Re: Registering Template Issue
Hi Pankaj, Look at point 22 of this document https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSVM,+templates,+Secondary+storage+troubleshooting Do this check on vhd before uploading. It seems it fails this test. On 28-Jan-2015, at 6:25 pm, Pankaj Singh pank.sin9...@gmail.com wrote: Hi Abhi, When I am registering any template I am keep getting this type of error. Failed post download script: vhd check of /mnt/SecStorage/16f29732-e68b-399b-b340-ca83f99384a6/template/tmpl/2/212/dnld1460237361560632551tmp_.tmp failed I think I am missing something while creating template or doing it in wrong way. Here I have created Centos 6.3 x86_64 vhd formatted VM in VirtualBox and then upload this vhd formatted VM file to Cloudstack for registration.. Our requirement is to install Centos 6.5 VM in cloudstack without LVM support. My Cloudstack setup having following configuration: Cloudstack MS = 4.4.2 on Centos 6.4 x86_64 machine Hypervisor = 6.2 Storage (primary/secondary) = Centos 6.4 x86_64 (NFS shared) machine Would you please tell me how to create compatible template for cloudstack. I have already followed official cloudtstack doc for working with template. But still stuck with this kind of errors. Thanks Regards PankaJ Singh On Wed, Jan 28, 2015 at 8:48 AM, Abhinandan Prateek abhinandan.prat...@shapeblue.com wrote: Is you VHD file compressed, like vhd.bz2 ? It appears cloudstack is expecting a compressed file. It should be possible to install VM without LVM support but you may not be able to use some functionality like disk resize. -abhi On 27-Jan-2015, at 8:06 pm, Pankaj Singh pank.sin9...@gmail.com wrote: Hi, I have created a Centos 6.5 VM template via VirtualBox in VHD format so that it can support xenserver 6.2 hypervisor. While registering template it throws following error. Failed post download script: failed to uncompress /mnt/SecStorage/16f29732-e68b-399b-b340-ca83f99384a6/template/tmpl/2/208/dnld9006295490757894375tmp_ I am trying to install a Centos 6.5 VM template without LVM support. Is it possible to install VM template without lvm support? My cloudstack setup have following configuration Cloudstack Management server 4.4.2 Hypervisor = Xenserver 6.2 Primary/Secondary storage = Centos 6.4 NFS shared. Would anybody please help me to figure out this issue. Thanks and Regards PankaJ Singh Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Build http://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineering http://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Support http://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courses http://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic of South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is a registered trademark. Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Buildhttp://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineeringhttp://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Supporthttp://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courseshttp://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error.
cloudstack中怎么给windows7安装pvtools?
我在搭建一个xendesktop+cloudstack+kvm的一个环境,有一篇文档中提到一个大概步骤,需要先在windows上安装pvtools,但是cloudstack自带的pvtools是针对xenserver的,请问如何安装这个pvtools?我上传iso的时候如果把操作系统设置为windows pv的话,启动的时候找不到磁盘驱动程序,请问这块如何解决?或者是否有这方面参考文档。谢谢。 btw:cloudstack版本 4.5.0.0
Re: cloudmonkey / deploy virtualmachine from ISO
Hi, Am Dienstag, den 27.01.2015, 23:40 +0100 schrieb Rene Moser: Hi On 01/27/2015 05:30 PM, Stephan Seitz wrote: Hi there, The logfile states, that the HyperVisorType does not match my running cluster. Interestingly, It works, If I deploy the very same machine via GUI. The ISO Template has OS Type Other (64-bit). I assume you have not touched the global setting about hypervisors, so there are still all hypervisors configured and if you don't provide the param hypervisor=KVM|VMware|... it will take the first specified in the global settings IMHO. No. So far, I didn't touch the global settings. The defaults show a lot of Hypervisors plus BareMetal and LXC. The preferred was set to XenServer (which I'm using in that Zone as single technology). I added the hypervisor=XenServer to my cloudmonkey commandline and it worked :). Interestingly I was never in the need for adding the hypervisor statement. Using ISO as templateid obviously needs this. Thank's for your suggestion! cheers, - Stephan
RE: Failed to create VM from specific template (other templates are fine)
Hello, The template is Ready and status is Download Complete, do you still offer trying again to download template? -Original Message- From: Prashant Kumar Mishra [mailto:prashantkumar.mis...@citrix.com] Sent: Wednesday, January 28, 2015 11:52 AM To: users@cloudstack.apache.org Subject: Re: Failed to create VM from specific template (other templates are fine) If it is not downloaded properly You can stop-start ssvm which will try to download your template . ~prashant On 1/28/15, 1:20 PM, Amir Abbasi abb...@tebyanidc.ir wrote: Hello, Here is a part of the log: 2015-01-28 10:00:54,046 WARN [c.c.u.d.Merovingian2] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Was unable to find lock for the key template_spool_ref70 and thread id 1503363977 2015-01-28 10:00:54,046 DEBUG [o.a.c.e.o.VolumeOrchestrator] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Una ble to create Vol[263|vm=199|ROOT]:Unable to copy template to primary storage due to exception:Exception: java.lang.Exception Message: File upload task failed to complete due to: Error writing request body to server 2015-01-28 10:00:54,046 INFO [c.c.v.VirtualMachineManagerImpl] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Unable to contact resource. com.cloud.exception.StorageUnavailableException: Resource [StoragePool:1] is unreachable: Unable to create Vol[263|vm=199|ROOT]:Unab le to copy template to primary storage due to exception:Exception: java.lang.Exception Message: File upload task failed to complete due to: Error writing request body to server at org.apache.cloudstack.engine.orchestration.VolumeOrchestrator.recreateV olu me (VolumeOrchestrator.java:1205) at org.apache.cloudstack.engine.orchestration.VolumeOrchestrator.prepare(V olu me Orchestrator.java:1257) at com.cloud.vm.VirtualMachineManagerImpl.orchestrateStart(VirtualMachineM ana ge rImpl.java:988) at com.cloud.vm.VirtualMachineManagerImpl.orchestrateStart(VirtualMachineM ana ge rImpl.java:5195) at sun.reflect.GeneratedMethodAccessor568.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccesso rIm pl .java:43) at java.lang.reflect.Method.invoke(Method.java:606) at com.cloud.vm.VmWorkJobHandlerProxy.handleVmWorkJob(VmWorkJobHandlerProx y.j av a:107) at com.cloud.vm.VirtualMachineManagerImpl.handleVmWorkJob(VirtualMachineMa nag er Impl.java:5340) at com.cloud.vm.VmWorkJobDispatcher.runJob(VmWorkJobDispatcher.java:102) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInCo nte xt (AsyncJobManagerImpl.java:503) at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(Mana ged Co ntextRunnable.java:49) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call (De fa ultManagedContext.java:56) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWi thC on text(DefaultManagedContext.java:103) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWit hCo nt ext(DefaultManagedContext.java:53) at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(Manage dCo nt extRunnable.java:46) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(Asy ncJ ob ManagerImpl.java:460) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java: 11 45) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.j ava :6 15) at java.lang.Thread.run(Thread.java:745) 2015-01-28 10:00:54,051 DEBUG [c.c.v.VirtualMachineManagerImpl] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Cleaning up resources for the vm VM[User|i-15-199-VM] in Starting state 2015-01-28 10:00:54,056 DEBUG [c.c.a.t.Request] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Seq 1-1339820889 142821334: Sending { Cmd , MgmtId: 52239450489, via: 1(172.28.52.4), Ver: v1, Flags: 100011, [{com.cloud.agent.api.StopCommand:{ isProxy:false,executeInSequence:false,checkBeforeCleanup:false,vm Nam e :i-15-199-VM,wait:0}}] } 2015-01-28 10:00:54,056 DEBUG [c.c.a.t.Request] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Seq 1-1339820889 142821334: Executing: { Cmd , MgmtId: 52239450489, via: 1(172.28.52.4), Ver: v1, Flags: 100011, [{com.cloud.agent.api.StopCommand :{isProxy:false,executeInSequence:false,checkBeforeCleanup:false, vm Na me:i-15-199-VM,wait:0}}] } 2015-01-28 10:00:54,057 DEBUG [c.c.a.m.DirectAgentAttache] (DirectAgent-49:ctx-44763cb1) Seq 1-1339820889142821334: Executing reques t 2015-01-28 10:00:54,057 INFO [c.c.h.v.r.VmwareResource] (DirectAgent-49:ctx-44763cb1
RE: Removing a host from a cluster and adding it to another
Kyle, The official advice has always been to re-install a XenServer before trying to add it back into CloudStack. When a host is added into CloudStack a number of changes are made, and whilst it is possible to manually clean up the configuration, there is always a risk you miss something which could cause you problems later on. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Abhinandan Prateek [mailto:abhinandan.prat...@shapeblue.com] Sent: 28 January 2015 05:56 To: users@cloudstack.apache.org Subject: Re: Removing a host from a cluster and adding it to another The tag needs to be removed from the Xen Hypervisor so that it cleanly goes to another cluster. Use the following to clear host tags after detaching it from the pool: xe host-param-clear uuid=$host param-name=tags; (Run it in moving Xen host) You also need to clear the SR on this host so that there is no conflict when it is added to another cluster. Following are the steps to clear the SR: [root@xenserver1-cloudstack ~]# df Filesystem 1K-blocks Used Available Use% Mounted on . 172.16.197.134:/opt/storage/primary 19856384 2560128 16300160 14% /var/run/sr-mount/66f0805b-da95-872c-2a6e-d5c46c219c2a [root@xenserver1-cloudstack ~]# xe pbd-list sr-uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a uuid ( RO) : 2e2aced7-f27f-917f-a017-68f3504967f0 .. [root@xenserver1-cloudstack ~]# xe pbd-unplug uuid=2e2aced7-f27f-917f-a017-68f3504967f0 [root@xenserver1-cloudstack ~]# xe sr-forget uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a # for pbd in `xe pbd-list currently-attached=false| grep ^uuid | awk '{print $NF}'`; do xe pbd-plug uuid=$pbd ; done Regards, Abhinandan Prateek M +919701199011 abhinandan.prat...@shapeblue.com On 28-Jan-2015, at 9:49 am, Kyle Flavin kyle.fla...@citrix.com wrote: Ah, yes I can confirm that there is a host tag with the following query on the CS database. Here is the sanitized output from the host_tags table: select * from host_tags where host_id=host_id; +-+-++ | id | host_id | tag| +-+-++ | id | hosted | host_name | +-+-++ Is it safe to delete this entry, or should I add the host back into its old cluster and then delete the tag through the UI? -Original Message- From: Somesh Naidu [mailto:somesh.na...@citrix.com] Sent: Tuesday, January 27, 2015 5:20 PM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Yes, check what's in the tags parameter of that host. Cleaning it should resolve the issue. Regards, Somesh -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: Tuesday, January 27, 2015 7:50 PM To: users@cloudstack.apache.org Subject: Removing a host from a cluster and adding it to another I've removed a host from one Cloudstack cluster, and I'm attempting to add it to a new cluster. It will be the only host in the cluster, and used for testing purposes. I put the host into maintenance mode, removed it from its original cluster within the Cloudstack UI, then deleted it from the Xen pool using xe pool-eject. Now when I create a new cluster, and try to add the host, I get an error message that just says Unable to add host from within the Cloudstack web UI. I see messages in management-server.log that say Trying to add a new host at http://myhosthttp://%3cmyhost, but no indication of an error: 2015-01-27 16:28:31,142 INFO [c.c.r.ResourceManagerImpl] (catalina-exec-13:ctx-4ab1a388 ctx-fa2957ea) Trying to add a new host at http://myhost in data center 1 On the Xen host itself, I see the following in the xensource.log: Jan 28 00:28:31 host t1 /opt/xensource/bin/xapi: [debug|host|748 INET 0.0.0.0:80|pool_patch.get_by_uuid D:5fb0d4d944bb|dispatcher] Server_helpers.exec exception_handler: Got exception UUID_INVALID: [ pool_patch; 996dd2e7-ad95-49cc-a0be-2c9adc4dfb0b ] It references an invalid ID, but I'm not sure what that UUID belongs to; it isn't the UUID of the pool. Is there something that needs to be done to clear the configuration of a Xenserver host prior to adding it to a new cluster? Or is Cloudstack remembering the old host name and not allowing me to put it into the new cluster? Thanks, Kyle Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Buildhttp://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineeringhttp://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Supporthttp://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp
Re: Failed to create VM from specific template (other templates are fine)
If it is not downloaded properly You can stop-start ssvm which will try to download your template . ~prashant On 1/28/15, 1:20 PM, Amir Abbasi abb...@tebyanidc.ir wrote: Hello, Here is a part of the log: 2015-01-28 10:00:54,046 WARN [c.c.u.d.Merovingian2] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Was unable to find lock for the key template_spool_ref70 and thread id 1503363977 2015-01-28 10:00:54,046 DEBUG [o.a.c.e.o.VolumeOrchestrator] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Una ble to create Vol[263|vm=199|ROOT]:Unable to copy template to primary storage due to exception:Exception: java.lang.Exception Message: File upload task failed to complete due to: Error writing request body to server 2015-01-28 10:00:54,046 INFO [c.c.v.VirtualMachineManagerImpl] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Unable to contact resource. com.cloud.exception.StorageUnavailableException: Resource [StoragePool:1] is unreachable: Unable to create Vol[263|vm=199|ROOT]:Unab le to copy template to primary storage due to exception:Exception: java.lang.Exception Message: File upload task failed to complete due to: Error writing request body to server at org.apache.cloudstack.engine.orchestration.VolumeOrchestrator.recreateVolu me (VolumeOrchestrator.java:1205) at org.apache.cloudstack.engine.orchestration.VolumeOrchestrator.prepare(Volu me Orchestrator.java:1257) at com.cloud.vm.VirtualMachineManagerImpl.orchestrateStart(VirtualMachineMana ge rImpl.java:988) at com.cloud.vm.VirtualMachineManagerImpl.orchestrateStart(VirtualMachineMana ge rImpl.java:5195) at sun.reflect.GeneratedMethodAccessor568.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorIm pl .java:43) at java.lang.reflect.Method.invoke(Method.java:606) at com.cloud.vm.VmWorkJobHandlerProxy.handleVmWorkJob(VmWorkJobHandlerProxy.j av a:107) at com.cloud.vm.VirtualMachineManagerImpl.handleVmWorkJob(VirtualMachineManag er Impl.java:5340) at com.cloud.vm.VmWorkJobDispatcher.runJob(VmWorkJobDispatcher.java:102) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInConte xt (AsyncJobManagerImpl.java:503) at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(Managed Co ntextRunnable.java:49) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(De fa ultManagedContext.java:56) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithC on text(DefaultManagedContext.java:103) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithCo nt ext(DefaultManagedContext.java:53) at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedCo nt extRunnable.java:46) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(AsyncJ ob ManagerImpl.java:460) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java: 11 45) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java :6 15) at java.lang.Thread.run(Thread.java:745) 2015-01-28 10:00:54,051 DEBUG [c.c.v.VirtualMachineManagerImpl] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Cleaning up resources for the vm VM[User|i-15-199-VM] in Starting state 2015-01-28 10:00:54,056 DEBUG [c.c.a.t.Request] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Seq 1-1339820889 142821334: Sending { Cmd , MgmtId: 52239450489, via: 1(172.28.52.4), Ver: v1, Flags: 100011, [{com.cloud.agent.api.StopCommand:{ isProxy:false,executeInSequence:false,checkBeforeCleanup:false,vmNam e :i-15-199-VM,wait:0}}] } 2015-01-28 10:00:54,056 DEBUG [c.c.a.t.Request] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Seq 1-1339820889 142821334: Executing: { Cmd , MgmtId: 52239450489, via: 1(172.28.52.4), Ver: v1, Flags: 100011, [{com.cloud.agent.api.StopCommand :{isProxy:false,executeInSequence:false,checkBeforeCleanup:false,vm Na me:i-15-199-VM,wait:0}}] } 2015-01-28 10:00:54,057 DEBUG [c.c.a.m.DirectAgentAttache] (DirectAgent-49:ctx-44763cb1) Seq 1-1339820889142821334: Executing reques t 2015-01-28 10:00:54,057 INFO [c.c.h.v.r.VmwareResource] (DirectAgent-49:ctx-44763cb1 172.28.52.4) Executing resource StopCommand: { isProxy:false,executeInSequence:false,checkBeforeCleanup:false,vmNa me :i-15-199-VM,wait:0} 2015-01-28 10:00:54,118 DEBUG [c.c.a.m.AgentManagerImpl] (AgentManager-Handler-15:null) SeqA 3-199070: Processing Seq 3-199070: { C md , MgmtId: -1, via: 3, Ver: v1, Flags: 11, [{com.cloud.agent.api.ConsoleProxyLoadReportCommand:{_proxyVmId:2,_lo ad Info:{\n
Re: Failed to create VM from specific template (other templates are fine)
essage: File upload task failed to complete due to: Error writing request body to server Since upload task failed to complete ,you have to make sure template get downloaded properly .May be register a new template On 1/28/15, 2:19 PM, Amir Abbasi abb...@tebyanidc.ir wrote: Hello, The template is Ready and status is Download Complete, do you still offer trying again to download template? -Original Message- From: Prashant Kumar Mishra [mailto:prashantkumar.mis...@citrix.com] Sent: Wednesday, January 28, 2015 11:52 AM To: users@cloudstack.apache.org Subject: Re: Failed to create VM from specific template (other templates are fine) If it is not downloaded properly You can stop-start ssvm which will try to download your template . ~prashant On 1/28/15, 1:20 PM, Amir Abbasi abb...@tebyanidc.ir wrote: Hello, Here is a part of the log: 2015-01-28 10:00:54,046 WARN [c.c.u.d.Merovingian2] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Was unable to find lock for the key template_spool_ref70 and thread id 1503363977 2015-01-28 10:00:54,046 DEBUG [o.a.c.e.o.VolumeOrchestrator] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Una ble to create Vol[263|vm=199|ROOT]:Unable to copy template to primary storage due to exception:Exception: java.lang.Exception Message: File upload task failed to complete due to: Error writing request body to server 2015-01-28 10:00:54,046 INFO [c.c.v.VirtualMachineManagerImpl] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Unable to contact resource. com.cloud.exception.StorageUnavailableException: Resource [StoragePool:1] is unreachable: Unable to create Vol[263|vm=199|ROOT]:Unab le to copy template to primary storage due to exception:Exception: java.lang.Exception Message: File upload task failed to complete due to: Error writing request body to server at org.apache.cloudstack.engine.orchestration.VolumeOrchestrator.recreateV olu me (VolumeOrchestrator.java:1205) at org.apache.cloudstack.engine.orchestration.VolumeOrchestrator.prepare(V olu me Orchestrator.java:1257) at com.cloud.vm.VirtualMachineManagerImpl.orchestrateStart(VirtualMachineM ana ge rImpl.java:988) at com.cloud.vm.VirtualMachineManagerImpl.orchestrateStart(VirtualMachineM ana ge rImpl.java:5195) at sun.reflect.GeneratedMethodAccessor568.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccesso rIm pl .java:43) at java.lang.reflect.Method.invoke(Method.java:606) at com.cloud.vm.VmWorkJobHandlerProxy.handleVmWorkJob(VmWorkJobHandlerProx y.j av a:107) at com.cloud.vm.VirtualMachineManagerImpl.handleVmWorkJob(VirtualMachineMa nag er Impl.java:5340) at com.cloud.vm.VmWorkJobDispatcher.runJob(VmWorkJobDispatcher.java:102) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInCo nte xt (AsyncJobManagerImpl.java:503) at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(Mana ged Co ntextRunnable.java:49) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call (De fa ultManagedContext.java:56) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWi thC on text(DefaultManagedContext.java:103) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWit hCo nt ext(DefaultManagedContext.java:53) at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(Manage dCo nt extRunnable.java:46) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(Asy ncJ ob ManagerImpl.java:460) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java : 11 45) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.j ava :6 15) at java.lang.Thread.run(Thread.java:745) 2015-01-28 10:00:54,051 DEBUG [c.c.v.VirtualMachineManagerImpl] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Cleaning up resources for the vm VM[User|i-15-199-VM] in Starting state 2015-01-28 10:00:54,056 DEBUG [c.c.a.t.Request] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Seq 1-1339820889 142821334: Sending { Cmd , MgmtId: 52239450489, via: 1(172.28.52.4), Ver: v1, Flags: 100011, [{com.cloud.agent.api.StopCommand:{ isProxy:false,executeInSequence:false,checkBeforeCleanup:false,vm Nam e :i-15-199-VM,wait:0}}] } 2015-01-28 10:00:54,056 DEBUG [c.c.a.t.Request] (Work-Job-Executor-138:ctx-90c00639 job-2709/job-2710 ctx-08257b85) Seq 1-1339820889 142821334: Executing: { Cmd , MgmtId: 52239450489, via: 1(172.28.52.4), Ver: v1, Flags: 100011, [{com.cloud.agent.api.StopCommand
GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sthash.
A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The issue stems from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. That particular function is used by the _gethostbyname function calls. Related Posts Shellshock Worm Exploiting Unpatched QNAP NAS Devices December 15, 2014 , 11:35 am Linux Modules Connected to Turla APT Discovered December 9, 2014 , 10:26 am Bash Exploit Reported, First Round of Patches Incomplete September 25, 2014 , 11:41 am “A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application,” said an advisory from Linux distributor Red Hat. The vulnerability, CVE-2015-0235, has already been nicknamed GHOST because of its relation to the _gethostbyname function. Researchers at Qualys discovered the flaw, and say it goes back to glibc version 2.2 in Linux systems published in November 2000. According to Qualys, there is a mitigation for this issue that was published May 21, 2013 between patch glibc-2.17 versions and glibc-2.18. “Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 7, CentOS 6 7, Ubuntu 12.04, for example,” said an advisory from Qualys posted to the OSS-Security mailing list. Respective Linux distributions will be releasing patches; Red Hat has released an update for Red Hat Enterprise Linux v.5 server. Novell has a list of SUSE Linux Enterprise Server builds affected by the vulnerability. Debian has already released an update of its software addressing the vulnerability. “It’s everywhere, which is kind of the urgency we have here. This has been in glibc for a long time. It was fixed recently, but it was not marked as a security issue, so things that are fairly new should be OK,” said Josh Bressers, a member of the Red Hat security response team. “From a threat level, what it comes down to is a handful of stuff that’s probably dangerous that uses this function.” Unlike past Internet-wide bugs such as Bash, patching glibc may not be the chore it was with Bash since so many components made silent Bash calls. “In this instance, you just apply the glibc update, and restart any services that are vulnerable,” Bressers said. “It’s not confusing like Shellshock was.” Qualys, in its advisory, not only shares extremely in-depth technical information on the vulnerability, but also includes a section explaining exploitation of the Exim SMTP mail server. The advisory demonstrates how to bypass NX, or No-eXecute protection as well as glibc malloc hardening, Qualys said. Qualys also said that in addition to the 2013 patch, other factors mitigate the impact of the vulnerability, including the fact that the gethostbyname functions are obsolete because of IPv6 and newer applications using a different call, getaddrinfo(). While the flaw is also exploitable locally, this scenario too is mitigated because many programs rely on gethostbyname only if another preliminary call fails and a secondary call succeeds in order to reach the overflow. The advisory said this is “impossible” and those programs are safe. There are mitigations against remote exploitation too, Qualys said. Servers, for example, use gethostbyname to perform full-circle reverse DNS checks. “These programs are generally safe because the hostname passed to gethostbyname() has normally been pre-validated by DNS software,” the advisory. “It’s not looking like a huge remote problem, right now,” Bressers said. However, while the bug may have been dormant since 2000, there is no way to tell if criminals or government-sponsored hackers have been exploiting this vulnerability. Nor is there any way to tell what will happen once legitimate security researchers—and black hats—begin looking at the vulnerability now that it’s out in the open. With Bash, for example, it didn’t take long for additional security issues to rise to the surface. - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sthash.3JH6GJTL.dpuf -- 白清杰 (Born Bai) Mail: linux...@gmail.com
Re: 回复: 调整卷大小失败,缩小卷大小 提示 Failed to resize volume
你可以用qemu-img resize自己调整。至于resize以后的大小和cloudstack数据库里面的不一致,这个不是太大问题。 2015-01-28 3:28 GMT+01:00 Peration 575366...@qq.com: 原来如此,有没有解决方案? -- 原始邮件 -- 发件人: zanghongtu2...@gmail.com;zanghongtu2...@gmail.com; 发送时间: 2015年1月28日(星期三) 上午10:22 收件人: users-cnusers-cn@cloudstack.apache.org; 主题: Re: 回复: 调整卷大小失败,缩小卷大小 提示 Failed to resize volume CS 不支持对qcow2 格式的磁盘进行缩小卷 具体可以参见:LibvirtComputingResource.java == else if (type.equals(QCOW2) shrinkOk) { return new ResizeVolumeAnswer(cmd, false, Unable to shrink volumes of type + type); } == 你的log里面有报错 2015-01-27 08:52:22,858 DEBUG [c.c.a.t.Request] (AgentManager-Handler-9:null) Seq 1-1245446166: Processing: { Ans: , MgmtId: 271133592152661, via: 1, Ver: v1, Flags: 10, [{com.cloud.agent.api.storage.ResizeVolumeAnswer:{newSize:0,result:false,details:Unable to shrink volumes of type QCOW2,wait:0}}] } zanghongtu2...@gmail.com 发件人: Peration 发送时间: 2015-01-28 09:41 收件人: users-cn 主题: 回复:答复: 调整卷大小失败,缩小卷大小 提示 Failed to resize volume 我是调整data卷的大小 -- 原始邮件 -- 发件人: Star Guo;st...@ceph.me; 发送时间: 2015年1月28日(星期三) 上午8:42 收件人: users-cnusers-cn@cloudstack.apache.org; 主题: 答复: 调整卷大小失败,缩小卷大小 提示 Failed to resize volume Can not resie root disk. Best Regards, Star Guo -邮件原件- 发件人: Peration [mailto:575366...@qq.com] 发送时间: 2015年1月27日 9:07 收件人: users-cn 主题: 调整卷大小失败,缩小卷大小 提示 Failed to resize volume 调整卷大小失败,缩小卷大小 提示 Failed to resize volume 2015-01-27 08:52:22,745 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (catalina-exec-10:ctx-29557584 ctx-627f0aaf) submit async job-136, details: AsyncJobVO {id:136, userId: 2, accountId: 2, instanceType: Volume, instanceId: null, cmd: org.apache.cloudstack.api.command.user.volume.ResizeVolumeCmd, cmdInfo: {id:f59ea020-f2c5-4298-9fe1-423309491572,response:json,sessionkey:GWJFo5AhFePwOQTzbWN0Ve1XTFg\u003d,shrinkok:true,cmdEventType:VOLUME.RESIZE,ctxUserId:2,httpmethod:GET,_:1422319924146,ctxAccountId:2,diskofferingid:786fc68f-e14c-42dc-a931-f6b2d5bed62a,ctxStartEventId:285}, cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result: null, initMsid: 271133592152661, completeMsid: null, lastUpdated: null, lastPolled: null, created: null} 2015-01-27 08:52:22,747 INFO [o.a.c.f.j.i.AsyncJobMonitor] (Job-Executor-1:ctx-8420fd25) Add job-136 into job monitoring 2015-01-27 08:52:22,747 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (Job-Executor-1:ctx-8420fd25) Executing AsyncJobVO {id:136, userId: 2, accountId: 2, instanceType: Volume, instanceId: null, cmd: org.apache.cloudstack.api.command.user.volume.ResizeVolumeCmd, cmdInfo: {id:f59ea020-f2c5-4298-9fe1-423309491572,response:json,sessionkey:GWJFo5AhFePwOQTzbWN0Ve1XTFg\u003d,shrinkok:true,cmdEventType:VOLUME.RESIZE,ctxUserId:2,httpmethod:GET,_:1422319924146,ctxAccountId:2,diskofferingid:786fc68f-e14c-42dc-a931-f6b2d5bed62a,ctxStartEventId:285}, cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result: null, initMsid: 271133592152661, completeMsid: null, lastUpdated: null, lastPolled: null, created: null} 2015-01-27 08:52:22,752 DEBUG [c.c.a.ApiServlet] (catalina-exec-10:ctx-29557584 ctx-627f0aaf) ===END=== 192.168.121.1 -- GET command=resizeVolumeid=f59ea020-f2c5-4298-9fe1-423309491572shrinkok=truediskofferingid=786fc68f-e14c-42dc-a931-f6b2d5bed62aresponse=jsonsessionkey=GWJFo5AhFePwOQTzbWN0Ve1XTFg%3D_=1422319924146 2015-01-27 08:52:22,831 DEBUG [c.c.a.t.Request] (Job-Executor-1:ctx-8420fd25 ctx-627f0aaf) Seq 1-1245446166: Sending { Cmd , MgmtId: 271133592152661, via: 1(cloudstack.cloud.priv), Ver: v1, Flags: 100011, [{com.cloud.agent.api.storage.ResizeVolumeCommand:{path:f59ea020-f2c5-4298-9fe1-423309491572,pool:{id:1,uuid:933404b7-c735-44aa-a374-6bc61ea206fd,host:192.168.121.3,path:/var/lib/libvirt/images,port:0,type:Filesystem},vmInstance:i-2-133-VM,newSize:1073741824,currentSize:3221225472,shrinkOk:true,wait:0}}] } 2015-01-27 08:52:22,858 DEBUG [c.c.a.t.Request] (AgentManager-Handler-9:null) Seq 1-1245446166: Processing: { Ans: , MgmtId: 271133592152661, via: 1, Ver: v1, Flags: 10, [{com.cloud.agent.api.storage.ResizeVolumeAnswer:{newSize:0,result:false,details:Unable to shrink volumes of type QCOW2,wait:0}}] } 2015-01-27 08:52:22,858 DEBUG [c.c.a.t.Request] (Job-Executor-1:ctx-8420fd25 ctx-627f0aaf) Seq 1-1245446166: Received: { Ans: , MgmtId: 271133592152661, via: 1, Ver: v1, Flags: 10, { ResizeVolumeAnswer } } 2015-01-27 08:52:22,868 WARN [o.a.c.s.d.ObjectInDataStoreManagerImpl] (Job-Executor-1:ctx-8420fd25 ctx-627f0aaf) Unsupported data object (VOLUME, org.apache.cloudstack.storage.datastore.PrimaryDataStoreImpl@4d3d9207), no need to delete from object in store ref table 2015-01-27 08:52:22,868 WARN [c.c.s.VolumeApiServiceImpl] (Job-Executor-1:ctx-8420fd25 ctx-627f0aaf) Failed to resize the volume Vol[133|vm=133|DATADISK] 2015-01-27 08:52:22,879 DEBUG
Re: ALL Hosts Stuck in Maintenance
Martin, My diagnosis hasn't been altered studied or challanged ;) for a quick fix vm != null should be added in the expression line 2083 of ResourceManagerImpl. A more robust solution must be possible but i don't have time to look into that right now. On Tue, Jan 27, 2015 at 4:16 PM, Martin Emrich martin.emr...@empolis.com wrote: Hi! Any news on this issue? I just fell in to this pit again :( Regards, Martin -Ursprüngliche Nachricht- Von: Martin Emrich [mailto:martin.emr...@empolis.com] Gesendet: Dienstag, 25. November 2014 13:39 An: users@cloudstack.apache.org Betreff: Re: ALL Hosts Stuck in Maintenance Hi! Same problem here with CS 4.4.1 and 5 XenServers in one Cluster: Two hosts are in maintenance mode, and canceling maintenance mode results in Internal Server Error. Here's my backtrace: 2014-11-25 13:08:45,448 ERROR [c.c.a.ApiAsyncJobDispatcher] (API-Job-Executor-54:ctx-a076520e job-765) Unexpected exception while executing org.apache.cloudstack.api.command.admin.host.CancelMaintenanceCmd java.lang.NullPointerException at com.cloud.resource.ResourceManagerImpl.doCancelMaintenance(ResourceManagerImpl.java:2083) at com.cloud.resource.ResourceManagerImpl.cancelMaintenance(ResourceManagerImpl.java:2140) at com.cloud.resource.ResourceManagerImpl.cancelMaintenance(ResourceManagerImpl.java:1127) at sun.reflect.GeneratedMethodAccessor400.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at com.sun.proxy.$Proxy148.cancelMaintenance(Unknown Source) at org.apache.cloudstack.api.command.admin.host.CancelMaintenanceCmd.execute(CancelMaintenanceCmd.java:102) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:141) at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:108) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInContext(AsyncJobManagerImpl.java:503) at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53) at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(AsyncJobManagerImpl.java:460) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745) 2014-11-25 13:08:45,449 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (API-Job-Executor-54:ctx-a076520e job-765) Complete async job-765, jobStatus: FAILED, resultCode: 530, result: org.apache.cloudstack.api.response.ExceptionResponse/null/{uuidList:[],errorcode:530} Ciao Martin -- Daan
Re: management/catalina.out Received unknown parameters for command listHosts. Unknown parameters : listall
1.看management-server.log 2. /etc/cloudstack/management/log4j-cloud.xml里面默认的log level是INFO,s/INFO/DEBUG/g 改成DEBUG. 2015-01-28 3:24 GMT+01:00 loveg...@126.com loveg...@126.com: 一直收到这样的log不知为何? tail -f /var/log/cloudstack/management/catalina.out WARN [c.c.a.d.ParamGenericValidationWorker] (catalina-exec-6:ctx-95f69cca ctx-7e324e09) Received unknown parameters for command listHosts. Unknown parameters : listall WARN [c.c.a.d.ParamGenericValidationWorker] (catalina-exec-21:ctx-c55c9ee8 ctx-ab8c5580) Received unknown parameters for command listStoragePools. Unknown parameters : listall WARN [c.c.a.d.ParamGenericValidationWorker] (catalina-exec-20:ctx-73cee05e ctx-033ced8b) Received unknown parameters for command listImageStores. Unknown parameters : listall type WARN [c.c.a.d.ParamGenericValidationWorker] (catalina-exec-4:ctx-f158 ctx-636cf349) Received unknown parameters for command listSystemVms. Unknown parameters : listall WARN [c.c.a.d.ParamGenericValidationWorker] (catalina-exec-1:ctx-c8fbff53 ctx-d069b105) Received unknown parameters for command listHosts. Unknown parameters : listall WARN [c.c.a.d.ParamGenericValidationWorker] (catalina-exec-14:ctx-40914d94 ctx-c52ed9e9) Received unknown parameters for command listZones. Unknown parameters : listall WARN [c.c.a.d.ParamGenericValidationWorker] (catalina-exec-22:ctx-94c74fc1 ctx-66cb2aee) Received unknown parameters for command addHost. Unknown parameters : clustertype loveg...@126.com 发件人: Peration 发送时间: 2015-01-28 09:41 收件人: users-cn 主题: 回复:答复: 调整卷大小失败,缩小卷大小 提示 Failed to resize volume 我是调整data卷的大小 -- 原始邮件 -- 发件人: Star Guo;st...@ceph.me; 发送时间: 2015年1月28日(星期三) 上午8:42 收件人: users-cnusers-cn@cloudstack.apache.org; 主题: 答复: 调整卷大小失败,缩小卷大小 提示 Failed to resize volume Can not resie root disk. Best Regards, Star Guo -邮件原件- 发件人: Peration [mailto:575366...@qq.com] 发送时间: 2015年1月27日 9:07 收件人: users-cn 主题: 调整卷大小失败,缩小卷大小 提示 Failed to resize volume 调整卷大小失败,缩小卷大小 提示 Failed to resize volume 2015-01-27 08:52:22,745 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (catalina-exec-10:ctx-29557584 ctx-627f0aaf) submit async job-136, details: AsyncJobVO {id:136, userId: 2, accountId: 2, instanceType: Volume, instanceId: null, cmd: org.apache.cloudstack.api.command.user.volume.ResizeVolumeCmd, cmdInfo: {id:f59ea020-f2c5-4298-9fe1-423309491572,response:json,sessionkey:GWJFo5AhFePwOQTzbWN0Ve1XTFg\u003d,shrinkok:true,cmdEventType:VOLUME.RESIZE,ctxUserId:2,httpmethod:GET,_:1422319924146,ctxAccountId:2,diskofferingid:786fc68f-e14c-42dc-a931-f6b2d5bed62a,ctxStartEventId:285}, cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result: null, initMsid: 271133592152661, completeMsid: null, lastUpdated: null, lastPolled: null, created: null} 2015-01-27 08:52:22,747 INFO [o.a.c.f.j.i.AsyncJobMonitor] (Job-Executor-1:ctx-8420fd25) Add job-136 into job monitoring 2015-01-27 08:52:22,747 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (Job-Executor-1:ctx-8420fd25) Executing AsyncJobVO {id:136, userId: 2, accountId: 2, instanceType: Volume, instanceId: null, cmd: org.apache.cloudstack.api.command.user.volume.ResizeVolumeCmd, cmdInfo: {id:f59ea020-f2c5-4298-9fe1-423309491572,response:json,sessionkey:GWJFo5AhFePwOQTzbWN0Ve1XTFg\u003d,shrinkok:true,cmdEventType:VOLUME.RESIZE,ctxUserId:2,httpmethod:GET,_:1422319924146,ctxAccountId:2,diskofferingid:786fc68f-e14c-42dc-a931-f6b2d5bed62a,ctxStartEventId:285}, cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result: null, initMsid: 271133592152661, completeMsid: null, lastUpdated: null, lastPolled: null, created: null} 2015-01-27 08:52:22,752 DEBUG [c.c.a.ApiServlet] (catalina-exec-10:ctx-29557584 ctx-627f0aaf) ===END=== 192.168.121.1 -- GET command=resizeVolumeid=f59ea020-f2c5-4298-9fe1-423309491572shrinkok=truediskofferingid=786fc68f-e14c-42dc-a931-f6b2d5bed62aresponse=jsonsessionkey=GWJFo5AhFePwOQTzbWN0Ve1XTFg%3D_=1422319924146 2015-01-27 08:52:22,831 DEBUG [c.c.a.t.Request] (Job-Executor-1:ctx-8420fd25 ctx-627f0aaf) Seq 1-1245446166: Sending { Cmd , MgmtId: 271133592152661, via: 1(cloudstack.cloud.priv), Ver: v1, Flags: 100011, [{com.cloud.agent.api.storage.ResizeVolumeCommand:{path:f59ea020-f2c5-4298-9fe1-423309491572,pool:{id:1,uuid:933404b7-c735-44aa-a374-6bc61ea206fd,host:192.168.121.3,path:/var/lib/libvirt/images,port:0,type:Filesystem},vmInstance:i-2-133-VM,newSize:1073741824,currentSize:3221225472,shrinkOk:true,wait:0}}] } 2015-01-27 08:52:22,858 DEBUG [c.c.a.t.Request] (AgentManager-Handler-9:null) Seq 1-1245446166: Processing: { Ans: , MgmtId: 271133592152661, via: 1, Ver: v1, Flags: 10, [{com.cloud.agent.api.storage.ResizeVolumeAnswer:{newSize:0,result:false,details:Unable to shrink volumes of type QCOW2,wait:0}}] } 2015-01-27 08:52:22,858 DEBUG [c.c.a.t.Request] (Job-Executor-1:ctx-8420fd25 ctx-627f0aaf) Seq 1-1245446166: Received: { Ans: , MgmtId: 271133592152661, via:
Re: GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sth
https://security-tracker.debian.org/tracker/CVE-2015-0235 2015-01-28 18:04 GMT+08:00 linux...@gmail.com linux...@gmail.com: A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The issue stems from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. That particular function is used by the _gethostbyname function calls. Related Posts Shellshock Worm Exploiting Unpatched QNAP NAS Devices December 15, 2014 , 11:35 am Linux Modules Connected to Turla APT Discovered December 9, 2014 , 10:26 am Bash Exploit Reported, First Round of Patches Incomplete September 25, 2014 , 11:41 am “A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application,” said an advisory from Linux distributor Red Hat. The vulnerability, CVE-2015-0235, has already been nicknamed GHOST because of its relation to the _gethostbyname function. Researchers at Qualys discovered the flaw, and say it goes back to glibc version 2.2 in Linux systems published in November 2000. According to Qualys, there is a mitigation for this issue that was published May 21, 2013 between patch glibc-2.17 versions and glibc-2.18. “Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 7, CentOS 6 7, Ubuntu 12.04, for example,” said an advisory from Qualys posted to the OSS-Security mailing list. Respective Linux distributions will be releasing patches; Red Hat has released an update for Red Hat Enterprise Linux v.5 server. Novell has a list of SUSE Linux Enterprise Server builds affected by the vulnerability. Debian has already released an update of its software addressing the vulnerability. “It’s everywhere, which is kind of the urgency we have here. This has been in glibc for a long time. It was fixed recently, but it was not marked as a security issue, so things that are fairly new should be OK,” said Josh Bressers, a member of the Red Hat security response team. “From a threat level, what it comes down to is a handful of stuff that’s probably dangerous that uses this function.” Unlike past Internet-wide bugs such as Bash, patching glibc may not be the chore it was with Bash since so many components made silent Bash calls. “In this instance, you just apply the glibc update, and restart any services that are vulnerable,” Bressers said. “It’s not confusing like Shellshock was.” Qualys, in its advisory, not only shares extremely in-depth technical information on the vulnerability, but also includes a section explaining exploitation of the Exim SMTP mail server. The advisory demonstrates how to bypass NX, or No-eXecute protection as well as glibc malloc hardening, Qualys said. Qualys also said that in addition to the 2013 patch, other factors mitigate the impact of the vulnerability, including the fact that the gethostbyname functions are obsolete because of IPv6 and newer applications using a different call, getaddrinfo(). While the flaw is also exploitable locally, this scenario too is mitigated because many programs rely on gethostbyname only if another preliminary call fails and a secondary call succeeds in order to reach the overflow. The advisory said this is “impossible” and those programs are safe. There are mitigations against remote exploitation too, Qualys said. Servers, for example, use gethostbyname to perform full-circle reverse DNS checks. “These programs are generally safe because the hostname passed to gethostbyname() has normally been pre-validated by DNS software,” the advisory. “It’s not looking like a huge remote problem, right now,” Bressers said. However, while the bug may have been dormant since 2000, there is no way to tell if criminals or government-sponsored hackers have been exploiting this vulnerability. Nor is there any way to tell what will happen once legitimate security researchers—and black hats—begin looking at the vulnerability now that it’s out in the open. With Bash, for example, it didn’t take long for additional security issues to rise to the surface. - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sthash.3JH6GJTL.dpuf -- 白清杰 (Born Bai) Mail: linux...@gmail.com -- 白清杰 (Born Bai) Mail: linux...@gmail.com
Re: GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sth
Hi, While it's a general public news, everyone is requested and encouraged to use the security mailing list in future to report anything. For more details please read: http://cloudstack.apache.org/security.html Thanks and regards. On Wednesday 28 January 2015 03:34 PM, linux...@gmail.com wrote: A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The issue stems from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. That particular function is used by the _gethostbyname function calls. Related Posts Shellshock Worm Exploiting Unpatched QNAP NAS Devices December 15, 2014 , 11:35 am Linux Modules Connected to Turla APT Discovered December 9, 2014 , 10:26 am Bash Exploit Reported, First Round of Patches Incomplete September 25, 2014 , 11:41 am “A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application,” said an advisory from Linux distributor Red Hat. The vulnerability, CVE-2015-0235, has already been nicknamed GHOST because of its relation to the _gethostbyname function. Researchers at Qualys discovered the flaw, and say it goes back to glibc version 2.2 in Linux systems published in November 2000. According to Qualys, there is a mitigation for this issue that was published May 21, 2013 between patch glibc-2.17 versions and glibc-2.18. “Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 7, CentOS 6 7, Ubuntu 12.04, for example,” said an advisory from Qualys posted to the OSS-Security mailing list. Respective Linux distributions will be releasing patches; Red Hat has released an update for Red Hat Enterprise Linux v.5 server. Novell has a list of SUSE Linux Enterprise Server builds affected by the vulnerability. Debian has already released an update of its software addressing the vulnerability. “It’s everywhere, which is kind of the urgency we have here. This has been in glibc for a long time. It was fixed recently, but it was not marked as a security issue, so things that are fairly new should be OK,” said Josh Bressers, a member of the Red Hat security response team. “From a threat level, what it comes down to is a handful of stuff that’s probably dangerous that uses this function.” Unlike past Internet-wide bugs such as Bash, patching glibc may not be the chore it was with Bash since so many components made silent Bash calls. “In this instance, you just apply the glibc update, and restart any services that are vulnerable,” Bressers said. “It’s not confusing like Shellshock was.” Qualys, in its advisory, not only shares extremely in-depth technical information on the vulnerability, but also includes a section explaining exploitation of the Exim SMTP mail server. The advisory demonstrates how to bypass NX, or No-eXecute protection as well as glibc malloc hardening, Qualys said. Qualys also said that in addition to the 2013 patch, other factors mitigate the impact of the vulnerability, including the fact that the gethostbyname functions are obsolete because of IPv6 and newer applications using a different call, getaddrinfo(). While the flaw is also exploitable locally, this scenario too is mitigated because many programs rely on gethostbyname only if another preliminary call fails and a secondary call succeeds in order to reach the overflow. The advisory said this is “impossible” and those programs are safe. There are mitigations against remote exploitation too, Qualys said. Servers, for example, use gethostbyname to perform full-circle reverse DNS checks. “These programs are generally safe because the hostname passed to gethostbyname() has normally been pre-validated by DNS software,” the advisory. “It’s not looking like a huge remote problem, right now,” Bressers said. However, while the bug may have been dormant since 2000, there is no way to tell if criminals or government-sponsored hackers have been exploiting this vulnerability. Nor is there any way to tell what will happen once legitimate security researchers—and black hats—begin looking at the vulnerability now that it’s out in the open. With Bash, for example, it didn’t take long for additional security issues to rise to the surface. - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sthash.3JH6GJTL.dpuf -- Regards, Rohit Yadav Software Architect, ShapeBlue M. +91 8826230892 | rohit.ya...@shapeblue.com Blog: bhaisaab.org | Twitter: @_bhaisaab PS. If you see any footer below, I did not add it :) Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud
Re: Registering Template Issue
Hi Abhi, When I am registering any template I am keep getting this type of error. Failed post download script: vhd check of /mnt/SecStorage/16f29732-e68b-399b-b340-ca83f99384a6/template/tmpl/2/212/dnld1460237361560632551tmp_.tmp failed I think I am missing something while creating template or doing it in wrong way. Here I have created Centos 6.3 x86_64 vhd formatted VM in VirtualBox and then upload this vhd formatted VM file to Cloudstack for registration.. Our requirement is to install Centos 6.5 VM in cloudstack without LVM support. My Cloudstack setup having following configuration: Cloudstack MS = 4.4.2 on Centos 6.4 x86_64 machine Hypervisor = 6.2 Storage (primary/secondary) = Centos 6.4 x86_64 (NFS shared) machine Would you please tell me how to create compatible template for cloudstack. I have already followed official cloudtstack doc for working with template. But still stuck with this kind of errors. Thanks Regards PankaJ Singh On Wed, Jan 28, 2015 at 8:48 AM, Abhinandan Prateek abhinandan.prat...@shapeblue.com wrote: Is you VHD file compressed, like vhd.bz2 ? It appears cloudstack is expecting a compressed file. It should be possible to install VM without LVM support but you may not be able to use some functionality like disk resize. -abhi On 27-Jan-2015, at 8:06 pm, Pankaj Singh pank.sin9...@gmail.com wrote: Hi, I have created a Centos 6.5 VM template via VirtualBox in VHD format so that it can support xenserver 6.2 hypervisor. While registering template it throws following error. Failed post download script: failed to uncompress /mnt/SecStorage/16f29732-e68b-399b-b340-ca83f99384a6/template/tmpl/2/208/dnld9006295490757894375tmp_ I am trying to install a Centos 6.5 VM template without LVM support. Is it possible to install VM template without lvm support? My cloudstack setup have following configuration Cloudstack Management server 4.4.2 Hypervisor = Xenserver 6.2 Primary/Secondary storage = Centos 6.4 NFS shared. Would anybody please help me to figure out this issue. Thanks and Regards PankaJ Singh Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Build http://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineering http://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Support http://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courses http://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic of South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
RE: Removing a host from a cluster and adding it to another
Kyle, If your main goal was to upgrade the Cluster to XenServer 6.5 you have two options. 1. Upgrade the cluster in-situ, and you can use this guide to help you http://shapeblue.com/citrix/how-to-upgrade-an-apache-cloudstack-citrix-xenserver-cluster/ 2. Build a new Cluster with cleanly installed Hosts and then live migrate the VMs into the new Cluster Option 1 does not involve taking hosts out of the Cluster, the key is to upgrade the Pool Master (and only the pool master) first, then upgrade remaining hosts one at a time. For option 2 you need to ensure each Cluster has 3 Hosts before you put any Client VMs on them as running Clusters with less than three Hosts in production is definitely not recommended. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: 28 January 2015 17:20 To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Hi Geoff, So question for you. The purpose behind me doing this is to test upgrade a single host from Xen 6.2 to 6.5. I was moving the host out of its original cluster so as not to impact any running VM's in the existing cluster (I haven't attempted to upgrade XenServer before, so I want to be extra careful). Does that approach makes sense to you? Given the time I've sunk into this over the past day, I'm thinking I may reinstall with Xen 6.2, add it to its own CS cluster, and then attempt the upgrade to 6.5. Kyle -Original Message- From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] Sent: Wednesday, January 28, 2015 9:04 AM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Kyle, I'm guessing there is still something referencing the old Pool the Host used to belong to which is causing the problem. I really recommend you just re-install XenServer from scratch and have a clean host. A XenServer 6.5 install takes literally 10 mins to do a manual install as there are no Hotfixes to apply yet, a XenServer 6.2 install can take an hour due to all the Hotfixes but you only need to apply the following as they contain all the others not listed: XS62ESP1.xsupdate XS62ESP1003.xsupdate XS62ESP1005.xsupdate XS62ESP1009.xsupdate XS62ESP1014.xsupdate XS62ESP1016.xsupdate So that would be six reboots of the host to apply all the patches up to XS62ESP1016 I also recommend you invest some time setting up a PXE deployment architecture which can auto install XenServer and all the patches, then if you ever need to re-install a host or deploy a new one, you can do so with very little effort and enjoy a nice hot coffee while it does all the work for you. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: 28 January 2015 16:50 To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another I seem to be a little closer. I've cleared the tags and the SR on my host. When I try to add the host to my new cluster through the Cloudstack web UI, I now see this: Please join the host IP to XS pool UUID through XC/XS before adding it through CS UI I take it this means the host needs to be in a Xen pool first, but I don't know what the pool referenced by UUID is. It does not match the cluster UUID in Cloudstack, or any pool UUID's that I can see in Xen. I see that there is a xe pool-join command, but it takes an IP address, not a UUID. How do I join my host to the pool given by the Cloudstack error message above? -Original Message- From: Abhinandan Prateek [mailto:abhinandan.prat...@shapeblue.com] Sent: Tuesday, January 27, 2015 9:56 PM To: users@cloudstack.apache.org Subject: Re: Removing a host from a cluster and adding it to another The tag needs to be removed from the Xen Hypervisor so that it cleanly goes to another cluster. Use the following to clear host tags after detaching it from the pool: xe host-param-clear uuid=$host param-name=tags; (Run it in moving Xen host) You also need to clear the SR on this host so that there is no conflict when it is added to another cluster. Following are the steps to clear the SR: [root@xenserver1-cloudstack ~]# df Filesystem 1K-blocks Used Available Use% Mounted on . 172.16.197.134:/opt/storage/primary 19856384 2560128 16300160 14% /var/run/sr-mount/66f0805b-da95-872c-2a6e-d5c46c219c2a [root@xenserver1-cloudstack ~]# xe pbd-list sr-uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a uuid ( RO) : 2e2aced7-f27f-917f-a017-68f3504967f0 .. [root@xenserver1-cloudstack ~]# xe pbd-unplug uuid=2e2aced7-f27f-917f-a017-68f3504967f0 [root@xenserver1-cloudstack ~]# xe sr-forget
RE: Removing a host from a cluster and adding it to another
Got it. Option #1 is probably what I'll end up doing eventually. But I'm hesitant to do that on my first try on a cluster with running VM's. I'd like to see the upgrade process first. I think I'll start by creating a one node cluster as planned, just to see the upgrade process. Then I'll circle back and attempt option #1 on the existing cluster. Actually, there are multiple clusters running 6.2, so it makes sense to do them in place once I can get a process in order. Thanks for your help. -Original Message- From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] Sent: Wednesday, January 28, 2015 9:33 AM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Kyle, If your main goal was to upgrade the Cluster to XenServer 6.5 you have two options. 1. Upgrade the cluster in-situ, and you can use this guide to help you http://shapeblue.com/citrix/how-to-upgrade-an-apache-cloudstack-citrix-xenserver-cluster/ 2. Build a new Cluster with cleanly installed Hosts and then live migrate the VMs into the new Cluster Option 1 does not involve taking hosts out of the Cluster, the key is to upgrade the Pool Master (and only the pool master) first, then upgrade remaining hosts one at a time. For option 2 you need to ensure each Cluster has 3 Hosts before you put any Client VMs on them as running Clusters with less than three Hosts in production is definitely not recommended. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: 28 January 2015 17:20 To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Hi Geoff, So question for you. The purpose behind me doing this is to test upgrade a single host from Xen 6.2 to 6.5. I was moving the host out of its original cluster so as not to impact any running VM's in the existing cluster (I haven't attempted to upgrade XenServer before, so I want to be extra careful). Does that approach makes sense to you? Given the time I've sunk into this over the past day, I'm thinking I may reinstall with Xen 6.2, add it to its own CS cluster, and then attempt the upgrade to 6.5. Kyle -Original Message- From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] Sent: Wednesday, January 28, 2015 9:04 AM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Kyle, I'm guessing there is still something referencing the old Pool the Host used to belong to which is causing the problem. I really recommend you just re-install XenServer from scratch and have a clean host. A XenServer 6.5 install takes literally 10 mins to do a manual install as there are no Hotfixes to apply yet, a XenServer 6.2 install can take an hour due to all the Hotfixes but you only need to apply the following as they contain all the others not listed: XS62ESP1.xsupdate XS62ESP1003.xsupdate XS62ESP1005.xsupdate XS62ESP1009.xsupdate XS62ESP1014.xsupdate XS62ESP1016.xsupdate So that would be six reboots of the host to apply all the patches up to XS62ESP1016 I also recommend you invest some time setting up a PXE deployment architecture which can auto install XenServer and all the patches, then if you ever need to re-install a host or deploy a new one, you can do so with very little effort and enjoy a nice hot coffee while it does all the work for you. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: 28 January 2015 16:50 To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another I seem to be a little closer. I've cleared the tags and the SR on my host. When I try to add the host to my new cluster through the Cloudstack web UI, I now see this: Please join the host IP to XS pool UUID through XC/XS before adding it through CS UI I take it this means the host needs to be in a Xen pool first, but I don't know what the pool referenced by UUID is. It does not match the cluster UUID in Cloudstack, or any pool UUID's that I can see in Xen. I see that there is a xe pool-join command, but it takes an IP address, not a UUID. How do I join my host to the pool given by the Cloudstack error message above? -Original Message- From: Abhinandan Prateek [mailto:abhinandan.prat...@shapeblue.com] Sent: Tuesday, January 27, 2015 9:56 PM To: users@cloudstack.apache.org Subject: Re: Removing a host from a cluster and adding it to another The tag needs to be removed from the Xen Hypervisor so that it cleanly goes to another cluster. Use the following to clear host tags after detaching it from the pool: xe host-param-clear uuid=$host param-name=tags;
Re: GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sth
FYI the blog post mentioned below now has links to updated SSVM templates. On Jan 28, 2015, at 11:49 AM, John Kinsella j...@stratosec.co wrote: Folks - just posted mitigation details at [1]. An updated SSVM template is being QAed, once released the post will be updated with links and we’ll mention here as well. John 1: https://blogs.apache.org/cloudstack/entry/cloudstack_and_the_ghost_glibc On Jan 28, 2015, at 4:55 AM, Rohit Yadav rohit.ya...@shapeblue.commailto:rohit.ya...@shapeblue.com wrote: Hi, While it's a general public news, everyone is requested and encouraged to use the security mailing list in future to report anything. For more details please read: http://cloudstack.apache.org/security.html Thanks and regards. On Wednesday 28 January 2015 03:34 PM, linux...@gmail.commailto:linux...@gmail.com wrote: A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The issue stems from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. That particular function is used by the _gethostbyname function calls. Related Posts Shellshock Worm Exploiting Unpatched QNAP NAS Devices December 15, 2014 , 11:35 am Linux Modules Connected to Turla APT Discovered December 9, 2014 , 10:26 am Bash Exploit Reported, First Round of Patches Incomplete September 25, 2014 , 11:41 am “A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application,” said an advisory from Linux distributor Red Hat. The vulnerability, CVE-2015-0235, has already been nicknamed GHOST because of its relation to the _gethostbyname function. Researchers at Qualys discovered the flaw, and say it goes back to glibc version 2.2 in Linux systems published in November 2000. According to Qualys, there is a mitigation for this issue that was published May 21, 2013 between patch glibc-2.17 versions and glibc-2.18. “Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 7, CentOS 6 7, Ubuntu 12.04, for example,” said an advisory from Qualys posted to the OSS-Security mailing list. Respective Linux distributions will be releasing patches; Red Hat has released an update for Red Hat Enterprise Linux v.5 server. Novell has a list of SUSE Linux Enterprise Server builds affected by the vulnerability. Debian has already released an update of its software addressing the vulnerability. “It’s everywhere, which is kind of the urgency we have here. This has been in glibc for a long time. It was fixed recently, but it was not marked as a security issue, so things that are fairly new should be OK,” said Josh Bressers, a member of the Red Hat security response team. “From a threat level, what it comes down to is a handful of stuff that’s probably dangerous that uses this function.” Unlike past Internet-wide bugs such as Bash, patching glibc may not be the chore it was with Bash since so many components made silent Bash calls. “In this instance, you just apply the glibc update, and restart any services that are vulnerable,” Bressers said. “It’s not confusing like Shellshock was.” Qualys, in its advisory, not only shares extremely in-depth technical information on the vulnerability, but also includes a section explaining exploitation of the Exim SMTP mail server. The advisory demonstrates how to bypass NX, or No-eXecute protection as well as glibc malloc hardening, Qualys said. Qualys also said that in addition to the 2013 patch, other factors mitigate the impact of the vulnerability, including the fact that the gethostbyname functions are obsolete because of IPv6 and newer applications using a different call, getaddrinfo(). While the flaw is also exploitable locally, this scenario too is mitigated because many programs rely on gethostbyname only if another preliminary call fails and a secondary call succeeds in order to reach the overflow. The advisory said this is “impossible” and those programs are safe. There are mitigations against remote exploitation too, Qualys said. Servers, for example, use gethostbyname to perform full-circle reverse DNS checks. “These programs are generally safe because the hostname passed to gethostbyname() has normally been pre-validated by DNS software,” the advisory. “It’s not looking like a huge remote problem, right now,” Bressers said. However, while the bug may have been dormant since 2000, there is no way to tell if criminals or government-sponsored hackers have been exploiting this vulnerability. Nor is there any way to tell what will happen once
RE: Removing a host from a cluster and adding it to another
Unfortunately, I'm still running into issues adding my Xen host to the Cloudstack cluster, even after reinstalling the host. When I attempt to add the new host, I get a Failed to add host message in the web UI. As before, xensource.log doesn't show any errors other than this: /opt/xensource/bin/xapi: [debug|hostnameremoved|620 INET 0.0.0.0:80|pool_patch.get_by_uuid D:b910526acfa9|dispatcher] Server_helpers.exec exception_handler: Got exception UUID_INVALID: I feel like I'm probably missing something obvious, but I haven't been able to figure out what. I'm following the Cloudstack installation Guide for Xenserver, as well as the Xenserver 6.2 Installation Guide (PDF): http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/latest/hypervisor/xenserver.html I did the following: - Reinstalled Xenserver from scratch. - Attached to the host from XenCenter, and created a new pool and added the host (it's the only host in the pool) - Went into the Cloudstack WebUI and created a new Cluster (this cluster exists in the same pod as the old cluster) - Tried to add the host, and received the failure message One thing I did notice (prior to rebuilding) is that I was able to re-add the host back into to the original cluster it had been a part of. I just could not add it to the new cluster (I haven't tried again with the fresh install just yet, because the install took 2.5 hours, and I want to investigate other possibilities). So I'm wondering if there are some artifacts being left in Cloudstack that are preventing me from adding the host to the new cluster? I reused the hostname, so it seems like it might make sense that it could be an issue. I do still see references in the database to the hostname in the host table, although it's shown as removed. -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: Wednesday, January 28, 2015 9:46 AM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Got it. Option #1 is probably what I'll end up doing eventually. But I'm hesitant to do that on my first try on a cluster with running VM's. I'd like to see the upgrade process first. I think I'll start by creating a one node cluster as planned, just to see the upgrade process. Then I'll circle back and attempt option #1 on the existing cluster. Actually, there are multiple clusters running 6.2, so it makes sense to do them in place once I can get a process in order. Thanks for your help. -Original Message- From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] Sent: Wednesday, January 28, 2015 9:33 AM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Kyle, If your main goal was to upgrade the Cluster to XenServer 6.5 you have two options. 1. Upgrade the cluster in-situ, and you can use this guide to help you http://shapeblue.com/citrix/how-to-upgrade-an-apache-cloudstack-citrix-xenserver-cluster/ 2. Build a new Cluster with cleanly installed Hosts and then live migrate the VMs into the new Cluster Option 1 does not involve taking hosts out of the Cluster, the key is to upgrade the Pool Master (and only the pool master) first, then upgrade remaining hosts one at a time. For option 2 you need to ensure each Cluster has 3 Hosts before you put any Client VMs on them as running Clusters with less than three Hosts in production is definitely not recommended. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: 28 January 2015 17:20 To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Hi Geoff, So question for you. The purpose behind me doing this is to test upgrade a single host from Xen 6.2 to 6.5. I was moving the host out of its original cluster so as not to impact any running VM's in the existing cluster (I haven't attempted to upgrade XenServer before, so I want to be extra careful). Does that approach makes sense to you? Given the time I've sunk into this over the past day, I'm thinking I may reinstall with Xen 6.2, add it to its own CS cluster, and then attempt the upgrade to 6.5. Kyle -Original Message- From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] Sent: Wednesday, January 28, 2015 9:04 AM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Kyle, I'm guessing there is still something referencing the old Pool the Host used to belong to which is causing the problem. I really recommend you just re-install XenServer from scratch and have a clean host. A XenServer 6.5 install takes literally 10 mins to do a manual install as there are no Hotfixes to apply yet, a XenServer 6.2 install can take an hour due to all the
Re: Registering Template Issue
Thanks Abhi, Its a great help I realized that I had created VM template in wrong way. Thanks Regards PankaJ Singh On Wed, Jan 28, 2015 at 7:38 PM, Abhinandan Prateek abhinandan.prat...@shapeblue.com wrote: Hi Pankaj, Look at point 22 of this document https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSVM,+templates,+Secondary+storage+troubleshooting Do this check on vhd before uploading. It seems it fails this test. On 28-Jan-2015, at 6:25 pm, Pankaj Singh pank.sin9...@gmail.com wrote: Hi Abhi, When I am registering any template I am keep getting this type of error. Failed post download script: vhd check of /mnt/SecStorage/16f29732-e68b-399b-b340-ca83f99384a6/template/tmpl/2/212/dnld1460237361560632551tmp_.tmp failed I think I am missing something while creating template or doing it in wrong way. Here I have created Centos 6.3 x86_64 vhd formatted VM in VirtualBox and then upload this vhd formatted VM file to Cloudstack for registration.. Our requirement is to install Centos 6.5 VM in cloudstack without LVM support. My Cloudstack setup having following configuration: Cloudstack MS = 4.4.2 on Centos 6.4 x86_64 machine Hypervisor = 6.2 Storage (primary/secondary) = Centos 6.4 x86_64 (NFS shared) machine Would you please tell me how to create compatible template for cloudstack. I have already followed official cloudtstack doc for working with template. But still stuck with this kind of errors. Thanks Regards PankaJ Singh On Wed, Jan 28, 2015 at 8:48 AM, Abhinandan Prateek abhinandan.prat...@shapeblue.com wrote: Is you VHD file compressed, like vhd.bz2 ? It appears cloudstack is expecting a compressed file. It should be possible to install VM without LVM support but you may not be able to use some functionality like disk resize. -abhi On 27-Jan-2015, at 8:06 pm, Pankaj Singh pank.sin9...@gmail.com wrote: Hi, I have created a Centos 6.5 VM template via VirtualBox in VHD format so that it can support xenserver 6.2 hypervisor. While registering template it throws following error. Failed post download script: failed to uncompress /mnt/SecStorage/16f29732-e68b-399b-b340-ca83f99384a6/template/tmpl/2/208/dnld9006295490757894375tmp_ I am trying to install a Centos 6.5 VM template without LVM support. Is it possible to install VM template without lvm support? My cloudstack setup have following configuration Cloudstack Management server 4.4.2 Hypervisor = Xenserver 6.2 Primary/Secondary storage = Centos 6.4 NFS shared. Would anybody please help me to figure out this issue. Thanks and Regards PankaJ Singh Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Build http://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineering http://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Support http://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courses http://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic of South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is a registered trademark. Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Build http://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/ CloudStack Software Engineering http://shapeblue.com/cloudstack-software-engineering/ CloudStack Infrastructure Support http://shapeblue.com/cloudstack-infrastructure-support/ CloudStack Bootcamp Training Courses http://shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions
Orphaned Data Disk
Has anyone noticed that when deleting an instance with a data disk attached, cloudstack leaves the datadisk orphaned? If so is this expected behaviour, and if so is there an option to change it?
Re: GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sth
thanks Jhon is secur...@cloudstack.apache.org a mail list? how to join it? 2015-01-29 5:05 GMT+08:00 John Kinsella j...@stratosec.co: FYI the blog post mentioned below now has links to updated SSVM templates. On Jan 28, 2015, at 11:49 AM, John Kinsella j...@stratosec.co wrote: Folks - just posted mitigation details at [1]. An updated SSVM template is being QAed, once released the post will be updated with links and we’ll mention here as well. John 1: https://blogs.apache.org/cloudstack/entry/cloudstack_and_the_ghost_glibc On Jan 28, 2015, at 4:55 AM, Rohit Yadav rohit.ya...@shapeblue.commailto:rohit.ya...@shapeblue.com wrote: Hi, While it's a general public news, everyone is requested and encouraged to use the security mailing list in future to report anything. For more details please read: http://cloudstack.apache.org/security.html Thanks and regards. On Wednesday 28 January 2015 03:34 PM, linux...@gmail.commailto:linux...@gmail.com wrote: A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The issue stems from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. That particular function is used by the _gethostbyname function calls. Related Posts Shellshock Worm Exploiting Unpatched QNAP NAS Devices December 15, 2014 , 11:35 am Linux Modules Connected to Turla APT Discovered December 9, 2014 , 10:26 am Bash Exploit Reported, First Round of Patches Incomplete September 25, 2014 , 11:41 am “A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application,” said an advisory from Linux distributor Red Hat. The vulnerability, CVE-2015-0235, has already been nicknamed GHOST because of its relation to the _gethostbyname function. Researchers at Qualys discovered the flaw, and say it goes back to glibc version 2.2 in Linux systems published in November 2000. According to Qualys, there is a mitigation for this issue that was published May 21, 2013 between patch glibc-2.17 versions and glibc-2.18. “Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 7, CentOS 6 7, Ubuntu 12.04, for example,” said an advisory from Qualys posted to the OSS-Security mailing list. Respective Linux distributions will be releasing patches; Red Hat has released an update for Red Hat Enterprise Linux v.5 server. Novell has a list of SUSE Linux Enterprise Server builds affected by the vulnerability. Debian has already released an update of its software addressing the vulnerability. “It’s everywhere, which is kind of the urgency we have here. This has been in glibc for a long time. It was fixed recently, but it was not marked as a security issue, so things that are fairly new should be OK,” said Josh Bressers, a member of the Red Hat security response team. “From a threat level, what it comes down to is a handful of stuff that’s probably dangerous that uses this function.” Unlike past Internet-wide bugs such as Bash, patching glibc may not be the chore it was with Bash since so many components made silent Bash calls. “In this instance, you just apply the glibc update, and restart any services that are vulnerable,” Bressers said. “It’s not confusing like Shellshock was.” Qualys, in its advisory, not only shares extremely in-depth technical information on the vulnerability, but also includes a section explaining exploitation of the Exim SMTP mail server. The advisory demonstrates how to bypass NX, or No-eXecute protection as well as glibc malloc hardening, Qualys said. Qualys also said that in addition to the 2013 patch, other factors mitigate the impact of the vulnerability, including the fact that the gethostbyname functions are obsolete because of IPv6 and newer applications using a different call, getaddrinfo(). While the flaw is also exploitable locally, this scenario too is mitigated because many programs rely on gethostbyname only if another preliminary call fails and a secondary call succeeds in order to reach the overflow. The advisory said this is “impossible” and those programs are safe. There are mitigations against remote exploitation too, Qualys said. Servers, for example, use gethostbyname to perform full-circle reverse DNS checks. “These programs are generally safe because the hostname passed to gethostbyname() has normally been pre-validated by DNS software,” the advisory. “It’s not looking like a huge remote problem, right now,” Bressers said. However, while the bug may have been dormant since 2000, there is no way to tell if criminals or
CloudStack and the Ghost glibc vulnerability
UPDATE: mitigation instructions have been improved (don't update openswan) and we forgot to mention rebooting. UPDATE: Links to updated System VM templates are now below Yesterday, a buffer overflow vulnerability was announced in glibc that affects most current Linux distributions. In CloudStack, the system VMs contain a vulnerable version of glibc. CloudStack community members have built an updated system VM template, which ShapeBlue is hosting at http://packages.shapeblue.com/systemvmtemplate/ (More information on the packages at http://shapeblue.com/packages). For instructions on how to update the SystemVM template in CloudStack, see here. For those who wish to patch their running system VMs, ssh into each one and run: apt-mark hold openswan apt-get clean apt-get update apt-get upgrade After updating glibc, the system will need to be rebooted. Information about how to connect to your System VMs is available here. Other CloudStack-related systems may be affected! Please review security updates from Linux distributions you use on your management server, storage systems, hypervisors, as well as other Linux VMs and bare-metal systems running in your environments. This post provides instructions for determining if a system is vulnerable, as well as patching directions for common Linux distributions. -- 白清杰 (Born Bai) Mail: linux...@gmail.com
回复: 虚机磁盘性能参数
应该是management-server启动之后的累加值 含义就是你理解的含义了 zanghongtu2...@gmail.com 发件人: yan_5...@163.com 发送时间: 2015-01-29 09:32 收件人: users-cn 主题: 虚机磁盘性能参数 各位好! 请教各位一个问题,以下几个虚机磁盘参数各有什么含义和不同呢?麻烦哪位有时间一起探讨下。 diskioreadthe read (io) of disk on the vm diskiowritethe write (io) of disk on the vm diskkbsreadthe read (bytes) of disk on the vm diskkbswritethe write (bytes) of disk on the vm 个人理解的diskioread为当前统计周期内的磁盘读请求发起的次数,同理diskiowrite为写请求次数 diskkbsread为当前统计周期内的读的bytes总数,diskkbswrite同理 山东济南 崔
Re:Re:Cloudstack4.4.2+KVM 计算方案如果是自定义CPU,在启用HA后点击迁移主机无反应。
Dear All, 如标题,Cloudstack4.4.2+KVM 计算方案如果是自定义CPU,在启用HA后点击迁移主机无反应。请问是何原因?指定CPU频率和内存并启用HA是可以迁移的。 在 2015-01-26 16:30:48,Daniel Zhang daniel_zhan...@126.com 写道: Dear All, 请问大家的环境中,如果创建计算方案时,选择了启用HA,创建的VM无法切换主机。点击切换主机没有反应。其它没有启用HA的VM可以正常切换主机。请问是不是VM启用了HA就不能手动切换主机了?谢谢
RE: Removing a host from a cluster and adding it to another
I seem to be a little closer. I've cleared the tags and the SR on my host. When I try to add the host to my new cluster through the Cloudstack web UI, I now see this: Please join the host IP to XS pool UUID through XC/XS before adding it through CS UI I take it this means the host needs to be in a Xen pool first, but I don't know what the pool referenced by UUID is. It does not match the cluster UUID in Cloudstack, or any pool UUID's that I can see in Xen. I see that there is a xe pool-join command, but it takes an IP address, not a UUID. How do I join my host to the pool given by the Cloudstack error message above? -Original Message- From: Abhinandan Prateek [mailto:abhinandan.prat...@shapeblue.com] Sent: Tuesday, January 27, 2015 9:56 PM To: users@cloudstack.apache.org Subject: Re: Removing a host from a cluster and adding it to another The tag needs to be removed from the Xen Hypervisor so that it cleanly goes to another cluster. Use the following to clear host tags after detaching it from the pool: xe host-param-clear uuid=$host param-name=tags; (Run it in moving Xen host) You also need to clear the SR on this host so that there is no conflict when it is added to another cluster. Following are the steps to clear the SR: [root@xenserver1-cloudstack ~]# df Filesystem 1K-blocks Used Available Use% Mounted on . 172.16.197.134:/opt/storage/primary 19856384 2560128 16300160 14% /var/run/sr-mount/66f0805b-da95-872c-2a6e-d5c46c219c2a [root@xenserver1-cloudstack ~]# xe pbd-list sr-uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a uuid ( RO) : 2e2aced7-f27f-917f-a017-68f3504967f0 .. [root@xenserver1-cloudstack ~]# xe pbd-unplug uuid=2e2aced7-f27f-917f-a017-68f3504967f0 [root@xenserver1-cloudstack ~]# xe sr-forget uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a # for pbd in `xe pbd-list currently-attached=false| grep ^uuid | awk '{print $NF}'`; do xe pbd-plug uuid=$pbd ; done Regards, Abhinandan Prateek M +919701199011 abhinandan.prat...@shapeblue.com On 28-Jan-2015, at 9:49 am, Kyle Flavin kyle.fla...@citrix.com wrote: Ah, yes I can confirm that there is a host tag with the following query on the CS database. Here is the sanitized output from the host_tags table: select * from host_tags where host_id=host_id; +-+-++ | id | host_id | tag| +-+-++ | id | hosted | host_name | +-+-++ Is it safe to delete this entry, or should I add the host back into its old cluster and then delete the tag through the UI? -Original Message- From: Somesh Naidu [mailto:somesh.na...@citrix.com] Sent: Tuesday, January 27, 2015 5:20 PM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Yes, check what's in the tags parameter of that host. Cleaning it should resolve the issue. Regards, Somesh -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: Tuesday, January 27, 2015 7:50 PM To: users@cloudstack.apache.org Subject: Removing a host from a cluster and adding it to another I've removed a host from one Cloudstack cluster, and I'm attempting to add it to a new cluster. It will be the only host in the cluster, and used for testing purposes. I put the host into maintenance mode, removed it from its original cluster within the Cloudstack UI, then deleted it from the Xen pool using xe pool-eject. Now when I create a new cluster, and try to add the host, I get an error message that just says Unable to add host from within the Cloudstack web UI. I see messages in management-server.log that say Trying to add a new host at http://myhosthttp://%3cmyhost, but no indication of an error: 2015-01-27 16:28:31,142 INFO [c.c.r.ResourceManagerImpl] (catalina-exec-13:ctx-4ab1a388 ctx-fa2957ea) Trying to add a new host at http://myhost in data center 1 On the Xen host itself, I see the following in the xensource.log: Jan 28 00:28:31 host t1 /opt/xensource/bin/xapi: [debug|host|748 INET 0.0.0.0:80|pool_patch.get_by_uuid D:5fb0d4d944bb|dispatcher] Server_helpers.exec exception_handler: Got exception UUID_INVALID: [ pool_patch; 996dd2e7-ad95-49cc-a0be-2c9adc4dfb0b ] It references an invalid ID, but I'm not sure what that UUID belongs to; it isn't the UUID of the pool. Is there something that needs to be done to clear the configuration of a Xenserver host prior to adding it to a new cluster? Or is Cloudstack remembering the old host name and not allowing me to put it into the new cluster? Thanks, Kyle Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design Buildhttp://shapeblue.com/iaas-cloud-design-and-build// CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/ CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/
Unable to create VM
Hi all, pleas help, I'm on a new ACS 4.4 deployment, I just created successfully a new zone, and added successfully both ISOs and Templates. When I try to add a new VM from an ISO or a Template, it shows the following error: Failed to deploy a VM. Here is the log: 2015-01-28 13:25:26,383 DEBUG [c.c.d.FirstFitPlanner] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) No clusters found after removing disabled clusters and clusters in avoid list, returning. 2015-01-28 13:25:26,387 DEBUG [c.c.v.UserVmManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Destroying vm VM[User|i-2-10-VM] as it failed to create on Host with Id:null 2015-01-28 13:25:26,395 DEBUG [c.c.c.CapacityManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) VM state transitted from :Stopped to Error with event: OperationFailedToErrorvm's original host id: null new host id: null host id before state transition: null 2015-01-28 13:25:26,420 WARN [o.a.c.alerts] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) alertType:: 8 // dataCenterId:: 1 // podId:: null // clusterId:: null // message:: Failed to deploy Vm with Id: 10, on Host with Id: null 2015-01-28 13:25:26,461 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 2015-01-28 13:25:26,464 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Unable to create a deployment for VM[User|i-2-10-VM] com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 at org.apache.cloudstack.engine.cloud.entity.api.VMEntityManagerImpl.reserveVirtualMachine(VMEntityManagerImpl.java:214) at org.apache.cloudstack.engine.cloud.entity.api.VirtualMachineEntityImpl.reserve(VirtualMachineEntityImpl.java:200) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3468) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3123) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3111) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.apache.cloudstack.network.contrail.management.EventUtils$EventInterceptor.invoke(EventUtils.java:106) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at com.cloud.event.ActionEventInterceptor.invoke(ActionEventInterceptor.java:51) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at com.sun.proxy.$Proxy207.startVirtualMachine(Unknown Source) at org.apache.cloudstack.api.command.admin.vm.DeployVMCmdByAdmin.execute(DeployVMCmdByAdmin.java:48) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:141) at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:108) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInContext(AsyncJobManagerImpl.java:503) at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49) 2015-01-28 13:25:42,875 DEBUG [c.c.a.m.AgentManagerImpl] (AgentManager-Handler-8:null) SeqA 2-12120: Processing Seq 2-12120: { Cmd , MgmtId: -1, via: 2, Ver: v1, Flags: 11, [{com.cloud.agent.api.ConsoleProxyLoadReportCommand:{_proxyVmId:2,_loadInfo:{\n \connections\: []\n},wait:0}}] } 2015-01-28 13:25:42,882 DEBUG [c.c.a.m.AgentManagerImpl] (AgentManager-Handler-8:null) SeqA 2-12120: Sending Seq 2-12120: { Ans: , MgmtId: 345052570767, via: 2, Ver: v1, Flags: 100010, [{com.cloud.agent.api.AgentControlAnswer:{result:true,wait:0}}] } 2015-01-28 13:25:47,916 DEBUG [c.c.a.m.AgentManagerImpl] (AgentManager-Handler-10:null) SeqA 2-12121:
RE: Removing a host from a cluster and adding it to another
Kyle, I'm guessing there is still something referencing the old Pool the Host used to belong to which is causing the problem. I really recommend you just re-install XenServer from scratch and have a clean host. A XenServer 6.5 install takes literally 10 mins to do a manual install as there are no Hotfixes to apply yet, a XenServer 6.2 install can take an hour due to all the Hotfixes but you only need to apply the following as they contain all the others not listed: XS62ESP1.xsupdate XS62ESP1003.xsupdate XS62ESP1005.xsupdate XS62ESP1009.xsupdate XS62ESP1014.xsupdate XS62ESP1016.xsupdate So that would be six reboots of the host to apply all the patches up to XS62ESP1016 I also recommend you invest some time setting up a PXE deployment architecture which can auto install XenServer and all the patches, then if you ever need to re-install a host or deploy a new one, you can do so with very little effort and enjoy a nice hot coffee while it does all the work for you. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: 28 January 2015 16:50 To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another I seem to be a little closer. I've cleared the tags and the SR on my host. When I try to add the host to my new cluster through the Cloudstack web UI, I now see this: Please join the host IP to XS pool UUID through XC/XS before adding it through CS UI I take it this means the host needs to be in a Xen pool first, but I don't know what the pool referenced by UUID is. It does not match the cluster UUID in Cloudstack, or any pool UUID's that I can see in Xen. I see that there is a xe pool-join command, but it takes an IP address, not a UUID. How do I join my host to the pool given by the Cloudstack error message above? -Original Message- From: Abhinandan Prateek [mailto:abhinandan.prat...@shapeblue.com] Sent: Tuesday, January 27, 2015 9:56 PM To: users@cloudstack.apache.org Subject: Re: Removing a host from a cluster and adding it to another The tag needs to be removed from the Xen Hypervisor so that it cleanly goes to another cluster. Use the following to clear host tags after detaching it from the pool: xe host-param-clear uuid=$host param-name=tags; (Run it in moving Xen host) You also need to clear the SR on this host so that there is no conflict when it is added to another cluster. Following are the steps to clear the SR: [root@xenserver1-cloudstack ~]# df Filesystem 1K-blocks Used Available Use% Mounted on . 172.16.197.134:/opt/storage/primary 19856384 2560128 16300160 14% /var/run/sr-mount/66f0805b-da95-872c-2a6e-d5c46c219c2a [root@xenserver1-cloudstack ~]# xe pbd-list sr-uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a uuid ( RO) : 2e2aced7-f27f-917f-a017-68f3504967f0 .. [root@xenserver1-cloudstack ~]# xe pbd-unplug uuid=2e2aced7-f27f-917f-a017-68f3504967f0 [root@xenserver1-cloudstack ~]# xe sr-forget uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a # for pbd in `xe pbd-list currently-attached=false| grep ^uuid | awk '{print $NF}'`; do xe pbd-plug uuid=$pbd ; done Regards, Abhinandan Prateek M +919701199011 abhinandan.prat...@shapeblue.com On 28-Jan-2015, at 9:49 am, Kyle Flavin kyle.fla...@citrix.com wrote: Ah, yes I can confirm that there is a host tag with the following query on the CS database. Here is the sanitized output from the host_tags table: select * from host_tags where host_id=host_id; +-+-++ | id | host_id | tag| +-+-++ | id | hosted | host_name | +-+-++ Is it safe to delete this entry, or should I add the host back into its old cluster and then delete the tag through the UI? -Original Message- From: Somesh Naidu [mailto:somesh.na...@citrix.com] Sent: Tuesday, January 27, 2015 5:20 PM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Yes, check what's in the tags parameter of that host. Cleaning it should resolve the issue. Regards, Somesh -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: Tuesday, January 27, 2015 7:50 PM To: users@cloudstack.apache.org Subject: Removing a host from a cluster and adding it to another I've removed a host from one Cloudstack cluster, and I'm attempting to add it to a new cluster. It will be the only host in the cluster, and used for testing purposes. I put the host into maintenance mode, removed it from its original cluster within the Cloudstack UI, then deleted it from the Xen pool using xe pool-eject. Now when I create a new cluster, and try to add the host, I get an error message that just says Unable to add host
RE: Removing a host from a cluster and adding it to another
Hi Geoff, So question for you. The purpose behind me doing this is to test upgrade a single host from Xen 6.2 to 6.5. I was moving the host out of its original cluster so as not to impact any running VM's in the existing cluster (I haven't attempted to upgrade XenServer before, so I want to be extra careful). Does that approach makes sense to you? Given the time I've sunk into this over the past day, I'm thinking I may reinstall with Xen 6.2, add it to its own CS cluster, and then attempt the upgrade to 6.5. Kyle -Original Message- From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com] Sent: Wednesday, January 28, 2015 9:04 AM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Kyle, I'm guessing there is still something referencing the old Pool the Host used to belong to which is causing the problem. I really recommend you just re-install XenServer from scratch and have a clean host. A XenServer 6.5 install takes literally 10 mins to do a manual install as there are no Hotfixes to apply yet, a XenServer 6.2 install can take an hour due to all the Hotfixes but you only need to apply the following as they contain all the others not listed: XS62ESP1.xsupdate XS62ESP1003.xsupdate XS62ESP1005.xsupdate XS62ESP1009.xsupdate XS62ESP1014.xsupdate XS62ESP1016.xsupdate So that would be six reboots of the host to apply all the patches up to XS62ESP1016 I also recommend you invest some time setting up a PXE deployment architecture which can auto install XenServer and all the patches, then if you ever need to re-install a host or deploy a new one, you can do so with very little effort and enjoy a nice hot coffee while it does all the work for you. Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Kyle Flavin [mailto:kyle.fla...@citrix.com] Sent: 28 January 2015 16:50 To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another I seem to be a little closer. I've cleared the tags and the SR on my host. When I try to add the host to my new cluster through the Cloudstack web UI, I now see this: Please join the host IP to XS pool UUID through XC/XS before adding it through CS UI I take it this means the host needs to be in a Xen pool first, but I don't know what the pool referenced by UUID is. It does not match the cluster UUID in Cloudstack, or any pool UUID's that I can see in Xen. I see that there is a xe pool-join command, but it takes an IP address, not a UUID. How do I join my host to the pool given by the Cloudstack error message above? -Original Message- From: Abhinandan Prateek [mailto:abhinandan.prat...@shapeblue.com] Sent: Tuesday, January 27, 2015 9:56 PM To: users@cloudstack.apache.org Subject: Re: Removing a host from a cluster and adding it to another The tag needs to be removed from the Xen Hypervisor so that it cleanly goes to another cluster. Use the following to clear host tags after detaching it from the pool: xe host-param-clear uuid=$host param-name=tags; (Run it in moving Xen host) You also need to clear the SR on this host so that there is no conflict when it is added to another cluster. Following are the steps to clear the SR: [root@xenserver1-cloudstack ~]# df Filesystem 1K-blocks Used Available Use% Mounted on . 172.16.197.134:/opt/storage/primary 19856384 2560128 16300160 14% /var/run/sr-mount/66f0805b-da95-872c-2a6e-d5c46c219c2a [root@xenserver1-cloudstack ~]# xe pbd-list sr-uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a uuid ( RO) : 2e2aced7-f27f-917f-a017-68f3504967f0 .. [root@xenserver1-cloudstack ~]# xe pbd-unplug uuid=2e2aced7-f27f-917f-a017-68f3504967f0 [root@xenserver1-cloudstack ~]# xe sr-forget uuid=66f0805b-da95-872c-2a6e-d5c46c219c2a # for pbd in `xe pbd-list currently-attached=false| grep ^uuid | awk '{print $NF}'`; do xe pbd-plug uuid=$pbd ; done Regards, Abhinandan Prateek M +919701199011 abhinandan.prat...@shapeblue.com On 28-Jan-2015, at 9:49 am, Kyle Flavin kyle.fla...@citrix.com wrote: Ah, yes I can confirm that there is a host tag with the following query on the CS database. Here is the sanitized output from the host_tags table: select * from host_tags where host_id=host_id; +-+-++ | id | host_id | tag| +-+-++ | id | hosted | host_name | +-+-++ Is it safe to delete this entry, or should I add the host back into its old cluster and then delete the tag through the UI? -Original Message- From: Somesh Naidu [mailto:somesh.na...@citrix.com] Sent: Tuesday, January 27, 2015 5:20 PM To: users@cloudstack.apache.org Subject: RE: Removing a host from a cluster and adding it to another Yes, check what's in
RE: Unable to create VM
It say's InsufficientServerCapacityException but not sure which resource based on the logs below. You could do a grep on 'job-56 to get more insight. If not, share that output via pastebin. Somesh CloudPlatform Escalations Citrix Systems, Inc. -Original Message- From: José Egas López [mailto:josee...@farmaenlace.com] Sent: Wednesday, January 28, 2015 1:43 PM To: users@cloudstack.apache.org Subject: Unable to create VM Hi all, pleas help, I'm on a new ACS 4.4 deployment, I just created successfully a new zone, and added successfully both ISOs and Templates. When I try to add a new VM from an ISO or a Template, it shows the following error: Failed to deploy a VM. Here is the log: 2015-01-28 13:25:26,383 DEBUG [c.c.d.FirstFitPlanner] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) No clusters found after removing disabled clusters and clusters in avoid list, returning. 2015-01-28 13:25:26,387 DEBUG [c.c.v.UserVmManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Destroying vm VM[User|i-2-10-VM] as it failed to create on Host with Id:null 2015-01-28 13:25:26,395 DEBUG [c.c.c.CapacityManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) VM state transitted from :Stopped to Error with event: OperationFailedToErrorvm's original host id: null new host id: null host id before state transition: null 2015-01-28 13:25:26,420 WARN [o.a.c.alerts] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) alertType:: 8 // dataCenterId:: 1 // podId:: null // clusterId:: null // message:: Failed to deploy Vm with Id: 10, on Host with Id: null 2015-01-28 13:25:26,461 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 2015-01-28 13:25:26,464 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Unable to create a deployment for VM[User|i-2-10-VM] com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 at org.apache.cloudstack.engine.cloud.entity.api.VMEntityManagerImpl.reserveVirtualMachine(VMEntityManagerImpl.java:214) at org.apache.cloudstack.engine.cloud.entity.api.VirtualMachineEntityImpl.reserve(VirtualMachineEntityImpl.java:200) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3468) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3123) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3111) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.apache.cloudstack.network.contrail.management.EventUtils$EventInterceptor.invoke(EventUtils.java:106) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at com.cloud.event.ActionEventInterceptor.invoke(ActionEventInterceptor.java:51) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at com.sun.proxy.$Proxy207.startVirtualMachine(Unknown Source) at org.apache.cloudstack.api.command.admin.vm.DeployVMCmdByAdmin.execute(DeployVMCmdByAdmin.java:48) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:141) at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:108) at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInContext(AsyncJobManagerImpl.java:503) at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49) 2015-01-28 13:25:42,875 DEBUG [c.c.a.m.AgentManagerImpl] (AgentManager-Handler-8:null) SeqA 2-12120: Processing Seq 2-12120: { Cmd , MgmtId: -1, via: 2, Ver: v1, Flags: 11,
RE: Unable to create VM
It's a fresh deployment, I don't know why it throws that InsufficientServerCapacityException. Somesh, what do you exactly mean with doing a grep? Thanks! Regards, José -Mensaje original- De: Somesh Naidu [mailto:somesh.na...@citrix.com] Enviado el: miércoles, 28 de enero de 2015 13:51 Para: users@cloudstack.apache.org Asunto: RE: Unable to create VM It say's InsufficientServerCapacityException but not sure which resource based on the logs below. You could do a grep on 'job-56 to get more insight. If not, share that output via pastebin. Somesh CloudPlatform Escalations Citrix Systems, Inc. -Original Message- From: José Egas López [mailto:josee...@farmaenlace.com] Sent: Wednesday, January 28, 2015 1:43 PM To: users@cloudstack.apache.org Subject: Unable to create VM Hi all, pleas help, I'm on a new ACS 4.4 deployment, I just created successfully a new zone, and added successfully both ISOs and Templates. When I try to add a new VM from an ISO or a Template, it shows the following error: Failed to deploy a VM. Here is the log: 2015-01-28 13:25:26,383 DEBUG [c.c.d.FirstFitPlanner] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) No clusters found after removing disabled clusters and clusters in avoid list, returning. 2015-01-28 13:25:26,387 DEBUG [c.c.v.UserVmManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Destroying vm VM[User|i-2-10-VM] as it failed to create on Host with Id:null 2015-01-28 13:25:26,395 DEBUG [c.c.c.CapacityManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) VM state transitted from :Stopped to Error with event: OperationFailedToErrorvm's original host id: null new host id: null host id before state transition: null 2015-01-28 13:25:26,420 WARN [o.a.c.alerts] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) alertType:: 8 // dataCenterId:: 1 // podId:: null // clusterId:: null // message:: Failed to deploy Vm with Id: 10, on Host with Id: null 2015-01-28 13:25:26,461 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 2015-01-28 13:25:26,464 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Unable to create a deployment for VM[User|i-2-10-VM] com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 at org.apache.cloudstack.engine.cloud.entity.api.VMEntityManagerImpl.reserveVirtualMachine(VMEntityManagerImpl.java:214) at org.apache.cloudstack.engine.cloud.entity.api.VirtualMachineEntityImpl.reserve(VirtualMachineEntityImpl.java:200) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3468) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3123) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3111) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.apache.cloudstack.network.contrail.management.EventUtils$EventInterceptor.invoke(EventUtils.java:106) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at com.cloud.event.ActionEventInterceptor.invoke(ActionEventInterceptor.java:51) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at com.sun.proxy.$Proxy207.startVirtualMachine(Unknown Source) at org.apache.cloudstack.api.command.admin.vm.DeployVMCmdByAdmin.execute(DeployVMCmdByAdmin.java:48) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:141) at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:108) at
Re: Unable to create VM
You just need to read carefully the lines above this one : “create a deployment for VM[User|i-2-10-VM] com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1” You will see in the logs each cluster and host of the cluster that the CS is checking if they receive the VM. It will say the amount of free memory, CPU and storage for each cluster. You will see what the problem is; just read carefully the logs entries. On Wed, Jan 28, 2015 at 5:40 PM, José Egas López josee...@farmaenlace.com wrote: It's a fresh deployment, I don't know why it throws that InsufficientServerCapacityException. Somesh, what do you exactly mean with doing a grep? Thanks! Regards, José -Mensaje original- De: Somesh Naidu [mailto:somesh.na...@citrix.com] Enviado el: miércoles, 28 de enero de 2015 13:51 Para: users@cloudstack.apache.org Asunto: RE: Unable to create VM It say's InsufficientServerCapacityException but not sure which resource based on the logs below. You could do a grep on 'job-56 to get more insight. If not, share that output via pastebin. Somesh CloudPlatform Escalations Citrix Systems, Inc. -Original Message- From: José Egas López [mailto:josee...@farmaenlace.com] Sent: Wednesday, January 28, 2015 1:43 PM To: users@cloudstack.apache.org Subject: Unable to create VM Hi all, pleas help, I'm on a new ACS 4.4 deployment, I just created successfully a new zone, and added successfully both ISOs and Templates. When I try to add a new VM from an ISO or a Template, it shows the following error: Failed to deploy a VM. Here is the log: 2015-01-28 13:25:26,383 DEBUG [c.c.d.FirstFitPlanner] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) No clusters found after removing disabled clusters and clusters in avoid list, returning. 2015-01-28 13:25:26,387 DEBUG [c.c.v.UserVmManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Destroying vm VM[User|i-2-10-VM] as it failed to create on Host with Id:null 2015-01-28 13:25:26,395 DEBUG [c.c.c.CapacityManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) VM state transitted from :Stopped to Error with event: OperationFailedToErrorvm's original host id: null new host id: null host id before state transition: null 2015-01-28 13:25:26,420 WARN [o.a.c.alerts] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) alertType:: 8 // dataCenterId:: 1 // podId:: null // clusterId:: null // message:: Failed to deploy Vm with Id: 10, on Host with Id: null 2015-01-28 13:25:26,461 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 2015-01-28 13:25:26,464 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Unable to create a deployment for VM[User|i-2-10-VM] com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 at org.apache.cloudstack.engine.cloud.entity.api.VMEntityManagerImpl.reserveVirtualMachine(VMEntityManagerImpl.java:214) at org.apache.cloudstack.engine.cloud.entity.api.VirtualMachineEntityImpl.reserve(VirtualMachineEntityImpl.java:200) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3468) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3123) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3111) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.apache.cloudstack.network.contrail.management.EventUtils$EventInterceptor.invoke(EventUtils.java:106) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at com.cloud.event.ActionEventInterceptor.invoke(ActionEventInterceptor.java:51) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at
Re: GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems - See more at: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679#sth
Folks - just posted mitigation details at [1]. An updated SSVM template is being QAed, once released the post will be updated with links and we’ll mention here as well. John 1: https://blogs.apache.org/cloudstack/entry/cloudstack_and_the_ghost_glibc On Jan 28, 2015, at 4:55 AM, Rohit Yadav rohit.ya...@shapeblue.commailto:rohit.ya...@shapeblue.com wrote: Hi, While it's a general public news, everyone is requested and encouraged to use the security mailing list in future to report anything. For more details please read: http://cloudstack.apache.org/security.html Thanks and regards. On Wednesday 28 January 2015 03:34 PM, linux...@gmail.commailto:linux...@gmail.com wrote: A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The issue stems from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. That particular function is used by the _gethostbyname function calls. Related Posts Shellshock Worm Exploiting Unpatched QNAP NAS Devices December 15, 2014 , 11:35 am Linux Modules Connected to Turla APT Discovered December 9, 2014 , 10:26 am Bash Exploit Reported, First Round of Patches Incomplete September 25, 2014 , 11:41 am “A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application,” said an advisory from Linux distributor Red Hat. The vulnerability, CVE-2015-0235, has already been nicknamed GHOST because of its relation to the _gethostbyname function. Researchers at Qualys discovered the flaw, and say it goes back to glibc version 2.2 in Linux systems published in November 2000. According to Qualys, there is a mitigation for this issue that was published May 21, 2013 between patch glibc-2.17 versions and glibc-2.18. “Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 7, CentOS 6 7, Ubuntu 12.04, for example,” said an advisory from Qualys posted to the OSS-Security mailing list. Respective Linux distributions will be releasing patches; Red Hat has released an update for Red Hat Enterprise Linux v.5 server. Novell has a list of SUSE Linux Enterprise Server builds affected by the vulnerability. Debian has already released an update of its software addressing the vulnerability. “It’s everywhere, which is kind of the urgency we have here. This has been in glibc for a long time. It was fixed recently, but it was not marked as a security issue, so things that are fairly new should be OK,” said Josh Bressers, a member of the Red Hat security response team. “From a threat level, what it comes down to is a handful of stuff that’s probably dangerous that uses this function.” Unlike past Internet-wide bugs such as Bash, patching glibc may not be the chore it was with Bash since so many components made silent Bash calls. “In this instance, you just apply the glibc update, and restart any services that are vulnerable,” Bressers said. “It’s not confusing like Shellshock was.” Qualys, in its advisory, not only shares extremely in-depth technical information on the vulnerability, but also includes a section explaining exploitation of the Exim SMTP mail server. The advisory demonstrates how to bypass NX, or No-eXecute protection as well as glibc malloc hardening, Qualys said. Qualys also said that in addition to the 2013 patch, other factors mitigate the impact of the vulnerability, including the fact that the gethostbyname functions are obsolete because of IPv6 and newer applications using a different call, getaddrinfo(). While the flaw is also exploitable locally, this scenario too is mitigated because many programs rely on gethostbyname only if another preliminary call fails and a secondary call succeeds in order to reach the overflow. The advisory said this is “impossible” and those programs are safe. There are mitigations against remote exploitation too, Qualys said. Servers, for example, use gethostbyname to perform full-circle reverse DNS checks. “These programs are generally safe because the hostname passed to gethostbyname() has normally been pre-validated by DNS software,” the advisory. “It’s not looking like a huge remote problem, right now,” Bressers said. However, while the bug may have been dormant since 2000, there is no way to tell if criminals or government-sponsored hackers have been exploiting this vulnerability. Nor is there any way to tell what will happen once legitimate security researchers—and black hats—begin looking at the vulnerability now that it’s out in the open. With Bash, for example, it didn’t take long for additional security issues to rise to the surface. - See more at:
RE: Unable to create VM
It may be the template I don't know. When I said do a grep, I meant something like - grep job-56 management-server.log | less - then read through the operation and find out the first failure. Somesh CloudPlatform Escalations Citrix Systems, Inc. -Original Message- From: José Egas López [mailto:josee...@farmaenlace.com] Sent: Wednesday, January 28, 2015 2:40 PM To: users@cloudstack.apache.org Subject: RE: Unable to create VM It's a fresh deployment, I don't know why it throws that InsufficientServerCapacityException. Somesh, what do you exactly mean with doing a grep? Thanks! Regards, José -Mensaje original- De: Somesh Naidu [mailto:somesh.na...@citrix.com] Enviado el: miércoles, 28 de enero de 2015 13:51 Para: users@cloudstack.apache.org Asunto: RE: Unable to create VM It say's InsufficientServerCapacityException but not sure which resource based on the logs below. You could do a grep on 'job-56 to get more insight. If not, share that output via pastebin. Somesh CloudPlatform Escalations Citrix Systems, Inc. -Original Message- From: José Egas López [mailto:josee...@farmaenlace.com] Sent: Wednesday, January 28, 2015 1:43 PM To: users@cloudstack.apache.org Subject: Unable to create VM Hi all, pleas help, I'm on a new ACS 4.4 deployment, I just created successfully a new zone, and added successfully both ISOs and Templates. When I try to add a new VM from an ISO or a Template, it shows the following error: Failed to deploy a VM. Here is the log: 2015-01-28 13:25:26,383 DEBUG [c.c.d.FirstFitPlanner] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) No clusters found after removing disabled clusters and clusters in avoid list, returning. 2015-01-28 13:25:26,387 DEBUG [c.c.v.UserVmManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Destroying vm VM[User|i-2-10-VM] as it failed to create on Host with Id:null 2015-01-28 13:25:26,395 DEBUG [c.c.c.CapacityManagerImpl] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) VM state transitted from :Stopped to Error with event: OperationFailedToErrorvm's original host id: null new host id: null host id before state transition: null 2015-01-28 13:25:26,420 WARN [o.a.c.alerts] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) alertType:: 8 // dataCenterId:: 1 // podId:: null // clusterId:: null // message:: Failed to deploy Vm with Id: 10, on Host with Id: null 2015-01-28 13:25:26,461 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 2015-01-28 13:25:26,464 INFO [o.a.c.a.c.a.v.DeployVMCmdByAdmin] (API-Job-Executor-16:ctx-ee81845c job-56 ctx-91e83bb7) Unable to create a deployment for VM[User|i-2-10-VM] com.cloud.exception.InsufficientServerCapacityException: Unable to create a deployment for VM[User|i-2-10-VM]Scope=interface com.cloud.dc.DataCenter; id=1 at org.apache.cloudstack.engine.cloud.entity.api.VMEntityManagerImpl.reserveVirtualMachine(VMEntityManagerImpl.java:214) at org.apache.cloudstack.engine.cloud.entity.api.VirtualMachineEntityImpl.reserve(VirtualMachineEntityImpl.java:200) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3468) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3123) at com.cloud.vm.UserVmManagerImpl.startVirtualMachine(UserVmManagerImpl.java:3111) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.apache.cloudstack.network.contrail.management.EventUtils$EventInterceptor.invoke(EventUtils.java:106) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at com.cloud.event.ActionEventInterceptor.invoke(ActionEventInterceptor.java:51) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at