[Openstack-community] OpenStack Community Newsletter –February 17, 2012
HIGHLIGHTS * TryStack.org – A Sandbox for OpenStack is live http://www.openstack.org/blog/2012/02/trystack-org-a-sandbox-for-openstack/ * The brand new API reference website http://api.openstack.org/ * SoftLayer announced its Object Storage product built on OpenStack Swift http://blog.softlayer.com/2012/softlayer-openstack-swift-softlayer-object-storage/ * Action needed: OpenStack Governance Elections http://www.openstack.org/blog/2012/02/openstack-governance-elections-spring-2012/ * Setting up the OpenStack Foundation: video of the meetup in Santa Clara http://www.collierclan.net/mark/?p=425 * A draft for the Foundation’s structure is up for discussion http://lists.openstack.org/pipermail/foundation/2012-February/000134.html * Last days to answer the Call for speaker for OpenStack Conference http://www.openstack.org/conference/san-francisco-2012/speakers/ * Book your room for the week https://resweb.passkey.com/go/DRAC2012 EVENTS FLOSSTalk Kosovo Feb 22, 2012 – UNICEF Innovations Lab Kosovo in Prishtina, Kosovo http://www.flossk.org/en/blog/flosstalk-arturo-suarez-openstack OpenStack Spring 2012 Design Summit Apr 16 – 18 and Conference Apr 19-20 – San Francisco, California http://openstack.org/conference/ OTHER NEWS * Under the hood of Swift: the Ring (by Mirantis) http://www.openstack.org/blog/2012/02/1997/ * DNS management system for OpenStack (by Grid Dynamics) http://openstackgd.wordpress.com/2012/02/17/dns-for-openstack/ * OpenStack Wiki Recent Changes – http://wiki.openstack.org/RecentChanges * New report to track changes only in main branch http://wiki.openstack.org/CommunityMetrics/Code * OpenStack sprint at PyCon2012 http://wiki.openstack.org/Sprints/PyCon2012 * How to update the Corporate Copyright License Agreement http://wiki.openstack.org/HowToUpdateCorporateCLA * Documentation Day, March 6th http://wiki.openstack.org/Documentation/DocDay * Documentation HowTo http://wiki.openstack.org/Documentation/HowTo * Getting Started with OpenStack in Japanese http://wiki.openstack.org/GettingStarted/ja * Project meeting summary http://eavesdrop.openstack.org/meetings/openstack-meeting/2012/openstack-meeting.2012-02-14-21.00.html COMMUNITY STATISTICS * Activity on the main branch of OpenStack repositories, lines of code added and removed per developer during week 6 of 2012 (from Mon Feb 06 00:00:00 UTC 2012 to Mon Feb 13 00:00:00 UTC 2012) Changes to Horizon project week 06 2012 Changes to Horizon project week 06 2012 Changes to Swift project week 06 2012 Changes to Swift project week 06 2012 Changes to Manuals project week 06 2012 Changes to Manuals project week 06 2012 Changes to Keystone project week 06 2012 Changes to Keystone project week 06 2012 Changes to Quantum project week 06 2012 Changes to Quantum project week 06 2012 Changes to Glance project week 06 2012 Changes to Glance project week 06 2012 Changes to Nova project week 06 2012 Changes to Nova project week 06 2012 This weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment. http://www.openstack.org/blog/2012/02/community-weekly-review-feb-10-17/ -- Mailing list: https://launchpad.net/~openstack-community Post to : openstack-community@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack-community More help : https://help.launchpad.net/ListHelp
[Openstack] [Glance]: which part of the source codes handle the receiving of the upload image data
Hi Glance guys, I'm not good in WSGI. I have a foolish question to ask. Which part of the source codes handle the receiving of the uploading data. As far as I know, the uploading data is in body_file from webob. I traced the webob code but it made my head blowed. --- send chunked data - | (webob) this mechanism is unclear to me| --- body_file Would somebody kindly give a guide on this issue ? thanks! Best regards, Reynolds ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Glance]: which part of the source codes handle the receiving of the upload image data
I'm not good in WSGI. I have a foolish question to ask. Which part of the source codes handle the receiving of the uploading data. As far as I know, the uploading data is in body_file from webob. I traced the webob code but it made my head blowed. --- send chunked data - | (webob) this mechanism is unclear to me| --- body_file Would somebody kindly give a guide on this issue ? Hi Reynolds, Are you asking for a full description of the mechanics of dispatching the incoming HTTP request entity-body to the webob.Request.body_file? Or are you just interested in the interface between WSGI and webob, i.e. the mapping between environ['wsgi.input'] and webob.Request.body_file? Generally I've found that the WSGI/webob innards only become relevant in Glance when chasing an apparent bug in the dispatch path (e.g. the recent issue with premature disconnection under webob 1.1.1-1 on ubuntu precice). But even if it's not usually crucial to understanding Glance, it would still be good to add to the tribal knowledge on the subject. It might make sense to direct your detailed questions at the webob community[1] and report back here. Cheers, Eoghan [1] http://www.webob.org ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Howto Nova setup with HA?
On Thu, Feb 16, 2012 at 3:09 PM, Tom Ellis tom.el...@canonical.com wrote: nova-volume service * Current weakness in the HA setup, unless you are willing to use iscsi tgtd with DRBD. I believe this would still have some problems when failing over with the initiators that are logged in. Nope, this is well understood and supported. It all amounts to getting the Pacemaker configuration right, but DRBD-backed, tgt-based iSCSI targets are perfectly capable of failover that is fully transparent to initiators. That being said, of course nova-volume with RBD (RADOS block device) would be another approach that may provide better reliability (more replicas, where DRBD is limited to 2 -- 4 with some trickery), better scaleout (seamless expansion and contraction of the storage space), and better self-healing capabilities (automatic rebalancing if individual replicas fail). Hope this is useful. Cheers, Florian -- Need help with High Availability? http://www.hastexo.com/now ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] floating ip with melange
Hi, Is anyone working on getting floating ip work with melange? Currently pool operation (from nova-manage) and allocate/deallocate/associate/disassocaite (in FloatingIP mix-in for network manager) are closely coupled with nova DB. I'd be happy to work on that or work together if someone is already working on it. Cheers, Tomoe ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Keystone] Custom Roles
On 02/17/2012 06:31 AM, Leander Bessa wrote: Hello, I was wondering if it would be possible to create custom roles in keystone. For instance, i would like to create a role which would allow a project owner to create/remove flavors without the intervention of an admin account. I *think* this should be possible with the new policy support that was recently added. Check out the /etc/nova/policy.json file. You should be able to edit that file to customize access to specific resource actions for a new role... (hint: look for compute_extension:flavormanage) That said, policy.json is pretty undocumented, and when I wrote the doc for Glance's similar policy.json support (http://glance.openstack.org/policies.html) I knew I was missing a lot of context. Hopefully Brian Waldon (cc'd) can provide some more help to you. Sidenote, though... if you allow a custom role to create a new flavor, would you allow anyone to launch an instance with that flavor? -jay ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Glance]: which part of the source codes handle the receiving of the upload image data
On 02/17/2012 04:08 AM, benzwt benzwt wrote: Hi Glance guys, Hi Reynolds! I'm not good in WSGI. I have a foolish question to ask. Which part of the source codes handle the receiving of the uploading data. The receiver of the uploaded data is the webob.Request object that is constructed on the Glance API server (within the eventlet that picks up the socket connection associated with a client HTTP request). As far as I know, the uploading data is in body_file from webob. I traced the webob code but it made my head blowed. Heh, yeah, it's a bit funky. :) More below... --- send chunked data -| (webob) this mechanism is unclear to me| --- body_file Would somebody kindly give a guide on this issue ? Well, I would say my words of advice would be to avoid making any calls that end up calling the webob.Request.make_body_seekable() method (or setting the is_body_seekable attribute). Doing so will make webob.Request attempt to read the entire request body into memory (a StringIO object) in an attempt to determine the length of the request body if it is not known (as used to be the case with certain chunked transfer requests that the Glance client used to use -- it now always calculates the content length on the client side to avoid this possibility). What Glance does is pass the webob.Request.body_file attribute off to the backend storage driver object, and that storage driver either uses the body_file attribute as-is (see /glance/store/filesystem.py) or wraps that body_file attribute in a custom reader object that allows the driver to read and track chunks of incoming request data without seeking to the end fo the body_file (see above for problems with doing that...) or writing chunks of the incoming request body to disk. See the Swift driver in /glance/store/swift.py for how that is done. Best, -jay ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Keystone] Custom Roles
Thanks, that is just what i'm looking foor. This will only be available in the final Essex release of OpenStack right? In regards to the side note, i was hoping to restrict that flavor to the tenant in which it was created. Although if it isn't possible, i suppose it could do no harm, assuming per tenant quotas are in place. Regards, Leander On Fri, Feb 17, 2012 at 2:50 PM, Jay Pipes jaypi...@gmail.com wrote: On 02/17/2012 06:31 AM, Leander Bessa wrote: Hello, I was wondering if it would be possible to create custom roles in keystone. For instance, i would like to create a role which would allow a project owner to create/remove flavors without the intervention of an admin account. I *think* this should be possible with the new policy support that was recently added. Check out the /etc/nova/policy.json file. You should be able to edit that file to customize access to specific resource actions for a new role... (hint: look for compute_extension:**flavormanage) That said, policy.json is pretty undocumented, and when I wrote the doc for Glance's similar policy.json support (http://glance.openstack.org/** policies.html http://glance.openstack.org/policies.html) I knew I was missing a lot of context. Hopefully Brian Waldon (cc'd) can provide some more help to you. Sidenote, though... if you allow a custom role to create a new flavor, would you allow anyone to launch an instance with that flavor? -jay __**_ Mailing list: https://launchpad.net/~**openstackhttps://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~**openstackhttps://launchpad.net/~openstack More help : https://help.launchpad.net/**ListHelphttps://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Keystone] Custom Roles
On 02/17/2012 10:15 AM, Leander Bessa wrote: Thanks, that is just what i'm looking foor. This will only be available in the final Essex release of OpenStack right? It is in the development trunk right now. If you pull the E3 releases, the functionality should be in there, too. In regards to the side note, i was hoping to restrict that flavor to the tenant in which it was created. Although if it isn't possible, i suppose it could do no harm, assuming per tenant quotas are in place. Meh, yeah, either way :) Just brought it up since I was curious... a thought of a custom role creating some enormous flavor with 64G of RAM and 48 cores of something, and having all the normal users have at it was floating in my mind :) -jay ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Swift S3 with Keystone anyone?
On 17 Feb 2012, at 06:12, Pete Zaitcev wrote: - A S3Token middleware which is based on Akira version with some fixes. Yeah, that looks beautiful... Unfortunately the back-end inherits the old problem: it authorizes against EC2 credentials instead of Swift credentials. The result is, if two applications A and B use different access methods, CF and S3, to the same account, they do not see each other's objects. It happens because the storage URL returned by Keystone differs for them, as far as I can discern. This is actually supported as mentioned in my temporary doc[1] see the transcript here : http://pastie.org/3401911 this made of from a fresh devstack with a few tweaks to the configurations. I plan to add this to devstack but I am waiting first for some of my other review to get approved to push those changes and be able to get rid of swift-keystone2 for good. S3token middleware: https://review.openstack.org/#change,3910 Swift token middleware: https://review.openstack.org/#change,3911 Do you still want reviews on these, after the merge of redux? This has been merged to keystone master, feel free to review the one the add reseller admin support : https://review.openstack.org/#change,4234 and the doc update : https://review.openstack.org/#change,4233 The reseller admin will allow us ultimately to have swift acting as a nova-objectstore for nova. I have more plans for the middleware, I'd like to get the compressive tempauth testsuite running on swiftauth with almost no modifications and add along the way anonymous user object access via ACL. Let me know if you have questions. Cheers, Chmouel. PS: readding openstack@ as this may be useful for everyone. [1] http://p.chmouel.com/swift-keystonelight-s3.txt ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Remove Zones code - FFE
On Feb 15, 2012, at 10:07 AM, Armando Migliaccio wrote: I think you touched the crucial point here: what is exposed to the user and what not. Reading: http://wiki.openstack.org/MultiClusterZones#Design one would think that zones is a concept exposed to end users. You're saying otherwise; Is it just my misunderstanding or the wiki page is out of sync with the latest developments? If zones are not going to be exposed to the users, what will? Just availability zones? Zones *could* be exposed, but that is not intrinsic to their design. Availability zones could be designated as a particular level of nesting of the overall zone design, such as a particular region, and users could specify the AZ they want their instance to be provisioned in. But a region might have several data centers, each of which could be a zone, and individual DCs could have several zones within them based on the physical layout of the building, or networking capacity, or because of incremental build out, or for any number of other reasons, none of which are relevant to a user. The term zone was adopted at a time when we weren't really focusing on mimicking the AWS Availability Zone concept, and in hindsight, it was a poor choice. So we should learn from that mistake and make sure we don't choose a replacement term that already has a common usage, such as shards segments or clusters. -- Ed Leafe ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] announcing api.openstack.org
On Feb 16, 2012, at 10:02 AM, Anne Gentle wrote: I'm pleased to point you to http://api.openstack.org. Collecting OpenStack APIs on one page, built with an API developer in mind. Sweet! This is a great addition for all OpenStack devs! -- Ed Leafe ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] Keystone Use Cases and User Stores
Happy Friday (hopefully it's friday when you get this...) As keystone is getting into a new baseline, we're actively going through the bug list and blueprints and re-assessing based on the updated codebase. As we're getting into the details, we want to try and stay as close to the road as possible with implementing features and making sure the features we implement are rock solid going forward. To support that, we are starting to gather use cases of the folks actively deploying and trying to use Keystone. If you're using Keystone, I'd like to encourage you to take a look at the wiki page: http://wiki.openstack.org/KeystoneUseCases and see if there are other use cases that you require for your deployment. With these use cases, and the topics that we are collecting for broader discussion at the Folsom summit (http://wiki.openstack.org/KeystoneFolsomSummitTopics), we are looking to build out blueprints and prioritize work for the upcoming Folsom release. Thanks! -joe (heckj) ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Keystone Use Cases and User Stores
http://etherpad.openstack.org/keystone-domains -Original Message- From: openstack-bounces+jason.rouault=hp@lists.launchpad.net [mailto:openstack-bounces+jason.rouault=hp@lists.launchpad.net] On Behalf Of Joseph Heck Sent: Friday, February 17, 2012 12:59 PM To: OpenStack Mailing List Subject: [Openstack] Keystone Use Cases and User Stores Happy Friday (hopefully it's friday when you get this...) As keystone is getting into a new baseline, we're actively going through the bug list and blueprints and re-assessing based on the updated codebase. As we're getting into the details, we want to try and stay as close to the road as possible with implementing features and making sure the features we implement are rock solid going forward. To support that, we are starting to gather use cases of the folks actively deploying and trying to use Keystone. If you're using Keystone, I'd like to encourage you to take a look at the wiki page: http://wiki.openstack.org/KeystoneUseCases and see if there are other use cases that you require for your deployment. With these use cases, and the topics that we are collecting for broader discussion at the Folsom summit (http://wiki.openstack.org/KeystoneFolsomSummitTopics), we are looking to build out blueprints and prioritize work for the upcoming Folsom release. Thanks! -joe (heckj) ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp smime.p7s Description: S/MIME cryptographic signature ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Keystone Use Cases and User Stores
Thanks Jason - Thats already on our list of topics to discuss more broadly at the Folsom design summit (http://wiki.openstack.org/KeystoneFolsomSummitTopics). The etherpad has a great deal of detail, but I think it needs some conversation needs happen as to how it related to the RBAC discussions that we had the Essex design summit (etherpad at http://etherpad.openstack.org/canhaz). From your user stories, it's not entirely clear what a group concept is getting us that isn't already in tenant when you apply RBAC. I'd like to understand that better. Are you available on IRC to chat sometime? If it would be easier, I'd be happy to schedule it up as a topic of conversation in a future keystone IRC meeting. The next meeting (the 21st - http://wiki.openstack.org/Meetings/KeystoneMeeting), but I've added it to a talk list. Would you be available to chat on IRC on the 28th? -joe On Feb 17, 2012, at 12:28 PM, Rouault, Jason (Cloud Services) wrote: http://etherpad.openstack.org/keystone-domains -Original Message- From: openstack-bounces+jason.rouault=hp@lists.launchpad.net [mailto:openstack-bounces+jason.rouault=hp@lists.launchpad.net] On Behalf Of Joseph Heck Sent: Friday, February 17, 2012 12:59 PM To: OpenStack Mailing List Subject: [Openstack] Keystone Use Cases and User Stores Happy Friday (hopefully it's friday when you get this...) As keystone is getting into a new baseline, we're actively going through the bug list and blueprints and re-assessing based on the updated codebase. As we're getting into the details, we want to try and stay as close to the road as possible with implementing features and making sure the features we implement are rock solid going forward. To support that, we are starting to gather use cases of the folks actively deploying and trying to use Keystone. If you're using Keystone, I'd like to encourage you to take a look at the wiki page: http://wiki.openstack.org/KeystoneUseCases and see if there are other use cases that you require for your deployment. With these use cases, and the topics that we are collecting for broader discussion at the Folsom summit (http://wiki.openstack.org/KeystoneFolsomSummitTopics), we are looking to build out blueprints and prioritize work for the upcoming Folsom release. Thanks! -joe (heckj) ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] Keystone authentication
Good evening I have a question about Keystone. In the recent versions of NOVA, SWIFT and Glance we can only do authentication by Keystone ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Keystone Use Cases and User Stores
Groups are independent of tenants. A role reference can be used to link a group to a tenant, much like it currently links and individual user to a tenant. For example I could give all users in the Nova Basic Admin group the 'netadmin' role for Nova in tenant X. I will not be available on the 28th but Guang can attend. Jason -Original Message- From: Joseph Heck [mailto:he...@mac.com] Sent: Friday, February 17, 2012 1:45 PM To: Rouault, Jason (Cloud Services) Cc: OpenStack Mailing List Subject: Re: [Openstack] Keystone Use Cases and User Stores Thanks Jason - Thats already on our list of topics to discuss more broadly at the Folsom design summit (http://wiki.openstack.org/KeystoneFolsomSummitTopics). The etherpad has a great deal of detail, but I think it needs some conversation needs happen as to how it related to the RBAC discussions that we had the Essex design summit (etherpad at http://etherpad.openstack.org/canhaz). From your user stories, it's not entirely clear what a group concept is getting us that isn't already in tenant when you apply RBAC. I'd like to understand that better. Are you available on IRC to chat sometime? If it would be easier, I'd be happy to schedule it up as a topic of conversation in a future keystone IRC meeting. The next meeting (the 21st - http://wiki.openstack.org/Meetings/KeystoneMeeting), but I've added it to a talk list. Would you be available to chat on IRC on the 28th? -joe On Feb 17, 2012, at 12:28 PM, Rouault, Jason (Cloud Services) wrote: http://etherpad.openstack.org/keystone-domains -Original Message- From: openstack-bounces+jason.rouault=hp@lists.launchpad.net [mailto:openstack-bounces+jason.rouault=hp@lists.launchpad.net] On Behalf Of Joseph Heck Sent: Friday, February 17, 2012 12:59 PM To: OpenStack Mailing List Subject: [Openstack] Keystone Use Cases and User Stores Happy Friday (hopefully it's friday when you get this...) As keystone is getting into a new baseline, we're actively going through the bug list and blueprints and re-assessing based on the updated codebase. As we're getting into the details, we want to try and stay as close to the road as possible with implementing features and making sure the features we implement are rock solid going forward. To support that, we are starting to gather use cases of the folks actively deploying and trying to use Keystone. If you're using Keystone, I'd like to encourage you to take a look at the wiki page: http://wiki.openstack.org/KeystoneUseCases and see if there are other use cases that you require for your deployment. With these use cases, and the topics that we are collecting for broader discussion at the Folsom summit (http://wiki.openstack.org/KeystoneFolsomSummitTopics), we are looking to build out blueprints and prioritize work for the upcoming Folsom release. Thanks! -joe (heckj) ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp smime.p7s Description: S/MIME cryptographic signature ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Keystone authentication
On Fri, Feb 17, 2012 at 9:58 PM, Mahdi Njim njimma...@gmail.com wrote: In the recent versions of NOVA, SWIFT and Glance we can only do authentication by Keystone This should works nicely with the latest version (and probably earlier) of keystone (ie: master). Chmouel. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] cloud-init support for config-drive
Hey all, I recently (yesterday) added 'configdrive' support to cloud-init. The most recent daily builds of ubuntu 12.04 (precise) [1] should be able to take advantage of configdrive. I tried to document what I have at http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/configdrive/README I'd really like people to take it for a spin. From the code I've read, it looks like I need to setup multinic in order to get 'interfaces' file inserted, so I've not actually tested that path. I'm not sure how to configure multinic (and get nova command line to use '-nic' correctly). Anyway, the most recent cloud images at https://cloud-images.ubuntu.com/server/precise/current/ (after 20111216) have support baked in. Example of how to use it below. The goal is that you can now use cloud-init with configdrive and no EC2 metadata service. Please give it a try and let me know what you find. ## Now, 'ud_value' has same content of my-user-data file, but ## with the string USER_DATA FROM META KEY ## launch an instance with dsmode=pass ## This will really not use the configdrive for anything as the mode ## for the datasource is 'pass', meaning it will still expect some ## other data source (DataSourceEc2). $ nova boot --image=$img_id --config-drive=1 --flavor=$flav_id \ --key_name=$keyname \ --user_data=my-user-data \ --meta=instance-id=iid-001 \ --meta=user-data=${ud_keyval} \ --meta=dsmode=pass cfgdrive-dsmode-pass $ euca-get-console-output i-001 | grep USER_DATA echo USER_DATA FROM EC2 MD | tee /ud.log ## Now, launch an instance with dsmode=local ## This time, the only metadata and userdata available to cloud-init ## are on the config-drive $ nova boot --image=$img_id --config-drive=1 --flavor=$flav_id \ --key_name=$keyname \ --user_data=my-user-data \ --meta=instance-id=iid-001 \ --meta=user-data=${ud_keyval} \ --meta=dsmode=local cfgdrive-dsmode-local $ euca-get-console-output i-002 | grep USER_DATA echo USER_DATA FROM META KEY | tee /ud.log ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] Required services on compute node
What are the services one need to run on a compute node? I have a controller which runs all the services as specified in devstack and since I am running quantum with openvswitch I have also added q-svc and q-agt to this node. Now I need to start a second node which will be only a compute node. devstack documentation says one need the following services: ENABLED_SERVICES=n-cpu,n-net,n-api,n-vol Is this correct? I thought all I need to run on the second node is n-cpu and q-agt. What are the required services? If I run the n-cpu and q-agt my n-cpu crashes and the crash seems to be related to not having a connection to the mysql server on the controller node. I assume i do not need a mysql server on the compute node. Is this correct? Any help is much appreciated. Thanks.___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
[Openstack] OpenStack Community Newsletter –February 17, 2012
HIGHLIGHTS * TryStack.org – A Sandbox for OpenStack is live http://www.openstack.org/blog/2012/02/trystack-org-a-sandbox-for-openstack/ * The brand new API reference website http://api.openstack.org/ * SoftLayer announced its Object Storage product built on OpenStack Swift http://blog.softlayer.com/2012/softlayer-openstack-swift-softlayer-object-storage/ * Action needed: OpenStack Governance Elections http://www.openstack.org/blog/2012/02/openstack-governance-elections-spring-2012/ * Setting up the OpenStack Foundation: video of the meetup in Santa Clara http://www.collierclan.net/mark/?p=425 * A draft for the Foundation’s structure is up for discussion http://lists.openstack.org/pipermail/foundation/2012-February/000134.html * Last days to answer the Call for speaker for OpenStack Conference http://www.openstack.org/conference/san-francisco-2012/speakers/ * Book your room for the week https://resweb.passkey.com/go/DRAC2012 EVENTS FLOSSTalk Kosovo Feb 22, 2012 – UNICEF Innovations Lab Kosovo in Prishtina, Kosovo http://www.flossk.org/en/blog/flosstalk-arturo-suarez-openstack OpenStack Spring 2012 Design Summit Apr 16 – 18 and Conference Apr 19-20 – San Francisco, California http://openstack.org/conference/ OTHER NEWS * Under the hood of Swift: the Ring (by Mirantis) http://www.openstack.org/blog/2012/02/1997/ * DNS management system for OpenStack (by Grid Dynamics) http://openstackgd.wordpress.com/2012/02/17/dns-for-openstack/ * OpenStack Wiki Recent Changes – http://wiki.openstack.org/RecentChanges * New report to track changes only in main branch http://wiki.openstack.org/CommunityMetrics/Code * OpenStack sprint at PyCon2012 http://wiki.openstack.org/Sprints/PyCon2012 * How to update the Corporate Copyright License Agreement http://wiki.openstack.org/HowToUpdateCorporateCLA * Documentation Day, March 6th http://wiki.openstack.org/Documentation/DocDay * Documentation HowTo http://wiki.openstack.org/Documentation/HowTo * Getting Started with OpenStack in Japanese http://wiki.openstack.org/GettingStarted/ja * Project meeting summary http://eavesdrop.openstack.org/meetings/openstack-meeting/2012/openstack-meeting.2012-02-14-21.00.html COMMUNITY STATISTICS * Activity on the main branch of OpenStack repositories, lines of code added and removed per developer during week 6 of 2012 (from Mon Feb 06 00:00:00 UTC 2012 to Mon Feb 13 00:00:00 UTC 2012) Changes to Horizon project week 06 2012 Changes to Horizon project week 06 2012 Changes to Swift project week 06 2012 Changes to Swift project week 06 2012 Changes to Manuals project week 06 2012 Changes to Manuals project week 06 2012 Changes to Keystone project week 06 2012 Changes to Keystone project week 06 2012 Changes to Quantum project week 06 2012 Changes to Quantum project week 06 2012 Changes to Glance project week 06 2012 Changes to Glance project week 06 2012 Changes to Nova project week 06 2012 Changes to Nova project week 06 2012 This weekly newsletter is a way for the community to learn about all the various activities occurring on a weekly basis. If you would like to add content to a weekly update or have an idea about this newsletter, please leave a comment. http://www.openstack.org/blog/2012/02/community-weekly-review-feb-10-17/ ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] Creating boot-from-volume capable image and volume
Hey Tomoe, - a launched instance cannot go outside the world and failed to get the cirros image with floating ip. For this to work, the floating ip range defined by FLOATING_RANGE have to be configured on your network. An easy solution for this is to set FLOATING_RANGE as some unused ips in your host network (like FLOATING_RANGE= 192.168.2.196/30). - I had to go inside nova-compute session to enter password for executing guestmount and fusermount with sudo. Hmm, this doesn't happen for me. If it is reproducible, perhaps open a bug describing the repro steps? As for creating a bootable volume through an api. Is it that you'd want to do something like: nova bootable-volume-create --instance_id=x # That would create a bootable volume based on an image Or: nova bootable-volume-create --image_id=x # Create a bootable volume from an image Those are of course imaginary calls - just trying to get a feel for what you think would be most useful. A So, I made some changes with the patch below and got it working. midokura@midokura-iMac:~/git/devstack.forked/exercises$ diff -u boot_from_volume_new-8fe133bebcd90fa94c7a1d12c00b3f2cca18a35c.sh bfv.sh --- boot_from_volume_new-8fe133bebcd90fa94c7a1d12c00b3f2cca18a35c.sh 2012-02-11 05:49:08.0 +0900 +++ bfv.sh 2012-02-14 14:30:44.233636001 +0900 @@ -99,13 +99,13 @@ fi # Add floating ip to our server -nova add-floating-ip $VM_UUID $FLOATING_IP +#nova add-floating-ip $VM_UUID $FLOATING_IP # Test we can ping our floating ip within ASSOCIATE_TIMEOUT seconds -if ! timeout $ASSOCIATE_TIMEOUT sh -c while ! ping -c1 -w1 $FLOATING_IP; do sleep 1; done; then -echo Couldn't ping server with floating ip -exit 1 -fi +#if ! timeout $ASSOCIATE_TIMEOUT sh -c while ! ping -c1 -w1 $FLOATING_IP; do sleep 1; done; then +#echo Couldn't ping server with floating ip +#exit 1 +#fi # Create our volume nova volume-create --display_name=$VOL_NAME 1 @@ -116,6 +116,9 @@ exit 1 fi +# get private ip +IP=$(nova show $VM_UUID |grep priv | awk -F '|' '{print $3}'|sed -e 's/ //') + # FIXME (anthony) - python-novaclient should accept a volume_id for the attachment param DEVICE=/dev/vdb VOLUME_ID=`nova volume-list | grep $VOL_NAME | cut -d '|' -f 2 | tr -d ' '` @@ -131,7 +134,7 @@ # To do this, ssh to the builder instance, mount volume, and build a volume-backed image. STAGING_DIR=/tmp/stage CIRROS_DIR=/tmp/cirros -ssh -o StrictHostKeyChecking=no -i $KEY_FILE cirros@$FLOATING_IP EOF +ssh -o StrictHostKeyChecking=no -i $KEY_FILE cirros@$IP EOF set -o errexit set -o xtrace sudo mkdir -p $STAGING_DIR @@ -177,16 +180,16 @@ sleep 1 # Add floating ip to our server -nova add-floating-ip $VOL_VM_UUID $FLOATING_IP +#nova add-floating-ip $VOL_VM_UUID $FLOATING_IP # Test we can ping our floating ip within ASSOCIATE_TIMEOUT seconds -if ! timeout $ASSOCIATE_TIMEOUT sh -c while ! ping -c1 -w1 $FLOATING_IP; do sleep 1; done; then -echo Couldn't ping volume-backed server with floating ip -exit 1 -fi +#if ! timeout $ASSOCIATE_TIMEOUT sh -c while ! ping -c1 -w1 $FLOATING_IP; do sleep 1; done; then +#echo Couldn't ping volume-backed server with floating ip +#exit 1 +#fi # Make sure our volume-backed instance launched -ssh -o StrictHostKeyChecking=no -i $KEY_FILE cirros@$FLOATING_IP EOF +ssh -o StrictHostKeyChecking=no -i $KEY_FILE cirros@$IP EOF echo success! EOF @@ -206,7 +209,7 @@ nova delete $INSTANCE_NAME # De-allocate the floating ip -nova floating-ip-delete $FLOATING_IP +#nova floating-ip-delete $FLOATING_IP # Delete secgroup nova secgroup-delete $SECGROUP -- Hope this helps. Cheers, Tomoe On Sat, Feb 11, 2012 at 10:31 PM, Tomoe Sugihara to...@midokura.com wrote: Hi Anthony, Thanks for following it up. On Sat, Feb 11, 2012 at 2:58 PM, Anthony Young sleepsonthefl...@gmail.com wrote: On Fri, Feb 10, 2012 at 8:51 PM, Tomoe Sugihara to...@midokura.com wrote: Hi folks, Could someone tell me what is the right way to do boot-from-volume? Especially, how to create boot-from-volume capable image and volume? My understanding is that, since openstack API requires imageRef, we need to pass in both image and volume ids. I was actually playing with this today, and just put up a review that adds a devstack exercise to create and launch a bootable volume. It is true that --image is still required when booting from a volume - I have not investigated yet if that is a bug or a consequence of how boot-from-volume is implemented as an extension (which still may fall into the bug category). https://review.openstack.org/4044 Current servers API, which boot-from-volume inherits from, throws an exception when imageRef is missing: https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/servers.py#L646
Re: [Openstack] Required services on compute node
I think: using n-net if you set mutil_host in nova.conf using n-vol if you want use this node as a nova-volume service using n-api if you want mutil nova-api nodes not single On Sat, Feb 18, 2012 at 6:31 AM, Mohammad Banikazemi m...@us.ibm.com wrote: What are the services one need to run on a compute node? I have a controller which runs all the services as specified in devstack and since I am running quantum with openvswitch I have also added q-svc and q-agt to this node. Now I need to start a second node which will be only a compute node. devstack documentation says one need the following services: ENABLED_SERVICES=n-cpu,n-net,n-api,n-vol Is this correct? I thought all I need to run on the second node is n-cpu and q-agt. What are the required services? If I run the n-cpu and q-agt my n-cpu crashes and the crash seems to be related to not having a connection to the mysql server on the controller node. I assume i do not need a mysql server on the compute node. Is this correct? Any help is much appreciated. Thanks. ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- 非淡薄无以明志,非宁静无以致远 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp