we will tackle other issues in Grizzly as well, so don't worry if something you're looking to do is not on this list. We'll have the chance to discuss additional priorities in the time running up to the summit and at the summit itself. Thanks, Dan -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] associating provider vlan and IP allocation pool with a subnet
One other comment: sometimes people use the term provider network to mean two things: 1) a quantum network that maps directly to an existing physical or vlan network in the provider's infrastructure. 2) a shared network that all tenants have access to (e.g., to reach the Internet). In Quantum, we use the term provider to refer to #1. We use the term shared to refer to #2. Not sure which one you were asking about. Salvatore's responses covers #1. For #2, just create a network with --shared=True. Note, with the default policy, you need to be an admin user to create a shared network. dan On Wed, Aug 29, 2012 at 10:22 AM, Salvatore Orlando sorla...@nicira.com wrote: Hi Naveen, That is almost correct. You can associate a provider network (either a physical network or a vlan) with a Quantum network. The association is at the network level, not the subnet level. As the 'provider networks' is an extension in quantum, there is no direct CLI option available. However the quantum CLI allows for configuring extensions using the following syntax: quantum command core_parameters -- extended_parameters for instance the following syntax should create a network associate with a specific vlan id, on the default physical interface: quantum net-create network_name -- --provider:vlan_id 999 Please keep in mind that the provider networks extension will be feature complete with folsom-rc1. In the Folsom-3 milestone, provider networks are not yet supported with Open vSwitch. The related patch is currently under review: https://review.openstack.org/#/c/11388/ Regards, Salvatore On 29 August 2012 02:31, Naveen Joy (najoy) na...@cisco.com wrote: Hi All, In the latest quantum code, I believe it is possible to associate a provider vlan and an IP allocation pool with a subnet. Can someone provide the quantum client cli or the API to accomplish this. Thanks much, Naveen ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum vs. Nova-network in Folsom
On Sun, Aug 26, 2012 at 12:39 PM, rob_hirschf...@dell.com wrote: Stackers, I think this is a reasonable approach and appreciate the clarification of use-cases. We've been discussing using Open vSwitch as the basis for non-Quantum Nova Networking deployments in Folsom. While not Quantum, it feels like we're bringing Nova Networking a step closer to some of the core technologies that Quantum uses. I'm interested in hearing what other's in the community think about this approach. One of the main reasons we introduced Quantum was to support alternative switching technologies like Open vSwitch. I'd like to hear more about your thoughts, but at first glance, I'm not sure there's a good way to leverage Open vSwitch in a meaningful way with existing nova-network managers, since those network managers are so tightly tied to using the basic linux bridge + vlans. Dan Rob -Original Message- From: openstack-bounces+rob_hirschfeld=dell@lists.launchpad.net [mailto:openstack-bounces+rob_hirschfeld=dell@lists.launchpad.net] On Behalf Of Dan Wendlandt Sent: Friday, August 24, 2012 5:39 PM To: openstack@lists.launchpad.net; OpenStack Development Mailing List Subject: [Openstack] Quantum vs. Nova-network in Folsom tl;dr both Quantum and nova-network will be core and fully supported in Folsom. Hi folks, Thierry, Vish and I have been spending some talking about OpenStack networking in Folsom, and in particular the availability of nova-network now that Quantum is a core project. We wanted to share our current thinking with the community to avoid confusion. With a project like OpenStack, there's a fundamental trade-off between the rate of introducing new capabilities and the desire for stability and backward compatibility. We agreed that OpenStack is a point in its growth cycle where the cost of disruptive changes is high. As a result, we've decided that even with Quantum being core in Folsom, we will also continue to support nova-network as it currently exists in Folsom. There is, of couse, overhead to this approach, but we think it is worth it. With this in mind, a key question becomes: how do we direct users to the networking option that is right for them. We have the following guidelines: 1) For users who require only very basic networking (e.g., nova-network Flat, FlatDHCP) there's little difference between Quantum and nova-network is such basic use cases, so using nova's built-in networking for these basic use cases makes sense. 2) There are many use cases (e.g., tenant API for defined topologies and addresses) and advanced network technologies (e.g., tunneling rather than VLANs) that Quantum enables that are simply not possible with nova-network, so if these advanced capabilities are important to someone deploying OpenStack, they clearly need to use Quantum. 3) There are a few things that are possible in nova-network, but not in Quantum. Multi-host is the most significant one, but there are bound to be other gaps, some of which we will uncover only when people try their particular use case with Quantum. For these, users will have to use nova-network, with the gaps being covered in Quantum during Grizzly. As a result, we plan to structure the docs so that you can do a basic functionality Nova setup with flat networking without requiring Quantum. For anything beyond that, we will have an advanced networking section, which describes the different advanced use of OpenStack networking with Quantum, and also highlight reasons that a user may still want to use nova-networking over Quantum. Moving beyond Folsom, we expect to fully freeze the addition of new functionality to nova-network, and likely deprecate at least some portions of the existing nova-network functionality. Likely this will leave the basic flat and flat + dhcp nova networking intact, but reduce complexity in the nova codebase by removing more advanced networking scenarios that can also be achieved via Quantum. This means that even those using nova-network in Folsom should still be evaluating Quantum if they networking needs beyond flat networking, such that this feedback can be incorporated into the Grizzly deliverable of Quantum. Thanks, Dan -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net
Re: [Openstack] OpenStack and IGMP
Hi Juris, Some more detail would be useful here. It sounds like you're trying to use multicast, for which IGMP is a control protocol. Is it that you're trying to run nova VMs and make sure they can participate in multicast groups? Basic flat Nova networking connects VMs directly to a physical network, so the configuration of multicast on the routers (and IGMP snooping on the switches) is generally something that would happen outside the scope of openstack configuration. For private networks in VlanManager mode or with Quantum, the existing L3 forwarding logic does not run a daemon that participates in IGMP, so there's no out-of-the box way to get IGMP working between a private network and the external network in your data center, I suspect (my guess is that you'd have to muck with making the host running nova-network or the quantum-l3-agent also run a multi-cast aware routing software, like Quagga). In the future, Quantum will enable pluggable back-ends for logical routers, in which case you'll be able to get routing back-ends from different vendors and projects, many of which will support IGMP. Dan On Fri, Aug 24, 2012 at 3:59 AM, Juris ju...@zee.lv wrote: Hi all, Do you have any experience configuring OpenStack to work with IGMP traffic? If I have IGMP server and appropriate network infrastructure, what is the best way to bound it with one of OpenStack's private networks? ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] Quantum vs. Nova-network in Folsom
tl;dr both Quantum and nova-network will be core and fully supported in Folsom. Hi folks, Thierry, Vish and I have been spending some talking about OpenStack networking in Folsom, and in particular the availability of nova-network now that Quantum is a core project. We wanted to share our current thinking with the community to avoid confusion. With a project like OpenStack, there's a fundamental trade-off between the rate of introducing new capabilities and the desire for stability and backward compatibility. We agreed that OpenStack is a point in its growth cycle where the cost of disruptive changes is high. As a result, we've decided that even with Quantum being core in Folsom, we will also continue to support nova-network as it currently exists in Folsom. There is, of couse, overhead to this approach, but we think it is worth it. With this in mind, a key question becomes: how do we direct users to the networking option that is right for them. We have the following guidelines: 1) For users who require only very basic networking (e.g., nova-network Flat, FlatDHCP) there's little difference between Quantum and nova-network is such basic use cases, so using nova's built-in networking for these basic use cases makes sense. 2) There are many use cases (e.g., tenant API for defined topologies and addresses) and advanced network technologies (e.g., tunneling rather than VLANs) that Quantum enables that are simply not possible with nova-network, so if these advanced capabilities are important to someone deploying OpenStack, they clearly need to use Quantum. 3) There are a few things that are possible in nova-network, but not in Quantum. Multi-host is the most significant one, but there are bound to be other gaps, some of which we will uncover only when people try their particular use case with Quantum. For these, users will have to use nova-network, with the gaps being covered in Quantum during Grizzly. As a result, we plan to structure the docs so that you can do a basic functionality Nova setup with flat networking without requiring Quantum. For anything beyond that, we will have an advanced networking section, which describes the different advanced use of OpenStack networking with Quantum, and also highlight reasons that a user may still want to use nova-networking over Quantum. Moving beyond Folsom, we expect to fully freeze the addition of new functionality to nova-network, and likely deprecate at least some portions of the existing nova-network functionality. Likely this will leave the basic flat and flat + dhcp nova networking intact, but reduce complexity in the nova codebase by removing more advanced networking scenarios that can also be achieved via Quantum. This means that even those using nova-network in Folsom should still be evaluating Quantum if they networking needs beyond flat networking, such that this feedback can be incorporated into the Grizzly deliverable of Quantum. Thanks, Dan -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Removing quantum-rootwrap
On Tue, Aug 14, 2012 at 1:54 AM, Thierry Carrez thie...@openstack.orgwrote: Dan Wendlandt wrote: On Mon, Aug 13, 2012 at 12:51 PM, Vishvananda Ishaya vishvana...@gmail.com mailto:vishvana...@gmail.com wrote: This is up to dan, I suppose, but the rootwrap stuff seems like something worth granting a ffe to… I wasn't going to mention it, as the urgency of a nearby deadline can be helpful :) But yes, I'd grant an ffe to something this important, especially because it applies across all uses of quantum. On one hand it's a change that impacts almost all use cases, so definitely not something that is simple or self-contained. On the other, it's quite easy to trace back issues to this. In summary, if it's the only exception in Quantum, it's not really a problem :) [warning: a trick is included in the last paragraph] ttx, I caught it I'm on to your project management jedi mind tricks :) jrd, my feeling is that we'd need a patch for this under review this week to understand the magnitude of the changes if we want to consider if for a feature-freeze exception. Thanks. dan -- Thierry Carrez (ttx) Release Manager, OpenStack ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Removing quantum-rootwrap
On Mon, Aug 13, 2012 at 12:51 PM, Vishvananda Ishaya vishvana...@gmail.comwrote: This is up to dan, I suppose, but the rootwrap stuff seems like something worth granting a ffe to… I wasn't going to mention it, as the urgency of a nearby deadline can be helpful :) But yes, I'd grant an ffe to something this important, especially because it applies across all uses of quantum. Dan Vish On Aug 13, 2012, at 11:49 AM, j...@redhat.com wrote: From: j...@redhat.com Date: Fri, 10 Aug 2012 11:52:49 -0400 [...] Very much, thanks. More news as it happens... Here's where I've got to so far I've ported/transliterated code from nova/cinder to manage rootwrap filter defs the same way in quantum. I've plowed through most of the quantum filter defs which were embedded in the agent code, and changed them to newer format, in /etc/quantum/rootwrap.d/* Current headache is getting my test environment back to working condition, and then contriving enough tests to prove that the code changes are working. Once I get that done, I'll do a cleanup pass and get a changeset posted for review. We're getting close to the tomorrow deadline. I will work with Gary and Bob and Chris to try to get this stuff nailed ASAP, or figure out plan B if it looks like that's just too much of a stretch. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Question for Quantum V2 subnet
In a dual stack deployment there may be a v4 and a v6 subnet on the same network. There's also the case that a service provider has a notion of a public network, which is represented by a UUID. After a period of time, they may run out of IPs in one subnet, and want to assign another subnet as well, without forcing tenants to have to start using a new identifier for the public network. Of course, the provider would be responsible for creating L3 connectivity between the two subnets. Others can chime in, but those where the two cases that I remember. Dan On Mon, Aug 13, 2012 at 8:31 PM, Aaron Rosen aro...@nicira.com wrote: The reason for this is because you can have multiple subnets on the same L2 bcast domain. You can use ip aliasing in order to use multiple subnets on one virtual nic. For example ifconfig eth0:1 a.b.c.d/24; ifconfig eth0:2 d.e.f.g/24 Aaron On Mon, Aug 13, 2012 at 7:52 PM, Takaaki Suzuki suz...@midokura.comwrote: Hi all. I have one question. I prepared devstack with Qauntum V2. Now I can create Subnet for Network. And I can add multiple Subnet for one Network. VM can use multiple subnet for one virtual NIC? Why quantum v2 can create multiple subnet for one Network? quantum --os_token 1b73ace152c440ea939c2329fd115e56 --os_url http://localhost:9696/ net-list ++--+---++--+--+ | admin_state_up | id | name | status | subnets | tenant_id | ++--+---++--+--+ | True | d7a8106c-7ca6-4302-a065-6a87c859ed9c | test | ACTIVE | 474ea30c-9337-4f48-854c-9f572538a44c | 4fb66e3355304be5a6f3340d7067b369 | | | || | 52ffda8c-61aa-465b-ae62-1ef57e9bed85 | | | | || | 9a659285-c6b1-4e6f-b3f0-c3e37341e0be | | quantum --os_token 1b73ace152c440ea939c2329fd115e56 --os_url http://localhost:9696/ subnet-list +--+--+---+--+++--+--+ | allocation_pools | cidr | gateway_ip| id | ip_version | name | network_id | tenant_id | +--+--+---+--+++--+--+ | {start: 192.168.100.2, end: 192.168.100.254} | 192.168.100.0/24 | 192.168.100.1 | 474ea30c-9337-4f48-854c-9f572538a44c | 4 | test01 | d7a8106c-7ca6-4302-a065-6a87c859ed9c | 4fb66e3355304be5a6f3340d7067b369 | | {start: 192.168.210.2, end: 192.168.210.254} | 192.168.210.0/24 | 192.168.210.1 | 52ffda8c-61aa-465b-ae62-1ef57e9bed85 | 4 | test03 | d7a8106c-7ca6-4302-a065-6a87c859ed9c | 4fb66e3355304be5a6f3340d7067b369 | | {start: 192.168.200.2, end: 192.168.200.254} | 192.168.200.0/24 | 192.168.200.1 | 9a659285-c6b1-4e6f-b3f0-c3e37341e0be | 4 | test02 | d7a8106c-7ca6-4302-a065-6a87c859ed9c | 4fb66e3355304be5a6f3340d7067b369 | +--+--+---+--+++--+--+ Thanks! Suzuki ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] adding security groups to running virtual machines
Hi Wolfgang, Yes, currently Nova only allows associating security groups at boot, though you can change the rules in a security group post boot. Quantum (new openstack networking service) will be adding a more advanced notion of security groups which allows changing groups of booted instances and other improvements. This had been targeted for Folsom-3, but looks very unlikely to make it in time for Folsom. The difference between Nova security groups and Quantum security groups is similar to the differences between traditional amazone security groups and Amazon VPC security groups (see: http://aws.amazon.com/vpc/faqs/#S2) Dan On Wed, Aug 8, 2012 at 4:32 AM, Wolfgang Hennerbichler wolfgang.hennerbich...@risc-software.at wrote: it's not me :) http://forums.openstack.org/**viewtopic.php?f=10t=719http://forums.openstack.org/viewtopic.php?f=10t=719 On 08/08/2012 11:06 AM, Wolfgang Hennerbichler wrote: hi, is it me or is it openstack who can't modify security groups for running virtual machines? nova help | grep sec doesn't give me a clue. thanks for a hint, Wolfgang -- DI (FH) Wolfgang Hennerbichler Software Development Unit Advanced Computing Technologies RISC Software GmbH A company of the Johannes Kepler University Linz IT-Center Softwarepark 35 4232 Hagenberg Austria Phone: +43 7236 3343 245 Fax: +43 7236 3343 250 wolfgang.hennerbichler@risc-**software.atwolfgang.hennerbich...@risc-software.at http://www.risc-software.at __**_ Mailing list: https://launchpad.net/~**openstackhttps://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~**openstackhttps://launchpad.net/~openstack More help : https://help.launchpad.net/**ListHelphttps://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Removing quantum-rootwrap
On Wed, Aug 8, 2012 at 9:22 AM, Thierry Carrez thie...@openstack.orgwrote: Robert Kukura wrote: On 08/08/2012 09:31 AM, Thierry Carrez wrote: Quantum currently contains bin/quantum-rootwrap, a copy of nova-rootwrap supposed to control its privilege escalation to run commands as root. However quantum-rootwrap is currently non-functional, missing a lot of filter definitions that are necessary for it to work correctly. Is missing definitions the only issue? Those may need updating for F-3, but this can certainly be done. Those are the only issues I spotted. Making Quantum compatible with the latest version of rootwrap as shipped in Nova/Cinder, though, is a lot more work. Quantum is generally run with root_helper=sudo and a wildcard sudoers file. What is your basis for this statement? The packaging of Essex Quantum for Fedora and RHEL/EPEL do configure root_helper to use quantum-rootwrap. If another distribution doesn't do this, I would consider that a distribution bug, not an upstream problem. Given that quantum-rootwrap is currently non-working, I suspected that everyone running Quantum *on Folsom* was using sudo and not the rootwrap. If most people do that, it probably means it's a it early to deprecate root_helper=sudo support in Folsom. That means Quantum is not ready to deprecate in Folsom (and remove in Grizzly) its ability to run with root_helper=sudo, like Nova and Cinder do. What's involved in deprecating this ability in Folsom? Is it that difficult? If Nova and Cinder are doing it, why shouldn't Quantum? As a quick grep will show, there is much more adherence to root_helper in Quantum than in Nova/Cinder, where it was used in a single place. It's definitely doable, but I'd say a bit dangerous (and too late) 4 days before F3. I certainly won't have enough time for it... I do have an issue with Folsom dropping a capability that is being used in Essex. If the existing rootwrap really does more harm than good, this might be justified, but I don't think you can argue nobody has used it. Fair point, it was definitely used in Essex. We have three options at this point: * Remove it (but is it acceptable to lose functionality compared to Essex, even if Essex is not a core release for Quantum ?) * Just fix it by adding missing filters (but then accept that quantum-rootwrap doesn't behave like nova-rootwrap and cinder-rootwrap, which is bad for consistency) * Align quantum-rootwrap with nova-rootwrap and deprecate usage of root_helper, by overhauling how root_helper is pervasively used throughout Quantum code (lots of work, and introducing a lot of disruption that late in the cycle) Personally I think only the first two options are realistic. So this boils down to losing functionality from Essex vs. hurting Folsom core consistency. If someone (Bob?) has the immediate cycles to make rootwrap work in Folsom with low to medium risk of disruption, I'd be open to exploring that, even if it meant inconsistent usage in quantum vs. nova/cinder. I also think we need to develop basic guidelines that should be enforced by reviewers with respect to correctly using rootwrap moving forward. Is there a quick pointer we have for developers and reviewers to use? Dan -- Thierry Carrez (ttx) Release Manager, OpenStack ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] adding security groups to running virtual machines
Actually, I was wrong about adding/removing security groups at run-time. Apparently, it works already :) Thanks for pointing that out Mohammed! Dan On Wed, Aug 8, 2012 at 1:23 PM, Mohammed Naser mna...@vexxhost.com wrote: Hi, You can actually add/remove security groups from an instance anytime even when it's running. The nova client also had the add-secgroup and remove-secgroup commands in it (at least in trunk), not sure if this is not supported in specific releases. Regards, Mohammed On Wed, Aug 8, 2012 at 1:20 PM, Dan Wendlandt d...@nicira.com wrote: Hi Wolfgang, Yes, currently Nova only allows associating security groups at boot, though you can change the rules in a security group post boot. Quantum (new openstack networking service) will be adding a more advanced notion of security groups which allows changing groups of booted instances and other improvements. This had been targeted for Folsom-3, but looks very unlikely to make it in time for Folsom. The difference between Nova security groups and Quantum security groups is similar to the differences between traditional amazone security groups and Amazon VPC security groups (see: http://aws.amazon.com/vpc/faqs/#S2) Dan On Wed, Aug 8, 2012 at 4:32 AM, Wolfgang Hennerbichler wolfgang.hennerbich...@risc-software.at wrote: it's not me :) http://forums.openstack.org/viewtopic.php?f=10t=719 On 08/08/2012 11:06 AM, Wolfgang Hennerbichler wrote: hi, is it me or is it openstack who can't modify security groups for running virtual machines? nova help | grep sec doesn't give me a clue. thanks for a hint, Wolfgang -- DI (FH) Wolfgang Hennerbichler Software Development Unit Advanced Computing Technologies RISC Software GmbH A company of the Johannes Kepler University Linz IT-Center Softwarepark 35 4232 Hagenberg Austria Phone: +43 7236 3343 245 Fax: +43 7236 3343 250 wolfgang.hennerbich...@risc-software.at http://www.risc-software.at ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- Mohammed Naser — vexxhost - E. mna...@vexxhost.com W. http://vexxhost.com -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Removing quantum-rootwrap
On Wed, Aug 8, 2012 at 1:20 PM, j...@redhat.com wrote: If someone (Bob?) has the immediate cycles to make rootwrap work in Folsom with low to medium risk of disruption, I'd be open to exploring that, even if it meant inconsistent usage in quantum vs. nova/cinder. Hi Dan. I've been working with Bob, getting myself up to speed on quantum. I've just talked it over with Bob, and I'll take a crack at this one. My approach is going to be to get the quantum rootwrap stuff up to parity with nova. It sounded like some further work might get done in this area for Grizzly, but for the short term, this ought to be fairly non-disruptive. Nice to meet you, glad you'll be helping here. Let's stay in close sync about this change, as I'd like to get a better understanding of how disruptive/risky this is change is if we're thinking of putting it in Folsom. Dan I also think we need to develop basic guidelines that should be enforced by reviewers with respect to correctly using rootwrap moving forward. Is there a quick pointer we have for developers and reviewers to use? Dan -- Thierry Carrez (ttx) Release Manager, OpenStack ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Quantum devstack authentication error
Hi Aaron, I didn't see this thread and as a result did some clean-up on the wiki myself. I think the problem Gabrial was seeing was that he was not using the flag to indicate v2 Quantum API. Dan On Tue, Aug 7, 2012 at 2:41 PM, Aaron Rosen aro...@nicira.com wrote: Hi Salvatore, Gabriel ran into this issue because devstack currently defaults to use quantum v1. I added Q_AUTH_STRATEGY=noauth to the current v1 devstack page. I'll go ahead and add a link to the v2 page on the v1 page and then fully update the page once v2 is the default in devstack. Aaron On Tue, Aug 7, 2012 at 2:32 PM, Salvatore Orlando sorla...@nicira.comwrote: Aaron, it would be great if you can update the wiki page for running Quantum with devstack with the info in http://wiki.openstack.org/RunningQuantumV2Api that you created. I also had other people asking me about how to run devstack with Quantum v2, and I pointed them to your page. On the issue Gabriel was referring to, I have to say that now devstack fully supports Quantum v2 with Keystone, so there's no need for running it in noauth mode. From the published traceback, it seem n-net is still enabled in devstack. It should be instead removed from ENABLED_SERVICES if running quantum v2. Regards, Salvatore On 7 August 2012 23:15, Aaron Rosen aro...@nicira.com wrote: Inline On Tue, Aug 7, 2012 at 2:05 PM, Gabriel Hurley gabriel.hur...@nebula.com wrote: Thanks, that got it. Two things, though: ** ** **1. **Shouldn’t that be in the wiki? I'll add it. This change was recently introduce to devstack. **2. **What do you mean “only works in folsom”? I’m running the latest devstack with master everything… how much more “folsom” does it get? ** If you do add NOVA_USE_QUANTUM_API=v2 to localrc it uses the quantum v2 api. http://wiki.openstack.org/RunningQuantumV2Api ** **- **Gabriel Aaron ** ** *From:* Aaron Rosen [mailto:aro...@nicira.com] *Sent:* Tuesday, August 07, 2012 1:33 PM *To:* Gabriel Hurley *Cc:* openstack@lists.launchpad.net *Subject:* Re: [Openstack] Quantum devstack authentication error ** ** Hi Gabriel, ** ** Adding Q_AUTH_STRATEGY=noauth to localrc should fix the issue. ** ** The authentication it's trying to use only works in folsom. ** ** Thanks, ** ** Aaron On Tue, Aug 7, 2012 at 1:04 PM, Gabriel Hurley gabriel.hur...@nebula.com wrote: I'm trying to run devstack with quantum enabled so I can test the recent work on re-integrating Quantum into Horizon. I've followed the instructions for what should be in my localrc file here: http://wiki.openstack.org/QuantumDevstack However, devstack fails when trying to create a network during its health checks. The error logged is here: https://gist.github.com/3288861 Any advice? What's missing from that wiki page? Or is this a bug? Thanks, - Gabriel ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ** ** ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Netstack] [Quantum] Using VirtIO Driver with KVM
-- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack-dev] [Quantum] Multi-host implementation
Hi Nachi, I've reviewed the code and added comments. I'd like to see at least a basic spec describing the proposed approach (need only be a couple paragraphs, perhaps with a diagram) linked to the blueprint so we can have a design discussion around it. Thanks, Dan On Fri, Aug 3, 2012 at 1:03 PM, Nachi Ueno na...@nttmcl.com wrote: Hi folks Sorry. I added openstack-...@lists.openstack.org in this discussion. 2012/8/3 Nati Ueno nati.u...@gmail.com: Hi folks Gary Thank you for your comment. I wanna discuss your point on the mailing list. Yusuke pushed Multi-host implementation for review. https://review.openstack.org/#/c/10766/2 This patch changes only quantum-dhcp-agent side. Gary's point is we should have host attribute on the port for scheduling. I agree with Gary. In the nova, vm has available_zone for scheduling. So Instead of using host properties. How about use available_zone for port? Format of availability_zone is something like this available_zone=zone_name:host. We can also add availability_zone attribute for the network as a default value of port. We can write this until next Monday. However I'm not sure quantum community will accept this or not, so I'm asking here. If there are no objections, we will push zone version for review. Thanks Nachi ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Update policy of device_id
On Fri, Aug 3, 2012 at 12:33 PM, Nati Ueno nati.u...@gmail.com wrote: Hi folks I report this bug recently. device_id should not be updated twice https://bugs.launchpad.net/quantum/+bug/1031473 Now, a user can update device_id which may cause problem. Yeah, ideally this field could only be updated by the 'service' user (i.e., nova or another openstack service). This is related to port id spec for nova boot. https://bugs.launchpad.net/nova/+bug/1031096 My question is how we should deal with port on the failure or deletion. My patch will delete the port on failure or deletion https://review.openstack.org/#/c/10639/ Another spec could be update port device_id for None. But this is depends on how we solve bug 1031473. Updating to empty-string/None is more what I had been thinking of, but I don't have my head fully wrapped around this. As I mentioned when we chatted about this in person, Amazon's elastic network interfaces (ENIs) are similar to quantum ports, and they have a specific flag that indicates whether the ENI should be deleted when the instance is deleted or not: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/using-eni.html#change_term_behavior There are some use cases when we would want to keep it around, and just reattach it to a new virtual server. Dan Any thought? -- Nachi Ueno email:nati.u...@gmail.com twitter:http://twitter.com/nati ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Netstack] os-create-server-ext and use
On Fri, Aug 3, 2012 at 3:48 AM, Trinath Somanchi trinath.soman...@gmail.com wrote: Hi- While going through the source code of Openstack Nova, I have seen this comment, We support two approaches to determining vNICs: - By default, a VM gets a vNIC for any network belonging to the VM's project, and a vNIC for any global network that has a NULL project_id. vNIC order is determined by the network's 'priority' field. - *If the 'os-create-server-ext' was used to create the VM, only the networks in 'requested_networks' are used to create vNICs, and the vNIC order is determiend by the order in the requested_networks array.* Can any one help me understand on how the second case will come in determining the vNICs of VM while creating VM from Horizon. Hi Trinath, I think you're pointing to Quantum integration code in Nova. Horizon support for Quantum is currently in review: https://review.openstack.org/#/c/10116/ Based on plans, this will include the ability to specify the set of networks that a VM will connect to. Dan Thanking you... -- Regards, -- Trinath Somanchi, +91 9866 235 130 -- Mailing list: https://launchpad.net/~netstack Post to : netst...@lists.launchpad.net Unsubscribe : https://launchpad.net/~netstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum][Nova] requested_id and port spec
list: https://launchpad.net/~netstack Post to : netst...@lists.launchpad.net Unsubscribe : https://launchpad.net/~netstack More help : https://help.launchpad.net/ListHelp -- Nachi Ueno email:nati.u...@gmail.com twitter:http://twitter.com/nati ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- Nachi Ueno email:nati.u...@gmail.com twitter:http://twitter.com/nati -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [OpenStack Foundation] Individual Nominations for Foundation Board of Directors
On Thu, Jul 26, 2012 at 12:08 PM, Jonathan Bryce jbr...@rackspace.comwrote: We definitely want to have some means for nominees to provide details on what they would bring to the Board, and can easily add a section or statement to their current bios. We are just starting by contacting each nominee to get their basic info up as quickly as possible, so the community knows who has been nominated so far. We're open to ideas, especially as we enter the election phase, for each candidate on the ballot to better articulate their platforms and experience. Great. I would welcome the opportunity to have a short blurb on the page. I also need the blurb to explain that my company affiliation will be changing sometime in the next few months :) Dan Jonathan 210-317-2438 On Jul 26, 2012, at 12:04 PM, Robbie Williamson wrote: On 07/26/2012 11:49 AM, Robbie Williamson wrote: Also, it might make sense to confirm with nominees *before* placing them on the list...so at least they know what they are getting into ;). Nevermind...I was just too impatient. :/ -- Robbie Williamson rob...@ubuntu.com robbiew[irc.freenode.net] Don't make me angry...you wouldn't like me when I'm angry. -Bruce Banner ___ Foundation mailing list foundat...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation ___ Foundation mailing list foundat...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [OpenStack Foundation] Individual Nominations for Foundation Board of Directors
Yeah, I'm not sure who nominated me, but it would be helpful to understand a bit more about what is expected from a board member. I found this via google [http://wiki.openstack.org/Governance/Foundation/Structure], but is there any more info?: The Board of Directors provides legal management of the Foundation and its financial resources. The Board oversees Foundation operations, sets overall budget and goals for Foundation staff, and hires the Executive Director. Board members are also expected to advocate for the Foundation and the entire OpenStack community. I'd also advocate for there being some place nominees/candidates can write a statement expressing why they want to be on the board of directors... otherwise such a vote may just up as a personality contest or a company v. company vote, neither of which is good for the community. Thanks, Dan On Thu, Jul 26, 2012 at 8:37 AM, Rick Clark r...@openstack.org wrote: Who is the election official, running this election. Nomination should be an open process, similar to the core dev process. It is currently closed and subject to manipulation. I would also suggest that if you are a candidate, you must not be managing the process. Rick On 07/25/2012 06:44 PM, Jonathan Bryce wrote: Hi everyone, Last Wednesday we started accepting Individual Members for the OpenStack Foundation. We've had an excellent response so far with well over 1,000 Individual Members joining in the first week. I wanted to share some important information about how to nominate and elect the Individual Members for the Board of Directors. The deadline to nominate Individual Directors--August 6--is coming very quickly. Directors elected by the Individual Members will make up 1/3 of the Board or 8 of the 24 seats. You must be an Individual Member to nominate, vote or run for an Individual Member position on the Board of Directors. You can become an Individual Member on our website: http://www.openstack.org/join/ Elections for the Individual Directors will take place August 20-24. To vote in the initial Board election, you must join as an Individual Member by August 15. To appear on the ballot, an Individual Member must receive nominations from 10 other Individual Members. The deadline to nominate an Individual Member is August 6, and all nominations are submitted via email to secret...@openstack.org. We have created a basic page with initial nominees on it, and will be reaching out to nominees so they can add additional information about themselves. To see who is being nominated so you can support current nominees (who need 10 nominations) or recommend additional candidates, go to http://www.openstack.org/community/openstack-foundation-board-2012-election-candidates/ Let us know if you have any questions, Jonathan 210-317-2438 ___ Foundation mailing list foundat...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation ___ Foundation mailing list foundat...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack-dev] Announcing proof-of-concept Load Balancing as a Service project
On Wed, Jul 25, 2012 at 1:33 PM, Eugene Kirpichov ekirpic...@gmail.comwrote: Another question we have is if this should be a standalone module or a Quantum plugin… Based on discussions during the PPB meeting about quantum becoming core, there was a push for having a single network service and API, which would tend to suggest it being a sub-component of Quantum that is independently loadable. I also tend to think that its likely to be a common set of developers working across all such networking functionality, so it wouldn't seem like keeping different core-dev teams, repos, tarballs, docs, etc. probably doesn't make sense. I think this is generally inline with the plan of allowing Quantum to load additional portions of the API as needed for additional services like LB, WAN-bridging, but this is probably a call for the PPB in general. So, if I'm understanding correctly, you're suggesting LBaaS to be usable in 2 ways: * Independently * As a quantum plugin This is where naming gets tricky :) I would tend to think of LBaaS a service as an independently loadable component within Quantum, which is to say, your choice of a LBaaS back-end would be completely independent of your choice of a core Quantum plugin. As a result, a provider could choose to expose only the load-balancer API to tenants, if that is what that operator wanted. I'm not sure if this is the same as what you suggest. Either way, I think the right thing here is to focus on what different deployment scenarios we see this being used in, then we can figure out how tightly coupled it should be to the man quantum service. -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack-dev] Announcing proof-of-concept Load Balancing as a Service project
On Wed, Jul 25, 2012 at 1:54 PM, Youcef Laribi youcef.lar...@eu.citrix.comwrote: I also want to point the community to the Atlas project which is still ongoing, and the code base is available on github at: http://github.com/openstack-atlas/atlas-lb This is based on the original code contributed by Rackspace more than a year ago, from their Cloud LoadBalancers Service and since then it has been evolved to support multiple adapters (or drivers). The next big thing for the project is integration with Quantum and Nova, so would love to see a common approach to this integration. Hi Youcef, Yes, we recognize the efforts of the existing Atlas contributors and I definitely want to make sure the atlas folks play a key role in figuring out how LBaaS works in OpenStack moving forward. I get asked about LBaaS fairly often, and I've always been a bit fuzzy on what to do about Atlas for two reasons: 1) L4-L7 services are generally within the scope of what Quantum expects to cover and 2) its java-based, and core projects like Quantum are required to use python. I'm hoping the efforts of Eugene and others is a first step in helping move existing Atlas functionality and team members into a more permanent home as part of a core OpenStack project. As I mentioned, my feeling is that LBaaS makes sense as a fairly independent sub-component of the Quantum project, but ultimately, such questions are determined by the PPB. Dan Regards, Youcef -Original Message- From: openstack-bounces+youcef.laribi=citrix@lists.launchpad.net[mailto: openstack-bounces+youcef.laribi=citrix@lists.launchpad.net] On Behalf Of Eugene Kirpichov Sent: Tuesday, July 24, 2012 8:38 PM To: OpenStack Development Mailing List Cc: Samuel Bercovici; openstack@lists.launchpad.net; John Gruber; Gilad Zlotkin; Avi Chesla Subject: Re: [Openstack] [openstack-dev] Announcing proof-of-concept Load Balancing as a Service project Hi Dan, Thanks for the feedback. I will answer in detail tomorrow; for now just providing a working link to the project overview: http://goo.gl/LrRik On Tue, Jul 24, 2012 at 8:30 PM, Dan Wendlandt d...@nicira.com wrote: Hi Eugene, Angus, Adding openstack-dev (probably the more appropriate mailing list for discussion a new openstack feature) and some folks from Radware and F5 who had previously also contacted me about Quantum + Load-balancing as a service. I'm probably leaving out some other people who have contacted me about this as well, but hopefully they are on the ML and can speak up. On Tue, Jul 24, 2012 at 7:51 PM, Angus Salkeld asalk...@redhat.com wrote: On 24/07/12 18:33 -0700, Eugene Kirpichov wrote: Hello community, We at Mirantis have had a number of clients request functionality to control various load balancer devices (software and hardware) via an OpenStack API and horizon. So, in collaboration with Cisco OpenStack team and a number of other community members, we've started socializing the blueprints for an elastic load balancer API service. At this point we'd like to share where we are and would very much appreciate anyone participate and provide input. Yes, I definitely think LB is one of the key items that we'll want to tackle during Grizzly in terms of L4-L7 services. The current vision is to allow cloud tenants to request and provision virtual load balancers on demand and allow cloud administrators to manage a pool of available LB devices. Access is provided under a unified interface to different kinds of load balancers, both software and hardware. It means that API for tenants is abstracted away from the actual API of underlying hardware or software load balancers, and LBaaS effectively bridges this gap. That's the openstack way, no arguments there :) POC level support for Cisco ACE and HAproxy is currently implemented in the form of plug-ins to LBaaS called drivers. We also started some work on F5 drivers. Would appreciate hearing input on what other drivers may be important at this point...nginx? haproxy is the most common non-vendor solution I hear mentioned. Another question we have is if this should be a standalone module or a Quantum plugin... Based on discussions during the PPB meeting about quantum becoming core, there was a push for having a single network service and API, which would tend to suggest it being a sub-component of Quantum that is independently loadable. I also tend to think that its likely to be a common set of developers working across all such networking functionality, so it wouldn't seem like keeping different core-dev teams, repos, tarballs, docs, etc. probably doesn't make sense. I think this is generally inline with the plan of allowing Quantum to load additional portions of the API as needed for additional services like LB, WAN-bridging, but this is probably a call for the PPB in general
Re: [Openstack] [openstack-dev] Announcing proof-of-concept Load Balancing as a Service project
Here's the comment from Thierry, earlier today, from another thread on the ML: This would be a question for the PPB (or its future replacement, called the Technical Committee). The current stance is that all core projects should by Python, unless an extremely compelling argument can be made in favor of another language. It's far easier to build a development community around a single language. That said, it doesn't prevent ecosystem/related projects from being built in whatever language you prefer. So while its not impossible to have a CORE project be based on something other than python code, the burden of proof why python won't work is quite high. Dan On Wed, Jul 25, 2012 at 9:57 PM, Youcef Laribi youcef.lar...@eu.citrix.comwrote: Hi Dan, ** ** Thanks. I also get a lot of questions about how Atlas would integrate with Quantum, so we should definitely do something about it J. I’m not aware though that it is a requirement for a core OpenStack project to be written in Python. I would have thought that, as long as the APIs of a service are well defined, it shouldn’t matter what language it is written in, and there is an active developer community that is happy with developing and maintaining the project in that language. The only reference to requirements for an OpenStack project that I could find is this old blog post (step 6 talks about languages): ** ** http://www.openstack.org/blog/2011/02/10-steps-to-initiating-an-openstack-cloud-service/ ** ** Is there an official position on this issue (requirements for an OS project) from the OpenStack PPB? ** ** Youcef ** ** *From:* Dan Wendlandt [mailto:d...@nicira.com] *Sent:* Wednesday, July 25, 2012 6:31 PM *To:* Youcef Laribi *Cc:* Eugene Kirpichov; OpenStack Development Mailing List; John Gruber; Gilad Zlotkin; Avi Chesla; Samuel Bercovici; openstack@lists.launchpad.net *Subject:* Re: [Openstack] [openstack-dev] Announcing proof-of-concept Load Balancing as a Service project ** ** ** ** On Wed, Jul 25, 2012 at 1:54 PM, Youcef Laribi youcef.lar...@eu.citrix.com wrote: I also want to point the community to the Atlas project which is still ongoing, and the code base is available on github at: http://github.com/openstack-atlas/atlas-lb This is based on the original code contributed by Rackspace more than a year ago, from their Cloud LoadBalancers Service and since then it has been evolved to support multiple adapters (or drivers). The next big thing for the project is integration with Quantum and Nova, so would love to see a common approach to this integration. ** ** Hi Youcef, ** ** Yes, we recognize the efforts of the existing Atlas contributors and I definitely want to make sure the atlas folks play a key role in figuring out how LBaaS works in OpenStack moving forward. I get asked about LBaaS fairly often, and I've always been a bit fuzzy on what to do about Atlas for two reasons: 1) L4-L7 services are generally within the scope of what Quantum expects to cover and 2) its java-based, and core projects like Quantum are required to use python. I'm hoping the efforts of Eugene and others is a first step in helping move existing Atlas functionality and team members into a more permanent home as part of a core OpenStack project. As I mentioned, my feeling is that LBaaS makes sense as a fairly independent sub-component of the Quantum project, but ultimately, such questions are determined by the PPB. ** ** Dan Regards, Youcef -Original Message- From: openstack-bounces+youcef.laribi=citrix@lists.launchpad.net[mailto: openstack-bounces+youcef.laribi=citrix@lists.launchpad.net] On Behalf Of Eugene Kirpichov Sent: Tuesday, July 24, 2012 8:38 PM To: OpenStack Development Mailing List Cc: Samuel Bercovici; openstack@lists.launchpad.net; John Gruber; Gilad Zlotkin; Avi Chesla Subject: Re: [Openstack] [openstack-dev] Announcing proof-of-concept Load Balancing as a Service project Hi Dan, Thanks for the feedback. I will answer in detail tomorrow; for now just providing a working link to the project overview: http://goo.gl/LrRik On Tue, Jul 24, 2012 at 8:30 PM, Dan Wendlandt d...@nicira.com wrote: Hi Eugene, Angus, Adding openstack-dev (probably the more appropriate mailing list for discussion a new openstack feature) and some folks from Radware and F5 who had previously also contacted me about Quantum + Load-balancing as a service. I'm probably leaving out some other people who have contacted me about this as well, but hopefully they are on the ML and can speak up. On Tue, Jul 24, 2012 at 7:51 PM, Angus Salkeld asalk...@redhat.com wrote: On 24/07/12 18:33 -0700, Eugene Kirpichov wrote: Hello community, We at Mirantis have had a number of clients request functionality to control various load balancer devices (software and hardware) via
Re: [Openstack] [Quantum] Scalable agents
On Sun, Jul 22, 2012 at 5:51 AM, Gary Kotton gkot...@redhat.com wrote: ** This is an interesting idea. In addition to the creation we will also need the update. I would prefer that the agents would have one topic - that is for all updates. When an agent connects to the plugin it will register the type of operations that are supported on the specific agent. The agent operations can be specific as bit masks. I have implemented something similar in https://review.openstack.org/#/c/9591 This can certainly be improved and optimized. What are your thoughts? Based on your follow-up emails, I think we're now thinking similarly about this. Just to be clear though, for updates I was talking about a different topic for each entity that has its own UUID (e.g., topic port-update-f01c8dcb-d9c1-4bd6-9101-1924790b4b45) In addition to this we have a number of issues where the plugin does not expose the information via the standard API's - for example the VLAN tag (this is being addressed via extensions in the provider networks feature) Agreed. There are a couple options here: direct DB access (no polling, just direct fetching), admin API extensions, or custom RPC calls. Each has pluses and minuses. Perhaps my real goal here would be better described as if there's an existing plugin agnostic way to doing X, our strong bias should be to use it until presented with concrete evidence to the contrary. For example, should a DHCP client create a port for the DHCP server via the standard API, or via a custom API or direct DB access? My strong bias would be toward using the standard API. 3. Logging. At the moment the agents do not have a decent logging mechanism. This makes debugging the RPC code terribly difficult. This was scheduled for F-3. I'll be happy to add this if there are no objections. That sounds valuable. 4. We need to discuss the notifications that Yong added and how these two methods can interact together. More specifically I think that we need to address the configuration files. Agreed. I think we need to decide on this at monday's IRC meeting, so we can move forward. Given F-3 deadlines, I'm well aware that I'll have to be pragmatic here :) The RPC code requires that the eventlet monkey patch be set. This cause havoc when I was using the events from pyudev for new device creation. At the moment I have moved the event driven support to polling (if anyone who reads this is familiar with the issue or has an idea on how to address it any help will be great) Sorry, wish I could help, but I'm probably in the same boat as you on this one. I'm going to make sure we have a good chunk of time to discuss this during the IRC meeting on monday (sorry, I know that's late night for you...). Dan Thanks Gary Dan ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] nova-network not writing into dnsmasq-config-file
In Essex, I've seen issues like this if your fixed_ips table in the nova database has multiple entries for the same address (even if some of those entries are marked delete=true, though this has been fixed in Folsom). If you feel confortable, take a look at the fixed_ips table to see if anything looks odd. The dnsmasq conf files are generated directly from this table. Dan On Sun, Jul 22, 2012 at 1:45 PM, Wolfgang Hennerbichler wolfgang.hennerbich...@risc-software.at wrote: Hi openstack-guys, using the latest essex release from ubuntu packages, I see a weird nova-network behaviour (flat networking): nova.conf: --flat_interface=eth0 --flat_network_bridge=bridge_130 --flat_network_dhcp_start=192.168.32.130 --flat_injected=False nova-network runs on a different host as nova-compute. when I provision a VM, it all looks good (no errors in the logs), but the VM doesn't get an IP address. I've tcpdumped and verfied that the dhcp request reaches the correct interface of nova-network. now looking into dnsmasq I found this in the syslog: Jul 22 22:29:27 localhost dnsmasq-dhcp[3107]: read /var/lib/nova/networks/nova-bridge_130.conf Jul 22 22:29:50 localhost dnsmasq-dhcp[3107]: DHCPDISCOVER(bridge_130) 192.168.122.96 fa:16:3e:60:92:a6 no address available bummer. so I checked to see why this happens, and it turns out, that /var/lib/nova/networks/nova-bridge_130.conf is empty. I assume there should be the mac to IP mapping, written by nova-network, but although the file exists, it doesn't have content. nova-network doesn't complain about any issues with this file, the file system permissions allow the nova-user to write there, so I do not quite know how to handle this. Any hints would be very welcome. Thanks a lot wolfgang ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Public Network spec proposal
On Fri, Jul 20, 2012 at 8:20 AM, Jay Pipes jaypi...@gmail.com wrote: On 07/20/2012 10:24 AM, Lew Tucker wrote: We might want to think a bit about words here. I believe it would be less confusing to call this something else such as a shared network instead of public. As Salvatore indicates below, this is simply a network that is shared among several tenants. A common use case as given by the blueprint is to allow tenant access to service-provider created networks. By calling it a public network, many would assume Internet access. I believe this capability is very important as it could open up the possibility not only for the service provider but also for one tenant to offer services to others by allowing multiple tenants to connect to a shared network without using public IP addresses. Perhaps for right now, the authZ work could simply support sharing with All, but this could be refined later so that the owner of a shared network could implement finer-grained control such that only certain tenants (e.g. subscribers) could create ports. Totally agree here. In Glance, a public image is shared with everyone, no restrictions. Shared images are images that have their access shared with one or more image access members. A similar concept seems to apply perfectly here... What Salvatore is proposing now is the shared with everyone, no restrictions model (i.e., what glance calls public), and he wanted to avoid a name that implies that there was any more fine-grained authz mechanism for sharing. Glance used public for this, so the thought was to copy it, but I agree that public has wider connotations in the networking space, so it would be good to find an alternative if possible. We use the term global for this in the Essex release of Quantum (no name I've heard quite avoid unintended connotations). Ideally we would have a better flushed out design for what the general authz model for sharing networks would be, and then just expose this as a special share all case. That said, supporting this based share all use case is something Quantum already had in Essex, and is a strict requirement for Folsom, so we will likely have to make a decision on how to expose it before a full authz design is available. Dan Best, -jay On Jul 19, 2012, at 5:16 PM, Salvatore Orlando wrote: Indeed, public in our context means shared among several tenants. We are not dealing with tenant access to the Internet or direct association of VIF to public IP addresses. The basic model is still the 'guest network' model. This blueprint, for which some code is already available on gerrit, just addresses the authZ work necessary for ensuring multiple tenants can share the same network object. Salvatore On 19 July 2012 17:03, Tomoe Sugihara to...@midokura.com mailto:to...@midokura.com wrote: Hi Dan, On Thu, Jul 19, 2012 at 11:58 PM, Dan Wendlandt d...@nicira.com mailto:d...@nicira.com wrote: On Tue, Jul 17, 2012 at 7:39 PM, Tomoe Sugihara to...@midokura.com mailto:to...@midokura.com wrote: Hi Salvatore, I have a few questions regarding your proposal mostly related to L3 services. I've read in another thread that L3 services are out of Quantum's scope for Folsom Actually, for Folsom-3 we are working on a blueprint (https://blueprints.launchpad.net/quantum/+spec/quantum-l3-fwd-nat) to support the simple L3 and NAT/Floating-IP forwarding available in Nova (plus a bit more flexibility). Thanks for the info. This is very good to know. Now I'm assuming that *public* network just as the legacy network still get private IP prefix and they can have floating ip associated. Let me know if I'm missing something. Thanks, Tomoe Dan but I'd like to know how this publ networks? - How does VM on public network get internet connectivity? Would it get private IP first and then floating IP associated with it just as legacy nova+quantum network, or would public network get public IP connectivity directly? - What about the non-public networks? Would VMs on non-public networks be able to get internet connectivity with floating ip and masquerading using nova-network? Or they wouldn't get internet access because it's not public? 2. How ports in a public network for different tenants are isolated? or not isolated at all? If I understand correctly, ports on the same quantum network should get virtual L2 connectivity (within a single broadcast domain). So I'm assuming that ports on the same network are not isolated (unless security groups
Re: [Openstack] [ovs-discuss] VLAN with OpenVswitch and Quantum
Assuming you are using Essex, please look at: http://docs.openstack.org/trunk/openstack-network/admin/content/index.html http://openvswitch.org/openstack/documentation/ dan On Wed, Jul 18, 2012 at 9:53 PM, Trinath Somanchi trinath.soman...@gmail.com wrote: Hi- I'm currently setting up VLAN setup with Quantum and OpenVswitch. I have an idea that, to tenants can configured/act as to different hosts. But being a newbee for this kind of setup, Can any one please guide me on How to bring up the VLAN setup using Quantum and OpenVswitch. Thanking you all Please guide me in this regard, -- Regards, -- Trinath Somanchi, +91 9866 235 130 ___ discuss mailing list disc...@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Fwd: [Quantum] Public Network spec proposal
the authZ scenario. I am not sure whether this would work for our use cases. My concerns are: 1) If we restrict port creation to the owner of the network we would probably need the owner to pre allocate a number of ports for tenants to use [yong sheng gong] if not pre allocate, the port with specified ip will not work since customer tenant cannot create port with specified ip. 2) We should still allow the PUT operation to normal tenants, as they will set the device_id of the VM they've attached to the port. [yong sheng gong] Yes. PUT is should be allowed on device_id field of port Nevertheless, the proposed change to the design is valuable in my opinion, and I am very keen to hear what the other members of the community think of it. So the scenario looks like this: 1. public owner creates public network 2. public owner creates subnets under the public network 3. public owner creates port, with fixed_ip, mac and other stuff populated. 4. other tenant asks for using the port under the public network 5. public owner assigns a port to the customer tenant Do you mean that in this step the ownership of the port object is give to the tenant? [Yong sheng gong] I think ownership is not given up. We just add one more field to record who is using this port. After that the 'quantum port-list --tenant_id' should also have --public options to show ports assigned to the tenant. 6. customer tenant associates its instance to the port. At this time, the port's devise_id is populated With this scenario: 1. nova integration we can specify the ports when booting an instance. so except nova boot --nic net-id=privatenetworkid,ipv4-ip=ip1 we have nova boot --nic port-id=portid. where the portid can be a port under a public network and a port under a private network. Thanks Yong Sheng Gong -openstack-bounces+gongysh=cn.ibm@lists.launchpad.net wrote: - To: openstack openstack@lists.launchpad.net From: Salvatore Orlando Sent by: openstack-bounces+gongysh=cn.ibm@lists.launchpad.net Date: 07/12/2012 06:59AM Subject: [Openstack] [Quantum] Public Network spec proposal Hi, A proposal for the implementation of the public networks feature has been published. It can be reached from the quantum-v2-public-networks blueprint page [1]. Feedback is more than welcome! Regards, Salvatore [1]: https://blueprints.launchpad.net/quantum/+spec/quantum-v2-public-networks ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Scalable agents
On Wed, Jul 18, 2012 at 5:17 AM, Gary Kotton gkot...@redhat.com wrote: ** On 07/18/2012 04:23 AM, Dan Wendlandt wrote: Hi Gary, Removing much of the thread history, as I think we agree on the high-level goals. Now just focusing on the differences. For example, a DHCP agent handling all DHCP for a deployment might register for create/update/delete operations on subnets + ports, whereas a plugin agent might only register for updates from the ports that it sees locally on the hypervisor. Conceptually, you could think of there being a 'topic' per port in this case, though we may need to implement it differently in practice. The agent ID is currently stored in the database (this is for the configuration sync mechanism). I think that adding an extra column indicating the capabilities enables the service to notify the agents. The issue is how refined can the updates be - we want to ensure that we have a scalable architecture. I think either we can implement the filtering ourselves using a mechanism like this, or we can rely on the message bus to do it for us. I'm not really familiar with the scalability of various message bus implementations, but a simple model would be that there's a topic for: - port creation - net creation - subnet creation and a specific topic for each entity after its created to learn about updates and deletes. as I said, we may need to implement this logic ourselves is using many such topics would not be scalable, but this seems like the kind of think a message bus should be good at.. In general, I think it is ideal if these external agents can use standard mechanisms and formats as much as possible. For example, after learning that port X was created, the DHCP agent can actually use a standard webservice GET to learn about the configuration of the port (or if people feel that such information should be included in the notification itself, this notification data uses the same format as the webservice API). I am not sure that I agree here. If the service is notifying the agent then why not have the information being passed in the message (IP + mac etc.) There is no need for the GET operation. My general bias here is that if there are now two ways to fetch every type of information (one via the standard public interface and another via the internal interface with a different implementation) that is twice the testing, updating, documenting that we have to do. Perhaps the two problems we're trying to solve are sufficiently different that they require two different mechanisms, but in my use cases I haven't seen that yet. Dan ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Scalable agents
On Mon, Jul 16, 2012 at 3:30 AM, Gary Kotton gkot...@redhat.com wrote: Hi, The patch https://review.openstack.org/#**/c/9591/https://review.openstack.org/#/c/9591/contains the initial support for the scalable agents (this is currently implemented on the linux bridge). At the moment this does not support a network or port update, that is, the user can set 'admin_status_up' to 0. This means that either the network or the port should stop handling traffic. The network/port update is challenging in a number of respects. First and foremost the quantum plugin is not aware of the agent on which the port may have been allocated (this is where the VM has been deployed). In addition to this there may be a number of agents running. There are a number of options to perform the port update. They are listed below: 1. Make use of the openstack-common notifier support. This would have the plugin notify all of the agents. I have yet to look at the code but guess that it is similar to the next item. 2. Make use of the RPC mechanism to have the plugin notify the agents. At the moment the plugin has the topic of all of the agents (this is used for a health check to ensure that the configuration on the agent is in sync with that of the plugin). It is described in detail in https://docs.google.com/**document/d/**1MbcBA2Os4b98ybdgAw2qe_** 68R1NG6KMh8zdZKgOlpvg/edit?**pli=1https://docs.google.com/document/d/1MbcBA2Os4b98ybdgAw2qe_68R1NG6KMh8zdZKgOlpvg/edit?pli=1 If I understand correctly then both of the above would require that the agents are also RPC consumers. In both of the above the when there is a update to either a network or port then there will be a lot of traffic broadcast on the network. Hi Gary, Yes, I think either way, to eliminate the polling, we need to have some mechanism to inform the agents that they need to update state. My goal would be to build a standard mechanism for this that to the degree possible leverages existing APIs and data formats, so that we can avoid having multiple formats for the same data and avoid any RPC-call sprawl. I agree that we don't want to broadcast all data everyone. At the same time, I'd like to avoid having to make the the core plugin code running within quantum-server be aware of all of the different agents. What I think would be idea is that we have a fine-grained notification mechanism for when objects (networks, subnets, ports) are updated, and that agents could choose to register for updates on particular objects. For example, a DHCP agent handling all DHCP for a deployment might register for create/update/delete operations on subnets + ports, whereas a plugin agent might only register for updates from the ports that it sees locally on the hypervisor. Conceptually, you could think of there being a 'topic' per port in this case, though we may need to implement it differently in practice. In general, I think it is ideal if these external agents can use standard mechanisms and formats as much as possible. For example, after learning that port X was created, the DHCP agent can actually use a standard webservice GET to learn about the configuration of the port (or if people feel that such information should be included in the notification itself, this notification data uses the same format as the webservice API). So in sum, I'm hoping that we can take an approach to this problem that build a base framework that will continue to work as we add more rich functionality to quantum networks, recognizing that in most cases, agents will need to follow the pattern of triggering off of changes to API objects. I'm not sure whether this is inline with your thinking or not, so I'd be curious to hear your thoughts. Thanks, Dan Another alternative is to piggy back onto the health check message. This will contain the ID's of the networks/ports that were updated prior to the last check. When an agent receives these, if they are using the the network or port then they will request the details from the plugin. This will certainly have less traffic on the network. If anyone has any ideas then it would be great to hear them. Hopefully we can discuss this in tonight's meeting. Thanks Gary __**_ Mailing list: https://launchpad.net/~**openstackhttps://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~**openstackhttps://launchpad.net/~openstack More help : https://help.launchpad.net/**ListHelphttps://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Devstack stable/essex release issue
Hi Naveen, Your best bet is probably to create a question on https://answers.launchpad.net/quantum/ . I would include the log output below, plus logs from nova-network and quantum screens. Dan On Mon, Jul 16, 2012 at 9:53 AM, Naveen Kuna naveen.k...@oneconvergence.com wrote: Hi, We are trying to test the openstack with quantum stable/essex release using devstack. We are seeing the following issue at our setup: = + /opt/stack/nova/bin/nova-manage network create private 10.0.0.0/24 1 4096 2012-07-16 21:47:37 WARNING nova.network.quantum.manager [req-17beca79-321c-4645-9614-8aad8a1548c9 None None] Ignoring unnecessary parameter 'network_size' 2012-07-16 21:47:37 WARNING nova.network.quantum.manager [req-17beca79-321c-4645-9614-8aad8a1548c9 None None] QuantumManager does not use 'bridge' parameter. 2012-07-16 21:47:37 WARNING nova.network.quantum.manager [req-17beca79-321c-4645-9614-8aad8a1548c9 None None] QuantumManager does not use 'bridge_interface' parameter. 2012-07-16 21:47:37 DEBUG nova.network.quantum.quantum_connection [req-17beca79-321c-4645-9614-8aad8a1548c9 None None] Quantum Client Request: POST /v1.1/tenants/default/networks.json from (pid=15691) do_request /opt/stack/nova/nova/network/quantum/client.py:182 2012-07-16 21:47:37 DEBUG nova.network.quantum.quantum_connection [req-17beca79-321c-4645-9614-8aad8a1548c9 None None] {network: {name: private, nova_id: nova}} from (pid=15691) do_request /opt/stack/nova/nova/network/quantum/client.py:184 Command failed, please check log for more info ++ failed ++ local r=1 ++ set +o xtrace stack.sh failed: full log in /home/stack/logs/stack.log.2012-07-16-214633 = Our localrc file is as follows: == # Hosts HOST_IP=ip of eth0 # Services ENABLED_SERVICES=g-api,g-reg,key,n-api,n-crt,n-obj,n-net,n-vol,n-sch,n-novnc,n-xvnc,n-cauth,horizon,mysql,rabbit,quantum,q-svc,q-agt,n-cpu # Networks FIXED_NETWORK_SIZE=4096 FIXED_RANGE=10.0.0.0/24 FLAT_INTERFACE=eth1 FLOATING_RANGE=172.16.142.128/25 Q_INTERFACE=eth1 # Misc MULTI_HOST=0 SERVICE_TOKEN=xyzpdqlazydog SYSLOG=True Q_PLUGIN=openvswitch SYSLOG=True UPLOAD_LEGACY_TTY=1 DEFAULT_IMAGE_NAME=tty-quantum GLANCE_BRANCH=stable/essex HORIZON_BRANCH=stable/essex KEYSTONE_BRANCH=stable/essex NOVA_BRANCH=stable/essex QUANTUM_BRANCH=stable/essex SWIFT_BRANCH=1.4.8 === We are trying this test on ubuntu 12.04 64 bit version. Did we miss anything in our configuration ? Please help us solving this issue. Thanks Regards, *Naveen R K Reddy*, ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Quantum] Network, Subnet and Port names
Hi Gary, this is an example of when I wish openstack APIs had a style-guide to try to ensure some consistency across projects. For those new to the conversation, the original topic of discussion is whether names for API objects should be forced to be unique (presumably within a tenant?) or allowed to be duplicated. The general feeling from the meeting was that since UUIDs are unique, the API itself would not enforce name uniqueness. That also led to the point that names should then be optional, since they are really for informational/display purposes only. Personally, I tend to think that description tends to imply a sentence private network for tenant1, rather than a simple name tenant1-net. There's also the fact that other openstack services like nova and glance use the term name with the similar (I believe) model that a name need not be unique. Would be curious to hear what others think. The only thing I'm quite sure about is that there would be value in creating some notion of openstack API consistency best practices to give a more cohesive feel to APIs across different projects in the openstack family. Dan On Mon, Jul 16, 2012 at 10:05 PM, Gary Kotton gkot...@redhat.com wrote: Hi, If the name is intended to be a description then how about the idea of calling the field description instead. This is far more descriptive and does not lend the user to think that this should be unique. Thanks Gary __**_ Mailing list: https://launchpad.net/~**openstackhttps://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~**openstackhttps://launchpad.net/~openstack More help : https://help.launchpad.net/**ListHelphttps://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Testing NOVA-OVS-Quantum setup
, están prohibidas por la ley. * PRIVILEGED AND CONFIDENTIAL We hereby inform you, as addressee of this message, that e-mail and Internet do not guarantee the confidentiality, nor the completeness or proper reception of the messages sent and, thus, STACKOPS TECHNOLOGIES S.L. does not assume any liability for those circumstances. Should you not agree to the use of e-mail or to communications via Internet, you are kindly requested to notify us immediately. This message is intended exclusively for the person to whom it is addressed and contains privileged and confidential information protected from disclosure by law. If you are not the addressee indicated in this message, you should immediately delete it and any attachments and notify the sender by reply e-mail. In such case, you are hereby notified that any dissemination, distribution, copying or use of this message or any attachments, for any purpose, is strictly prohibited by law. -- Regards, -- Trinath Somanchi, +91 9866 235 130 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- Regards, -- Trinath Somanchi, +91 9866 235 130 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Nova] Networking changes and quantum
On Sat, Jul 7, 2012 at 5:33 PM, Ryan Lane rl...@wikimedia.org wrote: L3 + Floating IPs are being added to Quantum in F-3 (got bumped from F-2). So, I should wait until L3 and try again, but in quantum? Yes, from talking to Vish a while back, the plan is that nova-network will be more less feature frozen, with new features targeting Quantum. We're at a bit of an awkward transition point right now, so probably best to continue to use your nova-network implementation off an internal branch for now, and then integrate with Quantum once the base L3 stuff is in. When do you expect this API to be available? I plan on backporting my work to nova for diablo and essex, but I'd like to make sure I have this upstream in the right place, and in the preferred way. The basic L3 and notification changes should be in during Folsom-3. Dan - Ryan -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Nova] Networking changes and quantum
Hi Ryan, L3 + Floating IPs are being added to Quantum in F-3 (got bumped from F-2). I haven't looked at your patch in detail, but it seems like you're looking to notice when a floating-ip is allocated or deallocated, and use that to trigger a change to the configuration of an external BGP daemon. Assuming that's the case, I'd much rather we take the approach of creating a notification API that would let you build this functionality as an external component process that feeds off of notifications about floating IPs being allocated and deallocated. We're looking at something similar for DHCP as well. This let's people implement custom functionality without having to modify the core code and config files. We have a blueprint to add such a notification framework to Quantum (likely based on work in Nova), but at this point, but its not clear when this will land (likely depends on whether it is used for DHCP improvements in F-3 or not). If you're interested in helping out with it, let me know. Dan On Fri, Jul 6, 2012 at 5:09 PM, Ryan Lane rl...@wikimedia.org wrote: I'm trying to add support to nova for BGP announcements for floating IP addresses (as an alternative to subnetting and ARP). The change currently has a -1, since networking code is moving to quantum. It seems that quantum doesn't have floating IP support, though. Where should I be adding this code? https://review.openstack.org/#/c/9255/ - Ryan ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Netstack] quantumv2 command error
Hi Hua, I'm not able to reproduce this. Assuming you're running the latest versions of code already, best bet would probably be to file a bug on launchpad and assign it to Yong. He is the expert on the CLI code and would probably be best able to sort out why you're seeing this. Dan On Thu, Jul 5, 2012 at 2:40 AM, Hua ZZ Zhang zhu...@cn.ibm.com wrote: Hi, I'm testing the new quantum API according to the wiki: http://wiki.openstack.org/RunningQuantumV2Apihttp://wiki.openstack.org/RunningQuantumV2Api But I got some ERROR report when executing the command of quantumv2. Who can help me on this? Thanks openstack@ubuntu:/opt/stack/devstack$ keystone tenant-list +--++-+ |id|name| enabled | +--++-+ | 0afb2c2149a947709079878f0b092f68 |demo| True | | 36bac58501b349a88444136629d8a9ce | service | True | | 4302dd05187d423cac76e7b447f41775 | admin| True | | c0cbc7bef9344b0db0a78d1e392feeb3 | invisible_to_admin | True | +--++-+ openstack@ubuntu:/opt/stack/devstack$ quantumv2 --os-token ADMIN --os-url http://localhost:9696/ create_net --tenant-id 0afb2c2149a947709079878f0b092f68 mynet ERROR: quantumclient.shell initialize_app() takes exactly 1 argument (2 given) -Zhang Hua -- Mailing list: https://launchpad.net/~netstack Post to : netst...@lists.launchpad.net Unsubscribe : https://launchpad.net/~netstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] OpenStack G naming poll
I would like to come out as strongly pro-Grizzly. I wonder if this release name would make Thierry the moma grizzly: http://en.wikipedia.org/wiki/Mama_grizzly dan On Wed, Jul 4, 2012 at 1:33 AM, James E. Blair cor...@inaugust.com wrote: Brian Waldon brian.wal...@rackspace.com writes: TL;DR - Screw the rules, let's call the next release 'Grizzly' As California is rather lacking in the 'municipality names starting with a G that we should use for an OpenStack release' department, I have had to look *slightly* outside the ruleset to find a suitable 'G' release name - that name being 'Grizzly'. The rules clearly state that a release name must represent a city or county near the corresponding design summit and be comprised of a single word of ten characters or less - the problem here being that 'Grizzly' is actually 'Grizzly Flats.' Having already polled a small subset of the community, I feel like there would be enough support for 'Grizzly' to win if it were on the ballot. As I'm more interested in selecting a suitable name than accurately representing some arbitrary territory, I'd love to either permanently amend the rules to make this acceptable or grant an exception in this one case. As Thierry said, if this reaches critical mass, we will figure out what to do. Otherwise, I'll shut up and deal with 'Gazelle'. I will join your Bear Flag Revolt. We could amend the rules to add official symbols of the territory in question. Despite being one of the most recognized symbols of California, named the state animal, and appearing on the state flag, the Grizzly bear (Ursus californicus) has been extinct here since 1922. [1] http://en.wikipedia.org/wiki/California_Republic#Bear_Flag_Revolt -Jim Though as a Firesign Theatre fan, I like Goshen too. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] coding standards (was: review for implement dhcp agent for quantum)
I talked with folks a bit about this offlist. Here's the summary: I think everyone agrees that there is a value in enforcing style guidelines that go beyond what can be mechanically enforced via pep8, namely, things covered in HACKING.rst (such as doc-strings formatting). Tools for automatic checking are ideal, but they don't always exist. I think everyone (including the reviewer) would agree that the review comments went beyond this, with spelling and grammer suggestions. My feeling is that assuming the comment is readable, such spelling/grammer comments should be viewed as suggestions, not requirements. I think both reviewer and reviewee agrees with this. Perhaps part of the problem here is that the review comments about spelling grammar nits where originally intepreted by the reviewee as being 'required' for approval of the patch. Now that it is clear that they are not, I believe the concerns are alleviated. In the future, we should make sure that reveiwers are more clear about what comments are 'suggestions' vs. 'requirements', particularly when reviewing code from people new to the project. I don't think anyone is saying that a reviewer shouldn't be allowed to point out spelling/grammer issue in code in a friendly way. As I said in the other thread, I personally think its helpful when a reviewer points out a typo of mine. Dan On Wed, Jul 4, 2012 at 1:33 AM, Monty Taylor mord...@inaugust.com wrote: On 07/03/2012 05:07 PM, Duncan McGreggor wrote: On Tue, Jul 3, 2012 at 5:39 PM, Dan Wendlandt d...@nicira.com wrote: Lately, Quantum reviewers have been doing their best to enforce python style guidelines above and beyond the programmatically enforced pep8 checks. This has happened for many recent reviews, so Mark isn't being singled out here, My objection isn't to Mark being singled-out -- my objection is to *anyone* engaging in this level of nit-pickery. This is death to projects. This is coming from a guy who's incredibly anal about his code and coding standards, too. I've been coding in Python for over a decade, adhering to PEP8 for a considerable period of that time, am a member of the notoriously picky Twisted project, and even I was surprised by the flood of review comments -- a high number of which contributed nothing to the improved readability, maintaiability, or functionality of this code under review. There were definitely some good points/comments. But there was a lot in there that you had to wade through the rest, before you saw them. I actually am going to need to side with Duncan here, although also I'm going to slightly disagree- but hopefully we're all used to that by now. Duncan is right - nitpickery can be quite deadly, but I think what's worse is when it's vague, not codified, and not checkable. With pep8, there is a clear document, and there is a tool that a dev can use to simply check his code. It's not like pylint, where it's literally impossible to write code which satisfies all of the warnings - it is completely possible to write code which is pep8 clean (as we all know, since we are all required to do so) But the best part about having a tool (other than my single-minded devotion to automated gating) isn't that we can use it to gate - it's that a dev can use it locally to verify things before sending them in for review... and that's great. The death cycle is really about the lag time. If you write some stuff, then run pep8 - or even nova's hacking.py - and it tells you things like Hey Duncan, I don't like it when you write methods that have the word is in the name - you may think it's ridiculous, but the feedback cycle is quick and deterministic and it's not nearly as frustrating. I think this is why the extra pedanticness in nova has worked out ok without killing people. The rules are in HACKING and are clear, but they're also in tools/hacking.py - and we use them as part of the pep8 gate. Because the code is clean to begin with, they're not very onerous to deal with... they're also simple and deterministic enough, because someone had to code a flipping check for them. Once there is a predictable and quick feedback cycle that can be locally tested, a developer can train himself to write the code that way in the first place - and they also don't feel like they're being picked on. SO - I'd recommend a middle ground here - if you want to add additional strictness in style checking, do what nova did with hacking.py ... we'll happily add it to the gate if you like. However... just remember that we're not here to write python style guidelines, or to write python programs enforcing those guidelines (not even those of us on the CI team) ... so if you find yourself spending weeks on a new version of hacking.py, something has probably gone wrong. though admittedly there's a lot of code previously accepted to the codebase that wasn't held to such a high bar. This attention to style
Re: [Openstack] VM network adapter hotplug
Hi Irena, We've talked about adding this capability (blueprint here: https://blueprints.launchpad.net/quantum/+spec/nova-quantum-interface-creation) and its mentioned in this bug ( https://bugs.launchpad.net/quantum/+bug/1019909), but I do not know of anyone actively working on this. If you'd like to work on it, we can definitely help provide guidence. Dan p.s. I believe xenserver supports an equivalent mechanism On Mon, Jul 2, 2012 at 6:39 AM, Irena Berezovsky ire...@mellanox.comwrote: Hi, I tried to find a way to add a network adapter to running VM without needing to restart it but could not find an API to apply it. As I understand KVM allows such functionality : https://fedoraproject.org/wiki/Features/KVM_NIC_Hotplug Is it supported or considered for Folsom? ** ** Thanks a lot, Irena ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Adding docs gating jobs?
great. On Tue, Jun 26, 2012 at 5:17 PM, Jay Pipes jaypi...@gmail.com wrote: ++ -jay On 06/26/2012 10:02 AM, Monty Taylor wrote: Hey guys! We have all of the projects properly and consistently building and uploading sphinx docs from in tree. This is pretty exciting, because it means one more resource we can expect to work. So related to that, we were talking about putting in a gating job for each project to prevent changes from breaking the docs. I don't really expect these jobs to fail builds very often, as the jobs themselves are pretty stable - but obviously it's the kind of thing people might have an opinion on. Thoughts? Monty __**_ Mailing list: https://launchpad.net/~**openstackhttps://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~**openstackhttps://launchpad.net/~openstack More help : https://help.launchpad.net/**ListHelphttps://help.launchpad.net/ListHelp __**_ Mailing list: https://launchpad.net/~**openstackhttps://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~**openstackhttps://launchpad.net/~openstack More help : https://help.launchpad.net/**ListHelphttps://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Router as a VM
On Thu, Jun 21, 2012 at 6:18 AM, Neelakantam Gaddam neelugad...@gmail.comwrote: Hi Dan, Can you point me to the brief instructions on how to run nova-network on a VM and make it as a router? Hi Neelakantam, I was just referring to running nova-network in a linux VM using the same instructions as installing nova-network on a bare-metal linux server. This isn't very flexible though, and may not meet you needs depending on use case (e.g., you can have different VMs being routers for different tenants). In the Folsom-3 iteration, we will be working on an improved L3 model for quantum that will be more flexible, enabling a model where all tenants use a single linux device as their gateway, or a model where each tenant get their own VM acting as a router (as well as other use cases). Dan Thanks Neelakantam On Wed, Jun 20, 2012 at 6:51 PM, Dan Wendlandt d...@nicira.com wrote: Hi Neelakantam, The essex model for implementing gateway/router is that nova-network creates these interfaces. It would be possible to run nova-network in a VM, but that would be a single VM acting as a router for all tenants, whereas my guess is that you want a per-tenant VM acting as a router. There's no automated mechanism for doing that now, though in Folsom we will be introducing a plugin model that would support a model where a per-tenant router is created to be the gateway for each tenant. No one has volunteered to do this work though, but I'd love it if someone was interested. Dan On Tue, Jun 19, 2012 at 8:58 PM, Neelakantam Gaddam neelugad...@gmail.com wrote: Hi All, I am trying multi node setup using openstack and quantum using devstack. My understanding is that for every tenant, there is a gateway interface created in the physical host and these will act as gateways for the tenants. Is it possible to configure a VM as a gateway/router for a tenant and how can we do this ? Thanks in advance. -- Thanks Regards Neelakantam Gaddam ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ -- Thanks Regards Neelakantam Gaddam -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] VM provisioning on a specific network with Horizon
On Thu, Jun 21, 2012 at 7:55 AM, Rami Cohen ramic.h...@gmail.com wrote: Hi, Using Horizon, is it possible to create an instance on a specific network? Hi RamiC, Are you using Quantum, or one of the other Nova network managers? Arvind (CC'd) is modifying Horizon during the F-2 milestone to add this capability when Quantum is in use. Dan Thanks, RamiC ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Router as a VM
Hi Neelakantam, The essex model for implementing gateway/router is that nova-network creates these interfaces. It would be possible to run nova-network in a VM, but that would be a single VM acting as a router for all tenants, whereas my guess is that you want a per-tenant VM acting as a router. There's no automated mechanism for doing that now, though in Folsom we will be introducing a plugin model that would support a model where a per-tenant router is created to be the gateway for each tenant. No one has volunteered to do this work though, but I'd love it if someone was interested. Dan On Tue, Jun 19, 2012 at 8:58 PM, Neelakantam Gaddam neelugad...@gmail.comwrote: Hi All, I am trying multi node setup using openstack and quantum using devstack. My understanding is that for every tenant, there is a gateway interface created in the physical host and these will act as gateways for the tenants. Is it possible to configure a VM as a gateway/router for a tenant and how can we do this ? Thanks in advance. -- Thanks Regards Neelakantam Gaddam ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] is there any IDS projects on openstack?
None that I am aware of. Dan On Wed, Jun 20, 2012 at 5:12 AM, badis hammi dis@hotmail.fr wrote: Hi friends, I'm new on this mailing list, I just begin with openstack and I wish to know if it exists any Intrusion Detection System projects on openstack. thank you ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Performance metrics
On Wed, Jun 20, 2012 at 5:56 AM, Neelakantam Gaddam neelugad...@gmail.comwrote: Hi All, I want to do performance analysis on top of [openstack,Qauntum,openvswitch] setup. I am interested in the following metrics. VM life cycle (creation, deletion, boot..,etc) VM Migration Quantum (network, port creation/deletion..,etc) Are there any performance metric tools/scripts available in openstack ? If not, how can I do the performance analysis of the above metrics on openstack quantum setup ? Please help me regarding performance metrics. I want to know details of the biggest deployment with [openstack,Qauntum,openvswitch] setup interms of number of tenant networks, number of compute nodes, number of VMs per tenant. Most of the folks I know using Quantum are commercial companies, and I suspect they may consider information about their current cloud scale to be proprietary. However, perhaps someone else on the list would be able to volunteer some info on this. Dan Thanks in advance. -- Thanks Regards Neelakantam Gaddam ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] OpenVSwitch Agent
On Mon, Jun 11, 2012 at 12:38 AM, Neelakantam Gaddam neelugad...@gmail.comwrote: Hi All, In the openstack architecture, what are the exact reasons for running the OpenvSwitch agent on all the compute nodes. Is it for portability reasons? Can we avoid the implementation of agent in the openstack architecture? Hi Neelakntam, Several openstack services have agents or workers that perform local configuration on a particular device as needed. For example, in the case of nova + libvirt, nova-compute creates disk files, and communicates with libvirt, and nova-network communicates with the linux networking stack to configure iptables + spawn instances of dnsmasq. The OVS plugin has an agent/worker that runs on each compute host as well, to make changes to the vswitch when a VM is provisioned, or when a Quantum port's settings are changed via the Quantum API. Dan Thanks in advance. -- Regards Neelakantam Gaddam ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] request and transaction IDs across all projects
On Mon, Jun 11, 2012 at 10:27 PM, Gabe Westmaas gabe.westm...@rackspace.com wrote: In nova we use a request ID to to help in finding all logs associated with a particular request, and this has proven to be extremely useful when debugging issues. This should be taken a bit further, in two different directions. First, I'd like to see the request ID stored along with the any faults that are registered, and I'd like to see that request ID returned in the fault data. Returning it in the fault data can start as an extension for now, and that should be able to move forward into the API pretty easily. Second, I'd like to figure out how we can extend this concept to all the openstack services. I see two competing desires here. First, we want to know about a particular request to a given service and second we want to know about an overall transaction across all services. So, for example, a single create server request may cause multiple requests to glance, and depending on the issue, it would be great to both tie those together or investigate separately. To this end, I'd like to see both a request ID and a transaction ID. I'd like to see both these items in log, and I'd like all OpenStack services to obey the rule that if the transaction ID is set, don't reset it to anything else, but always add a request ID. Thoughts? Do you buy the need for both a request ID and a transaction ID? I think the biggest change would be for swift, which already has a tx- header that gets set randomly no matter what (if that middleware is enabled). I can make blueprints for both the points above if yes. I'd love to get request IDs into glance, melange and quantum (maybe already there?) in particular as quickly as possible. Hi Gabe, I'm definitely in support of an ID that could help tie together both requests within a service, and requests between services (e.g., when Nova contacts Quantum to create a port when a VM is provisioned). Dan Gabe ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] api extensions question
On Mon, Jun 11, 2012 at 6:15 AM, Robert Kukura rkuk...@redhat.com wrote: On 06/10/2012 03:19 PM, Irena Berezovsky wrote: Hi Robert, May I add to your question also considerations regarding network creation - POST operation? I may be wrong in my understanding, but it seems to me that in case of RequestExtension it will be possible to create Provider Network via a single call. In case of ResourceExtension it will require 2 calls; one for network creation and second for provider attributes setting for previously created network. Am I right? In case of ResourceExtension Plugin on network creation should behave differently for provider and other(virtual) network, i.e. skip VLAN allocation. Seems that Plugin should be aware about Network type already during network creation. What do you think? Hi Irena, I'd like to avoid this sort of two-step resource creation process. Adding new optional arguments to the existing POST operation that creates a new resource such as network seems to work, at least with JSON. I haven't looked into XML support for this yet. These arguments get passed through to the plugin as kwargs. Their names should use the extension's namespace prefix, but otherwise I don't think any explicit support in the extension framework is involved. Just shoving values into a post and having them passed in as kwargs works (we've done this in the past), but what I don't like about that approach is that if we don't actually use an extension, there's no good way for an API user to query the set of supported extensions and see if that extension is running. Likewise, if extra arguments are passed into the plugin as kwargs, an API might pass them in and believe they were accepted, when in fact they were just ignored by the plugin. Dan -Bob Thanks, Irena -Original Message- From: netstack-bounces+irenab=mellanox@lists.launchpad.net [mailto: netstack-bounces+irenab=mellanox@lists.launchpad.net] On Behalf Of Robert Kukura Sent: Friday, June 08, 2012 6:21 PM To: Dan Wendlandt; netst...@lists.launchpad.net Subject: [Netstack] Provider Networks extension advice (was Re: [Openstack] question on get_network_details api call) Dan, Netstackers, I need some advice ASAP so I can proceed with the provider-networks BP (https://blueprints.launchpad.net/quantum/+spec/provider-networks) implementation. This BP will be implemented using a provider extension that adds a number of optional attributes (eg. vlan tags) to the core network resource. These attributes will be settable by and visible to those with admin rights. The main decision I'm looking for advice on is whether to implement this extension as a RequestExtension or as a ResourceExtension. See the email quoted below for details. If implemented as a RequestExtension, these provider attributes would be returned along with the core attributes from GET /tenants/{tenant_id}/networks/{network_id}.json, and potentially from all API actions that return the core attributes. If implemented as a ResourceExtension, the provider attributes would be accessed from a separate sub-resource, such as GET /tenants/{tenant_id}/networks/{network_id}/provider.json. As Dan suggested below, I think it would be preferable to extend the core resource itself rather than define a new sub-resource. This would mean using the RequestExtension approach. The issue with this is that I see no way to support XML with this approach, but the ResourceExtension approach can support both JSON and XML. Is the RequestExtension approach preferable? Is it acceptable even if it cannot (currently) support XML? Or is there a way to extend the XML using a RequestExtension that I'm missing? Thanks, -Bob On 06/07/2012 05:19 PM, Robert Kukura wrote: On 06/02/2012 01:56 PM, Dan Wendlandt wrote: Hi Irena, Bob, Salvatore, Just catching up the thread, and looping the netstack and openstack lists in as well, as this info is general useful in my opinion. Our model with Quantum, like Nova, is that it is definitely ok to extend the content of a core object with additional attributes. These attributes should be formatted properly as extended attribute, so that the key of the attribute is extension-alias:attribute-name This is done pretty commonly within Nova. Two simple examples are: - nova/api/openstack/compute/contrib/scheduler_hints.py - nova/api/openstack/compute/contrib/extended_status.py I do not believe you need to (or should) modify the view-builder code for the core object when you want to add an extended attribute to it. Thanks Dan! I've now had some success implementing an extension that creates a RequestExtension that adds extended attributes to the response for a core resource. At least with JSON - I have not been able to figure out how to do this for XML, if that is even possible in quantum. Instead, the extension framework has
Re: [Openstack] [Netstack] [Quantum] Review days for Quantum core devs
On Mon, Jun 11, 2012 at 2:25 AM, Salvatore Orlando salv.orla...@gmail.comwrote: Hi, During our last project meeting there was some interest in introducing review days for Quantum core devs. I see multiple benefits in this approach: 1) Contributors would know which core member the need to contact on a given days for soliciting a review for their patches 2) Predictable code review effort for core devs 3) The PTL knows who should be whipped! indeed :) Thanks for taking the lead on this Salvatore. Please send out the wiki page, no need for more +1s :) dan I think we can leverage the fact that our core devs span several time zones. So for each day we can have, for instance, an EMEA core reviewer on duty between 1AM and 9AM PST, an US core reviewer on duty between 9AM and 5PM PST, and an APAC core reviewer on duty between 5PM and 1AM PST. Of course the plan needs to be flexible especially around milestone release, where all the devs which are not busy coding should probably dedicate more time to code review. I am going to start a wiki page with a 5x3 grid, with days on the rows and zones on the columns. If you like this idea, +1 this email and add your name to the grid :) Otherwise, please let me have your feedback and concerns. Salvatore -- Mailing list: https://launchpad.net/~netstack Post to : netst...@lists.launchpad.net Unsubscribe : https://launchpad.net/~netstack More help : https://help.launchpad.net/ListHelp -- ~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp