CloudStack 4.2 源码搭建遇到问题
各位, 我在使用源码搭建4.2.0环境的时候(在windows下,使用Cygwin操作),在执行到最后一步:mvn -pl :cloud-client jetty:run 后遇到异常,服务能够启动,但是使用admin账号不能登录, 查找相关资料也没有找到解决方法,日志文件如下,求帮助,谢谢! INFO [utils.component.ComponentContext] (Timer-2:) Configuring com.cloud.upgrade.DatabaseIntegrityChecker_EnhancerByCloudStack_52a37170 INFO [utils.component.ComponentContext] (Timer-2:) Configuring com.cloud.server.ConfigurationServerImpl_EnhancerByCloudStack_e594231 INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Processing updateSSLKeyStore INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) SSL keystore located at F:\learn\cloudstack\client\target\cloud-client-ui-4.2.1-SNAPSHOT\WEB-INF\c lasses/cloudmanagementserver.keystore INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Stored SSL keystore to database. INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Processing updateKeyPairs INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Systemvm keypairs not found in database. Need to store them in the database WARN [utils.script.Script] (Timer-2:) Exception: /bin/bash -c if [ -f C:\Users\yh\.ssh\id_rsa.cloud ]; then rm -f C:\Users\yh\.ssh\id_rsa.cloud; fi; ssh- keygen -t rsa -N '' -f C:\Users\yh\.ssh\id_rsa.cloud -q java.io.IOException: Cannot run program /bin/bash: CreateProcess error=2, ? at java.lang.ProcessBuilder.start(ProcessBuilder.java:1042) at com.cloud.utils.script.Script.execute(Script.java:183) at com.cloud.utils.script.Script.runSimpleBashScript(Script.java:481) at com.cloud.utils.script.Script.runSimpleBashScript(Script.java:471) at com.cloud.server.ConfigurationServerImpl.updateKeyPairs(ConfigurationServerImpl.java:708) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:292) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:157) at com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(ComponentContext.java:111) at com.cloud.servlet.CloudStartupServlet$1.run(CloudStartupServlet.java:54) at java.util.TimerThread.mainLoop(Timer.java:555) at java.util.TimerThread.run(Timer.java:505) Caused by: java.io.IOException: CreateProcess error=2, ? at java.lang.ProcessImpl.create(Native Method) at java.lang.ProcessImpl.init(ProcessImpl.java:288) at java.lang.ProcessImpl.start(ProcessImpl.java:133) at java.lang.ProcessBuilder.start(ProcessBuilder.java:1023) ... 20 more ERROR [cloud.server.ConfigurationServerImpl] (Timer-2:) Cannot read the private key file java.io.FileNotFoundException: C:\Users\yh\.ssh\id_rsa.cloud (ϵͳ▒Ҳ▒▒▒ָ·) at java.io.FileInputStream.open(Native Method) at java.io.FileInputStream.init(FileInputStream.java:138) at com.cloud.server.ConfigurationServerImpl.updateKeyPairs(ConfigurationServerImpl.java:712) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:292) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:157) at com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(ComponentContext.java:111) at com.cloud.servlet.CloudStartupServlet$1.run(CloudStartupServlet.java:54) at java.util.TimerThread.mainLoop(Timer.java:555) at java.util.TimerThread.run(Timer.java:505) Exception in thread Timer-2 com.cloud.utils.exception.CloudRuntimeException: Cannot read the private key file at com.cloud.server.ConfigurationServerImpl.updateKeyPairs(ConfigurationServerImpl.java:716) at com.cloud.server.ConfigurationServerImpl_EnhancerByCloudStack_e594231.CGLIB$updateKeyPairs$14(generated) at com.cloud.server.ConfigurationServerImpl_EnhancerByCloudStack_e594231_FastClassByCloudStack_344edf9f.invoke(generated) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl_EnhancerByCloudStack_e594231.updateKeyPairs(generated) at
Re: CloudStack 4.2 源码搭建遇到问题
Cannot read the private key file java.io.FileNotFoundException: C:\Users\yh\.ssh\id_rsa.cloud 好好研究这两句话 2013/11/13 yuhui yu...@inspur.com 各位, 我在使用源码搭建4.2.0环境的时候(在windows下,使用Cygwin操作),在执行到最后一步:mvn -pl :cloud-client jetty:run 后遇到异常,服务能够启动,但是使用admin账号不能登录, 查找相关资料也没有找到解决方法,日志文件如下,求帮助,谢谢! INFO [utils.component.ComponentContext] (Timer-2:) Configuring com.cloud.upgrade.DatabaseIntegrityChecker_EnhancerByCloudStack_52a37170 INFO [utils.component.ComponentContext] (Timer-2:) Configuring com.cloud.server.ConfigurationServerImpl_EnhancerByCloudStack_e594231 INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Processing updateSSLKeyStore INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) SSL keystore located at F:\learn\cloudstack\client\target\cloud-client-ui-4.2.1-SNAPSHOT\WEB-INF\c lasses/cloudmanagementserver.keystore INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Stored SSL keystore to database. INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Processing updateKeyPairs INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Systemvm keypairs not found in database. Need to store them in the database WARN [utils.script.Script] (Timer-2:) Exception: /bin/bash -c if [ -f C:\Users\yh\.ssh\id_rsa.cloud ]; then rm -f C:\Users\yh\.ssh\id_rsa.cloud; fi; ssh- keygen -t rsa -N '' -f C:\Users\yh\.ssh\id_rsa.cloud -q java.io.IOException: Cannot run program /bin/bash: CreateProcess error=2, ? at java.lang.ProcessBuilder.start(ProcessBuilder.java:1042) at com.cloud.utils.script.Script.execute(Script.java:183) at com.cloud.utils.script.Script.runSimpleBashScript(Script.java:481) at com.cloud.utils.script.Script.runSimpleBashScript(Script.java:471) at com.cloud.server.ConfigurationServerImpl.updateKeyPairs(ConfigurationServerImpl.java:708) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:292) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:157) at com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(ComponentContext.java:111) at com.cloud.servlet.CloudStartupServlet$1.run(CloudStartupServlet.java:54) at java.util.TimerThread.mainLoop(Timer.java:555) at java.util.TimerThread.run(Timer.java:505) Caused by: java.io.IOException: CreateProcess error=2, ? at java.lang.ProcessImpl.create(Native Method) at java.lang.ProcessImpl.init(ProcessImpl.java:288) at java.lang.ProcessImpl.start(ProcessImpl.java:133) at java.lang.ProcessBuilder.start(ProcessBuilder.java:1023) ... 20 more ERROR [cloud.server.ConfigurationServerImpl] (Timer-2:) Cannot read the private key file java.io.FileNotFoundException: C:\Users\yh\.ssh\id_rsa.cloud (ϵͳ▒Ҳ▒▒▒ָ·) at java.io.FileInputStream.open(Native Method) at java.io.FileInputStream.init(FileInputStream.java:138) at com.cloud.server.ConfigurationServerImpl.updateKeyPairs(ConfigurationServerImpl.java:712) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:292) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:157) at com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(ComponentContext.java:111) at com.cloud.servlet.CloudStartupServlet$1.run(CloudStartupServlet.java:54) at java.util.TimerThread.mainLoop(Timer.java:555) at java.util.TimerThread.run(Timer.java:505) Exception in thread Timer-2 com.cloud.utils.exception.CloudRuntimeException: Cannot read the private key file at com.cloud.server.ConfigurationServerImpl.updateKeyPairs(ConfigurationServerImpl.java:716) at com.cloud.server.ConfigurationServerImpl_EnhancerByCloudStack_e594231.CGLIB$updateKeyPairs$14(generated) at com.cloud.server.ConfigurationServerImpl_EnhancerByCloudStack_e594231_FastClassByCloudStack_344edf9f.invoke(generated) at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at
Re: CloudStack 4.3功能前瞻
1. 建立LXC的Cluster时提示找不到对应的Resource Manager 2. 在Wiki页上,6月底未提交到Master上的Feature有LXC,当时应该有4.2 Branch了: https://cwiki.apache.org/confluence/display/CLOUDSTACK/LXC+Support+in+Cloudstack 2013/11/13 Du Jun dj199...@gmail.com Hi, 你从哪里得知CS4.2不支持LXC? 在 2013年11月13日下午2:57,Gavin Lee gavin@gmail.com写道: Sorry,实测4.2应该还不支持LXC,虽然安装文档有写。 2013/11/13 Gavin Lee gavin@gmail.com LXC支持的。 对象存储不适合做VM Instance的存储吧? 2013/11/12 Du Jun dj199...@gmail.com LXC支持吗? 在 2013年11月12日下午9:46,helloqiner helloqi...@163.com写道: 为什么一级存储不支持对象存储呢? helloqiner 发件人: linux...@gmail.com 发送时间: 2013-11-12 16:00 收件人: cloudstack-users-cn 主题: CloudStack 4.3功能前瞻 摘自 http://www.cloudstack-china.org/2013/11/2702.html 今天CloudStack 4.3已经Feature Freeze了,不会再有新功能加入到这个版本里。我们也可以坐下来看看哪些功能是值得期待的。首先,4.3的UI也秉承扁平化设计,看着更加简洁清爽。见下图: 接下来我们从CloudStack4.3的设计文档出发,来了解一下这个版本的功能有哪些。 1. 数据库的高可用性 当前CloudStack的数据库的备份方案基本上是使用Mysql的backup-standby方案,同时只会有一个DB是激活状态,如果遇到问题, 需要切换到备份服务器,主数据库的稳定性尤其重要。而数据库的高可用则是想达到“双活”的数据库群集效应,也就是同时有多个数据库是主控的。在经过一系列 调研后,从MariaDB, Percona Xtra DB, SkySql和Mysql中选择使用Mysql的双活设置。Mysql的双向复制需要在连接器上配置在Mysql集群中主控服务器宕机后,从Slave服 务器上读写数据,因此相应的管理端的程序要做相应改变。 由于数据库相对稳定,并且当前大多数部署规模单节点数据库服务器的I/O都足够应付,而数据库的备份也有相应方案避免数据丢失,新的数据库HA在公有云或企业内部私有云上都会有需求,不过这会增加管理服务器的复杂性,所以我认为这个功能期待指数三星半。 2. 动态调整计算资源方案 我经常被问到一个事情:从模板创建的虚机能否将系统盘(根卷)进行扩展? 之前的回答也一直是不可以。在4.3中,用户创建虚机时不仅可以对根卷进行扩展,还能指定任意的CPU和内存的数量,这比从管理员提前预置的计算方案里选 择要灵活的多,这个功能不管是在私有云还是公有云都有广泛的需求。中国用户也特别喜欢类似阿里云的根据一定的步长任意设置各种资源的公有云自服务门户。不 过从设计文档来看,网络带宽还没法任意设置,估计要等以后版本了。 这个功能很适用,尤其是扩充根卷,这样在制作模板的时候就可以尽可能地小了,当然任意指定CPU和内存也是相当受欢迎的,综合评定这个功能很期待。 3. 客户虚机支持GPU/vGPU 现在的物理服务器都有强大的显卡,特别是一些图形工作站的机器,甚至比CPU的计算能力还强,因此,如果可以利用显卡的GPU进行计算,那将会极大的提高 资源的利用率。另一方面,很多应用对于显示的要求都比较高,比如PhotoShop,AutoCAD以及一些3D游戏等,这些应用很多也都可以在虚机里运 行,只是很难达到物理机上的效果。为了使性能有所提升,让虚机跳过Hypervisor直连GPU是个不错的想法。 GPU也属于计算资源,它不像CPU那样,可以超配;也就是说一个拥有4个GPU模块的主机,同时只能为其上的4个虚机提供GPU直连服务。另外,GPU 编程还是比较复杂的,这里需要Hypervisor的支持,此功能目前在设计里也只会支持XenServer。要使用的朋友还是要特别留意一下。如果考虑 CloudStack本身的服务器虚拟化而非桌面虚拟化的特性,这种应用上的需求应该不是很广泛。 4. Hyper-V Server 2012的支持 Hyper-V是微软的虚拟化技术,记得早在CloudStack4.0版本时期就是要支持Hyper-V,根据国内Hyper-V的市场占有情况,这个 功能在当时也是非常期待的。但开源就是这样,由于种种原因,这个功能一直到4.2版本里也没能支持。在解决了集成API的许可问题后,目前来看4.3是很 有可能支持Hyper-V了。 CloudStack对于Hyper-V的支持将会采用与KVM Agent类似的方式,通过WMI来与Hyper-V主机通信,从而控制虚拟机。应该来说新的Hypervisor的支持都是一个很大的功能模块,它要考 虑整个云平台各Hypervisor的能用功能,还要考虑各个Hypervisor自身的功能特点,这包括网络和存储的功能及硬件的支持。不管怎么说,如 果CloudStack能支持Hyper-V并稳定运行,那对于它自己无疑是个巨大的加分。相信很多基于CloudStack的ISV都在等待这个功能。 5. KVM支持Linux本地VxLAN CloudStack中高级资源域通常使用VLAN进行隔离(虽然4.2版本以后也支持安全组);VLAN的硬伤是协议本身的限制:=4095的 VLAN ID。那么当为了隔离每个账户使用一个VLAN ID时,一个资源域最多的账户数就有极大的限制;而实际上你能使用的VLAN ID要远小于4095,因为如果真的配置交换机4095个VLAN,那它将疲于奔命。一般情况下,一个数据中心等同于一个资源域,可想而知,大规模部署 VLAN的限制问题将会显现。VxLAN就是在这个背景下应运而生的。你可以认为VxLAN是VLAN在二层的基础上对报文进行UDP的封装;它最多可支 持超过1600万个隔离网络,这在一个数据中心里应该是足够用了。由于NTT一直在使用CloudStack,他们这种规模的公司对于VxLAN是有迫切 的需求的,因此他们的工程师完成了VxLAN的功能并贡献给Apache社区。其功能的实现上也于VLAN相似。在添加资源域时网络设置使用VXLAN隔 离来宾网络,在设置来宾网络vNet(相当于VLAN ID)范围时,也不用考虑4095的限制。 由于这个功能是CloudStack的一个功能,它不依赖于像Nexus 1000v这样支持VxLAN的设备,所以这个功能需要Hypervisor的支持。CloudStack4.3只会先针对KVM的Hypervisor 支持这个功能,并且Linux的Kernel版本要高于3.7;在配置KVM主机是要使用Linux本地的Birdge而非Open vSwitch。由于这些限制,这些功能在4.3里使用应该还是有点复杂度,给四星。 6. 增强的系统虚拟机升级策略 系统虚拟机在CloudStack里扮演重要角色,从功能上讲,系统虚拟机分成二级存储系统虚机,控制台系统虚机以及虚拟路由器;它们分别用来完成模板、 镜像、ISO的下载,基于Web的虚机控制台和客户虚机的网络功能。对于不同的Hypervisor,系统虚机的模板不同,但同一个模板可以配置成不同的 角色来完成上述三种虚机的功能。如果是小规模的部署,由于系统虚机无状态的特性,可以上传新的模板,破坏掉当前的系统虚拟机,它会自动重建。当然整个过程 不仅较慢,且问题时有发生;也没有很好的指导文档或常见问题说明。试想大型生产环境里更新系统虚机特别是虚拟路由器还是挺有风险的,因为用户的服务会中 断,不是逼不得已不会有人想这么做。4.3里将提供新的API用于系统虚机模板的升级,你只要提供相应的信息,要升级的资源域,等信息即可。 由于 本身系统虚机是一个相对稳定的单位,从以往来看CloudStack的升级伴随需要系统虚机的升级并不多(4.0到4.2之间的变化需要升级系统虚机),这个功能应该不会有太多人用到。评定三星半。 7. 重构测试框架Marvin 如果大家知道Apache CloudStack的吉祥物:踩在云中的猴子,知道Cloudmonkey;那么对于Marvin应该不陌生。Cloudmonkey强大的功能是基于 Marvin实现的,Marvin是CloudStack里用Python实现的测试框架,包括完整的API封装并完成相应的单元测试。这个功能的重构与 稍后提到的Spring模块化相关。对于API的测试是整个框架的核心,新的设计将采用XML/JSON的方式定义API的发送和响应,针对每个API, 可以用单独的一组发送/接收脚本处理,这也体现的模块化的思想。另外一个功能是异常和断言,计划使用DSL的形式,由于本人对DSL不了解,无法给出更详 细的说明,感兴趣的朋友可以在wiki上查找一下:Domain Specification Language。不从事CloudStack开发的人对这部分内容可以忽略。 8. 迁移NFS二级存储到对象存储上 在CloudStack4.2上已经支持使用对象存储Amazon S3或OpenStack Swift作为二级存储,对整个云环境提供模板,快照和ISO的服务。CloudStack在设计上也尽量保证与Amazon EC2/S3在API上的兼容,以便企业客户可以无缝地从Amazon转到CloudStack。但是当时缺少一个方便的功能:如何将现有客户环境从 NFS二级存储迁到对象存储上。这个功能的基本思路是NFS二级存储与对象存储共同存在,新的资源(包括快照,模板等)都会在对象存储上创建;只有读和删 除操作会在NFS二级存储中执行,模板,卷的复制也只会在对象存储上,这样就保证二级存储在资源域的范围内,而对象存储是整个云环境。这样,存储在对象存 储的模板,快照等,将不需要跨资源域的复制功能。 国内对于Amazon的使用并不普遍,对象存储目前也都是在试水阶段,用户使用对象存储的话要单独配置。在4.3里,并没有提供将NFS二级存储的所有内 容迁移到对象存储的功能,也就是说,用户还是需要乃至NFS的二级存储。对于很大规模的部署,可以考虑一下,对于小规模的建议还是不要等待这个功能。 9.
Re: cloudstack的lxc特性
https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=aa79ccf 倒是有一些修改了,不过还没实测过。 在 2013年11月13日下午2:09,Gavin Lee gavin@gmail.com写道: 另一封邮件回你了。实测也是无法添加LXC的集群,Wiki上也说这个Feature没有Commit到Master上(6月底) 2013/11/13 Du Jun dj199...@gmail.com Hi, 我看安装文档声称是支持LXC,不过实践过程中发现一直创建不了instance。你说4.2不支持LXC,有具有说服力的依据吗? -- Best regards, Frank 在 2013年11月13日下午2:56,Gavin Lee gavin@gmail.com写道: 你用的什么版本的CloudStack? 最新Release的4.2的还不支持LXC。 2013/11/8 Du Jun dj199...@gmail.com 大家有使用lxc作为cloudstack的hypervisor来部署cloudstack并成功创建系统虚拟机吗?有的话出来交流下吧。我系统虚拟机模版已经下好了,卡在创建系统虚拟机这一步。 -- Gavin -- Gavin
回复: Re: 有关apikey和secretkey的问题,请帮忙解决
当然是利用SQL查询获取的。 有人说数据库里存的secretkey是经过编码的,而且我也往这方面想过。只是通过追踪源代码的执行,我没能找到具体的源码位置,因为也就不能确定到底是通过什么方法进行编解码的 evanitsharp 发件人: 刘洋 发送时间: 2013-11-14 11:50 收件人: users-cn; evanitsharp 主题: Re:回复: Re: 有关apikey和secretkey的问题,请帮忙解决 数据库是怎么获取的? 在 2013-11-14 10:38:17,evanitsharp evanitsh...@gmail.com 写道: 数据库获取的是:rS/gpVn9SvbhVjjFBtC2zo0Ue2pYTvgaf24gyIzzC4r4LXNxm7djo5desZMsBoPtfH0fVsJw9yq5NYpRgAAiXlZdiY9q4zEL5tjB+yE50p2EQSkLJ6KqsojrQ+uOMrwj 调用API获取的是:2hjBSbXyOzUJ495PbSN1M4eM-ppYd9z3sKnJxUMEVovLHwJ9MVtg6bmriB1IVaMx213UFgtYkfs-v7s4s1WIDA evanitsharp 发件人: Du Jun 发送时间: 2013-11-14 09:44 收件人: users-cn; evanitsharp 主题: Re: 有关apikey和secretkey的问题,请帮忙解决 从数据库读取的SecretKey是什么? 调用API获取的又是什么? 在 2013年11月14日上午8:54,evanitsharp evanitsh...@gmail.com写道: CloudStack4.0.2中直接从数据库读取的SecretKey和调用API(listUsers)获取的为什么不一样呢? evanitsharp
Re: 有关apikey和secretkey的问题,请帮忙解决
数据库里面的值是用dbkey加密的。可以这样来解密 java -classpath /usr/share/cloudstack-common/lib/jasypt-1.9.0.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh password=(dbkey) input=(secretkey in db) 如果不记得dbkey,可以用management key(/etc/cloudstack/management/key)来解密 java -classpath /usr/share/cloudstack-common/lib/jasypt-1.9.0.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh password=(mgtkey) input=(db.cloud.encrypt.secret in db.properties) cloudstack使用的是PBEWithMD5AndDES进行加密解密,所以不是一定要用java命令行,各种编程语言都有对应的加密解密函数。 在 2013年11月14日上午1:54,evanitsharp evanitsh...@gmail.com写道: CloudStack4.0.2中直接从数据库读取的SecretKey和调用API(listUsers)获取的为什么不一样呢? evanitsharp
回复: Re: 有关apikey和secretkey的问题,请帮忙解决
谢谢各位,问题已解决^ ^ evanitsharp 发件人: Wei ZHOU 发送时间: 2013-11-14 14:55 收件人: users-cn; evanitsharp 主题: Re: 有关apikey和secretkey的问题,请帮忙解决 数据库里面的值是用dbkey加密的。可以这样来解密 java -classpath /usr/share/cloudstack-common/lib/jasypt-1.9.0.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh password=(dbkey) input=(secretkey in db) 如果不记得dbkey,可以用management key(/etc/cloudstack/management/key)来解密 java -classpath /usr/share/cloudstack-common/lib/jasypt-1.9.0.jar org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh password=(mgtkey) input=(db.cloud.encrypt.secret in db.properties) cloudstack使用的是PBEWithMD5AndDES进行加密解密,所以不是一定要用java命令行,各种编程语言都有对应的加密解密函数。 在 2013年11月14日上午1:54,evanitsharp evanitsh...@gmail.com写道: CloudStack4.0.2中直接从数据库读取的SecretKey和调用API(listUsers)获取的为什么不一样呢? evanitsharp
请教高手,添加来宾网络的时候,网络域是干什么用的?另外ISO模板中的密钥和值是干什么用的?
2013-11-14 toudsf
Re: Problems with Secondary Storage on Cloudstack 4.2
Sughand, By the looks of that output the secondary storage machine doesn't export the location of the secondary storage. Another possibility is that no firewall is blocking nfs. go to the secondary storage machine and try to ping your ssvm. regards On Wed, Nov 13, 2013 at 11:38 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, Thanks for replying. This is a problem that I am facing. When I look at secondary storage on the dashboard, it shows 0.00/0.00 KB and at other times it shows that it is completely full. Moreover, I am also not able to upload anything to the templates/iso section which, if I am correct, goes to secondary storage. In primary storage, I can see that there are some directories and files that have been created, which indicates that cloudstack can interact with primary storage. If both, primary and secondary storage, are on the same server then what could be the reason that cloudstack is not able to communicate properly with secondary storage? Here is the output of ssvm-check.sh - http://pastebin.com/c6vq2Y3N Many thanks, Sugandh. On 09.11.2013 18:48, Daan Hoogland wrote: Sugandh, Is this a problem, or are you wondering how come? It seams to me that secondary storage does not have to be mounted all the time only when templates or snapshots need copying over. regards, Daan On Fri, Nov 8, 2013 at 11:01 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Hello, I am having some issues with Secondary storage on Cloudstack 4.2. My setup is as follows: 1) Both the management server and hypervisor host are on the same system, which is running Ubuntu 12.04, and is assigned an IP 10.208.67.86. 2) Another system which is also running Ubuntu 12.04 is serving as both primary storage and secondary storage and has an IP 10.208.66.162. My problem is that when I run mount on management server, I can only see my primary storage mounted. I'd really appreciate any help. Thanks ahead, Sugandh
Re: Problems with Secondary Storage on Cloudstack 4.2
you wrote earlier that both primary and secondary are on this server. Is one export and the other home/sugandh/cloudnfs? On Wed, Nov 13, 2013 at 11:59 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, I am able to ping nfs server from the ssvm. I have exported a directory within my home directory as an nfs share for secondary storage, could this be a problem? These re the permissions for secondary storage directory: sugandh@sugandh-desktop:~$ ls -l |grep cloud drwxrwxrwx 3 nobody nogroup 4096 Nov 8 10:59 cloudnfs and this is my /etc/exports file: sugandh@sugandh-desktop:~$ cat /etc/exports # /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # # Example for NFSv4: # /srv/nfs4gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /home/sugandh/cloudnfs *(rw,async,no_root_squash,no_subtree_check) /export *(rw,async,no_root_squash,no_subtree_check) Best, Sugandh On 13.11.2013 16:17, Daan Hoogland wrote: Sughand, By the looks of that output the secondary storage machine doesn't export the location of the secondary storage. Another possibility is that no firewall is blocking nfs. go to the secondary storage machine and try to ping your ssvm. regards On Wed, Nov 13, 2013 at 11:38 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, Thanks for replying. This is a problem that I am facing. When I look at secondary storage on the dashboard, it shows 0.00/0.00 KB and at other times it shows that it is completely full. Moreover, I am also not able to upload anything to the templates/iso section which, if I am correct, goes to secondary storage. In primary storage, I can see that there are some directories and files that have been created, which indicates that cloudstack can interact with primary storage. If both, primary and secondary storage, are on the same server then what could be the reason that cloudstack is not able to communicate properly with secondary storage? Here is the output of ssvm-check.sh - http://pastebin.com/c6vq2Y3N Many thanks, Sugandh. On 09.11.2013 18:48, Daan Hoogland wrote: Sugandh, Is this a problem, or are you wondering how come? It seams to me that secondary storage does not have to be mounted all the time only when templates or snapshots need copying over. regards, Daan On Fri, Nov 8, 2013 at 11:01 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Hello, I am having some issues with Secondary storage on Cloudstack 4.2. My setup is as follows: 1) Both the management server and hypervisor host are on the same system, which is running Ubuntu 12.04, and is assigned an IP 10.208.67.86. 2) Another system which is also running Ubuntu 12.04 is serving as both primary storage and secondary storage and has an IP 10.208.66.162. My problem is that when I run mount on management server, I can only see my primary storage mounted. I'd really appreciate any help. Thanks ahead, Sugandh
Multiple simultaneous tasks in vCenter
Hi, We use VMware for our hypervisor layer and run 4.2.0. We've noticed that when a user creates a template from a volume, CloudStack creates a Exporting OVF template task in vCenter. This seems to stop any other commands from being issued into vCenter until this task has completed. Has anyone else seen this? Or have recommendations? Thanks, Sean
RE: External Loadbalancer
In an inline setup we only support F5 SRX combination. F5 will be behind SRX so F5 does not require any public IP configured. So no need to configure public interface with public vlan and IP address. -Original Message- From: BJO ERN [mailto:bjoern.tei...@gmail.com] Sent: Wednesday, November 13, 2013 1:17 PM To: users Subject: Re: External Loadbalancer Thanks Sanjeev for the Info. How would be the setup on an inline setup ? Public would move to the external firewall right ? On Tue, Nov 12, 2013 at 9:53 PM, Sanjeev Neelarapu sanjeev.neelar...@citrix.com wrote: Hi Bjoern, Public VLAN will not be configured by CS. Admin has to configure public vlan and assign one IP belongs to that vlan on F5 public interface manually. -Sanjeev -Original Message- From: BJO ERN [mailto:bjoern.tei...@gmail.com] Sent: Wednesday, November 13, 2013 8:22 AM To: users Subject: External Loadbalancer Hi Guys, who did setup a external load balancer in cloudstack ? I setup a F5 with an assigned network offering and finally got the guest VLAN/pool provisioning working. But I noticed that a public VLAN was not created on the F5, so how would the public traffic reach the device if not inline ? I basically ended up with a virtual IP (public) which does not belong to an VLAN on the F5 FYI, since we don't have a supported external firewall, I did not add the firewall feature to the network offering and was hoping we can put our firewall transparently in place (generally allowing port 80/443 as example) Bjoern
Cores from Multiple Physical Hosts in VM
Hi, Is it possible to do the below? Thank you. Answered by sgordon: It is my understanding that this is not currently possible, there was some discussion at the design summit (I think in the Libvirt driver roadmap session) about making the scheduler NUMA aware which would allow such configurations on hardware that supports NUMA but this is currently unimplemented. In reply to ephemeric's question: Cores from Multiple Physical Hosts in VM Tags: vcpus, aggregates, hosts, multiple, physical. Hi, Pardon my ignorance as I have never looked at cloud computing. Is it possible to create a VM and assign to it cores from multiple physical hosts for high vcpu numbers? We have the following problem: Splunk running 38 concurrent searches on a blade that only has 16 cores. By creating a VM and combining the cores from two blades, hence 32 vcpus in total somehow? I'm not sure if this is possible. Thank you. To change frequency, language and content of these alerts, please visit your user profilehttps://ask.openstack.org/en/users/2044/ephemeric/subscriptions/. If you believe that this message was sent in an error, please email about it the forum administrator at communitym...@openstack.org.
Re: Traditional Windows workloads and Cloudstack
Hi Junaid, On 13-Nov-2013, at 5:07 pm, Junaid Shahid shahid.jun...@gmail.com wrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. Add additional GigE links? :) So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) I would start with a capacity planning exercise and augment the network with additional NICs etc. Capacity planning is a must for any kind of workload. Regards. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: Problems with Secondary Storage on Cloudstack 4.2
I am starting to get lost here with you Sugandh, One last open pathway seams to be: Do you have a deamon running that has a default of no-recurse on exports? That would mean that paths below the export can't be mounted only the export itself. Can you test that? regards, On Wed, Nov 13, 2013 at 1:14 PM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, Yes. Primary is /export/primary and secondary is /home/sugandh/cloudnfs and both are on the same server. Best, Sugandh On 13.11.2013 16:49, Daan Hoogland wrote: you wrote earlier that both primary and secondary are on this server. Is one export and the other home/sugandh/cloudnfs? On Wed, Nov 13, 2013 at 11:59 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, I am able to ping nfs server from the ssvm. I have exported a directory within my home directory as an nfs share for secondary storage, could this be a problem? These re the permissions for secondary storage directory: sugandh@sugandh-desktop:~$ ls -l |grep cloud drwxrwxrwx 3 nobody nogroup 4096 Nov 8 10:59 cloudnfs and this is my /etc/exports file: sugandh@sugandh-desktop:~$ cat /etc/exports # /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # # Example for NFSv4: # /srv/nfs4gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /home/sugandh/cloudnfs *(rw,async,no_root_squash,no_subtree_check) /export *(rw,async,no_root_squash,no_subtree_check) Best, Sugandh On 13.11.2013 16:17, Daan Hoogland wrote: Sughand, By the looks of that output the secondary storage machine doesn't export the location of the secondary storage. Another possibility is that no firewall is blocking nfs. go to the secondary storage machine and try to ping your ssvm. regards On Wed, Nov 13, 2013 at 11:38 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, Thanks for replying. This is a problem that I am facing. When I look at secondary storage on the dashboard, it shows 0.00/0.00 KB and at other times it shows that it is completely full. Moreover, I am also not able to upload anything to the templates/iso section which, if I am correct, goes to secondary storage. In primary storage, I can see that there are some directories and files that have been created, which indicates that cloudstack can interact with primary storage. If both, primary and secondary storage, are on the same server then what could be the reason that cloudstack is not able to communicate properly with secondary storage? Here is the output of ssvm-check.sh - http://pastebin.com/c6vq2Y3N Many thanks, Sugandh. On 09.11.2013 18:48, Daan Hoogland wrote: Sugandh, Is this a problem, or are you wondering how come? It seams to me that secondary storage does not have to be mounted all the time only when templates or snapshots need copying over. regards, Daan On Fri, Nov 8, 2013 at 11:01 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Hello, I am having some issues with Secondary storage on Cloudstack 4.2. My setup is as follows: 1) Both the management server and hypervisor host are on the same system, which is running Ubuntu 12.04, and is assigned an IP 10.208.67.86. 2) Another system which is also running Ubuntu 12.04 is serving as both primary storage and secondary storage and has an IP 10.208.66.162. My problem is that when I run mount on management server, I can only see my primary storage mounted. I'd really appreciate any help. Thanks ahead, Sugandh
Re: Traditional Windows workloads and Cloudstack
Junaid, what did you set the the network rate to in the exchange service offering? Depending on your backend network setup for that offering you may get better results with setting it to a '0' for unlimited. On my internal CCP, our SQL servers service offering has network rate to '0' as I am using a 4 NIC LACP bond. just food for thought Todd On Wed, Nov 13, 2013 at 6:37 AM, Junaid Shahid shahid.jun...@gmail.comwrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) -- Regards, Junaid Shahid, TODO:__
Re: Traditional Windows workloads and Cloudstack
Thanks Shankar! But please enlighten me as to whether you have seen or heard of people using Shared primary storage for traditional Windows workloads? Or people prefer to use Local Disk for such use cases? I mean when we use these windows applications our cloud cannot even sustain 5 to 10 users using those applications (these could be email accounts or Lync accounts..) I mean 1 GigE link cannot match the speed of a enterprise SAS HDD, (a 72K rpm disk could have 6Gbps speed). Any thoughts? On Wed, Nov 13, 2013 at 5:24 PM, Shanker Balan shanker.ba...@shapeblue.comwrote: Hi Junaid, On 13-Nov-2013, at 5:07 pm, Junaid Shahid shahid.jun...@gmail.com wrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. Add additional GigE links? :) So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) I would start with a capacity planning exercise and augment the network with additional NICs etc. Capacity planning is a must for any kind of workload. Regards. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. -- Regards, Junaid Shahid, TODO:__
Re: Traditional Windows workloads and Cloudstack
Thanks Todd! Well I think the service offering is at 200Mbps.. Also I we are not using any link aggregation at all. Let me float these ideas to my team. Thanks for your feedback! On Wed, Nov 13, 2013 at 5:36 PM, Todd Pigram t...@toddpigram.com wrote: Junaid, what did you set the the network rate to in the exchange service offering? Depending on your backend network setup for that offering you may get better results with setting it to a '0' for unlimited. On my internal CCP, our SQL servers service offering has network rate to '0' as I am using a 4 NIC LACP bond. just food for thought Todd On Wed, Nov 13, 2013 at 6:37 AM, Junaid Shahid shahid.jun...@gmail.com wrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__
Re: Traditional Windows workloads and Cloudstack
Though I totally agree to your idea of going back to the drawing board and doing capacity planning for our target workload. Thanks! On Wed, Nov 13, 2013 at 5:40 PM, Junaid Shahid shahid.jun...@gmail.comwrote: Thanks Shankar! But please enlighten me as to whether you have seen or heard of people using Shared primary storage for traditional Windows workloads? Or people prefer to use Local Disk for such use cases? I mean when we use these windows applications our cloud cannot even sustain 5 to 10 users using those applications (these could be email accounts or Lync accounts..) I mean 1 GigE link cannot match the speed of a enterprise SAS HDD, (a 72K rpm disk could have 6Gbps speed). Any thoughts? On Wed, Nov 13, 2013 at 5:24 PM, Shanker Balan shanker.ba...@shapeblue.com wrote: Hi Junaid, On 13-Nov-2013, at 5:07 pm, Junaid Shahid shahid.jun...@gmail.com wrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. Add additional GigE links? :) So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) I would start with a capacity planning exercise and augment the network with additional NICs etc. Capacity planning is a must for any kind of workload. Regards. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__
Re: Traditional Windows workloads and Cloudstack
Are you really saturating you GigE link with only 5-10 users. It sounds like you may be running out of IOs, SQL is usually a very write intensive workload. Junaid Shahid shahid.jun...@gmail.com wrote: Thanks Todd! Well I think the service offering is at 200Mbps.. Also I we are not using any link aggregation at all. Let me float these ideas to my team. Thanks for your feedback! On Wed, Nov 13, 2013 at 5:36 PM, Todd Pigram t...@toddpigram.com wrote: Junaid, what did you set the the network rate to in the exchange service offering? Depending on your backend network setup for that offering you may get better results with setting it to a '0' for unlimited. On my internal CCP, our SQL servers service offering has network rate to '0' as I am using a 4 NIC LACP bond. just food for thought Todd On Wed, Nov 13, 2013 at 6:37 AM, Junaid Shahid shahid.jun...@gmail.com wrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__
Re: Traditional Windows workloads and Cloudstack
Yeah with 5-10 users only :) Also I think we don't have any write-cache (called ZILs in the ZFS lingo, I think) on the storage server too, so SQL would be even more problematic there.. On Wed, Nov 13, 2013 at 5:53 PM, Conrad Geiger cgei...@it1solutions.comwrote: Are you really saturating you GigE link with only 5-10 users. It sounds like you may be running out of IOs, SQL is usually a very write intensive workload. Junaid Shahid shahid.jun...@gmail.com wrote: Thanks Todd! Well I think the service offering is at 200Mbps.. Also I we are not using any link aggregation at all. Let me float these ideas to my team. Thanks for your feedback! On Wed, Nov 13, 2013 at 5:36 PM, Todd Pigram t...@toddpigram.com wrote: Junaid, what did you set the the network rate to in the exchange service offering? Depending on your backend network setup for that offering you may get better results with setting it to a '0' for unlimited. On my internal CCP, our SQL servers service offering has network rate to '0' as I am using a 4 NIC LACP bond. just food for thought Todd On Wed, Nov 13, 2013 at 6:37 AM, Junaid Shahid shahid.jun...@gmail.com wrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__
Re: Traditional Windows workloads and Cloudstack
The additional 5-10 users shouldn't be such an extreme load. How many Mbps were you using with the 5-10 users? I am trying to clarify if the SAN or the storage network is the bottleneck. In either case,as previous stated it does all go back to capacity/workload planning. I know this is getting beyond cloudstack, but on the ZFS box you can run 'zpool iostat -v' to see your IO and throughput averages. Be careful on the dedicated ZIL, it can quickly become a bottleneck if you don't purchase an SSD capably of the load. Junaid Shahid shahid.jun...@gmail.com wrote: Yeah with 5-10 users only :) Also I think we don't have any write-cache (called ZILs in the ZFS lingo, I think) on the storage server too, so SQL would be even more problematic there.. On Wed, Nov 13, 2013 at 5:53 PM, Conrad Geiger cgei...@it1solutions.comwrote: Are you really saturating you GigE link with only 5-10 users. It sounds like you may be running out of IOs, SQL is usually a very write intensive workload. Junaid Shahid shahid.jun...@gmail.com wrote: Thanks Todd! Well I think the service offering is at 200Mbps.. Also I we are not using any link aggregation at all. Let me float these ideas to my team. Thanks for your feedback! On Wed, Nov 13, 2013 at 5:36 PM, Todd Pigram t...@toddpigram.com wrote: Junaid, what did you set the the network rate to in the exchange service offering? Depending on your backend network setup for that offering you may get better results with setting it to a '0' for unlimited. On my internal CCP, our SQL servers service offering has network rate to '0' as I am using a 4 NIC LACP bond. just food for thought Todd On Wed, Nov 13, 2013 at 6:37 AM, Junaid Shahid shahid.jun...@gmail.com wrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__
Re: Traditional Windows workloads and Cloudstack
Yep, so we have specified a limit of 200Mbps in our service offering.. But again, I think windows workloads would work fine if the infrastructure is designed from the get go for such a use case. Thanks everybody for your feedback, I think I have got my answers. On Wed, Nov 13, 2013 at 6:15 PM, Conrad Geiger cgei...@it1solutions.comwrote: The additional 5-10 users shouldn't be such an extreme load. How many Mbps were you using with the 5-10 users? I am trying to clarify if the SAN or the storage network is the bottleneck. In either case,as previous stated it does all go back to capacity/workload planning. I know this is getting beyond cloudstack, but on the ZFS box you can run 'zpool iostat -v' to see your IO and throughput averages. Be careful on the dedicated ZIL, it can quickly become a bottleneck if you don't purchase an SSD capably of the load. Junaid Shahid shahid.jun...@gmail.com wrote: Yeah with 5-10 users only :) Also I think we don't have any write-cache (called ZILs in the ZFS lingo, I think) on the storage server too, so SQL would be even more problematic there.. On Wed, Nov 13, 2013 at 5:53 PM, Conrad Geiger cgei...@it1solutions.com wrote: Are you really saturating you GigE link with only 5-10 users. It sounds like you may be running out of IOs, SQL is usually a very write intensive workload. Junaid Shahid shahid.jun...@gmail.com wrote: Thanks Todd! Well I think the service offering is at 200Mbps.. Also I we are not using any link aggregation at all. Let me float these ideas to my team. Thanks for your feedback! On Wed, Nov 13, 2013 at 5:36 PM, Todd Pigram t...@toddpigram.com wrote: Junaid, what did you set the the network rate to in the exchange service offering? Depending on your backend network setup for that offering you may get better results with setting it to a '0' for unlimited. On my internal CCP, our SQL servers service offering has network rate to '0' as I am using a 4 NIC LACP bond. just food for thought Todd On Wed, Nov 13, 2013 at 6:37 AM, Junaid Shahid shahid.jun...@gmail.com wrote: Hi all, We are running a mixture of Windows and Linux VMs under different accounts on our cloud, that is based on CloudPlatform 3 (I know that it's a mailing list for ACS, but I still need your feedback so read on please :)). The Primary storage is based on iSCSI with GigE link, and Xen hyperviser. Now the problem is that whenever we run Windows OSes with applications like Exchange, Sharepoint and particularly MS Lync (that includes AD and MSSQL as pre-requisites..), the GigE link to Primary Storage becomes so congested that it affects the whole cloud environment. Nothing remains usable anymore, the performance of Linux VMs also is affected in the process. So what does your experience say, what should we do: 1) Segregate the Windows VMs to their own cluster and their own separate Primary storage. 2) Use local storage for the pre-cloud era traditional Windows workloads such as MS Exchange etc. 3) Is cloud environment feasible at all for Hosted Exchange and the like, as Local storage that runs on the speed of the motherboard back-plane, of course cannot be matched by a GigE link alone. Awaiting your valuable feedback all :) -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__ -- Regards, Junaid Shahid, TODO:__
Re: Unable to add host (clean 4.2.0 installation)
On Tue, Nov 12, 2013 at 8:35 PM, Nux! n...@li.nux.ro wrote: Are you sure you are giving the right password for root? http://www.cuantocabron.com/images/templates/kidding-me-template.jpg -- La Voluntad es el único motor de nuestros logros http://blog.ngen.com.ar/
Re: Unable to add host (clean 4.2.0 installation)
Aslo, check you resolv.conf. Maybe something is wrong in there... 2013/11/13 Carlos Miranda Molina (Mstaaravin) mstaara...@gmail.com On Tue, Nov 12, 2013 at 8:35 PM, Nux! n...@li.nux.ro wrote: Are you sure you are giving the right password for root? http://www.cuantocabron.com/images/templates/kidding-me-template.jpg -- La Voluntad es el único motor de nuestros logros http://blog.ngen.com.ar/
New Ruby client for CloudStack API
Hi folks, Our team at PromptWorks, in conjunction with SunGard, has recently released a new Ruby client for the CloudStack API called StackerBee: https://github.com/promptworks/stacker_bee There are already a few Ruby clients out there but none of them met our needs so we made our own. Here's what makes StackerBee special: - supports all endpoints in the API - easy to use and developer friendly - let's developers write idiomatic Ruby - interactive CloudStack REPL - well tested and documented Pull requests and bug reports welcome. Special thanks to Chip Childers, Bill Jones, Dave Grizzanti and SunGard Availability Services. Thanks, Mike Nicholaides -- Mike Nicholaides Software Engineer and Co-Founder at PromptWorks promptworks.com (267) 622-4729
Re: Problems with Secondary Storage on Cloudstack 4.2
Daan, I am able to ping nfs server from the ssvm. I have exported a directory within my home directory as an nfs share for secondary storage, could this be a problem? These re the permissions for secondary storage directory: sugandh@sugandh-desktop:~$ ls -l |grep cloud drwxrwxrwx 3 nobody nogroup 4096 Nov 8 10:59 cloudnfs and this is my /etc/exports file: sugandh@sugandh-desktop:~$ cat /etc/exports # /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # # Example for NFSv4: # /srv/nfs4gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /home/sugandh/cloudnfs *(rw,async,no_root_squash,no_subtree_check) /export *(rw,async,no_root_squash,no_subtree_check) Best, Sugandh On 13.11.2013 16:17, Daan Hoogland wrote: Sughand, By the looks of that output the secondary storage machine doesn't export the location of the secondary storage. Another possibility is that no firewall is blocking nfs. go to the secondary storage machine and try to ping your ssvm. regards On Wed, Nov 13, 2013 at 11:38 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, Thanks for replying. This is a problem that I am facing. When I look at secondary storage on the dashboard, it shows 0.00/0.00 KB and at other times it shows that it is completely full. Moreover, I am also not able to upload anything to the templates/iso section which, if I am correct, goes to secondary storage. In primary storage, I can see that there are some directories and files that have been created, which indicates that cloudstack can interact with primary storage. If both, primary and secondary storage, are on the same server then what could be the reason that cloudstack is not able to communicate properly with secondary storage? Here is the output of ssvm-check.sh - http://pastebin.com/c6vq2Y3N Many thanks, Sugandh. On 09.11.2013 18:48, Daan Hoogland wrote: Sugandh, Is this a problem, or are you wondering how come? It seams to me that secondary storage does not have to be mounted all the time only when templates or snapshots need copying over. regards, Daan On Fri, Nov 8, 2013 at 11:01 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Hello, I am having some issues with Secondary storage on Cloudstack 4.2. My setup is as follows: 1) Both the management server and hypervisor host are on the same system, which is running Ubuntu 12.04, and is assigned an IP 10.208.67.86. 2) Another system which is also running Ubuntu 12.04 is serving as both primary storage and secondary storage and has an IP 10.208.66.162. My problem is that when I run mount on management server, I can only see my primary storage mounted. I'd really appreciate any help. Thanks ahead, Sugandh
Re: New Ruby client for CloudStack API
Really awesome Mike! On Wed, Nov 13, 2013 at 9:47 AM, Mike Nicholaides m...@promptworks.com wrote: Hi folks, Our team at PromptWorks, in conjunction with SunGard, has recently released a new Ruby client for the CloudStack API called StackerBee: https://github.com/promptworks/stacker_bee There are already a few Ruby clients out there but none of them met our needs so we made our own. Here's what makes StackerBee special: - supports all endpoints in the API - easy to use and developer friendly - let's developers write idiomatic Ruby - interactive CloudStack REPL - well tested and documented Pull requests and bug reports welcome. Special thanks to Chip Childers, Bill Jones, Dave Grizzanti and SunGard Availability Services. Thanks, Mike Nicholaides -- Mike Nicholaides Software Engineer and Co-Founder at PromptWorks promptworks.com (267) 622-4729
Where is the UI getting VM Statistics Network Read/Write?
I looked around and couldn't find an answer to this; where is the UI pulling the Network Read/Write data that's shown in the Statistics tab? Unfortunately our cloud_usage db contains no usage type = 4,5 entries. But clearly some data is out there somewhere. Thanks.
Re: UI problems in Chrome
It's probably related to the aggressive caching, as when I clear all browsing history/cache/cookies it will temporarily work properly for a little while. Maybe it's related to our specific installation, since other people are not reporting the same problems. Thanks for the feedback. On 11/12/13, 5:06 PM, Brian Federle wrote: I do know Chrome is 100% compatible with the latest UI (I use Chrome as my primary browser for development in CloudStack), but it is also very aggressive with caching (even more so than IE in some cases!). After an upgrade/installation which contains UI updates, you may want to clear out all cached data for the management server domain. Unfortunately there isn't much of a workaround that I know of beyond this, but I've definitely experienced issues with the UI being corrupt even after multiple refreshes of the UI. Also, check your management server installation (i.e., tomcat folders) to make sure that your server isn't keeping old server-side files around. -Brian -Original Message- From: Ron Wheeler [mailto:rwhee...@artifact-software.com] Sent: Tuesday, November 12, 2013 12:54 PM To: users@cloudstack.apache.org Subject: Re: UI problems in Chrome In light of the other reports of Chrome working, I would just do part of what I suggested - look for hints in the logs to see what specific problems are occurring. I would also check it on other workstations and from other network locations, if that is possible, to see if the problem is restricted to a particular machine or to part of your network. If you can try your Chrome browser against a public Cloudstack install that is known to support Chrome, that might give you some hints. Ron On 12/11/2013 3:17 PM, Ron Wheeler wrote: You could tell them that Chrome doesn't support the CloudStack UI. That might put it in a better light! You should at least file a JIRA with some specific examples and any errors reported in the Chrome console or system logs. At least it will tell people that it needs to be fixed and give them some hints about where to look for the problems. Ron On 12/11/2013 3:09 PM, David Matteson wrote: Hello, Looking in JIRA I didn't see one ticket describing all the problems we have with the Cloudstack UI in Chrome; the login form only works intermittently, most of the views (Instances, Service Offerings, etc.) don't work properly, and in general it just seems broken. In Firefox, however, it works flawlessly. This is on Mac OS X, both Mountain Lion and Mavericks. Anyone else experience this issue? Is it known. I noticed that Chrome is not listed among the browsers in the UI documentation? I don't know if that's significant, though. This is problematic as we'd like to make the interface available to some customers, but telling them It's broken in Chrome. sure isn't good. :) Thanks. -- Ron Wheeler President Artifact Software Inc email: rwhee...@artifact-software.com skype: ronaldmwheeler phone: 866-970-2435, ext 102
Re: Where is the UI getting VM Statistics Network Read/Write?
It collects this stats from the HyperVisor directly. It pings the HyperVisor vm.stats.interval to get it. On 13/11/13 10:50 AM, David Matteson dmatte...@a2hosting.com wrote: I looked around and couldn't find an answer to this; where is the UI pulling the Network Read/Write data that's shown in the Statistics tab? Unfortunately our cloud_usage db contains no usage type = 4,5 entries. But clearly some data is out there somewhere. Thanks.
Re: API - listTemplates, not working or I am doing something wrong??
And the secretKeys are different between CS UI and database,who knows why? the secreyKey in CS UI is 2hjBSbXyOzUJ495PbSN1M4eM-ppYd9z3sKnJxUMEVovLHwJ9MVtg6bmriB1IVaMx213UFgtYkfs-v7s4s1WIDA but in CS mysql database is rS/gpVn9SvbhVjjFBtC2zo0Ue2pYTvgaf24gyIzzC4r4LXNxm7djo5desZMsBoPtfH0fVsJw9yq5NYpRgAAiXlZdiY9q4zEL5tjB+yE50p2EQSkLJ6KqsojrQ+uOMrwj I saw they were same if you depoly CS as source code with ant debug.So magical,hah! 于 2013/4/20 1:27, Kirk Jantzer 写道: So, I ended up writing something, but it is only returning results for things I personally have created, even though I am a root admin. Thoughts? On Wed, Apr 17, 2013 at 2:40 PM, Sebastien Goasguen run...@gmail.comwrote: On Apr 17, 2013, at 2:38 PM, Kirk Jantzer kirk.jant...@gmail.com wrote: thanks for the replies everyone - by chance, anything php based?? :-) looking to build a simple page to do mass deployments, but be able to select offerings based on serviceofferings available the creator's keys… If you search for 'cloudstack client' on github there are a few php clients I believe. On Wed, Apr 17, 2013 at 2:35 PM, Edward Valencia edwa...@redapt.com wrote: There are two ruby gems that Ive been using to interact with the API: cloudstack_helper and cloudstack_ruby_client On Wednesday, April 17, 2013 at 11:16 AM, Kirk Jantzer wrote: Does anyone have a script for creating signatures? On Wed, Apr 17, 2013 at 1:31 PM, Kirk Jantzer kirk.jant...@gmail.com (mailto: kirk.jant...@gmail.com)wrote: gah. *facepalm* deployvirtualmachine works without a signature, so i didn't think of that.. thanks! On Wed, Apr 17, 2013 at 1:23 PM, Edward Valencia edwa...@redapt.com (mailto: edwa...@redapt.com)wrote: The api call needs to have a signature created based on the API and secrete key, I think this is whats missing in your call: http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.1-incubating/html/API_Developers_Guide/signing-api-requests.html Also commands are case sensitive but the way and should be used as in they are in the API docs. Hope this help. On Wednesday, April 17, 2013 at 10:19 AM, Kirk Jantzer wrote: ok, maybe it's not just 'listtemplates' - I've tried other commands and get the same 'unable to verify...' replythoughts?? On Wed, Apr 17, 2013 at 1:13 PM, Kirk Jantzer kirk.jant...@gmail.com (mailto:kirk.jant...@gmail.com)(mailto: kirk.jant...@gmail.com (mailto:kirk.jant...@gmail.com))wrote: When I do the following: api?command=listTemplatestemplatefilter=featuredapikey=**response=json The result is the following (I have tried the API key of a domain admin and root admin, as well as a cookie session after GUI login - all yielded same result): { listtemplatesresponse : {uuidList:[],errorcode:401,errortext:unable to verify user credentials and/or request signature} } Per this forum post, there was a suggestion to change the case of the commands - that changed the output, but still didn't work: api?command=listtemplatestemplatefilter=featuredapikey=**response=json { errorresponse : {uuidList:[],errorcode:432,errortext:The given command does not exist} } -- Regards, Kirk Jantzer c: (678) 561-5475 -- Regards, Kirk Jantzer c: (678) 561-5475 -- Regards, Kirk Jantzer c: (678) 561-5475 -- Regards, Kirk Jantzer c: (678) 561-5475 -- Li Dong Cloud Product Technology Manager +86 571 18657172575 Travelsky Outsourcing Service Department Address: Room 1803,No.705 Yatai Road Nanhu District,Jiaxing City,Zhejiang 314006,P.R.China
Major stability problems lately
We are experiencing massive instability and cannot determine whats causing this. Every so often jvsvc triggers the following in our system logs: Nov 13 18:59:31 cpegh0009 kernel: \[15188599.258955\] BUG: soft lockup - CPU#24 stuck for 22s\! \[jsvc:60385\] Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266229\] Modules linked in: mptctl mptbase vhost_net macvtap macvlan 8021q garp ip6table_filter ip6_tables ebtable_nat ebtables ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT xt_CHECKSUM iptable_mangle xt_tcpudp iptable_filter ip_tables x_tables nfsd kvm_amd kvm ghash_clmulni_intel aesni_intel cryptd aes_x86_64 nfs microcode psmouse radeon serio_raw ttm drm_kms_helper amd64_edac_mod joydev drm edac_core fam15h_power k10temp edac_mce_amd i2c_algo_bit sp5100_tco i2c_piix4 hpilo hpwdt lockd bridge stp mac_hid llc fscache auth_rpcgss acpi_power_meter nfs_acl bonding sunrpc lp parport hid_generic usbhid hid pata_atiixp ixgbe dca hpsa mdio Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266322\] CPU 24 Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266323\] Modules linked in: mptctl mptbase vhost_net macvtap macvlan 8021q garp ip6table_filter ip6_tables ebtable_nat ebtables ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT xt_CHECKSUM iptable_mangle xt_tcpudp iptable_filter ip_tables x_tables nfsd kvm_amd kvm ghash_clmulni_intel aesni_intel cryptd aes_x86_64 nfs microcode psmouse radeon serio_raw ttm drm_kms_helper amd64_edac_mod joydev drm edac_core fam15h_power k10temp edac_mce_amd i2c_algo_bit sp5100_tco i2c_piix4 hpilo hpwdt lockd bridge stp mac_hid llc fscache auth_rpcgss acpi_power_meter nfs_acl bonding sunrpc lp parport hid_generic usbhid hid pata_atiixp ixgbe dca hpsa mdio Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266378\] Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266382\] Pid: 60385, comm: jsvc Not tainted 3.5.0-23-generic #35~precise1-Ubuntu HP ProLiant DL585 I am not sure if this is the cause of the high load or an after effect.. 03:25:01 PM runq-sz plist-sz ldavg-1 ldavg-5 ldavg-15 blocked 06:45:01 PM 31 982 36.95 39.33 41.50 0 06:55:01 PM 17 1000 28.53 37.28 40.06 0 07:05:01 PM 60 954 114.52 91.36 63.66 0 07:15:01 PM 48 961 29.55 53.94 60.76 0 07:25:01 PM 12 895 13.23 24.64 42.47 0 07:35:01 PM 5 772 8.02 13.32 28.31 0 We run ubuntu 12.04.3 LTS on HP DL585s with 64 AMD cores and .5 TB of ram. This will host approx 40~50 vms (centos 5 guest). Agent version is: Version: 1:4.0.2 Any ideas? Perhaps gathering cpu usage data on the jsvc pid ? -- Tim Ehlers
Re: Major stability problems lately
What is this error? Cannot connect because we still have 5 Coult it be the cause? for i in `cat cpeg`;do ssh root@$i 'hostname zgrep Cannot connect because we still have /var/log/cloud/agent/agent.log* |less |awk {print \$1} |uniq -c |sort';done cpegh0001 1 /var/log/cloud/agent/agent.log:2013-11-06 3 /var/log/cloud/agent/agent.log.2013-10-02.gz:2013-10-02 cpegh0002 3 /var/log/cloud/agent/agent.log.2013-10-06.gz:2013-10-02 5 /var/log/cloud/agent/agent.log.2013-09-30.gz:2013-09-30 cpegh0003 2 /var/log/cloud/agent/agent.log.2013-09-30.gz:2013-09-30 3 /var/log/cloud/agent/agent.log.2013-10-02.gz:2013-10-02 72 /var/log/cloud/agent/agent.log.2013-06-06.gz:2013-06-06 cpegh0004 159 /var/log/cloud/agent/agent.log.2013-10-21.gz:2013-10-20 35 /var/log/cloud/agent/agent.log.2013-09-23.gz:2013-09-06 cpegh0005 3 /var/log/cloud/agent/agent.log.2013-10-02.gz:2013-10-02 cpegh0006 1 /var/log/cloud/agent/agent.log.2013-06-25.gz:2013-06-25 1 /var/log/cloud/agent/agent.log.2013-10-18.gz:2013-10-18 4 /var/log/cloud/agent/agent.log.2013-09-30.gz:2013-09-30 cpegh0007 2 /var/log/cloud/agent/agent.log:2013-11-06 cpegh0008 27 /var/log/cloud/agent/agent.log.2013-10-19.gz:2013-10-19 2 /var/log/cloud/agent/agent.log.2013-09-30.gz:2013-09-30 cpegh0009 15 /var/log/cloud/agent/agent.log.2013-11-08.gz:2013-11-08 36 /var/log/cloud/agent/agent.log.2013-11-09.gz:2013-11-09 3 /var/log/cloud/agent/agent.log.2013-10-21.gz:2013-10-21 43 /var/log/cloud/agent/agent.log.2013-11-05.gz:2013-11-05 44 /var/log/cloud/agent/agent.log.2013-11-02.gz:2013-11-02 4 /var/log/cloud/agent/agent.log.2013-11-06.gz:2013-11-06 53 /var/log/cloud/agent/agent.log:2013-11-13 5 /var/log/cloud/agent/agent.log.2013-11-03.gz:2013-11-03 cpegh0010 41 /var/log/cloud/agent/agent.log.2013-11-06.gz:2013-11-06 cpegh0011 cpegh0012 1 /var/log/cloud/agent/agent.log.2013-10-21.gz:2013-10-21 cpegh0013 3 /var/log/cloud/agent/agent.log.2013-10-21.gz:2013-10-21 cpegh0015 cpegh0016 On Wed, Nov 13, 2013 at 8:34 PM, Timothy Ehlers ehle...@gmail.com wrote: We are experiencing massive instability and cannot determine whats causing this. Every so often jvsvc triggers the following in our system logs: Nov 13 18:59:31 cpegh0009 kernel: \[15188599.258955\] BUG: soft lockup - CPU#24 stuck for 22s\! \[jsvc:60385\] Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266229\] Modules linked in: mptctl mptbase vhost_net macvtap macvlan 8021q garp ip6table_filter ip6_tables ebtable_nat ebtables ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT xt_CHECKSUM iptable_mangle xt_tcpudp iptable_filter ip_tables x_tables nfsd kvm_amd kvm ghash_clmulni_intel aesni_intel cryptd aes_x86_64 nfs microcode psmouse radeon serio_raw ttm drm_kms_helper amd64_edac_mod joydev drm edac_core fam15h_power k10temp edac_mce_amd i2c_algo_bit sp5100_tco i2c_piix4 hpilo hpwdt lockd bridge stp mac_hid llc fscache auth_rpcgss acpi_power_meter nfs_acl bonding sunrpc lp parport hid_generic usbhid hid pata_atiixp ixgbe dca hpsa mdio Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266322\] CPU 24 Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266323\] Modules linked in: mptctl mptbase vhost_net macvtap macvlan 8021q garp ip6table_filter ip6_tables ebtable_nat ebtables ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT xt_CHECKSUM iptable_mangle xt_tcpudp iptable_filter ip_tables x_tables nfsd kvm_amd kvm ghash_clmulni_intel aesni_intel cryptd aes_x86_64 nfs microcode psmouse radeon serio_raw ttm drm_kms_helper amd64_edac_mod joydev drm edac_core fam15h_power k10temp edac_mce_amd i2c_algo_bit sp5100_tco i2c_piix4 hpilo hpwdt lockd bridge stp mac_hid llc fscache auth_rpcgss acpi_power_meter nfs_acl bonding sunrpc lp parport hid_generic usbhid hid pata_atiixp ixgbe dca hpsa mdio Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266378\] Nov 13 18:59:31 cpegh0009 kernel: \[15188599.266382\] Pid: 60385, comm: jsvc Not tainted 3.5.0-23-generic #35~precise1-Ubuntu HP ProLiant DL585 I am not sure if this is the cause of the high load or an after effect.. 03:25:01 PM runq-sz plist-sz ldavg-1 ldavg-5 ldavg-15 blocked 06:45:01 PM 31 982 36.95 39.33 41.50 0 06:55:01 PM 17 1000 28.53 37.28 40.06 0 07:05:01 PM 60 954 114.52 91.36 63.66 0 07:15:01 PM 48 961 29.55 53.94 60.76 0 07:25:01 PM 12 895 13.23 24.64 42.47 0 07:35:01 PM 5 772 8.02 13.32 28.31 0 We run ubuntu 12.04.3 LTS on HP DL585s with 64 AMD cores and .5 TB of ram. This will host approx 40~50 vms (centos 5 guest). Agent version is: Version: 1:4.0.2 Any ideas? Perhaps gathering cpu usage data on the jsvc pid ? -- Tim Ehlers -- Tim Ehlers
RE: Site to Site and RA VPN?
We are using it in a single lan network and not using tiers of VPC. Just the default lan created for the customer. The VPN server is a template we have created so we just run it up and some vpn details added of course. No VPC is in use -Original Message- From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] Sent: Tuesday, 12 November 2013 9:32 PM To: users@cloudstack.apache.org Subject: RE: Site to Site and RA VPN? Ashley, Sounds like a nice workaround. I assume you install a VPN appliance in each Tier? Have you had any problems with the VPNs traversing the different Tiers and effectively breaking the VPC isolation model? Have you created a 'template' for the StrongSwan VM or do you need to install it for each network? FYI User VPN is coming to VPCs, but it's not there yet Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: CSG - Ashley Lester [mailto:ash...@computer-services.com.au] Sent: 12 November 2013 11:09 To: users@cloudstack.apache.org Subject: RE: Site to Site and RA VPN? Hi Steve, We use CentOS with StrongSwan VPN Server installed. You need to assign a extra WAN IP and enable static nat to the VPN Server. This gives us Site to site VPN, Remote access VPN, port forwarding etc. We are using CS 4.02 It has been reliable -Original Message- From: Steve Searles [mailto:ssear...@zimcom.net] Sent: Saturday, 9 November 2013 2:24 PM To: users@cloudstack.apache.org Subject: Site to Site and RA VPN? In CS 4.2 remote access VPN's are not supported inside a VPC; likewise site to site is not supported in a non VPC isolated network. (Advanced Zone). What is the best practice/suggestion if both are required? A small Linux instance inside the VPC to serve as a vpn endpoint for the remote users? I am looking for what has worked well for others in this situation. Steve Searles Director, Network Operations Zimcom Internet Solutions, Inc. http://www.zimcom.net Phone. (513)231-9500 Fax. (513)624-3909 Toll Free. (888)624-3910 This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: Traditional Windows workloads and Cloudstack
On 13-Nov-2013, at 6:23 pm, Conrad Geiger cgei...@it1solutions.com wrote: Are you really saturating you GigE link with only 5-10 users. It sounds like you may be running out of IOs, SQL is usually a very write intensive workload. Only one way to find out - deploy monitoring tools to graph metrics. I personally love collectd and MRTG. Junaid, please do let us know if your initial assessment of GigE link saturation is really the case. Regards. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: Unable to add host (clean 4.2.0 installation)
On 13-Nov-2013, at 8:22 pm, Carlos Miranda Molina (Mstaaravin) mstaara...@gmail.com wrote: After repetitive errors i configure a local DNS server with correct reverse resolution between manager and hosts, that works fine! Now, i'm thinking in reinstall all my laboratory, probably i take a mistake in the installation process. Thanks! One of the first things I do via “ansible” on all my hosts: - name: sshd_config - UseDNS action: lineinfile dest=/etc/ssh/sshd_config regexp=^UseDNS line=UseDNS no notify: restart sshd -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: HA for Cloudstack
On 14-Nov-2013, at 6:48 am, jk744 jk...@yahoo.com.tw wrote: Dear users, Could you please tell me where to get HA setup manual for Cloudstack VM ? http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html-single/Admin_Guide/index.html#sys-reliability-and-ha Is it available for free version Cloudstack? All Apache CloudStack versions are “free”. There are commercial products based on Apache CloudStack but they are not called “CloudStack”. Regards. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Libcloud problems with ex_list_keypairs
FYI if any of you are using Libcloud, I ran into a problem trying to create and list sshkeypairs if there were none in Cloudstack. I filed the following and included a fix: https://issues.apache.org/jira/browse/LIBCLOUD-438 ex_create_keypair was affected since it first checks to see if the keypair name exists using the list function. cheers, Carlos .
Re: New Ruby client for CloudStack API
Let the twitter bird tweet the bee's buzz! (will shut up now!) On Wed, Nov 13, 2013 at 09:35:08PM +, Chiradeep Vittal wrote: +1. One more for Sebastien's book https://github.com/runseb/cloudstack-books/tree/master On 11/13/13 8:51 AM, Chip Childers chipchild...@apache.org wrote: Really awesome Mike! On Wed, Nov 13, 2013 at 9:47 AM, Mike Nicholaides m...@promptworks.com wrote: Hi folks, Our team at PromptWorks, in conjunction with SunGard, has recently released a new Ruby client for the CloudStack API called StackerBee: https://github.com/promptworks/stacker_bee There are already a few Ruby clients out there but none of them met our needs so we made our own. Here's what makes StackerBee special: - supports all endpoints in the API - easy to use and developer friendly - let's developers write idiomatic Ruby - interactive CloudStack REPL - well tested and documented Pull requests and bug reports welcome. Special thanks to Chip Childers, Bill Jones, Dave Grizzanti and SunGard Availability Services. Thanks, Mike Nicholaides -- Mike Nicholaides Software Engineer and Co-Founder at PromptWorks promptworks.com (267) 622-4729 -- Prasanna., Powered by BigRock.com
RE: [Doc] Volunteers for Completing 4.2.1 Upgrade Section
I can help you in this. ALOK K. SINGH Lead Engineer Cloud Technical Operations, Axway Extn: 86145 | M: +91-9891420484 -Original Message- From: Radhika Puthiyetath [mailto:radhika.puthiyet...@citrix.com] Sent: Thursday, November 14, 2013 10:12 AM To: users@cloudstack.apache.org Subject: [Doc] Volunteers for Completing 4.2.1 Upgrade Section Hi, I am looking for volunteers to help complete the Upgrade section in the RN. The current section is completely a mess, and I do not have the environments to do justice to the task. Thanks in advance for the help -Radhika
Re: Problems with Secondary Storage on Cloudstack 4.2
Daan, At this point I think I'll go with installing Cloudstack from scratch one more time. I just want to ask one question, although it is mentioned in the Cloudstack installation guide that the management server must have atleast 256GB space, is it really required? Because the system on which I am installing Cloudstack have only 140GB of space. Regards, Sugandh On 13.11.2013 17:59, Daan Hoogland wrote: I am starting to get lost here with you Sugandh, One last open pathway seams to be: Do you have a deamon running that has a default of no-recurse on exports? That would mean that paths below the export can't be mounted only the export itself. Can you test that? regards, On Wed, Nov 13, 2013 at 1:14 PM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, Yes. Primary is /export/primary and secondary is /home/sugandh/cloudnfs and both are on the same server. Best, Sugandh On 13.11.2013 16:49, Daan Hoogland wrote: you wrote earlier that both primary and secondary are on this server. Is one export and the other home/sugandh/cloudnfs? On Wed, Nov 13, 2013 at 11:59 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, I am able to ping nfs server from the ssvm. I have exported a directory within my home directory as an nfs share for secondary storage, could this be a problem? These re the permissions for secondary storage directory: sugandh@sugandh-desktop:~$ ls -l |grep cloud drwxrwxrwx 3 nobody nogroup 4096 Nov 8 10:59 cloudnfs and this is my /etc/exports file: sugandh@sugandh-desktop:~$ cat /etc/exports # /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # # Example for NFSv4: # /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /home/sugandh/cloudnfs *(rw,async,no_root_squash,no_subtree_check) /export *(rw,async,no_root_squash,no_subtree_check) Best, Sugandh On 13.11.2013 16:17, Daan Hoogland wrote: Sughand, By the looks of that output the secondary storage machine doesn't export the location of the secondary storage. Another possibility is that no firewall is blocking nfs. go to the secondary storage machine and try to ping your ssvm. regards On Wed, Nov 13, 2013 at 11:38 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Daan, Thanks for replying. This is a problem that I am facing. When I look at secondary storage on the dashboard, it shows 0.00/0.00 KB and at other times it shows that it is completely full. Moreover, I am also not able to upload anything to the templates/iso section which, if I am correct, goes to secondary storage. In primary storage, I can see that there are some directories and files that have been created, which indicates that cloudstack can interact with primary storage. If both, primary and secondary storage, are on the same server then what could be the reason that cloudstack is not able to communicate properly with secondary storage? Here is the output of ssvm-check.sh - http://pastebin.com/c6vq2Y3N Many thanks, Sugandh. On 09.11.2013 18:48, Daan Hoogland wrote: Sugandh, Is this a problem, or are you wondering how come? It seams to me that secondary storage does not have to be mounted all the time only when templates or snapshots need copying over. regards, Daan On Fri, Nov 8, 2013 at 11:01 AM, Sugandh sugandh.s.dbst_irdst...@dbst.iitd.ac.in wrote: Hello, I am having some issues with Secondary storage on Cloudstack 4.2. My setup is as follows: 1) Both the management server and hypervisor host are on the same system, which is running Ubuntu 12.04, and is assigned an IP 10.208.67.86. 2) Another system which is also running Ubuntu 12.04 is serving as both primary storage and secondary storage and has an IP 10.208.66.162. My problem is that when I run mount on management server, I can only see my primary storage mounted. I'd really appreciate any help. Thanks ahead, Sugandh