Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Jevgeni Zolotarjov 
<< wrote:

> Stick to 4.11.2 - 4.12 should be released withing few days officially.
>
> As for qemu-kvm-ev - yes, it's supposed to work - make sure to test new
> versions obviously.
>
> Did you got your new installation running fine ?
>
> On Thu, 21 Mar 2019 at 19:26, Jevgeni Zolotarjov 
> wrote:
>
> > Andrija,
> >
> > I asked here in the group if its safe to try new version of KVM and got
> > reply, that it works. It was back in September. So we installed it with
> > yum install centos-release-qemu-ev
> > yum install qemu-kvm-ev
> >
> > It worked fine ever since.
> > But with new maintenance (yum update) apparently some breaking changes
> were
> > introduced.
> > So, take care.
> >
> > Anyway, thanks. for help.
> >
> > As for your suggestion to use CS4.12. I haven't managed to find systemvm
> > images for 4.12. Should I continue to use 4.11.12 systemvm?
> >
> >
> >
> >
> >
> >
> > On Thu, Mar 21, 2019 at 7:19 PM Andrija Panic 
> > wrote:
> >
> > > Jevgeni, qemu-kvm 1.5.3 is the lastest official one for CentoS 7.6.XXX
> > > (latest) which I'm running atm in my lab (just checked for update) -
> how
> > > did you manage to go to 2.0 (custom repo ?)
> > >
> > > On Thu, 21 Mar 2019 at 18:13, Ivan Kudryavtsev <
> kudryavtsev...@bw-sw.com
> > >
> > > wrote:
> > >
> > > > Jevgeniy, simplest and the most obvious way is to flatten their
> images
> > > with
> > > > "qemu-img convert", next import them as templates and recreate VMs
> from
> > > > those templates.
> > > >
> > > > чт, 21 мар. 2019 г. в 13:05, Jevgeni Zolotarjov <
> > j.zolotar...@gmail.com
> > > >:
> > > >
> > > > > What happened in the end was: qemu-kvm got updated to version 2.0
> > > during
> > > > > the maintenance.  We could not manage to make this KVM to work with
> > > > > Cloudstack.
> > > > > So we rolled back to version 1.5.3.
> > > > >
> > > > > And now we have clean cloudstack fully operational. We can create
> new
> > > VMs
> > > > > and it works. I am almost happy.
> > > > >
> > > > > Now question - how do I get my old VMs to work, considering I have
> > only
> > > > > their volumes?
> > > > >
> > > > > On Thu, Mar 21, 2019 at 6:24 PM Andrija Panic <
> > andrija.pa...@gmail.com
> > > >
> > > > > wrote:
> > > > >
> > > > > > Just replace the URL for systemVM template from 4.11.1 with
> 4.11.2
> > > > (there
> > > > > > is a PR for this now).
> > > > > >
> > > > > > On Thu, 21 Mar 2019 at 16:53, Andrija Panic <
> > andrija.pa...@gmail.com
> > > >
> > > > > > wrote:
> > > > > >
> > > > > > > Please use the one, updated specifically for CentOS 7 -
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> https://github.com/apache/cloudstack-documentation/blob/master/source/quickinstallationguide/qig.rst
> > > > > > >
> > > > > > > And please avoid collocating KVM and MGMT on same server
> > > (especially
> > > > in
> > > > > > > any production-like system)
> > > > > > >
> > > > > > > Please let me know if the guide above gives you problem - we
> had
> > > > > multiple
> > > > > > > users explicitly following it - and successfully installed
> (with
> > > some
> > > > > > minor
> > > > > > > modification, which we committed back to that guide).
> > > > > > >
> > > > > > > Thanks
> > > > > > > Andrija
> > > > > > >
> > > > > > > On Thu, 21 Mar 2019 at 16:34, Jevgeni Zolotarjov <
> > > > > j.zolotar...@gmail.com
> > > > > > >
> > > > > > > wrote:
> > > > > > >
> > > > > > >> OS management - centos 7 (1810)
> > > > > > >> OS hypervisor - centos 7 (1810)
> > > > > > >>
> > > > > > >> Basic zone - yes
> > > > > > >> I am following this quide
> > > > > > >>
> > > > > > >>
> > > > > >
> > > > >
> > > >
> > >
> >
> http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html
> > > > > > >>
> > > > > > >> Right now from scratch - management ans hypervisor on the same
> > > > machine
> > > > > > >> qemu - version 1.5.3
> > > > > > >> libvirt - libvirt version: 4.5.0, package: 10.el7_6.6
> > > > > > >>
> > > > > > >> Basically - everything out of the box of clean centos install
> > > > > > >>
> > > > > > >>
> > > > > > >>
> > > > > > >>
> > > > > > >> On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic <
> > > > > andrija.pa...@gmail.com>
> > > > > > >> wrote:
> > > > > > >>
> > > > > > >> > Hey Jevgeni,
> > > > > > >> >
> > > > > > >> > what OS mgmt, what OS hypervisor, what qemu/libvirt
> versions -
> > > > still
> > > > > > in
> > > > > > >> > Basic Zone, SG ?
> > > > > > >> >
> > > > > > >> > Andrija
> > > > > > >> >
> > > > > > >> > On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov <
> > > > > > >> j.zolotar...@gmail.com>
> > > > > > >> > wrote:
> > > > > > >> >
> > > > > > >> > > I reinstalled cloudstack from scratch - everything
> > > > > > >> > >
> > > > > > >> > > But looks like I hit the same wall now
> > > > > > >> > >
> > > > > > >> > > In the last step of installation it cannot create system
> > VMs.
> > > > > > >> > >
> > > > > > >> > > service libvirtd status -l
> > > > > > >> > > gives me
> > > > > > >> > >

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Andrija Panic 
Stick to 4.11.2 - 4.12 should be released withing few days officially.

As for qemu-kvm-ev - yes, it's supposed to work - make sure to test new
versions obviously.

Did you got your new installation running fine ?

On Thu, 21 Mar 2019 at 19:26, Jevgeni Zolotarjov 
wrote:

> Andrija,
>
> I asked here in the group if its safe to try new version of KVM and got
> reply, that it works. It was back in September. So we installed it with
> yum install centos-release-qemu-ev
> yum install qemu-kvm-ev
>
> It worked fine ever since.
> But with new maintenance (yum update) apparently some breaking changes were
> introduced.
> So, take care.
>
> Anyway, thanks. for help.
>
> As for your suggestion to use CS4.12. I haven't managed to find systemvm
> images for 4.12. Should I continue to use 4.11.12 systemvm?
>
>
>
>
>
>
> On Thu, Mar 21, 2019 at 7:19 PM Andrija Panic 
> wrote:
>
> > Jevgeni, qemu-kvm 1.5.3 is the lastest official one for CentoS 7.6.XXX
> > (latest) which I'm running atm in my lab (just checked for update) - how
> > did you manage to go to 2.0 (custom repo ?)
> >
> > On Thu, 21 Mar 2019 at 18:13, Ivan Kudryavtsev  >
> > wrote:
> >
> > > Jevgeniy, simplest and the most obvious way is to flatten their images
> > with
> > > "qemu-img convert", next import them as templates and recreate VMs from
> > > those templates.
> > >
> > > чт, 21 мар. 2019 г. в 13:05, Jevgeni Zolotarjov <
> j.zolotar...@gmail.com
> > >:
> > >
> > > > What happened in the end was: qemu-kvm got updated to version 2.0
> > during
> > > > the maintenance.  We could not manage to make this KVM to work with
> > > > Cloudstack.
> > > > So we rolled back to version 1.5.3.
> > > >
> > > > And now we have clean cloudstack fully operational. We can create new
> > VMs
> > > > and it works. I am almost happy.
> > > >
> > > > Now question - how do I get my old VMs to work, considering I have
> only
> > > > their volumes?
> > > >
> > > > On Thu, Mar 21, 2019 at 6:24 PM Andrija Panic <
> andrija.pa...@gmail.com
> > >
> > > > wrote:
> > > >
> > > > > Just replace the URL for systemVM template from 4.11.1 with 4.11.2
> > > (there
> > > > > is a PR for this now).
> > > > >
> > > > > On Thu, 21 Mar 2019 at 16:53, Andrija Panic <
> andrija.pa...@gmail.com
> > >
> > > > > wrote:
> > > > >
> > > > > > Please use the one, updated specifically for CentOS 7 -
> > > > > >
> > > > >
> > > >
> > >
> >
> https://github.com/apache/cloudstack-documentation/blob/master/source/quickinstallationguide/qig.rst
> > > > > >
> > > > > > And please avoid collocating KVM and MGMT on same server
> > (especially
> > > in
> > > > > > any production-like system)
> > > > > >
> > > > > > Please let me know if the guide above gives you problem - we had
> > > > multiple
> > > > > > users explicitly following it - and successfully installed (with
> > some
> > > > > minor
> > > > > > modification, which we committed back to that guide).
> > > > > >
> > > > > > Thanks
> > > > > > Andrija
> > > > > >
> > > > > > On Thu, 21 Mar 2019 at 16:34, Jevgeni Zolotarjov <
> > > > j.zolotar...@gmail.com
> > > > > >
> > > > > > wrote:
> > > > > >
> > > > > >> OS management - centos 7 (1810)
> > > > > >> OS hypervisor - centos 7 (1810)
> > > > > >>
> > > > > >> Basic zone - yes
> > > > > >> I am following this quide
> > > > > >>
> > > > > >>
> > > > >
> > > >
> > >
> >
> http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html
> > > > > >>
> > > > > >> Right now from scratch - management ans hypervisor on the same
> > > machine
> > > > > >> qemu - version 1.5.3
> > > > > >> libvirt - libvirt version: 4.5.0, package: 10.el7_6.6
> > > > > >>
> > > > > >> Basically - everything out of the box of clean centos install
> > > > > >>
> > > > > >>
> > > > > >>
> > > > > >>
> > > > > >> On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic <
> > > > andrija.pa...@gmail.com>
> > > > > >> wrote:
> > > > > >>
> > > > > >> > Hey Jevgeni,
> > > > > >> >
> > > > > >> > what OS mgmt, what OS hypervisor, what qemu/libvirt versions -
> > > still
> > > > > in
> > > > > >> > Basic Zone, SG ?
> > > > > >> >
> > > > > >> > Andrija
> > > > > >> >
> > > > > >> > On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov <
> > > > > >> j.zolotar...@gmail.com>
> > > > > >> > wrote:
> > > > > >> >
> > > > > >> > > I reinstalled cloudstack from scratch - everything
> > > > > >> > >
> > > > > >> > > But looks like I hit the same wall now
> > > > > >> > >
> > > > > >> > > In the last step of installation it cannot create system
> VMs.
> > > > > >> > >
> > > > > >> > > service libvirtd status -l
> > > > > >> > > gives me
> > > > > >> > > 
> > > > > >> > > ● libvirtd.service - Virtualization daemon
> > > > > >> > >Loaded: loaded (/usr/lib/systemd/system/libvirtd.service;
> > > > > enabled;
> > > > > >> > > vendor preset: enabled)
> > > > > >> > >Active: active (running) since Thu 2019-03-21 11:45:00
> GMT;
> > > > 18min
> > > > > >> ago
> > > > > >> > >  Docs: man:libvirtd(8)
> > >

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Jevgeni Zolotarjov 
Andrija,

I asked here in the group if its safe to try new version of KVM and got
reply, that it works. It was back in September. So we installed it with
yum install centos-release-qemu-ev
yum install qemu-kvm-ev

It worked fine ever since.
But with new maintenance (yum update) apparently some breaking changes were
introduced.
So, take care.

Anyway, thanks. for help.

As for your suggestion to use CS4.12. I haven't managed to find systemvm
images for 4.12. Should I continue to use 4.11.12 systemvm?






On Thu, Mar 21, 2019 at 7:19 PM Andrija Panic 
wrote:

> Jevgeni, qemu-kvm 1.5.3 is the lastest official one for CentoS 7.6.XXX
> (latest) which I'm running atm in my lab (just checked for update) - how
> did you manage to go to 2.0 (custom repo ?)
>
> On Thu, 21 Mar 2019 at 18:13, Ivan Kudryavtsev 
> wrote:
>
> > Jevgeniy, simplest and the most obvious way is to flatten their images
> with
> > "qemu-img convert", next import them as templates and recreate VMs from
> > those templates.
> >
> > чт, 21 мар. 2019 г. в 13:05, Jevgeni Zolotarjov  >:
> >
> > > What happened in the end was: qemu-kvm got updated to version 2.0
> during
> > > the maintenance.  We could not manage to make this KVM to work with
> > > Cloudstack.
> > > So we rolled back to version 1.5.3.
> > >
> > > And now we have clean cloudstack fully operational. We can create new
> VMs
> > > and it works. I am almost happy.
> > >
> > > Now question - how do I get my old VMs to work, considering I have only
> > > their volumes?
> > >
> > > On Thu, Mar 21, 2019 at 6:24 PM Andrija Panic  >
> > > wrote:
> > >
> > > > Just replace the URL for systemVM template from 4.11.1 with 4.11.2
> > (there
> > > > is a PR for this now).
> > > >
> > > > On Thu, 21 Mar 2019 at 16:53, Andrija Panic  >
> > > > wrote:
> > > >
> > > > > Please use the one, updated specifically for CentOS 7 -
> > > > >
> > > >
> > >
> >
> https://github.com/apache/cloudstack-documentation/blob/master/source/quickinstallationguide/qig.rst
> > > > >
> > > > > And please avoid collocating KVM and MGMT on same server
> (especially
> > in
> > > > > any production-like system)
> > > > >
> > > > > Please let me know if the guide above gives you problem - we had
> > > multiple
> > > > > users explicitly following it - and successfully installed (with
> some
> > > > minor
> > > > > modification, which we committed back to that guide).
> > > > >
> > > > > Thanks
> > > > > Andrija
> > > > >
> > > > > On Thu, 21 Mar 2019 at 16:34, Jevgeni Zolotarjov <
> > > j.zolotar...@gmail.com
> > > > >
> > > > > wrote:
> > > > >
> > > > >> OS management - centos 7 (1810)
> > > > >> OS hypervisor - centos 7 (1810)
> > > > >>
> > > > >> Basic zone - yes
> > > > >> I am following this quide
> > > > >>
> > > > >>
> > > >
> > >
> >
> http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html
> > > > >>
> > > > >> Right now from scratch - management ans hypervisor on the same
> > machine
> > > > >> qemu - version 1.5.3
> > > > >> libvirt - libvirt version: 4.5.0, package: 10.el7_6.6
> > > > >>
> > > > >> Basically - everything out of the box of clean centos install
> > > > >>
> > > > >>
> > > > >>
> > > > >>
> > > > >> On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic <
> > > andrija.pa...@gmail.com>
> > > > >> wrote:
> > > > >>
> > > > >> > Hey Jevgeni,
> > > > >> >
> > > > >> > what OS mgmt, what OS hypervisor, what qemu/libvirt versions -
> > still
> > > > in
> > > > >> > Basic Zone, SG ?
> > > > >> >
> > > > >> > Andrija
> > > > >> >
> > > > >> > On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov <
> > > > >> j.zolotar...@gmail.com>
> > > > >> > wrote:
> > > > >> >
> > > > >> > > I reinstalled cloudstack from scratch - everything
> > > > >> > >
> > > > >> > > But looks like I hit the same wall now
> > > > >> > >
> > > > >> > > In the last step of installation it cannot create system VMs.
> > > > >> > >
> > > > >> > > service libvirtd status -l
> > > > >> > > gives me
> > > > >> > > 
> > > > >> > > ● libvirtd.service - Virtualization daemon
> > > > >> > >Loaded: loaded (/usr/lib/systemd/system/libvirtd.service;
> > > > enabled;
> > > > >> > > vendor preset: enabled)
> > > > >> > >Active: active (running) since Thu 2019-03-21 11:45:00 GMT;
> > > 18min
> > > > >> ago
> > > > >> > >  Docs: man:libvirtd(8)
> > > > >> > >https://libvirt.org
> > > > >> > >  Main PID: 537 (libvirtd)
> > > > >> > > Tasks: 20 (limit: 32768)
> > > > >> > >CGroup: /system.slice/libvirtd.service
> > > > >> > >├─  537 /usr/sbin/libvirtd -l
> > > > >> > >├─12206 /usr/sbin/dnsmasq
> > > > >> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf
> --leasefile-ro
> > > > >> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> > > > >> > >└─12207 /usr/sbin/dnsmasq
> > > > >> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf
> --leasefile-ro
> > > > >> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> > > > >> > >
> > > >

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Andrija Panic 
Jevgeni, qemu-kvm 1.5.3 is the lastest official one for CentoS 7.6.XXX
(latest) which I'm running atm in my lab (just checked for update) - how
did you manage to go to 2.0 (custom repo ?)

On Thu, 21 Mar 2019 at 18:13, Ivan Kudryavtsev 
wrote:

> Jevgeniy, simplest and the most obvious way is to flatten their images with
> "qemu-img convert", next import them as templates and recreate VMs from
> those templates.
>
> чт, 21 мар. 2019 г. в 13:05, Jevgeni Zolotarjov :
>
> > What happened in the end was: qemu-kvm got updated to version 2.0 during
> > the maintenance.  We could not manage to make this KVM to work with
> > Cloudstack.
> > So we rolled back to version 1.5.3.
> >
> > And now we have clean cloudstack fully operational. We can create new VMs
> > and it works. I am almost happy.
> >
> > Now question - how do I get my old VMs to work, considering I have only
> > their volumes?
> >
> > On Thu, Mar 21, 2019 at 6:24 PM Andrija Panic 
> > wrote:
> >
> > > Just replace the URL for systemVM template from 4.11.1 with 4.11.2
> (there
> > > is a PR for this now).
> > >
> > > On Thu, 21 Mar 2019 at 16:53, Andrija Panic 
> > > wrote:
> > >
> > > > Please use the one, updated specifically for CentOS 7 -
> > > >
> > >
> >
> https://github.com/apache/cloudstack-documentation/blob/master/source/quickinstallationguide/qig.rst
> > > >
> > > > And please avoid collocating KVM and MGMT on same server (especially
> in
> > > > any production-like system)
> > > >
> > > > Please let me know if the guide above gives you problem - we had
> > multiple
> > > > users explicitly following it - and successfully installed (with some
> > > minor
> > > > modification, which we committed back to that guide).
> > > >
> > > > Thanks
> > > > Andrija
> > > >
> > > > On Thu, 21 Mar 2019 at 16:34, Jevgeni Zolotarjov <
> > j.zolotar...@gmail.com
> > > >
> > > > wrote:
> > > >
> > > >> OS management - centos 7 (1810)
> > > >> OS hypervisor - centos 7 (1810)
> > > >>
> > > >> Basic zone - yes
> > > >> I am following this quide
> > > >>
> > > >>
> > >
> >
> http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html
> > > >>
> > > >> Right now from scratch - management ans hypervisor on the same
> machine
> > > >> qemu - version 1.5.3
> > > >> libvirt - libvirt version: 4.5.0, package: 10.el7_6.6
> > > >>
> > > >> Basically - everything out of the box of clean centos install
> > > >>
> > > >>
> > > >>
> > > >>
> > > >> On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic <
> > andrija.pa...@gmail.com>
> > > >> wrote:
> > > >>
> > > >> > Hey Jevgeni,
> > > >> >
> > > >> > what OS mgmt, what OS hypervisor, what qemu/libvirt versions -
> still
> > > in
> > > >> > Basic Zone, SG ?
> > > >> >
> > > >> > Andrija
> > > >> >
> > > >> > On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov <
> > > >> j.zolotar...@gmail.com>
> > > >> > wrote:
> > > >> >
> > > >> > > I reinstalled cloudstack from scratch - everything
> > > >> > >
> > > >> > > But looks like I hit the same wall now
> > > >> > >
> > > >> > > In the last step of installation it cannot create system VMs.
> > > >> > >
> > > >> > > service libvirtd status -l
> > > >> > > gives me
> > > >> > > 
> > > >> > > ● libvirtd.service - Virtualization daemon
> > > >> > >Loaded: loaded (/usr/lib/systemd/system/libvirtd.service;
> > > enabled;
> > > >> > > vendor preset: enabled)
> > > >> > >Active: active (running) since Thu 2019-03-21 11:45:00 GMT;
> > 18min
> > > >> ago
> > > >> > >  Docs: man:libvirtd(8)
> > > >> > >https://libvirt.org
> > > >> > >  Main PID: 537 (libvirtd)
> > > >> > > Tasks: 20 (limit: 32768)
> > > >> > >CGroup: /system.slice/libvirtd.service
> > > >> > >├─  537 /usr/sbin/libvirtd -l
> > > >> > >├─12206 /usr/sbin/dnsmasq
> > > >> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> > > >> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> > > >> > >└─12207 /usr/sbin/dnsmasq
> > > >> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> > > >> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> > > >> > >
> > > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> > > 2019-03-21
> > > >> > > 11:45:01.168+: 566: info : libvirt version: 4.5.0, package:
> > > >> > 10.el7_6.6
> > > >> > > (CentOS BuildSystem ,
> > 2019-03-14-10:21:47,
> > > >> > > x86-01.bsys.centos.org)
> > > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> > > 2019-03-21
> > > >> > > 11:45:01.168+: 566: info : hostname:
> > > mtl1-apphst03.mt.pbt.com.mt
> > > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> > > 2019-03-21
> > > >> > > 11:45:01.168+: 566: error : virFirewallApplyRuleDirect:709 :
> > > >> internal
> > > >> > > error: Failed to apply firewall rules /usr/sbin/iptables -w
> > --table
> > > >> nat
> > > >> > > --insert POSTROUTING --source 192.168.122.0/24 '!'
>

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Ivan Kudryavtsev 
Jevgeniy, simplest and the most obvious way is to flatten their images with
"qemu-img convert", next import them as templates and recreate VMs from
those templates.

чт, 21 мар. 2019 г. в 13:05, Jevgeni Zolotarjov :

> What happened in the end was: qemu-kvm got updated to version 2.0 during
> the maintenance.  We could not manage to make this KVM to work with
> Cloudstack.
> So we rolled back to version 1.5.3.
>
> And now we have clean cloudstack fully operational. We can create new VMs
> and it works. I am almost happy.
>
> Now question - how do I get my old VMs to work, considering I have only
> their volumes?
>
> On Thu, Mar 21, 2019 at 6:24 PM Andrija Panic 
> wrote:
>
> > Just replace the URL for systemVM template from 4.11.1 with 4.11.2 (there
> > is a PR for this now).
> >
> > On Thu, 21 Mar 2019 at 16:53, Andrija Panic 
> > wrote:
> >
> > > Please use the one, updated specifically for CentOS 7 -
> > >
> >
> https://github.com/apache/cloudstack-documentation/blob/master/source/quickinstallationguide/qig.rst
> > >
> > > And please avoid collocating KVM and MGMT on same server (especially in
> > > any production-like system)
> > >
> > > Please let me know if the guide above gives you problem - we had
> multiple
> > > users explicitly following it - and successfully installed (with some
> > minor
> > > modification, which we committed back to that guide).
> > >
> > > Thanks
> > > Andrija
> > >
> > > On Thu, 21 Mar 2019 at 16:34, Jevgeni Zolotarjov <
> j.zolotar...@gmail.com
> > >
> > > wrote:
> > >
> > >> OS management - centos 7 (1810)
> > >> OS hypervisor - centos 7 (1810)
> > >>
> > >> Basic zone - yes
> > >> I am following this quide
> > >>
> > >>
> >
> http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html
> > >>
> > >> Right now from scratch - management ans hypervisor on the same machine
> > >> qemu - version 1.5.3
> > >> libvirt - libvirt version: 4.5.0, package: 10.el7_6.6
> > >>
> > >> Basically - everything out of the box of clean centos install
> > >>
> > >>
> > >>
> > >>
> > >> On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic <
> andrija.pa...@gmail.com>
> > >> wrote:
> > >>
> > >> > Hey Jevgeni,
> > >> >
> > >> > what OS mgmt, what OS hypervisor, what qemu/libvirt versions - still
> > in
> > >> > Basic Zone, SG ?
> > >> >
> > >> > Andrija
> > >> >
> > >> > On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov <
> > >> j.zolotar...@gmail.com>
> > >> > wrote:
> > >> >
> > >> > > I reinstalled cloudstack from scratch - everything
> > >> > >
> > >> > > But looks like I hit the same wall now
> > >> > >
> > >> > > In the last step of installation it cannot create system VMs.
> > >> > >
> > >> > > service libvirtd status -l
> > >> > > gives me
> > >> > > 
> > >> > > ● libvirtd.service - Virtualization daemon
> > >> > >Loaded: loaded (/usr/lib/systemd/system/libvirtd.service;
> > enabled;
> > >> > > vendor preset: enabled)
> > >> > >Active: active (running) since Thu 2019-03-21 11:45:00 GMT;
> 18min
> > >> ago
> > >> > >  Docs: man:libvirtd(8)
> > >> > >https://libvirt.org
> > >> > >  Main PID: 537 (libvirtd)
> > >> > > Tasks: 20 (limit: 32768)
> > >> > >CGroup: /system.slice/libvirtd.service
> > >> > >├─  537 /usr/sbin/libvirtd -l
> > >> > >├─12206 /usr/sbin/dnsmasq
> > >> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> > >> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> > >> > >└─12207 /usr/sbin/dnsmasq
> > >> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> > >> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> > >> > >
> > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> > 2019-03-21
> > >> > > 11:45:01.168+: 566: info : libvirt version: 4.5.0, package:
> > >> > 10.el7_6.6
> > >> > > (CentOS BuildSystem ,
> 2019-03-14-10:21:47,
> > >> > > x86-01.bsys.centos.org)
> > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> > 2019-03-21
> > >> > > 11:45:01.168+: 566: info : hostname:
> > mtl1-apphst03.mt.pbt.com.mt
> > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> > 2019-03-21
> > >> > > 11:45:01.168+: 566: error : virFirewallApplyRuleDirect:709 :
> > >> internal
> > >> > > error: Failed to apply firewall rules /usr/sbin/iptables -w
> --table
> > >> nat
> > >> > > --insert POSTROUTING --source 192.168.122.0/24 '!' --destination
> > >> > > 192.168.122.0/24 --jump MASQUERADE: iptables v1.4.21: can't
> > >> initialize
> > >> > > iptables table `nat': Table does not exist (do you need to
> insmod?)
> > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> Perhaps
> > >> > > iptables
> > >> > > or your kernel needs to be upgraded.
> > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> > >> > > /etc/hosts
> > >> > > - 4 addresses
> > >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Jevgeni Zolotarjov 
What happened in the end was: qemu-kvm got updated to version 2.0 during
the maintenance.  We could not manage to make this KVM to work with
Cloudstack.
So we rolled back to version 1.5.3.

And now we have clean cloudstack fully operational. We can create new VMs
and it works. I am almost happy.

Now question - how do I get my old VMs to work, considering I have only
their volumes?

On Thu, Mar 21, 2019 at 6:24 PM Andrija Panic 
wrote:

> Just replace the URL for systemVM template from 4.11.1 with 4.11.2 (there
> is a PR for this now).
>
> On Thu, 21 Mar 2019 at 16:53, Andrija Panic 
> wrote:
>
> > Please use the one, updated specifically for CentOS 7 -
> >
> https://github.com/apache/cloudstack-documentation/blob/master/source/quickinstallationguide/qig.rst
> >
> > And please avoid collocating KVM and MGMT on same server (especially in
> > any production-like system)
> >
> > Please let me know if the guide above gives you problem - we had multiple
> > users explicitly following it - and successfully installed (with some
> minor
> > modification, which we committed back to that guide).
> >
> > Thanks
> > Andrija
> >
> > On Thu, 21 Mar 2019 at 16:34, Jevgeni Zolotarjov  >
> > wrote:
> >
> >> OS management - centos 7 (1810)
> >> OS hypervisor - centos 7 (1810)
> >>
> >> Basic zone - yes
> >> I am following this quide
> >>
> >>
> http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html
> >>
> >> Right now from scratch - management ans hypervisor on the same machine
> >> qemu - version 1.5.3
> >> libvirt - libvirt version: 4.5.0, package: 10.el7_6.6
> >>
> >> Basically - everything out of the box of clean centos install
> >>
> >>
> >>
> >>
> >> On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic 
> >> wrote:
> >>
> >> > Hey Jevgeni,
> >> >
> >> > what OS mgmt, what OS hypervisor, what qemu/libvirt versions - still
> in
> >> > Basic Zone, SG ?
> >> >
> >> > Andrija
> >> >
> >> > On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov <
> >> j.zolotar...@gmail.com>
> >> > wrote:
> >> >
> >> > > I reinstalled cloudstack from scratch - everything
> >> > >
> >> > > But looks like I hit the same wall now
> >> > >
> >> > > In the last step of installation it cannot create system VMs.
> >> > >
> >> > > service libvirtd status -l
> >> > > gives me
> >> > > 
> >> > > ● libvirtd.service - Virtualization daemon
> >> > >Loaded: loaded (/usr/lib/systemd/system/libvirtd.service;
> enabled;
> >> > > vendor preset: enabled)
> >> > >Active: active (running) since Thu 2019-03-21 11:45:00 GMT; 18min
> >> ago
> >> > >  Docs: man:libvirtd(8)
> >> > >https://libvirt.org
> >> > >  Main PID: 537 (libvirtd)
> >> > > Tasks: 20 (limit: 32768)
> >> > >CGroup: /system.slice/libvirtd.service
> >> > >├─  537 /usr/sbin/libvirtd -l
> >> > >├─12206 /usr/sbin/dnsmasq
> >> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> >> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> >> > >└─12207 /usr/sbin/dnsmasq
> >> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> >> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> >> > >
> >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> 2019-03-21
> >> > > 11:45:01.168+: 566: info : libvirt version: 4.5.0, package:
> >> > 10.el7_6.6
> >> > > (CentOS BuildSystem , 2019-03-14-10:21:47,
> >> > > x86-01.bsys.centos.org)
> >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> 2019-03-21
> >> > > 11:45:01.168+: 566: info : hostname:
> mtl1-apphst03.mt.pbt.com.mt
> >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> 2019-03-21
> >> > > 11:45:01.168+: 566: error : virFirewallApplyRuleDirect:709 :
> >> internal
> >> > > error: Failed to apply firewall rules /usr/sbin/iptables -w --table
> >> nat
> >> > > --insert POSTROUTING --source 192.168.122.0/24 '!' --destination
> >> > > 192.168.122.0/24 --jump MASQUERADE: iptables v1.4.21: can't
> >> initialize
> >> > > iptables table `nat': Table does not exist (do you need to insmod?)
> >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: Perhaps
> >> > > iptables
> >> > > or your kernel needs to be upgraded.
> >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> >> > > /etc/hosts
> >> > > - 4 addresses
> >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> >> > > /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
> >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq-dhcp[12206]:
> read
> >> > > /var/lib/libvirt/dnsmasq/default.hostsfile
> >> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> 2019-03-21
> >> > > 11:45:01.354+: 566: warning : virSecurityManagerNew:189 :
> >> Configured
> >> > > security driver "none" disables default policy to create confined
> >> guests
> >> > > Mar 21 11:49:57 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]:
> 2019-03-21
> >>

RE: [RESULT][VOTE] Apache CloudStack 4.12.0.0

2019-03-21 Thread Paul Angus 
Well done Gabriel,

Are you sorted to do the documentation or do you need some help?  I should have 
some time next week if you need a hand.

Kind regards

Paul.

paul.an...@shapeblue.com 
www.shapeblue.com
Amadeus House, Floral Street, London  WC2E 9DPUK
@shapeblue
  
 


-Original Message-
From: Gabriel Beims Bräscher  
Sent: 19 March 2019 21:37
To: dev ; users 
Subject: [RESULT][VOTE] Apache CloudStack 4.12.0.0

Hi all,

After 3 business days, the vote for CloudStack 4.12.0.0 *passes* with 4 PMC
+ 2 non-PMC votes.

+1 (PMC / binding)
* Wido den Hollander
* Simon Weller
* Rafael Weingärtner
* Rohit Yadav

+1 (nonbinding)
* Gabriel Bräscher
* Nicolas Vazquez

0
none

-1
none

Thanks to everyone participating.

I will now prepare the release announcement to go out after 24 hours to give 
the mirrors time to catch up.

Best regards,
Gabriel

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Andrija Panic 
Just replace the URL for systemVM template from 4.11.1 with 4.11.2 (there
is a PR for this now).

On Thu, 21 Mar 2019 at 16:53, Andrija Panic  wrote:

> Please use the one, updated specifically for CentOS 7 -
> https://github.com/apache/cloudstack-documentation/blob/master/source/quickinstallationguide/qig.rst
>
> And please avoid collocating KVM and MGMT on same server (especially in
> any production-like system)
>
> Please let me know if the guide above gives you problem - we had multiple
> users explicitly following it - and successfully installed (with some minor
> modification, which we committed back to that guide).
>
> Thanks
> Andrija
>
> On Thu, 21 Mar 2019 at 16:34, Jevgeni Zolotarjov 
> wrote:
>
>> OS management - centos 7 (1810)
>> OS hypervisor - centos 7 (1810)
>>
>> Basic zone - yes
>> I am following this quide
>>
>> http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html
>>
>> Right now from scratch - management ans hypervisor on the same machine
>> qemu - version 1.5.3
>> libvirt - libvirt version: 4.5.0, package: 10.el7_6.6
>>
>> Basically - everything out of the box of clean centos install
>>
>>
>>
>>
>> On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic 
>> wrote:
>>
>> > Hey Jevgeni,
>> >
>> > what OS mgmt, what OS hypervisor, what qemu/libvirt versions - still in
>> > Basic Zone, SG ?
>> >
>> > Andrija
>> >
>> > On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov <
>> j.zolotar...@gmail.com>
>> > wrote:
>> >
>> > > I reinstalled cloudstack from scratch - everything
>> > >
>> > > But looks like I hit the same wall now
>> > >
>> > > In the last step of installation it cannot create system VMs.
>> > >
>> > > service libvirtd status -l
>> > > gives me
>> > > 
>> > > ● libvirtd.service - Virtualization daemon
>> > >Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled;
>> > > vendor preset: enabled)
>> > >Active: active (running) since Thu 2019-03-21 11:45:00 GMT; 18min
>> ago
>> > >  Docs: man:libvirtd(8)
>> > >https://libvirt.org
>> > >  Main PID: 537 (libvirtd)
>> > > Tasks: 20 (limit: 32768)
>> > >CGroup: /system.slice/libvirtd.service
>> > >├─  537 /usr/sbin/libvirtd -l
>> > >├─12206 /usr/sbin/dnsmasq
>> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
>> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
>> > >└─12207 /usr/sbin/dnsmasq
>> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
>> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
>> > >
>> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
>> > > 11:45:01.168+: 566: info : libvirt version: 4.5.0, package:
>> > 10.el7_6.6
>> > > (CentOS BuildSystem , 2019-03-14-10:21:47,
>> > > x86-01.bsys.centos.org)
>> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
>> > > 11:45:01.168+: 566: info : hostname: mtl1-apphst03.mt.pbt.com.mt
>> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
>> > > 11:45:01.168+: 566: error : virFirewallApplyRuleDirect:709 :
>> internal
>> > > error: Failed to apply firewall rules /usr/sbin/iptables -w --table
>> nat
>> > > --insert POSTROUTING --source 192.168.122.0/24 '!' --destination
>> > > 192.168.122.0/24 --jump MASQUERADE: iptables v1.4.21: can't
>> initialize
>> > > iptables table `nat': Table does not exist (do you need to insmod?)
>> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: Perhaps
>> > > iptables
>> > > or your kernel needs to be upgraded.
>> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
>> > > /etc/hosts
>> > > - 4 addresses
>> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
>> > > /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
>> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq-dhcp[12206]: read
>> > > /var/lib/libvirt/dnsmasq/default.hostsfile
>> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
>> > > 11:45:01.354+: 566: warning : virSecurityManagerNew:189 :
>> Configured
>> > > security driver "none" disables default policy to create confined
>> guests
>> > > Mar 21 11:49:57 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
>> > > 11:49:57.354+: 542: warning : qemuDomainObjTaint:7521 : Domain
>> id=2
>> > > name='s-1-VM' uuid=1a06d3a7-4e3f-4cba-912f-74ae24569bac is tainted:
>> > > high-privileges
>> > > Mar 21 11:49:59 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
>> > > 11:49:59.402+: 540: warning : qemuDomainObjTaint:7521 : Domain
>> id=3
>> > > name='v-2-VM' uuid=af2a8342-cd9b-4b55-ba12-480634a31d65 is tainted:
>> > > high-privileges
>> > >
>> > >
>> > > What can be done about that ?
>> > >
>> >
>> >
>> > --
>> >
>> > Andrija Panić
>> >
>>
>
>
> --
>
> Andrija Panić
>


-- 

Andrija Panić

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Andrija Panic 
Please use the one, updated specifically for CentOS 7 -
https://github.com/apache/cloudstack-documentation/blob/master/source/quickinstallationguide/qig.rst

And please avoid collocating KVM and MGMT on same server (especially in any
production-like system)

Please let me know if the guide above gives you problem - we had multiple
users explicitly following it - and successfully installed (with some minor
modification, which we committed back to that guide).

Thanks
Andrija

On Thu, 21 Mar 2019 at 16:34, Jevgeni Zolotarjov 
wrote:

> OS management - centos 7 (1810)
> OS hypervisor - centos 7 (1810)
>
> Basic zone - yes
> I am following this quide
>
> http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html
>
> Right now from scratch - management ans hypervisor on the same machine
> qemu - version 1.5.3
> libvirt - libvirt version: 4.5.0, package: 10.el7_6.6
>
> Basically - everything out of the box of clean centos install
>
>
>
>
> On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic 
> wrote:
>
> > Hey Jevgeni,
> >
> > what OS mgmt, what OS hypervisor, what qemu/libvirt versions - still in
> > Basic Zone, SG ?
> >
> > Andrija
> >
> > On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov  >
> > wrote:
> >
> > > I reinstalled cloudstack from scratch - everything
> > >
> > > But looks like I hit the same wall now
> > >
> > > In the last step of installation it cannot create system VMs.
> > >
> > > service libvirtd status -l
> > > gives me
> > > 
> > > ● libvirtd.service - Virtualization daemon
> > >Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled;
> > > vendor preset: enabled)
> > >Active: active (running) since Thu 2019-03-21 11:45:00 GMT; 18min
> ago
> > >  Docs: man:libvirtd(8)
> > >https://libvirt.org
> > >  Main PID: 537 (libvirtd)
> > > Tasks: 20 (limit: 32768)
> > >CGroup: /system.slice/libvirtd.service
> > >├─  537 /usr/sbin/libvirtd -l
> > >├─12206 /usr/sbin/dnsmasq
> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> > >└─12207 /usr/sbin/dnsmasq
> > > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> > > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> > >
> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > > 11:45:01.168+: 566: info : libvirt version: 4.5.0, package:
> > 10.el7_6.6
> > > (CentOS BuildSystem , 2019-03-14-10:21:47,
> > > x86-01.bsys.centos.org)
> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > > 11:45:01.168+: 566: info : hostname: mtl1-apphst03.mt.pbt.com.mt
> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > > 11:45:01.168+: 566: error : virFirewallApplyRuleDirect:709 :
> internal
> > > error: Failed to apply firewall rules /usr/sbin/iptables -w --table nat
> > > --insert POSTROUTING --source 192.168.122.0/24 '!' --destination
> > > 192.168.122.0/24 --jump MASQUERADE: iptables v1.4.21: can't initialize
> > > iptables table `nat': Table does not exist (do you need to insmod?)
> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: Perhaps
> > > iptables
> > > or your kernel needs to be upgraded.
> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> > > /etc/hosts
> > > - 4 addresses
> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> > > /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq-dhcp[12206]: read
> > > /var/lib/libvirt/dnsmasq/default.hostsfile
> > > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > > 11:45:01.354+: 566: warning : virSecurityManagerNew:189 :
> Configured
> > > security driver "none" disables default policy to create confined
> guests
> > > Mar 21 11:49:57 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > > 11:49:57.354+: 542: warning : qemuDomainObjTaint:7521 : Domain id=2
> > > name='s-1-VM' uuid=1a06d3a7-4e3f-4cba-912f-74ae24569bac is tainted:
> > > high-privileges
> > > Mar 21 11:49:59 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > > 11:49:59.402+: 540: warning : qemuDomainObjTaint:7521 : Domain id=3
> > > name='v-2-VM' uuid=af2a8342-cd9b-4b55-ba12-480634a31d65 is tainted:
> > > high-privileges
> > >
> > >
> > > What can be done about that ?
> > >
> >
> >
> > --
> >
> > Andrija Panić
> >
>


-- 

Andrija Panić

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Jevgeni Zolotarjov 
OS management - centos 7 (1810)
OS hypervisor - centos 7 (1810)

Basic zone - yes
I am following this quide
http://docs.cloudstack.apache.org/en/4.11.2.0/quickinstallationguide/qig.html

Right now from scratch - management ans hypervisor on the same machine
qemu - version 1.5.3
libvirt - libvirt version: 4.5.0, package: 10.el7_6.6

Basically - everything out of the box of clean centos install




On Thu, Mar 21, 2019 at 5:08 PM Andrija Panic 
wrote:

> Hey Jevgeni,
>
> what OS mgmt, what OS hypervisor, what qemu/libvirt versions - still in
> Basic Zone, SG ?
>
> Andrija
>
> On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov 
> wrote:
>
> > I reinstalled cloudstack from scratch - everything
> >
> > But looks like I hit the same wall now
> >
> > In the last step of installation it cannot create system VMs.
> >
> > service libvirtd status -l
> > gives me
> > 
> > ● libvirtd.service - Virtualization daemon
> >Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled;
> > vendor preset: enabled)
> >Active: active (running) since Thu 2019-03-21 11:45:00 GMT; 18min ago
> >  Docs: man:libvirtd(8)
> >https://libvirt.org
> >  Main PID: 537 (libvirtd)
> > Tasks: 20 (limit: 32768)
> >CGroup: /system.slice/libvirtd.service
> >├─  537 /usr/sbin/libvirtd -l
> >├─12206 /usr/sbin/dnsmasq
> > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> >└─12207 /usr/sbin/dnsmasq
> > --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> > --dhcp-script=/usr/libexec/libvirt_leaseshelper
> >
> > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > 11:45:01.168+: 566: info : libvirt version: 4.5.0, package:
> 10.el7_6.6
> > (CentOS BuildSystem , 2019-03-14-10:21:47,
> > x86-01.bsys.centos.org)
> > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > 11:45:01.168+: 566: info : hostname: mtl1-apphst03.mt.pbt.com.mt
> > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > 11:45:01.168+: 566: error : virFirewallApplyRuleDirect:709 : internal
> > error: Failed to apply firewall rules /usr/sbin/iptables -w --table nat
> > --insert POSTROUTING --source 192.168.122.0/24 '!' --destination
> > 192.168.122.0/24 --jump MASQUERADE: iptables v1.4.21: can't initialize
> > iptables table `nat': Table does not exist (do you need to insmod?)
> > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: Perhaps
> > iptables
> > or your kernel needs to be upgraded.
> > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> > /etc/hosts
> > - 4 addresses
> > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> > /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
> > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq-dhcp[12206]: read
> > /var/lib/libvirt/dnsmasq/default.hostsfile
> > Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > 11:45:01.354+: 566: warning : virSecurityManagerNew:189 : Configured
> > security driver "none" disables default policy to create confined guests
> > Mar 21 11:49:57 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > 11:49:57.354+: 542: warning : qemuDomainObjTaint:7521 : Domain id=2
> > name='s-1-VM' uuid=1a06d3a7-4e3f-4cba-912f-74ae24569bac is tainted:
> > high-privileges
> > Mar 21 11:49:59 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> > 11:49:59.402+: 540: warning : qemuDomainObjTaint:7521 : Domain id=3
> > name='v-2-VM' uuid=af2a8342-cd9b-4b55-ba12-480634a31d65 is tainted:
> > high-privileges
> >
> >
> > What can be done about that ?
> >
>
>
> --
>
> Andrija Panić
>

Re: cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Andrija Panic 
Hey Jevgeni,

what OS mgmt, what OS hypervisor, what qemu/libvirt versions - still in
Basic Zone, SG ?

Andrija

On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov 
wrote:

> I reinstalled cloudstack from scratch - everything
>
> But looks like I hit the same wall now
>
> In the last step of installation it cannot create system VMs.
>
> service libvirtd status -l
> gives me
> 
> ● libvirtd.service - Virtualization daemon
>Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled;
> vendor preset: enabled)
>Active: active (running) since Thu 2019-03-21 11:45:00 GMT; 18min ago
>  Docs: man:libvirtd(8)
>https://libvirt.org
>  Main PID: 537 (libvirtd)
> Tasks: 20 (limit: 32768)
>CGroup: /system.slice/libvirtd.service
>├─  537 /usr/sbin/libvirtd -l
>├─12206 /usr/sbin/dnsmasq
> --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> --dhcp-script=/usr/libexec/libvirt_leaseshelper
>└─12207 /usr/sbin/dnsmasq
> --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> --dhcp-script=/usr/libexec/libvirt_leaseshelper
>
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:45:01.168+: 566: info : libvirt version: 4.5.0, package: 10.el7_6.6
> (CentOS BuildSystem , 2019-03-14-10:21:47,
> x86-01.bsys.centos.org)
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:45:01.168+: 566: info : hostname: mtl1-apphst03.mt.pbt.com.mt
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:45:01.168+: 566: error : virFirewallApplyRuleDirect:709 : internal
> error: Failed to apply firewall rules /usr/sbin/iptables -w --table nat
> --insert POSTROUTING --source 192.168.122.0/24 '!' --destination
> 192.168.122.0/24 --jump MASQUERADE: iptables v1.4.21: can't initialize
> iptables table `nat': Table does not exist (do you need to insmod?)
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: Perhaps
> iptables
> or your kernel needs to be upgraded.
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> /etc/hosts
> - 4 addresses
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq-dhcp[12206]: read
> /var/lib/libvirt/dnsmasq/default.hostsfile
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:45:01.354+: 566: warning : virSecurityManagerNew:189 : Configured
> security driver "none" disables default policy to create confined guests
> Mar 21 11:49:57 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:49:57.354+: 542: warning : qemuDomainObjTaint:7521 : Domain id=2
> name='s-1-VM' uuid=1a06d3a7-4e3f-4cba-912f-74ae24569bac is tainted:
> high-privileges
> Mar 21 11:49:59 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:49:59.402+: 540: warning : qemuDomainObjTaint:7521 : Domain id=3
> name='v-2-VM' uuid=af2a8342-cd9b-4b55-ba12-480634a31d65 is tainted:
> high-privileges
>
>
> What can be done about that ?
>


-- 

Andrija Panić

Re: Cloudstack DEB Repository Invalid Signatures

2019-03-21 Thread Gabriel Beims Bräscher 
Hi Kevin

We need to generate a new key in the Apache CloudStack repo as the old one
is weak.
Regarding the 4.12.0.0, it still on the releasing process. The 4.12 will be
officially released when an e-mail (e.g. "[ANNOUNCE] Apache CloudStack
4.12.0.0") make it official on the CloudStack mailing lists.

Cheers,
Gabriel

Em qui, 21 de mar de 2019 às 09:48, Kevin Heseler 
escreveu:

> Hi,
>
> Rafael Weingärtner wrote on 21.03.19 13:27:
> > The release process for 4.12 has not finished yet.
> >
>
> This was just a side node, as I was wondering why it is in the
> repository then. However my main point of the mail was: I am
> experiencing those GPG errors also with xenial on 4.11, so the current
> LTS release.
>
> --
> Cheers,
> Kevin
>
>
>

Re: Cloudstack DEB Repository Invalid Signatures

2019-03-21 Thread Kevin Heseler 
Hi,

Rafael Weingärtner wrote on 21.03.19 13:27:
> The release process for 4.12 has not finished yet.
> 

This was just a side node, as I was wondering why it is in the 
repository then. However my main point of the mail was: I am 
experiencing those GPG errors also with xenial on 4.11, so the current 
LTS release.

--
Cheers,
Kevin

Re: Cloudstack DEB Repository Invalid Signatures

2019-03-21 Thread Rafael Weingärtner 
The release process for 4.12 has not finished yet.

On Thu, Mar 21, 2019 at 9:25 AM Kevin Heseler  wrote:

> Hey Cloudstack-Users,
>
> just started using Cloudstack for the first time and something is not
> right with the DEB repository. I imported the key from
> https://download.cloudstack.org/release.asc however my apt is showing me
> that the release is not signed properly.
>
> W: GPG error: https://download.cloudstack.org/ubuntu xenial InRelease:
> The following signatures were invalid:
> A1F6C9B23D6323C64949B83397359C3BAB1FCB30
> E: The repository 'https://download.cloudstack.org/ubuntu xenial
> InRelease' is not signed.
> N: Updating from such a repository can't be done securely, and is
> therefore disabled by default.
> N: See apt-secure(8) manpage for repository creation and user
> configuration details.
>
> Same thing also goes for the bionic version.
>
> Adding [trusted=yes] to the apt.list fixes this issue by bypassing
> apt-secure, however I do believe that this is not a good solution here.
>
> I can see that the key is imported to my trusted.gpg, and that the end
> of the fingerprint seems to be correct. However I could not figure out
> what is wrong here. Any ideas?
>
> Side note: When I tried installing 4.12 from the bionic repo it was also
> showing me a file size mismatch, seems like something is broken there, too.
>
> --
> Cheers,
> Kevin
>


-- 
Rafael Weingärtner

Cloudstack DEB Repository Invalid Signatures

2019-03-21 Thread Kevin Heseler 
Hey Cloudstack-Users,

just started using Cloudstack for the first time and something is not 
right with the DEB repository. I imported the key from 
https://download.cloudstack.org/release.asc however my apt is showing me 
that the release is not signed properly.

W: GPG error: https://download.cloudstack.org/ubuntu xenial InRelease: 
The following signatures were invalid: 
A1F6C9B23D6323C64949B83397359C3BAB1FCB30
E: The repository 'https://download.cloudstack.org/ubuntu xenial 
InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is 
therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user 
configuration details.

Same thing also goes for the bionic version.

Adding [trusted=yes] to the apt.list fixes this issue by bypassing 
apt-secure, however I do believe that this is not a good solution here.

I can see that the key is imported to my trusted.gpg, and that the end 
of the fingerprint seems to be correct. However I could not figure out 
what is wrong here. Any ideas?

Side note: When I tried installing 4.12 from the bionic repo it was also 
showing me a file size mismatch, seems like something is broken there, too.

--
Cheers,
Kevin

cannot start system VMs: disaster after maintenance followup

2019-03-21 Thread Jevgeni Zolotarjov 
I reinstalled cloudstack from scratch - everything

But looks like I hit the same wall now

In the last step of installation it cannot create system VMs.

service libvirtd status -l
gives me

● libvirtd.service - Virtualization daemon
   Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled;
vendor preset: enabled)
   Active: active (running) since Thu 2019-03-21 11:45:00 GMT; 18min ago
 Docs: man:libvirtd(8)
   https://libvirt.org
 Main PID: 537 (libvirtd)
Tasks: 20 (limit: 32768)
   CGroup: /system.slice/libvirtd.service
   ├─  537 /usr/sbin/libvirtd -l
   ├─12206 /usr/sbin/dnsmasq
--conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
--dhcp-script=/usr/libexec/libvirt_leaseshelper
   └─12207 /usr/sbin/dnsmasq
--conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
--dhcp-script=/usr/libexec/libvirt_leaseshelper

Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
11:45:01.168+: 566: info : libvirt version: 4.5.0, package: 10.el7_6.6
(CentOS BuildSystem , 2019-03-14-10:21:47,
x86-01.bsys.centos.org)
Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
11:45:01.168+: 566: info : hostname: mtl1-apphst03.mt.pbt.com.mt
Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
11:45:01.168+: 566: error : virFirewallApplyRuleDirect:709 : internal
error: Failed to apply firewall rules /usr/sbin/iptables -w --table nat
--insert POSTROUTING --source 192.168.122.0/24 '!' --destination
192.168.122.0/24 --jump MASQUERADE: iptables v1.4.21: can't initialize
iptables table `nat': Table does not exist (do you need to insmod?)
Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: Perhaps iptables
or your kernel needs to be upgraded.
Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read /etc/hosts
- 4 addresses
Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
/var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq-dhcp[12206]: read
/var/lib/libvirt/dnsmasq/default.hostsfile
Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
11:45:01.354+: 566: warning : virSecurityManagerNew:189 : Configured
security driver "none" disables default policy to create confined guests
Mar 21 11:49:57 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
11:49:57.354+: 542: warning : qemuDomainObjTaint:7521 : Domain id=2
name='s-1-VM' uuid=1a06d3a7-4e3f-4cba-912f-74ae24569bac is tainted:
high-privileges
Mar 21 11:49:59 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
11:49:59.402+: 540: warning : qemuDomainObjTaint:7521 : Domain id=3
name='v-2-VM' uuid=af2a8342-cd9b-4b55-ba12-480634a31d65 is tainted:
high-privileges


What can be done about that ?