Re: SSL authentication failure

2018-04-02 Thread Swastik Mittal 
Hey Rohit,

I set my ca.plugin.root.auth.strictness to false and restarted all the
services and one way ssl works fine. But how do I solve the bug in case I
need to enable two way ssl.

regards
Swastik

On Tue, Apr 3, 2018 at 9:21 AM, Swastik Mittal 
wrote:

> Hey Rohit
>
> I was installing a fresh enviroment. Added the host through command
> cloudstack-setup-agent, here it mentions everything done correctly but
> the host doesn't get added. (KVM host)
>
> Agent log file gives:
>
> 2018-04-03 09:12:14,584 INFO  [cloud.agent.Agent] (main:null) (logid:)
> Connecting to host:localhost
> 2018-04-03 09:12:14,584 INFO  [utils.nio.NioClient] (main:null)
> (logid:) Connecting to localhost:8250
> 2018-04-03 09:12:14,585 INFO  [utils.nio.Link] (main:null) (logid:)
> Conf file found: /etc/cloudstack/agent/agent.properties
> 2018-04-03 09:12:14,585 WARN  [utils.nio.Link] (main:null) (logid:)
> Failed to load keystore, using trust all manager
> 2018-04-03 09:12:14,589 ERROR [utils.nio.Link] (main:null) (logid:)
> SSL error caught during unwrap data: Unrecognized SSL message,
> plaintext connection?, for local address=/127.0.0.1:39863, remote
> address=localhost/127.0.0.1:8250. The client may have invalid
> ca-certificates.
> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioClient] (main:null)
> (logid:) SSL Handshake failed while connecting to host: localhost
> port: 8250
> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioConnection] (main:null)
> (logid:) Unable to initialize the threads.
> java.io.IOException: SSL Handshake failed while connecting to host:
> localhost port: 8250
> at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
> at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
> at com.cloud.agent.Agent.start(Agent.java:263)
> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410)
> at com.cloud.agent.AgentShell.launchAgentFromClassInfo(
> AgentShell.java:378)
> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362)
> at com.cloud.agent.AgentShell.start(AgentShell.java:467)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.apache.commons.daemon.support.DaemonLoader.start(
> DaemonLoader.java:243)
> 2018-04-03 09:12:14,590 INFO  [utils.exception.CSExceptionErrorCode]
> (main:null) (logid:) Could not find exception:
> com.cloud.utils.exception.NioConnectionException in error code list
> for exceptions
> 2018-04-03 09:12:14,590 WARN  [cloud.agent.Agent] (main:null) (logid:)
> NIO Connection Exception
> com.cloud.utils.exception.NioConnectionException: SSL Handshake failed
> while connecting to host: localhost port: 8250
> 2018-04-03 09:12:14,590 INFO  [cloud.agent.Agent] (main:null) (logid:)
> Attempted to connect to the server, but received an unexpected
> exception, trying again...
>
> While connecting through UI it gives authentication error.
>
> I also set ssh and sshd ports to 8250 and was able to ssh into
> management from host through it but still getting the same error while
> adding it in cloudstack. Management generates a key(.pem) file in the
> UI, do we need to add that file in the host settings for connection?
>
> Also my ca.plugin.root.auth.strictness settings was set to true. On
> setting it to false gives the same.
>
> Regards
> Swastik
>
> On 4/2/18, Rohit Yadav  wrote:
> > Swastik,
> >
> > Did you try to upgrade the env or installed a fresh env? How did you add
> the
> > host? Was it a kvm host or something else? Instead of localhost, can you
> use
> > an IP for the mgmt server? Also check and share your ca auth strictness
> > global setting. Setting that to false will enforce legacy behavior.
> >
> > Regards.
> >
> > Get Outlook for Android
> >
> >
> >
> > From: Swastik Mittal
> > Sent: Monday, 2 April, 4:58 PM
> > Subject: SSL authentication failure
> > To: users@cloudstack.apache.org
> >
> >
> > Hey, I was using cloudstack version 4.6 earlier and was able to
> > configure/add host to my datacenter. On installing version 4.11 on
> setting
> > up host, host is unable to connect to management on port 8250 because
> > management immediately closes the connection and does not allow
> connection
> > on that port. (Getting this error in agent log) The management server log
> > gives, SSL error caught during wrap data: null cert chain, for local
> > address=/127.0.0.1:8250, remote address=/127.0.0.1:46029. I was also not
> > able to ssh into management on port 8250 even though setting SSHD to all
> in
> > hosts.allow. I also tried allowing policies on port 8250 through ufw
> command
> > but it din't work. How do I update policies in 4.11? Any help?

Re: SSL authentication failure

2018-04-02 Thread Swastik Mittal 
Hey Rohit

I was installing a fresh enviroment. Added the host through command
cloudstack-setup-agent, here it mentions everything done correctly but
the host doesn't get added. (KVM host)

Agent log file gives:

2018-04-03 09:12:14,584 INFO  [cloud.agent.Agent] (main:null) (logid:)
Connecting to host:localhost
2018-04-03 09:12:14,584 INFO  [utils.nio.NioClient] (main:null)
(logid:) Connecting to localhost:8250
2018-04-03 09:12:14,585 INFO  [utils.nio.Link] (main:null) (logid:)
Conf file found: /etc/cloudstack/agent/agent.properties
2018-04-03 09:12:14,585 WARN  [utils.nio.Link] (main:null) (logid:)
Failed to load keystore, using trust all manager
2018-04-03 09:12:14,589 ERROR [utils.nio.Link] (main:null) (logid:)
SSL error caught during unwrap data: Unrecognized SSL message,
plaintext connection?, for local address=/127.0.0.1:39863, remote
address=localhost/127.0.0.1:8250. The client may have invalid
ca-certificates.
2018-04-03 09:12:14,589 ERROR [utils.nio.NioClient] (main:null)
(logid:) SSL Handshake failed while connecting to host: localhost
port: 8250
2018-04-03 09:12:14,589 ERROR [utils.nio.NioConnection] (main:null)
(logid:) Unable to initialize the threads.
java.io.IOException: SSL Handshake failed while connecting to host:
localhost port: 8250
at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
at com.cloud.agent.Agent.start(Agent.java:263)
at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410)
at 
com.cloud.agent.AgentShell.launchAgentFromClassInfo(AgentShell.java:378)
at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362)
at com.cloud.agent.AgentShell.start(AgentShell.java:467)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at 
org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
2018-04-03 09:12:14,590 INFO  [utils.exception.CSExceptionErrorCode]
(main:null) (logid:) Could not find exception:
com.cloud.utils.exception.NioConnectionException in error code list
for exceptions
2018-04-03 09:12:14,590 WARN  [cloud.agent.Agent] (main:null) (logid:)
NIO Connection Exception
com.cloud.utils.exception.NioConnectionException: SSL Handshake failed
while connecting to host: localhost port: 8250
2018-04-03 09:12:14,590 INFO  [cloud.agent.Agent] (main:null) (logid:)
Attempted to connect to the server, but received an unexpected
exception, trying again...

While connecting through UI it gives authentication error.

I also set ssh and sshd ports to 8250 and was able to ssh into
management from host through it but still getting the same error while
adding it in cloudstack. Management generates a key(.pem) file in the
UI, do we need to add that file in the host settings for connection?

Also my ca.plugin.root.auth.strictness settings was set to true. On
setting it to false gives the same.

Regards
Swastik

On 4/2/18, Rohit Yadav  wrote:
> Swastik,
>
> Did you try to upgrade the env or installed a fresh env? How did you add the
> host? Was it a kvm host or something else? Instead of localhost, can you use
> an IP for the mgmt server? Also check and share your ca auth strictness
> global setting. Setting that to false will enforce legacy behavior.
>
> Regards.
>
> Get Outlook for Android
>
>
>
> From: Swastik Mittal
> Sent: Monday, 2 April, 4:58 PM
> Subject: SSL authentication failure
> To: users@cloudstack.apache.org
>
>
> Hey, I was using cloudstack version 4.6 earlier and was able to
> configure/add host to my datacenter. On installing version 4.11 on setting
> up host, host is unable to connect to management on port 8250 because
> management immediately closes the connection and does not allow connection
> on that port. (Getting this error in agent log) The management server log
> gives, SSL error caught during wrap data: null cert chain, for local
> address=/127.0.0.1:8250, remote address=/127.0.0.1:46029. I was also not
> able to ssh into management on port 8250 even though setting SSHD to all in
> hosts.allow. I also tried allowing policies on port 8250 through ufw command
> but it din't work. How do I update policies in 4.11? Any help? Reagrds
> Swastik
>
>
> rohit.ya...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>
>
>
>

Re: Upgrade from ACS 4.9.3 to 4.11.0

2018-04-02 Thread Andrei Mikhailovsky 
Hi Rohit,

Following some further investigation it seems that the installation packages 
replaced the following file:

/etc/default/cloudstack-management

with

/etc/default/cloudstack-management.dpkg-dist


Thus, the management server couldn't load the env variables and thus was unable 
to start.

I've put the file back and the management server is able to start. 

I will let you know if there are any other issues/problems.

Cheers

Andrei



- Original Message -
> From: "Andrei Mikhailovsky" 
> To: "users" 
> Sent: Monday, 2 April, 2018 20:58:59
> Subject: Re: Upgrade from ACS 4.9.3 to 4.11.0

> Hi Rohit,
> 
> I have just upgraded and having issues starting the service with the following
> error:
> 
> 
> Apr 02 20:56:37 ais-cloudhost13 systemd[1]: cloudstack-management.service:
> Failed to load environment files: No such file or directory
> Apr 02 20:56:37 ais-cloudhost13 systemd[1]: cloudstack-management.service:
> Failed to run 'start-pre' task: No such file or directory
> Apr 02 20:56:37 ais-cloudhost13 systemd[1]: Failed to start CloudStack
> Management Server.
> -- Subject: Unit cloudstack-management.service has failed
> -- Defined-By: systemd
> 
> Cheers
> 
> Andrei
> 
> - Original Message -
>> From: "Rohit Yadav" 
>> To: "users" 
>> Sent: Friday, 30 March, 2018 19:17:48
>> Subject: Re: Upgrade from ACS 4.9.3 to 4.11.0
> 
>> Some of the upgrade and minor issues have been fixed and will make their way
>> into 4.11.1.0. You're welcome to upgrade and share your feedback, but bear in
>> mind due to some changes a new/updated systemvmtemplate need to be issued for
>> 4.11.1.0 (it will be compatible for both 4.11.0.0 and 4.11.1.0 releases, but
>> 4.11.0.0 users will have to register that new template).
>> 
>> 
>> 
>> - Rohit
>> 
>> 
>> 
>> 
>> 
>> 
>> From: Andrei Mikhailovsky 
>> Sent: Friday, March 30, 2018 11:00:34 PM
>> To: users
>> Subject: Upgrade from ACS 4.9.3 to 4.11.0
>> 
>> Hello,
>> 
>> My current infrastructure is ACS 4.9.3 with KVM based on Ubuntu 16.04 servers
>> for the KVM hosts and the management server.
>> 
>> I am planning to perform an upgrade from ACS 4.9.3 to 4.11.0 and was 
>> wondering
>> if anyone had any issues during the upgrades? Anything to watch out for?
>> 
>> I have previously seen issues with upgrading to 4.10, which required some 
>> manual
>> db updates from what I recall. Has this issue been fixed in the 4.11 upgrade
>> process?
>> 
>> thanks
>> 
>> Andrei
>> 
>> rohit.ya...@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> > @shapeblue

Re: Upgrade from ACS 4.9.3 to 4.11.0

2018-04-02 Thread Andrei Mikhailovsky 
Hi Rohit,

I have just upgraded and having issues starting the service with the following 
error:


Apr 02 20:56:37 ais-cloudhost13 systemd[1]: cloudstack-management.service: 
Failed to load environment files: No such file or directory
Apr 02 20:56:37 ais-cloudhost13 systemd[1]: cloudstack-management.service: 
Failed to run 'start-pre' task: No such file or directory
Apr 02 20:56:37 ais-cloudhost13 systemd[1]: Failed to start CloudStack 
Management Server.
-- Subject: Unit cloudstack-management.service has failed
-- Defined-By: systemd

Cheers

Andrei

- Original Message -
> From: "Rohit Yadav" 
> To: "users" 
> Sent: Friday, 30 March, 2018 19:17:48
> Subject: Re: Upgrade from ACS 4.9.3 to 4.11.0

> Some of the upgrade and minor issues have been fixed and will make their way
> into 4.11.1.0. You're welcome to upgrade and share your feedback, but bear in
> mind due to some changes a new/updated systemvmtemplate need to be issued for
> 4.11.1.0 (it will be compatible for both 4.11.0.0 and 4.11.1.0 releases, but
> 4.11.0.0 users will have to register that new template).
> 
> 
> 
> - Rohit
> 
> 
> 
> 
> 
> 
> From: Andrei Mikhailovsky 
> Sent: Friday, March 30, 2018 11:00:34 PM
> To: users
> Subject: Upgrade from ACS 4.9.3 to 4.11.0
> 
> Hello,
> 
> My current infrastructure is ACS 4.9.3 with KVM based on Ubuntu 16.04 servers
> for the KVM hosts and the management server.
> 
> I am planning to perform an upgrade from ACS 4.9.3 to 4.11.0 and was wondering
> if anyone had any issues during the upgrades? Anything to watch out for?
> 
> I have previously seen issues with upgrading to 4.10, which required some 
> manual
> db updates from what I recall. Has this issue been fixed in the 4.11 upgrade
> process?
> 
> thanks
> 
> Andrei
> 
> rohit.ya...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue

Re: Request to enable Github issues, wiki for apache/cloudstack* repos

2018-04-02 Thread Daniel Pono Takamori 
Enabled for your repos: https://issues.apache.org/jira/browse/INFRA-16186

Cheers

On Mon, Apr 2, 2018 at 1:23 PM, Rohit Yadav  wrote:
> Ping infra?
>
> - Rohit
>
> On Fri, Mar 30, 2018 at 1:51 PM, Rohit Yadav  wrote:
>>
>> All,
>>
>> Based on a vote [1] on Apache CloudStack MLs, I would like to request
>> infra to enable Github issue and wiki features for all cloudstack
>> repositories:
>>
>> https://github.com/apache?q=cloudstack+
>>
>> [1] https://markmail.org/message/y5zgkssmwp4sh43t
>>
>> Regards,
>> Rohit Yadav
>> PMC member and committer,
>> Apache CloudStack
>
>

Re: Request to enable Github issues, wiki for apache/cloudstack* repos

2018-04-02 Thread Rohit Yadav 
Ping infra?

- Rohit

On Fri, Mar 30, 2018 at 1:51 PM, Rohit Yadav  wrote:

> All,
>
> Based on a vote [1] on Apache CloudStack MLs, I would like to request
> infra to enable Github issue and wiki features for all cloudstack
> repositories:
>
> https://github.com/apache?q=cloudstack+
>
> [1] https://markmail.org/message/y5zgkssmwp4sh43t
>
> Regards,
> Rohit Yadav
> PMC member and committer,
> Apache CloudStack
>

Re: Another zone and a new SystemVM template

2018-04-02 Thread Vladimir Melnik 
I destroyed the new zone and create it again. Haven't enabled it, haven't done 
anything else, but now I have 2 records in `template_store_ref`:


*** 1. row ***
  id: 41
store_id: 1
 template_id: 3
 created: 2016-12-08 11:45:54
last_updated: 2018-04-01 19:25:34
  job_id: NULL
download_pct: 100
size: 322954240
  store_role: Image
   physical_size: 322954240
  download_state: DOWNLOADED
   error_str: NULL
  local_path: NULL
install_path: 
template/tmpl/1/3/612564dc-8119-4c58-ae4c-df965ee99447.qcow2
 url: 
http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
   state: Ready
   destroyed: 0
 is_copy: 0
update_count: 0
 ref_cnt: 0
 updated: NULL
download_url_created: 1970-01-01 00:00:00
download_url: NULL
*** 2. row ***
  id: 4271
store_id: 61
 template_id: 3
 created: 2018-04-02 16:45:33
last_updated: 2018-04-02 16:45:33
  job_id: NULL
download_pct: 100
size: 0
  store_role: Image
   physical_size: 0
  download_state: DOWNLOADED
   error_str: NULL
  local_path: NULL
install_path: template/tmpl/1/3/
 url: 
http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
   state: Ready
   destroyed: 0
 is_copy: 0
update_count: 0
 ref_cnt: 0
 updated: NULL
download_url_created: NULL
download_url: NULL

The 2nd record is new, it has different values in the `id`, `store_id`, 
`created` and `last_updated` fields, so I hope it's OK. :-)

On Mon, Apr 02, 2018 at 07:34:08PM +0300, Vladimir Melnik wrote:
> Thank you for replying!
> 
> Yes, I've added the new zone, but I didn't make attempts to install the 
> template. At the same time I see that it shows as "DOWNLOADED" in the 
> database and in the list of zones where template is installed. At the same 
> time I don't see any files in my secondary storage's directory (it's being 
> mounted and umounted either from the management servers and virtualization 
> hosts without any errors).
> 
> Perhaps I should destroy and create the zone to make sure this case won't 
> resolve to any glitches...
> 
> On Mon, Apr 02, 2018 at 04:26:58PM +, Dag Sonstebo wrote:
> > Hi Vladimir,
> > 
> > It won’t cause any damage – but if you are concerned just do a mysqldump 
> > beforehand.
> > 
> > One thing though – have you already added the new zone and secondary 
> > storage pool? If store ID 41 is your new secondary pool then the second 
> > entry in your template_store_ref shows the template already downloaded?
> > 
> > Regards,
> > Dag Sonstebo
> > Cloud Architect
> > ShapeBlue
> > 
> > On 02/04/2018, 17:05, "Vladimir Melnik"  wrote:
> > 
> > Thank you, Dag!
> > 
> > Wouldn't it damage the existing records?
> > 
> > I have the following one in the `vm_template` table:
> > 
> > *** 1. row ***
> >   id: 3
> >  unique_name: routing-3
> > name: SystemVM Template (KVM)
> > uuid: b51f9ef8-bd2f-11e6-b74f-06973a00088a
> >   public: 0
> > featured: 0
> > type: SYSTEM
> >  hvm: 0
> > bits: 64
> >  url: 
> > http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
> >   format: QCOW2
> >  created: 2016-12-08 12:18:48
> >  removed: NULL
> >   account_id: 1
> > checksum: c059b0d051e0cd6fbe9d5d4fc40c7e5d
> > display_text: SystemVM Template (KVM)
> >  enable_password: 0
> >enable_sshkey: 0
> >  guest_os_id: 15
> > bootable: 1
> >  prepopulate: 0
> >  cross_zones: 1
> >  extractable: 0
> >  hypervisor_type: KVM
> >   source_template_id: NULL
> > template_tag: NULL
> > sort_key: 0
> > size: 322954240
> >state: Active
> > update_count: 0
> >  updated: NULL
> > dynamically_scalable: 0
> > 
> > And also there are 2 ones in the `template_store_ref` table:
> > 
> > *** 1. row ***
> >   id: 41
> > store_id: 1
> >  template_id: 3
> >  created: 2016-12-08 11:45:54
> > last_updated: 2018-04-01 19:25:34
> >

Re: Another zone and a new SystemVM template

2018-04-02 Thread Vladimir Melnik 
Thank you for replying!

Yes, I've added the new zone, but I didn't make attempts to install the 
template. At the same time I see that it shows as "DOWNLOADED" in the database 
and in the list of zones where template is installed. At the same time I don't 
see any files in my secondary storage's directory (it's being mounted and 
umounted either from the management servers and virtualization hosts without 
any errors).

Perhaps I should destroy and create the zone to make sure this case won't 
resolve to any glitches...

On Mon, Apr 02, 2018 at 04:26:58PM +, Dag Sonstebo wrote:
> Hi Vladimir,
> 
> It won’t cause any damage – but if you are concerned just do a mysqldump 
> beforehand.
> 
> One thing though – have you already added the new zone and secondary storage 
> pool? If store ID 41 is your new secondary pool then the second entry in your 
> template_store_ref shows the template already downloaded?
> 
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
> 
> On 02/04/2018, 17:05, "Vladimir Melnik"  wrote:
> 
> Thank you, Dag!
> 
> Wouldn't it damage the existing records?
> 
> I have the following one in the `vm_template` table:
> 
> *** 1. row ***
>   id: 3
>  unique_name: routing-3
> name: SystemVM Template (KVM)
> uuid: b51f9ef8-bd2f-11e6-b74f-06973a00088a
>   public: 0
> featured: 0
> type: SYSTEM
>  hvm: 0
> bits: 64
>  url: 
> http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
>   format: QCOW2
>  created: 2016-12-08 12:18:48
>  removed: NULL
>   account_id: 1
> checksum: c059b0d051e0cd6fbe9d5d4fc40c7e5d
> display_text: SystemVM Template (KVM)
>  enable_password: 0
>enable_sshkey: 0
>  guest_os_id: 15
> bootable: 1
>  prepopulate: 0
>  cross_zones: 1
>  extractable: 0
>  hypervisor_type: KVM
>   source_template_id: NULL
> template_tag: NULL
> sort_key: 0
> size: 322954240
>state: Active
> update_count: 0
>  updated: NULL
> dynamically_scalable: 0
> 
> And also there are 2 ones in the `template_store_ref` table:
> 
> *** 1. row ***
>   id: 41
> store_id: 1
>  template_id: 3
>  created: 2016-12-08 11:45:54
> last_updated: 2018-04-01 19:25:34
>   job_id: NULL
> download_pct: 100
> size: 322954240
>   store_role: Image
>physical_size: 322954240
>   download_state: DOWNLOADED
>error_str: NULL
>   local_path: NULL
> install_path: 
> template/tmpl/1/3/612564dc-8119-4c58-ae4c-df965ee99447.qcow2
>  url: 
> http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
>state: Ready
>destroyed: 0
>  is_copy: 0
> update_count: 0
>  ref_cnt: 0
>  updated: NULL
> download_url_created: 1970-01-01 00:00:00
> download_url: NULL
> *** 2. row ***
>   id: 4151
> store_id: 41
>  template_id: 3
>  created: 2018-04-02 14:43:49
> last_updated: 2018-04-02 14:43:49
>   job_id: NULL
> download_pct: 100
> size: 0
>   store_role: Image
>physical_size: 0
>   download_state: DOWNLOADED
>error_str: NULL
>   local_path: NULL
> install_path: template/tmpl/1/3/
>  url: 
> http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
>state: Ready
>destroyed: 0
>  is_copy: 0
> update_count: 0
>  ref_cnt: 0
>  updated: NULL
> download_url_created: NULL
> download_url: NULL
> 
> Maybe it's stupid, but I'm afraid that the script will make changes to 
> the record #41 instead of updating the record #4151. How will it know that we 
> need to install the template to the store #41 (a new secondary storage of a 
> new zone)?
> 
> Best regards,
> Vlad
> 
> 
> On Mon, Apr 02, 2018 at 03:42:38PM +, Dag Sonstebo wrote:
> > Vladimir,
> > 
> > Secondary storage is always zone wide, and if you have multiple zones

Re: Another zone and a new SystemVM template

2018-04-02 Thread Dag Sonstebo 
Hi Vladimir,

It won’t cause any damage – but if you are concerned just do a mysqldump 
beforehand.

One thing though – have you already added the new zone and secondary storage 
pool? If store ID 41 is your new secondary pool then the second entry in your 
template_store_ref shows the template already downloaded?

Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue

On 02/04/2018, 17:05, "Vladimir Melnik"  wrote:

Thank you, Dag!

Wouldn't it damage the existing records?

I have the following one in the `vm_template` table:

*** 1. row ***
  id: 3
 unique_name: routing-3
name: SystemVM Template (KVM)
uuid: b51f9ef8-bd2f-11e6-b74f-06973a00088a
  public: 0
featured: 0
type: SYSTEM
 hvm: 0
bits: 64
 url: 
http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
  format: QCOW2
 created: 2016-12-08 12:18:48
 removed: NULL
  account_id: 1
checksum: c059b0d051e0cd6fbe9d5d4fc40c7e5d
display_text: SystemVM Template (KVM)
 enable_password: 0
   enable_sshkey: 0
 guest_os_id: 15
bootable: 1
 prepopulate: 0
 cross_zones: 1
 extractable: 0
 hypervisor_type: KVM
  source_template_id: NULL
template_tag: NULL
sort_key: 0
size: 322954240
   state: Active
update_count: 0
 updated: NULL
dynamically_scalable: 0

And also there are 2 ones in the `template_store_ref` table:

*** 1. row ***
  id: 41
store_id: 1
 template_id: 3
 created: 2016-12-08 11:45:54
last_updated: 2018-04-01 19:25:34
  job_id: NULL
download_pct: 100
size: 322954240
  store_role: Image
   physical_size: 322954240
  download_state: DOWNLOADED
   error_str: NULL
  local_path: NULL
install_path: 
template/tmpl/1/3/612564dc-8119-4c58-ae4c-df965ee99447.qcow2
 url: 
http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
   state: Ready
   destroyed: 0
 is_copy: 0
update_count: 0
 ref_cnt: 0
 updated: NULL
download_url_created: 1970-01-01 00:00:00
download_url: NULL
*** 2. row ***
  id: 4151
store_id: 41
 template_id: 3
 created: 2018-04-02 14:43:49
last_updated: 2018-04-02 14:43:49
  job_id: NULL
download_pct: 100
size: 0
  store_role: Image
   physical_size: 0
  download_state: DOWNLOADED
   error_str: NULL
  local_path: NULL
install_path: template/tmpl/1/3/
 url: 
http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
   state: Ready
   destroyed: 0
 is_copy: 0
update_count: 0
 ref_cnt: 0
 updated: NULL
download_url_created: NULL
download_url: NULL

Maybe it's stupid, but I'm afraid that the script will make changes to the 
record #41 instead of updating the record #4151. How will it know that we need 
to install the template to the store #41 (a new secondary storage of a new 
zone)?

Best regards,
Vlad


On Mon, Apr 02, 2018 at 03:42:38PM +, Dag Sonstebo wrote:
> Vladimir,
> 
> Secondary storage is always zone wide, and if you have multiple zones 
then you also select which zone to add the new secondary storage pool to. 
> So as long as you prepopulate the template as per documentation you will 
be fine.
> 
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
> 
> On 02/04/2018, 16:37, "Vladimir Melnik"  wrote:
> 
> Hello,
> 
> It might be a bit stupid question, but I'd like to ask for some help 
:)
> 
> How to add a new SystemVM template to a new zone? The documentation 
(http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.9/management-server/_systemvm.html)
 is quite clear, but I can't see how will ACS understand that the template is 
being added to a new zone. Should I indicate the zone's ID somehow? How to do 
that?
> 
> Thanks in

Re: Another zone and a new SystemVM template

2018-04-02 Thread Vladimir Melnik 
Thank you, Dag!

Wouldn't it damage the existing records?

I have the following one in the `vm_template` table:

*** 1. row ***
  id: 3
 unique_name: routing-3
name: SystemVM Template (KVM)
uuid: b51f9ef8-bd2f-11e6-b74f-06973a00088a
  public: 0
featured: 0
type: SYSTEM
 hvm: 0
bits: 64
 url: 
http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
  format: QCOW2
 created: 2016-12-08 12:18:48
 removed: NULL
  account_id: 1
checksum: c059b0d051e0cd6fbe9d5d4fc40c7e5d
display_text: SystemVM Template (KVM)
 enable_password: 0
   enable_sshkey: 0
 guest_os_id: 15
bootable: 1
 prepopulate: 0
 cross_zones: 1
 extractable: 0
 hypervisor_type: KVM
  source_template_id: NULL
template_tag: NULL
sort_key: 0
size: 322954240
   state: Active
update_count: 0
 updated: NULL
dynamically_scalable: 0

And also there are 2 ones in the `template_store_ref` table:

*** 1. row ***
  id: 41
store_id: 1
 template_id: 3
 created: 2016-12-08 11:45:54
last_updated: 2018-04-01 19:25:34
  job_id: NULL
download_pct: 100
size: 322954240
  store_role: Image
   physical_size: 322954240
  download_state: DOWNLOADED
   error_str: NULL
  local_path: NULL
install_path: 
template/tmpl/1/3/612564dc-8119-4c58-ae4c-df965ee99447.qcow2
 url: 
http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
   state: Ready
   destroyed: 0
 is_copy: 0
update_count: 0
 ref_cnt: 0
 updated: NULL
download_url_created: 1970-01-01 00:00:00
download_url: NULL
*** 2. row ***
  id: 4151
store_id: 41
 template_id: 3
 created: 2018-04-02 14:43:49
last_updated: 2018-04-02 14:43:49
  job_id: NULL
download_pct: 100
size: 0
  store_role: Image
   physical_size: 0
  download_state: DOWNLOADED
   error_str: NULL
  local_path: NULL
install_path: template/tmpl/1/3/
 url: 
http://cloudstack.apt-get.eu/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
   state: Ready
   destroyed: 0
 is_copy: 0
update_count: 0
 ref_cnt: 0
 updated: NULL
download_url_created: NULL
download_url: NULL

Maybe it's stupid, but I'm afraid that the script will make changes to the 
record #41 instead of updating the record #4151. How will it know that we need 
to install the template to the store #41 (a new secondary storage of a new 
zone)?

Best regards,
Vlad


On Mon, Apr 02, 2018 at 03:42:38PM +, Dag Sonstebo wrote:
> Vladimir,
> 
> Secondary storage is always zone wide, and if you have multiple zones then 
> you also select which zone to add the new secondary storage pool to. 
> So as long as you prepopulate the template as per documentation you will be 
> fine.
> 
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
> 
> On 02/04/2018, 16:37, "Vladimir Melnik"  wrote:
> 
> Hello,
> 
> It might be a bit stupid question, but I'd like to ask for some help :)
> 
> How to add a new SystemVM template to a new zone? The documentation 
> (http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.9/management-server/_systemvm.html)
>  is quite clear, but I can't see how will ACS understand that the template is 
> being added to a new zone. Should I indicate the zone's ID somehow? How to do 
> that?
> 
> Thanks in advance!
> 
> -- 
> V.Melnik
> 
> 
> 
> dag.sonst...@shapeblue.com 
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>   
>  
> 

-- 
V.Melnik

Re: Another zone and a new SystemVM template

2018-04-02 Thread Dag Sonstebo 
Vladimir,

Secondary storage is always zone wide, and if you have multiple zones then you 
also select which zone to add the new secondary storage pool to. 
So as long as you prepopulate the template as per documentation you will be 
fine.

Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue

On 02/04/2018, 16:37, "Vladimir Melnik"  wrote:

Hello,

It might be a bit stupid question, but I'd like to ask for some help :)

How to add a new SystemVM template to a new zone? The documentation 
(http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.9/management-server/_systemvm.html)
 is quite clear, but I can't see how will ACS understand that the template is 
being added to a new zone. Should I indicate the zone's ID somehow? How to do 
that?

Thanks in advance!

-- 
V.Melnik



dag.sonst...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

Another zone and a new SystemVM template

2018-04-02 Thread Vladimir Melnik 
Hello,

It might be a bit stupid question, but I'd like to ask for some help :)

How to add a new SystemVM template to a new zone? The documentation 
(http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.9/management-server/_systemvm.html)
 is quite clear, but I can't see how will ACS understand that the template is 
being added to a new zone. Should I indicate the zone's ID somehow? How to do 
that?

Thanks in advance!

-- 
V.Melnik

Re: SSL authentication failure

2018-04-02 Thread Rohit Yadav 
Swastik,

Did you try to upgrade the env or installed a fresh env? How did you add the 
host? Was it a kvm host or something else? Instead of localhost, can you use an 
IP for the mgmt server? Also check and share your ca auth strictness global 
setting. Setting that to false will enforce legacy behavior.

Regards.

Get Outlook for Android



From: Swastik Mittal
Sent: Monday, 2 April, 4:58 PM
Subject: SSL authentication failure
To: users@cloudstack.apache.org


Hey, I was using cloudstack version 4.6 earlier and was able to configure/add 
host to my datacenter. On installing version 4.11 on setting up host, host is 
unable to connect to management on port 8250 because management immediately 
closes the connection and does not allow connection on that port. (Getting this 
error in agent log) The management server log gives, SSL error caught during 
wrap data: null cert chain, for local address=/127.0.0.1:8250, remote 
address=/127.0.0.1:46029. I was also not able to ssh into management on port 
8250 even though setting SSHD to all in hosts.allow. I also tried allowing 
policies on port 8250 through ufw command but it din't work. How do I update 
policies in 4.11? Any help? Reagrds Swastik


rohit.ya...@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue

SSL authentication failure

2018-04-02 Thread Swastik Mittal 
Hey,

I was using cloudstack version 4.6 earlier and was able to
configure/add host to my datacenter. On installing version 4.11 on
setting up host, host is unable to connect to management on port 8250
because management immediately closes the connection and does not
allow connection on that port. (Getting this error in agent log)

The management server log gives,

SSL error caught during wrap data: null cert chain, for local
address=/127.0.0.1:8250, remote address=/127.0.0.1:46029.

I was also not able to ssh into management on port 8250 even though
setting SSHD to all in hosts.allow.
I also tried allowing policies on port 8250 through ufw command but it
din't work.

How do I update policies in 4.11?

Any help?

Reagrds
Swastik

Re: CS 4.11 : Erreor : status Index: 0, Size: 0 When Migrate instance !

2018-04-02 Thread Dag Sonstebo 
Excellent, glad you both got it sorted.

Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue

On 02/04/2018, 00:00, "Olivier GUIN"  wrote:

Hi Dag,

Ok it's ok with 5.5.56. and new fresh install CentOS 7

I install CS 4.10 to work fine with hostbill not 4.11 .. another problem !

I ok now

Thank's for all
Olivier

Le 31/03/2018 à 16:15, Lotic Lists a écrit :
> Hi Dag.
>
>   
>
> You are right, the problem is the mysql version, with 5.5.56 works fine
>
>   
>
> Thanks
>
> Marcelo.
>
>   
>
> From: Dag Sonstebo 
> Sent: quarta-feira, 28 de março de 2018 16:10
> To: users@cloudstack.apache.org
> Subject: Re: CS 4.11 : Erreor : status Index: 0, Size: 0 When Migrate 
instance !
>
>   
>
> Hi Olivier,
>
>   
>
> I’ve just spun the same environment as you have up in the lab, using 
CentOS7 management, XS6.5SP1 hypervisors, advanced zone and installing from 
http://cloudstack.apt-get.eu/centos/7/4.11/ , and I can’t reproduce the issues 
you are seeing.
>
> The only difference in my environment is the MariaDB version – and I 
suspect this may be your problem.
>
>   
>
> [root@ref-trl-418-x-cs411-dsonstebo-mgmt1 ~]# cat 
/etc/yum.repos.d/cloudstack.repo | grep http
>
> baseurl=http://cloudstack.apt-get.eu/centos/7/4.11/
>
>   
>
> [root@ref-trl-418-x-cs411-dsonstebo-mgmt1 ~]# cat /etc/redhat-release
>
> CentOS Linux release 7.4.1708 (Core)
>
>   
>
> [root@ref-trl-418-x-cs411-dsonstebo-mgmt1 ~]# mysql --version
>
> mysql  Ver 15.1 Distrib 5.5.56-MariaDB, for Linux (x86_64) using readline 
5.1   My lab version
>
> mysql  Ver 15.1 Distrib 10.0.34-MariaDB, for Linux (x86_64) using 
readline 5.1 << Your version
>
>   
>
>> SELECT * FROM cloud.version
>   
>
> + --- +  +  + - +
>
> | id  | version  | updated  | step  |
>
> + --- +  +  + - +
>
> | 1   | 4.0.0| 2018-03-28 18:44:26 | Complete  |
>
> | 2   | 4.1.0| 2018-03-28 18:44:49 | Complete  |
>
> …..
>
> | 21  | 4.9.3.0  | 2018-03-28 18:45:02 | Complete  |
>
> | 22  | 4.10.0.0 | 2018-03-28 18:45:03 | Complete  |
>
> | 23  | 4.11.0.0 | 2018-03-28 18:45:03 | Complete  |
>
>   
>
>> SELECT * FROM cloud.host_view
>   
>
>  1. row *
>
>id: 1
>
>  uuid: df4cbefc-3dc1-4f41-ac7e-723920808114
>
>  name: ref-trl-418-x-cs411-dsonstebo-xs1
>
>status: Up
>
>  disconnected:
>
>  type: Routing
>
>private_ip_address: removed
>
>   version: 4.11.0.0
>
>   hypervisor_type: XenServer
>
>hypervisor_version: 6.5.0
>
>  capabilities: xen-3.0-x86_64 , xen-3.0-x86_32p , 
hvm-3.0-x86_32 , hvm-3.0-x86_32p , hvm-3.0-x86_64
>
> last_ping: 1486584835
>
>   created: 2018-03-28 18:52:06
>
>   removed:
>
>resource_state: Enabled
>
>mgmt_server_id: 7393350059856
>
>   cpu_sockets: 3
>
>  cpus: 3
>
> speed: 1994
>
>   ram: 7427139712
>
>cluster_id: 1
>
>  cluster_uuid: 30cb6537-8d6e-4a42-965c-b50c30262a55
>
>  cluster_name: p1-c1
>
>  cluster_type: CloudManaged
>
>data_center_id: 1
>
>  data_center_uuid: 407346a2-4ee3-4fa2-b17f-37f1fa1150df
>
>  data_center_name: ref-trl-418-x-cs411-dsonstebo
>
>  data_center_type: Advanced
>
>pod_id: 1
>
>  pod_uuid: 68481e39-9427-486f-a983-71b36737fae4
>
>  pod_name: Pod1
>
>   tag: GPU
>
>  guest_os_category_id:
>
>guest_os_category_uuid:
>
>guest_os_category_name:
>
>  memory_used_capacity: 536870912
>
> memory_reserved_capacity: 0
>
> cpu_used_capacity: 500
>
> cpu_reserved_capacity: 0
>
>job_id:
>
>  job_uuid:

>
>job_status:
>
>job_account_id:
>
>  oobm_enabled:
>
>  oobm_power_state:
>
>ha_enabled:
>
>