Re: [Openstack] using Glusterfs for instance storage
You should check your syslog for app armor denied messages. It is possible app armor is getting in the way here. Vish On Apr 11, 2013, at 8:35 AM, John Paul Walters jwalt...@isi.edu wrote: Hi Sylvain, I agree, though I've confirmed that the UID and GID are consistent across both the compute nodes and my Glusterfs nodes. JP On Apr 11, 2013, at 11:22 AM, Sylvain Bauza sylvain.ba...@digimind.com wrote: Agree. As for other shared FS, this is *highly* important to make sure Nova UID and GID are consistent in between all compute nodes. If this is not the case, then you have to usermod all instances... -Sylvain Le 11/04/2013 16:49, Razique Mahroua a écrit : Hi JP, my bet is that this is a writing permissions issue. Does nova has the right to write within the mounted directory? Razique Mahroua - Nuage Co razique.mahr...@gmail.com Tel : +33 9 72 37 94 15 Le 11 avr. 2013 à 16:36, John Paul Walters jwalt...@isi.edu a écrit : Hi, We've started implementing a Glusterfs-based solution for instance storage in order to provide live migration. I've run into a strange problem when using a multi-node Gluster setup that I hope someone has a suggestion to resolve. I have a 12 node distributed/replicated Gluster cluster. I can mount it to my client machines, and it seems to be working alright. When I launch instances, the nova-compute log on the client machines are giving me two error messages: First is a qemu-kvm error: could not open disk image /exports/instances/instances/instance-0242/disk: Invalid argument (full output at http://pastebin.com/i8vzWegJ) The second error message comes a short time later ending with nova.openstack.common.rpc.amqp Invalid: Instance has already been created (full output at http://pastebin.com/6Ta4kkBN) This happens reliably with the multi-Gluster-node setup. Oddly, after creating a test Gluster volume composed of a single brick and single node, everything works fine. Does anyone have any suggestions? thanks, JP ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Forcing a VM to a specific node in grizzly
I wasn't aware that force_hosts actually works. Someone should probably verify. The availability zone method still works in grizzly. Vish On Mar 30, 2013, at 6:42 PM, Lorin Hochstein lo...@nimbisservices.com wrote: I see that in grizzly an admin can use a scheduler hint to force a VM to launch on a particular host, e.g.: nova boot --image 1 --flavor 2 --key_name test --hint force_hosts=server2 my-first-server (from: http://docs.openstack.org/trunk/openstack-compute/admin/content/specify-host-to-boot-instances-on.html) In Folsom, an admin could do this with the availability zone flag: nova boot --image uuid --flavor m1.tiny --key_name test --availability-zone nova:server2 (from: http://docs.openstack.org/trunk/openstack-compute/admin/content/specify-zone-to-boot-instances-on.html) Does the second method work in grizzly as well? If so, should we recommend one approach over the other in the docs? Lorin ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [nova-network] add-network-to-project
I just looked at the code and it appears this is not possible through the os_networks extension. This appears to be an oversight. It should probably allow a project to be passed in. Bug report here: https://bugs.launchpad.net/nova/+bug/1161441 That said, the first time a user boots an instance, he automatically gets assigned a network, so in many cases it isn't needed. Another option would be to modify the code you mentioned to allow a workaround: if (context and not context.is_admin and project_id and (project_id != context.project_id)): Vish On Mar 28, 2013, at 1:46 AM, Ajiva Fan aji.zq...@gmail.com wrote: hello everyone: i have a very simple question which confuses me for a long time: how should i add a network to a project via rest api? 1) i'm admin of the whole cloud env essex, (i think the folsom is same in this case) 2) using nova-network:vlan (if using flatdhcp, the associate action is meanless) 3) a user project user-project is created, and the admin:admin is not that project's admin (and even not a member of it) 4) a network user-network is created, but not associated with user-project 5) how to associate the user-network with user-project ? i know i can use nova-manage via nova-client in the control node, but what i need to know is how to do this operation via rest api, like curl or in horizon? the rest api is: http://api.openstack.org/api-ref.html POST v2/{tenant_id}/os-networks/add with a body identifier the network's id the problem is that, even i have admin:admin token, i *cannot* associate the user-network with user-project, because from the source code of folsom(and essex) nova, in the nova.api.openstack.wsgi.py of line 931, i find this: project_id = action_args.pop(project_id, None) context = request.environ.get('nova.context') if (context and project_id and (project_id != context.project_id)): msg = _(Malformed request url) return Fault(webob.exc.HTTPBadRequest(explanation=msg)) since nova.context.project_id is the project admin_id, and the project_id is extract from the url, so the webob.exc is returned. please help me, i read a lot, (both document and source code, i just cannot understand or just miss something important) but still don't know how to do it. ps: i have sent a mail to openstack-dev on mar 8, but no one reply me. is my question nonsense? Note this mail is not the exactly same as previous one since i've more knowledge of it but the main problem is same ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] DHCP lease not accepted when libvirt_use_virtio_for_bridges=true
Well phooey: 987 if network_ref['multi_host']: 988 _add_dhcp_mangle_rule(dev) The mangle rule is only added my nova-network in multihost mode. Can you verify whether or not adding the rule on the compute or network node fixes it? That way we can either remove the check on multi_host or add it in plug_vif on the compute host. BTW: iptables -D POSTROUTING -t mangle -p udp --dport 68 -j CHECKSUM --checksum-fill that should be -A not -D Vish On Mar 20, 2013, at 1:43 PM, Lorin Hochstein lo...@nimbisservices.com wrote: On Wed, Mar 20, 2013 at 4:15 PM, Nathanael Burton nathanael.i.bur...@gmail.com wrote: On Wed, Mar 20, 2013 at 3:51 PM, Lorin Hochstein lo...@nimbisservices.com wrote: I'm doing a Folsom deployment with FlatDHCP (not multihost). When I try to boot a quantal image, the instance doesn't pick up the DHCP lease. I've confirmed that dnsmasq is sending out the DHCPOFFER, and I can see by tcpdump on the compute host that the DHCP packets are making it to the vnet0 interface. Note that I tried adding this iptables rule as mentioned here https://github.com/mseknibilel/OpenStack-Folsom-Install-guide/issues/14, but that didn't resolve it. iptables -D POSTROUTING -t mangle -p udp --dport 68 -j CHECKSUM --checksum-fill However, the problem goes away if I change this setting on the compute hosts in /etc/nova/nova.conf libvirt_use_virtio_for_bridges=true to: libvirt_use_virtio_for_bridges=false Anybody know what would cause this? I'm on Ubuntu 12.04 with the cloud-archive packages, with KVM as the hypervisor You didn't restart nova-network without killing and restarting dnsmasq, did you? Nate Of course not! (Well, maybe...). But just tried again, killing dnsmasq and restarting nova-network doesn't seem to help. I'm guessing the issue is confined to the compute node, and since I'm not running multihost, I don't think I even need to restart nova-network each time I make a virtio-related change on the compute node... Lorin -- Lorin Hochstein Lead Architect - Cloud Services Nimbis Services, Inc. www.nimbisservices.com ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack-dev] Compute endpoint auth problem.
Try nova --debug --os-region-name RegionTwo image-list and see where it is connecting. I guess you have another typo. Btw, in the future the dev list is not the right place for these questions. Should be done on openstack@lists.launchpad.net Vish On Mar 21, 2013, at 9:34 AM, Wainer, Gabriel (Brazil RD-ECL) gabriel.wai...@hp.com wrote: Thanks for the heads up Ishaya. I was messing with the tenant_id. I have changed to use the '$(tenant_id)s' and now seems to be correct! root@regions:~# nova --os-region-name RegionTwo image-list ERROR: ConnectionRefused: '[Errno 111] Connection refused' I know it's a generic error, but do you have any clue? Thanks again, Gabriel. -Original Message- From: Vishvananda Ishaya [mailto:vishvana...@gmail.com] Sent: quinta-feira, 21 de março de 2013 12:55 To: OpenStack Development Mailing List Subject: Re: [openstack-dev] Compute endpoint auth problem. Your endpoint is wrong in region two. It looks like you hardcoded admin as the tenant_id in region two which is never correct. Tenant_id in keystone is usually a long uuid string without dashes. You likely need to replace the '8774' with $(compute_port)s and the 'admin' with '$(tenant_id)s' Vish On Mar 21, 2013, at 6:45 AM, Wainer, Gabriel (Brazil RD-ECL) gabriel.wai...@hp.com wrote: Hello folks, I'm playing with multiple endpoints for the same service, and I want to call nova for different compute endpoints but I'm having a hard time figuring out the credentials needed to make it work. I have two devstacks running and I'm using one keystone having both compute endpoints in the catalog. Below are the catalog entries for them. I suppressed other entries to improve readability: $ keystone endpoint-list Id | 5824302b5b844e5a8e90b236c96fc3f4 region | RegionOne publicURL| http://172.16.101.239:$(compute_port)s/v2/$(tenant_id)s internalURL | http://172.16.101.239:$(compute_port)s/v2/$(tenant_id)s adminURL | http://172.16.101.239:$(compute_port)s/v2/$(tenant_id)s service_id | 8ae8f03c2e1f452cb22e6a7acf70480f | Id | 6a3e1123d2924048acec4bd06009413e region | RegionTwo publicURL| http://172.16.103.231:8774/v2/admin internalURL | http://172.16.103.231:8774/v2/admin adminURL | http://172.16.103.231:8774/v2/admin service_id | 8ae8f03c2e1f452cb22e6a7acf70480f | So in this case the RegionOne endpoint works as seen below: stack@regions:/opt/stack/devstack$ nova --os-region-name RegionOne image-list +--+-+++ | ID | Name| Status | Server | +--+-+++ | 17a7ea2a-fc47-4d06-8879-3fd7b707e4e2 | cirros-0.3.0-x86_64-uec | ACTIVE || | 4fe2aae8-1b72-41b2-87c5-493834b427d4 | cirros-0.3.0-x86_64-uec-kernel | ACTIVE || | 22415a33-c20c-4f67-b0a3-5e56ee984e06 | cirros-0.3.0-x86_64-uec-ramdisk | ACTIVE || +--+-+++ But using the RegionTwo gives me a http 401: stack@regions:/opt/stack/devstack$ nova --os-region-name RegionTwo image-list ERROR: n/a (HTTP 401) I noticed that the working endpoint is the one from the devstack install which I am using the keystone. Any ideas? I think it is related to nova's api-paste.ini [filter:authtoken] config. Thanks, Gabriel. ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list openstack-...@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Libvirt iSCSI client: duplicit connection_info data
On Mar 20, 2013, at 3:39 AM, Brano Zarnovican zarnovi...@gmail.com wrote: Hi devs, we are using backend iSCSI provider (Netapp) which is mapping Openstack volumes to iSCSI LUNs. This mapping is not static and changes over time. For example when the volume is detached then his LUN id becomes unused. After a while a _different_ volume may get the same LUN id, as Netapp is recycling them. This is expected behavior.. As a result, there may be entries in block_device_mapping with identical connection_info.. connection_info: {driver_volume_type: iscsi, data: {target_lun: 5, .. target_iqn: iqn.1992-08.com.netapp:node.netapp02, volume_id: 1806}} connection_info: {driver_volume_type: iscsi, data: {target_lun: 5, .. target_iqn: iqn.1992-08.com.netapp:node.netapp02, volume_id: 2227}} Zero or one of them may be attached, the rest is in detached state. As a fix to address #1112483, I'm deleting the device when it is being disconnected (echo 1 /sys/block/sdg/device/delete). Trouble is that OpenStack seems to expect the disconnect_volume to be idempotent (_cleanup() method). That is, calling disconnect_volume on detached volume will do nothing. However, because of the LUN reuse, the id may now be mapped to a different volume. Caller is asking me to disconnect volume with LUN5. From just looking at the device name there is no way of telling which openstack volume it is. /dev/disk/by-path/ip-172.30.128.3:3260-iscsi-iqn.1992-08.com.netapp:node.netapp02-lun-5 - ../../sdg How to get out of this .. ? 1) Do not call 'disconnect_volume' for volumes that were successfully disconnected before. In other words, disconnect_volume is not idempotent anymore. I'd really like to keep this idempotent to deal with double delete races. 2) Wipeout connection_info after disconnect. At least for Netapp provider it makes no sense to retain the info which is no longer valid anyway. This seems reasonable. In fact, the whole block_device_mapping item can be deleted after disconnect. I need a little more context to understand if this will actually help the issue that you are seeing though. The double disconnects are usually very close together, so there shouldn't be a new lun assigned in between two of them anyway. Have you identified a case where a second disconnect is called much later? 3) do not reuse LUN ids - this would require major driver change to keep track of all currently used LUNs for both attached and detached volumes 4) store somewhere on the host system mapping between LUNs and openstack volumes. You could check against it, before disconnecting a LUN device None of the options is too pleasant. Any suggestions how to address the problem ? Regards, Brano Zarnovican PS: We are using Essex. LUN reusing is a feature of Netapp that exists in all versions of the driver (IMO). By a quick glance I think the same problem with disconnect_volume exists on Folsom and master branch. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Libvirt iSCSI client: duplicit connection_info data
On Mar 20, 2013, at 11:20 AM, Brano Zarnovican zarnovi...@gmail.com wrote: On Wed, Mar 20, 2013 at 5:06 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: 2) Wipeout connection_info after disconnect. At least for Netapp provider it makes no sense to retain the info which is no longer valid anyway. This seems reasonable. In fact, the whole block_device_mapping item can be deleted after disconnect. You cannot delete the whole bdm entry when you stop an instance. Volume is disconnected but you still need that info for next start-instance to reattach the volume. You could nullify 'connection_info' value in bdm.. but I have never seen bdm with connection_info blank. No idea how many things that would break.. I need a little more context to understand if this will actually help the issue that you are seeing If there is no information in bdm that this volume *had* LUN id 5, then there is no way somebody will send it down to disconnect_volume. And no way for me to delete a wrong device which happens to be using LUN id 5 now. though. The double disconnects are usually very close together, so there shouldn't be a new lun assigned in between two of them anyway. Have you identified a case where a second disconnect is called much later? Yes. The first disconnect is when you stop an instance with attached volume. The second one is when you terminate that stopped instance. https://github.com/openstack/nova/blob/stable/essex/nova/virt/libvirt/connection.py#L470 In-between those two disconnects, the volume is in state 'available/detached' and there is a (non-deleted) bdm entry with connection_info regarding the last attachment. Thanks for the explanation. In the current code stop does not detach the volume and I don't think it should. So it looks like this only affects essex. In fact the proper fix for essex may just be to do the same: don't detach volumes on stop. In general actually detaching the volume should be also removing the bdm. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] TC candidacy
Hello all, I would like to run for a seat on The Technical Comittee. I have been working on Nova since it was a project as Nasa and I have been heavily involved in openstack since it was founded. I was elected to the precursor to TC (the Project Oversight Committee, later named the Project Policy Board) when it was first created. I was also elected as the first PTL for Nova and have been filling that role for the last two years. I am the top contributor to Nova over the lifetime of the project, and the third most frequent contributor over the past 12 months. I helped to create Devstack, Keystone, and Cinder. In addition, I have contributed to Oslo and I am a member of the stable-maintenance team. Despite passing on the mantle of Nova PTL, I am still deeply involved with OpenStack and I want to make sure that it continues to be a huge success. As OpenStack grows, one of the most important challenges we face is integration. It is vital that we have technical leaders that are focused cross-project and dedicated to making OpenStack as a whole successful. I currently work as the Director of Open Source at Nebula, Inc. Previously I was a principal engineer on the private cloud team at Rackspace, and before that I was a senior developer on the Nebula project at NASA where Nova was created. Thanks, Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] swift multinode test
On Mar 1, 2013, at 8:05 AM, Paras pradhan pradhanpa...@gmail.com wrote: Can somebody check if my endpoints are correct. 192.168.122.25 is my proxy node in which port is on with self signed certs. -- public: http://192.168.122.25:/v1/AUTH_%(tenant_id)s internal: http://192.168.122.25:/v1/AUTH_%(tenant_id)s admin: http://192.168.122.25:/v1 - if you are using ssl, these should be https:// Vish Thanks, Paras. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] spice in devstack no working
The default build of kvm-qemu does not have spice support on ubuntu-precise. If you are running on ubuntu you might have to do: sudo apt-get install qemu-kvm-spice Devstack should probably be modified to install that package if n-spice is enabled. Vish On Feb 28, 2013, at 10:33 AM, Shake Chen shake.c...@gmail.com wrote: Hi I try to enable spice in devstack, but when I create vm, would report error. if not enable spice, it is work well. the below is my localrc HOST_IP=10.1.199.6 ADMIN_PASSWORD=password MYSQL_PASSWORD=password RABBIT_PASSWORD=password SERVICE_PASSWORD=password SERVICE_TOKEN=password disable_service n-net disable_service n-novnc disable_service n-xvnc enable_service n-spice enable_service q-svc enable_service q-agt enable_service q-dhcp enable_service q-l3 enable_service quantum enable_service g-api enable_service q-meta #enable_service tempest enable_service rabbit LOG=True SCHEDULER=nova.scheduler.simple.SimpleScheduler FIXED_RANGE=10.5.5.0/24 NETWORK_GATEWAY=10.5.5.1 FLOATING_RANGE=10.1.199.128/25 EXT_GW_IP=10.1.199.1 -- Shake Chen ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Nova network problem on rhel6.4 and folsom
On Feb 26, 2013, at 10:11 AM, mohammad kashif kashif.a...@gmail.com wrote: Hi I am installing openstack folsom on rhel6.4 with multi_host nova network. I have a working setup with ubuntu 12.04 and Essex and I am using almost same network setup with rhel with folsom. I don't understand that what is going wrong with rhel. I have two machines with everything including nova-compute on one machine and an extra machine running nova-compute, nova-network and nova-metadata-api. Main problem is that I can create vm and it is getting private ip address from dhcp but that address is not being attached to bridge br100. Nova network is creating bridge but it stay in unknown state ip link show br100 7: br100: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:30:48:35:3d:ff brd ff:ff:ff:ff:ff:ff Some of network related setting is public_interface = eth0 flat_interface = eth1 These needs to be set explicitly to em1 / em2 on the second machine. If you do brctl show i suspect em2 is not being added to the bridge. You could also manually add it to the bridge: brctl addif br100 em2 Also the private ip address is not added to the bridge. if you do: brctl show br100 you will see that each vm gets a vnet* device that is added to the bridge. The ip only exists internally to the vm. fixed_range = 192.168.9.32/27 flat_network_dhcp_start = 192.168.9.33 connection_type = libvirt flat_injected = False multi_host = True flat_network_dns = public_ip flat_network_bridge = br100 first machine have eth0 = public ip eth1 = 192.168.9.1 second machine em1 = public ip em2 = 192.168.9.2 I am creating nova network like this nova-manage network create private --fixed_range_v4=192.168.9.32/27 --num_network=1 --bridge=br100 --network_size=32 --multi_host=True Can some one suggest some thing. Thanks Kashif ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [swift] some code understanding
This topic might be better posted on openstack-dev Vish On Feb 26, 2013, at 11:24 AM, Kun Huang aragongar...@gmail.com wrote: Hi swift developer, I'm confused about implementation of ring structure. in the RingBuilder, line 671 ~ 681 for part, replace_replicas in reassign_parts: # Gather up what other tiers (zones, ip_ports, and devices) the # replicas not-to-be-moved are in for this part. other_replicas = defaultdict(int) unique_tiers_by_tier_len = defaultdict(set) for replica in xrange(self.replicas): if replica not in replace_replicas: dev = self.devs[self._replica2part2dev[replica][part]] for tier in tiers_for_dev(dev): other_replicas[tier] += 1 unique_tiers_by_tier_len[len(tier)].add(tier) this while loop results in other_replicas and unique_tiers_by_tier_len, but I don't have a confirmed understanding about these two data. and in line 684 to 725: (I removed comments) tier = () depth = 1 while depth = max_tier_depth: candidate_tiers = tier2children[tier] candidates_with_replicas = \ unique_tiers_by_tier_len[len(tier) + 1] if len(candidate_tiers) len(candidates_with_replicas): for t in reversed(candidate_tiers): if other_replicas[t] == 0: tier = t break else: min_count = min(other_replicas[t] for t in candidate_tiers) tier = (t for t in reversed(candidate_tiers) if other_replicas[t] == min_count).next() depth += 1 this loop search the tier tree, from () to (zone, ip, device), for finding a tier, and choosing a dev by that tier, and storing dev id in part key(line 762, that's a kind of final ring structure?). And the propose of tree structure is: This is already supported in Swift with the concept of availability zones. Swift will place each replica in different availability zones, if possible. If you only have one zone, Swift will place the replicas on different machines. If you only have one machine, Swift will place the replicas on different drives. -- John , right? And the last loop line 732 to line 760 only works on sorting for next big loop? (line 683) The propose of rebalance is to put every replica on correct partition, and put every partition on correct device? Gareth ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Nova network problem on rhel6.4 and folsom
Odd, I couldn't say. Is there vm working? Perhaps it doesn't matter. It is a bit odd that you have two overlapping ips on br100. If something is broken, that could potentially be causing issues. Vish On Feb 26, 2013, at 2:33 PM, mohammad kashif kashif.a...@gmail.com wrote: Hi Vish Thanks for looking into it. For the simplicity, I have disabled second compute node for time being. I am checking it as single node installation. Like one VM is running on controller node aad411aa-dc50-4fad-ab2f-8fd283ed94e8 | | ACTIVE | private=192.168.9.34 brctl show br100 bridge name bridge id STP enabled interfaces br100 8000.003048353dff no eth1 vnet0 ip add 1: lo: LOOPBACK,UP,LOWER_UP mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet 169.254.169.254/32 scope link lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:30:48:35:3d:fe brd ff:ff:ff:ff:ff:ff inet 163.1.5.243/24 brd 163.1.5.255 scope global eth0 inet6 fe80::230:48ff:fe35:3dfe/64 scope link valid_lft forever preferred_lft forever 3: eth1: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:30:48:35:3d:ff brd ff:ff:ff:ff:ff:ff inet6 fe80::230:48ff:fe35:3dff/64 scope link valid_lft forever preferred_lft forever 4: virbr0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UNKNOWN link/ether 52:54:00:e4:6d:24 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 5: virbr0-nic: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN qlen 500 link/ether 52:54:00:e4:6d:24 brd ff:ff:ff:ff:ff:ff 7: br100: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:30:48:35:3d:ff brd ff:ff:ff:ff:ff:ff inet 192.168.9.33/27 brd 192.168.9.63 scope global br100 inet 192.168.9.1/24 brd 192.168.9.255 scope global br100 inet6 fe80::8cc4:2cff:feb2:2233/64 scope link valid_lft forever preferred_lft forever 8: vnet0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500 link/ether fe:16:3e:5f:b2:0a brd ff:ff:ff:ff:ff:ff inet6 fe80::fc16:3eff:fe5f:b20a/64 scope link valid_lft forever preferred_lft forever I don't understand that why br100 is displaying unknown state. Thanks Kashif On Tue, Feb 26, 2013 at 7:19 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: On Feb 26, 2013, at 10:11 AM, mohammad kashif kashif.a...@gmail.com wrote: Hi I am installing openstack folsom on rhel6.4 with multi_host nova network. I have a working setup with ubuntu 12.04 and Essex and I am using almost same network setup with rhel with folsom. I don't understand that what is going wrong with rhel. I have two machines with everything including nova-compute on one machine and an extra machine running nova-compute, nova-network and nova-metadata-api. Main problem is that I can create vm and it is getting private ip address from dhcp but that address is not being attached to bridge br100. Nova network is creating bridge but it stay in unknown state ip link show br100 7: br100: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:30:48:35:3d:ff brd ff:ff:ff:ff:ff:ff Some of network related setting is public_interface = eth0 flat_interface = eth1 These needs to be set explicitly to em1 / em2 on the second machine. If you do brctl show i suspect em2 is not being added to the bridge. You could also manually add it to the bridge: brctl addif br100 em2 Also the private ip address is not added to the bridge. if you do: brctl show br100 you will see that each vm gets a vnet* device that is added to the bridge. The ip only exists internally to the vm. fixed_range = 192.168.9.32/27 flat_network_dhcp_start = 192.168.9.33 connection_type = libvirt flat_injected = False multi_host = True flat_network_dns = public_ip flat_network_bridge = br100 first machine have eth0 = public ip eth1 = 192.168.9.1 second machine em1 = public ip em2 = 192.168.9.2 I am creating nova network like this nova-manage network create private --fixed_range_v4=192.168.9.32/27 --num_network=1 --bridge=br100 --network_size=32 --multi_host=True Can some one suggest some thing. Thanks Kashif ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing
Re: [Openstack] Comparing OpenStack to OpenNebula
If you set: enable_new_services=False in your nova.conf, all new services will be disabled by default and the scheduler won't start scheduling instances until you explicitly enable them. Vish On Feb 25, 2013, at 2:46 PM, Shawn Starr shawn.st...@rogers.com wrote: On Monday, February 25, 2013 10:34:11 PM Jeremy Stanley wrote: On 2013-02-25 06:20 -0500 (-0500), Shawn Starr wrote: [...] I see no options on how to control what nova-compute nodes can be 'provisioned' into an OpenStack cloud, I'd consider that a security risk (potentially) if any computer could just register to become a nova-compute? [...] On 2013-02-25 11:42:47 -0500 (-0500), Shawn Starr wrote: I was hoping in future we could have a mechanism via mac address to restrict which hypervisor/nova-computes are able to join the cluster. [...] It bears mention that restricting by MAC is fairly pointless as security protections go. There are a number of tricks an adversary can play to rewrite the system's MAC address or otherwise impersonate other systems at layer 2. Even filtering by IP address doesn't provide you much protection if there are malicious actors within your local broadcast domain, but at least there disabling learning on switches or implementing 802.1x can buy some relief. Extending the use of MAC address references from the local broadcast domain where they're intended to be relevant up into the application layer (possibly across multiple routed hops well away from their original domain of control) makes them even less effective of a system identifier from a security perspective. Hi Jeremy, Of course, one can modify/spoof the MAC address and or assign themselves an IP. It is more so that new machines aren't immediately added to the cluster and start launching VM instances without explicitly being enabled to do so. In this case, I am not concerned about impersonators on the network trying to join the cluster. Thanks, Shawn ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] LXC on Folsom
I'm pretty sure a whole disk image will fail with lxc. You need just the root filesystem. You might have more luck with the unpacked version of: http://uec-images.ubuntu.com/releases/precise/release/ubuntu-12.04-server-cloudimg-amd64.tar.gz Vish On Feb 21, 2013, at 8:34 AM, Chuan-Heng Hsiao hsiao.chuanh...@gmail.com wrote: I also have same problem when trying to get LXC running on Folsom. Based on the following links: http://docs.openstack.org/trunk/openstack-compute/admin/content/lxc.html https://wiki.openstack.org/wiki/LXC http://honeybutcher.de/2012/09/openstack-lxc/ http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html I did the following things: 1. mkdir /cgroup set /etc/fstab with none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0 and reboot. 2. glance image-create --location http://uec-images.ubuntu.com/releases/12.04/release/ubuntu-12.04-server-cloudimg-amd64-disk1.img --is-public true --disk-format raw --container-format bare --name Ubuntu 3. glance image-update [img-uuid] --property hypervisor_type=lxc and still no luck. I got the following error message from nova-compute node (I am not quite sure whether there are other error msgs or not): 2013-02-21 12:46:39 ERROR nova.virt.disk.api [req-74b2c194-fb8a-4db8-88b5-dcccf6ec0b97 392652962bc64e8fa7bc8882203e2e36 92895e4901154c899fcdd1a348bf5712] Failed to mount container filesystem 'nova.virt.disk.api._DiskImage object at 0x507ee10' on '/var/lib/nova/instances/instance-0009/rootfs': 2013-02-21 12:46:39 ERROR nova.compute.manager [req-74b2c194-fb8a-4db8-88b5-dcccf6ec0b97 392652962bc64e8fa7bc8882203e2e36 92895e4901154c899fcdd1a348bf5712] [instance: 870d1ee9-a4d3-4424-b41b-369f903553fd] Instance failed to spawn 2013-02-21 12:46:39 ERROR nova.compute.manager [req-74b2c194-fb8a-4db8-88b5-dcccf6ec0b97 392652962bc64e8fa7bc8882203e2e36 92895e4901154c899fcdd1a348bf5712] [instance: 870d1ee9-a4d3-4424-b41b-369f903553fd] Build error: ['Traceback (most recent call last):\n', ' File /usr/lib/python2.7/dist-packages/nova/compute/manager.py, line 494, in _run_instance\ninjected_files, admin_password)\n', ' File /usr/lib/python2.7/dist-packages/nova/compute/manager.py, line 747, in _spawn\nblock_device_info)\n', ' File /usr/lib/python2.7/dist-packages/nova/exception.py, line 117, in wrapped\ntemp_level, payload)\n', ' File /usr/lib/python2.7/contextlib.py, line 24, in __exit__\n self.gen.next()\n', ' File /usr/lib/python2.7/dist-packages/nova/exception.py, line 92, in wrapped\nreturn f(*args, **kw)\n', ' File /usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py, line 1090, in spawn\nadmin_pass=admin_password)\n', ' File /usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py, line 1469, in _create_image\nuse_cow=FLAGS.use_cow_images)\n', ' File /usr/lib/python2.7/dist-packages/nova/virt/disk/api.py, line 326, in setup_container\nraise exception.NovaException(img.errors)\n', 'NovaException: \n--\nFailed to mount filesystem: Unexpected error while running command.\nCommand: sudo nova-rootwrap /etc/nova/rootwrap.conf mount /dev/nbd15 /var/lib/nova/instances/instance-0009/rootfs\nExit code: 32\nStdout: \'\'\nStderr: \'mount: you must specify the filesystem type\\n\'\n--\nFailed to mount filesystem: Unexpected error while running command.\nCommand: sudo nova-rootwrap /etc/nova/rootwrap.conf guestmount --rw -a /var/lib/nova/instances/instance-0009/disk -m /dev/sda /var/lib/nova/instances/instance-0009/rootfs\nExit code: 1\nStdout: \'\'\nStderr: \'Traceback (most recent call last):\\n File /usr/bin/nova-rootwrap, line 89, in module\\n env=filtermatch.get_environment(userargs))\\n File /usr/lib/python2.7/subprocess.py, line 679, in __init__\\n errread, errwrite)\\n File /usr/lib/python2.7/subprocess.py, line 1249, in _execute_child\\nraise child_exception\\nOSError: [Errno 2] No such file or directory\\n\'\n'] Sincerely, Hsiao On Fri, Feb 22, 2013 at 12:17 AM, Konstantin Ivanov kaiva...@gmail.com wrote: Hello, I am trying to get LXC running on Folsom with not much luck. Any suggestions on where I can find more documentation that can help me with this ? Thanks a bunch! ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help :
Re: [Openstack] LXC on Folsom
no i wasn't. The link you posted is a tar.gz filesystem, the link i posted is a tar.gz of an ext formatted that contains the filesystem. I believe the one i posted is correct. Make sure to untargz before uploading to glance. Vish On Feb 21, 2013, at 9:47 AM, Chuan-Heng Hsiao hsiao.chuanh...@gmail.com wrote: Hi Vishvananda, Thank you very much! Are you actually refering to the following link? http://uec-images.ubuntu.com/releases/precise/release/ubuntu-12.04-server-cloudimg-amd64-root.tar.gz I'll try and do the report when I get to the machine tomorrow. Sincerely, Hsiao On Fri, Feb 22, 2013 at 12:57 AM, Vishvananda Ishaya vishvana...@gmail.com wrote: I'm pretty sure a whole disk image will fail with lxc. You need just the root filesystem. You might have more luck with the unpacked version of: http://uec-images.ubuntu.com/releases/precise/release/ubuntu-12.04-server-cloudimg-amd64.tar.gz Vish On Feb 21, 2013, at 8:34 AM, Chuan-Heng Hsiao hsiao.chuanh...@gmail.com wrote: I also have same problem when trying to get LXC running on Folsom. Based on the following links: http://docs.openstack.org/trunk/openstack-compute/admin/content/lxc.html https://wiki.openstack.org/wiki/LXC http://honeybutcher.de/2012/09/openstack-lxc/ http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html I did the following things: 1. mkdir /cgroup set /etc/fstab with none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0 and reboot. 2. glance image-create --location http://uec-images.ubuntu.com/releases/12.04/release/ubuntu-12.04-server-cloudimg-amd64-disk1.img --is-public true --disk-format raw --container-format bare --name Ubuntu 3. glance image-update [img-uuid] --property hypervisor_type=lxc and still no luck. I got the following error message from nova-compute node (I am not quite sure whether there are other error msgs or not): 2013-02-21 12:46:39 ERROR nova.virt.disk.api [req-74b2c194-fb8a-4db8-88b5-dcccf6ec0b97 392652962bc64e8fa7bc8882203e2e36 92895e4901154c899fcdd1a348bf5712] Failed to mount container filesystem 'nova.virt.disk.api._DiskImage object at 0x507ee10' on '/var/lib/nova/instances/instance-0009/rootfs': 2013-02-21 12:46:39 ERROR nova.compute.manager [req-74b2c194-fb8a-4db8-88b5-dcccf6ec0b97 392652962bc64e8fa7bc8882203e2e36 92895e4901154c899fcdd1a348bf5712] [instance: 870d1ee9-a4d3-4424-b41b-369f903553fd] Instance failed to spawn 2013-02-21 12:46:39 ERROR nova.compute.manager [req-74b2c194-fb8a-4db8-88b5-dcccf6ec0b97 392652962bc64e8fa7bc8882203e2e36 92895e4901154c899fcdd1a348bf5712] [instance: 870d1ee9-a4d3-4424-b41b-369f903553fd] Build error: ['Traceback (most recent call last):\n', ' File /usr/lib/python2.7/dist-packages/nova/compute/manager.py, line 494, in _run_instance\ninjected_files, admin_password)\n', ' File /usr/lib/python2.7/dist-packages/nova/compute/manager.py, line 747, in _spawn\nblock_device_info)\n', ' File /usr/lib/python2.7/dist-packages/nova/exception.py, line 117, in wrapped\ntemp_level, payload)\n', ' File /usr/lib/python2.7/contextlib.py, line 24, in __exit__\n self.gen.next()\n', ' File /usr/lib/python2.7/dist-packages/nova/exception.py, line 92, in wrapped\nreturn f(*args, **kw)\n', ' File /usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py, line 1090, in spawn\nadmin_pass=admin_password)\n', ' File /usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py, line 1469, in _create_image\nuse_cow=FLAGS.use_cow_images)\n', ' File /usr/lib/python2.7/dist-packages/nova/virt/disk/api.py, line 326, in setup_container\nraise exception.NovaException(img.errors)\n', 'NovaException: \n--\nFailed to mount filesystem: Unexpected error while running command.\nCommand: sudo nova-rootwrap /etc/nova/rootwrap.conf mount /dev/nbd15 /var/lib/nova/instances/instance-0009/rootfs\nExit code: 32\nStdout: \'\'\nStderr: \'mount: you must specify the filesystem type\\n\'\n--\nFailed to mount filesystem: Unexpected error while running command.\nCommand: sudo nova-rootwrap /etc/nova/rootwrap.conf guestmount --rw -a /var/lib/nova/instances/instance-0009/disk -m /dev/sda /var/lib/nova/instances/instance-0009/rootfs\nExit code: 1\nStdout: \'\'\nStderr: \'Traceback (most recent call last):\\n File /usr/bin/nova-rootwrap, line 89, in module\\n env=filtermatch.get_environment(userargs))\\n File /usr/lib/python2.7/subprocess.py, line 679, in __init__\\n errread, errwrite)\\n File /usr/lib/python2.7/subprocess.py, line 1249, in _execute_child\\nraise child_exception\\nOSError: [Errno 2] No such file or directory\\n\'\n'] Sincerely, Hsiao On Fri, Feb 22, 2013 at 12:17 AM, Konstantin Ivanov kaiva...@gmail.com wrote: Hello, I am trying to get LXC running on Folsom with not much luck. Any suggestions on where I can find more documentation that can help me with this ? Thanks
Re: [Openstack] How to use the novaclient python API
Looks like those docs are pretty outdated. I have a github repository where I have been putting together some examples of doing common commands with a) cli b) python-*client c) curl It is incomplete but this should help get you started: # helper method to create the client https://github.com/vishvananda/openstack-examples/blob/master/helper.py # keypair methods https://github.com/vishvananda/openstack-examples/blob/master/keypair.py Vish On Feb 21, 2013, at 2:20 PM, JR botem...@gmail.com wrote: Greetings all, http://docs.openstack.org/developer/python-novaclient/api.html says that: from novaclient import OpenStack nova = OpenStack(USERNAME, PASSWORD, AUTH_URL) Should work. But: (virtual-python2.7)ftc-ms01:test# pip search python-novaclient |head -3 python-novaclient - Client library for OpenStack Nova API. INSTALLED: .98.daee5438f2232c0467d93029bd636fc2114e4c09 LATEST:2.11.1 (virtual-python2.7)ftc-ms01:test# cat a.py from novaclient import OpenStack (virtual-python2.7)ftc-ms01:test# which python /src/virtual-python2.7/bin/python (virtual-python2.7)ftc-ms01:test# python a.py Traceback (most recent call last): File a.py, line 1, in module from novaclient import OpenStack ImportError: cannot import name OpenStack I've heard that the python api isn't well documented but, looking at the code there seems to be lots of functionality. Could someone give me a hint on how to use it? Thanks JR ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Help with VMs
You definitely need the libvirt modules. Nova has no way to detect whether the modules are installed so it will try to attach via virtio. Note that with grizzly you can use custom glance properties to override the default vif type and disk bus. See https://review.openstack.org/#/c/21527/ and https://review.openstack.org/#/c/20161/ Vish On Feb 19, 2013, at 10:25 AM, Harvey West harvey.w...@btinternet.com wrote: Hi Lloyd Many thanks for the tips. Been a great help. Been trying a few things out. I'm running Ubuntu 12.4 with OpenStack. Created a FreeBSD 9.0 image that works for KVM. i.e. kvm-img create -f raw freebsd3.img 10G kvm -m 512 -hda freebsd3.img -cdrom FreeBSD-9.0-RELEASE-amd64-disc1.iso -boot d This boots ok. kvm -m 2048 -hda freeBSD.img -boot c (note: did not use virtio mods. Assumed these were just optimized NIC/SCSI drivers. Which I can live without for the time being) Tried to import this freeBSD image into open stack i.e. glance add name=freeBSD1 is_public=true disk_format=raw container_format=bare freeBSD.img Can't see any console output from openstack when this instance is started. No entries in console.log. Just wondering if I going about this the right way? Harvey From: Lloyd Dewolf lloydost...@gmail.com To: Harvey West harvey.w...@btinternet.com Cc: openstack@lists.launchpad.net openstack@lists.launchpad.net Sent: Tuesday, 5 February 2013, 19:12 Subject: Re: [Openstack] Help with VMs On Tue, Feb 5, 2013 at 10:19 AM, Harvey West harvey.w...@btinternet.com wrote: Not used openstack or this email forum before. Have installed openstack on unbuntu 12.4.1 LTS. Seems to work with the default unbuntu VM image. How do I create a new image. I would to create a FreeBSS VM instance. Is this possible? Hi Harvey, I have not created any BSD images, but as is no surprise it is fully supported by KVM, http://www.linux-kvm.org/page/Guest_Support_Status My searching for bsd guest kvm returns a lot of encouraging results, and the content should generally be applicable. http://cssoss.wordpress.com/2011/11/28/bundling-freebsd-image-for-openstack/ still looks good, though you'll want to use the native image API (glance client) for uploading the image. Hope that helps, -- @lloyddewolf http://www.pistoncloud.com/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] external dhcp server instead of dnsmasq
You cannot have an external dhcp server with openstack. Openstack needs a way to know the ip address assigned to a vm to do its listing properly. If you don't care about the api returning valid ips there is a possibility of using FlatNetworking (not FlatDHCP) to make nova stick the network into a bridge and not do any dhcp at all. You could then have an external server serving up dhcp ips. I suspect you will probably have to disable security groups completely using NoopFirewallDriver driver to get this to work. As to the reason dhcp-host is not working, I suspect is because we give dnsmasq an external hosts file so you probably would need the host directive there. Vish On Feb 19, 2013, at 4:44 AM, Ritesh Nanda riteshnand...@gmail.com wrote: Hope Vish can answer this , what can be the way around to do this. On Tue, Feb 19, 2013 at 2:01 PM, Razique Mahroua razique.mahr...@gmail.com wrote: Hi, I'm not sure the dhcp-host configuration option exists actually. As for having one another host in VLAN mode is something I'd be interested to know as well Regards, Razique Mahroua - Nuage Co razique.mahr...@gmail.com Tel : +33 9 72 37 94 15 NUAGECO-LOGO-Fblan_petit.jpg Le 19 févr. 2013 à 08:05, Ritesh Nanda riteshnand...@gmail.com a écrit : Hello , Is it possible to use external dhcp server , instead of dnsmasq . I am using openstack essex, with vlan manager as network, I have a need where i need to implement dynamic dns, so using dhcp3 as dhcp-server and bind9 as dns is possible. Or is there any way in openstack i can implement dynamic dns in openstack. One more problem which i am facing , dnsmasq has a option to assign static ip to a particular hostname using dhcp-host parameter in dnsmasq config file. i tried it doing by defining the config file of dnsmasq in nova.conf --dnsmasq_config_file=/etc/nova/dnsmasq.conf then in dnsmasq config file i gave options for a particular subnet. dhcp-range=Tenant-operator,10.0.50.3,10.0.50.254,255.255.255.0,24h dhcp-option=Tenant-operator,6,10.0.50.7 domain=operator.com,10.0.50.0/24,local dhcp-host=importantmachine,10.0.50.120 these all options are working except dhcp-host. Can anybody help me with this. -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] external dhcp server instead of dnsmasq
No particular reason except that is what libvirt uses by default and it is easy to modify. Vish On Feb 19, 2013, at 11:51 AM, Diego Parrilla Santamaría diego.parrilla.santama...@gmail.com wrote: Thanks Vish, This is something I always forget to ask: I'm curious about the historical reasons for dnsmasq instead of ISC-DHCP managed with OMAPI, for example. Cheers Diego -- Diego Parrilla CEO www.stackops.com | diego.parri...@stackops.com | +34 649 94 43 29 | skype:diegoparrilla On Tue, Feb 19, 2013 at 8:37 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: You cannot have an external dhcp server with openstack. Openstack needs a way to know the ip address assigned to a vm to do its listing properly. If you don't care about the api returning valid ips there is a possibility of using FlatNetworking (not FlatDHCP) to make nova stick the network into a bridge and not do any dhcp at all. You could then have an external server serving up dhcp ips. I suspect you will probably have to disable security groups completely using NoopFirewallDriver driver to get this to work. As to the reason dhcp-host is not working, I suspect is because we give dnsmasq an external hosts file so you probably would need the host directive there. Vish On Feb 19, 2013, at 4:44 AM, Ritesh Nanda riteshnand...@gmail.com wrote: Hope Vish can answer this , what can be the way around to do this. On Tue, Feb 19, 2013 at 2:01 PM, Razique Mahroua razique.mahr...@gmail.com wrote: Hi, I'm not sure the dhcp-host configuration option exists actually. As for having one another host in VLAN mode is something I'd be interested to know as well Regards, Razique Mahroua - Nuage Co razique.mahr...@gmail.com Tel : +33 9 72 37 94 15 NUAGECO-LOGO-Fblan_petit.jpg Le 19 févr. 2013 à 08:05, Ritesh Nanda riteshnand...@gmail.com a écrit : Hello , Is it possible to use external dhcp server , instead of dnsmasq . I am using openstack essex, with vlan manager as network, I have a need where i need to implement dynamic dns, so using dhcp3 as dhcp-server and bind9 as dns is possible. Or is there any way in openstack i can implement dynamic dns in openstack. One more problem which i am facing , dnsmasq has a option to assign static ip to a particular hostname using dhcp-host parameter in dnsmasq config file. i tried it doing by defining the config file of dnsmasq in nova.conf --dnsmasq_config_file=/etc/nova/dnsmasq.conf then in dnsmasq config file i gave options for a particular subnet. dhcp-range=Tenant-operator,10.0.50.3,10.0.50.254,255.255.255.0,24h dhcp-option=Tenant-operator,6,10.0.50.7 domain=operator.com,10.0.50.0/24,local dhcp-host=importantmachine,10.0.50.120 these all options are working except dhcp-host. Can anybody help me with this. -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] external dhcp server instead of dnsmasq
It is unfortunately regenerated every time an instance is launched, but if you want to test editing it is referenced in the commmandline for dnsmasq. for example on devstack: --dhcp-hostsfile=/opt/stack/data/nova/br100.conf Vish On Feb 19, 2013, at 11:49 AM, Ritesh Nanda riteshnand...@gmail.com wrote: Thanks vish, Can you tell me the location of the external host file we provide to dnsmasq , so that i can try putting the directive there. On Wed, Feb 20, 2013 at 1:07 AM, Vishvananda Ishaya vishvana...@gmail.com wrote: You cannot have an external dhcp server with openstack. Openstack needs a way to know the ip address assigned to a vm to do its listing properly. If you don't care about the api returning valid ips there is a possibility of using FlatNetworking (not FlatDHCP) to make nova stick the network into a bridge and not do any dhcp at all. You could then have an external server serving up dhcp ips. I suspect you will probably have to disable security groups completely using NoopFirewallDriver driver to get this to work. As to the reason dhcp-host is not working, I suspect is because we give dnsmasq an external hosts file so you probably would need the host directive there. Vish On Feb 19, 2013, at 4:44 AM, Ritesh Nanda riteshnand...@gmail.com wrote: Hope Vish can answer this , what can be the way around to do this. On Tue, Feb 19, 2013 at 2:01 PM, Razique Mahroua razique.mahr...@gmail.com wrote: Hi, I'm not sure the dhcp-host configuration option exists actually. As for having one another host in VLAN mode is something I'd be interested to know as well Regards, Razique Mahroua - Nuage Co razique.mahr...@gmail.com Tel : +33 9 72 37 94 15 NUAGECO-LOGO-Fblan_petit.jpg Le 19 févr. 2013 à 08:05, Ritesh Nanda riteshnand...@gmail.com a écrit : Hello , Is it possible to use external dhcp server , instead of dnsmasq . I am using openstack essex, with vlan manager as network, I have a need where i need to implement dynamic dns, so using dhcp3 as dhcp-server and bind9 as dns is possible. Or is there any way in openstack i can implement dynamic dns in openstack. One more problem which i am facing , dnsmasq has a option to assign static ip to a particular hostname using dhcp-host parameter in dnsmasq config file. i tried it doing by defining the config file of dnsmasq in nova.conf --dnsmasq_config_file=/etc/nova/dnsmasq.conf then in dnsmasq config file i gave options for a particular subnet. dhcp-range=Tenant-operator,10.0.50.3,10.0.50.254,255.255.255.0,24h dhcp-option=Tenant-operator,6,10.0.50.7 domain=operator.com,10.0.50.0/24,local dhcp-host=importantmachine,10.0.50.120 these all options are working except dhcp-host. Can anybody help me with this. -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] external dhcp server instead of dnsmasq
nova dhcp and dns architecture won't change. But I'm sure an alternate dhcp implementation could be done as a quantum l3 plugin. So that combined with moniker would likely be the path forward. Vish On Feb 19, 2013, at 12:18 PM, Ritesh Nanda riteshnand...@gmail.com wrote: Thanks again vish Do we have any roadmap to include a functinality for using ISC-dhcp and bind dns as default in openstack. As with the release of Bind 10 a lot of functionality would be getting change from how bind9 worked. Now ISC-dhcp would be saving lease files in database and lot more. Even moinmoin project running to provide DNSaas in openstack that supports bind 9 at present would there be any future change in nova dhcp and dns architecture to the currently it has. On Wed, Feb 20, 2013 at 1:30 AM, Vishvananda Ishaya vishvana...@gmail.com wrote: No particular reason except that is what libvirt uses by default and it is easy to modify. Vish On Feb 19, 2013, at 11:51 AM, Diego Parrilla Santamaría diego.parrilla.santama...@gmail.com wrote: Thanks Vish, This is something I always forget to ask: I'm curious about the historical reasons for dnsmasq instead of ISC-DHCP managed with OMAPI, for example. Cheers Diego -- Diego Parrilla CEO www.stackops.com | diego.parri...@stackops.com | +34 649 94 43 29 | skype:diegoparrilla On Tue, Feb 19, 2013 at 8:37 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: You cannot have an external dhcp server with openstack. Openstack needs a way to know the ip address assigned to a vm to do its listing properly. If you don't care about the api returning valid ips there is a possibility of using FlatNetworking (not FlatDHCP) to make nova stick the network into a bridge and not do any dhcp at all. You could then have an external server serving up dhcp ips. I suspect you will probably have to disable security groups completely using NoopFirewallDriver driver to get this to work. As to the reason dhcp-host is not working, I suspect is because we give dnsmasq an external hosts file so you probably would need the host directive there. Vish On Feb 19, 2013, at 4:44 AM, Ritesh Nanda riteshnand...@gmail.com wrote: Hope Vish can answer this , what can be the way around to do this. On Tue, Feb 19, 2013 at 2:01 PM, Razique Mahroua razique.mahr...@gmail.com wrote: Hi, I'm not sure the dhcp-host configuration option exists actually. As for having one another host in VLAN mode is something I'd be interested to know as well Regards, Razique Mahroua - Nuage Co razique.mahr...@gmail.com Tel : +33 9 72 37 94 15 NUAGECO-LOGO-Fblan_petit.jpg Le 19 févr. 2013 à 08:05, Ritesh Nanda riteshnand...@gmail.com a écrit : Hello , Is it possible to use external dhcp server , instead of dnsmasq . I am using openstack essex, with vlan manager as network, I have a need where i need to implement dynamic dns, so using dhcp3 as dhcp-server and bind9 as dns is possible. Or is there any way in openstack i can implement dynamic dns in openstack. One more problem which i am facing , dnsmasq has a option to assign static ip to a particular hostname using dhcp-host parameter in dnsmasq config file. i tried it doing by defining the config file of dnsmasq in nova.conf --dnsmasq_config_file=/etc/nova/dnsmasq.conf then in dnsmasq config file i gave options for a particular subnet. dhcp-range=Tenant-operator,10.0.50.3,10.0.50.254,255.255.255.0,24h dhcp-option=Tenant-operator,6,10.0.50.7 domain=operator.com,10.0.50.0/24,local dhcp-host=importantmachine,10.0.50.120 these all options are working except dhcp-host. Can anybody help me with this. -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- With Regards Ritesh Nanda ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Folsom] CPU mode host-model generated in libvirt.xml gives error when booting
I seem to recall something similar happening when I built from source. One option is to update your /etc/nova/nova.conf to: libvirt_cpu_mode=host-passthrough Vish On Feb 15, 2013, at 9:07 AM, Sylvain Bauza sylvain.ba...@digimind.com wrote: Hi, Nova is generating libvirt.xml for each instance with cpu mode=host-model match=exact/ As a result, virsh (and nova-compute) refuses to start instance as complaining : error : internal error Cannot find suitable CPU model for given data Libvirt is 0.9.13-0ubuntu12.2~cloud0 and kvm is qemu-1.3 (from source) Please find attached my virsh capabilities (virsh_capabilities.txt) I looked at my previous Essex install (with same kvm version) and no cpu tag is given in libvirt.xml.template. I know that libvirt.xml file generation has been rewritten in Folsom, so I can't see what's wrong, neither how to fix it. Thanks, -Sylvain virsh_capabilities.txt___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] Python-novaclient version 2.11.1
Hi Everyone, I pushed another version of python novaclient (2.11.1) to pypi[1]. There was a bug[2] with using the gnome keyring that was affecting some users, so the only change from 2.11.0 is the inclusion of a fix for the bug. [1] http://pypi.python.org/pypi/python-novaclient/ [2] https://bugs.launchpad.net/python-novaclient/+bug/1116302 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] [nova] python-novaclient 2.11.0 release
Hello Everyone, I just pushed version 2.11.0 of python-novaclient to Pypi. There are a lot of fixes and features in this release. Here is a brief overview: Bug Fixes - private key files now created with 400 permissions nova quota-show now uses current tenant by default nova live-migration supports automatic dest host fixed bash completion on osx simplified keyring support fixed for keypair-add to expand homedir improved instance fault printing fixed for prettytable 6.1 fixed tls support fixed alphanumeric flavor ids improved search by name for nova list added support for missing quota types fixed nova boot nics support with bdm Feature Support --- nova usage (folsom) nova boot --image-with (folsom) nova boot --num-instances (folsom) nova availability-zone-list (grizzly) nova get-spice-console (grizzly) nova get-password (grizzly) nova net-list (grizzly) nova evacuate (grizzly admin) nova coverage-report (grizzly admin) nova manage agent-* (grizzly admin) nova network-create/(dis)associate/ (grizzly admin) nova floating-ip-bulk-* (grizzly admin) nova scrub (grizzly admin) nova baremetal-* (grizzly admin) As always bugs can be reported at: https://bugs.launchpad.net/python-novaclient Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Nova issue
You are likely doing the associate too early. You should wait until the vm is showing a fixed ip address before associating a floating ip. Vish On Feb 6, 2013, at 7:50 AM, Nivrutti Kale n...@connectem.net wrote: Hi All, I am trying to associate IP to the instance. I am getting following error. Error: No nw_info cache associated with instance (HTTP 400) . I created IP pool using following command nova-manage floating create --pool=nova --ip_range=10.42.0.32/27 Thanks Regards nivrutti ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] nova-base.xml
On Feb 4, 2013, at 2:29 AM, Joe Warren-Meeks joe.warren.me...@gmail.com wrote: Hi guys, I need to have arp and mac spoofing work on my virts so that HA works as I need it. I've used virsh nwfilter-edit nova-base to edit and remove the bits I need, however it looks like that change was undone when the server was dist-upgraded What is the proper way to make these changes permanent? You could redefine nova-base in the code here: nova/virt/libvirt/firewall.py You could also change the line: 123 if pipelib.is_vpn_image(instance['image_ref']): to: 123 if True: which will cause all instances to get nova-vpn instead of nova base which allows spoofing. Vish Kind regards -- joe. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Single IP Pool and Multiple Tenant
On Feb 1, 2013, at 8:24 PM, Umar Draz unix...@gmail.com wrote: So this is not possible that create a dedicated floating ip pools that share all tenant. I have 128 ip pools and different tenant, I don't want a tenant hold the ip even if its not needed. I want a central pool every tenant should acquire the ip address from that pool. Br. Umar This is exactly what is happening. I think you have a basic misunderstanding of how floating ips work. The purpose of a floating ip is to be able to move it from one server to another (hence the term floating). A project therefore must explicitly reserve an ip before using it and unreserve it when it is finished. The reserve command is: nova floating-ip-create # returns an address This will pick an address from the pool and reserve it for the project. The project is then free to associate it with a server: nova add-floating-ip server address If the project then wants to remove the floating ip: nova remove-floating-ip server address And associate it with another server: nova add-floating-ip other-server address When the project is done with the floating ip it should unreserve it (which returns it to the pool): nova floating-ip-delete address In the cloud world instances are ephemeral. Floating ips are designed to last beyond the length of an individual server. Note that the reservation is necessary so that: a) a user knows a floating ip that he/she can use b) another user doesn't 'steal' the floating ip during the remove/add process. This is the standard way that floating ips work (and is equivalent to elastic ips in aws) so it shouldn't be hard to explain to your users to do it this way. You could modify the code in various ways to automatically reserve/unreserve ips for you, but I think this will be very confusing and annoying to your users. One possible compromize is to have a periodic db check for ips that haven't been used for a while and automatically return them to the pool. It seems like what you really want is: auto_assign_floating_ip=True # automatically assign a floating ip to every instance This saves the users from having to do any manual management of floating ips. It sounds like you don't really want floating ips anyway. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Single IP Pool and Multiple Tenant
yes it works the same way in horizon; first you allocate and then you associate. Vish On Feb 2, 2013, at 9:27 AM, Umar Draz unix...@gmail.com wrote: Hi Thanks for your reply, Yeh I had some misunderstand about Floating IPs. Now is this possible I can create floating ip from dashboard/horizon? Br. Umar On Sat, Feb 2, 2013 at 9:33 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: On Feb 1, 2013, at 8:24 PM, Umar Draz unix...@gmail.com wrote: So this is not possible that create a dedicated floating ip pools that share all tenant. I have 128 ip pools and different tenant, I don't want a tenant hold the ip even if its not needed. I want a central pool every tenant should acquire the ip address from that pool. Br. Umar This is exactly what is happening. I think you have a basic misunderstanding of how floating ips work. The purpose of a floating ip is to be able to move it from one server to another (hence the term floating). A project therefore must explicitly reserve an ip before using it and unreserve it when it is finished. The reserve command is: nova floating-ip-create # returns an address This will pick an address from the pool and reserve it for the project. The project is then free to associate it with a server: nova add-floating-ip server address If the project then wants to remove the floating ip: nova remove-floating-ip server address And associate it with another server: nova add-floating-ip other-server address When the project is done with the floating ip it should unreserve it (which returns it to the pool): nova floating-ip-delete address In the cloud world instances are ephemeral. Floating ips are designed to last beyond the length of an individual server. Note that the reservation is necessary so that: a) a user knows a floating ip that he/she can use b) another user doesn't 'steal' the floating ip during the remove/add process. This is the standard way that floating ips work (and is equivalent to elastic ips in aws) so it shouldn't be hard to explain to your users to do it this way. You could modify the code in various ways to automatically reserve/unreserve ips for you, but I think this will be very confusing and annoying to your users. One possible compromize is to have a periodic db check for ips that haven't been used for a while and automatically return them to the pool. It seems like what you really want is: auto_assign_floating_ip=True # automatically assign a floating ip to every instance This saves the users from having to do any manual management of floating ips. It sounds like you don't really want floating ips anyway. Vish -- Umar Draz Network Architect ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Single IP Pool and Multiple Tenant
What do you mean it isn't visible? you should be able to do: nova floating-ip-create mypool as any user. Vish On Feb 1, 2013, at 10:29 AM, Umar Draz unix...@gmail.com wrote: Hi All, I have 3 Tenant (admin, rebel, penguin). Also have 3 different users for these Tenants I have /25 network pool from my datacenter. I have created my default pool using this name nova-manage floating create --pool mypool --ip_range 73.63.93.128/25 Now the problem is I can only see this pool in my admin user, rebel and penguin user's vms are unable to see this floating pool. I want this pool should be visible for all my tenant and I can allocate ip from this pool to any virtual machine regardless of tenant, is this possible? Br. Umar ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Cant start nova vm's - iptables-restore error
I suspect you are suffering from this recently fixed bug: https://bugs.launchpad.net/nova/+bug/1103436 If you update your nova code and and run everything you should be ok. Vish On Feb 1, 2013, at 10:20 AM, Wojciech Dec wdec.i...@gmail.com wrote: Hi All, while testing the latest code under devstackon a multi-node setup, I'm having problems starting up VMs, with the following symptoms. Any hints as to causes or possible fixes? Thanks, Woj. controller:~/devstack$ nova show test1 +-++ | Property| Value | +-++ | status | ERROR | | updated | 2013-02-01T18:10:22Z | | OS-EXT-STS:task_state | None | | OS-EXT-SRV-ATTR:host| comp1 | | key_name| None | | image | cirros-0.3.0-x86_64-uec (cee50310-6b6c-46ca-acfd-e69c53b4a475) | | private network | 10.0.0.3 | | hostId | 3f02ed3670b7d77f5fff336b6d99083ffb9de4021a15ee9bc7871536 | | OS-EXT-STS:vm_state | error | | OS-EXT-SRV-ATTR:instance_name | instance-000c | | OS-EXT-SRV-ATTR:hypervisor_hostname | comp1 | | flavor | m1.tiny (1) | | id | 86f90ed0-82fd-44fc-bc61-98f1dbbc7a5b | | security_groups | [{u'name': u'default'}] | | user_id | f92ba21f5c464c77a383e939153472a2 | | name| test1 | | created | 2013-02-01T18:09:53Z | | tenant_id | 9690f85f9c20486cbf6be83cc02c92b7 | | OS-DCF:diskConfig | MANUAL | | accessIPv4 | | | accessIPv6 | | | fault | {u'message': u'ProcessExecutionError', u'code': 500, u'details': u'Unexpected error while running command. | | | Command: sudo nova-rootwrap /etc/nova/rootwrap.conf iptables-restore -c | | | Exit code: 1 | | | Stdout: \'\' | | | Stderr: \'iptables-restore: line 1 failed\ | | | \'
Re: [Openstack] Single IP Pool and Multiple Tenant
Floating-ip-create is a user command that allocates a floating ip to a tenant. It pulls it out of the pool so other tenants cannot use it. Floating IPS are available for all projects. Any user can allocate an IP and then associate it. Vish On Feb 1, 2013 7:35 PM, Umar Draz unix...@gmail.com wrote: HI Vish, I always connect my Controller or Compute node with root user for nova commands and here is the .bashrc of root user export OS_NO_CACHE=1 export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=plainJet b0j@n1ca export OS_AUTH_URL=http://172.168.1.2:5000/v2.0/; export ADMIN_PASSWORD=plainJet b0j@n1ca export SERVICE_PASSWORD=plainJet b0j@n1ca export SERVICE_TOKEN=78ddf99 export SERVICE_ENDPOINT=http://172.168.1.2:35357/v2.0; export SERVICE_TENANT_NAME=service According to above bashrc everything I do will be run as admin user. 1) Then how I can run nova commands for other users? 2) I don't want to run this floating-ip-create 50 times for my 50 tenant 3) Is there possible I just run this one time and it should be available for all projects? Br. Umar On Sat, Feb 2, 2013 at 6:27 AM, Vishvananda Ishaya vishvana...@gmail.comwrote: What do you mean it isn't visible? you should be able to do: nova floating-ip-create mypool as any user. Vish On Feb 1, 2013, at 10:29 AM, Umar Draz unix...@gmail.com wrote: Hi All, I have 3 Tenant (admin, rebel, penguin). Also have 3 different users for these Tenants I have /25 network pool from my datacenter. I have created my default pool using this name nova-manage floating create --pool mypool --ip_range 73.63.93.128/25 Now the problem is I can only see this pool in my admin user, rebel and penguin user's vms are unable to see this floating pool. I want this pool should be visible for all my tenant and I can allocate ip from this pool to any virtual machine regardless of tenant, is this possible? Br. Umar ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- Umar Draz Network Architect ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [keystone] Why are we returing such a big payload in validate token?
On Jan 31, 2013, at 6:37 PM, Ali, Haneef haneef@hp.com wrote: Isn’t signed token an optional feature? If so validateToken is going to be a high frequency call. Also “Service Catalog” is a constant, the services can cache it. It doesn’t need to be part of validateToken. Service catalog is not a constant. That said the only time it is used is when a service needs to proxy a call to another service using the same token. If we had a reasonable way to make requests on behalf of other users we don't really need it as the service could just keep its own catalog and make requests on behalf of the requesting user. Vish Thanks Haneef From: openstack-bounces+haneef.ali=hp@lists.launchpad.net [mailto:openstack-bounces+haneef.ali=hp@lists.launchpad.net] On Behalf Of Adam Young Sent: Thursday, January 31, 2013 6:25 PM To: openstack@lists.launchpad.net Subject: Re: [Openstack] [keystone] Why are we returing such a big payload in validate token? On 01/31/2013 07:44 PM, Ali, Haneef wrote: Hi, As of now v3 validateToken response has “tokens, service catalog, users, project , roles and domains. (i.e) Except for groups we are returning everything. We also discussed about the possibility of 100s of endpoints. ValidateToken is supposed to be a high frequency call .This is Validate token should not going be a high frequency call. The information is encapsulated inside the signed token for just that reason. I would agree with the sentiment, however, that we are cramming a lot of info into the token. TOkens should be scoped much, much more finely: by default one service or endpoint, and one tenant. The only thing that should require the full service catalog is the initial request of an unsigned token, and that should merely go back to the client. going to be a huge performance impact . What is the use case for such a big payload when compared with v2? If a service needs catalog , then the service can always ask for the catalog. Thanks Haneef ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] multiple public ip
On Jan 30, 2013, at 11:35 AM, Umar Draz unix...@gmail.com wrote: Hi Caitlin, I need multiple ip address for my Haproxy server. Here is my senario I have already running Haproxy Server virtual machine for web load balancing on vSphare with 45 public ip address. We are running 45 diffrent websites and we required diffrent ips for each webiste. We have 6 webservers with only local ip address. These 6 webservers holding all 45 websites. Haproxy just forward the request to local webservers accorindg to DNS. You can associate multiple floating ips to a single instance. Floating ips just create natting entries. Keep in mind that traffic that originates from the server will only come from one of these ips. Also there is no way for the server to determine which ip address the traffic came in on so you will need to do the forwarding at the HTTP layer which has access to the domain name used for the request. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] nova client support for restore from soft delete ?
On Jan 29, 2013, at 8:55 AM, Day, Phil philip@hp.com wrote: Hi Folks, Does the nova client provide support to restore a soft deleted instance (and if not, what is the process for pulling an instance back from the brink) ? If you have reclaim_instance_interval set then you can restore instances via an admin api command. If not then you are not going to have much luck reclaiming the insance becasue the drive will be deleted. If by some chance you have the backing files still, then you should be able to fix the db and do a hard reboot on the instance to get it to come back up. Fixing the db is mostly about setting deleted=False but keep in mind that you will also have to manually restore the vif and reassociate the fixed ip which hopefully hasn't been associated to a new instance. Vish___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Reinstating Trey Morris for Nova Core
In the future these should probably be done on the dev list. But for now I'm adding him back. Congrats trey. Vish On Jan 24, 2013, at 5:23 AM, Gary Kotton gkot...@redhat.com wrote: +1 On 01/23/2013 05:51 PM, Joe Gordon wrote: +1 On Wed, Jan 23, 2013 at 7:58 AM, Chris Behrens cbehr...@codestud.com wrote: +1 On Jan 22, 2013, at 5:38 PM, Matt Dietz matt.di...@rackspace.com wrote: All, I think Trey Morris has been doing really well on reviews again, so I'd like to propose him to be reinstated for Nova core. Thoughts? -Dietz ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Tenant Isolation - Virtualbox
There is nothing wrong with your setup. L3 routing is done by the network node. L3 is already blocked by security groups. The vlans provide L2 isolation. Essentially we handle this with convention, as in tell your tenants not to open up their firewalls if they don't want to be accessed by other tenants. for example: nova secgroup-add-rule default tcp 22 22 192.168.0.0/24 # or some other restricted range instead of: nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 People seem to expect l3 traffic to be totally blocked between tenants. I'm not totally convinced that is good behavior, but it should be possible to produce a patch that will do this. In fact I've put together a potential version here: https://review.openstack.org/#/c/20362/ Unless I've messed something up, with this patch, you should be able to set: bridge_forward_inteface=xxx # where xxx is your public_interface And get the behavior you expect. Vish On Jan 23, 2013, at 2:27 PM, Ronivon Costa ronivon.co...@gmail.com wrote: Hello, I have just installed Folsom in a physical server, and the tenants can also ping and ssh into each others instances. I think there is something wrong with my setup. Below I provide some info from the deployment. Any tip will be very much appreciated. Thanks. Roni nova-manage network list idIPv4IPv6start address DNS1 DNS2VlanID project uuid 1 10.0.0.0/24 None10.0.0.3None None100 c0561ee64e6c40b2aea3bdcf47916f18 c417baf7-f989-49d9-973d-f6f2b51a2d5c 2 10.0.1.0/24 None10.0.1.3None None101 36ae086d927f49039cedfcb046463876 4bff308a-7990-46a4-952b-772d4953cb10 -- brctl show bridge name bridge id STP enabled interfaces br100 8000.fa163e7b7397 no vlan100 vnet0 br101 8000.fa163e7baec0 no vlan101 vnet1 --- br100 Link encap:Ethernet HWaddr fa:16:3e:7b:73:97 inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::b016:8dff:fefa:43db/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:531 errors:0 dropped:0 overruns:0 frame:0 TX packets:803 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:66890 (66.8 KB) TX bytes:90421 (90.4 KB) br101 Link encap:Ethernet HWaddr fa:16:3e:7b:ae:c0 inet addr:10.0.1.1 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::c41:bbff:fed4:354b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:422 errors:0 dropped:0 overruns:0 frame:0 TX packets:574 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:65212 (65.2 KB) TX bytes:69840 (69.8 KB) dummy0Link encap:Ethernet HWaddr 02:dc:e1:5c:aa:5e inet6 addr: fe80::dc:e1ff:fe5c:aa5e/64 Scope:Link UP BROADCAST RUNNING NOARP MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:169 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:23932 (23.9 KB) dummy1Link encap:Ethernet HWaddr 72:2d:2b:59:a2:d1 BROADCAST NOARP MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) dummy2Link encap:Ethernet HWaddr 72:6f:28:d7:e8:cd BROADCAST NOARP MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) eth0 Link encap:Ethernet HWaddr 00:1a:92:08:1f:47 inet addr:10.100.200.126 Bcast:10.100.200.255 Mask:255.255.255.0 inet6 addr: fe80::21a:92ff:fe08:1f47/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:210280 errors:1 dropped:0 overruns:0 frame:1 TX packets:20752 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:310541700 (310.5 MB) TX bytes:1983489 (1.9 MB) loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:91449 errors:0
Re: [Openstack] Folsom: boot from volume snapshot using nova.conf and not cinder?
On Jan 22, 2013, at 12:32 PM, Blair Zajac bl...@orcaware.com wrote: /usr/bin/nova-volume The wrong bin is running. You should be running /usr/bin/cinder-volume if you are using cinder. It doesn't look like you have configured cinder properly. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Reinstating Trey Morris for Nova Core
+1 We mentioned previously that we would fast-track former core members back in. I gess we can wait a couple of days to see if anyone objects and then add him back. Vish On Jan 22, 2013, at 3:38 PM, Matt Dietz matt.di...@rackspace.com wrote: All, I think Trey Morris has been doing really well on reviews again, so I'd like to propose him to be reinstated for Nova core. Thoughts? -Dietz ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Error while creating cinder volume
in folsom, cinder didn't automatically convert images to raw when creating a volume. This is necessary because a qcow written directly to a volume will not boot properly. This means you need to create a volume that is the size of the virtual disk. Vish On Jan 16, 2013, at 8:39 PM, Bontala, Vibhuvardhan vibhuvardhan.bont...@emc.com wrote: Hi, I have a Glance image that I am using to create a Cinder volume using the native iSCSI driver. It had always worked in Folsom. But when I am trying for the first time on the Grizzly-2 code base, I am seeing an error. I have sufficient space in my root partition. The command I used to create the Cinder volume is below. cinder create 2 --image-id cca54f84-f0ff-4e8e-a9e9-671f4f1b5dc5 --display-name Vol1 2013-01-16 16:47:24.547 DEBUG cinder.utils [req-97f721cb-a87a-40f6-82ad-b3523b655800 4b84a5d2b68e4d3aa640b0888bbc606e 7525b3ad32a043b3b9ad2dded6c4a8e0] Running cmd (subprocess): sudo /usr/local/bin/cinder-rootwrap /etc/cinder/rootwrap.conf qemu-img convert -O raw /tmp/tmplZsSWZ /dev/mapper/stack--volumes-volume--730f75cc--24da--4838--9308--d56954eb4974 from (pid=27138) execute /opt/stack/cinder/cinder/utils.py:162 2013-01-16 16:47:24.661 DEBUG cinder.utils [req-97f721cb-a87a-40f6-82ad-b3523b655800 4b84a5d2b68e4d3aa640b0888bbc606e 7525b3ad32a043b3b9ad2dded6c4a8e0] Result was 1 from (pid=27138) execute /opt/stack/cinder/cinder/utils.py:179 2013-01-16 16:47:25.104 ERROR cinder.openstack.common.rpc.amqp [-] Exception during message handling 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp Traceback (most recent call last): 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/openstack/common/rpc/amqp.py, line 276, in _process_data 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp rval = self.proxy.dispatch(ctxt, version, method, **args) 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/openstack/common/rpc/dispatcher.py, line 145, in dispatch 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp return getattr(proxyobj, method)(ctxt, **kwargs) 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/volume/manager.py, line 236, in create_volume 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp self._copy_image_to_volume(context, volume_ref, image_id) 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/volume/manager.py, line 420, in _copy_image_to_volume 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp self.db.volume_update(context, volume_id, {'status': 'error'}) 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /usr/lib/python2.7/contextlib.py, line 24, in __exit__ 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp self.gen.next() 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/volume/manager.py, line 412, in _copy_image_to_volume 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp image_id) 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/volume/driver.py, line 676, in copy_image_to_volume 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp self.local_path(volume)) 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/image/image_utils.py, line 233, in fetch_to_raw 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp convert_image(tmp, dest, 'raw') 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/image/image_utils.py, line 191, in convert_image 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp utils.execute(*cmd, run_as_root=True) 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp File /opt/stack/cinder/cinder/utils.py, line 186, in execute 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp cmd=' '.join(cmd)) 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp ProcessExecutionError: Unexpected error while running command. 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp Command: sudo /usr/local/bin/cinder-rootwrap /etc/cinder/rootwrap.conf qemu-img convert -O raw /tmp/tmplZsSWZ /dev/mapper/stack--volumes-volume--730f75cc--24da--4838--9308--d56954eb4974 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp Exit code: 1 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp Stdout: '' 2013-01-16 16:47:25.104 TRACE cinder.openstack.common.rpc.amqp Stderr: 'qemu-img: /dev/mapper/stack--volumes-volume--730f75cc--24da--4838--9308--d56954eb4974: error while converting raw: No space left on device\n' I have sufficient space on the local hard disk.
Re: [Openstack] Total Network Confusion
On Jan 15, 2013, at 8:43 AM, Joe Warren-Meeks joe.warren.me...@gmail.com wrote: So, now you should be done. However, Openstack will try to add in a SNAT rule to SNAT some outbound traffic. Vish suggested leaving --routing_source_ip= in nova.conf set to nothing, but that doesn't work, it throws an error when setting up the iptables rules. Hope that helps! -- joe. Which version of the code are you running? This is definitely in folsom: https://github.com/openstack/nova/commit/959c93f6d3572a189fc3fe73f1811c12323db857 I use this setting in my deployments. It won't work in essex though. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Glance, boto and image id
On Jan 14, 2013, at 7:49 AM, Jay Pipes jaypi...@gmail.com wrote: There is an integer key in the s3_images table that stores the map between the UUID and the AMI image id: https://github.com/openstack/nova/blob/master/nova/db/sqlalchemy/models.py#L964 Not sure this is available via Horizon... sorry. Correct. Here are some options: a) query the db directly for the mapping b) write an api extension to nova that exposes the mapping c) write an external utility that syncs the info from the nova db into glance metadata d) modify horizon to list images through the ec2 api instead of glance Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Add NIC to running instance?
This doesn't exist yet, but I thought at one point it was being worked on. Hot-adding nics would be a great feature for the quantum integration especially. Blueprint here: https://blueprints.launchpad.net/nova/+spec/network-adapter-hotplug There was work done here: https://review.openstack.org/#/c/11071/ But it hasn't been touched for a while. Not sure what happened to it. Vish On Jan 14, 2013, at 8:00 AM, Wojciech Dec wdec.i...@gmail.com wrote: Hi All, is there a nova command to add a NIC to a running instance (ie without the need to do nova boot ... --nic 1 --nic new-nic) ? Documentation not showing up anything... Regards, W. Dec ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Glance, boto and image id
On Jan 14, 2013, at 9:28 AM, Antonio Messina antonio.s.mess...@gmail.com wrote: On Mon, Jan 14, 2013 at 6:18 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: On Jan 14, 2013, at 7:49 AM, Jay Pipes jaypi...@gmail.com wrote: There is an integer key in the s3_images table that stores the map between the UUID and the AMI image id: https://github.com/openstack/nova/blob/master/nova/db/sqlalchemy/models.py#L964 Not sure this is available via Horizon... sorry. Correct. Here are some options: a) query the db directly for the mapping b) write an api extension to nova that exposes the mapping c) write an external utility that syncs the info from the nova db into glance metadata d) modify horizon to list images through the ec2 api instead of glance I guess d) depends on b), since we cannot assume horizon is running on the same machine as the nova-api service. Not really. The ec2 api exposes ec2_style ids instead of uuids. It seems better to just provide one view of ids to your users. If you are suggesting they use the ec2 api then the uuids may not be needed. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Glance, boto and image id
On Jan 14, 2013, at 10:15 AM, Antonio Messina antonio.s.mess...@gmail.com wrote: On Mon, Jan 14, 2013 at 7:07 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: On Jan 14, 2013, at 9:28 AM, Antonio Messina antonio.s.mess...@gmail.com wrote: On Mon, Jan 14, 2013 at 6:18 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: On Jan 14, 2013, at 7:49 AM, Jay Pipes jaypi...@gmail.com wrote: There is an integer key in the s3_images table that stores the map between the UUID and the AMI image id: https://github.com/openstack/nova/blob/master/nova/db/sqlalchemy/models.py#L964 Not sure this is available via Horizon... sorry. Correct. Here are some options: a) query the db directly for the mapping b) write an api extension to nova that exposes the mapping c) write an external utility that syncs the info from the nova db into glance metadata d) modify horizon to list images through the ec2 api instead of glance I guess d) depends on b), since we cannot assume horizon is running on the same machine as the nova-api service. Not really. The ec2 api exposes ec2_style ids instead of uuids. It seems better to just provide one view of ids to your users. If you are suggesting they use the ec2 api then the uuids may not be needed. I just misread: instead of d), I've read something like e) modify horizon to list ec2 images id together with glance uuid I will try to better explain the issue: I want my users to be able to customize some of the images already present on our cloud by creating snapshots. Then, they should be able to use our software (which uses EC2 api) to run their jobs. Our software is non-interactive, so I can't print a list from which the user can chose the correct image, the user must write the id on a configuration file. I thing d) or e) would be fine, but d) will make our use case hard to apply to other clouds, while if OpenStack would accept a patch for e) we could be able to use other clouds as well... Understood. An api extension to get the mapping seems perfectly reasonable. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] No routing between OpenStack networks
Hi Markus, It kind of depends on exactly how you are routing on the gateway host, but it might be libvirt-enabled ebtables filtering that is causing your problem here. By default we block traffic from a machine that is not coming from the same source ip and mac that is assigned to the instance. As a test you could try dropping libvirt's ebtables rules on the compute host and see if it fixes your issue: sudo ebtables -t nat -F If that fixes your problem you will need to figure out a way to allow certain vms to avoid getting filtering. We do something similar for cloudpipe images, so one option is to make a specific image for your gateway vms and set the conf option: vpn_image_id=image_uuid This will cause the image to be launched without filtering rules allowing it to send out packets from other macs. If the flush of ebtables doesn't fix your issue then it may be misconfiguration in the gateway vm or some quantum/ovs settings that are getting in your way. Vish On Jan 11, 2013, at 8:28 AM, Markus Breitlaender markus.breitlaen...@fh-dortmund.de wrote: Hi, I am trying to setup a VM/instance with two NICs that should act as a gateway and provide routing service between two quantum networks. Steps to reproduce: - Install OpenStack Folsom with Quantum and Horizon - Quantum Configuration in nova.conf: # Network settings network_api_class=nova.network.quantumv2.api.API quantum_url=http://10.129.16.10:9696 quantum_auth_strategy=keystone quantum_admin_tenant_name=zzz quantum_admin_username=yyy quantum_admin_password=xxx quantum_admin_auth_url=http://10.129.16.10:35357/v2.0 libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver - I'm not running the quantum l3 agent. I am using the OVS plugin. - Using Horizon, create two new networks. Assign subnets 10.77.77.0/24 and 10.88.88.0/24 - Spawn three VMs using Horizon - Name the first VM gateway and place it into both networks - Name the second VM peer1 and put it into the 10.77.77.0/24 network - Name the third VM peer2 and put it into the 10.88.88.0/24 network - Enable IP forwarding on gateway - Set the default gateway on peer1 to gateway's IP address in the 10.77.77.0/24 network - Set the default gateway on peer2 to gateway's IP address in the 10.88.88.0/24 network - Ping peer1 and peer2 from gateway - works fine for me - From peer1, ping gateway's interface on the 10.77.77.0/24 network. works fine for me. - From peer2, ping gateway's interface on the 10.88.88.0/24 network. works fine for me. - Ping peer2 from peer1. Doesn't work for me, no error message - From peer1, ping gateway's interface on the 10.88.88.0/24 network. Doesn't work for me, no error message. - From peer2, ping gateway's interface on the 10.77.77.0/24 network. Doesn't work for me, no error message. It seems that the packets with source address 10.77.77.x are not transported on the 10.88.88.x network and vice versa. Cheers, Markus ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Key injection failure on boot
Key name is the recommended method, but injecting it into the guest is not. The key should be downloaded from the metadata server using a guest process like cloud-init. Vish On Jan 11, 2013, at 10:20 AM, David Kranz david.kr...@qrclab.com wrote: Sometimes when I boot a bunch of vms seconds apart, using the key_name argument, some instance will not have its key injected. I found a bug ticket marked won't fix with a comment from Vish that key injection was for developer convenience[1]. Of course the personality argument could also be used to inject the file. This is odd because key_name is a documented part of nova client, as the files mechanism. So what is the recommended way to do what the key_name argument is documented to do? I think if key_name is not intended to work it should be removed from nova client. -David [1] https://bugs.launchpad.net/nova/+bug/967994 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Key injection failure on boot
If it isn't showing up sometimes, there should be some data in the guest console log from cloud-init about failing to download the key or failing to get metadata or something. If you could track down what is going on there it would be very helpful. If you have some other means to login to the instance you could also verify that the public key is actually showing in the metadata server: curl http://169.254.169.254/2009-04-04/meta-data/public-keys/0/openssh-key (from http://docs.openstack.org/trunk/openstack-compute/admin/content/metadata-service.html) Vish On Jan 11, 2013, at 11:25 AM, David Kranz david.kr...@qrclab.com wrote: Thanks Vish, but I am still a little confused. I am using an ubuntu precise cloudimg and normally when I pass a keyname to boot, the public key shows up in ~ubuntu/.ssh/authorized_keys. Looking at the console log, I presume it is the guest cloud-init that is doing that. But sometimes not. This has to be a bug some where even if it is not in nova. There is a lot of mechanism here that I don't understand. If there is documentation some where about exactly how to use metadata to install an ssh key I can't find it. Do you have any more advice? -David On 1/11/2013 1:32 PM, Vishvananda Ishaya wrote: Key name is the recommended method, but injecting it into the guest is not. The key should be downloaded from the metadata server using a guest process like cloud-init. Vish On Jan 11, 2013, at 10:20 AM, David Kranz david.kr...@qrclab.com wrote: Sometimes when I boot a bunch of vms seconds apart, using the key_name argument, some instance will not have its key injected. I found a bug ticket marked won't fix with a comment from Vish that key injection was for developer convenience[1]. Of course the personality argument could also be used to inject the file. This is odd because key_name is a documented part of nova client, as the files mechanism. So what is the recommended way to do what the key_name argument is documented to do? I think if key_name is not intended to work it should be removed from nova client. -David [1] https://bugs.launchpad.net/nova/+bug/967994 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Instances RedHat / Centos / Fedora vs /dev/vdx
On Jan 10, 2013, at 5:50 AM, Alex Vitola alex.vit...@gmail.com wrote: I'm creating the Dashboard / Horizon. Using m1.small flavor. Strange that using the same process works with Ubuntu. Using command line, same problem ~# nova boot --flavor=6 --image=e4fc62b7-5e1b-457b-a578-26939b547ed0 CentOS-6.3-i386- --tenant_id=debd50b4ec2b4905a3296ac0f0971849 Maybe try the x86_64 version? I know that I've had trouble in the past trying to boot 32 bit guests on 64 bit hosts or vice versa Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Can't ping self public IP address
I believe that this bug only happens if: a) you have your floating ips on a different interface from your flat ips b) you are using an external gateway for the fixed ips (a custom dnsmasq config file) I've noticed that self-ping also breaks if you have dmz_cidr set to your fixed_range (this isn't necessary and should be removed) I suspect you don't have the broken setup, because it also seems to completely break floating ips per this bug: https://bugs.launchpad.net/nova/+bug/1096985 Assuming you are hitting the same bug, there isn't really a good workaround besides merging the patch. Vish On Jan 9, 2013, at 3:02 AM, Dave Pigott dave.pig...@linaro.org wrote: Hi all, I note from https://bugs.launchpad.net/nova/+bug/1096259 that there's an issue that means an instance can't ping it's own public IP address. Does anyone know of a workaround until this gets fixed? Thanks Dave ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Disabling NAT
If you are attempting to stop nova-network from snatting for instances you can very easily do it with conf: routing_source_ip= (set routing_source_ip to none) This will stop the snat for instances. Please note that you will need to provide a gateway through dnsmasq for your instances to reach the internet. Vish On Jan 9, 2013, at 5:58 AM, Joe Warren-Meeks joe.warren.me...@gmail.com wrote: Hi guys, I've managed to disable NAT by deleting the correct rule. This means all my instances are properly routable no, which is exactly what I want. To do this, I'm using iptables -vnL -t nat --line-numbers to get the rule number from the nova-network-snat chain and deleting it using: iptables -t nat -D nova-network-snat num My question is when and where are those snat rules created, so that I can prevent them from being setup in the first place. Kind regards -- joe. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Nova - Switch Network mode
I don't think you can keep the same ip addresses. You will have to manually stop vms and recreate themn in libvirt with new ip addresses, while making sure to manually create all of the db tables for networks properly. Your best bet might be to snapshot all of your vms into glance, delete and reinstall nova in vlan mode, and relaunch the vms from the snapshots. Alternatively, you could try installing a vlan version somewhere new, running a new vm for each vm in your old system, then manually stopping those vms and overwriting their disk files with your old disk files and restarting. The guest os might complain about the change in mac address though, so you may have to vnc in and manually fix some networking issues in your guests. Vish On Jan 4, 2013, at 3:32 AM, Bruno Parreira bsen...@gmail.com wrote: Even being extremely difficult what would have to be done? we can stop the VMs if that helps. Bruno Enviado do meu iPad No dia 03/01/2013, às 21:18, Vishvananda Ishaya vishvana...@gmail.com escreveu: This will be extremely difficult. I wouldn't recommend it. It would probably be easier to make a manual cloudpipe instance instead of having nova manage it. You will just have to do some tweaking of the nwfilter rules of the vm. An even easier solution would be to just make a bastion vm that the collaborators can ssh through. Vish On Jan 3, 2013, at 12:05 PM, bruno sendas bsen...@gmail.com wrote: Hi, We have OpenStack Folsom deployed in one computer where there are several VM's running and we want to instantiate cloudpipe to provide access to external collaborators. The problem is that the network was deployed using Flat DHCP mode and now we have to change it to VLAN mode, is it possible to change the networking mode without having to shutdown the VM's ? Can anybody give the main steps or tips to change the networking mode in the least disrupting way? Kind regards, Bruno Sendas ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] network problem
Need a little more info: a) what does your nova.config look like? Specifically what is the setting for flat_interface? b) what command did you use to create your network? c) what is the output of brctl show? d) what is the output of ip addr show? Vish On Jan 2, 2013, at 11:11 PM, Umar Draz unix...@gmail.com wrote: Hi here is my setup 1) controller - 63.73.22.22 2) compute-1 - 63.73.22.23 3) compute-2 - 63.73.22.24 The Local network is 10.10.10.0/24 for virtual machines. I have created 2 virtual machines. Controller automatically creates 1 Virtual machine on compute-1 and 2nd on compute-2. 1) Compute-1's Virtual Machine local ip is 10.10.10.3 2) Compute-2's Virtual Machine local ip is 10.10.10.4 Now the problem is I can not ping 10.10.10.3 from Compute-2's virtual machine. and Same thing on Compute-1's virtual machine. Even I can not ping or access both virtual machines from controller node. Compute-1 can only access its own virtual machine and Compute-2 can only access its own virtual machines. Would you please help me what should I do? Best Regards, Umar ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Potential filter scheduler enhancement
I think this seems reasonable, although FYI, openstack-dev seems like a better place for emails like this. Vish On Jan 3, 2013, at 6:40 AM, Day, Phil philip@hp.com wrote: Hi Folks, and Happy New Year. In working with the Filter Scheduler I’m considering an enhancement to make the final host selection stage configurable. Whilst its sometimes fine to just pick the first host from the list of weighted hosts, the more general case is that I’d like to be able to have the scheduler pick one of the first N hosts on the weighted list.The specific use cases that I have in mind are: - On a large system there is very rarely a single ideal / optimal host for a particular instance to be placed on. In practice any of the N most suitable hosts would be fine and allowing the scheduler to randomly pick one of these would add some spread for multiple requests that come in at the same time. (I know we now have the retry mechanism if a particular host can’t in fact handle a specific request – this is a complement to that rather an alternative). Of course anyone who wants to schedule to host in strict weighted order would be able to configure N to be 1 (or we could keep the current host selection method as a separate default) - When creating M instances in one request we could just put each onto one of the first M hosts in the list (since these have all been filtered as being suitable) instead of having to iterate through the filter / weighting functions for each successive instance. Based on this I’m thinking that such a host_selection function would replace the whole of the for loop at the end of the _schedule() method in filter_scheduler.py, and take as input the number of instances. The default function would of course be the current behaviour. Before going any further with this thinking I wanted to get input on: i)Do others recognise these use cases as being useful, and are there other similar use cases to be considered at the same time ? ii) Is it reasonable to make the filter scheduler configurable in this way, rather than creating a separate scheduler ? (My feeling is that because it would only be replacing ~10% of the current filter_scheduler code it would be better to not create a new scheduler) iii) Should the configuration logic for this new function be in the fliter_scheduler itself, or in the host_manager (which is where the filter and weighting functions are configured) ? Cheers, Phil ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] network problem
Based on the below it could be : a) eth1 is not plugged in or b) eth1 is plugged into a switch that is filtering traffic in the 10.10.10.0/24 range or c) br100 is not bridged into eth1 (this would appear in brctl show which you didn't send) Vish On Jan 3, 2013, at 9:23 AM, Umar Draz unix...@gmail.com wrote: Hi Vish Here is . Controller (nova.conf) network_manager=nova.network.manager.FlatDHCPManager force_dhcp_release=True dhcpbridge_flagfile=/etc/nova/nova.conf firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver my_ip=63.55.xx.x2 public_interface=eth0 vlan_interface=eth1 flat_network_bridge=br100 flat_interface=eth1 fixed_range=10.10.10.0/24 auto eth0 iface eth0 inet static address 63.55.xx.x2 netmask 255.255.255.128 gateway 63.55.xx.x1 auto eth1 iface eth1 inet static - Compute (nova.conf) network_manager=nova.network.manager.FlatDHCPManager force_dhcp_release=True dhcpbridge_flagfile=/etc/nova/nova.conf firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver my_ip=63.55.xx.x3 public_interface=eth0 vlan_interface=eth1 flat_network_bridge=br100 flat_interface=eth1 fixed_range=10.10.10.0/24 auto eth0 iface eth0 inet static address 63.55.xx.x3 netmask 255.255.255.128 gateway 63.55.xx.x1 auto eth1 iface eth1 inet static - Here is the command of network nova-manage network create --label=myNetwork --fixed_range_v4=10.10.10.0/24 --bridge=br100 --num_networks=1 --multi_host=T Best Regards, Umar On Thu, Jan 3, 2013 at 10:13 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: Need a little more info: a) what does your nova.config look like? Specifically what is the setting for flat_interface? b) what command did you use to create your network? c) what is the output of brctl show? d) what is the output of ip addr show? Vish On Jan 2, 2013, at 11:11 PM, Umar Draz unix...@gmail.com wrote: Hi here is my setup 1) controller - 63.73.22.22 2) compute-1 - 63.73.22.23 3) compute-2 - 63.73.22.24 The Local network is 10.10.10.0/24 for virtual machines. I have created 2 virtual machines. Controller automatically creates 1 Virtual machine on compute-1 and 2nd on compute-2. 1) Compute-1's Virtual Machine local ip is 10.10.10.3 2) Compute-2's Virtual Machine local ip is 10.10.10.4 Now the problem is I can not ping 10.10.10.3 from Compute-2's virtual machine. and Same thing on Compute-1's virtual machine. Even I can not ping or access both virtual machines from controller node. Compute-1 can only access its own virtual machine and Compute-2 can only access its own virtual machines. Would you please help me what should I do? Best Regards, Umar ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- Umar Draz Network Architect ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] network problem
You won't be able to ping the nodes from the controller since it has no ip address on the guest network. It looks like eth1 is bridged in properly on the compute node you showed, although I don't see it showing up in the interface list. It looks like maybe eth1 is not up? Try: ifconfig eth1 up you should be able to ping from 10.10.10.3 - 10.10.10.4 if your eth1s are up and plugged in and your switch isn't filtering traffic. Vish On Jan 3, 2013, at 10:25 AM, Umar Draz unix...@gmail.com wrote: Hi Vish Here is the ifconfig output of compute node br100 Link encap:Ethernet HWaddr 00:50:56:b2:01:5f inet addr:10.10.10.3 Bcast:10.10.10.255 Mask:255.255.255.0 inet6 addr: fe80::c895:59ff:fe29:f708/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:16 errors:0 dropped:0 overruns:0 frame:0 TX packets:66 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1646 (1.6 KB) TX bytes:4194 (4.1 KB) vnet0 Link encap:Ethernet HWaddr fe:16:3e:00:91:2c inet6 addr: fe80::fc16:3eff:fe00:912c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:16 errors:0 dropped:0 overruns:0 frame:0 TX packets:81 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:1870 (1.8 KB) TX bytes:5820 (5.8 KB) And here is the output of brctl show bridge name bridge id STP enabled interfaces br100 8000.005056b2015f noeth1 vnet0 the virtual machine ip address is = 10.10.10.5 1) I can ping this ip from compute node but from controller node I can't ping this. 2) But on controller node there is not any br100, brctl show nothing here is the ouput of ifconfig of controller node eth0 Link encap:Ethernet HWaddr 00:50:56:b2:01:58 inet addr:63.55.xx.38 Bcast:64.22.82.127 Mask:255.255.255.128 inet6 addr: fe80::250:56ff:feb2:158/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3136 errors:0 dropped:0 overruns:0 frame:0 TX packets:2636 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:941305 (941.3 KB) TX bytes:1173739 (1.1 MB) eth1 Link encap:Ethernet HWaddr 00:50:56:b2:01:5e BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Best Regards, Umar On Thu, Jan 3, 2013 at 10:57 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: Based on the below it could be : a) eth1 is not plugged in or b) eth1 is plugged into a switch that is filtering traffic in the 10.10.10.0/24 range or c) br100 is not bridged into eth1 (this would appear in brctl show which you didn't send) Vish On Jan 3, 2013, at 9:23 AM, Umar Draz unix...@gmail.com wrote: Hi Vish Here is . Controller (nova.conf) network_manager=nova.network.manager.FlatDHCPManager force_dhcp_release=True dhcpbridge_flagfile=/etc/nova/nova.conf firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver my_ip=63.55.xx.x2 public_interface=eth0 vlan_interface=eth1 flat_network_bridge=br100 flat_interface=eth1 fixed_range=10.10.10.0/24 auto eth0 iface eth0 inet static address 63.55.xx.x2 netmask 255.255.255.128 gateway 63.55.xx.x1 auto eth1 iface eth1 inet static - Compute (nova.conf) network_manager=nova.network.manager.FlatDHCPManager force_dhcp_release=True dhcpbridge_flagfile=/etc/nova/nova.conf firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver my_ip=63.55.xx.x3 public_interface=eth0 vlan_interface=eth1 flat_network_bridge=br100 flat_interface=eth1 fixed_range=10.10.10.0/24 auto eth0 iface eth0 inet static address 63.55.xx.x3 netmask 255.255.255.128 gateway 63.55.xx.x1 auto eth1 iface eth1 inet static - Here is the command of network nova-manage network create --label=myNetwork --fixed_range_v4=10.10.10.0/24 --bridge=br100 --num_networks=1 --multi_host=T Best Regards, Umar On Thu, Jan 3, 2013 at 10:13 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: Need a little more info: a) what does your nova.config look like? Specifically what is the setting for flat_interface? b) what command did you use to create your network? c) what is the output
Re: [Openstack] network problem
) 10.10.10.4 on compute2 I can not ping 10.10.10.4 from compute1 node, and same I can not ping 10.10.10.2 from compute 2 node. But I can ping 10.10.10.3 and 10.10.10.5 from each compute nodes. Above is the output of ifconfig of both nodes. Best Regards, Umar On Thu, Jan 3, 2013 at 11:57 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: You won't be able to ping the nodes from the controller since it has no ip address on the guest network. It looks like eth1 is bridged in properly on the compute node you showed, although I don't see it showing up in the interface list. It looks like maybe eth1 is not up? Try: ifconfig eth1 up you should be able to ping from 10.10.10.3 - 10.10.10.4 if your eth1s are up and plugged in and your switch isn't filtering traffic. Vish On Jan 3, 2013, at 10:25 AM, Umar Draz unix...@gmail.com wrote: Hi Vish Here is the ifconfig output of compute node br100 Link encap:Ethernet HWaddr 00:50:56:b2:01:5f inet addr:10.10.10.3 Bcast:10.10.10.255 Mask:255.255.255.0 inet6 addr: fe80::c895:59ff:fe29:f708/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:16 errors:0 dropped:0 overruns:0 frame:0 TX packets:66 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1646 (1.6 KB) TX bytes:4194 (4.1 KB) vnet0 Link encap:Ethernet HWaddr fe:16:3e:00:91:2c inet6 addr: fe80::fc16:3eff:fe00:912c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:16 errors:0 dropped:0 overruns:0 frame:0 TX packets:81 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:1870 (1.8 KB) TX bytes:5820 (5.8 KB) And here is the output of brctl show bridge name bridge id STP enabled interfaces br100 8000.005056b2015f noeth1 vnet0 the virtual machine ip address is = 10.10.10.5 1) I can ping this ip from compute node but from controller node I can't ping this. 2) But on controller node there is not any br100, brctl show nothing here is the ouput of ifconfig of controller node eth0 Link encap:Ethernet HWaddr 00:50:56:b2:01:58 inet addr:63.55.xx.38 Bcast:64.22.82.127 Mask:255.255.255.128 inet6 addr: fe80::250:56ff:feb2:158/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3136 errors:0 dropped:0 overruns:0 frame:0 TX packets:2636 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:941305 (941.3 KB) TX bytes:1173739 (1.1 MB) eth1 Link encap:Ethernet HWaddr 00:50:56:b2:01:5e BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Best Regards, Umar On Thu, Jan 3, 2013 at 10:57 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: Based on the below it could be : a) eth1 is not plugged in or b) eth1 is plugged into a switch that is filtering traffic in the 10.10.10.0/24 range or c) br100 is not bridged into eth1 (this would appear in brctl show which you didn't send) Vish On Jan 3, 2013, at 9:23 AM, Umar Draz unix...@gmail.com wrote: Hi Vish Here is . Controller (nova.conf) network_manager=nova.network.manager.FlatDHCPManager force_dhcp_release=True dhcpbridge_flagfile=/etc/nova/nova.conf firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver my_ip=63.55.xx.x2 public_interface=eth0 vlan_interface=eth1 flat_network_bridge=br100 flat_interface=eth1 fixed_range=10.10.10.0/24 auto eth0 iface eth0 inet static address 63.55.xx.x2 netmask 255.255.255.128 gateway 63.55.xx.x1 auto eth1 iface eth1 inet static - Compute (nova.conf) network_manager=nova.network.manager.FlatDHCPManager force_dhcp_release=True dhcpbridge_flagfile=/etc/nova/nova.conf firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver my_ip=63.55.xx.x3 public_interface=eth0 vlan_interface=eth1 flat_network_bridge=br100 flat_interface=eth1 fixed_range=10.10.10.0/24 auto eth0 iface eth0 inet static address 63.55.xx.x3 netmask 255.255.255.128 gateway 63.55.xx.x1 auto eth1 iface eth1 inet static - Here is the command of network nova-manage network create --label=myNetwork --fixed_range_v4=10.10.10.0
Re: [Openstack] Nova - Switch Network mode
This will be extremely difficult. I wouldn't recommend it. It would probably be easier to make a manual cloudpipe instance instead of having nova manage it. You will just have to do some tweaking of the nwfilter rules of the vm. An even easier solution would be to just make a bastion vm that the collaborators can ssh through. Vish On Jan 3, 2013, at 12:05 PM, bruno sendas bsen...@gmail.com wrote: Hi, We have OpenStack Folsom deployed in one computer where there are several VM's running and we want to instantiate cloudpipe to provide access to external collaborators. The problem is that the network was deployed using Flat DHCP mode and now we have to change it to VLAN mode, is it possible to change the networking mode without having to shutdown the VM's ? Can anybody give the main steps or tips to change the networking mode in the least disrupting way? Kind regards, Bruno Sendas ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [nova] python-novaclient 2.10.0 released
Lorin, that one might have been missed. Vish On Dec 31, 2012, at 1:52 PM, Lorin Hochstein lo...@nimbisservices.com wrote: Vish: On Thu, Nov 29, 2012 at 2:47 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: Hello Everyone, I just pushed out a new version of python-novaclient[1]. Mostly cleanups although a few new features were added for people using the trunk release of nova. New commands for grizzly/trunk nova cloudpipe-update Are you sure the cloudpipe-update command made it to the 2.10.0 version? I just checked after logging a doc bug to get this stuff into the manuals, and while the other commands are in all there, that one doesn't seem to be. $ pip freeze | grep novaclient python-novaclient==2.10.0 $ nova help cloudpipe-update ERROR: 'cloudpipe-update' is not a valid subcommand Lorin Hochstein Lead Architect - Cloud Services Nimbis Services, Inc. www.nimbisservices.com ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Why don't nova provide the command of listing fixed ip like nova-manage fixed list?
We didn't implement list as the operation is very expensive. You can get the cidr for a network using nova network-list and check each one clientside via nova fixed-ip-get Vish On Dec 26, 2012, at 4:47 PM, zhoudshu zhoudshu zhoud...@gmail.com wrote: I can't find the same one in nova api or novaclient as the command:nova-manage fixed list 2012/12/26 heut2008 heut2...@gmail.com which feather you want that cann't be found ? actualy,most of the nova-manage function has been implemented to both nova api and python-novaclient. 2012/12/26 zhoudshu zhoudshu zhoud...@gmail.com From this Blueprints: https://blueprints.launchpad.net/nova/+spec/apis-for-nova-manage , this feature had already been finished and merged to git master branch. However, I installed the newest version and didn't find the similar command. Can anybody know the reason. thanks ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- Yaguang Tang ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] How to do when the compute-node is failed.
On Dec 27, 2012, at 9:09 AM, heut2008 heut2...@gmail.com wrote: note that the flag --start_guests_on_host_boot=true has been removed in the latest trunk code.so instances which are running willn't be restarted even the nova-compute is restarted . Correct. The proper way to get instances to come back is resume_guests_state_on_host_boot Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] How to create vm instance to specific compute node?
On Dec 22, 2012, at 7:50 AM, yuezhouli lyz_...@163.com wrote: On 2012年12月22日 09:59, 이창만 wrote: Hello. Could anyone tell me how to create vm instance to specific compute node? I've tried blow command, but I couldn't place vm instance to wanted compute node. $ nova boot --image precise --flavor m1.cdh --key-name ubuntu --availability-zone nova-compute:compute2 mytest_vm (There are two compute node which are compute1 and compute2) Regards. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp HI pls. make sure your nova-compute is the zone name . $ nova boot --image precise --flavor m1.cdh --key-name ubuntu --availability-zone zone-name:host-name mytest_vm The default zone-name is 'nova'. Also this will only work if you have admin credentials. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [OpenStack] Support attach CD-ROM to instance
On Dec 20, 2012, at 9:18 PM, Jian Hua Geng gen...@cn.ibm.com wrote: According to the comments in https://review.openstack.org/#/c/18469/, I summary the following work items need to be done, pls give me your suggestion: 1. I prefer to provide a new attribute when run new instance, for example: --cdrom image id This is fine for user experience, but it should still use the block device mapping under the covers. 2. This image is from glance and accept any format not only iso. It makes sense that we shouldn't require the user's to set the glance metadata 'iso' on their image to use the above command, so accepting any image is fine, but we probably should limit the size of the image and verify that it will actually attach properly as a cdrom. Vish___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Vlanned networking setup
There is no need for nova to create the vlans, you could use flatdhcp and manually create the vlans and specify the vlans when you create your networks: nova-manage network-create --bridge br0101 --bridge_interface eth0.101 nova-manage network-create --bridge br1101 --bridge_interface eth1.101 Note that exposing two networks to the guest can be tricky, so most people just use the the first bridge and do the public addresses with floating ips: nova-manage floating-create --ip_range ip_range --interface eth1.101 (no bridge is needed in this case) Vish On Dec 20, 2012, at 6:56 AM, Andrew Holway a.hol...@syseleven.de wrote: Hi, I am thinking about the following network setup: +-+ | vlan101(eth0) | +-+ +-+ | br0101 | +-+ || | +--+ +---+ +--+ | | | | | | | vm | | vm | | vm | | | | | | | +--+ +---+ +--+ || | +-+ | br1101 | +-+ +-+ | vlan101(eth1) | +-+ Basically public IP addresses will go over eth1 and private stuff over eth0. This would mean that openstack would have to create two vlans and two bridges. Is this possible? please create this vlanned network on eth0 (10.141) and create this other one(10.142) on eth1 Thanks, Andrew ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Vlanned networking setup
On Dec 20, 2012, at 2:24 PM, Andrew Holway a.hol...@syseleven.de wrote: Hi Vish, Manually creating vlans would be quite tiresome if you are using a vlan per project and I'm not sure flatdhcp is good for serious use in multi tenanted production environments. (thoughts?) Personally I think vlan isolation just makes people feel better. But you can always go the quantum route if you want to make sure your networks are isolated. I tested the vlan manager functionality and this is *really* great for when you want to keep a customer on its own logical network with its own subnet but if you want to have a instance on more than one network your seem kinda screwed. This starts to be a problem when you think about DMZ's and proxys and stuff. Why not just use vlan mode and normal floating ips for public addressses? Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Instances can't reach metadata server in network HA mode
There should be a redirect in iptables from 169.254.169.254:80 to $my_ip:8775 (where nova-api-metadata is running) So: a) can you curl $my_ip:8775 (should 404) b) if you do sudo iptables -t nat -L -n v do you see the forward rule? Is it getting hit properly? Vish On Dec 19, 2012, at 6:39 AM, Gui Maluf guimal...@gmail.com wrote: My set up is a nova-network-ha, so each of my nodes run a nova-{api-metadata,network,compute,volume}, my controller runs all of this plus the rest of things it should run. Each of my nodes are the gateway for it's own instances. They all have the same net config, ip_forwarding. The main issue is that I can't telnet the nodes on port 80 that should redirect to metadatas server. metadata IP is set correctly to eth0, but 80 port is not open. My doubt is, should I create a endpoint for each node api-metadata service? should I install apache on nodes? I really don't know what to do anymore. This only happen on nodes, on cloudcontroller all instance run smoothly. they get the floatip, metadata service, etc. Thanks in advance! I will put the max of info I can here. root@oxala:~# nova-manage service list Binary Host Zone Status State Updated_At nova-compute xangonova enabled:-) 2012-12-18 20:34:21 nova-network xangonova enabled:-) 2012-12-18 20:34:20 nova-compute oxossi nova enabled:-) 2012-12-18 20:34:15 nova-network oxossi nova enabled:-) 2012-12-18 20:34:20 nova-volume oxossi nova enabled:-) 2012-12-18 20:34:18 nova-volume xangonova enabled:-) 2012-12-18 20:34:19 nova-consoleauth oxalanova enabled:-) 2012-12-18 20:34:24 nova-scheduler oxalanova enabled:-) 2012-12-18 20:34:25 nova-certoxalanova enabled:-) 2012-12-18 20:34:25 nova-volume oxalanova enabled:-) 2012-12-18 20:34:25 nova-network oxalanova enabled:-) 2012-12-18 20:34:17 nova-compute oxalanova enabled:-) 2012-12-18 20:34:10 controller nova.conf #NETWORK --allow_same_net_traffic=true --network_manager=nova.network.manager.FlatDHCPManager --firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver --public_interface=eth0 --flat_interface=eth1 --flat_network_bridge=br100 --fixed_range=10.5.5.32/27 --network_size=32 --flat_network_dhcp_start=10.5.5.33 --my_ip=200.131.6.250 --multi_host=True #--enabled_apis=ec2,osapi_compute,osapi_volume,metadata --dhcpbridge_flagfile=/etc/nova/nova.conf --dhcpbridge=/usr/bin/nova-dhcpbridge --force_dhcp_release --ec2_private_dns_show --routing_source_ip=$my_ip nodes nova.conf {same network configs} --my_ip=200.131.6.248 --multi_host=True --enabled_apis=ec2,osapi_compute,osapi_volume,metadata --routing_source_ip=$my_ip controller iptables -L -vn iptables -L -vn -t nat http://paste.openstack.org/show/mkWZTYI6cKHR4qUWbOUz/ node iptables -L -vn iptables -L -vn -t nat http://paste.openstack.org/show/28384/ controller ip a http://paste.openstack.org/show/W2vrVtost2EP2u62iZwp/ root@oxala:~# route Tabela de Roteamento IP do Kernel Destino RoteadorMáscaraGen.Opções Métrica Ref Uso Iface default 200.131.6.129 0.0.0.0 UG10000 eth0 10.5.5.32 * 255.255.255.224 U 0 00 br100 200.131.6.128 * 255.255.255.128 U 0 00 eth0 node ip a http://paste.openstack.org/show/S44TL3sznIztNCO3s8p2/ root@oxossi:~# route Tabela de Roteamento IP do Kernel Destino RoteadorMáscaraGen.Opções Métrica Ref Uso Iface default 200.131.6.129 0.0.0.0 UG10000 eth0 10.5.5.32 * 255.255.255.224 U 0 00 br100 200.131.6.128 * 255.255.255.128 U 0 00 eth0 And finnaly the error throw out by the vm when running on Nodes. ci-info: lo: 1 127.0.0.1 255.0.0.0 . ci-info: eth0 : 1 10.5.5.53 255.255.255.224 fa:16:3e:69:cb:d2 ci-info: route-0: 0.0.0.0 10.5.5.35 0.0.0.0 eth0 UG
Re: [Openstack] Instances can't reach metadata server in network HA mode
Are you sure your network has multi_host = True? It seems like it isn't, since the gateway listed by the guest is 10.5.5.32 In multi_host mode each node should be getting an ip from the fixed range and the guest should be using that as the gateway. Vish On Wed, Dec 19, 2012 at 1:13 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: There should be a redirect in iptables from 169.254.169.254:80 to $my_ip:8775 (where nova-api-metadata is running) So: a) can you curl $my_ip:8775 (should 404) CloudController and Nodes awnser in the same way: 1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01 2009-04-04 b) if you do sudo iptables -t nat -L -n v do you see the forward rule? Is it getting hit properly? there is the correct rule, but they never got hit controller 0 0 DNAT tcp -- * * 0.0.0.0/0 169.254.169.254 tcp dpt:80 to:200.131.6.250:8775 nodes 0 0 DNAT tcp -- * * 0.0.0.0/0 169.254.169.254 tcp dpt:80 to:200.131.6.248:8775 0 0 DNAT tcp -- * * 0.0.0.0/0 169.254.169.254 tcp dpt:80 to:200.131.6.249:8775 Thanks for appearing Vish! I was wishing your help! Vish On Dec 19, 2012, at 6:39 AM, Gui Maluf guimal...@gmail.com wrote: My set up is a nova-network-ha, so each of my nodes run a nova-{api-metadata,network,compute,volume}, my controller runs all of this plus the rest of things it should run. Each of my nodes are the gateway for it's own instances. They all have the same net config, ip_forwarding. The main issue is that I can't telnet the nodes on port 80 that should redirect to metadatas server. metadata IP is set correctly to eth0, but 80 port is not open. My doubt is, should I create a endpoint for each node api-metadata service? should I install apache on nodes? I really don't know what to do anymore. This only happen on nodes, on cloudcontroller all instance run smoothly. they get the floatip, metadata service, etc. Thanks in advance! I will put the max of info I can here. root@oxala:~# nova-manage service list Binary Host Zone Status State Updated_At nova-compute xangonova enabled:-) 2012-12-18 20:34:21 nova-network xangonova enabled:-) 2012-12-18 20:34:20 nova-compute oxossi nova enabled:-) 2012-12-18 20:34:15 nova-network oxossi nova enabled:-) 2012-12-18 20:34:20 nova-volume oxossi nova enabled:-) 2012-12-18 20:34:18 nova-volume xangonova enabled:-) 2012-12-18 20:34:19 nova-consoleauth oxalanova enabled:-) 2012-12-18 20:34:24 nova-scheduler oxalanova enabled:-) 2012-12-18 20:34:25 nova-certoxalanova enabled:-) 2012-12-18 20:34:25 nova-volume oxalanova enabled:-) 2012-12-18 20:34:25 nova-network oxalanova enabled:-) 2012-12-18 20:34:17 nova-compute oxalanova enabled:-) 2012-12-18 20:34:10 controller nova.conf #NETWORK --allow_same_net_traffic=true --network_manager=nova.network.manager.FlatDHCPManager --firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver --public_interface=eth0 --flat_interface=eth1 --flat_network_bridge=br100 --fixed_range=10.5.5.32/27 --network_size=32 --flat_network_dhcp_start=10.5.5.33 --my_ip=200.131.6.250 --multi_host=True #--enabled_apis=ec2,osapi_compute,osapi_volume,metadata --dhcpbridge_flagfile=/etc/nova/nova.conf --dhcpbridge=/usr/bin/nova-dhcpbridge --force_dhcp_release --ec2_private_dns_show --routing_source_ip=$my_ip nodes nova.conf {same network configs} --my_ip=200.131.6.248 --multi_host=True --enabled_apis=ec2,osapi_compute,osapi_volume,metadata --routing_source_ip=$my_ip controller iptables -L -vn iptables -L -vn -t nat http://paste.openstack.org/show/mkWZTYI6cKHR4qUWbOUz/ node iptables -L -vn iptables -L -vn -t nat http://paste.openstack.org/show/28384/ controller ip a http://paste.openstack.org/show/W2vrVtost2EP2u62iZwp/ root@oxala:~# route Tabela de Roteamento IP do Kernel
Re: [Openstack] [OpenStack] Remove unsed network on host with nova-network
I probably won't have time to look at this for a while, but I don't have any magic insights. I would just start adding in a bunch of logging of the values before they are shipped off to iptables to figure out if there are duplicate entries and such. Vish On Dec 13, 2012, at 1:52 AM, Édouard Thuleau thul...@gmail.com wrote: Hi Vish, The code was merge to the master (https://github.com/openstack/nova/commit/d5b91dd39bd89eed98742cd02ea604a842a45447) yesterday. But the bug with rule removal wasn't fix. I'll open a bug. But I try to investigate it and I don't find the problem. Could you help me ? Regards, Édouard. On Fri, Dec 7, 2012 at 6:45 PM, Édouard Thuleau thul...@gmail.com wrote: The code doesn't make lot of change to the nova network manager code. It modifies principally the linux_net driver code. And I don't think we can consider it like a new feature. I think it's more a bug fix. In VLAN manger mode, if we plan to carry 4000 tenants in our cloud, we need to use 4000 networks and, consequently, 4000 VLANs on all the datacenter network. But the actual switch equipment cannot carry a trunk of 4000 VLAN to all compute host (for example, Cisco Nexus 5500 can not enabled more than 32000 logical interfaces[1] (= TRUNKS x VLANS + ACCESS_PORTS [2])). If nova network tear down unused networks, it would be possible to plug a mechanism on it to delete unused VLAN on the switch port. And we can provisioning dynamically VLANs on switch ports and don't exceed the logical interface limitation of networks equipments. [1]http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/configuration_limits/limits_513/nexus_5000_config_limits_513.html#wp344401 [2] http://jpmcauley.com/2011/06/23/vlan-port-instance-limitation-on-cisco-ucs/ On Mon, Dec 3, 2012 at 11:50 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: FYI, this patch is probably something bigger than we can merge. Nova-network is supposed to just be in maintenance mode and not getting big new features. Small features are ok, but this one changes a lot of lines. Not sure what is up with your rule removal. Perhaps there are multiple copies of the added rules so they aren't being deleted properly? In fact, that may be a bug. It looks like plug is called for each vm so we might end up with multiple copies of the isolation rules. Vish On Dec 3, 2012, at 6:34 AM, Édouard Thuleau thul...@gmail.com wrote: Hi Vish, I made a patch to implement that with the VLAN manager: https://review.openstack.org/#/c/17352/ I put a lock on methods '_setup_network_on_host' and '_teardown_network_on_host' of class 'VlanManager' and I reused (and renamed) the locks already defined in class 'LinuxBridgeInterfaceDriver' when a bridge or VLAN is created ('ensure_vlan' = 'lock_vlan' and 'unsure_bridge' = 'lock_bridge'). Do you think is enough to prevent any race condition ? I've got a bug. I create method '_remove_dnsmasq_accept_rules' to remove filter rules for DHCP server but when I call it, nothing is deleted. Could you help me to resolve that ? And I've got the same problem sometimes with method 'remove_isolate_dhcp_address'. The ebtables rules are correctly deleted but not for iptables rules. I didn't delete a network bridge if it handles VPN forward rules of the private network even if no VM use this gateway on the host. But if a network is deleted, nothing will tear down this gateway. I think I found another bug. If network host must handle the VPN forward rules for a private network and if we restart it, it should instantiate a gateway on this private network and add VPN forward rules even if no VM use this gateway on the host. But actually it doesn't do that. Perhaps, the method 'db.network_get_all_by_host' use in 'init-host' must return the network in this case ? I only implement this for the multi hosted networks with the VLAN manger. I think isn't useful to add this on the multi hosted network with the Flat DHCP manager because, in this mode, only one multi hosted network is created for all instances of all tenants. Regards, Édouard. On Wed, Nov 21, 2012 at 12:49 AM, Vishvananda Ishaya vishvana...@gmail.com wrote: The only reason this is not done is that it makes the setup simpler. We don't have to worry about potential races between setting up and tearing down interfaces. It probably wouldn't be incredibly difficult to make a patch that would remove them, but you will likely have to do some creative locking to make sure that you don't run into issues. Vish On Nov 20, 2012, at 9:25 AM, Édouard Thuleau thul...@gmail.com wrote: Hi all, I use nova-network with VLAN manager. Why nova-network doesn't remove unused network interfaces on a host ? ie, if none VM on a host have a fixed IP attach to network X, the VLAN and bridge of this network still up and unused. And 'dnsmasq' process still listen and running. The number of unused
Re: [Openstack] instance is stopped automatically
3141 elif vm_state == vm_states.ACTIVE: 3142 # The only rational power state should be RUNNING 3143 if vm_power_state in (power_state.NOSTATE, 3144power_state.SHUTDOWN, 3145power_state.CRASHED): 3146 LOG.warn(_(Instance shutdown by itself. Calling 3147the stop API.), instance=db_instance) 3148 try: 3149 # Note(maoy): here we call the API instead of 3150 # brutally updating the vm_state in the database 3151 # to allow all the hooks and checks to be performed. 3152 self.compute_api.stop(context, db_instance) Your hypervisor is reporting NOSTATE SHUTDOWN or CRASHED. You should look at the hypervisor to find out what might be causing the guest to shutdown or crash. Vish On Dec 13, 2012, at 4:49 AM, 韦远科 weiyuanke...@gmail.com wrote: hi all, I installed openstack(Folsom) on ubuntu 12.04. Everythiong seems to be ok. instance can be started, but after sometime the instance will automatically stopped. in the log: DEBUG:nova.openstack.common.rpc.amqp:received {u'_context_roles': [u'admin'], u'_context_request_id': u'req-035e4954-94fd-4050-bccf-4b87de89366a', ... ... u'_context_timestamp': u'2012-12-13T12:37:29.488625', u'_context_read_deleted': u'no', u'_context_user_id': None, u'method': u'stop_instance', u'_context_remote_address': None} what might be the problem? 3ks wei ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Nova Compute Showing XXX on Compute Node
I don't see why you would need to put in the --network_host flag, especially since you seem to be running two nova-networks. It appears that nova-compute is not checking in to the database which means it isn't running or it is hung somehow. Check nova-compute.log on host1. Vish On Dec 13, 2012, at 8:43 AM, Daniel Parker dcparke...@gmail.com wrote: Hey guys, I have two servers, one controller and one compute node. Everything is working on the compute node itself except for nova-compute. I have verified ntp is installed on both servers. Nova.conf is the same on both servers, except I added --network_host= on the compute node. Here is the output of nova-manage service list: Binary Host Zone Status State Updated_At nova-consoleauth host3 nova enabled:-) 2012-12-13 16:34:23 nova-certhost3 nova enabled:-) 2012-12-13 16:34:23 nova-scheduler host3 nova enabled:-) 2012-12-13 16:34:23 nova-compute host3 nova enabled:-) 2012-12-13 16:34:26 nova-volume host3 nova enabled:-) 2012-12-13 16:34:23 nova-network host3 nova enabled:-) 2012-12-13 16:34:24 nova-certhost1 nova enabled:-) 2012-12-13 16:34:31 nova-scheduler host1 nova enabled:-) 2012-12-13 16:34:31 nova-consoleauth host1 nova enabled:-) 2012-12-13 16:34:31 nova-compute host1 nova enabledXXX 2012-12-12 19:53:18 nova-volume host1 nova enabled:-) 2012-12-13 16:34:31 nova-network host1 nova enabled:-) 2012-12-13 16:34:31 I have a suspicion that it got corrupted in the service table somehow - it was working originally and I was able to spawn an instance on it. However, that instance is now 'terminated' but still appears in my dashboard. Any ideas? I can post the logs if needed. Let me know if you need anything else and thanks for any help you can provide. -Danny ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [ERROR] refresh_instance_security_rules
Was there more to the error? The underlying exception isn't listed. Vish On Dec 14, 2012, at 7:24 AM, Sébastien Han han.sebast...@gmail.com wrote: Hi Stackers, I run Folsom on Ubuntu 12.04. Every time I run a new instance I get this ERROR in the compute logs. Dec 12 23:46:29 c2-compute-02 2012-12-12 23:46:29 ERROR nova.openstack.common.rpc.amqp [-] Exception during message handling#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp Traceback (most recent call last):#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp File /usr/lib/python2.7/dist-packages/nova/openstack/common/rpc/amqp.py, line 275, in _process_data#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp rval = self.proxy.dispatch(ctxt, version, method, **args)#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp File /usr/lib/python2.7/dist-packages/nova/openstack/common/rpc/dispatcher.py, line 145, in dispatch#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp return getattr(proxyobj, method)(ctxt, **kwargs)#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp File /usr/lib/python2.7/dist-packages/nova/exception.py, line 117, in wrapped#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp temp_level, payload)#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp File /usr/lib/python2.7/contextlib.py, line 24, in __exit__#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp self.gen.next()#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp File /usr/lib/python2.7/dist-packages/nova/exception.py, line 92, in wrapped#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp return f(*args, **kw)#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp File /usr/lib/python2.7/dist-packages/nova/compute/manager.py, line 380, in refresh_instance_security_rules#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp return self.driver.refresh_instance_security_rules(instance)#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp File /usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py, line 2189, in refresh_instance_security_rules#0122012-12-12 23:46:29 TRACE nova.openstack.common.rpc.amqp self.firewall_driver.refresh_instance_security_rules(instance)# This error seems harmless, as far as I can tell everything works perfectly. Even so I'd like to have some input about it (ideally a fix because it pollutes my logs). Thank you in advance. -- Regards, Sébastien Han. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] instance launched in a wrong compute node
It failed all nodes: Previously tried hosts: [u'node1', u'node2']. the ComputeFilter checks for whether the host is up. The RamFilter just ran first and failed it. Your instance is going to Error because node1 and node2 are failing. Vish On Dec 11, 2012, at 1:34 AM, Liu Wenmao marvel...@gmail.com wrote: hi all: I have 3 compute nodes,but one(node 3) is down: root@controller:~/vms# nova-manage service list 2012-12-11 15:10:50 DEBUG nova.utils [req-a103d7d9-265c-4ef4-a11d-1dba1ccbc9e2 None None] backend module 'nova.db.sqlalchemy.api' from '/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.pyc' from (pid=14904) __get_backend /usr/lib/python2.7/dist-packages/nova/utils.py:494 Binary Host Zone Status State Updated_At nova-scheduler controller nova enabled:-) 2012-12-11 07:10:48 nova-network controller nova enabledXXX 2012-11-22 02:05:14 nova-compute controller nova enabledXXX 2012-11-21 03:44:34 nova-certcontroller nova enabled:-) 2012-12-11 07:10:46 nova-consoleauth controller nova enabled:-) 2012-12-11 07:10:41 nova-volume controller nova enabled:-) 2012-12-11 07:10:48 nova-compute node1nova enabled:-) 2012-12-11 07:10:42 nova-network node1nova enabledXXX 2012-11-22 02:05:31 nova-compute node2nova enabled:-) 2012-12-11 07:10:41 nova-network node2nova enabledXXX 2012-11-22 02:05:31 nova-compute node3nova enabledXXX 2012-12-07 09:03:06 When I am going to launch a instance, it often turns out that the task is launched on the unavailable node so the task fails: 2012-12-11 15:20:10 DEBUG nova.scheduler.filters.retry_filter [req-5b648097-33c8-426d-aea8-74be196f8f25 5eb9644d73544e04b347666d1156a002 e6621dd241764ddbaf9cd556882c5aa7] Previously tried hosts: [u'node1', u'node2']. (host=node3) from (pid=24208) host_passes /usr/lib/python2.7/dist-packages/nova/scheduler/filters/retry_filter.py:39 2012-12-11 15:20:10 DEBUG nova.scheduler.filters.ram_filter [req-5b648097-33c8-426d-aea8-74be196f8f25 5eb9644d73544e04b347666d1156a002 e6621dd241764ddbaf9cd556882c5aa7] host 'node3': free_ram_mb:476 free_disk_mb:22528 does not have 4096 MB usable ram, it only has 970.0 MB usable ram. from (pid=24208) host_passes /usr/lib/python2.7/dist-packages/nova/scheduler/filters/ram_filter.py:48 2012-12-11 15:20:10 DEBUG nova.scheduler.host_manager [req-5b648097-33c8-426d-aea8-74be196f8f25 5eb9644d73544e04b347666d1156a002 e6621dd241764ddbaf9cd556882c5aa7] Host filter function bound method RamFilter.host_passes of nova.scheduler.filters.ram_filter.RamFilter object at 0x43be250 failed for node3 from (pid=24208) passes_filters /usr/lib/python2.7/dist-packages/nova/scheduler/host_manager.py:166 2012-12-11 15:20:10 WARNING nova.scheduler.driver [req-5b648097-33c8-426d-aea8-74be196f8f25 5eb9644d73544e04b347666d1156a002 e6621dd241764ddbaf9cd556882c5aa7] [instance: 557ade83-151c-425c-bf38-2770e25d0450] Setting instance to ERROR state. I do not know why, any suggestion? p.s. I use ubuntu 12.10 with Openstack 2012.2 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] CRITICAL nova [-] [Errno 98] Address already in use
Odd. This looks remarkably like it is trying to start osapi_volume even though you don't have it specified in enabled apis. Your enabled_apis setting looks correct to me. Vish On Dec 10, 2012, at 9:24 AM, Andrew Holway a.hol...@syseleven.de wrote: Hi, I cannot start the nova-api service. [root@blade02 07-openstack-controller]# nova list ERROR: ConnectionRefused: '[Errno 111] Connection refused' I followed this guide very carefully: https://github.com/beloglazov/openstack-centos-kvm-glusterfs/#07-openstack-controller-controller Here is api.log 2012-12-10 17:51:31 DEBUG nova.wsgi [-] Loading app metadata from /etc/nova/api-paste.ini from (pid=2536) load_app /usr/lib/python2.6/site-packages/nova/wsgi.py:371 2012-12-10 17:51:31 CRITICAL nova [-] [Errno 98] Address already in use 2012-12-10 17:51:31 TRACE nova Traceback (most recent call last): 2012-12-10 17:51:31 TRACE nova File /usr/bin/nova-api, line 50, in module 2012-12-10 17:51:31 TRACE nova server = service.WSGIService(api) 2012-12-10 17:51:31 TRACE nova File /usr/lib/python2.6/site-packages/nova/service.py, line 584, in __init__ 2012-12-10 17:51:31 TRACE nova port=self.port) 2012-12-10 17:51:31 TRACE nova File /usr/lib/python2.6/site-packages/nova/wsgi.py, line 72, in __init__ 2012-12-10 17:51:31 TRACE nova self._socket = eventlet.listen((host, port), backlog=backlog) 2012-12-10 17:51:31 TRACE nova File /usr/lib/python2.6/site-packages/eventlet/convenience.py, line 38, in listen 2012-12-10 17:51:31 TRACE nova sock.bind(addr) 2012-12-10 17:51:31 TRACE nova File string, line 1, in bind 2012-12-10 17:51:31 TRACE nova error: [Errno 98] Address already in use 2012-12-10 17:51:31 TRACE nova 2012-12-10 17:51:31 INFO nova.service [-] Parent process has died unexpectedly, exiting 2012-12-10 17:51:31 INFO nova.service [-] Parent process has died unexpectedly, exiting 2012-12-10 17:51:31 INFO nova.wsgi [-] Stopping WSGI server. 2012-12-10 17:51:31 INFO nova.wsgi [-] Stopping WSGI server. [root@blade02 07-openstack-controller]# cat /etc/nova/nova.conf [DEFAULT] logdir = /var/log/nova state_path = /var/lib/nova lock_path = /var/lib/nova/tmp volumes_dir = /etc/nova/volumes dhcpbridge = /usr/bin/nova-dhcpbridge dhcpbridge_flagfile = /etc/nova/nova.conf force_dhcp_release = False injected_network_template = /usr/share/nova/interfaces.template libvirt_nonblocking = True libvirt_inject_partition = -1 network_manager = nova.network.manager.FlatDHCPManager iscsi_helper = tgtadm sql_connection = mysql://nova:x7deix7dei@controller/nova compute_driver = libvirt.LibvirtDriver firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver rpc_backend = nova.openstack.common.rpc.impl_qpid rootwrap_config = /etc/nova/rootwrap.conf verbose = True auth_strategy = keystone qpid_hostname = controller network_host = compute1 fixed_range = 10.0.0.0/24 flat_interface = eth1 flat_network_bridge = br100 public_interface = eth1 glance_host = controller vncserver_listen = 0.0.0.0 vncserver_proxyclient_address = controller novncproxy_base_url = http://37.123.104.3:6080/vnc_auto.html xvpvncproxy_base_url = http://37.123.104.3:6081/console metadata_host = 10.141.6.2 enabled_apis=ec2,osapi_compute,metadata #[keystone_authtoken] admin_tenant_name = %SERVICE_TENANT_NAME% admin_user = %SERVICE_USER% admin_password = %SERVICE_PASSWORD% auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http signing_dirname = /tmp/keystone-signing-nova There is no process using port 8774. [root@blade02 07-openstack-controller]# netstat -tunlp | grep 877 tcp0 0 0.0.0.0:87750.0.0.0:* LISTEN 2157/python Maybe it is something similar to: https://bugzilla.redhat.com/show_bug.cgi?id=877606#c3 Thanks, Andrew ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Why my vm often change into shut off status by itself?
Check if you have any space in the instances dir in the filesystem. I've seen this happen when the drive gets full and libvirt gets an io error trying to write to disk so it shuts off the vms. Vish On Dec 5, 2012, at 6:59 PM, pyw pengyu...@gmail.com wrote: My virtual machine created, often in the absence of intervention into the stopped state: pyw@ven-1:~/devstack$ virsh list --all Id Name State -- - instance-0040shut off - instance-0044shut off - instance-0045shut off - instance-0046shut off - instance-0047shut off - instance-005bshut off - instance-005eshut off - instance-0065shut off - instance-006eshut off - instance-0075shut off - instance-0076shut off - instance-0077shut off - instance-007cshut off - instance-007dshut off - instance-0081shut off - instance-0082shut off - instance-0083shut off - instance-0084shut off - instance-0085shut off query the nova the database, you can see: vm_state: stopped Why is this? ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack] config_drive Image UUID doesn't create disk.config
Awesome.Feel free to file a blueprint for it. I also discussed with some people the other day the idea of allowing some additions to the config drive api to allow you to specify an unattend.xml when booting an instance that would put it in the proper place on the config drive. We could create an extension for this or perhaps just accept it in user-data. Would that be enough for you?VishOn Dec 9, 2012, at 5:47 PM, Jian Hua Geng gen...@cn.ibm.com wrote:Hi Vish, I will work on this block_device_mapping enhancement if there are no other guys working on this. -- Best regard, David Geng -- graycol.gifVishvananda Ishaya ---12/06/2012 02:37:23 AM---Vishvananda Ishaya vishvana...@gmail.com Vishvananda Ishaya vishvana...@gmail.com 12/06/2012 02:37 AM ecblank.gif Toecblank.gif Jian Hua Geng/China/IBM@IBMCN, ecblank.gif ccecblank.gif openstack@lists.launchpad.net ecblank.gif Subjectecblank.gif Re: [Openstack] [openstack] config_drive Image UUID doesn't create disk.config ecblank.gifecblank.gif On Dec 4, 2012, at 3:48 AM, Jian Hua Geng gen...@cn.ibm.com wrote: Vish, Many thanks for u comments, but as you know to support windows sysprep image, we need save the unattend.xml in the CDROM or C:\ device. So, we want to extend the config drive to attach a CDROM device when launch VM. Anyway, I think attach a CDROM when launch new VM is a common requirement, right? Sounds like we need some modifications to allow for an attached cd-rom to be specified in block_device_mapping. Vish inline: pic15985.gif___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] A confuse about the FlatDHCP network
On Dec 5, 2012, at 7:19 PM, Lei Zhang zhang.lei@gmail.com wrote: thank you very much, Vishvananda. But I am still confused about the 192.168.0.0/24 and the 10.0.0.0/8 ip. What means by The addresses will be moved on to the bridge. It means the 192.168.0.0/8 will be disappear? In my opinion, the bridged NIC (eth1) should be worked under promiscuous mode and its IP should be 0.0.0.0. So the eth1 should not own any IP. No moved to the bridge means that the ip will move from eth1 to the bridge eth1 -- no ip address br100 192.168.0.2 10.0.0.2 (for example). Nova moves the eth1 ip automatically when it creates the bridge if eth1 has an ip. Vish But if the 192 address doesn't exist, how the compute-note communicate with each other? Through the eth0? I have no idea. On Thu, Dec 6, 2012 at 3:12 AM, Vishvananda Ishaya vishvana...@gmail.com wrote: On Dec 5, 2012, at 1:53 AM, Lei Zhang zhang.lei@gmail.com wrote: Hi all, I am reading the http://docs.openstack.org/trunk/openstack-compute/admin/content/libvirt-flat-dhcp-networking.html, I got the following deploy architecture. But there are several that I am confused. How and why 192.168.0.0/24 ip range exist? It is necessary or not? The eth1 on the each physical machine own two ip(10.0.0.0/24 and 192.168.0.0/24)? Is that possible? In the nova-compute, the eth1 should be bridged by br100. the eth1 should not own any IP address, right? The addresses will be moved on to the bridge. The point of having an ip address is so that things like rabbit and mysql can communicate over a different set of addresses than the guest network. Usually this would be done on a separate eth device (eth2) or vlan, but I was trying to keep In a better way, should we separate the nova-network/eth0 to the internet public switch for access the internet by all VMs. and the nova-compute/eth0 should be bind to a internal switch for admin access use. Is it right? Ideally there are three eth devices / vlans a) public (for 99 adddresses in diagram) b) management (for 192 addresses in diagram) c) guest (for 10 addresses in diagram) -- Lei Zhang Blog: http://jeffrey4l.github.com twitter/weibo: @jeffrey4l ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- Lei Zhang Blog: http://jeffrey4l.github.com twitter/weibo: @jeffrey4l ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Openstack Folsom and New kind of setup
It gets the endpoint configuration from keystone. Everything has to know where the keystone server is and it can use the service catalog to talk to the other services. Vish On Dec 6, 2012, at 3:20 AM, Trinath Somanchi trinath.soman...@gmail.com wrote: Hi Stackers- I have got a doubt about a new kind of setup with Folsom. Need your help on the doubts i have. Lets plan that we install nova, quantum, glance, keystone, mysql-database and Horizon components of controller in individual machines. How Horizon will be able to get the set the configurations/data? Can any one help me understand this... thanks in advance -- Regards, -- Trinath Somanchi, +91 9866 235 130 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] CRITICAL nova [-] [Errno 98] Address already in use
Nope. Best i can think of is to throw some log statements into nova/service.py right before the exception gets thrown. See which api it is trying to start and what it thinks the value of enabled_apis is. Etc. Vish On Dec 10, 2012, at 10:24 AM, Andrew Holway a.hol...@syseleven.de wrote: Hi, maybe this will shed some light on it..? Thanks, Andrew [root@blade02 init.d]# cat /etc/nova/api-paste.ini # Metadata # [composite:metadata] use = egg:Paste#urlmap /: meta [pipeline:meta] pipeline = ec2faultwrap logrequest metaapp [app:metaapp] paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory ### # EC2 # ### [composite:ec2] use = egg:Paste#urlmap /services/Cloud: ec2cloud [composite:ec2cloud] use = call:nova.api.auth:pipeline_factory noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor [filter:ec2faultwrap] paste.filter_factory = nova.api.ec2:FaultWrapper.factory [filter:logrequest] paste.filter_factory = nova.api.ec2:RequestLogging.factory [filter:ec2lockout] paste.filter_factory = nova.api.ec2:Lockout.factory [filter:ec2keystoneauth] paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory [filter:ec2noauth] paste.filter_factory = nova.api.ec2:NoAuth.factory [filter:cloudrequest] controller = nova.api.ec2.cloud.CloudController paste.filter_factory = nova.api.ec2:Requestify.factory [filter:authorizer] paste.filter_factory = nova.api.ec2:Authorizer.factory [filter:validator] paste.filter_factory = nova.api.ec2:Validator.factory [app:ec2executor] paste.app_factory = nova.api.ec2:Executor.factory # # Openstack # # [composite:osapi_compute] use = call:nova.api.openstack.urlmap:urlmap_factory /: oscomputeversions /v1.1: openstack_compute_api_v2 /v2: openstack_compute_api_v2 [composite:osapi_volume] use = call:nova.api.openstack.urlmap:urlmap_factory /: osvolumeversions /v1: openstack_volume_api_v1 [composite:openstack_compute_api_v2] use = call:nova.api.auth:pipeline_factory noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 [composite:openstack_volume_api_v1] use = call:nova.api.auth:pipeline_factory noauth = faultwrap sizelimit noauth ratelimit osapi_volume_app_v1 keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_volume_app_v1 keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1 [filter:faultwrap] paste.filter_factory = nova.api.openstack:FaultWrapper.factory [filter:noauth] paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory [filter:ratelimit] paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory [filter:sizelimit] paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory [app:osapi_compute_app_v2] paste.app_factory = nova.api.openstack.compute:APIRouter.factory [pipeline:oscomputeversions] pipeline = faultwrap oscomputeversionapp [app:osapi_volume_app_v1] paste.app_factory = nova.api.openstack.volume:APIRouter.factory [app:oscomputeversionapp] paste.app_factory = nova.api.openstack.compute.versions:Versions.factory [pipeline:osvolumeversions] pipeline = faultwrap osvolumeversionapp [app:osvolumeversionapp] paste.app_factory = nova.api.openstack.volume.versions:Versions.factory ## # Shared # ## [filter:keystonecontext] paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory [filter:authtoken] paste.filter_factory = keystone.middleware.auth_token:filter_factory admin_tenant_name = service admin_user = nova admin_password = x7deix7dei auth_uri = http://controller:5000/ On Dec 10, 2012, at 7:10 PM, Vishvananda Ishaya wrote: Odd. This looks remarkably like it is trying to start osapi_volume even though you don't have it specified in enabled apis. Your enabled_apis setting looks correct to me. Vish On Dec 10, 2012, at 9:24 AM, Andrew Holway a.hol...@syseleven.de wrote: Hi, I cannot start the nova-api service. [root@blade02 07-openstack-controller]# nova list ERROR: ConnectionRefused: '[Errno 111] Connection refused' I followed this guide very carefully: https://github.com/beloglazov/openstack-centos-kvm-glusterfs/#07-openstack-controller-controller Here is api.log 2012-12-10 17:51:31 DEBUG nova.wsgi [-] Loading app metadata from /etc/nova/api-paste.ini from (pid=2536) load_app /usr/lib/python2.6/site-packages/nova/wsgi.py:371 2012-12-10 17:51:31 CRITICAL nova [-] [Errno 98] Address already in use 2012-12-10 17:51:31 TRACE nova Traceback (most recent call last): 2012-12
Re: [Openstack] CRITICAL nova [-] [Errno 98] Address already in use
I just realized the problem. Your issue is actually the metadata api since you have something listening on 8775. If you are running nova-api-metadata separately then you can remove it from your list of enabled apis: enabled_apis=ec2,osapi_compute Alternatively just kill nova-api-metadata and allow it to run as wone of the nova-api components. Just for your reference, nova-api is an easy way to run all of the apis as one service. In this case it uses the enabled_apis config option. You can also run all of the apis separately by using the individual binaries: nova-api-ec2 nova-api-metadata nova-api-os-compute nova-api-os-volume Vish On Dec 10, 2012, at 10:42 AM, Andrew Holway a.hol...@syseleven.de wrote: Hi, I have actually no idea how do do that. But the service opts look vaguely relevant: Does anyone have a working installation on Centos 6.3? Thanks, Andrew service_opts = [ cfg.IntOpt('report_interval', default=10, help='seconds between nodes reporting state to datastore'), cfg.IntOpt('periodic_interval', default=60, help='seconds between running periodic tasks'), cfg.IntOpt('periodic_fuzzy_delay', default=60, help='range of seconds to randomly delay when starting the' ' periodic task scheduler to reduce stampeding.' ' (Disable by setting to 0)'), cfg.StrOpt('ec2_listen', default=0.0.0.0, help='IP address for EC2 API to listen'), cfg.IntOpt('ec2_listen_port', default=8773, help='port for ec2 api to listen'), cfg.IntOpt('ec2_workers', default=None, help='Number of workers for EC2 API service'), cfg.StrOpt('osapi_compute_listen', default=0.0.0.0, help='IP address for OpenStack API to listen'), cfg.IntOpt('osapi_compute_listen_port', default=8774, help='list port for osapi compute'), cfg.IntOpt('osapi_compute_workers', default=None, help='Number of workers for OpenStack API service'), cfg.StrOpt('metadata_manager', default='nova.api.manager.MetadataManager', help='OpenStack metadata service manager'), cfg.StrOpt('metadata_listen', default=0.0.0.0, help='IP address for metadata api to listen'), cfg.IntOpt('metadata_listen_port', default=8775, help='port for metadata api to listen'), cfg.IntOpt('metadata_workers', default=None, help='Number of workers for metadata service'), cfg.StrOpt('osapi_volume_listen', default=0.0.0.0, help='IP address for OpenStack Volume API to listen'), cfg.IntOpt('osapi_volume_listen_port', default=8776, help='port for os volume api to listen'), cfg.IntOpt('osapi_volume_workers', default=None, help='Number of workers for OpenStack Volume API service'), ] On Dec 10, 2012, at 7:29 PM, Vishvananda Ishaya wrote: Nope. Best i can think of is to throw some log statements into nova/service.py right before the exception gets thrown. See which api it is trying to start and what it thinks the value of enabled_apis is. Etc. Vish On Dec 10, 2012, at 10:24 AM, Andrew Holway a.hol...@syseleven.de wrote: Hi, maybe this will shed some light on it..? Thanks, Andrew [root@blade02 init.d]# cat /etc/nova/api-paste.ini # Metadata # [composite:metadata] use = egg:Paste#urlmap /: meta [pipeline:meta] pipeline = ec2faultwrap logrequest metaapp [app:metaapp] paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory ### # EC2 # ### [composite:ec2] use = egg:Paste#urlmap /services/Cloud: ec2cloud [composite:ec2cloud] use = call:nova.api.auth:pipeline_factory noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor [filter:ec2faultwrap] paste.filter_factory = nova.api.ec2:FaultWrapper.factory [filter:logrequest] paste.filter_factory = nova.api.ec2:RequestLogging.factory [filter:ec2lockout] paste.filter_factory = nova.api.ec2:Lockout.factory [filter:ec2keystoneauth] paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory [filter:ec2noauth] paste.filter_factory = nova.api.ec2:NoAuth.factory [filter:cloudrequest] controller = nova.api.ec2.cloud.CloudController paste.filter_factory = nova.api.ec2:Requestify.factory [filter:authorizer] paste.filter_factory = nova.api.ec2:Authorizer.factory [filter:validator] paste.filter_factory = nova.api.ec2:Validator.factory [app:ec2executor] paste.app_factory = nova.api.ec2:Executor.factory
Re: [Openstack] Server resize API in OpenStack ESSEX
2 requirements: 1) hostname for compute hosts resolve properly 2) passwordless ssh works between compute hosts. Vish On Dec 10, 2012, at 10:37 AM, Narayanan, Krishnaprasad naray...@uni-mainz.de wrote: Hallo All, I am trying to use the Nova API (POST call) for changing the flavor information (to resize) from m1.tiny to m1.medium. Even though the API is successful (202 Status code), on the Horizon GUI I could see that the Status is Error and the task state is Resize Prep. I am passing the Auth Token along with the Body information in the form of json as inputs to the API. I have referred this URI for passing the body information. I am using OpenStack ESSEX and can I get to know is there any configurations that I need to do in order to get this working? Thanks Krishnaprasad ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] dnsmasq does not start + no xapi interface -- how to solve this problem
I don't see any errors in your network log. are nova-network and nova-compute running on the same host with the same config file? It looks like it isn't recieving a message. Are you running another nova-network that is picking up the message on another host? Vish On Dec 10, 2012, at 12:18 PM, Afef MDHAFFAR afef.mdhaf...@gmail.com wrote: Hi all, I am facing an boring issue since Friday: nova-network is unable to start dnsmasq. Therefore the xapi0 interface is not created. Then, it is impossible to launch VMs. nova-network does not answer requests and nova-compute returns an RPC timeout. Please help me to solve this problem I am using openstack folsom release + XCP + ubuntu 12.04 log file of nova-compute and nova-network are attached to this e-mail. Thank you, Afef nova-compute.txtnova-network.log___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] dnsmasq does not start + no xapi interface -- how to solve this problem
Check rabbitmqctl list_queues and see if there are queues that have nonzero entries. That means messages are being sent but not picked up by the nodes. If the nova-networks are hanging they are probably stuck waiting on a lock files. I believe the lock files are in /var/lock/nova by default. You could try deleting them and restarting nova-network. Vish On Dec 10, 2012, at 1:32 PM, Afef Mdhaffar mdhaf...@mathematik.uni-marburg.de wrote: 2012/12/10 Vishvananda Ishaya vishvana...@gmail.com I don't see any errors in your network log. are nova-network and nova-compute running on the same host with the same config file? Yes, nova-network and nova-compute are running on the same node -- this is the compute node It looks like it isn't recieving a message. Are you running another nova-network that is picking up the message on another host? I have another nova-network running on the cloud controller. The platform was composed of 9 nodes (1 cloud controller + 8 compute nodes) and was running till friday (when one of my colleagues has installed some updates on our gateway). each node (including the controller) runs nova-network and nova-compute. Then (after updating the gateway), only the cloud controller and one compute node are still correctly running. and the rest of the nodes returns the same error - related in my opinion to nova-network. Any ideas how to fix that? Thank you, Afef Vish On Dec 10, 2012, at 12:18 PM, Afef MDHAFFAR afef.mdhaf...@gmail.com wrote: Hi all, I am facing an boring issue since Friday: nova-network is unable to start dnsmasq. Therefore the xapi0 interface is not created. Then, it is impossible to launch VMs. nova-network does not answer requests and nova-compute returns an RPC timeout. Please help me to solve this problem I am using openstack folsom release + XCP + ubuntu 12.04 log file of nova-compute and nova-network are attached to this e-mail. Thank you, Afef nova-compute.txtnova-network.log___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] 500 - Internal Server Error when using Volumes in Dashboard (Centos 6.3)
The recommended way is to run cinder. The config that you showed before was not running osapi_volume as one of your enabled apis. Prior to folsom the way was to enable osapi_volume or run nova-api-volume. The worker that processes commands is called nova-volume (similar to nova-compute on the compute side). In cinder these are cinder-api and cinder-volume. FYI, you don't need volumes working to use nova. It is for attachable block storage devices (similar to ebs). I hope that helps. Vish On Dec 10, 2012, at 1:37 PM, Andrew Holway a.hol...@syseleven.de wrote: Hello, I have a Dashboard install. /dashboard/syspanel/volumes/ /dashboard/nova/volumes/ causes a 500 error. The 500 goes away when I run $nova-api-os-volume I also have a $/etc/init.d/openstack-nova-volume start Which doesn't make the 500 error go away. Can someone tell me what nova-api-os-volume is, what nova-volume is and how to get them both properly doing their thing on my Centos 6.3 install. The guide I am following has no mention of it: https://github.com/beloglazov/openstack-centos-kvm-glusterfs/ Thanks, Andrew ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] dnsmasq does not start + no xapi interface -- how to solve this problem
You could just turn off notifications in glance but that isn't causing an issue. So it seems pretty clear that your compute and network nodes are listening properly on 05, 07, 08. Is it possible that your network got configured as multi_host=False somehow? Or that you have multiple rabbits running with nodes connected to different ones? Vish On Dec 10, 2012, at 2:00 PM, Afef MDHAFFAR afef.mdhaf...@gmail.com wrote: 2012/12/10 Vishvananda Ishaya vishvana...@gmail.com Check rabbitmqctl list_queues and see if there are queues that have nonzero entries. That means messages are being sent but not picked up by the nodes. Here is the output of the command -- there some non zero values for glance info. Is there any way to clear this queue? rabbitmqctl list_queues Listing queues ... cinder-volume 0 network.computeDomU07 0 compute.computeDomU07 0 network.computeDomU05 0 compute 0 scheduler.computeDomU05 0 consoleauth.computeDomU08 0 network.controller0 cinder-scheduler 0 compute_fanout_470aa521abf344f398dc98bf2f99b6e1 0 scheduler.computeDomU07 0 compute.controller0 network_fanout_209e3038f3af49849c10263ab1012e37 0 cert.computeDomU070 scheduler.computeDomU08 0 consoleauth.computeDomU05 0 glance_notifications.warn 0 consoleauth_fanout_9f3c92a646e74f9c88cb1317379d0a6a 0 scheduler.controller 0 network_fanout_9cf790a90c2f49c781a8046d0ea91d30 0 cinder-volume_fanout_693d1211a2a4478b828acb91099a228b 0 cert_fanout_d669d273749c432d999cdfd0a7a715a9 0 network_fanout_e4cc6507e07747d093ecc59502d62018 0 consoleauth.computeDomU07 0 cert_fanout_a9734647226c4ebda2e112ece8f6f168 0 compute.computeDomU08 0 cert.computeDomU050 scheduler_fanout_6c29f818954243468653858252666f2a 0 cert.controller 0 cert 0 compute.computeDomU05 0 network_fanout_b511cfb6546544aa83f7920169604fbe 0 network.computeDomU08 0 consoleauth.controller0 scheduler 0 glance_notifications.info 132 cinder-volume.controller 0 glance_notifications.error1 network_fanout_a4dc31150bfd4fb3bf393f24a343ff76 0 cert.computeDomU080 cinder-scheduler_fanout_b578bf0f687c4564920f3500ae2c9b8c 0 cinder-scheduler.controller 0 network 0 compute_fanout_c1f1cd2ab9cc4c5b87fbfd72dd25a432 0 scheduler_fanout_8aa445468b5c4aa6b2a1a4412dbc09fc 0 network_fanout_693737b6acaf4ba59c3c6cd31a70951b 0 consoleauth 0 ...done. If the nova-networks are hanging they are probably stuck waiting on a lock files. I believe the lock files are in /var/lock/nova by default. You could try deleting them and restarting nova-network. However, there is no nova directory under /var/locks Thank you, Afef Vish On Dec 10, 2012, at 1:32 PM, Afef Mdhaffar mdhaf...@mathematik.uni-marburg.de wrote: 2012/12/10 Vishvananda Ishaya vishvana...@gmail.com I don't see any errors in your network log. are nova-network and nova-compute running on the same host with the same config file? Yes, nova-network and nova-compute are running on the same node -- this is the compute node It looks like it isn't recieving a message. Are you running another nova-network that is picking up the message on another host? I have another nova-network running on the cloud controller. The platform was composed of 9 nodes (1 cloud controller + 8 compute nodes) and was running till friday (when one of my colleagues has installed some updates on our gateway). each node (including the controller) runs nova-network and nova-compute. Then (after updating the gateway), only the cloud controller and one compute node are still correctly running. and the rest of the nodes returns the same error - related in my opinion to nova-network. Any ideas how to fix that? Thank you, Afef Vish On Dec 10, 2012, at 12:18 PM, Afef MDHAFFAR afef.mdhaf...@gmail.com wrote: Hi all, I am facing an boring issue since Friday: nova-network is unable to start dnsmasq. Therefore the xapi0 interface is not created. Then, it is impossible to launch VMs. nova-network does not answer requests and nova-compute returns an RPC timeout. Please help me to solve this problem I am using openstack folsom release + XCP + ubuntu 12.04 log file of nova-compute and nova-network are attached to this e-mail. Thank you, Afef nova-compute.txtnova-network.log___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack] config_drive Image UUID doesn't create disk.config
On Dec 4, 2012, at 3:48 AM, Jian Hua Geng gen...@cn.ibm.com wrote: Vish, Many thanks for u comments, but as you know to support windows sysprep image, we need save the unattend.xml in the CDROM or C:\ device. So, we want to extend the config drive to attach a CDROM device when launch VM. Anyway, I think attach a CDROM when launch new VM is a common requirement, right? Sounds like we need some modifications to allow for an attached cd-rom to be specified in block_device_mapping. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] resizing instance fails
On Dec 4, 2012, at 1:15 AM, Marco CONSONNI mcocm...@gmail.com wrote: Not sure, but it seems like this feature is available for XenServer, only http://osdir.com/ml/openstack-cloud-computing/2011-10/msg00473.html Does anybody know more? Resize should work for kvm as well, but you will need hostnames to resolve properly and passwordless ssh access between your compute hosts. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Understanding flavors of VM
On Dec 4, 2012, at 9:35 AM, Ahmed Al-Mehdi ahmedalme...@gmail.com wrote: Hi Marco, This is really good stuff, thank you very much for helping out. I am creating some instances to test out how/where the different storage related elements are created. I created two VM instance: Instance 1 : 20GB boot disk Instance 2 : 10GB boot disk, 2 GB Ephemeral disk. root@bodega:/var/lib/nova# ls -lh -R instances instances: total 12K drwxrwxr-x 2 nova nova 4.0K Dec 4 09:01 _base drwxrwxr-x 2 nova nova 4.0K Nov 28 11:44 instance-0001 drwxrwxr-x 2 nova nova 4.0K Dec 4 09:01 instance-0002 instances/_base: total 240M -rw-r--r-- 1 nova nova 40M Dec 4 08:51 8af61c9e86557f7244c6e5a2c45e1177c336bd1f -rw-r--r-- 1 libvirt-qemu kvm 10G Dec 4 09:01 8af61c9e86557f7244c6e5a2c45e1177c336bd1f_10 -rw-r--r-- 1 nova kvm 20G Dec 4 08:51 8af61c9e86557f7244c6e5a2c45e1177c336bd1f_20 -rw-rw-r-- 1 nova nova 9.4M Nov 28 11:44 8af61c9e86557f7244c6e5a2c45e1177c336bd1f.part -rw-r--r-- 1 nova nova 2.0G Dec 4 09:01 ephemeral_0_2_None == -rw-r--r-- 1 libvirt-qemu kvm 2.0G Dec 4 09:01 ephemeral_0_2_None_2 = There isn't really a need for two copies here. This is a bug I will get someone to investigate. instances/instance-0001: total 1.9M -rw-rw 1 nova kvm 26K Nov 28 11:45 console.log -rw-r--r-- 1 libvirt-qemu kvm 1.9M Dec 4 07:01 disk -rw-rw-r-- 1 nova nova 1.4K Nov 28 11:44 libvirt.xml instances/instance-0002: total 1.8M -rw-rw 1 libvirt-qemu kvm 27K Dec 4 09:02 console.log -rw-r--r-- 1 libvirt-qemu kvm 1.6M Dec 4 09:03 disk -rw-r--r-- 1 libvirt-qemu kvm 193K Dec 4 09:01 disk.local The disk.local is the ephemeral disk, using ephemeral_0_2_None_2 as a backing file. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] A confuse about the FlatDHCP network
On Dec 5, 2012, at 1:53 AM, Lei Zhang zhang.lei@gmail.com wrote: Hi all, I am reading the http://docs.openstack.org/trunk/openstack-compute/admin/content/libvirt-flat-dhcp-networking.html, I got the following deploy architecture. But there are several that I am confused. How and why 192.168.0.0/24 ip range exist? It is necessary or not? The eth1 on the each physical machine own two ip(10.0.0.0/24 and 192.168.0.0/24)? Is that possible? In the nova-compute, the eth1 should be bridged by br100. the eth1 should not own any IP address, right? The addresses will be moved on to the bridge. The point of having an ip address is so that things like rabbit and mysql can communicate over a different set of addresses than the guest network. Usually this would be done on a separate eth device (eth2) or vlan, but I was trying to keep In a better way, should we separate the nova-network/eth0 to the internet public switch for access the internet by all VMs. and the nova-compute/eth0 should be bind to a internal switch for admin access use. Is it right? Ideally there are three eth devices / vlans a) public (for 99 adddresses in diagram) b) management (for 192 addresses in diagram) c) guest (for 10 addresses in diagram) -- Lei Zhang Blog: http://jeffrey4l.github.com twitter/weibo: @jeffrey4l ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] nova.virt.libvirt.imagecache is removing good base file
This is a known issue in folsom and stable/folsom. You should turn off the image cache if you are using shared storage. https://bugs.launchpad.net/nova/+bug/1078594 See the upgrade notes here to see how to disable the imagecache run: http://wiki.openstack.org/ReleaseNotes/Folsom#OpenStack_Compute_.28Nova.29 Note that the current version of stable/folsom (and 2012.2.1) turn off imagecache by default. Vish On Dec 5, 2012, at 9:56 AM, Davide Guerri davide.gue...@gmail.com wrote: Hi all, I've a bad problem with nova.virt.libvirt.imagecache: it keeps removing good (not stale) base images even if they are used by running VMs. I have a multi-node installation with shared storage (as described here: http://docs.openstack.org/trunk/openstack-compute/admin/content/configuring-live-migrations.html) Here is a log except: --- nova-compute.log:2012-12-05 16:21:29 INFO nova.virt.libvirt.imagecache [-] Removable base files: /var/lib/nova/instances/_base/cf38dbb4e4468fe68f8486ed6ade984f766086cc /var/lib/nova/instances/_base/cf38dbb4e4468fe68f8486ed6ade984f766086cc_80 /var/lib/nova/instances/_base/7fab5ccd237dbb7428e9a47e26eb278e9b66e357 /var/lib/nova/instances/_base/7fab5ccd237dbb7428e9a47e26eb278e9b66e357_40 /var/lib/nova/instances/_base/7fab5ccd237dbb7428e9a47e26eb278e9b66e357_80 /var/lib/nova/instances/_base/eed4493e949ae9303c0342c50860f1ba368e8177 /var/lib/nova/instances/_base/eed4493e949ae9303c0342c50860f1ba368e8177_80 /var/lib/nova/instances/_base/34c234536ae3df4ea641258c57c35872c10cd0d2 nova-compute.log:2012-12-05 16:21:29 INFO nova.virt.libvirt.imagecache [-] Removing base file: /var/lib/nova/instances/_base/cf38dbb4e4468fe68f8486ed6ade984f766086cc_80 nova-compute.log:2012-12-05 17:11:34 INFO nova.virt.libvirt.imagecache [-] Active base files: /var/lib/nova/instances/_base/7fab5ccd237dbb7428e9a47e26eb278e9b66e357_40 /var/lib/nova/instances/_base/eed4493e949ae9303c0342c50860f1ba368e8177_80 /var/lib/nova/instances/_base/cf38dbb4e4468fe68f8486ed6ade984f766086cc_80 --- For my understanding the backing file eed4493e949ae9303c0342c50860f1ba368e8177_80 is removed even if it's considered Active. Actually the node that is removing base files is not the node where instances related to those backing files run. It's correct to share the whole /var/lib/nova/instances/ directory or the _base subdirectory should reside locally to each node? Thanks in advance for any help you can provide. Davide. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Essex volume attach issue on Debian Wheezy
Probably wheezy puts iscsiadm somewhere that rootwrap can't find it. iscsiadm: CommandFilter, /sbin/iscsiadm, root iscsiadm_usr: CommandFilter, /usr/bin/iscsiadm, root You should do a: which iscsiadm If it doesn't match the above you need to add a new filter to /etc/nova/rootwrap.d/volume.filters Vish On Dec 5, 2012, at 9:47 AM, Alberto Molina Coballes alb.mol...@gmail.com wrote: Hi all, We're facing an issue attaching a volume to a running instance in an Essex deployment on Debian Wheezy. nova-volume is installed on the cloud controller, but nova-network is installed on the computes nodes in a multi_host setup. The relevant configuration parameters in nova.conf are (nexentastor-ce is used for volume storage): volume_driver=nova.volume.nexenta.volume.NexentaDriver use_local_volumes=false nexenta_host=172.22.222.2 nexenta_volume=nova nexenta_user=admin nexenta_password= Volumes can be created properly: $ nova volume-create --display_name demovol1 1 $ nova volume-list ++---+--+--+-+-+ | ID | Status | Display Name | Size | Volume Type | Attached to | ++---+--+--+-+-+ | 1 | available | demovol1 | 1| None| | ++---+--+--+-+-+ But attaching to a volume fails with no error: $ nova volume-attach 63abfd8a-...-...-... 1 /dev/vdc and the volume still remains available. It seems that the problem is related to these logs found in the compute node (nova-compute.log): TRACE nova.rpc.amqp ProcessExecutionError: Unexpected error while running command. TRACE nova.rpc.amqp Command: sudo nova-rootwrap iscsiadm -m node -T iqn.1986-03.com.sun:02:nova-volume-001 -p 172.22.222.2:3260 TRACE nova.rpc.amqp Exit code: 1 TRACE nova.rpc.amqp Stdout: '' TRACE nova.rpc.amqp Stderr: 'Traceback (most recent call last):\n File /usr/bin/nova-rootwrap, line 69, in module\n env=filtermatch.get_environment(userargs))\n File /usr/lib/python2.7/subprocess.py, line 679, in __init__\nerrread, errwrite)\n File /usr/lib/python2.7/subprocess.py, line 1249, in _execute_child\nraise child_exception\nOSError: [Errno 2] No such file or directory\n' Trying to execute this command from the command line (as nova user): nova@calisto:~$ sudo nova-rootwrap iscsiadm -m node -T iqn.1986-03.com.sun:02:nova-volume-001 -p 172.22.222.2:3260 Traceback (most recent call last): File /usr/bin/nova-rootwrap, line 69, in module env=filtermatch.get_environment(userargs)) File /usr/lib/python2.7/subprocess.py, line 679, in __init__ errread, errwrite) File /usr/lib/python2.7/subprocess.py, line 1249, in _execute_child raise child_exception OSError: [Errno 2] No such file or directory Whereas executing the same command as root without sudo nova-rootwrap seems to work ok: root@calisto:~# iscsiadm -m node -T iqn.1986-03.com.sun:02:nova-volume-001 -p 172.22.222.2:3260 # BEGIN RECORD 2.0-873 node.name = iqn.1986-03.com.sun:02:nova-volume-001 node.tpgt = 1 node.startup = manual ... Any tips on this? Cheers! Alberto ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Essex volume attach issue on Debian Wheezy
On Dec 5, 2012, at 11:33 AM, Alberto Molina Coballes alb.mol...@gmail.com wrote: 2012/12/5 Vishvananda Ishaya vishvana...@gmail.com: Probably wheezy puts iscsiadm somewhere that rootwrap can't find it. iscsiadm: CommandFilter, /sbin/iscsiadm, root iscsiadm_usr: CommandFilter, /usr/bin/iscsiadm, root You should do a: which iscsiadm Thanks for the quick response but it seems that iscsiadm location is correct: nova@calisto:~$ which iscsiadm /usr/bin/iscsiadm and /etc/nova/rootwrap.d/volume.filters contains the line: iscsiadm_usr: CommandFilter, /usr/bin/iscsiadm, root ? Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] resizing instance fails
On Dec 5, 2012, at 1:14 PM, Clint Walsh clinton.wa...@unimelb.edu.au wrote: Hi, Resize should work for kvm as well, but you will need hostnames to resolve properly and passwordless ssh access between your compute hosts. Does 'hostnames' mean that of the VM or the compute nodes or both? compute nodes Also what is the reason for compute host access direct to other compute hosts? Direct access is to copy the vm file across. This could be modified to store the file in a common location (like glance) but there are some issues related to raw disks that need to be solved. There is a bp about this: https://blueprints.launchpad.net/nova/+spec/resize-no-raw Resize would be very useful for our tenants. --- Clint Walsh NeCTAR Research Cloud Support On 6 December 2012 05:39, Vishvananda Ishaya vishvana...@gmail.com wrote: On Dec 4, 2012, at 1:15 AM, Marco CONSONNI mcocm...@gmail.com wrote: Not sure, but it seems like this feature is available for XenServer, only http://osdir.com/ml/openstack-cloud-computing/2011-10/msg00473.html Does anybody know more? ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] resizing instance fails
On Dec 5, 2012, at 2:27 PM, Clint Walsh clinton.wa...@unimelb.edu.au wrote: Vish, thanks for the clarification re hostnames. NeCTAR uses shared storage across compute nodes for VM images storage and our compute nodes hostnames resolve Is there a way around passwordless access between compute nodes for the above config as the VM file doesnt need to be moved its already on all compute nodes within a cell. If you are using shared storage then you probably should use live-migrate instead of resize, but unfortunately this requires libvirt on the nodes to talk though so you need either passwordless access or some kind of tls keys. If you don't mind rebooting then you might be able to use something along the lines the evacuate code that is under review now: https://review.openstack.org/#/c/11086/ This allows vms to be restarted on another node even if the original host is down. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [openstack] config_drive Image UUID doesn't create disk.config
On Dec 2, 2012, at 6:15 PM, Jian Hua Geng gen...@cn.ibm.com wrote: I saw the comments in the https://bugs.launchpad.net/nova/+bug/1029647 , can anyone give me more detail introduction of this decision about why the functionality for using an image id for config drive was removed? Just for example for our requirement: We want create a CDROM and write some information in it such as the sysprep info for windows when run vm. First we need extend the config drive to support both cdrom and file disk device, second we create an iso image in glance which is used to save the sysprep info and share with other user in cloud, then wen can use this config_drive_id to load the iso. Have any suggestion or solution for this requirement? Here is one option that you could use. Create a volume instead of an image (or create the volume from the image), snapshot the volume. If you pass the volume snapshot in as a secondary drive in block_device_mapping on boot, then you will get a volume copy of the image. If it is delete_on_terminate=True then the volume will be deleted when you terminate the vm. Vish___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [OpenStack] Remove unsed network on host with nova-network
FYI, this patch is probably something bigger than we can merge. Nova-network is supposed to just be in maintenance mode and not getting big new features. Small features are ok, but this one changes a lot of lines. Not sure what is up with your rule removal. Perhaps there are multiple copies of the added rules so they aren't being deleted properly? In fact, that may be a bug. It looks like plug is called for each vm so we might end up with multiple copies of the isolation rules. Vish On Dec 3, 2012, at 6:34 AM, Édouard Thuleau thul...@gmail.com wrote: Hi Vish, I made a patch to implement that with the VLAN manager: https://review.openstack.org/#/c/17352/ I put a lock on methods '_setup_network_on_host' and '_teardown_network_on_host' of class 'VlanManager' and I reused (and renamed) the locks already defined in class 'LinuxBridgeInterfaceDriver' when a bridge or VLAN is created ('ensure_vlan' = 'lock_vlan' and 'unsure_bridge' = 'lock_bridge'). Do you think is enough to prevent any race condition ? I've got a bug. I create method '_remove_dnsmasq_accept_rules' to remove filter rules for DHCP server but when I call it, nothing is deleted. Could you help me to resolve that ? And I've got the same problem sometimes with method 'remove_isolate_dhcp_address'. The ebtables rules are correctly deleted but not for iptables rules. I didn't delete a network bridge if it handles VPN forward rules of the private network even if no VM use this gateway on the host. But if a network is deleted, nothing will tear down this gateway. I think I found another bug. If network host must handle the VPN forward rules for a private network and if we restart it, it should instantiate a gateway on this private network and add VPN forward rules even if no VM use this gateway on the host. But actually it doesn't do that. Perhaps, the method 'db.network_get_all_by_host' use in 'init-host' must return the network in this case ? I only implement this for the multi hosted networks with the VLAN manger. I think isn't useful to add this on the multi hosted network with the Flat DHCP manager because, in this mode, only one multi hosted network is created for all instances of all tenants. Regards, Édouard. On Wed, Nov 21, 2012 at 12:49 AM, Vishvananda Ishaya vishvana...@gmail.com wrote: The only reason this is not done is that it makes the setup simpler. We don't have to worry about potential races between setting up and tearing down interfaces. It probably wouldn't be incredibly difficult to make a patch that would remove them, but you will likely have to do some creative locking to make sure that you don't run into issues. Vish On Nov 20, 2012, at 9:25 AM, Édouard Thuleau thul...@gmail.com wrote: Hi all, I use nova-network with VLAN manager. Why nova-network doesn't remove unused network interfaces on a host ? ie, if none VM on a host have a fixed IP attach to network X, the VLAN and bridge of this network still up and unused. And 'dnsmasq' process still listen and running. The number of unused network interfaces will grow over time. In the VLAN mode, this number could be 4000 x 2 unused interfaces and 4000 unused 'dnsmasq' processes (in worth case). Can it lead to decrease the kernel performance ? Is it a bug ? Or a voluntary implementation ? Regards, Édouard. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] How to enable EC2 compatibility layer in Keystone
It nova that listens on port 8773, not keystone. Keystone is just responsible for credentials. Vish On Nov 23, 2012, at 3:15 AM, Shashank Sahni shredde...@gmail.com wrote: Hi everyone, I've successfully installed keystone(folsom release), glance and swift. I'm able to create the ec2 credentials for any user, but keystone daemon isn't listening on port 8773. I've configured services and endpoints appropriately to point to url http://keystone_ip:8773/services/Cloud, but there doesn't seem to be any service listening on port 8773(netstat returns only port 5000 as up). Please find 'ec2' specific configuration in my keystone.conf file below. [ec2] driver = keystone.contrib.ec2.backends.sql.Ec2 [filter:ec2_extension] paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory [pipeline:public_api] pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service [pipeline:admin_api] pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service Any suggestions? -- Shashank Sahni ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] [nova] python-novaclient 2.10.0 released
Hello Everyone, I just pushed out a new version of python-novaclient[1]. Mostly cleanups although a few new features were added for people using the trunk release of nova. New commands for folsom: nova list-extensions nova list --tenant nova flavor-create m1.huge auto ... # auto = generate a random uuid for flavor nova quota-show # no tenant shows default nova ssh --extra-opts New commands for grizzly/trunk nova cloudpipe-update nova service-list nova fixed-ip-get nova fixed-ip-reserve nova fixed-ip-unreserve Thanks, Vish [1] http://pypi.python.org/pypi/python-novaclient/2.10.0 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] how to let the instance name (instance-xxx) equal to the hostname of the instance (chosen by the user)??
On Nov 28, 2012, at 2:08 PM, Sébastien Han han.sebast...@gmail.com wrote: Hi, Just tried this, it works but I'd also like to rename /var/lib/nova/instances/ according to the hostname. At the moment this only rename (output from nova show): | OS-EXT-SRV-ATTR:instance_name | mon-nom Is it possible? Cheers! Changing the name should change the dir in /var/lib/nova/instances, although it must be in nova.conf on the compute host and nova-compute will need to be restarted before you launch the instance. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] how to let the instance name (instance-xxx) equal to the hostname of the instance (chosen by the user)??
On Nov 28, 2012, at 2:16 PM, Vishvananda Ishaya vishvana...@gmail.com wrote: On Nov 28, 2012, at 2:08 PM, Sébastien Han han.sebast...@gmail.com wrote: Hi, Just tried this, it works but I'd also like to rename /var/lib/nova/instances/ according to the hostname. At the moment this only rename (output from nova show): | OS-EXT-SRV-ATTR:instance_name | mon-nom Is it possible? Cheers! Changing the name should change the dir in /var/lib/nova/instances, although it must be in nova.conf on the compute host and nova-compute will need to be restarted before you launch the instance. Vish Also the name is not unique, so if you do this you will have big problems if two users chose the same name. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Dashboard boot from volume question
On Nov 26, 2012, at 7:30 PM, Sina Sadeghi s...@aptira.com wrote: Hi again list, I am wondering why the dashboard UI around booting from volume is setup the way it is? Currently the user is presented with an Instance source: pulldown menu when they want to launch an instance. Only Image and Snapshot are present in this list. A user must go to the volume tab and specify boot from volume there. However, if the user does not also specify an image or snapshot, then the error Please select an option for the instance source. is presented to the user. Shouldn't the Instance source: pulldown menu have a Volume list item so this error doesn't occur? This would definitely make more sense. Unfortunately image id is still required even when booting from volume. There is some work being done to fix this for grizzly, so hopefully soon that will be an option. There is a bit of additional work needed around the ux of booting from a volume. It would be nice if the ui offered an option to select an image and have it copied to a volume automatically for you at boot time, but there are still a few blockers before that works cleanly. Vish ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp