Re: [ovirt-users] Fake power management?
- Original Message - From: mots m...@nepu.moe To: Eli Mesika emes...@redhat.com Cc: users@ovirt.org Sent: Sunday, November 16, 2014 12:53:53 PM Subject: AW: [ovirt-users] Fake power management? Hello Eli, If I replace /usr/bin/vdsm-tool service-restart vdsmd with echo b /proc/sysrc-trigger, will the Engine consider the node to be fenced and restart the VMs that were running on it on another node? I don't see a mechanism to inform the engine that this was a hard fencing operation and that it's save to restart the guests. We have a RFE for PM hooks but this was not done or get to a version plan yet So, the only way to release the VMs is to manually confirm that the node was rebooted ... Regards, mots -Ursprüngliche Nachricht- Von:Eli Mesika emes...@redhat.com mailto:emes...@redhat.com Gesendet: Son 16 November 2014 03:00 An: Patrick Lottenbach p...@a-bot.ch mailto:p...@a-bot.ch CC: users@ovirt.org mailto:users@ovirt.org Betreff: Re: [ovirt-users] Fake power management? - Original Message - From: Sandro Bonazzola sbona...@redhat.com mailto:sbona...@redhat.com To: mots m...@nepu.moe mailto:m...@nepu.moe , users@ovirt.org mailto:users@ovirt.org Sent: Friday, November 14, 2014 5:15:25 PM Subject: Re: [ovirt-users] Fake power management? Il 14/11/2014 15:54, mots ha scritto: Hello, I'm building a small demonstration system for our sales team to take to a customer so that they can show them our solutions. Hardware: Two Intel NUC's, a 4 port switch and a laptop. Engine: Runs as a VM on one of the NUCs, which one it runs on is determined by pacemaker. Storage: Also managed by pacemaker, it's drbd backed and accessed with iscsi. oVirt version: 3.5 OS: CentOS 6.6 Just for curiosity, any reason for using pacemaker instead on oVirt Hosted Engine solution? The idea is to have our sales representative (or the potential customer himself) randomly pull the plug on one of the NUCs to show that the system stays operational when part of the hardware fails. My problem is that I don't have any way to implement power management, so the Engine can't fence nodes and won't restart guests that were running on the node which lost power. In pacemaker I can just configure fencing over SSH or even disable the requirement to do so completely. Is there something similar for oVirt, so that the Engine will consider a node which it can't connect to to be powered down? Well, we are thinking of adding such ability (Fake power management) mainly for testing purpose... Meanwhile, I think I have a work-around that may help you. When we have a connectivity issue with a node, we first try (after a grace period) to restart its VDSM via SSH this is always done before the hard-fencing (restart via the PM card) and can be done no matter if the host has PM configured or not. So basically when a connectivity issue is found, you can custom the SSH command that restarts VDSM to do whatever you want, even a script or a power-down command look at the result of psql -U engine -c select * from vdc_options where option_name ilike 'SshSoftFencingCommand' engine option_id | option_name | option_value | version ---+---+--+- 558 | SshSoftFencingCommand | service vdsmd restart | 3.0 559 | SshSoftFencingCommand | service vdsmd restart | 3.1 560 | SshSoftFencingCommand | service vdsmd restart | 3.2 561 | SshSoftFencingCommand | /usr/bin/vdsm-tool service-restart vdsmd | 3.3 562 | SshSoftFencingCommand | /usr/bin/vdsm-tool service-restart vdsmd | 3.4 563 | SshSoftFencingCommand | /usr/bin/vdsm-tool service-restart vdsmd | 3.5 Please note: 1) change only the value that match your cluster version 2) restart engine so change can take place 3) restore to default value again after you are done Does this may be useful for you ? Regards, mots ___ Users mailing list Users@ovirt.org mailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users http://lists.ovirt.org/mailman/listinfo/users -- Sandro Bonazzola Better technology. Faster innovation. Powered by community collaboration. See how it works at redhat.com ___ Users mailing list Users@ovirt.org mailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org
[ovirt-users] Status libgfapi support in oVirt
I have been trying to use libgfapi glusterfs support in oVirt but can't get it to work. After talks on IRC it seems I should apply a patch (http://gerrit.ovirt.org/33768) to enable libgf BUT I can't get it to work. Systems used: - hosts Centos7 or Fedora20 (so upto date qemu/libvirt/oVirt(3.5)) - glusterfs-3.6.1 - vdsm-4.16.0-524.gitbc618a4.el7.x86_64 (snapshot master 14-nov) - vdsm-4.16.7-1.gitdb83943.el7.x86_64 (official ovirt-3.5 vdsm, seems newer than master snapshot?? ) Just adding the patch to vdsm-4.16.7-1.gitdb83943.el7.x86_64 doesn't work, vdsm doesn't start anymore due to an error in virt/vm.py. Q1: what is de exact status of libgf and oVirt. Q2: how do I test that patch? Joop ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Which machine provides the computing power for the clients?
Hi, im not sure if understand the oVirt concept right. Is the oVirt node hypervisor the machine that provides the computing power for the client consoles (User Applications)? Is the VM running on the node Hypervisor? Can i use 1 PC for the complete oVirt environment + the consoles? -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Which machine provides the computing power for the clients?
- Original Message - From: Harald Wolf ov...@online.de To: users@ovirt.org Sent: Monday, November 17, 2014 10:46:21 AM Subject: [ovirt-users] Which machine provides the computing power for the clients? Hi, im not sure if understand the oVirt concept right. Is the oVirt node hypervisor the machine that provides the computing power for the client consoles (User Applications)? Not sure what exactly you refer to. The applications run in the VMs. Is the VM running on the node Hypervisor? Yes. Can i use 1 PC for the complete oVirt environment + the consoles? You can try it by simply booting a pc with ovirt-live and see how it works. I suggest that you give a bit more details about the setup you have in mind and what you want to do. Best, -- Didi ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Which machine provides the computing power for the clients?
On 17.11.2014 09:46, Harald Wolf wrote: Hi, im not sure if understand the oVirt concept right. Is the oVirt node hypervisor the machine that provides the computing power for the client consoles (User Applications)? Is the VM running on the node Hypervisor? Can i use 1 PC for the complete oVirt environment + the consoles? I strongly suggest you read the admin guide prior to deploying oVirt to get familiar with the concepts. The introduction holds all the answers already [1]. If something is unclear, please get back here or file a RFE [2] if you find any errors/unclear things. I also wrote a brief breakdown answering your first mail [3]. Cheers! [1] http://www.ovirt.org/OVirt_Administration_Guide#oVirt_Architecture [2] https://bugzilla.redhat.com [3] https://www.mail-archive.com/users%40ovirt.org/msg22615.html -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet. -- Daniel Helgenberger m box bewegtbild GmbH P: +49/30/2408781-22 F: +49/30/2408781-10 ACKERSTR. 19 D-10115 BERLIN www.m-box.de www.monkeymen.tv Geschäftsführer: Martin Retschitzegger / Michaela Göllner Handeslregister: Amtsgericht Charlottenburg / HRB 112767 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Ubuntu/Debian support?
So, a quick non-scientific poll... Motivation: It has been suggested that adding ubuntu or debian distro support could broaden the reach of the oVirt community. To date, there has been some work towards this goal, but it is not coming to a conclusion. Questions that comes to mind: 1) Is this still an issue? 2) Can we afford to dilute the focus we have as it is hard enough to stabilize the currently supported distro's? is it worth the potential impact? 3) Would it have maintainers catering to it so it won't be left behind / delay development? 4) Why bother with host support, ovirt-node can be used? 5) Why bother with engine support, a virtual appliance or a docker image could be used? 6) if we do it, should we focus on Ubuntu or Debian distro first? 7) if we do it, should we focus on host or engine first? Thoughts? Thanks, Itamar ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Non-Operational state because management interfaces down
Hi Luf, Apologies, I probably don't understand the details of your L2 toplogy; how come when you turn off one host it affects the link state of of the other one's interfaces?... Yours, Lior. On 14/11/14 11:43, Finstrle, Ludek wrote: Hi, I have 2-node ovirt cluster. Both machines has 4 interfaces. 2 interfaces in bond1 for data 2 interfaces in bond0 for management (short connected directly between servers) switch0 -\ /-\ /- switch0 node1 node2 switch1 -/ \-/ \- switch1 I setup everything as I want/expect but I hit one problem and I don't know how to fix it. The problem is when I switch off one of the machines for maintenance (node01.ovirt in this case). I get in ovirt engine this message: Host node02.ovirt moved to Non-Operational state because interfaces which are down are needed by required networks in the current cluster: 'bond0 (ovirtmgmt)'. Do you have any idea how to avoid it? I can't change physical architecture as I don't have 10Gb switch. BTW it's the same as if I want to start with only 1 node and separated data and mgmt networks: switch - host --(not connected iface for mgmt as I don't need it) Thanks, Luf NOTICE: This email and any attachments may contain confidential and proprietary information of NetSuite Inc. and is for the sole use of the intended recipient for the stated purpose. Any improper use or distribution is prohibited. If you are not the intended recipient, please notify the sender; do not review, copy or distribute; and promptly delete or destroy all transmitted information. Please note that all communications and information transmitted through this email system may be monitored and retained by NetSuite or its agents and that all incoming email is automatically scanned by a third party spam and filtering service which may result in deletion of a legitimate e-mail before it is read by the intended recipient. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] hosted engine , how to make changes to the VM post deploy
Hi Ryan, On Thu, Nov 06, 2014 at 09:10:32AM -0700, Groten, Ryan wrote: I went through this a couple months ago. Migrated my hosted-engine from one NFS host to another. Here are the steps that I documented from the experience. just wanted to let you know that my migration went flawlessly, thanks to your documentation! Thank you for sharing this. Maybe this should be added to the official docs/wiki until there's a better way to do this. Regards - Frank ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Fake power management?
- Original Message - From: mots m...@nepu.moe To: users@ovirt.org Sent: Friday, November 14, 2014 4:54:08 PM Subject: [ovirt-users] Fake power management? Fake power management? Hello, I'm building a small demonstration system for our sales team to take to a customer so that they can show them our solutions. Hardware: Two Intel NUC's, a 4 port switch and a laptop. Engine: Runs as a VM on one of the NUCs, which one it runs on is determined by pacemaker. Storage: Also managed by pacemaker, it's drbd backed and accessed with iscsi. oVirt version: 3.5 OS: CentOS 6.6 The idea is to have our sales representative (or the potential customer himself) randomly pull the plug on one of the NUCs to show that the system stays operational when part of the hardware fails. I assume you are aware that the engine might fence the node it is running on ... Or do you use pacemaker to run the engine as well ? My problem is that I don't have any way to implement power management, so the Engine can't fence nodes and won't restart guests that were running on the node which lost power. In pacemaker I can just configure fencing over SSH or even disable the requirement to do so completely. Is there something similar for oVirt, so that the Engine will consider a node which it can't connect to to be powered down? Regards, mots ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Fake power management?
Yes, pacemaker manages the engine. That part is working fine, the engine restarts on the remaining node without problems. It's just that the guests don't come back up until the powered down node has been fenced manually. -Ursprüngliche Nachricht- Von:Barak Azulay bazu...@redhat.com mailto:bazu...@redhat.com Gesendet: Mon 17 November 2014 11:35 An: Patrick Lottenbach p...@a-bot.ch mailto:p...@a-bot.ch CC: users@ovirt.org mailto:users@ovirt.org Betreff: Re: [ovirt-users] Fake power management? - Original Message - From: mots m...@nepu.moe mailto:m...@nepu.moe To: users@ovirt.org mailto:users@ovirt.org Sent: Friday, November 14, 2014 4:54:08 PM Subject: [ovirt-users] Fake power management? Fake power management? Hello, I'm building a small demonstration system for our sales team to take to a customer so that they can show them our solutions. Hardware: Two Intel NUC's, a 4 port switch and a laptop. Engine: Runs as a VM on one of the NUCs, which one it runs on is determined by pacemaker. Storage: Also managed by pacemaker, it's drbd backed and accessed with iscsi. oVirt version: 3.5 OS: CentOS 6.6 The idea is to have our sales representative (or the potential customer himself) randomly pull the plug on one of the NUCs to show that the system stays operational when part of the hardware fails. I assume you are aware that the engine might fence the node it is running on ... Or do you use pacemaker to run the engine as well ? My problem is that I don't have any way to implement power management, so the Engine can't fence nodes and won't restart guests that were running on the node which lost power. In pacemaker I can just configure fencing over SSH or even disable the requirement to do so completely. Is there something similar for oVirt, so that the Engine will consider a node which it can't connect to to be powered down? Regards, mots ___ Users mailing list Users@ovirt.org mailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users http://lists.ovirt.org/mailman/listinfo/users signature.asc Description: OpenPGP digital signature ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Ubuntu/Debian support?
Hello, 1) I hope this is still an issue, mostly because I would really love to use mandos[1] on the engine, and that only works with Debian/Ubuntu. 2) Can't comment on, I'm just a user, after all. 3) Can't comment on, I'm just a user, after all. 4) Debian GNU/Linux has things in its standard repositories that are useful for very small systems. Examples: drbd and the pacemaker resource agent for iSCSI. 5) See 1) 6) Debian, mostly because of personal preferrence. 7) Engine, I think it would be useful for more users because of mandos. [1]https://wiki.recompile.se/wiki/Mandos Regards, mots -Ursprüngliche Nachricht- Von:Itamar Heim ih...@redhat.com mailto:ih...@redhat.com Gesendet: Mon 17 November 2014 11:00 An: users@ovirt.org mailto:users@ovirt.org Betreff: [ovirt-users] Ubuntu/Debian support? So, a quick non-scientific poll... Motivation: It has been suggested that adding ubuntu or debian distro support could broaden the reach of the oVirt community. To date, there has been some work towards this goal, but it is not coming to a conclusion. Questions that comes to mind: 1) Is this still an issue? 2) Can we afford to dilute the focus we have as it is hard enough to stabilize the currently supported distro's? is it worth the potential impact? 3) Would it have maintainers catering to it so it won't be left behind / delay development? 4) Why bother with host support, ovirt-node can be used? 5) Why bother with engine support, a virtual appliance or a docker image could be used? 6) if we do it, should we focus on Ubuntu or Debian distro first? 7) if we do it, should we focus on host or engine first? Thoughts? Thanks, Itamar ___ Users mailing list Users@ovirt.org mailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users http://lists.ovirt.org/mailman/listinfo/users signature.asc Description: OpenPGP digital signature ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Optaplanner Problem
Hello, I upgraded oVirt to version 3.5.0 today and I also installed Optaplanner in a separate VM. While the installation was successful the Optimizer tab in oVirt Engine doesn't report the correct information. Although there are VMs that are shutdown and the hosts are not balanced in terms of memory usage the Optimized tab reports the following: SOLUTION STATUS Status: Waiting for data... Solution is being refreshed every 30 seconds. Freeze solution VMS THAT SHOULD BE STARTED No VM starts are requested at this moment. MIGRATION / START STEPS No migrations are needed at this moment. The state is stable. TARGET STATE hostvm memory [all in GB] usedavailable No information is displayed in TARGET STATE. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] (no subject)
Hi Harald, Could you perhaps refine your question? Also, what do you mean by console user - are you referring to a VM? The hardware of a host is the principal factor in determining the best computing power of a VM, but of course there'll always be some overhead (i.e. it'll never be equal to the host's computing power). If you elaborate we could give you a better answer. Yours, Lior. On 15/11/14 07:15, Harald Wolf wrote: Hi, is the hardware of a Host (oVirt Node/Hypervisor) responslible for the best possible computing power of the console users? -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] separate ovirtmgmt from glusterfs traffic
Hi Tibor, On 13/11/14 13:41, Demeter Tibor wrote: Hi, I have a 3 node gluster based cluster. There are 3x3 Nic with bonding. Sometimes the management is very slow because high gluster traffic. Is it possible to separate ovirtmgmt network from glusterfs traffic? I have only one interface (ovirtmgmt) for all of services (migration, etc). I just wondering I will make three VLANs for these services and use the QoS function. But how can specify glusterfs for use an other vlan for gluster traffic an a other one for management? This generally sounds like a good plan, but note that QoS on the host-level will only become available in oVirt 3.6 (it might become available soon on master, if you're feeling lucky...). VM-level QoS (available since 3.3) won't help you with administrative traffic (i.e. traffic that isn't going into / coming out of the VMs themselves). Also, I have more questions about this: - If I specify a VLAN on ovirtmgmt, then what happend on nodes? I'm afraid the nodes will lost the connection with each other nodes. If the switch allows this VLAN to reach all hosts, there shouldn't be a problem; since oVirt 3.4 the VLAN tagging should propagate to all active hosts. However, see my comment below concerning VM network. - Is it possible on a live system? What will happen with the mounted glustefs based datastores? I'm not knowledgeable about gluster specifics, but let's see if I can help. What's the current situation with the gluster network, is it already VLAN-tagged? If it is and you're not moving it to another interface on the hosts, I *think* things should be fine. - What does vm network mean on ovirtmgmt interface? Can I use this for seperate network traffic? This means that a bridge is created for this network on hosts. If VMs don't use this network (i.e. virtual interfaces are assigned profiles of ovirtmgmt), you can make it non-VM (with no VLAN tagging) and have it assigned to the same host interface as VLAN-tagged networks (I would say this is less risky than VLAN-tagging ovirtmgmt). My plan is - vlan.101 ovirtmgmt - vlan 102 glusterfs - vlan 103 migration - vlan 104 display What is the recommended procedure of this? Thanks in advance, Regards, Tibor ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Strange error messages
Hi, Meanwhile this happening in every two hours. For example 09:21, 11:21, 13:21 Anybody can me help? Thanks, Tibor - Eredeti üzenet - Hi, In this morning I have got a lot of similar messages to console: 2014-Nov-17, 03:21 Detected conflict in hook set-POST-30samba-set.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook stop-PRE-29CTDB-teardown.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook add-brick-PRE-28Quota-enable-root-xattr-heal.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook set-POST-31ganesha-set.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook start-POST-30samba-start.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook reset-POST-31ganesha-reset.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook gsync-create-POST-56glusterd-geo-rep-create-post.sh of Cluster r710cluster1. What does this mean? The system seems to be working. Thanks: Tibor ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Strange error messages
On 11/17/2014 12:25 PM, Demeter Tibor wrote: Hi, In this morning I have got a lot of similar messages to console: 2014-Nov-17, 03:21 Detected conflict in hook set-POST-30samba-set.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook stop-PRE-29CTDB-teardown.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook add-brick-PRE-28Quota-enable-root-xattr-heal.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook set-POST-31ganesha-set.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook start-POST-30samba-start.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook reset-POST-31ganesha-reset.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook gsync-create-POST-56glusterd-geo-rep-create-post.sh of Cluster r710cluster1. What does this mean? The system seems to be working. Thanks: Tibor ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users Hi Demeter, you are seeing these messages because there is a conflict in the hook script in your engine and node, you could go to clusters tab - click on hooks - you would see an exclamation mark next to hook script which has the conflict, click on the hook and click 'Resolve conflict ' button. This should solve the problem. Hope this helps. Thanks kasturi. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Ubuntu/Debian support?
On 17/11/14 04:41, Itamar Heim wrote: So, a quick non-scientific poll... Motivation: It has been suggested that adding ubuntu or debian distro support could broaden the reach of the oVirt community. To date, there has been some work towards this goal, but it is not coming to a conclusion. Questions that comes to mind: 1) Is this still an issue? I think that to support other serious distros would highlight the fact that oVirt is distro agnostic. Today oVirt still is RedHat-centric 2) Can we afford to dilute the focus we have as it is hard enough to stabilize the currently supported distro's? is it worth the potential impact? 3) Would it have maintainers catering to it so it won't be left behind / delay development? 4) Why bother with host support, ovirt-node can be used? 5) Why bother with engine support, a virtual appliance or a docker image could be used? 6) if we do it, should we focus on Ubuntu or Debian distro first? Debian, of course, it is upstream of Ubuntu and its release criteria compares to Centos or RHEL 7) if we do it, should we focus on host or engine first? I think that implementing host in Debian/Ubuntu would involve less work and after all, node/host is the core of virtualization infrastructure. Thoughts? Thanks, Itamar ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Strange error messages
On 11/17/2014 06:14 PM, Demeter Tibor wrote: Hi, Meanwhile this happening in every two hours. For example 09:21, 11:21, 13:21 Anybody can me help? Thanks, Tibor This happens because the time for syncing the hooks from node to engine has been configured for two hours. Hi, In this morning I have got a lot of similar messages to console: 2014-Nov-17, 03:21 Detected conflict in hook set-POST-30samba-set.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook stop-PRE-29CTDB-teardown.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook add-brick-PRE-28Quota-enable-root-xattr-heal.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook set-POST-31ganesha-set.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook start-POST-30samba-start.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook reset-POST-31ganesha-reset.sh of Cluster r710cluster1. 2014-Nov-17, 03:21 Detected conflict in hook gsync-create-POST-56glusterd-geo-rep-create-post.sh of Cluster r710cluster1. What does this mean? The system seems to be working. Thanks: Tibor ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] separate ovirtmgmt from glusterfs traffic
Hello, Thank you for the detailed reply. Yes, the vms are used an independent network/network interfaces for access the internet. So, in this case I could separate the high glusterfs traffic from ovirt management traffic when I disable vm network on ovirtmgmt interface. I will try-out this night this feature. Thanks a lot, Tibor - Eredeti üzenet - Hi Tibor, On 13/11/14 13:41, Demeter Tibor wrote: Hi, I have a 3 node gluster based cluster. There are 3x3 Nic with bonding. Sometimes the management is very slow because high gluster traffic. Is it possible to separate ovirtmgmt network from glusterfs traffic? I have only one interface (ovirtmgmt) for all of services (migration, etc). I just wondering I will make three VLANs for these services and use the QoS function. But how can specify glusterfs for use an other vlan for gluster traffic an a other one for management? This generally sounds like a good plan, but note that QoS on the host-level will only become available in oVirt 3.6 (it might become available soon on master, if you're feeling lucky...). VM-level QoS (available since 3.3) won't help you with administrative traffic (i.e. traffic that isn't going into / coming out of the VMs themselves). Also, I have more questions about this: - If I specify a VLAN on ovirtmgmt, then what happend on nodes? I'm afraid the nodes will lost the connection with each other nodes. If the switch allows this VLAN to reach all hosts, there shouldn't be a problem; since oVirt 3.4 the VLAN tagging should propagate to all active hosts. However, see my comment below concerning VM network. - Is it possible on a live system? What will happen with the mounted glustefs based datastores? I'm not knowledgeable about gluster specifics, but let's see if I can help. What's the current situation with the gluster network, is it already VLAN-tagged? If it is and you're not moving it to another interface on the hosts, I *think* things should be fine. - What does vm network mean on ovirtmgmt interface? Can I use this for seperate network traffic? This means that a bridge is created for this network on hosts. If VMs don't use this network (i.e. virtual interfaces are assigned profiles of ovirtmgmt), you can make it non-VM (with no VLAN tagging) and have it assigned to the same host interface as VLAN-tagged networks (I would say this is less risky than VLAN-tagging ovirtmgmt). My plan is - vlan.101 ovirtmgmt - vlan 102 glusterfs - vlan 103 migration - vlan 104 display What is the recommended procedure of this? Thanks in advance, Regards, Tibor ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] separate ovirtmgmt from glusterfs traffic
On 17/11/14 15:10, Demeter Tibor wrote: Hello, Thank you for the detailed reply. Yes, the vms are used an independent network/network interfaces for access the internet. So, in this case I could separate the high glusterfs traffic from ovirt management traffic when I disable vm network on ovirtmgmt interface. And since host-level QoS is not yet available in oVirt, you might want to configure your switch(es) to limit gluster traffic (by VLAN tag) to not hog the (presumably shared) network infrastructure. I will try-out this night this feature. Thanks a lot, Tibor - Eredeti üzenet - Hi Tibor, On 13/11/14 13:41, Demeter Tibor wrote: Hi, I have a 3 node gluster based cluster. There are 3x3 Nic with bonding. Sometimes the management is very slow because high gluster traffic. Is it possible to separate ovirtmgmt network from glusterfs traffic? I have only one interface (ovirtmgmt) for all of services (migration, etc). I just wondering I will make three VLANs for these services and use the QoS function. But how can specify glusterfs for use an other vlan for gluster traffic an a other one for management? This generally sounds like a good plan, but note that QoS on the host-level will only become available in oVirt 3.6 (it might become available soon on master, if you're feeling lucky...). VM-level QoS (available since 3.3) won't help you with administrative traffic (i.e. traffic that isn't going into / coming out of the VMs themselves). Also, I have more questions about this: - If I specify a VLAN on ovirtmgmt, then what happend on nodes? I'm afraid the nodes will lost the connection with each other nodes. If the switch allows this VLAN to reach all hosts, there shouldn't be a problem; since oVirt 3.4 the VLAN tagging should propagate to all active hosts. However, see my comment below concerning VM network. - Is it possible on a live system? What will happen with the mounted glustefs based datastores? I'm not knowledgeable about gluster specifics, but let's see if I can help. What's the current situation with the gluster network, is it already VLAN-tagged? If it is and you're not moving it to another interface on the hosts, I *think* things should be fine. - What does vm network mean on ovirtmgmt interface? Can I use this for seperate network traffic? This means that a bridge is created for this network on hosts. If VMs don't use this network (i.e. virtual interfaces are assigned profiles of ovirtmgmt), you can make it non-VM (with no VLAN tagging) and have it assigned to the same host interface as VLAN-tagged networks (I would say this is less risky than VLAN-tagging ovirtmgmt). My plan is - vlan.101 ovirtmgmt - vlan 102 glusterfs - vlan 103 migration - vlan 104 display What is the recommended procedure of this? Thanks in advance, Regards, Tibor ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] separate ovirtmgmt from glusterfs traffic
Ok, thanks a lot! Have a nice day, Tibor - Eredeti üzenet - On 17/11/14 15:10, Demeter Tibor wrote: Hello, Thank you for the detailed reply. Yes, the vms are used an independent network/network interfaces for access the internet. So, in this case I could separate the high glusterfs traffic from ovirt management traffic when I disable vm network on ovirtmgmt interface. And since host-level QoS is not yet available in oVirt, you might want to configure your switch(es) to limit gluster traffic (by VLAN tag) to not hog the (presumably shared) network infrastructure. I will try-out this night this feature. Thanks a lot, Tibor - Eredeti üzenet - Hi Tibor, On 13/11/14 13:41, Demeter Tibor wrote: Hi, I have a 3 node gluster based cluster. There are 3x3 Nic with bonding. Sometimes the management is very slow because high gluster traffic. Is it possible to separate ovirtmgmt network from glusterfs traffic? I have only one interface (ovirtmgmt) for all of services (migration, etc). I just wondering I will make three VLANs for these services and use the QoS function. But how can specify glusterfs for use an other vlan for gluster traffic an a other one for management? This generally sounds like a good plan, but note that QoS on the host-level will only become available in oVirt 3.6 (it might become available soon on master, if you're feeling lucky...). VM-level QoS (available since 3.3) won't help you with administrative traffic (i.e. traffic that isn't going into / coming out of the VMs themselves). Also, I have more questions about this: - If I specify a VLAN on ovirtmgmt, then what happend on nodes? I'm afraid the nodes will lost the connection with each other nodes. If the switch allows this VLAN to reach all hosts, there shouldn't be a problem; since oVirt 3.4 the VLAN tagging should propagate to all active hosts. However, see my comment below concerning VM network. - Is it possible on a live system? What will happen with the mounted glustefs based datastores? I'm not knowledgeable about gluster specifics, but let's see if I can help. What's the current situation with the gluster network, is it already VLAN-tagged? If it is and you're not moving it to another interface on the hosts, I *think* things should be fine. - What does vm network mean on ovirtmgmt interface? Can I use this for seperate network traffic? This means that a bridge is created for this network on hosts. If VMs don't use this network (i.e. virtual interfaces are assigned profiles of ovirtmgmt), you can make it non-VM (with no VLAN tagging) and have it assigned to the same host interface as VLAN-tagged networks (I would say this is less risky than VLAN-tagging ovirtmgmt). My plan is - vlan.101 ovirtmgmt - vlan 102 glusterfs - vlan 103 migration - vlan 104 display What is the recommended procedure of this? Thanks in advance, Regards, Tibor ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Ubuntu/Debian support?
On 17/11/14 08:41, Itamar Heim wrote: 1) Is this still an issue? Yes of course, or is it implemented yet? 2) Can we afford to dilute the focus we have as it is hard enough to stabilize the currently supported distro's? is it worth the potential impact? In general: Software which supports multiple operating systems/distros tends to be more stable, because some bugs just get found on specific platforms. the general ovirt technology is available everywhere (TM): java python 3) Would it have maintainers catering to it so it won't be left behind / delay development? this is a question for de...@ovirt.org (CC'ed ;) ) 4) Why bother with host support, ovirt-node can be used? My impression is, that most users don't use ovirt-node, because this project has not enough dev power and lacks certain stuff 5) Why bother with engine support, a virtual appliance or a docker image could be used? docker is inherently insecure (a famous red hatter said: it's like download random code from the internet and run it as root), so docker is no option today, imho. 6) if we do it, should we focus on Ubuntu or Debian distro first? well, the general rule of thumb is: if it runs on debian it runs on ubuntu. I see way more debian than ubuntu servers, but for modern deployments this changes. my personal opinion is, that ubuntu sucks as a server os. 7) if we do it, should we focus on host or engine first? atm you are focusing host, there are some bugs open for that and it's planned for 3.6. (that's what I read at least) General note: Imho ovirt would greatly benefit from more supported distros. Not just debian and ubuntu, but you have to start somewhere. you can attract many devs, which just don't use el/fedora. furthermore, the basic technology runs on any linux distribution: java and python so these are just integration issues (path to configfiles, different init systems, packaging not in rpm, but deb, etc.) This is still a huge effort, but I guess canonical and various debian developers would maybe join the effort to make ovirt work on their platform. my 2 cent -- Mit freundlichen Grüßen / Regards Sven Kieske Systemadministrator Mittwald CM Service GmbH Co. KG Königsberger Straße 6 32339 Espelkamp T: +49-5772-293-100 F: +49-5772-293-333 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Ubuntu/Debian support?
Il 17/11/2014 14:22, Sven Kieske ha scritto: On 17/11/14 08:41, Itamar Heim wrote: 1) Is this still an issue? Yes of course, or is it implemented yet? 2) Can we afford to dilute the focus we have as it is hard enough to stabilize the currently supported distro's? is it worth the potential impact? In general: Software which supports multiple operating systems/distros tends to be more stable, because some bugs just get found on specific platforms. the general ovirt technology is available everywhere (TM): java python 3) Would it have maintainers catering to it so it won't be left behind / delay development? this is a question for de...@ovirt.org (CC'ed ;) ) 4) Why bother with host support, ovirt-node can be used? My impression is, that most users don't use ovirt-node, because this project has not enough dev power and lacks certain stuff 5) Why bother with engine support, a virtual appliance or a docker image could be used? docker is inherently insecure (a famous red hatter said: it's like download random code from the internet and run it as root), so docker is no option today, imho. 6) if we do it, should we focus on Ubuntu or Debian distro first? well, the general rule of thumb is: if it runs on debian it runs on ubuntu. I see way more debian than ubuntu servers, but for modern deployments this changes. my personal opinion is, that ubuntu sucks as a server os. 7) if we do it, should we focus on host or engine first? atm you are focusing host, there are some bugs open for that and it's planned for 3.6. (that's what I read at least) General note: Imho ovirt would greatly benefit from more supported distros. Not just debian and ubuntu, but you have to start somewhere. you can attract many devs, which just don't use el/fedora. furthermore, the basic technology runs on any linux distribution: java and python so these are just integration issues (path to configfiles, different init systems, packaging not in rpm, but deb, etc.) This is still a huge effort, but I guess canonical and various debian developers would maybe join the effort to make ovirt work on their platform. I would really like to see them joining the effort! :-) my 2 cent -- Sandro Bonazzola Better technology. Faster innovation. Powered by community collaboration. See how it works at redhat.com ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Status libgfapi support in oVirt
Hello Joop, thanks for raising the issue as it is one of the things I assumed are already implemented and working. Sadly I cannot provide any answer ... On 17.11.2014 09:39, Joop wrote: I have been trying to use libgfapi glusterfs support in oVirt but can't get it to work. After talks on IRC it seems I should apply a patch (http://gerrit.ovirt.org/33768) to enable libgf BUT I can't get it to work. Systems used: - hosts Centos7 or Fedora20 (so upto date qemu/libvirt/oVirt(3.5)) - glusterfs-3.6.1 - vdsm-4.16.0-524.gitbc618a4.el7.x86_64 (snapshot master 14-nov) - vdsm-4.16.7-1.gitdb83943.el7.x86_64 (official ovirt-3.5 vdsm, seems newer than master snapshot?? ) Just adding the patch to vdsm-4.16.7-1.gitdb83943.el7.x86_64 doesn't work, vdsm doesn't start anymore due to an error in virt/vm.py. Q1: what is de exact status of libgf and oVirt. Q2: how do I test that patch? Joop ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users -- Daniel Helgenberger m box bewegtbild GmbH P: +49/30/2408781-22 F: +49/30/2408781-10 ACKERSTR. 19 D-10115 BERLIN www.m-box.de www.monkeymen.tv Geschäftsführer: Martin Retschitzegger / Michaela Göllner Handeslregister: Amtsgericht Charlottenburg / HRB 112767 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVirt 3.5 NAT
Finally got chance to test this but unfortunately it did not work. I did make
a change to replace:
HOOK_NAME = 'extnet_pg'
with
HOOK_NAME = 'extnet_ovs'
and on the engine it looks okay:
CustomDeviceProperties: {type=interface;prop={extnet_ovs=^[a-zA-Z0-9_
---]+(:[a-zA-Z0-9_ ---]+|)$}} version: 3.5
and when I checked vdsm.log it is being called okay when the VM first starts
after adding the additional NICs.
How am I able to debug please ?
Thanks, Phil
- Original Message -
From: Antoni Segura Puimedon asegu...@redhat.com
To: Phil Daws ux...@splatnix.net
Cc: users@ovirt.org
Sent: Sunday, 2 November, 2014 2:21:20 PM
Subject: Re: [ovirt-users] oVirt 3.5 NAT
- Original Message -
From: Phil Daws ux...@splatnix.net
To: users@ovirt.org
Sent: Saturday, November 1, 2014 9:31:53 AM
Subject: Re: [ovirt-users] oVirt 3.5 NAT
Is there anybody who can help with this please ?
Of course
Am pretty sure all I need
to be able to do know is create a network hook that changes a VM XML from:
interface type='bridge'
mac address='00:1a:4a:83:fb:00'/
source bridge='ovirtmgmt'/
target dev='vnet0'/
model type='virtio'/
filterref filter='vdsm-no-mac-spoofing'/
link state='up'/
bandwidth
/bandwidth
alias name='net0'/
address type='pci' domain='0x' bus='0x00' slot='0x03'
function='0x0'/
/interface
to something like:
interface type='network'
mac address='00:1a:4a:83:fb:00'/
source network='ovs-network' portgroup='vlan-20'/
model type='virtio'/
link state='up'/
alias name='net0'/
address type='pci' domain='0x' bus='0x00' slot='0x03'
function='0x0'/
/interface
so replacing the bridge with a network and setting the network to be the OVS
one I have defined.
Any ideas please ? Thanks, Phil
If you just need to do that it's relatively simple. You just need to create a
python executable and put it in:
- /usr/libexec/vdsm/hooks/before_device_create
- /usr/libexec/vdsm/hooks/before_nic_hotplug
Then, the content should be something like the following:
#!/usr/bin/env python
Tweak an interface defintion so that it uses a specific network and port
group.
It applies on a per vnic basis, it gets triggered and used by two different
events:
* before_device_create
* before_nic_hotplug
This hook can be used to force a VM to use a libvirt network that is managed
outside of ovirt, such as an openvswitch network, or libvirt's default
network.
import os
import sys
import traceback
import xml.dom
import hooking
HOOK_NAME = 'extnet_pg'
def replaceSource(interface, newnet, port_group=None):
source, = interface.getElementsByTagName('source')
source.removeAttribute('bridge')
source.setAttribute('network', newnet)
if port_group is not None:
source.setAttribute('portgroup', port_group)
interface.setAttribute('type', 'network')
def main():
newnet = os.environ.get('extnet')
if ':' in newnet:
newnet, port_group = newnet.split(':')
if newnet is not None:
doc = hooking.read_domxml()
interface, = doc.getElementsByTagName('interface')
replaceSource(interface, newnet)
hooking.write_domxml(doc)
def test():
interface = xml.dom.minidom.parseString(
interface type=bridge
address bus=0x00 domain=0x function=0x0 slot=0x03\
type=pci/
mac address=00:1a:4a:16:01:b0/
model type=virtio/
source bridge=ovirtmgmt/
filterref filter=vdsm-no-mac-spoofing/
link state=up/
boot order=1/
/interface
).getElementsByTagName('interface')[0]
print Interface before forcing network: %s % \
interface.toxml(encoding='UTF-8')
replaceSource(interface, 'yipee')
print Interface after forcing network: %s % \
interface.toxml(encoding='UTF-8')
replaceSource(interface, 'ovs-network', port_group='vlan-20')
print Interface after forcing network and port group: %s % \
interface.toxml(encoding='UTF-8')
if __name__ == '__main__':
try:
if '--test' in sys.argv:
test()
else:
main()
except:
hooking.exit_hook('extnet hook: [unexpected error]: %s\n' %
traceback.format_exc())
This is a modification of the existing extnet hook. Then, to use it, go to the
engine machine's command line and do:
sudo engine-config -s CustomDeviceProperties=\
'{type=interface;prop={extnet_pg=^[a-zA-Z0-9_ ---]+(:[a-zA-Z0-9_ ---]+|)$}}'
Verify that it was properly added
sudo
Re: [ovirt-users] Optaplanner Problem
- Original Message - From: s k sokratis1...@outlook.com To: users@ovirt.org Sent: Monday, November 17, 2014 1:52:42 PM Subject: [ovirt-users] Optaplanner Problem Hello, I upgraded oVirt to version 3.5.0 today and I also installed Optaplanner in a separate VM. While the installation was successful the Optimizer tab in oVirt Engine doesn't report the correct information. Although there are VMs that are shutdown and the hosts are not balanced in terms of memory usage the Optimized tab reports the following: SOLUTION STATUS Status: Waiting for data... Solution is being refreshed every 30 seconds. Freeze solution VMS THAT SHOULD BE STARTED No VM starts are requested at this moment. MIGRATION / START STEPS No migrations are needed at this moment. The state is stable. TARGET STATE host vm memory [all in GB] used available No information is displayed in TARGET STATE. Hi, it seems that the optimizer is not getting information from the engine DB, or the UI plugin cannot connect the Optimizer. Do you see any meaningful information in the UI? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] noVNC problems after upgrading to 3.5.0
- Original Message - From: Sven Kieske svenkie...@gmail.com To: users@ovirt.org Sent: Saturday, November 15, 2014 9:03:19 PM Subject: Re: [ovirt-users] noVNC problems after upgrading to 3.5.0 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 14.11.2014 23:27, Darrell Budic wrote: That’s what I thought too, but... Firefox tells me “This certificate is already installed as a certificate authority.” though. It looks like the cert for :6100 is the proper one, too. Maybe a firefox change with their new signing rules (i’ve disabled security.use_mozillapkix_verification due to problems with other internal certs)? I tried removing all the old web site certs and still had to add the https://engine:6100 cert to get the noVNC console to connect. also I'm wondering why the certificate should get exchanged during upgrade? is this the normal upgrade path? Does upgrade renew/change any previously installed certificates? I guess this should not happen? No, it's shouldn't and, as far as I know, it doesn't. Darrell, can you please check the certification path of that cert and when it was signed? thanks for any answers in advance Sven -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQGcBAEBAgAGBQJUZ7GHAAoJEAq0kGAWDrqlt8QMAMSy5pw3LE+mYC/kux8DIiQh nbD9xnJj2jZpbg21/wp+aHDGXp99NJl6GGN0ClMnZkPAH1WmCYmxq7zEcqSGnAV7 Nu5+LsmFvyktK+u2INXNi/5Z3NNYCUbGLHOL2d4CprmBOAy/5G+5G4ucBNRmBTIH 8MzLop2sJEtHQ6ZK2VbzpD/5k7K87VwhLSGIXx9R72AEmeuH9p0Q4GNDxhLU99lO 5fMyF63ExECoMGdb/JwSUQ/juZ79K6UnRY63qTdFlMXW7eddf+zetmZrS8eE4lHe HEe+IuMSqqsHovpHn7lCnM27AsQzG6UITqCz9atlO34zlqd2jvaoWhsbYBO0wrUS MKUsMB/abdp/N1Vhs1WigsYkCvv4OoSzabBkrQ+pU9ivzK+zagwi65lqx1nsgfCH UigwWWnb6SWUeGpPu40UYOCAqYWCGCcH3H0kuuGtVsql55Vr++OSHoG9Q9kRYpj3 0d6GfSW9V+6hvhc/jv9C6BAzTY0clNSwiBKBZZyi2w== =VavE -END PGP SIGNATURE- ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] can't create new disk for vm
Hi all, Since I upgraded engine to 3.5, I can't add new disk anymore to existant vms, none than create a new vm with a new disk. Clicking on OK button after the disk definition does nothing. I tried many situations (preallocated or thin provision) or changing of storage domain, but it is the same. Has anybody encountered the same issue? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] can't create new disk for vm
On 17/11/14 13:47, Nathanaël Blanchet wrote: Hi all, Since I upgraded engine to 3.5, I can't add new disk anymore to existant vms, none than create a new vm with a new disk. Clicking on OK button after the disk definition does nothing. I tried many situations (preallocated or thin provision) or changing of storage domain, but it is the same. Has anybody encountered the same issue? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users Yes, it is a bug, 3.5 introduces disk profiles, but a default profile isn't created at upgrade. You must create a default profile by storage domain. Go to Storage, Select a Storage Domain-Disk Profile Tab- New, and create a new profile, i.e. default with QoS unlimited. Now you can create new disk and attach to vm's. Regards Federico ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] can't create new disk for vm
Thanx, it works for now... this leads me to another question : how can I personnalize qos, seems that only unlimlited is possible. Le 17/11/2014 17:58, Federico Alberto Sayd a écrit : On 17/11/14 13:47, Nathanaël Blanchet wrote: Hi all, Since I upgraded engine to 3.5, I can't add new disk anymore to existant vms, none than create a new vm with a new disk. Clicking on OK button after the disk definition does nothing. I tried many situations (preallocated or thin provision) or changing of storage domain, but it is the same. Has anybody encountered the same issue? ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users Yes, it is a bug, 3.5 introduces disk profiles, but a default profile isn't created at upgrade. You must create a default profile by storage domain. Go to Storage, Select a Storage Domain-Disk Profile Tab- New, and create a new profile, i.e. default with QoS unlimited. Now you can create new disk and attach to vm's. Regards Federico ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] ovirt-websocket-proxy uses the wrong IP
- Original Message - From: mots m...@nepu.moe To: users@ovirt.org Sent: Saturday, November 15, 2014 10:24:29 PM Subject: [ovirt-users] ovirt-websocket-proxy uses the wrong IP ovirt-websocket-proxy uses the wrong IP Hello, One of my nodes has two IP addresses, 10.42.0.101 and 10.42.0.103. Ovirt is configured to use 10.42.0.101, yet the ovirt-websocket-proxy service tries to connect to 10.42.0.103, where no VNC server is listening. Is there any way I can configure it to use the correct address? [root@engine ~]# /usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy.py --debug start ovirt-websocket-proxy[1838] DEBUG _daemon:403 daemon entry pid=1838 ovirt-websocket-proxy[1838] DEBUG _daemon:404 background=False ovirt-websocket-proxy[1838] DEBUG loadFile:70 loading config '/usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy.conf' ovirt-websocket-proxy[1838] DEBUG loadFile:70 loading config '/etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf' ovirt-websocket-proxy[1838] DEBUG _daemon:440 I am a daemon 1838 ovirt-websocket-proxy[1838] DEBUG _setLimits:377 Setting rlimits WebSocket server settings: - Listen on *:6100 The WebSocketProxy is listening on all the available IPs, so no problems on that side. - Flash security policy server - SSL/TLS support - Deny non-SSL/TLS connections - proxying from *:6100 to targets in /dummy 1: 10.42.0.1: new handler Process 1: 10.42.0.1: SSL/TLS (wss://) WebSocket connection 1: 10.42.0.1: Version hybi-13, base64: 'True' 1: 10.42.0.1: Path: '/eyJ2YWxpZFRvIjoiMjAxNDExMTUyMTI1MDgiLCJkYXRhIjoiJTdCJTIyaG9zdCUyMjolMjIxMC40Mi4wLjEwMyUyMiwlMjJwb3J0JTIyOiUyMjU5MDElMjIsJTIyc3NsX3RhcmdldCUyMjpmYWxzZSU3RCIsInZhbGlkRnJvbSI6IjIwMTQxMTE1MjEyMzA4Iiwic2lnbmVkRmllbGRzIjoidmFsaWRUbyxkYXRhLHZhbGlkRnJvbSxzYWx0Iiwic2lnbmF0dXJlIjoiajRQUmxwYjBvT0dOZUNPaHZKK01wUTVrVGRMYVA0Sm8zRDIzTGlXRlZYRm4xNU9KN0NZVmw5OTBpNTBUNzlVZkpqUzRlRmZ1SHJhT1c4TlFNbXIwanZXSUpTWCtnL3RYSnc4MWRFS2wrcFVPVHo3MWlmY2dTbXdITmptOUkwTTl6Q0NNR2dvbE1BRzZwMndFbDFySDdSZkhMWnIvOGo4bnpnVGZ0NlhaOTdBcHgyejhkMlo0UjRmdklXemtXMjErMDdsNWw4dXpNVytEM1FmaWdDS1Q3V3VKdlFHNi9SSC9zZWRBWHJXcnFUNXYzTHNuNVl0MWtYb2lGV3ZYOHNUdE5PdGdvQWk3eGN5WUhGaEM1ei9SMjZXNEkrSlJNcDZlVDNxbWVlZnM0eWRSN0NpZWwzZWZvZDB5TU9meGJwMG9EMGlscXVWUWVjK1JxeGxqd21ZVG5BPT0iLCJzYWx0IjoiWGhVQ1dYL2hQU1U9In0=' 1: connecting to: 10.42.0.103:5901 The engine is instructing the WebSocket proxy to connect to the host on the wrong IP address. Are you using an all-in-one setup where the engine, KVM and the websocketproxy are on a single machine? Can you please check how the engine machine resolve the host name? 1: handler exception: [Errno 111] Connection refused 1: Traceback (most recent call last): File /usr/lib/python2.6/site-packages/websockify/websocket.py, line 711, in top_new_client self.new_client() File /usr/lib/python2.6/site-packages/websockify/websocketproxy.py, line 183, in new_client connect=True, use_ssl=self.ssl_target, unix_socket=self.unix_target) File /usr/lib/python2.6/site-packages/websockify/websocket.py, line 188, in socket sock.connect(addrs[0][4]) File string, line 1, in connect error: [Errno 111] Connection refused Regards, mots ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Upgrade to Ovirt 3.5.0 Authentication Fails to IPA
Hello, is using the new structure AAA (Authentication, Authorization and Accouting) of the oVirt 3.5? -- Ao encaminhar esta mensagem, por favor: 1. Apague o meu e-mail e o meu nome. 2. Apague também os endereços dos amigos antes de reenviar 3. Use Cco ou Bcc para enviar mensagens! Dificulte a disseminação de vírus e spam. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Ubuntu/Debian support?
On 11/17/2014 02:41 AM, Itamar Heim wrote: So, a quick non-scientific poll... Motivation: It has been suggested that adding ubuntu or debian distro support could broaden the reach of the oVirt community. To date, there has been some work towards this goal, but it is not coming to a conclusion. Questions that comes to mind: 1) Is this still an issue? 2) Can we afford to dilute the focus we have as it is hard enough to stabilize the currently supported distro's? is it worth the potential impact? 3) Would it have maintainers catering to it so it won't be left behind / delay development? 4) Why bother with host support, ovirt-node can be used? 5) Why bother with engine support, a virtual appliance or a docker image could be used? 6) if we do it, should we focus on Ubuntu or Debian distro first? 7) if we do it, should we focus on host or engine first? Thoughts? Thanks, Itamar ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users I think this is a must. Non-scientifically, Debian/Ubuntu is much more popular on desktops than Fedora. Because of that, it's quickly gaining traction in server roles as well. Developers will resist even trying out oVirt if they can't test it out on their Debian/Ubuntu desktop. I had several people ask me at LISA if oVirt runs on Ubuntu. 4 and 5 are valid points. I have light experience packaging for Debian. I offer my help :) -- Greg Sheremeta Red Hat, Inc. Sr. Software Engineer, RHEV Cell: 919-807-1086 gsher...@redhat.com ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Multiple NICs on hosted engine?
Once upon a time, Darrell Budic bu...@onholyground.com said: Glad it worked. Make sure you add it to the vm.conf file on all your ha hosts, otherwise you’ll drop it if ha-agent restarts it as opposed to a migration. Wasn’t clear if you’d done that or not. Based on some other notes I found via Google, here's what I did (for the archives): - Created the network in the UI - hosted-engine --set-maintenance --mode=global - edited /etc/ovirt-hosted-engine/vm.conf; duplicated the existing network line, changing the MAC, UUID, and network name (changed on all hosted-engine nodes) - hosted-engine --vm-shutdown - hosted-engine --vm-start - hosted-engine --set-maintenance --mode=none That appears to be working correctly. I did then figure out that I probably didn't need it, at least for what I thought: power management. I didn't realize that the engine doesn't talk to the IPMI devices directly, that it instead proxies through a node. -- Chris Adams c...@cmadams.net ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] iptables management
During setup, I allowed the script to change iptables rules. Is this necessary? Also, is it an active management (where oVirt will make changes), or just a one-time thing? I ask because I have some other iptables setup I want (such as limited SSH access), and I don't want to make changes to iptables that oVirt will override later or anything like that. -- Chris Adams c...@cmadams.net ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] iptables management
- Original Message - From: Chris Adams c...@cmadams.net To: users@ovirt.org Sent: Monday, November 17, 2014 8:48:59 PM Subject: [ovirt-users] iptables management During setup, I allowed the script to change iptables rules. Is this necessary? Also, is it an active management (where oVirt will make changes), or just a one-time thing? I ask because I have some other iptables setup I want (such as limited SSH access), and I don't want to make changes to iptables that oVirt will override later or anything like that. I guess you mean engine setup, right? Each time you run engine-setup you will be prompt if you want to override iptables settings. If you choose to override, the current settings will be backed up and you can diff and re-apply your own. If you choose to keep your settings, setup will write the iptables rules into own location and you can diff and apply the changes manually. Alon ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] oVirt Data Center
Hi! I have Installed ovirt 3.5 on CentOS 6.6 following this documentation http://www.ovirt.org/Quick_Start_Guide#Introduction, but I'm having a problem on utilization of the default data center. Why I can't utilize the default data center? Please help. Thanks in advance. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Upgrade to Ovirt 3.5.0 Authentication Fails to IPA
- Original Message - From: Cameron Christensen cameron.christen...@uk2group.com To: users@ovirt.org Sent: Friday, November 14, 2014 5:39:54 PM Subject: [ovirt-users] Upgrade to Ovirt 3.5.0 Authentication Fails to IPA Hello, I upgraded to ovirt 3.5.0 and can no longer authenticate to IPA. Starting up ovrit-engine the extension manager fails to properly load the service that handles Kerberos/LDAP. This is probably a bug, can you please execute the following and paste result: # PGPASSWORD=@PASSWORD@ psql -U engine -d engine -c select * from vdc_options where option_name='LDAPSecurityAuthentication' Replace @PASSWORD@ and probably other parameters based on /etc/ovirt-engine/engine.conf.d/10-setup-database.conf It is probably empty and we should file a bug. If you are interested there is a new ldap provider in 3.5 available in snapshots repository (ovirt-engine-extension-aaa-ldap package), documentation is available here[1], this provider should be simpler and robust as it uses only ldap protocol and is fully customizable. Regards, Alon [1] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] ovirt-websocket-proxy uses the wrong IP
Thank you for your reply. The engine resolves the node's IP correctly. A few details about the setup: It's a two node cluster with shared, internal storage using DRBD. The storage is managed by pacemaker, so that the node which currently serves as iscsi target gets assigned the additional IP. The Engine/websocket-proxy then always connects to the storage IP when it attempts to connect to the node which currently functions as iscsi target. This only happens in oVirt 3.5, and I was able to fix it by going back to 3.4. Regards, mots -Ursprüngliche Nachricht- Von:Simone Tiraboschi stira...@redhat.com mailto:stira...@redhat.com Gesendet: Mon 17 November 2014 18:11 An: Patrick Lottenbach p...@a-bot.ch mailto:p...@a-bot.ch CC: users@ovirt.org mailto:users@ovirt.org Betreff: Re: [ovirt-users] ovirt-websocket-proxy uses the wrong IP - Original Message - From: mots m...@nepu.moe mailto:m...@nepu.moe To: users@ovirt.org mailto:users@ovirt.org Sent: Saturday, November 15, 2014 10:24:29 PM Subject: [ovirt-users] ovirt-websocket-proxy uses the wrong IP ovirt-websocket-proxy uses the wrong IP Hello, One of my nodes has two IP addresses, 10.42.0.101 and 10.42.0.103. Ovirt is configured to use 10.42.0.101, yet the ovirt-websocket-proxy service tries to connect to 10.42.0.103, where no VNC server is listening. Is there any way I can configure it to use the correct address? [root@engine ˜]# /usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy.py --debug start ovirt-websocket-proxy[1838] DEBUG _daemon:403 daemon entry pid=1838 ovirt-websocket-proxy[1838] DEBUG _daemon:404 background=False ovirt-websocket-proxy[1838] DEBUG loadFile:70 loading config '/usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy.conf' ovirt-websocket-proxy[1838] DEBUG loadFile:70 loading config '/etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf' ovirt-websocket-proxy[1838] DEBUG _daemon:440 I am a daemon 1838 ovirt-websocket-proxy[1838] DEBUG _setLimits:377 Setting rlimits WebSocket server settings: - Listen on *:6100 The WebSocketProxy is listening on all the available IPs, so no problems on that side. - Flash security policy server - SSL/TLS support - Deny non-SSL/TLS connections - proxying from *:6100 to targets in /dummy 1: 10.42.0.1: new handler Process 1: 10.42.0.1: SSL/TLS (wss://) WebSocket connection 1: 10.42.0.1: Version hybi-13, base64: 'True' 1: 10.42.0.1: Path: '/eyJ2YWxpZFRvIjoiMjAxNDExMTUyMTI1MDgiLCJkYXRhIjoiJTdCJTIyaG9zdCUyMjolMjIxMC40Mi4wLjEwMyUyMiwlMjJwb3J0JTIyOiUyMjU5MDElMjIsJTIyc3NsX3RhcmdldCUyMjpmYWxzZSU3RCIsInZhbGlkRnJvbSI6IjIwMTQxMTE1MjEyMzA4Iiwic2lnbmVkRmllbGRzIjoidmFsaWRUbyxkYXRhLHZhbGlkRnJvbSxzYWx0Iiwic2lnbmF0dXJlIjoiajRQUmxwYjBvT0dOZUNPaHZKK01wUTVrVGRMYVA0Sm8zRDIzTGlXRlZYRm4xNU9KN0NZVmw5OTBpNTBUNzlVZkpqUzRlRmZ1SHJhT1c4TlFNbXIwanZXSUpTWCtnL3RYSnc4MWRFS2wrcFVPVHo3MWlmY2dTbXdITmptOUkwTTl6Q0NNR2dvbE1BRzZwMndFbDFySDdSZkhMWnIvOGo4bnpnVGZ0NlhaOTdBcHgyejhkMlo0UjRmdklXemtXMjErMDdsNWw4dXpNVytEM1FmaWdDS1Q3V3VKdlFHNi9SSC9zZWRBWHJXcnFUNXYzTHNuNVl0MWtYb2lGV3ZYOHNUdE5PdGdvQWk3eGN5WUhGaEM1ei9SMjZXNEkrSlJNcDZlVDNxbWVlZnM0eWRSN0NpZWwzZWZvZDB5TU9meGJwMG9EMGlscXVWUWVjK1JxeGxqd21ZVG5BPT0iLCJzYWx0IjoiWGhVQ1dYL2hQU1U9In0=' 1: connecting to: 10.42.0.103:5901 The engine is instructing the WebSocket proxy to connect to the host on the wrong IP address. Are you using an all-in-one setup where the engine, KVM and the websocketproxy are on a single machine? Can you please check how the engine machine resolve the host name? 1: handler exception: [Errno 111] Connection refused 1: Traceback (most recent call last): File /usr/lib/python2.6/site-packages/websockify/websocket.py, line 711, in top_new_client self.new_client() File /usr/lib/python2.6/site-packages/websockify/websocketproxy.py, line 183, in new_client connect=True, use_ssl=self.ssl_target, unix_socket=self.unix_target) File /usr/lib/python2.6/site-packages/websockify/websocket.py, line 188, in socket sock.connect(addrs[0][4]) File string, line 1, in connect error: [Errno 111] Connection refused Regards, mots ___ Users mailing list Users@ovirt.org mailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users http://lists.ovirt.org/mailman/listinfo/users signature.asc Description: OpenPGP digital signature ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] ovirt local datacenter/cluster using zfs local storage for storage domain?
Hello all,
I'm exploring using oVirt 3.5 as the management engine for a new cluster I am
building. I don't really need high availability and I have 3 servers with fast
SSDs on local storage I'd like to use, preferably using ZFS to ensure
reliability of the storage.
I set up a brand new CentOS 6.6 minimal install and have been able to get oVirt
up using the all-in-one plugin. I can use local storage (the default EXT4 LVM
filesystem CentOS sets up) to setup a local data center for each of the servers
but have run into issues when I try to provision a ZFS filesystem as a local
storage domain. I'm using ZFS on Linux 0.6.3.
I first had multipath.conf issues, which prevented me from even setting up a
zpool using the local disks. After blacklisting the local disks in
/etc/multipath.conf, I was able to get zfs up and running and create the local
domains, but I get errors when I try to create a storage Domain of type: Data /
Local on Host and point at the ZFS path (/vmstore/isos) (PS: I'm not trying to
create an ISO domain, it's just a directory name isos)
The error message that comes up is Error while executing action New Local
Storage Domain: Storage Domain target is unsupported.
Has anyone tried this before? I am able to set up an NFS export of the ZFS
folder as a Storage Domain (using directions here:
http://virt.guru/2014/02/25/installing-ovirt-with-shared-local-storage/) but if
possible, I'd like to skip the NFS layer if I can and just go directly to the
hardware.
The supervdsm.log shows:
MainProcess|Thread-1734::DEBUG::2014-11-17
15:50:31,350::supervdsmServer::101::SuperVdsm.ServerCallback::(wrapper) call
validateAccess with ('qemu', ('qemu', 'kvm'), u'/vmstore/isos', 5) {}
MainProcess|Thread-1734::DEBUG::2014-11-17
15:50:31,356::supervdsmServer::108::SuperVdsm.ServerCallback::(wrapper) return
validateAccess with None
MainProcess|Thread-1735::DEBUG::2014-11-17
15:50:31,436::supervdsmServer::101::SuperVdsm.ServerCallback::(wrapper) call
validateAccess with ('qemu', ('qemu', 'kvm'), u'/vmstore/isos', 5) {}
MainProcess|Thread-1735::DEBUG::2014-11-17
15:50:31,441::supervdsmServer::108::SuperVdsm.ServerCallback::(wrapper) return
validateAccess with None
MainProcess|Thread-1736::DEBUG::2014-11-17
15:50:31,519::supervdsmServer::101::SuperVdsm.ServerCallback::(wrapper) call
hbaRescan with () {}
MainProcess|Thread-1736::INFO::2014-11-17
15:50:31,520::hba::54::Storage.HBA::(rescan) Rescanning HBAs
MainProcess|Thread-1736::DEBUG::2014-11-17
15:50:31,520::supervdsmServer::108::SuperVdsm.ServerCallback::(wrapper) return
hbaRescan with None
MainProcess|Thread-1736::DEBUG::2014-11-17
15:50:32,100::supervdsmServer::101::SuperVdsm.ServerCallback::(wrapper) call
validateAccess with ('qemu', ('qemu', 'kvm'),
u'/rhev/data-center/mnt/_vmstore_isos', 5) {}
MainProcess|Thread-1736::DEBUG::2014-11-17
15:50:32,105::supervdsmServer::108::SuperVdsm.ServerCallback::(wrapper) return
validateAccess with None
MainProcess|Thread-1744::DEBUG::2014-11-17
15:50:32,278::supervdsmServer::101::SuperVdsm.ServerCallback::(wrapper) call
hbaRescan with () {}
MainProcess|Thread-1744::INFO::2014-11-17
15:50:32,279::hba::54::Storage.HBA::(rescan) Rescanning HBAs
MainProcess|Thread-1744::DEBUG::2014-11-17
15:50:32,279::supervdsmServer::108::SuperVdsm.ServerCallback::(wrapper) return
hbaRescan with None
And the vdsm.log shows:
Thread-1732::DEBUG::2014-11-17
15:50:31,032::task::595::Storage.TaskManager.Task::(_updateState)
Task=`82d29b1b-0c33-4078-887b-476d95f4b1a1`::moving from state init - state
preparing
Thread-1732::INFO::2014-11-17 15:50:31,032::logUtils::44::dispatcher::(wrapper)
Run and protect: repoStats(options=None)
Thread-1732::INFO::2014-11-17 15:50:31,033::logUtils::47::dispatcher::(wrapper)
Run and protect: repoStats, Return response:
{u'158ef830-da69-48b4-95b0-3615d6fb5b00': {'code': 0, 'version': 3, 'acquired':
True, 'delay': '0.000627117', 'lastCheck': '8.2', 'valid': True}}
Thread-1732::DEBUG::2014-11-17
15:50:31,033::task::1191::Storage.TaskManager.Task::(prepare)
Task=`82d29b1b-0c33-4078-887b-476d95f4b1a1`::finished:
{u'158ef830-da69-48b4-95b0-3615d6fb5b00': {'code': 0, 'version': 3, 'acquired':
True, 'delay': '0.000627117', 'lastCheck': '8.2', 'valid': True}}
Thread-1732::DEBUG::2014-11-17
15:50:31,033::task::595::Storage.TaskManager.Task::(_updateState)
Task=`82d29b1b-0c33-4078-887b-476d95f4b1a1`::moving from state preparing -
state finished
Thread-1732::DEBUG::2014-11-17
15:50:31,034::resourceManager::940::Storage.ResourceManager.Owner::(releaseAll)
Owner.releaseAll requests {} resources {}
Thread-1732::DEBUG::2014-11-17
15:50:31,034::resourceManager::977::Storage.ResourceManager.Owner::(cancelAll)
Owner.cancelAll requests {}
Thread-1732::DEBUG::2014-11-17
15:50:31,034::task::993::Storage.TaskManager.Task::(_decref)
Task=`82d29b1b-0c33-4078-887b-476d95f4b1a1`::ref 0 aborting False
Thread-1732::DEBUG::2014-11-17
Re: [ovirt-users] iptables management
Once upon a time, Alon Bar-Lev alo...@redhat.com said: I guess you mean engine setup, right? Yes, that and hosted-engine --deploy. Each time you run engine-setup you will be prompt if you want to override iptables settings. If you choose to override, the current settings will be backed up and you can diff and re-apply your own. If you choose to keep your settings, setup will write the iptables rules into own location and you can diff and apply the changes manually. Okay, so that's the only time iptables are changed? That makes sense, and I can work with that. Thanks. -- Chris Adams c...@cmadams.net ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Upgrade to Ovirt 3.5.0 Authentication Fails to IPA
On Mon, 2014-11-17 at 14:39 -0500, Alon Bar-Lev wrote: - Original Message - From: Cameron Christensen cameron.christen...@uk2group.com To: users@ovirt.org Sent: Friday, November 14, 2014 5:39:54 PM Subject: [ovirt-users] Upgrade to Ovirt 3.5.0 Authentication Fails to IPA Hello, I upgraded to ovirt 3.5.0 and can no longer authenticate to IPA. Starting up ovrit-engine the extension manager fails to properly load the service that handles Kerberos/LDAP. This is probably a bug, can you please execute the following and paste result: # PGPASSWORD=@PASSWORD@ psql -U engine -d engine -c select * from vdc_options where option_name='LDAPSecurityAuthentication' option_id |option_name | option_value| version ---++---+- 165 | LDAPSecurityAuthentication | example.org:GSSAPI | general I replaced my domain name with 'example.org' Cameron signature.asc Description: This is a digitally signed message part ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Upgrade to Ovirt 3.5.0 Authentication Fails to IPA
- Original Message - From: Cameron Christensen cameron.christen...@uk2group.com To: Alon Bar-Lev alo...@redhat.com Cc: users@ovirt.org Sent: Monday, November 17, 2014 11:43:34 PM Subject: Re: [ovirt-users] Upgrade to Ovirt 3.5.0 Authentication Fails to IPA On Mon, 2014-11-17 at 14:39 -0500, Alon Bar-Lev wrote: - Original Message - From: Cameron Christensen cameron.christen...@uk2group.com To: users@ovirt.org Sent: Friday, November 14, 2014 5:39:54 PM Subject: [ovirt-users] Upgrade to Ovirt 3.5.0 Authentication Fails to IPA Hello, I upgraded to ovirt 3.5.0 and can no longer authenticate to IPA. Starting up ovrit-engine the extension manager fails to properly load the service that handles Kerberos/LDAP. This is probably a bug, can you please execute the following and paste result: # PGPASSWORD=@PASSWORD@ psql -U engine -d engine -c select * from vdc_options where option_name='LDAPSecurityAuthentication' option_id |option_name | option_value| version ---++---+- 165 | LDAPSecurityAuthentication | example.org:GSSAPI | general I replaced my domain name with 'example.org' I thought it will be empty... and it contains valid value. Yair? Any I truly suggest you try out the new provider... Much easier to resolve any issue, current and future, including easier to debug. Alon ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Non-Operational state because management interfaces down
Hi Lior, If I'm not mistaken, on Luf's topology, there is no switch on the management bond (bond0) - just a cross or regular eth cable connecting physical interfaces on both nodes. So when one node is powered down, there is no link detected on the other node. Regards, On Mon, Nov 17, 2014 at 12:02 PM, Lior Vernia lver...@redhat.com wrote: Hi Luf, Apologies, I probably don't understand the details of your L2 toplogy; how come when you turn off one host it affects the link state of of the other one's interfaces?... Yours, Lior. On 14/11/14 11:43, Finstrle, Ludek wrote: Hi, I have 2-node ovirt cluster. Both machines has 4 interfaces. 2 interfaces in bond1 for data 2 interfaces in bond0 for management (short connected directly between servers) switch0 -\ /-\ /- switch0 node1 node2 switch1 -/ \-/ \- switch1 I setup everything as I want/expect but I hit one problem and I don't know how to fix it. The problem is when I switch off one of the machines for maintenance (node01.ovirt in this case). I get in ovirt engine this message: Host node02.ovirt moved to Non-Operational state because interfaces which are down are needed by required networks in the current cluster: 'bond0 (ovirtmgmt)'. Do you have any idea how to avoid it? I can't change physical architecture as I don't have 10Gb switch. BTW it's the same as if I want to start with only 1 node and separated data and mgmt networks: switch - host --(not connected iface for mgmt as I don't need it) Thanks, Luf NOTICE: This email and any attachments may contain confidential and proprietary information of NetSuite Inc. and is for the sole use of the intended recipient for the stated purpose. Any improper use or distribution is prohibited. If you are not the intended recipient, please notify the sender; do not review, copy or distribute; and promptly delete or destroy all transmitted information. Please note that all communications and information transmitted through this email system may be monitored and retained by NetSuite or its agents and that all incoming email is automatically scanned by a third party spam and filtering service which may result in deletion of a legitimate e-mail before it is read by the intended recipient. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users -- Ekin Meroğlu *Red Hat Certified Datacenter Specialist* *linuxera* Özgür Yazılım Çözüm ve Hizmetleri *T* +90 (850) 22 LINUX *GSM* +90 (532) 137 77 04 ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Fake power management?
Well you can hack the solution in the form of replacing the fencing master script to always return success (Eli can help you with that), and define an imaginary fencing device on each host ... meaning that the fencing command will always succeeds. But this may be risky ... as you might end up with the same VM running on 2 hosts. And one last note ... when you disconnect one of the hosts in the demo you mentioned, I think you'll be better to disconnect the host that does not run the engine ... Barak - Original Message - From: mots m...@nepu.moe To: Barak Azulay bazu...@redhat.com Cc: users@ovirt.org Sent: Monday, November 17, 2014 12:58:20 PM Subject: AW: [ovirt-users] Fake power management? Yes, pacemaker manages the engine. That part is working fine, the engine restarts on the remaining node without problems. It's just that the guests don't come back up until the powered down node has been fenced manually. -Ursprüngliche Nachricht- Von:Barak Azulay bazu...@redhat.com mailto:bazu...@redhat.com Gesendet: Mon 17 November 2014 11:35 An: Patrick Lottenbach p...@a-bot.ch mailto:p...@a-bot.ch CC: users@ovirt.org mailto:users@ovirt.org Betreff: Re: [ovirt-users] Fake power management? - Original Message - From: mots m...@nepu.moe mailto:m...@nepu.moe To: users@ovirt.org mailto:users@ovirt.org Sent: Friday, November 14, 2014 4:54:08 PM Subject: [ovirt-users] Fake power management? Fake power management? Hello, I'm building a small demonstration system for our sales team to take to a customer so that they can show them our solutions. Hardware: Two Intel NUC's, a 4 port switch and a laptop. Engine: Runs as a VM on one of the NUCs, which one it runs on is determined by pacemaker. Storage: Also managed by pacemaker, it's drbd backed and accessed with iscsi. oVirt version: 3.5 OS: CentOS 6.6 The idea is to have our sales representative (or the potential customer himself) randomly pull the plug on one of the NUCs to show that the system stays operational when part of the hardware fails. I assume you are aware that the engine might fence the node it is running on ... Or do you use pacemaker to run the engine as well ? My problem is that I don't have any way to implement power management, so the Engine can't fence nodes and won't restart guests that were running on the node which lost power. In pacemaker I can just configure fencing over SSH or even disable the requirement to do so completely. Is there something similar for oVirt, so that the Engine will consider a node which it can't connect to to be powered down? Regards, mots ___ Users mailing list Users@ovirt.org mailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Balloon driver unavailable
I also recently started getting these errors. They started when I upgraded from 3.4.0 to 3.4.2. The error appears on certain VMs (but not all) consistently every 15 minutes. It doesn't matter if the Memory Balloon Device Enabled checkbox checked or unchecked. I got the message to stop appearing by changing the value of Physical Memory Guaranteed to match the VMs configured memory. From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of John Gardeniers Sent: November-16-14 10:13 PM To: users@ovirt.org Subject: Re: [ovirt-users] Balloon driver unavailable Just an FYI. In my case the balloon driver was installed and it was running. The problem was eventually resolved by uninstalling the entire agent suite, rebooting and reinstalling it. Doing the same just for the balloon driver didn't work. regards, John On 13/11/14 07:35, John Gardeniers wrote: I'm seeing it for a VM that most definitely does have the balloon driver installed. Care to take another guess? regards, John On 12/11/14 20:04, Amedeo Salvati wrote: you receive this error because on your cluster configurations you have checked Enable Memory Balloon Optimization, and on some of your VMs there aren't balloon driver available; if you don't want anymore this warning messages you can uncheck this under Clusters - (select your cluster) edit - Optimization - uncheck Enable Memory Balloon Optimization Best Regards Amedeo Salvati Date: Wed, 12 Nov 2014 07:59:33 + From: Karli Sj?berg karli.sjob...@slu.semailto:karli.sjob...@slu.se To: tdeme...@itsmart.humailto:tdeme...@itsmart.hu tdeme...@itsmart.humailto:tdeme...@itsmart.hu Cc: users@ovirt.orgmailto:users@ovirt.org users@ovirt.orgmailto:users@ovirt.org Subject: Re: [ovirt-users] Balloon driver unavailable Message-ID: 5F9E965F5A80BC468BE5F40576769F099DF97243@exchange2-1 Content-Type: text/plain; charset=utf-8 On Wed, 2014-11-12 at 08:35 +0100, Demeter Tibor wrote: Hi, I have a lot of centos 6 based vms and I have install ovirt guest agent for those vms. But two vm always say The balloon driver on xxxvm on hostX is requested but unavailable I did check the virtio_balloon module are loaded on vms. Anybody can me help? Thanks in advance Tibor I see that too, but only on Windows 2008 R2 guests... No one else ever said anything about it, so I thought it was just me:) __ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com __ ___ Users mailing list Users@ovirt.orgmailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users __ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com __ ___ Users mailing list Users@ovirt.orgmailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Fake power management?
-Ursprüngliche Nachricht- Von:Barak Azulay bazu...@redhat.com mailto:bazu...@redhat.com Gesendet: Mon 17 November 2014 23:30 An: Patrick Lottenbach p...@a-bot.ch mailto:p...@a-bot.ch CC: users@ovirt.org mailto:users@ovirt.org Betreff: Re: AW: [ovirt-users] Fake power management? Well you can hack the solution in the form of replacing the fencing master script to always return success (Eli can help you with that), and define an imaginary fencing device on each host ... meaning that the fencing command will always succeeds. This sounds interesting. It's exactly what I need. But this may be risky ... as you might end up with the same VM running on 2 hosts. As I see it, this would only happen if someone unplugs the network interface. I know this is a way to break the cluster. If someone unplugs the interface, then everything gets started twice anyways thanks to pacemaker being configured to ignore the lack of quorum and it would look silly in front of the customer. And one last note ... when you disconnect one of the hosts in the demo you mentioned, I think you'll be better to disconnect the host that does not run the engine ... It just gets restarted on the remaining node and resumes operation. It even remembers which guests ran on which host. That part is really safe. The storage is configured to only report data as written when the write operation has finished on all (currently online) nodes, disk write caches are turned off in lvm.conf. PostreSQL is resilient enough to survive a crash like this. Or am I missing something that might break? Barak mots - Original Message - From: mots m...@nepu.moe mailto:m...@nepu.moe To: Barak Azulay bazu...@redhat.com mailto:bazu...@redhat.com Cc: users@ovirt.org mailto:users@ovirt.org Sent: Monday, November 17, 2014 12:58:20 PM Subject: AW: [ovirt-users] Fake power management? Yes, pacemaker manages the engine. That part is working fine, the engine restarts on the remaining node without problems. It's just that the guests don't come back up until the powered down node has been fenced manually. -Ursprüngliche Nachricht- Von:Barak Azulay bazu...@redhat.com mailto:bazu...@redhat.com mailto:bazu...@redhat.com mailto:bazu...@redhat.com Gesendet: Mon 17 November 2014 11:35 An: Patrick Lottenbach p...@a-bot.ch mailto:p...@a-bot.ch mailto:p...@a-bot.ch mailto:p...@a-bot.ch CC: users@ovirt.org mailto:users@ovirt.org mailto:users@ovirt.org mailto:users@ovirt.org Betreff: Re: [ovirt-users] Fake power management? - Original Message - From: mots m...@nepu.moe mailto:m...@nepu.moe mailto:m...@nepu.moe mailto:m...@nepu.moe To: users@ovirt.org mailto:users@ovirt.org mailto:users@ovirt.org mailto:users@ovirt.org Sent: Friday, November 14, 2014 4:54:08 PM Subject: [ovirt-users] Fake power management? Fake power management? Hello, I'm building a small demonstration system for our sales team to take to a customer so that they can show them our solutions. Hardware: Two Intel NUC's, a 4 port switch and a laptop. Engine: Runs as a VM on one of the NUCs, which one it runs on is determined by pacemaker. Storage: Also managed by pacemaker, it's drbd backed and accessed with iscsi. oVirt version: 3.5 OS: CentOS 6.6 The idea is to have our sales representative (or the potential customer himself) randomly pull the plug on one of the NUCs to show that the system stays operational when part of the hardware fails. I assume you are aware that the engine might fence the node it is running on ... Or do you use pacemaker to run the engine as well ? My problem is that I don't have any way to implement power management, so the Engine can't fence nodes and won't restart guests that were running on the node which lost power. In pacemaker I can just configure fencing over SSH or even disable the requirement to do so completely. Is there something similar for oVirt, so that the Engine will consider a node which it can't connect to to be powered down? Regards, mots ___ Users mailing list Users@ovirt.org mailto:Users@ovirt.org mailto:Users@ovirt.org mailto:Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users http://lists.ovirt.org/mailman/listinfo/users target=_blankhttp://lists.ovirt.org/mailman/listinfo/users http://lists.ovirt.org/mailman/listinfo/users ; signature.asc Description: OpenPGP digital signature ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] iptables management
- Original Message - From: Alon Bar-Lev alo...@redhat.com To: Chris Adams c...@cmadams.net Cc: users@ovirt.org Sent: Monday, November 17, 2014 8:53:25 PM Subject: Re: [ovirt-users] iptables management - Original Message - From: Chris Adams c...@cmadams.net To: users@ovirt.org Sent: Monday, November 17, 2014 8:48:59 PM Subject: [ovirt-users] iptables management During setup, I allowed the script to change iptables rules. Is this necessary? Also, is it an active management (where oVirt will make changes), or just a one-time thing? Just to clarify - it's a one-time, per run of engine-setup as Alon explained. The engine does not touch iptables of its machine. I ask because I have some other iptables setup I want (such as limited SSH access), and I don't want to make changes to iptables that oVirt will override later or anything like that. I guess you mean engine setup, right? Each time you run engine-setup you will be prompt if you want to override iptables settings. If you choose to override, the current settings will be backed up and you can diff and re-apply your own. And since recently (will be in 3.6 when it's out) we also try to notify when manual changes were made to iptables since previous engine-setup, see [1]. [1] http://gerrit.ovirt.org/33085 If you choose to keep your settings, setup will write the iptables rules into own location and you can diff and apply the changes manually. And also show details on the console in the end of engine-setup. -- Didi ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] iptables management
- Original Message - From: Chris Adams c...@cmadams.net To: users@ovirt.org Sent: Monday, November 17, 2014 11:22:42 PM Subject: Re: [ovirt-users] iptables management Once upon a time, Alon Bar-Lev alo...@redhat.com said: I guess you mean engine setup, right? Yes, that and hosted-engine --deploy. hosted-engine --deploy does not touch iptables of the engine VM. engine-setup inside that VM does that. hosted-engine --deploy does two other things: 1. It changes iptables to let you access the engine VM console (spice/vnc) 2. Later, when it adds itself as a host to the engine, it tells the engine to configure iptables for itself as a host (just as is the default when adding hosts through the gui). We have an open bug [1] to make that configurable. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1080823 Each time you run engine-setup you will be prompt if you want to override iptables settings. If you choose to override, the current settings will be backed up and you can diff and re-apply your own. If you choose to keep your settings, setup will write the iptables rules into own location and you can diff and apply the changes manually. Okay, so that's the only time iptables are changed? That makes sense, and I can work with that. Thanks. -- Chris Adams c...@cmadams.net ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users -- Didi ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
