1) Netscaler provides local balancing functions rather than IPs. For both
basic and advanced networking you can either assign IPs statically to your VMs
or you can use DHCP on your virtual routers to provide the IPs.
Public vs private IPs , doesn't really make any difference.
2) You can setup
secondary storage traffic separately I would run a
bond for management and primary storage and a NIC each for secondary and guest
traffic - but I would still say 1) is the better option.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 18/03/2019, 19:02, "Jon Marshall" wrote:
I have 4 1Gbps NICs in each compute node and was considering 2 deployment
options (Advanced network with Security Groups) -
1) 2 NICs bonded together and used for all storage and management and the
other 2 NIC bonded together and used for guest VM traffic.
2) 1 NIC or management and
I have KVM Host HA enabled and power is lost to one of the compute nodes. The
host has it's state marked as alert and the HA states go through degraded to
suspect to Fencing.
The problem is that the host is never fenced because there is no power to it so
none of the OOBM commands work which
g command: get_rule_logs_for_vms
2019-03-01 10:55:31,581 - Executing command: get_rule_logs_for_vms
Regards
Soundar
On Fri, Mar 1, 2019 at 1:12 AM Jon Marshall wrote:
> Is this after you migrated the VM to another compute node ?
>
> It looks suspiciously like the issue I saw ie. I was using adv
Is this after you migrated the VM to another compute node ?
It looks suspiciously like the issue I saw ie. I was using advanced networking
with security groups and the security policy for the VM was not migrated to the
new compute node.
There is a bug filed for it and a workaround -
_group.py does
have a ";" instead of a ":".
Thanks,
Yiping
On 1/24/19, 12:54 AM, "Jon Marshall" wrote:
Please ignore, it has already been fixed but it is not included in the
4.11.2 release (due in the 4.11.3 one).
____
F
Please ignore, it has already been fixed but it is not included in the 4.11.2
release (due in the 4.11.3 one).
From: Jon Marshall
Sent: 23 January 2019 15:30
To: users@cloudstack.apache.org
Subject: Possible bug fix - sanity check please
The following issue
The following issue was seen using CS 4.11.2 in advanced mode with security
group isolation.
VM (internal name i-2-29-VM) - is created and works fine with default security
group allowing inbound SSH and ICMP echo request.
Migrate the VM to another of the compute nodes and the VM migrates and
Don't know whether this is a bug or to do wit setup -
CS 4.11.2
1 x manager, 3 x compute nodes runnning Advanced with security groups.
VM (internal name i-2-29-VM) - is created and works fine with default security
group allowing inbound SSH and ICMP echo request.
Migrate the VM to another of
If you allocate a secondary IP to a VM you don't want the VR to offer that IP
to another VM otherwise you could end up with
two VMs trying to use the same IP.
If you remove the secondary IP from the VM then the VR can allocate that IP to
another VM.
From:
should look at this option (looks like you
might have played with this already).
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 09/08/2018, 07:54, "Jon Marshall" wrote:
Having looked at both in a lab environment I am wondering what the
advantages of running basic
Having looked at both in a lab environment I am wondering what the advantages
of running basic networking are.
Obviously with basic you can use security groups (although you can with
advanced if using KVM) but apart from that advanced seems to offer all the
features of basic plus a whole lot
I have a test setup for CS 4.11.1 advanced networking KVM on Centos 7.
One manager node and one compute node 2 NICs (1 management/storage), I a trunk
link for VM traffic.
I create a guest network, an isolated network and a VPC with it's own isolated
network so 3 VRs and each network has a VM
with
ID=1 in your DB is not checking in, or taking time checking in, and the
management server can therefore not communicate with it. Check the startup of
the agent works as expected, and also check the agent logs.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 23/07/2018, 09:11, "Jon Mar
Cloudstack 4.11.0 - KVM
Created on VPC with 1 isolated network as test with 2 instances and it works as
expected. When doing a reboot of all nodes (compute and management) when it
comes back up the virtual router will not start. This happens each time I
reboot.
I have gone through
Hi Andrija
Following on from that if you are using an isolated guest network and static IP
for NAT to a VM private IP is there anyway in the IP address firewall
configuration to deny certain traffic as well as permit traffic.
Jon
From: Andrija Panic
Sent:
The virtual router for the VPC finally went to stopped and I did a restart VPC
and did a clean up and the VR restarted. I could then restart the VMs.
From: Jon Marshall
Sent: 17 July 2018 13:46
To: users@cloudstack.apache.org
Subject: RE: VPC vitual router
s possible to connect directly to the VR via console KVM ? (virsh console
r-XXX-VM)
If yes, please check cloud.log, State "starting" from CS doesn't mean it's not
okay from KVM
The cloud-agent log on KVM host could be useful as well.
Best regards,
N.B
-Message d'origine---
Testing with advanced networking v4.11 using KVM.
I setup some isolated networks (2) and then a VPC which all worked fine. I then
rebooted compute nodes (x3) and manager and when it all came back the VPC
virtual router is stuck in starting as are the VMs in the VPC.
I have checked the
o another VM/nic in same network).
You need to manually configure secondary IP on the VM - this is at least in
4.8 release, and per my experience so far.
Cheers.
On Wed, 11 Jul 2018 at 11:23, Jon Marshall wrote:
> I am trying to work out how CS handles additional IPs assigned to a VM.
I am trying to work out how CS handles additional IPs assigned to a VM.
So using DHCP for the VMs if I log onto the virtual router in the
"dhcphosts.txt" can see the VM maping to it's IP.
If I then acquire a secondary IP for the VM a couple of questions -
1) where does the virtual router
individual public IP address – as oppose to
egress rules which apply to the whole network.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 06/07/2018, 12:17, "Jon Marshall" wrote:
Quick update re question 2) - where
I created a VPC and added a static NAT and it worked as e
.
From: Jon Marshall
Sent: 06 July 2018 09:26
To: users@cloudstack.apache.org
Subject: Isolated network and ingress rules
Have setup advanced network 4.11 KVM and it seems to be a lot more intuitive
than basic networking (at least to me )
Just a couple of quick questions -
1
Have setup advanced network 4.11 KVM and it seems to be a lot more intuitive
than basic networking (at least to me )
Just a couple of quick questions -
1) when I add a new isolated network with source NAT through the UI no matter
what I enter in the Guest gateway and Guest netmask boxes it
Sent from my iPhone
> On 3. Jul 2018, at 12:55, Jon Marshall wrote:
>
> I come from a Cisco background so I understand vlans, tagging and how to
> configure switches for trunks and I also understand how to configure tagging
> on CentOS.
>
>
> The bit that is just not
lementations.
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-Original Message-----
From: Jon Marshall
Sent: 03 July 2018 11:55
To: users@cloudstack.apache.org
Subject: Advanced networking - physical NICs.
I come from a Cisco background so I understand vlans, tag
I come from a Cisco background so I understand vlans, tagging and how to
configure switches for trunks and I also understand how to configure tagging on
CentOS.
The bit that is just not clicking with me is how to configure the NIC with CS
using KVM and advanced networking.
The
Trying to setup advanced networking using KVM CS v4.11
When I try to add the first host in the initial setup I get this in the
management-server log -
local), Ver: v1, Flags: 110, { ReadyAnswer } }
2018-07-03 10:30:37,489 DEBUG [c.c.u.s.SSHCmdHelper]
(qtp788117692-16:ctx-c7a9deda
essage-
From: Jon Marshall
Reply-To: "users@cloudstack.apache.org"
Date: Wednesday, 27 June 2018 at 13:45
To: "users@cloudstack.apache.org"
Subject: Re: Adding a static route to the SSVM for remote NFS server
Hi Sateesh
I can add the route manually bu
sits in LAN.
Let us know how it goes.
Regards,
Sateesh
-Original Message-----
From: Jon Marshall
Reply-To: "users@cloudstack.apache.org"
Date: Tuesday, 26 June 2018 at 19:36
To: "users@cloudstack.apache.org"
Subject: Adding a static route to the SSVM for remote
I am doing basic networking with 2 NICS (one for management/storage and the
other for Guest traffic).
When you configure the physical NIC/bridges you can only define one default
gateway so I do it for the guest traffic which means the routing table on the
SSVM ends up as -
root@s-1-VM:/etc#
routable and you don’t want to use
guest network - then when you create a zone - use storage label and define
what bridge will be used to get there.
If it’s not guest bridge you wan to use - then use the management Bridge.
Regards
Ilya
On Wed, Jun 20, 2018 at 12:25 AM Jon Marshall wrote:
> I
, Jun 14, 2018 at 5:03 PM, Jon Marshall wrote:
> Hi Rafael
>
>
> I did log a bug but when rebuilding I found some slightly different
> behaviour so have temporarily removed it.
>
>
> So using cluster NFS and 3 NICs as already described VM HA works.
>
>
> Because the
I am probably missing something obvious but according to this article
(https://www.shapeblue.com/understanding-cloudstacks-physical-networking-architecture/)
by default primary and secondary storage traffic travels across the
management network.
As an example assume basic networking with 2
ation.
On Thu, Jun 14, 2018 at 5:03 PM, Jon Marshall wrote:
> Hi Rafael
>
>
> I did log a bug but when rebuilding I found some slightly different
> behaviour so have temporarily removed it.
>
>
> So using cluster NFS and 3 NICs as already described VM HA works.
>
>
to VMs
Well, it seems that you have found a bug. Can you fill out an issue report
on Github?
Thanks for the hard work on debugging and testing.
On Fri, Jun 8, 2018 at 2:17 PM, Jon Marshall wrote:
> So based on Erik's suggestion (thanks Erik) I rebuilt the management
> server and setup cluste
guys that set values for host-ha when testing,
> to see which ones they change and what they set them to.
>
> paul.an...@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
&
and testing.
On Fri, Jun 8, 2018 at 2:17 PM, Jon Marshall wrote:
> So based on Erik's suggestion (thanks Erik) I rebuilt the management
> server and setup cluster wide primary storage as opposed to zone wide which
> I have been using so far.
>
>
> Still using 3 NICs (manage
onders about the zone wide storage, you could try adding a
cluster wide nfs storage and see if it the rest works in that setup.
Erik
On Thu, Jun 7, 2018 at 11:49 AM Jon Marshall wrote:
> Yes, all basic. I read a Shapeblue doc that recommended splitting traffic
> across multiple NICs e
ion." does not appear when you use a single
NIC? Can you check other log entries that might appear when the host is
marked as "down"?
On Thu, Jun 7, 2018 at 6:30 AM, Jon Marshall wrote:
> It is all basic networking at the moment for all the setups.
>
>
> If you want me to I
.
When you say "all in one NIC", is it an advanced network deployment where
you put all traffic in a single network, or is it a basic networking that
you are doing?
On Thu, Jun 7, 2018 at 6:06 AM, Jon Marshall wrote:
> zone wide.
>
>
>
&
zone wide.
From: Rafael Weingärtner
Sent: 07 June 2018 10:04
To: users
Subject: Re: advanced networking with public IPs direct to VMs
What type of storage are you using? Zone wide? Or cluster "wide" storage?
On Thu, Jun 7, 2018 at 4:25 AM, Jon Marsh
ame isn’t that
> important – but then drag the traffic types to the correct one and make
> sure the labels are correct.
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
>
> On 06/06/2018, 12:39, "Jon Marshall" wrote:
>
> Dag
>
>
> Do you mean
nt – but then drag the traffic types to the correct one and make sure
>> the labels are correct.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 06/06/2018, 12:39, "Jon Marshall" wrote:
Dag
Do you mean check the pools with "Infrastructure -> Primary Storage&
age_pool where cluster_id = 1;
Do the pools show up as online in the CloudStack GUI?
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 06/06/2018, 12:08, "Jon Marshall" wrote:
Don't know whether this helps or not but I logged into the SSVM and ran an
ifconfig -
eth
I/O environment in
> production you are just adding complexity by running separate management
> and storage.
>
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
>
> On 06/06/2018, 10:18, "Jon Marshall" wrote:
>
> I wil
ur setup – stop using a secondary storage
> network altogether and just allow secondary storage to use the management
> network (which is default). Unless you have a very high I/O environment in
> production you are just adding complexity by running separate management
> and storage.
&g
you have a very high I/O environment in production
you are just adding complexity by running separate management and storage.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 06/06/2018, 10:18, "Jon Marshall" wrote:
I will disconnect the host this morning and test but before I d
pools. Looking at the "listPoolsByCluster " we will see
that the following SQL is used:
Select * from storage_pool where cluster_id = and removed
> is not null
>
Can you run that SQL to see the its return when your hosts are marked as
disconnected?
On Tue, Jun 5, 2018 at 11:32 AM, Jon Ma
oved
> is not null
>
Can you run that SQL to see the its return when your hosts are marked as
disconnected?
On Tue, Jun 5, 2018 at 11:32 AM, Jon Marshall wrote:
> I reran the tests with the 3 NIC setup. When I configured the zone through
> the UI I used the labels cloudbr0 for managem
raffic labels in ACS?
On Mon, Jun 4, 2018 at 11:29 AM, Jon Marshall wrote:
> Hi all
>
>
> I am close to giving up on basic networking as I just cannot get failover
> working with multiple NICs (I am not even sure it is supported).
>
>
> What I would like is to use 3 NICs fo
ACS version are you using?
What hypervisor are you using?
How are you configuring your NICs in the hypervisor?
How are you configuring the traffic labels in ACS?
On Mon, Jun 4, 2018 at 11:29 AM, Jon Marshall wrote:
> Hi all
>
>
> I am close to giving up on basic networking as I jus
rtner
Sent: 04 June 2018 21:15
To: users
Subject: Re: advanced networking with public IPs direct to VMs
Everything seems to be normal at a first glance. Do you see some sort of
error in the log files?
On Mon, Jun 4, 2018 at 11:39 AM, Jon Marshall wrote:
> CS version 4.11
>
> VM HA at t
o be normal at a first glance. Do you see some sort of
error in the log files?
On Mon, Jun 4, 2018 at 11:39 AM, Jon Marshall wrote:
> CS version 4.11
>
> VM HA at the moment (not Host HA as yet)
>
> KVM
>
>
> For the management node just one NIC - 172.30.3.2/26 assigned to
n are you using?
What hypervisor are you using?
How are you configuring your NICs in the hypervisor?
How are you configuring the traffic labels in ACS?
On Mon, Jun 4, 2018 at 11:29 AM, Jon Marshall wrote:
> Hi all
>
>
> I am close to giving up on basic networking as I just cannot g
Sorry that should say "not bother with the public traffic"
____
From: Jon Marshall
Sent: 04 June 2018 15:29
To: users@cloudstack.apache.org
Subject: advanced networking with public IPs direct to VMs
Hi all
I am close to giving up on basic networking
Hi all
I am close to giving up on basic networking as I just cannot get failover
working with multiple NICs (I am not even sure it is supported).
What I would like is to use 3 NICs for management, storage and guest traffic. I
would like to assign public IPs direct to the VMs which is why I
Subject: RE: 4.11 without Host-HA framework
I'm on leave next week, but I'll pick this up again when I'm back ...
paul.an...@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-Original Message-
From: Jon Ma
en Source Cloud Computing<https://cloudstack.apache.org/>
cloudstack.apache.org
CloudStack is open source cloud computing software for creating, managing, and
deploying infrastructure cloud services
________
From: Jon Marshall
Sent: Tuesday, May 22, 2018
apache.org
CloudStack is open source cloud computing software for creating, managing, and
deploying infrastructure cloud services
________
From: Jon Marshall
Sent: Tuesday, May 22, 2018 8:28:06 PM
To: users@cloudstack.apache.org
Subject: Re: 4.11 without Host-HA framewo
:12 GMT+07:00 Jon Marshall :
> From the 4.11 documentation -
>
>
> "When basic networking is used, CloudStack will assign IP addresses in the
> CIDR of the pod to the guests in that pod. The administrator must add a
> Direct IP range on the pod for this purpose. These I
>From the 4.11 documentation -
"When basic networking is used, CloudStack will assign IP addresses in the CIDR
of the pod to the guests in that pod. The administrator must add a Direct IP
range on the pod for this purpose. These IPs are in the same VLAN as the hosts."
It may be the way it is
www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -Original Message-
> From: Jon Marshall <jms@hotmail.co.uk>
> Sent: 23 May 2018 21:10
>
ent host.
- Rohit
<https://cloudstack.apache.org>
________
From: Jon Marshall <jms@hotmail.co.uk>
Sent: Tuesday, May 22, 2018 8:28:06 PM
To: users@cloudstack.apache.org
Subject: Re: 4.11 without Host-HA framework
Hi Rohit
Thanks for responding.
I have not had much
ud Computing<https://cloudstack.apache.org/>
cloudstack.apache.org
CloudStack is open source cloud computing software for creating, managing, and
deploying infrastructure cloud services
________
From: Jon Marshall <jms@hotmail.co.uk>
Sent: Monday, May
I keep seeing conflicting information about this in the mailing lists and in
blogs etc.
If I run 4.11 without enabling Host HA framework should HA still work if I
crash a compute node because my understanding was the new framework was added
for certain cases only.
It doesn't work for me but I
0 VM migrated
________
From: Jon Marshall <jms@hotmail.co.uk>
Sent: 29 March 2018 09:40
To: users@cloudstack.apache.org
Subject: Re: Failover for VMs
Hi Paul
I did make some progress with this and seem to remember that after it said
Recovered it then went back to Suspect and
overed?
That message is spurious. I've seen it also. It should say recovering. at
that time.
From: Jon Marshall <jms@hotmail.co.uk>
Sent: Tuesday, 27 March 2018 10:42 am
To: users@cloudstack.apache.org
Subject: Re: Failover for VMs
Just as an update to this bef
Ok, significant progress made with this and have got Host HA KVM failover
working for a number of different scenarios.
Will update this thread with tests run etc. and pick up after Easter as
suggested by Paul.
From: Jon Marshall <jms@hotmail.co.uk>
.
Not sure of the logic but at least I got to see a VM failover :)
From: Jon Marshall <jms@hotmail.co.uk>
Sent: 27 March 2018 10:42
To: users@cloudstack.apache.org
Subject: Re: Failover for VMs
Just as an update to this before I forget what I did :) -
IC in the management network but I
assume this is okay.
I may try reloading with CS v4.9 and just try failover without the new HA KVM
to see if I see anything different.
Jon
________
From: Jon Marshall <jms@hotmail.co.uk>
Sent: 27 March 2018 10:10
To: users@clo
nt of a
standardised ...
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-Original Message-----
From: Jon Marshall <jms@hotmail.co.uk>
Sent: 27 March 2018 09:19
To: users@cloudstack.apache.org
Subject: Failover for VMs
After 3 weeks of trying multiple different setu
After 3 weeks of trying multiple different setups I still have not managed to
get a VM to failover between compute nodes and am just running out of ideas.
I have 3 compute nodes each with 3 NICS (management, VMs traffic, storage), one
management node with just a single NIC connection in the
>>> making sure no VMS running and then to really start all HA-enabled
> VMs
> > on
> > >>> other hosts ?
> > >>>
> > >>> I'm just trying to make parallel to the corosync/pacemaker as
> > clustering
> > >>> suite/se
ITH that node, make sure it;s down, then move
> >> "resource"
> >>> (in our case VMs) to other cluster nodes ?
> >>>
> >>> I see it's actually much broader setup per
> >>> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA but
rden, London WC2N 4HSUK
@shapeblue
-Original Message-
From: Jon Marshall <jms@hotmail.co.uk>
Sent: 14 March 2018 08:36
To: users@cloudstack.apache.org
Subject: Re: KVM HostHA
Hi Paul
My testing does indeed end up with the failed host in maintenance mode but the
VMs are never
>
> -Original Message-
> From: Parth Patel <parthpatel2...@gmail.com>
> Sent: 13 March 2018 16:57
> To: users@cloudstack.apache.org
> Cc: Jon Marshall <jms@hotmail.co.uk>
> Subject: Re: KVM HostHA
>
> Hi Jon and Victor,
>
> I think the management server pi
went from Up to Alert
4) The HA state on cnode1 showed as Fencing and the HA state on cnode2 showed
as Ineligible.
The HA enabled VMs on cnode1 never switched over to the working node cnode2.
Any ideas ?
From: Jon Marshall <jms@hotmail.co.uk>
Se
boots
> because of KVM heartbeat check shell script mentioned by Rohit Yadav
> to one of my earlier queries in other thread.
>
> On Mon 12 Mar, 2018, 21:23 Jon Marshall, <jms@hotmail.co.uk> wrote:
> Hi Paul
>
>
> Thanks for the response.
>
>
> I think I am
www.shapeblue.com
Rapid deployment framework for Apache CloudStack IaaS Clouds. CSForge is a
framework developed by ShapeBlue to deliver the rapid deployment of a
standardised ...
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-Original Message-
From: Jon Marshall <
I have the same issue here and am not entirely sure what the behaviour should
be.
I have one manager node and 2 compute nodes running 4.11 with ipmi working
correctly.
>From the UI under HA -
HA Enabled Yes
HA State Available
HA Provider kvmhaprovider
although
Can someone tell me where I am going wrong or if this is possible (apologies
for the long post)
I have configured the management server as per installation instructions with
just an interface in the management network using subnet 172.16.7.0/27
I then configured a host with 3 separate NICs
83 matches
Mail list logo
