RE: CS version to work with XenServer 6.5

[Adrian Lewis]

Rohit (or anyone else able to answer) - are we waiting for any more fixes
before going for a 4.5.1 RC2 vote or is it a case of David finding the
time to do it?

-Original Message-
From: Vadim Kimlaychuk [mailto:vadim.kimlayc...@elion.ee]
Sent: 02 April 2015 09:14
To: users@cloudstack.apache.org
Subject: RE: CS version to work with XenServer 6.5

Thank you, Rohit !

 I will report any problems if find. Extra test will not be excessive :)

BR,

Vadim.

-Original Message-
From: Rohit Yadav [mailto:rohit.ya...@shapeblue.com]
Sent: Thursday, April 02, 2015 10:52 AM
To: users@cloudstack.apache.org
Subject: Re: CS version to work with XenServer 6.5

Hi Vadim,

I think the 4.5.0 tag was never pushed due to some blocker that were found
after 4.5.0 was voted. I recommend you use the latest 4.5 branch which
will be soon used to vote/release 4.5.1. For systemvm templates, you can
either get them from the Jenkins build you shared or from
http://packages.shapeblue.com/systemvmtemplate/4.5/ (though I'll refresh
the systemvmtemplate once 4.5.1 gets released on our hosting server).

Hope this helps.

> On 02-Apr-2015, at 12:36 pm, Vadim Kimlaychuk
 wrote:
>
> So, I clone branch 4.5-RC20150319 (the latest 4.5 at github right now)
and build it ?  What about system VM-s ? Are those, referenced to Jenkins
build are OK?  Like :
http://jenkins.buildacloud.org/view/4.5/job/build-systemvm-4.5/lastSuccess
fulBuild/artifact/tools/appliance/dist/
>
> P.S. I couldn't find 4.5.* tags at github.  Does that mean tags are
suspended for 4.5 branch ?
>
> Vadim.
>
> -Original Message-
> From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com]
> Sent: Thursday, April 02, 2015 9:52 AM
> To: 
> Subject: Re: CS version to work with XenServer 6.5
>
> Hi Vadim,
>
> You really need the 4.5 branch for XenServer 6.5
>
> Your best bet is to build 4.5.1 from source as 4.5.0 has a bug specific
to VPC.
>
> 4.5.1 RC1 is currently being voted on but I think there might be a
second round of voting so building from source should get you the latest
code Base.
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
> D: +44 20 3603 0542 | S: +44 20 3603
0540 | M: +447968161581
>
>
geoff.higginbot...@shapeblue.com
| www.shapeblue.com |
Twitter:@cloudstackguru
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N
4HS
>
>
> On 2 Apr 2015, at 07:12, Vadim Kimlaychuk
mailto:vadim.kimlayc...@elion.ee>> wrote:
>
> Dear friends,
>
>   Need your advice. I am going to deploy cloudstack to work with
XenServer 6.5 + Advanced Zone + VPC.  What is correct version to choose ?
To be more precise - is it better to compile from the sources 4.5.1 or
install 4.4.2 that is officially announced ? Or something else (clone
master, clone + patch, etc.)? I am not afraid of manual work to be done,
but rather expect that release have support for XS6.5 and VPC is working.
>
>   Sorry for my impatience.
>
> Thanks,
>
> Vadim
>
> Find out more about ShapeBlue and our range of CloudStack related
services
>
> IaaS Cloud Design &
Build
> CSForge - rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Software
Engineering
> CloudStack Infrastructure
Support
> CloudStack Bootcamp Training
Courses
>
> This email and any attachments to it may be confidential and are
intended solely for the use of the individual to whom it is addressed. Any
views or opinions expressed are solely those of the author and do not
necessarily represent those of Shape Blue Ltd or related companies. If you
are not the intended recipient of this email, you must neither take any
action based upon its contents, nor copy or show it to anyone. Please
contact the sender if you believe you have received this email in error.
Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue
Services India LLP is a company incorporated in India and is operated
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a
company incorporated in Brasil and is operated under license from Shape
Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic of
South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is
a registered trademark.

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 88 262 30892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design &
Build
CSForge - rapid IaaS deployment framework
CloudStack Consulting

RE: Any VxLan Support on Xenserver

[Adrian Lewis]

I think that the issue is with needing a controller. Unfortunately you can't
just replace VLANs with VXLANs unless there's some form of control plane.
You can do this in a distributed manner using broadcast to multicast
mechanisms but this AFAIK is not implemented in Openvswitch. I'm not quite
sure on the commercial aspects but XenServer 6.5 re-introduced the vSwitch
controller appliance (DVSC) so this could be a candidate but AFAIK, it's
only available on licensed versions of XenServer so any development would
likely come from Citrix. There was some work done by Hugo on ACS with
OpenDaylight but I think this ran into some issues with the Openvswitch
version on XS at the time. That's about all I know but hopefully this helps.
I'd be very interested to hear if anyone is actively doing any work on this
though.

-Original Message-
From: Keerthiraja SJ [mailto:sjkeer...@gmail.com]
Sent: 31 March 2015 08:39
To: users@cloudstack.apache.org; d...@cloudstack.apache.org
Subject: Any VxLan Support on Xenserver

Hi All,

Is there any plan to bring up VxLAN support for xenserver on future release
version.

Thanks,
Keerthi

RE: Network QoS (not bandwidth limiting)

[Adrian Lewis]

 most common complaint I see from
> people who are infrastructure maintainers is "why can't I just build
> the infrastructure the way I want and then have it orchestrated?".
> Unfortunately, we can't just automate and integrate with anyone's pet
> design. CloudStack supports many novel and custom network designs
> simply by allowing the option of letting you manage the network
> hardware and being hands-off (shared/public networks), while also
> being pluggable to allow vendors to take over whatever features and
> they wish. I've seen some pretty advanced overlay networking provided
> through third party plugins to CloudStack that take over all network
> functionality and provide more.
>
> What's really being asked for here is for CloudStack to provide and
> maintain a fully-fledged and featured router distribution in its
> provided virtual router. It's an admirable project to have if we can
> get support for it. My guess is there's a bit of a disconnect in
> interest though, because many (but not all) enterprises who want
> CloudStack for infrastructure automation are skeptical about a VM as
> software router and prefer to bring in aforementioned enterprise
> vendors who have their own plugins. People who provide cloud hosting
> and other services tend to use the routers, but their interest in
> enterprise level routing and redundancy varies greatly, and their
> customers are designing their apps to be resilient to infrastructure
> loss (e.g. most AWS customers). That's of course not entirely the
> whole truth, as is evidenced by the work we are seeing on redundant
> routers, but I do believe that's why we haven't seen these things from the
> beginning.
> They just haven't been all that important to the target customers,
> even though infrastructure engineers are used to providing them.
>
> So now comes my philosophy. In the end, I think the great thing about
> open source communities is that if there's the right level of
> interest, it will happen.  I'm the kind of person who feels a pang of
> stress at the idea that something I work on can't be all things to all
> people, but after building a hosting business over the last few years
> I've begun to realize that it's really only practical to try to be
> good for a subset of the market and focus on that. You'll never please
> everyone, there are limits to what you can accomplish, and sometimes
> it's OK to just concede that your product is not going to work for
> everyone. If you don't, you'll spread yourself too thin and fail
> everyone. In order to make something great you have to have a limit on
> your scope. That's not to say you don't listen to your customers, but
> you sometimes have to make hard choices on who to listen to and who to
> upset.
>
> None of this should be taken as a discouragement to the topics at
> hand, but again as someone to takes it personally when I don't deliver
> I wanted to provide some follow up to address the "rant" and try to
> provide perspective on why the things are the way they are.
>
> On Sat, Feb 21, 2015 at 1:58 PM, Somesh Naidu
> 
> wrote:
> > Adrian,
> >
> > Rant or not, I believe you have raised a valid point and reflect
> > certain
> group of peoples requirement.
> >
> > Based on your requirement, I believe you are looking for something
> > like
> Vyatta.
> >
> > Regards,
> > Somesh
> >
> > -Original Message-
> > From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> > Sent: Friday, February 20, 2015 8:50 PM
> > To: users@cloudstack.apache.org
> > Subject: RE: Network QoS (not bandwidth limiting)
> >
> > Tempted to suggest some sort of special interest group where
> > networking people can have some input into the dev process despite
> > not necessarily being able to produce any code themselves. As an
> > example, Schuberg Philis have recently done some great work on the
> > redundant VPC VR but to a network person, this sort of functionality
> > is almost taken for granted (please don't take this as a lack of
> > appreciation).
> > Similarly, the lack of end-to-end QoS for applications running on
> > ACS seems to me at least to be a fairly significant oversight. ACS
> > is known as having very flexible networking compared with some of
> > the alternatives but there does still appear to be an enterprise
> > focus on
> most elements that a 'typical'
> > developer (dare I say it, web developer) faces but more of a home
> > network approach to the networking side (aside from some pretty
> > impressive niche fe

RE: Network QoS (not bandwidth limiting)

[Adrian Lewis]

enterprise level routing and redundancy varies greatly, and
their customers are designing their apps to be resilient to infrastructure
loss (e.g. most AWS customers). That's of course not entirely the whole
truth, as is evidenced by the work we are seeing on redundant routers, but I
do believe that's why we haven't seen these things from the beginning. They
just haven't been all that important to the target customers, even though
infrastructure engineers are used to providing them.

So now comes my philosophy. In the end, I think the great thing about open
source communities is that if there's the right level of interest, it will
happen.  I'm the kind of person who feels a pang of stress at the idea that
something I work on can't be all things to all people, but after building a
hosting business over the last few years I've begun to realize that it's
really only practical to try to be good for a subset of the market and focus
on that. You'll never please everyone, there are limits to what you can
accomplish, and sometimes it's OK to just concede that your product is not
going to work for everyone. If you don't, you'll spread yourself too thin
and fail everyone. In order to make something great you have to have a limit
on your scope. That's not to say you don't listen to your customers, but you
sometimes have to make hard choices on who to listen to and who to upset.

None of this should be taken as a discouragement to the topics at hand, but
again as someone to takes it personally when I don't deliver I wanted to
provide some follow up to address the "rant" and try to provide perspective
on why the things are the way they are.

On Sat, Feb 21, 2015 at 1:58 PM, Somesh Naidu 
wrote:
> Adrian,
>
> Rant or not, I believe you have raised a valid point and reflect certain
> group of peoples requirement.
>
> Based on your requirement, I believe you are looking for something like
> Vyatta.
>
> Regards,
> Somesh
>
> -Original Message-
> From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> Sent: Friday, February 20, 2015 8:50 PM
> To: users@cloudstack.apache.org
> Subject: RE: Network QoS (not bandwidth limiting)
>
> Tempted to suggest some sort of special interest group where
> networking people can have some input into the dev process despite not
> necessarily being able to produce any code themselves. As an example,
> Schuberg Philis have recently done some great work on the redundant
> VPC VR but to a network person, this sort of functionality is almost
> taken for granted (please don't take this as a lack of appreciation).
> Similarly, the lack of end-to-end QoS for applications running on ACS
> seems to me at least to be a fairly significant oversight. ACS is
> known as having very flexible networking compared with some of the
> alternatives but there does still appear to be an enterprise focus on most
> elements that a 'typical'
> developer (dare I say it, web developer) faces but more of a home
> network approach to the networking side (aside from some pretty
> impressive niche features).
>
> We shouldn't need to rely on proprietary 3rd party products to provide
> a similar level of versatility for networking in ACS in my opinion. It
> seems bizarre to me that we have load balancing, distributed routing &
> ACLs with the OVS controller, PVLANs for isolation,  etc, but yet
> still don't have what I would consider basic functions such as better
> control over NAT, firewalling, routing (no dynamic routing protocols
> at all), IPsec, having to specify IP related attributes to what should
> simply be L2 constructs (why does a VPC need to be given a CIDR?!?)
> etc. AWS had a similar issue that lead to the VPC being introduced -
> enterprises consistently rejected the weird and illogical way that
> they did networking back in the day that was overly focussed on web/cloudy
> workloads.
>
> This sounds like a rant and to an extent it is but I'd like to turn it
> into a positive. I feel fairly helpless when the typical response to
> feedback like this is that I should just contribute code. There are a
> number of people that embrace the concept that the community should be
> a collective of not just developers, but at the same time it's pretty
> difficult to feel part of a community that's run almost uniquely by
> developers; it's even a bit intimidating at times. I've seen too many
> commercial companies that abandon innovation in favour of satisfying
> the 'large account' RFC/RFPs and in my opinion the same may apply to a
> project driven largely by the needs of those that can contribute code.
>
> To flip the concept on its head, it would be like a network guy
> creating an amazin

RE: Network QoS (not bandwidth limiting)

[Adrian Lewis]

Tempted to suggest some sort of special interest group where networking
people can have some input into the dev process despite not necessarily
being able to produce any code themselves. As an example, Schuberg Philis
have recently done some great work on the redundant VPC VR but to a
network person, this sort of functionality is almost taken for granted
(please don't take this as a lack of appreciation). Similarly, the lack of
end-to-end QoS for applications running on ACS seems to me at least to be
a fairly significant oversight. ACS is known as having very flexible
networking compared with some of the alternatives but there does still
appear to be an enterprise focus on most elements that a 'typical'
developer (dare I say it, web developer) faces but more of a home network
approach to the networking side (aside from some pretty impressive niche
features).

We shouldn't need to rely on proprietary 3rd party products to provide a
similar level of versatility for networking in ACS in my opinion. It seems
bizarre to me that we have load balancing, distributed routing & ACLs with
the OVS controller, PVLANs for isolation,  etc, but yet still don't have
what I would consider basic functions such as better control over NAT,
firewalling, routing (no dynamic routing protocols at all), IPsec, having
to specify IP related attributes to what should simply be L2 constructs
(why does a VPC need to be given a CIDR?!?) etc. AWS had a similar issue
that lead to the VPC being introduced - enterprises consistently rejected
the weird and illogical way that they did networking back in the day that
was overly focussed on web/cloudy workloads.

This sounds like a rant and to an extent it is but I'd like to turn it
into a positive. I feel fairly helpless when the typical response to
feedback like this is that I should just contribute code. There are a
number of people that embrace the concept that the community should be a
collective of not just developers, but at the same time it's pretty
difficult to feel part of a community that's run almost uniquely by
developers; it's even a bit intimidating at times. I've seen too many
commercial companies that abandon innovation in favour of satisfying the
'large account' RFC/RFPs and in my opinion the same may apply to a project
driven largely by the needs of those that can contribute code.

To flip the concept on its head, it would be like a network guy creating
an amazing cloud orchestration platform but where you can only run centos
6 with a LAMP stack - yes this might work for a lot of people (and it
would likely only be adopted by those people) but for those that just want
to do something a bit different, it would be a fairly frustrating
experience.

Am I simply being a spoilt kid here or is there room for input that might
be constructive? Is there anyone here on the list with a networking focus
that can corroborate these concerns?

Adrian

-Original Message-
From: Somesh Naidu [mailto:somesh.na...@citrix.com]
Sent: 20 February 2015 18:31
To: users@cloudstack.apache.org
Subject: RE: Network QoS (not bandwidth limiting)

I don't think we can. QoS in CS is mostly throttling traffic on the
virtual interface.

Regards,
Somesh


-Original Message-
From: len.bellem...@alternativenetworks.com
[mailto:len.bellem...@alternativenetworks.com]
Sent: Friday, February 20, 2015 5:18 AM
To: users@cloudstack.apache.org
Subject: Network QoS (not bandwidth limiting)

Hi All,

Does anyone know if it's possible to do network QoS in Cloudstack?  I
don't mean bandwidth limiting, but rather, prioritising different traffic
types for voice, etc.

Thanks
Len

RE: VPC, Redundant Router and Seamless Upgrades

[Adrian Lewis]

Hi Rob,

I believe it will be on the Shapeblue site early next week although the
session was part presentation and part demo so you won't get the demo bit.
There was no video recording done that I'm aware of.

Cheers,

Adrian

-Original Message-
From: r...@fotm.net [mailto:r...@fotm.net]
Sent: 13 February 2015 15:58
To: users@cloudstack.apache.org
Subject: RE: VPC, Redundant Router and Seamless Upgrades

Hi Adrian,

thank you for the quick reply. Do you know if this presentation is
publicly available?
I would like to read details of this implementation, because we consider
this as showstopper for our usecases.


Thanks,
Robert

-Original Message-
Hi Rob,

This is actively being worked on and most of the work is done pending
further testing. You should have your wishes granted in 4.6 (but no 100%
guarantees). Not sure if you're UK based but you just missed a
presentation on this at the London user group meet up yesterday. Some
great work by the guys at Schuberg Philis on this. This should (in theory
at least) allow controlled upgrades of the VPC VR instances for near zero
downtime during upgrades. This specific issue was apparently one of the
key drivers for this work.

Adrian

-Original Message-
From: r...@fotm.net [mailto:r...@fotm.net]
Sent: 13 February 2015 14:02
To: users@cloudstack.apache.org
Subject: VPC, Redundant Router and Seamless Upgrades

Hi,

currently we are investigating a deployment of Cloudstack for our
Webhosting company and we came to the conclusion that currently the
Redundant Router part is not supported for VPCs.

Do you know if this implementation is possible?
Additionally we hope that we are able to achieve "zero" downtime when we
are performing an system vm upgrade.


Can you please share your thoughts?



Thank you in advance,
Robert

RE: VPC Router without NAT (IPv4 or IPv6)

[Adrian Lewis]

As a slightly different approach, would it be easier to allow us to delete
the 'public' shared network connected to the VPC VR and therefore allow us
to set the default route to a private gateway instead then? This would solve
my problem whilst leaving the current default 'public' connectivity alone. I
think that the concept of a 'public' network being defined as both the
destination for the default route as well as being a publicly routable IP
network (hence needing NAT) needs more flexibility. Both are not necessarily
the case.

I'm pretty sure this is not possible now (please tell me if I'm wrong) but
I'm trying to formulate a better thought out feature request for Jira.

We want to use the Cloudstack VPC concept to allow customers to create
whatever tiers they want to but for all of their WAN traffic to go via a
hardware gateway that performs a much richer set of features than can be
expected from a software VR (AV, IDS/IDP, Authentication, IPSec & SSL VPNs,
MPLS connections etc). This hardware gateway would be controlled
independently from ACS. The current workaround is for us to abandon the VPC
construct and create a bunch of shared networks assigned to the customer,
create all of the VLAN interfaces manually on the hardware gateway, and to
route between each network on the hardware gateway. The downside to this
approach is that a system VR is needed for every shared network created and
we have to do far more manual work on the hardware gateway on behalf of the
customer. Basically way more complicated than it needs to be simply
because we can't turn off NAT on the VPC VR (or set the default route for
the VR to a private gateway).

I'm simply trying to emulate the way that 95% of simple corporate networks
are structured (L3 core routing between VLANs with a transit network
connected to their firewalls) but it seems that I'm being forced into
working with concepts from home networks. There also does not seem to be a
way to use route summarisation in the VPC VR. If the tiers use a CIDR of
10.5.12.0/24, I should still be able to add a summarised static route to a
private gateway using a destination of 10.0.0.0/8. The CloudStack
'intelligence' blocks me from doing this as it thinks it knows networking
better than I do. Currently if there are multiple subnets connected via a
private gateway, I have to either add in every single one manually or else
make multiple summarised subnets with various masks just to avoid the VPC
CIDR.

Does anyone have any insight (Wilder, Daan?) into how the VPC VRs currently
work so that we could potentially focus on either:
1. Allowing source NAT to be turned off from the public network connection
to the VPC VR or
2. Allowing the public connection to be deleted so that we can set the
default route to a private gateway (without source nat)?

As I mentioned in my original post, when working on IPv6, NAT should not be
used anyway so this issue is likely to come up again regardless of whether
anyone thinks my use case is worth investigation.

Thanks in advance,

Adrian

-Original Message-
From: Sanjeev Neelarapu [mailto:sanjeev.neelar...@citrix.com]
Sent: 13 February 2015 06:12
To: users@cloudstack.apache.org
Subject: RE: VPC Router without NAT (IPv4 or IPv6)

As of now there is no way to disable NAT on VPC router.

-Sanjeev

-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: Thursday, February 12, 2015 4:58 PM
To: users@cloudstack.apache.org
Subject: VPC Router without NAT (IPv4 or IPv6)

Hi,



It’s been asked before but does anyone know of a way to completely disable
NAT (specifically source NAT) on a VPC router on 4.4 or 4.5? There doesn’t
sem to be an easy way to do this via the web interface. I’d like to use the
VPC router for multi-subnet L3 routing but the ‘public’ network would be a
transit network to a hardware firewall which does NAT for internet access.



With IPv6 NAT is generally considered as a no-no so I was wondering if
anyone knows if there are plans to let users be more in control of the
pre-defined networking scenarios that CS seems to try to enforce.



Perhaps a suggestion for GSOC?



Cheers,



Adrian

RE: VPC, Redundant Router and Seamless Upgrades

[Adrian Lewis]

Hi Rob,

This is actively being worked on and most of the work is done pending
further testing. You should have your wishes granted in 4.6 (but no 100%
guarantees). Not sure if you're UK based but you just missed a
presentation on this at the London user group meet up yesterday. Some
great work by the guys at Schuberg Philis on this. This should (in theory
at least) allow controlled upgrades of the VPC VR instances for near zero
downtime during upgrades. This specific issue was apparently one of the
key drivers for this work.

Adrian

-Original Message-
From: r...@fotm.net [mailto:r...@fotm.net]
Sent: 13 February 2015 14:02
To: users@cloudstack.apache.org
Subject: VPC, Redundant Router and Seamless Upgrades

Hi,

currently we are investigating a deployment of Cloudstack for our
Webhosting company and we came to the conclusion that currently the
Redundant Router part is not supported for VPCs.

Do you know if this implementation is possible?
Additionally we hope that we are able to achieve "zero" downtime when we
are performing an system vm upgrade.


Can you please share your thoughts?



Thank you in advance,
Robert

VPC Router without NAT (IPv4 or IPv6)

[Adrian Lewis]

Hi,



It’s been asked before but does anyone know of a way to completely disable
NAT (specifically source NAT) on a VPC router on 4.4 or 4.5? There doesn’t
sem to be an easy way to do this via the web interface. I’d like to use the
VPC router for multi-subnet L3 routing but the ‘public’ network would be a
transit network to a hardware firewall which does NAT for internet access.



With IPv6 NAT is generally considered as a no-no so I was wondering if
anyone knows if there are plans to let users be more in control of the
pre-defined networking scenarios that CS seems to try to enforce.



Perhaps a suggestion for GSOC?



Cheers,



Adrian

Re: Backup Solution in Cloudstack

[Adrian Lewis]

Vision Solutions CP&R product seems pretty much abandoned.  Not supported
on CS versions later than v3.0.
On 31 Jan 2015 00:19, "Nux!"  wrote:

> Not much choice here, unless you start doing backups inside the VMs.
>
> HTH
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> - Original Message -
> > From: "Timothy Lothering" 
> > To: users@cloudstack.apache.org
> > Sent: Friday, 30 January, 2015 12:00:57
> > Subject: Backup Solution in Cloudstack
>
> > Hi Guys,
> >
> > We have been using Cloudstack for over a year now, and whilst the
> built-in
> > Snapshot feature is great, our Customers are demanding more "control".
> >
> > What other backup solutions are certified/capable of working with
> Cloudstack?
> >
> > Kind Regards,
> >
> > Timothy
> > Timothy Lothering
> > Solutions Architect
> > Managed Services
> >
> > T: +27877415535
> > F: +27877415100
> > C: +27824904099
> > E: tlother...@datacentrix.co.za
> >
> >
> > DISCLAIMER NOTICE:
> >
> > Everything in this e-mail and any attachments relating to the official
> business
> > of Datacentrix Holdings Ltd. and its subsidiaries
> > ('Datacentrix') is proprietary to Datacentrix. It is confidential,
> legally
> > privileged and protected by law. Datacentrix does not
> > own and endorse any other content. Views and opinions are those of the
> sender
> > unless clearly stated as being that of Datacentrix.
> > The person addressed in the e-mail is the sole authorised recipient.
> Please
> > notify the sender immediately if it has unintentionally
> > reached you and do not read, disclose or use the content in any way.
> Datacentrix
> > cannot assure that the integrity of this communication
> > has been maintained nor that it is free of errors, virus, interception or
> > interference.
>

RE: Backup Solution in Cloudstack

[Adrian Lewis]

I’m finding that there’s nothing (for our requirements at least) unless you
go direct to the hypervisors or the VM OS instances using agents. Keen to
know if anyone’s found better solutions. Think there might be some
solutions if you’re only using VMware but I’ve ignored them as we’re using
Xenserver. Not heard of any commercial products that actually ‘integrate’
with CS unfortunately. Still looking…



*From:* Timothy Lothering [mailto:tlother...@datacentrix.co.za]
*Sent:* 30 January 2015 12:01
*To:* users@cloudstack.apache.org
*Subject:* Backup Solution in Cloudstack



Hi Guys,



We have been using Cloudstack for over a year now, and whilst the built-in
Snapshot feature is great, our Customers are demanding more “control”.



What other backup solutions are certified/capable of working with
Cloudstack?



Kind Regards,



Timothy



[image: www.datacentrix.co.za] 

*Timothy Lothering*
Solutions Architect
Managed Services

T: +27877415535
F: +27877415100
C: +27824904099
E: tlother...@datacentrix.co.za
*www.datacentrix.co.za *


   *Serious about performance,* *passionate about value*


--

*Disclaimer*
Everything in this e-mail and any attachments relating to the official
business of Datacentrix Holdings Ltd. and its subsidiaries ('Datacentrix')
is proprietary to Datacentrix. It is confidential, legally privileged and
protected by law. Datacentrix does not own and endorse any other content.
Views and opinions are those of the sender unless clearly stated as being
that of Datacentrix. The person addressed in the e-mail is the sole
authorised recipient. Please notify the sender immediately if it has
unintentionally reached you and do not read, disclose or use the content in
any way. Datacentrix cannot assure that the integrity of this communication
has been maintained nor that it is free of errors, virus, interception or
interference.
--

Anyone using CS to offer DRaaS?

[Adrian Lewis]

Hi All,



Just wondering if anyone out there is using CS to provide customers with DR
services and how? Most of the commercial products out there that might
allow us to do so involve either some sort of SAN replication or else
direct access to the hypervisor hosts. Vision Solutions have an old product
called DoubleTake Cloud Protection and Recovery but it seems that they
stopped development of it and hence don’t support working with any version
of CS greater than 3.0.



Is anyone aware of a solution that does near-realtime replication of non CS
VMs or physical hosts into a CS environment? Even just a one-time migration
tool might be a good start. In our use-case, were hoping to
replicate/migrate Windows machines in customer networks (behind firewalls)
onto our CS environment (running Xenserver). Not keen on building from
scratch and would prefer some sort of commercially supported solution if
possible.



Thanks in advance,



Adrian

RE: [VOTE] Apache CloudStack 4.5.0 RC1

[Adrian Lewis]

Rohit,

I don’t suppose you will be creating the el7 packages as well will you?

Adrian

-Original Message-
From: Rohit Yadav [mailto:rohit.ya...@shapeblue.com]
Sent: 13 January 2015 07:37
To: d...@cloudstack.apache.org
Cc: users@cloudstack.apache.org
Subject: Re: [VOTE] Apache CloudStack 4.5.0 RC1

(+ users)

Hi everyone,

David has started the voting process for 4.5.0 candidate, please help test
this candidate.
In case you’re unable to build from source, you may use following repository
built from SHA 8db3cbd4ff62b17a8b496026b68cf60ee0c76740:

DEB: http://packages.bhaisaab.org/cloudstack/testing/debian/4.5/
RPM: http://packages.bhaisaab.org/cloudstack/testing/centos/4.5/
SystemVM Templates: http://packages.shapeblue.com/systemvmtemplate/4.5/4.5.0

> On 13-Jan-2015, at 4:46 am, David Nalley  wrote:
>
> Hi folks,
>
> I've created a 4.5.0 release candidate, with the following artifacts
> up for a vote:
>
> Git Branch and Commit SH:
> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=tree;h=refs
> /heads/4.5-RC20150112T2256;hb=4.5-RC20150112T2256
> Commit: 8db3cbd4ff62b17a8b496026b68cf60ee0c76740
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.5.0-rc1/
>
> PGP release keys (signed using 6FE50F1C):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> Vote will be open for at least 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to
> indicate "(binding)" with their vote?
>
> [ ] +1  approve
> [ ] +0  no opinion
> [ ] -1  disapprove (and reason why)

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +91 88 262 30892 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design &
Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Software
Engineering
CloudStack Infrastructure
Support
CloudStack Bootcamp Training
Courses

This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender
if you believe you have received this email in error. Shape Blue Ltd is a
company incorporated in England & Wales. ShapeBlue Services India LLP is a
company incorporated in India and is operated under license from Shape Blue
Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a
company registered by The Republic of South Africa and is traded under
license from Shape Blue Ltd. ShapeBlue is a registered trademark.

RE: Centos 7 support

[Adrian Lewis]

4.5 AFAIK. Hugo's done the work for el7. If it's trivial, that would be a
nice backport for 4.3/4.4 but not sure it could really be considered as a
bugfix so pretty sure we'll have to wait for 4.5.

-Original Message-
From: Ron Wheeler [mailto:rwhee...@artifact-software.com]
Sent: 09 January 2015 14:12
To: users@cloudstack.apache.org
Subject: Centos 7 support

CentOS 7 has been the current release since July 2014. RHEL 7.0 since June
2014 When they it be supported and the Cloudstack administration host OS.?

Ron

--
Ron Wheeler
President
Artifact Software Inc
email: rwhee...@artifact-software.com
skype: ronaldmwheeler
phone: 866-970-2435, ext 102

RE: Xenserver and CEPH ?

[Adrian Lewis]

>From what I've read there won’t be support for Ceph in Creedence (Xenserver
6.5) but it is on the cards for the following release (as should NFSv4 and a
Centos 7 dom0). There's a blog post from Tim Mackey at:
http://xenserver.org/discuss-virtualization/virtualization-blog/entry/beyond-creedence-xenserver-2015-planning.html

and a Youtube video with a few updates here:
https://www.youtube.com/watch?v=3JFUkEfpXaQ

All looks promising but I'm impatient :-(

-Original Message-
From: Andrija Panic [mailto:andrija.pa...@gmail.com]
Sent: 24 November 2014 15:08
To: users@cloudstack.apache.org
Subject: Re: Xenserver and CEPH ?

THx Vadim - yes, I'm already using KVM with ceph for some time - works fine
more or less :) thx

On 24 November 2014 at 15:52, Vadim Kimlaychuk 
wrote:

> XenServer 6.5 (or 7.0) is not released yet. You can download alpha of
> next release and try it, but it is definately not for production. I
> haven't personally tried it because Cloudstack does not support RBD
> storage type for XenServer yet. So you are absolutely right -- first
> we need to wait for XenServer to release then we need to wait for
> Cloudstack to implement those changes at backend.
>
> I have used Ceph with KVM hypervisor for a short while. There were
> some points that I was not aware, but in general it worked well.
>
> Vadim.
>
> -Original Message-
> From: Andrija Panic [mailto:andrija.pa...@gmail.com]
> Sent: Monday, November 24, 2014 4:22 PM
> To: users@cloudstack.apache.org
> Subject: Re: Xenserver and CEPH ?
>
> HI Vadim, thanks for info. That is what I understood = but the new
> XenServer 6.5 or whatever the name, shoudl be using kernel 3.10.x for
> dom0, so I guess even after that is supported, we will need to wait
> some time for the CloudStack implementation on this ?
>
> Thanks anyway
>
> On 24 November 2014 at 15:00, Vadim Kimlaychuk
> 
> wrote:
>
> > Hi Andrija,
> >
> > For XenServer 6.2 it is not possible yet. Look for supported
> > SR-s
> > here:
> >
> http://docs.vmd.citrix.com/XenServer/6.2.0/1.0/en_gb/reference.html#ck
> _reference_storage_repository_types
> > Somewhere in internet I saw information that RBD support is
> > scheduled for the next major XenServer release. Can't find the link
> > right away.
> > The problem connected to Ceph + RBD as primary storage for
> > XenServer is old dom0 kernel that does not allow RBD storage type.
> >
> > Regards,
> >
> > Vadim.
> >
> > -Original Message-
> > From: Andrija Panic [mailto:andrija.pa...@gmail.com]
> > Sent: Monday, November 24, 2014 2:06 PM
> > To: users@cloudstack.apache.org
> > Subject: Xenserver and CEPH ?
> >
> > Hi guys,
> >
> > anyone running ZenServer with CEPH as primary storage ?
> > I read some info that there is support for CEPH inside XenServer
> > from last year - but since I never actually tried this - thus the
> > question.
> >
> > Thanks,
> >
> > --
> >
> > Andrija Panić
> >
>
>
>
> --
>
> Andrija Panić
>



-- 

Andrija Panić

RE: CentOS 7 support

[Adrian Lewis]

As far as I can tell, we're not going to see Centos 7 support for the
management server on any 4.3 or 4.4 branch but the 4.5 branch should have
it in already. Can't comment on compute hosts however.

I'd love to hear if anyone knows otherwise though, especially about
'backporting' the functionality to 4.3 or 4.4.

Adrian

-Original Message-
From: Ron Wheeler [mailto:rwhee...@artifact-software.com]
Sent: 06 October 2014 14:11
To: users@cloudstack.apache.org
Subject: CentOS 7 support

What is the plan for CentOS 7 support?

Ron

-- 
Ron Wheeler
President
Artifact Software Inc
email: rwhee...@artifact-software.com
skype: ronaldmwheeler
phone: 866-970-2435, ext 102

RHEL/Centos 7 and CS4.4.1 MS

[Adrian Lewis]

Hi,



Just wondering if rather than downloading, installing and testing for
myself, someone might happen to know whether the CS 4.4.1(RC) management
server will work happily on Centos 7 yet? I understand that a patch has
been made for 4.5/master (
https://issues.apache.org/jira/browse/CLOUDSTACK-7106) but does anyone know
if this has been added into 4.4.1 or whether this has been treated as a
feature as opposed to a bug fix and hence not included in 4.4.1? The docs
don’t mention RHEL 7 or Centos 7 but they’re not always completely up to
date. Just to be clear, I’m not referring to using Centos 7 as a hypervisor
with KVM, just the management server side of things.



Thanks and sorry if I’m being lazy here.



Adrian

RE: DRaaS based on ACS

[Adrian Lewis]

Hi Ilya,

No - I'm referring to DRaaS - nothing to do with DR for ACS itself. The
Double-Take CP&R is software we can install within the Cloudstack
environment to offer DR and replication services to clients that are not
running ACS. Just wondering if anyone else had other options that they've
tried/installed.

Thanks for the reply anyway.

Adrian

-Original Message-
From: ilya musayev [mailto:ilya.mailing.li...@gmail.com]
Sent: 10 September 2014 14:56
To: users@cloudstack.apache.org
Subject: Re: DRaaS based on ACS

Adrian,

If i understand the task correctly, you are trying to have replica sets
across datacenters with ACS functional.

I can think of a solution that does not require heavy investment.

1) you replicate the VM disk content across to datacenter X
2) you replicate db content from cloudstack, you can just fetch the content
from ACS via APIs and re-load the content into secondary ACS.

Alena from Citrix explained how she did it @ CCNA14 in Denver.

3) needless to say, you IP between datacenters will change, so VMs should
know how to handle that change

regards
ilya

On 9/10/14, 7:10 AM, Adrian Lewis wrote:
> Hi All,
>
>
>
> We’re currently looking into the possibility of creating a DR as a
> service offering for our customers based on ACS. I’m assuming that
> trying to create a fully open source solution is not feasible and am
> looking to evaluate Vision Solutions’ Double-Take Cloud Protection and
> Recovery product. I’m wondering if anyone knows of any other solutions
> that would work nicely with ACS (i.e. client self-service, handling
> the import of a VM into ACS, WAN ‘optimised’ communications etc).
>
>
>
>  From what I can tell, the main problem with most commercial solutions
> is that they assume that they have direct control of the hypervisors,
> bypassing ACS completely, and as such would result in creating a VM
> that ACS would then not be able to see or therefore manage. They also
> seem to assume that there’s a private network between the source and
> target systems which can be an issue with multi-tenancy and
> overlapping IPs between tenants. I’m initially looking for Xenserver
> support as well which seems to be the ugly duckling when it comes to
> backup and replication – most of the commercial solutions concentrate on
> VMware and then Hyper-V.
>
>
>
> Does anyone have any experience with either the Double-Take or any
> other solutions that they’d care to share? Anyone know of any
> yet-to-be-released solutions that might fit the bill?
>
>
>
> Many thanks,
>
>
>
> Adrian
>

DRaaS based on ACS

[Adrian Lewis]

Hi All,



We’re currently looking into the possibility of creating a DR as a service
offering for our customers based on ACS. I’m assuming that trying to create
a fully open source solution is not feasible and am looking to evaluate
Vision Solutions’ Double-Take Cloud Protection and Recovery product. I’m
wondering if anyone knows of any other solutions that would work nicely
with ACS (i.e. client self-service, handling the import of a VM into ACS,
WAN ‘optimised’ communications etc).



>From what I can tell, the main problem with most commercial solutions is
that they assume that they have direct control of the hypervisors,
bypassing ACS completely, and as such would result in creating a VM that
ACS would then not be able to see or therefore manage. They also seem to
assume that there’s a private network between the source and target systems
which can be an issue with multi-tenancy and overlapping IPs between
tenants. I’m initially looking for Xenserver support as well which seems to
be the ugly duckling when it comes to backup and replication – most of the
commercial solutions concentrate on VMware and then Hyper-V.



Does anyone have any experience with either the Double-Take or any other
solutions that they’d care to share? Anyone know of any yet-to-be-released
solutions that might fit the bill?



Many thanks,



Adrian

RE: 404 Web Interface Not Showing -- 404 or blank screen

[Adrian Lewis]

Hi Piers,

Not sure if this is of any help but I've had similar issues when trying to
install the mgmt server on a machine with anything less than 4G RAM. I've
also found that the mgmt server can take a good few minutes to fully start
up and after a while of scratching my head and trying to decipher logs, it
has started working on its own. I got a little confused over whether the
Tomcat service needs to be enabled at startup (Centos/RHEL chkconfig) but I
think that CS takes care of that as I've not needed to do anything specific
for Tomcat in installs since.

Bump up the RAM and try taking a coffee break after it starts up for the
first time - might be as simple as that.

Cheers,

Adrian

-Original Message-
From: Piers [mailto:pi...@rowan.id.au]
Sent: 27 August 2014 10:04
To: users@cloudstack.apache.org
Subject: Re: 404 Web Interface Not Showing -- 404 or blank screen

Sorry for replying to myself.

There has to be something wrong here.

I keep getting white screens & 404's.

I am almost at the stage of putting the entire docs into a batch script to
reinstall.

http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/latest/qig.html

I have wiped the DB, yum remove'd, rm -fR /etc/cloudstack

 From a "clean" install I get a white screen

Is there something I am not purging to get a clean system? I am not a big
user of Tomcat - do I need to rest the server in some way?

Is the install messing with eth0 -> cloudbr0 which means that subsequent
installs fail?

Other errors / points

yum install cloudstack-*

Unable to determine ssl settings for server.xml, please run
cloudstack-setup-management manually < is this a worry?
Unable to determine ssl settings for tomcat.conf, please run
cloudstack-setup-management manually

cloudstack-setup-databases
cloud:password@localhost --deploy-as=root:password

Detected local IP address as 169.254.0.1, will use as cluster management
server node IP[ OK ] <--- I dont use this IP where did it come from

Thanks for whatever hep you can provide.

Cheers

P

RE: [ACS 4.3.1] bug fix release

[Adrian Lewis]

Hi Sebastien,

I'm afraid I wouldn't have a clue how to patch the source but
https://issues.apache.org/jira/browse/CLOUDSTACK-6892 should be a very
easy one to fix from what I can gather and would solve a fairly critical
issue for anyone attempting to use the DB HA feature in 4.3.

Thanks for putting the energy behind a creating 4.3.1 release - I realise
it's all too easy for developers to just keep working on the latest and
greatest so I (and I'm sure many others who just install from packages)
appreciate the effort.

Adrian

-Original Message-
From: sebgoa [mailto:run...@gmail.com]
Sent: 17 June 2014 14:38
To: users@cloudstack.apache.org
Subject: [ACS 4.3.1] bug fix release

Hi folks,

I volunteered to put together a 4.3.1 bug fix release.

If you are aware of any bugs that have been fixed in master and should/can
be ported to 4.3 branch.
Please let me know.
If you have your own fork for cloudstack on github and you have fixed some
issues in 4.3 , let me know and I will try to bring your fix in.

Also if you have any updates to the upgrade instructions in the release
notes. Please let me know as well:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.3
/rnotes.html

thanks,

-Sebastien

RE: Examples of configuring DB HA?

[Adrian Lewis]

https://issues.apache.org/jira/browse/CLOUDSTACK-6892

Major or Critical?

Any idea when we are likely to see a 4.3.1 release?

-Original Message-
From: Damoder Reddy [mailto:damoder.re...@citrix.com]
Sent: 11 June 2014 07:30
To: users@cloudstack.apache.org
Subject: RE: Examples of configuring DB HA?

Hi Lewis,

This is a potential bug if by default it is missing from
catalina.properties. Can you please file a defect for this so that we can
fix this for 4.3.1 release. Looks like we did not change the
catalina.properties while refactoring out the mysql connector part.

Thanks & Regards
Damodar/

-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: Tuesday, June 10, 2014 3:57 PM
To: users@cloudstack.apache.org
Subject: RE: Examples of configuring DB HA?

Hi Damoder,

Thank you so much for this. I'm not sure if I've done it properly but I
added the full path of..

/usr/share/cloudstack-management/webapps/client/WEB-INF/lib/cloud-plugin-database-mysqlha-4.3.0.jar

..onto the end of a line in..

/etc/cloudstack/management/catalina.properties

..that started as...

common.loader=${catalina.base}/lib,${catalina.base}/lib...

.. and after a restart of the management server it worked!

Can you let me know if this is the proper way to do this? Is this a bug of
some sort or is there something odd about my particular environment that has
caused this? Should this be addressed for a potential 4.3.1 release?

Many thanks again,

Adrian

-Original Message-
From: Damoder Reddy [mailto:damoder.re...@citrix.com]
Sent: 10 June 2014 05:48
To: users@cloudstack.apache.org
Subject: RE: Examples of configuring DB HA?

I think the issue here is the mysql connector jar is loaded using tomcat's
common class loader  and the jar "cloud-plugin-database-mysqlha-4.3.0.jar"
is loaded by the webapp class loader and the reason being

Mysql connector is loaded using common class loader it does not have
visibility into webapp class loader. Ideally the jar
cloud-plugin-database-mysqlha-4.3.0.jar should also be loaded from the
common class loader instead of webapp class loader.

Can you try to load the jar "cloud-plugin-database-mysqlha-4.3.0.jar" in
common.loader.

Thanks & Regards
Damodar/


-----Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: Tuesday, June 10, 2014 5:59 AM
To: users@cloudstack.apache.org
Subject: RE: Examples of configuring DB HA?

I don’t fully understand what I'm doing here but here's something that
puzzles me:

[root@cs-mgmt ~]# jar tf
/usr/share/cloudstack-management/webapps/client/WEB-INF/lib/cloud-plugin-database-mysqlha-4.3.0.jar
META-INF/
META-INF/MANIFEST.MF
com/
com/cloud/
com/cloud/utils/
com/cloud/utils/db/
com/cloud/utils/db/StaticStrategy.class
META-INF/NOTICE
META-INF/DEPENDENCIES
META-INF/LICENSE
META-INF/maven/
META-INF/maven/org.apache.cloudstack/
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/pom.xml
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/pom.properties
[root@cs-mgmt ~]#

Surely there's the class and that path is where a lot of other
cloudstack-related jar files live so I'm guessing that is also in the
classpath.

Anyone?

-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: 10 June 2014 00:05
To: 'users@cloudstack.apache.org'
Subject: RE: Examples of configuring DB HA?

Fresh 4.3 from the RPMs in the repo. Done yesterday. Had to yum install
mysql on the management server as the client binaries weren't present but
mysql-connector-java was installed as a dependency of the cloudstack rpm.
Could something else be missing on the Centos side or does this look like a
CS issue?

-Original Message-
From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
Sent: 10 June 2014 00:01
To: users@cloudstack.apache.org
Subject: Re: Examples of configuring DB HA?

the last question is the proper one.. ;) Probably because someone forgot it.
I also hate when this kind of thing happens...
How did you set up the CS version ? I mean fresh install 4.3 or upgrade from
an older version?


On Mon, Jun 9, 2014 at 7:49 PM, Adrian Lewis 
wrote:

> I guess my question should perhaps be, does anyone know why the jar
> that contains the class isn’t already in the classpath and what's the
> best way to fix it?
>
> -Original Message-
> From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> Sent: 09 June 2014 23:37
> To: users@cloudstack.apache.org
> Subject: RE: Examples of configuring DB HA?
>
> I'm going to sound stupid here but how do I find the jar that contains
> the classes and what is the classpath?
>
> Is this a bug of some sort?
>
> -Original Message-
> From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
> Sent: 09 

RE: Examples of configuring DB HA?

[Adrian Lewis]

Hi Damoder,

Thank you so much for this. I'm not sure if I've done it properly but I
added the full path of..

/usr/share/cloudstack-management/webapps/client/WEB-INF/lib/cloud-plugin-database-mysqlha-4.3.0.jar

..onto the end of a line in..

/etc/cloudstack/management/catalina.properties

..that started as...

common.loader=${catalina.base}/lib,${catalina.base}/lib...

.. and after a restart of the management server it worked!

Can you let me know if this is the proper way to do this? Is this a bug of
some sort or is there something odd about my particular environment that has
caused this? Should this be addressed for a potential 4.3.1 release?

Many thanks again,

Adrian

-Original Message-
From: Damoder Reddy [mailto:damoder.re...@citrix.com]
Sent: 10 June 2014 05:48
To: users@cloudstack.apache.org
Subject: RE: Examples of configuring DB HA?

I think the issue here is the mysql connector jar is loaded using tomcat's
common class loader  and the jar "cloud-plugin-database-mysqlha-4.3.0.jar"
is loaded by the webapp class loader and the reason being

Mysql connector is loaded using common class loader it does not have
visibility into webapp class loader. Ideally the jar
cloud-plugin-database-mysqlha-4.3.0.jar should also be loaded from the
common class loader instead of webapp class loader.

Can you try to load the jar "cloud-plugin-database-mysqlha-4.3.0.jar" in
common.loader.

Thanks & Regards
Damodar/


-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: Tuesday, June 10, 2014 5:59 AM
To: users@cloudstack.apache.org
Subject: RE: Examples of configuring DB HA?

I don’t fully understand what I'm doing here but here's something that
puzzles me:

[root@cs-mgmt ~]# jar tf
/usr/share/cloudstack-management/webapps/client/WEB-INF/lib/cloud-plugin-database-mysqlha-4.3.0.jar
META-INF/
META-INF/MANIFEST.MF
com/
com/cloud/
com/cloud/utils/
com/cloud/utils/db/
com/cloud/utils/db/StaticStrategy.class
META-INF/NOTICE
META-INF/DEPENDENCIES
META-INF/LICENSE
META-INF/maven/
META-INF/maven/org.apache.cloudstack/
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/pom.xml
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/pom.properties
[root@cs-mgmt ~]#

Surely there's the class and that path is where a lot of other
cloudstack-related jar files live so I'm guessing that is also in the
classpath.

Anyone?

-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: 10 June 2014 00:05
To: 'users@cloudstack.apache.org'
Subject: RE: Examples of configuring DB HA?

Fresh 4.3 from the RPMs in the repo. Done yesterday. Had to yum install
mysql on the management server as the client binaries weren't present but
mysql-connector-java was installed as a dependency of the cloudstack rpm.
Could something else be missing on the Centos side or does this look like a
CS issue?

-Original Message-
From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
Sent: 10 June 2014 00:01
To: users@cloudstack.apache.org
Subject: Re: Examples of configuring DB HA?

the last question is the proper one.. ;) Probably because someone forgot it.
I also hate when this kind of thing happens...
How did you set up the CS version ? I mean fresh install 4.3 or upgrade from
an older version?


On Mon, Jun 9, 2014 at 7:49 PM, Adrian Lewis 
wrote:

> I guess my question should perhaps be, does anyone know why the jar
> that contains the class isn’t already in the classpath and what's the
> best way to fix it?
>
> -Original Message-
> From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> Sent: 09 June 2014 23:37
> To: users@cloudstack.apache.org
> Subject: RE: Examples of configuring DB HA?
>
> I'm going to sound stupid here but how do I find the jar that contains
> the classes and what is the classpath?
>
> Is this a bug of some sort?
>
> -Original Message-
> From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
> Sent: 09 June 2014 23:28
> To: users@cloudstack.apache.org
> Subject: Re: Examples of configuring DB HA?
>
> Well, tomcat is returning 404, because the app is not running. As a
> consequence of a class not found exception. Find the jar that contains
> the classes that are missing and add them into the classpath.
>
>
> On Mon, Jun 9, 2014 at 7:18 PM, Adrian Lewis
> 
> wrote:
>
> > I was very close to getting this up and running in the lab (Centos
> > 6.5 – 2 x sql servers and 1 mgmt server – all running in VMware
> > Workstation, installed from 4.3 repo) but when setting the
> > db.ha.enabled to true and restarting the mgmt. server, I now get 404
> > from tomcat and the management server log has lines in it sayin

RE: Examples of configuring DB HA?

[Adrian Lewis]

I don’t fully understand what I'm doing here but here's something that
puzzles me:

[root@cs-mgmt ~]# jar tf
/usr/share/cloudstack-management/webapps/client/WEB-INF/lib/cloud-plugin-database-mysqlha-4.3.0.jar
META-INF/
META-INF/MANIFEST.MF
com/
com/cloud/
com/cloud/utils/
com/cloud/utils/db/
com/cloud/utils/db/StaticStrategy.class
META-INF/NOTICE
META-INF/DEPENDENCIES
META-INF/LICENSE
META-INF/maven/
META-INF/maven/org.apache.cloudstack/
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/pom.xml
META-INF/maven/org.apache.cloudstack/cloud-plugin-database-mysqlha/pom.properties
[root@cs-mgmt ~]#

Surely there's the class and that path is where a lot of other
cloudstack-related jar files live so I'm guessing that is also in the
classpath.

Anyone?

-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: 10 June 2014 00:05
To: 'users@cloudstack.apache.org'
Subject: RE: Examples of configuring DB HA?

Fresh 4.3 from the RPMs in the repo. Done yesterday. Had to yum install
mysql on the management server as the client binaries weren't present but
mysql-connector-java was installed as a dependency of the cloudstack rpm.
Could something else be missing on the Centos side or does this look like a
CS issue?

-Original Message-
From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
Sent: 10 June 2014 00:01
To: users@cloudstack.apache.org
Subject: Re: Examples of configuring DB HA?

the last question is the proper one.. ;) Probably because someone forgot it.
I also hate when this kind of thing happens...
How did you set up the CS version ? I mean fresh install 4.3 or upgrade from
an older version?


On Mon, Jun 9, 2014 at 7:49 PM, Adrian Lewis 
wrote:

> I guess my question should perhaps be, does anyone know why the jar
> that contains the class isn’t already in the classpath and what's the
> best way to fix it?
>
> -Original Message-
> From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> Sent: 09 June 2014 23:37
> To: users@cloudstack.apache.org
> Subject: RE: Examples of configuring DB HA?
>
> I'm going to sound stupid here but how do I find the jar that contains
> the classes and what is the classpath?
>
> Is this a bug of some sort?
>
> -Original Message-
> From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
> Sent: 09 June 2014 23:28
> To: users@cloudstack.apache.org
> Subject: Re: Examples of configuring DB HA?
>
> Well, tomcat is returning 404, because the app is not running. As a
> consequence of a class not found exception. Find the jar that contains
> the classes that are missing and add them into the classpath.
>
>
> On Mon, Jun 9, 2014 at 7:18 PM, Adrian Lewis
> 
> wrote:
>
> > I was very close to getting this up and running in the lab (Centos
> > 6.5 – 2 x sql servers and 1 mgmt server – all running in VMware
> > Workstation, installed from 4.3 repo) but when setting the
> > db.ha.enabled to true and restarting the mgmt. server, I now get 404
> > from tomcat and the management server log has lines in it saying
> > things
> > like:
> >
> >
> >
> > 2014-06-09 22:48:00,632 ERROR [c.c.u.d.Merovingian2] (main:null)
> > Unable to get a new db connection
> >
> > java.sql.SQLException: Invalid load balancing strategy
> > 'com.cloud.utils.db.StaticStrategy'.
> >
> > […]
> >
> > Caused by: java.lang.ClassNotFoundException:
> > com.cloud.utils.db.StaticStrategy
> >
> >
> >
> > Anyone got any idea? Tried Googling and searching the mailing list
> > but nothing that I can see as an answer. I’m just a lowly network
> > engineer so wouldn’t know what these errors mean but I’m guessing I
> > won’t be the first.
> >
> >
> >
> > Any ideas?
> >
> >
> >
> > *From:* Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> > *Sent:* 06 June 2014 10:51
> > *To:* users@cloudstack.apache.org
> > *Subject:* Re: Examples of configuring DB HA?
> >
> >
> >
> > Hi all,
> >
> > Firstly thanks for the great responses already.
> >
> > Secondly, regarding HA vs failover, I had been assuming these as
> > much the same. Based on what I had read about the new changes in
> > 4.3, I had assumed that the new feature allows you to configure
> > standard MySQL (clustering not required - Galera or otherwise) in a
> > multimaster replication setup and that while management servers only
> > speak with a single server at a time, failover to a backup server is
> > automatic and does not need any work on the MySQL side to promote a
> > slave t

RE: Examples of configuring DB HA?

[Adrian Lewis]

Fresh 4.3 from the RPMs in the repo. Done yesterday. Had to yum install
mysql on the management server as the client binaries weren't present but
mysql-connector-java was installed as a dependency of the cloudstack rpm.
Could something else be missing on the Centos side or does this look like a
CS issue?

-Original Message-
From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
Sent: 10 June 2014 00:01
To: users@cloudstack.apache.org
Subject: Re: Examples of configuring DB HA?

the last question is the proper one.. ;) Probably because someone forgot it.
I also hate when this kind of thing happens...
How did you set up the CS version ? I mean fresh install 4.3 or upgrade from
an older version?


On Mon, Jun 9, 2014 at 7:49 PM, Adrian Lewis 
wrote:

> I guess my question should perhaps be, does anyone know why the jar
> that contains the class isn’t already in the classpath and what's the
> best way to fix it?
>
> -Original Message-
> From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> Sent: 09 June 2014 23:37
> To: users@cloudstack.apache.org
> Subject: RE: Examples of configuring DB HA?
>
> I'm going to sound stupid here but how do I find the jar that contains
> the classes and what is the classpath?
>
> Is this a bug of some sort?
>
> -Original Message-
> From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
> Sent: 09 June 2014 23:28
> To: users@cloudstack.apache.org
> Subject: Re: Examples of configuring DB HA?
>
> Well, tomcat is returning 404, because the app is not running. As a
> consequence of a class not found exception. Find the jar that contains
> the classes that are missing and add them into the classpath.
>
>
> On Mon, Jun 9, 2014 at 7:18 PM, Adrian Lewis
> 
> wrote:
>
> > I was very close to getting this up and running in the lab (Centos
> > 6.5 – 2 x sql servers and 1 mgmt server – all running in VMware
> > Workstation, installed from 4.3 repo) but when setting the
> > db.ha.enabled to true and restarting the mgmt. server, I now get 404
> > from tomcat and the management server log has lines in it saying
> > things
> > like:
> >
> >
> >
> > 2014-06-09 22:48:00,632 ERROR [c.c.u.d.Merovingian2] (main:null)
> > Unable to get a new db connection
> >
> > java.sql.SQLException: Invalid load balancing strategy
> > 'com.cloud.utils.db.StaticStrategy'.
> >
> > […]
> >
> > Caused by: java.lang.ClassNotFoundException:
> > com.cloud.utils.db.StaticStrategy
> >
> >
> >
> > Anyone got any idea? Tried Googling and searching the mailing list
> > but nothing that I can see as an answer. I’m just a lowly network
> > engineer so wouldn’t know what these errors mean but I’m guessing I
> > won’t be the first.
> >
> >
> >
> > Any ideas?
> >
> >
> >
> > *From:* Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> > *Sent:* 06 June 2014 10:51
> > *To:* users@cloudstack.apache.org
> > *Subject:* Re: Examples of configuring DB HA?
> >
> >
> >
> > Hi all,
> >
> > Firstly thanks for the great responses already.
> >
> > Secondly, regarding HA vs failover, I had been assuming these as
> > much the same. Based on what I had read about the new changes in
> > 4.3, I had assumed that the new feature allows you to configure
> > standard MySQL (clustering not required - Galera or otherwise) in a
> > multimaster replication setup and that while management servers only
> > speak with a single server at a time, failover to a backup server is
> > automatic and does not need any work on the MySQL side to promote a
> > slave to a master as with a basic master/slave setup.
> >
> > I'm personally not interested in load balancing just yet, simply
> > having a hot standby DB that takes over automatically. This is what
> > I take the term HA to mean.
> >
> > From the wiki, I'm also taking it that the use of the auto increment
> > and offset values ensure that the two DBs can safely run as
> > master-master in the event that each gets written to concurrently
> > (split brain or just two mgmt servers failing over at slightly
> > different times).
> >
> > It seems that this thread is already highlighting some of the
> > confusion I and others have faced. Hopefully it will help someone else.
> >
> > Thanks again,
> >
> > Adrian
> >
> > On 6 Jun 2014 07:18, "Shanker Balan" 
> wrote:
> >
> > Hi Damodar,
> >
> > Comments inline.
> >
> > On 06-Jun-2014, at 10:53 am, Damoder Reddy
> > 
> > wro

RE: Examples of configuring DB HA?

[Adrian Lewis]

I guess my question should perhaps be, does anyone know why the jar that
contains the class isn’t already in the classpath and what's the best way to
fix it?

-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: 09 June 2014 23:37
To: users@cloudstack.apache.org
Subject: RE: Examples of configuring DB HA?

I'm going to sound stupid here but how do I find the jar that contains the
classes and what is the classpath?

Is this a bug of some sort?

-Original Message-
From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
Sent: 09 June 2014 23:28
To: users@cloudstack.apache.org
Subject: Re: Examples of configuring DB HA?

Well, tomcat is returning 404, because the app is not running. As a
consequence of a class not found exception. Find the jar that contains the
classes that are missing and add them into the classpath.


On Mon, Jun 9, 2014 at 7:18 PM, Adrian Lewis 
wrote:

> I was very close to getting this up and running in the lab (Centos 6.5
> – 2 x sql servers and 1 mgmt server – all running in VMware
> Workstation, installed from 4.3 repo) but when setting the
> db.ha.enabled to true and restarting the mgmt. server, I now get 404
> from tomcat and the management server log has lines in it saying
> things
> like:
>
>
>
> 2014-06-09 22:48:00,632 ERROR [c.c.u.d.Merovingian2] (main:null)
> Unable to get a new db connection
>
> java.sql.SQLException: Invalid load balancing strategy
> 'com.cloud.utils.db.StaticStrategy'.
>
> […]
>
> Caused by: java.lang.ClassNotFoundException:
> com.cloud.utils.db.StaticStrategy
>
>
>
> Anyone got any idea? Tried Googling and searching the mailing list but
> nothing that I can see as an answer. I’m just a lowly network engineer
> so wouldn’t know what these errors mean but I’m guessing I won’t be
> the first.
>
>
>
> Any ideas?
>
>
>
> *From:* Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> *Sent:* 06 June 2014 10:51
> *To:* users@cloudstack.apache.org
> *Subject:* Re: Examples of configuring DB HA?
>
>
>
> Hi all,
>
> Firstly thanks for the great responses already.
>
> Secondly, regarding HA vs failover, I had been assuming these as much
> the same. Based on what I had read about the new changes in 4.3, I had
> assumed that the new feature allows you to configure standard MySQL
> (clustering not required - Galera or otherwise) in a multimaster
> replication setup and that while management servers only speak with a
> single server at a time, failover to a backup server is automatic and
> does not need any work on the MySQL side to promote a slave to a
> master as with a basic master/slave setup.
>
> I'm personally not interested in load balancing just yet, simply
> having a hot standby DB that takes over automatically. This is what I
> take the term HA to mean.
>
> From the wiki, I'm also taking it that the use of the auto increment
> and offset values ensure that the two DBs can safely run as
> master-master in the event that each gets written to concurrently
> (split brain or just two mgmt servers failing over at slightly
> different times).
>
> It seems that this thread is already highlighting some of the
> confusion I and others have faced. Hopefully it will help someone else.
>
> Thanks again,
>
> Adrian
>
> On 6 Jun 2014 07:18, "Shanker Balan"  wrote:
>
> Hi Damodar,
>
> Comments inline.
>
> On 06-Jun-2014, at 10:53 am, Damoder Reddy 
> wrote:
>
> > Hi Adrian,
> >
> > For your question, . Is the CS side purely for failover or does it
> actually set up part of the replication for you? The answer is, the
> Cloud Stack does only failover configuration and the actual
> replication process on the mysql side has to be done by own.
>
>
> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34838
> 207
>
> > For the second question, Can you easily enable an existing DB for HA
> > or
> is this best done before there’s any data? The answer is, we can setup
> replication even with existing data and then start the management servers.
> The mysql documentation contains the clear steps how to setup
> replication with existing documentation. Probably that is the reason
> why we might not have included these steps in the doc.
> >
>
>
> The OP is looking for HA, not failover. HA is possible in ACS 4.3.0
> using MySQL Clustering.
>
> Once you have MySQL Clustering, its multi-master and not one master to
> many slaves.
> ACS should not fence itself like it currently does when the master is
> not available.
>
>
> > The configuraiton we need to do on each management server is as below.
> >
> > You can follow the design doc 

RE: Examples of configuring DB HA?

[Adrian Lewis]

I'm going to sound stupid here but how do I find the jar that contains the
classes and what is the classpath?

Is this a bug of some sort?

-Original Message-
From: Rafael Weingartner [mailto:rafaelweingart...@gmail.com]
Sent: 09 June 2014 23:28
To: users@cloudstack.apache.org
Subject: Re: Examples of configuring DB HA?

Well, tomcat is returning 404, because the app is not running. As a
consequence of a class not found exception. Find the jar that contains the
classes that are missing and add them into the classpath.


On Mon, Jun 9, 2014 at 7:18 PM, Adrian Lewis 
wrote:

> I was very close to getting this up and running in the lab (Centos 6.5
> – 2 x sql servers and 1 mgmt server – all running in VMware
> Workstation, installed from 4.3 repo) but when setting the
> db.ha.enabled to true and restarting the mgmt. server, I now get 404
> from tomcat and the management server log has lines in it saying things
> like:
>
>
>
> 2014-06-09 22:48:00,632 ERROR [c.c.u.d.Merovingian2] (main:null)
> Unable to get a new db connection
>
> java.sql.SQLException: Invalid load balancing strategy
> 'com.cloud.utils.db.StaticStrategy'.
>
> […]
>
> Caused by: java.lang.ClassNotFoundException:
> com.cloud.utils.db.StaticStrategy
>
>
>
> Anyone got any idea? Tried Googling and searching the mailing list but
> nothing that I can see as an answer. I’m just a lowly network engineer
> so wouldn’t know what these errors mean but I’m guessing I won’t be the
> first.
>
>
>
> Any ideas?
>
>
>
> *From:* Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> *Sent:* 06 June 2014 10:51
> *To:* users@cloudstack.apache.org
> *Subject:* Re: Examples of configuring DB HA?
>
>
>
> Hi all,
>
> Firstly thanks for the great responses already.
>
> Secondly, regarding HA vs failover, I had been assuming these as much
> the same. Based on what I had read about the new changes in 4.3, I had
> assumed that the new feature allows you to configure standard MySQL
> (clustering not required - Galera or otherwise) in a multimaster
> replication setup and that while management servers only speak with a
> single server at a time, failover to a backup server is automatic and
> does not need any work on the MySQL side to promote a slave to a
> master as with a basic master/slave setup.
>
> I'm personally not interested in load balancing just yet, simply
> having a hot standby DB that takes over automatically. This is what I
> take the term HA to mean.
>
> From the wiki, I'm also taking it that the use of the auto increment
> and offset values ensure that the two DBs can safely run as
> master-master in the event that each gets written to concurrently
> (split brain or just two mgmt servers failing over at slightly different
> times).
>
> It seems that this thread is already highlighting some of the
> confusion I and others have faced. Hopefully it will help someone else.
>
> Thanks again,
>
> Adrian
>
> On 6 Jun 2014 07:18, "Shanker Balan"  wrote:
>
> Hi Damodar,
>
> Comments inline.
>
> On 06-Jun-2014, at 10:53 am, Damoder Reddy 
> wrote:
>
> > Hi Adrian,
> >
> > For your question, . Is the CS side purely for failover or does it
> actually set up part of the replication for you? The answer is, the
> Cloud Stack does only failover configuration and the actual
> replication process on the mysql side has to be done by own.
>
>
> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34838
> 207
>
> > For the second question, Can you easily enable an existing DB for HA
> > or
> is this best done before there’s any data? The answer is, we can setup
> replication even with existing data and then start the management servers.
> The mysql documentation contains the clear steps how to setup
> replication with existing documentation. Probably that is the reason
> why we might not have included these steps in the doc.
> >
>
>
> The OP is looking for HA, not failover. HA is possible in ACS 4.3.0
> using MySQL Clustering.
>
> Once you have MySQL Clustering, its multi-master and not one master to
> many slaves.
> ACS should not fence itself like it currently does when the master is
> not available.
>
>
> > The configuraiton we need to do on each management server is as below.
> >
> > You can follow the design doc steps if you think there is a minimal
> documentation in the 4.3 doc. The design doc also contains the links
> to mysql site for setting up the replication for fresh as well as
> existing setups.
> >
> > From the cloud stack side it is purely failover and falling back
> > between
> the IPs configured for the master/salve da

RE: Examples of configuring DB HA?

[Adrian Lewis]

I was very close to getting this up and running in the lab (Centos 6.5 – 2
x sql servers and 1 mgmt server – all running in VMware Workstation,
installed from 4.3 repo) but when setting the db.ha.enabled to true and
restarting the mgmt. server, I now get 404 from tomcat and the management
server log has lines in it saying things like:



2014-06-09 22:48:00,632 ERROR [c.c.u.d.Merovingian2] (main:null) Unable to
get a new db connection

java.sql.SQLException: Invalid load balancing strategy
'com.cloud.utils.db.StaticStrategy'.

[…]

Caused by: java.lang.ClassNotFoundException:
com.cloud.utils.db.StaticStrategy



Anyone got any idea? Tried Googling and searching the mailing list but
nothing that I can see as an answer. I’m just a lowly network engineer so
wouldn’t know what these errors mean but I’m guessing I won’t be the first.



Any ideas?



*From:* Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
*Sent:* 06 June 2014 10:51
*To:* users@cloudstack.apache.org
*Subject:* Re: Examples of configuring DB HA?



Hi all,

Firstly thanks for the great responses already.

Secondly, regarding HA vs failover, I had been assuming these as much the
same. Based on what I had read about the new changes in 4.3, I had assumed
that the new feature allows you to configure standard MySQL (clustering not
required - Galera or otherwise) in a multimaster replication setup and that
while management servers only speak with a single server at a time,
failover to a backup server is automatic and does not need any work on the
MySQL side to promote a slave to a master as with a basic master/slave
setup.

I'm personally not interested in load balancing just yet, simply having a
hot standby DB that takes over automatically. This is what I take the term
HA to mean.

>From the wiki, I'm also taking it that the use of the auto increment and
offset values ensure that the two DBs can safely run as master-master in
the event that each gets written to concurrently (split brain or just two
mgmt servers failing over at slightly different times).

It seems that this thread is already highlighting some of the confusion I
and others have faced. Hopefully it will help someone else.

Thanks again,

Adrian

On 6 Jun 2014 07:18, "Shanker Balan"  wrote:

Hi Damodar,

Comments inline.

On 06-Jun-2014, at 10:53 am, Damoder Reddy  wrote:

> Hi Adrian,
>
> For your question, . Is the CS side purely for failover or does it
actually set up part of the replication for you? The answer is, the Cloud
Stack does only failover configuration and the actual replication process
on the mysql side has to be done by own.


https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34838207

> For the second question, Can you easily enable an existing DB for HA or
is this best done before there’s any data? The answer is, we can setup
replication even with existing data and then start the management servers.
The mysql documentation contains the clear steps how to setup replication
with existing documentation. Probably that is the reason why we might not
have included these steps in the doc.
>


The OP is looking for HA, not failover. HA is possible in ACS 4.3.0
using MySQL Clustering.

Once you have MySQL Clustering, its multi-master and not one master to many
slaves.
ACS should not fence itself like it currently does when the master is not
available.


> The configuraiton we need to do on each management server is as below.
>
> You can follow the design doc steps if you think there is a minimal
documentation in the 4.3 doc. The design doc also contains the links to
mysql site for setting up the replication for fresh as well as existing
setups.
>
> From the cloud stack side it is purely failover and falling back between
the IPs configured for the master/salve databases.
>

https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34838207



> -Original Message-
> From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> Sent: Friday, June 6, 2014 6:46 AM
> To: users@cloudstack.apache.org
> Subject: Examples of configuring DB HA?
>
> Hi all,
>
>
>
> Does anyone have any example configs or blog posts explaining the DB HA
features introduced in 4.3? Between the section in the design docs on the
wiki and the official docs, I’m a little confused as to how it’s supposed
to be set up – they appear to differ although there’s a lot more detail in
the design docs. Some of it is clearly MySQL stuff that’s outside of
Cloudstack but some of it is Cloudstack config as well. I’m just trying to
get a feel for what is the best way to use what’s made it into 4.3 final
(if different to the design docs). I’m not too strong on MySQL so I can’t
easily work out what’s a requirement, what’s just recommended (and
> implications) and what the Cloudstack side actually does. Is the CS side
purely for failover or does it actually set up part of the replication for
you? Ca

Re: Examples of configuring DB HA?

[Adrian Lewis]

Hi all,

Firstly thanks for the great responses already.

Secondly, regarding HA vs failover, I had been assuming these as much the
same. Based on what I had read about the new changes in 4.3, I had assumed
that the new feature allows you to configure standard MySQL (clustering not
required - Galera or otherwise) in a multimaster replication setup and that
while management servers only speak with a single server at a time,
failover to a backup server is automatic and does not need any work on the
MySQL side to promote a slave to a master as with a basic master/slave
setup.

I'm personally not interested in load balancing just yet, simply having a
hot standby DB that takes over automatically. This is what I take the term
HA to mean.

>From the wiki, I'm also taking it that the use of the auto increment and
offset values ensure that the two DBs can safely run as master-master in
the event that each gets written to concurrently (split brain or just two
mgmt servers failing over at slightly different times).

It seems that this thread is already highlighting some of the confusion I
and others have faced. Hopefully it will help someone else.

Thanks again,

Adrian
On 6 Jun 2014 07:18, "Shanker Balan"  wrote:

> Hi Damodar,
>
> Comments inline.
>
> On 06-Jun-2014, at 10:53 am, Damoder Reddy 
> wrote:
>
> > Hi Adrian,
> >
> > For your question, . Is the CS side purely for failover or does it
> actually set up part of the replication for you? The answer is, the Cloud
> Stack does only failover configuration and the actual replication process
> on the mysql side has to be done by own.
>
>
> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34838207
>
> > For the second question, Can you easily enable an existing DB for HA or
> is this best done before there’s any data? The answer is, we can setup
> replication even with existing data and then start the management servers.
> The mysql documentation contains the clear steps how to setup replication
> with existing documentation. Probably that is the reason why we might not
> have included these steps in the doc.
> >
>
>
> The OP is looking for HA, not failover. HA is possible in ACS 4.3.0
> using MySQL Clustering.
>
> Once you have MySQL Clustering, its multi-master and not one master to
> many slaves.
> ACS should not fence itself like it currently does when the master is not
> available.
>
>
> > The configuraiton we need to do on each management server is as below.
> >
> > You can follow the design doc steps if you think there is a minimal
> documentation in the 4.3 doc. The design doc also contains the links to
> mysql site for setting up the replication for fresh as well as existing
> setups.
> >
> > From the cloud stack side it is purely failover and falling back between
> the IPs configured for the master/salve databases.
> >
>
> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34838207
>
>
>
> > -Original Message-
> > From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
> > Sent: Friday, June 6, 2014 6:46 AM
> > To: users@cloudstack.apache.org
> > Subject: Examples of configuring DB HA?
> >
> > Hi all,
> >
> >
> >
> > Does anyone have any example configs or blog posts explaining the DB HA
> features introduced in 4.3? Between the section in the design docs on the
> wiki and the official docs, I’m a little confused as to how it’s supposed
> to be set up – they appear to differ although there’s a lot more detail in
> the design docs. Some of it is clearly MySQL stuff that’s outside of
> Cloudstack but some of it is Cloudstack config as well. I’m just trying to
> get a feel for what is the best way to use what’s made it into 4.3 final
> (if different to the design docs). I’m not too strong on MySQL so I can’t
> easily work out what’s a requirement, what’s just recommended (and
> > implications) and what the Cloudstack side actually does. Is the CS side
> purely for failover or does it actually set up part of the replication for
> you? Can you easily enable an existing DB for HA or is this best done
> before there’s any data? Before you run cloudstack-setup-databases?
> >
> >
> >
> > Shanker – I don’t suppose this subject could add to your already
> excellent blog post collection?
> >
> >
> >
> > Thanks in advance,
> >
> >
> >
> > Adrian
>
> --
> @shankerbalan
>
> M: +91 98860 60539 | O: +91 (80) 67935867
> shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue
> ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre,
> Bangalore - 560 055
>
> Find out more about ShapeBlue a

Examples of configuring DB HA?

[Adrian Lewis]

Hi all,



Does anyone have any example configs or blog posts explaining the DB HA
features introduced in 4.3? Between the section in the design docs on the
wiki and the official docs, I’m a little confused as to how it’s supposed
to be set up – they appear to differ although there’s a lot more detail in
the design docs. Some of it is clearly MySQL stuff that’s outside of
Cloudstack but some of it is Cloudstack config as well. I’m just trying to
get a feel for what is the best way to use what’s made it into 4.3 final
(if different to the design docs). I’m not too strong on MySQL so I can’t
easily work out what’s a requirement, what’s just recommended (and
implications) and what the Cloudstack side actually does. Is the CS side
purely for failover or does it actually set up part of the replication for
you? Can you easily enable an existing DB for HA or is this best done
before there’s any data? Before you run cloudstack-setup-databases?



Shanker – I don’t suppose this subject could add to your already excellent
blog post collection?



Thanks in advance,



Adrian

RE: Presentation videos from CloudStack Collab Conference #CCCNA14

[Adrian Lewis]

And "Integration of Citrex XenDesktop and XenApp with CloudStack - Paul
Howard" is cut short to about 4 minutes. Is this the right place to report
things like this? Would also be nice to correct the typo if it's being
uploaded again.

Adrian

-Original Message-
From: Francois Gaudreault [mailto:fgaudrea...@cloudops.com]
Sent: 01 May 2014 02:20
To: users@cloudstack.apache.org; market...@cloudstack.apache.org
Subject: Re: Presentation videos from CloudStack Collab Conference
#CCCNA14

Looks like some are still missing?

Francois

On 2014-04-30, 5:03 PM, Tariq Iqbal wrote:
>
> Hi,
>
> The presentation videos from the CloudStack Collaboration Conference
> North America 2014 held in Denver earlier this month are now available:
>
> https://www.youtube.com/playlist?list=PLU2OcwpQkYCyPx_cwJxyOK0YKSM86Mj
> 9n&app=desktop
>
> Best Regards,
>
> Tariq Iqbal
>
> *Senior Consultant*
>
> **
>
> Description: Mail Logo Bottom Align**
>
> **
>
> S: +44 20 3603 0540  | M: +447909911600
> 
>
> tariq.iq...@shapeblue.com  |
> www.shapeblue.com  | Twitter:@shapeBlue
>  | Twitter:@TariqIqbal_
> 
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS
>
> Find out more about ShapeBlue and our range of CloudStack related
> services
>
> IaaS Cloud Design & Build
> 
> CSForge – rapid IaaS deployment framework
>  CloudStack Consulting
> 
> CloudStack Infrastructure Support
> 
> CloudStack Bootcamp Training Courses
> 
>
> This email and any attachments to it may be confidential and are
> intended solely for the use of the individual to whom it is addressed.
> Any views or opinions expressed are solely those of the author and do
> not necessarily represent those of Shape Blue Ltd or related
> companies. If you are not the intended recipient of this email, you
> must neither take any action based upon its contents, nor copy or show
> it to anyone. Please contact the sender if you believe you have
> received this email in error. Shape Blue Ltd is a company incorporated
> in England & Wales. ShapeBlue Services India LLP is a company
> incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in
> Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is
> a registered trademark.


--
Francois Gaudreault
Gestionnaire de Produit | Product Manager - Cloud Platform & Services
fgaudrea...@cloudops.com
514-629-6775
- - -
CloudOps
420 rue Guy
Montréal QC  H3J 1S6
www.cloudops.com
@CloudOps_

RE: Cloudstack with PCI compliance

[Adrian Lewis]

"the auditors are different in their understanding of the guidelines" -
that's the tricky bit. PCI DSS is more of a guidance than a rigid and
defined set of rules. True, there are rules but many are open to
interpretation. There have been many arguments over whether or not shared
infrastructure can be truly segmented and this extends not only to
hypervisors but also to networking technologies such as VLANs and MPLS
where multiple organisations share a common medium. The PCI Council have
tried to address some of these issues with what they call 'information
supplements' but they're still not 100% prescriptive.

There is also the concept of a 'compensating control' where, should you
not be able to satisfy a requirement, you may be able to put other
controls in place which satisfy the intent of the original control. This
is not a good way to do it but could help as a last resort.

If you are acting as a service provider, you should probably work with a
QSA to put together your AOC and to document as much as possible so that
should a client's QSA come calling, you have everything in place to hand
over.

Basically, there's little to stop Cloudstack being part of an in-scope
cardholder data environment but how you do it may be. As has already been
mentioned, there no silver bullet to certify a technology as compliant,
only the company can be compliant and this is ultimately the end customer,
not the service provider.

-Original Message-
From: Chip Childers [mailto:chipchild...@apache.org]
Sent: 24 April 2014 14:57
To: users@cloudstack.apache.org
Subject: Re: Cloudstack with PCI compliance

CloudStack itself can never be PCI *compliant*...  only a company can be.
CloudStack can certainly be part of the technical architecture for an IT
environment (or service provider environment) that is being audited for
overall organizational compliance.

A service provider that offers a CloudStack-based cloud is also,
similarly, unable to really offer "compliance" for their customers.
They are only able to fulfill certain aspects of the required set of
controls, and support their customers during the PCI audit process *of
their customers*.

There really isn't a silver bullet here...  you have to have your own
answers for how the required controls are implemented (and for many, there
is an infinite number of possible implementation designs).

As for the docs for a "cloud" environment, check out:
https://www.pcisecuritystandards.org/pdfs/PCI_DSS_v2_Cloud_Guidelines.pdf

Keep in mind that it will absolutely depend on how things are being
audited.  Is the "CloudStack Cloud" external to the org trying for
compliance?  If so, the doc above would be the right choice for where to
start.  Is the CloudStack environment controlled by the org attempting
compliance?  If so, it's likely a combination of the Cloud Guidelines and
the Virtualization supplemental info.

Your best bet is to work with someone that knows the PCI process, and gets
how the controls are typically evaluated by the various auditors.
I've been through this before, and I can tell you that even the auditors
are different in their understanding of the guidelines.

-chip

On Thu, Apr 24, 2014 at 08:49:30AM -0400, Tim Mackey wrote:
> The real problem is in defining what is "in-scope" and "out-of-scope",
> and avoiding "mixed-mode".  This document (
> https://www.pcisecuritystandards.org/documents/Virtualization_InfoSupp
> _v2.pdf) provides a pretty good read of the suggested rules of the
> road for virtualization, but I'm not aware of a similar doc covering
> cloud.  Things like network typologies can mess stuff up quite
> quickly, and its probably best to involve the customer's PCI QSA in
> the design.  A couple months back I was asked to comment on a pure
> XenServer environment for mixed-mode operations and the customer
> accepted solution required both VLANs and OVS policy definition to
> secure cardholder data and meet the QSA goals.  Read that as "it's
> quite complicated and prone to opinions rather than hard standards"
>
> -tim
>
>
> On Thu, Apr 24, 2014 at 8:34 AM, Sebastien Goasguen
wrote:
>
> >
> > On Apr 22, 2014, at 5:52 AM, Uwe Kastens 
wrote:
> >
> > > Hi there,
> > >
> > >
> > > That would be interesting for me as well
> > >
> > > Kind Regards
> > >
> > > Uwe
> > >
> > >
> > >
> > > 2014-04-21 19:31 GMT+02:00 Upendra Moturi
> > > > >:
> > >
> > >> Hello Team,
> > >>
> > >> Has anyone worked on making cloudstack PCI compliant.
> > >> Can you please point me some documentation.
> > >>
> >
> > Haven't worked on it and over my head, but that's a big question. I
> > actually asked a friend on twitter :) The answer was interesting
> > "CloudStack can facilitate PCI compliance but not *be* PCI
> > compliant"
> >
> > -sebastien
> >
> >

RE: reg: cloudstack Billing software

[Adrian Lewis]

I think the free trial mentioned is about how the software lets you give
customers/tenants a free trial of your CS offering and is not related to
getting a free trial of the Fogpanel software itself.

-Original Message-
From: Outback Dingo [mailto:outbackdi...@gmail.com]
Sent: 26 March 2014 12:51
To: users@cloudstack.apache.org
Subject: Re: reg: cloudstack Billing software

no downloads, just click for demo..


On Wed, Mar 26, 2014 at 8:32 AM, Matthew Kaufman 
wrote:

> Fogpanel(tm) is fast and flexible billing system for Apache Cloudstack
> with
> *...* With Fog Panel's trial account management, effectively customize
> your free trail *...*
>
>
> *http://www.fogpanel.com/ *
>
>
no downloads, just click for demo.. makes me leary already when they
says its released but you can only schedule a demo

add it to the watch list for 30 days and check it again.


>
> On Wed, Mar 26, 2014 at 1:20 AM, Alex  wrote:
>
> >   writes:
> >
> > >
> > > Hi,
> > >
> > >  Assistanz network launched cloudstack billing software yesterday.
> > > It names is fogpanel.
> > >
> > > Regards,
> > > Prakash.M
> > >
> > >
> >
> > Hi
> > Will you release pricing? Trial?
> > Thanks!
> > Alex
> >
> >
> >
>

RE: Custom billing Application using CloudStack API

[Adrian Lewis]

Hi Juan,

My experience is merely a case of looking on the Hostbill website I'm
afraid. I have a feeling that the solution may be subject to some
limitations - I'm not sure how it handles resources that aren't originally
provisioned by the Hostbill interface, and there's a noticeable lack of
info on provisioning and billing for VPCs and advanced networking but
perhaps not an issue for you. The demos I've seen seem to be focussed on
using Cloudstack as a basic VPS hosting platform. Unfortunately that's
about the extent of the insight I can offer. Search for "Hostbill
Cloudstack" and you'll find a few demos with screenshots on their site.

If anyone has looked into this in greater detail, I too would be keen to
hear about your experiences.

Adrian

-Original Message-
From: Juan Gomez [mailto:juan.go...@kumo.com.co]
Sent: 06 March 2014 15:39
To: users@cloudstack.apache.org
Subject: Re: Custom billing Application using CloudStack API

Does anyone know in more depth if Hostbill is a good solution for billing
with cloudstack? Or how was your experience using Hostbill integrated with
cloudstack?.

De: Adrian Lewis
mailto:adr...@alsiconsulting.co.uk>>
Responder a:
"users@cloudstack.apache.org<mailto:users@cloudstack.apache.org>"
mailto:users@cloudstack.apache.org>>
Fecha: jueves, 6 de marzo de 2014 8:57 a.m.
Para: "users@cloudstack.apache.org<mailto:users@cloudstack.apache.org>"
mailto:users@cloudstack.apache.org>>
Asunto: RE: Custom billing Application using CloudStack API

Not sure of the quality or its applicability to what you're doing but
Hostbill have recently updated their Cloudstack integration to work with
the usage data for a more utility-like way of billing.

-Original Message-
From: Juan Gomez [mailto:juan.go...@kumo.com.co]
Sent: 06 March 2014 13:54
To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org>
Subject: Re: Custom billing Application using CloudStack API

Thank you all for your help, this user list is great.

De: ilya musayev
mailto:ilya.mailing.li...@gmail.com>>
Responder a:
"users@cloudstack.apache.org<mailto:users@cloudstack.apache.org><mailto:us
e...@cloudstack.apache.org>"
mailto:users@cloudstack.apache.org><mailto:us
e...@cloudstack.apache.org>>
Fecha: miércoles, 5 de marzo de 2014 5:58 p.m.
Para:
"users@cloudstack.apache.org<mailto:users@cloudstack.apache.org><mailto:us
e...@cloudstack.apache.org>"
mailto:users@cloudstack.apache.org><mailto:us
e...@cloudstack.apache.org>>
Asunto: Re: Custom billing Application using CloudStack API

We've used Amysta for CloudStack Billing Solution. Easy to integrate,
flexible and affordable.

I've done a demo here. Fast forward to 10:45 (this is an older version,
newer is obviously better) http://www.youtube.com/watch?v=4wuEPoxVlBM

On Wednesday, March 5, 2014, Paul Angus
mailto:paul.an...@shapeblue.com><mailto:paul.ang
u...@shapeblue.com>> wrote:
Hi Juan,

We (ShapeBlue) have done a number of projects involving billing
integration with Cloud Portal Business Manager so we would certainly have
insights into how this can be achieved. Perhaps you should get in touch
with us off-list

Regards

Paul Angus
Cloud Architect
S: +44 20 3603 0540 | M: +447711418784 | T: CloudyAngus
paul.an...@shapeblue.com<mailto:paul.an...@shapeblue.com><mailto:paul.angu
s...@shapeblue.com>

-Original Message-
From: Juan Gomez [mailto:juan.go...@kumo.com.co]
Sent: 05 March 2014 16:23
To:
users@cloudstack.apache.org<mailto:users@cloudstack.apache.org><mailto:use
r...@cloudstack.apache.org>
Subject: Custom billing Application using CloudStack API

Hi everyone

I work for a company name Kumo (www.kumo.com.co). We are one of the most
important public clouds in Colombia, all of our platforms are based on
cloudstack and Cloud business portal. Right now we have a very complex
problem because we are not being able to bill our costumers automatically.
This is because all of our costumers have different prices for the same
kind of product or VM, this is due to commercial issues and negotiations
that are necessary to do in the colombian market. So we want to build a
billing web application using the cloudstack API in order to create bills
for costumers in an automatically way and also send alerts and take
actions to suspend services if payments are not being received. Does
anyone know examples of this kind of application using the cloudstack API,
or have any insights on how we should approach this problem.

Thank you for your help and pardon my bad spelling.




Email asegurado por Check Point

Need Enterprise Grade Support for Apache CloudStack?
Our CloudStack Infrastructure Support<
http://shapeblue.com/cloudstack-infrastructure-support/> offers the best
24/7 SLA for CloudStack Environments.

Apache CloudStack Bootcamp tr

RE: Custom billing Application using CloudStack API

[Adrian Lewis]

Not sure of the quality or its applicability to what you're doing but
Hostbill have recently updated their Cloudstack integration to work with
the usage data for a more utility-like way of billing.

-Original Message-
From: Juan Gomez [mailto:juan.go...@kumo.com.co]
Sent: 06 March 2014 13:54
To: users@cloudstack.apache.org
Subject: Re: Custom billing Application using CloudStack API

Thank you all for your help, this user list is great.

De: ilya musayev
mailto:ilya.mailing.li...@gmail.com>>
Responder a:
"users@cloudstack.apache.org"
mailto:users@cloudstack.apache.org>>
Fecha: miércoles, 5 de marzo de 2014 5:58 p.m.
Para: "users@cloudstack.apache.org"
mailto:users@cloudstack.apache.org>>
Asunto: Re: Custom billing Application using CloudStack API

We've used Amysta for CloudStack Billing Solution. Easy to integrate,
flexible and affordable.

I've done a demo here. Fast forward to 10:45 (this is an older version,
newer is obviously better) http://www.youtube.com/watch?v=4wuEPoxVlBM

On Wednesday, March 5, 2014, Paul Angus
mailto:paul.an...@shapeblue.com>> wrote:
Hi Juan,

We (ShapeBlue) have done a number of projects involving billing
integration with Cloud Portal Business Manager so we would certainly have
insights into how this can be achieved. Perhaps you should get in touch
with us off-list

Regards

Paul Angus
Cloud Architect
S: +44 20 3603 0540 | M: +447711418784 | T: CloudyAngus
paul.an...@shapeblue.com

-Original Message-
From: Juan Gomez [mailto:juan.go...@kumo.com.co]
Sent: 05 March 2014 16:23
To: users@cloudstack.apache.org
Subject: Custom billing Application using CloudStack API

Hi everyone

I work for a company name Kumo (www.kumo.com.co). We are one of the most
important public clouds in Colombia, all of our platforms are based on
cloudstack and Cloud business portal. Right now we have a very complex
problem because we are not being able to bill our costumers automatically.
This is because all of our costumers have different prices for the same
kind of product or VM, this is due to commercial issues and negotiations
that are necessary to do in the colombian market. So we want to build a
billing web application using the cloudstack API in order to create bills
for costumers in an automatically way and also send alerts and take
actions to suspend services if payments are not being received. Does
anyone know examples of this kind of application using the cloudstack API,
or have any insights on how we should approach this problem.

Thank you for your help and pardon my bad spelling.




Email asegurado por Check Point

Need Enterprise Grade Support for Apache CloudStack?
Our CloudStack Infrastructure Support<
http://shapeblue.com/cloudstack-infrastructure-support/> offers the best
24/7 SLA for CloudStack Environments.

Apache CloudStack Bootcamp training courses

**NEW!** CloudStack 4.2.1 training<
http://shapeblue.com/cloudstack-training/>
18th-19th February 2014, Brazil. Classroom<
http://shapeblue.com/cloudstack-training/>
17th-23rd March 2014, Region A. Instructor led, On-line<
http://shapeblue.com/cloudstack-training/>
24th-28th March 2014, Region B. Instructor led, On-line<
http://shapeblue.com/cloudstack-training/>
16th-20th June 2014, Region A. Instructor led, On-line<
http://shapeblue.com/cloudstack-training/>
23rd-27th June 2014, Region B. Instructor led, On-line<
http://shapeblue.com/cloudstack-training/>

This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the
sender if you believe you have received this email in error. Shape Blue
Ltd is a company incorporated in England & Wales. ShapeBlue Services India
LLP is a company incorporated in India and is operated under license from
Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company
incorporated in Brasil and is operated under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.



Email asegurado por Check Point




Email asegurado por Check Point

RE: Where is Remote Access vpn settings.

[Adrian Lewis]

AFAIK, one of the features introduced in 4.3 is remote access VPNs for VPCs.
The VR in a VPC is slightly different to the VR for non-VPC usage so you may
need to upgrade to 4.3. Official release seems fairly imminent
(http://markmail.org/thread/3nnroif5fqr3c2q6) but could still be blocked if
a major bug is discovered.

-Original Message-
From: Nux! [mailto:n...@li.nux.ro]
Sent: 18 February 2014 08:41
To: users@cloudstack.apache.org
Subject: Re: Where is Remote Access vpn settings.

On 17.02.2014 20:35, Jason Villalta wrote:
> It is almost like my UI is behind even though I upgraded to 4.1.1 a
> few months ago so I would except this UI to be there.

I do not know when the VPN feature was introduced, but you certainly are
behind, the current version is 4.2.1 and 4.3 is not very far.

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

RE: Super CIDR on a VPC - Why the limitation?

[Adrian Lewis]

Cheers Geoff,

Voted for and following

Hope someone finds this interesting enough to develop. Not a chance of me
doing it unfortunately - no programming skills at all. Lottie Dexter would
be ashamed of me.

-Original Message-
From: Geoff Higginbottom [mailto:geoff.higginbot...@shapeblue.com]
Sent: 12 February 2014 14:00
To: users@cloudstack.apache.org
Subject: RE: Super CIDR on a VPC - Why the limitation?

Hi Adrian,

All valid points.  The good news is that this has already been raised but
the bad news is that no one is currently working on it.

https://issues.apache.org/jira/browse/CLOUDSTACK-755

Suggest you add your vote to try and get its profile raised etc

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbot...@shapeblue.com

-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: 12 February 2014 13:53
To: users@cloudstack.apache.org
Subject: Super CIDR on a VPC - Why the limitation?

Hi All,



Just wondering what the purpose of specifying a "super CIDR" for a VPC
actually is? Reasons for it that I can think of (not even sure of they're
correct) are:

1.   Sets the quickmode selectors for IPsec VPNs

2.   Sets up some form of routing sanity checks such as RPF in the VR

3.   Route summarisation between connected VRs

4.   Feature parity with Amazon VPCs & corresponding API?



Reasons against it:

1.   It seems to be stuck once set and can't be changed should a
customer's network evolve (maybe hacking the DB and rebooting the system
VMs?)

2.   You can only specify one CIDR and can't use 0.0.0.0/0.0.0.0 so
there's no way to use combinations of 10.x.x.x/8, 192.168.x.x/16 and
172.16.x.x/12 in the same VPC

3.   Just seems a little pointless (IMHO) to have such a significant
limitation



The limitations seem to be fairly significant versus the gains to be made
so I was wondering if anyone knew the reasoning behind this. At least, why
not have the ability to specify and/or edit multiple super CIDRs for a VPC
(and perhaps have a default for the initial selection to all RFC 1918
IPs)?



Thanks in advance for any insights and apologies for any stupidity - still
setting up and trying to formulate some best practice procedures as I go
along.



Adrian
Need Enterprise Grade Support for Apache CloudStack?
Our CloudStack Infrastructure
Support<http://shapeblue.com/cloudstack-infrastructure-support/> offers
the best 24/7 SLA for CloudStack Environments.

Apache CloudStack Bootcamp training courses

**NEW!** CloudStack 4.2.1
training<http://shapeblue.com/cloudstack-training/>
18th-19th February 2014, Brazil.
Classroom<http://shapeblue.com/cloudstack-training/>
17th-23rd March 2014, Region A. Instructor led,
On-line<http://shapeblue.com/cloudstack-training/>
24th-28th March 2014, Region B. Instructor led,
On-line<http://shapeblue.com/cloudstack-training/>
16th-20th June 2014, Region A. Instructor led,
On-line<http://shapeblue.com/cloudstack-training/>
23rd-27th June 2014, Region B. Instructor led,
On-line<http://shapeblue.com/cloudstack-training/>

This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the
sender if you believe you have received this email in error. Shape Blue
Ltd is a company incorporated in England & Wales. ShapeBlue Services India
LLP is a company incorporated in India and is operated under license from
Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company
incorporated in Brasil and is operated under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.

Super CIDR on a VPC - Why the limitation?

[Adrian Lewis]

Hi All,



Just wondering what the purpose of specifying a "super CIDR" for a VPC
actually is? Reasons for it that I can think of (not even sure of they're
correct) are:

1.   Sets the quickmode selectors for IPsec VPNs

2.   Sets up some form of routing sanity checks such as RPF in the VR

3.   Route summarisation between connected VRs

4.   Feature parity with Amazon VPCs & corresponding API?



Reasons against it:

1.   It seems to be stuck once set and can't be changed should a
customer's network evolve (maybe hacking the DB and rebooting the system
VMs?)

2.   You can only specify one CIDR and can't use 0.0.0.0/0.0.0.0 so
there's no way to use combinations of 10.x.x.x/8, 192.168.x.x/16 and
172.16.x.x/12 in the same VPC

3.   Just seems a little pointless (IMHO) to have such a significant
limitation



The limitations seem to be fairly significant versus the gains to be made
so I was wondering if anyone knew the reasoning behind this. At least, why
not have the ability to specify and/or edit multiple super CIDRs for a VPC
(and perhaps have a default for the initial selection to all RFC 1918 IPs)?



Thanks in advance for any insights and apologies for any stupidity - still
setting up and trying to formulate some best practice procedures as I go
along.



Adrian

RE: OpenDaylight Hydrogen SDN integration?

[Adrian Lewis]

I believe that Hugo is also working on getting VXLAN based overlays
working on Xenserver with OpenDaylight. Might be something that requires
the next version of Xenserver however - something to do with OVSDB and how
the XAPI toolstack or Xenserver assign networks when there isn't
necessarily a VM attached to it at the time of provisioning (might be
wrong there but it's something along those lines).

-Original Message-
From: sebgoa [mailto:run...@gmail.com]
Sent: 05 February 2014 09:14
To: users@cloudstack.apache.org
Subject: Re: OpenDaylight Hydrogen SDN integration?



On Feb 5, 2014, at 4:34 AM, Adrian Lewis 
wrote:

> It's being worked on already. When the FOSDEM videos get uploaded I
> think you should be able to take a look at Hugo Trippaers' talk:
>
> https://fosdem.org/2014/schedule/event/virtiaas21/
>
> Can't say for sure whether it was recorded or not though.
>
> -Original Message-
> From: Dag Sonstebo [mailto:d...@sonstebo.co.uk]
> Sent: 05 February 2014 00:36
> To: users@cloudstack.apache.org
> Subject: OpenDaylight Hydrogen SDN integration?
>
> Hi,
>
> I see the OpenDaylight project has just announced it's first SDN
> controller release - Hydrogen.
> Does anyone know any timeline for including this in CS?
>
> Dag

the integration is in the master branch right now, so you can expect it in
4.4 release.

it uses the OVSDB to create GRE meshes.

-Sebastien

RE: OpenDaylight Hydrogen SDN integration?

[Adrian Lewis]

It's being worked on already. When the FOSDEM videos get uploaded I think
you should be able to take a look at Hugo Trippaers' talk:

https://fosdem.org/2014/schedule/event/virtiaas21/

Can't say for sure whether it was recorded or not though.

-Original Message-
From: Dag Sonstebo [mailto:d...@sonstebo.co.uk]
Sent: 05 February 2014 00:36
To: users@cloudstack.apache.org
Subject: OpenDaylight Hydrogen SDN integration?

Hi,

I see the OpenDaylight project has just announced it's first SDN
controller release - Hydrogen.
Does anyone know any timeline for including this in CS?

Dag

RE: 4.2.1 anytime soon?

[Adrian Lewis]

Cool thanks

-Original Message-
From: Conrad Geiger [mailto:cgei...@it1solutions.com]
Sent: 09 December 2013 15:28
To: users@cloudstack.apache.org
Subject: RE: 4.2.1 anytime soon?

>From what I understood, they hope to respin RC today for a second vote.

-Original Message-
From: Adrian Lewis [mailto:adr...@alsiconsulting.co.uk]
Sent: Monday, December 09, 2013 10:23 AM
To: users@cloudstack.apache.org
Subject: RE: 4.2.1 anytime soon?

Do we have any projected dates for the official 4.2.1 release yet? I
understand that there's an ACL disclosure issue that is under discussion
as a potential blocker but I can't quite work out whether there has been
any progress on this.

-Original Message-
From: sebgoa [mailto:run...@gmail.com]
Sent: 27 November 2013 18:11
To: users@cloudstack.apache.org
Subject: Re: 4.2.1 anytime soon?


On Nov 27, 2013, at 6:52 PM, Adrian Lewis 
wrote:

> Hi Sebastien,
>
> Thanks for the reply and the link - I never knew about that option.
> Are these RPMs likely to be upgrade-safe if I configure the mgmt.
> server with the relevant yum repo at a later date?

These rpms are built from the 4.2 branch, so they represent the latest on
that branch and may differ slightly (be ahead ~4.2.2) from what we voted
on for 4.2.1

I have not tried that type of upgrade, which If I understand you right,
may actually be a 'downgrade'. That said it should only be bug fix changes
so the schemas should not change.

My advice would be to wait couple days for the official 4.2.1 but if you
are eager you can grab those rpms and start ironing out your upgrade
procedure (from where you are at to ~4.2.1) on your dev systems.

>
> Cheers,
>
> Adrian
>
> -Original Message-
> From: sebgoa [mailto:run...@gmail.com]
> Sent: 27 November 2013 17:33
> To: users@cloudstack.apache.org
> Subject: Re: 4.2.1 anytime soon?
>
>
> On Nov 27, 2013, at 12:41 PM, Adrian Lewis
> 
> wrote:
>
>> Hi All,
>>
>>
>>
>> Hoping that someone here might know what's holding up the release of
> 4.2.1?
>> A vote was cast back on the 12th Nov which appeared to be all fine
>> with everyone eventually. Citrix have released Cloudplatform 4.2.1.
>> As far as I can tell, the only thing missing was finalising the
>> release notes but these too seem to be finished. Has CCCEU13 killed
>> off all of the momentum to release 4.2.1 or is there something else
>> going on that
> I've missed?
>>
>>
>>
>
> You have not missed anything.
> It's just lack of time in the day to check the final docs, make the
> release announcement etc..
>
>
>> I appreciate that beggars can't be choosers but I'm too scared to try
>> building from source and am eagerly awaiting the 'easy' option of
>> having RPMs made from an officially sanctioned release.
>>
>
> You can always get the latest rpms from:
> http://jenkins.buildacloud.org/view/4.2/job/package-rhel63-4.2/
>
> Even though they are not the official release ones (and won't be since
> we only release source tar ball)
>
>>
>>
>> Any info on this welcomed.
>>
>>
>>
>> Many thanks,
>>
>>
>>
>> Adrian

RE: 4.2.1 anytime soon?

[Adrian Lewis]

Do we have any projected dates for the official 4.2.1 release yet? I
understand that there's an ACL disclosure issue that is under discussion
as a potential blocker but I can't quite work out whether there has been
any progress on this.

-Original Message-
From: sebgoa [mailto:run...@gmail.com]
Sent: 27 November 2013 18:11
To: users@cloudstack.apache.org
Subject: Re: 4.2.1 anytime soon?


On Nov 27, 2013, at 6:52 PM, Adrian Lewis 
wrote:

> Hi Sebastien,
>
> Thanks for the reply and the link - I never knew about that option.
> Are these RPMs likely to be upgrade-safe if I configure the mgmt.
> server with the relevant yum repo at a later date?

These rpms are built from the 4.2 branch, so they represent the latest on
that branch and may differ slightly (be ahead ~4.2.2) from what we voted
on for 4.2.1

I have not tried that type of upgrade, which If I understand you right,
may actually be a 'downgrade'. That said it should only be bug fix changes
so the schemas should not change.

My advice would be to wait couple days for the official 4.2.1 but if you
are eager you can grab those rpms and start ironing out your upgrade
procedure (from where you are at to ~4.2.1) on your dev systems.

>
> Cheers,
>
> Adrian
>
> -Original Message-
> From: sebgoa [mailto:run...@gmail.com]
> Sent: 27 November 2013 17:33
> To: users@cloudstack.apache.org
> Subject: Re: 4.2.1 anytime soon?
>
>
> On Nov 27, 2013, at 12:41 PM, Adrian Lewis
> 
> wrote:
>
>> Hi All,
>>
>>
>>
>> Hoping that someone here might know what's holding up the release of
> 4.2.1?
>> A vote was cast back on the 12th Nov which appeared to be all fine
>> with everyone eventually. Citrix have released Cloudplatform 4.2.1.
>> As far as I can tell, the only thing missing was finalising the
>> release notes but these too seem to be finished. Has CCCEU13 killed
>> off all of the momentum to release 4.2.1 or is there something else
>> going on that
> I've missed?
>>
>>
>>
>
> You have not missed anything.
> It's just lack of time in the day to check the final docs, make the
> release announcement etc..
>
>
>> I appreciate that beggars can't be choosers but I'm too scared to try
>> building from source and am eagerly awaiting the 'easy' option of
>> having RPMs made from an officially sanctioned release.
>>
>
> You can always get the latest rpms from:
> http://jenkins.buildacloud.org/view/4.2/job/package-rhel63-4.2/
>
> Even though they are not the official release ones (and won't be since
> we only release source tar ball)
>
>>
>>
>> Any info on this welcomed.
>>
>>
>>
>> Many thanks,
>>
>>
>>
>> Adrian

RE: 4.2.1 anytime soon?

[Adrian Lewis]

Hi Sebastien,

Thanks for the reply and the link - I never knew about that option. Are
these RPMs likely to be upgrade-safe if I configure the mgmt. server with
the relevant yum repo at a later date?

Cheers,

Adrian

-Original Message-
From: sebgoa [mailto:run...@gmail.com]
Sent: 27 November 2013 17:33
To: users@cloudstack.apache.org
Subject: Re: 4.2.1 anytime soon?


On Nov 27, 2013, at 12:41 PM, Adrian Lewis 
wrote:

> Hi All,
>
>
>
> Hoping that someone here might know what's holding up the release of
4.2.1?
> A vote was cast back on the 12th Nov which appeared to be all fine
> with everyone eventually. Citrix have released Cloudplatform 4.2.1. As
> far as I can tell, the only thing missing was finalising the release
> notes but these too seem to be finished. Has CCCEU13 killed off all of
> the momentum to release 4.2.1 or is there something else going on that
I've missed?
>
>
>

You have not missed anything.
It's just lack of time in the day to check the final docs, make the
release announcement etc..


> I appreciate that beggars can't be choosers but I'm too scared to try
> building from source and am eagerly awaiting the 'easy' option of
> having RPMs made from an officially sanctioned release.
>

You can always get the latest rpms from:
http://jenkins.buildacloud.org/view/4.2/job/package-rhel63-4.2/

Even though they are not the official release ones (and won't be since we
only release source tar ball)

>
>
> Any info on this welcomed.
>
>
>
> Many thanks,
>
>
>
> Adrian

4.2.1 anytime soon?

[Adrian Lewis]

Hi All,



Hoping that someone here might know what’s holding up the release of 4.2.1?
A vote was cast back on the 12th Nov which appeared to be all fine with
everyone eventually. Citrix have released Cloudplatform 4.2.1. As far as I
can tell, the only thing missing was finalising the release notes but these
too seem to be finished. Has CCCEU13 killed off all of the momentum to
release 4.2.1 or is there something else going on that I’ve missed?



I appreciate that beggars can’t be choosers but I’m too scared to try
building from source and am eagerly awaiting the ‘easy’ option of having
RPMs made from an officially sanctioned release.



Any info on this welcomed.



Many thanks,



Adrian

RE: Multi-master MySQL Setup

[Adrian Lewis]

Hi Andi,

Sounds pretty cool - This is the solution I'm looking at currently but
with a hardware load balancer and fewer servers. Good to know it scales!

Cheers,

Adrian

-Original Message-
From: Andi Daniawan [mailto:a...@xpox.net]
Sent: 06 November 2013 23:25
To: users@cloudstack.apache.org
Subject: RE: Multi-master MySQL Setup

Hi All,

Just for your info, I have implemented MariaDB with Galera Clustering.
We are using CS 4.2 on 4 management servers with 7 MariaDB servers.
All management servers loaded with HA-Proxy to connect to MariaDB servers.
It's been running since early October.

Andi

-Original Message-
From: Patrick Miller [mailto:patrick.mil...@sungard.com]
Sent: Wednesday, November 06, 2013 4:51 AM
To: users@cloudstack.apache.org
Subject: Re: Multi-master MySQL Setup

Take a look at the percona [1] implementation of mysql and there clustered
version.
Round robin reads and writes supported.

1] http://www.percona.com/

 Patrick


On Tue, Nov 5, 2013 at 9:55 AM, Adrian Lewis
wrote:

> Hi Marty/Nux!,
>
> Thanks for the feedback - sounds like multi-master is not a good thing
> then! Load will likely be very small for at least the next 6 months
> but I figured that it was one of those things that could be set easily
> now (still setting up) that I might appreciate later.
>
> Based on both your responses, I think I'll just leave it well alone!
> Need to get to grips with pacemaker/corosync anyway for other reasons
> so I'll just try that with either DRBD replication or MySQL replication.
>
> Cheers,
>
> Adrian
>
> -Original Message-
> From: Marty Sweet [mailto:msweet@gmail.com]
> Sent: 05 November 2013 17:23
> To: users@cloudstack.apache.org
> Subject: Re: Multi-master MySQL Setup
>
> Others may have had more success with this but from experience of
> MySQL in multi-master setups I would avoid this entirely.
>
> A common setup is using DRDB to provide a master/slave:
> Management 1 (MySQL Master) w/ virtual IP Management 2 (MySQL Slave)
>
> HA IP Address (for agents/services requiring DB write) which is
> assigned to the master (using Pacemaker).
>
> You can then send web management client to the HA IP Address as well.
>
> It may be worth considering if you need load balancing, depending on
> your setup - what loads are you experiencing?
>
> Marty
>
>
>
> On Tue, Nov 5, 2013 at 5:13 PM, Adrian Lewis
> wrote:
>
> > Hi All,
> >
> >
> >
> > Just wondering if anyone is using a MySQL multi-master configuration
> > with auto_increment_offset (e.g.10) and auto_increment_increment (1
> > for server 1, 2 for server 2 etc)? Does it work? Does anyone know a
> > reason why it doesn't or wouldn't work? Is there anything from an
> > application point of view that could/would trip up CS if
> > auto_increment values are set as more than 1?
> >
> >
> >
> > Not planning on deploying multimaster just yet but if I at least
> > start with an auto_increment of 10, I'd have the option of adding a
> > second master later and being able to load-balance more effectively.
> >
> >
> >
> > Thanks in advance,
> >
> >
> >
> > Adrian
> >
>
>

RE: Multi-master MySQL Setup

[Adrian Lewis]

Seems like the Percona solution also uses Galera for their multi-master
cluster. Starting to wonder whether to go MariaDB-Galera now. Tempted just
to leave it as master slave replicated on MySQL though. Scale really not
an issue right now. Ho hum, fun to be had if I had the time to play.

Assuming no Galera (with either MySQL/Percona/MariaDB) and just using
Centos version of MySQL - does anyone have any input as to whether to go
for replicating between two hosts using DRBD vs native MySQL replication?
I get the impression that MySQL replication is an eventually-consistent
near-realtime kind of replication whereas DRBD can be set to be completely
synchronous replication. MySQL replication just seems a lot less fiddly
than using DRBD and DRBD would replicate file corruption that MySQL
replication would be largely safe from.

-Original Message-
From: Patrick Miller [mailto:patrick.mil...@sungard.com]
Sent: 05 November 2013 21:51
To: users@cloudstack.apache.org
Subject: Re: Multi-master MySQL Setup

Take a look at the percona [1] implementation of mysql and there clustered
version.
Round robin reads and writes supported.

1] http://www.percona.com/

 Patrick


On Tue, Nov 5, 2013 at 9:55 AM, Adrian Lewis
wrote:

> Hi Marty/Nux!,
>
> Thanks for the feedback - sounds like multi-master is not a good thing
> then! Load will likely be very small for at least the next 6 months
> but I figured that it was one of those things that could be set easily
> now (still setting up) that I might appreciate later.
>
> Based on both your responses, I think I'll just leave it well alone!
> Need to get to grips with pacemaker/corosync anyway for other reasons
> so I'll just try that with either DRBD replication or MySQL replication.
>
> Cheers,
>
> Adrian
>
> -Original Message-
> From: Marty Sweet [mailto:msweet@gmail.com]
> Sent: 05 November 2013 17:23
> To: users@cloudstack.apache.org
> Subject: Re: Multi-master MySQL Setup
>
> Others may have had more success with this but from experience of
> MySQL in multi-master setups I would avoid this entirely.
>
> A common setup is using DRDB to provide a master/slave:
> Management 1 (MySQL Master) w/ virtual IP Management 2 (MySQL Slave)
>
> HA IP Address (for agents/services requiring DB write) which is
> assigned to the master (using Pacemaker).
>
> You can then send web management client to the HA IP Address as well.
>
> It may be worth considering if you need load balancing, depending on
> your setup - what loads are you experiencing?
>
> Marty
>
>
>
> On Tue, Nov 5, 2013 at 5:13 PM, Adrian Lewis
> wrote:
>
> > Hi All,
> >
> >
> >
> > Just wondering if anyone is using a MySQL multi-master configuration
> > with auto_increment_offset (e.g.10) and auto_increment_increment (1
> > for server 1, 2 for server 2 etc)? Does it work? Does anyone know a
> > reason why it doesn't or wouldn't work? Is there anything from an
> > application point of view that could/would trip up CS if
> > auto_increment values are set as more than 1?
> >
> >
> >
> > Not planning on deploying multimaster just yet but if I at least
> > start with an auto_increment of 10, I'd have the option of adding a
> > second master later and being able to load-balance more effectively.
> >
> >
> >
> > Thanks in advance,
> >
> >
> >
> > Adrian
> >
>
>

RE: Multi-master MySQL Setup

[Adrian Lewis]

Hi Marty/Nux!,

Thanks for the feedback - sounds like multi-master is not a good thing
then! Load will likely be very small for at least the next 6 months but I
figured that it was one of those things that could be set easily now
(still setting up) that I might appreciate later.

Based on both your responses, I think I'll just leave it well alone! Need
to get to grips with pacemaker/corosync anyway for other reasons so I'll
just try that with either DRBD replication or MySQL replication.

Cheers,

Adrian

-Original Message-
From: Marty Sweet [mailto:msweet@gmail.com]
Sent: 05 November 2013 17:23
To: users@cloudstack.apache.org
Subject: Re: Multi-master MySQL Setup

Others may have had more success with this but from experience of MySQL in
multi-master setups I would avoid this entirely.

A common setup is using DRDB to provide a master/slave:
Management 1 (MySQL Master) w/ virtual IP Management 2 (MySQL Slave)

HA IP Address (for agents/services requiring DB write) which is assigned
to the master (using Pacemaker).

You can then send web management client to the HA IP Address as well.

It may be worth considering if you need load balancing, depending on your
setup - what loads are you experiencing?

Marty



On Tue, Nov 5, 2013 at 5:13 PM, Adrian Lewis
wrote:

> Hi All,
>
>
>
> Just wondering if anyone is using a MySQL multi-master configuration
> with auto_increment_offset (e.g.10) and auto_increment_increment (1
> for server 1, 2 for server 2 etc)? Does it work? Does anyone know a
> reason why it doesn't or wouldn't work? Is there anything from an
> application point of view that could/would trip up CS if
> auto_increment values are set as more than 1?
>
>
>
> Not planning on deploying multimaster just yet but if I at least start
> with an auto_increment of 10, I'd have the option of adding a second
> master later and being able to load-balance more effectively.
>
>
>
> Thanks in advance,
>
>
>
> Adrian
>

Multi-master MySQL Setup

[Adrian Lewis]

Hi All,



Just wondering if anyone is using a MySQL multi-master configuration with
auto_increment_offset (e.g.10) and auto_increment_increment (1 for server
1, 2 for server 2 etc)? Does it work? Does anyone know a reason why it
doesn’t or wouldn’t work? Is there anything from an application point of
view that could/would trip up CS if auto_increment values are set as more
than 1?



Not planning on deploying multimaster just yet but if I at least start with
an auto_increment of 10, I’d have the option of adding a second master
later and being able to load-balance more effectively.



Thanks in advance,



Adrian

SSVM Public IP, NAT and L2/L3 connectivity

[Adrian Lewis]

Hi All,



Still in the planning stages of deploying my first CS install and I have a
question about the SSVM and the apparent requirement for a public routable
IP address. From what I can gather, the only interaction that the SSVM has
with the internet is for downloading files from user or admin supplied
URLs. Does this mean that nothing actually makes inbound connections
directly to it from the internet and that it only ever makes outbound
connections? If so, why does it need a public IP?



Would it be possible to simply have a route to the internet via the
management network or to give it an IP from private network pool that has
access to the internet via some other NAT device?



Secondly, I’ve seen some excellent slides from Geoff Higginbottom but I’m
still not quite sure whether the SSVM actually has four vNICs or whether it
simply needs access to four networks via a lesser number of vNICs. Can
anyone clarify how many vNICs each SSVM has and what the routing table
looks like on the VM itself, especially where the management server and
secondary storage server are on subnets accessible via a L3 hop and not
directly attached to either the hypervisor mgmt or SSVM vNICs (and these
subnets aren’t accessible by a default route on the SSVM)?



My main concern is the public IP requirement as I’m finding it very
difficult to get enough public IPs from my DC, especially where there
doesn’t appear to be a reason for it. I can’t simply get a nice big block
of IPv4 like some other CS users may be used to! I’m considering joining
RIPE but this is not especially cheap and doesn’t seem to guarantee that
I’d get an assignment of IPv4 addresses anyway.



Confused,



Adrian

---

Alsi Consulting Ltd

www.alsiconsulting.co.uk

T: 0845 8676586

M: 07961 127738

RE: System VM Template : wrong path for downloading in 4.2

[Adrian Lewis]

Centos is wrong - I've used Centos 6.4 and the path needs to be:
/usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-t
mplt
instead of:
/usr/lib64/cloud/common/scripts/storage/secondary/cloud-install-sys-tmplt
as documented


Not sure if the download URL is correct either. I've seen other posts
suggesting it should be (in the case of Xen as an example):
http://download.cloud.com/templates/4.2/systemvmtemplate-2013-07-12-master
-xen.vhd.bz2
instead of:
http://download.cloud.com/templates/acton/acton-systemvm-02062012.vhd.bz2
as documented.

Is this URL change correct? Not tried it with the old one and still
setting up so not sure if I should actually be using the one I have used.
The obvious question would be "well does it work?" but unfortunately I've
come up against other issues which prevent me from testing!



-Original Message-
From: Travis Graham [mailto:tgra...@tgraham.us]
Sent: 09 October 2013 05:22
To: users@cloudstack.apache.org
Subject: Re: System VM Template : wrong path for downloading in 4.2

Both are referenced in that doc, the first is for CentOS and the second is
for Ubuntu.

Which OS are you using?

Travis

On Oct 9, 2013, at 12:15 AM, Bjoern Teipel
 wrote:

> How can I fix the doc ?
> There is a wrong path at
http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html/Insta
llation_Guide/management-server-install-flow.html#prepare-system-vm-templa
te
>
> Stating the path
/usr/lib64/cloud/common/scripts/storage/secondary/cloud-install-sys-tmplt
>
> but it should be
/usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-t
mplt
>
> Not a bid deal for me but for other users it might be
>
> Bjoern

RE: question about snapshots and Windows Volume Shadow Copy

[Adrian Lewis]

No answers I'm afraid Len but keen to hear what the definitive answer is
regarding Xen guests. Anyone?

-Original Message-
From: Kelven Yang [mailto:kelven.y...@citrix.com]
Sent: 07 October 2013 19:10
To: users@cloudstack.apache.org
Subject: Re: question about snapshots and Windows Volume Shadow Copy



On 10/7/13 3:37 AM, "Len Bellemore" 
wrote:

>Hi Guys,
>
>I've been asked if Cloudstack snapshots integrate in any way with
>Windows Volume Shadow Copy.  I guess the question is really about what
>type of "backup" does cloudstack actually provide. Is it only crash
consistent?

It is only crash consistent. But with VMware, if guest OS (Windows server)
has VSS enabled and VMware tools is installed in the guest OSS. Quiesce
event will be notified to applications that are running in the guest
before snapshot is taken.


>I know with 4.2 we have VMWare snapshot support, which is a really
>great feature addition, but with XenServer, what are my options?

Not sure about XenServer, I think it is crash consistent only

>
>Thanks
>Len
>
>
>IMPORTANT NOTICE. This electronic message contains information from
>Control Circle Ltd, which may be privileged or confidential. The
>information is intended for use only by the individual(s) or entity
>named above. If you are not the intended recipient, be aware that any
>disclosure, copying, distribution or use of the contents of this
>information is strictly prohibited. If you have received this
>electronic message in error, please notify me by telephone or email (to
>the number or email address above) immediately. Activity and use of the
>ControlCircle e-mail system is monitored to secure its effective
>operation and for other lawful business purposes. Communications using
>this system will also be monitored and may be recorded to secure
>effective operation and for other lawful business purposes

RE: Guest VM password reset - Complexity

[Adrian Lewis]

Ah - my bad. Hadn't read the message properly - thought this was regarding
CS user account passwords.

-Original Message-
From: Ian Duffy [mailto:i...@ianduffy.ie]
Sent: 06 August 2013 13:03
To: users@cloudstack.apache.org
Subject: Re: Guest VM password reset - Complexity

> Is this something that you might be looking to change?

Me personally no... Somebody on devs@ might have an opinion about it...

> I would have thought that people looking to implement your LDAP work
> will be interested in it from a security point of view so having
> password complexity rules would also be of significant interest,
> especially if there's a similar requirement enforced at the LDAP side

Account passwords and instance passwords are very separate. One would hope
that the instance passwords given via the "reset" function are purely
throw-away/use-once passwords.

On 6 August 2013 12:52, Adrian Lewis  wrote:
> Hi Ian,
>
> Is this something that you might be looking to change? I would have
> thought that people looking to implement your LDAP work will be
> interested in it from a security point of view so having password
> complexity rules would also be of significant interest, especially if
> there's a similar requirement enforced at the LDAP side. Something for 4.3
> perhaps?
>
> Adrian
>
> -Original Message-
> From: Ian Duffy [mailto:i...@ianduffy.ie]
> Sent: 06 August 2013 12:07
> To: users@cloudstack.apache.org
> Subject: Re: Guest VM password reset - Complexity
>
> Hi Gaspare,
>
> As far as I'm aware there is no way to do this without modifying the
> source.
>
> The generation of password resets are handled by this piece of code:
> https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=blob;f=util
> s/src/com/cloud/utils/PasswordGenerator.java;h=022afd0d8bda7eaba84a8b6
> 7c595e676158837d4;hb=HEAD
>
> It is hard coded to generate passwords of length 6.
>
> Hope this helps,
> Ian
>
> On 6 August 2013 11:29, Gaspare A Silvestri 
> wrote:
>> Hello everybody,
>>
>> is therea way to improve the password complexity when generating a
>> password using the reset guest password script?
>>
>> Thanks in advance,
>>
>> Gaspare
>>

RE: Guest VM password reset - Complexity

[Adrian Lewis]

Hi Ian,

Is this something that you might be looking to change? I would have thought
that people looking to implement your LDAP work will be interested in it
from a security point of view so having password complexity rules would also
be of significant interest, especially if there's a similar requirement
enforced at the LDAP side. Something for 4.3 perhaps?

Adrian

-Original Message-
From: Ian Duffy [mailto:i...@ianduffy.ie]
Sent: 06 August 2013 12:07
To: users@cloudstack.apache.org
Subject: Re: Guest VM password reset - Complexity

Hi Gaspare,

As far as I'm aware there is no way to do this without modifying the source.

The generation of password resets are handled by this piece of code:
https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=blob;f=utils/src/com/cloud/utils/PasswordGenerator.java;h=022afd0d8bda7eaba84a8b67c595e676158837d4;hb=HEAD

It is hard coded to generate passwords of length 6.

Hope this helps,
Ian

On 6 August 2013 11:29, Gaspare A Silvestri  wrote:
> Hello everybody,
>
> is therea way to improve the password complexity when generating a
> password using the reset guest password script?
>
> Thanks in advance,
>
> Gaspare
>

RE: Big Switch & Floodlight

[Adrian Lewis]

Hi Sebastien,

Many thanks for the info - much appreciated. If I can chip in I will, but
other than about month of Fortran I did at University almost 20 years ago
I've never done any programming so I'd be a bit lost I'm afraid. I'll keep
my eye out for any developments on this front and may be able to assist
with documentation but I doubt I'll be much use with development.

Kind regards,

Adrian

-Original Message-
From: Sebastien Goasguen
Sent: 29 July 2013 08:44
To: users@cloudstack.apache.org
Subject: Re: Big Switch & Floodlight


On Jul 25, 2013, at 11:17 AM, Adrian Lewis wrote:

> Hi All,
>
>
>
> Just wondering if the Bigswitch integration for CS requires the Big
> Virtual Switch component or whether this is just a complimentary
> aspect? I ask this as I'm wondering if the future holds the
> possibility of using the Floodlight controller in CS with third party
Floodlight compatible 'apps'
> but without having to purchase both the commercial Big Virtual Switch
> and the Big Network Controller.

Adrian, currently the BVS integration is not floodlight compatible.
However it should not take much to do it.

Therefore it is in the short future, I am hoping we will have it for the
4.3 release. Note that big switch is extending floodlight and bringing a
lot of their BVS features within floodlight.


> Does the plugin talk to the controller directly or does it have to
> talk to the BVS for instance? I'm not averse to paying for good
> software but from the prices I've seen for BVS and BNC I simply can't
> justify the investment at the moment.
>
>
>
> I understand that there is on-going work with this from both a GSOC
> participant ("tuna") as well as Big Switch Networks themselves (Kanzhe
> Jiang) but I can't for the life of me work out what's been done,

The BVS integration should be functional in 4.2

> what's
> going to be done and what might work already. It get the impression
> that the current plugins don't work with Floodlight but this is only
> due to the fact that the Floodlight API were not finalised in time for
the 4.1 code.

I don't believe there has been any testing with floodlight itself.

> Does anyone have an insight into what might be possible in 4.2 or even
> 4.3 with regards to Floodlight, in particular the use of Floodlight to
> create non-VLAN/GRE/STT isolation (they call them Virtual Network
> Segments)


Bottom line, this should be in 4.3 if we get tuna to keep working on it
past the gsoc project and that we get some collaboration from BigSwitch.

You are welcome to chip in.

-sebastien

> - not
> too sure if this would work for broadcast or multicast isolation though.
> Looking at code is unfortunately quite foreign to me - I'm a
> networking guy at heart.
>
>
>
> Many thanks,
>
>
>
> Adrian

Big Switch & Floodlight

[Adrian Lewis]

Hi All,



Just wondering if the Bigswitch integration for CS requires the Big Virtual
Switch component or whether this is just a complimentary aspect? I ask this
as I’m wondering if the future holds the possibility of using the
Floodlight controller in CS with third party Floodlight compatible ‘apps’
but without having to purchase both the commercial Big Virtual Switch and
the Big Network Controller. Does the plugin talk to the controller directly
or does it have to talk to the BVS for instance? I’m not averse to paying
for good software but from the prices I’ve seen for BVS and BNC I simply
can’t justify the investment at the moment.



I understand that there is on-going work with this from both a GSOC
participant (“tuna”) as well as Big Switch Networks themselves (Kanzhe
Jiang) but I can’t for the life of me work out what’s been done, what’s
going to be done and what might work already. It get the impression that
the current plugins don’t work with Floodlight but this is only due to the
fact that the Floodlight API were not finalised in time for the 4.1 code.
Does anyone have an insight into what might be possible in 4.2 or even 4.3
with regards to Floodlight, in particular the use of Floodlight to create
non-VLAN/GRE/STT isolation (they call them Virtual Network Segments) – not
too sure if this would work for broadcast or multicast isolation though.
Looking at code is unfortunately quite foreign to me – I’m a networking guy
at heart.



Many thanks,



Adrian

RE: Ceph RBD With Xen Server

[Adrian Lewis]

Sebastien,

The preview uses a centos install with a custom repo for the XenServer
goodies. Details in the link:

http://xenserver.org/blog/entry/tech-preview-of-xenserver-libvirt-ceph.htm
l

XAPI is part of this and this appears to be the way forward with regards
to distributing XenServer as opposed to having XCP, XenServer and open
source Xen as different things. Have a feeling that if you install the
xenserver packages though you won't get the latest bleeding edge Xen as
before.

Adrian

Re: Ceph RBD With Xen Server

[Adrian Lewis]

Hi,



First post and only just subscribed so not sure if this will connect up
with the existing thread but I’m very interested in XenServer and Ceph/RBD.
I understand that Wido has informally committed to building the
Xenserver/RBD glue when it is supported on XenServer (think this was in a
video I saw on youtube). With this in mind, I’m wondering if this is
something that could still be added to 4.2 based on the info in
http://xenserver.org/blog/entry/tech-preview-of-xenserver-libvirt-ceph.html.
I realise that it’s not ready yet on the XenServer side but is this
something that might make it to 4.2 in advance of the XenServer development
as opposed to waiting for 4.3? Can the Cloudstack side of things be
developed in advance of the Xenserver elements?



Cheers,



Adrian