Hi Rohit I think I've found something regarding memory issues with vmware: Schema-update only updates default system-vm, but not newly registered ones:
https://github.com/apache/cloudstack/blob/master/engine/schema/src/main/resources/META-INF/db/schema-41000to41100.sql: 448: -- Use 'Other Linux 64-bit' as guest os for the default systemvmtemplate for VMware 449: -- This fixes a memory allocation issue to systemvms on VMware/ESXi 450: UPDATE `cloud`.`vm_template` SET guest_os_id=99 WHERE id=8; When I registered the new templates I selected Debian something as OS type. I now changed this to "Other Linux (64bit)", which is what above update is doing, and I can see significantly less memory used by VRs. I do not understand the reasons behind this behavior, I tried also other settings (Debian 9 64-bit, Other 3.x Linux), neither seem to handle memory well... As for the VPN part, you suggested > you can build a custom systemvm.iso file with those settings. Is it possible to simply replace the systemvm.iso file on mgmt-server, remove it from secondary and restart mgmt-server? Maybe you can point me here in the right direction. Thanks, Sam > -----Original Message----- > From: Rohit Yadav <rohit.ya...@shapeblue.com> > Sent: Dienstag, 20. November 2018 12:55 > To: dev@cloudstack.apache.org > Subject: Re: [VOTE] Apache CloudStack 4.11.2.0 RC5 > > Hi Samuel, > > > Thanks for your email. I've opened this ticket for your first issue: > https://github.com/apache/cloudstack/issues/3039 > > Please follow René's advice to (a) try increase the VR memory and see if it > helps, (b) have a script for reducing memory over time. We'll also work with > the systemd project to see if they can fix and backport this for Debian 9.6+. > > > For your second issue, in 4.9 which used a Debian7 based VR and openswan > for VPN, we've moved to strongswan. If your external Cisco > endpoint/integration can work with strongswan, please create a VPC VR and > manipulate the strongswan configs in that VR and share your results or send > a PR, the changes need to be in one of the python files such as configure.py. > The #2 issue is very specific to your environment and is not a general error, > if > you're able to optimize the configuration for a VR, you can build a custom > systemvm.iso file with those settings. In addition, you can send a PR or > submit a Github issue with details, logs, configurations etc: > https://github.com/apache/cloudstack/issues > > > I think both the issues are not general blockers and should not void 4.11.2.0 > voting. > > > - Rohit > > <https://cloudstack.apache.org> > > > > ________________________________ > From: Zehnder, Samuel <zehn...@netcloud.ch> > Sent: Monday, November 19, 2018 9:13:04 PM > To: dev@cloudstack.apache.org > Subject: Re: [VOTE] Apache CloudStack 4.11.2.0 RC5 > > > Hi Group > > First, sorry that I wasn't able to use the mailto-link for the reply. It > somehow > did not work.. > > > > After Upgrading from 4.9 to 4.11 we are seeing two issues with vRouter > systemVMs: > > > > 1) Memory Consumption on vSphere > > vRouter are starting to swap with low memory available, this also starts > happening after increasing memory size to 512m. Interestingly, there's no > process nor cache using the memory as far as "top", "ps", or other tools > report. > > > > 2) Site-2-Site VPN > > a) After a restart of the VPC (vRouter rebuild) VPN Tunnels are not > configured on vRouter. This has to be triggered manually with a call to > resetVpnConnection API. > > b) StrongSwan configuration does not work well with Cisco endpoints, I've > found following inputs: > > - multiple "rightsubnet=" entries are not supported with ikev1 [1], so > multiple conns should be configured instead > > - multiple subnets are supported with ikev2, but not with Cisco endpoints, > use multiple conns as well [2] > > > > For me it is unclear, what script should be modified for above issues, one of > those look promising: > > https://github.com/apache/cloudstack/blob/master/systemvm/debian/opt/ > cloud/bin/ipsectunnel.sh > > https://github.com/apache/cloudstack/blob/master/systemvm/debian/opt/ > cloud/bin/configure.py > > > > Regards, > > Sam > > > > [1] > https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection#leftrigh > t-End-Parameters > > [2] https://serverfault.com/questions/904028/strongswan-to-cisco-asa-with- > multiple-right-subnet > > > > rohit.ya...@shapeblue.com > www.shapeblue.com > Amadeus House, Floral Street, London WC2E 9DPUK @shapeblue > >
smime.p7s
Description: S/MIME cryptographic signature
