Re: [one-users] VNC password contextualization (Users Digest, Vol 83, Issue 33)
http://dev.opennebula.org/issues/2068 We already using this patch for an year. The only problem is that VNC is using only first 8 characters. Regards, Rolandas Naujikas On 2015-01-30 12:40, Hon1nbo wrote: Do you have a link for the ticket? I have to operate all non-redacted my non ONE workplace on my phone currently as I am maxing out all my machines for work. Random passwords would be even better! Also is there a contact point for a opennebula security team or is someone assigned to handle VNC issues? I found a vuln in the noVNC system that I need to report (not critical, but still an issue). -Jim On January 29, 2015 4:30:45 AM CST, Daniel Molina dmol...@opennebula.org wrote: On 29 January 2015 at 10:33, Daniel Molina dmol...@opennebula.org wrote: Hi, On 28 January 2015 at 23:20, Hon1nbo hon1nbo.l...@gmail.com wrote: Is it possible to contextualize the VNC password, similar to the SSH_PUBLIC_KEY per user profile? I have VNC web viewing working now across my entire deployment, and it's finally stable enough I want my users to use it for debugging (took forever to find out there was a bug in the sunstone ruby code for secure websockets preventing most browsers from allowing the viewer without changing to a lower security setting, which I'll be submitting when I get home). Patches are more than welcome. But now that this is working, I'd like for my users to be able to use it without having to modify the templates every time for a new VNC password. Is this possible currently, or should I put in a feature request? This is not possible. You can provide custom attrs [1] on instantiation but the vnc password cannot be replaced. Could you please open a feature request in our dev portal? There is already a ticket related to this, I don't know if this would fit your use case. The idea is that a random password is generated for each VM and then the user can retrieve it from the vm info in sunstone Thank you [1] http://docs.opennebula.org/4.10/user/virtual_resource_management/vm_guide.html#ask-for-user-inputs -Jim -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- -- Daniel Molina Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula -- -- Daniel Molina Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] context package: network restart issue in Debian
Another solution is to move context to early stage (before networking) as we do already and let OS start network. Also that solves problem with saved images. Of cause if some context script wants network it should fork and wait for network, or install itself to /etc/network/if-up.d/. http://grid5.mif.vu.lt/mif/debian7/vmcontext Regards, Rolandas On 2014.10.01 19:56, Javier Fontan wrote: This can probably be caused because after save the network configuration is already generated and the next time that network stop is not working. Can you check that using the same method as ubuntu makes it work? If this is correct I can modify the context packages accordingly. Thanks On Tue, Sep 30, 2014 at 2:45 PM, Olivier Sallou olivier.sal...@irisa.fr wrote: Hi, we face some issues with the network restart on Debian with the 00-network script. The issue occurs after an image save and a start of the new image, not at first boot. The network stop fails. In the 00-network script, there is a test if [ ... ubuntu], to apply ifup/ifdown commands. Here is a relative revision (maybe ot the only one): http://dev.opennebula.org/projects/opennebula/repository/revisions/ff682025003d7ad1759aad838798c05636e2bb08 It seems that networking restart is not recommended (and deprecated) in Debian either. As ifup/ifdown is generic, why not applying this modification to both Ubuntu and Debian ? It seems that in some cases, the networking restart does not work either in Debian. Thanks Olivier -- gpg key id: 4096R/326D8438 (keyring.debian.org) Key fingerprint = 5FB4 6F83 D3B9 5204 6335 D26D 78DC 68DB 326D 8438 ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Sunstone Cloud View seems broken (Users Digest, Vol 79, Issue 36)
Our users also confused about Create button. It should be invisible, when no template is selected. Also there is impossible to select a template, that have RAW attribute in it. Regards, Rolandas Naujikas On 2014.09.11 08:18, Shankhadeep Shome wrote: I can't create a VM from within cloud view. Every time i press the create button it says You must select at least a template configuration Firefox Version 32 Chrome Version 37.0.2062.120m This template works perfectly with any other view, seems like there is some gui issues with these browsers. Anybody else having this issue? [image: Inline image 1] -- next part -- An HTML attachment was scrubbed... URL: http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20140911/fa7aea3e/attachment.htm -- next part -- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 138982 bytes Desc: not available URL: http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20140911/fa7aea3e/attachment.png ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Run bash script in vm on spin-up (Users Digest, Vol 79, Issue 20)
Please look http://docs.opennebula.org/4.8/user/references/template.html#context-section and http://docs.opennebula.org/4.8/user/virtual_machine_setup/cong.html FILES_DS and INIT_SCRIPTS. INIT_SCRIPTS is missing in context reference documentation. Regards, Rolandas Naujikas On 2014.09.08 23:09, kerryhall . wrote: Thanks! I'm still having issues here unfortunately. I tried putting: FILES_DS=$FILE[IMAGE=\test.sh\] into my template context section, but I get: User 0 does not own an image with name: test.sh I'm not trying to include an image, I just want test.sh (a file in my file datastore) to get copied to anywhere on my vm's filesystem. (And eventually, I want test.sh to get run on vm creation, or failing that, every time the vm starts) Thanks!! On Fri, Jul 25, 2014 at 11:18 PM, Valentin Bud valentin@gmail.com wrote: Hello Kerry, Under Defining Context [1] there is an example how to use FILES_DS. FILES_DS=$FILE[IMAGE=\test.sh\] [1]: http://docs.opennebula.org/4.6/user/virtual_machine_setup/cong.html Best, Valentin On Fri, Jul 25, 2014 at 11:29 PM, kerryhall . kerryh...@gmail.com wrote: Hi folks, I am trying to run a bash script on a vm as it gets spun up. I've read: http://docs.opennebula.org/4.6/user/virtual_machine_setup/cong.html but there isn't too much to go on there. I have created test.sh and put it into the files datastore on the head node. The issue I am having is that the syntax in the Defining Context section of http://docs.opennebula.org/4.6/user/virtual_machine_setup/cong.html is ambiguous, specifically the files_ds section. I have tried: FILES_DS=$FILE[\test.sh\] and FILES_DS=/var/lib/one/datastores/2/test.sh As a first step, I'm just trying to get this file included in my vm at all. Thanks! Kerry ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- next part -- An HTML attachment was scrubbed... URL: http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20140908/73439fbb/attachment-0001.htm ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] incorrect example in documentation
Hi, In http://docs.opennebula.org/4.8/advanced_administration/application_insight/onegate_usage.html#onegate-usage the example is incorrect: curl -X PUT $ONEGATE_ENDPOINT should be curl -X PUT $ONEGATE_ENDPOINT/vm Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] error in documentation
http://docs.opennebula.org/4.8/user/references/template.html#features-section In example there is used FEATURE tab, but should be FEATURES. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Debian Wheezy KVM 2.1 (Users Digest, Vol 78, Issue 82)
Hi, We are testing Debian 7 (wheezy) with QEMU/KVM 2.1 and kernel from wheezy-backports. Still not in production. So far no problems (even Windows 2012 R2 works OK). (No ceph support, but it is not problem in our case). Regards, Rolandas P.S. Our testbed is OpenNebula 4.8. On 2014.08.26 21:32, Arnold Bechtoldt wrote: Hey guys, Are there any known issues running Wheezy together with QEMU/ KVM 2.1 from wheezy-backports and ONE 4.8? Thanks for sharing, Arnold ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] opennebula 4.6-RC problem with migration
(By using git snapshot after version bump to 4.6.0) Version read: Shared tables 4.4.1 : Database migrated from 4.4.0 to 4.4.1 (OpenNebula 4.4.1) by onedb command. Local tables 4.4.1 : Database migrated from 4.4.0 to 4.4.1 (OpenNebula 4.4.1) by onedb command. MySQL dump stored in /var/lib/one/4.6.0/var/mysql_localhost_opennebula.sql Use 'onedb restore' or restore the DB using the mysql command: mysql -u user -h server -P port db_name backup_file Running migrators for shared tables Running migrator /var/lib/one/4.6.0/lib/ruby/onedb/shared/4.4.1_to_4.5.80.rb undefined method `create_cdata' for #Nokogiri::XML::Document:0x7fb442dba0d0 The database will be restored MySQL DB opennebula at localhost restored. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] opennebula 4.6-RC problem with migration
It looks like nokogiri (1.4.0) in Debian 6.0 have no create_cdata method. In Debian 7 nokogiri is of 1.5.5 and no problems. Regards, Rolandas On 2014-04-23 14:09, Rolandas Naujikas wrote: (By using git snapshot after version bump to 4.6.0) Version read: Shared tables 4.4.1 : Database migrated from 4.4.0 to 4.4.1 (OpenNebula 4.4.1) by onedb command. Local tables 4.4.1 : Database migrated from 4.4.0 to 4.4.1 (OpenNebula 4.4.1) by onedb command. MySQL dump stored in /var/lib/one/4.6.0/var/mysql_localhost_opennebula.sql Use 'onedb restore' or restore the DB using the mysql command: mysql -u user -h server -P port db_name backup_file Running migrators for shared tables Running migrator /var/lib/one/4.6.0/lib/ruby/onedb/shared/4.4.1_to_4.5.80.rb undefined method `create_cdata' for #Nokogiri::XML::Document:0x7fb442dba0d0 The database will be restored MySQL DB opennebula at localhost restored. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] opennebula 4.6-RC problem with migration
Hi, Another error (with 4.4.1_to_4.5.80.rb from https://gist.github.com/carlosms/11218311): Running migrators for shared tables Running migrator /var/lib/one/4.6.0/lib/ruby/onedb/shared/4.4.1_to_4.5.80.rb node must be a Nokogiri::XML::Node Regards, Rolandas On 2014-04-23 17:50, Carlos Martín Sánchez wrote: Hi, We didn't catch that in our tests, Debian 6 is not included in the testing and certification process. Can you try with this file and report if it works? https://gist.github.com/carlosms/11218311 Thanks. -- Carlos Martín, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org http://www.OpenNebula.org | cmar...@opennebula.org mailto:cmar...@opennebula.org | @OpenNebula http://twitter.com/opennebulamailto:cmar...@opennebula.org On Wed, Apr 23, 2014 at 1:22 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: It looks like nokogiri (1.4.0) in Debian 6.0 have no create_cdata method. In Debian 7 nokogiri is of 1.5.5 and no problems. Regards, Rolandas On 2014-04-23 14:09, Rolandas Naujikas wrote: (By using git snapshot after version bump to 4.6.0) Version read: Shared tables 4.4.1 : Database migrated from 4.4.0 to 4.4.1 (OpenNebula 4.4.1) by onedb command. Local tables 4.4.1 : Database migrated from 4.4.0 to 4.4.1 (OpenNebula 4.4.1) by onedb command. MySQL dump stored in /var/lib/one/4.6.0/var/mysql___localhost_opennebula.sql Use 'onedb restore' or restore the DB using the mysql command: mysql -u user -h server -P port db_name backup_file Running migrators for shared tables Running migrator /var/lib/one/4.6.0/lib/ruby/__onedb/shared/4.4.1_to_4.5.80.__rb undefined method `create_cdata' for #Nokogiri::XML::Document:__0x7fb442dba0d0 The database will be restored MySQL DB opennebula at localhost restored. _ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] create VM window doesn't show template owner and group
Hi, Create VM window doesn't show template owner and group. As user from oneadmin, I can see all of them and that could create security problems if some user creates VM template with the same name as system one. That is true for 4.4 and 4.6. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] opennebula 4.6-RC problem with migration
On 2014-04-23 20:10, Rolandas Naujikas wrote: Hi, Another error (with 4.4.1_to_4.5.80.rb from https://gist.github.com/carlosms/11218311): Running migrators for shared tables Running migrator /var/lib/one/4.6.0/lib/ruby/onedb/shared/4.4.1_to_4.5.80.rb node must be a Nokogiri::XML::Node From http://nokogiri.org/Nokogiri/XML/Document.html#method-i-create_cdata source I tested change create_cdata(doc,txt) - Nokogiri::XML::CDATA.new(doc,txt) and onedb upgrade passed on Debian 6.0 with nokogiri 1.4.0. Regards, Rolandas Regards, Rolandas On 2014-04-23 17:50, Carlos Martín Sánchez wrote: Hi, We didn't catch that in our tests, Debian 6 is not included in the testing and certification process. Can you try with this file and report if it works? https://gist.github.com/carlosms/11218311 Thanks. -- Carlos Martín, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org http://www.OpenNebula.org | cmar...@opennebula.org mailto:cmar...@opennebula.org | @OpenNebula http://twitter.com/opennebulamailto:cmar...@opennebula.org On Wed, Apr 23, 2014 at 1:22 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: It looks like nokogiri (1.4.0) in Debian 6.0 have no create_cdata method. In Debian 7 nokogiri is of 1.5.5 and no problems. Regards, Rolandas On 2014-04-23 14:09, Rolandas Naujikas wrote: (By using git snapshot after version bump to 4.6.0) Version read: Shared tables 4.4.1 : Database migrated from 4.4.0 to 4.4.1 (OpenNebula 4.4.1) by onedb command. Local tables 4.4.1 : Database migrated from 4.4.0 to 4.4.1 (OpenNebula 4.4.1) by onedb command. MySQL dump stored in /var/lib/one/4.6.0/var/mysql___localhost_opennebula.sql Use 'onedb restore' or restore the DB using the mysql command: mysql -u user -h server -P port db_name backup_file Running migrators for shared tables Running migrator /var/lib/one/4.6.0/lib/ruby/__onedb/shared/4.4.1_to_4.5.80.__rb undefined method `create_cdata' for #Nokogiri::XML::Document:__0x7fb442dba0d0 The database will be restored MySQL DB opennebula at localhost restored. _ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] Cannot remove disk/nic from VM template wizard
Hi, I cannot remove added disk or nic in VM template creation wizard. Regards, Rolandas P.S. VM template wizard is very slow to appear and operate on firefox 28.0. I disabled all extensions. It is in OS X 10.9 (Maverics). It is OK on Google Chrome/Chromium and Safari. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] easy provisioning doesn't show template owner/group in sunstone
Hi, Easy provisioning doesn't show template owner and group in = 4.4. Also new cloud view in 4.6-RC is also missing this information. That could create security issues when users are allowed to share they own templates and images. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] new sunstone cloud view vs old easy provisioning
Hi, New sunstone cloud view (4.6) is different from old easy provisioning (4.4) model and requires different setup in opennebula. If we setup templates ready for 4.6 cloud view, then easy provisioning is useless (it is disabled by default). Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] new cloud view tooltips are off place
Hi, New cloud view tooltips are off place in firefox 28 and chrome 34 versions. Also tried mobile chome (on tablet) - they are in place, but very difficult to push buttons (too small area for click). Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] opennebula + KVM + openvswitch + openflow controller
On 2014-04-14 10:52, Marco Fanti wrote: You should give more information about your setup. What openflow controller are you using? Floodlight (from http://www.projectfloodlight.org/) in default configuration (tried also learning switch config). And the controller is controlling only the physical switches or also the OpenVSwitches? (I think this last option is not possible without a lot of work) Physical switches are IBM EN4093R (10Gb) and connected with openflow to the same floodlight controller. openvswitch is of 1.4.2 in Debian 7.4. # ovs-vsctl show 8505aff4-42e3-48c2-9173-fa0fbe5caeb3 Bridge br0 Controller tcp:192.168.42.68:6633 is_connected: true Port eth0 Interface eth0 br0 have IP, eth0 have no IP. With floodlight in forwarding mode I have connectivity between hypervisor nodes (with IP of br0) and to storage nodes (for iSCSI), but VMs on different nodes doesn't see each other. Regards, Rolandas 2014-04-13 21:36 GMT+02:00 Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt: Hi, I'm trying to use openflow controller + openvswitch + KVM + hardware switch with openflow support. Could provide some advice, because I cannot get it running by using opennebula default config + kvm + openvswitch (ping works with VMs in the same node and fails to VMs in another nodes). Regards, Rolandas _ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] opennebula + KVM + openvswitch + openflow controller
On 2014-04-14 18:11, Marco Fanti wrote: I think you cannot connect the openvswitch bridge to the openflow controller, because the network driver of opennebula performs some operations with ovs-vsctl and ovs-ofctl, so when you connect the controller to the bridge, you disupt the correct working of the openvswitch opennebula driver. The connection between openvswitch and floodlight controller is on different ethernet port (eth1). Regards, Rolandas This is only a supposition I made, because now I can't perform any test. Probably is better if you wait an answer from a more expert user/developer. 2014-04-14 11:57 GMT+02:00 Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt: On 2014-04-14 10:52, Marco Fanti wrote: You should give more information about your setup. What openflow controller are you using? Floodlight (from http://www.projectfloodlight.__org/ http://www.projectfloodlight.org/) in default configuration (tried also learning switch config). And the controller is controlling only the physical switches or also the OpenVSwitches? (I think this last option is not possible without a lot of work) Physical switches are IBM EN4093R (10Gb) and connected with openflow to the same floodlight controller. openvswitch is of 1.4.2 in Debian 7.4. # ovs-vsctl show 8505aff4-42e3-48c2-9173-__fa0fbe5caeb3 Bridge br0 Controller tcp:192.168.42.68:6633 http://192.168.42.68:6633 is_connected: true Port eth0 Interface eth0 br0 have IP, eth0 have no IP. With floodlight in forwarding mode I have connectivity between hypervisor nodes (with IP of br0) and to storage nodes (for iSCSI), but VMs on different nodes doesn't see each other. Regards, Rolandas 2014-04-13 21:36 GMT+02:00 Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt mailto:rolandas.naujikas@mif.__vu.lt mailto:rolandas.nauji...@mif.vu.lt: Hi, I'm trying to use openflow controller + openvswitch + KVM + hardware switch with openflow support. Could provide some advice, because I cannot get it running by using opennebula default config + kvm + openvswitch (ping works with VMs in the same node and fails to VMs in another nodes). Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org mailto:Users@lists.__opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] opennebula + KVM + openvswitch + openflow controller
Hi, I'm trying to use openflow controller + openvswitch + KVM + hardware switch with openflow support. Could provide some advice, because I cannot get it running by using opennebula default config + kvm + openvswitch (ping works with VMs in the same node and fails to VMs in another nodes). Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] incorrect owner of files in one-context_4.4.0.deb
Hi, Incorrect owner (uid=1000, gid=1000) of files in http://dev.opennebula.org/attachments/download/746/one-context_4.4.0.deb Should be root:root. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] opennebula 4.4.0
Different free space is shown for local datastores in sunstone and from cli. For e.g. we have 1.5GB / 130.6GB (1%) in sunstone, when in cli it shows: LOCAL SYSTEM DATASTORE #102 CAPACITY TOTAL:: 130.6G USED: : 1M FREE: : 129.1G The difference is because different method is used to calculate used space. In cli it uses monitored value (from du -sLm), when sunstone uses var total = parseInt(ds.TOTAL_MB); var used = total - parseInt(ds.FREE_MB); Difference is because some space is used by file system itself and also it could be shared with some local OS installation files. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] updating TEMPLATE from hooks with onevm update (Users Digest, Vol 69, Issue 133)
On 2013-11-26 12:55, Olivier Sallou wrote: On 11/26/2013 11:51 AM, Olivier Sallou wrote: On 11/26/2013 11:14 AM, Carlos Mart?n S?nchez wrote: Hi, When the VM is created, the template contents are parsed and stored in VM/TEMPLATE. All the extra unknown attributes are stored in VM/USER_TEMPLATE. You can see this with the onevm show -x command. The onevm update action only allows to edit the USER_TEMPLATE attributes, and as you described, the create hook is triggered after the VM has been correctly created. I don't see any easy way to make your work flow fit into OpenNebula. Could you elaborate a bit more on your use case? What I expect is to get my USER_TEMPLATE in the context.sh mounted in my VM. A basic use case is to generate a unique password for a web application running in the VM. I'd like to generate the passsword with a hook and send the password to the user by mail (until here, this is fine). The generated password is also in the VM context/template so that it appears in the context.sh of the VM. At startup, a specific init script read the VM contextualization and init the web application with the password provided. onegate feature probably could help you. http://opennebula.org/documentation:rel4.2:onegate_usage Rolandas The above example could be managed directly in the VM, without specific contextualization, but there are cases where some variables could be user dependent, so those variables would need to be set dynamically on opennebula server side. Olivier I'm assuming you want those two variables to end in the context section of the VM. In that case the preferred way to do so would be to have a VM Template for each Image, and in there set the needed variables. Regards -- Carlos Mart?n, MSc Project Engineer OpenNebula - Flexible Enterprise Cloud Made Simple www.OpenNebula.org http://www.OpenNebula.org | cmar...@opennebula.org mailto:cmar...@opennebula.org | @OpenNebula http://twitter.com/opennebula On Tue, Nov 26, 2013 at 8:41 AM, Olivier Sallou olivier.sal...@irisa.fr mailto:olivier.sal...@irisa.fr wrote: Hi, If my VM HOOK (on CREATE) adds new elements with a onevm update, I can see those variables in the the user template of the vm/ onevm show: USER TEMPLATE SSH_PUBLIC_KEY=ssh-rsa.. XGRID_PWD=xxx In my image template, I have set: SSH_PUBLIC_KEY $USER[SSH_PUBLIC_KEY] XGRID_PWD $USER[XGRID_PWD] But in the VM template, I do not see any of those variable. It would seem that user template attributes are created *after* the vm template generation. Any idea ? Thanks Olivier ___ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Olivier Sallou IRISA / University of Rennes 1 Campus de Beaulieu, 35000 RENNES - FRANCE Tel: 02.99.84.71.95 gpg key id: 4096R/326D8438 (keyring.debian.org) Key fingerprint = 5FB4 6F83 D3B9 5204 6335 D26D 78DC 68DB 326D 8438 ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] sunstone novnc console on separate window/tab in 4.4RC (one-4.4)
After http://dev.opennebula.org/projects/opennebula/repository/revisions/277a862a7aac0026e299f0305e329bd9c3a8cb04 I see VM title bar text is over at top of console output. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] resize VM dialog is better, but there is a problem with VCPU
Hi, After http://dev.opennebula.org/projects/opennebula/repository/revisions/ba2bd837018a4d606e554b919359b74ecc888d9f resize dialog works better, but for VCPU there is logic error. In leftmost position VCPU value should be 1 at least, 0 - is not valid value. Maximum value should be also bigger 16 at least. Also 0 value is not meaningful for CPU and MEMORY. Regards, Rolandas P.S. Of cause all those values could be entered manually. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] space utilization on datastores in =4.4
Hi, I'm seeing a problem with space utilization calculations in face of sparse and qcow2 images. Those could occupy less space initially, but grow later. So system datastores can be overprovisioned. Should I open new bug report or add this as comment to some feature/gut report ? Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] hosts stays in INIT state on 4.3.80/4.3.85
Hi, We upgraded our testbed to opennebula 4.4 beta (4.3.80, later to 4.3.85). Initially hosts goes to STATE:ON, but if I disable host and reenable it stays in STATE:INIT forever. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Contextualisation with Upstart (Users Digest, Vol 69, Issue 65)
On 2013-11-16 16:22, Gareth Bult wrote: Hi, Ubuntu and other distro's seem to be standardising on Upstart and certainly as of 13.10 there seems to be an issue with simply linking vmcontext.sh into /etc/rc2.d. I've moved over to using the following script in /etc/init/ , which I'm guessing is backwards compatible with to at least Ubuntu 12.04 if not before. Where's the best place to post this sort of thing? # /etc/init/vmcontext.conf # # Create interfaces file before we start the network # description create /etc/network/interfaces start on (starting network-interface) console output pre-start script /etc/init.d/vmcontext.sh start ifup -a end script post-stop script /etc/init.d/vmcontext.sh stop end script Mine /etc/init/vmcontext.conf is start on startup and filesystem task exec /etc/init.d/vmcontext and also I removed networking restart from /etc/one-context.d/00-network, because it interfere with system networking start scripts. Regards, Rolandas P.S. vmcontext should configure system, but not to interfere with startup sequence (cloud-init does similarly). ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] management of qcow2 images
Hi, On 2013-07-15 14:35, Ruben S. Montero wrote: Hi Rolandas So the problem is how to update the version of an image, right? We are currently copying the new file to the SOURCE of the image something like: cp debian_new.qcow2 `oneimage show debian | | grep SOURCE | cut -d':' -f2` This way you do not need to modify the qcow driver. As I wrote in http://mif.vu.lt/~rolnas/stsc/qcow2.txt we cannot simple replace qcow2 image with cp or mv, because original image could still be in use by some VM (referenced as backed file in snapshot qcow2). Until VM is running it is OK, because original file is still open by kvm, but when VM is stopped or turned off (power off), kvm process is terminated and original file is deleted, but snapshot qcow2 is still referencing original file by pathname. Regards Rolandas Naujikas Does it make sense in your setup? Cheers Ruben On Fri, Jul 5, 2013 at 9:42 AM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, For management of master images in qcow2 format we created a solution described here http://mif.vu.lt/~rolnas/stsc/__qcow2.txt http://mif.vu.lt/%7Erolnas/stsc/qcow2.txt. Hope it could solve some management troubles and we are looking for improvements in OpenNebula also. Regards, Rolandas Naujikas _ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org -- http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Join us at OpenNebulaConf2013 in Berlin, 24-26 September, 2013 -- Ruben S. Montero, PhD Project co-Lead and Chief Architect OpenNebula - The Open Source Solution for Data Center Virtualization http://lists.opennebula.org/listinfo.cgi/users-opennebula.orgwww.OpenNebula.org http://www.OpenNebula.org | rsmont...@opennebula.org mailto:rsmont...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] management of qcow2 images
Hi, For management of master images in qcow2 format we created a solution described here http://mif.vu.lt/~rolnas/stsc/qcow2.txt. Hope it could solve some management troubles and we are looking for improvements in OpenNebula also. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] How to recover from POWER-OFF? ([Gal BRUKALAS?] Users Digest, Vol 64, Issue 86)
On 2013-06-26 14:55, Ricardo Duarte wrote: Hi there, My machines cannot recover from POWEROFF state. According to the docs, I should be able to issue a RESUME, but I get the following error: [VirtualMachineAction] Wrong state to perform action What can i do, other than restarting the machine? onevm restart in opennebula 3.8 and onevm boot (I'm not sure, but at least in sunstone Boot works) in opennebula 4.0. Rolandas Thanks, Ricardo -- next part -- An HTML attachment was scrubbed... URL: http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130626/fd23bda1/attachment-0001.htm ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] spelling error in error message
diff -urbBd opennebula-3.8.3/src/sunstone/public/js/opennebula.js opennebula-3.8.4/src/sunstone/public/js/opennebula.js --- opennebula-3.8.3/src/sunstone/public/js/opennebula.js 2013-01-11 13:05:02.0 +0200 +++ opennebula-3.8.4/src/sunstone/public/js/opennebula.js 2013-06-11 20:34:40.0 +0300 @@ -1039,6 +1039,7 @@ resource : MARKETPLACE, show : function(params){ +params.error = notifyError(Cannot connect with OpenNebula Marketplace); OpenNebula.Action.show(params,OpenNebula.Marketplace.resource); }, list : function(params){ @@ -1059,7 +1060,7 @@ callback(request, response) : null; }, error: function(res){ -return callback_error ? callback_error(request, OpenNebula.Error(res)) : null; +return notifyError(Cannot connect with OpenNebula Marketplace); } }); } See http://idioms.thefreedictionary.com/connect+with, probably better use http://idioms.thefreedictionary.com/connect+to. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] Self-service portal is not usable in opennebula 3.8.4
Because of http://dev.opennebula.org/projects/opennebula/repository/revisions/f71432552351ff348fcfc1677585d831301d1bb7 (f7143255) self-service portal timeouts in 5s. There is a working patch for that (or occi/ui should use the same cookie as sunstone): --- lib/ruby/cloud/occi/ui/public/js/sunstone.js.orig 2013-06-19 13:21:29.0 +0300 +++ lib/ruby/cloud/occi/ui/public/js/sunstone.js2013-06-19 13:39:01.0 +0300 @@ -296,9 +296,9 @@ $(document).ready(function(){ setLogin(); setInterval(function(){ -var user_cookie = cookie[one-user]; +var user_cookie = cookie[occi-user]; readCookie(); -if ((cookie[one-user] == null) || (cookie[one-user] !== user_cookie)) { +if ((cookie[occi-user] == null) || (cookie[occi-user] !== user_cookie)) { window.location.href='/'; } },5000); Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Access an oZones zone using EC2 ..... (Users Digest, Vol 64, Issue 33)
On 2013-06-07 10:11, Andranik Hayrapetyan wrote: Hi, Thank you for response! I tried this but I had a problem. I am exporting this environmental variables export EC2_SECRET_KEY=x export EC2_ACCESS_KEY=oneadmin export ONE_AUTH=$HOME/one_auth export EC2_URL=http://localhost:4567 and econe commands work fine. In my apache configuration I added the following for reverse proxy: ProxyPass /ec2/ http://localhost:4567 ProxyPassReverse /ec2/ http://localhost:4567 And after I changed the export EC2_URL=http://localhost:4567 with export EC2_URL=http://MY_IP_ADDRESS/ec2/ In econe.conf you have to put :ssl_server: http://MY_IP_ADDRESS/ec2/ Because it is used in EC2 authentication, it will not work with different EC2_URL=http://localhost:4567 anymore. You have to use EC2_URL=http://MY_IP_ADDRESS/ec2/ (sometimes final / is not required, but it depends on EC2 client). Regards, Rolandas but this way I am getting the following error: econe-describe-images: The username or password is not correct May be I am missing something? Thanks in advance! On Thu, Jun 6, 2013 at 2:56 PM, Tino Vazquez tin...@opennebula.org wrote: Hi, The rules for the reverse proxy are only set for the CLI and Sunstone, but in principle i don't see why it shouldn't work as well with EC2 and OCCI as well. If you think this is interesting, please open a feature request in the dev.opennebula.org portal. Best regards, -Tino -- Join us at OpenNebulaConf2013 in Berlin, 24-26 September, 2013 | www.opennebulaconf.com -- Constantino V?zquez Blanco, PhD, MSc Project Engineer | OpenNebula - The Open-Source Solution for Data Center Virtualization www.OpenNebula.org | @tinova79 | @OpenNebula On Thu, Jun 6, 2013 at 10:05 AM, Andranik Hayrapetyan andranik@gmail.com wrote: Good day, I would like to know, if it is possible to access a zone which I have created with oZones server using EC2 API, or it is only possible with OpenNebul CLI and Sunestone server like it is said here http://opennebula.org/documentation:rel4.0:ozones . P.S. I am using OpenNebula 4 Thanks in advance! ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- next part -- An HTML attachment was scrubbed... URL: http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130607/7d5e4757/attachment.htm ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] VM state is UNKNOWN
On 2013-06-01 05:07, Dmitri Chebotarov wrote: Hello I'm seeing following interesting behavior : I've a VM in RUNNING state, everything works OK. Then I issue 'shutdown' command from within the running OS (ie. it's a Linux VM and I run 'init 0' to shut it down), the VM shuts down OK, but the ONE's state changes from RUNNING to UNKNOWN and I cannot start the VM onevm restart should work to boot again VM. anymore. I expected the status to change to SHUTDOWN, which would allow me to start the VM later. OpenNebula cannot guess want you are doing inside of VM. If you want really shutdown VM and remove it from OpenNebula, you have to do that from OpenNebula. Regards, Rolandas I watched 'virsh list -all' on the host while doing it, and status of the VM changes from 'running' to 'in shutdown' for about 10-14 seconds and then VM is removed from the host (I assume by ONE). Am I missing something? Or is it expected? ACPI is enabled for the VM and I can send Shutdown signal to the VM from the Sunstore interface, which changes the state to SHUTDOWN, but not when I run 'shutdown' from within the OK. Any suggestions? Thank you. -- next part -- An HTML attachment was scrubbed... URL: http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130601/8001e4fc/attachment.html ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] ONE 4.0.1 - OCCI does'nt work (Users Digest, Vol 63, Issue 101)
On 2013-05-29 17:33, Daniel Molina wrote: Hi, On 29 May 2013 16:09, Benadik, Jan jan.bena...@atos.net wrote: When I start OCCI Server - everything seems to be OK (no error messages in log or on the screen). When I try to connect to OCCI server:port, the following error appears: XML Parsing Error: no element found Location: http://10.0.5.210:4567/ui Line Number 1, Column 1: *What's wrong?** * The 3.x self-service portal was replaced with the new OpenNebula Sunstone views [1]. This is a new feature that allows you to customize the UI for different users or user groups, so the interface implements the provisioning model for each role. Sunstone ships with two predefined views admin and user, but you can create your own views. 2 steps forward, 1 step back. Self-service functionality could probably be defined in sunstone 4.0, but not exists in opennebula 4.0.1 source yet (It was removed in 4.0 but nothing similar was added). Regards, Rolandas P.S. OpenStack is different by design but have many good points also. [1] http://opennebula.org/documentation:rel4.0:suns_views Cheers ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] How Opennebula sync with LDAP server (Users Digest, Vol 63, Issue 88)
On 2013-05-28 12:39, song wrote: HI guys: Now I am on a trying of sync Opennebula 3.8 with LDAP server ,after edit the ldap_auth.conf,filling ldap server host and port and base dn,I don't know what to do next,AND I don't see any instruction on Opennebula official website,How can I let Opennebula start the Operation of SYNC,any answer will be appreciated! OpenNebula LDAP authentication driver doesn't sync, but authenticate against LDAP. Also if default authentication driver is configured, then those users are created in OpenNebula on first successful login. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] sunstone 4.0 customization
I'm trying to customize sunstone 4.0. I created mini.yaml with copy of a user.yaml. I want to put some tabs (like vms, templates, images, files) on top level and I don't find easy way to do that. My attempt to copy vms-tab.js to vms2-tab.js (templates-tab - templates2-tab, images-tab - images2-tab also) and comment parentTab and tabClass properties works partially (sunstone starts to misbehavior - most buttons don't click anymore). Regards, Rolandas P.S. In mean time I found a mistake in default admin.yaml - VM.livemigrate should be VM.migrate_live. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] sunstone 4.0 customization
On 2013-05-23 12:25, Daniel Molina wrote: On 23 May 2013 10:42, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: I'm trying to customize sunstone 4.0. I created mini.yaml with copy of a user.yaml. I want to put some tabs (like vms, templates, images, files) on top level and I don't find easy way to do that. My attempt to copy vms-tab.js to vms2-tab.js (templates-tab - templates2-tab, images-tab - images2-tab also) and comment parentTab and tabClass properties works partially (sunstone starts to misbehavior - most buttons don't click anymore). Note that if you change the file name you will have to change the following lines in the code 8--- Sunstone.addMainTab('templates-tab',templates_tab); div class=six columns' + insert_permissions_table('templates-tab', Sunstone.popUpInfoPanel(template_info_panel, templates-tab); var tab_name = 'templates-tab'; 8--- I did sed 's/templates-tab/templates2-tab/g' templates2-tab.js already after copying templates-tab.js to templates2-tab.js. Regards, Rolandas Regards, Rolandas P.S. In mean time I found a mistake in default admin.yaml - VM.livemigrate should be VM.migrate_live. Thank you, http://dev.opennebula.org/issues/2079 Cheers ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] sunstone 4.0 https problem
[blocked] The page at https://***/***/one/ ran insecure content from http://fonts.googleapis.com/css?family=Open+Sans That is in Chromium (Google Chrome). Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] sunstone 4.0 customization
Finally I got sunstone 4.0 to look almost like 3.2. For each tab (vms, templates, images, files, datastores, vnets) I created a copy like vms2-tab.js, templates2-tab.js, ... Changes are like: --- vms-tab.js 2013-05-17 18:34:45.0 +0300 +++ vms2-tab.js 2013-05-23 20:40:34.0 +0300 @@ -867,11 +867,11 @@ var vm_info_panel = { }; var vms_tab = { -title: tr(Virtual Machines), +title: 'i class=icon-cloud/i'+tr(Virtual Machines), content: vms_tab_content, buttons: vm_buttons, -tabClass: 'subTab', -parentTab: 'vresources-tab' +//tabClass: 'subTab', +//parentTab: 'vresources-tab' }; Sunstone.addActions(vm_actions); sunstone-views/mini.yaml is a copy of user.yaml with heading like: small_logo: images/opennebula-sunstone-v4.0-small.png enabled_tabs: - dashboard-tab - vms2-tab - templates2-tab - images2-tab - files2-tab - datastores2-tab - vnets2-tab - marketplace-tab tabs: ... Regards, Rolandas P.S. We cannot remove vnets-tab.js from list, because some functions are used inside others tabs (templates-tab.js). If we want hide it we can leave vnets-tab.js inside *.yaml, but remove parent infra-tab.js. On 2013-05-23 13:05, Daniel Molina wrote: On 23 May 2013 11:39, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: On 2013-05-23 12:25, Daniel Molina wrote: On 23 May 2013 10:42, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: I'm trying to customize sunstone 4.0. I created mini.yaml with copy of a user.yaml. I want to put some tabs (like vms, templates, images, files) on top level and I don't find easy way to do that. My attempt to copy vms-tab.js to vms2-tab.js (templates-tab - templates2-tab, images-tab - images2-tab also) and comment parentTab and tabClass properties works partially (sunstone starts to misbehavior - most buttons don't click anymore). Note that if you change the file name you will have to change the following lines in the code 8--- Sunstone.addMainTab('**templates-tab',templates_tab); div class=six columns' + insert_permissions_table('** templates-tab', Sunstone.popUpInfoPanel(**template_info_panel, templates-tab); var tab_name = 'templates-tab'; 8--- I did sed 's/templates-tab/templates2-**tab/g' templates2-tab.js already after copying templates-tab.js to templates2-tab.js. Please check if there is any error in the browser console. I have just tested it and it works for me, but you have to also change this line in config-tab.js config-tab.js: var enabled = config['view']['tabs']['templates-tab']['template_creation_tabs'][template_tab_name]; Changing file names of existing tabs is not recommended, unless you want to go all over the code changing the references to these files. Hope hits helps Regards, Rolandas Regards, Rolandas P.S. In mean time I found a mistake in default admin.yaml - VM.livemigrate should be VM.migrate_live. Thank you, http://dev.opennebula.org/**issues/2079http://dev.opennebula.org/issues/2079 Cheers ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] 4.0.1 still not yet ready for upgrade from 3.8.x
On 2013-05-22 13:32, Daniel Molina wrote: Hi Rolandas, On 22 May 2013 07:46, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: Probably we forgot to solve http://dev.opennebula.org/**issues/2011http://dev.opennebula.org/issues/2011 . This is very user visible bug making very difficult to put it into production. First of all, sorry for the inconveniences caused. We wanted to release a maintenance release fixing the critical bugs in one-4.0 ASAP, and we decided to postpone this bug for the next release since it requires to define a fixed width for each column and include a tooltip to show the hidden text, and of course test it all over the sunstone view. As a workaround you can apply the following patch that will fix the problem in the settings dialog and in most of the sunstone tables using custom attrs. https://gist.github.com/dmamolina/adb3cf0b7a436018be06 Tested - it works, but not ideally. Long values are cut and difficult to manage (probably only copy/paste useful). Thanks, Rolandas Hope this helps ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] 4.0.1 still not yet ready for upgrade from 3.8.x
Probably we forgot to solve http://dev.opennebula.org/issues/2011. This is very user visible bug making very difficult to put it into production. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] random GRAPHICS/PASSWD
After yesterday IRC meeting I tried to find a way to generate random GRAPHICS/PASSWD for VM instance and I didn't find. I'm planing to add that in VM hook for CREATE, to make it in deployment file. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] EC2 Auth changes for ldap/external users
--- EC2CloudAuth.rb.orig2013-05-08 18:52:35.0 +0300 +++ EC2CloudAuth.rb 2013-05-17 15:03:00.0 +0300 @@ -15,9 +15,16 @@ #--- # module EC2CloudAuth +# Gets the password associated with a username +# username:: _String_ the username +# [return] _Hash_ with the username +def get_password2(username) + retrieve_from_userpool(USER[NAME=\#{username}\]/TEMPLATE/EC2_SECRET_KEY) +end def do_auth(env, params={}) username = params['AWSAccessKeyId'] one_pass = get_password(username, 'core|public') +one_pass = get_password2(username) unless one_pass return nil unless one_pass signature = case params['SignatureVersion'] ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] EC2 Auth changes for ldap/external users
Created http://dev.opennebula.org/issues/2066 with even smaller patch and idea to make it work also for OCCI. We need decide on attribute name. Regards, Rolandas Naujikas On 2013-05-17 15:30, Rolandas Naujikas wrote: --- EC2CloudAuth.rb.orig2013-05-08 18:52:35.0 +0300 +++ EC2CloudAuth.rb 2013-05-17 15:03:00.0 +0300 @@ -15,9 +15,16 @@ #--- # module EC2CloudAuth +# Gets the password associated with a username +# username:: _String_ the username +# [return] _Hash_ with the username +def get_password2(username) + retrieve_from_userpool(USER[NAME=\#{username}\]/TEMPLATE/EC2_SECRET_KEY) +end def do_auth(env, params={}) username = params['AWSAccessKeyId'] one_pass = get_password(username, 'core|public') +one_pass = get_password2(username) unless one_pass return nil unless one_pass signature = case params['SignatureVersion'] ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] random GRAPHICS/PASSWD
On 2013-05-17 22:09, Ruben S. Montero wrote: Probably this could be part of the VM token generation for the VM server (the gate for the VMs to oned). For example: GRAPHICS=[ PASSWORD=auto,...] The above attribute will generate the tokens and add it to the password field... Do we need it to be random (the VNC password)? Could be it part of the user credentials for other services as in http://dev.opennebula.org/issues/2066? I would not trust users here, because mostly this password will be used only to access with noVNC. Better to have random password per instance as I did already in occi/ec2 templates with erb/ruby code: small.erb/m1.small.erb: ... GRAPHICS=[ TYPE=vnc, PASSWD=%= rand(36**16).to_s(36) % ] ... Regards, Rolandas Naujikas We could have in the user template: EC2_SECRET= EC2_KEY= VNC_PASSWORD= On Fri, May 17, 2013 at 10:18 AM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: After yesterday IRC meeting I tried to find a way to generate random GRAPHICS/PASSWD for VM instance and I didn't find. I'm planing to add that in VM hook for CREATE, to make it in deployment file. Regards, Rolandas __**_ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/**listinfo.cgi/users-opennebula.**orghttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Problem accesss sunstone server from another computer (Users Digest, Vol 63, Issue 56)
On 2013-05-15 18:50, ahernan...@tesla.cujae.edu.cu wrote: Hi people. I check that the problem accesss sunstone server from another computer in OpenNebula 3.8.3 and 4.0. When I access to Sunstone interface fron another computer and clic in one option, I return to login. I can confirm also. It looks something related with cookies and http://dev.opennebula.org/issues/2034 I cannot use the same browser to use sunstone on production opennebula 3.8.3 and testing opennebula 4.0.0 or have open different tabs with different user logged on sunstone. Regards, Rolandas Any Ideas? 48 Aniversario de la Cujae, Una obra de la Revolucion Cubana | 2 de diciembre de 1964 | http://cujae.edu.cu Consulte la enciclopedia colaborativa cubana. http://www.ecured.cu ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] sunstone problems in opennebula 4.0.0
On 2013-05-09 18:09, Daniel Molina wrote: Hi Rolandas, On 9 May 2013 13:50, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, I found that sunstone VNC console (noVNC) doesn't use secure websockets even if it is configured and an user is configured to use it. With vnc_proxy_support_wss=always it refuses to show, with vnc_proxy_support_wss=yes it uses only unsecured connection. Could you try if this change fixes the problem? diff --git a/src/sunstone/sunstone-server.rb b/src/sunstone/sunstone-server.rb index 4934908..0bb8826 100755 --- a/src/sunstone/sunstone-server.rb +++ b/src/sunstone/sunstone-server.rb @@ -290,7 +290,7 @@ get '/config' do uconf = { :user_config = { :lang = session[:lang], -:wss = session[:wss], +:wss = session[:vnc_wss], }, :system_config = { :marketplace_url = $conf[:marketplace_url], I just checked, but it didn't work. The following patches solved this problem: -- sunstone/sunstone-server.rb.orig2013-05-08 18:52:39.0 +0300 +++ sunstone/sunstone-server.rb 2013-05-10 09:28:30.0 +0300 @@ -290,7 +290,7 @@ get '/config' do uconf = { :user_config = { :lang = session[:lang], -:wss = session[:wss], +:vnc_wss = session[:vnc_wss], }, :system_config = { :marketplace_url = $conf[:marketplace_url], --- sunstone/public/js/plugins/vms-tab.js.orig 2013-05-08 18:52:39.0 +0300 +++ sunstone/public/js/plugins/vms-tab.js 2013-05-10 09:28:41.0 +0300 @@ -2887,7 +2887,7 @@ function setupVNC(){ function vncCallback(request,response){ rfb = new RFB({'target': $D('VNC_canvas'), - 'encrypt': $('#config_table #wss_checkbox').is(':checked'), + 'encrypt': config['user_config']['vnc_wss'] == yes, 'true_color': true, 'local_cursor': true, 'shared': true, Regards, Rolandas Naujikas P.S. Do exists some way to disable all animations in sunstone pages ? They slows down GUI on remote connections (remote desktop or X11) ? I have opened two tickets for the these bugs. Thank you for your great feedback Also there are drawing problems in user configuration window (username - Settings). If an user have some long values (for e.g. ssh keys) in custom attributes there is not enough space to display right buttons and no horizontal scrollbar appears. Also the user custom attributes overlaps with quotas data. http://dev.opennebula.org/issues/2011 Default value for logo: ../images/opennebula-sunstone-__v4.0.png in sunstone-views.yaml doesn't honor reverse proxies. If I correct it to logo: images/opennebula-sunstone-v4.__0.png it looks correctly. http://dev.opennebula.org/issues/2012 Cheers -- Daniel Molina ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] user change password sunstone UI
Hi, There is a problem with change password functionality in all opennebula distributions. Change password UI should include two password fields and should compare them before applying to make mistakes more difficult to do. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] sunstone problems in opennebula 4.0.0
On 2013-05-10 12:18, Daniel Molina wrote: On 10 May 2013 08:34, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: On 2013-05-09 18:09, Daniel Molina wrote: Hi Rolandas, On 9 May 2013 13:50, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt mailto:rolandas.naujikas@mif.__vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, I found that sunstone VNC console (noVNC) doesn't use secure websockets even if it is configured and an user is configured to use it. With vnc_proxy_support_wss=always it refuses to show, with vnc_proxy_support_wss=yes it uses only unsecured connection. Could you try if this change fixes the problem? diff --git a/src/sunstone/sunstone-__server.rb b/src/sunstone/sunstone-__server.rb index 4934908..0bb8826 100755 --- a/src/sunstone/sunstone-__server.rb +++ b/src/sunstone/sunstone-__server.rb @@ -290,7 +290,7 @@ get '/config' do uconf = { :user_config = { :lang = session[:lang], -:wss = session[:wss], +:wss = session[:vnc_wss], }, :system_config = { :marketplace_url = $conf[:marketplace_url], I just checked, but it didn't work. The following patches solved this problem: -- sunstone/sunstone-server.rb.__orig2013-05-08 18:52:39.0 +0300 +++ sunstone/sunstone-server.rb 2013-05-10 09:28:30.0 +0300 @@ -290,7 +290,7 @@ get '/config' do uconf = { :user_config = { :lang = session[:lang], -:wss = session[:wss], +:vnc_wss = session[:vnc_wss], }, :system_config = { :marketplace_url = $conf[:marketplace_url], --- sunstone/public/js/plugins/__vms-tab.js.orig 2013-05-08 18:52:39.0 +0300 +++ sunstone/public/js/plugins/__vms-tab.js 2013-05-10 09:28:41.0 +0300 @@ -2887,7 +2887,7 @@ function setupVNC(){ function vncCallback(request,response){ rfb = new RFB({'target': $D('VNC_canvas'), - 'encrypt': $('#config_table #wss_checkbox').is(':checked')__, + 'encrypt': config['user_config']['vnc___wss'] == yes, 'true_color': true, 'local_cursor': true, 'shared': true, Thank you for the patch, I have included it in the ticket: http://dev.opennebula.org/issues/2013 Regards, Rolandas Naujikas P.S. Do exists some way to disable all animations in sunstone pages ? They slows down GUI on remote connections (remote desktop or X11) ? What kind of animations do you mean? For e.g. username - Settings - a window is going from up to down. Also for VNC console or to create any object. It's my preference, I want instant rendering and I don't like if something slows me down. Regards, Rolandas Naujikas Cheers -- Join us at OpenNebulaConf2013 http://opennebulaconf.com/ in Berlin, 24-26 September, 2013 -- Daniel Molina Project Engineer OpenNebula - The Open Source Solution for Data Center Virtualization www.OpenNebula.org http://www.OpenNebula.org | dmol...@opennebula.org mailto:dmol...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] user change password sunstone UI
On 2013-05-10 12:25, Daniel Molina wrote: Hi, On 10 May 2013 08:59, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, There is a problem with change password functionality in all opennebula distributions. Change password UI should include two password fields and should compare them before applying to make mistakes more difficult to do. Could you please open a feature request in our dev page so we can consider it for the next release. It's better to report this kind of features there so we do not lose them in the list. http://dev.opennebula.org/issues/2017 FYI, we have updated the way we handle feature request http://opennebula.org/community:contribute#how_do_i_make_a_feature_request We are scheduling an irc session for next week to discuss the requests for new features and for extending existing features Thank you -- Join us at OpenNebulaConf2013 http://opennebulaconf.com/ in Berlin, 24-26 September, 2013 -- Daniel Molina Project Engineer OpenNebula - The Open Source Solution for Data Center Virtualization www.OpenNebula.org http://www.OpenNebula.org | dmol...@opennebula.org mailto:dmol...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] sunstone problems in opennebula 4.0.0
On 2013-05-10 12:36, Daniel Molina wrote: On 10 May 2013 11:23, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: On 2013-05-10 12:18, Daniel Molina wrote: On 10 May 2013 08:34, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt mailto:rolandas.naujikas@mif.__vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: On 2013-05-09 18:09, Daniel Molina wrote: Hi Rolandas, On 9 May 2013 13:50, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt mailto:rolandas.naujikas@mif.__vu.lt mailto:rolandas.nauji...@mif.vu.lt mailto:rolandas.naujikas@mif. mailto:rolandas.naujikas@mif.vu.lt http://vu.lt mailto:rolandas.naujikas@mif.__vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, I found that sunstone VNC console (noVNC) doesn't use secure websockets even if it is configured and an user is configured to use it. With vnc_proxy_support_wss=always it refuses to show, with vnc_proxy_support_wss=yes it uses only unsecured connection. Could you try if this change fixes the problem? diff --git a/src/sunstone/sunstone-server.rb b/src/sunstone/sunstone-server.rb index 4934908..0bb8826 100755 --- a/src/sunstone/sunstone-server.rb +++ b/src/sunstone/sunstone-server.rb @@ -290,7 +290,7 @@ get '/config' do uconf = { :user_config = { :lang = session[:lang], -:wss = session[:wss], +:wss = session[:vnc_wss], }, :system_config = { :marketplace_url = $conf[:marketplace_url], I just checked, but it didn't work. The following patches solved this problem: -- sunstone/sunstone-server.rb.orig2013-05-08 18:52:39.0 +0300 +++ sunstone/sunstone-server.rb 2013-05-10 09:28:30.0 +0300 @@ -290,7 +290,7 @@ get '/config' do uconf = { :user_config = { :lang = session[:lang], -:wss = session[:wss], +:vnc_wss = session[:vnc_wss], }, :system_config = { :marketplace_url = $conf[:marketplace_url], --- sunstone/public/js/plugins/vms-tab.js.orig 2013-05-08 18:52:39.0 +0300 +++ sunstone/public/js/plugins/vms-tab.js 2013-05-10 09:28:41.0 +0300 @@ -2887,7 +2887,7 @@ function setupVNC(){ function vncCallback(request,response){ rfb = new RFB({'target': $D('VNC_canvas'), - 'encrypt': $('#config_table #wss_checkbox').is(':checked'), + 'encrypt': config['user_config']['vnc_wss'] == yes, 'true_color': true, 'local_cursor': true, 'shared': true, Thank you for the patch, I have included it in the ticket: http://dev.opennebula.org/__issues/2013 http://dev.opennebula.org/issues/2013 Regards, Rolandas Naujikas P.S. Do exists some way to disable all animations in sunstone pages ? They slows down GUI on remote connections (remote desktop or X11) ? What kind of animations do you mean? For e.g. username - Settings - a window is going from up to down. Also for VNC console or to create any object. It's my preference, I want instant rendering and I don't like if something slows me down. You can modify the default value for reveal animation parameter, which is the modal handler diff --git a/src/sunstone/public/vendor/4.0/foundation/jquery.foundation.reveal.js b/src/sunstone/public/vendor/4.0/foundation/jquery.foundation index 4972931..ae63a52 100644 --- a/src/sunstone/public/vendor/4.0/foundation/jquery.foundation.reveal.js +++ b/src/sunstone/public/vendor/4.0/foundation/jquery.foundation.reveal.js @@ -54,7 +54,7 @@ * @type {String} * @default fadeAndPop */ - animation: 'fadeAndPop', + animation: 'none', /** * Speed at which the reveal
[one-users] sunstone problems in opennebula 4.0.0
Hi, I found that sunstone VNC console (noVNC) doesn't use secure websockets even if it is configured and an user is configured to use it. With vnc_proxy_support_wss=always it refuses to show, with vnc_proxy_support_wss=yes it uses only unsecured connection. Also there are drawing problems in user configuration window (username - Settings). If an user have some long values (for e.g. ssh keys) in custom attributes there is not enough space to display right buttons and no horizontal scrollbar appears. Also the user custom attributes overlaps with quotas data. Default value for logo: ../images/opennebula-sunstone-v4.0.png in sunstone-views.yaml doesn't honor reverse proxies. If I correct it to logo: images/opennebula-sunstone-v4.0.png it looks correctly. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] bug in context variables
Hi, I just found, that if context.sh variables contains character $ in value, then it is interpreted as variable name. As a workaround (partial) I put sed -e s/=\/='/ -e s/\$/'/ /mnt/context.sh /tmp/context.sh . /tmp/context.sh rm /tmp/context.sh into my init.sh. Probably it would be better to escape $ and other characters in values or put values to single quotes (what makes difficult to pass single quotes itself in values also). Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Bringing best of NFS and LVM together in OpenNebula
On 2013-02-14 13:15, Javier Fontan wrote: Get information from the experience of Maxence Dunnewind configuring storage in this technical blog post. http://blog.opennebula.org/?p=4002 So you are reusing my lvm2shared TM driver ?! Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Unable to login to Sunstone/OCCI via LDAP (Users Digest, Vol 60, Issue 16)
On 2013-02-11 16:13, Daniel Molina wrote: Hi Rolandas, On 7 February 2013 07:28, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: We made Opennebula (3.8.3) Self Service portal (OCCI web UI) to work with LDAP authentication by using this patch: sed -i 's/CryptoJS.SHA1(password)/password/' /(location of depends on installation)/occi/ui/public/js/login.js and putting :auth: occi to occi-server.conf If you set :auth: occi, the authentication method will compare the password provided by the user and the one stored in OpenNebula (OCCICloudAuth.rb) but LDAP will not be used. Instead you have to set :auth: opennebula (OpenNebulaCloudAuth.rb) [1] and change the auth driver for that user 'oneuser chauth ... to use LDAP, or set LDAP as default for new users [2] Yes, I shown wrong configuration file content from our system. Really we are using :auth: opennebula (in occi-server.conf) and it works in opennebula self service portal with LDAP authentication in our environment (with the patch in login.js). Regards, Rolandas Naujikas [1] http://opennebula.org/documentation:rel3.8:sunstone#authentication_methods [2] http://opennebula.org/documentation:rel3.8:ldap#configuration Cheers That is because OCCI transfers SHA1 hashed password to occi-server and it could not do LDAP bind with it (exept if your LDAP contains clear text passwords or SHA1 hash). With this patch clear password is transported to occi-server and it could do LDAP bind against LDAP users. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Fw: Deploying PHP web application in OpenNebula
Hi, We are using puppet for deploying services in opennebula VM. We need only put into context of VM template FILES=http://grid5.mif.vu.lt/mif/puppet/init.sh; and PUPPET_PRIVATE_KEY=... and by creating VM in opennebula services configures itself automaticly on first launch. Regards, Rolandas Naujikas P.S. FILES parameter works only for users in oneadmin group. On 2013-02-11 15:51, Carlos Mart?n S?nchez wrote: Hi, Virtual Machines are black boxes to OpenNebula, but if you need a tighter integration you can use contextualization [1] or the AppStage component [2] to customize and automate different deployment configurations. Regards [1] http://opennebula.org/documentation:rel3.8:context_overview [2] http://docs.opennebula.pro/appstage -- Carlos Mart?n, MSc Project Engineer OpenNebula - The Open-source Solution for Data Center Virtualization www.OpenNebula.org | cmar...@opennebula.org | @OpenNebulahttp://twitter.com/opennebulacmar...@opennebula.org On Thu, Feb 7, 2013 at 4:42 PM, SIDHARTHA sidhartha_karyamp...@rediffmail.com wrote: Hi, This is K. R. K. Sidhartha, studying *final year* BTech, Computer Science Engineering, My friends I opted *Deploying a Web Application in OpenNebula cloud* as our final year project. Till now we installed OpenNebula cloud and sunstone server too. Now we want to know how to deploy the *PHP based Web Application* in it. I have already requested about this for *users@lists.opennebula.org*, someone instructed me that this OpenNebula is to deploy only the virtual servers and nothing related to applications. Try *OpenNebula Apps* to deploy web applications. So, Please let us know the *procedure for deployment using OpenNebula Apps *. If possible any other procedures also welcomed... Please let us know as soon as possible because our project final submission date is on March 31st. Thanking you, K. RAMA KRISHNA SIDHARTHA http://sigads.rediff.com/RealMedia/ads/click_nx.ads/www.rediffmail.com/signatureline.htm@Middle? Catch India as it happens with the *Rediff News App*. To download it for FREE, click herehttp://track.rediff.com/click?url=___http://www.rediff.com/newsapp___lnk=signaturenewservice=newsapp ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org http://sigads.rediff.com/RealMedia/ads/click_nx.ads/www.rediffmail.com/signatureline.htm@Middle? Catch India as it happens with the *Rediff News App*. To download it for FREE, click herehttp://track.rediff.com/click?url=___http://www.rediff.com/newsapp___lnk=signaturenewservice=newsapp ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- next part -- An HTML attachment was scrubbed... URL: http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130211/de75173d/attachment-0001.htm ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Unable to login to Sunstone/OCCI via LDAP (Users Digest, Vol 60, Issue 16)
Hi, We made Opennebula (3.8.3) Self Service portal (OCCI web UI) to work with LDAP authentication by using this patch: sed -i 's/CryptoJS.SHA1(password)/password/' /(location of depends on installation)/occi/ui/public/js/login.js and putting :auth: occi to occi-server.conf That is because OCCI transfers SHA1 hashed password to occi-server and it could not do LDAP bind with it (exept if your LDAP contains clear text passwords or SHA1 hash). With this patch clear password is transported to occi-server and it could do LDAP bind against LDAP users. Regards, Rolandas Naujikas P.S. We are using https reverse proxy also. On 2013-02-06 15:15, Vassilis Vatikiotis wrote: Hello all, I'm trying to enable the LDAP auth method so my users can login to OCCI web UI and although I've followed the steps from the docs in ONE site so far I haven;t managed it. The /etc/one/oned.conf AUTH_MAD section is: AUTH_MAD = [ executable = one_auth_mad, authn = ssh,x509,ldap,default,server_cipher,server_x509 ] The /etc/one/auth/ldap_auth.conf is: server 1: :user: 'cn=xxx,ou=,dc=xxx,dc=xxx,dc=xxx' :password: '' :auth_method: :simple :host: 'ldap.xxx.xxx.xxx' :port: 389 :base: 'ou=xxx,dc=xxx,dc=xxx,dc=xxx' :user_field: 'uid' :order: - server 1 The above ldap setting work as I've tested them inside irb, using the ruby class defined in /etc/lib/one/ruby/ldap_auth.rb. I can search my LDAP database and get results I've also copied the ldap directory to a default one, like, $ cp -R /var/lib/one/remotes/auth/ldap /var/lib/one/remotes/auth/default What puzzles me is that whenever I try to login to OCCI (or sunstone) I cannot see any auth related queries in /var/log/one/oned.log. It's as if the ldap and default settings in authn of AUTH_MAD are completly ignored. At the same time, no queries are performed in the LDAP backend. I haven't done the last step where a $HOME/.one/one_auth file containing a user_dn:password entry cause I'm unsure of what it means. Any ideas? ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] problems with images in 3.8.3
Hi, I got several times my images have been left in USED state, when I executed CANCEL on RUNNING VM. In oned.conf there is DATASTORE_LOCATION=/scratch/lustre/one/lxibm100 In frontend there is a symlink ~/var/datastores - /scratch/lustre/one/lxibm100 /scratch/lustre is a lustre file system. The problem appears on both fs datastores with raw and qcow2 images. Regards, Rolandas Naujikas P.S. Installation is done from opennebula-3.8.3 sources in Debian 6.0 with mysql DB backend. On 2013-01-25 13:11, Carlos Martín Sánchez wrote: Hi, I don't see how the links could have anything to do with it. Maybe it was some other ting and the restart solved it... Did anything else change? Are you using the same commands, from the same VM state? onevm delete, cancel and shutdown trigger different code in oned. Regards -- Carlos Martín, MSc Project Engineer OpenNebula - The Open-source Solution for Data Center Virtualization www.OpenNebula.org http://www.OpenNebula.org | cmar...@opennebula.org mailto:cmar...@opennebula.org | @OpenNebula http://twitter.com/opennebulamailto:cmar...@opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] problems with images in 3.8.3
Hi, I just tested with changed configuration. I put DATASTORE_LOCATION=/real_path_to_datastores and I don't see any problems with images (references counting and in memory name cache) for the moment. Do symlinks in virtualisation hosts to datastores location could lead to that ? I saw that in very old messages in users@lists.opennebula.org. There are no text about symlinks in opennebula datastore documentation. Regards, Rolandas Naujikas P.S. My previous layout was (- - means symlink): ~oneadmin/var/datastores/100 - /lustre/one/datastores/100 ~oneadmin/var/datastores/101 - /lustre/one/datastores/101 in hosts and frontend. New layout is: ~oneadmin/var/datastores - /lustre/one/datastores DATASTORE_LOCATION=/lustre/one/datastores where /lustre/one/datastores is real location of files. On 2013-01-22 17:05, Carlos Martín Sánchez wrote: Hi Rolandas, I've tried to reproduce the bug following your steps, but there must be something else that is triggering it. These are the exact commands I have executed, could you please check if I missed something? $ oneuser list ID NAMEGROUP AUTH VMSMEMORY CPU 0 oneadminoneadmin core - - - 1 serveradmin oneadmin server_c - - - 2 a oneadmin core - - - $ oneimage list ID USER GROUP NAMEDATASTORE SIZE TYPE PER STAT RVMS 0 a oneadmin os default 1M OSNo used1 $ onevm list ID USER GROUPNAMESTAT UCPUUMEM HOST TIME 0 aoneadmin one-0 runn0 0K localhost 0d 00h00 $ onevm saveas 0 0 img_saveas $ onevm cancel 0 $ oneimage chown img_saveas oneadmin $ oneimage list ID USER GROUP NAMEDATASTORE SIZE TYPE PER STAT RVMS 0 a oneadmin os default 1M OSNo rdy 0 1 oneadmin oneadmin img_saveas default 1M OSNo rdy 0 $ oneimage delete img_saveas $ onetemplate instantiate 0 $ onevm list ID USER GROUPNAMESTAT UCPUUMEM HOST TIME 1 aoneadmin one-1 runn0 0K localhost 0d 00h00 $ onevm saveas 1 0 img_saveas $ onevm cancel 1 $ oneimage list ID USER GROUP NAMEDATASTORE SIZE TYPE PER STAT RVMS 0 a oneadmin os default 1M OSNo rdy 0 2 a oneadmin img_saveas default 1M OSNo rdy 0 $ oneimage chown img_saveas oneadmin $ oneimage list ID USER GROUP NAMEDATASTORE SIZE TYPE PER STAT RVMS 0 a oneadmin os default 1M OSNo rdy 0 2 oneadmin oneadmin img_saveas default 1M OSNo rdy 0 And the templates: $ onetemplate show 0 TEMPLATE 0 INFORMATION ID : 0 NAME : template-0 USER : a GROUP : oneadmin REGISTER TIME : 01/22 15:44:24 PERMISSIONS OWNER : um- GROUP : --- OTHER : --- TEMPLATE CONTENTS CPU=1 DISK=[ IMAGE=os ] MEMORY=128 TEMPLATE_ID=0 $ oneimage show 0 IMAGE 0 INFORMATION ID : 0 NAME : os USER : a GROUP : oneadmin DATASTORE : default TYPE : OS REGISTER TIME : 01/22 15:44:12 PERSISTENT : No SOURCE : /var/lib/one/datastores/1/4be57b711606b657765d2c677fdf1767 PATH : /etc/hosts SIZE : 1M STATE : rdy RUNNING_VMS: 0 PERMISSIONS OWNER : um- GROUP : --- OTHER : --- IMAGE TEMPLATE DEV_PREFIX=hd Regards -- Carlos Martín, MSc Project Engineer OpenNebula - The Open-source Solution for Data Center Virtualization www.OpenNebula.org http://www.OpenNebula.org | cmar...@opennebula.org mailto:cmar...@opennebula.org | @OpenNebula http://twitter.com/opennebulamailto:cmar...@opennebula.org On Tue, Jan 22, 2013 at 11:09 AM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: On 2013-01-22 09:58, Rolandas Naujikas wrote: Hi, I see that bug http://dev.opennebula.org/__issues/1087 http://dev.opennebula.org/issues/1087 reappeared in 3.8.3. The sequence to repeat is: 1) create an image as save from VM (as an user in oneadmin group); 2) change owner to oneadmin; 3) delete image; 4) repeat (1) and (2) will fail saying [ImageChown] USER [0] already owns IMAGE [N] with NAME XXX, where N - is id of already deleted image. Restart of one solves temporary problem. Also I saw several times that images were in use by nonexistent VM. onedb fsck will complain and correct that. At least I can confirm it with cancel action on VM. Regards
[one-users] hotplug attach disk cache mode for kvm
Hi, I'm testing disks hotplug for kvm VMs and I found that there are no way to setup cache mode for such disks. I tried to put CACHE=none to image template, but it is not used in attach_disk (tested with rm -f $ATTACH_FILE commented out). We have CACHE=none default in vmm_exec_kvm.conf, because for virtio disks it is fast. CACHE=default is about one order slower. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] the problem of the CPU in the virtual machine's template (Users Digest, Vol 59, Issue 76)
On 2013-01-24 05:52, cmcc.dylan wrote: what's more, libvirt cann't see the CPU parameter! sou i think CPU is only used for overcommiting in opennebula level. In Xen/KVM it is passed to Xen credit scheduler or KVM cgroup configuration for minimal CPU share. So if you put CPU=0.25,VCPU=1, then 1 KVM thread will use 1 host CPU, until host becomes too busy, then it tries to schedule at least 0.25 of 1 host CPU (core) time. Regards, Rolandas Naujikas At 2013-01-24 11:42:31,cmcc.dylan dx10ye...@126.com wrote: if VCPU=4, i think the host will fork 4 process on behalf of this vm, because i see it is so implemented in the qemu code. I am very confused about this part of opennebula! At 2013-01-24 11:31:34,Steven C Timm t...@fnal.gov wrote: VCPU is the parameter that controls how many cores appear internally in the virtual machine. I. e. if you have VCPU=4 Your VM will have 4 cores, but there will still only be one kvm process as seen in the hypervisor that corresponds to it. In a typical KVM setup it is possible to allocate more VCPU per VM host than the VM host has real cores. I am not exactly sure what CPU does, but it does affect the FCPU and ACPU as seen in the onehost list output. Steve Timm From:users-boun...@lists.opennebula.org [mailto:users-boun...@lists.opennebula.org] On Behalf Of cmcc.dylan Sent: Wednesday, January 23, 2013 9:26 PM To:users@lists.opennebula.org Subject: [one-users] the problem of the CPU in the virtual machine's template Hi, everyone! I have a doubt what's the accurately means of CPU in the vm's template. For a example, if we define a vm which has CPU=1 and VCPU = 4. In this condition , what's result in the host os? Does the host os fork 4 process on behalf of this vm and does the 4 process get 4 cores if the host's scheduler allows that. I want to know the differences between CPU=4,VCPU=4 and CPU=1,VCPU=4. -- next part -- An HTML attachment was scrubbed... URL: http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130124/ac145e09/attachment.htm ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] one-context package in debian is not working
Hi, I installed one-context in debian 6.0 VM to create master image. But really if I install it in debian-installer (in autoseed configuration file), then symlink is created in /, because runlevel is not defined. If I try to use correct symlink (ln -sf ../init.d/vmcontext /etc/rc2.d/S99vmcontext) it is not executed, because Debian usually use dependency based init. The correct way to install startup scripts is to put correct information in LSB part of vmcontext and use update-rc.d. Default-Stop should have no values, because vmcontext doesn't handle stop requests. Default-Start should have 2 3 4 5 (or even S 2 3 4 5). In postinstall script there should be update-rc.d vmcontext start 99 2 3 4 5 . 99 - is not used, because the order depends on other LSB parameters in vmcontext. Regards, Rolandas Naujikas P.S. Additionally I found that if I put empty line into /etc/udev/rules.d/75-persistent-net-generator.rules and /etc/udev/rules.d/75-cd-aliases-generator.rules there will not be warning/error message in startup about can no read ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] one-context package in debian is not working
On 2013-01-22 10:53, Tobias Honacker wrote: try using /sbin/insserv -d vmcontext Debian packages use update-rc.d to create/remove startup symlinks in postinstall/postremove scripts. I'm not sure, but it is probably in Debian packages policy documents. Regards, Rolandas Naujikas Am 22.01.2013 09:26, schrieb Rolandas Naujikas: Hi, I installed one-context in debian 6.0 VM to create master image. But really if I install it in debian-installer (in autoseed configuration file), then symlink is created in /, because runlevel is not defined. If I try to use correct symlink (ln -sf ../init.d/vmcontext /etc/rc2.d/S99vmcontext) it is not executed, because Debian usually use dependency based init. The correct way to install startup scripts is to put correct information in LSB part of vmcontext and use update-rc.d. Default-Stop should have no values, because vmcontext doesn't handle stop requests. Default-Start should have 2 3 4 5 (or even S 2 3 4 5). In postinstall script there should be update-rc.d vmcontext start 99 2 3 4 5 . 99 - is not used, because the order depends on other LSB parameters in vmcontext. Regards, Rolandas Naujikas P.S. Additionally I found that if I put empty line into /etc/udev/rules.d/75-persistent-net-generator.rules and /etc/udev/rules.d/75-cd-aliases-generator.rules there will not be warning/error message in startup about can no read ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] one-context package in debian is not working
On 2013-01-22 11:09, Tobias Honacker wrote: http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot maybe this will help you out. update-rc.d is outdated. It is in contradiction with Debian 6.0 packages. Most of them (at least in base) are using update-rc.d and no of them insserv. Probably that will change in Debian 7.0. Regards, Rolandas Naujikas Am 22.01.2013 10:05, schrieb Rolandas Naujikas: On 2013-01-22 10:53, Tobias Honacker wrote: try using /sbin/insserv -d vmcontext Debian packages use update-rc.d to create/remove startup symlinks in postinstall/postremove scripts. I'm not sure, but it is probably in Debian packages policy documents. Regards, Rolandas Naujikas Am 22.01.2013 09:26, schrieb Rolandas Naujikas: Hi, I installed one-context in debian 6.0 VM to create master image. But really if I install it in debian-installer (in autoseed configuration file), then symlink is created in /, because runlevel is not defined. If I try to use correct symlink (ln -sf ../init.d/vmcontext /etc/rc2.d/S99vmcontext) it is not executed, because Debian usually use dependency based init. The correct way to install startup scripts is to put correct information in LSB part of vmcontext and use update-rc.d. Default-Stop should have no values, because vmcontext doesn't handle stop requests. Default-Start should have 2 3 4 5 (or even S 2 3 4 5). In postinstall script there should be update-rc.d vmcontext start 99 2 3 4 5 . 99 - is not used, because the order depends on other LSB parameters in vmcontext. Regards, Rolandas Naujikas P.S. Additionally I found that if I put empty line into /etc/udev/rules.d/75-persistent-net-generator.rules and /etc/udev/rules.d/75-cd-aliases-generator.rules there will not be warning/error message in startup about can no read ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] problems with images in 3.8.3
On 2013-01-22 09:58, Rolandas Naujikas wrote: Hi, I see that bug http://dev.opennebula.org/issues/1087 reappeared in 3.8.3. The sequence to repeat is: 1) create an image as save from VM (as an user in oneadmin group); 2) change owner to oneadmin; 3) delete image; 4) repeat (1) and (2) will fail saying [ImageChown] USER [0] already owns IMAGE [N] with NAME XXX, where N - is id of already deleted image. Restart of one solves temporary problem. Also I saw several times that images were in use by nonexistent VM. onedb fsck will complain and correct that. At least I can confirm it with cancel action on VM. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] vmcontext in one-context never executes init.sh from context iso
Hi, Because all files in context iso are not executable, then /mnt/init.sh line is never executed in /etc/init.d/vmcontext. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] vmcontext in one-context never executes init.sh from context iso
On 2013-01-22 14:10, Valentin Bud wrote: On Tue, Jan 22, 2013 at 1:48 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, Because all files in context iso are not executable, then /mnt/init.sh line is never executed in /etc/init.d/vmcontext. Regards, Rolandas Naujikas _ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org Hello World, A fix could be to run the script using bash /mnt/init.sh. Do you people think that could lead to problems? As far as I know Bash is present in all Linux distribution OpenNebula runs on. Better would be sh, because it is lighter (in Debian at least). Rolandas Regards, Valentin Bud ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] vmcontext in one-context never executes init.sh from context iso
On 2013-01-22 14:13, Rolandas Naujikas wrote: On 2013-01-22 14:10, Valentin Bud wrote: On Tue, Jan 22, 2013 at 1:48 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, Because all files in context iso are not executable, then /mnt/init.sh line is never executed in /etc/init.d/vmcontext. Regards, Rolandas Naujikas _ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org Hello World, A fix could be to run the script using bash /mnt/init.sh. Do you people think that could lead to problems? As far as I know Bash is present in all Linux distribution OpenNebula runs on. Better would be sh, because it is lighter (in Debian at least). I think better solution would be exec_and_log chmod +x $ISO_DIR/* chmod +x error in every remotes/tm/*/context script just before creating iso image. Regards, Rolandas Naujikas Rolandas Regards, Valentin Bud ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] problems with images in 3.8.3
Hi, I see that bug http://dev.opennebula.org/issues/1087 reappeared in 3.8.3. The sequence to repeat is: 1) create an image as save from VM (as an user in oneadmin group); 2) change owner to oneadmin; 3) delete image; 4) repeat (1) and (2) will fail saying [ImageChown] USER [0] already owns IMAGE [N] with NAME XXX, where N - is id of already deleted image. Restart of one solves temporary problem. Also I saw several times that images were in use by nonexistent VM. onedb fsck will complain and correct that. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] IP reservations in virtual networks
Hi, I found working (ugly) workaround - create two virtual networks with same IP addresses. Put router IP on hold on user accessible vnet and use another vnet for router. That works for ebtables, but for openvswitch that will require VLAN_ID sharing. Also default ACL (rule 0) allows users to create virtual networks, what will allow access other users virtual networks by guessing IP addresses, VLAN_ID and bridge names. Regards, Rolandas On 2013-01-16 21:11, Rolandas Naujikas wrote: On 2013-01-16 19:35, Ruben S. Montero wrote: Hi Something we've done in the past for some setups is to create vnets for specific users. The network has an initial set of pre-assigned IP's that can be used only by the vnet owner. An external provisioning program adds/deletes leases to the user network, when needed (e.g. run out of IP's...). Maybe an approach similar to that one is useful for your use-case. Virtual router (from opennebula marketplace) expects private network interface on ranged virtual network and current implementation doesn't work with this approach. Regards, Rolandas P.S. Currently I have to create our own clean installation of virtual router to workaround opennebula limitations or to introduce changes in /usr/share/opennebula/init.rb in virtual router of opennebula. P.S. Also there I want to have multiple FORWARDING rules to map access for e.g. to ssh port on every IP in virtual network (like 22000+ip.4 on router redirected to ip:22, where ip.4 is the last component of ip). Cheers Ruben On Wed, Jan 16, 2013 at 4:22 PM, Carlos Martín Sánchez cmar...@opennebula.org mailto:cmar...@opennebula.org wrote: Hi, VNet hold/release is not meant for your use case, it was implemented to hold IPs that may be temporarily used by a physical host, or some machines not managed by OpenNebula. Maybe you could put your VM in the hold state [1], that will take the vnet lease, and you can later release the VM to be deployed. Regards [1] http://opennebula.org/documentation:rel3.8:vm_guide_2#life-cycle_operations -- Carlos Martín, MSc Project Engineer OpenNebula - The Open-source Solution for Data Center Virtualization www.OpenNebula.org http://www.OpenNebula.org | cmar...@opennebula.org mailto:cmar...@opennebula.org | @OpenNebula http://twitter.com/opennebulamailto:cmar...@opennebula.org On Wed, Jan 16, 2013 at 2:47 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, When trying to configure virtual router VM I got into a problem. I want to configure its private IP fixed to some low IP (e.g. 10.1.1.1). I'm creating virtual (isolated) network X, where I defines IP_START=10.1.1.3, IP_END=10.1.1.254, but opennebula doesn't allow instantiate a VM with NIC=[IP=10.1.1.1,NETWORK=X], because 10.1.1.1 is not in range IP_START to IP_END. If I put IP_START=10.1.1.1 to X, then some other user VM could take this IP. If I put 10.1.1.1 on hold (onevnet hold), then I cannot start VM with this IP until I release it (onevnet release), but there is always some time window when someone from users could take it. It looks like onevnet hold/release is almost useless. Regards, Rolandas _ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Ruben S. Montero, PhD Project co-Lead and Chief Architect OpenNebula - The Open Source Solution for Data Center Virtualization www.OpenNebula.org http://www.OpenNebula.org | rsmont...@opennebula.org mailto:rsmont...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] IP reservations in virtual networks
Hi, When trying to configure virtual router VM I got into a problem. I want to configure its private IP fixed to some low IP (e.g. 10.1.1.1). I'm creating virtual (isolated) network X, where I defines IP_START=10.1.1.3, IP_END=10.1.1.254, but opennebula doesn't allow instantiate a VM with NIC=[IP=10.1.1.1,NETWORK=X], because 10.1.1.1 is not in range IP_START to IP_END. If I put IP_START=10.1.1.1 to X, then some other user VM could take this IP. If I put 10.1.1.1 on hold (onevnet hold), then I cannot start VM with this IP until I release it (onevnet release), but there is always some time window when someone from users could take it. It looks like onevnet hold/release is almost useless. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] IP reservations in virtual networks
On 2013-01-16 19:35, Ruben S. Montero wrote: Hi Something we've done in the past for some setups is to create vnets for specific users. The network has an initial set of pre-assigned IP's that can be used only by the vnet owner. An external provisioning program adds/deletes leases to the user network, when needed (e.g. run out of IP's...). Maybe an approach similar to that one is useful for your use-case. Virtual router (from opennebula marketplace) expects private network interface on ranged virtual network and current implementation doesn't work with this approach. Regards, Rolandas P.S. Currently I have to create our own clean installation of virtual router to workaround opennebula limitations or to introduce changes in /usr/share/opennebula/init.rb in virtual router of opennebula. P.S. Also there I want to have multiple FORWARDING rules to map access for e.g. to ssh port on every IP in virtual network (like 22000+ip.4 on router redirected to ip:22, where ip.4 is the last component of ip). Cheers Ruben On Wed, Jan 16, 2013 at 4:22 PM, Carlos Martín Sánchez cmar...@opennebula.org mailto:cmar...@opennebula.org wrote: Hi, VNet hold/release is not meant for your use case, it was implemented to hold IPs that may be temporarily used by a physical host, or some machines not managed by OpenNebula. Maybe you could put your VM in the hold state [1], that will take the vnet lease, and you can later release the VM to be deployed. Regards [1] http://opennebula.org/documentation:rel3.8:vm_guide_2#life-cycle_operations -- Carlos Martín, MSc Project Engineer OpenNebula - The Open-source Solution for Data Center Virtualization www.OpenNebula.org http://www.OpenNebula.org | cmar...@opennebula.org mailto:cmar...@opennebula.org | @OpenNebula http://twitter.com/opennebulamailto:cmar...@opennebula.org On Wed, Jan 16, 2013 at 2:47 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt mailto:rolandas.nauji...@mif.vu.lt wrote: Hi, When trying to configure virtual router VM I got into a problem. I want to configure its private IP fixed to some low IP (e.g. 10.1.1.1). I'm creating virtual (isolated) network X, where I defines IP_START=10.1.1.3, IP_END=10.1.1.254, but opennebula doesn't allow instantiate a VM with NIC=[IP=10.1.1.1,NETWORK=X], because 10.1.1.1 is not in range IP_START to IP_END. If I put IP_START=10.1.1.1 to X, then some other user VM could take this IP. If I put 10.1.1.1 on hold (onevnet hold), then I cannot start VM with this IP until I release it (onevnet release), but there is always some time window when someone from users could take it. It looks like onevnet hold/release is almost useless. Regards, Rolandas _ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/__listinfo.cgi/users-opennebula.__org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org mailto:Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Ruben S. Montero, PhD Project co-Lead and Chief Architect OpenNebula - The Open Source Solution for Data Center Virtualization www.OpenNebula.org http://www.OpenNebula.org | rsmont...@opennebula.org mailto:rsmont...@opennebula.org | @OpenNebula ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] onedb fsck on 3.8.3 failing
$ onedb fsck -v ... Version read: 3.8.3 : Database migrated from 3.8.1 to 3.8.3 (OpenNebula 3.8.3) by onedb command. Version mismatch: fsck file is for version 3.8.2, current database version is 3.8.3 ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] VM shutdown/cancel/delete action concurrency
Hi, When testing on 3.8.1 I found, that shutdown/cancel/delete of VM in a host is done in parallel without ability to configure concurrency (like MAX_HOST in sched.conf). That leads to several problems: (1) potential overload of storage with persistent images (ssh/qcow2 TM drivers) (2) race conditions in ebtables/iptables, as those tools doesn't support concurrent execution I saw (2) in my crash tests (submitting many VMs to the host with network=ebtables and doing onevm shutdown on them), which could be solved with flock /tmp/ebtables sudo ebtables and flock /tmp/iptables sudo iptables in OpenNebulaNetwork.rb as a workaround. When MAX_HOST=1 in sched.conf, then there are no problems with ebtables/iptables concurrency in deploy time, but when MAX_HOST1, then the (2) problem could also be. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] the synchronous problem between the cancel operation and tm_delete.sh for lxc driver (Users Digest, Vol 58, Issue 20)
On 2012-12-06 20:48, Ruben S. Montero wrote: Hi It seems that this behavior is problematic. Let me elaborate on Simon comment. As pointed out by Simon there are two similar VM operations: You make more confusion here, because in the past I saw similar problem when developing my own LVM driver. We are talking, that in delete action on VM opennebula executes tm/delete and vmm/cancel actions in parallel what causes problems, because lvm volumes could not be destroyed when in use by xen VM. As a workaround my LVM driver waits in background until it can delete LVM volume. * delete, this is equivalent to kill -9 It is a hard kill of the VM. It does not check anything and trigger cancellation/delete actions to free the associated resources. It is supposed to be used when a VM is stuck in any state. * cancel, it cancels the VM and cleans the resources but checks and synchro is in place. Note that this synchronization problem is only for VM's in running. This seems to be confusing, we are thinking of moving the delete operation to the ADMIN set (so you need admin permissions to delete) and so force users to use the safer cancel operation... Any thoughts? At least it should be configurable. Regards, Rolandas Naujikas Ruben On Thu, Dec 6, 2012 at 2:44 PM, Simon Boulet si...@nostalgeek.com wrote: Hi, On Wed, Dec 5, 2012 at 11:39 PM, cmcc.dylan dx10ye...@126.com wrote: Hi, everyone! I'm develpment lxc driver for opennebula and i complete the basic functions now, but i meet a problem as follows. from the log, we can see opennbula execute cancel fistrly and then execute tm_delete.sh, But the result is cancel: Executed virsh --connect lxc:/// destroy lxc-5. after tm_delete.sh. I can confirm this behaviour too when sending the delete action to a VM. It seems the VMM cancel and the TM delete actions are executed simultaneously by OpenNebula. When sending the cancel action OpenNebula seems to properly wait for the VMM cancel action to complete before calling TM delete. Simon ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] contribution of LVM2 transfer manager driver for opennebula 3.4.x
On 2012-06-30 19:14, Shankhadeep Shome wrote: Will this work with 3.6? Is there any reason clustered lvm is required over I didn't try yet 3.6, but as seen in release notes for beta version, there are no changes in transfer manager drivers part, so it should work (but please test before using in production). For normal LVM with shared disks (SAN), there I have no experience. I suspect, that in this case probably mv script could be improved, by not copying from one node to another in some cases (and/or not creating the copy in file for STOP). Regards, Rolandas Naujikas normal lvm with shared disks? I've been using glusterfs for shared storage but it's been unstable and I've lost data with high i/o. Shank On Tue, Jun 26, 2012 at 6:58 AM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: Hi, Because Debian 6.0 Xen doesn't support tap:aio: and because LVM disks are faster, I wrote modified transfer manager driver for opennebula 3.4.x, that use LVM volumes on local disks in virtualization hosts. There are 3 kinds: *) lvm2 - works with shared or not shared filesystem datastore (for system datastore there is parameter in lvm.conf to tell shared or not it is). *) lvm2ssh - the same, but removed code to detect that datastore is shared. *) lvm2shared - the same, but with only assumption, than datastore is shared. URL of all them is at http://mif.vu.lt/~rolnas/one/**one34/tm/http://mif.vu.lt/~rolnas/one/one34/tm/ Regards, Rolandas Naujikas P.S. This driver was in almost working condition in opennebula 3.2, but was lost in opennebula 3.4. lvm driver in opennebula 3.4.1 is not for system datastore and is different by design. __**_ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/**listinfo.cgi/users-opennebula.**orghttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] deleting stopped VM leaves files in frontend
Hi, Deleting stopped VM in opennebula 3.4 (probably also in previous versions) leaves saved VM files on fronted (or in nodes with shared storage). delete action of system datastore is not called. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] impossible to setup different transfer manager for system datastore on different hosts
Hi, In opennebula 3.4.x there is not possible to setup different transfer manager for system datastore on different hosts. That was possible in opennebula 3.2.x and early. That looks like REGRESSION. That could be useful for opennebula with different visualization hosts types (KVM, Xen, VMware) or different system datastore storage configurations (filesystem + ssh/shared, filesystem + lvm2ssh/shared). Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] mv action is not called for swap/image disks when migrating/stopping/resuming
Hi, We found, that mv action is not called for swap/image disks when doing migration/stopping/resuming of VM in opennebula 4.3.x (probably in early version also). That could make mv driver part easier to write. With several disks there is bigger risks, that some of mv actions could fail - what action should take opennebula to recover ? Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] contribution of LVM2 transfer manager driver for opennebula 3.4.x
Hi, Because Debian 6.0 Xen doesn't support tap:aio: and because LVM disks are faster, I wrote modified transfer manager driver for opennebula 3.4.x, that use LVM volumes on local disks in virtualization hosts. There are 3 kinds: *) lvm2 - works with shared or not shared filesystem datastore (for system datastore there is parameter in lvm.conf to tell shared or not it is). *) lvm2ssh - the same, but removed code to detect that datastore is shared. *) lvm2shared - the same, but with only assumption, than datastore is shared. URL of all them is at http://mif.vu.lt/~rolnas/one/one34/tm/ Regards, Rolandas Naujikas P.S. This driver was in almost working condition in opennebula 3.2, but was lost in opennebula 3.4. lvm driver in opennebula 3.4.1 is not for system datastore and is different by design. ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] Hostname column in Sunstone is misleading
Hi, Some users are mislead of Hostname column, because it could mean VM hostname, but really it means location of VM. Probably it is better to rename it to Location. Don't forget in this case change it also in VM information and other tabs. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] mv action is not called for swap/image disks when migrating/stopping/resuming
On 2012-06-26 19:37, Jaime Melis wrote: Hello Rolandas, thank you for reporting this. I've created a bug report to look into it. http://dev.opennebula.org/issues/1315 cheers, Jaime On Tue, Jun 26, 2012 at 12:47 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: Hi, We found, that mv action is not called for swap/image disks when doing migration/stopping/resuming of VM in opennebula 4.3.x (probably in early There should be in opennebula 3.4.x (mistake in typing). Rolandas version also). That could make mv driver part easier to write. With several disks there is bigger risks, that some of mv actions could fail - what action should take opennebula to recover ? Regards, Rolandas Naujikas __**_ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/**listinfo.cgi/users-opennebula.**orghttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] impossible to setup different transfer manager for system datastore on different hosts
On 2012-06-26 20:39, Ruben S. Montero wrote: Hi, The rationale behind this is the following: The current datastore system allows you to setup a host that uses multiple datastores, each one with a different transfer driver. In this way, you can have FS datastores that is exported through a shared FS other FS datasores with SSH, and even one using an iSCSI server. With OpenNebula 3.4 you can use all of them at the same time in every single host (each host using tm_shared, tm_ssh, tm_iscsi depending on the image). In previous version you are restricted to a single TM for each host. This usually means for example that you are restricted to a single NFS export or iSCSI server. IMHO this is a clear gain on the storage subsystem. Now, the system datastore . It is used to create end-points in the target host, so the operations specific to the system datastore are just: context, mkimage, and mkswap: These by default create files for the ISO context CD-ROM or volatile disks mv: that mv's VM directories across hosts delete: to delete any temporal content created in the system datastore NOTE: clone, mvds, and ln operations are datastore specific, and we are not using the system ones. So I think that there is no regression. Note that the use of multiple system datastores will basically affect cold migrations (mv), which are not possible across hypervisors, and in general very limited across hosts with different configurations (i.e migrating a VM with a LVM as disk that need to be converted to a file in other host) However, I see situations where creating a context volume or a volatile volume in a LVM device or in a file depending on the host can be useful. So, probably a good trade-off would be setting up the system datastore per cluster instead of opennebula installation. What do you think? I think it is logical, because in any case I would make hosts of different virtualization technologies in different clusters (like different clusters can have different images datastores in opennebula 3.4.x). Regards, Rolandas Thanks for your comments! BTW, Hope this helps you to tune the LVM2 drivers... Thanks also for that one :) Cheers Ruben On Tue, Jun 26, 2012 at 12:43 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: Hi, In opennebula 3.4.x there is not possible to setup different transfer manager for system datastore on different hosts. That was possible in opennebula 3.2.x and early. That looks like REGRESSION. That could be useful for opennebula with different visualization hosts types (KVM, Xen, VMware) or different system datastore storage configurations (filesystem + ssh/shared, filesystem + lvm2ssh/shared). Regards, Rolandas Naujikas __**_ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/**listinfo.cgi/users-opennebula.**orghttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] impossible to setup different transfer manager for system datastore on different hosts
On 2012-06-26 20:39, Ruben S. Montero wrote: Hi, The rationale behind this is the following: The current datastore system allows you to setup a host that uses multiple datastores, each one with a different transfer driver. In this way, you can have FS datastores that is exported through a shared FS other FS datasores with SSH, and even one using an iSCSI server. With OpenNebula 3.4 you can use all of them at the same time in every single host (each host using tm_shared, tm_ssh, tm_iscsi depending on the image). In previous version you are restricted to a single TM for each host. This usually means for example that you are restricted to a single NFS export or iSCSI server. IMHO this is a clear gain on the storage subsystem. Now, the system datastore . It is used to create end-points in the target host, so the operations specific to the system datastore are just: context, mkimage, and mkswap: These by default create files for the ISO context CD-ROM or volatile disks mv: that mv's VM directories across hosts delete: to delete any temporal content created in the system datastore NOTE: clone, mvds, and ln operations are datastore specific, and we are not using the system ones. So I think that there is no regression. Note that the use of multiple system datastores will basically affect cold migrations (mv), which are not possible across hypervisors, and in general very limited across hosts with different configurations (i.e migrating a VM with a LVM as disk that need to be converted to a file in other host) At least I saw that in some (commercial) cloud software, which really use VirtualBox/qemu-utils to convert different image formats for different virtualization platform. Regards, Rolandas P.S. Really I didn't test it too much, because I hate UI in browser made with Flash Player. However, I see situations where creating a context volume or a volatile volume in a LVM device or in a file depending on the host can be useful. So, probably a good trade-off would be setting up the system datastore per cluster instead of opennebula installation. What do you think? Thanks for your comments! BTW, Hope this helps you to tune the LVM2 drivers... Thanks also for that one :) Cheers Ruben On Tue, Jun 26, 2012 at 12:43 PM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: Hi, In opennebula 3.4.x there is not possible to setup different transfer manager for system datastore on different hosts. That was possible in opennebula 3.2.x and early. That looks like REGRESSION. That could be useful for opennebula with different visualization hosts types (KVM, Xen, VMware) or different system datastore storage configurations (filesystem + ssh/shared, filesystem + lvm2ssh/shared). Regards, Rolandas Naujikas __**_ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/**listinfo.cgi/users-opennebula.**orghttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Xen deployment problems (Users Digest, Vol 52, Issue 2)
On 2012-06-01 12:35, Marcin Jarzab wrote: I tried to deploy VM on the XEN platform and have some problems. Platform is Ubuntu 12.04 (frontend and Xen hypervisor) with the NFS shared storage configuration. The deployment file: name = 'one-8' #O CPU_CREDITS = 256 memory = '1024' vcpus = '1' bootloader = /usr/lib/xen/boot/hvmloader disk = [ 'tap:aio:/srv/cloud/one/var//datastores/0/8/disk.0,hdc,r', 'tap:aio:/srv/cloud/one/var//datastores/0/8/disk.1,hda,w', In Debian 6.0 and probably in Ubuntu also Xen is distributed without blktap device driver, so no support for tap:aio:. In newer Debian 7.0 (testing/weezy) or Ubuntu 12.04 you probably can install package blktap-dkms and have this feature. Regards, Rolandas Naujikas vif = [ ' mac=02:00:ac:11:44:64,ip=172.17.68.100,bridge=xenbr0', ] vfb = ['type=vnc,vncdisplay=8'] disk.0: file /srv/cloud/one/var//datastores/0/8/disk.0 /srv/cloud/one/var//datastores/0/8/disk.0: # ISO 9660 CD-ROM filesystem data 'Ubuntu-Server 12.04 LTS i386 ' (bootable) disk.1: ../../1/ba1b95fee731571dca7d57feeba62dec: Linux rev 1.0 ext2 filesystem data, UUID=65f7eae2-efd4-43ce-80f2-5c8ed8075e9c (large files) 1. When using SunStone I got the first error related to permissions: ## ++ basename /var/tmp/one/vmm/xen/deploy Thu May 31 13:30:45 2012 [VMM][I]: ++ SCRIPT_NAME=deploy Thu May 31 13:30:45 2012 [VMM][I]: + domain=/srv/cloud/one/var//datastores/0/8/deployment.0 Thu May 31 13:30:45 2012 [VMM][I]: ++ dirname /srv/cloud/one/var//datastores/0/8/deployment.0 Thu May 31 13:30:45 2012 [VMM][I]: + mkdir -p /srv/cloud/one/var//datastores/0/8 Thu May 31 13:30:45 2012 [VMM][I]: + cat Thu May 31 13:30:45 2012 [VMM][I]: ++ sudo /usr/sbin/xm create /srv/cloud/one/var//datastores/0/8/deployment.0 Thu May 31 13:30:45 2012 [VMM][I]: Error: Disk isn't accessible /srv/cloud/one/var//datastores/0/8/disk.0 Thu May 31 13:30:45 2012 [VMM][I]: + output='Using config file /srv/cloud/one/var//datastores/0/8/deployment.0.' Thu May 31 13:30:45 2012 [VMM][I]: + error_exit 1 'Unable to create domain' Thu May 31 13:30:45 2012 [VMM][I]: + exit_code=1 Thu May 31 13:30:45 2012 [VMM][I]: + message='Unable to create domain' Thu May 31 13:30:45 2012 [VMM][I]: + '[' x1 '!=' x0 ']' Thu May 31 13:30:45 2012 [VMM][I]: + error_message Unable to create domain Thu May 31 13:30:45 2012 [VMM][I]: + echo 'ERROR MESSAGE --8--' Thu May 31 13:30:45 2012 [VMM][E]: + echo Unable ### 2. After logging on the target machine I run the regular Xen command and it seems that there are problems with files permissions. sudo /usr/sbin/xm create /srv/cloud/one/var//datastores/0/8/deployment.0 Error: Disk isn't accessible /srv/cloud/one/var//datastores/0/8/disk.0 oneadmin@host$ ls -al /srv/cloud/one/var//datastores/0/8/disk.0 -rw-r- 1 oneadmin cloud 705998848 May 31 13:30 /srv/cloud/one/var//datastores/0/8/disk.0 How to solve the permission problem to be set automatically by the ONE. 3. After channging the mode to 644 the command starts but it hangs: DEBUG (XendBootloader:113) Launching bootloader as [\047/usr/lib/xen/boot/hvmloader\047, \047--output=/var/run/xend/boot/xenbl.11066\047, \047-q\047, \047/srv/cloud/one/var//datastores/0/8/disk.0\047]. [2012-06-01 10:10:43 1341] TRACE (XendDomainInfo:3525) XendDomainInfo.update({\047paused\047: 0, \047cpu_time\047: 273759722900L, \047ssidref\047: 0, \047hvm\047: 0, \047shutdown_reason\047: 255, \047dying\047: 0, \047mem_kb\047: 523908L, \047domid\047: 0, \047max_vcpu_id\047: 7, \047crashed\047: 0, \047running\047: 1, \047maxmem_kb\047: 524288L, \047shutdown\047: 0, \047online_vcpus\047: 8, \047handle\047: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0], \047cpupool\047: 0, \047blocked\047: 0}) on domain 0 Any idea why the VM hangs during boot up process? ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] problem with VM monitoring (Xen + opennebula-3.2.1)
On 05/24/2012 01:05 PM, Carlos Martín Sánchez wrote: Hi, This is fixed in OpenNebula 3.4+, see [1]. I think you should be able to apply these changes [2] in 3.2 without any problems. Regarding your question, you can't force a VM in the suspended state to be monitored and restored to the running state, unless you change in the DB the vm_pool columns lcm_state, state and the same xml attributes inside the body column. Hi, I created a script (http://mif.vu.lt/~rolnas/one/) to correct problem with failed/paused VM in opennebula-3.2.1. It works properly only on VM with only one history record (deployed and running on one host and not migrated or stopped/resumed to another). Of cause it should be run when oned is stopped: oneadmin$ one stop;./vm_runn VMID|./mysql2;one start Regards, Rolandas Naujikas Regards. [1] http://dev.opennebula.org/issues/1165 [2] http://dev.opennebula.org/projects/opennebula/repository/revisions/a7ab6e4ce8e3ee304de85fc1fb31246c3a998582 -- Carlos Martín, MSc Project Engineer OpenNebula - The Open-source Solution for Data Center Virtualization www.OpenNebula.org | cmar...@opennebula.org | @OpenNebulahttp://twitter.com/opennebulacmar...@opennebula.org On Thu, May 24, 2012 at 9:53 AM, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: Hi, I got: Wed May 23 14:22:28 2012 [VMM][I]: ExitCode: 0 Wed May 23 14:22:28 2012 [VMM][W]: Adding custom monitoring attribute: NAME one-588 Wed May 23 14:22:28 2012 [VMM][D]: Monitor Information: CPU : 0 Memory: 3584000 Net_TX: 12001 Net_RX: 452 Wed May 23 14:27:28 2012 [VMM][I]: ExitCode: 0 Wed May 23 14:27:28 2012 [VMM][W]: Adding custom monitoring attribute: NAME one-588 Wed May 23 14:27:28 2012 [VMM][I]: VM running but new state from monitor is PAUSED. Wed May 23 14:27:28 2012 [LCM][I]: VM is suspended. Wed May 23 14:27:28 2012 [DiM][I]: New VM state is SUSPENDED That is strange. We are using Xen + opennebula-3.2.1. Around this time I rebooted VM from inside (in OS). VM is really running. How to push to continue monitoring, because it is not monitored anymore ? Regards, Rolandas Naujikas __**_ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/**listinfo.cgi/users-opennebula.**orghttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] problem with VM monitoring (Xen + opennebula-3.2.1)
Hi, I got: Wed May 23 14:22:28 2012 [VMM][I]: ExitCode: 0 Wed May 23 14:22:28 2012 [VMM][W]: Adding custom monitoring attribute: NAME one-588 Wed May 23 14:22:28 2012 [VMM][D]: Monitor Information: CPU : 0 Memory: 3584000 Net_TX: 12001 Net_RX: 452 Wed May 23 14:27:28 2012 [VMM][I]: ExitCode: 0 Wed May 23 14:27:28 2012 [VMM][W]: Adding custom monitoring attribute: NAME one-588 Wed May 23 14:27:28 2012 [VMM][I]: VM running but new state from monitor is PAUSED. Wed May 23 14:27:28 2012 [LCM][I]: VM is suspended. Wed May 23 14:27:28 2012 [DiM][I]: New VM state is SUSPENDED That is strange. We are using Xen + opennebula-3.2.1. Around this time I rebooted VM from inside (in OS). VM is really running. How to push to continue monitoring, because it is not monitored anymore ? Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] restart monitoring from FAILED state
Hi, I have a VM in FAILED state. I recovered it manually and it is running now. How to force opennebula to restart monitoring (or put to running state) ? Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] Disks device mapping wrong in docs ? (Users Digest, Vol 51, Issue 83)
On 2012-05-21 16:16, Olivier Berger wrote: Hi. I've read http://opennebula.org/documentation:rel3.4:template#disks_device_mapping which states that : OpenNebula will mount the disks as follows: sda: OS type Image. sdb: Contextualization CDROM. sdc: CDROM type Image. sdd: Swap disk. sd[e,f,g?]: DATABLOCK type Images. However, from what I can see (under 3.2, but the docs are the same), I have sda : boot disk ln-ed from my persistent image sdb : swap sr0 : contextualization CD Is this mapping dependant of the virtulizer (I'm using KVM). Is the docs wrong, or is this an hypothetical example ? I'm using LABEL=CDROM and it works in Debian =6.x and CentOS/ScientificLinux/RedHat =5.x and later and also in both Xen and KVM. Regards, Rolandas Naujikas Thanks in advance. Best regards, ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] problem with VM in FAILED state
Hi, I have upgraded kernel inside of VM and it didn't reboot properly (because of grub misconfiguration). VM was in UNKNOWN state and I did onevm restart, but it didn't boot (because of this problem) and go to FAILED state. I recovered VM manually, but now I have FAILED state in Opennebula. Probably I can recover state only by editing opennebula DB, but for the future I would like (for others also) to have more intelligent management of restart from UNKNOWN state. Probably here would be better don't go to FAILED, but to UNKNOWN state, because historically VM was already running. Here still running opennebula 3.2.1 in production, but also testing opennebula 3.4.1. Regards, Rolandas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] There is no monitoring information for host (Users Digest, Vol 50, Issue 65)
On 2012-04-24 20:02, Hector Sanjuan wrote: Hi Rolandas, we are not sure what is causing this but it's not the normal behaviour and it doesn't happen to me. Are you running the oneacctd daemon? Either way perhaps it helps if you delete the /var/one/oneacct.db file (or move it away if you have valuable accounting information). You could also run 'oneacctd start' and see if it gathers some monitoring information and fixes the problem. I have tried running sunstone with an empty oneacct.db, and without it without any hosts and I don't get such messages so maybe the file is corrupt or something. Let us know if the annoying pop ups go away at least. I found that there is changes in the way monitoring information is gathered. When I commented out in SunstoneServer.rb: ... filter[:uid] = opts[:uid] if opts[:gid]!=0 ... it started to work. I think here we should correct this problem, which is related also with code in acct/watch_client.rb: ... def filter_pool(filter) if filter[:uid] filter[:uid]==0 ? (hosts = pool) : (return nil) elsif filter[:gid] filter[:uid]==0 ? (hosts = pool) : (return nil) else ... which also looks strange in elsif (it should look: ... filter[:gid]==0 ? (hosts = pool) : (return nil). ... I think in SunstoneServer.rb we should add ... filter[:uid] = opts[:uid] if opts[:gid] != 0 filter[:gid] = opts[:gid] ... Please take attention to opts[:gid] it is integer/numeric. After those changes everything starts to work correctly (at least with current logic). Regards, Rolandas Naujikas P.S. Sorry for all this mess, probably it is better to attach patch file for all changes. Hector En Tue, 24 Apr 2012 18:25:22 +0200, Rolandas Naujikas rolandas.nauji...@mif.vu.lt escribi?: On 2012-04-24 09:04, Rolandas Naujikas wrote: Hi, In opennebula-3.4.0 sunstone there is annoying message There is no monitoring information for host, when there are no hosts defined yet. It doesn't stop even when I added one host to opennebula. It looks like sunstone could not access host monitoring information. Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] There is no monitoring information for host
On 2012-04-25 13:32, Daniel Molina wrote: Hi, On 24 April 2012 17:07, Rolandas Naujikas rolandas.nauji...@mif.vu.lt wrote: On 2012-04-24 19:25, Rolandas Naujikas wrote: On 2012-04-24 09:04, Rolandas Naujikas wrote: Hi, In opennebula-3.4.0 sunstone there is annoying message There is no monitoring information for host, when there are no hosts defined yet. It doesn't stop even when I added one host to opennebula. It looks like sunstone could not access host monitoring information. Finally I found that I'm getting this annoing message only when I'm not connected with oneadmin(id=0), but with other user in oneadmin group. That could come from watch_client.rb: ... def filter_pool(filter) if filter[:uid] filter[:uid]==0 ? (hosts = pool) : (return nil) elsif filter[:gid] filter[:uid]==0 ? (hosts = pool) : (return nil) else hosts = pool end ... There is probably a mistake after elsif filter[:gid]. Next line should probably be filter[:gid]==0 ? (hosts = pool) : (return nil) Indeed this is a known issue [1]. I have included another patch fixing the gid/uid missmatch. These patches [2, 3] will be included in the release 3.4.1. Thanks for your great feedback. [1] http://www.opennebula.org/documentation:rel3.4:known_issues I think it should read Sunstone monitoring graphs are not correctly shown for oneadmin or users in oneadmin group. Regards, Rolandas Naujikas [2] http://dev.opennebula.org/projects/opennebula/repository/revisions/51b672ef2a4eb370a07247b8804ab3f76ed62920/diff [3] http://dev.opennebula.org/projects/opennebula/repository/revisions/590ba0e4eb25c126d59d4df91646f10ec2a5ec6a/diff I applied both changes and it works. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
[one-users] There is no monitoring information for host
Hi, In opennebula-3.4.0 sunstone there is annoying message There is no monitoring information for host, when there are no hosts defined yet. Regards, Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] There is no monitoring information for host
On 2012-04-24 09:04, Rolandas Naujikas wrote: Hi, In opennebula-3.4.0 sunstone there is annoying message There is no monitoring information for host, when there are no hosts defined yet. It doesn't stop even when I added one host to opennebula. It looks like sunstone could not access host monitoring information. Rolandas Naujikas ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] REST EC2 (Users Digest, Vol 50, Issue 58)
On 2012-04-23 19:28, Charles Rodamilans wrote: Hi Daniel, I used port 8443, for sugestion in http://opennebula.org/documentation:archives:rel3.2:ec2qcg#configuring_a_ssl_proxy I changed :ssl_server parameter to localhost:8443, restart econe-server, and the problem continues (Test 1). I changed the configuration to 443 in ssl/httpd and econe-server, restart httpd and econe-server, and the problem continues too (Test 2 and 3). At least in opennebula 3.2 you have put full URL in ssl_server parameter like: :ssl_server: https://cloud.example.com/ Where cloud.example.com is external hostname of reverse proxy. Rolandas Cheers Charles Rodamilans ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] REST EC2 (Users Digest, Vol 50, Issue 58)
On 2012-04-23 20:30, Charles Rodamilans wrote: Hi Rolandas, this solved the problem. Thanks, Charles Rodamilans Final configuration: [root@lahpc_cloud_server ~]# vim /etc/httpd/conf.d/ssl.conf Listen 443 VirtualHost _default_:443 ServerName localhost ProxyPass / http://127.0.0.1:4567 [oneadmin@lahpc_cloud_server ~]$ vim /etc/one/econe.conf :server: 127.0.0.1 :port: 4567 :ssl_server: https://localhost/ The same is for OCCI also. In econe-server.rb ... uri = URI.parse(conf[:ssl_server]) ... In OCCIServer.rb ... if config[:ssl_server] @base_url=config[:ssl_server] else @base_url=http://#{config[:server]}:#{config[:port]}; end ... Rolandas Naujikas [oneadmin@lahpc_cloud_server ~]$ econe-describe-images -U https://localhost-K oneadmin -S 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 oneadmin ami-0019 available 17338366ceac9a69c73d2f1c1a7677d2 oneadmin ami-0020 available 91d34ab841bd78e683dab4f345eae246 oneadmin ami-0021 available 6dbcca995956233be8a2a922c643944f oneadmin ami-0022 available 37ffe10a30a795c2340c8ea19acfcc48 Em 23 de abril de 2012 13:38, Rolandas Naujikas rolandas.nauji...@mif.vu.lt escreveu: On 2012-04-23 19:28, Charles Rodamilans wrote: Hi Daniel, I used port 8443, for sugestion in http://opennebula.org/documentation:archives:rel3.2:ec2qcg#configuring_a_ssl_proxy I changed :ssl_server parameter to localhost:8443, restart econe-server, and the problem continues (Test 1). I changed the configuration to 443 in ssl/httpd and econe-server, restart httpd and econe-server, and the problem continues too (Test 2 and 3). At least in opennebula 3.2 you have put full URL in ssl_server parameter like: :ssl_server: https://cloud.example.com/ Where cloud.example.com is external hostname of reverse proxy. Rolandas Cheers Charles Rodamilans ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] noVNC error: Server disconnected [socket.error: [Errno 98] Address already in use] ? (Users Digest, Vol 50, Issue 10)
On 2012-04-05 11:24, Hector Sanjuan wrote: Hello, I don't get to reproduce this. I close and reopen repeted times the VNC window and it works well. Try to close web browser tab or do refresh of it with noVNC canvas open. The only solution in such cases - kill hang wsproxy process. Rolandas P.S. I think there should be some mechanism to shutdown wsproxy from server side or reuse it for later sessions, or kill it before creating new one. When you close the vnc window, you should be seeing a line like and the stopvnc action pop up message: Thu Apr 05 10:15:21 2012 [I]: 127.0.0.1 - - [05/Apr/2012 10:15:21] POST /vm/12/stopvnc HT TP/1.1 200 - 0.0610 Could you check that this request happens and that it acknowledged with 200? Thanks, Hec ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
Re: [one-users] TransportManager for SAN storage, VMs in clvm, templates in GFS2 volume (Users Digest, Vol 49, Issue 11)
Hi, Did you test performance of LVM snapshots ? LVM performance usually is OK, but with snapshots it could go 10x decrease if your storage doesn't have many IOS (disc spindles of SSD). Even with good IOS or SSD it goes down 2-3x down. For reference http://www.nikhef.nl/~dennisvd/lvmcrap.html Regards, Rolandas Naujikas P.S. For better performance I would look for ZFS (or btrfs, but not yet for production) and for that you can use Solaris/OpenSolaris or FreeBSD (or its NAS solution FreeNAS). There should be solution http://mperedim.wordpress.com/2010/09/26/opennebula-zfs-and-xen-part-1-get-going/ On 2012-03-03 13:10, jan horacek wrote: Hello, i already published the updated driver. now all images not uploaded by administrator to the GFS2 volume are stored inside lvm volumes (inside clvm) https://github.com/jhrcz/opennebula-tm-gfs2clvm/tree/v0.0.20120303.0 basic tests are already done, and everything seems to work fine ;o) it looks it could realy be added to one ecosystem ;o) Regards, J.Horacek On Thu, Mar 1, 2012 at 9:01 AM, jan horacek jahor.jhr...@gmail.com wrote: Hi Steve, The complete writeup about seting all the things up is on my todo. clvm is the minimal form on centos. Just a shared storage (sas infrastructure exactly, but could be anything else like drbd primary/primary, iscsi etc). The driver currently does not use exclusive locks, but i'm tempted not to use it in close future. the global volume group for all the cloud-related things is created as clustered (--clustered yes). The GFS2 volume in one of the LV is for /var/lib/one on worker nodes, context.sh contextualisation isos, vm checkpoints, deployment.X and disk.X symlinks are here. All the files for oned are on the management node, in /var/lib/one. This storage is NOT shared betwen management node and worker nodes. i'm currently rewriting the driver and related (remotes/fs) to support the next level for this setup - having all the images created dynamicaly by one on clvm too. so in the VG, there is ?* LV for gfs2 ?* LVs lv-one-XXX-X for nonpresistent, dynamicaly created volumes ?* LVs lv-oneimg-XXX for volumes created in one (by saveas, cloning etc - replacement of hash-like named files) this brings possibility to use persistent volumes from lvm and not gfs2 filesystem, future possibility for using snapshosts for cloning (and even live snapshoting, without suspending the machine). Currently it is able to create new volumes as a copy of volumes from machines in suspend state, no need to wait for shutdown, just suspend it and create copy. For my this gives me the proof, that something working is cloned and checked and then the source could be suspended - no risk of saveas failure with work losk. the last changes are not in my git repo yet, i hope the will be in very short time. To your questions... ad 1... yes, the one management/head node is virtual machine in my installation. It is on some other physical machine, not directly connected in the cluster tools. this is why i challenged the disconnection of the node from shared filesystem, to make safe fencing in the cluster possible. all fencing could be directly to ipmi and no need to use libvirt fencing for the management node (management node shares the physical machine with some other critical systems not realted in the cloud and so ipmi fencing is not the best way to fence it) ad 2... some sort of description is in the text above. the driver in the form of v0.0.20120221.0 as initialy pushed to github, has master-templates (isos, hand made sys images) on the lvm, all created volumes (files with hash-like filename), vm images are in the lvm, so every time you deploy a machine, it dd's the from gfs2 to lvm. persistent images are used from gfs2. but as i wrote above, this will change, because i want to minize the usage of the gfs2 storage. i hope i answered the question sufficiently ;o) Regards, Jan Horacek On Mon, Feb 27, 2012 at 11:37 PM, Steven Timm t...@fnal.gov wrote: This is very interesting work. ?Jan, do you have any write-up on how you were able to set up the gfs and clvm setup to work with this driver? It's a use case very similar to what we are considering for FermiCloud. Two other questions that weren't immediately obvious from looking at the code: 1) with this driver, could the OpenNebula head node itself be a (static) virtual machine? ?Looks like yes, but I want to be sure. 2) How is the notion of an image repository handled--does openNebula copy the OS image from a separate image repository every time the VM is instantiated, or is the repository defined to be the place that the OS image lives on disk? Steve Timm On Thu, 23 Feb 2012, Borja Sotomayor wrote: Hi Jan, I call this transfer manager drive **gfs2clvm** and made it (even in current?development?state - but most of the functions works already)?available?on?github: https://github.com/jhrcz/opennebula-tm
Re: [one-users] onevm saveas : not authorized to perform action on virtual machine
Hi, My customers (from group users) also have similar problem. In Sunstone they tries to use Save as on running VM and getting [VirtualMachineSaveDisk] Error allocating a new image. Template includes a restricted attribute SOURCE. We have also quotas enabled, but they doesn't influence that. Regards, Rolandas P.S. This problem currently is showstopper for our private cloud users. On 2012-02-29 23:29, Faras wrote: Hi all, I have a problem saving a vm image on opennebula. ~ onetemplate list 15 oneadmin users SEAS Linux 6 Base (No Firewall02/08 18:28:12 Yes ~ onetemplate instantiate 15 ~ onevm list 278 johnusersone-278 runn 0 0K arc-vm.int.s.d 00 00:01:29 ~ onevm saveas 278 0 john_vm [VirtualMachineSaveDisk] User [1] not authorized to perform action on virtual machine. Note: 1) No quota restriction put for the users (storage , cpu and memory). 2) The same user who fire up the VM want to save the image (john). 3) john ID = 1 ~ oneuser show 1 USER 1 INFORMATION ID : 1 NAME : john GROUP: 1 PASSWORD : 68162512f3445b025f80d8e872e6e2de2c0ec551 ENABLED : Yes Faras Sadek, Programmer and Data Analyst, Academic Computing Harvard University Sch. of Eng. and App. Sci. Maxwell-Dworkin 211, 33 Oxford St. Cambridge, MA 02138 office phone (617)-496-1520 cell phone (617)-331-6741 ___ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org