Re: [Openstack] [essex vlan]cannot ping vm on other compute node

thank you for your help i guess you point a way to figure out whether the switcher is working correctly or not after i add a vlan 5 to eth1 and an ip addr to it, the switcher works fine, ping get reply so the switch trunk port seems no problem but br105 got a 10.0.12.{4,6}/24 as well, and also v

Re: [Openstack] [essex vlan]cannot ping vm on other compute node

inline On Tue, Feb 26, 2013 at 10:51 PM, Ajiva Fan wrote: > greeting, stackers > > i deploy essex with flatdhcp, it works for a long time, but currently > i want to use vlan network, so i deploy a new environment everything > is same as the previous one, just use vlan network. > > here is the pr

Re: [Openstack] [essex vlan]cannot ping vm on other compute node

On Tue, Feb 26, 2013 at 11:02 PM, Aaron Rosen wrote: > inline > > On Tue, Feb 26, 2013 at 10:51 PM, Ajiva Fan wrote: > >> greeting, stackers >> >> i deploy essex with flatdhcp, it works for a long time, but currently >> i want to use vlan network, so i deploy a new environment everything >> is s

[Openstack] [essex vlan]cannot ping vm on other compute node

greeting, stackers i deploy essex with flatdhcp, it works for a long time, but currently i want to use vlan network, so i deploy a new environment everything is same as the previous one, just use vlan network. here is the probelm: i cannot ping vm on other compute node control node (all-in-one)

[Openstack] iptables performance issue

Hi all, Currently, openstack heavily uses iptables in network setup(firewall, NAT, etc.), which may trigger performance issue on some situations. For example, I have ever found packet dropping in host for several times, due to connection tracking triggered by NAT. By now, I have to find some stu

Re: [Openstack] AggregateInstanceExtraSpecs very slow?

On 27 February 2013 10:28, Sam Morrison wrote: > Thanks Chris, this helps a lot. I've updated the bug report for anyone > else following along. > This https://bugs.launchpad.net/nova/+bug/1133495 for any other lurkers too lazy to search. -- Cheers, ~Blairo _

Re: [Openstack] [Quantum] Error: Network list can not be retrieved.

Hi Guilerme, I do have them separated. However, I believe it can be easily tuned in your setting. You can bind 3 different ip addresses in 1 NIC. Sincerely, Hsiao On Wed, Feb 27, 2013 at 7:15 AM, Guilherme Russi wrote: > Do you have a physical machine to host the controller node and another to

Re: [Openstack] AggregateInstanceExtraSpecs very slow?

Thanks Chris, this helps a lot. I've updated the bug report for anyone else following along. Sam On 27/02/2013, at 5:45 AM, Chris Behrens wrote: > > I am not understanding why there are secondary joins defined in the models. > I suspect this might break other things, but maybe you can test

Re: [Openstack] Grizzly-3 Keystone Domain Create Error

And this time with the screen data that was not sent previously: REST POST data: Method: POST URL: http://15.253.59.37:35357/v3/domains Header1: X-Auth-Token: 012345SECRET99TOKEN012345 Header2: Content-Type: application/json Body: { "domain": {"descr

[Openstack] Grizzly-3 Keystone Domain Create Error

Hello, Now that I have a MySQL keystone database (> keystone-manage --config-file /etc/keystone/keystone.conf db_sync), I was able to create my first domain. At first I thought it did not get created because of the error seen below in the screen shot, however when I checked the database, the n

Re: [Openstack] Nova network problem on rhel6.4 and folsom

Odd, I couldn't say. Is there vm working? Perhaps it doesn't matter. It is a bit odd that you have two overlapping ips on br100. If something is broken, that could potentially be causing issues. Vish On Feb 26, 2013, at 2:33 PM, mohammad kashif wrote: > Hi Vish > Thanks for looking into it.

Re: [Openstack] Nova network problem on rhel6.4 and folsom

Hi Vish Thanks for looking into it. For the simplicity, I have disabled second compute node for time being. I am checking it as single node installation. Like one VM is running on controller node aad411aa-dc50-4fad-ab2f-8fd283ed94e8 | | ACTIVE | private=192.168.9.34 brctl show br100 bridge

Re: [Openstack] [OSSA-2013-006] VNC proxy can connect to the wrong VM (CVE-2013-0335)

On 02/26/13 12:34, Russell Bryant wrote: > OpenStack Security Advisory: 2013-006 > CVE: CVE-2013-0335 > Date: February 26, 2013 > Title: VNC proxy can connect to the wrong VM > Reporter: Loganathan Parthipan (HP), Rohit Karajgi (NTT Data) > Products: Nova > Affects: All versions > > Description: >

Re: [Openstack] [Quantum] Error: Network list can not be retrieved.

Hi Guilherme, If you follow the instruction by http://docs.openstack.org/folsom/basic-install/content/basic-install_network.html then you will find that the EXT_GW_IP in https://github.com/EmilienM/openstack-folsom-guide/raw/master/scripts/quantum-networking.sh is just the original public ip o

Re: [Openstack] keystone-manage db_sync ERROR

Possibly solved: I found references to sqlite in the config.py file: # sql register_str('connection', group='sql', default='sqlite:///keystone.db') register_int('idle_timeout', group='sql', default=200) and thought that perhaps the "keystone-manage db_sync" command was defaulting to some other

Re: [Openstack] keystone-manage db_sync ERROR

Meant to reply on-list. -Dolph On Tue, Feb 26, 2013 at 2:39 PM, Dolph Mathews wrote: > Thanks for the feedback; cc'ing Adam Young. I raised a bug to track the > issue: https://bugs.launchpad.net/keystone/+bug/1133608 > > > -Dolph > > > On Tue, Feb 26, 2013 at 2:24 PM, Miller, Mark M (EB SW Cloud

Re: [Openstack] PAM authentication for Folsom Keystone

Matt at this point I am just trying to log into keystone using users I created on the Unix system. On Tue, Feb 26, 2013 at 1:27 PM, Matt Joyce wrote: > Oops misunderstood. > > Was thinking PAM -> Keystone. > > Sorry > > > On Tue, Feb 26, 2013 at 12:25 PM, Matt Joyce > wrote: > >> I did it. Wo

Re: [Openstack] PAM authentication for Folsom Keystone

I did it. Works fine. But SSH won't work without an NSS service. SSH clients perform a getpwnam() before passing auth creds to PAM. I'll ask if I can publish my code. On Tue, Feb 26, 2013 at 12:15 PM, Joshua wrote: > I am trying to integrate Folsom Keystone PAM authentication. I was > wonder

Re: [Openstack] PAM authentication for Folsom Keystone

Oops misunderstood. Was thinking PAM -> Keystone. Sorry On Tue, Feb 26, 2013 at 12:25 PM, Matt Joyce wrote: > I did it. Works fine. > > But SSH won't work without an NSS service. > > SSH clients perform a getpwnam() before passing auth creds to PAM. > > I'll ask if I can publish my code. > >

[Openstack] keystone-manage db_sync ERROR

Hello, I have trying to install Keystone Grizzly-3 and cannot get past the following error. The "keystone-manage db_sync" command is generating the following error. I have tried deleting and re-creating the MySQL database (connection = mysql://keystonedbadmin:password@15.253.59.37/keystone) but

[Openstack] PAM authentication for Folsom Keystone

I am trying to integrate Folsom Keystone PAM authentication. I was wondering if anyone has been successfully in getting basic PAM auth working? I am trying to do KEYSTONE -> PAM -> LDAP eventually. Any help with the PAM Auth would be greatly appreciated. __

Re: [Openstack] [swift] some code understanding

This topic might be better posted on openstack-dev Vish On Feb 26, 2013, at 11:24 AM, Kun Huang wrote: > Hi swift developer, > > I'm confused about implementation of ring structure. > > in the RingBuilder, line 671 ~ 681 > > > for part, replace_replicas in reassign_parts: > > >

Re: [Openstack] Regarding Role Management

I'm not work in keystone, but I have build swift&keystone successfully. The two sample conf could help your understanding https://github.com/openstack/keystone/blob/master/etc/policy.json https://github.com/openstack/keystone/blob/master/tools/sample_data.sh inside the script, swift service and swi

Re: [Openstack] Regarding Role Management

Sorry what I meant to say is that there is only example parameters to configure roles against compute/network/volume permissions. There are no examples of parameters for specifying object-storage based permissions. Can someone point me in the right direction? Zach On 26/02/2013 19:34, Kun Hua

Re: [Openstack] Regarding Role Management

That policy.json is about keystone/keystone-client project On Wed, Feb 27, 2013 at 3:21 AM, Zach Antonas wrote: > Hi Kevin, > > Is there any Swift documentation for this? I can't find any example > policy.json parameters for Swift. > > Thanks, > Zach > > > On 26/02/2013 18:43, Kevin Stevens wr

Re: [Openstack] Regarding Role Management

Hi Kevin, Is there any Swift documentation for this? I can't find any example policy.json parameters for Swift. Thanks, Zach On 26/02/2013 18:43, Kevin Stevens wrote: Hello, Please have a look here for documentation on customizing roles in policy.json: http://docs.openstack.org/trunk/opens

Re: [Openstack] Nova network problem on rhel6.4 and folsom

On Feb 26, 2013, at 10:11 AM, mohammad kashif wrote: > Hi > I am installing openstack folsom on rhel6.4 with multi_host nova network. I > have a working setup with ubuntu 12.04 and Essex and I am using almost same > network setup with rhel with folsom. I don't understand that what is going

Re: [Openstack] AggregateInstanceExtraSpecs very slow?

I am not understanding why there are secondary joins defined in the models. I suspect this might break other things, but maybe you can test that this at least makes the scheduling faster: http://paste.openstack.org/show/32534/ That seems to generate a much more acceptable query. - Chris On

Re: [Openstack] Regarding Role Management

Hello, Please have a look here for documentation on customizing roles in policy.json: http://docs.openstack.org/trunk/openstack-compute/install/yum/content/keystone-concepts.html Thanks, Kevin S From: Aru s mailto:arumo...@gmail.com>> Date: Tuesday, February 26, 2013 6:14 AM To: "openstack@list

[Openstack] [OSSA-2013-006] VNC proxy can connect to the wrong VM (CVE-2013-0335)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenStack Security Advisory: 2013-006 CVE: CVE-2013-0335 Date: February 26, 2013 Title: VNC proxy can connect to the wrong VM Reporter: Loganathan Parthipan (HP), Rohit Karajgi (NTT Data) Products: Nova Affects: All versions Description: Loganathan Pa

[Openstack] Nova network problem on rhel6.4 and folsom

Hi I am installing openstack folsom on rhel6.4 with multi_host nova network. I have a working setup with ubuntu 12.04 and Essex and I am using almost same network setup with rhel with folsom. I don't understand that what is going wrong with rhel. I have two machines with everything including no

Re: [Openstack] [Quantum] Error: Network list can not be retrieved.

Hi Guilherme, I recently also encountered similar issue. I ended up finding that I wrongly setup the EXT_GW_IP (ip of br-ex) in the network node. Furthermore, I only restarted the quantum processes, but not the openvswitch-switch after I fixed the script that I modified from the official site. I

Re: [Openstack] Regarding Role Management

Hi, Any one please help. I am struggling to understand to customize policy.json file. Regards Arumon On Mon, Feb 25, 2013 at 3:56 PM, Aru s wrote: > Hi, > > I am trying to understand the roles (default available) and its > privillages. Not able to find any document on this. > Also looking for

Re: [Openstack] VM creation failure

Hello, Apparently the problem was that, following a tutorial, I created a network in multi-host mode but in my case nova-network is only running in the controller node. Regards, Javi On 26/02/13 11:44, Unmesh Gurjar wrote: Javier, The stack trace you provided indicates that the allocate n

Re: [Openstack] VM creation failure

Javier, The stack trace you provided indicates that the allocate network call from Compute (to nova-network) timed out. I would suggest checking the nova-network logs, that might give some insight. Also, IMO, the create instance request is being served by Compute means the RabbitMQ is working. You

[Openstack] [Keystone] keystone-manage error

Hi Stackers- I get this error, when I run ' keystone-manage' command. root@NewFolsomController:~# keystone-manage --help Traceback (most recent call last): File "/usr/bin/keystone-manage", line 17, in from keystone import cli ImportError: cannot import name cli Kindly help me resolve the

Re: [Openstack] VM creation failure

Hello JuanFra, How can I check that? I have rabbitmq-server running on the controller node and I have set rabbit_host property in the .conf files. Also, if I restart nova-compute service, I get the following message: 2013-02-26 09:43:52 INFO nova.rpc.common [-] Connected to AMQP server on 17

Re: [Openstack] [Quantum] Metadata service route from a VM

Hi Dan, Thanks for your clear answer. I do confirm, the 169.254.0.0/16 route was working with my nova-network setup (FlatDHCP). When mentioning Grizzly pushing a route to VMs, I guess it would be possible to backport it to Folsom. Do you have any idea on which changes to do for that feature

Re: [Openstack] Announcing "superglance" (convenience wrapper for glanceclient)

Thanks a lot Richard,will try this out :) Razique Mahroua - Nuage & Corazique.mahr...@gmail.comTel : +33 9 72 37 94 15 Le 26 févr. 2013 à 01:50, Richard Goodwin a écrit : Most of you are probably already pretty familiar with Major Hayden's "supernova" utility